Feedback
Table Of Contents
show controllers cpu-interface
show controllers ethernet-controller
show ip igmp snooping multicast
show mac-address-table address
show mac-address-table aging-time
show mac-address-table dynamic
show mac-address-table interface
show mac-address-table multicast
show mac-address-table notification
show mls qos aggregate-policer
spanning-tree extend system-id
spanning-tree loopguard default
spanning-tree portfast (global configuration)
spanning-tree portfast (interface configuration)
switchport port-security aging
2rmon collection stats
Use the rmon collection stats interface configuration command on the switch stack or on a standalone switch to collect Ethernet group statistics, which include utilization statistics about broadcast and multicast packets, and error statistics about Cyclic Redundancy Check (CRC) alignment errors and collisions. Use the no form of this command to return to the default setting.
rmon collection stats index [owner name]
no rmon collection stats index [owner name]
Syntax Description
index
Remote Network Monitoring (RMON) collection control index. The range is 1 to 65535.
owner name
(Optional) Owner of the RMON collection.
Defaults
The RMON statistics collection is disabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
The RMON statistics collection command is based on hardware counters.
Examples
This example shows how to collect RMON statistics for the owner root on Gigabit Ethernet interface 0/1 of stack member 2:
Switch(config)# interface gigabitethernet2/0/1Switch(config-if)# rmon collection stats 2 owner rootYou can verify your setting by entering the show rmon statistics privileged EXEC command.
Related Commands
sdm prefer
Use the sdm prefer global configuration command on the switch stack or on a standalone switch to configure the template used in Switch Database Management (SDM) resource allocation. You can use a template to allocate system resources to best support the features being used in your application. Use a template to provide maximum system utilization for unicast routing or for VLAN configuration. Use the no form of this command to return to the default template.
sdm prefer {routing | vlan}
no sdm prefer
Syntax Description
Defaults
The default template provides a balance to all features.
Command Modes
Global configuration
Command History
Usage Guidelines
You must reload the switch for the configuration to take effect.
All stack members use the same SDM template, stored on the stack master. When a new switch member is added to a stack, as with the switch configuration file and VLAN database file, the SDM configuration that is stored on the stack master overrides the template configured on an individual switch.
Use the sdm prefer vlan global configuration command only on switches intended for Layer 2 switching with no routing. When you use the VLAN template, no system resources are reserved for routing entries and any routing is done through software. This overloads the central processing unit (CPU) and severely degrades routing performance.
Do not use the routing template if you do not have routing enabled on your switch. Entering the sdm prefer routing global configuration command prevents other features from using the memory allocated to unicast routing in the routing template (approximately 11 K).
Table 2-12 lists the approximate number of each resource supported in each of the three templates for a switch. The first seven rows in the tables (unicast MAC addresses through security ACEs) represent approximate hardware boundaries set when a template is selected. If a section of a hardware resource is full, all processing overflow is sent to the CPU, seriously impacting switch performance.
The last two rows, the total number of routed ports and SVIs and the number of Layer 2 VLANs, are guidelines used to calculate hardware resource consumption related to the other resource parameters.
.
The total number of routed interfaces is not limited by software and can be set to a number higher than shown in the tables. If the number of routed interfaces configured is lower or equal to the number in the tables, the number of entries in each category (Unicast MAC addresses, IGMP groups, and so on) for each template will be as shown. As the number of routed interfaces is increased, CPU utilization typically increases. If the number of routed interfaces is increased beyond the number shown in the tables, the number of supported entries in each category could decrease depending on other features that are enabled.
Examples
This example shows how to configure the routing template on the switch:
Switch(config)# sdm prefer routingSwitch(config)# exitSwitch# reloadThis example shows how to remove the routing template and to use the default template:
Switch(config)# no sdm prefer routingSwitch(config)# exitSwitch# reloadYou can verify your settings by entering the show sdm prefer privileged EXEC command.
Related Commands
Displays the current SDM template in use or displays the templates that can be used, with approximate resource allocation per feature.
service password-recovery
Use the service password-recovery global configuration command on the switch stack or on a standalone switch to enable the password-recovery mechanism (the default). This mechanism allows a user with physical access to the switch to hold down the Mode button and interrupt the boot process while the switch is powering up and to assign a new password. Use the no form of this command to disable part of the password-recovery functionality. When the password-recovery mechanism is disabled, interrupting the boot process is allowed only if the user agrees to set the system back to the default configuration.
service password-recovery
no service password-recovery
Syntax Description
This command has no arguments or keywords.
Defaults
The default action is for the password-recovery mechanism to be enabled.
Command Modes
Global configuration
Command History
Usage Guidelines
As a system administrator, you can use the no service password-recovery command to disable some of the functionality of the password recovery feature by allowing an end user to reset a password only by agreeing to return to the default configuration.
The password-recovery mechanism has been triggered, butis currently disabled. Access to the boot loader promptthrough the password-recovery mechanism is disallowed atthis point. However, if you agree to let the system bereset back to the default system configuration, accessto the boot loader prompt can still be allowed.Would you like to reset the system back to the default configuration (y/n)?If the user chooses not to reset the system back to the default configuration, the normal boot process continues, as if the Mode button had not been pressed. If you choose to reset the system back to the default configuration, the configuration file in flash memory is deleted and the VLAN database file, flash:vlan.dat (if present) is deleted.
Note
If you use the no service password-recovery command to control end user access to passwords, we recommend that you save a copy of the config file in a location away from the switch in case the end user uses the password recovery procedure and sets the system back to defaults. Do not keep a backup copy of the config file on the switch.
If the switch is operating in VTP transparent mode, we recommend that you also save a copy of the vlan.dat file in a location away from the switch.You can verify if password recovery is enabled or disabled by entering the show version privileged EXEC command.
Examples
This example shows how to disable password recovery on a switch or switch stack so that a user can only reset a password by agreeing to return to the default configuration.
Switch(config)# no service-password recoverySwitch(config)# exitRelated Commands
service-policy
Use the service-policy interface configuration command on the switch stack or on a standalone switch to apply a policy map defined by the policy-map command to the input of a particular interface. Use the no form of this command to remove the policy map and interface association.
service-policy input policy-map-name
no service-policy input policy-map-name
Syntax Description
Note
Defaults
No policy maps are attached to the interface.
Command Modes
Interface configuration
Command History
Usage Guidelines
Only one policy map per ingress interface is supported.
Classification using a port trust state (for example, mls qos trust [cos | dscp | ip-precedence] and a policy map (for example, service-policy input policy-map-name) are mutually exclusive. The last one configured overwrites the previous configuration.
Examples
This example shows how to apply plcmap1 to an ingress interface on stack member 2:
Switch(config)# interface gigabitethernet2/0/1Switch(config-if)# service-policy input plcmap1This example shows how to detach plcmap2 from an interface on stack member 2:
Switch(config)# interface gigabitethernet2/0/2Switch(config-if)# no service-policy input plcmap2You can verify your settings by entering the show running-config privileged EXEC command.
Related Commands
Creates or modifies a policy map that can be attached to multiple interfaces to specify a service policy.
Displays quality of service (QoS) policy maps.
session
Use the session privileged EXEC command on the stack master to access a specific stack member.
session stack-member-number
Syntax Description
stack-member-number
Specify the current stack member number. The stack member number is in the range from 1 through 9.
Defaults
No default is defined.
Command Modes
Global configuration
Command History
Usage Guidelines
When you access the stack member, its stack member number is appended to the system prompt.
Examples
This example shows how to access stack member 6:
Switch(config)# session 6Switch-6#Related Commands
set
Use the set policy-map class configuration command on the switch stack or on a standalone switch to classify IP traffic by setting a Differentiated Services Code Point (DSCP) or IP-precedence value in the packet. Use the no form of this command to remove traffic classification.
set {ip dscp new-dscp | ip precedence new-precedence}
no set {ip dscp new-dscp | ip precedence new-precedence}
Syntax Description
Note
Defaults
No traffic classification is defined.
Command Modes
Policy-map class configuration
Command History
Usage Guidelines
The set command is mutually exclusive with the trust policy-map class configuration command within the same policy map.
For the set ip dscp new-dscp or the set ip precedence new-precedence command, you can enter a mnemonic name for a commonly-used value. For example, you can enter the set ip dscp af11 command, which is the as same entering the set ip dscp 10 command. You can enter the set ip precedence critical command, which is the same as entering the set ip precedence 5 command. For a list of supported mnemonics, enter the set ip dscp ? or the set ip precedence ? command to see the command-line help strings.
To return to policy-map configuration mode, use the exit command. To return to privileged EXEC mode, use the end command.
Examples
This example shows how to assign DSCP 10 to all FTP traffic without any policers:
Switch(config)# policy-map policy_ftpSwitch(config-pmap)# class ftp_classSwitch(config-pmap-c)# set ip dscp 10Switch(config-pmap)# exitYou can verify your settings by entering the show policy-map privileged EXEC command.
Related Commands
setup
Use the setup privileged EXEC command to configure the switch with its initial configuration.
setup
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
When you use the setup command, make sure that you have this information:
•
•
•
When you enter the setup command, an interactive dialog, called the System Configuration Dialog, appears. It guides you through the configuration process and prompts you for information. The values shown in brackets next to each prompt are the default values last set by using either the setup command facility or the configure privileged EXEC command.
Help text is provided for each prompt. To access help text, press the question mark (?) key at a prompt.
To return to the privileged EXEC prompt without making changes and without running through the entire System Configuration Dialog, press Ctrl-C.
When you complete your changes, the setup program shows you the configuration command script that was created during the setup session. You can save the configuration in nonvolatile RAM (NVRAM), return to the setup program without saving, or return to the command-line prompt without saving the configuration.
Examples
This is an example of output from the setup command:
Switch# setup--- System Configuration Dialog ---Continue with configuration dialog? [yes/no]: yesAt any point you may enter a question mark '?' for help.Use ctrl-c to abort configuration dialog at any prompt.Default settings are in square brackets '[]'.Basic management setup configures only enough connectivityfor management of the system, extended setup will ask youto configure each interface on the system.Would you like to enter basic management setup? [yes/no]: yesConfiguring global parameters:Enter host name [Switch]:host-nameThe enable secret is a password used to protect access toprivileged EXEC and configuration modes. This password, afterentered, becomes encrypted in the configuration.Enter enable secret: enable-secret-passwordThe enable password is used when you do not specify anenable secret password, with some older software versions, andsome boot images.Enter enable password: enable-passwordThe virtual terminal password is used to protectaccess to the router over a network interface.Enter virtual terminal password: terminal-passwordConfigure SNMP Network Management? [no]: yesCommunity string [public]:Current interface summaryAny interface listed with OK? value "NO" does not have a valid configurationInterface IP-Address OK? Method Status ProtocolVlan1 172.20.135.202 YES NVRAM up upGigabitEthernet6/0/1 unassigned YES unset up upGigabitEthernet6/0/2 unassigned YES unset up downGigabitEthernet6/0/3 unassigned YES unset administratively down downGigabitEthernet6/0/4 unassigned YES unset up downGigabitEthernet6/0/5 unassigned YES NVRAM up downGigabitEthernet6/0/6 unassigned YES NVRAM up downGigabitEthernet6/0/7 unassigned YES unset up downGigabitEthernet6/0/8 unassigned YES unset up downGigabitEthernet6/0/9 unassigned YES unset administratively down downGigabitEthernet6/0/10 10.1.2.3 YES NVRAM up downGigabitEthernet6/0/11 unassigned YES unset up downGigabitEthernet6/0/12 unassigned YES unset up downPort-channel1 unassigned YES unset up downEnter interface name used to connect to themanagement network from the above interface summary: vlan1Configuring interface vlan1:Configure IP on this interface? [yes]: yesIP address for this interface: ip_addressSubnet mask for this interface [255.0.0.0]: subnet_maskWould you like to enable as a cluster command switch? [yes/no]: yesEnter cluster name: cluster-nameThe following configuration command script was created:hostname host-nameenable secret 5 $1$LiBw$0Xc1wyT.PXPkuhFwqyhVi0enable password enable-passwordline vty 0 15password terminal-passwordsnmp-server community public!no ip routing!interface GigabitEthernet6/0/1no ip address!interface GigabitEthernet6/0/2no ip address!...interface GigabitEthernet6/0/12no ip addresscluster enable cluster-name!endUse this configuration? [yes/no]: yes![0] Go to the IOS command prompt without saving this config.[1] Return back to the setup without saving this config.[2] Save this configuration to nvram and exit.Enter your selection [2]:Related Commands
show access-lists
Use the show access-lists privileged EXEC command to display access control lists (ACLs) configured on the switch.
show access-lists [name | number | hardware counters] [ | {begin | exclude | include} expression]
Syntax Description
Note
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The switch supports only IP standard and extended access lists. Therefore, the allowed numbers are only 1 to 199 and 1300 to 2699.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show access-lists command:
Switch# show access-listsSauron#show access-listsStandard IP access list 1permit 1.1.1.1permit 2.2.2.2permit anypermit 0.255.255.255, wildcard bits 12.0.0.0Standard IP access list videowizard_1-1-1-1permit 1.1.1.1Standard IP access list videowizard_10-10-10-10permit 10.10.10.10Extended IP access list 121permit ahp host 10.10.10.10 host 20.20.10.10 precedence routineExtended IP access list CMP-NAT-ACLDynamic Cluster-HSRP deny ip any anydeny ip any host 19.19.11.11deny ip any host 10.11.12.13Dynamic Cluster-NAT permit ip any anypermit ip host 10.99.100.128 anypermit ip host 10.46.22.128 anypermit ip host 10.45.101.64 anypermit ip host 10.45.20.64 anypermit ip host 10.213.43.128 anypermit ip host 10.91.28.64 anypermit ip host 10.99.75.128 anypermit ip host 10.38.49.0 anyThis is an example of output from the show access-lists hardware counters command:
Switch# show access-lists hardware countersL2 ACL INPUT StatisticsDrop: All frame count: 855Drop: All bytes count: 94143Drop And Log: All frame count: 0Drop And Log: All bytes count: 0Bridge Only: All frame count: 0Bridge Only: All bytes count: 0Bridge Only And Log: All frame count: 0Bridge Only And Log: All bytes count: 0Forwarding To CPU: All frame count: 0Forwarding To CPU: All bytes count: 0Forwarded: All frame count: 2121Forwarded: All bytes count: 180762Forwarded And Log: All frame count: 0Forwarded And Log: All bytes count: 0L3 ACL INPUT StatisticsDrop: All frame count: 0Drop: All bytes count: 0Drop And Log: All frame count: 0Drop And Log: All bytes count: 0Bridge Only: All frame count: 0Bridge Only: All bytes count: 0Bridge Only And Log: All frame count: 0Bridge Only And Log: All bytes count: 0Forwarding To CPU: All frame count: 0Forwarding To CPU: All bytes count: 0Forwarded: All frame count: 13586Forwarded: All bytes count: 1236182Forwarded And Log: All frame count: 0Forwarded And Log: All bytes count: 0L2 ACL OUTPUT StatisticsDrop: All frame count: 0Drop: All bytes count: 0Drop And Log: All frame count: 0Drop And Log: All bytes count: 0Bridge Only: All frame count: 0Bridge Only: All bytes count: 0Bridge Only And Log: All frame count: 0Bridge Only And Log: All bytes count: 0Forwarding To CPU: All frame count: 0Forwarding To CPU: All bytes count: 0Forwarded: All frame count: 232983Forwarded: All bytes count: 16825661Forwarded And Log: All frame count: 0Forwarded And Log: All bytes count: 0L3 ACL OUTPUT StatisticsDrop: All frame count: 0Drop: All bytes count: 0Drop And Log: All frame count: 0Drop And Log: All bytes count: 0Bridge Only: All frame count: 0Bridge Only: All bytes count: 0Bridge Only And Log: All frame count: 0Bridge Only And Log: All bytes count: 0Forwarding To CPU: All frame count: 0Forwarding To CPU: All bytes count: 0Forwarded: All frame count: 514434Forwarded: All bytes count: 39048748Forwarded And Log: All frame count: 0Forwarded And Log: All bytes count: 0Related Commands
show boot
Use the show boot privileged EXEC command to display the settings of the boot environment variables.
show boot [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show boot command. Table 2-13 describes each field in the display.
Switch# show bootBOOT path-list: flash:c3750-i5q3l2-mz-121.11.AX/c3750-i5q3l2-mz-121.11.AX.binConfig file: flash:config.textPrivate Config file: private-configEnable Break: noManual Boot: yesHELPER path-list:NVRAM/Config filebuffer size: 32768
Related Commands
show class-map
Use the show class-map user EXEC command to display quality of service (QoS) class maps, which define the match criteria to classify traffic.
show class-map [class-map-name] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show class-map command:
Switch> show class-mapClass Map match-all videowizard_10-10-10-10 (id 2)Match access-group name videowizard_10-10-10-10Class Map match-any class-default (id 0)Match anyClass Map match-all dscp5 (id 3)Match ip dscp 5Related Commands
Creates a class map to be used for matching packets to the class whose name you specify.
Defines the match criteria to classify traffic.
show cluster
Use the show cluster user EXEC command to display the cluster status and a summary of the cluster to which the switch belongs. This command can be entered on the cluster command switch and cluster member switches.
show cluster [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
If you enter this command on a switch that is not a cluster member, the error message Not a management cluster member appears.
On a cluster member switch, this command displays the identity of the cluster command switch, the switch member number, and the state of its connectivity with the cluster command switch.
On a cluster command switch stack or cluster command switch, this command displays the cluster name and the total number of members. It also shows the cluster status and time since the status changed. If redundancy is enabled, it displays the primary and secondary command-switch information.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output when the show cluster command is entered on the active cluster command switch:
Switch> show clusterCommand switch for cluster "Ajang"Total number of members: 7Status: 1 members are unreachableTime since last status change: 0 days, 0 hours, 2 minutesRedundancy: EnabledStandby command switch: Member 1Standby Group: Ajang_standbyStandby Group Number: 110Heartbeat interval: 8Heartbeat hold-time: 80Extended discovery hop count: 3This is an example of output when the show cluster command is entered on a cluster member switch:
Switch1> show clusterMember switch for cluster "hapuna"Member number: 3Management IP address: 192.192.192.192Command switch mac address: 0000.0c07.ac14Heartbeat interval: 8Heartbeat hold-time: 80This is an example of output when the show cluster command is entered on a cluster member switch that is configured as the standby cluster command switch:
Switch> show clusterMember switch for cluster "hapuna"Member number: 3 (Standby command switch)Management IP address: 192.192.192.192Command switch mac address: 0000.0c07.ac14Heartbeat interval: 8Heartbeat hold-time: 80This is an example of output when the show cluster command is entered on the cluster command switch that has lost connectivity with member 1:
Switch> show clusterCommand switch for cluster "Ajang"Total number of members: 7Status: 1 members are unreachableTime since last status change: 0 days, 0 hours, 5 minutesRedundancy: DisabledHeartbeat interval: 8Heartbeat hold-time: 80Extended discovery hop count: 3This is an example of output when the show cluster command is entered on a cluster member switch that has lost connectivity with the cluster command switch:
Switch> show clusterMember switch for cluster "hapuna"Member number: <UNKNOWN>Management IP address: 192.192.192.192Command switch mac address: 0000.0c07.ac14Heartbeat interval: 8Heartbeat hold-time: 80Related Commands
show cluster candidates
Use the show cluster candidates privileged EXEC command on a switch stack or on a cluster command switch to display a list of candidate switches.
show cluster candidates [detail | mac-address H.H.H.] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
This command is available only on the cluster command switch stack or cluster command switch.
If the switch is not a cluster command switch, the command displays an empty line at the prompt.
The SN in the display means switch member number. If E appears in the SN column, it means that the switch is discovered through extended discovery. If E does not appear in the SN column, it means that the switch member number is the upstream neighbor of the candidate switch. The hop count is the number of devices the candidate is from the cluster command switch.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show cluster candidates command:
Switch> show cluster candidates|---Upstream---|MAC Address Name Device Type PortIf FEC Hops SN PortIf FEC00d0.7961.c4c0 StLouis-2 WS-C3750-12T Gi6/0/1 2 1 Fa0/1100d0.bbf5.e900 ldf-dist-128 WS-C3524-XL Fa0/7 1 0 Fa0/2400e0.1e7e.be80 1900_Switch 1900 3 0 1 0 Fa0/1100e0.1e9f.7a00 Surfers-24 WS-C2924-XL Fa0/5 1 0 Fa0/300e0.1e9f.8c00 Surfers-12-2 WS-C2912-XL Fa0/4 1 0 Fa0/700e0.1e9f.8c40 Surfers-12-1 WS-C2912-XL Fa0/1 1 0 Fa0/9This is an example of output from the show cluster candidates command that uses the MAC address of a cluster member switch directly connected to the cluster command switch:
Switch> show cluster candidates mac-address 00d0.7961.c4c0Device 'Tahiti-12' with mac address number 00d0.7961.c4c0Device type: cisco WS-C3750-12TUpstream MAC address: 00d0.796d.2f00 (Cluster Member 0)Local port: Gi6/0/1 FEC number:Upstream port: GI6/0/11 FEC Number:Hops from cluster edge: 1Hops from command device: 1This is an example of output from the show cluster candidates command that uses the MAC address of a cluster member switch three hops from the cluster edge:
Switch> show cluster candidates mac-address 0010.7bb6.1cc0Device 'Ventura' with mac address number 0010.7bb6.1cc0Device type: cisco WS-C2912MF-XLUpstream MAC address: 0010.7bb6.1cd4Local port: Fa2/1 FEC number:Upstream port: Fa0/24 FEC Number:Hops from cluster edge: 3Hops from command device: -This is an example of output from the show cluster candidates detail command:
Switch> show cluster candidates detailDevice 'Tahiti-12' with mac address number 00d0.7961.c4c0Device type: cisco WS-C3512-XLUpstream MAC address: 00d0.796d.2f00 (Cluster Member 1)Local port: Fa0/3 FEC number:Upstream port: Fa0/13 FEC Number:Hops from cluster edge: 1Hops from command device: 2Device '1900_Switch' with mac address number 00e0.1e7e.be80Device type: cisco 1900Upstream MAC address: 00d0.796d.2f00 (Cluster Member 2)Local port: 3 FEC number: 0Upstream port: Fa0/11 FEC Number:Hops from cluster edge: 1Hops from command device: 2Device 'Surfers-24' with mac address number 00e0.1e9f.7a00Device type: cisco WS-C2924-XLUpstream MAC address: 00d0.796d.2f00 (Cluster Member 3)Local port: Fa0/5 FEC number:Upstream port: Fa0/3 FEC Number:Hops from cluster edge: 1Hops from command device: 2Related Commands
Displays the cluster status and a summary of the cluster to which the switch belongs.
