Cisco Nexus 1000V Command Reference, Release 4.2(1)SV1(4)
M Commands
Download this chapter
M CommandsM Commands
Download the complete book
Cisco Nexus 1000V Command Reference, Release 4.2(1) SV1(4)Cisco Nexus 1000V Command Reference, Release 4.2(1) SV1(4) (PDF - 4 MB)
 Feedback

Table Of Contents

M Commands

mac access-list

mac address-table aging-time

mac address-table static

mac port access-group

match (ACL)

match ip (NetFlow)

match ipv4 (NetFlow)

match protocol

match transport (NetFlow)

max-ports

max-ports (SVS connection)

media

mkdir

module vem

monitor session

move

mtu (Interface)

mtu (ERSPAN)


M Commands

This chapter describes the Cisco Nexus 1000V commands that begin with the letter M.

mac access-list

To create a MAC ACL, use the mac access-list command. To remove the MAC ACL, use the no form of this command.

mac access-list name

no mac access-list name

Syntax Description

name

List name. The range of valid values is 1 to 64.


Defaults

The MAC ACL does not exist.

Command Modes

Global configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to create a MAC ACL: 

n1000v# configure terminal

n1000v(config)# mac access-list aL1

n1000v(config)#

Related Commands

Command
Description

show access-list

Displays access list information.


mac address-table aging-time

To configure the aging time for entries in the Layer 2 table, use the mac address-table aging-time command. To return to the default settings, use the no form of this command.

mac address-table aging-time seconds [vlan vlan-id]

no mac address-table aging-time [vlan vlan-id]

Syntax Description

seconds

Aging time for MAC table entries for Layer 2. The range is from 120 to 918000 seconds. The default is 1800 seconds. Entering 0 disables the aging time.

vlan vlan-id

(Optional) Specifies the VLAN to apply the changed aging time.


Defaults

1800 seconds

Command Modes

Global configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

Enter 0 seconds to disable the aging process.

The age value may be rounded off to the nearest multiple of 5 seconds. If the system rounds the value to a different value from that specified by the user (from the rounding process), the system returns an informational message.

When you use this command in the global configuration mode, the age values of all VLANs for which a configuration has not been specified are modified and those VLANs with specifically modified aging times are not modified. When you use the no form of this command without the VLAN parameter, only those VLANs that have not been specifically configured for the aging time reset to the default value. Those VLANs with specifically modified aging times are not modified.

When you use this command and specify a VLAN, the aging time for only the specified VLAN is modified. When you use the no form of this command and specify a VLAN, the aging time for the VLAN is returned to the current global configuration for the aging time, which may or may not be the default value of 300 seconds depending if the global configuration of the device for aging time has been changed.

Aging time is counted from the last time that the switch detected the MAC address.

Examples

This example shows how to change the length of time an entry remains in the MAC address table to 500 seconds for the entire device: 

n1000v(config)# mac address-table aging-time 500

n1000v(config)#

Related Commands

Command
Description

show mac address-table

Displays information about the MAC address table.

clear mac address-table aging-time

Displays information about the MAC address aging time.


mac address-table static

To add a static entry to the Layer 2 MAC address table, use the mac address-table static command. To delete the static entry, use the no form of this command.

mac address-table static mac-address vlan vlan-id {interface {interface-name}+ | drop} [auto-learn]

no mac address-table static mac-address vlan vlan-id

Syntax Description

mac-address

Specifies a static MAC address to add to the table in one of the following formats.

X.X.X

XX-XX-XX-XX-XX-XX

XX:XX:XX:XX:XX:XX

XXXX.XXXX.XXXX

vlan vlan-id

Specifies a VLAN (from 1 to 4094) for the static MAC address.

interface interface-name

(Optional) Specifies one of the following interfaces for the static MAC address:

ethernet slot/port

veth number

drop

Indicates that all traffic destined for the specified MAC address and VLAN should be dropped.

auto-learn

(Optional) Allow moving this MAC address.


Defaults

None

Command Modes

Global configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.2(1)SV1(4)

This command was modified to remove the port channel option.

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

You cannot apply the mac address-table static mac-address vlan vlan-id drop command to a multicast MAC address.

The output interface specified cannot be a VLAN interface or a Switched Virtual Interface (SVI).

Use the no form to remove entries that are profiled by the combination of specified entry information.

