|
|
Use the show ip privileged Exec command to display global IP configuration information.
show ip
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This example shows how to display global IP configuration information:
hostname# show ip
IP Address : 172.20.128.164 Subnet Mask : 255.255.255.0 Default Gateway : 172.20.128.1 Management VLAN : 1 Domain name : cisco.com Name server : 172.20.128.2
ip (address)
ip (default-gateway)
ip (domain-name)
ip (http port)
ip (http server)
ip (mgmt-vlan)
ip (name-server)
Use the show line privileged Exec command to display line-configuration information, including baud rate, data bits, stop bits, parity setting, autobaud, and auto answer.
show line
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This example shows how to display line-configuration information:
hostname# show line
Baud rate 9600 baud Data bits 8 bit(s) Stop bits 1 bit(s) Parity setting None Match remote baud rate (auto baud Enabled Auto answer Enabled
autobaud
databits
line (console)
modem (dialin)
parity
stopbits
terminal
Use the show mac-address-table privileged Exec command to display addresses in the MAC address table for a switched port or module.
show mac-address-table [static | dynamic | restricted static] [address mac-address]
[interface type module/port]
static | Displays static addresses. |
dynamic | Displays dynamic addresses. |
restricted static | Displays restricted static addresses. |
mac-address | Displays specified MAC address. Valid value is 48-bit hardware address. |
type | Interface type: ethernet, fastethernet, fddi, line and atm, or port-channel. |
module | Module interface number: |
port | Port number: |
This command has no default value.
Privileged Exec
If this command is invoked with no options, the system displays all information in the address table. Otherwise, the system displays only the specific elements requested.
This example shows how to display all MAC addresses configured in the system.
hostname# show mac-address-table
Number of permanent addresses : 2 Number of restricted static addresses : 2 Number of dynamic addresses : 16 Dest Address Address Type Dest Port ------------- ------------ --------- 0000.0c5c.e176 Dynamic Eth0/7 0000.2425.2ad2 Dynamic Eth0/7 0053.4500.0106 Static Eth0/7 0053.4500.0900 Dynamic Eth0/2 0053.4500.0902 Dynamic Eth0/2 0060.5cf4.0076 Dynamic Eth0/7 0060.5cf4.0077 Static Eth0/7 0060.5cf4.0079 Dynamic Eth0/3 0060.70cb.f301 Dynamic Eth0/7 0060.8337.a7d1 Dynamic Eth0/7 0060.b016.98f2 Dynamic Eth0/4 0080.5fe4.7934 Dynamic Eth0/7 00c0.1d99.0361 Dynamic Eth0/5 00c0.1de4.ba0b Dynamic Eth0/5 00e0.1e42.9978 Dynamic Eth0/5 00e0.1e69.2841 Dynamic Eth0/7 00e0.1e69.28c0 Dynamic Eth0/7 00e0.1e7c.5cc0 Dynamic Eth0/7 0800.09c7.b6e2 Restricted Eth0/6 0800.09d1.9b1a Restricted Eth0/8
This example shows how to display all restricted static MAC addresses configured in the system. Note that the source ports for corresponding addresses are displayed only when the restricted static keyword is specified.
hostname# show mac-address-table restricted static
Dest Address Address Type Dest Port Source Port(s) ------------ ------------ --------- -------------- 0800.09c7.b6e2 Restricted Eth0/6 Eth0/1, Eth0/3, Eth0/5 0800.09d1.9b1a Restricted Eth0/8 Eth0/2, Eth0/3, Eth0/5
clear (mac-address-table)
mac-address-table (permanent)
mac-address-table (restricted static)
show (mac-address-table security)
Use the show mac-address-table security privileged Exec command to display the current status of the monitor port setting and any ports being monitored.
show mac-address-table security [type module/port]
type | Interface type: ethernet, fastethernet, fddi, line and atm, or port-channel. |
module | Module interface number: |
port | Port number: |
This command does not have a default value.
Privileged Exec
This example shows how to display the current status of the Ethernet module, port 1:
hostname# show mac-address-table security ethernet 0/1
Global Settings : Action upon address violation : suspend Generate alert on address violation : enabled Port Settings : Addressing Security : Enabled Current Address table size : 132
This example shows how to display the current status of all modules or ports:
hostname# show mac-address-table security
Global Settings : Action upon address violation : Ignore Interface Security setting Address table size Ethernet0/1 Enabled 132 Ethernet0/2 Enabled 5 Ethernet0/3 Enabled 1 Ethernet0/4 Enabled 10 Ethernet0/5 Enabled 132 Ethernet0/6 Enabled 132 Ethernet0/7 Enabled 132 Ethernet0/8 Enabled 132 Ethernet0/9 Enabled 132 Ethernet0/10 Enabled 132 Ethernet0/11 Enabled N/A Ethernet0/12 Enabled 132 Ethernet0/13 Enabled 132 Ethernet0/14 Enabled N/A Ethernet0/15 Enabled 132 Ethernet0/16 Enabled 132 Ethernet0/17 Enabled N/A Ethernet0/18 Enabled 132 Ethernet0/19 Enabled 132 Ethernet0/20 Enabled 132 Ethernet0/21 Enabled 132 Ethernet0/22 Enabled N/A Ethernet0/23 Enabled 132 Ethernet0/24 Enabled 132 Ethernet0/25 Enabled 132 Fast Ethernet1 Enabled N/A Fast Ethernet2 Enabled 132
clear (mac-address-table)
mac-address-table (permanent)
mac-address-table (restricted static)
show (mac-address-table)
Use the show port block privileged Exec command to display the current state of unknown unicast and multicast addresses.
show port block {unicast | multicast} [type module/port]
unicast | Displays unicast addresses. |
multicast | Displays multicast addresses. |
type | Interface type: ethernet, fastethernet, fddi, line and atm, or port-channel. |
module | Module interface number: |
port | Port number: |
This command does not have a default value.
Privileged Exec
If you specify an interface, the system displays the settings for that particular interface. Otherwise, the system displays the settings for all interfaces.
This example shows how to display the current state of unknown unicast addresses:
hostname#show port block unicast
Ports receiving unmatched unicast addresses: Ethernet 0/1, Ethernet 0/2, Ethernet 0/3, Ethernet 0/4 Ethernet 0/5, Ethernet 0/6, Ethernet 0/7, Ethernet 0/8 Ethernet 0/9, Ethernet 0/10, Ethernet 0/11, Ethernet 0/12 Ethernet 0/25, FastEthernet 0/26, FastEthernet 0/27
This example shows how to display the current state of unknown multicast addresses for all ports:
hostname#show port block m
Ports receiving unregistered multicast addresses: Ethernet 0/1, Ethernet 0/2, Ethernet 0/3, Ethernet 0/4 Ethernet 0/5, Ethernet 0/6, Ethernet 0/7, Ethernet 0/8 Ethernet 0/9, Ethernet 0/10, Ethernet 0/11, Ethernet 0/12 Ethernet 0/25, FastEthernet 0/26, FastEthernet 0/27
Use the show port monitor privileged Exec command to display the current monitor port setting and if enabled, the monitor port and the ports being monitored.
show port monitor
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This example shows how to display the current status of the monitor port setting. If the port monitoring state is enabled, this command also displays the monitor port and the ports being monitored:
hostname# show port monitor
The following are sample displays. In the first display, the monitor port is enabled and information on the monitored ports is displayed.
Port Monitoring State : Enabled Monitor Port : Ethernet 0/1 Ports being monitored : Ethernet 0/2, Ethernet 0/3, Ethernet 0/4
In this display, the monitor port is disabled.