Displays information about the cluster members.
show cluster members
Use the show cluster members privileged EXEC command on a switch stack or on a cluster command switch to display information about the cluster members.
show cluster members [n | detail] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
This command is available only on the cluster command switch stack or cluster command switch.
If the cluster has no members, this command displays an empty line at the prompt.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show cluster members command. The SN in the display means switch number.
Switch# show cluster members|---Upstream---|SN MAC Address Name PortIf FEC Hops SN PortIf FEC State0 0002.4b29.2e00 StLouis1 0 Up (Cmdr)1 0030.946c.d740 tal-switch-1 Fa0/13 1 0 Gi0/1 Up2 0002.b922.7180 nms-2820 10 0 2 1 Fa0/18 Up3 0002.4b29.4400 SanJuan2 Gi0/1 2 1 Fa0/11 Up4 0002.4b28.c480 GenieTest Gi0/2 2 1 Fa0/9 UpThis is an example of output from the show cluster members for cluster member 3:
Switch# show cluster members 3Device 'SanJuan2' with member number 3Device type: cisco WS-C3750-12TMAC address: 0002.4b29.4400Upstream MAC address: 0030.946c.d740 (Cluster member 1)Local port: Gi6/0/1 FEC number:Upstream port: GI6/0/11 FEC Number:Hops from command device: 2This is an example of output from the show cluster members detail command:
Switch# show cluster members detailDevice 'StLouis1' with member number 0 (Command Switch)Device type: cisco WS-C3750-12TMAC address: 0002.4b29.2e00Upstream MAC address:Local port: FEC number:Upstream port: FEC Number:Hops from command device: 0Device 'tal-switch-14' with member number 1Device type: cisco WS-C3548-XLMAC address: 0030.946c.d740Upstream MAC address: 0002.4b29.2e00 (Cluster member 0)Local port: Fa0/13 FEC number:Upstream port: Gi0/1 FEC Number:Hops from command device: 1Device 'nms-2820' with member number 2Device type: cisco 2820MAC address: 0002.b922.7180Upstream MAC address: 0030.946c.d740 (Cluster member 1)Local port: 10 FEC number: 0Upstream port: Fa0/18 FEC Number:Hops from command device: 2Device 'SanJuan2' with member number 3Device type: cisco WS-C3750-12TMAC address: 0002.4b29.4400Upstream MAC address: 0030.946c.d740 (Cluster member 1)Local port: Gi6/0/1 FEC number:Upstream port: Fa6/0/11 FEC Number:Hops from command device: 2Device 'GenieTest' with member number 4Device type: cisco SeaHorseMAC address: 0002.4b28.c480Upstream MAC address: 0030.946c.d740 (Cluster member 1)Local port: Gi0/2 FEC number:Upstream port: Fa0/9 FEC Number:Hops from command device: 2Device 'Palpatine' with member number 5Device type: cisco WS-C2924M-XLMAC address: 00b0.6404.f8c0Upstream MAC address: 0002.4b29.2e00 (Cluster member 0)Local port: Gi2/1 FEC number:Upstream port: Gi0/7 FEC Number:Hops from command device: 1Related Commands
Displays the cluster status and a summary of the cluster to which the switch belongs.
Displays a list of candidate switches.
show controllers cpu-interface
Use the show controllers cpu-interface privileged EXEC command to display the state of the CPU network interface application-specific integrated circuit (ASIC) and the send and receive statistics for packets reaching the CPU.
show controllers cpu-interface [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is a partial output example from the show controllers cpu- interface command:
Switch# show controllers cpu-interfacecpu-queue-frames retrieved dropped invalid hol-block----------------- ---------- ---------- ---------- ----------rpc 4523063 0 0 0stp 1545035 0 0 0ipc 1903047 0 0 0routing protocol 96145 0 0 0L2 protocol 79596 0 0 0remote console 0 0 0 0sw forwarding 5756 0 0 0host 225646 0 0 0broadcast 46472 0 0 0cbt-to-spt 0 0 0 0igmp snooping 68411 0 0 0icmp 0 0 0 0logging 0 0 0 0rpf-fail 0 0 0 0queue14 0 0 0 0cpu heartbeat 1710501 0 0 0Supervisor ASIC receive-queue parameters----------------------------------------queue 0 maxrecevsize 5EE pakhead 1419A20 paktail 13EAED4queue 1 maxrecevsize 5EE pakhead 15828E0 paktail 157FBFCqueue 2 maxrecevsize 5EE pakhead 1470D40 paktail 1470FE4queue 3 maxrecevsize 5EE pakhead 19CDDD0 paktail 19D02C8<output truncated>Supervisor ASIC Mic Registers------------------------------MicDirectPollInfo 80000800MicIndicationsReceived 00000000MicInterruptsReceived 00000000MicPcsInfo 0001001FMicPlbMasterConfiguration 00000000MicRxFifosAvailable 00000000MicRxFifosReady 0000BFFFMicTimeOutPeriod: FrameTOPeriod: 00000EA6 DirectTOPeriod: 00004000<output truncated>MicTransmitFifoInfo:Fifo0: StartPtrs: 038C2800 ReadPtr: 038C2C38WritePtrs: 038C2C38 Fifo_Flag: 8A800800Weights: 001E001EFifo1: StartPtr: 03A9BC00 ReadPtr: 03A9BC60WritePtrs: 03A9BC60 Fifo_Flag: 89800400writeHeaderPtr: 03A9BC60Fifo2: StartPtr: 038C8800 ReadPtr: 038C88E0WritePtrs: 038C88E0 Fifo_Flag: 88800200writeHeaderPtr: 038C88E0Fifo3: StartPtr: 03C30400 ReadPtr: 03C30638WritePtrs: 03C30638 Fifo_Flag: 89800400writeHeaderPtr: 03C30638Fifo4: StartPtr: 03AD5000 ReadPtr: 03AD50A0WritePtrs: 03AD50A0 Fifo_Flag: 89800400writeHeaderPtr: 03AD50A0Fifo5: StartPtr: 03A7A600 ReadPtr: 03A7A600WritePtrs: 03A7A600 Fifo_Flag: 88800200writeHeaderPtr: 03A7A600Fifo6: StartPtr: 03BF8400 ReadPtr: 03BF87F0WritePtrs: 03BF87F0 Fifo_Flag: 89800400<output truncated>Related Commands
show controllers ethernet-controller
Use the show controllers ethernet-controller privileged EXEC command without keywords to display per-interface send and receive statistics read from the hardware. Use with the phy keyword to display the interface internal registers or the port-asic keyword to display information about the port application-specific integrated circuit (ASIC).
show controllers ethernet-controller [ [interface-id] [phy [detail] | port-asic {configuration | statistics}] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
This display without keywords provides traffic statistics, basically the RMON statistics for all interfaces or for the specified interface.
When you enter the phy or port-asic keywords, the displayed information is useful primarily for Cisco technical support representatives troubleshooting the switch.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show controllers ethernet-controller command for an interface:
Switch# show controllers ethernet-controller GigabitEthernet6/0/1Transmit GigabitEthernet6/0/1 Receive0 Bytes 0 Bytes0 Unicast frames 0 Unicast frames0 Multicast frames 0 Multicast frames0 Broadcast frames 0 Broadcast frames0 Too old frames 0 Unicast bytes0 Deferred frames 0 Multicast bytes0 MTU exceeded frames 0 Broadcast bytes0 1 collision frames 0 Alignment errors0 2 collision frames 0 FCS errors0 3 collision frames 0 Oversize frames0 4 collision frames 0 Undersize frames0 5 collision frames 0 Collision fragments0 6 collision frames0 7 collision frames 0 Minimum size frames0 8 collision frames 0 65 to 127 byte frames0 9 collision frames 0 128 to 255 byte frames0 10 collision frames 0 256 to 511 byte frames0 11 collision frames 0 512 to 1023 byte frames0 12 collision frames 0 1024 to 1518 byte frames0 13 collision frames 0 Overrun frames0 14 collision frames 0 Pause frames0 15 collision frames 0 Symbol error frames0 Excessive collisions0 Late collisions 0 Invalid frames, too large0 VLAN discard frames 0 Valid frames, too large0 Excess defer frames 0 Invalid frames, too small0 64 byte frames 0 Valid frames, too small0 127 byte frames0 255 byte frames 0 Too old frames0 511 byte frames 0 Valid oversize frames0 1023 byte frames 0 System FCS error frames0 1518 byte frames 0 RxPortFifoFull drop frame0 Too large frames0 Good (1 coll) framesThis is an example of output from the show controllers ethernet-controller phy command:
Switch# show controllers ethernet-controller phyGigabitEthernet1/0/1 (gpn: 3, port-number: 1)-----------------------------------------------------------Control Register : 0001 0001 0100 0000Control STATUS : 0111 1001 0100 1001Phy ID 1 : 0000 0001 0100 0001Phy ID 2 : 0000 1100 0010 0100Auto-Negotiation Advertisement : 0000 0011 1110 0001Auto-Negotiation Link Partner : 0000 0000 0000 0000Auto-Negotiation Expansion Reg : 0000 0000 0000 0100Next Page Transmit Register : 0010 0000 0000 0001Link Partner Next page Registe : 0000 0000 0000 00001000BASE-T Control Register : 0000 1111 0000 00001000BASE-T Status Register : 0100 0000 0000 0000Extended Status Register : 0011 0000 0000 0000PHY Specific Control Register : 0000 0000 0011 1000PHY Specific Status Register : 1000 0001 0100 0000Interrupt Enable : 0000 0000 0000 0000Interrupt Status : 0000 0000 0100 0000Extended PHY Specific Control : 0000 1100 1110 0000Receive Error Counter : 0000 0000 0000 0000Reserved Register 1 : 0000 0000 0000 0000Global Status : 0000 0000 0000 0000LED Control : 0100 0001 0000 0000Manual LED Override : 0000 1000 0010 1010Extended PHY Specific Control : 0000 0000 0000 1010Disable Receiver 1 : 0000 0000 0000 00GigabitEthernet1/0/2 (gpn: 4, port-number: 2)-----------------------------------------------------------Control Register : 0011 0001 0000 0000Control STATUS : 0111 1000 0000 1001Phy ID 1 : 0000 0000 0001 0011Phy ID 2 : 0111 1000 1111 1011Auto-Negotiation Advertisement : 0000 0011 1110 0001Auto-Negotiation Link Partner : 0000 0000 0000 0000Auto-Negotiation Expansion Reg : 0000 0000 0000 0100Next Page Transmit Register : 0010 0000 0000 0001Auto-Negotiation Expansion Reg : 0000 0000 0000 0100<output truncated>This is an example of output from the show controllers ethernet-controller port-asic configuration command:
Switch# show controllers ethernet-controller port-asic configuration========================================================================Switch 4, PortASIC 0 Registers------------------------------------------------------------------------DeviceType : 000101BCReset : 00000000PmadMicConfig : 00000001PmadMicDiag : 00000003SupervisorReceiveFifoSramInfo : 000007D0 000007D0 40000000SupervisorTransmitFifoSramInfo : 000001D0 000001D0 40000000GlobalStatus : 00000800IndicationStatus : 00000000IndicationStatusMask : FFFFFFFFInterruptStatus : 00000000InterruptStatusMask : 01FFE800SupervisorDiag : 00000000SupervisorFrameSizeLimit : 000007C8SupervisorBroadcast : 000A0F01GeneralIO : 000003F9 00000000 00000004StackPcsInfo : FFFF1000 860329BD 5555FFFF FFFFFFFFFF0FFF00 86020000 5555FFFF 00000000StackRacInfo : 73001630 00000003 7F001644 0000000324140003 FD632B00 18E418E0 FFFFFFFFStackControlStatus : 18E418E0stackControlStatusMask : FFFFFFFFTransmitBufferFreeListInfo : 00000854 00000800 00000FF8 000000000000088A 0000085D 00000FF8 00000000TransmitRingFifoInfo : 00000016 00000016 40000000 000000000000000C 0000000C 40000000 00000000TransmitBufferInfo : 00012000 00000FFF 00000000 00000030TransmitBufferCommonCount : 00000F7ATransmitBufferCommonCountPeak : 0000001ETransmitBufferCommonCommonEmpty : 000000FFNetworkActivity : 00000000 00000000 00000000 02400000DroppedStatistics : 00000000FrameLengthDeltaSelect : 00000001SneakPortFifoInfo : 00000000MacInfo : 0EC0801C 00000001 0EC0801B 0000000100C0001D 00000001 00C0001E 00000001This is an example of output from the show controllers ethernet-controller port-asic statistics command:
Switch# show controllers ethernet-controller port-asic statistics===========================================================================Switch 1, PortASIC 0 Statistics---------------------------------------------------------------------------0 RxQ-0, wt-0 enqueue frames 0 RxQ-0, wt-0 drop frames4118966 RxQ-0, wt-1 enqueue frames 0 RxQ-0, wt-1 drop frames0 RxQ-0, wt-2 enqueue frames 0 RxQ-0, wt-2 drop frames0 RxQ-1, wt-0 enqueue frames 0 RxQ-1, wt-0 drop frames296 RxQ-1, wt-1 enqueue frames 0 RxQ-1, wt-1 drop frames2836036 RxQ-1, wt-2 enqueue frames 0 RxQ-1, wt-2 drop frames0 RxQ-2, wt-0 enqueue frames 0 RxQ-2, wt-0 drop frames0 RxQ-2, wt-1 enqueue frames 0 RxQ-2, wt-1 drop frames158377 RxQ-2, wt-2 enqueue frames 0 RxQ-2, wt-2 drop frames0 RxQ-3, wt-0 enqueue frames 0 RxQ-3, wt-0 drop frames0 RxQ-3, wt-1 enqueue frames 0 RxQ-3, wt-1 drop frames0 RxQ-3, wt-2 enqueue frames 0 RxQ-3, wt-2 drop frames15 TxBufferFull Drop Count 0 Rx Fcs Error Frames0 TxBufferFrameDesc BadCrc16 0 Rx Invalid Oversize Frames0 TxBuffer Bandwidth Drop Cou 0 Rx Invalid Too Large Frames0 TxQueue Bandwidth Drop Coun 0 Rx Invalid Too Large Frames0 TxQueue Missed Drop Statist 0 Rx Invalid Too Small Frames74 RxBuffer Drop DestIndex Cou 0 Rx Too Old Frames0 SneakQueue Drop Count 0 Tx Too Old Frames0 Learning Queue Overflow Fra 0 System Fcs Error Frames0 Learning Cam Skip Count15 Sup Queue 0 Drop Frames 0 Sup Queue 8 Drop Frames0 Sup Queue 1 Drop Frames 0 Sup Queue 9 Drop Frames0 Sup Queue 2 Drop Frames 0 Sup Queue 10 Drop Frames0 Sup Queue 3 Drop Frames 0 Sup Queue 11 Drop Frames0 Sup Queue 4 Drop Frames 0 Sup Queue 12 Drop Frames0 Sup Queue 5 Drop Frames 0 Sup Queue 13 Drop Frames0 Sup Queue 6 Drop Frames 0 Sup Queue 14 Drop Frames0 Sup Queue 7 Drop Frames 0 Sup Queue 15 Drop Frames===========================================================================Switch 1, PortASIC 1 Statistics---------------------------------------------------------------------------0 RxQ-0, wt-0 enqueue frames 0 RxQ-0, wt-0 drop frames52 RxQ-0, wt-1 enqueue frames 0 RxQ-0, wt-1 drop frames0 RxQ-0, wt-2 enqueue frames 0 RxQ-0, wt-2 drop frames<output truncated>Related Commands
show controllers tcam
Use the show controllers tcam privileged EXEC command to display the state of the registers for all ternary content addressable memory (TCAM) in the system and for all TCAM interface application-specific integrated circuits (ASICs) that are CAM controllers.
show controllers tcam [detail] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show controllers tcam command:
Switch# show controllers tcam------------------------------------------------------------------------TCAM-0 Registers------------------------------------------------------------------------REV: 00B30103SIZE: 00080040ID: 00000000CCR: 00000000_F0000020RPID0: 00000000_00000000RPID1: 00000000_00000000RPID2: 00000000_00000000RPID3: 00000000_00000000HRR0: 00000000_E000CAFCHRR1: 00000000_00000000HRR2: 00000000_00000000HRR3: 00000000_00000000HRR4: 00000000_00000000HRR5: 00000000_00000000HRR6: 00000000_00000000HRR7: 00000000_00000000<output truncated>GMR31: FF_FFFFFFFF_FFFFFFFFGMR32: FF_FFFFFFFF_FFFFFFFFGMR33: FF_FFFFFFFF_FFFFFFFF=============================================================================TCAM related PortASIC 1 registers=============================================================================LookupType: 89A1C67D_24E35F00LastCamIndex: 0000FFE0LocalNoMatch: 000069E0ForwardingRamBaseAddress:00022A00 0002FE00 00040600 0002FE00 0000D40000000000 003FBA00 00009000 00009000 0004060000000000 00012800 00012900Related Commands
show dot1x
Use the show dot1x privileged EXEC command to display 802.1X statistics, administrative status, and operational status for the switch or for the specified interface.
show dot1x [interface interface-id | statistics [interface interface-id]] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
If you do not specify an interface, global parameters and a summary are displayed. If you specify an interface, details for that interface are displayed.
If you specify the statistics keyword without the interface interface-id option, statistics are displayed for all interfaces. If you specify the statistics keyword with the interface interface-id option, statistics are displayed for the specified interface.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show dot1x privileged EXEC command:
Switch# show dot1xGlobal 802.1X Parametersreauth-enabled yesreauth-period 3600quiet-period 60tx-period 30supp-timeout 30server-timeout 30reauth-max 2max-req 2802.1X Port SummaryPort Name Status Mode AuthorizedGi1/0/1 disabled n/a n/aGi1/0/2 enabled Auto (negotiate) yesGi1/0/3 disabled n/a n/aGi1/0/4 disabled n/a n/a<output truncated>Gi2/0/1 disabled n/a n/aGi2/0/2 disabled n/a n/aGi2/0/3 enabled Auto (negotiate) yes<output truncated>802.1X Port Details802.1X is disabled on GigabitEthernet1/0/1802.1X is enabled on GigabitEthernet1/0/2Status UnauthorizedPort-control AutoSupplicant 0060.b0f8.fbfbMultiple Hosts DisallowedCurrent Identifier 2Authenticator State MachineState AUTHENTICATINGReauth Count 1Backend State MachineState RESPONSERequest Count 0Identifier (Server) 2Reauthentication State MachineState INITIALIZE802.1X is disabled on GigabitEthernet1/0/3802.1X is disabled on GigabitEthernet1/0/4<output truncated>
Note
In the 802.1X Port Summary section of the display, the Status column shows whether the port is enabled for 802.1X (the dot1x port-control interface configuration command is set to auto or force-unauthorized). The Mode column shows the operational status of the port. For example, if you configure the dot1x port-control interface configuration command to force-unauthorized, but the port has not transitioned to that state, the Mode column displays auto. If you disable 802.1X, the Mode column displays n/a.
The Authorized column shows the authorization state of the port. For information about port states, refer to the "Configuring 802.1X Port-Based Authentication" chapter in the software configuration guide for this release.
This is an example of output from the show dot1x interface gigabitethernet1/0/2 privileged EXEC command. Table 2-14 describes the fields in the display.
Switch# show dot1x interface gigabitethernet1/0/2802.1X is enabled on GigabitEthernet1/0/2Status AuthorizedPort-control AutoSupplicant 0060.b0f8.fbfbMultiple Hosts DisallowedCurrent Identifier 3Authenticator State MachineState AUTHENTICATEDReauth Count 0Backend State MachineState IDLERequest Count 0Identifier (Server) 2Reauthentication State MachineState INITIALIZE
Table 2-14 show dot1x interface Field Description
802.1X is enabled on GigabitEthernet1/0/2
Status
Status of the port (authorized or unauthorized). The status of a port is displayed as authorized if the dot1x port-control interface configuration command is set to auto and has successfully completed authentication.