Examples

This example shows how to add a static entry to the MAC address table: 

n1000v# confi t

n1000v(config)# mac address-table static 0050.3e8d.6400 vlan 3 interface ethernet 2/1

n1000v(config)#

Related Commands

Command
Description

show mac address-table

Displays information about the MAC address table.


mac port access-group

To enable access control for port groups, use the mac port access-group command. To disable access control for port groups, use the no form of this command.

mac port access-group name {in | out}

no mac port access-group name {in | out}

Syntax Description

name

Group name. The range of valid values is 1 to 64.

in

Specifies inbound traffic.

out

Specifies outbound traffic.


Defaults

Access control for packets is not specified.

Command Modes

Port profile configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to enable access control for port groups: 

n1000v# configure terminal

n1000v(config)# port-profile 1

n1000v(config-port-prof)# mac port access-group groupOne in

n1000v(config-port-prof)#

Related Commands

Command
Description

show mac

Displays MAC information.


match (ACL)

To define ACL matching criteria, use the match command. To remove matching criteria, use the no form of this command.

match {{access-group name name} | {[not] cos cos-list} | {[not] dscp {dscp-list | dscp-enum}+} | {[not] precedence {precedence-list | prec-enum}+} | {[not] discard-class discard-class-list} | {[not] qos-group qos-group-list} | {[not] class-map cmap-name} | {[not] packet length len-list} | {[not] ip rtp port-list}}

no match {{access-group name acl-name} | {[not] cos cos-list} | {[not] dscp {dscp-list | dscp-enum}+} | {[not] precedence {precedence-list | prec-enum}+} | {[not] discard-class discard-class-list} | {[not] qos-group qos-group-list} | {[not] class-map cmap-name} | {[not] packet length len-list} | {[not] ip rtp port-list}}

Syntax Description

access-group

Specifies the access group.

name

Specifies the ACL name.

name

ACL name. The range of valid values is 1 to 64.

not

(Optional) Negates the match result.

cos

IEEE 802.1Q CoS (Class of Service).

cos-list

List of CoS values. The range of valid values is 0 to 7.

dscp

DSCP in IP(v4) and IPv6 packets.

dscp-list

List of DSCP values.

dscp-enum

.

precedence

Precedence in IP(v4) and IPv6 packets.

precedence-list

List of precedence values.

prec-enum

.

discard-class discard-class-list

Discard class + List of discard-class values.

qos-group qos-group-list

Qos-group + List of qos-group values.

class-map cmap-name

Class map + Match class-map name.

packet

Packet.

length

Length of IP datagram.

len-list

list of IP packet length.

ip

IP.

rtp

Real Time Protocol.

port-list

UDP port list that are using RTP.


Defaults

None

Command Modes

Class map configuration (config-cmap-qos

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to configure a class-map match criteria: 

n1000v(config)# class-map cl_map1

n1000v(config-cmap-qos)# match access-group name ac_gr1

n1000v(config-cmap-qos)#

This example shows how to remove the class-map match criteria: 

n1000v(config)# class-map cl_map1

n1000v(config-cmap-qos)# no match access-group name ac_gr1

n1000v(config-cmap-qos)#

Related Commands

Command
Description

show class map

Displays class map information.


match ip (NetFlow)

To define IP matching criteria for a NetFlow flow record, use the match ip command. To remove the matching criteria, use the no form of this command.

match ip {protocol | tos}

no match ip {protocol | tos}

Syntax Description

protocol

Protocol.

tos

Type of service.


Defaults

None

Command Modes

Flow record configuration (config-flow-record)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to configure IP matching criteria for a NetFlow flow record and then display the result: 

n1000v# config t

n1000v(config)# flow record RecordTest

n1000v(config-flow-record)# match ip protocol

n1000v(config-flow-record)# show flow record 

Flow record RecordTest:

    No. of users: 0

    Template ID: 0

    Fields:

        match ip protocol

        match interface input

        match interface output

        match flow direction

doc-n1000v(config-flow-record)#

This example shows how to remove the IP matching criteria for a NetFlow flow record a and then display the result: 

n1000v# config t

n1000v(config)# flow record RecordTest

n1000v(config-flow-record)# no match ip protocol

n1000v(config-flow-record)# show flow record

Flow record RecordTest:

    No. of users: 0

    Template ID: 0

    Fields:

        match interface input

        match interface output

        match flow direction

doc-n1000v(config-flow-record)#

Related Commands

Command
Description

show flow record [name]

Displays a NetFlow flow record configuration.

match ipv4

Defines IPv4 matching criteria for a NetFlow flow record.

match transport

Defines transport matching criteria for a NetFlow flow record.


match ipv4 (NetFlow)

To define IPv4 matching criteria for a NetFlow flow record, use the match ipv4 command. To remove the matching criteria, use the no form of this command.

match ipv4 {source | destination} address

no match ipv4 {source | destination} address

Syntax Description

source

Source Address.

destination

Destination Address.

address

Address.


