Cisco Nexus 1000V Command Reference, Release 4.0(4)SV1(1)
S Commands
Downloads: This chapterpdf (PDF - 339.0KB) The complete bookPDF (PDF - 6.9MB) | Feedback

S Commands

Table Of Contents

S Commands

send

session-limit

service-policy

set

setup

shutdown

sleep

ssh

ssh key

ssh server enable

state (VLAN)

state (Port Profile)

statistics per-entry

svs connection

svs-domain

svs license transfer src-vem

svs license volatile

switchname

switchport access vlan

switchport mode

switchport port-security

switchport private-vlan host-association

switchport private-vlan mapping

switchport private-vlan mapping trunk

switchport trunk allowed vlan

switchport trunk native vlan

system redundancy role

system switchover


S Commands


This chapter describes the Cisco Nexus 1000V commands that begin with the letter S.

send

To send a message to an open session, use the send command.

send {message | session device message}

Syntax Description

message

Message.

session

Specifies a specific session.

device

Device type.


Defaults

None

Command Modes

Any

Supported User Roles

network-admin
network-operator

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to send a message to an open session:

n1000v# send session sessionOne testing
n1000v# 

Related Commands

Command
Description

show banner

Displays a banner.


session-limit

To limit the number of VSH sessions, use the session-limit command. To remove the limit, use the no form of this command.

session-limit number

no session-limit number

Syntax Description

number

Number of VSH sessions. The range of valid values is 1 to 64


Defaults

No limit is set.

Command Modes

Line configuration (config-line)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to limit the number of VSH sessions:

n1000v# configure terminal
n1000v(config)# line vty
n1000v(config-line)# session-limit 10
n1000v(config-line)# 

This example shows how to remove the limit:

n1000v# configure terminal
n1000v(config)# line vty
n1000v(config-line)# no session-limit 10
n1000v(config-line)# 

service-policy

To configure a service policy for an interface, use the service-policy command. To remove the service policy configuration, use the no form of this command.

service-policy {input name [no-stats] | output name [no-stats] | type qos {input name [no-stats] | output name [no-stats]}}

no service-policy {input name [no-stats] | output name [no-stats] | type qos {input name [no-stats] | output name [no-stats]}}

Syntax Description

input

Specifies an input service policy.

name

Policy name. The range of valid values is 1 to 40.

no-stats

(Optional) Specifies no statistics.

output

Specifies an output service policy.

type qos

Specifies a QoS service policy.


Defaults

No service policy exists.

Command Modes

Interface Configuration (config-if)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to configure a service policy for an interface:

n1000v# configure terminal
n1000v(config)# interface vethernet 10
n1000v(config-if)# service-policy type qos input sp10 no-stats
n1000v(config-if)# 

This example shows how to remove a service policy configuration for an interface:

n1000v# configure terminal
n1000v(config)# interface vethernet 10
n1000v(config-if)# no service-policy type qos input sp10 no-stats
n1000v(config-if)# 

Related Commands

Command
Description

show running interface

Displays interface configuration information.


set

To set QoS class attributes, use the set command. To remove class attributes, use the no form of this command.

set {{cos cos-val} | {dscp [tunnel] {dscp-val | dscp-enum}} | {precedence [tunnel] {prec-val | prec-enum}} | {discard-class dis-class-val} | {qos-group qos-grp-val} | {{{cos cos} | {dscp dscp} | {precedence precedence} | {discard-class discard-class}} table table-map-name} | {cos1 {{dscp table cos-dscp-map} | {precedence table cos-precedence-map} | {discard-class table cos-discard-class-map}}} | {dscp1 {{cos table dscp-cos-map} | {prec3 table dscp-precedence-map} | {dis-class3 table dscp-discard-class-map}}} | {prec1 {{cos3 table precedence-cos-map} | {dscp3 table precedence-dscp-map} | {dis-class3 table precedence-discard-class-map}}} | {dis-class1 {{cos3 table discard-class-cos-map} | {dscp3 table discard-class-dscp-map} | {prec3 table discard-class-precedence-map}}}}

