Catalyst 6500 Series Command Reference, 8.7 - show port to show snmp [Cisco Catalyst 6500 Series Switches]

Table Of Contents

show port

show port arp-inspection

show port auto-mdix

show port auxiliaryvlan

show port broadcast

show port capabilities

show port cdp

show port channel

show port cops

show port counters

show port critical

show port debounce

show port description

show port dhcp-snooping

show port dot1q-all-tagged

show port dot1q-ethertype

show port dot1qtunnel

show port dot1x

show port eou

show port errdisable-timeout

show port errordetection

show port ethernet-cfm

show port ethernet-evc

show port ethernet-lmi

show port ethernet-oam

show port ethernet-uni

show port flexlink

show port flowcontrol

show port inlinepower

show port jumbo

show port l2protocol-tunnel

show port lacp-channel

show port mac

show port mac-address

show port mac-auth-bypass

show port mvrp

show port negotiation

show port prbs

show port protocol

show port qos

show port rsvp

show port security

show port security-acl

show port spantree

show port status

show port sync-restart-delay

show port tdr

show port transceiver

show port trap

show port trunk

show port unicast-flood

show port vlan-mapping

show port voice

show port voice active

show port voice fdl

show port voice interface

show port vtp

show port web-auth

show proc

show protocolfilter

show pvlan

show pvlan capability

show pvlan mapping

show qos acl editbuffer

show qos acl info

show qos acl map

show qos acl resource-usage

show qos bridged-microflow-policing

show qos info

show qos mac-cos

show qos maps

show qos policer

show qos policy-source

show qos rsvp

show qos statistics

show qos statistics export info

show qos status

show radius

show rate-limit

show rcp

show reset

show rgmp group

show rgmp statistics

show rspan

show running-config

show security acl

show security acl arp-inspection

show security acl capture-ports

show security acl cram

show security acl downloaded-acl

show security acl feature ratelimit

show security acl log

show security acl map

show security acl resource-usage

show security acl tcam interface

show snmp

show port

To display port status information, use the show port command.

show port [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

/port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown.

If you do not specify a port value, all the ports on the module are shown.

The output for an 8-port T1/E1 PSTN interface module configured for transcoding or conferencing displays a transcoding port type as "mtp" (media termination point) or a conference port type as a "conf bridge."

The output for an 8-port T1/E1 PSTN interface module displays a transcoding port type as "transcoding" or a conference port type as "conferencing."

The PAgP channel protocol and the LACP channel protocol manage channels differently. When all the ports in a channel get disabled, PAgP removes them from its internal channels list; the show commands do not display the channel. With LACP, when all the ports in a channel get disabled, LACP does not remove the channel; the show commands continue to display the channel even though all its ports are down. To determine if a channel is actively sending and receiving traffic with LACP, use the show port command to see if the link is up or down.

LACP does not support half-duplex links. If a port is in active/passive mode and becomes half duplex, the port is suspended (and a syslog message is generated). The port is shown as connected when you use the show port command and as not connected when you use the show spantree command. This discrepancy is because the port is physically connected but has never joined spanning tree. To get the port to join spanning tree, either set the duplex to full or set the channel mode to off for that port.

For more information about PAgP and LACP, see the "Configuring EtherChannel" chapter of the Catalyst 6500 Series Switch Software Configuration Guide.

Examples

This example shows how to display the status and counters for a specific module and port:
Console> show port 3/3
* = Configured MAC Address 
Port  Name                 Status     Vlan       Duplex Speed       Type
----- -------------------- ---------- ---------- ------ ----------- ------------
 3/3                       connected  1          a-full       a-100 10/100BaseTX
Port  AuxiliaryVlan AuxVlan-Status
----- ------------- --------------
 3/3  none          none          
Port  Security Violation Shutdown-Time Age-Time Max-Addr Trap     IfIndex
----- -------- --------- ------------- -------- -------- -------- -------
 3/3  disabled  shutdown             0        0        1 disabled      16
Port  Flooding on Address Limit Last-Src-Addr     Vlan TimerType 
----- ------------------------- ----------------- ---- ----------
 3/3                    Enabled                 -    -   Absolute 
Port  Num-Addr Secure-Src-Addr     Vlan Age-Left Shutdown/Time-Left
----- -------- -----------------   ---- -------- ------------------
 3/3         0                 -      -        -        -         -
Port  802.1X Auth-State   802.1X Port-Status 
----- ------------------  ------------------
 3/3  force-authorized    authorized
Port  Mac-Auth-Bypass State  Mac-Auth-Bypass Port-Status
----- ---------------------  ---------------------------
 3/3  Disabled               -                          
Port     Broadcast-Limit Multicast Unicast Total-Drop           Action      
-------- --------------- --------- ------- -------------------- ------------
 3/3                   -         -       -                    0 drop-packets
Port  Send FlowControl  Receive FlowControl   RxPause    TxPause
      admin    oper     admin     oper
----- -------- -------- --------- ---------   ---------- ----------
 3/3  off      off      off       off         0          0          
Port  Ethernet-oam State  Mode      Ethernet-oam Port-Status
----- ------------------  --------  ------------------------
 3/3  Enabled             Active    Operational    
Port  Status     Channel              Admin 	Ch
                 Mode                 Group 	Id
----- ---------- -------------------- ----- -----
 3/3  connected  auto silent            156     0
Port  Status      ErrDisable Reason    Port ErrDisableTimeout  Action on Timeout
----  ----------  -------------------  ----------------------  -----------------
 3/3  connected                     -  Enable                  No Change
Port  Align-Err  FCS-Err    Xmit-Err   Rcv-Err    UnderSize
----- ---------- ---------- ---------- ---------- ---------
 3/3           0          0          0          0         0
Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts     Giants
----- ---------- ---------- ---------- ---------- --------- --------- ---------
 3/3           0          0          0          0         0         0         0
Port  Last-Time-Cleared
----- --------------------------
 3/3  Mon Sep 29 2008, 12:29:22
Idle Detection
--------------
   -- 
Console>
This example shows the port information on a 48-port 10/100BASE-TX module with inline power:
Console> show port 9/5
* = Configured MAC Address
Port  Name               Status     Vlan       Duplex Speed Type
----- ------------------ ---------- ---------- ------ ----- ------------
 9/5                     notconnect 1            auto  auto 10/100BaseTX
Port  AuxiliaryVlan AuxVlan-Status     InlinePowered     PowerAllocated
                                   Admin Oper   Detected mWatt mA @42V
----- ------------- -------------- ----- ------ -------- ----- --------
 9/5  none          none           auto  off    no       0     0
Port  Security Violation Shutdown-Time Age-Time Max-Addr Trap     IfIndex
----- -------- --------- ------------- -------- -------- -------- -------
 9/5  disabled  shutdown             0        0        1 disabled     126
Port  Num-Addr Secure-Src-Addr   Age-Left Last-Src-Addr     Shutdown/Time-Left
----- -------- ----------------- -------- ----------------- ------------------
 9/5         0                 -        -                 -        -         -
Port  Flooding on Address Limit
----- -------------------------
 9/5						Enabled
Port     Broadcast-Limit Broadcast-Drop
-------- --------------- --------------------
 9/5                   -                    0
Port   Send FlowControl    Receive FlowControl   RxPause TxPause Unsupported
       admin    oper       admin    oper                         opcodes
-----  -------- --------   -------- --------     ------- ------- -----------
 9/5   off      off        off      off          0       0       0
Port  Status     Channel              Admin Ch
                 Mode                 Group Id
----- ---------- -------------------- ----- -----
 9/5  notconnect auto silent            546     0
Port  Align-Err  FCS-Err    Xmit-Err   Rcv-Err    UnderSize
----- ---------- ---------- ---------- ---------- ---------
 9/5           0          0          0          0         0
Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts     Giants
----- ---------- ---------- ---------- ---------- --------- --------- ---------
 9/5           0          0          0          0         0         0         0
Last-Time-Cleared
--------------------------
Wed Mar 15 2000, 21:57:31
Console>
This example shows the port information on an 8-port T1/E1 PSTN interface module configured for transcoding and conferencing:
Console> show port 7
* = Configured MAC Address
Port     DHCP    MAC-Address       IP-Address      Subnet-Mask
-------- ------- ----------------- -------------- ---------------
 7/1                     connected  123        full   1.544 T1
 7/2                     connected  2          full   1.544 T1
 7/3                     disable    1          full   1.544 T1
 7/4                     connected  11         full   1.544 T1
 7/5                     connected  123        full   1.544 T1
 7/6                     connected  1          full   1.544 T1
 7/7                     faulty     2          full   1.544 conf bridge
 7/8                     faulty     2          full   1.544 mtp
Port     DHCP    MAC-Address       IP-Address      Subnet-Mask
-------- ------- ----------------- --------------- ---------------
 7/1     enable  00-10-7b-00-0a-58 172.20.34.68    255.255.255.0   
 7/2     enable  00-10-7b-00-0a-59 172.20.34.70    255.255.255.0   
 7/3     enable  00-10-7b-00-0a-5a 172.20.34.64    255.255.255.0
 7/4     enable  00-10-7b-00-0a-5b 172.20.34.66    255.255.255.0   
 7/5     enable  00-10-7b-00-0a-5c 172.20.34.59    255.255.255.0   
 7/6     enable  00-10-7b-00-0a-5d 172.20.34.67    255.255.255.0   
 7/7     enable  00-10-7b-00-0a-5e (Port host processor not online)
 7/8     enable  00-10-7b-00-0a-5f (Port host processor not online)
Port     Call-Manager(s)   DHCP-Server     TFTP-Sever      Gateway
-------- ----------------- --------------- --------------- ---------------
 7/1     172.20.34.207*    172.20.34.207   172.20.34.207   -               
         callm.cisco.com
 7/2     172.20.34.207     172.20.34.207   172.20.34.207   172.20.34.20
 7/3     172.20.34.207     172.20.34.207   172.20.34.207   - 
 7/4     172.20.34.207     172.20.34.207   172.20.34.207   - 
 7/5     172.20.34.207     172.20.34.207   172.20.34.207   - 
 7/6     172.20.34.207     172.20.34.207   172.20.34.207   - 
 7/7     (Port host processor not online)
 7/8     (Port host processor not online)
Port     DNS-Server(s)   Domain
-------- --------------- -------------------------------------------------
 7/1     172.20.34.207   cisco.com
 7/2     172.20.34.207*  int.cisco.com
         171.69.45.34
         172.78.111.132
 7/3     172.20.34.207   -
 7/4     172.20.34.207   -
 7/5     172.20.34.207   -
 7/6     172.20.34.207   -
 7/7     (Port host processor not online)
 7/8     (Port host processor not online)
Port     CallManagerState DSP-Type
-------- ---------------- --------
 7/1     registered       C549
 7/2     registered       C549
 7/3     registered       C549
 7/4     registered       C549
 7/5     registered       C549
 7/6     notregistered    C549
 7/7     (Port host processor not online)
 7/8     (Port host processor not online)
Port  NoiseRegen NonLinearProcessing
----- ---------- -------------------
 7/1  disabled   disabled
 7/2  disabled   disabled
 7/3  disabled   disabled
 7/4  disabled   disabled
 7/5  enabled    disabled
 7/6  disabled   enabled
 7/7  (Port host processor not online)
 7/8  (Port host processor not online)
(*): Primary
Console>
This example show the port information on a 24-port FXS analog station interface services-configured module:
Console> (enable) show port 3
Port  Name               Status     Vlan       Duplex Speed Type
----- ------------------ ---------- ---------- ------ ----- ------------
 3/1                     onhook     1            full   64k FXS
 3/2                     onhook     1            full   64k FXS
 3/3                     onhook     1            full   64k FXS
 3/4                     onhook     1            full   64k FXS
 3/5                     onhook     1            full   64k FXS
 3/6                     onhook     1            full   64k FXS
 3/7                     onhook     1            full   64k FXS
 3/8                     onhook     1            full   64k FXS
 3/9                     onhook     1            full   64k FXS
 3/10                    onhook     1            full   64k FXS
 3/11                    onhook     1            full   64k FXS
 3/12                    onhook     1            full   64k FXS
 3/13                    onhook     1            full   64k FXS
 3/14                    onhook     1            full   64k FXS
 3/15                    onhook     1            full   64k FXS
 3/16                    onhook     1            full   64k FXS
 3/17                    onhook     1            full   64k FXS
 3/18                    onhook     1            full   64k FXS
 3/19                    onhook     1            full   64k FXS
 3/20                    onhook     1            full   64k FXS
 3/21                    onhook     1            full   64k FXS
 3/22                    onhook     1            full   64k FXS
 3/23                    onhook     1            full   64k FXS
 3/24                    onhook     1            full   64k FXS
Port     DHCP    MAC-Address       IP-Address      Subnet-Mask
-------- ------- ----------------- --------------- ---------------
 3/1-24  enable  00-10-7b-00-13-e4 172.20.34.50    255.255.255.0   
Port     Call-Manager      DHCP-Server     TFTP-Sever      Gateway
-------- ----------------- --------------- --------------- ---------------
 3/1-24  172.20.34.207     172.20.34.207   172.20.34.207   -               
Port     DNS-Server      Domain
-------- --------------- --------------------------
 3/1-24  172.20.34.207   -
Port     EchoCancel(ms) CallManagerState DSP-Type
-------- -------------- ---------------- --------
 3/1-24  4660           registered       C549
Port     ToneLocal     Impedance InputGain(dB) OutputAtten(dB)
-------- ------------- --------- ------------- ---------------
 3/1-24  northamerica  0         0             0
Port     RingFreq Timing    Timing         Timing    Timing
         (Hz)     Digit(ms) InterDigit(ms) Pulse(ms) PulseDigit(ms)
-------- -------- --------- -------------- --------- --------------
 3/1-24  20       100       100            0         0
Console> (enable) 
Table 2-69 describes the possible fields (depending on the port type queried) in the show port command output.

Table 2-69 show port Command Output Fields

Field

Description

Port

Module and port number.

Name

Name (if configured) of the port.

Status

Status of the port (connected, notconnect, connecting, standby, faulty, inactive, shutdown, disabled, monitor, active, dot1p, untagged, inactive, or onhook).

Vlan

VLANs to which the port belongs.

Auxiliaryvlan¹

Auxiliary VLANs to which the port belongs.

Duplex

Duplex setting for the port (auto, full, half).

Speed

Speed setting for the port (auto, 10, 100, 1000).

Type²

Port type (for example, 1000BASE-SX or 100BASE-FX, or T1, E1, transcoding, conferencing, mtp, or conf bridge for voice ports).

Security

Status of whether port security is enabled or disabled.

Secure-Src-Addr

Secure MAC address for the security-enabled port.

Last-Src-Addr

Source MAC address of the last packet received by the port.

Broadcast-Limit

Broadcast threshold configured for the port.

Multicast

Number of multicast packets dropped.

Unicast

Number of unicast packets dropped.

Total-Drop

Number of broadcast, multicast, and unicast packets dropped because the port broadcast limit was exceeded.

Shutdown

Status of whether the port was shut down because of security.

Trap

Status of whether the port trap is enabled or disabled.

IfIndex

Number of the ifIndex.

Broadcast-Limit

Broadcast threshold configured for the port.

Broadcast-Drop

Number of broadcast/multicast packets dropped because the broadcast limit for the port was exceeded.

Errdisable Reason

Reason for the port to be in the errdisabled state.

Port ErrDisableTimeout

Status of the errdisable timer timeout on the port.

Action on Timeout

Action that is taken on the errdisable timer timeout.

Align-Err

Number of frames with alignment errors (frames that do not end with an even number of octets and have a bad CRC) received on the port.

FCS-Err

Number of valid size frames with FCS errors but no framing errors.

Xmit-Err

Number of transmit errors that occurred on the port (indicating that the internal transmit buffer is full).

Rcv-Err

Number of receive errors that occurred on the port (indicating that the internal receive buffer is full).

UnderSize

Number of received frames less than 64 octets long (but are otherwise well-formed).

Single-Coll

Number of times one collision occurred before the port transmitted a frame to the media successfully.

Multi-Coll

Number of times multiple collisions occurred before the port transmitted a frame to the media successfully.

Late-Coll

Number of late collisions (collisions outside the collision domain).

Excess-Col

Number of excessive collisions that occurred on the port (indicating that a frame encountered 16 collisions and was discarded).

Carri-Sen

Number of times that the port sensed a carrier (to determine whether the cable is currently being used).

Runts

Number of received runt frames (frames that are smaller than the minimum IEEE 802.3 frame size) on the port.

Giants

Number of received giant frames (frames that exceed the maximum IEEE 802.3 frame size) on the port.

CE-State

Connection entity status.

Conn-State

Connection state of the port, as follows:

•Disabled—The port has no line module or was disabled by the user.

•Connecting—The port attempted to connect or was disabled.

•Standby—The connection was withheld or was the inactive port of a dual-homing concentrator.

•Active—The port made a connection.

•Other—The concentrator was unable to determine the Conn-State.

Type

Type of port, such as A—A port and B—B port.

Neig

Type of port attached to this port. The neighbor can be one of these types:

•A—A port

•B—B port

•M—M port

•S—Slave port

•U—The concentrator cannot determine the type of the neighbor port.

Ler Con

Status of whether the port is currently in a LER condition.

Est

Estimated LER.

Alm

LER at which a link connection exceeds the LER alarm threshold.

Cut

LER cutoff value (the LER at which a link connection is flagged as faulty).

Lem-Ct

Number of LEM errors received on the port.

Lem-Rej-Ct

Number of times that a connection was rejected because of excessive LEM errors.

Last-Time-Cleared

Last time that the port counters were cleared.

Auto-Part

Number of times that the port entered the auto-partition state due to excessive consecutive collisions.

Data-rate mismatch

Number of valid size frames that experienced overrun or underrun.

Src-addr change

Number of times that the last source address changed.

Good-bytes

Total number of octets in frames with no error.

Short-event

Number of short events received.

InlinePowered1

InlinePowered for Admin (auto, on, off), Oper (on, off, denied), and Detected (yes, no).

PowerAllocated1

PowerAllocated for Watts (values displayed as Watts measurement) and Volts (values displayed as Volts measurement).

Age-Time1

Age timeout setting for the port.

Age-Left1

Age timeout remaining for the port.

Maximum-Addrs1

Maximum number of secured MAC addresses on the port.

CallManagerState1

Operational state of the voice port (Not Registered, Registered, Up, Down, and Alarm).

NoiseRegen³

Status of whether noise regeneration is enabled for the port.

NonLinear3

Status of whether nonlinear processing is enabled for the port.

Comp-Alg3

Type of compression algorithm used (for example G.711, G.723, and G.729).

IP-address3

IP address associated with the port.

Netmask3

Netmask associated with the port.

MAC-Address3

MAC address associated with the port.

Call-Manager-IP3

Cisco CallManager IP address associated with the port.

DHCP-Server-IP3

DHCP server IP address associated with the port.

DNS-Server-IP3

DNS server IP address associated with the port.

TFTP-Server-IP3

TFTP server IP address associated with the port.

¹This field is applicable to the 48-port 10/100BASE-TX switching services-configured module.

²This field changes according to the system configuration.

³This field is applicable to the 8-port T1/E1 DSP services-configured module.

Related Commands

set port disable
set port enable
show port status

show port arp-inspection

To display the drop threshold, the shutdown threshold, and the DAI trust status for specific ports, use the show port arp-inspection command.

show port arp-inspection [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

If you do not specify a module, the system displays the drop threshold, the shutdown threshold, and the DAI trust status for all ports.

Examples

This example shows how to display the thresholds on module 2, port 1:
Console> (enable) show port arp-inspection 2/1
Port                      Drop Threshold Shutdown Threshold         Trust
------------------------  -------------- ------------------      ---------
 2/1                                  0                  0       untrusted
Console> (enable)
Related Commands

set port arp-inspection
set security acl arp-inspection

show port auto-mdix

To display the status of the automatic Media-Dependent Interface Crossover (MDIX) feature on a port, use the show port auto-mdix command.

show port auto-mdix [mod[/port]]
Syntax Description

mod[/port]

(Optional) Number of the module and optionally, the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal mode.