Defaults

None

Command Modes

Flow record configuration (config-flow-record)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to configure IPv4 matching criteria for a NetFlow flow record and then display the result: 

n1000v# config t

n1000v(config)# flow record RecordTest

n1000v(config-flow-record)# match ipv4 destination address

n1000v(config-flow-record)# show flow record 

Flow record RecordTest:

    Description: Ipv4flow

    No. of users: 0

    Template ID: 0

    Fields:

        match ipv4 destination address

        match interface input

        match interface output

        match flow direction

        collect counter packets

n1000v(config-flow-record)#

This example shows how to remove the IPv4 matching criteria for a NetFlow flow record a and then display the result: 

n1000v# config t

n1000v(config)# flow record RecordTest

n1000v(config-flow-record)# no match ipv4 destination address

n1000v(config-flow-record)# show flow record

Flow record RecordTest:

    No. of users: 0

    Template ID: 0

    Fields:

        match interface input

        match interface output

        match flow direction

doc-n1000v(config-flow-record)#

Related Commands

Command
Description

show flow record [name]

Displays a NetFlow flow record configuration.

match ip

Defines IP matching criteria for a NetFlow flow record.

match transport

Defines transport matching criteria for a NetFlow flow record.


match protocol

To configure match criteria based on protocol, use the match protocol command.

match protocol proto

no match protocol proto

Syntax Description

proto

Acceptable protocol values:

n1k_control

n1k_mgmt

n1k_packet

vmw_ft

vmw_iscsi

vmw_mgmt

vmw_nfs

vmw_vmotion


Command Default

No match protocol is set by default.

Command Modes

Class map configuration (config-cmap-que)

Supported User Roles

network admin

Command History

Release
Modification

4.2(1)SV1(4)

This command was introduced.


Usage Guidelines

The match protocol command configures a match criteria based on the specified protocol.

Examples

This example show how to set the protocol to a value of vmw_motion. 

n1000v(config-cmap-que)# match protocol vmw_motion

Related Commands

Command
Description
   

match transport (NetFlow)

To define transport matching criteria for a NetFlow flow record, use the match transport command. To remove the matching criteria, use the no form of this command.

match transport {destination-port | source-port}

no match transport {destination-port | source-port}

Syntax Description

destination-port

Transport destination port.

source-port

Transport source port.


Defaults

None

Command Modes

Flow Record configuration (config-flow-record)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to configure transport matching criteria for a NetFlow flow record and then display the result: 

n1000v# config t

n1000v(config)# flow record RecordTest

n1000v(config-flow-record)# match transport destination-port

n1000v(config-flow-record)# show flow record 

Flow record RecordTest:

    Description: Ipv4flow

    No. of users: 0

    Template ID: 0

    Fields:

        match ipv4 destination-port

        match interface input

        match interface output

        match flow direction

        collect counter packets

n1000v(config-flow-record)#

This example shows how to remove the transport matching criteria for a NetFlow flow record a and then display the result: 

n1000v# config t

n1000v(config)# flow record RecordTest

n1000v(config-flow-record)# no match transport destination-port

n1000v(config-flow-record)# show flow record

Flow record RecordTest:

    No. of users: 0

    Template ID: 0

    Fields:

        match interface input

        match interface output

        match flow direction

doc-n1000v(config-flow-record)#

Related Commands

Command
Description

show flow record [name]

Displays a NetFlow flow record configuration.

match ip

Defines IP matching criteria for a NetFlow flow record.

match ipv4

Defines IPv4 matching criteria for a NetFlow flow record.


max-ports

To specify the maximum number of ports for a port profile, use the max-ports command. To remove the maximum ports configuration, use the no form of this command.

max-ports number

no max-ports number

Syntax Description

number

Specifies the maximum number of ports (1 to 1024) for a port profile.


Defaults

32 ports

Command Modes

Port profile configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.2(1)SV1(4)

This command was changed from vmware max-ports to max-ports.