Port-control
Setting of the dot1x port-control interface configuration command.
Supplicant
Ethernet MAC address of the client, if one exists. If the switch has not discovered the client, this field displays Not set.
Multiple Hosts
Setting of the dot1x multiple-hosts interface configuration command (allowed or disallowed).
Current Identifier1
Each exchange between the switch and the client includes an identifier, which matches requests with responses. This number is incremented with each exchange and can be reset by the authentication server.
1 This field and the remaining fields in the display show internal state information. For a detailed description of these state machines and their settings, refer to the IEEE 802.1X specification.
This is an example of output from the show dot1x statistics interface gigabitethernet2/0/3 command. Table 2-15 describes the fields in the display.
Switch# show dot1x statistics interface gigabitethernet2/0/3GigabitEthernet2/0/3Rx: EAPOL EAPOL EAPOL EAPOL EAP EAP EAPStart Logoff Invalid Total Resp/Id Resp/Oth LenError0 0 0 21 0 0 0Last LastEAPOLVer EAPOLSrc1 0002.4b29.2a03Tx: EAPOL EAP EAPTotal Req/Id Req/Oth622 445 0
Related Commands
show dtp
Use the show dtp privileged EXEC command to display Dynamic Trunking Protocol (DTP) information for the switch or for a specified interface.
show dtp [interface interface-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show dtp command:
Switch# show dtpGlobal DTP informationSending DTP Hello packets every 30 secondsDynamic Trunk timeout is 300 seconds21 interfaces using DTPThis is an example of output from the show dtp interface command:
Switch# show dtp interface gigabitethernet1/0/1DTP information for GigabitEthernet1/0/1:TOS/TAS/TNS: ACCESS/AUTO/ACCESSTOT/TAT/TNT: NATIVE/NEGOTIATE/NATIVENeighbor address 1: 000943A7D081Neighbor address 2: 000000000000Hello timer expiration (sec/state): 1/RUNNINGAccess timer expiration (sec/state): never/STOPPEDNegotiation timer expiration (sec/state): never/STOPPEDMultidrop timer expiration (sec/state): never/STOPPEDFSM state: S2:ACCESS# times multi & trunk 0Enabled: yesIn STP: noStatistics----------3160 packets received (3160 good)0 packets dropped0 nonegotiate, 0 bad version, 0 domain mismatches, 0 bad TLVs, 0 other6320 packets output (6320 good)3160 native, 3160 software encap isl, 0 isl hardware native0 output errors0 trunk timeouts1 link ups, last link up on Mon Mar 01 1993, 01:02:290 link downsRelated Commands
show interfaces trunk
Displays interface trunking information.
show env
Use the show env user EXEC command to display fan, temperature, redundant power system (RPS) availability, and power information for the switch being accessed (standalone switch or stack master or stack member). Use with the stack keyword to display all information for the stack or for a specified switch in the stack.
show env {all | fan | power | rps | stack [switch-number] | temperature} [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Use the show access-lists privileged EXEC command to access information from a specific switch other than the master.
You can use the show env stack [switch-number] command to display information about any switch in the stack from any switch member.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show env all command issued from the master switch or a standalone switch:
Switch> show env allFAN is OKTEMPERATURE is OKPOWER is OKRPS is AVAILABLEThis is an example of output from the show env fan command:
Switch> show env fanFAN is OKThis is an example of output from the show env stack command:
Switch> show env stackSWITCH: 1FAN is OKTEMPERATURE is OKPOWER is OKRPS is NOT PRESENTSWITCH: 2FAN is OKTEMPERATURE is OKPOWER is OKRPS is NOT PRESENTSWITCH: 3FAN is OKTEMPERATURE is OKPOWER is OKRPS is NOT PRESENTSWITCH: 4FAN is OKTEMPERATURE is OKPOWER is OKRPS is NOT PRESENTSWITCH: 5FAN is OKTEMPERATURE is OKPOWER is OKRPS is NOT PRESENTSWITCH: 6FAN is OKTEMPERATURE is OKPOWER is OKRPS is NOT PRESENTThis example shows how to display information about stack member 3 from the master switch:
Switch> show env stack 3SWITCH: 3FAN is OKTEMPERATURE is OKPOWER is OKRPS is NOT PRESENTshow errdisable detect
Use the show errdisable detect user EXEC command to display error-disable detection status.
show errdisable detect [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
On the Catalyst 3750 switch, a displayed gbic-invalid error reason refers to an invalid small form-factor pluggable (SFP) interface.
Examples
This is an example of output from the show errdisable detect command:
Switch> show errdisable detectErrDisable Reason Detection status----------------- ----------------pagp-flap Enableddtp-flap Enabledlink-flap Enabledgbic-invalid EnabledRelated Commands
Enables error-disable detection for a specific cause or all causes.
Displays error condition recognition information.
Displays error-disable recovery timer information.
show interfaces status
Displays interface status or a list of interfaces in error-disabled state.
show errdisable flap-values
Use the show errdisable flap-values user EXEC command to display conditions that cause an error to be recognized for a cause.
show errdisable flap-values [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
The Flaps column in the display shows how many changes to the state within the specified time interval will cause an error to be detected and a port to be disabled. For example, the display shows that an error will be assumed and the port shut down if three Dynamic Trunking Protocol (DTP)-state (port mode access/trunk) or Port Aggregation Protocol (PAgP) flap changes occur during a 30-second interval, or if 5 link-state (link up/down) changes occur during a 10-second interval.
ErrDisable Reason Flaps Time (sec)----------------- ------ ----------pagp-flap 3 30dtp-flap 3 30link-flap 5 10Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show errdisable flap-values command:
Switch> show errdisable flap-valuesErrDisable Reason Flaps Time (sec)----------------- ------ ----------pagp-flap 3 30dtp-flap 3 30link-flap 5 10Related Commands
Enables error-disable detection for a specific cause or all causes.
Displays error-disable detection status.
Displays error-disable recovery timer information.
show interfaces status
Displays interface status or a list of interfaces in error-disabled state.
show errdisable recovery
Use the show errdisable recovery user EXEC command to display the error-disable recovery timer information.
show errdisable recovery [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
On the Catalyst 3750 switch, a gbic-invalid error-disable reason refers to an invalid small form-factor pluggable (SFP) interface.
Examples
This is an example of output from the show errdisable recovery command:
Switch> show errdisable recoveryErrDisable Reason Timer Status----------------- --------------udld Disabledbpduguard Disabledchannel-misconfig Disabledvmps Disabledpagp-flap Disableddtp-flap Disabledlink-flap Disabledpsecure-violation Disabledgbic-invalid Disabledloopback DisabledTimer interval:300 secondsInterfaces that will be enabled at the next timeout:Interface Errdisable reason Time left(sec)--------- ----------------- --------------Gi1/0/4 link-flap 279Related Commands
Configures the recover mechanism variables.
Displays error disable detection status.
Displays error condition recognition information.
show interfaces status
Displays interface status or a list of interfaces in error-disabled state.
show etherchannel
Use the show etherchannel user EXEC command to display EtherChannel information for a channel.
show etherchannel [channel-group-number] {brief | detail | load-balance | port | port-channel | summary} [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
If you do not specify a channel-group, all channel groups are displayed.
In the output, the Passive port list field is displayed only for Layer 3 port channels. This field means that the physical interface, which is still not up, is configured to be in the channel group (and indirectly is in the only port channel in the channel group).
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show etherchannel 1 detail command:
Switch> show etherchannel 1 detailGroup state = L2Ports: 2 Maxports = 8Port-channels: 1 Max Port-channels = 1Ports in the group:-------------------Port: Gi1/0/1------------Port state = Up Mstr In-BndlChannel group = 1 Mode = Desirable-Sl Gcchange = 0Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1Port index = 0 Load = 0x00Flags: S - Device is sending Slow hello. C - Device is in Consistent state.A - Device is in Auto mode. P - Device learns on physical port.d - PAgP is down.Timers: H - Hello timer is running. Q - Quit timer is running.S - Switching timer is running. I - Interface timer is running.Local information:Hello Partner PAgP Learning GroupPort Flags State Timers Interval Count Priority Method IfindexGi1/0/1 SC U6/S7 H 30s 1 128 Any 16Partner's information:Partner Partner Partner Partner GroupPort Name Device ID Port Age Flags Cap.Gi0/1 vegas-p2 0002.4b29.4600 Gi0/1 9s SC 10001Age of the port in the current state: 00d:00h:07m:52sPort: Gi1/0/2------------Port state = Up Mstr In-BndlChannel group = 1 Mode = Desirable-Sl Gcchange = 0Port-channel = Po1 GC = 0x00010001 Pseudo port-channel = Po1Port index = 0 Load = 0x00Flags: S - Device is sending Slow hello. C - Device is in Consistent state.A - Device is in Auto mode. P - Device learns on physical port.d - PAgP is down.Timers: H - Hello timer is running. Q - Quit timer is running.S - Switching timer is running. I - Interface timer is running.Local information:Hello Partner PAgP Learning GroupPort Flags State Timers Interval Count Priority Method IfindexGi1/0/2 SC U6/S7 H 30s 1 128 Any 16Partner's information:Partner Partner Partner Partner GroupPort Name Device ID Port Age Flags Cap.Gi0/2 vegas-p2 0002.4b29.4600 Gi0/2 4s SC 10001Age of the port in the current state: 00d:00h:07m:55sPort-channels in the group:----------------------Port-channel: Po1------------Age of the Port-channel = 00d:00h:08m:28sLogical slot/port = 1/0 Number of ports = 2GC = 0x00010001 HotStandBy port = nullPort state = Port-channel Ag-InusePorts in the Port-channel:Index Load Port EC state------+------+------+--------------------0 00 Gi1/0/1 desirable-sl0 00 Gi1/0/2 desirable-slTime since last port bundled: 00d:00h:07m:56s Gi1/0/1This is an example of output from the show etherchannel 1 summary command:
Switch> show etherchannel 1 summaryFlags: D - down P - in port-channelI - stand-alone s - suspendedR - Layer3 S - Layer2U - port-channel in useGroup Port-channel Ports-----+------------+-----------------------------------------------------------1 Po1(SU) Gi1/0/1(P) Gi1/0/2(P)This is an example of output from the show etherchannel 1 brief command:
Switch> show etherchannel 1 briefGroup state = L2Ports: 2 Maxports = 8Port-channels: 1 Max Port-channels = 1This is an example of output from the show etherchannel 1 port-channel command:
Switch> show etherchannel 1 port-channelPort-channels in the group:----------------------Port-channel: Po1------------Age of the Port-channel = 00d:00h:10m:41sLogical slot/port = 1/0 Number of ports = 2GC = 0x00010001 HotStandBy port = nullPort state = Port-channel Ag-InusePorts in the Port-channel:Index Load Port EC state------+------+------+-------------------0 00 Gi1/0/1 desirable-sl0 00 Gi1/0/2 desirable-slTime since last port bundled: 00d:00h:10m:08s Gi1/0/1Related Commands
Assigns an Ethernet interface to an EtherChannel group.
Accesses or creates the port channel.
show interfaces
Use the show interfaces privileged EXEC command to display the administrative and operational status of all interfaces or a specified interface.
show interfaces [interface-id | vlan vlan-id] [accounting | counters | description | etherchannel | flowcontrol | pruning | stats | status [err-disabled] | switchport | trunk] [ | {begin | exclude | include} expression]
Syntax Description
interface-id
(Optional) Valid interfaces include physical ports (including type, stack member, module, and port number) and port channels. The valid port-channel range is 1 to 12.
vlan vlan-id
(Optional) VLAN identification. The range is 1 to 4094.
accounting
(Optional) Display accounting information on the interface, including active protocols and input and output packets and octets.
counters
(Optional) See the show interfaces counters command.
description
(Optional) Display the administrative status and description set for an interface.
etherchannel
(Optional) Display interface EtherChannel information.
flowcontrol
(Optional) Display interface flowcontrol information
pruning
(Optional) Display interface trunk VTP pruning information.
stats
(Optional) Display the input and output packets by switching path for the interface.
status
(Optional) Display the status of the interface.
err-disabled
(Optional) Display interfaces in error-disabled state.
switchport
(Optional) Display the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings.
trunk
Display interface trunk information. If you do not specify an interface, information for only active trunking ports is displayed.
| begin
(Optional) Display begins with the line that matches the expression.
| exclude
(Optional) Display excludes lines that match the expression.
| include
(Optional) Display includes lines that match the specified expression.
expression
Expression in the output to use as a reference point.
Note
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show interfaces command for Gigabit Ethernet interface 3 on stack member 3:
Switch# show interfaces gigabitethernet 3/0/3GigabitEthernet3/0/3 is down, line protocol is downHardware is Gigabit Ethernet, address is 0009.43a7.d085 (bia 0009.43a7.d085)MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,reliability 255/255, txload 1/255, rxload 1/255Encapsulation ARPA, loopback not setKeepalive set (10 sec)Auto-duplex, Auto-speedinput flow-control is off, output flow-control is offARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang neverLast clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0Queueing strategy: fifoOutput queue :0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec2 packets input, 1040 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored0 watchdog, 0 multicast, 0 pause input0 input packets with dribble condition detected4 packets output, 1040 bytes, 0 underruns0 output errors, 0 collisions, 3 interface resets0 babbles, 0 late collision, 0 deferred0 lost carrier, 0 no carrier, 0 PAUSE output0 output buffer failures, 0 output buffers swapped outThis is an example of output from the show interfaces accounting command.
Switch# show interfaces accountingVlan1Protocol Pkts In Chars In Pkts Out Chars OutIP 1094395 131900022 559555 84077157Spanning Tree 283896 17033760 42 2520ARP 63738 3825680 231 13860Interface Vlan2 is disabledVlan7Protocol Pkts In Chars In Pkts Out Chars OutNo traffic sent or received on this interface.Vlan31Protocol Pkts In Chars In Pkts Out Chars OutNo traffic sent or received on this interface.GigabitEthernet1/0/1Protocol Pkts In Chars In Pkts Out Chars OutNo traffic sent or received on this interface.GigabitEthernet1/0/2Protocol Pkts In Chars In Pkts Out Chars OutNo traffic sent or received on this interface.GigabitEthernet1/0/3Protocol Pkts In Chars In Pkts Out Chars OutNo traffic sent or received on this interface.<output truncated>This is an example of output from the show interfaces gigabitethernet 1/0/4 description command when the interface has been described as Connects to Marketing by using the description interface configuration command.
Switch# show interfaces gigabitethernet1/0/4 descriptionInterface Status Protocol DescriptionGi1/0/4 up down Connects to MarketingThis is an example of output from the show interfaces etherchannel command when port channels are configured on the switch:
Switch# show interfaces etherchannel----Port-channel1:Age of the Port-channel = 03d:20h:17m:29sLogical slot/port = 10/1 Number of ports = 0GC = 0x00000000 HotStandBy port = nullPort state = Port-channel Ag-Not-InusePort-channel2:Age of the Port-channel = 03d:20h:17m:29sLogical slot/port = 10/2 Number of ports = 0GC = 0x00000000 HotStandBy port = nullPort state = Port-channel Ag-Not-InusePort-channel3:Age of the Port-channel = 03d:20h:17m:29sLogical slot/port = 10/3 Number of ports = 0GC = 0x00000000 HotStandBy port = nullPort state = Port-channel Ag-Not-InuseThis is an example of output from the show interfaces gigabitethernet1/0/6 pruning command when pruning is enabled in the VTP domain:
Switch# show interfaces gigibitethernet1/0/6 pruningPort Vlans pruned for lack of request by neighborGi1/0/6 3,4Port Vlans traffic requested of neighborGi1/0/6 1-3This is an example of output from the show interfaces stats command for a specified interface.
Switch# show interfaces vlan 1 statsSwitching path Pkts In Chars In Pkts Out Chars OutProcessor 1165354 136205310 570800 91731594Route cache 0 0 0 0Total 1165354 136205310 570800 91731594This is an example of partial output from the show interfaces status command. It displays the status of all interfaces.
Switch# show interfaces statusPort Name Status Vlan Duplex Speed TypeFa1/0/1 notconnect 1 auto auto 10/100BaseTXFa1/0/2 notconnect 1 auto auto 10/100BaseTXFa1/0/3 notconnect 1 auto auto 10/100BaseTXFa1/0/4 Test notconnect 1 auto auto 10/100BaseTXFa1/0/5 notconnect 1 auto auto 10/100BaseTX<output truncated>This is an example of output from the show interfaces status err-disabled command. It displays the status of interfaces in the error-disabled state.
Switch# show interfaces status err-disabledPort Name Status ReasonGi2/0/26 err-disabled gbic-invalidThis is an example of output from the show interfaces switchport command for a single interface. Table 2-16 describes the fields in the display.
Note
Switch# show interfaces gigabitethernet 1/0/3 switchportName: Gi1/0/3Switchport: EnabledAdministrative Mode: dynamic desirableOperational Mode: downAdministrative Trunking Encapsulation: negotiateNegotiation of Trunking: OnAccess Mode VLAN: 1 (default)Trunking Native Mode VLAN: 1 (default)Administrative private-vlan host-association: noneAdministrative private-vlan mapping: noneOperational private-vlan: noneTrunking VLANs Enabled: ALLPruning VLANs Enabled: 2-1001Protected: falseUnknown unicast blocked: disabledUnknown multicast blocked: disabledVoice VLAN: none (Inactive)Appliance trust: none
This is an example of output from the show interfaces interface trunk command. It displays trunking information for the interface.
Switch# show interfaces fastethernet 1/0/47 trunkPort Mode Encapsulation Status Native vlanFa1/0/47 desirable n-isl trunking 1Port Vlans allowed on trunkFa1/0/47 1-4094Port Vlans allowed and active in management domainFa1/0/47 1-4,20,34-36,38-55,57-58,66-67,100,139,200-201,1000Port Vlans in spanning tree forwarding state and not prunedFa1/0/47 1-4,20,34-36,38-55,57-58,66-67,100,139,200-201,1000Related Commands
Configures a port as a static-access or dynamic-access port.
Blocks unknown unicast or multicast traffic on an interface.
Configures the VLAN membership mode of a port.
Isolates unicast, multicast, and broadcast traffic at Layer 2 from other protected ports on the same switch.
switchport trunk pruning
Configures the VLAN pruning-eligible list for ports in trunking mode.
show interfaces counters
Use the show interfaces counters privileged EXEC command to display various counters for the switch or for a specific interface.
show interfaces [interface-id | vlan vlan-id] counters [broadcast | errors | module switch- number | multicast | trunk | unicast] [ | {begin | exclude | include} expression]
Syntax Description
s
Command Modes
Privileged EXEC
Command History
Usage Guidelines
If you do not enter any keywords, all counters for all interfaces are included.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of partial output from the show interfaces counters command. It displays all counters for the switch.
Switch# show interfaces countersPort InOctets InUcastPkts InMcastPkts InBcastPktsFa6/0/1 0 0 0 0Fa6/0/2 0 0 0 0Fa6/0/3 0 0 0 0Fa6/0/4 0 0 0 0Fa6/0/5 0 0 0 0<output truncated>Fa6/0/24 0 0 0 0Gi6/0/1 0 0 0 0Gi6/0/2 0 0 0 0Fa8/0/1 0 0 0 0Fa8/0/2 0 0 0 0<output truncated>This is an example of partial output from the show interfaces counters broadcast command. It displays dropped broadcast traffic for all interfaces.
Switch# show interfaces counters broadcastPort BcastSuppDiscardsFa1/0/1 0Fa1/0/2 0Fa1/0/3 0Fa1/0/4 0Fa1/0/5 0Fa1/0/6 0<output truncated>This is an example of partial output from the show interfaces counters module command for stack member 2. It displays all counters for the specified switch in the stack.
Switch# show interfaces counters module 2Sauron#show interface countersPort InOctets InUcastPkts InMcastPkts InBcastPktsFa2/0/1 520 2 0 0Fa2/0/2 520 2 0 0Fa2/0/3 520 2 0 0Fa2/0/4 520 2 0 0Fa2/0/5 520 2 0 0Fa2/0/6 520 2 0 0Fa2/0/7 520 2 0 0Fa2/0/8 520 2 0 0<output truncated>This is an example of output from the show interfaces counters trunk command. It displays trunk counters for all interfaces.
Switch# show interfaces counters trunkPort TrunkFramesTx TrunkFramesRx WrongEncapFa1/0/1 0 0 0Fa1/0/2 0 0 0Fa1/0/3 80678 4155 0Fa1/0/4 82320 126 0Fa1/0/5 0 0 0<output truncated>Related Commands
show ip igmp profile
Use the show ip igmp profile privileged EXEC command to view all configured Internet Group Management Protocol (IGMP) profiles or a specified IGMP profile.
show ip igmp profile [profile number] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
These are examples of output from the show ip igmp profile privileged EXEC command, with and without specifying a profile number. If no profile number is entered, the display includes all profiles configured on the switch.