no set {{cos cos-val} | {dscp [tunnel] {dscp-val | dscp-enum}} | {precedence [tunnel] {prec-val | prec-enum}} | {discard-class dis-class-val} | {qos-group qos-grp-val} | {{{cos cos} | {dscp dscp} | {precedence precedence} | {discard-class discard-class}} table table-map-name} | {cos1 {{dscp table cos-dscp-map} | {precedence table cos-precedence-map} | {discard-class table cos-discard-class-map}}} | {dscp1 {{cos table dscp-cos-map} | {prec3 table dscp-precedence-map} | {dis-class3 table dscp-discard-class-map}}} | {prec1 {{cos3 table precedence-cos-map} | {dscp3 table precedence-dscp-map} | {dis-class3 table precedence-discard-class-map}}} | {dis-class1 {{cos3 table discard-class-cos-map} | {dscp3 table discard-class-dscp-map} | {prec3 table discard-class-precedence-map}}}}

Syntax Description

cos

Specifies IEEE 802.1Q CoS (Class of Service).

cos-value

CoS value. The range of valid values is 0 to 7.

dscp

Specifies DSCP (Differentiated Services Code Point) in IPv4 and IPv6 packets.

tunnel

(Optional) Specifies DSCP in tunnel encapsulation.

dscp-value

DSCP value.

dscp-enum

 

precedence

Precedence in IP(v4) and IPv6 packets.

prec-val

IP Precedence value.

prec-enum

.

discard-class dis-class-val

Discard class + Discard class value.

qos-group qos-grp-val

Qos-group + Qos-group value.

table table-map-name

Table defining mapping from input to output + Table-map name.

cos1

IEEE 802.1Q class of service.

cos-dscp-map

Cos to DSCP Mutation map.

cos-precedence-map

Cos to Precedence Mutation map.

cos-discard-class-map

Cos to Discard Class Mutation map.

dscp1

DSCP in IP(v4) and IPv6 packets.

dscp-cos-map

DSCP to COS Mutation map.

prec3

Precedence in IP(v4) and IPv6 packets.

dscp-precedence-map

DSCP to Precedence Mutation map.

dis-class3

Discard class.

dscp-discard-class-map

DSCP to Discard Class Mutation map.

prec1

Precedence in IP(v4) and IPv6 packets.

cos3

IEEE 802.1Q class of service.

precedence-cos-map

Precedence to COS Mutation map.

dscp3

DSCP in IP(v4) and IPv6 packets.

precedence-dscp-map

Precedence to DSCP Mutation map.

precedence-discard-class-map

Precedence to Discard Class Mutation map.

dis-class1

Discard class.

discard-class-cos-map

Discard Class to COS Mutation map.

discard-class-dscp-map

Discard Class to DSCP Mutation map.

discard-class-precedence-map

Discard Class to Precedence Mutation map.


Defaults

None

Command Modes

Policy Map Class Configuration (config-pmap-c-qos)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to set class attributes:

n1000v# configure terminal
n1000v(config)# policy-map pm1
n1000v(config-pmap-qos)# class class-default
n1000v(config-pmap-c-qos)# set qos-group 1
n1000v(config-pmap-c-qos)#

This example shows how to remove class attributes:

n1000v# configure terminal
n1000v(config)# policy-map pm1
n1000v(config-pmap-qos)# class class-default
n1000v(config-pmap-c-qos)# no set qos-group 1
n1000v(config-pmap-c-qos)#

Related Commands

Command
Description

show policy-map

Displays policy maps.


setup

To use the Basic System Configuration Dialog for creating or modifying your system configuration file, use the setup command.

setup

Syntax Description

This command has no arguments or keywords, but the Basic System Configuration Dialog prompts you for complete setup information (see the example below).

Defaults

None

Command Modes

Any

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

The Basic System Configuration Dialog assumes the factory defaults. Keep this in mind when using it to modify an existing configuration.

All changes made to your configuration are summarized for you at the completion of the setup sequence with an option to save the changes or not.

You can exit the setup sequence at any point by pressing Ctrl-C.

