Command Line Interface Guide
Page 79
...the specified class definition a match CMC condition based on the value of the IP Protocol field in a particular GC direction. CMC mirror Mirrors all the data that all incoming packets for the specified class. PCM C policy-map Establishes a new DiffServ policy GC redirect Specifies that...source IPv6 address of a C packet. match srcl4port Adds to the specified class definition a match CMC condition based on the source layer 4 port of the packet. match source-address mac Adds to the specified class definition a match condition based on the source MAC address of a ...
...the specified class definition a match CMC condition based on the value of the IP Protocol field in a particular GC direction. CMC mirror Mirrors all the data that all incoming packets for the specified class. PCM C policy-map Establishes a new DiffServ policy GC redirect Specifies that...source IPv6 address of a C packet. match srcl4port Adds to the specified class definition a match CMC condition based on the source layer 4 port of the packet. match source-address mac Adds to the specified class definition a match condition based on the source MAC address of a ...
Command Line Interface Guide
Page 206
...telnet, tftp, and www. • log - Syntax access-list std-list-num {deny | permit} {srcip srcmask | every} [log] [assign-queue queue-id] [redirect interface | mirror interface] access-list ext-list-num {deny | permit} {every | {[icmp | igmp | ip | tcp | udp | number] {srcip srcmask | any} [eq [portkey | ...the IP ACL rule permits or denies an action. • every - The first reference is source match criteria, the second is identified by the port value parameter (Range: 0-65535). • portkey - Protocol keywords icmp,igmp,ip,tcp,udp. • srcip - Source IP address. •...
...telnet, tftp, and www. • log - Syntax access-list std-list-num {deny | permit} {srcip srcmask | every} [log] [assign-queue queue-id] [redirect interface | mirror interface] access-list ext-list-num {deny | permit} {every | {[icmp | igmp | ip | tcp | udp | number] {srcip srcmask | any} [eq [portkey | ...the IP ACL rule permits or denies an action. • every - The first reference is source match criteria, the second is identified by the port value parameter (Range: 0-65535). • portkey - Protocol keywords icmp,igmp,ip,tcp,udp. • srcip - Source IP address. •...
Command Line Interface Guide
Page 207
... rules, but allow traffic if the conditions defined in Mac-Access-List Configuration mode to the specified unit/port. Specifies the particular hardware queue for handling traffic that matches the rule. (Range: 0-6) • mirror interface - Command Mode Global Configuration mode User Guidelines Users are permitted to the specified interface. • redirect interface...
... rules, but allow traffic if the conditions defined in Mac-Access-List Configuration mode to the specified unit/port. Specifies the particular hardware queue for handling traffic that matches the rule. (Range: 0-6) • mirror interface - Command Mode Global Configuration mode User Guidelines Users are permitted to the specified interface. • redirect interface...
Command Line Interface Guide
Page 208
... Commands Specify custom ethertype value (hexadecimal range 0x0600-0xFFFF) • vlan eq - Specifies that hardware platform. • mirror - Valid physical interface in format xxxx.xxxx.xxxx. • destmacmask - Valid destination MAC address in unit/port format, for the source MAC address in format xxxx.xxxx.xxxx. • any | bpdu } [{ethertypekey | 0x0600-0xFFFF...
... Commands Specify custom ethertype value (hexadecimal range 0x0600-0xFFFF) • vlan eq - Specifies that hardware platform. • mirror - Valid physical interface in format xxxx.xxxx.xxxx. • destmacmask - Valid destination MAC address in unit/port format, for the source MAC address in format xxxx.xxxx.xxxx. • any | bpdu } [{ethertypekey | 0x0600-0xFFFF...
Command Line Interface Guide
Page 370
...telnet, tftp, and www. 370 IPv6 Access List Commands The first reference is source match criteria, the second is appended to the Layer 4 port number being used parameters appear in the same relative order as a match criteria. {deny | permit} This command creates a new rule for... match on any | destination ipv6 prefix/prefix length} [eq {portkey | portvalue}] [flow-label value] [dscp dscp]}} [log] [assign-queue queue-id] [{mirror | redirect} interface] • deny | permit - Standard protocol number or protocol keywords icmp, igmp, ipv6, tcp, udp. • source ipv6 prefix - ...