Port Monitoring State : Disabled
monitor-port
monitor-port (monitored)
monitor-port (port)
Use the show port system privileged Exec command to display miscellaneous port system information.
show port system
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This example shows how to display port system information:
hostname# show port system
Switching Mode FragmentFree Use of store and forward for multicast Disabled Network Port Ethernet0/27 Half duplex backpressure (10Mbps) Disabled Enhanced Congestion Control (10Mbps) Disabled
switching-mode
multicast-store-and-forward
network-port
back-pressure
ecc
Use the show running-config privileged Exec command to display the current settings of the configuration commands that modify the system default configuration.
show running-config
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This example shows how to display the current settings of the configuration commands that modify the system default configuration:
hostname# show running-config
Building configuration... Current configuration: ! version 11.2 ! hostname chinl-t1 ! ! ! interface fa0/1 cdp ! ! line con stopbits 1 ! end
Use the show snmp user Exec command to display Simple Network Management Protocol (SNMP) configuration information.
show snmp [traps | set-hosts]
traps | Displays SNMP trap information. |
set-hosts | Displays SNMP set-hosts information. |
This command has no default value.
User Exec
This example shows how to display information about SNMP traps:
> show snmp traps
Authentication trap: Enabled Link up/link down trap: Enabled Address violation trap: Enabled Broadcast storm control trap: Disabled traps: Enabled Host Community String ------------------ -------------------------- 172.20.128.165 public 172.20.128.166 private 172.20.128.167 public 172.20.128.168 private
This example shows how to display information about SNMP set-hosts.
> show snmp set-hosts
Read community string: public Write community string: private Set hosts configured: 172.20.128.170 172.20.128.171 172.20.128.172 172.20.128.173
snmp-server (community)
snmp-server (contact)
snmp-server (enable traps)
snmp-server (host)
snmp-server (location)
snmp-server (set-host)
Use the show snmp contact user Exec command to display the Simple Network Management Protocol (SNMP) contact.
show snmp contact
This command has no additional arguments or keywords.
This command has no default value.
User Exec
This example shows how to display the SNMP contact:
> show snmp contact
John Smith
show (snmp)
show (snmp hostname)
show (snmp location)
snmp-server (contact)
snmp-server (community)
snmp-server (enable traps)
snmp-server (host)
snmp-server (location)
snmp-server (set-host)
Use the show snmp hostname user Exec command to display the name of the Simple Network Management Protocol (SNMP) system.
show snmp hostname
This command has no additional arguments or keywords.
This command has no default value.
User Exec
This example shows how to display the name of the SNMP system:
> show snmp hostname
hb-crossbow
hostname
show (snmp)
show (snmp contact)
show (snmp location)
snmp-server (contact)
snmp-server (community)
snmp-server (enable traps)
snmp-server (host)
snmp-server (location)
snmp-server (set-host)
Use the show snmp location user Exec command to display the Simple Network Management Protocol (SNMP) location string.
show snmp location
This command has no additional arguments or keywords.
This command has no default value.
User Exec
This example shows how to display the SNMP location:
> show snmp location
Building M
hostname
show (snmp)
show (snmp contact)
show (snmp hostname)
snmp-server (contact)
snmp-server (community)
snmp-server (enable traps)
snmp-server (host)
snmp-server (location)
snmp-server (set-host)
Use the show spantree bridge-group privileged Exec command to display the spanning-tree configuration for enabled bridge groups.
show spantree [bridge-group [bridge-group ...]]
bridge-group | Number from 1 to 4. |
This command has no default value.
Privileged Exec
If you do not specify bridge-group, the system displays the spanning-tree configuration for all bridge groups and their member ports. If you specify bridge-group, the system displays the spanning-tree configuration for the specified bridge groups and their member ports only.
If you disable bridge groups, the system displays the configuration for VLANs.
This example shows how to display the spanning-tree configuration for bridge groups when they are enabled:
hostname# show spantree
Bridge-group 1 is executing the IEEE compatible Spanning Tree Protocol
Bridge Identifier has priority 32768, address 00E0.1E87.3A00
Configured hello time 2, max age 20, forward delay 15
Current root has priority 32768, address 00E0.1E87.3A00
Root port is N/A, cost of root path is 0
Topology change flag not set, detected flag not set
Timers: hold 1, topology change 0
hello 2, max age 20, forward delay 15
Timers: hello 2, topology change 35, notification 2
Port Ethernet 0/1 of Bridge-group1 is Blocking
Port path cost 100, Port priority 128
Designated root has priority 32768, address 00E0.1E87.3A00
Designated bridge has priority 32768, address 00E0.1E87.3A00
Designated port is Ethernet 0/1, path cost 0
Timers: message age 20, forward delay 15, hold 1
Port Ethernet 0/2 of Bridge-group1 is Blocking
Port path cost 100, Port priority 128
Designated root has priority 32768, address 00E0.1E87.3A00
Designated bridge has priority 32768, address 00E0.1E87.3A00
Designated port is Ethernet 0/2, path cost 0
Timers: message age 20, forward delay 15, hold 1
bridge (forwarding-time)
bridge (hello-time)
bridge (max-age)
bridge (priority)
bridge-group
bridge-group (allow-overlap)
bridge-group (enable)
spantree (bridge-group)
Use the show spantree-option privileged Exec command to display the path cost and the port priority of the two spanning-tree port parameter options and their assigned VLANs.
show spantree-option
This command has no additional arguments or keywords.
STP port option values for all trunk ports appears.
Privileged Exec
This command is not functional when bridge groups are enabled.
This example shows how to display the port-configuration option:
hostname# show spantree-option
Trunk Port A
============
Priority (option 1) : 128
Path cost (option 1) : 10
VLANs Assigned to option 1 priority : 1-1005
VLANs Assigned to option 1 pathcost : 1, 6-1005
Trunk Port A
============
Priority (option 2) : 128
Path cost (option 2) : 10
VLANs Assigned to option 2 priority : None
VLANs Assigned to option 2 pathcost : 2-5
Trunk Port B
============
Priority (option 1) : 128
Path cost (option 1) : 10
VLANs Assigned to option 1 priority : 1-1005
VLANs Assigned to option 1 pathcost : 1-1005
Trunk Port B
============
Priority (option 2) : 128
Path cost (option 2) : 10
VLANs Assigned to option 2 priority : None
VLANs Assigned to option 2 pathcost : None
spantree-option
spantree-option (vlan)
Use the show spantree-template privileged Exec command to display the bridge priority, forward-delay time when operating as root, hello time when operating as root, and max-age time when operating as root for bridge templates.
show spantree-template [bridge-template-id]
bridge-template-id | Number from 1 to 4. |
STP bridge parameters for all templates are displayed.
Privileged Exec
If you specify bridge-template-id, the system displays the bridge parameters for that VLAN only. This command is not functional when bridge groups are enabled.
This example shows how to display the current values of bridge template 1:
hostname# show spantree-template 1
Bridge Template 1 Bridge Priority : 32768 (8000 hex) Max age when operating as root : 20 second(s) Hello time when operating as root : 2 second(s) Forward delay when operating as root : 15 second(s) VLANs assigned to option : 1, 3, 5, 7
show (vlan)
spantree (start-forwarding)
spantree-template (forwarding-time)
spantree-template (hello-time)
spantree-template (max-age)
spantree-template (priority)
spantree-template (vlan)
spantree (vlan-list)
Use the show spantree privileged Exec command to display the Spanning-Tree Protocol (STP) configuration status of the switch.
show spantree [vlan]
vlan | Number from 1 to 1005. |
The spanning-tree configuration for all VLANs is displayed.
Privileged Exec
This command displays the number of spanning-tree instances that are currently running, VLANs for which STP is enabled, and so on. If you specify vlan, the system also displays the spanning-tree operating parameters for the specified VLAN.