Examples

This example shows how to use the setup command to create or modify a basic system configuration:

n1000v# setup


  Enter the domain id<1-4095>: 400

  Enter HA role[standalone/primary/secondary]: standalone

[########################################] 100%


         ---- Basic System Configuration Dialog ----

This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.

*Note: setup is mainly used for configuring the system initially,
when no configuration is present. So setup always assumes system
defaults and not the current system configuration values.

Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
to skip the remaining dialogs.

Would you like to enter the basic configuration dialog (yes/no): y

  Create another login account (yes/no) [n]: n

  Configure read-only SNMP community string (yes/no) [n]: n

  Configure read-write SNMP community string (yes/no) [n]: n

  Enter the switch name : n1000v

  Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]:  

    Mgmt0 IPv4 address : 

  Configure the default gateway? (yes/no) [y]: n

  Configure advanced IP options? (yes/no) [n]: 

  Enable the telnet service? (yes/no) [y]: 

  Enable the ssh service? (yes/no) [n]: 

  Configure the ntp server? (yes/no) [n]: 

  Configure vem feature level? (yes/no) [n]: 

  Configure svs domain parameters? (yes/no) [y]: 

    Enter SVS Control mode (L2 / L3) : l2
    Invalid SVS Control Mode
    Enter SVS Control mode (L2 / L3) : L2
    Enter control vlan <1-3967, 4048-4093> : 400

    Enter packet vlan <1-3967, 4048-4093> : 405

The following configuration will be applied:
  switchname n1000v
  telnet server enable
  no ssh server enable
  svs-domain
    svs mode L2
    control vlan 400
    packet vlan 405
    domain id 400
vlan 400
vlan 405

Would you like to edit the configuration? (yes/no) [n]:  

Use this configuration and save it? (yes/no) [y]: n

n1000v# 

Related Commands

Command
Description

show running-config

Displays the running configuration.


shutdown

To shutdown VLAN switching, use the shutdown command. To turn on VLAN switching, use the no form of this command.

shutdown

no shutdown

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

VLAN configuration (config-vlan)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to shutdown VLAN switching:

n1000v# configure terminal
n1000v(config)# vlan 10
n1000v(config-vlan)# shutdown
n1000v(config-vlan)# 

This example shows how to turn on VLAN switching:

n1000v# configure terminal
n1000v(config)# vlan 10
n1000v(config-vlan)# no shutdown
n1000v(config-vlan)# 

Related Commands

Command
Description

show vlan

Displays VLAN information.


sleep

To set a sleep time, use the sleep command.

sleep time

Syntax Description

time

Sleep time, in seconds. The range of valid values is 0 to 2147483647.


Defaults

Sleep time is not set.

Command Modes

Any

Supported User Roles

network-admin
network-operator

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

When you set time to 0, sleep is disabled.

Examples

This example shows how to set a sleep time:

n1000v# sleep 100
n1000v# 

This example shows how to disable sleep:

n1000v# sleep 0
n1000v# 

ssh

To create a Secure Shell (SSH) session, use the ssh command.

ssh [username@]{ipv4-address | hostname} [vrf vrf-name]

Syntax Description

username

(Optional) Username for the SSH session. The user name is not case sensitive.

ipv4-address

IPv4 address of the remote device.

hostname

Hostname of the remote device. The hostname is case sensitive.

vrf vrf-name

(Optional) Specifies the virtual routing and forwarding (VRF) name to use for the SSH session. The VRF name is case sensitive.


Defaults

Default VRF

Command Modes

Any

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

The NX-OS software supports SSH version 2.

Examples

This example shows how to start an SSH session:

n1000v# ssh 10.10.1.1 vrf management
The authenticity of host '10.10.1.1 (10.10.1.1)' can't be established.
RSA key fingerprint is 9b:d9:09:97:f6:40:76:89:05:15:42:6b:12:48:0f:d6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.10.1.1' (RSA) to the list of known hosts.
User Access Verification
Password:

Related Commands

Command
Description

clear ssh session

Clears SSH sessions.

ssh server enable

Enables the SSH server.


ssh key

To create a Secure Shell (SSH) server key for a virtual device context (VDC), use the ssh key command. To remove the SSH server key, use the no form of this command.

ssh key {dsa [force] | rsa [length [force]]}

no ssh key [dsa | rsa]

Syntax Description

dsa

Specifies the Digital System Algrorithm (DSA) SSH server key.

force

(Optional) Forces the replacement of an SSH key.

rsa

Specifies the Rivest, Shamir, and Adelman (RSA) public-key cryptography SSH server key.

length

(Optional) Number of bits to use when creating the SSH server key. The range is from 768 to 2048.