Usage Guidelines

If you do not enter any arguments, the status of the automatic MDIX feature displays for all ports that support the feature

Examples

This example shows how to display the status of the automatic Media-Dependent Interface Crossover (MDIX) feature for module 3, port 6:
Console> (enable) show port auto-mdix 
Port   auto-mdix
-----  ---------
 3/1   enable
 3/2   enable
 3/3   enable
 3/4   enable
 3/5   enable
 3/6   enable
 3/7   enable
 3/8   enable
 3/9   enable
 3/10  enable
 3/11  enable
 3/12  enable
 3/13  enable
 3/14  enable
 3/15  enable
 3/16  enable
 3/17  enable
 3/18  enable
 3/19  enable
 3/20  enable
 3/21  enable
Related Commands

set port auto-mdix

show port auxiliaryvlan

To display the port auxiliary VLAN status for a specific port, use the show port auxiliaryvlan command.

show port auxiliaryvlan {vlan | untagged | dot1p | none}
Syntax Description

vlan

Number of the VLAN; valid values are from 1 to 4094.

untagged

Displays the Cisco IP Phone 7960 that sends untagged packets without 802.1p priority.

dot1p

Displays the Cisco IP Phone 7960 that sends packets with 802.1p priority.

none

Displays the switch that does not send any auxiliary VLAN information in the CDP packets from that port.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display the port information for a specific auxiliary VLAN:
Console> (enable) show port auxiliaryvlan             
AuxiliaryVlan Status   Mod/Ports
------------- -------- ------------------------------------------------------
222           active   8/4-7
333           active   8/13-18
dot1p         dot1p    8/23,8/31-34
untagged      untagged 9/12
none          none     8/1-3,8/8-12,8/19-22,8/24-30,8/35-48,9/1-11,9/13-48
Console> (enable) 
This example shows how to display the port information for a specific auxiliary VLAN:
Console> (enable) show port auxiliaryvlan 222
AuxiliaryVlan Status   Mod/Ports
------------- -------- ------------------------------------------------------
222           active   8/4-7
Console> (enable) 
This example shows how to display the status of the switch that does not send any auxiliary VLAN information in the CDP packets:
Console> (enable) show port auxiliaryvlan none
AuxiliaryVlan Status   Mod/Ports
------------- -------- ------------------------------------------------------
none          none     8/1-3,8/8-12,8/19-22,8/24-30,8/35-48,9/1-11,9/13-48
Console> (enable) 
This example shows how to display the status of the Cisco IP Phone 7960 that sends untagged packets without 802.1p priority:
Console> (enable) show port auxiliaryvlan untagged
AuxiliaryVlan Status   Mod/Ports
------------- -------- ------------------------------------------------------
untagged      untagged 9/12
Console> (enable) 
This example shows how to display the status of the Cisco IP Phone 7960 that sends packets with 802.1p priority:
Console> (enable) show port auxiliaryvlan dot1p
AuxiliaryVlan Status   Mod/Ports
------------- -------- ------------------------------------------------------
dot1p         dot1p    8/23,8/31-34
Console> (enable)
Table 2-70 describes the possible fields (depending on the port type queried) in the show port auxiliaryvlan command output.

Table 2-70 show port auxiliaryvlan Command Output Fields

Field

Description

AuxiliaryVlan

Number of the auxiliary VLAN.

AuxVlanStatus

Status of the auxiliary VLAN.

Mod/Ports

Number of the module and ports assigned to the auxiliary VLAN.

Related Commands

set port auxiliaryvlan

show port broadcast

To display broadcast information, use the show port broadcast command.

show port broadcast [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown.

If you do not specify a port value, all the ports on the module are shown.

On the 1000BASE-X switching module, when you specify a port for broadcast suppression, the traffic is suppressed only in the network-to-Catalyst 6500 series switch bus direction.

Examples

This example shows how to display broadcast information for module 4, port 6:
Console> show port broadcast 4/6 
Port     Broadcast-Limit Multicast Unicast Total-Drop           Violation
-------- --------------- --------- ------- -------------------- ------------
 4/6             90.00 %         -       -                    0 drop-packets
Console>
Table 2-71 describes the possible fields (depending on the port type queried) in the show port broadcast command output.

Table 2-71 show port broadcast Command Output Fields

Field

Description

Port

Module and port number.

Broadcast-Limit

Broadcast threshold configured for the port.

Multicast

Number of multicast packets dropped.

Unicast

Number of unicast packets dropped.

Total-Drop

Number of broadcast, multicast, and unicast packets dropped because the port broadcast limit was exceeded.

Violation

Action the port takes when the broadcast threshold is exceeded; the port either errdisables or drops packets.

Related Commands

set port broadcast

show port capabilities

To display the capabilities on the ports, use the show port capabilities command.

show port capabilities [mod[/port]]
show port capabilities vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown.

If you do not specify a port value, all the ports on the module are shown.

Examples

This example shows how to list the port capabilities on a specific module and port:
Console> show port capabilities 1/1
Model                       WS-X6548-RJ-45
Port                        1/1
Type                        10/100BaseTX
Auto MDIX                   yes
AuxiliaryVlan               1..4094,untagged,dot1p,none
Broadcast suppression       percentage(0-100)
Channel                     yes
COPS port group             not supported
CoS rewrite                 yes
Dot1q-all-tagged            yes
Dot1x                       yes
Duplex                      half,full
Fast start                  yes
Flow control                receive-(off,on),send-(off)
Inline power                no
Jumbo frames                yes
Link debounce timer         yes
Link debounce timer delay   no
Membership                  static,dynamic
Port ASIC group             1/1-48
Port VLAN Mapping           Group:1/1-48     Maximum Allowed Mappings:32
QOS scheduling              rx-(1p1q0t),tx-(1p3q1t)
Security                    yes
SPAN                        source,destination
Speed                       auto,10,100
Sync restart delay          no
ToS rewrite                 no
Trunk encap type            802.1Q,ISL
Trunk mode                  on,off,desirable,auto,nonegotiate
UDLD                        yes
Console>
This example shows the port capabilities on a 48-port 10/100BASE-TX switching services configured-module:
Console> show port capabilities 3/2
Model                    WS-X6248-RJ-45
Port                     3/2
Type                     10/100BaseTX
Speed                    auto,10,100
Duplex                   half,full
Trunk encap type         802.1Q,ISL
Trunk mode               on,off,desirable,auto,nonegotiate
Channel                  yes
Broadcast suppression    percentage(0-100)
Flow control             receive-(off,on),send-(off)
Security                 yes
Membership               static
Fast start               yes
QOS scheduling           rx-((null)),tx-((null))
QOS classification       layer 2,layer 3
UDLD                     Capable
SPAN                     source,destination
Inline power             auto,on,off
Auxiliaryvlan            1..1000,dot1p,untagged,none
Console> 
This example shows the port capabilities on an 8-port T1/E1 ISDN PRI services configured-module:
Console> show port capabilities 3/2
Model                    WS-X6608-T1   (or WS-X6608-E1)
Port                     3/2
Type                     T1, transcoding, conferencing
Speed                    1.544 Mps     (or 2.048Mps)
Duplex                   full
Channel                  no
Broadcast suppression    no
Flow control             no
Security                 no
Membership               no
Fast start               no
QOS scheduling           no
QOS classification       no
UDLD                     no
Inline power             no
Auxiliaryvlan            no
Console> 
This example shows the port capabilities on a 24-port FXS analog station interface services-configured module:
Console> show port capabilities 3/2
Model                    WS-X6624-FXS
Port                     3/2
Type                     FXS
Speed                    64kps
Duplex                   full
Trunk encap type         none
Trunk mode               off
Channel                  no
Broadcast suppression    no
Flow control             no
Security                 no
Membership               no
Fast start               no
QOS scheduling           no
QOS classification       no
UDLD                     no
Inline power             no
Auxiliaryvlan            no
Console> 
This example shows the port capabilities on an Intrusion Detection System Module:
Console> show port capabilities 5/2
Model                    WS-X6381-IDS
Port                     5/2
Type                     Intrusion Detection
Speed                    1000
Duplex                   full
Trunk encap type         no
Trunk mode               no
Channel                  no
Broadcast suppression    no
Flow control             no
Security                 no
Dot1x                    no
Membership               static
Fast start               no
QOS scheduling           rx-(none),tx-(none)
CoS rewrite              no
ToS rewrite              no
UDLD                     no
Inline power             no
AuxiliaryVlan            no
SPAN                     source
COPS port group          not supported
Link debounce timer      yes
Console>
Table 2-72 describes the possible fields (depending on the type of port queried) and the values in the show port capabilities command output.

Table 2-72 show port capabilities Command Output Fields

Field

Description

Model

Module model number.

Port

Module number and port number.

Type¹

Port type (1000BASE-SX or 100BASE-FX).

Auto MDIX

Status of whether the port supports the automatic Media-Dependent Interface Crossover (MDIX) function (yes, no).

Auxiliaryvlan²

Status of whether the port supports voice VLANs (yes, no).

Broadcast suppression

Percentage of total available bandwidth that can be used by broadcast traffic (0-100).

Channel

Status of which ports can form a channel group. The ports are shown in mod/port format. For example, 3/1-2 indicates module 3, ports 1 and 2. Also, any ports in range [mod/1-mod/high_port] or no ports may be indicated.

COPS port group

Status of whether the port supports COPS port group (not supported, ports that are supported).

CoS rewrite

Status of whether the port supports CoS rewrite (yes, no).

Dot1q-all-tagged

Status of whether the port supports the 802.1Q tagging feature (yes, no).

Duplex

Duplex mode (half, full, auto).

Fast start

Status of whether the spanning tree PortFast-start feature on the port is enabled (yes, no).

Flow control

Flow-control options you can set (receive-[off, on, desired], send-[off, on, desired], or no).

Inline power2

Status of whether the port supports inline power (yes, no).

Jumbo Frames

Status of whether the port supports Jumbo Frames (yes, no).

Link debounce timer

Status of whether the port supports debounce timer (yes, no).

Link debounce timer delay

Status of whether the port supports the link debounce timer delay (yes, no).

Membership

Method of membership assignment of a port or range of ports to a VLAN (static, dynamic).

Port ASIC group

Ports controlled by a port ASIC.

Port VLAN Mapping

Ports that support VLAN mapping and the maximum number of mappings allowed.

QOS classification

Status of whether the port supports QoS classification (yes, no).

QOS scheduling

Status of whether the port supports QoS scheduling (yes, no).

Security

Status of whether port security is enabled (yes, no).

SPAN

SPAN type supported.

Speed¹

Speed setting for the port (auto, 10, 100, 1000).

Sync restart delay

Status of whether the port supports the synchronization restart delay function (yes, no).

ToS rewrite

Status of whether the port supports ToS rewrite (IP-Precedence).

Trunk encap type²

Trunk encapsulation type (ISL, 802.1Q, 802.10, or no).

Trunk mode²

Trunk administrative status of the port (on, off, auto, desirable, nonegotiate, or no).³

UDLD

Status of whether the port is UDLD-capable or not.

¹This field will change depending on the module configuration.

²This field is applicable to the 48-port 10/100BASE-TX switching services-configured module and the 24-port FXS analog station interface services-configured module.

³"No" means that the port is trunk incapable.

Related Commands

set port broadcast
set port channel
set port security
set port speed
set spantree portfast
set trunk
show port
show port voice active

show port cdp

To display the port CDP enable state and the message interval, use the show port cdp command.

show port cdp [mod[/port]]
show port cdp vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown.

If you do not specify a port value, all the ports on the module are shown.

Examples

This example shows how to display CDP information for all ports:
Console> show port cdp
CDP               : enabled
Message Interval  : 60
Hold Time         : 180
Version           : V2
Port      CDP Status
--------  ----------
 1/1      enabled
 1/2      enabled 
Console> 
Table 2-73 describes the fields in the show port cdp command output.

Table 2-73 show port cdp Command Output Fields

Field

Description

CDP

Status of whether CDP is enabled or not.

Message-Interval

Interval between CDP message exchange with a neighbor.

Hold Time

Hold time setting.

Version

CDP version.

Port

Module and port number.

CDP Status

CDP status of the port (enabled, disabled).

Related Commands

set cdp
show cdp

show port channel

To display EtherChannel information, use the show port channel command.

show port channel [all | mod[/port]] [statistics]
show port channel [all | mod[/port]] {info [type]}
Syntax Description

all

(Optional) Displays information about PAgP and LACP channels.

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

statistics

(Optional) Displays statistics about the port (PAgP packets sent and received).

info

(Optional) Displays port information such as speed, duplex status, priority, secure or dynamic status, and trunk status.

type

(Optional) Displays feature-related parameters; valid values are spantree, trunk, protocol, gmrp, gvrp, qos, rsvp, cops, dot1qtunnel, auxiliaryvlan, jumbo, l2prottunnel, security-acl, dhcp-snooping, arp-inspection.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The protocol conditions are as follows:

•On indicates the port will receive all the flood traffic for that protocol.

•Off indicates the port will not receive any flood traffic for that protocol.

•Auto indicates the port will not receive any flood traffic for that protocol.

The GVRP registration status is defined as follows:

•Normal allows dynamic registering and deregistering each VLAN (except VLAN 1) on the port.

•Fixed supports manual VLAN creation and registration and prevents VLAN deregistration.

•Forbidden statically deregisters all the VLANs (except VLAN 1) from the port.

When you enter the option keyword with any of the options (spantree | trunk | protocol | gmrp | gvrp | qos | rsvp | cops | dot1qtunnel | auxiliaryvlan | jumbo), associated VLANs and the specified feature-related parameters are displayed.

If you do not specify a mod or a port, EtherChannel information is shown for all PAgP channeling ports on all modules.

If you enter the all keyword, information about PAgP and LACP channels is displayed.

Examples

This example shows how to display Ethernet channeling information for module 1:
Console> show port channel 1
Port  Status     Channel   Admin Ch
                 Mode      Group Id
----- ---------- --------- ----- -----
 1/1  nonconnect on        195   769  
 1/2  connected  on        195   769  
Port  Device-ID                       Port-ID                   Platform
----- ------------------------------- ------------------------- ----------------
 1/1  
 1/2  
Console> 
This example shows how to display port statistics:
Console> show port channel 4 statistics
Port  Admin   PAgP Pkts   PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts
      Group   Transmitted Received  InFlush   RetnFlush OutFlush  InError      
----- ------- ----------- --------- --------- --------- --------- ---------
 4/1       69          20         0         0         0         0         0
 4/2       69         105        60         0         0         0         0
 4/3      151           0         0         0        10         0         0
 4/4      151           0         5         0         0         0         0
 4/5       70           0         0         0         0         0         0
 4/6       70          42         0         0         2         0         0
 4/7      152           0        92         0         0         0         0
 4/8      152           0         0         0         0         0         0
Console>      
This example shows how to display port information:
Console> show port channel 1 info
Switch Frame Distribution Method:mac both
Port  Status     Channel   Admin Channel Speed Duplex Vlan PortSecurity/
                 mode      group id                        Dynamic port
----- ---------- --------- ----- ------- ----- ------ ---- -------------
 1/1  notconnect auto          1       0 1000  full      1 -             
 1/2  connected  auto          1       0 1000  full      1 -             
Port  ifIndex Oper-group Neighbor   Oper-Distribution
                         Oper-group Method
----- ------- ---------- ---------- -----------------
 1/1  -                1            mac both         
 1/2  -                2            mac both         
Port  Device-ID                       Port-ID                   Platform
----- ------------------------------- ------------------------- ----------------
 1/1  
 1/2  
Port  Trunk-status Trunk-type    Trunk-vlans
----- ------------ ------------- -----------------------------------------------
 1/1  not-trunking negotiate     1-1005
 1/2  not-trunking negotiate     1-1005
        
Port  Portvlancost-vlans
----- --------------------------------------------------------------------------
 1/1  
 1/2  
Port  Port     Portfast Port    Port
      priority          vlanpri vlanpri-vlans
----- -------- -------- ------- ------------------------------------------------
 1/1        32 disabled       0 
 1/2        32 disabled       0 
Port  IP       IPX      Group
----- -------- -------- --------
 1/1  on       auto-on  auto-on 
 1/2  on       auto-on  auto-on 
Port  GMRP     GMRP         GMRP
      status   registration forwardAll
----- -------- ------------ ----------
 1/1  enabled  normal       disabled  
 1/2  enabled  normal       disabled  
Port  GVRP     GVRP          GVRP
      status   registeration applicant
----- -------- ------------- ---------
 1/1  disabled normal        normal   
 1/2  disabled normal        normal   
Port  Qos-Tx Qos-Rx Qos-Trust    Qos-DefCos
----- ------ ------ ------------ ----------
 1/1  2q2t   1q4t   untrusted             0
 1/2  2q2t   1q4t   untrusted             0
Console>    
These examples show how to display feature-specific parameter information:
Console> (enable) show port channel 3 info spantree
Port  Port     Portfast Port    Port
      priority          vlanpri vlanpri-vlans
----- -------- -------- ------- ------------------------------------------------
3/1        32 disabled      12 2,4,90
3/2        32 disabled      12 2,4,90
3/3        32 disabled      12 2,4,90
3/4        32 disabled      12 2,4,90
Console>    
Console> (enable) show port channel 3 info trunk
Port  Trunk-status Trunk-type    Trunk-vlans
----- ------------ ------------- -----------------------------------------------
3/1  not-trunking negotiate     1-1005
3/2  not-trunking negotiate     1-1005
3/3  not-trunking negotiate     1-1005
3/4  not-trunking negotiate     1-1005
Console>    
Console> (enable) show port channel 3 info protocol
Port  IP       IPX      Group
----- -------- -------- --------
3/1  on       auto-on  auto-on 
3/2  on       auto-on  auto-on 
3/3  on       auto-on  auto-on 
3/4  on       auto-on  auto-on 
Console>    
Console> (enable) show port channel 3 info gmrp
Port  GMRP     GMRP         GMPR
      status   registration forwardAll
----- -------- ------------ ----------
3/1  enabled  normal       disabled  
3/2  enabled  normal       disabled  
3/3  enabled  normal       disabled  
3/4  enabled  normal       disabled  
Console>    
Console> (enable) show port channel 1 info gvrp
Port  GVRP     GVRP          GVRP
      status   registeration applicant
----- -------- ------------- ---------
1/1   disabled normal        normal   
1/2   disabled normal        normal        
Console>    
Console> (enable) show port channel 1 info qos
Port  Qos-Tx   Qos-Rx   Qos-Trust    Qos-DefCos Qos-Interface
      PortType PortType Type                    Type
----- -------- -------- ------------ ---------- --------------
1/1   2q2t     1q4t     untrusted             0 port-based    
1/2   2q2t     1q4t     untrusted             0 port-based    
----- -------- -------- ------------ ---------- --------------
Port  ACL name                         Type
----- -------------------------------- ----
1/1                                    IP
                                       IPX
                                       MAC
1/2                                    IP
                                       IPX
                                       MAC
Port  Policy Source 
----- -------------
1/1           COPS
1/2           COPS
Console>    
Table 2-74 describes the possible fields (depending on the type of port queried) and the values in the show port channel command outputs.

Table 2-74 show port channel Command Outputs Fields

Field

Description

Port

Module and port number.

Status

Channeling status of the port (connected, notconnect).

Channel mode

Status of whether EtherChannel is on, off, auto, or desirable on the port.

Admin Group

Number of the admin group.

PAgP Pkts Transmitted

Number of PAgP packets transmitted.

PAgP Pkts Received

Number of PAgP packets received.

PAgP Pkts InFlush

Number of PAgP flush packets received.

PAgP Pkts RetnFlush

Number of PAgP flush packets returned.

PAgP Pkts OutFlush

Number of PAgP flush packets transmitted.

PAgP Pkts InError

Number of PAgP error packets received.

Channel ID

Number of the channel group.

Neighbor device

Neighboring device with which the port is channeling.

Neighbor port

Port on the neighboring device with which the port is channeling.

Speed

Speed setting for the port (auto, 10, 100, 1000).

Duplex

Duplex setting for the port (auto, full, half).

Vlan

VLAN to which the port belongs.

Port priority

Priority associated with the port.

PortSecurity/Dynamic port

Status of whether the port is secure or dynamic.

ifIndex

Interface number to which the port belongs.

Oper-group

Capability of the group.

Neighbor device-id

Device ID of the neighboring device with which the port is channeling.

Neighbor port-id

Port ID of the neighboring device with which the port is channeling.

Neighbor Oper-group

Capability of the neighboring device.

Oper-Distribution

Frame distribution method operating status on a per-port basis (ip source, ip destination, ip both, mac source, mac destination, mac both, hotstandby-active, or hotstandby-idle).

Trunk-status

Status of whether the port is trunking or not.

Trunk-type

Type of trunk port.

Trunk-vlans

VLANs to which the port belongs.

Portvlancost-vlans

Port VLAN cost.

Portfast

Status of whether the PortFast-start mode is enabled or disabled.

Port vlanpri

Port VLAN priority.

Port vlanpri-vlans

Priority VLAN number.

IP

Status of the IP protocol (on, off, auto).

IPX

Status of the IPX protocol (on, off, auto).

Group

Status of the VINES, AppleTalk, and DECnet protocols (on, off, auto).

GMRP status

Status of whether GMRP is enabled or disabled.

GMRP registration

Status of the administrative control of an outbound port (normal, fixed, forbidden).

GMRP forward/all

Status of whether the Forward All feature is enabled or disabled.

GVRP status

Status of whether GVRP is enabled or disabled.

GVRP registration

Status of the administrative control of an outbound port (normal, fixed, forbidden).

Qos-Tx

Transmit drop threshold.

Qos-Rx

Receive drop threshold.

Qos-Trust

Status of whether the port is trusted or untrusted.

Qos-DefCos

CoS value.

Qos Port-based

Status of whether the port is port-based QoS or not.

ACL name

Name of the ACL.

Policy Source

Type of policy source.

COPS Admin Roles

COPS admin role designation.

Dot1q tunnel mode

Status of the dot1q tunnel mode.

Jumbo

Status of the jumbo feature.

Auxiliaryvlan

Number of the auxiliary VLAN.

Protocol

Protocol associated with the port.

Related Commands

set port channel
show channel
show channel group

show port cops

To display COPS information on all or individual ports, use the show port cops command.

show port cops [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value or a port value, information is shown for all ports on all modules.