This example shows how to display the spanning-tree configuration for VLAN 1:
hostname# show spantree 1
VLAN1 is executing the IEEE compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address 00e0.1e69.2300
Configured hello time 2, max age 20, forward delay 15
Current root has priority 32768, address 0053.4500.0000
Root port is Ethernet 0/4, cost of root path is 130
Topology change flag not set, detected flag not set
Topology changes 12, last topology change occured 0d00h02m31s ago
Times: hold 1, topology change 35
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0
Port Ethernet 0/1 of VLAN1 is down
Port path cost 10, Port priority 128
Designated root has priority 32768, address 0053.4500.0000
Designated bridge has priority 32768, address 00e0.1e69.2300
Designated port is Ethernet 0/1, path cost 130
Timers: message age 0, forward delay 14, hold 0
Port Ethernet 0/4 of VLAN1 is FORWARDING
Port path cost 10, Port priority 128
Designated root has priority 32768, address 0053.4500.0000
Designated bridge has priority 32768, address 00c0.1d80.55ee
Designated port is 27, path cost 120
Timers: message age Ethernet 0/4, forward delay 0, hold 0
Port Ethernet 0/6 of VLAN1 is FORWARDING
Port path cost 10, Port priority 128
Designated root has priority 32768, address 0053.4500.0000
Designated bridge has priority 32768, address 00e0.1e69.2300
Designated port is Ethernet 0/6, path cost 130
Timers: message age 0, forward delay 0, hold 0
show (spantree bridge-group)
show (spantree-option)
show (spantree-template)
spantree (bridge-group)
spantree (cost)
spantree (start-forwarding)
spantree-template (priority)
vlan
Use the show storm-control privileged Exec command to display the current settings for the storm control rising and falling threshold parameters.
show storm-control
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This example shows how to display the current settings for the storm control rising and falling threshold parameters:
hostname# show storm-control
Current Setting : Enabled Rising Threshold : 500 (packets/sec) Falling Threshold : 250 (packets/sec) Action on Broadcast Storm : disable port Send Trap on broadcast storm : Enabled
This display shows an example of the message that appears when a broadcast storm is detected.
Action on broadcast storm: Block Rising threshold: 500 packets/sec Falling threshold: 250 packets/sec Send trap upon broadcast storm: Enabled Ethernet 0/1 was above threshold at 0day(s) 14hour(s) 53minute(s) 09second(s) from system start-up
Use the show tacacs Exec command to display the current values for the Cisco Terminal Access Controller Access Control System (TACACS+) configuration options.
show tacacs
This command has no additional arguments or keywords.
This command has no default value.
User and privileged Exec
This example shows how to display the current TACACS+ configuration options.
hostname# show tacacs
enable use-tacacs: enabled login tacacs: enabled tacacs-server last-resort: password tacacs-server hosts: spaniel.cisco.com monarch.cisco.com 172.20.129.111 tacacs-server key: 001same_as_server tacacs-server login attempts: 3 tacacs-server timeout: 5 seconds tacacs-server directed-request: disabled
enable (use-tacacs)
login (tacacs)
tacacs-server (attempts)
tacacs-server (directed-request)
tacacs-server (host)
tacacs-server (key)
tacacs-server (last-resort)
tacacs-server (timeout)
Use the show trunk privileged Exec command to display trunking information for trunkable ports.
show trunk {A | B | port-channel} [allowed-vlans | prune-eligible | joined-vlans |
joining-vlans]
A | Display trunk A information. |
B | Display trunk B information. |
port-channel | Display information for port-channel trunk ports. |
allowed-vlans | Display allowed VLANs. |
prune-eligible | Display VLANs that have pruning enabled. |
joined-vlans | Display VLANs transmitting flood traffic. |
joining-vlans | Display VLANs receiving flood traffic. |
This command has no default value.
Privileged Exec
A port can be designated a trunk if it is a single-port Fast Ethernet or ATM module. This command is not functional when bridge groups are enabled.
This example shows how to display information for trunk A.
hostname# show trunk A
DISL state: auto Trunking status: On Encapsulation type: ISL
This example shows how to display the list of allowed VLANs on trunk B:
hostname# show trunk B allowed-vlans
1,2, 50-100.
This example shows how to display the list of pruning-eligible VLANs on trunk A:
hostname# show trunk A prune-eligible
2-1005
trunk
trunk-vlan
vtp trunk pruning-disable
Use the show uplink-fast user Exec command to display UplinkFast configuration information for the switch or module.
show uplink-fast
This command has no additional arguments or keywords.
This command has no default value.
User Exec
This example shows how to display UplinkFast configuration information for the switch.
hostname# show uplink-fast
Uplink fast Enabled Uplink fast frame generation rate 15
uplink-fast
uplink-fast (multicast-rate)
clear (uplink-fast statistics)
show (uplink-fast statistics)
Use the show uplink-fast statistics user Exec command to display UplinkFast statistics.
show uplink-fast statistics
This command has no additional arguments or keywords.
This command has no default value.
User Exec
This example shows how to display the UplinkFast statistics for the switch.
hostname# show uplink-fast statistics
Uplink fast transitions 5 Uplink fast station learning frames 127
clear (uplink-fast statistics)
show (uplink-fast)
uplink-fast
uplink-fast (multicast-rate)
Use the show version user Exec command to display basic hardware and firmware version information.
show version
This command has no additional arguments or keywords.
This command has no default value.
User Exec
This example shows how to display the basic switch hardware and firmware:
> show version
1900>show version Cisco Catalyst 1900/2820 Enterprise Edition Software Version V8.00.00(23) written from 171.071.081.214 Copyright (c) Cisco Systems, Inc. 1993-1998 ROM: System Bootstrap, Version 3.03 1900 uptime is 0day(s) 23hour(s) 03minute(s) 22second(s) cisco Catalyst 2820 (486sxl) processor with 2048K/1024K bytes of memory Hardware board revision is 1 Upgrade Status: No upgrade currently in progress. Config File Status: No configuration upload/download is in progress 25 Fixed Ethernet/IEEE 802.3 interface(s) SLOT A: 100Base-FX(4 Port Fiber Model), Version 1 SLOT B: ATM 155 SM Fiber - LR, Version 04 v11.3(2.3)T written from 172.020.249.170: valid Base Ethernet Address: 00-E0-1E-A2-FB-C0
Use the show vlan privileged Exec command to display the settings of VLAN configuration parameters.
show vlan [vlan]
vlan | Number from 1 to 1005. |
This command has no default value.
Privileged Exec
If you do not specify vlan, the system displays all VLAN configuration parameters. This command is not functional when bridge groups are enabled.
This example shows how to display the settings of the VLAN configuration parameters:
hostname# show vlan
VLAN Name Status Ports ---- -------------------------------- --------- ---------------------------- 1 default active 1-15
2 VLAN0002 active 16-18
3 VLAN0003 active
4 VLAN0004 active
5 VLAN0005 active
6 VLAN0006 active
7 VLAN0007 active
8 VLAN0008 active
9 VLAN0009 active
10 VLAN0010 active
11 VLAN0011 active
12 VLAN0012 active
13 VLAN0013 active
14 VLAN0014 active
15 VLAN0015 active
1002 fddi-default suspended
1003 token-ring-default suspended
1004 fddinet-default suspended
1005 trnet-default suspended
VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2 ---- ----- ------ ---- ------ ------ -------- --- ------ ------ 1 enet 100001 1500 0 0 0 IEEE 1002 1003
2 enet 100002 1500 0 0 0 IEEE 0 0
3 enet 100003 1500 0 0 0
4 enet 100004 1500- 0 0 0
5 enet 100005 1500- 0 0 0
6 enet 100006 1500- 0 0 0
7 enet 100007 1500- 0 0 0
8 enet 100008 1500- 0 - - - 0 0
9 enet 100009 1500- 0 - - - 0 0
10 enet 100010 1500- 0 - - - 0 0
11 enet 100011 1500- 0 - - - 0 0
12 enet 100012 1500- 0 - - - 0 0
13 enet 100013 1500- 0 - - - 0 0
14 enet 100014 1500- 0 0 0
15 enet 100015 1500 0 0 0
1002 FDDI 101002 1500 0 0 0 IEEE 1 1003
1003 Token_Ring 101003 1500 1005 1 0 IEEE 11 1002
1004 FDDI_Net 101004 1500 0 0 1 IEEE 0 0
1005 Token_Ring_Net 101005 1500001IEEE00
vlan
spantree-template (vlan)
spantree (vlan-list)
Use the show vlan-membership privileged Exec command to display the VLAN assignment and membership type for all switch ports.
show vlan-membership
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This command is not functional when bridge groups are enabled.