Defaults

1024-bit length

Command Modes

Global Configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

The NX-OS software supports SSH version 2.

If you want to remove or replace an SSH server key, you must first disable the SSH server using the no ssh server enable command.

Examples

This example shows how to create an SSH server key using DSA:

n1000v# config t
n1000v(config)# ssh key dsa
generating dsa key(1024 bits).....
..
generated dsa key

This example shows how to create an SSH server key using RSA with the default key length:

n1000v# config t
n1000v(config)# ssh key rsa
generating rsa key(1024 bits).....
.
generated rsa key

This example shows how to create an SSH server key using RSA with a specified key length:

n1000v# config t
n1000v(config)# ssh key rsa 768
generating rsa key(768 bits).....
.
generated rsa key

This example shows how to replace an SSH server key using DSA with the force option:

n1000v# config t
n1000v(config)# no ssh server enable
n1000v(config)# ssh key dsa force
deleting old dsa key.....
generating dsa key(1024 bits).....
.
generated dsa key
n1000v(config)# ssh server enable

This example shows how to remove the DSA SSH server key:

n1000v# config t
n1000v(config)# no ssh server enable
XML interface to system may become unavailable since ssh is disabled
n1000v(config)# no ssh key dsa
n1000v(config)# ssh server enable

This example shows how to remove all SSH server keys:

n1000v# config t
n1000v(config)# no ssh server enable
XML interface to system may become unavailable since ssh is disabled
n1000v(config)# no ssh key 
n1000v(config)# ssh server enable

Related Commands

Command
Description

show ssh key

Displays the SSH server key information.

ssh server enable

Enables the SSH server.


ssh server enable

To enable the Secure Shell (SSH) server, use the ssh server enable command. To disable the SSH server, use the no form of this command.

ssh server enable

no ssh server enable

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Global Configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

The NX-OS software supports SSH version 2.

Examples

This example shows how to enable the SSH server:

n1000v# config t
n1000v(config)# ssh server enable

This example shows how to disable the SSH server:

n1000v# config t
n1000v(config)# no ssh server enable
XML interface to system may become unavailable since ssh is disabled

Related Commands

Command
Description

show ssh server

Displays the SSH server key information.


state (VLAN)

To set the operational state of a VLAN, use the state command. To disable state configuration, use the no form of this command.

state {active | suspend}

no state

Syntax Description

active

Specifies the active state.

suspend

Specifies the suspended state.


Defaults

None

Command Modes

VLAN configuration (config-vlan)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to set the operational state of a VLAN:

n1000v# configure terminal
n1000v(config)# vlan 10
n1000v(config-vlan)# state active
n1000v(config-vlan)# 

This example shows how to disable state configuration:

n1000v# configure terminal
n1000v(config)# vlan 10
n1000v(config-vlan)# no state
n1000v(config-vlan)# 

Related Commands

Command
Description

show vlan

Displays VLAN information.


state (Port Profile)

To set the operational state of a port profile, use the state command.

state enabled

Syntax Description

enabled

Enables or disables the port profile.


Defaults

Disabled

Command Modes

Port profile configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to enable or disable the operational state of a port profile:

n1000v# configure terminal
n1000v(config)# port-profile testprofile
n1000v(config-port-prof)# state enabled
n1000v(config-port-prof)# 

Related Commands

Command
Description

show port-profile

Displays port profile information.


statistics per-entry

To collect statistics for each ACL entry, use the statistics per-entry command. To remove statistics, use the no form of this command.

statistics per-entry

no statistics per-entry

Syntax Description

This command has no arguments or keywords.

Defaults

No statistics are collected.