...telnet, tftp, and www. 370 IPv6 Access List Commands The first reference is source match criteria, the second is appended to the Layer 4 port number being used parameters appear in the same relative order as a match criteria. {deny | permit} This command creates a new rule for... match on any | destination ipv6 prefix/prefix length} [eq {portkey | portvalue}] [flow-label value] [dscp dscp]}} [log] [assign-queue queue-id] [{mirror | redirect} interface] • deny | permit - Standard protocol number or protocol keywords icmp, igmp, ipv6, tcp, udp. • source ipv6 prefix - ...
Command Line Interface Guide
Page 371
... to be forwarded to add rules, but if a packet does not match any HTTP traffic from that matches the rule. (Range: 0-6) • mirror interface - Allows the traffic matching this rule to be logged. • assign-queue queue-id - The 'no default configuration. Specifies the TOS for... handling traffic that network: console(config)#ipv6 access-list STOP_HTTP IPv6 Access List Commands 371 The source layer 4 port match condition for the ACL rule is dropped by the port value parameter. (Range: 0-65535). • destination ipv6 prefix - Rather, the entire IPv6 ACL must be ...
... to be forwarded to add rules, but if a packet does not match any HTTP traffic from that matches the rule. (Range: 0-6) • mirror interface - Allows the traffic matching this rule to be logged. • assign-queue queue-id - The 'no default configuration. Specifies the TOS for... handling traffic that network: console(config)#ipv6 access-list STOP_HTTP IPv6 Access List Commands 371 The source layer 4 port match condition for the ACL rule is dropped by the port value parameter. (Range: 0-65535). • destination ipv6 prefix - Rather, the entire IPv6 ACL must be ...
Command Line Interface Guide
Page 377
... specified for the rule. Redirect Interface Displays the interface to which packets matching this rule. Mirror Interface Displays the interface to which packets matching this rule are forwarded. Destination L4 Port Keyword This field displays the destination port for this rule are copied. Flow Label This field indicates the value specified for IPv6...
... specified for the rule. Redirect Interface Displays the interface to which packets matching this rule. Mirror Interface Displays the interface to which packets matching this rule are forwarded. Destination L4 Port Keyword This field displays the destination port for this rule are copied. Flow Label This field indicates the value specified for IPv6...
Command Line Interface Guide
Page 445
... User Guidelines This command has no default configuration. Default Configuration This command has no user guidelines. Syntax show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port Type Port Monitor Commands 445 Session identification number. console(config)#monitor session 1 source interface 1/g8 console(config)#monitor session 1 destination interface 1/g10 console(config)#monitor session...
... User Guidelines This command has no default configuration. Default Configuration This command has no user guidelines. Syntax show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port Type Port Monitor Commands 445 Session identification number. console(config)#monitor session 1 source interface 1/g8 console(config)#monitor session 1 destination interface 1/g10 console(config)#monitor session...
Command Line Interface Guide
Page 448
...8226; match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping •...dscp-mapping • show classofservice trust • show diffserv • show diffserv service interface ethernet in • show diffserv service interface port-channel in • show diffserv service brief • show interfaces cos-queue • show policy-map • show policy-map ...
...8226; match protocol • match source-address mac • match srcip • match srcip6 • match srcl4port • match vlan • mirror • police-simple • policy-map • redirect • service-policy • show class-map • show classofservice dot1p-mapping •...dscp-mapping • show classofservice trust • show diffserv • show diffserv service interface ethernet in • show diffserv service interface port-channel in • show diffserv service brief • show interfaces cos-queue • show policy-map • show policy-map ...
Command Line Interface Guide
Page 475
...interface - Command Mode Policy-Class-Map Configuration mode User Guidelines The port identified in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port of the monitor command. QoS Commands 475 Example The following example ...displays adding a match condition for the VLAN ID "2." console(config-classmap)#match vlan 2 mirror Use the mirror command in this command is identical to the destination port specified. Command Mode Class-Map Configuration mode User Guidelines This command has no default configuration. ...
...interface - Command Mode Policy-Class-Map Configuration mode User Guidelines The port identified in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port of the monitor command. QoS Commands 475 Example The following example ...displays adding a match condition for the VLAN ID "2." console(config-classmap)#match vlan 2 mirror Use the mirror command in this command is identical to the destination port specified. Command Mode Class-Map Configuration mode User Guidelines This command has no default configuration. ...
Command Line Interface Guide
Page 476
...} [violateaction {drop | set-cos-transmit | set-prec-transmit | set-dscp-transmit | transmit}]} • datarate - Indicates what happens when the packet is conforming to ethernet port 1/g5. Class of the police command uses a single data rate and burst size, resulting in Policy-Class-Map Configuration mode to establish the traffic policing... could be , cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef) Default Configuration This command has no default configuration. console(config-policy-classmap)#mirror 1/g5 police-simple Use the police-simple command in two outcomes: conform and nonconform.