This example shows how to display the VLAN assignment and membership type for all switch ports:
hostname# show vlan-membership
Port VLAN Membership Type Port VLAN Membership Type --------------------------------------------------------------------------- 1 1 Static 14 2 Static 2 1 Static 15 2 Static 3 1 Static 16 2 Static 4 1 Static 17 2 Static 5 1 Static 18 2 Static 6 1 Static 19 2 Static 7 1 Dynamic 20 2 Static 8 1 Dynamic 21 2 Static 9 1 Dynamic 22 2 Static 10 1 Dynamic 23 2 Static 11 1 Dynamic 24 2 Static 12 1 Dynamic AUI 2 Static 13 1 Dynamic A 1 Static B 2 Static
vlan
vlan-membership (reconfirm)
vlan-membership (server)
vlan-membership (server retry)
Use the show vlan-membership server privileged Exec command to display both configuration and statistical information for VLAN membership policy servers.
show vlan-membership server
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This command is not functional when bridge groups are enabled.
This example shows how to display configuration and statistical information for VLAN membership policy servers:
hostname# show vlan-membership server
VMPS Query Protocol Version 1
Current VMPS 172.20.128.22
Total queries 1700 Total responses 1684
Total wrong version responses 0 Total denied responses 0
Total wrong domain responses 0 Total shutdown responses 0
Total no resource responses 0 Total VMPS changes 0
1st VMPS IP address 172.20.128.22
2nd VMPS IP address 172.20.128.88
3rd VMPS IP address None
4th VMPS IP address None
Primary VMPS 172.20.128.22
Number of retries before changing server 10
vlan
vlan-membership
vlan-membership (reconfirm)
vlan-membership (server retry)
Use the show vtp privileged Exec command to display Virtual Terminal Protocol (VTP) statistics.
show vtp
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This command is not functional when bridge groups are enabled.
This example shows how to display VTP statistics:
hostname# show vtp
VTP version: 1
Configuration revision : 3
Maximum VLANs supported locally: 1005
Number of existing VLANs: 5
VTP domain name : Zorro
VTP password : vtp_server
VTP operating mode : Server
VTP pruning mode : Enabled
VTP traps generation : Enabled
Configuration last modified by: 0.0.0.0 at 00-00-0000 00:00:00
show (vtp statistics)
vtp
vtp trunk pruning-disable
Use the show vtp statistics privileged Exec command to display the transmit, receive, and error statistics of VTP messages and VTP pruning statistics.
show vtp statistics
This command has no additional arguments or keywords.
This command has no default value.
Privileged Exec
This command displays the following information:
This command is not functional when bridge groups are enabled.
This example shows how to display VTP messages and pruning statistics:
hostname# show vtp statistics
Receive Statistics Transmit Statistics
----------------------------------- -----------------------------------
Summary Adverts 0 Summary Adverts 0
Subset Adverts 0 Subset Adverts 0
Advert Requests 0 Advert Requests 0
Configuration Errors:
Revision Errors 0
Digest Errors 0
VTP Pruning Statistics:
Port Join Received Join Transmitted Summary Adverts received
with no pruning support
---- ------------- ---------------- ------------------------
A 0 0 0
B 0 0 0
show (vtp)
vtp
vtp trunk pruning-disable
Use the shutdown interface configuration command to disable an interface. Use the no shutdown command to restart a disabled interface.
shutdown
no shutdown
This command has no arguments or keywords.
This command has no default value.
Interface configuration
This example shows how to disable Ethernet port 1:
hostname(config)# interface ethernet 0/1
hostname(config-if)# shutdown
This example shows how to disable ATM module 1:
hostname(config)# interface atm 1
hostname(config-if)# shutdown
Use the snmp-server community global configuration command to configure read-only or read-write Simple Network Management Protocol (SNMP) community strings. Use the no snmp-server community command to delete the existing community string.
snmp-server community string [ro | rw]
no snmp-server community string
string | Community string of 1 to 32 alphanumeric characters. No blank character spaces are allowed. |
ro | Configures read-only access. |
rw | Configures read-write access. |
The default value of the read-only community string is public, and the default value of the read-write community string is private.
Global configuration
If you do not specify ro or rw with the snmp-server community command, the system defaults to ro.
This example shows how to set the read-write community string to newstring:
hostname(config)# snmp-server community newstring rw
show (snmp)
show (snmp contact)
show (snmp hostname)
show (snmp location)
snmp-server (contact)
snmp-server (enable traps)
snmp-server (host)
snmp-server (location)
snmp-server (set-host)
Use the snmp-server contact global configuration command to enter the name of a Simple Network Management Protocol (SNMP) contact person. Use the no snmp-server contact command to delete the existing SNMP contact name.
snmp-server contact contact-string
no snmp-server contact
contact-string | Character string of 1 to 255 alphanumeric characters. |
This command has no default value.
Global configuration
This example shows how to set the SNMP contact name to systemadmin:
hostname(config)# snmp-server contact systemadmin
show (snmp)
show (snmp contact)
show (snmp hostname)
show (snmp location)
snmp-server (community)
snmp-server (enable traps)
snmp-server (host)
snmp-server (location)
snmp-server (set-host)
Use the snmp-server enable-trap global configuration command to enable one or all Simple Network Management Protocol (SNMP) traps that the switch can generate. Use the no snmp-server enable-trap command to disable one or all traps.
snmp-server enable traps {all | authentication | link-up-down | addr-violation | bsc | vtp}
no snmp-server enable traps {all | authentication | link-up-down | addr-violation | bsc | vtp}
all | All traps. |
authentication | Authentication failure trap. |
link-up-down | Link-up and link-down traps. |
addr-violation | Address violation trap. |
bsc | Broadcast storm control trap. |
vtp | Virtual Terminal Protocol trap. |
Authentication failure, link-up and link-down, address violation, and IP address change traps generation are enabled. Broadcast storm trap generation is disabled.
Global configuration
This example shows how to disable generation of link-up and link-down traps:
hostname(config)# no snmp-server enable-trap link-up-down
show (snmp)
show (snmp contact)
show (snmp hostname)
show (snmp location)
snmp-server (community)
snmp-server (contact)
snmp-server (host)
snmp-server (location)
snmp-server (set-host)
Use the snmp-server host global configuration command to specify a Simple Network Management Protocol (SNMP) trap host and the corresponding community string. Use the no snmp-server host command to delete the existing trap host.
snmp-server host host community-string
no snmp-server host host
host | IP address or name of host between 1 and 32 alphanumeric characters. |
community-string | Community string between 1 and 32 alphanumeric characters. |
No trap hosts are configured.
Global configuration
You can configure a maximum of four trap hosts.
This example shows how to specify 172.20.128.126 as the recipient of SNMP traps and trap-string as the community string:
hostname(config)# snmp-server host 172.20.128.126 trap-string
show (snmp)
show (snmp contact)
show (snmp hostname)
show (snmp location)
snmp-server (community)
snmp-server (contact)
snmp-server (enable traps)
snmp-server (location)
snmp-server (set-host)
Use the snmp-server location global configuration command to specify a Simple Network Management Protocol (SNMP) location. Use the no snmp-server location command to delete the existing SNMP location.
snmp-server location location-string
no snmp-server location
location-string | String between 1 and 255 alphanumeric characters. |
No SNMP location is specified.
Global configuration
This example shows how to specify the SNMP location string as sysadmin-office:
hostname(config)# snmp-server location sysadmin-office
show (snmp)
show (snmp contact)
show (snmp hostname)
show (snmp location)
snmp-server (community)
snmp-server (contact)
snmp-server (enable traps)
snmp-server (host)
snmp-server (set-host)
Use the snmp-server set-host global configuration command to configure a host to perform Simple Network Management Protocol (SNMP) set operations on the device. Use the no snmp-server set-host command to delete an existing host from the allowed list of set hosts.
snmp-server set-host host
no snmp-server set-host host
host | IP address or host name from 1 to 32 alphanumeric characters. |
No write hosts are configured.
Global configuration
You can specify a maximum of four set hosts. If, after specifying four set hosts, you need to add one more, you must delete a set host using the no snmp-server set-host command.
