Command Line Interface Guide
Page 28
...Interface Configuration mode. • SSH Public Key-chain - The switch is very similar to service definitions. The following steps are used to modify specific interface operations. Contains commands to configure an Ethernet type interface. • Port Channel - Contains commands to ... the Interface Configuration mode. • QoS - The Global Configuration mode command interface ethernet is used to enter the Management Access List Configuration mode. • Ethernet - Starting the CLI The switch can be managed over a direct connection to using CLI commands. If access is via...
...Interface Configuration mode. • SSH Public Key-chain - The switch is very similar to service definitions. The following steps are used to modify specific interface operations. Contains commands to configure an Ethernet type interface. • Port Channel - Contains commands to ... the Interface Configuration mode. • QoS - The Global Configuration mode command interface ethernet is used to enter the Management Access List Configuration mode. • Ethernet - Starting the CLI The switch can be managed over a direct connection to using CLI commands. If access is via...
Command Line Interface Guide
Page 39
... enables Dynamic Host Configuration Protocol (DHCP) snooping Global Configuration ip dhcp snooping vlan Enables DHCP snooping on a switch. Interface Configuration (Ethernet, port-channel) ip dhcp snooping information option allowed-untrusted Configures a switch to configure Global an Ethernet type interface. Global Configuration ip dhcp snooping database Configures the update frequency ofthe DHCP update-freq snooping...
... enables Dynamic Host Configuration Protocol (DHCP) snooping Global Configuration ip dhcp snooping vlan Enables DHCP snooping on a switch. Interface Configuration (Ethernet, port-channel) ip dhcp snooping information option allowed-untrusted Configures a switch to configure Global an Ethernet type interface. Global Configuration ip dhcp snooping database Configures the update frequency ofthe DHCP update-freq snooping...
Command Line Interface Guide
Page 62
... VLAN assignment. vlan Interface Configuration show dot1x advanced Displays 802.1X advanced features for the switch or for the Privileged EXEC specified interface. 62 Command Groups Interface Configuration (Ethernet) dot1x single-hostviolation Configures the action to default. to return to be taken when a... station of which Interface Config- uration (Ethernet) dot1x macauthentication Enables authentication based on the interface access to auto. Guest VLAN. VLAN Configuration dot1x multiple-hosts Allows...
... VLAN assignment. vlan Interface Configuration show dot1x advanced Displays 802.1X advanced features for the switch or for the Privileged EXEC specified interface. 62 Command Groups Interface Configuration (Ethernet) dot1x single-hostviolation Configures the action to default. to return to be taken when a... station of which Interface Config- uration (Ethernet) dot1x macauthentication Enables authentication based on the interface access to auto. Guest VLAN. VLAN Configuration dot1x multiple-hosts Allows...
Command Line Interface Guide
Page 68
... operation of consecutive neighbor solicitation messages that are sent on a specified interface. Configures the number of a given ethernet interface when not using stateless autoconfiguration on an interface. Sets the number of seconds that the switch waits for any packets arriving on an interface while duplicate address detection is not the supplicant MAC... an administrative LACP timeout. 68 Command Modes Sets an IP address Acquires an IP address on the port. Sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange.
... operation of consecutive neighbor solicitation messages that are sent on a specified interface. Configures the number of a given ethernet interface when not using stateless autoconfiguration on an interface. Sets the number of seconds that the switch waits for any packets arriving on an interface while duplicate address detection is not the supplicant MAC... an administrative LACP timeout. 68 Command Modes Sets an IP address Acquires an IP address on the port. Sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange.
Command Line Interface Guide
Page 158
...ON: It is possible to connect to a PC only with a cross cable. • If MDIX is enabled on a given interface. Console(config)# interface ethernet g5 Console(config-if)# mdix auto back-pressure The back-pressure Interface Configuration mode command enables Back Pressure on g5. User Guidelines • Back Pressure... will operate only if duplex mode is set to "no form of this setting you can only use either an ethernet standard cross-over cable to connect to a PC, or an ethernet standard cable to connect to another switch ONLY with a normal cable and to connect to another...