For a few minutes after a switchover from the active to the standby supervisor engine, note that if you enter the show port cops command, the output may be incorrect. If this is the case, the following warning displays:
COPS High Availability Switch Over in progress, hardware may be
programmed differently than as suggested by the output of these
commands.
Examples

This example shows how to display COPS information for all ports:
Console> show port cops
Port    Admin Roles                      Oper Roles
------  -------------------------------  -------------------------
 1/1    backbone_port                    backbone_port
        branch_office_port               -
        access_port                      -
 1/2    -                                -
 3/1    -                                -
 3/2    backbone_port                    backbone_port
 3/3    backbone_port                    backbone_port
 3/4    access_port                      access_port
 3/5    access_port                      branch_office_port
        backbone_port                    -
        branch_office_port               -
        net_port                         -
 3/6    access_port                      access_port
 3/7    -                                -
 3/8    -                                -
Console> 
This example shows how to display COPS information for a specific port:
Console> show port cops 1/1
Port    Admin Roles                      Oper Roles
------  -------------------------------  -------------------------
 1/1    backbone_port                    backbone_port
        branch_office_port               -
        access_port                      -
 1/2    -                                -
Console>
Table 2-75 describes the fields displayed in the show port cops command output.

Table 2-75 show port cops Command Output Fields

Field

Description

Port

Module and port number.

Admin Roles

Administration role.

Oper Roles

Operating role.

Related Commands

clear port cops
set port cops

show port counters

To show all the counters for a port, use the show port counters command.

show port counters [mod[/port]]
show port counters vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module for which to show port counter information.

port

(Optional) Number of the port on the module for which to show port counter information.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown.

If you do not specify a port value, all the ports on the module are shown.

Examples

This example shows counters for all ports:
Console> show port counters
Port  Align-Err  FCS-Err    Xmit-Err   Rcv-Err    UnderSize
----- ---------- ---------- ---------- ---------- ---------
 1/1           0          0          0          0         0
 1/2           0          0          0          0         0
 4/1           0          0          0          0         0
 4/2           0          0          0          0         0
 4/3           0          0          0          0         0
 4/4           0          0          0          0         0
Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts     Giants
----- ---------- ---------- ---------- ---------- --------- --------- ---------
 1/1          12          0          0          0         0         0         -
 1/2           0          0          0          0         0         0         0
 4/1           0          0          0          0         0         0         0
 4/2           0          0          0          0         0         0         0
 4/3           0          0          0          0         0         0         0
 4/4           0          0          0          0         0         0         0
Last-Time-Cleared
--------------------------
Wed Jan 11 2000, 14:58:19
Table 2-76 describes the possible fields (depending on the port type queried) in the show port counters command output.

Table 2-76 show port counters Command Output Fields

Field

Description

Port

Module and port number.

Align-Err

Number of frames with alignment errors (frames that do not end with an even number of octets and have a bad CRC) received on the port.

FCS-Err

Number of frame check sequence errors that occurred on the port.

Xmit-Err

Number of transmit errors that occurred on the port (indicating that the internal transmit buffer is full).

Rcv-Err

Number of receive errors that occurred on the port (indicating that the internal receive buffer is full).

UnderSize

Number of received frames less than 64 octets long (but are otherwise well-formed).

Single-Coll

Number of times one collision occurred before the port successfully transmitted a frame to the media.

Multi-Coll

Number of times multiple collisions occurred before the port successfully transmitted a frame to the media.

Late-Coll

Number of late collisions (collisions outside the collision domain).

Excess-Col

Number of excessive collisions that occurred on the port (indicating that a frame encountered 16 collisions and was discarded).

Carri-Sen

Number of times the port sensed a carrier (to determine whether the cable is currently being used).

Runts

Number of received runt frames (frames that are smaller than the minimum IEEE 802.3 frame size) on the port.

Giants

Number of received giant frames (frames that exceed the maximum IEEE 802.3 frame size) on the port.

Last-Time-Cleared

Last time the port counters were cleared.

Related Commands

clear counters
show port

show port critical

To display the status of the Inaccessible Authentication Bypass (IAB) feature for 802.1X, LPIP, MAC authentication bypass, or web authentication on a specified port, use the show port critical command.

show port critical [mod[/port]]
Syntax Description

mod[/port]

(Optional) Number of the module and optionally, the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not enter a mod/port argument, the IAB feature status on all ports on all modules is displayed. If you enter only a mod argument, the IAB feature status for all ports on the specified module is displayed.

Examples

This example shows how to display the status of the Inaccessible Authentication Bypass on a specific port:
Console> show port critical 8/1
Port  Critical State Features in Critical State
----- -------------- ---------------------------
  8/1 enabled        dot1x, eou
Console>
Related Commands

set port critical

show port debounce

To display whether the port debounce timers are enabled or disabled, use the show port debounce command.

show port debounce [mod | mod/port]
Syntax Description

mod

(Optional) Number of the module.

mod/port

(Optional) Number of the module and the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a port, all ports are displayed.

Examples

This example shows how to display the debounce link timer for a specific port on a specific module:
Console> show port debounce 2/1
Port Debounce link timer
-----  ---------------
 2/1   disable
Console>
Related Commands

set port debounce

show port description

To display a desciption for a port, use the show port description command.

show port desciption [mod[/port]]
show port description vlan [vlan | vlan_name]
Syntax Description

mod[/port]

(Optional) Number of the module and optionally, the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The set port description command adds another 43 characters to the existing limit of 21 characters that can be set when you enter the set port name command. This command displays the description.

If you do not specify a module number or a port number, all port descriptions are displayed. If you only specify a module number, descriptions for all ports on that module are displayed.

Examples

This example shows how to display a description for a specified port:
Console> show port description 7/1
Port  Description
----- ---------------------------------------------------------------
 7/1  sarahtom 172.30.8.35 00-0a-5e-44-8b-78 2/2
Console>
Related Commands

set port description
set port name

show port dhcp-snooping

To display the port specific DHCP snooping configuration, use the show port dhcp-snooping command.

show port dhcp-snooping [mod[/ports]]
Syntax Description

mod[/ports]

(Optional) Number of the module and optionally, the port or ports on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not enter a module number or a module and port numbers, the DHCP snooping configuration is displayed for all ports on the switch.

Examples

This example shows how to display the DHCP snooping configuration on all ports:
Console> show port dhcp-snooping
Port     Trust        Source-Guard    Source-Guarded IP Addresses        Binding Limit
-----    -----------  ------------    ---------------------------        -------------
 5/1     untrusted    disabled                                           32
 5/2     untrusted    disabled                                           32
 5/3     untrusted    disabled                                           32
 5/4     untrusted    disabled                                           32
 5/5     untrusted    disabled                                           32
 5/6     untrusted    disabled                                           32
 5/7     untrusted    disabled                                           32
 5/8     untrusted    disabled                                           32
 5/9     untrusted    disabled                                           32
 5/10    untrusted    disabled                                           32
 5/11    untrusted    disabled                                           32
 5/12    untrusted    disabled                                           32
 5/13    untrusted    disabled                                           32
 5/14    untrusted    disabled                                           32
 5/15    untrusted    disabled                                           32
 5/16    untrusted    disabled                                           32
***Truncated output***
Console> 
This example shows how to display the DHCP snooping configuration for module 4, ports 1-4 on a switch with a PFC3 or later:
Console> (enable) show port dhcp-snooping 4/1-4
Port     Trust     Source-Guard    Source-Guarded IP Addresses    Binding
----     ------    ------------    ---------------------------    -------
 4/1   untrusted      disabled                                    32
 4/2   untrusted      disabled      enabled                       48
 4/3   untrusted      disabled                                    32
 4/4   untrusted      disabled                                    32
Console> (enable)
This example shows how to display the DHCP snooping configuration on module 1 ports:
Console> show port dhcp-snooping 1
Port     Trust     Source-Guard    Source-Guarded IP Addresses
----     ------    ------------    ---------------------------
 1/1     trusted      enabled
 1/2   untrusted      disabled
 1/3   untrusted      disabled
 1/4   untrusted      disabled
 1/5   untrusted      disabled
 1/6   untrusted      disabled
 1/7   untrusted      disabled
 1/8   untrusted      disabled
Console> 
Related Commands

clear dhcp-snooping bindings
set port dhcp-snooping
show dhcp-snooping config

show port dot1q-all-tagged

To show the status of the dot1q-all-tagged feature on all or specific ports, use the show port dot1q-all-tagged command.

show port dot1q-all-tagged [mod[/port]]
show port dot1q-all-tagged vlan [vlan | vlan_name]
Syntax Description

mod[/port]

(Optional) Number of the module and optionally, the number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a module or port number, the status of the dot1q-all-tagged feature is displayed for all ports on all modules.

Examples

This example shows how to display the status of the feature on a specific port:
Console> (enable) show port dot1q-all-tagged 1/1
Dot1q-all-tagged feature globally enabled.
Port Dot1q-all-tagged mode
---- --------------------------------
1/1 disable
Console> (enable)
This example shows how to display the status of the feature on all ports on a specific module:
Console> (enable) show port dot1q-all-tagged 1
Dot1q-All-Tagged feature globally disabled.
Port Dot1q-all-tagged mode
----- ------------------------------
1/1 disable
1/2 disable
Console> (enable)
Related Commands

set dot1q-all-tagged
set port dot1q-all-tagged
show dot1q-all-tagged

show port dot1q-ethertype

To show the status of the 802.1q Ethertype field on all or specific ports, use the show port dot1q-ethertype command.

show port dot1q-ethertype [mod[/port]]
show port dot1q-ethertype vlan [vlan | vlan_name]
Syntax Description

mod[/port]

(Optional) Number of the module and the number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a module or port number, the Ethertype field is displayed for all ports on all modules.

Examples

This example shows how to display the status of the feature on a specific port:
Console> (enable) show port dot1q-ethertype 3/2
Port                Dot1q ethertype value
------              ---------------------
3/2                 1234
Console> (enable) 
Related Commands

set trunk

show port dot1qtunnel

To display the dot1q tunnel mode status, use the show port dot1qtunnel command.

show port dot1qtunnel [mod[/port]]
show port dot1qtunnel vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display the dot1q tunnel mode status for a specific module:
Console> show port dot1qtunnel 4
Port   Dot1q tunnel mode
-----  -----------------
 4/1   access
 4/2   access
 4/3   access
 4/4   access
 4/5   trunk
 4/6   trunk
 4/7   trunk
 4/8   disabled
Console> 
Related Commands

set port dot1qtunnel

show port dot1x

To display all the configurable and current state values associated with the authenticator port access entity (PAE) and backend authenticator and statistics for the different types of Extensible Authentication Protocol (EAP) packets transmitted and received by the authenticator on a specific port, use the show port dot1x command. You can also use this command to display which VLANs have been specified for users that have failed 802.1X authentication.

show port dot1x [mod[/port]]
show port dot1x statistics [mod[/port]]
show port dot1x mod/port guest-vlan {vlan | none}
show port dot1x auth-fail-vlan [vlan | none]
show port dot1x auth-fail-vlan [vlan | none]
show port dot1x name-mapping [mod/port]]
Syntax Description

mod

Number of the module.

port

Number of the port on the module.

statistics

Displays statistics for different EAP packets transmitted and received by the authenticator on a specific port.

guest-vlan

Displays the active VLAN that functions as an 802.1X guest VLAN.

vlan

Number of the VLAN; valid values are from 1 to 4094.

none

Displays ports that do not have guest VLANs.

auth-fail-vlan

Displays information about ports that have VLANs for users that have failed 802.1X authentication.

none

(Optional) Displays ports that do not have an authentication failure VLAN.

name-mapping

Displays the dynamic name assigned to the dot1x port.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

Authentication failure VLANs give end users limited network access after they have failed three attempts at 802.1X authentication. To display the information about ports that have these types of VLANs, enter the show port dot1x auth-fail-vlan command.

Examples

This example shows how to display all the configurable and current state values associated with the authenticator PAE and backend authenticator on a specific port:
Console> (enable) show port dot1x 2/25
Port Auth-State BEnd-State Port-Control Port-Status
----- ------------------- ---------- ------------------- ------------- 
2/25 - - force-authorized -
Port Port-Mode Re-authentication Shutdown-timeout Control-Mode 
admin oper
----- ------------- ----------------- ---------------- --------------- 
2/25 SingleAuth disabled disabled Both -
Port Posture-Token Critical-Status Termination action Session-timeout
----- ------------- --------------- ------------------ --------------- 
2/25 - - - -
Port Session-Timeout-Override Url-Redirect
----- ------------------------ --------------------------------------- 
2/25 disabled -
Port Critical ReAuth-When IP-Device-Tracking
----- -------- ----------- ------------------ 
2/25 disabled - enabled
Console> (enable)
This example displays the statistics of different types of EAP packets that are transmitted and received by the authenticator on a specific port:
Console> show port dot1x statistics 4/1,4/2
Port    Tx_Req/Id    Tx_Req    Tx_Total    Rx_Start    Rx_Logff     Rx_Resp/Id    Rx_Resp
4/1     1            2         4           2           0            1             0
4/2     3            4         6           0           1            1             0
Port    Rx_Invalid    Rx_Len_Err    Rx_Total    Last_Rx_Frm_Ver    Last_Rx_Frm_Src_Mac
4/1     0             0             3           1                  00-f0-3b-2b-d1-a9
4/2     0             0             3           1                  00-d0-62-95-7b-ff
Console>
This example displays information about ports that have VLANs for users that have failed 802.1X authentication:
Console> show port dot1x auth-fail-vlan
Auth-Fail-Vlan Status   Mod/Ports
-------------- -------- ------------------
81             active   3/33
none           none     1/1-2,2/1-2,3/1-32,3/34-48
Console>
This example displays information about 802.1x enabled ports with name-mapping:
Port Port Name                 802.1X Port Name
 ---- ------------------        ------------------
 3/27 -                         dot1x_port_des3 # 
Related Commands

clear dot1x config
set port dot1x
show dot1x

show port eou

To display the Extensible Authentication Protocol over User Datagram Protocol (EoU) configuration on a specified port, use the show port eou command.

show port eou [mod[/port]]
show port eou [mod[/port]] aaa-fail-policy
Syntax Description

mod/port

(Optional) Number of the module and optionally, the port on the module.

aaa-fail-policy

Displays the AAA fail policy for EoU that is mapped to a port.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a module and a port, the EoU configuration is displayed for all EoU-enabled ports.

Examples

This example shows how to display the EoU configuration on a specified port:
Console> (enable) show port eou 2/25
Port EOU-State IP Address MAC Address Critical-Status
-------- --------- --------------- ----------------- ---------------
2/25 disable - - -
Port FSM State Auth Type SQ-Timeout Session Timeout
-------- ------------- ----------- ---------- ---------------
2/25 - - - -
Port Posture URL Redirect
-------- ------------ --------------------
2/25 - -
Port Termination action Session id
-------- ------------------ --------------------------------
2/25 - -
Port PolicyGroups
-------- ------------------------------------------------------
2/25 -
Port Critical Ip-Device-Tracking
----- -------- ------------------
2/25 disabled enabled
Console>(enable)
This example shows how to display the AAA fail policy for EoU that is mapped to module 5, port 10:
Console> show port eou 5/10 aaa-fail-policy
Port  AAA-Fail-Policy
----- ------------------
 5/10  BLDG_E
Console> (enable)
Related Commands

clear eou
set eou
set port eou
set security acl ip
show eou

show port errdisable-timeout

To display the configuration and status of the errdisable timeout for a particular port, use the show port errdisable-timeout command.

show port errdisable-timeout [mod[/port]]
Syntax Description

mod[/port]

(Optional) Number of the module and the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If the port is disabled and the reason is disabled globally, the No Change value is displayed in the Action on Timeout field regardless of the value in the Port ErrDisableTimeout field. If the port is not in errdisabled state, the No Change value always is displayed in the Action on Timeout field.

Examples

This example shows how to display the errdisable timeout configuration and status for a particular port:
Console> show port errdisable-timeout 3/3
Port  Status      ErrDisableReason  Port ErrDisableTimeout  Action on Timeout
----  ----------  ----------------  ----------------------  -----------------
 3/3  errdisable  udld              Disable                 Remain Disabled
Console>
This example shows the output for a port in errdisabled state with the timeout flag enabled and with the reason disabled:
Console> show port errdisable-timeout 3/3
Port  Status      ErrDisableReason  Port ErrDisableTimeout  Action on Timeout
----  ----------  ----------------  ----------------------  -----------------
 3/3  errdisable  udld              Enable                  No Change
Console>
This example shows the output for a port in errdisabled state with the timeout flag enabled and with the reason enabled:
Console> show port errdisable-timeout 3/3
Port  Status      ErrDisableReason  Port ErrDisableTimeout  Action on Timeout
----  ----------  ----------------  ----------------------  -----------------
 3/3  errdisable  udld              Enable                  Enabled
Console>
This example shows the output for a port in errdisabled state with the timeout flag disabled and the reason disabled:
Console> show port errdisable-timeout 3/3
Port  Status      ErrDisableReason  Port ErrDisableTimeout  Action on Timeout
----  ----------  ----------------  ----------------------  -----------------
 3/3  errdisable  udld              Disable                 No Change
Console>
This example shows the output for a port in errdisabled state with the timeout flag disabled and the reason enabled:
Console> show port errdisable-timeout 3/3
Port  Status      ErrDisableReason  Port ErrDisableTimeout  Action on Timeout
----  ----------  ----------------  ----------------------  -----------------
 3/3  errdisable  udld              Disable                 Remain Disabled
Console>
This example shows the output for a port that is not errdisabled state with the timeout flag enabled and with the reason disabled:
Console> show port errdisable-timeout 3/3
Port  Status      ErrDisableReason  Port ErrDisableTimeout  Action on Timeout
----  ----------  ----------------  ----------------------  -----------------
 3/3  connected                  -  Enable                  No Change
Console>
Related Commands

set errdisable-timeout
set port errdisable-timeout
show errdisable-timeout

show port errordetection

To display information about port error detection, use the show port errordetection command.

show port errordetection [mod[/port]]
show port errordetection vlan [vlan | vlan_name]
Syntax Description

mod[/port]

(Optional) Number of the module and optionally, number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display the status of RXCRC and TXCRC error monitoring on port 3/1:
Console> show port errordetection 3/1
Port   Rxcrc    Txcrc
-----  -------- --------
 3/1   enabled  disabled
Console>
This example shows how to display the status of inerrors, RXCRC, and TXCRC error monitoring for all the ports on module 2:
Console> show port errordetection 2
Port   Rxcrc    Txcrc    Inerrors
-----  -------- -------- --------
 2/1   disabled disabled disabled
 2/2   disabled disabled disabled
Console>
Related Commands

set errordetection
set port errordetection
show errordetection

show port ethernet-cfm

To display all the Maintenance End Points (MEPs) associated with a given port or all ports in a module, use the show port ethernet-cfm command.

show port ethernet-cfm [mod | mod/port]
Syntax Description

mod/port

(Optional) Number of the module and the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display the MEPs on module 3, port 1:
Console> show port ethernet-cfm 3/1
Ethernet CFM is globally enabled on this switch.
--------------------
Port     CFM-State
--------------------
3/1     enable     
* - indicates vlan does not exist
$ - indicates vlan is suspended
@ - indicates vlan is not allowed on this port
--------------------------------------------------------------------------------
Port   MPID  Domain              Level  Type  Dir  Vlans       MA-Name
--------------------------------------------------------------------------------
3/1    100   snmp                1      MEP   DOWN   10        snmp_ma_1
This example shows how to display the AIS and the server MEP attributes configured on module 3, port 27:
Console> (enable) show port ethernet-cfm 3/27
Ethernet CFM is globally enabled on this switch.
------------------------------------------
Port     CFM-State   AIS-State  AIS-Defect
------------------------------------------
3/27     enable      enable     N
* - indicates vlan does not exist
$ - indicates vlan is suspended
@ - indicates vlan is not allowed on this port
--------------------------------------------------------------------------------
Port   MPID  Domain              Level  Type  Dir  Vlans       MA-Name
--------------------------------------------------------------------------------
Console> (enable) 
Related Commands

clear port ethernet-cfm

set port ethernet-cfm

show port ethernet-evc

To display the Customer Edge-VLAN/Ethernet Virtual Connections (CE-VLAN/EVCs) mapping configured for the port, use the show port ethernet-evc command.

show port ethernet-evc mod/port {[detail] | evc-id [detail]}
Syntax Description

mod/port

(Optional) Number of the module and the port on the module.

detail

(Optional) Specifies the details of EVC.

evc-id

EVC identifier.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

These examples show how to display the CE-VLAN/EVC mapping configured for module 7, port 1:
Console> (enable) show port ethernet-evc 7/1
UNI Id: PE-CUSTA-PORT1
St 	EVC Id 		CE-Vlan
------ -------------- ----------
?A 	EVC1 		10
?A 	EVC2 		20
Key: St=Status, A=Active, P=Partially Active, I=Inactive, ?=ELMI Link Down
Console> (enable) show port ethernet-evc 7/1 EVC1 detail
Port: 7/1
EVC Id: EVC1
	Time since Last Full Report: Never
	Ether LMI Link Status: Down
	UNI Id: SANJOSE
	UNI Status: Up
	CE-VLAN/EVC Map Type: multiplex
	CE-VLAN: 10
	EVC Status: Inactive
	EVC Type: Point-to-Point
	Remote UNI Count: Configured = 1, Active = 0
Related Commands

clear port ethernet-evc

set port ethernet-evc

show port ethernet-lmi

To display Ethernet Local Management Interface (ELMI) statistics and ELMI parameters, use the show port ethernet-lmi command.

show port ethernet-lmi mod/port statistics
show port ethernet-lmi mod/port config
Syntax Description

mod/port

(Optional) Number of the module and the port on the module.

statistics

Displays ELMI statistics for the mod/port.

config

Displays the ELMI configuration for the mod/port.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

The User to Network Interface (UNI) status is reported as up if the port is operational and shown as down if it is disabled or nonoperational.