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

Examples

This example shows how to set the maximum number of ports in the testprofile port profile: 

n1000v# configure terminal

n1000v(config)# port-profile testprofile

n1000v(config-port-prof)# max-ports 100

n1000v(config-port-prof)#

This example shows how to remove the maximum ports configuration from the testprofile port profile: 

n1000v# configure terminal

n1000v(config)# port-profile testprofile

n1000v(config-port-prof)# no max-ports 100

n1000v(config-port-prof)#

Related Commands

Command
Description

show port-profile name

Displays configuration information about a particular port-profile.

port-profile

Creates a port profile.


max-ports (SVS connection)

To specify the maximum number of ports to be reserved for Cisco Nexus 1000V on the vCenter Server, use the max-ports command. To remove the maximum port configuration, use the no form of this command.

max-ports num_max_ports

no max-ports num_max_ports

Syntax Description

num_max_ports

Specifies the maximum number of ports (1 to 50000) for this connection.


Defaults

8192 ports.

Command Modes

SVS connection configuration (config-svs-conn)

Supported User Roles

network-admin

Command History

Release
Modification

4.2(1)SV1(4a)

This command was introduced.


Usage Guidelines

Examples

This example shows how to set the maximum number of ports: 

n1000v# configure terminal

n1000v(config)# svs connection vc

n1000v(config-svs-conn)# max-ports 1000

n1000v(config-svs-conn)#

This example shows how to remove the maximum number of ports: 

n1000v# configure terminal

n1000v(config)# svs connection vc

n1000v(config-svs-conn)# no max-ports 1000

n1000v(config-svs-conn)#

Related Commands

Command
Description

show svs

Displays SVS information.

svs connection

Places you into connection configuration mode for adding this connection between Cisco Nexus 1000V and the vCenter Server.


media

To specify the media type of a VLAN as Ethernet, use the media command. To remove the type, use the no form of this command.

media ethernet

no media

Syntax Description

ethernet

Specifies Ethernet media type.


Defaults

None

Command Modes

VLAN configuration (config-vlan)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to configure media type: 

n1000v# configure terminal

n1000v(config)# media ethernet

n1000v(config)#

Related Commands

Command
Description

show vlan

Displays VLAN information.


mkdir

To create a new directory, use the mkdir command.

mkdir {bootflash: | debug: | volatile:}

Syntax Description

bootflash:

Specifies bootflash as the directory name.

debug:

Specifies debug as the directory name.

volatile:

Specifies volatile as the directory name.


Defaults

None

Command Modes

Any

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to create the bootflash: directory: 

n1000v# mkdir bootflash:

Related Commands

Command
Description

cd

Changes the current working directory.

dir

Displays the directory contents.

pwd

Displays the name of the current working directory.


module vem

To enter commands on the VEM remotely from the Cisco Nexus 1000V, use the module vem command.

module vem module-number execute line [line]

Syntax Description

module-number

Specifies the module number. The range is 3 to 66.

execute

Specifies the command to execute on the VEM.

line

(Optional) The syntax of the command to be sent to the VEM.


Defaults

None

Command Modes

EXEC

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to display the VEM port profile configuration remotely from the Cisco Nexus 1000V: 

n1000v# module vem 3 execute vemcmd show port-profile

This example shows how to display the VEM VSD configuration remotely from the Cisco Nexus 1000V: 

n1000v# module vem 3 execute vemcmd show vsd

 ID  Def_Act ILTL  OLTL  NMLTL  State    Member LTLs

  1   DROP    48    49     4     ENA    54,52,55,53

  2   FRWD    50    51     0     ENA

vsim-cp# module vem 3 execute vemcmd show vsd ports

  LTL   IfIndex    VSD_ID     VSD_PORT_TYPE

   48   1b020000     1          INSIDE

   49   1b020010     1          OUTSIDE

   50   1b020020     2          INSIDE

   51   1b020030     2          OUTSIDE

   52   1b020040     1          REGULAR

   53   1b020050     1          REGULAR

   54   1b020060     1          REGULAR

   55   1b020070     1          REGULAR

n1000v#

Related Commands

Command
Description

show module vem

Displays Virtual Ethernet Module information.


monitor session

To enter the monitor configuration mode for configuring an Ethernet switch port analyzer (SPAN) session for analyzing traffic between ports, use the monitor session command.

To disable monitoring a SPAN session(s), use the no form of this command.

monitor session {session-number [shut | type erspan-source] | all shut}

no monitor session {session-number [shut | type erspan-source] | all shut}

Syntax Description

session-number

Specifies the session number for monitoring a switched port. SPAN sessions are numbered from 1 to 64.

shut

(Optional) Shuts the selected session.

type

(Optional) Specifies a session type.

erspan-source

(Optional) Creates an erspan source session

all

Specify all sessions for monitoring a switched port.