Switch# show ip igmp profile 40IGMP Profile 40permitrange 233.1.1.1 233.255.255.255Switch# show ip igmp profileIGMP Profile 3range 230.9.9.0 230.9.9.0IGMP Profile 4permitrange 229.9.9.0 229.255.255.255Related Commands
show ip igmp snooping
Use the show ip igmp snooping privileged EXEC command to display the Internet Group Management Protocol (IGMP) snooping configuration of the switch or the VLAN.
show ip igmp snooping [mrouter] [multicast] [vlan vlan-id] [ | {begin | exclude | include} expression]
Syntax Description
mrouter
(Optional) See the show ip igmp snooping mrouter command.
multicast
(Optional) See the show ip igmp snooping multicast command.
vlan vlan-id
(Optional) Specify a VLAN; the range is 1 to 4094.
| begin
(Optional) Display begins with the line that matches the expression.
| exclude
(Optional) Display excludes lines that match the expression.
| include
(Optional) Display includes lines that match the specified expression.
expression
Expression in the output to use as a reference point.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use this command to display snooping configuration for the switch or for a specific VLAN.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show ip igmp snooping command. It shows how to display snooping characteristics for all VLANs on the switch.
Switch# show ip igmp snoopingvlan 1----------IGMP snooping is globally enabledIGMP snooping is enabled on this VlanIGMP snooping immediate-leave is disabled on this VlanIGMP snooping mrouter learn mode is pim-dvmrp on this VlanIGMP snooping is running in IGMP_ONLY mode on this Vlanvlan 2----------IGMP snooping is globally enabledIGMP snooping is enabled on this VlanIGMP snooping immediate-leave is disabled on this VlanIGMP snooping mrouter learn mode is pim-dvmrp on this VlanIGMP snooping is running in IGMP_ONLY mode on this Vlan<output truncated>This is an example of output from the show ip igmp snooping vlan 1 command. It shows how to display snooping characteristics for a specific VLAN.
Switch# show ip igmp snooping vlan 1IGMP snooping is globally enabledIGMP snooping is enabled on this VlanIGMP snooping immediate-leave is disabled on this VlanIGMP snooping mrouter learn mode is pim-dvmrp on this VlanIGMP snooping is running in IGMP_ONLY mode on this VlanRelated Commands
show ip igmp snooping mrouter
Use the show ip igmp snooping mrouter privileged EXEC command to display the Internet Group Management Protocol (IGMP) snooping dynamically learned and manually configured multicast router ports for the switch or for the specified multicast VLAN.
show ip igmp snooping mrouter [vlan vlan-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use this command to display multicast router ports on the switch or for a specific VLAN.
When multicast VLAN registration (MVR) is enabled, the show ip igmp snooping mrouter command displays MVR multicast router information and IGMP snooping information.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show ip igmp snooping mrouter command. It shows how to display multicast router ports on the switch.
Switch# show ip igmp snooping mrouterVlan ports---- -----1 Gi2/0/1(dynamic)Related Commands
show ip igmp snooping multicast
Use the show ip igmp snooping multicast privileged EXEC command to display the Internet Group Management Protocol (IGMP) snooping multicast table for the switch or multicast information for the selected parameter. Use with the vlan keyword to display the multicast table for a specified multicast VLAN or information about the selected parameter for the VLAN.
show ip igmp snooping multicast [vlan vlan-id] [count | dynamic [count | group ip_address] | group ip_address | user [count | group ip_address]] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use this command to display multicast information and the multicast table for specified parameters.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show ip igmp snooping multicast command without any keywords. It displays the multicast table for the switch.
Switch# show ip igmp snooping multicastVlan Group Address Type Ports---- ------------- ---- -----1 224.1.2.30 IGMP Fa3/0/31, Fa4/0/11 224.1.2.1 IGMP Fa3/0/31, Fa4/0/11 224.4.4.4 USER Fa1/0/4, Fa4/0/1This is an example of output from the show ip igmp snooping multicast count command. It displays the total number of multicast groups on the switch.
Switch# show ip igmp snooping multicast countTotal number of multicast groups: 3This is an example of output from the show ip igmp snooping multicast dynamic command. It shows only the entries learned through IGMP snooping.
Switch# show ip igmp snooping multicast dynamicVlan Group Address Type Ports---- ------------- ---- -----1 224.1.2.30 IGMP Fa4/0/1, Fa4/0/371 224.1.2.1 IGMP Fa4/0/1, Fa4/0/37This is an example of output from the show ip igmp snooping multicast group command. It shows the entries for the group with the specified IP address.
Switch# show ip igmp snooping multicast group 224.1.2.30Vlan Group Address Type Ports---- ------------- ---- -----1 224.1.2.30 IGMP Fa4/0/1, Fa4/0/37This is an example of output from the show ip igmp snooping multicast vlan command. It displays all entries belonging to the specified VLAN.
Switch# show ip igmp snooping multicast vlan 1Vlan Group Address Type Ports---- ------------- ---- -----1 224.1.2.30 IGMP Fa4/0/1, Fa4/0/371 224.1.2.1 IGMP Fa4/0/1, Fa4/0/37Related Commands
show mac-address-table
Use the show mac-address-table user EXEC command to display a specific MAC address table static and dynamic entry or the MAC address table static and dynamic entries on a specific interface or VLAN.
show mac-address-table [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table command:
Switch> show mac-address-tableMac Address Table------------------------------------------Vlan Mac Address Type Ports---- ----------- ---- -----All 0000.0000.0001 STATIC CPUAll 0000.0000.0002 STATIC CPUAll 0000.0000.0003 STATIC CPUAll 0000.0000.0009 STATIC CPUAll 0000.0000.0012 STATIC CPUAll 0180.c200.000b STATIC CPUAll 0180.c200.000c STATIC CPUAll 0180.c200.000d STATIC CPUAll 0180.c200.000e STATIC CPUAll 0180.c200.000f STATIC CPUAll 0180.c200.0010 STATIC CPU1 0030.9441.6327 DYNAMIC Gi6/0/23Total Mac Addresses for this criterion: 12Related Commands
clear mac-address-table dynamic
Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.
Displays the aging time in all VLANs or the specified VLAN.
Displays the number of addresses present in all VLANs or the specified VLAN.
Displays dynamic MAC address table entries only.
Displays the MAC address table information for the specified interface.
Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.
Displays the MAC address notification settings for all interfaces or the specified interface.
Displays static MAC address table entries only.
Displays the MAC address table information for the specified VLAN.
show mac-address-table address
Use the show mac-address-table address user EXEC command to display MAC address table information for the specified MAC address.
show mac-address-table address mac-address [interface interface-id] [vlan vlan-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table address command:
Switch# show mac-address-table address 0002.4b28.c482Mac Address Table------------------------------------------Vlan Mac Address Type Ports---- ----------- ---- -----All 0002.4b28.c482 STATIC CPUTotal Mac Addresses for this criterion: 1Related Commands
show mac-address-table aging-time
Use the show mac-address-table aging-time user EXEC command to display the aging time of a specific address table instance, all address table instances on a specified VLAN or, if a specific VLAN is not specified, on all VLANs.
show mac-address-table aging-time [vlan vlan-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
If no VLAN number is specified, then the aging time for all VLANs is displayed.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table aging-time command:
Switch> show mac-address-table aging-timeVlan Aging Time---- ----------1 300This is an example of output from the show mac-address-table aging-time vlan 10 command:
Switch> show mac-address-table aging-time vlan 10Vlan Aging Time---- ----------10 300Related Commands
show mac-address-table count
Use the show mac-address-table count user EXEC command to display the number of addresses present in all VLANs or the specified VLAN.
show mac-address-table count [vlan vlan-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
If no VLAN number is specified, the address count for all VLANs is displayed.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table count command:
Switch# show mac-address-table countMac Entries for Vlan : 1---------------------------Dynamic Address Count : 2Static Address Count : 0Total Mac Addresses : 2Related Commands
show mac-address-table dynamic
Use the show mac-address-table dynamic user EXEC command to display only dynamic MAC address table entries.
show mac-address-table dynamic [address mac-address] [interface interface-id] [vlan vlan-id]
[ | {begin | exclude | include} expression]Syntax Description
Command Modes
User EXEC; address keyword available only in privileged EXEC mode.
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table dynamic command:
Switch> show mac-address-table dynamicMac Address Table------------------------------------------Vlan Mac Address Type Ports---- ----------- ---- -----1 0030.b635.7862 DYNAMIC Gi6/0/21 00b0.6496.2741 DYNAMIC Gi6/0/2Total Mac Addresses for this criterion: 2Related Commands
clear mac-address-table dynamic
Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.
Displays MAC address table information for the specified MAC address.
Displays the aging time in all VLANs or the specified VLAN.
Displays the number of addresses present in all VLANs or the specified VLAN.
Displays the MAC address table information for the specified interface.
Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.
Displays static MAC address table entries only.
Displays the MAC address table information for the specified VLAN.
show mac-address-table interface
Use the show mac-address-table interface user command to display the MAC address table information for the specified interface in the specified VLAN.
show mac-address-table interface interface-id [vlan vlan-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table interface command:
Switch> show mac-address-table interface gigabitethernet6/0/2Mac Address Table------------------------------------------Vlan Mac Address Type Ports---- ----------- ---- -----1 0030.b635.7862 DYNAMIC Gi6/0/21 00b0.6496.2741 DYNAMIC Gi6/0/2Total Mac Addresses for this criterion: 2Related Commands
show mac-address-table multicast
Use the show mac-address-table multicast user EXEC command to display the Layer 2 multicast entries for all VLANs. Use the command in privileged EXEC mode to display specific multicast entries.
show mac-address-table multicast [vlan-id] [count | user [count]] [ | {begin | exclude | include} expression]
Syntax Description
Note
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table multicast command. It shows how to display all multicast entries for the switch.
Switch> show mac-address-table multicastVlan Mac Address Type Ports---- ----------- ---- -----1 0100.5e00.0128 IGMP Gi1/0/1This is an example of output from the show mac-address-table multicast count command. It shows how to display a total count of MAC address entries for the switch.
Switch> show mac-address-table multicast countMulticast MAC Entries for all vlans: 10This is an example of output from the show mac-address-table multicast vlan 1 count command. It shows how to display a total count of MAC address entries for a VLAN.
Switch> show mac-address-table multicast vlan 1 countMulticast MAC Entries for vlan 1: 4Related Commands
show mac-address-table notification
Use the show mac-address-table notification user EXEC command to display the MAC address notification settings for all interfaces or the specified interface.
show mac-address-table notification [interface [interface-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Use the show mac-address-table notification command without any keywords to display whether the feature is enabled or disabled, the MAC notification interval, the maximum number of entries allowed in the history table, and the history table contents.
Use the interface keyword to display the flags for all interfaces. If the interface-id is included, only the flags for that interface are displayed.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table notification command:
Switch> show mac-address-table notificationMAC Notification Feature is Enabled on the switchInterval between Notification Traps : 60 secsNumber of MAC Addresses Added : 4Number of MAC Addresses Removed : 4Number of Notifications sent to NMS : 3Maximum Number of entries configured in History Table : 100Current History Table Length : 3MAC Notification Traps are EnabledHistory Table contents----------------------History Index 0, Entry Timestamp 1032254, Despatch Timestamp 1032254MAC Changed Message :Operation: Added Vlan: 2 MAC Addr: 0000.0000.0001 Module: 0 Port: 1History Index 1, Entry Timestamp 1038254, Despatch Timestamp 1038254MAC Changed Message :Operation: Added Vlan: 2 MAC Addr: 0000.0000.0000 Module: 0 Port: 1Operation: Added Vlan: 2 MAC Addr: 0000.0000.0002 Module: 0 Port: 1Operation: Added Vlan: 2 MAC Addr: 0000.0000.0003 Module: 0 Port: 1History Index 2, Entry Timestamp 1074254, Despatch Timestamp 1074254MAC Changed Message :Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0000 Module: 0 Port: 1Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0001 Module: 0 Port: 1Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0002 Module: 0 Port: 1Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0003 Module: 0 Port: 1Related Commands
clear mac-address-table notification
Clears the MAC address notification global counters.
Displays MAC address table information for the specified MAC address.
Displays the aging time in all VLANs or the specified VLAN.
Displays the number of addresses present in all VLANs or the specified VLAN.
Displays dynamic MAC address table entries only.
Displays the MAC address table information for the specified interface.
Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.
Displays static MAC address table entries only.
Displays the MAC address table information for the specified VLAN.
show mac-address-table static
Use the show mac-address-table static user EXEC command to display static MAC address table entries only.
show mac-address-table static [address mac-address] [interface interface-id] [vlan vlan-id]
[ | {begin | exclude | include} expression]Syntax Description
Command Modes
User EXEC; address keyword available only in privileged EXEC mode.
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table static command:
Switch> show mac-address-table static
Mac Address Table------------------------------------------Vlan Mac Address Type Ports---- ----------- ---- -----All 0100.0ccc.cccc STATIC CPUAll 0180.c200.0000 STATIC CPUAll 0100.0ccc.cccd STATIC CPUAll 0180.c200.0001 STATIC CPUAll 0180.c200.0002 STATIC CPUAll 0180.c200.0003 STATIC CPUAll 0180.c200.0004 STATIC CPUAll 0180.c200.0005 STATIC CPUAll 0180.c200.0006 STATIC CPUAll 0180.c200.0007 STATIC CPUTotal Mac Addresses for this criterion: 10Related Commands
show mac-address-table vlan
Use the show mac-address-table vlan user EXEC command to display the MAC address table information for the specified VLAN.
show mac-address-table vlan vlan-id [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mac-address-table vlan 1 command:
Switch> show mac-address-table vlan 1Mac Address Table------------------------------------------Vlan Mac Address Type Ports---- ----------- ---- -----1 0100.0ccc.cccc STATIC CPU1 0180.c200.0000 STATIC CPU1 0100.0ccc.cccd STATIC CPU1 0180.c200.0001 STATIC CPU1 0180.c200.0002 STATIC CPU1 0180.c200.0003 STATIC CPU1 0180.c200.0004 STATIC CPU1 0180.c200.0005 STATIC CPU1 0180.c200.0006 STATIC CPU1 0180.c200.0007 STATIC CPUTotal Mac Addresses for this criterion: 10Related Commands
show mls qos
Use the show mls qos user EXEC command to display global quality of service (QoS) configuration information.
show mls qos [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mls qos command:
Switch> show mls qosQos is enabledRelated Commands
show mls qos aggregate-policer
Use the show mls qos aggregate-policer user EXEC command to display the quality of service (QoS) aggregate policer configuration. A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if either maximum is exceeded.
show mls qos aggregate-policer [aggregate-policer-name] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mls qos aggregate-policer command:
Switch> show mls qos aggregate-policer policer1aggregate-policer policer1 88000 2000000 exceed-action dropNot used by any policy mapRelated Commands
Defines policer parameters that can be shared by multiple classes within a policy map.
show mls qos input-queue
Use the show mls qos input-queue user EXEC command to display quality of service (QoS) settings for the ingress queues.
show mls qos input-queue [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mls qos input-queue command:
Switch> show mls qos input-queueQueue : 1 2----------------------------------------------buffers : 90 10bandwidth : 4 4priority : 0 10threshold1: 100 100threshold2: 100 100Related Commands
show mls qos interface
Use the show mls qos interface user EXEC command to display quality of service (QoS) information at the interface level.
show mls qos interface [interface-id] [buffers | queueing | statistics]
[ | {begin | exclude | include} expression]Syntax Description
Note
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mls qos interface command:
Switch# show mls qos interface fastethernet1/0/7FastEthernet1/0/7Attached policy-map for Ingress: videowizard_policytrust state: not trustedCOS override: disdefault COS: 0DSCP Mutation Map: Default DSCP Mutation MapThis is an example of output from the show mls qos interface fastethernet1/0/7 buffers command:
Switch> show mls qos interface fastethernet1/0/7 buffersFastEthernet1/0/7The port is mapped to qset : 1The allocations between the queues are : 25 25 25 25This is an example of output from the show mls qos interface fastethernet1/0/7 queueing command:
Switch> show mls qos interface fastethernet1/0/7 queueingFastEthernet1/0/7Shaped queue weights (absolute) : 25 0 0 0Shared queue weights : 25 25 25 25The port bandwidth is limited to: 100%The port is mapped to qset : 1This is an example of output from the show mls qos interface fastethernet1/0/7 statistics command. Table 2-17 describes the fields in this display.
Switch> show mls qos interface fastethernet1/0/7 statisticsFastEthernet1/0/7dscp: incoming-------------------------------0 - 4 : 4213 0 0 0 05 - 9 : 0 0 0 0 010 - 14 : 0 0 0 0 015 - 19 : 0 0 0 0 020 - 24 : 0 0 0 0 025 - 29 : 0 0 0 0 030 - 34 : 0 0 0 0 035 - 39 : 0 0 0 0 040 - 44 : 0 0 0 0 045 - 49 : 0 0 0 6 050 - 54 : 0 0 0 0 055 - 59 : 0 0 0 0 060 - 64 : 0 0 0 0dscp: outgoing-------------------------------0 - 4 : 363949 0 0 0 05 - 9 : 0 0 0 0 010 - 14 : 0 0 0 0 015 - 19 : 0 0 0 0 020 - 24 : 0 0 0 0 025 - 29 : 0 0 0 0 030 - 34 : 0 0 0 0 035 - 39 : 0 0 0 0 040 - 44 : 0 0 0 0 045 - 49 : 0 0 0 0 050 - 54 : 0 0 0 0 055 - 59 : 0 0 0 0 060 - 64 : 0 0 0 0cos: incoming-------------------------------0 - 4 : 132067 0 0 0 05 - 9 : 0 0 0cos: outgoing-------------------------------0 - 4 : 739155 0 0 0 05 - 9 : 90 0 0Policer: Inprofile: 0 OutofProfile: 0
Related Commands
show mls qos maps
Use the show mls qos maps user EXEC command to display quality of service (QoS) mapping information. During classification, QoS uses the mapping tables to represent the priority of the traffic and to derive a corresponding class of service (CoS) or Differentiated Services Code Point (DSCP) value from the received CoS, DSCP, or IP precedence value.
show mls qos maps [cos-dscp | cos-input-q | cos-output-q | dscp-cos | dscp-input-q | dscp-mutation dscp-mutation-name | dscp-output-q | ip-prec-dscp | policed-dscp] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
The policed-DSCP, DSCP-to-CoS, and the DSCP-to-DSCP-mutation maps are displayed as a matrix. The d1 column specifies the most-significant digit in the DSCP. The d2 row specifies the least-significant digit in the DSCP. The intersection of the d1 and d2 values provides the policed-DSCP, the CoS, or the mutated-DSCP value. For example, in the DSCP-to-CoS map, a DSCP value of 43 corresponds to a CoS value of 5.
The DSCP input queue threshold and the DSCP output queue threshold maps are displayed as a matrix. The d1 column specifies the most-significant digit of the DSCP number. The d2 row specifies the least-significant digit in the DSCP number. The intersection of the d1 and the d2 values provides the queue ID and threshold ID. For example, in the DSCP input queue threshold map, a DSCP value of 43 corresponds to queue 2 and threshold 1 (02-01).
The CoS input queue threshold and the CoS output queue threshold maps show the CoS value in the top row and the corresponding queue ID and threshold ID in the second row. For example, in the CoS input queue threshold map, a CoS value of 5 corresponds to queue 2 and threshold 1 (2-1).
Examples
This is an example of output from the show mls qos maps command:
Switch> show mls qos mapsPoliced-dscp map:d1 : d2 0 1 2 3 4 5 6 7 8 9---------------------------------------0 : 00 01 02 03 04 05 06 07 08 091 : 10 11 12 13 14 15 16 17 18 192 : 20 21 22 23 24 25 26 27 28 293 : 30 31 32 33 34 35 36 37 38 394 : 40 41 42 43 44 45 46 47 48 495 : 50 51 52 53 54 55 56 57 58 596 : 60 61 62 63Dscp-cos map:d1 : d2 0 1 2 3 4 5 6 7 8 9---------------------------------------0 : 00 00 00 00 00 00 00 00 01 011 : 01 01 01 01 01 01 02 02 02 022 : 02 02 02 02 03 03 03 03 03 033 : 03 03 04 04 04 04 04 04 04 044 : 05 05 05 05 05 05 05 05 06 065 : 06 06 06 06 06 06 07 07 07 076 : 07 07 07 07Cos-dscp map:cos: 0 1 2 3 4 5 6 7--------------------------------dscp: 0 8 16 24 32 40 48 56IpPrecedence-dscp map:ipprec: 0 1 2 3 4 5 6 7--------------------------------dscp: 0 8 16 24 32 40 48 56Dscp-outputq-threshold map:d1 :d2 0 1 2 3 4 5 6 7 8 9--------------------------------------------------------------------0 : 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-011 : 02-01 02-01 02-01 02-01 02-01 02-01 03-01 03-01 03-01 03-012 : 03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-013 : 03-01 03-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-014 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 04-01 04-015 : 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-016 : 04-01 04-01 04-01 04-01Dscp-inputq-threshold map:d1 :d2 0 1 2 3 4 5 6 7 8 9--------------------------------------------------------------------0 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-011 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-012 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-013 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-014 : 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01 01-01 01-015 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-016 : 01-01 01-01 01-01 01-01Cos-outputq-threshold map:cos: 0 1 2 3 4 5 6 7------------------------------------queue-threshold: 2-1 2-1 3-1 3-1 4-1 1-1 4-1 4-1Cos-inputq-threshold map:cos: 0 1 2 3 4 5 6 7------------------------------------queue-threshold: 1-1 1-1 1-1 1-1 1-1 2-1 1-1 1-1Dscp-dscp mutation map:Default DSCP Mutation Map:d1 : d2 0 1 2 3 4 5 6 7 8 9---------------------------------------0 : 00 01 02 03 04 05 06 07 08 091 : 10 11 12 13 14 15 16 17 18 192 : 20 21 22 23 24 25 26 27 28 293 : 30 31 32 33 34 35 36 37 38 394 : 40 41 42 43 44 45 46 47 48 495 : 50 51 52 53 54 55 56 57 58 596 : 60 61 62 63Related Commands
show mls qos queue-set
Use the show mls qos queue-set user EXEC command to display quality of service (QoS) settings for the egress queues.
show mls qos queue-set [qset-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mls qos queue-set command:
Switch> show mls qos queue-setQueueset: 1Queue : 1 2 3 4----------------------------------------------buffers : 25 25 25 25threshold1: 100 50 100 100threshold2: 100 50 100 100reserved : 50 100 50 50maximum : 400 400 400 400Queueset: 2Queue : 1 2 3 4----------------------------------------------buffers : 25 25 25 25threshold1: 100 50 100 100threshold2: 100 50 100 100reserved : 50 100 50 50maximum : 400 400 400 400Related Commands
show monitor
Use the show monitor user EXEC command to display information about all Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) sessions on the switch. Use the command with keywords to show a specific session, all sessions, all local sessions, or all remote sessions.
show monitor [session {session_number | all | local | remote}] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
The output is the same for the show monitor command and the show monitor session all command.