Command Modes

ACL configuration (config-acl)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to collect statistics for each ACL entry:

n1000v# configure terminal
n1000v(config)# ip access-list 1
n1000v(config-acl)# statistics per-entry
n1000v(config-acl)# 

This example shows how to remove statistics:

n1000v# configure terminal
n1000v(config)# ip access-list 1
n1000v(config-acl)# no statistics per-entry
n1000v(config-acl)# 

Related Commands

Command
Description

show statistics

Displays statistics.


svs connection

To enable an SVS connection, use the svs connection command. To disable an SVS connection, use the no form of this command.

svs connection name

no svs connection name

Syntax Description

name

Connection name.


Defaults

None

Command Modes

Global Configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

Only one SVS connection can be enabled per session.

Examples

This example shows how to enable an SVS connection:

n1000v# configure terminal
n1000v(config)# svs connection conn1
n1000v(config-svs-conn)# 

This example shows how to disable an SVS connection:

n1000v# configure terminal
n1000v(config)# no svs connection conn1
n1000v(config)# 

Related Commands

Command
Description

show svs

Displays SVS information.


svs-domain

To configure an SVS domain and enter SVS domain configuration mode, use the svs-domain command.

svs-domain

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global Configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

Examples

This example shows how to enter SVS domain configuration mode to configure an SVS domain:

n1000v# configure terminal
n1000v(config)# svs-domain
n1000v(config-svs-domain)# 

Related Commands

Command
Description

show svs

Displays SVS information.


svs license transfer src-vem

To transfer licenses from a specified source VEM to another VEM, or to transfer an unused license to the VSM license pool, use the svs license transfer src-vem command.

svs license transfer src-vem module number [ dst-vem module number | license_pool ]

Syntax Description

dst-vem module-number

Specifies the VEM to receive the transferred license.

license_pool

Transfers a license back to the VSM license pool.


Defaults

None

Command Modes

Global Configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

Licenses cannot be transferred to a VEM unless there are sufficient licenses in the pool for all CPUs on that VEM.

When licenses are successfully transferred from one VEM to another, then the following happens:

The virtual Ethernet interfaces on the source VEM are removed from service.

The virtual Ethernet interfaces on the destination VEM are brought into service.

When licenses are successfully transferred from a VEM to the VSM license pool, then the following happens:

The virtual Ethernet interfaces on the source VEM are removed from service.

Examples

This example shows how to transfer a license from VEM 3 to VEM 5, and then display the license configuration:

n1000v# config t

n1000v(config)# svs license transfer src-vem 3 dst-vem 5
n1000v(config)# show license usage NEXUS1000V_LAN_SERVICES_PKG
Application
-----------
VEM 5 - Socket 1
VEM 5 - Socket 2
VEM 4 - Socket 1
VEM 4 - Socket 2
-----------

n1000v#

This example shows how to transfer a license from VEM 3 to the VSM license pool, and then display the license configuration:

n1000v# config t

n1000v(config)# svs license transfer src-vem 3 license_pool

n1000v(config)# show license usage NEXUS1000V_LAN_SERVICES_PKG
Application
-----------
VEM 4 - Socket 1
VEM 4 - Socket 2
-----------

n1000v#

Related Commands

Command
Description

show license usage

Displays the number and location of CPU licenses in use on your VEMs.

logging level license

Designates the level of severity at which license messages should be logged.

install license

Installs a license file(s) on a VSM

svs license transfer src-vem

Transfers licenses from a source VEM to another VEM, or to the VSM pool of available licenses.


svs license volatile

To enable volatile licenses so that, whenever a VEM is taken out of service, its licenses are returned to the VSM pool of available licenses, use the svs license volatile command. To disable volatile licenses, use the no form of this command.

svs license volatile

no svs license volatile

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Global Configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines


Caution Service Disruption
Volatile licenses are removed from a VEM during a loss in connectivity and are not returned to the VEM when connectivity resumes. Cisco recommends that the volatile license feature remain disabled and that you, instead, transfer unused licenses using the svs license transfer src-vem command.