...ON: It is possible to connect to a PC only with a cross cable. • If MDIX is enabled on a given interface. Console(config)# interface ethernet g5 Console(config-if)# mdix auto back-pressure The back-pressure Interface Configuration mode command enables Back Pressure on g5. User Guidelines • Back Pressure... will operate only if duplex mode is set to "no form of this setting you can only use either an ethernet standard cross-over cable to connect to a PC, or an ethernet standard cable to connect to another switch ONLY with a normal cable and to connect to another...
Command Line Interface Guide
Page 180
... snooping on VLAN disabled. Syntax • ip dhcp snooping trust • no form of this command to return to other switches or routers. Configure as trusted for DHCP snooping purposes. console (config)#ip dhcp snooping vlan vlan-id ip dhcp snooping trust ...configures a port as untrusted ports those that are connected to a DHCP server or to the default setting. Command Mode Interface Configuration (Ethernet, Port-channel) mode. ip dhcp snooping information option allowed-untrusted The ip dhcp snooping information option allowed-untrusted Global Configuration mode command on...
... snooping on VLAN disabled. Syntax • ip dhcp snooping trust • no form of this command to return to other switches or routers. Configure as trusted for DHCP snooping purposes. console (config)#ip dhcp snooping vlan vlan-id ip dhcp snooping trust ...configures a port as untrusted ports those that are connected to a DHCP server or to the default setting. Command Mode Interface Configuration (Ethernet, Port-channel) mode. ip dhcp snooping information option allowed-untrusted The ip dhcp snooping information option allowed-untrusted Global Configuration mode command on...
Command Line Interface Guide
Page 185
...User Guidelines • There are no user guidelines for all interfaces on following example displays the DHCP snooping configuration. Specify Ethernet port. • port-channel-number - DHCP Snooping 185 Default Configuration This command has no default configuration. Console # ... mac-address - Example The following VLANs: 2, 7-18 DHCP snooping database: enabled Verification of hwaddr field is configured on a switch. Syntax • show ip dhcp snooping binding User EXEC mode command displays the DHCP snooping binding database and configuration information for this...
...User Guidelines • There are no user guidelines for all interfaces on following example displays the DHCP snooping configuration. Specify Ethernet port. • port-channel-number - DHCP Snooping 185 Default Configuration This command has no default configuration. Console # ... mac-address - Example The following VLANs: 2, 7-18 DHCP snooping database: enabled Verification of hwaddr field is configured on a switch. Syntax • show ip dhcp snooping binding User EXEC mode command displays the DHCP snooping binding database and configuration information for this...
Command Line Interface Guide
Page 192
... g1 Enabled Normal Enabled 200 600 g4 Enabled Normal Enabled 200 600 Leave All ----10000 10000 show gvrp statistics The show gvrp statistics [ethernet interface | port-channel port-channel-number] • interface - Syntax • show gvrp statistics User EXEC mode command displays GVRP statistics...following example shows how to display GVRP configuration information: Console# show gvrp configuration GVRP Feature is currently enabled on the switch. A valid Ethernet interface. • port-channel-number - User Guidelines • There are no default configuration.
... g1 Enabled Normal Enabled 200 600 g4 Enabled Normal Enabled 200 600 Leave All ----10000 10000 show gvrp statistics The show gvrp statistics [ethernet interface | port-channel port-channel-number] • interface - Syntax • show gvrp statistics User EXEC mode command displays GVRP statistics...following example shows how to display GVRP configuration information: Console# show gvrp configuration GVRP Feature is currently enabled on the switch. A valid Ethernet interface. • port-channel-number - User Guidelines • There are no default configuration.