Examples

These examples show how to display the ELMI statistics and configuration for module 7, port 1:
Console> (enable) show port ethernet-lmi 7/1 statistics
E-LMI statistics for port 7/1
  Ethernet LMI Link Status: Up
  UNI Status: Up
  UNI Id: PE1-CustA-Port1
Reliability Errors:
  Status Enq Timeouts 0 Invalid Sequence Number 0
Protocol Errors:
  Invalid Protocol Version     0 Invalid EVC Reference Id     0
  Invalid Message Type         0 Out of sequence IE           0
  Duplicated IE                0 Mandatory IE missing         0
  Invalid Mandatory IE         0 Invalid non-mandatory IE     0
  Unrecognized IE              0 Unexpected IE                0
Last Full Status Enq Rcvd 	00:00:10 Last Full Status Sent 	00:00:10
Last Status Check Enq Rcvd 	00:00:00 Last Status Check Sent 	00:00:00
Last clearing of counters 	never
Console> (enable) show port ethernet-lmi 7/1 config
E-LMI parameters for port 7/1
Port Ethernet LMI: Enabled
Operational Status: Disabled
  Mode: PE
  T391: NA
  T392: 15
  N391: NA
  N393: 4
Related Commands

clear port ethernet-lmi

set port ethernet-lmi

show port ethernet-oam

To display the IEEE 802.3ah Operations, Administrations, and Maintenance (OAM) configuration, status, and counters on a port, use the show port ethernet-oam command. You can also use the command to display OAM information about a peer entity and the most recent loopback test results on a port.

show port ethernet-oam [mod[/port]] neighbor
show port ethernet-oam [mod/port] remote-loopback
Syntax Description

mod/port

(Optional) Number of the module and the port on the module.

neighbor

Displays information about a peer OAM entity.

remote-loopback

Displays the most recent remote loopback test result.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a module or a port, the show port ethernet-oam command displays the OAM configuration, status, and counters for all OAM-enabled ports.

If you do not specify a port, the show port ethernet-oam neighbors command displays all neighbors that are connected to all OAM-enabled ports.

Examples

This example shows how to display OAM-related configuration, status, and counters on all OAM-enabled ports:
Console> show port ethernet-oam 
$ = local OAM in loopback 
* = remote OAM in loopback 
Port  State    Mode    LinkMonitor ConfigRev MaxPdu 
----- -------- ------- ----------- --------- ------ 
1/1   enable*  active  enable      11        1518 
3/5   enable$  passive enable      38        1518 
4/6   disable  active  disable     0         1518 
Port  Remote   Link     UniDir Variable 
      Loopback Event           retrieval 
----- -------- ------- ------- --------- 
1/1   disable  enable  disable disable 
3/5   enable   enable  enable  disable 
4/6   enable   enable  disable disable 
Port  ErrSymbol         Period  ErrSymbol Period    ErrSymbol Period
      Window                      LowThreshold        HighThreshold 
     (millions)         Count     Action    Count     Action 
----- ----------------- --------- --------- --------- --------- 
1/1   625               1         None      10        Warning 
3/5   65535             1         Warning   1000      Errordis 
4/6   1                 1         Errordis  1         Errordis 
Port  Errored Frame      Errored Frame        Errored Frame
      Window              LowThreshold         HighThreshold 
      (100 msec)        Count     Action    Count    Action 
----- ----------------- --------- --------- --------- --------- 
1/1   300               1         None      10        Warning 
3/5   65535             1         Warning   1000      Errordis 
4/6 1000 1 Errordis 1 Errordis 
Port  ErrFrame Period   ErrFrame Period      ErrFrame Period
      Window             LowThreshold        HighThreshold 
                         Count    Action    Count     Action 
----- ----------------- --------- --------- --------- --------- 
1/1   10000             1         None      10        Warning 
3/5   4294967000        1         Warning   1000      Errordis 
4/6   1                 1         Errordis  1         Errordis 
Port LinkFaultAction    CriticalEventAction 
----- ----------------- ------------------- 
1/1  Errordisable       Warning 
3/5  None               None 
4/6  Errordisable       None 
Port  InfoPduRx         InfoPduTx 
----- ----------------- ------------------ 
1/1   33333             22222 
3/5   22222             33333 
4/6   0                 0
Console>
This example shows how to display the information of peer OAM entities:
Console> show port ethernet-oam neighbor
Port  MAC Addr          OUI    VendorInfo Mode    ConfigRev MaxPDU 
----- ----------------- ------ ---------- ------- --------- ------ 
1/1   00-50-54-6c-b5-20 00000C 0000018C   passive 3         1518 
3/5   00-0b-fc-fb-4a-10 00000C 0000018D   active  7         1518 
Port  Remote   Link    UniDir  Variable 
      Loopback Event           retrieval 
----- -------- ------- ------- --------- 
1/1   disable  enable  disable disable 
3/5   enable   enable  enable  disable
Console>
This example shows how to display the most recent remote loopback test results on a port:
Console> show port ethernet-oam 3/3 remote-loopback
OAM remote loopback summary on port 3/3 (loopback slave):
Port MAC Rx    MAC Drop  OAM Rx     OAM Loopback OAM PDU Rx 
---- --------- --------- ---------- ------------ ---------- 
3/3  999999    500       999444     999444       55
Console>
Related Commands

clear port ethernet-oam
set port ethernet-oam
set port ethernet-oam action
set port ethernet-oam link-monitor
set port ethernet-oam mode
set port ethernet-oam remote-loopback

show port ethernet-uni

To display the User to Network Interface (UNI) ID configured for the port, use the show port ethernet-uni command.

show port ethernet-uni mod/port
Syntax Description

mod/port

(Optional) Number of the module and the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display the UNI ID for module 7, port 1:
Console> (enable) show port ethernet-uni 7/1
Port    UNI Id            Status    Map Type
----- ----------------------------------------
7/1     PE-CUSTA-PORT1      Up      multiplex
Console>
Related Commands

clear port ethernet-uni

set port ethernet-uni

show port flexlink

To display the Flexlink port configuration, use the show port flexlink command.

show port flexlink [mod[/port]]
Syntax Description

mod[/port]

(Optional) Number of the module and optionally, the number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a module or a port, only ports that are configured with Flexlink pairings are displayed. If you specify only a module number, all ports are displayed, including those ports that are not configured with Flexlink pairings.

Examples

This example shows how to display all the Flexlink ports that are configured on the switch:
Console> show port flexlink
Port   State       Peer port  State
-----  ----------  ---------  ----------
 3/47  linkdown    3/48       active 
 3/48  active      3/47       linkdown
Console>
This example shows how to display Flexlink information for a specified port:
Console> show port flexlink 3/1
Port   State       Peer port  State
-----  ----------  ---------  ----------
 3/1   linkdown    3/2        linkdown
Console>
Related Commands

clear port flexlink
set port flexlink

show port flowcontrol

To display per-port status information and statistics related to flow control, use the show port flowcontrol command.

show port flowcontrol [mod[/port]]
show port flowcontrol vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown.

If you do not specify a port value, all the ports on the module are shown.

Examples

This example shows how to display the flow-control port status and statistics for module 6:
Console> show port flowcontrol 6
Port   Send FlowControl    Receive FlowControl   RxPause    TxPause
       admin    oper       admin    oper
-----  -------- --------   -------- --------     ---------- ----------
 6/1   desired  off        off      off          0          0
 6/2   desired  off        off      off          0          0
 6/3   desired  off        off      off          0          0
 6/4   desired  off        off      off          0          0
 6/5   desired  off        off      off          0          0
 6/6   desired  off        off      off          0          0
 6/7   desired  off        off      off          0          0
 6/8   desired  off        off      off          0          0 
Console> 
Table 2-77 describes the fields in the show port flowcontrol command output.

Table 2-77 show port flowcontrol Command Output Fields

Field

Description

Port

Module and port number.

Send Flowcontrol
Admin

Flow-control administration. Possible settings: on indicates the local port sends flow control to the far end; off indicates the local port does not send flow control to the far end; desired indicates the local end sends flow control to the far end if the far end supports it.

Send Flowcontrol
Oper

Flow-control operation. Possible settings: on indicates flow control is operational; off indicates flow control is not operational; disagree indicates the two ports could not agree on a link protocol.

Receive Flowcntl
Admin

Flow-control administration. Possible settings: on indicates the local port requires the far end to send flow control; off indicates the local port does not allow the far end to send flow control; desired indicates the local end allows the far end to send flow control.

Receive Flowcntl
Oper

Flow-control operation. Possible settings: on indicates flow control is operational; off indicates flow control is not operational; disagree indicates the two ports could not agree on a link protocol.

RxPause

Number of Pause frames received.

TxPause

Number of Pause frames transmitted.

Related Commands

set port flowcontrol

show port inlinepower

To display the port power administration and operational status, use the show port inlinepower command.

show port inlinepower [mod[/port]] [detail]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

detail

(Optional) Displays detailed inline power information.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

An inline power-capable device can still be detected even if the inline power mode is set to off.

The Operational (Oper) status field descriptions are as follows:

•on—Power is being supplied by the port.

•off—Power is not being supplied by the port.

•denied—The system does not have enough available power for the port; power is not being supplied by the port.

•faulty—The port is unable to provide power to the connected device.

Examples

This example shows how to display the inline power for multiple ports on a specific module:
Console> show port inlinepower 6/1
Configured Default Inline Power allocation per port: 15.400 Watts (0.36 
Amps @42V)
Total inline power drawn by module 4:  33.934 Watts ( 0.807 Amps @42V)
Port  InlinePowered  PowerAllocated   Device     IEEE class
                    From PS   To PD
      Admin  Oper   mWatts    mWatts
----- ------ ------ -------   ------- ---------- ----------
 6/1  auto   on     7079      6300    cisco      none     
Port  MaximumPower  ActualConsumption
      mWatts        mWatts
----- ------------  -----------------
 6/1  15400         6300              
Console> 
This example shows how to display the detailed power status for modules and individual ports:
Console> show port inlinepower 4/1 detail
Configured Default Inline Power allocation per port: 15.400 Watts (0.36 
Amps @42V)
Total inline power drawn by module 4:  33.934 Watts ( 0.807 Amps @42V)
Port      InlinePowered      PowerAllocated  Device     IEEE class DiscoverMode
                             From PS To PD
      Admin  Oper   Detected mWatts  mWatts
----- ------ ------ -------- ------- ------- ---------- ---------- ------------
 4/1  auto   on     yes      7079    6300    cisco      none        cisco      
Port  MaximumPower  ActualConsumption  absentCounter  OverCurrent
      mWatts        mWatts
----- ------------  -----------------  -------------  -----------
 4/1  15400         6300               0              0 
Console> 
Table 2-78 describes the possible fields (depending on the type of port queried) and the values in the show port inline power command output.

Table 2-78 show port inlinepower Command Output Fields

Field

Description

Configured Default Inline Power allocation per port

Number of watts configured as the default for each port on the module. This value is set with the set inlinepower defaultallocation command.

Total inline power drawn by module

Number of watts drawn by the module.

Port

Module number and port number.

Admin

Administrative status for the port.

Oper

Operation status of the port. The status field descriptions are the following:

•on—Power is being supplied by the port.

•off—Power is not being supplied by the port.

•denied—System does not have enough available power for the port, and power is not supplied by the port.

•faulty—The port is unable to provide power to the connected device.

Detected

Status of whether or not an IP phone with inline power requirements has been detected on the port (yes or no).

Power Allocated from PS mWatts

Number of milliwatts available from the power supply for the port.

Power Allocated to PD mWatts

Number of milliwatts allocated to the powered device on the port. This number may be less than the power allocated from the power supply if the module and daughter card has an efficiency factor.

Device

Type of IP phone connected to the port (Cisco, Cisco/IEEE, IEEE, or n/a).

IEEE class

IEEE class for the IP phone (Class 0, Class 1, Class 2, Class 3, Class 4, or none for a Cisco device).

Discover Mode

Discovery method used to detect the IP phone (Cisco, IEEE, n/a).

Port

Module number and port number.

Max Power
mWatts

Maximum power (milliwatts) associated with the port.

Actual Consumption
mWatts

Actual power (milliwatts) the port uses.

Related CommandsConsole>

set inlinepower
set port inlinepower
show environment

show port jumbo

To display the jumbo frame settings for all ports with the feature enabled, use the show port jumbo command.

show port jumbo
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display the jumbo frame settings for ports with the feature enabled:
Console> show port jumbo
Jumbo frames MTU size is 9216 bytes.
Jumbo frames enabled on port(s) 6/1-2,7/1-8.
Console> 
This example shows the display if the jumbo frame feature could not be enabled on some ports at system startup:
Console> show port jumbo
Jumbo frames MTU size is 9216 bytes.
Jumbo frames enabled on port(s) 6/1-2.
Jumbo frames are in an inconsistent state on port(s) 7/1-8
Console> 
Related Commands

set port jumbo

show port l2protocol-tunnel

To display Layer 2 protocol tunneling information on a port or range of ports, use the show port l2protocol-tunnel command.

show port l2protocol-tunnel [mod[/port]]
show port l2protocol-tunnel vlan [vlan | vlan_name]
Syntax Description

mod[/port]

(Optional) Number of the module and the number of the port or range of ports on the module. See the "Usage Guidelines" section for more information.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a port or range or ports, Layer 2 protocol tunneling information is displayed for all tunneling ports.

Examples

This example shows how to display Layer 2 protocol tunneling information for a range of ports:
Console> show port l2protocol-tunnel 7/1-2
Port                 Tunnel Protocol(s)     Drop Threshold Shutdown Threshold
-------------------- ---------------------- -------------- ------------------
 7/1                 None                                0                  0
 7/2                 None                                0                  0
Port                 CDP       CDP       STP       STP       VTP       VTP
                     Drop      Shutdown  Drop      Shutdown  Drop      Shutdown
                     Threshold Threshold Threshold Threshold Threshold Threshol
-------------------- --------- --------- --------- --------- --------- --------
 7/1                      1000      1200         0         0         0
 7/2                         0         0         0         0         0
Port                 EOAM      EOAM
                     Drop      Shutdown
                     Threshold Threshold
-------------------- --------- ---------
 7/1                         0         0
 7/2                         0         0
Related Commands

clear l2protocol-tunnel cos
clear l2protocol-tunnel statistics
set l2protocol-tunnel cos
set port l2protocol-tunnel
show l2protocol-tunnel statistics

show port lacp-channel

To display information about LACP channels by port or module number, use the show port lacp-channel command.

show port lacp-channel [mod[/port]] [statistics]
show port lacp-channel [mod[/port]] info [type]
Syntax Description

mod[/port]

(Optional) Number of the module and the port number on the module.

statistics

(Optional) Displays the LACP channel statistics.

info

Displays detailed LACP channel information.

type

(Optional) Displays feature-related parameters; valid values are auxiliaryvlan, cops, dot1qtunnel, gmrp, gvrp, jumbo, protocol, qos, rsvp, spantree, trunk.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not enter a module or a port number, information about all modules is displayed.

If you enter the module number only, information about all ports on the module is displayed.

For differences between PAgP and LACP, refer to the "Guidelines for Port Configuration" section of the "Configuring EtherChannel" chapter of the Catalyst 6500 Series Switch Software Configuration Guide.

Examples

This example shows how to display LACP channel information for all system modules:
Console> show port lacp-channel
Port  Channel   Admin Ch    Partner Oper                        Partner
      Mode       Key  Id    Sys ID                              Port
----- --------- ----- ----- ----------------------------------- -----
 2/1  active    143   768   1276,45-12-24-AC-78-90              5/1
 2/2  active    143   768   1276,45-12-24-AC-78-90              5/2
----- --------- ----- ----- ----------------------------------- ----- 
 4/3  passive   151   769   13459,89-BC-24-56-78-90             1/1
 4/4  passive   151   769   13459,89-BC-24-56-78-90             1/2
----- --------- ----- ----- ----------------------------------- ----- 
 4/7  passive   152   770   8000,AC-12-24-56-78-90              4/3
 4/8  passive   152   770   8000,AC-12-24-56-78-90              4/4
----- --------- ----- ----- ----------------------------------- ----- 
Console>
This example shows how to display LACP channel information for all ports on module 4:
Console> show port lacp-channel 4
Port  Channel   Admin Ch    Partner Oper                        Partner
      Mode       Key  Id    Sys ID                              Port
----- --------- ----- ----- ----------------------------------- -----
 4/1  active    69    0     0,00-00-00-00-00-00                 3/1
 4/2  active    69    0     0,00-00-00-00-00-00                 4/5
 4/3  passive   151   769   13459,89-BC-24-56-78-90             1/1
 4/4  passive   151   769   13459,89-BC-24-56-78-90             1/2 
 4/5  active    70    0     0,00-00-00-00-00-00                 7/3
 4/6  active    70    0     0,00-00-00-00-00-00                 7/4
 4/7  passive   152   770   8000,AC-12-24-56-78-90              4/3 
 4/8  passive   152   770   8000,AC-12-24-56-78-90              4/4 
Console>
This example shows how to display LACP channel information for port 7 on module 4:
Console> show port lacp-channel 4/7
Port  Channel   Admin Ch    Partner Oper                        Partner
      Mode       Key  Id    Sys ID                              Port
----- --------- ----- ----- ----------------------------------- -----
 4/7  passive   152   770   8000,AC-12-24-56-78-90              4/3 
 4/8  passive   152   770   8000,AC-12-24-56-78-90              4/4 
Console>
This example shows how to display detailed LACP channel information for port 7 on module 4:
Console> show port lacp-channel 4/7 info
I = Isolated Port.  C = Channeling Port.  N = Not Connected.
H = Hot Stand-by Port.  S = Suspended Port.
Port  LACP Port Port  Speed Duplex Vlan Trunk status Port  STP Port PortSecurity/ 
      Priority  Status                               Cost  Priority Dynamic port
----- --------- ------ ----- ------ ---- ------------ ----- -------- -------------
 4/7  130       C      1000  full   1    not-trunking     4       32
 4/8  131       C      1000  full   1    not-trunking     4       32
Port  Admin Channel_id ifIndex Partner Oper            Partner    Partner  Partner
       Key                     Sys ID                  Port prior port     Oper Key
----- ----- ---------- ------- ----------------------- ---------- -------- ----------
 4/7  152   770        31      8000,AC-12-24-56-78-90  248         4/3      15678
 4/8  152   770        31      8000,AC-12-24-56-78-90  249         4/4      15768
Console>
This example shows how to display LACP channel statistics for all ports on module 4:
Console> show port lacp-channel 4 statistics
Port  Admin    LACP Pkts  LACP Pkts Marker Pkts Marker Pkts LACP Pkts
       Key    Transmitted Received  Transmitted   Received    Errors      
----- ------- ----------- --------- ----------- ----------- ---------
 4/1       69          20         0         0         0         0
 4/2       69         105        60         0         0         0
 4/3      151           0         0         0        10         0
 4/4      151           0         5         0         0         0
 4/5       70           0         0         0         0         0
 4/6       70          42         0         0         2         0
 4/7      152           0        92         0         0         0
 4/8      152           0         0         0         0         0
Console> 
This example shows how to display LACP channel statistics for port 7 on module 4:
Console> show port lacp-channel 4/7 statistics
Port  Admin    LACP Pkts  LACP Pkts Marker Pkts Marker Pkts LACP Pkts
       Key    Transmitted Received  Transmitted   Received    Errors      
----- ------- ----------- --------- ----------- ----------- ---------
 4/7      152           0        92         0         0         0
 4/8      152           0         0         0         0         0
Console>
Related Commands

clear lacp-channel statistics
set channelprotocol
set lacp-channel system-priority
set port lacp-channel
set spantree channelcost
set spantree channelvlancost
show lacp-channel

show port mac

To display port MAC counter information, use the show port mac command.

show port mac [mod[/port]]
show port mac vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display port MAC counter information for a specific module:
Console> show port mac 1
Port     Rcv-Unicast          Rcv-Multicast        Rcv-Broadcast
-------- -------------------- -------------------- --------------------
 1/1                        0                    0                    0
 1/2                        0                    0                    0
 1/3                        0                    0                    0
 1/4                        0                    0                    0
Port     Xmit-Unicast         Xmit-Multicast       Xmit-Broadcast
-------- -------------------- -------------------- --------------------
 1/1                        0                    0                    0
 1/2                        0                    0                    0
 1/3                        0                    0                    0
 1/4                        0                    0                    0
Port     Rcv-Octet            Xmit-Octet
-------- -------------------- --------------------
 1/1                        0                    0
 1/2                        0                    0
 1/3                        0                    0
 1/4                        0                    0                  
MAC      Dely-Exced MTU-Exced  In-Discard Lrn-Discrd In-Lost    Out-Lost
-------- ---------- ---------- ---------- ---------- ---------- ----------
 1/1              0          0          0          0          0          0
 1/2              0          0          0          0          0          0
 1/3              0          0          0          0          0          0
 1/4              0          0          0          0          0          0
Last-Time-Cleared
--------------------------
Fri Sep 1 2000, 20:03:06
Console> 
Table 2-79 describes the possible fields in the show port mac command output.