Examples

This example shows how to enable the volatile license feature for a VSM:

n1000v(config)# svs license volatile

n1000v(config)#


This example shows how to disable the volatile license feature for a VSM:

n1000v(config)# no svs license volatile

Related Commands

Command
Description

show license

Displays the license configuration for the VSM.

logging level license

Designates the level of severity at which license messages should be logged.

install license

Installs a license file(s) on a VSM

svs license transfer src-vem

Transfers licenses from a source VEM to another VEM, or to the VSM pool of available licenses.


switchname

To configure the hostname for the device, use the switchname command. To revert to the default, use the no form of this command.

switchname name

no switchname

Syntax Description

name

Name for the device. The name is alphanumeric, case sensitive, can contain special characters, and can have a maximum of 32 characters.


Defaults

switch

Command Modes

Global Configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

The Cisco NX-OS software uses the hostname in command-line interface (CLI) prompts and in default configuration filenames.

The switchname command performs the same function as the hostname command.

Examples

This example shows how to configure the device hostname:

n1000v# configure terminal
n1000v(config)# switchname Engineering2
Engineering2(config)#

This example shows how to revert to the default device hostname:

Engineering2# configure terminal
Engineering2(config)# no switchname 
n1000v(config)#

Related Commands

Command
Description

hostname

Configures the device hostname.

show switchname

Displays the device hostname.


switchport access vlan

To set the access mode of an interface, use the switchport access vlan command. To remove access mode configuration, use the no form of this command.

switchport access vlan id

no switchport access vlan

Syntax Description

id

VLAN identification number. The range of valid values is 1 to 3967.


Defaults

Access mode is not set.

Command Modes

Interface Configuration (config-if)
Port Profile Configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to set the access mode of an interface:

n1000v# configure terminal
n1000v(config)# interface vethernet 1
n1000v(config-if)# switchport access vlan 10
n1000v(config-if)# 

This example shows how to remove access mode configuration:

n1000v# configure terminal
n1000v(config)# interface vethernet 1
n1000v(config-if)# no switchport access vlan
n1000v(config-if)# 

Related Commands

Command
Description

show interface

Displays interface information.


switchport mode

To set the port mode of an interface, use the switchport mode command. To remove the port mode configuration, use the no form of this command.

switchport mode {access | private-vlan {host | promiscuous} | trunk}

no switchport mode {access | private-vlan {host | promiscuous} | trunk}

Syntax Description

access

Sets port mode access.

private-vlan

Sets the port mode to private VLAN.

host

Sets the port mode private VLAN to host.

promiscuous

Sets the port mode private VLAN to promiscuous.

trunk

Sets the port mode to trunk.


Defaults

Switchport mode is not set.

Command Modes

Interface Configuration (config-if)
Port Profile Configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to set the port mode of an interfn1000vace:

n1000v# configure terminal
n1000v(config)# interface vethernet 1
n1000v(config-if)# switchport mode private-vlan host
n1000v(config-if)# 

This example shows how to remove mode configuration:

n1000v# configure terminal
n1000v(config)# interface vethernet 1
n1000v(config-if)# no switchport mode private-vlan host
n1000v(config-if)# 

Related Commands

Command
Description

show interface

Displays interface information.


switchport port-security

To set the port security characteristics of an interface, use the switchport port-security command. To remove the port security configuration, use the no form of this command.

switchport port-security [aging {time time | type {absolute | inactivity}} | mac-address {address [vlan id] |sticky} | maximum number [vlan id] | violation {protect | shutdown}]

no switchport port-security [aging {time time | type {absolute | inactivity}} | mac-address {address [vlan id] |sticky} | maximum number [vlan id] | violation {protect | shutdown}]}

Syntax Description

aging

Configures port security aging characteristics.

time

Specifies the port security aging time.

time

Aging time in minutes, in the range of 0 to 1440.

type

Specifies the type of timers.

absolute

Specifies an absolute timer.

inactivity

Specifies an inactivity timer.

mac-address address

Specifies a 48-bit MAC address in the format HHHH.HHHH.HHHH.

vlan

Specifies the VLAN where the MAC address should be secured.

id

VLAN identification number. The range of valid values is 1 to 4094.

sticky

Specifies a sticky MAC address.

maximum number

Specifies the maximum number of addresses, in the range of 1 to 1025.

violation

Specifies the security violation mode.

protect

Specifies the security violation protect mode.

shutdown

Specifies the security violation shutdown mode.