Command Line Interface Guide
Page 264
Example The following example displays the Link Layer Discovery Protocol (LLDP) information that is advertised from port g1. Switch# show lldp local ethernet g1 Device ID: 0060.704C.73FF Port ID: 1 Capabilities: Bridge System Name: ts-7800-1 System description: Port description: Management address...Connectivity LLDP-MED Network policy Application type: Voice Flags: Tagged VLAN VLAN ID: 2 Layer 2 priority: 0 DSCP: 0 LLDP-MED Power over Ethernet Device Type: Power Sourcing Entity Power source: Primary Power Source Power priority: High Power value: 9.6 Watts LLDP-MED Location Coordinates: 54:53:c1:...
Example The following example displays the Link Layer Discovery Protocol (LLDP) information that is advertised from port g1. Switch# show lldp local ethernet g1 Device ID: 0060.704C.73FF Port ID: 1 Capabilities: Bridge System Name: ts-7800-1 System description: Port description: Management address...Connectivity LLDP-MED Network policy Application type: Voice Flags: Tagged VLAN VLAN ID: 2 Layer 2 priority: 0 DSCP: 0 LLDP-MED Power over Ethernet Device Type: Power Sourcing Entity Power source: Primary Power Source Power priority: High Power value: 9.6 Watts LLDP-MED Location Coordinates: 54:53:c1:...
Command Line Interface Guide
Page 267
Example The following example displays the Link Layer Discovery Protocol (LLDP) Media Endpoint Discovery (MED) configuration. Switch# show lldp med configuration Network policy 1 Application type: Voice VLAN ID: 2 tagged Layer 2 priority: 0 DSCP: 0 Port ---------g1 g2 g3 Capabilities ---------Yes Yes Yes Network Policy ---------Yes: 1 Yes: 1 No Location -------Yes Yes No PoE ---Yes Yes Yes Switch# show lldp med configuration ethernet g1 Port ---------g1 Capabilities ---------Yes Network Policy ---------Yes: 1 Location -------Yes PoE ---Yes LLDP Commands 267
Example The following example displays the Link Layer Discovery Protocol (LLDP) Media Endpoint Discovery (MED) configuration. Switch# show lldp med configuration Network policy 1 Application type: Voice VLAN ID: 2 tagged Layer 2 priority: 0 DSCP: 0 Port ---------g1 g2 g3 Capabilities ---------Yes Yes Yes Network Policy ---------Yes: 1 Yes: 1 No Location -------Yes Yes No PoE ---Yes Yes Yes Switch# show lldp med configuration ethernet g1 Port ---------g1 Capabilities ---------Yes Network Policy ---------Yes: 1 Location -------Yes PoE ---Yes LLDP Commands 267
Command Line Interface Guide
Page 297
...8226; Use this command to enable trust mode on each port. Default Configuration CoS is enabled. When the packets are classified at every switch within the QoS domain can be configured to one of the trusted states because there is no need to classify the packets at the ... To return to the untrusted state, use the no qos trust Default Configuration Each port is the default trust mode. Command Mode Interface Configuration (Ethernet, port-channel) mode. Use qos trust to disable the trust state on each port. Example The following example configures the system to disable the...
...8226; Use this command to enable trust mode on each port. Default Configuration CoS is enabled. When the packets are classified at every switch within the QoS domain can be configured to one of the trusted states because there is no need to classify the packets at the ... To return to the untrusted state, use the no qos trust Default Configuration Each port is the default trust mode. Command Mode Interface Configuration (Ethernet, port-channel) mode. Use qos trust to disable the trust state on each port. Example The following example configures the system to disable the...
Command Line Interface Guide
Page 353
...g5. User Guidelines • This feature should be used only with interfaces connected to end stations. Command Modes Interface Configuration (Ethernet, port-channel) mode. Syntax • spanning-tree portfast • no spanning-tree portfast Default Configuration PortFast mode is ...to disable PortFast mode. Otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operations. Console(config)# interface ethernet g5 Console(config-if)# spanning-tree portfast Spanning-Tree Commands 353 Example The following example enables PortFast ...