This example shows how to add 172.20.128.126 to the list of hosts:
hostname(config)# snmp-server set-host 172.20.128.126
show (snmp)
show (snmp contact)
show (snmp hostname)
show (snmp location)
snmp-server (community)
snmp-server (contact)
snmp-server (enable traps)
snmp-server (host)
snmp-server (location)
Use the spantree bridge group global configuration command to enable the Spanning-Tree Protocol (STP) on bridge groups. Use the no spantree bridge group command to disable STP on bridge groups.
spantree bridge-group [bridge-group [bridge-group...]]
no spantree bridge-group [bridge-group [bridge-group...]]
bridge-group | Number from 1 to 4. If you specify more than one bridge group, separate group numbers with spaces. |
Spanning tree is enabled on each bridge group.
Global configuration
This command is available only when bridge groups are enabled.
This example shows how to disable STP on bridge group 4 and bridge group 2:
hostname(config)# no spantree 4 2
bridge (forwarding-time)
bridge (hello-time)
bridge (max-age)
bridge (priority)
bridge-group
bridge-group (allow-overlap)
bridge-group (enable)
Use the spantree cost interface configuration command to change the spanning-tree path cost for an interface. Use the no spantree cost command to select the default port path cost value.
spantree cost cost-value
no spantree cost
cost-value | Valid range is 1 to 65535. |
You can calculate the default port path cost with this formula:
Interface configuration
If you use the spantree cost command to change the path cost for a Fast Ethernet port that is grouped with a Fast EtherChannel, the newly configured path cost applies to all ports grouped in the same Fast EtherChannel.
This example shows how to change the spanning-tree path cost for Ethernet port 1 to the value 100:
hostname(config)# interface ethernet 0/1
hostname(config-if)# spantree cost 100
interface
show (spantree-option)
Use the spantree-option interface configuration command to configure the path cost or the port priority of the spanning-tree port parameter option. Use the no spantree-option command to use the default value for the path cost or port priority parameters.
spantree-option option {cost | priority} value
no spantree-option option {cost | priority}
option | Port configuration option for trunk ports. Valid values are 1 and 2. |
cost | Path cost. |
priority | Port priority. |
value | For path cost, valid range is 1 to 65535; for port priority, 0 to 255. |
The default value for path cost is 10.
The default value for port priority is 128.
Interface configuration
This example shows how to assign a path cost of 300 to port configuration option 1 on trunk port A:
hostname(config)# interface fastethernet A
hostname(config-if)# spantree-option 1 cost 300
interface
spantree (cost)
spantree-option (vlan)
Use the spantree-option vlan interface configuration command to move the assignment of the spanning-tree port parameter option for one or more VLANs to the other port parameter option on trunk ports.
spantree-option option {cost | priority} vlan vlan-list
option | Port parameter option for trunk ports. Valid values are 1 and 2. |
cost | Path cost. |
priority | Port priority. |
vlan-list | Up to 10 VLANs. Valid range is 1 to 1005 (separated by spaces). |
The default value for the port parameter option is 1.
Interface configuration
If you use the spantree-option vlan command for a Fast Ethernet port that is an aggregated port group member, the assignment of the port parameter option and the VLAN range also applies to other members of the aggregated port group.
This command is not functional when bridge groups are enabled.
This example shows how to assign port configuration option 1 path cost to VLAN 300 on trunk port 0/26:
hostname(config)# interface fastethernet 0/26
hostname(config-if)# spantree-option 1 cost vlan 300
Use the spantree priority interface configuration command to change the spanning-tree port priority of an interface. Use the no spantree priority command to set the port priority to its default value.
spantree priority priority-value
no spantree priority
priority-value | Valid range is 0 to 255. |
The default is 128.
Interface configuration
If you use the spantree priority command to change the priority for a Fast Ethernet port that is grouped with a Fast EtherChannel, the newly specified priority applies to all ports in that group.
This example shows how to change the spanning-tree port priority for Ethernet port 1 to the value 100:
hostname(config)# interface ethernet 0/1
hostname(config-if)# spantree priority 100
interface
show (spantree-option)
Use the spantree start-forwarding interface configuration command to enable Port Fast forwarding mode for a nontrunk switch port. Use the no spantree start-forwarding command to disable Port Fast forwarding mode.
spantree start-forwarding
no spantree start-forwarding
This command has no additional arguments or keywords.
The Port Fast mode is enabled for nontrunk ports.
Interface configuration
Port Fast forwarding mode skips spanning-tree intermediate states (such as listening and learning) when a port moves from blocking to forwarding state, thereby providing access to the network without delay.
This example shows how to disable Port Fast forwarding mode for Ethernet interface 23:
hostname(config)# interface ethernet 0/23
hostname(config-if)# no spantree start-forwarding
interface
spantree-template (forwarding-time)
configure
Use the spantree-template forwarding-time global configuration command to specify the forward-delay interval for a bridge parameter template. Use the no spantree-template command to set the bridge template forwarding time to its default value.
spantree-template bridge-template-id forwarding-time seconds
no spantree-template bridge-template-id forwarding-time seconds
bridge-template-id | Number from 1 to 4. |
seconds | Forward delay in seconds. Valid range is 4 to 30. |
The default forward time value is 15 seconds.
Global configuration
You can also use forwarding time as a short-timer interval to age out dynamically learned unicast addresses when a topology change occurs in your network.
The value you specify for forwarding delay must reflect the following relationship:
This command is not functional when bridge groups are enabled.
This example shows how to assign a forward-delay interval of 20 seconds to bridge template 1:
hostname(config)# spantree-template 1 forwarding-time 20
spantree (vlan-list)
spantree-template (hello-time)
spantree-template (max-age)
spantree-template (priority)
spantree-template (vlan)
Use the spantree-template hello-time global configuration command to specify the hello time for a bridge parameter template.
spantree-template bridge-template-id hello-time seconds
bridge-template-id | Number from 1 to 4. |
seconds | Hello time in seconds. Valid range is 1 to 10. |
The default hello time value is 2 seconds.
Global configuration
Hello time is the interval between successive Bridge Protocol Data Unit (BPDU) transmissions by a root bridge. The value you specify for hello time must reflect the following relationship:
This command is not functional when bridge groups are enabled.
This example shows how to specify a hello time of 5 seconds for bridge template 1:
hostname(config)# spantree-template 1 hello-time 5
spantree-template (forwarding-time)
spantree-template (max-age)
spantree-template (priority)
spantree-template (vlan)
Use the spantree-template max-age global configuration command to specify the maximum age for a bridge parameter template. Use the no spantree-template command to set the maximum age argument to its default value.
spantree-template bridge-template-id max-age seconds
no spantree-template
bridge-template-id | Number from 1 to 4. |
seconds | Maximum age in seconds. Valid range is 6 to 40. |
The default maximum age is 20 seconds.
Global configuration
The maximum age is the age of the Bridge Protocol Data Unit (BPDU) message. The age of the BPDU message is the time since the generation of the BPDU by the root. This age is conveyed to enable a bridge to discard old or obsolete information. The value you specify for the maximum age must satisfy the following relationship:
This command is not functional when bridge groups are enabled.
This example shows how to specify a maximum age of 30 seconds for bridge template 1:
hostname(config)# spantree-template 1 max-age 30
spantree-template (forwarding-time)
spantree-template (hello-time)
spantree-template (priority)
spantree-template (vlan)
Use the spantree-template priority global configuration command to specify the priority of a bridge parameter template. Use the no spantree-template priority command to set the bridge template priority to its default value.
spantree-template bridge-template-id priority value
no spantree-template bridge-template-id priority value
bridge-template-id | Number from 1 to 4. |
value | Bridge priority. Valid range is 1 to 65535. |
The default bridge priority is 32768.
Global configuration
This command is not functional when bridge groups are enabled.