Defaults

None

Command Modes

Interface Configuration (config-if)
Port Profile Configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to set the port security aging inactivity timer:

n1000v# configure terminal
n1000v(config)# interface vethernet 1
n1000v(config-if)# switchport port-security aging type inactivity
n1000v(config-if)# 

This example shows how to remove the port security aging inactivity timer:

n1000v# configure terminal
n1000v(config)# interface vethernet 1
n1000v(config-if)# no switchport port-security aging type inactivity
n1000v(config-if)# 

Related Commands

Command
Description

show interface

Displays interface information.

show port-security

Displays port security information.


switchport private-vlan host-association

To define a private VLAN association for an isolated or community port, use the switchport private-vlan host-association command. To remove the private VLAN association from the port, use the no form of this command.

switchport private-vlan host-association {primary-vlan-id} {secondary-vlan-id}

no switchport private-vlan host-association

Syntax Description

primary-vlan-id

Number of the primary VLAN of the private VLAN relationship.

secondary-vlan-id

Number of the secondary VLAN of the private VLAN relationship.


Defaults

None

Command Modes

Interface Configuration (config-if)
Port Profile Configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

There is no run-time effect on the port unless it is in private VLAN-host mode. If the port is in private VLAN-host mode but neither of the VLANs exist, the command is allowed but the port is made inactive. The port also may be inactive when the association between the private VLANs is suspended.

The secondary VLAN may be an isolated or community VLAN.

Examples

This example shows how to configure a host private VLAN port with a primary VLAN (VLAN 18) and a secondary VLAN (VLAN 20):

n1000v(config-if)# switchport private-vlan host-association 18 20
n1000v(config-if)# 

This example shows how to remove the private VLAN association from the port:

n1000v(config-if)# no switchport private-vlan host-association
n1000v(config-if)# 

Related Commands

Command
Description

show vlan private-vlan [type]

Displays information on private VLANs.


switchport private-vlan mapping

To define the private VLAN association for a promiscuous port, use the switchport private-vlan mapping command. To clear all mapping from the primary VLAN, use the no form of this command.

switchport private-vlan mapping {primary-vlan-id} {[add] secondary-vlan-list | remove secondary-vlan-list}

no switchport private-vlan mapping

Syntax Description

primary-vlan-id

Number of the primary VLAN of the private VLAN relationship.

add

Associates the secondary VLANs to the primary VLAN.

secondary-vlan-list

Number of the secondary VLAN of the private VLAN relationship.

remove

Clears the association between the secondary VLANs and the primary VLAN.


Defaults

None

Command Modes

Interface Configuration (config-if)
Port Profile Configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

There is no run-time effect on the port unless it is in private VLAN-promiscuous mode. If the port is in private VLAN-promiscuous mode but the primary VLAN does not exist, the command is allowed but the port is made inactive.

The secondary VLAN may be an isolated or community VLAN.

Examples

This example shows how to configure the associate primary VLAN 18 to secondary isolated VLAN 20 on a private VLAN promiscuous port:

n1000v(config-if)# switchport private-vlan mapping 18 20
n1000v(config-if)# 

This example shows how to add a VLAN to the association on the promiscuous port:

n1000v(config-if)# switchport private-vlan mapping 18 add 21
n1000v(config-if)# 

This example shows how to remove the all private VLAN association from the port:

n1000v(config-if)# no switchport private-vlan mapping

n1000v(config-if)#

Related Commands

Command
Description

show interface switchport

Displays information on all interfaces configured as switchports.

show interface private-vlan mapping

Displays the information about the private VLAN mapping for VLAN interfaces, or SVIs.


switchport private-vlan mapping trunk

To designate the primary private VLAN, use the switchport private-vlan trunk mapping trunk command. To remove the primary private VLAN, use the no form of this command.

switchport private-vlan trunk native vlan id

no switchport private-vlan trunk native vlan

Syntax Description

id

VLAN identification number. The range of valid values is 1 to 3967.