Examples
This is an example of output for the show monitor user EXEC command:
Switch# show monitor
Session 1---------Type :Local SessionSource Ports:RX Only: Fa4/0/24TX Only: NoneBoth: Fa2/0/1-2,Fa4/0/1-5Source VLANs:RX Only: NoneTX Only: NoneBoth: NoneSource RSPAN VLAN:NoneDestination Ports:Fa2/0/18Encapsulation:ReplicateFilter VLANs: NoneDest RSPAN VLAN: NoneSession 2---------Type :Remote Source SessionSource Ports:RX Only: NoneTX Only: NoneBoth: NoneSource VLANs:RX Only: NoneTX Only: 10Both: 1-9Source RSPAN VLAN:NoneDestination Ports:NoneFilter VLANs: NoneDest RSPAN VLAN: 105This is an example of output for the show monitor privileged EXEC command for RSPAN source session 1:
Switch# show monitor session 1Session 1---------Type :Local SessionSource Ports:RX Only: Fa4/0/24TX Only: NoneBoth: Fa2/0/1-2,Fa4/0/1-5Source VLANs:RX Only: NoneTX Only: NoneBoth: NoneSource RSPAN VLAN:NoneDestination Ports:Fa2/0/18Encapsulation:ReplicateFilter VLANs: NoneDest RSPAN VLAN: NoneRelated Commands
show mvr
Use the show mvr privileged EXEC command without keywords to display the current Multicast VLAN Registration (MVR) global parameter values, including whether or not MVR is enabled, the MVR multicast VLAN, the maximum query response time, the number of multicast groups, and the MVR mode (dynamic or compatible).
show mvr [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mvr command:
Switch# show mvrMVR Running: TRUEMVR multicast VLAN: 1MVR Max Multicast Groups: 256MVR Current multicast groups: 0MVR Global query response time: 5 (tenths of sec)MVR Mode: compatibleIn the preceding display, the maximum number of multicast groups is fixed at 256. The MVR mode is either compatible (for inter-operability with Catalyst 2900 XL and Catalyst 3500 XL switches) or dynamic (where operation is consistent with IGMP snooping operation and dynamic MVR membership on source ports is supported).
Related Commands
show mvr interface
Use the show mvr interface privileged EXEC command without keywords to display the Multicast VLAN Registration (MVR) receiver and source ports. Use the command with keywords to display MVR parameters for a specific receiver port.
show mvr interface [interface-id [members [vlan vlan-id]]] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
If the entered port identification is a non-MVR port or a source port, the command returns an error message. For receiver ports, it displays the port type, per port status, and Immediate-Leave setting.
If you enter the members keyword, all MVR group members on the interface are displayed. If you enter a VLAN ID, all MVR group members in the VLAN are displayed.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mvr interface command:
Switch# show mvr interfacePort Type Status Immediate Leave---- ---- ------- ---------------Gi1/0/1 SOURCE ACTIVE/UP DISABLEDGi1/0/2 RECEIVER ACTIVE/DOWN DISABLEDGi1/0/5 RECEIVER ACTIVE/UP ENABLEDIn the preceding display, Status is defined as follows:
•
•
•
This is an example of output from the show mvr interface gigabitethernet 1/0/2 command:
Switch# show mvr interface gigabitethernet1/0/2Type: RECEIVER Status: ACTIVE Immediate Leave: DISABLEDThis is an example of output from the show mvr interface gigabitethernet1/0/6 members command:
Switch# show mvr interface gigabitethernet1/0/6 members239.255.0.0 DYNAMIC ACTIVE239.255.0.1 DYNAMIC ACTIVE239.255.0.2 DYNAMIC ACTIVE239.255.0.3 DYNAMIC ACTIVE239.255.0.4 DYNAMIC ACTIVE239.255.0.5 DYNAMIC ACTIVE239.255.0.6 DYNAMIC ACTIVE239.255.0.7 DYNAMIC ACTIVE239.255.0.8 DYNAMIC ACTIVE239.255.0.9 DYNAMIC ACTIVERelated Commands
show mvr members
Use the show mvr members privileged EXEC command to display all receiver and source ports that are currently members of an IP multicast group.
show mvr members [ip-address] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The show mvr members command applies to receiver and source ports. For MVR compatible mode, all source ports are members of all multicast groups.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show mvr members command:
Switch# show mvr membersMVR Group IP Status Members------------ ------ -------239.255.0.1 ACTIVE Gi1/0/1(d), Gi1/0/5(s)239.255.0.2 INACTIVE None239.255.0.3 INACTIVE None239.255.0.4 INACTIVE None239.255.0.5 INACTIVE None239.255.0.6 INACTIVE None239.255.0.7 INACTIVE None239.255.0.8 INACTIVE None239.255.0.9 INACTIVE None239.255.0.10 INACTIVE None<output truncated>239.255.0.255 INACTIVE None239.255.1.0 INACTIVE NoneThis is an example of output from the show mvr members 239.255.0.2 command. It shows how to view the members of the IP multicast group 239.255.0.2:
Switch# show mvr members 239.255.0.2239.255.003.--22 ACTIVE Gi1/0/1(d), Gi1/0/2(d), Gi1/0/3(d),Gi1/0/4(d), Gi1/0/5(s)Related Commands
show pagp
Use the show pagp user EXEC command to display Port Aggregation Protocol (PAgP) channel-group information.
show pagp [channel-group-number] {counters | internal | neighbor} [ | {begin | exclude | include} expression]]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
You can enter any show pagp command to display the active channel-group information. To display the nonactive information, enter the show pagp command with a channel-group number.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show pagp 1 counters command:
Switch> show pagp 1 countersInformation FlushPort Sent Recv Sent Recv--------------------------------------Channel group: 1Gi1/0/1 45 42 0 0Gi1/0/2 45 41 0 0This is an example of output from the show pagp 1 internal command:
Switch> show pagp 1 internalFlags: S - Device is sending Slow hello. C - Device is in Consistent state.A - Device is in Auto mode.Timers: H - Hello timer is running. Q - Quit timer is running.S - Switching timer is running. I - Interface timer is running.Channel group 1Hello Partner PAgP Learning GroupPort Flags State Timers Interval Count Priority Method IfindexGi1/0/1 SC U6/S7 H 30s 1 128 Any 16Gi1/0/2 SC U6/S7 H 30s 1 128 Any 16This is an example of output from the show pagp 1 neighbor command:
Switch> show pagp 1 neighborFlags: S - Device is sending Slow hello. C - Device is in Consistent state.A - Device is in Auto mode. P - Device learns on physical port.Channel group 1 neighborsPartner Partner Partner Partner GroupPort Name Device ID Port Age Flags Cap.Gi0/1 vegas-p2 0002.4b29.4600 Gi0/1 9s SC 10001Gi0/2 vegas-p2 0002.4b29.4600 Gi0/2 24s SC 10001Related Commands
show policy-map
Use the show policy-map user EXEC command to display quality of service (QoS) policy maps, which define classification criteria for incoming traffic. Policy maps can include policers that specify the bandwidth limitations and the action to take if the limits are exceeded.
show policy-map [policy-map-name [class class-map-name]] [ | {begin | exclude | include} expression]
Syntax Description
Note
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show policy-map command:
Switch> show policy-mapPolicy Map videowizard_policy2class videowizard_10-10-10-10set ip dscp 34police 100000000 2000000 exceed-action dropPolicy Map mypolicyclass dscp5set ip dscp 6Related Commands
Creates or modifies a policy map that can be attached to multiple interfaces to specify a service policy.
show port-security
Use the show port-security privileged EXEC command to display port-security settings for an interface or for the switch.
show port-security [interface interface-id] [address] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
If you enter the command without keywords, the output includes the administrative and operational status of all secure ports on the switch.
If you enter an interface-id, the command displays port security settings for the interface.
If you enter the address keyword, the show port-security address command displays the secure MAC addresses for all interfaces and the aging information for each secure address.
If you enter an interface-id and the address keyword, the show port-security interface interface-id address command displays all the MAC addresses for the interface with aging information for each secure address. You can also use this command to display all the MAC addresses for an interface even if you have not enabled port security on it.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of the output from the show port-security command:
Switch# show port-securitySecure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action(Count) (Count) (Count)-------------------------------------------------------------------------------Gi1/0/1 1 0 0 Shutdown-------------------------------------------------------------------------------Total Addresses in System : 1Max Addresses limit in System : 1024This is an example of output from the show port-security interface gigabitethernet1/0/1 command:
Switch# show port-security interface gigabitethernet1/0/1Port Security : EnabledPort status : SecureUpViolation mode : ShutdownMaximum MAC Addresses : 1Total MAC Addresses : 0Configured MAC Addresses : 0Aging time : 0 minsAging type : AbsoluteSecureStatic address aging : DisabledSecurity Violation count : 0This is an example of output from the show port-security address command:
Switch# show port-security addressSecure Mac Address Table-------------------------------------------------------------------Vlan Mac Address Type Ports Remaining Age(mins)---- ----------- ---- ----- -------------1 0006.0700.0800 SecureConfigured Gi1/0/2 1-------------------------------------------------------------------Total Addresses in System : 1Max Addresses limit in System : 1024This is an example of output from the show port-security interface gigabitethernet1/0/2 address command:
Switch# show port-security interface gigabitethernet1/0/2 addressSecure Mac Address Table-------------------------------------------------------------------Vlan Mac Address Type Ports Remaining Age(mins)---- ----------- ---- ----- -------------1 0006.0700.0800 SecureConfigured Gi1/0/2 1-------------------------------------------------------------------Total Addresses: 1Related Commands
Enables port security on a port, restricts the use of the port to a user-defined group of stations, and configures secure MAC addresses.
show running-config vlan
Use the show running-config vlan privileged EXEC command to display all or a range of VLAN-related configurations on the switch.
show running-config vlan [vlan-ids] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show running-config vlan command:
Switch# show running-config vlan 220-2000Building configuration...Current configuration:!vlan 239!vlan 501!vlan 1000!vlan 1002tb-vlan1 1tb-vlan2 1003!vlan 1003tb-vlan1 1tb-vlan2 1002!vlan 1004bridge 1endRelated Commands
show sdm prefer
Use the show sdm prefer privileged EXEC command to display information about the Switch Database Management (SDM) templates that can be used to maximize system resources for a particular feature, or use the command without a keyword to display the template in use.
show sdm prefer [default | routing | vlan] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
If you did not reload the switch after entering the sdm prefer global configuration command, the show sdm prefer privileged EXEC command displays the template currently in use and not the newly configured template.
The numbers displayed for each template represent an approximate maximum number for each feature resource. The actual number might vary, depending on the actual number of other features configured.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show sdm prefer command, displaying the template in use.
Switch# show sdm preferThe current template is vlan template.The selected template optimizes the resources inthe switch to support this level of features for8 routed interfaces and 1024 VLANs.number of unicast mac addresses: 12Knumber of igmp groups + multicast routes: 1Knumber of unicast routes: 0number of qos aces: 512number of security aces: 1KThis is an example of output from the show sdm prefer default command:
Switch# show sdm prefer default"default" template:The selected template optimizes the resources inthe switch to support this level of features for8 routed interfaces and 1024 VLANs.number of unicast mac addresses: 6Knumber of igmp groups + multicast routes: 1Knumber of unicast routes: 8Knumber of directly connected hosts: 6Knumber of indirect routes: 2Knumber of qos aces: 512number of security aces: 1KThis is an example of output from the show sdm prefer routing command on a switch, displaying the routing template characteristics:
Switch# show sdm prefer routing"routing" template:The selected template optimizes the resources inthe switch to support this level of features for8 routed interfaces and 1024 VLANs.number of unicast mac addresses: 3Knumber of igmp groups + multicast routes: 1Knumber of unicast routes: 11Knumber of directly connected hosts: 3Knumber of indirect routes: 8Knumber of qos aces: 512number of security aces: 1KRelated Commands
Sets the SDM template to maximize resources for routing or VLANs or to the default template.
show spanning-tree
Use the show spanning-tree user EXEC command to display spanning-tree stateinformation.
show spanning-tree [bridge-group | active [detail] | backbonefast | blockedports | bridge | detail [active] | inconsistentports | interface interface-id | pathcost method | root | summary [totals] | uplinkfast | vlan vlan-id] [ | {begin | exclude | include} expression]
show spanning-tree bridge-group [active [detail] | blockedports | bridge | detail [active] | inconsistentports | interface interface-id | root | summary] [| {begin | exclude | include} expression]
show spanning-tree vlan vlan-id [active [detail] | blockedports | bridge | detail [active] | inconsistentports | interface interface-id | root | summary] [ | {begin | exclude | include} expression]
show spanning-tree {vlan vlan-id | bridge-group} bridge [address | detail | forward-time | hello-time | id | max-age | priority [system-id] | protocol] [ | {begin | exclude | include} expression]
show spanning-tree {vlan vlan-id | bridge-group} root [address | cost | detail | forward-time | hello-time | id | max-age | port | priority [system-id] [ | {begin | exclude | include} expression]
show spanning-tree interface interface-id [active [detail] | cost | detail [active] | inconsistency | portfast | priority | rootcost | state] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC; indicated keywords available only in privileged EXEC mode
Command History
Usage Guidelines
If the vlan-id variable is omitted, the command applies to the spanning-tree instance for all VLANs.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show spanning-tree active command:
Switch# show spanning-tree activeBridge group 1Spanning tree enabled protocol vlan-bridgeRoot ID Priority 32761Address 0003.fd63.2f40This bridge is the rootHello Time 10 sec Max Age 31 sec Forward Delay 21 secBridge ID Priority 32761Address 0003.fd63.2f40Hello Time 10 sec Max Age 31 sec Forward Delay 21 secAging Time 300Interface Port ID Designated Port IDName Prio.Nbr Cost Sts Cost Bridge ID Prio.Nbr---------------- -------- --------- --- --------- -------------------- --------Vl1 128.2 6 FWD 0 32761 0003.fd63.2f40 128.2VLAN0001Spanning tree enabled protocol ieeeRoot ID Priority 32768Address 0001.425b.1c40Cost 57Port 3 (GigabitEthernet1/0/1)Hello Time 2 sec Max Age 20 sec Forward Delay 15 secBridge ID Priority 32769 (priority 32768 sys-id-ext 1)Address 0003.fd63.2f00Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 305Interface Port ID Designated Port IDName Prio.Nbr Cost Sts Cost Bridge ID Prio.Nbr---------------- -------- --------- --- --------- -------------------- --------Gi1/0/1 128.3 19 FWD 38 32768 0002.b9d7.3240 128.15Gi1/0/2 128.4 19 FWD 57 32769 0003.fd63.2f00 128.4Gi1/0/23 128.25 19 FWD 57 32769 0003.fd63.2f00 128.25St1 128.571 100 FWD 57 32769 0003.fd63.2f00 128.571Gi2/0/37 128.93 200000 FWD 0 32768 0003.fd63.2f00 128.93St2 128.572 2000000 FWD 0 32768 0003.fd63.2f00 128.572<output truncated>This is an example of output from the show spanning-tree detail command:
Switch# show spanning-tree detailBridge group 1 is executing the vlan-bridge compatible Spanning Tree protocolBridge Identifier has priority 32761, address 0003.fd63.2f40Configured hello time 10, max age 31, forward delay 21We are the root of the spanning treeTopology change flag not set, detected flag not setNumber of topology changes 2 last change occurred 00:02:52 agofrom Vlan1Times: hold 1, topology change 52, notification 10hello 10, max age 31, forward delay 21Timers: hello 9, topology change 0, notification 0, aging 300Port 2 (Vlan1) of Bridge group 1 is forwardingPort path cost 6, Port priority 128, Port Identifier 128.2.Designated root has priority 32761, address 0003.fd63.2f40Designated bridge has priority 32761, address 0003.fd63.2f40Designated port id is 128.2, designated path cost 0Timers: message age 0, forward delay 0, hold 0Number of transitions to forwarding state: 1BPDU: sent 94, received 28<output truncated>This is an example of output from the show spanning-tree interface gigabitethernet1/ 0/1 command:
Switch# show spanning-tree interface gigabitethernet1/0/1Vlan Port ID Designated Port IDName Prio.Nbr Cost Sts Cost Bridge ID Prio.Nbr---------------- -------- --------- --- --------- -------------------- --------VLAN0001 128.3 19 FWD 38 32768 0002.b9d7.3240 128.15This is an example of output from the show spanning-tree summary command:
Switch# show spanning-tree summaryRoot bridge for: Bridge group 1, VLAN0002, VLAN0004, VLAN0006, VLAN0031,VLAN0032, VLAN0033, VLAN0034, VLAN0035, VLAN0036, VLAN0037, VLAN0038,VLAN0039, VLAN0040, VLAN0041, VLAN0042, VLAN0043, VLAN0044, VLAN0045,VLAN0046, VLAN0047, VLAN0048, VLAN0049, VLAN0050, VLAN0051, VLAN0052,VLAN0053, VLAN0054, VLAN0055, VLAN0056, VLAN0057, VLAN0058, VLAN0066,VLAN0100, VLAN0200, VLAN0201, VLAN1000.Extended system ID is enabled.PortFast BPDU Guard is disabledEtherChannel misconfiguration guard is enabledUplinkFast is disabledBackboneFast is disabledDefault pathcost method used is shortName Blocking Listening Learning Forwarding STP Active---------------------- -------- --------- -------- ---------- ----------Bridge group 1 0 0 0 0 0---------------------- -------- --------- -------- ---------- ----------1 bridge 0 0 0 0 0Name Blocking Listening Learning Forwarding STP Active---------------------- -------- --------- -------- ---------- ----------VLAN0001 1 0 0 11 12VLAN0002 3 0 0 1 4VLAN0004 3 0 0 1 4VLAN0006 3 0 0 1 4VLAN0031 3 0 0 1 4VLAN0032 3 0 0 1 4<output truncated>---------------------- -------- --------- -------- ---------- ----------37 vlans 109 0 0 47 156Blocking Listening Learning Forwarding STP Active---------------------- -------- --------- -------- ---------- ----------Total 109 0 0 47 156Related Commands
show storm-control
Use the show storm-control user EXEC command to display broadcast, multicast, or unicast storm control settings on the switch or on the specified interface or to display storm-control history.
show storm-control [interface-id] [broadcast | multicast | unicast] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
When you enter an interface-id, the storm control thresholds are displayed for the specified interface.
If you do not enter an interface-id, settings are displayed for one traffic type for all ports on the switch.
If you do not enter a traffic type, settings are displayed for broadcast storm control.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of a partial output from the show storm-control command when no keywords are entered. Because no traffic type keyword was entered, the broadcast storm control settings are displayed.
Switch> show storm-controlInterface Filter State Level Current--------- ------------- ------- -------Gi1/0/1 inactive 100.00% N/AGi1/0/2 inactive 100.00% N/AGi1/0/3 inactive 100.00% N/AGi1/0/4 inactive 100.00% N/AGi1/0/5 inactive 100.00% N/AGi1/0/6 inactive 100.00% N/AGi1/0/7 inactive 100.00% N/AGi1/0/8 inactive 100.00% N/AGi1/0/9 inactive 100.00% N/AGi1/0/10 inactive 100.00% N/AGi1/0/11 inactive 100.00% N/AGi1/0/12 inactive 100.00% N/AGi1/0/13 inactive 100.00% N/AGi1/0/14 inactive 100.00% N/A<output truncated>This is an example of output from the show storm-control command for a specified interface. Because no traffic type keyword was entered, the broadcast storm control settings are displayed.
Switch> show storm-control gigabitethernet 2/0/1Interface Filter State Level Current--------- ------------- ------- -------Gi2/0/1 inactive 100.00% N/AThis is an example of output from the show storm-control command for a specified interface and traffic type, where no storm control threshold has been set for that traffic type on the specified interface.
Switch> show storm-control gigabitethernet1/0/5 multicastInterface Filter State Level Current--------- ------------- ------- -------Gi1/0/5 inactive 100.00% N/ATable 2-18 describes the fields in the show storm-control display.