This example shows how to specify a bridge priority value of 30 for bridge template 1:
hostname(config)# spantree-template 1 priority 30
spantree-template (forwarding-time)
spantree-template (hello-time)
spantree-template (max-age)
spantree-template (vlan)
Use the spantree-template vlan global configuration command to move the assignment of a bridge template for a set of VLANs to a new bridge template. Use the no spantree-template vlan command to set the VLAN list to the default bridge template.
spantree-template bridge-template-id vlan vlan-list
no spantree-template bridge-template-id vlan vlan-list
bridge-template-id | Number from 1 to 4. |
vlan-list | Up to 10 VLANs ranging from 1 to 1005 (separated by spaces). |
The default bridge template is 1 for all VLANs.
Global configuration
If STP is enabled for a VLAN, then STP uses the bridge parameters. This command is not functional when bridge groups are enabled.
This example shows how to assign bridge parameter template 2 to VLAN 30:
hostname(config)# spantree-template 2 vlan 30
spantree-template (forwarding-time)
spantree-template (hello-time)
spantree-template (max-age)
spantree-template (priority)
Use the spantree vlan-list global configuration command to enable the Spanning-Tree Protocol (STP) for up to ten VLANs. Use the no spantree vlan-list command to disable STP for the specified VLANs.
spantree vlan-list
no spantree vlan-list
vlan-list | Up to ten VLANs specified by values between 1 to 1005 (separated by spaces). |
Enabled for the first 64 VLANs (VLAN numbers 1 to 64).
Global configuration
This example shows how to enable STP for VLAN 24:
hostname(config)# spantree 24
Use the speed line-configuration command to set the transmitting and receiving speed of a port. Use the no speed command to set the speed line configuration to its default vaue.
speed {2400 | 9600 | 19200}
no speed
2400 | 2400 baud. |
9600 | 9600 baud. |
19200 | 19200 baud. |
The default speed is 9600 baud.
Line configuration
This example shows how to set the speed of the RS-232 port to 2400 baud.
hostname(config-line)# speed 2400
line (console)
show (line)
stopbits
terminal
Use the stopbits line-configuration command to set the number of stop bits for an RS-232 port. Use the no stopbits command to disable stop bits.
stopbits {1 | 2}
no stopbits
1 | 1 stop bit. |
2 | 2 stop bits. |
1 stop bit.
Line configuration
This example shows how to set the number of stop bits to 1:
hostname(config-line)# stopbits 1
line (console)
show (line)
speed
terminal
Use the storm-control global configuration command to specify a threshold that signals either the start or the end of a broadcast storm. Use the no storm-control command to reset the threshold to the default value.
storm-control [falling | filter | rising ] threshold
no storm-control [rising | falling]
falling | Threshold that signals end of broadcast storm. |
filter | Disable the port during a broadcast storm. |
rising | Threshold that signals start of broadcast storm. |
threshold | Rising or falling threshold in packets per second. Valid range is 10 to 14400. |
The default value of the rising threshold is 500 broadcast packets per second.
The default value of the falling threshold is 250 packets per second.
The default value of the filter argument is to take no action against the port causing a broadcast storm.
Global configuration
This example shows how to set the threshold for the start of a broadcast storm to 1000 broadcast packets per second:
hostname(config)# storm-control rising 1000
This example shows how to block a port causing a broadcast storm:
hostname(config)# storm-control filter
Use the switching-mode global configuration command to choose between store-and-forward and fragment-free switching mode. Use the no switching-mode to set the switching mode to its default value.
switching-mode {store-and-forward | fragment-free}
no switching-mode
store-and-forward | Switch does not forward until entire frame has been received. |
fragment-free | Switch forwards as soon as destination address is received or as soon as frame is identified as not a collision fragment. |
The default switching mode is FragmentFree.
Global configuration
This example shows how to set the switching mode to store-and-forward:
hostname(config)# switching-mode store-and-forward
multicast-store-and-forward
show (port system)
Use the tacacs-server attempts global configuration command to set the maximum permitted number of login attempts when Cisco Terminal Access Controller Access Control System (TACACS+) is enabled. Use the no tacacs-server attempts command to set the number to the default value.
tacacs-server attempts integer
no tacacs-server attempts
integer | A number between 1 and 10. |
Three login attempts.
Global configuration
This example shows how to set the maximum number of allowed login attempts to 7.
hostname(config)# tacacs-server attempts 7
enable (use-tacacs)
login (tacacs)
show (tacacs)
tacacs-server (directed-request)
tacacs-server (host)
tacacs-server (key)
tacacs-server (last-resort)
tacacs-server (timeout)
Use the tacacs-server directed-request global configuration command to enable the directed-request option. This command allows you to direct your login request to a specific Cisco Terminal Access Controller Access Control System (TACACS+) authentication server instead of to the default server. Use the no tacacs-server directed-request command to disable the ability to choose between configured TACACS servers.
tacacs-server directed-request
no tacacs-server directed-request
This command has no additional arguments or keywords.
The directed request option is disabled.
Global configuration
This command sends only the portion of the login user name before the @ symbol to the TACACS+ server specified after the @ symbol. In other words, the switch interprets the string userid@server as a request to authenticate userid at the TACACS+ server server. If the server name specified by the user does not match the IP address of a TACACS+ server configured by the administrator, the user login is rejected.
Disabling tacacs-server directed-request results in the switch sending the whole login string---both before and after the @ symbol---to the default TACACS+ server.
The tacacs-server directed-request command is useful for sites that have developed their own TACACS+ server software that parses the entire login string and makes decisions based on it.
This example shows how to enable the directed-request option.
hostname(config)# tacacs-server directed-request
enable (use-tacacs)
login (tacacs)
show (tacacs)
tacacs-server (attempts)
tacacs-server (host)
tacacs-server (key)
tacacs-server (last-resort)
tacacs-server (timeout)
Use the tacacs-server host global configuration command to designate a Cisco Terminal Access Controller Access Control System (TACACS+) server (by host name or IP address). Use the no tacacs-server host command to delete a server address from the TACACS+ server list.
tacacs-server host hostaddress
no tacacs-server host hostaddress
hostaddress | Host name or IP address of TACACS+ server. |
No TACACS+ server is specified.
Global configuration
Use this command to specify up to three servers (one per command); during authentication, the switch will contact the servers in the order that you entered them.
This example shows how to designate the host name spaniel and the server IP address 172.21.130.51 as a TACACS+ server.
hostname(config)# tacacs-server host spaniel.cisco.com
hostname(config)# tacacs-server host 172.21.130.51
This example shows how to delete the server host name server.yourfirm.com from the TACACS+ server list.
hostname(config)# no tacacs-server host server.yourfirm.com
enable (use-tacacs)
login (tacacs)
show (tacacs)
tacacs-server (attempts)
tacacs-server (directed-request)
tacacs-server (key)
tacacs-server (last-resort)
tacacs-server (timeout)
The tacacs-server key global configuration command defines the key used to encrypt the messages exchanged with the TACACS+ servers. If no key is defined, the messages are not encrypted.
tacacs-server key key
no tacacs-server key
key | An encryption key between 1 and 100 characters. The key can include any printable ASCII character except tabs. |
No key is defined.
Global configuration
The string specified for the key must be the same as that defined on the server.
All leading spaces are ignored, but spaces within and at the end of the key are not. Double quotes are not required unless they are a part of the key.
This example shows how to specify the TACACS+ encryption key 001same_as_server.
hostname(config)# tacacs-server key 001same_as_server
enable (use-tacacs)
login (tacacs)
show (tacacs)
tacacs-server (attempts)
tacacs-server (directed-request)
tacacs-server (host)
tacacs-server (last-resort)
tacacs-server (timeout)
Use the tacacs-server last-resort global configuration command to specify what action should be taken when Cisco Terminal Access Controller Access Control System (TACACS+) servers cannot be reached. Use the no tacacs-server last-resort to designate no last-resort action.
tacacs-server last-resort [password | succeed]
no tacacs-server last-resort
password | Your local authentication password as specified by the enable password command. |
succeed | Access to privileged level is granted. |
No last resort-option is specified.