...g5. User Guidelines • This feature should be used only with interfaces connected to end stations. Command Modes Interface Configuration (Ethernet, port-channel) mode. Syntax • spanning-tree portfast • no spanning-tree portfast Default Configuration PortFast mode is ...to disable PortFast mode. Otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operations. Console(config)# interface ethernet g5 Console(config-if)# spanning-tree portfast Spanning-Tree Commands 353 Example The following example enables PortFast ...
Command Line Interface Guide
Page 354
User Guidelines • The switch derives the link type of the spanning -tree instance. (Range: 1 - 15) • priority - Displays the ID of a port from the duplex mode. Specifies the port ... priority • no default configuration for this command. Specifies that the port link type is considered a shared link. Command Modes Interface Configuration (Ethernet, port-channel) mode. Console(config)# interface ethernet g5 Console(config-if)# spanning-tree link-type shared spanning-tree mst priority The spanning-tree mst priority Global Configuration mode command...
User Guidelines • The switch derives the link type of the spanning -tree instance. (Range: 1 - 15) • priority - Displays the ID of a port from the duplex mode. Specifies the port ... priority • no default configuration for this command. Specifies that the port link type is considered a shared link. Command Modes Interface Configuration (Ethernet, port-channel) mode. Console(config)# interface ethernet g5 Console(config-if)# spanning-tree link-type shared spanning-tree mst priority The spanning-tree mst priority Global Configuration mode command...
Command Line Interface Guide
Page 363
... - User Guidelines • This feature should be used only when working in RSTP mode. Spanning-Tree Commands 363 Syntax • clear spanning-tree detected-protocols [ethernet interface number | port-channel port-channel- number] • interface - Command Modes Global Configuration mode. Default Configuration If no spanning-tree bpdu • filtering - ...-tree detected-protocols The clear spanning-tree detected-protocols Privileged EXEC mode command restarts the protocol migration process (force the renegotiation with neighboring switches) on the specified interface.
... - User Guidelines • This feature should be used only when working in RSTP mode. Spanning-Tree Commands 363 Syntax • clear spanning-tree detected-protocols [ethernet interface number | port-channel port-channel- number] • interface - Command Modes Global Configuration mode. Default Configuration If no spanning-tree bpdu • filtering - ...-tree detected-protocols The clear spanning-tree detected-protocols Privileged EXEC mode command restarts the protocol migration process (force the renegotiation with neighboring switches) on the specified interface.
Command Line Interface Guide
Page 364
... mode. Display blocked ports only. • mst-configuration - ID associated with neighboring switches) on g1. Port channel index. (Range: Valid Ethernet port) • instance-id - Syntax • show spanning-tree [ ethernet interface-number | port-channel port-channel-number ] [instance instance-id] • ... This command has no user guidelines for this command. 364 Spanning-Tree Commands Console# clear spanning-tree detected-protocols ethernet g1 show spanning-tree The show spanning-tree mst-configuration • detail - Example The following example restarts the ...
... mode. Display blocked ports only. • mst-configuration - ID associated with neighboring switches) on g1. Port channel index. (Range: Valid Ethernet port) • instance-id - Syntax • show spanning-tree [ ethernet interface-number | port-channel port-channel-number ] [instance instance-id] • ... This command has no user guidelines for this command. 364 Spanning-Tree Commands Console# clear spanning-tree detected-protocols ethernet g1 show spanning-tree The show spanning-tree mst-configuration • detail - Example The following example restarts the ...
Command Line Interface Guide
Page 376
... form of this command to disable root guard on the interface. User Guidelines • Root guard can be the switch root port. Command Modes Interface Configuration (Ethernet, port-channel) mode. Console(config)# interface ethernet g8 Console(config-if)# spanning-tree guard root 376 Spanning-Tree Commands Use the no spanning-tree guard root...