Related Commands
show switch
Use the show switch user EXEC command to display information related to the stack member or the switch stack.
show switch [stack-member-number | detail | neighbors | stack-ports ] [ | {begin | exclude | include} expression
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
These are the states displayed from this command:
•
Stack members not participating in a stack master election remain in the waiting state until the stack master is elected and ready.
•
•
•
•
A typical state transition for a stack member (including a stack master) booting up is Waiting -> Initializing -> Ready.
A typical state transition for a stack member becoming a stack master after a stack master election is Ready -> Master Re-Init -> Ready.
A typical state transition for a stack member in version mismatch (VM) mode is Waiting -> Ver Mismatch.
The word slave in the output refers to a stack member other than the stack master.
Examples
This example shows how to display summary information about stack member 6:
Switch(config)# show switch 6CurrentSwitch# Role Mac Address Priority State--------------------------------------------------------6 Slave 0003.e31a.1e00 1 ReadyThis example shows how to display summary information about a switch stack:
Switch(config)# show switchCurrentSwitch# Role Mac Address Priority State--------------------------------------------------------6 Slave 0003.e31a.1e00 1 Ready*8 Master 0003.e31a.1200 1 ReadyThis example shows detailed information about a switch stack:
Switch(config)# show switch detailCurrentSwitch# Role Mac Address Priority State--------------------------------------------------------6 Slave 0003.e31a.1e00 1 Ready*8 Master 0003.e31a.1200 1 ReadyStack Port Status NeighborsSwitch# Port A Port B Port A Port B--------------------------------------------------------6 Down Ok None 88 Ok Down 6 NoneThis example shows how to display neighbor information for a switch stack:
Switch(config)# show switch neighborsSwitch # Port A Port B-------- ------ ------6 None 88 6 NoneThis example shows how to display stack-port information for a switch stack:
Switch(config)# show switch stack-portsSwitch # Port A Port B-------- ------ ------6 Down Ok8 Ok DownRelated Commands
show system mtu
Use the show system mtu privileged EXEC command to display the global maximum transmission unit (MTU) or maximum packet size set for the switch.
show system mtu [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
If you have used the system mtu or system mtu jumbo global configuration command to change the MTU setting, the new setting does not take effect until you reset the switch.
The system MTU refers to 10/100 ports; the system jumbo MTU refers to Gigabit ports.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show system mtu command:
Switch# show system mtuSystem MTU size is 1500 bytesSystem Jumbo MTU size is 1500 bytesRelated CommandsSystem MTU size is 1500 bytes
Related CommandsSystem Jumbo MTU size is 1500 bytes
show udld
Use the show udld user EXEC command to display UniDirectional Link Detection (UDLD) administrative and operational status for all ports or the specified port.
show udld [interface-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
If you do not enter an interface-id, administrative and operational UDLD status for all interfaces are displayed.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show udld gigabitethernet6/0/11 command. For this display, UDLD is enabled on both ends of the link, and UDLD detects that the link is bidirectional. Table 2-19 describes the fields in this display.
Switch> show udld gigabitethernet6/0/11Interface gi6/0/11---Port enable administrative configuration setting: Follows device defaultPort enable operational state: EnabledCurrent bidirectional state: BidirectionalCurrent operational state: Advertisement - Single Neighbor detectedMessage interval: 60Time out interval: 5Entry 1Expiration time: 146Device ID: 1Current neighbor state: BidirectionalDevice name: 0050e2826000Port ID: Gi6/0/12Neighbor echo 1 device: SAD03160954Neighbor echo 1 port: Gi6/0/11Message interval: 5CDP Device name: 066527791Related Commands
show version
Use the show version user EXEC command to display version information for the hardware and firmware.
show version [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show version command:
Switch> show versionCisco Internetwork Operating System SoftwareIOS (tm) C3750 Software (C3750-I5-M), Version 12.1(0.0.145)AX, CISCO DEVELOPMENTTEST VERSIONCopyright (c) 1986-2003 by cisco Systems, Inc.Compiled Wed 19-Feb-03 06:31 by antoninoImage text-base: 0x00003000, data-base: 0x007BFBD8ROM: Bootstrap program is C3750 boot loaderBOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.1(0.0.130)EA1, CISCO DEVELOPMENT TEST VERSIONswitch uptime is 1 week, 3 hours, 42 minutesSystem returned to ROM by power-onSystem image file is "flash:c3750-i5-mz.121.0.0.145-AX/c3750-i5-mz.121.0.0.145-AX.bin"cisco WS-C3750-48-E (PowerPC405) processor with 55286K/10240K bytes of memory.Processor board ID 123456789Last reset from power-onBridging software.9 Virtual Ethernet/IEEE 802.3 interface(s)168 FastEthernet/IEEE 802.3 interface(s)66 Gigabit Ethernet/IEEE 802.3 interface(s)The password-recovery mechanism is enabled.512K bytes of flash-simulated non-volatile configuration memory.Base ethernet MAC Address : 00:03:FD:63:2B:00System serial number : 123456789Switch Ports Model SW Version SW Image------ ----- ----- ---------- ----------1 52 WS-C3750-48-E 12.1(0.0.145)AX C3750-I5-M2 28 WS-C3750G-24TS-E 12.1(0.0.145)AX C3750-I5-M3 52 WS-C3750-48-E 12.1(0.0.145)AX C3750-I5-M* 4 52 WS-C3750-48-E 12.1(0.0.145)AX C3750-I5-M5 24 WS-C3750G-24T-E 12.1(0.0.145)AX C3750-I5-M6 26 WS-C3750-24-E 12.1(0.0.145)AX C3750-I5-MSwitch 01---------Switch Uptime : 1 day, 6 hours, 57 minutesBase ethernet MAC Address : 00:03:FD:63:37:00Switch 02---------Switch Uptime : 1 week, 3 hours, 43 minutesBase ethernet MAC Address : 00:03:FD:63:65:00Motherboard assembly number : 73-7058-04Power supply part number : 341-0045-01Motherboard serial number : CSJ0639002MPower supply serial number : PHI26004902Model revision number : 01Motherboard revision number : 04Model number : WS-C3750-24TS-SMISystem serial number : CSJ0640U01A<output truncated>show vlan
Use the show vlan user EXEC command to display the parameters for all configured VLANs or one VLAN (if the VLAN ID or name is specified) on the switch.
show vlan [brief | id vlan-id | internal usage | name vlan-name | remote-span | summary] [ | {begin | exclude | include} expression]
Syntax Description
Note
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show vlan command. Table 2-20 describes each field in the display.
Switch> show vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa1/0/1, Fa1/0/2, Fa1/0/3Fa1/0/4, Fa1/0/5, Fa1/0/6Fa1/0/7, Fa1/0/8, Fa1/0/9Fa1/0/10, Fa1/0/11, Fa1/0/12Fa1/0/13, Fa1/0/14, Fa1/0/15Fa1/0/16, Fa1/0/17, Fa1/0/18Fa1/0/19, Fa1/0/20, Fa1/0/21Fa1/0/22, Fa1/0/23, Fa1/0/24Fa1/0/25, Fa1/0/26, Fa1/0/27Fa1/0/28, Fa1/0/29, Fa1/0/30Fa1/0/31, Fa1/0/32, Fa1/0/33Fa1/0/34, Fa1/0/35, Fa1/0/36Fa1/0/46, Gi1/0/1, Gi1/0/2Gi1/0/3, Gi1/0/4, Gi2/0/1Gi2/0/2, Gi2/0/3, Gi2/0/4Gi2/0/5, Gi2/0/6, Gi2/0/7<output truncated>2 VLAN0002 active3 VLAN0003 active<output truncated>1000 VLAN1000 active1002 fddi-default active1003 token-ring-default active1004 fddinet-default active1005 trnet-default activeVLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 1002 10032 enet 100002 1500 - - - - - 0 03 enet 100003 1500 - - - - - 0 0<output truncated>1005 trnet 101005 1500 - - - ibm - 0 0Remote SPAN VLANs------------------------------------------------------------------------------Primary Secondary Type Ports------ --------- ----------------- ------------------------------------------
This is an example of output from the show vlan summary command:
Switch> show vlan summaryNumber of existing VLANs : 45Number of existing VTP VLANs : 45Number of existing extended VLANs : 0This is an example of output from the show vlan id command.
Switch# show vlan id 2VLAN Name Status Ports---- -------------------------------- --------- -------------------------------2 VLAN0200 active Fa1/0/47, Fa1/0/48, Gi2/0/13Gi3/0/1VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------2 enet 100002 1500 - - - - - 0 0Remote SPAN VLAN----------------DisabledThis is an example of output from the show vlan internal usage command. It shows that VLANs 1025 and 1026 are being used as internal VLANs for Fast Ethernet routed ports 23 and 24 on stack member 1. If you want to use one of these VLAN IDs, you must first shut down the routed port, which releases the internal VLAN, and then create the extended-range VLAN. When you start up the routed port, another internal VLAN number is assigned to it.
Switch> show vlan internal usageVLAN Usage---- -------------1025 FastEthernet1/0/231026 FastEthernet1/0/24Related Commands
show vlan access-map
Use the show vlan access-map privileged EXEC command to display information about a particular VLAN access map or all VLAN access maps.
show vlan access-map [mapname] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show vlan access-map command:
Switch# show vlan access-mapVlan access-map "SecWiz" 10Match clauses:ip address: SecWiz_Fa1_0_3_in_ipAction:forwardRelated Commands
show vlan filter
Use the show vlan filter privileged EXEC command to display information about all VLAN filters or about a particular VLAN or VLAN access map.
show vlan filter [access-map name | vlan vlan-id] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show vlan filter command:
Switch# show vlan filterVLAN Map map_1 is filtering VLANs:20-22Related Commands
Displays information about a particular VLAN access map or all VLAN access maps.
Creates a VLAN map entry for VLAN packet filtering.
Applies a VLAN map to one or more VLANs.
show vmps
Use the show vmps user EXEC command without keywords to display the VLAN Query Protocol (VQP) version, reconfirmation interval, retry count, VLAN Membership Policy Server (VMPS) IP addresses, and the current and primary servers, or use the statistics keyword to display client-side statistics.
show vmps [statistics] [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show vmps command:
Switch> show vmpsVQP Client Status:--------------------VMPS VQP Version: 1Reconfirm Interval: 60 minServer Retry Count: 3VMPS domain server:Reconfirmation status---------------------VMPS Action: otherThis is an example of output from the show vmps statistics command. Table 2-21 describes each field in the display.
Switch> show vmps statisticsVMPS Client Statistics----------------------VQP Queries: 0VQP Responses: 0VMPS Changes: 0VQP Shutdowns: 0VQP Denied: 0VQP Wrong Domain: 0VQP Wrong Version: 0VQP Insufficient Resource: 0
Related Commands
show vtp
Use the show vtp user EXEC command to display general information about the VLAN Trunking Protocol (VTP) management domain, status, and counters.
show vtp {counters | status} [ | {begin | exclude | include} expression]
Syntax Description
Command Modes
User EXEC
Command History
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.
Examples
This is an example of output from the show vtp counters command. Table 2-22 describes each field in the display.
Switch> show vtp countersVTP statistics:Summary advertisements received : 0Subset advertisements received : 0Request advertisements received : 0Summary advertisements transmitted : 0Subset advertisements transmitted : 0Request advertisements transmitted : 0Number of config revision errors : 0Number of config digest errors : 0Number of V1 summary errors : 0VTP pruning statistics:Trunk Join Transmitted Join Received Summary advts received fromnon-pruning-capable device---------------- ---------------- ---------------- ---------------------------Fa1/0/47 0 0 0Fa1/0/48 0 0 0Gi2/0/13 0 0 0Gi3/0/1 0 0 0
This is an example of output from the show vtp status command. Table 2-23 describes each field in the display.
Switch> show vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 1005Number of existing VLANs : 45VTP Operating Mode : TransparentVTP Domain Name : shared_testbed1VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : EnabledMD5 digest : 0x3A 0x29 0x86 0x39 0xB4 0x5D 0x58 0xD7
Related Commands
Clears the VTP and pruning counters.
Configures the VTP filename, interface name, domain name, and mode.
Configures the VTP domain name, password, pruning, and mode.
shutdown
Use the shutdown interface configuration command on the switch stack or on a standalone switch to disable an interface. Use the no form of this command to restart a disabled interface.
shutdown
no shutdown
Syntax Description
This command has no arguments or keywords.
Command Modes
Interface configuration
Command History
Usage Guidelines
The shutdown command for a port causes it to stop forwarding. You can enable the port with the no shutdown command.
The no shutdown command has no effect if the port is a static-access port assigned to a VLAN that has been deleted, suspended, or shut down. The port must first be a member of an active VLAN before it can be re-enabled.
The shutdown command disables all functions on the specified interface.
This command also marks the interface as unavailable. To see if an interface is disabled, use the show interfaces privileged EXEC command. An interface that has been shut down is shown as administratively down in the display.
Examples
These examples show how to disable and re-enable an interface:
Switch(config)# interface gigabitethernet1/0/2Switch(config-if)# shutdownSwitch(config)# interface gigabitethernet1/0/2Switch(config-if)# no shutdownYou can verify your settings by entering the show interfaces privileged EXEC command.
Related Commands
Displays the statistical information specific to all interfaces or to a specific interface.
shutdown vlan
Use the shutdown vlan global configuration command on the switch stack or on a standalone switch to shut down (suspend) local traffic on the specified VLAN. Use the no form of this command to restart local traffic on the VLAN.
shutdown vlan vlan-id
no shutdown vlan vlan-id
Syntax Description
Defaults
No default is defined.
Command Modes
Global configuration
Command History
Usage Guidelines
The shutdown vlan command does not change the VLAN information in the VTP database. It shuts down traffic locally, but the switch still advertises VTP information.
Examples
This example shows how to shutdown traffic on VLAN 2:
Switch(config)# shutdown vlan 2You can verify your setting by entering the show vlan privileged EXEC command.
Related Commands
snmp-server enable traps
Use the snmp-server enable traps global configuration command on the switch stack or on a standalone switch to enable the switch to send Simple Network Management Protocol (SNMP) notifications for various traps or inform requests to the network management system (NMS). Use the no form of this command to return to the default setting.
snmp-server enable traps [bridge | cluster | config | entity | envmon | fru-ctrl | hsrp | mac-notification | rtr | snmp | vlan-membership | vtp]
no snmp-server enable traps [bridge | cluster | config | entity | envmon | fru-ctrl | hsrp | mac-notification | rtr | snmp | vlan-membership | vtp]
Syntax Description
Note
Defaults
The sending of SNMP traps is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
Specify the host (NMS) that receives the traps by using the snmp-server host global configuration command. If no trap types are specified, all trap types are sent.
Use the snmp-server enable traps command to enable sending of traps or informs, when supported.
Note
To enable more than one type of trap, you must enter a separate snmp-server enable traps command for each trap type.
Examples
This example shows how to send VTP traps to the NMS:
Switch(config)# snmp-server enable traps vtpYou can verify your setting by entering the show vtp status or the show running-config privileged EXEC command.
Related Commands
snmp-server host
Use the snmp-server host global configuration command on the switch stack or on a standalone switch to specify the recipient (host) of a Simple Network Management Protocol (SNMP) notification operation. Use the no form of this command to remove the specified host.
snmp-server host host-addr [informs | traps] [version {1 | 2c}] community-string [bridge | cluster | config | entity | envmon | fru-ctrl | hsrp | mac-notification | rtr | snmp | tty | udp-port | vlan-membership | vtp]
no snmp-server host host-addr [informs | traps] [version {1 | 2c}] community-string [bridge | cluster | config | entity | envmon | fru-ctrl | hsrp | mac-notification | rtr | snmp | tty | udp-port | vlan-membership | vtp]
Syntax Description
Defaults
This command is disabled by default. No notifications are sent.
If you enter this command with no keywords, the default is to send all trap types to the host. No informs are sent to this host.
If no version keyword is present, the default is version 1.
Note
Command Modes
Global configuration
Command History
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. Traps are unreliable because the receiver does not send acknowledgments when it receives traps. The sender cannot determine if the traps were received. However, an SNMP entity that receives an inform request acknowledges the message with an SNMP response PDU. If the sender never receives the response, the inform request can be sent again. Thus, informs are more likely to reach their intended destinations.
However, informs consume more resources in the agent and in the network. Unlike a trap, which is discarded as soon as it is sent, an inform request must be held in memory until a response is received or the request times out. Traps are also sent only once, but an inform might be retried several times. The retries increase traffic and contribute to a higher overhead on the network.
If you do not enter an snmp-server host command, no notifications are sent. To configure the switch to send SNMP notifications, you must enter at least one snmp-server host command. If you enter the command with no keywords, all trap types are enabled for the host. To enable multiple hosts, you must enter a separate snmp-server host command for each host. You can specify multiple notification types in the command for each host.
When multiple snmp-server host commands are given for the same host and kind of notification (trap or inform), each succeeding command overwrites the previous command. Only the last snmp-server host command is in effect. For example, if you enter an snmp-server host inform command for a host and then enter another snmp-server host inform command for the same host, the second command replaces the first.
The snmp-server host command is used with the snmp-server enable traps global configuration command. Use the snmp-server enable traps command to specify which SNMP notifications are sent globally. For a host to receive most notifications, at least one snmp-server enable traps command and the snmp-server host command for that host must be enabled. Some notification types cannot be controlled with the snmp-server enable traps command. For example, some notification types are always enabled. Other notification types are enabled by a different command.
The no snmp-server host command with no keywords disables traps, but not informs, to the host. To disable informs, use the no snmp-server host informs command.
Examples
This example shows how to configure a unique SNMP community string named comaccess for traps and prevent SNMP polling access with this string through access-list 10:
Switch(config)# snmp-server community comaccess ro 10Switch(config)# snmp-server host 172.20.2.160 comaccessSwitch(config)# access-list 10 deny anyThis example shows how to send the SNMP traps to the host specified by the name myhost.cisco.com. The community string is defined as comaccess:
Switch(config)# snmp-server enable trapsSwitch(config)# snmp-server host myhost.cisco.com comaccess snmpThis example shows how to enable the switch to send all traps to the host myhost.cisco.com by using the community string public:
Switch(config)# snmp-server enable trapsSwitch(config)# snmp-server host myhost.cisco.com publicYou can verify your settings by entering the show running-config privileged EXEC command.
Related Commands
snmp trap mac-notification
Use the snmp trap mac-notification interface configuration command on the switch stack or on a standalone switch to enable the Simple Network Management Protocol (SNMP) MAC address notification trap on a specific Layer 2 interface. Use the no form of this command to return to the default setting.
snmp trap mac-notification {added | removed}
no snmp trap mac-notification {added | removed}
Syntax Description
added
Enable the MAC notification trap whenever a MAC address is added on this interface.
removed
Enable the MAC notification trap whenever a MAC address is removed from this interface.
Defaults
By default, the traps for both address addition and address removal are disabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
Even though you enable the notification trap for a specific interface by using the snmp trap mac-notification command, the trap is generated only when you enable the snmp-server enable traps mac-notification and the mac-address-table notification global configuration commands.
Examples
This example shows how to enable the MAC notification trap when a MAC address is added to Gigabit Ethernet interface1/ 0/4 on stack member 1:
Switch(config)# interface gigabitethernet1/0/4Switch(config-if)# snmp trap mac-notification addedYou can verify your settings by entering the show mac-address-table notification interface privileged EXEC command.
Related Commands
clear mac-address-table notification
Clears the MAC address notification global counters.
Enables the MAC address notification feature.
Displays the MAC address notification settings for all interfaces or on the specified interface when the interface keyword is appended.
Sends the SNMP MAC notification traps when the mac-notification keyword is appended.
spanning-tree backbonefast
Use the spanning-tree backbonefast global configuration command on the switch stack or on a standalone switch to enable the BackboneFast feature. Use the no form of the command to return to the default setting.
spanning-tree backbonefast
no spanning-tree backbonefast
Syntax Description
This command has no arguments or keywords.
Defaults
BackboneFast is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
BackboneFast starts when a root port or blocked port on a switch receives inferior BPDUs from its designated switch. An inferior BPDU identifies a switch that declares itself as both the root bridge and the designated switch. When a switch receives an inferior BPDU, it means that a link to which the switch is not directly connected (an indirect link) has failed (that is, the designated switch has lost its connection to the root switch. If there are alternate paths to the root switch, BackboneFast causes the maximum aging time on the ports on which it received the inferior BPDU to expire and allows a blocked port to move immediately to the listening state. BackboneFast then transitions the interface to the forwarding state. For more information, refer to the software configuration guide for this release.
Enable BackboneFast on all supported switches to allow the detection of indirect link failures and to start the spanning-tree reconfiguration sooner.
Examples
This example shows how to enable BackboneFast on the switch:
Switch(config)# spanning-tree backbonefastYou can verify your setting by entering the show spanning-tree summary privileged EXEC command.
Related Commands
show spanning-tree summary
Displays a summary of the spanning-tree port states.
spanning-tree bpdufilter
Use the spanning-tree bpdufilter interface configuration command on the switch stack or on a standalone switch to prevent a port from sending or receiving bridge protocol data units BPDUs). Use the no form of this command to return to the default setting.
spanning-tree bpdufilter {disable | enable}
no spanning-tree bpdufilter
Syntax Description
disable
Disable BPDU filtering on the specified interface.
enable
Enable BPDU filtering on the specified interface.