Global configuration
When your system cannot reach your TACACS+ servers:
This example shows how to accept any user if the TACACS+ server cannot be reached for authentication.
hostname(config)# tacacs-server last-resort succeed
enable (use-tacacs)
login (tacacs)
show (tacacs)
tacacs-server (attempts)
tacacs-server (directed-request)
tacacs-server (host)
tacacs-server (key)
tacacs-server (timeout)
The tacacs-server timeout global configuration command specifies the maximum time limit for which the switch will wait for the Cisco Terminal Access Controller Access Control System (TACACS+) server to reply during the authentication process. Use the no tacacs-server timeout command to restore the default value.
tacacs-server timeout seconds
no tacacs-server timeout
seconds | An integer between 1 and 255 (seconds). |
5 seconds.
Global configuration
This example shows how to set the timeout value to 10 seconds.
hostname(config)# tacacs-server timeout 10
enable (use-tacacs)
login (tacacs)
show (tacacs)
tacacs-server (attempts)
tacacs-server (directed-request)
tacacs-server (host)
tacacs-server (key)
tacacs-server (last-resort)
Use the terminal user Exec command to set the attributes of the RS-232 port.
terminal [speed {2400 | 9600 | 19200 | 38400 | 56000}] [databits {7 | 8}] [stopbits {1 | 2}]
[parity {none | odd | even | mark | space}]
speed | Transmit and receive speeds: 2400, 9600, 19200, 38400, or 56000. |
databits | Number of data bits per character: 7 or 8. |
stopbits | Asynchronous line stop bits: 1 or 2. |
parity | Terminal parity: none, odd, even, mark, or space. |
The default settings for the RS-232 attributes are 9600 baud, 8 data bits, 1 stop bit, and no parity.
User Exec
This example shows how to set the baud rate to 19200:
> terminal speed 19200
This example shows how to set the baud rate to 19200, the data bits to 7, and the stop bits to 1:
> terminal speed 19200 databits 7 stopbits 1
autobaud
databits
modem (dialin)
parity
speed
stopbits
terminal
Use the tftp accept global configuration command to specify the Trivial File Transfer Protocol (TFTP) delivery of a firmware image or a configuration file from a host. Use the no tftp accept command to disable the TFTP delivery of a firmware image or a configuration file.
tftp accept
no tftp accept
This command has no additional arguments or keywords.
This command has no default value.
Global configuration
This example shows how to enable the TFTP delivery:
hostname(config)# tftp accept
This example shows how to disable the TFTP delivery:
hostname(config)# no tftp accept
copy (nvram tftp)
copy (tftp)
tftp (filename)
tftp (server)
Use the tftp filename global configuration command to specify a filename for the switch firmware. Use the no tftp filename command to delete the existing filename.
tftp filename filename
no tftp filename filename
filename | Filename between 1 and 80 alphanumeric characters. |
No filename is configured.
Global configuration
This example shows how to specify the filename as cat2820.bin. The location of this file is c:\bin\.
hostname(config)# tftp filename c:\bin\cat2820.bin
copy (nvram tftp)
copy (tftp)
tftp (accept)
tftp (server)
Use the tftp server global configuration command to specify the IP address or host name of the TFTP server. Use the no tftp server command to delete the IP address or host name of the TFTP server.
tftp server host
no tftp server
host | IP address or host name of 1 to 32 alphanumeric characters. |
This command has no default value.
Global configuration
This example shows how to specify the IP address of the TFTP server as 192.2.1.20:
hostname(config)# tftp server 192.2.1.20
This example shows how to specify the host name of the TFTP server as spaniel:
hostname(config)# tftp server spaniel
copy (nvram tftp)
copy (tftp)
tftp (accept)
tftp (filename)
Use the trunk interface configuration command to set a Fast Ethernet port to trunk mode with the Dynamic Inter-Switch Link (DISL) protocol.
trunk [on | off | desirable | auto | nonegotiate]
on | Configures the port into permanent Inter-Switch Link (ISL) trunk mode and negotiates with the connected device to convert the link to trunk mode. The port converts to trunk mode even if the other end of the link does not. |
off | Disables port trunk mode and negotiates with the connected device to convert the link to nontrunk. The port converts to nontrunk even if the other end of the link does not. Use this state when an ISL port is connected to another ISL port that does not support the DISL protocol. |
desirable | Triggers the port to negotiate the link from nontrunking to trunk mode. The port negotiates to a trunk port if the connected device is either in the On, Desirable, or Auto state. Otherwise, the port becomes a nontrunk port. |
auto | Enables a port to become a trunk only if the connected device has the state set to On or Desirable. |
nonegotiate | Configures port to permanent ISL trunk mode and no negotiation takes place with the partner. |
The default DISL configuration state for a Fast Ethernet port is off.
Interface configuration
This command applies only to one Fast Ethernet port. If you use this command for a Fast Ethernet port that is an aggregate port group member, the newly configured value also applies to all other aggregate port group members.
This command is not functional when bridge groups are enabled.
This example shows how to set the Fast Ethernet port to trunk mode:
hostname(config)# interface fastethernet 0/26
hostname(config-if)# trunk on
interface
show (trunk)
trunk-vlan
Use the trunk-vlan interface configuration command to select up to ten VLANs for trunk grouping. Use the no trunk-vlan command to disable VLANs from grouping as a trunk.
trunk-vlan vlan-list
no trunk-vlan vlan-list
vlan-list | Up to ten VLAN IDs between 1 and 1005 (separated by spaces). |
All VLANs (1 to 1005) are in trunk mode on Fast Ethernet ports.
Interface configuration
This command applies only to a single Fast Ethernet port. If you use this command for a Fast Ethernet port that is an aggregate port group member, the newly configured value also applies to all other aggregate port group members.
This command is not functional when bridge groups are enabled.
This example shows how to disable trunk mode for VLANs 5, 8, and 10 on trunk port 0/26:
hostname(config)# interface fastethernet 0/26
hostname(config-if)# no trunk-vlan 5 8 10
Use the uplink-fast global configuration command to enable the UplinkFast capability for the switch. Use the no uplink-fast command to disable the Uplink Fast capability for the switch.
uplink-fast
no uplink-fast
This command has no arguments or keywords.
Uplink Fast is disabled.
Global configuration
Use this command when every access switch and distribution switch has a least one redundant uplink. A switch begins using the alternate paths as soon as it detects that the root port has gone down. The new root port transitions to forwarding state immediately without going through the listening and learning states, as they would with normal STP procedures.
This command is not functional when bridge groups are enabled.
This example shows how to enable the Uplink Fast capability for the switch:
hostname(config)# uplink-fast
clear (uplink-fast statistics)
show (uplink-fast)
show (uplink-fast statistics)
uplink-fast (multicast-rate)
Use the uplink-fast multicast-rate global configuration command to specify the rate at which station-learning frames are generated when UplinkFast is enabled.
uplink-fast multicast-rate value
value | Number from 0 to 300 specifying the rate at which station-learning frames are generated in frames per 100 ms. |
The default station-learning frame-generation rate is 15/100 ms.
Global configuration
If UplinkFast is enabled and the root port fails, station-learning frames (multicast frames) are sent to the new root port with a source address. The source address is equal to a source that must now be reached from the backbone through the new root port of UplinkFast. Limit the rate at which station-learning frames are generated to avoid broadcast storms.
If you specify a value of 0, multicast frames are not generated.
This command is not functional when bridge groups are enabled.