Table 2-79 show port mac Command Output Fields

Field

Description

Rcv-Unicast

Number of unicast frames received on the port.

Rcv-Multicast

Number of multicast frames received on the port.

Rcv-Broadcast

Number of broadcast frames received on the port.

Xmit-Unicast

Number of unicast frames transmitted by the port.

Xmit-Multicast

Number of multicast frames transmitted by the port.

Xmit-Broadcast

Number of broadcast frames transmitted by the port.

Rcv-Octet

Number of octet frames received on the port.

Xmit-Octet

Number of octet frames transmitted on the port.

Dely-Exced

Number of transmit frames aborted due to excessive deferral.

MTU-Exced

Number of frames for which the MTU size was exceeded.

In-Discard

Number of incoming frames that were discarded because the frame did not need to be switched.

Out-Discard

Number of outbound packets chosen to be discarded even though no errors had been detected to prevent their being transmitted.

In-Lost

Number of incoming frames.

Out-Lost

Number of outbound packets.

Related Commands

clear counters

show port mac-address

To display the MAC address associated with a physical port or ports, use the show port mac-address command.

show port mac-address [mod[/port]]
Syntax Description

mod[/port]

(Optional) Number of the module and optionally, the number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a module number, the MAC addresses for all ports on all modules are shown. If you specify a module number but no port number, the MAC addresses for all ports on the specified module are shown.

Examples

This example shows how to display the MAC address for port 1 on module 2:
Console> show port mac-address 2/1
Port  Mac address
----- ----------------------
 2/1  00-50-3e-7e-71-3c
Console>
This example shows how to display the MAC addresses for all ports on module 2:
Console> show port mac-address 2
Port  Mac address
----- ----------------------
 2/1  00-50-3e-7e-71-3c
 2/2  00-50-3e-7e-71-3d
Console>
This example shows how to display the MAC addresses for all ports on all modules:
Console> show port mac-address 
Port  Mac address
----- ----------------------
 2/1  00-50-3e-7e-71-3c
 2/2  00-50-3e-7e-71-3d
Port  Mac address
----- ----------------------
 5/1  00-d0-d3-33-80-9c
 5/2  00-d0-d3-33-80-9d
.
.
.
 5/48 00-d0-d3-33-80-cb
Port  Mac address
----- ----------------------
 7/1  00-50-54-6c-94-9c
 7/2  00-50-54-6c-94-9d
 7/3  00-50-54-6c-94-9e
 7/4  00-50-54-6c-94-9f
 7/5  00-50-54-6c-94-a0
 7/6  00-50-54-6c-94-a1
 7/7  00-50-54-6c-94-a2
 7/8  00-50-54-6c-94-a3
Console>
show port mac-auth-bypass

To display information about the MAC authentication bypass feature on a port, use the show port mac-auth-bypass command.

show port mac-auth-bypass [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display MAC address authentication bypass information for module12, port 1:
Console> (enable) show port mac-auth-bypass 12/1
Port Mac-Auth-Bypass State MAC Address Auth-State Vlan
----- --------------------- ----------------- ----------------- -----
12/1 Enabled 00-11-22-33-04-b1 authenticated 18
Port Termination action Session Timeout Shutdown/Time-Left
----- ------------------ --------------- ------------------
12/1 reauthenticate 250 NO -
Port PolicyGroups
----- -------------------------------------------------------------------
12/1 eng
Port Security ACL Sec ACL Type QoS ACL Type
----- -------------------------------- ----------------- ----------------
12/1 stress Pacl Pacl
Port QoS Ingress ACL QoS Egress ACL
----- -------------------------------- ----------------------------------
12/1 wind -
Port Critical Critical-Status IP-Device-Tracking
----- -------- --------------- ------------------
12/1 Disabled - Enabled
Port Session-ID Vlan Group Name
----- -------------------------------- ----------------------------------
12/1 00000452000003a80000045c000011df -
Port Posture Token URL-Redirect
----- ------------- -----------------------------------------------------
12/1 "healthy" yahoo.com
Related Commands

set mac-auth-bypass
set port critical
set port mac-auth-bypass
show mac-auth-bypass
show port mac-auth-bypass

show port mvrp

To display the MVRP port status (enabled or disabled), use the show port mvrp command.

show port mvrp [mod/port | mod]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display the MVRP status for a channel port:
Console> (enable) show port mvrp
Port                     MVRP Status 
------------------------ -------------
 4/1                     Disabled
 4/2                     Disabled
 4/3                     Disabled
 4/4                     Disabled
 4/5                     Disabled
 4/6                     Disabled
 4/7,4/11                Enabled
 4/8                     Disabled
 4/9                     Disabled
This example shows how to display the MVRP status for module 3, port 5:
Console> (enable) show port mvrp 3/5
Port   MVRP Status 
-------- --------------------
 3/5   Disabled
Console> (enable)
This example shows how to display the MVRP status for all ports on module 3:
Console> (enable) show port mvrp 3
Port   MVRP Status 
-------- ---------------------
 3/1   Disabled
 3/2   Disabled
 3/3   Disabled
 3/4   Enabled
 3/5   Disabled
 3/6   Enabled
 3/7   Disabled
 3/8   Disabled
 3/9 	 Disabled
 3/10 	Disabled
Console> (enable)
Related Commands

set port mvrp

show port negotiation

To display the link negotiation protocol setting for the specified port, use the show port negotiation command.

show port negotiation [mod[/port]]
show port negotiation vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

This command is not supported on the 16-Port Gigabit Ethernet Switching Module (WS-X6316-GE-TX) and on the 16-Port 10/100/1000BASE-T Switching Module (WS-X6516-GE-TX).

Examples

This example shows how to display the link negotiation protocol settings for all ports on module 4:
Console> show port negotiation 4
Port   Link Negotiation  Link Negotiation
         admin                     oper
--  -----------   ------- ----------------
 4/1   enabled                  enabled
 4/2   enabled                  enabled
 4/3   enabled                  enabled
 4/4   enabled                  enabled
 4/5   enabled                  enabled
 4/6   enabled                  enabled
 4/7   enabled                  enabled
Console>
Related Commands

set port negotiation
show port flowcontrol

show port prbs

To display the ports that are running the Pseudo Random Binary Sequence (PRBS) test and to display the counter values for ports on which the test has run, use the show port prbs command.

show port prbs [mod[/port]]
show port prbs vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown. If you do not specify a port value, all the ports on the module are shown.

The PRBS error counter measures the reliability of the cable. The error counter range is 0 to 255. A value of 0 signifies a perfect link connection. A value of 255 signifies that the port is faulty or not connected or that there is no communication through the link. If the counter does not remain at zero for a predetermined length of time, the link is faulty. For example, for a baud error rate (BER) of 10^-12, the counter should remain at zero for 100 seconds.

Each time you access the PRBS counter by entering the show port prbs command, the PRBS error counter value is reset to 0, and the counter begins to accumulate errors again.

Note The PRBS counter is a "read and clear" register: the first reading in a sequence is usually unreliable and serves primarily to purge the counter; successive readings are accurate.

Examples

This example shows how to display PRBS counter values and the ports that are running the PRBS test:
Console> show port prbs
Max error counters = 255
Port    PRBS state    PRBS error counters
----    ----------------------------------
6/1     start         30
7/1     stop        Console>
Related Commands

test cable-diagnostics

show port protocol

To view protocol filters configured on the EtherChannel ports, use the show port protocol command.

show port protocol [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a port value, filters configured on all the ports on the module are shown.

Examples

This example shows how to view protocol filters on configured ports:
Console> show port protocol
Port     Vlan       IP       IP Hosts IPX      IPX Hosts Group    Group Hosts
-------- ---------- -------- -------- -------- --------- -------- -----------
1/1      1          on       0        on       0         on       0
1/2      1          on       0        on       0         on       0
2/1      1          on       3        auto-on  0         auto-on  0
2/2      1          on       0        on       0         on       0
2/3      1          on       0        on       0         on       0
2/4      1          on       0        on       0         on       0
2/5      1          on       0        on       0         on       0
2/6      1          on       0        on       0         on       0
2/7      1          on       0        on       0         on       0
2/8      1          on       0        on       0         on       0
2/9      1          on       0        on       0         on       0
2/10     1          on       0        on       0         on       0
2/11     1          on       0        on       0         on       0
2/12     1          on       0        on       0         on       0
Console> 
Related Commands

set port protocol

show port qos

To display QoS-related information, use the show port qos command.

show port qos [mod[/port]]
show port qos vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

Note When a switchover occurs, you cannot view the ACLs and policers deployed using COPS-DS until the COPS-DS client on the new active supervisor engine establishes connection to the PDP and downloads the QoS policy. The runtime fields in the output display will be blank until QoS policy is downloaded to the new active supervisor engine.

Examples

This example shows how to display QoS-related information for a specific module and port:
Console> show port qos 2/1
QoS is enabled for the switch.
QoS policy source for the switch set to local.
Port  Interface Type Interface Type Policy Source Policy Source
      config         runtime        config        runtime
----- -------------- -------------- ------------- -------------
2/1      vlan-based     vlan-based          COPS         local
Port  TxPort Type  RxPort Type  Trust Type   Trust Type   Def CoS Def CoS
                                config       runtime      config  runtime
----- ------------ ------------ ------------ ------------ ------- -------
2/1          2q2t         1q4t    untrusted    untrusted       0
Config:
Port  ACL name                         Type
----- -------------------------------- ----
No ACL is mapped to port 2/1.
Runtime:
Port  ACL name                         Type
----- -------------------------------- ----
No ACL is mapped to port 2/1.
Console> 
This example shows how to display QoS-related information for a single port on a specific module, which, in this example, is connected to a port on a phone device:
Console> (enable) show port qos 3/4  
QoS is disabled for the switch.
Configured settings are not used.
QoS policy source for the switch set to local.
Port  Interface Type Interface Type Policy Source Policy Source
      config         runtime        config        runtime
----- -------------- -------------- ------------- -------------
 3/4               -              -         local         local
Port  TxPort Type  RxPort Type  Trust Type   Trust Type    Def CoS Def CoS
                                config       runtime       config  runtime
----- ------------ ------------ ------------ ------------- ------- -------
 3/4          2q2t         1q4t    untrusted    trust-cos        0       0 
Port  Ext-Trust Ext-Cos 
----- --------- -------
 3/4  untrusted       0
(*)Trust type set to untrusted.
Config:
Port  ACL name                         Type
----- -------------------------------- ----
No ACL is mapped to port 3/4.
Runtime:
Port  ACL name                         Type
----- -------------------------------- ----
No ACL is mapped to port 3/4.
Console> (enable) 
This example shows how to display QoS-related information for a single port on a specific module, which, in this example, trusts only Cisco IP phones:
Console> (enable) show port qos 4/1
QoS is enabled for the switch.
QoS policy source for the switch set to local.
Port  Interface Type Interface Type Policy Source Policy Source
      config         runtime        config        runtime
----- -------------- -------------- ------------- -------------
 4/1      port-based     port-based          COPS         local
Port  TxPort Type  RxPort Type  Trust Type   Trust Type    Def CoS Def CoS
                                config       runtime       config  runtime
----- ------------ ------------ ------------ ------------- ------- -------
 4/1        1p3q1t       1p1q0t    trust-cos    trust-cos*       0       0 
Port  Ext-Trust Ext-Cos Trust-Device 
----- --------- ------- ------------ 
 4/1  untrusted       0 ciscoIPPhone
(*)Runtime trust type set to untrusted.
Config:
Port  ACL name                         Type
----- -------------------------------- ----
No ACL is mapped to port 4/1.
Runtime:
Port  ACL name                         Type
----- -------------------------------- ----
No ACL is mapped to port 4/1.
Console> (enable) 
Related Commands

clear port qos autoqos
clear qos autoqos
set port qos
set port qos cos
set port qos trust
set port qos trust-device

show port rsvp

To display RSVP information on a per-port basis, use the show port rsvp command.

show port rsvp [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display RSVP information for a specific port:
Console> (enable) show port rsvp 2     
Port  DSBM     Managed Configured Elected DSBM DSBM IP Address
      Election Segment Priority   Priority
----- -------- ------- ---------- ------------ ---------------
 2/1   enabled     yes        232          232    171.21.34.25
 2/2  disabled      no        128            -               -
Console> (enable) 
Related Commands

set port rsvp dsbm-election

show port security

To view port security configuration information and statistics, use the show port security command.

show port security [mod[/port]]
show port security statistics {mod[/port]}
show port security statistics system
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

statistics

Displays security statistics.

system

Displays system-wide configuration information.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display port security configuration information on a specific port that is a secured port:
Console> show port security 4/1
* = Configured MAC Address
Port  Security Violation Shutdown-Time Age-Time Maximum-Addrs Trap     IfIndex
----- -------- --------- ------------- -------- ------------- -------- -------
 4/1  enabled  shutdown  120           1440     25            disabled 3
Port Secure-Src-Addrs  Age-Left Last-Src-Addr     Shutdown Shutdown-Time-Left
---- ----------------- -------- ----------------- -------- ------------------
 4/1 00-11-22-33-44-55 4        00-11-22-33-44-55 No       -
     00-10-14-da-77-f1 100     
Port  Flooding on Address Limit
----- -------------------------
 4/1                    Enabled
Console>
This example shows the display on a port that has experienced a security violation:
Console> show port security 4/1
* = Configured MAC Address
Port  Security Violation Shutdown-Time Age-Time Maximum-Addrs Trap     IfIndex
----- -------- --------- ------------- -------- ------------- -------- -------
 4/1  enabled  shutdown  120           600      25            disabled 3
Port Secure-Src-Addrs  Age-Left Last-Src-Addr     Shutdown Shutdown-Time-Left
---- ----------------- -------- ----------------- -------- ------------------
 4/1 00-11-22-33-44-55 60       00-11-22-33-44-77 Yes      -
     00-10-14-da-77-f1 200
     00-11-22-33-44-66 200
Port  Flooding on Address Limit
----- -------------------------
 4/1                    Enabled
Console>
This example shows that port 4/1 has been shut down and that the timeout left is 60 minutes before the port will be reenabled:
Console> show port security 4/1
* = Configured MAC Address
Port  Security Violation Shutdown-Time Age-Time Maximum-Addrs Trap     IfIndex
----- -------- --------- ------------- -------- ------------- -------- -------
 4/1  enabled  restrict  120           600      25            disabled 3
Port Secure-Src-Addrs  Age-Left Last-Src-Addr     Shutdown Shutdown-Time-Left
---- ----------------- -------- ----------------- -------- ------------------
 4/1 00-11-22-33-44-55 60       00-11-22-33-44-77 Yes      -
     00-10-14-da-77-ff
Port  Flooding on Address Limit
----- -------------------------
 4/1                    Enabled
Console>
This example shows how to display system-wide configuration information:
Console> show port security statistics system
Auto-Configure Option Disabled
Module 1:
 Total ports:2
 Total secure ports:0
 Total MAC addresses:2
 Total global address space used (out of 1024):0
 Status:installed
Module 3:
 Total ports:48
 Total secure ports:1
 Total MAC addresses:49
 Total global address space used (out of 1024):1
 Status:installed
Total secure ports in the system:1
Total secure MAC addresses in the system:51
Total global MAC address resource used in the system (out of 1024):1
Console>
This example shows how to display security statistical information for a specific module:
Console> show port security statistics 2
Port  Total-Addrs Maximum-Addrs
----- ----------- -------------
Module 2:
  Total ports: 1
  Total secure ports: 0
  Total MAC addresses: 0
  Total global address space used (out of 1024): 0
  Status: removed
Console>
Related Commands

clear port security
set port security
show config

show port security-acl

To display the port access control list (PACL) mode and the status of a PACL merge operation, use the show port security-acl command.

show port security-acl mod/port
Syntax Description

mod/port

Number of the module and the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

The show port security-acl command displays PACL information for a specific port. The command output displays both configuration and runtime information. Configuration information shows what is stored in the NVRAM; runtime information shows what is programmed in the hardware.

The output also displays the status of the merge operation. The status can be as follows:

•active—There is a PACL configured on the port and it is successfully merged with the VLAN.

•inactive—There is no PACL configured on the port.

•disabled—There is a PACL configured on the port, but the merge was unsuccessful (for any number of reasons).

The show port security-acl command also displays the VLAN with which the port is configured to merge.

Examples

This example shows how to display PACL information for port 3/1:
Console> (enable) show port security-acl 3/1
Port  Interface Type Interface Type Interface Merge Status 
      config         runtime        runtime
----- -------------- -------------- ----------------------
 3/1           merge          merge      (VLAN=2) disabled
Config:
Port  ACL name                         Type
----- -------------------------------- ----
 3/1  ipacl1                           IP
Runtime:
Port  ACL name                         Type
----- -------------------------------- ----
No ACL is mapped to port 3/1.
dhcp-snooping:
Port     Trust     Source-Guard    Source-Guarded IP Addresses 
----- -----------  ------------    --------------------------- 
 3/1   untrusted      disabled      
Console> (enable)

Related Commands

set port security-acl

show port spantree

To view port spanning tree information, use the show port spantree command.

show port spantree [mod[/port]]
show port spantree vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown. If you do not specify a port value, all the ports on the module are shown.

Examples

This example shows how to display spanning tree information on a specific module:
Console> (enable) show port spantree 5
Port(s)                  Vlan Port-State    Cost      Prio Portfast Channel_id
------------------------ ---- ------------- --------- ---- -------- ----------
5/1                      1    not-connected   2684354   32 disabled 0
5/2                      1    not-connected   2684354   32 disabled 0
5/3                      1    not-connected   2684354   32 disabled 0
5/4                      1    not-connected   2684354   32 disabled 0
5/5                      1    not-connected   2684354   32 disabled 0
5/6                      1    not-connected   2684354   32 disabled 0
5/7                      1    not-connected   2684354   32 disabled 0
5/8                      1    not-connected   2684354   32 disabled 0
5/9                      1    forwarding       268435   32 disabled 0
.
.
.
Related Commands

show spantree

show port status

To display port status information, use the show port status command.

show port status [mod[/port]]
show port status vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown. If you do not specify a port value, all the ports on the module are shown.

Examples

This example shows how to display port status information for all ports:
Console> show port status
Port  Name               Status     Vlan      Duplex Speed  Type
----- ------------------ ---------- ---------- ------ ------ ------------
 1/1                     connected  52         half   100    100BaseTX
 1/2                     notconnect            half   100    100BaseTX
Console> 
Table 2-80 describes the fields in the show port status command output.

Table 2-80 show port status Command Output Fields

Field

Description

Port

Module and port number.

Name

Name (if configured) of the port.

Status

Status of the port (connected, notconnect, connecting, standby, faulty, inactive, shutdown, disabled, or monitor).

Vlan

VLANs to which the port belongs.

Duplex

Duplex setting for the port (auto, full, half).

Speed

Speed setting for the port (auto, 10, 100, 1000).

Type¹

Port type (100BASE-TX).

¹These fields will change according to the system configuration.

show port sync-restart-delay

To display a port's synchronization restart delay, use the show port sync-restart-delay command.

show port sync-restart-delay mod/port
Syntax Description

mod/port

Number of the module and the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The set port sync-restart-delay and show port sync-restart-delay commands are available in both binary mode and text configuration mode, but the synchronization delay you specify is only saved in text configuration mode.

Related Commands

clear config
set port sync-restart-delay

show port tdr

To display the results of the Time Domain Reflectometer (TDR) test on a port, use the show port tdr command.

show port tdr [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown. If you do not specify a port value, all the ports on the module are shown.

The TDR test is supported on these modules: WS-X6148-GE-TX, WS-X6148V-GE-TX, WS-X6548-GE-TX, WS-X6548V-GE-TX, WS-X6548-GE-45AF, WS-X6748-GE-TX, WS-X6148A-GE-TX, WS-X6148-GE-45AF, WS-X6148A-GE-45AF, WS-X6148A-RJ-45, and WS-X6148A-45AF.

Examples

This example shows how to display the TDR test results for port 1 on module 2:
Console> show port tdr 2/1
TDR test last run on Mon, March 10 2003 1:35:00 
Port  Speed  Local pair  Pair length              Remote pair  Pair status
----  ------ ----------  -----------------------  -----------  ------------
2/1   1000   Pair A      12  +/- 3 meters          Pair A        Terminated
             Pair B      12  +/- 3 meters          Pair B        Terminated
             Pair C      12  +/- 3 meters          Pair C        Terminated
             Pair D      12  +/- 3 meters          Pair D        Terminated
Console>
This example shows how to display the TDR test results for all ports on module 5:
Console> show port tdr 5
Port  Speed  Local pair  Pair length              Remote pair  Pair status
----  ------ ----------  -----------------------  -----------  ------------
5/1   1000   Pair A      12  +/- 3 meters          Pair A        Terminated
             Pair B      12  +/- 3 meters          Pair B        Terminated
             Pair C      12  +/- 3 meters          Pair C        Terminated
             Pair D      12  +/- 3 meters          Pair D        Terminated
----  ------ ----------  -----------------------  -----------  ------------
Port  Speed  Local pair  Pair length              Remote pair  Pair status
----  ------ ----------  -----------------------  -----------  ------------
5/2   1000   Pair A      n/a                       Pair A        Terminated
             Pair B      100 +/- 1 meters          Pair B        Shorted
             Pair C      100 +/- 1 meters          Pair C        Shorted
             Pair D      70 +/- 1 meters           Pair D        Open
----  ------ ----------  -----------------------  -----------  ------------
Port  Speed  Local pair  Pair length              Remote pair  Pair status
----  ------ ----------  -----------------------  -----------  ------------
5/3   1000   Pair A      running tdr test          n/a          n/a
             Pair B      running tdr test          n/a          n/a
             Pair C      running tdr test          n/a          n/a
             Pair D      running tdr test          n/a          n/a
Console>
Table 2-81 describes the fields in the show port tdr command output.