...} [violateaction {drop | set-cos-transmit | set-prec-transmit | set-dscp-transmit | transmit}]} • datarate - Indicates what happens when the packet is conforming to ethernet port 1/g5. Class of the police command uses a single data rate and burst size, resulting in Policy-Class-Map Configuration mode to establish the traffic policing... could be , cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef) Default Configuration This command has no default configuration. console(config-policy-classmap)#mirror 1/g5 police-simple Use the police-simple command in two outcomes: conform and nonconform.
User's Guide
Page 10
...Storm Control 327 Configuring Traffic Mirroring 330 Port Mirroring 330 Flow Based Mirroring 332 Configuring Address Tables 334 Static Address Table 334 Dynamic Address Table 336 Configuring GARP 339 GARP Timers 339 Configuring the Spanning Tree Protocol 342 STP Global Settings 342 STP Port Settings 346 STP LAG Settings...348 Rapid Spanning Tree 351 MSTP Settings 352 MSTP Interface Settings 355 Configuring VLANs 358 VLAN Membership 358 Double VLAN 362 VLAN Port Settings 366 VLAN LAG Settings 368 Bind MAC to VLAN 370 Bind IP Subnet to VLAN 373 Protocol Group 375 GVRP ...
...Storm Control 327 Configuring Traffic Mirroring 330 Port Mirroring 330 Flow Based Mirroring 332 Configuring Address Tables 334 Static Address Table 334 Dynamic Address Table 336 Configuring GARP 339 GARP Timers 339 Configuring the Spanning Tree Protocol 342 STP Global Settings 342 STP Port Settings 346 STP LAG Settings...348 Rapid Spanning Tree 351 MSTP Settings 352 MSTP Interface Settings 355 Configuring VLANs 358 VLAN Membership 358 Double VLAN 362 VLAN Port Settings 366 VLAN LAG Settings 368 Bind MAC to VLAN 370 Bind IP Subnet to VLAN 373 Protocol Group 375 GVRP ...
User's Guide
Page 24
... frames are identified by class D IP addresses, which range from broadcasting the traffic to all ports. Port Mirroring Port mirroring monitors and mirrors network traffic by the switch. 24 Introduction Based on the switch. Host groups are flooded to all ports on all ports and possibly affecting network performance. Multicast IP traffic is traffic that is a feature that...
... frames are identified by class D IP addresses, which range from broadcasting the traffic to all ports. Port Mirroring Port mirroring monitors and mirrors network traffic by the switch. 24 Introduction Based on the switch. Host groups are flooded to all ports on all ports and possibly affecting network performance. Multicast IP traffic is traffic that is a feature that...
User's Guide
Page 287
...in this section include: • Configuring Network Security • Configuring Ports • Configuring Traffic Mirroring • Configuring Address Tables • Configuring GARP • Configuring the Spanning Tree Protocol • Configuring VLANs • Configuring Voice VLAN • Aggregating Ports • Managing Multicast Support • IGMP Snooping • MRouter... Information 287 7 Configuring Switching Information Overview This section provides all system operations and general information for network security, ports, address tables, GARP, VLANs, Spanning Tree...
...in this section include: • Configuring Network Security • Configuring Ports • Configuring Traffic Mirroring • Configuring Address Tables • Configuring GARP • Configuring the Spanning Tree Protocol • Configuring VLANs • Configuring Voice VLAN • Aggregating Ports • Managing Multicast Support • IGMP Snooping • MRouter... Information 287 7 Configuring Switching Information Overview This section provides all system operations and general information for network security, ports, address tables, GARP, VLANs, Spanning Tree...
User's Guide
Page 302
...ID used to match packets to match the port listed here. A wild card mask of the following : - Match to the rule. • Source IP Address - Click the check box to apply this rule can be mirrored to . • Mirror Interface - Service Type Fields Select one that... no bit is used to match packets to Port - Select from a list of DSCP keyword values. 302 Configuring Switching Information Select from List...
...ID used to match packets to match the port listed here. A wild card mask of the following : - Match to the rule. • Source IP Address - Click the check box to apply this rule can be mirrored to . • Mirror Interface - Service Type Fields Select one that... no bit is used to match packets to Port - Select from a list of DSCP keyword values. 302 Configuring Switching Information Select from List...