Defaults
BPDU filtering is disabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
Caution
You can globally enable BPDU filtering on all Port Fast-enabled ports by using the spanning-tree portfast bpdufilter default global configuration command.
You can use the spanning-tree bpdufilter interface configuration command to override the setting of the spanning-tree portfast bpdufilter default global configuration command.
Examples
This example shows how to enable the BPDU filtering feature on a port on stack member 2:
Switch(config)# interface fastethernet2/0/1Switch(config-if)# spanning-tree bpdufilter enableYou can verify your setting by entering the show running-config privileged EXEC command.
Related Commands
spanning-tree bpduguard
Use the spanning-tree bpduguard interface configuration command on the switch stack or on a standalone switch to put a port in the error-disabled state when it receives a bridge protocol data unit (BPDU). Use the no form of this command to return to the default setting.
spanning-tree bpduguard {disable | enable}
no spanning-tree bpduguard
Syntax Description
disable
Disable BPDU guard on the specified interface.
enable
Enable BPDU guard on the specified interface.
Defaults
BPDU guard is disabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
The BPDU guard feature provides a secure response to invalid configurations because you must manually put the port back in service. Use the BPDU guard feature in a service-provider network to prevent a port from being included in the spanning-tree topology.
You can globally enable BPDU guard on all Port Fast-enabled ports by using the spanning-tree portfast bpduguard default global configuration command.
You can use the spanning-tree bpduguard interface configuration command to override the setting of the spanning-tree portfast bpduguard default global configuration command.
Examples
This example shows how to enable the BPDU guard feature on a port on stack member 2:
Switch(config)# interface fastethernet2/0/1Switch(config-if)# spanning-tree bpduguard enableYou can verify your setting by entering the show running-config privileged EXEC command.
Related Commands
spanning-tree cost
Use the spanning-tree cost interface configuration command on the switch stack or on a standalone switch to set the path cost for spanning-tree calculations. If a loop occurs, spanning tree considers the path cost when selecting an interface to place in the forwarding state. Use the no form of this command to return to the default setting.
spanning-tree [vlan vlan-id] cost cost
no spanning-tree [vlan vlan-id] cost
Syntax Description
vlan vlan-id
(Optional) VLAN ID associated with a spanning-tree instance. The range is 1 to 4094.
cost
Path cost range is 1 to 200000000, with higher values meaning higher costs.
Defaults
The default path cost is computed from the interface bandwidth setting. These are the IEEE default path cost values:
•
•
•
Command Modes
Interface configuration
Command History
Usage Guidelines
When you configure the cost, higher values represent higher costs.
If you configure an interface with both the spanning-tree vlan vlan-id cost cost command and the spanning-tree cost cost command, the spanning-tree vlan vlan-id cost cost command takes effect.
Examples
This example shows how to set the path cost to 250 on an interface on stack member 2:
Switch(config)# interface fastethernet2/0/4Switch(config-if)# spanning-tree cost 250This example shows how to set the path cost to 300 for VLAN 10:
Switch(config-if)# spanning-tree vlan 10 cost 300You can verify your settings by entering the show spanning-tree interface interface-id privileged EXEC command.
Related Commands
show spanning-tree interface interface-id
Displays spanning-tree information for the specified interface.
Configures an interface priority.
spanning-tree vlan priority
Sets the switch priority for the specified spanning-tree instance.
spanning-tree extend system-id
Use the spanning-tree extend system-id global configuration command on the switch stack or on a standalone switch to enable the extended system ID feature.
spanning-tree extend system-id
Note
Syntax Description
This command has no arguments or keywords.
Defaults
The extended system ID is enabled.
Command Modes
Global configuration
Command History
Usage Guidelines
The Catalyst 3750 switch supports the 802.1T spanning-tree extensions, and some of the bits previously used for the switch priority are now used for the extended system ID (VLAN identifier for the per-VLAN spanning-tree plus [PVST+] or an instance identifier for the multiple spanning tree [MST]). In earlier releases, the switch priority is a 16-bit value.
The spanning tree uses the extended system ID, the switch priority, and the allocated spanning-tree MAC address to make the bridge ID unique for each VLAN or multiple spanning-tree instance. Because the Catalyst 3750 switch stack appears as a single switch to the rest of the network, all switches in the stack use the same bridge ID for a given spanning tree. If the stack master fails, the stack members recalculate their bridge IDs of all running spanning trees based on the new MAC address of the stack master.
Support for the extended system ID affects how you manually configure the root switch, the secondary root switch, and the switch priority of a VLAN. For more information, see the "spanning-tree vlan" section.
If your network consists of switches that do not support the extended system ID and switches that do support it, it is unlikely that the switch with the extended system ID support will become the root switch. The extended system ID increases the switch priority value every time the VLAN number is greater than the priority of the connected switches.
Related Commands
show spanning-tree summary
Displays a summary of spanning-tree port states.
spanning-tree vlan priority
Sets the switch priority for the specified spanning-tree instance.
spanning-tree guard
Use the spanning-tree guard interface configuration command on the switch stack or on a standalone switch to enable root guard or loop guard on all the VLANs associated with the selected interface. Root guard restricts which interface is allowed to be the spanning-tree root port or the path-to-the root for the switch. Loop guard prevents alternate or root ports from becoming designated ports when a failure creates a unidirectional link. Use the no form of this command to return to the default setting.
spanning-tree guard {loop | none | root}
no spanning-tree guard
Syntax Description
Defaults
Root guard is disabled.
Loop guard is configured according to the spanning-tree loopguard default global configuration command (globally disabled).
Command Modes
Interface configuration
Command History
Usage Guidelines
When root guard is enabled, if spanning-tree calculations cause a port to be selected as the root port, the port transitions to the root-inconsistent (blocked) state to prevent the customer's switch from becoming the root switch or being in the path to the root. The root port provides the best path from the switch to the root switch.
When the no spanning-tree guard or the no spanning-tree guard none command is entered, root guard is disabled for all VLANs on the selected interface. If this interface is in the root-inconsistent (blocked) state, it automatically transitions to the listening state.
Do not enable root guard on interfaces that will be used by the UplinkFast feature. With UplinkFast, the backup interfaces (in the blocked state) replace the root port in the case of a failure. However, if root guard is also enabled, all the backup interfaces used by the UplinkFast feature are placed in the root-inconsistent state (blocked) and prevented from reaching the forwarding state.
Loop guard is most effective when it is configured on the entire switched network. When the switch is operating in PVST mode, loop guard prevents alternate and root ports from becoming designated ports, and spanning tree does not send bridge protocol data units (BPDUs) on root or alternate ports.
To disable root guard or loop guard, use the spanning-tree guard none interface configuration command. You cannot enable both root guard and loop guard at the same time.
You can override the setting of the spanning-tree loopguard default global configuration command by using the spanning-tree guard loop interface configuration command.
Examples
This example shows how to enable root guard on all the VLANs associated with the specified interface on stack member 2:
Switch(config)# interface fastethernet2/0/3Switch(config-if)# spanning-tree guard rootThis example shows how to enable loop guard on all the VLANs associated with the specified interface on stack member 2:
Switch(config)# interface fastethernet2/0/3Switch(config-if)# spanning-tree guard loopYou can verify your settings by entering the show running-config privileged EXEC command.
Related Commands
show running-config
Displays the current operating configuration. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference for Release 12.1 > Cisco IOS File Management Commands > Configuration File Commands.
Sets the path cost for spanning-tree calculations.
Prevents alternate or root ports from becoming designated ports because of a failure that leads to a unidirectional link.
Configures an interface priority.
spanning-tree vlan priority
Sets the switch priority for the specified spanning-tree instance.
spanning-tree loopguard default
Use the spanning-tree loopguard default global configuration command on the switch stack or on a standalone switch to prevent alternate or root ports from becoming designated ports because of a failure that leads to a unidirectional link. Use the no form of this command to return to the default setting.
spanning-tree loopguard default
no spanning-tree loopguard default
Syntax Description
This command has no arguments or keywords.
Defaults
Loop guard is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
Loop guard is most effective when it is configured on the entire switched network. When the switch is operating in per-VLAN spanning-tree (PVST) mode, loop guard prevents alternate and root ports from becoming designated ports, and spanning tree does not send bridge protocol data units (BPDUs) on root or alternate ports.
Loop guard operates only on ports that are considered point-to-point by the spanning tree.
You can override the setting of the spanning-tree loopguard default global configuration command by using the spanning-tree guard loop interface configuration command.
Examples
This example shows how to globally enable loop guard:
Switch(config)# spanning-tree loopguard defaultYou can verify your settings by entering the show running-config privileged EXEC command.
Related Commands
show running-config
Displays the current operating configuration. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference for Release 12.1 > Cisco IOS File Management Commands > Configuration File Commands.
spanning-tree guard loop
Enables the loop guard feature on all the VLANs associated with the specified interface.
spanning-tree mode
Use the spanning-tree mode global configuration command on the switch stack or on a standalone switch to enable the per-VLAN spanning-tree (PVST) on your switch.
spanning-tree mode {pvst}
Syntax Description
Note
Defaults
The default mode is PVST.
Command Modes
Global configuration
Command History
Related Commands
spanning-tree port-priority
Use the spanning-tree port-priority interface configuration command on the switch stack or on a standalone switch to configure an interface priority. If a loop occurs, spanning tree can determine which interface to put in the forwarding state. Use the no form of this command to return to the default setting.
spanning-tree [vlan vlan-id] port-priority priority
no spanning-tree [vlan vlan-id] port-priority
Syntax Description
vlan vlan-id
(Optional) VLAN ID associated with a spanning-tree instance. The range is 1 to 4094.
priority
Number from 0 to 252, in increments of 4. The lower the number, the higher the priority.
Defaults
The default is 128.
Command Modes
Interface configuration
Command History
Usage Guidelines
If the variable vlan-id is omitted, the command applies to the spanning-tree instance associated with VLAN 1.
You can set the priority on a VLAN that has no interfaces assigned to it. The setting takes effect when you assign the interface to the VLAN.
If you configure an interface with both the spanning-tree vlan vlan-id port-priority priority command and the spanning-tree port-priority priority command, the spanning-tree vlan vlan-id port-priority priority command takes effect.
If your switch is a member of a switch stack, you must use the spanning-tree [vlan vlan-id] cost cost interface configuration command instead of the spanning-tree [vlan vlan-id] port-priority priority interface configuration command to select an interface to put in the forwarding state. Assign lower cost values to interfaces that you want selected first and higher cost values that you want selected last.
Examples
This example shows how to increase the likelihood that Fast Ethernet interface 0/2 on stack member 2 will be put in the forwarding state if a loop occurs:
Switch(config)# interface fastethernet2/0/2Switch(config-if)# spanning-tree vlan 20 port-priority 0You can verify your settings by entering the show spanning-tree interface interface-id privileged EXEC command.
Related Commands
show spanning-tree interface interface-id
Displays spanning-tree information for the specified interface.
Sets the path cost for spanning-tree calculations.
spanning-tree vlan priority
Sets the switch priority for the specified spanning-tree instance.
spanning-tree portfast (global configuration)
Use the spanning-tree portfast global configuration command on the switch stack or on a standalone switch to globally enable bridge protocol data unit (BPDU) filtering on Port Fast-enabled ports, the BPDU guard feature on Port Fast-enabled ports, or the Port Fast feature on all nontrunking ports. The BPDU filtering feature prevents the switch port from sending or receiving BPDUs. The BPDU guard feature puts Port Fast-enabled ports that receive BPDUs in an error-disabled state. Use the no form of this command to return to the default setting.
spanning-tree portfast {bpdufilter default | bpduguard default | default}
no spanning-tree portfast {bpdufilter default | bpduguard default | default}
Syntax Description
Defaults
The BPDU filtering, the BPDU guard, and the Port Fast features are disabled on all ports unless they are individually configured.
Command Modes
Global configuration
Command History
Usage Guidelines
Use the spanning-tree portfast bpdufilter default global configuration command to globally enable BPDU filtering on ports that are Port Fast-enabled (the ports are in a Port Fast-operational state). The ports still send a few BPDUs at link-up before the switch begins to filter outbound BPDUs. You should globally enable BPDU filtering on a switch so that hosts connected to switch ports do not receive BPDUs. If a BPDU is received on a Port Fast-enabled port, the port loses its Port Fast-operational status and BPDU filtering is disabled.
You can override the spanning-tree portfast bpdufilter default global configuration command by using the spanning-tree bdpufilter interface configuration command.
Caution
Use the spanning-tree portfast bpduguard default global configuration command to globally enable BPDU guard on ports that are in a Port Fast-operational state. In a valid configuration, Port Fast-enabled ports do not receive BPDUs. Receiving a BPDU on a Port Fast-enabled port signals an invalid configuration, such as the connection of an unauthorized device, and the BPDU guard feature puts the port in the error-disabled state. The BPDU guard feature provides a secure response to invalid configurations because you must manually put the port back in service. Use the BPDU guard feature in a service-provider network to prevent an access port from participating in the spanning tree.
You can override the spanning-tree portfast bpduguard default global configuration command by using the spanning-tree bdpuguard interface configuration command.
Use the spanning-tree portfast default global configuration command to globally enable the Port Fast feature on all nontrunking ports. Configure Port Fast only on ports that connect to end stations; otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operation. A Port Fast-enabled port moves directly to the spanning-tree forwarding state when linkup occurs without waiting for the standard forward-delay time.
You can override the spanning-tree portfast default global configuration command by using the spanning-tree portfast interface configuration command. You can use the no spanning-tree portfast default global configuration command to disable Port Fast on all ports unless they are individually configured with the spanning-tree portfast interface configuration command.
Examples
This example shows how to globally enable the BPDU filtering feature:
Switch(config)# spanning-tree portfast bpdufilter defaultThis example shows how to globally enable the BPDU guard feature:
Switch(config)# spanning-tree portfast bpduguard defaultThis example shows how to globally enable the Port Fast feature on all nontrunking ports:
Switch(config)# spanning-tree portfast defaultYou can verify your settings by entering the show running-config privileged EXEC command.
Related Commands
spanning-tree portfast (interface configuration)
Use the spanning-tree portfast interface configuration command on the switch stack or on a standalone switch to enable the Port Fast feature on an interface in all its associated VLANs. When the Port Fast feature is enabled, the interface changes directly from a blocking state to a forwarding state without making the intermediate spanning-tree state changes. Use the no form of this command to return to the default setting.
spanning-tree portfast [disable | trunk]
no spanning-tree portfast
Syntax Description
disable
(Optional) Disable the Port Fast feature on the specified interface.
trunk
(Optional) Enable the Port Fast feature on a trunking interface.
Defaults
The Port Fast feature is disabled on all interfaces; however, it is automatically enabled on dynamic-access ports.
Command Modes
Interface configuration
Command History
Usage Guidelines
Use this feature only on interfaces that connect to end stations; otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operation.
This feature affects all VLANs on the interface.
A port with the Port Fast feature enabled is moved directly to the spanning-tree forwarding state without waiting the standard forward-time delay.
You can use the spanning-tree portfast default global configuration command to globally enable the Port Fast feature on all nontrunking interfaces. However, the spanning-tree portfast interface configuration command can override the global setting.
If you configure the spanning-tree portfast default global configuration command, you can enable Port Fast on a port that is not a trunk port by using the no spanning-tree portfast interface configuration command.
The no spanning-tree portfast interface configuration command is the same as the spanning-tree portfast disable interface configuration command.
Examples
This example shows how to enable the Port Fast feature on an interface on stack member 2:
Switch(config)# interface fastethernet2/0/2Switch(config-if)# spanning-tree portfastYou can verify your settings by entering the show running-config privileged EXEC command.
Related Commands
spanning-tree uplinkfast
Use the spanning-tree uplinkfast global configuration command on the switch stackor on a standalone switch to accelerate the choice of a new root port when a link or switch fails or when the spanning tree reconfigures itself. Use the no form of this command to return to the default setting.
spanning-tree uplinkfast
no spanning-tree uplinkfast
Syntax Description
This command has no arguments or keywords.
Note
Defaults
UplinkFast is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command only on access switches.
When you enable UplinkFast, it is enabled for the entire switch and cannot be enabled for individual VLANs.
When you enable or disable UplinkFast, cross-stack UplinkFast (CSUF) also is automatically enabled or disabled on all nonstack port interfaces. CSUF accelerates the choice of a new root port when a link or switch fails or when spanning tree reconfigures itself.
When UplinkFast is enabled, the switch priority of all VLANs is set to 49152. If you change the path cost to a value less than 3000 and you enable UplinkFast or UplinkFast is already enabled, the path cost of all interfaces and VLAN trunks is increased by 3000 (if you change the path cost to 3000 or above, the path cost is not altered). The changes to the switch priority and the path cost reduces the chance that a switch will become the root switch.
When UplinkFast is disabled, the switch priorities of all VLANs and path costs of all interfaces are set to default values if you did not modify them from their defaults.
When spanning tree detects that the root port has failed, UplinkFast immediately switches over to an alternate root port, changing the new root port directly to FORWARDING state. During this time, a topology change notification is sent.
Do not enable the root guard on interfaces that will be used by the UplinkFast feature. With UplinkFast, the backup interfaces (in the blocked state) replace the root port in the case of a failure. However, if root guard is also enabled, all the backup interfaces used by the UplinkFast feature are placed in the root-inconsistent state (blocked) and prevented from reaching the forwarding state.
Examples
This example shows how to enable UplinkFast:
Switch(config)# spanning-tree uplinkfastYou can verify your setting by entering the show spanning-tree summary privileged EXEC command.
Related Commands
show spanning-tree summary
Displays a summary of the spanning-tree port states.
spanning-tree vlan root primary
Forces this switch to be the root switch.
spanning-tree vlan
Use the spanning-tree vlan global configuration command on the switch stack or on a standalone switch to configure spanning tree on a per-VLAN basis. Use the no form of this command to return to the default setting.
spanning-tree vlan vlan-id {forward-time seconds | hello-time seconds | max-age seconds |
priority priority | {root {primary | secondary} [diameter net-diameter
[hello-time seconds]]}}no spanning-tree vlan vlan-id [forward-time | hello-time | max-age | priority | root]
Syntax Description
Defaults
Spanning tree is enabled on all VLANs.
The forward-delay time is 15 seconds.
The hello time is 2 seconds.
The max-age is 20 seconds.
The primary root switch priority is 24576.
The secondary root switch priority is 28672.
Command Modes
Global configuration
Command History
Usage Guidelines
Disabling the STP causes the VLAN to stop participating in the spanning-tree topology. Interfaces that are administratively down remain down. Received BPDUs are forwarded like other multicast frames. The VLAN does not detect and prevent loops when STP is disabled.
You can disable the STP on a VLAN that is not currently active and verify the change by using the show running-config or the show spanning-tree vlan vlan-id privileged EXEC command. The setting takes effect when the VLAN is activated.
When disabling or re-enabling the STP, you must use a single command line to specify each VLAN that you want to disable or enable.
When a VLAN is disabled and then enabled, all assigned VLANs continue to be its members. However, all spanning-tree bridge parameters are returned to their previous settings (the last setting before the VLAN was disabled).
You can enable spanning-tree options on a VLAN that has no interfaces assigned to it. The setting takes effect when you assign interfaces to it.
When setting the max-age seconds, if a switch does not receive BPDUs from the root switch within the specified interval, it recomputes the spanning-tree topology. The max-age setting must be greater than the hello-time setting.
The spanning-tree vlan vlan-id root command should be used only on backbone switches.
When you enter the spanning-tree vlan vlan-id root command, the software checks the switch priority of the current root switch for each VLAN. Because of the extended system ID support, the switch sets the switch priority for the specified VLAN to 24576 if this value will cause this switch to become the root for the specified VLAN. If any root switch for the specified VLAN has a switch priority lower than 24576, the switch sets its own priority for the specified VLAN to 4096 less than the lowest switch priority. (4096 is the value of the least-significant bit of a 4-bit switch priority value.)
When you enter the spanning-tree vlan vlan-id root secondary command, because of support for the extended system ID, the software changes the switch priority from the default value (32768) to 28672. If the root switch should fail, this switch becomes the next root switch (if the other switches in the network use the default switch priority of 32768, and therefore, are unlikely to become the root switch).
Examples
This example shows how to disable the STP on VLAN 5:
Switch(config)# no spanning-tree vlan 5You can verify your setting by entering the show spanning-tree privileged EXEC command. In this instance, VLAN 5 does not appear in the list.
This example shows how to set the spanning-tree forwarding time to 18 seconds for VLAN 20:
Switch(config)# spanning-tree vlan 20 forward-time 18This example shows how to set the spanning-tree hello-delay time to 3 seconds for VLAN 20:
Switch(config)# spanning-tree vlan 20 hello-time 3This example shows how to set spanning-tree max-age to 30 seconds for VLAN 20:
Switch(config)# spanning-tree vlan 20 max-age 30This example shows how to reset the max-age parameter to the default value for spanning-tree instance 100:
Switch(config)# no spanning-tree vlan 100 max-ageThis example shows how to set the spanning-tree priority to 8192 for VLAN 20:
Switch(config)# spanning-tree vlan 20 priority 8192This example shows how to configure the switch as the root switch for VLAN 10 with a network diameter of 4:
Switch(config)# spanning-tree vlan 10 root primary diameter 4This example shows how to configure the switch as the secondary root switch for VLAN 10 with a network diameter of 4:
Switch(config)# spanning-tree vlan 10 root secondary diameter 4You can verify your settings by entering the show spanning-tree vlan vlan-id privileged EXEC command.