This example shows how to configure the station-learning frame-generation rate to 20/100 ms:
hostname(config)# uplink-fast multicast rate 20
clear (uplink-fast statistics)
show (uplink-fast)
show (uplink-fast statistics)
uplink-fast
Use the vlan global configuration command to configure a VLAN with a number, name, 802.10 SAID value, state, maximum transmission unit (MTU) size that the VLAN can carry, and VLAN type. This command also specifies two different types of VLAN identifiers that can be translationally bridged. Use the no vlan command to delete a VLAN or to negate the configuration of a translational bridge VLAN.
vlan vlan [name vlan-name] [sde said-value] [state {operational | suspended}] [mtu mtu-size]
[{ethernet | fddi | tokenring} ring-number ring-no parent-vlan parent-vlan | {fddi-net | tr-net}
bridge-number bridge-number stp-type {ibm | ieee}] [tlb-1 vlan1 tlb-2 vlan2]
no vlan vlan
vlan | Unique ISL VLAN identifier between 1 and 1005. |
vlan-name | Unique VLAN or ATM ELAN name between 1 and 32 alphanumeric characters. The name provides a mapping between an ISL VLAN identifier and an ATM ELAN name. |
said-value | Unique 802.10 VLAN identifier between 1 and 4294967294. |
operational | Change state to operational. |
suspended | Change state to suspended. |
mtu-size | Number of bytes that can be carried on a frame in a VLAN. |
ethernet | Ethernet. |
fddi | FDDI. |
tokenring | Token Ring. |
ring-no | Ring number of a Token Ring or FDDI VLAN between 0 and 4095. |
parent-vlan | Parent VLAN ID of a Token Ring or FDDI VLAN between 1 and 1005. The parent VLAN must be either Token-Ring-Net or FDDI-Net VLAN for Token Ring or FDDI VLAN, respectively. |
fddi-net | FDDI network. |
tr-net | Token Ring network. |
bridge-number | Bridge number of a Token-Ring-Net or FDDI-Net VLAN between 1 and 15. |
ibm | IBM Spanning-Tree Protocol. |
ieee | IEEE 802.1d spanning tree. |
vlan1 | First VLAN bridge to be translationally bridged. |
vlan2 | Second VLAN bridge to be translationally bridged. |
This command has the following default values:
Global configuration
The current VLAN type and the two translationally bridged VLAN types must be mutually exclusive; one is Ethernet, one is FDDI, and one Token Ring).
This command is not functional when bridge groups are enabled.
This example shows how to configure VLAN 2 with the name Engineering:
hostname(config)# vlan 2 name Engineering
This example shows how to configure VLAN 1002 as a translational bridge between VLAN 1 and VLAN 1003:
hostname(config)# vlan 1002 tlb-1 1 tlb-2 1003
show (vlan)
show (vlan-membership)
show (vlan-membership server)
vlan-membership
vlan-membership (reconfirm)
vlan-membership (server)
vlan-membership (server retry)
Use the vlan-membership interface configuration command to assign a port to a VLAN. Use the no vlan-membership command to remove a port from a VLAN.
vlan-membership {static {vlan} | dynamic}
no vlan-membership
static | Sets VLAN membership type as static. |
vlan | Static VLAN number from 1 to 1005. |
dynamic | Sets VLAN membership type as dynamic. |
All nontrunk ports belong to a default VLAN. ISL VLAN ID 1 is the default VLAN for Ethernet VLANs, and default is the default ELAN for ATM VLANs. The membership type of all nontrunk ports is static.
Interface configuration
If you want to know the VLAN membership of a port that has been set to dynanmic but is static by default, query the VLAN Membership Policy Server (VMPS).
This command is not functional when bridge groups are enabled.
This example shows how to configure the interface as a dynamic VLAN port:
hostname(config)# interface ethernet 0/6
hostname(config-if)# vlan-membership dynamic
interface
show (vlan)
show (vlan-membership)
show (vlan-membership server)
vlan
vlan-membership (reconfirm)
vlan-membership (server)
vlan-membership (server retry)
Use the vlan-membership reconfirm privileged Exec command to reconfirm the VLAN assignment for all dynamic ports.
vlan-membership reconfirm
This command has no additional arguments or keywords.
This command has no default.
Privileged Exec
You can determine the VLAN membership of a dynamic port by querying the VLAN Membership Policy Server (VMPS).
This command is not functional when bridge groups are enabled.
This example shows how to reconfirm the VLAN membership for all dynamic ports:
hostname# vlan-membership reconfirm
show (vlan)
show (vlan-membership)
show (vlan-membership server)
vlan
vlan-membership
vlan-membership (server)
vlan-membership (server retry)
Use the vlan-membership server global configuration command to specify an IP address for the VLAN Membership Policy Server (VMPS). Use the no vlan-membership server command to delete the VMPS address.
vlan-membership server ip-addr [primary]
no vlan-membership server ip-addr
ip-addr | IP address. |
primary | Configure VMPS as primary server. |
The first server is the primary server.
Global configuration
A VMPS assigns memberships to dynamic VLAN ports based on the content of packets it receives. You can configure a maximum of four VMPSs. You can configure one of the four servers as a primary server. By default, the first server is selected as a primary server. If the primary server cannot be reached in a query attempt after the number of retries equal to the globally configured retry count, the secondary servers are used consecutively.
This command is not functional when bridge groups are enabled.
This example shows how to configure an IP address for a primary VLAN VMP server:
hostname(config)# vlan-membership server 172.20.128.88 primary
show (vlan)
show (vlan-membership)
show (vlan-membership server)
vlan
vlan-membership
vlan-membership (reconfirm)
vlan-membership (server retry)
Use the vlan-membership server retry global configuration command to configure the retry count for VLAN Membership Policy Servers (VMPS).
vlan-membership server retry count
count | Number from 1 to 10. |
count is 10 for each server.
Global configuration
This command is not functional when bridge groups are enabled.
This example shows how to specify a retry count of 5 for all VMP servers.
hostname(config)# vlan-membership server retry 5
show (vlan)
show (vlan-membership)
show (vlan-membership server)
vlan
vlan-membership
vlan-membership (reconfirm)
vlan-membership (server)
Use the vtp global configuration command to specify the operating mode, domain name, generation of traps, and pruning capabilities of VLAN Trunk Protocol (VTP). Also use this command to set a password for the VTP domain.
vtp [server | transparent] [domain domain-name] [trap {enable | disable}] [password password] [pruning {enable | disable}]
server | VTP server operating mode. If selected, switch updates its VLAN configuration from configurations reported by other trunked VTP devices and allows configuration to be modified locally. Any changes are distributed through VTP messages. |
transparent | VTP transparent operating mode. If selected, switch allows configuration to be modified locally but configuration changes are not advertised by VTP messages. VTP messages received are forwarded to trunks without being processed. |
domain-name | VTP management domain name from 1 to 32 alphanumeric characters. |
enable | Enable generation of VTP traps such as Configuration Revision Error Trap, Configuration Digest Error Trap, and MTU Too Big Trap. Enable pruning. |
disable | Disable generation of VTP traps/pruning. |
password | Password between 8 and 64 alphanumeric characters. Password is case insensitive. |
The default VTP mode is server, and the default trap-generation is enabled. The default VTP pruning mode is enabled.
Global configuration
If you create a VTP password, it generates a secret value. This value is used in the calculation of the MD5 digest of a VTP advertisement. The MD5 digest ensures the validity of VTP advertisements.
This command is not functional when bridge groups are enabled.
This example configures a VTP domain named Engineering Department with trap control enabled.
hostname(config)# vtp domain "Engineering Department" trap enable
delete (vtp)
show (vtp)
show (vtp statistics)
vtp trunk pruning-disable
Use the vtp trunk pruning-disable interface configuration command to disable pruning for a set of VLANs on a trunk port. Use the no vtp trunk pruning-disable command to enable pruning for a set of VLANs on a trunk port.
vtp trunk pruning-disable vlan-list
no vtp trunk pruning-disable vlan-list
vlan-list | Up to ten VLANs for which pruning is disabled. Valid range is 1 to 1005 (separated by spaces). |
VTP pruning is enabled for all VLANs on both trunk ports.
Interface configuration
A VLAN is pruned when the switch does not need to receive flooded traffic because it has no other VLAN ports. Pruning reduces unnecessary bandwidth usage on a trunk. By default, all VLANs can be pruned.
If you specify this command for a trunk port that is an aggregate port group member, the new configuration also applies to the other members of the aggregate port group.
This command is not functional when bridge groups are enabled.
This example shows how to disable the pruning of VLAN 2 on trunk port A.
hostname(config)# interface fastethernet A
hostname(config-if)# vtp trunk pruning-disable 2
|
|