Defaults

None

Command Modes

Interface Configuration (config-if)
Port Profile Configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

When you use this command, you must either add a secondary VLAN, or remove a VLAN.

Examples

This example shows how to designate the primary private VLAN:

n1000v# configure terminal
n1000v(config)# interface vethernet 1
n1000v(config-if)# n1000v(config-if)# switchport private-vlan mapping trunk 10 add 11
n1000v(config-if)# 

This example shows how to remove the primary private VLAN:

n1000v# configure terminal
n1000v(config)# interface vethernet 1
n1000v(config-if)# n1000v(config-if)# no switchport private-vlan mapping trunk 10
n1000v(config-if)# 

Related Commands

Command
Description

show vlan

Displays VLAN information.


switchport trunk allowed vlan

To set the list of allowed VLANs on the trunking interface, use the switchport trunk allowed vlan command. To allow all VLANs on the trunking interface, use the no form of this command.

switchport trunk allowed vlan {vlan-list | all | none | [add | except | remove {vlan-list}]}

no switchport trunk allowed vlan

Syntax Description

vlan-list

Allowed VLANs that transmit through this interface in tagged format when in trunking mode; the range of valid values is from 1 to 4094.

all

Allows all appropriate VLANs to transmit through this interface in tagged format when in trunking mode.

none

Blocks all VLANs transmitting through this interface in tagged format when in trunking mode.

add

(Optional) Adds the defined list of VLANs to those currently set instead of replacing the list.

except

(Optional) Allows all VLANs to transmit through this interface in tagged format when in trunking mode except the specified values.

remove

(Optional) Removes the defined list of VLANs from those currently set instead of replacing the list.


Defaults

All VLANs

Command Modes

Interface Configuration (config-if)
Port Profile Configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

You must enter the switchport command without any keywords to configure the LAN interface as a Layer 2 interface before you can enter the switchport trunk allowed vlan command. This action is required only if you have not entered the switchport command for the interface.

If you remove VLAN 1 from a trunk, the trunk interface continues to send and receive management traffic in VLAN 1.

Examples

This example shows how to add a series of consecutive VLANs to the list of allowed VLANs on a trunking port:

n1000v(config-if)# switchport trunk allowed vlan add 40-50
n1000v(config-if)#

Related Commands

Command
Description

show interface switchport

Displays the administrative and operational status of a switching (nonrouting) port.


switchport trunk native vlan

To configure trunking parameters on an interface, use the switchport trunk native vlan command. To remove the configuration, use the no form of this command.

switchport trunk native vlan id

no switchport trunk native vlan

Syntax Description

id

VLAN identification number. The range of valid values is 1 to 3967.


Defaults

None

Command Modes

Interface Configuration (config-if)
Port Profile Configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to configure trunking parameters on an interface:

n1000v# configure terminal
n1000v(config)# interface vethernet 10
n1000v(config-if)# switchport trunk native vlan 20
n1000v(config-if)# 

Related Commands

Command
Description

show vlan

Displays VLAN information.


system redundancy role

To configure a redundancy role for the VSM, use the system redundancy role command. To revert to the default setting, use the no form of the command.

system redundancy role {primary | secondary | standalone}

no system redundancy role {primary | secondary | standalone}

Syntax Description

primary

Specifies the primary redundant VSM.

secondary

Specifies the secondary redundant VSM.

standalone

Specifies no redundant VSM.


Command Default

None

Command Modes

EXEC

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

Examples

This example shows how to configure no redundant VSM:

n1000v# system redundancy role standalone
n1000v# 

Related Commands

Command
Description

show system redundancy

Displays the system redundancy status.


system switchover

To switch over to the standby supervisor, use the system switchover command.

system switchover

Syntax Description

This command has no arguments or keywords.

Command Default

None

Command Modes

EXEC

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

Examples

This example shows how to switch over to the standby supervisor:

n1000v# system switchover
n1000v# 

Related Commands

Command
Description

show system redundancy

Displays the system redundancy status.