Table 2-81 show port tdr Command Output Fields

Field

Description

Port

Module and port number.

Speed

Port speed.

Local pair

Identifies the local pair of cables.

Pair length

Identifies the distance the transmitted signal went before it was reflected off the cable imperfection.

Remote pair

Identifies the remote pair of cables.

Pair status

Status of the pair:

•Terminated—the link is up.

•Shorted—a short is detected on the cable.

•Open—an opening is detected on the cable.

•Not Completed—the test on the port failed.

•Not Supported—the test on the port is not supported.

Related Commands

test cable-diagnostics

show port transceiver

To display operating information about Digital Optical Monitoring (DOM), use the show port transceiver command.

show port transceiver [config|detail | threshold-violation | mod | mod/port]
Syntax Description

detail

(Optional) Shows detailed information about the port transceiver.

threshold-violations

(Optional) Displays port transceiver threshold violations.

mod

(Optional) Module number, range 1..6, 15 to 16

mod/port

(Optional) Number of the module and port.

Command Default

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The DOM feature measures the transceiver characteristics such as temperature, voltage, laser bias current, receive optical power, and laser transmit power, and allows software to monitor them against alarm and threshold values.

Examples

This example shows how to display port transceiver-related information:
Console> show port transceiver 
Transceiver monitoring is disabled for all ports.
Monitor interval is set to 10 minutes.
If device is externally calibrated, only calibrated values are printed.
++ : high alarm, +  : high warning, -  : low warning, -- : low alarm.
NA or N/A: not applicable, Tx: transmit, Rx: receive.
mA: milliamperes, dBm: decibels (milliwatts).
                                                  Optical       Optical
         Temperature      Voltage    Current      Tx Power      Rx Power
Port     (Celsius)        (Volts)    (mA)         (dBm)         (dBm)
-----   --------------   ---------   --------    ------------  -----------
 3/1     34.6             0.00        29.3         -1.7           -2.1   
 3/2     32.9             0.00        30.5         -1.8           -2.3 
Console>
This example shows how to display detailed information about the port transceiver:
Console> (enable) show port transceiver detail 
Transceiver monitoring is disabled for all ports.
Monitor interval is set to 10 minutes.
mA: milliamperes, dBm: decibels (milliwatts), NA or N/A: not applicable.
++ : high alarm, +  : high warning, -  : low warning, -- : low alarm.
A2D readouts (if they differ), are reported in parentheses.
The threshold values are calibrated.
                             High Alarm      High Warn      Low Warn      Low Alarm
         Temperature         Threshold       Threshold      Threshold     Threshold
Port   (Celsius)             (Celsius)       (Celsius)      (Celsius)     (Celsius)
-----   -----------------  --------------  -------------  --------------  ---------
 3/1    34.5                  70.0              70.0            0.0               0.0
 3/2    32.9                  70.0              70.0            0.0               0.0
                            High Alarm      High Warn      Low Warn        Low Alarm
       Voltage              Threshold       Threshold      Threshold       Threshold
Port   (Volts)              (Volts)         (Volts)        (Volts)         (Volts)
-----  ---------------    ---------------  -------------  -------------   ---------------
 3/1   0.00                  5.24              5.24            5.24             5.24
 3/2   0.00                  5.24              5.24            5.24             5.24
                            High Alarm     High Warn        Low Warn        Low Alarm
         Current            Threshold      Threshold        Threshold       Threshold
Port   (milliamperes)       (mA)           (mA)             (mA)            (mA)
-----  -----------------  --------------  --------------  -------------  --------------
 3/1    29.3                 2.5               2.5                2.5              2.5
 3/2    30.4                 2.5               2.5                2.5              2.5
         Optical              High Alarm     High Warn      Low Warn        Low Alarm
         Transmit Power       Threshold      Threshold      Threshold       Threshold
Port     (dBm)                (dBm)          (dBm)          (dBm)          (dBm)
-----  -------------------  -------------  --------------  -------------  --------------
 3/1    -1.7                   1.0               0.0                -7.2             -8.2
 3/2    -1.8                   1.0               0.0                -7.2             -8.2
         Optical              High Alarm     High Warn       Low Warn       Low Alarm
         Receive Power        Threshold      Threshold       Threshold      Threshold
Port     (dBm)                (dBm)          (dBm)           (dBm)          (dBm)
-----  -----------------   --------------  --------------  -------------  --------------
 3/1    -2.1                  1.0               0.0                 -14.1          -16.4
 3/2    -2.3                  1.0               0.0                 -14.1          -16.4
This example shows how to display information about the port-transceiver threshold violations:
Console> show port transceiver 3 threshold-violations 
Transceiver monitoring is enabled for all ports.
Monitor interval is set to 5 minutes.
Rx: Receive, Tx: Transmit.
DDDD: days, HH: hours, MM: minutes, SS: seconds
                                      Time since Last Known
         Time in slot                 Threshold Violation            Type(s) of Last Known
Port     (DDDD:HH:MM:SS)              (DDDD:HH:MM:SS)                Threshold Violation(s)
-----  --------------------------  -----------------------------  ---------------------------
 3/1   0000:06:39:07               0000:00:03:57                  Tx bias high alarm
                                                                  5.8 mA >   0.5 mA
 3/2   0000:06:39:07               0000:00:03:56                  Tx bias high alarm
                                                                  6.0 mA >   0.5 mA
Console> 
This example shows how to display port transceiver-related information about a specific module and port:
Console> show port transceiver 3/1
Transceiver monitoring is disabled for all ports.
Monitor interval is set to 10 minutes.
If device is externally calibrated, only calibrated values are printed.
++ : high alarm, +  : high warning, -  : low warning, -- : low alarm.
NA or N/A: not applicable, Tx: transmit, Rx: receive.
mA: milliamperes, dBm: decibels (milliwatts).
                                                  Optical       Optical
         Temperature      Voltage    Current      Tx Power      Rx Power
Port     (Celsius)        (Volts)    (mA)         (dBm)         (dBm)
-----   --------------   ---------   --------    ------------  -----------
 3/1     34.6             0.00        29.3         -1.7           -2.1   
Console>
Related Commands

set transceiver-monitoring

show port trap

To display port trap status, use the show port trap command.

show port trap [mod[/port]]
show port trap vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown. If you do not specify a port value, all the ports on the module are shown.

Examples

This example shows how to display the port trap status for a specific module:
Console> show port trap 1
Port   Trap
-----  --------
 1/1   disabled
 1/2   enabled
 1/3   disabled
 1/4   disabled
Console>
Related Commands

set port trap

show port trunk

To display port trunk information, use the show port trunk command.

show port trunk [mod[/port]]
show port trunk vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a mod value, the ports on all modules are shown. If you do not specify a port value, all the ports on the module are shown.

Examples

This example shows how to display trunking information for a specific port:
Console> (enable) show port trunk 4/5
* - indicates vtp domain mismatch
Port      Mode         Encapsulation  Status        Native vlan
--------  -----------  -------------  ------------  -----------
 4/5      nonegotiate  dot1q          trunking      1
Port      Vlans allowed on trunk
--------  ---------------------------------------------------------------------
 4/5      1-1005
Port      Vlans allowed and active in management domain 
--------  ---------------------------------------------------------------------
 4/5      1-3,1003,1005
Port      Vlans in spanning tree forwarding state and not pruned
--------  ---------------------------------------------------------------------
 4/5      1005
Console> (enable) 
Table 2-82 describes the fields in the show port trunk command output.

Table 2-82 show port trunk Command Output Fields

Field

Description

Port

Module and port numbers.

Mode

Trunk administrative status of the port (on, off, auto, or desirable).

Encapsulation

Trunking type configured by administration.

Status

Status of whether the port is trunking or nontrunking.

Native VLAN

Number of the native VLAN for the trunk link (for 802.1Q trunks, the VLAN for which untagged traffic can be transmitted and received over the trunk; for ISL trunks, packets are tagged on all VLANs, including the native VLAN).

Vlans allowed on trunk

Range of VLANs allowed to go on the trunk (default is 1 to 1000).

Vlans allowed and active in management domain

Range of active VLANs within the allowed range.

Vlans in spanning tree forwarding state and not pruned

Range of VLANs that actually go on the trunk with Spanning Tree Protocol forwarding state.

Related Commands

set trunk

show port unicast-flood

To display the run-time configuration of the port using unicast flood blocking, use the show port unicast-flood command.

show port unicast-flood [mod/[port]]
Syntax Description

mod/[port]

Number of the module and optionally, number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display the status of unicast flood blocking on module 2:
Console> show port unicast-flood 2
Port   Unicast Flooding
-----  ----------------
 2/1   Enabled
 2/2   Enabled
Console>
This example shows how to display the status of unicast flood blocking on module 3, port 40:
Console> show port unicast-flood 3/40
Port   Unicast Flooding
-----  ----------------
 3/40  Enabled
Console> 
Related Commands

set port unicast-flood

show port vlan-mapping

To display the current VLAN mapping configuration on a specified port, use the show port vlan-mapping command.

show port vlan-mapping [mod[/port]]
Syntax Description

mod[/port]

(Optional) Number of the module and the port on the module. valid values for the mod argument are from 1 to 9, 15, and 16.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

If you do not specify a port or a module, all VLAN mapping configurations for all ports are displayed.

Examples

This example shows how to display the VLAN mapping for a specified port:
Console> show port vlan-mapping 4/1
Mod/Port Source VLAN Translated VLAN State      Max Allowed (Current) Entries
-------- ----------- --------------- ---------- -----------------------------
 4/1     2           1               Enabled    8   (2)
 4/1     98          99              Enabled    8   (2)
Console>
Table 2-83 describes the fields in the show port vlan mapping command output.

Table 2-83 show port vlan-mapping Command Output Fields

Field

Description

Mod/Port

Number of the module and the port on the module.

Source VLAN

Number of the source VLAN.

Translated VLAN

Number of the VLAN that is mapped to the source VLAN.

State

Status of whether VLAN mapping is enabled or disabled.

Max Allowed (Current) Entries

Maximum number of per-port VLAN mappings that are supported; current number of entries in parentheses.

Related Commands

clear port vlan-mapping
set port vlan-mapping

show port voice

To display voice port information, use the show port voice command.

show port voice [noalias]
Syntax Description

noalias

(Optional) Forces the display to show IP addresses, not IP aliases.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display voice port information:
Console> show port voice
Port  Name               Status     Vlan       Duplex Speed Type
----- ------------------ ---------- ---------- ------ ----- ------------
 7/1                     connected  100          full     1 T1
 7/2                     notconnect 100          full     1 T1
 7/3                     connected  100          full     1 T1
 7/4                     connected  100          full     1 T1
 7/5                     notconnect 100          full     1 T1
Port     DHCP    MAC-Address       IP-Address      Subnet-Mask
-------- ------- ----------------- --------------- ---------------
 7/1     disable 00-e0-b0-ff-31-c0 sjcf-12a-sw1-p7 255.255.254.0   
 7/2     disable 00-e0-b0-ff-31-c1 sjcf-12a-sw1-p7 255.255.254.0   
 7/3     disable 00-e0-b0-ff-31-c2 sjcf-12a-sw1-p7 255.255.254.0   
 7/4     disable 00-e0-b0-ff-31-c3 sjcf-12a-sw1-p7 255.255.254.0   
 7/5     disable 00-e0-b0-ff-31-c4 sjcf-12a-sw1-p7 255.255.254.0   
Port     Call-Manager(s)   DHCP-Server     TFTP-Server     Gateway
-------- ----------------- --------------- --------------- ---------------
 7/1     gigantic-2.cisc*  -               10.34.1.11      10.34.10.1      
         10.34.1.11      
 7/2     10.34.16.10*      -               10.34.1.11      10.34.10.1      
         10.34.1.11      
 7/3     10.34.16.10*      -               10.34.1.11      10.34.10.1      
         10.34.1.11      
 7/4     10.34.16.10*      -               10.34.1.11      10.34.10.1      
         10.34.1.11      
 7/5     10.34.1.11*       -               10.34.1.11      10.34.10.1      
         10.34.16.10     
         10.34.42.11     
(*):Primary
Port     DNS-Server(s)     Domain
-------- ----------------- -------------------------------------------------
 7/1     dns-sj3.cisco.c*  cisco.com
         dns-sj4.cisco.c 
 7/2     dns-sj3.cisco.c*  cisco.com
         dns-sj4.cisco.c 
 7/3     dns-sj3.cisco.c*  cisco.com
         dns-sj4.cisco.c 
 7/4     dns-sj3.cisco.c*  cisco.com
         dns-sj4.cisco.c 
 7/5     dns-sj3.cisco.c*  cisco.com
         dns-sj4.cisco.c 
(*):Primary
Port     CallManagerState DSP-Type
-------- ---------------- --------
 7/1     registered       C549
 7/2     registered       C549
 7/3     registered       C549
 7/4     registered       C549
 7/5     registered       C549
Port  NoiseRegen NonLinearProcessing
----- ---------- -------------------
 7/1  enabled    enabled
 7/2  enabled    enabled
 7/3  enabled    enabled
 7/4  enabled    enabled
 7/5  enabled    enabled
Console> 
This example shows how to display voice port information without displaying the IP address in DNS name format:
Console> show port voice noalias
Port  Name               Status     Vlan       Duplex Speed Type
----- ------------------ ---------- ---------- ------ ----- ------------
 7/1                     connected  100          full     1 T1
 7/2                     notconnect 100          full     1 T1
 7/3                     connected  100          full     1 T1
 7/4                     connected  100          full     1 T1
 7/5                     notconnect 100          full     1 T1
Port     DHCP    MAC-Address       IP-Address      Subnet-Mask
-------- ------- ----------------- --------------- ---------------
 7/1     disable 00-e0-b0-ff-31-c0 10.34.10.11     255.255.254.0   
 7/2     disable 00-e0-b0-ff-31-c1 10.34.10.12     255.255.254.0   
 7/3     disable 00-e0-b0-ff-31-c2 10.34.10.13     255.255.254.0   
 7/4     disable 00-e0-b0-ff-31-c3 10.34.10.14     255.255.254.0   
 7/5     disable 00-e0-b0-ff-31-c4 10.34.10.15     255.255.254.0   
Port     Call-Manager(s)   DHCP-Server     TFTP-Server     Gateway
-------- ----------------- --------------- --------------- ---------------
 7/1     10.34.16.10*      -               10.34.1.11      10.34.10.1      
         10.34.1.11      
 7/2     10.34.16.10*      -               10.34.1.11      10.34.10.1      
         10.34.1.11      
 7/3     10.34.16.10*      -               10.34.1.11      10.34.10.1      
         10.34.1.11      
 7/4     10.34.16.10*      -               10.34.1.11      10.34.10.1      
         10.34.1.11      
 7/5     10.34.1.11*       -               10.34.1.11      10.34.10.1      
         10.34.16.10     
         10.34.42.11     
(*):Primary
Port     DNS-Server(s)     Domain
-------- ----------------- -------------------------------------------------
 7/1     171.68.10.70*     cisco.com
         171.68.10.140   
 7/2     171.68.10.70*     cisco.com
         171.68.10.140   
 7/3     171.68.10.70*     cisco.com
         171.68.10.140   
 7/4     171.68.10.70*     cisco.com
         171.68.10.140   
 7/5     171.68.10.70*     cisco.com
         171.68.10.140   
(*):Primary
Port     CallManagerState DSP-Type
-------- ---------------- --------
 7/1     registered       C549
 7/2     registered       C549
 7/3     registered       C549
 7/4     registered       C549
 7/5     registered       C549
Port  NoiseRegen NonLinearProcessing
----- ---------- -------------------
 7/1  enabled    enabled
 7/2  enabled    enabled
 7/3  enabled    enabled
 7/4  enabled    enabled
Related Commands

set port voice interface dhcp
show port voice fdl
show port voice interface

show port voice active

To display active call information on a port, use the show port voice active command.

show port voice active [mod/port] [all | call | conference | transcode] [ipaddr]
Syntax Description

mod/port

(Optional) Number of the module and port on the module.

all

(Optional) Displays all calls (regular calls, conference calls, and transcoding calls) in the system.

call

(Optional) Displays call information for the 24-port FXS analog interface and the 8-port T1/E1 PSTN interface modules.

conference

(Optional) Displays call information for the 8-port T1/E1 PSTN interface module configured for conferencing.

transcode

(Optional) Displays call information for the 8-port T1/E1 PSTN interface module configured for transcoding.

ipaddr

(Optional) Remote IP address.

Defaults

The default is all active calls are displayed.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The information displayed when using the show port voice active command is not available through the supervisor engine SNMP agent.

The call keyword is supported by the 24-port FXS analog interface and the 8-port T1/E1 PSTN interface modules.

The conference and transcode keywords are supported by the 8-port T1/E1 PSTN interface module.

You can use the optional mod or mod/port variables to display calls that belong to the specified module or port in detailed format.

There are up to 8 calls per port for the 8-port T1/E1 ISDN PRI services-configured module but only one call per port for the 24-port FXS analog station interface services-configured module.

The ipaddr option displays one specific call for the specified IP address. You can also use an IP alias.

Examples

This example shows how to display all calls (regular calls, conference calls, and transcoding calls) in the system:
Console> show port voice active
Port  Type         Total Conference-ID/ Party-ID IP-Address
                         Transcoding-ID
----- ------------ ----- -------------- -------- ---------------
 6/3  transcoding  1     2              12       192.1.1.12
                                        10       10.6.106.101
 8/2  call         1     -              -        123.46.1.100
 8/5  call         1     -              -        123.46.1.101
 8/7  conferencing 1     1              8        192.1.1.5
                                        7        123.45.1.52
                                        9        192.1.1.14
Total: 3
Console> (enable)
This example shows how to display regular calls:
Console> (enable) show port voice active call
Port  Total IP-Address
----- ----- ---------------
 8/2  1     123.46.1.100
 8/5  1     123.46.1.101
Total: 2 calls
Console> (enable)
This example shows the output display for the 8-port T1/E1 PSTN interface module configured for transcoding:
Console> (enable) show port voice active transcode
Port  Total Transcoding-ID Party-ID IP-Address
----- ----- -------------- -------- ---------------
 6/3  1     2              12       192.1.1.12
                           10       10.6.106.101
Total: 1 transcoding session
Console> (enable)
This example shows the output display for the 8-port T1/E1 PSTN interface module configured for conferencing:
Console> (enable) show port voice active conference
Port  Total Conference-ID  Party-ID IP-Address
----- ----- -------------- -------- ---------------
 8/7  1     1              8        192.1.1.5
                           7        123.45.1.52
                           9        192.1.1.14
Total: 1 conferencing session
Console> (enable)
This example shows how to display calls for a specified port:
Console> show port voice active 3/2
Port 3/2:
Channel #1:
  Remote IP address                         : 165.34.234.111
  Remote UDP port                           : 124
  Call state                                : Ringing 
  Codec Type                                : G.711
  Coder Type Rate                           : 35243
  Tx duration                               : 438543 sec
  Voice Tx duration                         : 34534 sec
  ACOM Level Current                        : 123213
  ERL Level                                 : 123 dB       
  Fax Transmit Duration                     : 332433
  Hi Water Playout Delay                    : 23004 ms
  Logical If index                          : 4
  Low water playout delay                   : 234 ms 
  Receive delay                             : 23423 ms
  Receive bytes                             : 2342342332423
  Receive packets                           : 23423423402384
  Transmit bytes                            : 23472377
  Transmit packets                          : 94540
Channel #2:
  Remote IP address                         : 165.34.234.112
  Remote UDP port                           : 125
  Call state                                : Ringing 
  Codec Type                                : G.711
  Coder Type Rate                           : 35243
  Tx duration                               : 438543 sec
  Voice Tx duration                         : 34534 sec
  ACOM Level Current                        : 123213
  ERL Level                                 : 123 dB       
  Fax Transmit Duration                     : 332433
  Hi Water Playout Delay                    : 23004 ms
  Logical If index                          : 4
  Low water playout delay                   : 234 ms 
  Receive delay                             : 23423 ms
  Receive bytes                             : 2342342332423
  Receive packets                           : 23423423402384
  Transmit bytes                            : 23472377
  Transmit packets                          : 94540
Port  3/7 :
  Conference ID: 1
    Party ID: 8
      Remote IP address                     : 192.1.1.5
      UDP Port                              : 28848
      Codec Type                            : G729 B CS ACELP VAD
      Packet Size (ms)                      : 20
    Party ID: 7
      Remote IP address                     : 123.45.1.52
      UDP Port                              : 28888
      Codec Type                            : G711 ULAW PCM
      Packet Size (ms)                      : 20
    Party ID: 9
      Remote IP address                     : 192.1.1.14
      UDP Port                              : 28898
      Codec Type                            : G711 ULAW PCM
      Packet Size (ms)                      : 20
Total: 2
Console>
This example shows the output display for a specified IP address on a 24-port FXS analog interface module or the 8-port T1/E1 PSTN interface module:
Console> show port voice active 3/2 171.69.67.91
  Remote IP address                         : 171.69.67.91
  Remote UDP port                           : 125
  Call state                                : Ringing 
  Codec Type                                : G.711
  Coder Type Rate                           : 35243
  Tx duration                               : 438543 sec
  Voice Tx duration                         : 34534 sec
  ACOM Level Current                        : 123213
  ERL Level                                 : 123 dB       
  Fax Transmit Duration                     : 332433
  Hi Water Playout Delay                    : 23004 ms
  Logical If index                          : 4
  Low water playout delay                   : 234 ms 
  Receive delay                             : 23423 ms
  Receive bytes                             : 2342342332423
  Receive packets                           : 23423423402384
  Transmit bytes                            : 23472377
  Transmit packets                          : 94540
Console>
Related Commands

set port voice interface dhcp

show port voice fdl

To display the facilities data link (FDL) statistics for the specified ports, use the show port voice fdl command.

show port voice fdl [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display FDL information on an 8-port T1/E1 ISDN PRI services-configured module:
Console> (enable) show port voice fdl 7/1-3
Port  ErrorEvents       ErroredSecond     SeverlyErroredSecond
      Last 15' Last 24h Last 15' Last 24h Last 15' Last 24h
----- -------- -------- -------- -------- -------- -----------
 7/1  17       18       19       20       21       22
 7/2  17       18       19       20       21       22
 7/3  17       18       19       20       21       22
Port  FailedSignalState FailedSignalSecond
      Last 15' Last 24h Last 15' Last 24h
----- -------- -------- -------- ---------
 7/1  37       38       39       40
 7/2  37       38       39       40
 7/3  37       38       39       40
Port         LES               BES               LCV
      Last 15' Last 24h Last 15' Last 24h Last 15' Last 24h
----- -------- -------- -------- -------- -------- --------
 7/1  41       48       49       50       53       54
 7/2  41       48       49       50       53       54
 7/3  41       48       49       50       53       54
Console> (enable) 
Table 2-84 describes the possible fields (depending on the port type queried) in the show port voice fdl command output.