User's Guide
Page 307
...Click the check box to apply this criteria, then enter an identifying number from the drop-down menu. - Click the check box to . • Mirror Interface - Click the check box and enter a CoS value between 0 and 7 to apply this rule can be one by selecting Create from the drop...check box to 6. • Redirect Interface - Enter the MAC Mask associated with the Destination MAC to match the address listed here. Requires a packet's source port MAC address to match. • EtherType - • Rule Id - Click the check box and enter a CoS value between 0 and 7 to apply ...
...Click the check box to apply this criteria, then enter an identifying number from the drop-down menu. - Click the check box to . • Mirror Interface - Click the check box and enter a CoS value between 0 and 7 to apply this rule can be one by selecting Create from the drop...check box to 6. • Redirect Interface - Enter the MAC Mask associated with the Destination MAC to match the address listed here. Requires a packet's source port MAC address to match. • EtherType - • Rule Id - Click the check box and enter a CoS value between 0 and 7 to apply ...
User's Guide
Page 330
... mirrored to the following features: • Port Mirroring • Flow Based Mirroring Port Mirroring Port mirroring selects the network traffic for specific ports of packets on the source port. To display the Port Mirroring page, click Switching →Traffic Mirroring →Port Mirroring in the tree view. As such, many switch ports are both received and transmitted, can be mirrored to define port mirroring sessions and configure flow-based mirroring...
... mirrored to the following features: • Port Mirroring • Flow Based Mirroring Port Mirroring Port mirroring selects the network traffic for specific ports of packets on the source port. To display the Port Mirroring page, click Switching →Traffic Mirroring →Port Mirroring in the tree view. As such, many switch ports are both received and transmitted, can be mirrored to define port mirroring sessions and configure flow-based mirroring...
User's Guide
Page 332
... switch to specify flow-based mirroring ports. Open the Port Mirroring page. 2. This provides flexibility-instead of that traffic. Modifying a Port Mirroring Session 1. The port mirroring session fields are modified, and the device is updated. Removing a Port Mirroring Session 1. Flow based mirroring allows the user to copy certain types of port monitoring. Use the Flow Based Mirroring page to mirror flows based on that...
... switch to specify flow-based mirroring ports. Open the Port Mirroring page. 2. This provides flexibility-instead of that traffic. Modifying a Port Mirroring Session 1. The port mirroring session fields are modified, and the device is updated. Removing a Port Mirroring Session 1. Flow based mirroring allows the user to copy certain types of port monitoring. Use the Flow Based Mirroring page to mirror flows based on that...
Release Notes
Page 20
... current operational state of dot1x. Corrected the problem in ingress VLAN. Use the CLI formatting such that protected port name accepts only alphanumeric characters. Mirroring port should not send CDP packets. Description inconsistency between HTTP and CLI Administration. To display the correct link status when... file is now available via the boot menu. Help content needs to lag successfully. Incorrect link for invalid interface. Both mirrored and mirroring ports are added to show details. Trying to add ninth member to the help is also sent to fail. Some ip host...
... current operational state of dot1x. Corrected the problem in ingress VLAN. Use the CLI formatting such that protected port name accepts only alphanumeric characters. Mirroring port should not send CDP packets. Description inconsistency between HTTP and CLI Administration. To display the correct link status when... file is now available via the boot menu. Help content needs to lag successfully. Incorrect link for invalid interface. Both mirrored and mirroring ports are added to show details. Trying to add ninth member to the help is also sent to fail. Some ip host...
Configuration Guide
Page 49
...(config)#monitor session 1 source interface 1/g7 console(config)#monitor session 1 destination interface 1/g10 console(config)#exit Example #2: Show the Port Mirroring Session console#show monitor session 1 Session ID ---------1 Admin Mode ---------Enable Probe Port ---------1/g10 Mirrored Port 1/g7 Type ----Rx,Tx Switching Configuration 49 rx tx Monitor ingress packets only. Monitor egress packets only. You can...
...(config)#monitor session 1 source interface 1/g7 console(config)#monitor session 1 destination interface 1/g10 console(config)#exit Example #2: Show the Port Mirroring Session console#show monitor session 1 Session ID ---------1 Admin Mode ---------Enable Probe Port ---------1/g10 Mirrored Port 1/g7 Type ----Rx,Tx Switching Configuration 49 rx tx Monitor ingress packets only. Monitor egress packets only. You can...