... form of this command to disable root guard on the interface. User Guidelines • Root guard can be the switch root port. Command Modes Interface Configuration (Ethernet, port-channel) mode. Console(config)# interface ethernet g8 Console(config-if)# spanning-tree guard root 376 Spanning-Tree Commands Use the no spanning-tree guard root...
Command Line Interface Guide
Page 460
... console(config-if)# switchport mode customer switchport customer vlan The switchport customer vlan Interface Configuration (Ethernet, port-channel) mode command sets the port's VLAN when the interface is in customer mode. Full 802.1q support VLAN interface... restore the default configuration. Example The following example configures the VLAN membership mode of a port. Use the no form of this command. Used when the switch is in a provider network. • access - Trunking layer 2 VLAN interface • general - The port is connected to customer equipment. Untagged layer 2 ...
... console(config-if)# switchport mode customer switchport customer vlan The switchport customer vlan Interface Configuration (Ethernet, port-channel) mode command sets the port's VLAN when the interface is in customer mode. Full 802.1q support VLAN interface... restore the default configuration. Example The following example configures the VLAN membership mode of a port. Use the no form of this command. Used when the switch is in a provider network. • access - Trunking layer 2 VLAN interface • general - The port is connected to customer equipment. Untagged layer 2 ...
Command Line Interface Guide
Page 493
...after successful authentication. Disable 802.1X authentication on the 802.1X authentication exchange between the switch and the client. • force-authorized - Command Mode Interface Configuration (Ethernet) mode. Examples The following example enables 802.1X authentication on 802.1x edge ports ...mode on the interface. The port resends and receives normal traffic without any authentication exchange required. Console (config)# interface ethernet g8 Console (config-if)# dot1x port-control auto dot1x re-authentication The dot1x re-authentication Interface Configuration mode command ...
...after successful authentication. Disable 802.1X authentication on the 802.1X authentication exchange between the switch and the client. • force-authorized - Command Mode Interface Configuration (Ethernet) mode. Examples The following example enables 802.1X authentication on 802.1x edge ports ...mode on the interface. The port resends and receives normal traffic without any authentication exchange required. Console (config)# interface ethernet g8 Console (config-if)# dot1x port-control auto dot1x re-authentication The dot1x re-authentication Interface Configuration mode command ...
Command Line Interface Guide
Page 495
... the specified 802.1X-enabled port. Console# dot1x re-authenticate ethernet g8 dot1x timeout quiet-period The dot1x timeout quiet-period Interface Configuration mode command sets the number of this command. Command Mode Privileged EXEC mode. Time in seconds that the switch remains in quiet state following a failed authentication exchange (for example...
... the specified 802.1X-enabled port. Console# dot1x re-authenticate ethernet g8 dot1x timeout quiet-period The dot1x timeout quiet-period Interface Configuration mode command sets the number of this command. Command Mode Privileged EXEC mode. Time in seconds that the switch remains in quiet state following a failed authentication exchange (for example...
Command Line Interface Guide
Page 496
... client before resending the request. Time in seconds that the switch remains in the quiet state following example sets the number of seconds that the switch should be entered. Command Mode Interface Configuration (Ethernet) mode. User Guidelines • You should change the default... dot1x timeout tx-period seconds • no form of seconds that the switch waits for a response to the default setting. Examples The following a failed authentication exchange, to 3600. Console (config)# interface ethernet g8 Console (config-if)# dot1x timeout quiet-period 3600 dot1x timeout tx-...
... client before resending the request. Time in seconds that the switch remains in the quiet state following example sets the number of seconds that the switch should be entered. Command Mode Interface Configuration (Ethernet) mode. User Guidelines • You should change the default... dot1x timeout tx-period seconds • no form of seconds that the switch waits for a response to the default setting. Examples The following a failed authentication exchange, to 3600. Console (config)# interface ethernet g8 Console (config-if)# dot1x timeout quiet-period 3600 dot1x timeout tx-...