Defaults

None

Command Modes

Global configuration (config)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Examples

This example shows how to enter the monitor configuration mode for configuring SPAN session number 2 for analyzing traffic between ports: 

n1000v# configuration t

n1000v(config)# monitor session 2 

n1000v(config-monitor)#

This example shows how to remove the configuration for SPAN session 2 for analyzing traffic between ports: 

n1000v# configuration t

n1000v(config)# no monitor session 2 

n1000v(config)#

Related Commands

Command
Description

show monitor

Displays Ethernet SPAN information.


move

To move a file from one directory to another, use the move command.

move [filesystem:[//module/][directory/] | directory/]source-filename {{filesystem:[//module/][directory/] | directory/}[destination-filename] | target-filename}

Syntax Description

filesystem:

(Optional) Name of a file system. The name is case sensitive.

//module/

(Optional) Identifier for a supervisor module. Valid values are sup-active, sup-local, sup-remote, or sup-standby. The identifiers are case sensitive.

directory/

(Optional) Name of a directory. The name is case sensitive.

source-filename

Name of the file to move. The name is case sensitive.

destination-filename

(Optional) Name of the destination file. The name is alphanumeric, case sensitive, and has a maximum of 64 characters.


Defaults

The default name for the destination file is the same as the source filename.

Command Modes

Any

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4)SV1(1)

This command was introduced.


Usage Guidelines

You can make a copy of a file by using the copy command.

Tip You can rename a file by moving it within the same directory.

Examples

This example shows how to move a file to another directory: 

n1000v# move file1 my_files:file2

This example shows how to move a file to another file system: 

n1000v# move file1 slot0:

This example shows how to move a file to another supervisor module: 

n1000v# move file1 bootflash://sup-remote/file1.bak

Related Commands

Command
Description

cd

Changes the current working directory.

copy

Makes a copy of a file.

dir

Displays the directory contents.

pwd

Displays the name of the current working directory.


mtu (Interface)

To set the maximum size of a transmission unit (MTU) for an interface, use the mtu command. To remove the configuration from the interface, use the no form of this command.

mtu size

no mtu size

Syntax Description

size

Specifies the maximum allowable MTU. The range is 1500 to 9000 bytes.


Defaults

1500 Bytes

Command Modes

Interface configuration (config-if)

Port profile configuration (config-port-prof)

Supported User Roles

network-admin

Command History

Release
Modification

4.2(1) SV1(4)

This command was added to port profile configuration.

4.0(4) SV1(1)

This command was introduced.


Usage Guidelines

The mtu value must be less than that configured for system jumbomtu.

When configuring port profiles, MTU is only applied in Ethernet type port profiles that are system uplink port profiles.

When you configure the MTU in a system port profile, it causes any interface inheriting the port profile to flap. If the system port profile includes the control VLAN, then the module, itself, flaps.

Examples

This example shows how to set the size of the port channel interface MTU to 2000: 

n1000v# configure terminal

n1000v(config)# interface port-channel 2

n1000v(config-if)# mtu 2000

This example shows how to set the size of the MTU to 2000 in a port profile: 

n1000v# configure terminal

n1000v(config)# port-profile AccessProf

n1000v(config-port-prof)# mtu 2000

Related Commands

Command
Description

show port-profile

Displays port profile information.

port-profile

Creates a port profile and enters port profile configuration mode.

show interface ethernet

Displays Ethernet interface information.

show interface port-channel

Displays port-channel interface information.

show running-config

Displays the current operating configuration, which includes the system jumbo MTU size.

interface

Creates an interface and enters interface configuration mode.

mtu (ERSPAN)

To set the maximum size of a transmission unit for ERSPANed packets in a monitor session, use the mtu command.

mtu mtu_value

Syntax Description

mtu_value

Specifies the maximum allowable MTU (50 - 1500 bytes) for ERSPANed packets in a monitor session. Packets larger than the allowable size are truncated.


Defaults

1500 bytes

Command Modes

ERSPAN configuration (config-erspan-src)

Supported User Roles

network-admin

Command History

Release
Modification

4.0(4) SV1(1)

This command was introduced.


Usage Guidelines

ERSPANed packets larger than the specified allowable size for the monitor session are truncated.

Examples

This example shows how to configure an MTU of 1000 bytes for ERSPANed packets
in monitor session 2: 

n1000v# configure terminal

n1000v(config)# monitor session 2 type erspan-source

n1000v(config-erspan-source)# mtu 1000

Related Commands

Command
Description

show monitor session

Displays the ERSPAN session configuration.

monitor session

Creates an ERSPAN monitor session.