Table 2-84 show port voice fdl Command Output Fields

Field

Description

ErrorEvents

Count of errored events.

ErroredSecond

Count of errored seconds.

SeverelyErroredSecond

Count of severely errored seconds.

FailedSignalState

Count of failed signal state errors.

FailedSignalSecond

Count of failed signal state.

LES

Line errored seconds detected.

BES

Bursty errored seconds detected.

LCV

Line code violation seconds detected.

Related Commands

show port voice

show port voice interface

To display the port voice interface configuration, use the show port voice interface command.

show port voice interface [mod[/port]]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display voice interface information for a specific module:
Console> show port voice interface 5
Port     DHCP    MAC-Address       IP-Address      Subnet-Mask
-------- ------- ----------------- --------------- ---------------
 5/1-24  disable 00-10-7b-00-13-ea 10.6.15.158     255.255.255.0   
Port     Call-Manager(s)   DHCP-Server     TFTP-Server     Gateway
-------- ----------------- --------------- --------------- ---------------
 5/1-24  10.6.15.155       -               10.6.15.155     -               
Port     DNS-Server(s)     Domain
-------- ----------------- -------------------------------------------------
 5/1-24  12.2.2.1*         cisco.cisco.com
         7.7.7.7         
(*): Primary
Console> 
Related Commands

set port voice interface dhcp
show port voice
show port voice active

show port vtp

To display the status of VLAN Trunk Protocol (VTP) on a per-port basis, use the show port vtp command.

show port vtp [mod[/port]]
show port vtp vlan [vlan | vlan_name]
Syntax Description

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

vlan

Limits output to ports in the specified VLAN.

vlan

(Optional) VLAN number; valid values are from 1 to 4094.

vlan_name

(Optional) VLAN name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

VTP version 3 allows you to enable or disable VTP on a per-port basis. When a port is disabled for VTP, it will not send or accept any VTP packets, regardless of the VTP version.

Examples

This example shows how to display the status of VTP on module 2, port 1:
Console> show port vtp 2/1
Port      VTP Status
--------  ----------
 2/1      enabled
Console>
This example shows how to display the status of VTP on all ports on all modules:
Console> show port vtp
Port      VTP Sta
--------  -------
 2/1      enabled
 2/2      enabled
 3/1      enabled
 3/2      enabled
 3/3      enabled
 3/4      enabled
 3/5      enabled
 3/6      enabled
 3/7      enabled
 3/8      enabled
 3/9      enabled
 3/10     enabled
 3/11     enabled
 3/12     enabled
 3/13     enabled
 3/14     enabled
 3/15     enabled
 3/16     enabled
 3/17     enabled
 3/18     enabled
 3/19     enabled
 3/20     enabled
 3/21     enabled
 3/22     enabled
 3/23     enabled
 3/24     enabled
 3/25     enabled
 3/26     enabled
 3/27     enabled
 3/28     enabled
 3/29     enabled
 3/30     enabled
 3/31     enabled
 3/32     enabled
 3/33     enabled
 3/34     enabled
 3/35     enabled
 3/36     enabled
 3/37     enabled
 3/38     enabled
 3/39     enabled
 3/40     enabled
 3/41     enabled
 3/42     enabled
 3/43     enabled
 3/44     enabled
 3/45     enabled
 3/46     enabled
 3/47     enabled
 3/48     enabled
16/1      enabled
Console>
Related Commands

set port vtp
set vtp
show vtp

show port web-auth

To display information about a web-based proxy authentication port, use the show port web-auth command.

show port web-auth [mod[/port]]
show port web-auth [mod[/port]] aaa-fail-policy
Syntax Description

mod[/port]

(Optional) Module number and optionally, the port number.

aaa-fail-policy

Displays the AAA fail policy for web-based proxy authentication that is mapped to a port.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The show port web-auth command displays the following information:

•IP address of the host.

•Current state.

•Session-timeout. The time displayed is the configured timeout if it is not supplied by RADIUS.

•Leftover session timeout value.

Examples

This example shows how to display information about web-based proxy authentication on module 11, port 1:
Console> (enable) show port web-auth 11/1
Port IP-Address Vlan Enabled Web-Auth-State Critical-Status
----- --------------- ---- --------- ----------------- ---------------
11/1 11.23.45.45 18 enabled AUTHENTICATED No
Port IP-Address Session-Timeout Session-Timeleft Radius-Rcvd-Timeout
----- --------------- --------------- ---------------- -------------------
11/1 11.23.45.45 300 280 Yes
Port IP-Address Policy-Groups
----- --------------- -------------
11/1 11.23.45.45 eng eng1
Port IP-Address Ip-Device-Tracking
----- --------------- ------------------
11/1 11.23.45.45 Enabled
This example shows how to display the AAA fail policy for EoU that is mapped to module 5, port 11:
Console> show port web-auth 5/11 aaa-fail-policy
Port AAA-Fail-Policy
----- ------------------
5/11 BLDG_F
Related Commands

clear web-auth
set port critical
set port web-auth
set port web-auth initialize
set web-auth
set web-auth login-attempts
set web-auth login-fail-page
set web-auth login-page
set web-auth quiet-timeout
set web-auth session-timeout
show port web-auth
show web-auth summary

show proc

To display CPU, memory allocation, and process utilization information, use the show proc command.

show proc [cpu | mem]
Syntax Description

cpu

(Optional) Specifies CPU information.

mem

(Optional) Specifies memory allocation information.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

You can enter this command only in privileged mode.

If you do not specify cpu or mem, process information is displayed. The mem keyword allows you to display memory allocation information, such as how much each process has allocated and freed.

Examples

This example shows how to display CPU information:
Console> (enable) show proc cpu
(W)CPU utilization for five seconds: 1.0%; one minute: 1. 0%; five minutes: 1. %
PID Runtime(ms) Invoked uSecs   5Sec   1Min    5min   TTY Process
0   0           0       0       99.10%  99.0 %  99.0 %  0    idle            
1   1           36      1000     0.0 %   0.0 %   0.0 %  0    Flash MIB Updat 
2   1342        2846    460000   0.0 %   0.0 %   0.0 %  0    SynDiags        
3   730172      4440594 400000   0.0 %   0.0 %   0.0 %  0    SynConfig       
4   33752       424120  1000     0.0 %   0.0 %   0.0 %  0    Statuspoll      
5   7413        44916   1000     0.0 %   0.0 %   0.0 %  0    SWPoll64bCnt    
6   9568        15889836 1000    0.0 %   0.0 %   0.0 %  0    SL_TASK         
7   746         636118  105000   0.0 %   0.0 %   0.0 %  0    RedundantTask   
Console> (enable) 
This example shows how to display process utilization information:
Console> (enable) show proc
PID Q  T  PC         Runtime(ms) Invoked uSecs  Stacks    TTY Process
0   1  rd 0x80407b10 0           0       0      1640/6144 0   idle
1   65376 st 0x80407d8c 1        36      1000   1188/6144 0   Flash MIB
Upda
2   2  st 0x80407d8c 1342        2846    460000 3160/6144 0   SynDiags
3   1  rd 0x80407d8c 729979      4439406 400000 1672/6144 0   SynConfig
4   2  si 0x80407d8c 33739       424007  1000   1572/6144 0   Statuspoll
5   4  si 0x80407d8c 7413        44916   1000   1888/6144 0   SWPoll64bCnt
6   2  si 0x80407d8c 9565        15885713 1000  1096/6144 0   SL_TASK
7   2  si 0x80407d8c 746         635948  105000 1192/6144 0   RedundantTask
Memory Pool Utilization
Memory Pool Type 1Min  5Min  10Min
---------------- ----- ----- -----
DRAM               49%   49%   49%
FLASH              82%   82%   82%
NVRAM              49%   49%   49%
MBUF                2%    2%    2%
CLUSTER            12%   12%   12%
MALLOC             15%   15%   15%
Console> (enable)
This example shows how to display process information:
Console> (enable) show proc mem
Memory Used:  7141936
       Free: 53346800
      Total: 60488736
PID        TTY        Allocated  Freed      Holding    Process
---------- ---------- ---------- ---------- ---------- ---------------
1          -2         2928912    4544       2924368    Kernel and Idle
2          -2         160        0          160        Flash MIB Updat
3          -2         160        0          160        L2L3IntHdlr    
4          -2         0          0          0          L2L3PatchRev   
5          -2         288        0          288        SynDiags       
6          -2         128        0          128        GenMsgHndlr    
7          -2         1158560    526480     632080     SynConfig      
8          -2         32         0          32         TempMon        
9          -2         16         0          16         EM_garbageColle
10         -2         192        0          192        PowerMgmt      
11         -2         1136       0          1136       FabricConfig   
12         -2         97536      0          97536      SL_TASK        
13         -2         18368      5056       13312      RedundantTask  
14         -2         2384       0          2384       Status Poll    
15         -2         96         0          96         SWPoll64bCnt   
16         0          384        0          384        HavailTask     
17         -2         10304      0          10304      SyncTask       
18         -2         48         0          48         SecurityRx     
19         -2         144        0          144        DeviceLinkChk  
20         -2         10576      10560      16         Earl           
21         -2         2768       2464       304        DTP_Rx         
22         -2         280624     151680     128944     EthChnlRx      
23         -2         0          0          0          llcSSTPFlood   
24         -2         1584       1152       432        EthChnlConfig  
25         -2         1232       0          1232       ACL            
26         -2         27760      3552       24208      VaclLog        
27         0          0          0          0          L3Aging        
28         0          209168     0          209168     NetFlow        
29         0          2688400    112        2688288    Fib            
30         -2         0          0          0          Fib_bg_task    
31         -2         176        0          176        ProtocolFilter 
32         -2         16         0          16         telnetd        
33         -2         16         0          16         tftpd          
34         -2         1744       1632       112        ProtocolTimer  
35         -2         96         0          96         ciscoRmonTimer 
36         -2         96         0          96         ciscoUsrHistory
37         -2         112        0          112        rmonMediaIndep 
38         -2         0          0          0          SnmpTraps      
39         -2         0          0          0          memPoolMain    
40         -2         16         0          16         Acct Send Bkg  
41         -2         80         0          80         l2t_server     
42         -2         144        0          144        Authenticator_S
43         -2         16         0          16         dot1x_rx       
44         -2         16         0          16         Backend_Rx     
45         -2         16         0          16         Backend_SM     
46         -2         3216       2992       224        Debug Port Coun
47         -2         16         0          16         SysLogTask     
48         -2         112        0          112        pinggateA      
49         -2         8704       8000       704        cdpd           
50         -2         124576     124416     160        cdpdtimer      
51         -2         1296       1088       208        SptTimer       
52         -2         2336       1120       1216       SptBpduRx      
53         -2         144        0          144        SptBpduTx      
54         -2         0          0          0          GL2Prot_Tunnel 
55         -2         176        0          176        VtpTimer       
56         -2         16         1072       4294966240 HPConfig       
57         -2         96         0          96         RMON AlarmTimer
58         -2         0          0          0          sptTraps       
59         -2         6128       5952       176        McastRx        
60         -2         16         0          16         IGMPQuerierProc
61         -2         272        0          272        M-MLS_stats    
62         -2         5808       1504       4304       M-MLS_manager  
63         -2         47520      15216      32304      QoSTask        
64         0          11936      0          11936      Read Stats Task
65         0          32         0          32         QDE Task       
66         -2         144        0          144        EnvMon         
67         -2         1120       0          1120       VlanStatsTask  
70         -2         16         0          16         HPActive       
71         -2         48         0          48         HPTrapMgr      
143        0          57200      4208       52992      Console        
144        -2         256208     29920      226288     snmpdm         
145        -2         208        0          208        VtpRx          
146        2252448660 68448      6864       61584      telnet146      
191        -2         29360      19504      9856       AclManager     
Memory Pool Utilization
Memory Pool Type 1Min  5Min  10Min
---------------- ----- ----- -----
DRAM               45%   45%   45%
FLASH              83%   83%   83%
NVRAM              49%   49%   49%
MBUF                2%    2%    2%
CLUSTER            11%   11%   11%
MALLOC             11%   11%   11%
Console> (enable)
Table 2-85 describes the possible fields in the show proc command outputs.

Table 2-85 show proc Command Output Fields

Field

Description

CPU Utilization

Sum of all the loads from all the processes running on the CPU in the last 5 seconds, 1 minute, and 5 minutes.

PID

Process ID.

Runtime

Time the process has run since initiation (in milliseconds).

Invoked

Number of times the process was invoked since initiation.

uSecs

Maximum time a process ran in a single invocation.

5sec

Amount of time this process ran on the CPU in the last 5-second interval.

1Min

Average memory pool usage over the last 1-minute interval.

5Min

Average memory pool usage over the last 5-minute interval.

10Min

Average memory pool usage over the last 10-minute interval.

TTY

TTY associated with the process.

Process

Name of the process.

Allocated

Amount of all the memory allocated by the process since it was initiated, including the memory previously freed up.

Freed

Amount of memory the process has freed up until now.

Holding

Amount of memory the process is currently holding.

Q

Process priority in terms of numbers. A low number means high priority.

T

State of the process (Running, we = waiting for event, st = sleeping, si = sleeping on an interval, rd = ready to run, id = idle, xx = dead/zombie).

PC

Calling PC for "show_process" function.

Stacks

Size of the stack used by the process/the total stack size allocated to the process (in bytes).

show protocolfilter

To list whether protocol filtering is enabled or disabled, use the show protocolfilter command.

show protocolfilter
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display whether protocol filtering is enabled or disabled:
Console> show protocolfilter
Protocol filtering is enabled on this switch.
Console> 
Related Commands

set port protocol
set protocolfilter

show pvlan

To show the configuration for a given private VLAN, use the show pvlan command.

show pvlan [vlan | primary | isolated | community | twoway-community]
Syntax Description

vlan

(Optional) Number of the private VLAN.

primary

(Optional) Displays the primary private VLANs.

isolated

(Optional) Displays the isolated private VLANs.

community

(Optional) Displays the community private VLANs.

twoway-community

(Optional) Displays the bidirectional community private VLANs.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

A twoway-community private VLAN is a bidirectional community private VLAN that carries traffic among community ports and to and from community ports to and from the MSFC.

Examples

This example shows how to display the status for VLAN 10:
Console> show pvlan 10
Primary Secondary Secondary-Type Ports
------- --------- -------------- ------------
10      20        isolated       6/1
Console> 
This example shows how to display the status for all VLANs set as primary:
Console> show pvlan primary
Primary Secondary Secondary-Type Ports
------- --------- -------------- ------------
10      20        isolated       6/1
11      21        isolated       6/2
30      -         -              
Console> 
This example shows how to display the status for all VLANs set as isolated:
Console> show pvlan isolated
Primary Secondary Secondary-Type Ports
------- --------- -------------- ------------
10      20        isolated       6/1
11      21        isolated       6/2
-       31        isolated       
Console> 
This example shows how to display the status for all VLANs set as community:
Console> show pvlan community
Primary Secondary Secondary-Type Ports
------- --------- -------------- ------------
7       902       community      2/4-6        
Console>
Related Commands

clear config pvlan
clear pvlan mapping
clear vlan
set pvlan
set pvlan mapping
set vlan
show pvlan mapping
show vlan

show pvlan capability

To determine whether or not a port can be made a private port, use the show pvlan capability
command.

show pvlan capability mod/port
Syntax Description

mod/port

Number of the module and the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to determine if a port can be made into a private VLAN:
Console> (enable) show pvlan capability 5/20
Ports 5/13 - 5/24 are in the same ASIC range as port 5/20.
Port 5/20 can be made a private vlan port.
Console> (enable) 
These examples show the output if a port cannot be made into a private VLAN:
Console> (enable) show pvlan capability 3/1
Port 3/1 cannot be made a private vlan port due to:
------------------------------------------------------
Promiscuous ports cannot be made private vlan ports.
Console> (enable)
Console> (enable) show pvlan capability 5/1
Ports 5/1 - 5/12 are in the same ASIC range as port 5/1.
Port 5/1 cannot be made a private vlan port due to:
------------------------------------------------------
Trunking ports are not Private Vlan capable.
Conflict with Promiscuous port(s) : 5/2
Console> (enable)
Console> (enable) show pvlan capability 5/2
Ports 5/1 - 5/12 are in the same ASIC range as port 5/2.
Port 5/2 cannot be made a private vlan port due to:
------------------------------------------------------
Promiscuous ports cannot be made private vlan ports.
Conflict with Trunking port(s) : 5/1
Console> (enable)
Console> (enable) show pvlan capability 5/3
Ports 5/1 - 5/12 are in the same ASIC range as port 5/3.
Port 5/3 cannot be made a private vlan port due to:
------------------------------------------------------
Conflict with Promiscuous port(s) : 5/2
Conflict with Trunking port(s) : 5/1
Console> (enable)
Console> (enable) show pvlan capability 15/1
Port 15/1 cannot be made a private vlan port due to:
------------------------------------------------------
Only ethernet ports can be added to private vlans.
Console> (enable)
Related Commands

clear config pvlan
clear pvlan mapping
clear vlan
set pvlan
set pvlan mapping
set vlan
show pvlan mapping
show vlan

show pvlan mapping

To show the private VLAN mappings configured on promiscuous ports, use the show pvlan mapping command.

show pvlan mapping [private_vlan | mod/port]
Syntax Description

private_ vlan

(Optional) Number of the private VLAN.

mod/port

(Optional) Number of the module and port.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display the private VLAN mapping by port:
Console> show pvlan mapping 
Port Primary Secondary
---- ------- ---------
 6/3  10      20
Console> 
This example shows how to display the private VLAN mapping for a specific VLAN:
Console> show pvlan mapping 10
Primary Secondary Ports
------- --------- -----
10      20        6/3
Console> 
This example shows how to display the private VLAN mapping for a specific port:
Console> show pvlan mapping 6/3
Port Primary Secondary
---- ------- ---------
 6/3  10      20
Console>
This example shows the results when no VLANs are mapped:
Console> show pvlan mapping
Port Primary Secondary
---- ------- ---------
No Private Vlan Mappings configured.
Console> 
Related Commands

clear config pvlan
clear pvlan mapping
clear vlan
set pvlan
set pvlan mapping
set vlan
show vlan

show qos acl editbuffer

To display ACL names in the edit buffer, use the show qos acl editbuffer command.

show qos acl editbuffer
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

Enter the show qos acl editbuffer command to display the committed access lists that you configured. The information is helpful when you are adding or deleting ACEs.