Related Commands
show spanning-tree vlan
Displays spanning-tree information.
Sets the path cost for spanning-tree calculations.
Enables the root guard or the loop guard feature for all the VLANs associated with the selected interface.
Sets an interface priority.
Globally enables the BPDU filtering or the BPDU guard feature on Port Fast-enabled ports or enables the Port Fast feature on all nontrunking ports.
Enables the Port Fast feature on an interface in all its associated VLANs.
Enables the UplinkFast feature, which accelerates the choice of a new root port.
speed
Use the speed interface configuration command on the switch stack or on a standalone switch to specify the speed of a 10/100 Mbps or 10/100/1000 Mbps port. Use the no or default form of this command to return the port to its default value.
speed {10 | 100 | 1000 | auto | nonegotiate}
no speed
Note
Syntax Description
Defaults
The default is auto.
Command Modes
Interface configuration
Command History
Usage Guidelines
You can configure the Fast Ethernet port speed as either 10 or 100 Mbps. You can configure the Gigabit Ethernet port speed as 10, 100, or 1000 Mbps. You cannot configure speed on SFP ports, but you can configure speed to not negotiate (nonegotiate) if connected to a device that does not support autonegotiation.
If the speed is set to auto, the switch negotiates with the device at the other end of the link for the speed setting and then forces the speed setting to the negotiated value. The duplex setting remains as configured on each end of the link, which could result in a duplex setting mismatch.
If both ends of the line support autonegotiation, we highly recommend the default autonegotiation settings. If one interface supports autonegotiation and the other end does not, configure duplex and speed on both interfaces; do use the auto setting on the supported side.
If both the speed and duplex are set to specific values, autonegotiation is disabled.
Caution
Note
Examples
This example shows how to set the specified interface to 100 Mbps:
Switch(config)# interface gigabitethernet1/0/1Switch(config-if)# speed 100You can verify your settings by entering the show interfaces privileged EXEC command.
Related Commands
Specifies the duplex mode of operation for Fast Ethernet and Gigabit Ethernet ports.
Displays the statistical information specific to all interfaces or to a specific interface
srr-queue bandwidth limit
Use the srr-queue bandwidth limit interface configuration command on the switch stack or on a standalone switch to limit the maximum output on a port. Use the no form of this command to return to the default setting.
srr-queue bandwidth limit weight1
no srr-queue bandwidth limit
Syntax Description
Defaults
The port is not rate limited and is set to 100 percent.
Command Modes
Interface configuration
Command History
Usage Guidelines
If you configure this command to 80 percent, the port is idle 20 percent of the time. The line rate drops to 80 percent of the connected speed. These values are not exact because the hardware adjusts the line rate in increments of six.
Note
Examples
This example shows how to limit Gigabit Ethernet port 0/1 on stack member 2 to 800 Mbps:
Switch(config)# interface gigabitethernet2/0/1Switch(config-if)# srr-queue bandwidth limit 80You can verify your settings by entering the show mls qos interface [interface-id] queueing privileged EXEC command.
Related Commands
Allocates buffers to the queue-set.
Maps class of service (CoS) values to egress queue or maps CoS values to a queue and to a threshold ID.
Maps Differentiated Services Code Point (DSCP) values to an egress queue or maps DSCP values to a queue and to a threshold ID.
Configures the weighted tail-drop (WTD) thresholds, guarantees the availability of buffers, and configures the maximum memory allocation for the queue-set.
Maps a port to a queue-set.
show mls qos interface queueing
Displays quality of service (QoS) information.
Assigns the shaped weights and enables bandwidth shaping on the four egress queues mapped to a port.
Assigns the shared weights and enables bandwidth sharing on the four egress queues mapped to a port.
srr-queue bandwidth shape
Use the srr-queue bandwidth shape interface configuration command on the switch stack or on a standalone switch to assign the shaped weights and to enable bandwidth shaping on the four egress queues mapped to a port. Use the no form of this command to return to the default setting.
srr-queue bandwidth shape weight1 weight2 weight3 weight4
no srr-queue bandwidth shape
Syntax Description
Defaults
Weight1 is set to 25. Weight2, weight3, and weight4 are set to 0, and these queues are in shared mode.
Command Modes
Interface configuration
Command History
Usage Guidelines
In shaped mode, the queues are guaranteed a percentage of the bandwidth, and they are rate-limited to that amount. Shaped traffic does not use more than the allocated bandwidth even if the link is idle. Use shaping to smooth bursty traffic or to provide a smoother output over time.
The shaped mode overrides the shared mode.
If you configure a shaped queue weight to 0 by using the srr-queue bandwidth shape interface configuration command, this queue participates in shared mode. The weight specified with the srr-queue bandwidth shape command is ignored, and the weights specified with the srr-queue bandwidth share interface configuration command for a queue come into effect.
When configuring queues for the same port for both shaping and sharing, make sure that you configure the lowest numbered queue for shaping.
Note
Examples
This example shows how to configure the queues for the same port for both shaping and sharing. Because the weight ratios for queues 2, 3, and 4 are set to 0, these queues operate in shared mode. The bandwidth weight for queue 1 is 1/8, which is 12.5 percent. Queue 1 is guaranteed this bandwidth and limited to it; it does not extend its slot to the other queues even if the other queues have no traffic and are idle. Queues 2, 3, and 4 are in shared mode, and the setting for queue 1 is ignored. The bandwidth ratio allocated for the queues in shared mode is 4/(4+4+4), which is 33 percent:
Switch(config)# interface gigabitethernet2/0/1Switch(config-if)# srr-queue bandwidth shape 8 0 0 0Switch(config-if)# srr-queue bandwidth share 4 4 4 4You can verify your settings by entering the show mls qos interface [interface-id] queueing privileged EXEC command.
Related Commands
Allocates buffers to a queue-set.
Maps class of service (CoS) values to an egress queue or maps CoS values to a queue and to a threshold ID.
Maps Differentiated Services Code Point (DSCP) values to an egress queue or maps DSCP values to a queue and to a threshold ID.
Configures the weighted tail-drop (WTD) thresholds, guarantees the availability of buffers, and configures the maximum memory allocation to a queue-set.
Maps a port to a queue-set.
show mls qos interface queueing
Displays quality of service (QoS) information.
Assigns the shared weights and enables bandwidth sharing on the four egress queues mapped to a port.
srr-queue bandwidth share
Use the srr-queue bandwidth share interface configuration command on the switch stack or on a standalone switch to assign the shared weights and to enable bandwidth sharing on the four egress queues mapped to a port. The ratio of the weights is the ratio of frequency in which the shaped round robin (SRR) scheduler dequeues packets from each queue. Use the no form of this command to return to the default setting.
srr-queue bandwidth share weight1 weight2 weight3 weight4
no srr-queue bandwidth share
Syntax Description
Defaults
Weight1, weight2, weight3, and weight4 are 25 (1/4 of the bandwidth is allocated to each queue).
Command Modes
Interface configuration
Command History
Usage Guidelines
The absolute value of each weight is meaningless, and only the ratio of parameters is used.
In shared mode, the queues share the bandwidth among them according to the configured weights. The bandwidth is guaranteed at this level but not limited to it. For example, if a queue empties and does not require a share of the link, the remaining queues can expand into the unused bandwidth and share it among themselves.
If you configure a shaped queue weight to 0 by using the srr-queue bandwidth shape interface configuration command, this queue participates in SRR shared mode. The weight specified with the srr-queue bandwidth shape command is ignored, and the weights specified with the srr-queue bandwidth share interface configuration command for a queue take effect.
When configuring queues for the same port for both shaping and sharing, make sure that you configure the lowest numbered queue for shaping.
Note
Examples
This example shows how to configure the weight ratio of the SRR scheduler running on egress port Gigabit Ethernet 0/1 on stack member 2. Four queues are used. The bandwidth ratio allocated for each queue in shared mode is 1/(1+2+3+4), 2/(1+2+3+4), 3/(1+2+3+4), and 4/(1+2+3+4), which is 10 percent, 20 percent, 30 percent, and 40 percent for queues 1, 2, 3, and 4. This means that queue 4 has four times the bandwidth of queue 1, twice the bandwidth of queue 2, and one-and-a-third times the bandwidth of queue 3.
Switch(config)# interface gigabitethernet2/0/1Switch(config-if)# srr-queue bandwidth share 1 2 3 4You can verify your settings by entering the show mls qos interface [interface-id] queueing privileged EXEC command.
Related Commands
Allocates buffers to a queue-set.
Maps class of service (CoS) values to an egress queue or maps CoS values to a queue and to a threshold ID.
Maps Differentiated Services Code Point (DSCP) values to an egress queue or maps DSCP values to a queue and to a threshold ID.
Configures the weighted tail-drop (WTD) thresholds, guarantees the availability of buffers, and configures the maximum memory allocation to a queue-set.
Maps a port to a queue-set.
show mls qos interface queueing
Displays quality of service (QoS) information.
Assigns the shaped weights and enables bandwidth shaping on the four egress queues mapped to a port.
storm-control
Use the storm-control interface configuration command on the switch stack or on a standalone switch to enable broadcast, multicast, or unicast storm control on an interface with the specified threshold level. Use the no form of this command to disable broadcast, multicast, or unicast storm control on an interface.
storm-control {broadcast | multicast | unicast} level level [.level]
no storm-control {broadcast | multicast | unicast} level
Syntax Description
Defaults
Broadcast, multicast, and unicast storm control are disabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
Storm control is supported only on physical interfaces; it is not supported on EtherChannel port channels, even though it is available in the command-line interface (CLI).
Storm-control suppression level is entered as a percentage of total bandwidth. A threshold value of 100 percent means that no limit is placed on the specified traffic type. A value of 0.0 means that all broadcast, multicast, or unicast traffic on that port is blocked.
When the storm control threshold for multicast traffic is reached, all multicast traffic except control traffic, such as bridge protocol data unit (BDPU) and Cisco Discovery Protocol (CDP) frames, are blocked. However, the switch does not differentiate between routing updates, such as Open Shortest Path First (OSPF) and regular multicast data traffic, so both types of traffic are blocked.
Note
Examples
This example shows how to enable multicast storm control with a 75.5 percent threshold level:
Switch(config-if)# storm-control multicast level 75.5This example shows how to disable multicast storm control:
Switch(config-if)# no storm-control multicast levelYou can verify your settings by entering the show storm-control privileged EXEC command.
Related Commands
Displays broadcast, multicast, or unicast storm control settings on all interfaces or on a specified interface.
switch priority
Use the switch priority global configuration command on the stack master to change the stack member priority value.
switch stack-member-number priority new-priority-value
Syntax Description
priority new-priority-value
Specify the new stack member priority value. The range is 1 to 15.
stack-member-number
Specify the current stack member number. The range 1 to 9.
Defaults
The default priority value is 1.
Command Modes
Global configuration
Command History
Usage Guidelines
If you do not specify a priority value, the default value is assigned.
The new priority value is a factor during a stack-master re-election. Therefore, changing the priority value does not change the stack master immediately.
Use the reload slot current stack member number privileged EXEC to reset the stack member and apply this configuration change into effect.
Examples
This example shows how to change the priority value of stack member 6 to 9:
Switch(config)# switch 6 priority 9Changing the Switch Priority of Switch Number 6 to 9Do you want to continue?[confirm]Related Commands
switch renumber
Use the switch renumber global configuration command on the stack master to change the stack member number.
switch current-stack-member-number renumber new-stack-member-number
Syntax Description
Defaults
The default stack member number is 1.
Command Modes
Global configuration
Command History
Usage Guidelines
If another stack member is already using the member number that you just specified, the stack master assigns the lowest available number when you reset the stack member.
Note
Use the reload slot current stack member number privileged EXEC to reset the stack member and apply this configuration change into effect.
Examples
This example shows how to change the member number of stack member 6 to 7:
Switch(config)# switch 6 renumber 7WARNING: Changing the switch number may result in lostor changed configuration for that switch!Do you want to continue?[confirm]Related Commands
switchport
Use the switchport interface configuration command with no keywords on the switch stack or on a standalone switch to put an interface that is in Layer 3 mode into Layer 2 mode for Layer 2 configuration. Use the no form of this command to put an interface in Layer 3 mode.
switchport
no switchport
Use the no switchport command (without parameters) to set the interface to the routed-interface status and to erase all Layer 2 configurations. You must use this command before assigning an IP address to a routed port.
Note
Syntax Description
This command has no arguments or keywords.
Defaults
By default, all interfaces are in Layer 2 mode.
Command Modes
Interface configuration
Command History
Usage Guidelines
Entering the no switchport command shuts the port down and then re-enables it, which might generate messages on the device to which the port is connected.
Examples
This example shows how to cause an interface to cease operating as a Layer 2 port and become a Cisco-routed port.
Switch(config-if)# no switchportThis example shows how to cause the port interface to cease operating as a Cisco-routed port and convert to a Layer 2-switched interface:
Switch(config-if)# switchport
Note
You can verify the switchport status of an interface by entering the show running-config privileged EXEC command.
Related Commands
show interfaces switchport
Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings.
show running-config
Displays the current operating configuration. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference for Release 12.1 > Cisco IOS File Management Commands > Configuration File Commands.
switchport access
Use the switchport access interface configuration command on the switch stack or on a standalone switch to configure a port as a static-access or dynamic-access port. If the switchport mode is set to access, the port operates as a member of the specified VLAN. If set to dynamic, the port starts discovery of VLAN assignment based on the incoming packets it receives. Use the no form of this command to reset the access mode to the default VLAN for the switch.
switchport access vlan {vlan-id | dynamic}
no switchport access vlan
Syntax Description
Defaults
The default access VLAN and trunk interface native VLAN is a default VLAN corresponding to the platform or interface hardware.
A dynamic-access port is initially a member of no VLAN and receives its assignment based on the packet it receives.
Command Modes
Interface configuration
Command History
Usage Guidelines
The no switchport access command resets the access mode VLAN to the appropriate default VLAN for the device.
The port must be in access mode before the switchport access vlan command can take effect.
An access port can be assigned to only one VLAN.
The VMPS server (such as a Catalyst 6000 series switch) must be configured before a port is configured as dynamic.
These restrictions apply to dynamic-access ports:
•
•
•
•
•
–
–
–
Examples
This example shows how to cause a port interface that has already been configured as a switched interface to operate in VLAN 2 instead of the platform's default VLAN when in access mode:
Switch(config-if)# switchport access vlan 2You can verify your setting by entering the show interfaces interface-id switchport privileged EXEC command and examining information in the Administrative Mode and Operational Mode rows.
Related Commands
show interfaces switchport
Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings.
Configures the VLAN membership mode of a port.
switchport block
Use the switchport block interface configuration command on the switch stack or on a standalone switch to prevent unknown multicast or unicast packets from being forwarded. Use the no form of this command to allow forwarding unknown multicast or unicast packets.
switchport block {multicast | unicast}
no switchport block {multicast | unicast}
Syntax Description
multicast
Specify that unknown multicast traffic should be blocked.
unicast
Specify that unknown unicast traffic should be blocked.
Defaults
Unknown multicast and unicast traffic is not blocked.
Command Modes
Interface configuration
Command History
Usage Guidelines
By default, all traffic with unknown MAC addresses is sent to all ports. You can block unknown multicast or unicast traffic on protected or nonprotected ports. If unknown multicast or unicast traffic is not blocked on a protected port, there could be security issues.
Blocking unknown multicast or unicast traffic is not automatically enabled on protected ports; you must explicitly configure it.
Note
Examples
This example shows how to block unknown multicast traffic on an interface:
Switch(config-if)# switchport block multicastYou can verify your setting by entering the show interfaces interface-id switchport privileged EXEC command.
Related Commands
show interfaces switchport
Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings.
switchport host
Use the switchport host interface configuration command on the switch stack or on a standalone switch to optimize a Layer 2 port for a host connection. The no form of this command has no affect on the system.
switchport host
Syntax Description
This command has no arguments or keywords.
Defaults
The default is for the port to not be optimized for a host connection.
Command Modes
Interface configuration
Command History
Usage Guidelines
To optimize the port for a host connection, the switchport host command sets switch port mode to access, enables spanning tree Port Fast, and disables channel grouping. Only an end station can accept this configuration.
Because spanning tree Port Fast is enabled, you should enter the switchport host command only on ports that are connected to a single host. Connecting other switches, hubs, concentrators, or bridges to a fast-start port can cause temporary spanning-tree loops.
Enable the switchport host command to decrease the time that it takes to start up packet forwarding.
Examples
This example shows how to optimize the port configuration for a host connection:
Switch(config-if)# switchport hostswitchport mode will be set to accessspanning-tree portfast will be enabledchannel group will be disabledSwitch(config-if)#You can verify your setting by entering the show interfaces interface-id switchport privileged EXEC command.
Related Commands
show interfaces switchport
Displays the administrative and operational status of a switching (nonrouting) port, including switchport mode.
switchport mode
Use the switchport mode interface configuration command on the switch stack or on a standalone switch to configure the VLAN membership mode of a port. Use the no form of this command to reset the mode to the appropriate default for the device.
switchport mode {access | dynamic {auto | desirable} | trunk}
no switchport mode {access| dynamic {auto | desirable} | trunk}
Syntax Description
Defaults
The default mode is dynamic auto.
Command Modes
Interface configuration
Command History
Usage Guidelines
A configuration that uses the access or trunk keywords takes effect only when you configure the port in the appropriate mode by using the switchport mode command. The static-access and trunk configuration are saved, but only one configuration is active at a time.
When you enter access mode, the interface changes to permanent nontrunking mode and negotiates to convert the link into a nontrunk link even if the neighboring interface does not agree to the change.
When you enter trunk mode, the interface changes to permanent trunking mode and negotiates to convert the link into a trunk link even if the interface connecting to it does not agree to the change.
When you enter dynamic auto mode, the interface converts the link to a trunk link if the neighboring interface is set to trunk or desirable mode.
When you enter dynamic desirable mode, the interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode.
To autonegotiate trunking, the interfaces must be in the same VTP domain. Trunk negotiation is managed by the Dynamic Trunking Protocol (DTP), which is a point-to-point protocol. However, some internetworking devices might forward DTP frames improperly, which could cause misconfigurations. To avoid this, you should configure interfaces connected to devices that do not support DTP to not forward DTP frames, which turns off DTP.
•
•
Access port and trunk ports are mutually exclusive.
The 802.1X feature interacts with switchport modes in these ways:
•
•
•
Examples
This example shows how to configure a port for access mode:
Switch(config-if)# switchport mode accessThis example shows how set the interface to dynamic desirable mode:
Switch(config-if)# switchport mode dynamic desirableThis example shows how to configure a port for trunk mode:
Switch(config-if)# switchport mode trunkYou can verify your settings by entering the show interfaces interface-id switchport privileged EXEC command and examining information in the Administrative Mode and Operational Mode rows.
Related Commands
show interfaces switchport
Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings.
Configures a port as a static-access or dynamic-access port.
switchport nonegotiate
Use the switchport nonegotiate interface configuration command on the switch stack or on a standalone switch to specify that Dynamic Trunking Protocol (DTP) negotiation packets are not sent on the Layer 2 interface. The switch does not engage in DTP negotiation on this interface. Use the no form of this command to return to the default setting.
switchport nonegotiate
no switchport nonegotiate
Syntax Description
This command has no arguments or keywords.
Defaults
The default is to use DTP negotiation to determine trunking status.
Command Modes
Interface configuration
Command History
Usage Guidelines
The no form of the switchport nonegotiate command removes nonegotiate status.
This command is valid only when the interface switchport mode is access or trunk (configured by using the switchport mode access or the switchport mode trunk interface configuration command). This command returns an error if you attempt to execute it in dynamic (auto or desirable) mode.
Internetworking devices that do not support DTP might forward DTP frames improperly and cause misconfigurations. To avoid this, you should turn off DTP by using the switchport no negotiate command to configure the interfaces connected to devices that do not support DTP to not forward DTP frames.
When you enter the switchport nonegotiate command, DTP negotiation packets are not sent on the interface. The device does or does not trunk according to the mode parameter: access or trunk.
•
•
Examples
This example shows how to cause a port interface to refrain from negotiating trunking mode and to act as a trunk or access port (depending on the mode set):
Switch(config-if)# switchport nonegotiateYou can verify your setting by entering the show interfaces interface-id switchport privileged EXEC command.
Related Commands
show interfaces switchport
Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings.
Configures the VLAN membership mode of a port.
switchport port-security
Use the switchport port-security interface configuration command without keywords on the switch stack or on a standalone switch to enable port security on the interface. Use the keywords to configure secure MAC addresses, a maximum number of secure MAC addresses, or the violation mode. Use the no form of this command to disable port security or to set the parameters to their default states.
switchport port-security [aging] [mac-address mac-address] | [maximum value] | [violation {protect | restrict | shutdown}]
no switchport port-security [aging] [mac-address mac-address] | [maximum value] | [violation {protect | restrict | shutdown}]
Syntax Description
aging
(Optional) See the switchport port-security aging command.