Examples

This example shows how to display QoS ACL edit buffer contents:
Console> (enable) show qos acl editbuffer
ACL                               Type Status
--------------------------------  ---- ----------
ip1                               IP   Committed
ipx1                              IPX  Committed
mac1                              MAC  Committed
Related Commands

commit
rollback

show qos acl info

To display QoS ACL information, use the show qos acl info command.

show qos acl info default-action {ip | ipx | mac | all}
show qos acl info runtime {acl_name | all}
show qos acl info config {acl_name | all} [editbuffer [editbuffer_index]]
Syntax Description

default-action

Displays default action (using the set qos acl default-action command) for packets that do not match any entry in an access list.

ip

Displays QoS IP ACL information.

ipx

Displays all QoS IPX ACL information.

mac

Displays all QoS MAC ACL information.

all

Displays all QoS ACL information.

runtime

Displays runtime ACE information.

acl_name

Name of the ACL to be displayed.

config

Displays configured ACE information.

editbuffer

(Optional) Displays edit buffer information.

editbuffer_index

(Optional) Position of the ACE in the ACL.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display all ACL default configurations:
Console> (enable) show qos acl info default-action all
set qos acl default-action
--------------------------
ip dscp 7 my1 my2 
ipx dscp 0 
mac dscp 0 
Console> (enable) 
This example shows how to display edit buffer information for a specific ACL:
Console> (enable) show qos acl info my_ip_acl editbuffer
set qos acl ip my_ip_acl
----------------------------------------------------
1. set qos acl ip my_ip_acl trustdscp microflow my-micro tcp 1.2.3.4 255.0.0.0  
eq port 21 172.20.20.1 255.255.255.0 
2. set qos acl ip my_ip_acl trustdscp microflow my-micro aggregate agg tcp  
173.22.3.4 255.0.0.0 eq port 19 173.22.20.1 255.255.255.0 tos 5
ACL status: Not Committed
Console> (enable) 
This example shows how to display information for a specific ACL:
Console> (enable) show qos acl info my_ip_acl 
set qos acl ip my_ip_acl
----------------------------------------------------
1. trust-dscp microflow my-micro tcp 1.2.3.4 255.0.0.0 eq  
port 21 172.20.20.1 255.255.255.0 tos 5
2. trust-dscp microflow my-micro aggregate agg tcp  
173.22.3.4 255.0.0.0 eq port 19 173.22.20.1 255.255.255.0 tos 5
Console> (enable) 
This example shows how to display runtime information for all ACLs:
Console> (enable) show qos acl info runtime all
set qos acl IP _Cops_1
----------------------------------------------
1. dscp 0 any 
set qos acl IP _Cops_2
----------------------------------------------
1. dscp 8 ip 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255 
2. dscp 16 tcp any any 
3. dscp 24 udp any any
Console> (enable) 
Related Commands

clear qos policer
set qos acl default-action
set qos policer

show qos acl map

To display the ACL mapping information, use the show qos acl map command.

show qos acl map {config | runtime} {acl_name | mod/port | vlan | all | all-vlans | all-ports}
Syntax Description

config

Displays NVRAM QoS information.

runtime

Displays QoS runtime information.

acl_name

Name of the list.

mod/port

Number of the module and the port.

vlan

VLAN list.

all

Displays information regarding all ACLs.

all-vlans

Displays all ACL-to-VLAN mapping.

all-ports

Displays all ACL-to-port mapping.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

You can enter the config keyword to display information that was configured through the CLI and saved in NVRAM, regardless of the current runtime information.

Note When a switchover occurs, you cannot view the ACLs and policers deployed using COPS-DS until the COPS-DS client on the new active supervisor engine establishes connection to the PDP and downloads the QoS policy. The runtime fields in the output display will be blank until QoS policy is downloaded to the new active supervisor engine.

Examples

This example shows how to display information for all ACLs:
Console> show qos acl map all  
ACL name   Vlan #            Ports
--------   ----------------- -----------------------------
web-acc    1,4-7             
isp1       2                 1/1
Console> 
This example shows how to display information for a specific VLAN:
Console> show qos acl map 1
Vlan  ACL name     
----  ----------------
1     web-acc
Console> 
This example shows how to display information for a specific ACL:
Console> show qos acl map isp1
ACL name   Vlan #            Ports
--------   ----------------  ---------------
isp1       2                 1/1     
Console> 
Related Commands

clear qos acl
set qos acl map

show qos acl resource-usage

To display ACL management information, use the show qos acl resource-usage command.

show qos acl resource-usage
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display ACL management information:
Console> (enable) show qos acl resource-usage
ACL resource usage:
Label:0%
Logical Operation Unit:0%
TCAM mask:0%
TCAM value:0%
Console> (enable) 
Related Commands

commit
rollback

show qos bridged-microflow-policing

To display the VLAN-bridged packet-policing status, use the show qos bridged-microflow-policing command.

show qos bridged-microflow-policing {config | runtime} [vlan]
Syntax Description

config

Displays NVRAM configuration.

runtime

Displays the run time configuration.

vlan

(Optional) Number of the VLAN.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

If you do not specify a VLAN number, the status of all VLANs are displayed.

Examples

This example shows how to display the NVRAM configuration of a specific VLAN:
Console> show qos bridged-microflow-policing config 1
QoS microflow policing is disabled for bridged packets on vlan 1.
Console>
This example shows how to display the NVRAM configuration of all VLANs:
Console> show qos bridged-microflow-policing config
QoS microflow policing is disabled for bridged packets on vlan(s) 1-1000,1025-40
94.
Console>
Related Commands

clear qos policer
set qos bridged-microflow-policing
set qos policer

show qos info

To display QoS-related information for a specified port, use the show qos info command.

show qos info {runtime | config} {mod/port}
show qos info config port_type {tx | rx}
Syntax Description

runtime

Shows the current QoS runtime information.

config

Displays NVRAM QoS configuration.

mod/port

Number of the module and port.

port_type

Port type; valid values are 2q2t, 1p3q1t, 1p2q2t, 1p2q1t for transmit and 1q4t, 1p1q4t, and 1p1q0t, 1p1q8t, and 1q2t for receive. See the "Usage Guidelines" section for additional information.

tx

Displays transmit port information.

rx

Displays receive port information.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

You can enter the show qos info runtime mod/port command to view the currently used values in the hardware or the show qos info runtime mod/port command to view the values that have been configured administratively (present in NVRAM). The outputs differ when QoS has been disabled. When you disable QoS, the values set on all the ports are different from the values present in NVRAM. When you enable QoS, the values in NVRAM are used to program the hardware.

The display of show qos info runtime mod/port shows both the absolute values and the percentages you specified for the drop thresholds, queue sizes, and WRR. However, the absolute values may not exactly match the percentages specified due to the granularity of permitted settings in hardware.

The number preceding the t letter in the port_type value (for example, 2q2t, 1p2q2t, 1q4t, 1p1q4t, or 1q2t) determines the number of threshold values the hardware supports. For example, with 2q2t, 1q2t and 1p2q2t, the number of thresholds specified is two; with 1q4t and 1p1q4t, the number of thresholds specified is four. Due to the granularity of programming the hardware, the values set in hardware will be close approximations of the values provided.

The number preceding the q letter in the port_type value determines the number of the queues that the hardware supports. For example, with 2q2t and 1p2q2t, the number of queues specified is two; with 1q4t 1p1q4t, and 1q2t, the number of queues specified is one. The system defaults for the transmit queues attempt to keep the maximum latency through a port at a maximum of 10 ms.

The number preceding the p letter in the port_type value (for example, 1p2q2t and 1p1q4t) determines the threshold in the priority queue.

The 1p2q1t and 1p1q8t port types are not supported.

Note When a switchover occurs, you cannot view the ACLs and policers deployed using COPS-DS until the COPS-DS client on the new active supervisor engine establishes connection to the PDP and downloads the QoS policy. The runtime fields in the output display will be blank until QoS policy is downloaded to the new active supervisor engine.

Examples

This example shows how to display QoS-related NVRAM-transmit threshold information:
Console> (enable) show qos info config 2q2t tx
QoS setting in NVRAM for 2q2t transmit:
QoS is disabled
 CoS = 0 
Queue and Threshold Mapping:
Queue Threshold CoS
----- --------- ---------------
1     1         0 1
1     2         2 3
2     1         4 5
2     2         6 7
Tx drop thresholds:
Queue #  Thresholds - percentage (abs values )
-------  -------------------------------------
1        40% 100%
2        40% 100%
Queue Sizes:
Queue #  Sizes - percentage (abs values )
-------  -------------------------------------
1        80%
2        20%
WRR Configuration:
Ports have transmit ratios between queue 1 and 2 of
100:256
Console> (enable) 
This example shows how to display QoS-related NVRAM receive-threshold information:
Console> (enable) show qos info config 1p1q4t rx
QoS setting in NVRAM for 1p1q4t receive:
QoS is disabled
Queue and Threshold Mapping for 1p1q4t (rx):
Queue Threshold CoS
----- --------- ---------------
1     1         0
1     2         2 3
1     3         4 5
1     4         1 6 7
2     1
Rx drop thresholds:
Queue #  Thresholds - percentage (abs values )
-------  -------------------------------------
1        50% 60% 80% 100%
Console> (enable) 
This example shows how to display all QoS-related NVRAM threshold information:
Console> (enable) show qos info config 2q2t tx
QoS setting in NVRAM for 2q2t transmit:
QoS is enabled
Queue and Threshold Mapping:
Queue Threshold CoS            
----- --------- ---------------
1     1         0 1 
1     2         2 3 
2     1         4 5 
2     2         6 7 
Tx drop thresholds:
Queue #  Thresholds - percentage (abs values )
-------  -------------------------------------
1        40% 100% 
2        40% 100% 
Queue Sizes:
Queue #  Sizes - percentage (abs values )
-------  -------------------------------------
1        80% 
2        20% 
WRR Configuration:
Ports with 2q2t have ratio of 100:255 between transmit queue 1 and 2 
Console> (enable) 
This example shows how to display the current QoS runtime information:
Console> (enable) show qos info runtime 1/1
Run time setting of QoS:
QoS is enabled on 2/1
Port 2/1 has 2 transmit queue with 2 drop thresholds (2q2t).
Port 2/1 has 1 receive queue with 4 drop thresholds (1q4t).
The qos trust type is set to trust-cos.
 CoS = 0    
Queue and Threshold Mapping:
Queue Threshold CoS            
----- --------- ---------------
1     1         0 1 
1     2         2 3 
2     1         4 5 
2     2         6 7 
Rx drop thresholds:
Queue #  Thresholds - percentage (abs values )
-------  -------------------------------------
1        50% (38912 bytes) 60% (46688 bytes) 80% (62240 bytes) 100% (73696
bytes) 
Tx drop thresholds:
Queue #  Thresholds - percentage (abs values )
-------  -------------------------------------
1        40% (144224 bytes) 100% (360416 bytes) 
2        40% (32864 bytes) 100% (77792 bytes) 
Queue Sizes:
Queue #  Sizes - percentage (abs values)
-------  -------------------------------------
1        80% (360416 bytes)
2        20% (81888 bytes)
WRR Configuration:
Ports with speed 1000Mbps have ratio of 100:255 between transmit queue 1
and 2 (25600:65280 bytes)
Console> (enable) 
This example shows another display of the current QoS runtime information:
Console> show qos info runtime 8/1 
Run time setting of QoS:
QoS is enabled
Policy Source of port 8/1:Local
Tx port type of port 8/1 :1p2q2t
Rx port type of port 8/1 :1q2t
Interface type:port-based
ACL attached:
The qos trust type is set to trust-cos.
Default CoS = 0    
Queue and Threshold Mapping for 1p2q2t (tx):
Queue Threshold CoS            
----- --------- ---------------
1     1         0 1 
1     2         2 3 
2     1         4 6 
2     2         7 
3     -         5 
Queue and Threshold Mapping for 1q2t (rx):
Queue Threshold CoS            
----- --------- ---------------
1     1         0 1 2 3 4 
1     2         5 6 7
Rx drop thresholds:
Queue #  Thresholds - percentage (* abs values)
-------  -------------------------------------
1        80% (13106 bytes) 100% (16384 bytes) 
Tx drop thresholds:
Tx drop-thresholds feature is not supported for this port type.
Rx WRED thresholds:
WRED feature is not supported for this port type.
Tx WRED thresholds:
Queue #  Thresholds - percentage (* abs values)
-------  ------------------------------------------
1        40%:70% (170393:298240 bytes) 70%:100% (298188:425856 bytes) 
2        40%:70% (32768:57344 bytes) 70%:100% (57344:77824 bytes) 
Tx queue size ratio:
Queue #  Sizes - percentage (* abs values)
-------  -------------------------------------
1        70% (425984 bytes)
2        15% (81920 bytes)
3        15% (81920 bytes)
Rx queue size ratio:
Rx queue size-ratio feature is not supported for this port type.
WRR Configuration of ports with speed 10Mbps:
Queue #  Ratios (* abs values)
-------  -------------------------------------
1        100 (25600 bytes)
2        255 (65280 bytes)
(*) Runtime information may differ from user configured setting due to hardware 
granularity.
Console> (enable)
This example shows how to display the current QoS configuration information:
Console> (enable) show qos info config 8/1
QoS setting in NVRAM:
QoS is disabled
Port 8/1 has 3 transmit queue with 2 drop thresholds (1p2q2t).
Port 8/1 has 2 receive queue with 4 drop thresholds (1p1q4t).
ACL attached:
The qos trust type is set to untrusted.
 CoS = 0
Queue and Threshold Mapping for 1p2q2t (tx):
Queue Threshold CoS
----- --------- ---------------
1     1         0 1
1     2         2 3
2     1         4 5
2     2         7
3     1         6
Queue and Threshold Mapping for 1p1q4t (rx):
Queue Threshold CoS
----- --------- ---------------
1     1         0
1     2         2 3
1     3         4 5
1     4         1 6 7
2     1
Rx drop thresholds:
Rx drop thresholds are disabled for untrusted ports.
Queue #  Thresholds - percentage (abs values )
-------  -------------------------------------
1        50% 60% 80% 100%
Tx drop thresholds:
Tx drop-thresholds feature is not supported for this port type.
Tx WRED thresholds:
Queue #  Thresholds in percentage ( in abs values )
-------  ------------------------------------------
1        80% 100%
2        80% 100%
Queue Sizes:
Queue #  Sizes - percentage (abs values )
-------  -------------------------------------
1        70%
2        15%
3        15%
WRR Configuration of ports with speed 1000Mbps:
Queue #  Ratios (abs values )
-------  -------------------------------------
1        100
2        255
Console> (enable) 
This example shows another display of the current QoS configuration information:
Console> (enable) show qos info config 1p2q2t tx
QoS setting in NVRAM for 1p2q2t transmit:
QoS is enabled
Queue and Threshold Mapping:
Tx WRED thresholds:
Queue #  Thresholds - percentage
-------  ------------------------------------------
1        0%:60% 0%:90%
2        0%:50% 0%:90%
Tx queue size ratio:
Queue #  Sizes - percentage
-------  -------------------------------------
1        70%
2        15%
3        15%
WRR Configuration of ports with 1p2q2t:
Queue #  Ratios
-------  -------------------------------------
1        5
2        255
Console> (enable) 
Related Commands

clear port qos autoqos
clear qos autoqos
set port qos autoqos
set qos
set qos autoqos
show port qos

show qos mac-cos

To display the currently configured QoS-related information for the MAC address and VLAN pair, use the show qos mac-cos command.

show qos mac-cos dest_mac [vlan] [config]
show qos mac-cos all [config]
Syntax Description

dest_mac

MAC address of the destination host.

vlan

(Optional) Number of the VLAN; valid values are from 1 to 1005.

config

(Optional) Displays NVRAM QoS configuration.

all

Specifies all MAC address and VLAN pairs.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

You can enter the show qos mac-cos command to display the currently configured QoS-related information.

You can enter the config keyword to display information that was configured through the CLI and saved in NVRAM, regardless of the current runtime information.

Examples

This example shows how to display currently configured QoS-related information for all MAC address and VLAN pairs:
Console> (enable) show qos mac-cos all
VLAN  Dest MAC            CoS
----  ------------------  ---
1      01-02-03-04-05-06  2
9      04-05-06-07-08-09  3
Console> (enable) 
This example shows how to display currently configured QoS-related information for a specific MAC address:
Console> (enable) show qos mac-cos 01-02-03-04-05-06
VLAN  Dest MAC            CoS
----  ------------------  ---
1      01-02-03-04-05-06  2
Console> (enable) 
Related Commands

clear qos mac-cos
set qos mac-cos

show qos maps

To display the mapping of different maps, use the show qos maps command.

show qos maps {config | runtime} [cos-dscp-map | ipprec-dscp-map | dscp-cos-map | policed-dscp-map [normal-rate | excess-rate] | dscp-mutation-map [mutation_table_id] | dscp-mutation-table-map [mutation_table_id] | cos-cos-map [mod/port]]
Syntax Description

config

Displays NVRAM QoS configuration.

runtime

Displays current QoS configuration.

cos-dscp-map

(Optional) Specifies the CoS-to-DSCP map.

ipprec-dscp-map

(Optional) Specifies the IP precedence-to-DSCP map.

dscp-cos-map

(Optional) Specifies the DSCP-to-CoS map.

policed-dscp-map

(Optional) Specifies the marked-down map.

normal-rate

(Optional) Specifies normal rate.

excess-rate

(Optional) Specifies excess rate.

dscp-mutation-map

(Optional) Specifies a DSCP mutation map.

mutation_table_id

(Optional) Number of the mutation table; valid values are from 1 to 15. See the "Usage Guidelines" section for more information.

dscp-mutation-table-map

(Optional) Specifies a DSCP mutation table map.

cos-cos-map

(Optional) Specifies the CoS-to-CoS map.

mod/port

(Optional) Number of the module and the port on the module.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

You can enter the config keyword to display information that was configured through the CLI and saved in NVRAM, regardless of the current runtime information.

If you do not specify an option, all maps are displayed.

Note When a switchover occurs, you cannot view the ACLs and policers deployed using COPS-DS until the COPS-DS client on the new active supervisor engine establishes connection to the PDP and downloads the QoS policy. The runtime fields in the output display will be blank until QoS policy is downloaded to the new active supervisor engine.

If you do not enter a mutation_table_id argument, the system displays all DSCP mutation maps.

Examples

This example shows how to display the cos-dscp-map map:
Console> show qos maps cos-dscp-map
CoS - DSCP map:
CoS   DSCP
---   ---------------
0     10
...
7     52
Console> 
This example shows how to display the ipprec-dscp-map map:
Console> show qos maps ipprec-dscp-map
IP-Precedence - DSCP map:
IP-Prec   DSCP
-------   -------------------
0         1
...
7         52
Console> 
This example shows how to display the dscp-cos-map map:
Console> show qos maps dscp-cos-map
DSCP - CoS map:
DSCP             CoS
---------------  ----
34-40,60         0
...
50               7
Console> 
This example shows how to display the policed-dscp-map map:
Console> show qos maps policed-dscp-map
DSCP policed-dscp map:
In-profile DSCP  Policed DSCP
---------------  -------------
0-20             0
Console>
This example shows how to display all maps:
Console> show qos maps
CoS - DSCP map:
CoS   DSCP
---   ---------------
0     10
...
7     52
IP-Precedence - DSCP map:
IP-Prec   DSCP
-------   -------------------
0         1
...
7         52
IP-Precedence - CoS map:
IP-Prec   CoS
-------   -----
0         0
...
7         7
DSCP - CoS map:
DSCP             CoS
---------------  ----
34-40,60         0
...
50               7
DSCP policed-dscp map:
In-profile DSCP  Policed DSCP
---------------  -------------
0-20             0
Console> 
This example shows how to display normal-rate maps:
Console> show qos maps config policed-dscp-map normal-rate
DSCP - Policed DSCP map normal-rate:
DSCP                              Policed DSCP
--------------------------------  ------------
                        0, 24-63  0
                               1  1
                               2  2
                               3  3
                               4  4
                               5  5
                               6  6
                               7  7
                               8  8
                               9  9
                              10  10
                              11  11
                              12  12
                              13  13
                              14  14
                              15  15
                              16  16
                              17  17
                              18  18
                              19  19
                              20  20
                              21  21
                              22  22
                              23  23
Console> 
This example shows how to display the configuration for DSCP mutation map 1:
Console> show qos maps config dscp-mutation-map 1
Mutation Table ID:
Map ID  VLANS
------  ----------------------------------------
     1  1,78-1005,1025-4094      
DSCP mutation map 1:
DSCP                              Policed DSCP
--------------------------------  ------------
                               0  0
                               1  1
                               2  2
                               3  3
                               4  4
                               5  5
                               6  6
                               7  7
                               8  8
                               9  9
                              10  10
                              11  11
                              12  12
                              13  13
                              14  14
                              15  15
                              16  16
                              17  17
                              18  18
                              19  19
                              20  20
                              21  21
                              22  22
                              23  23
                              24  24
                              25  25
                              26  26
                              27  27
                              28  28
                              29  29
                              30  30
                              31  31
                              32  32
                              33  33
                              34  34
                              35  35
                              36  36
                              37  37
                              38  38
                              39  39
                              40  40
                              41  41
                              42  42
                              43  43
                              44  44
                              45  45
                              46  46
                              47  47
                              48  48
                              49  49
                              50  50
                              51  51
                              52  52
                              53  53
                              54  54
                              55  55
                              56  56
                              57  57
                              58  58
                              59  59
                              60  60
                              61  61
                              62  62
                              63  63
Console>
This example shows how to display the NVRAM CoS-to-CoS map:
Console> show qos maps config cos-cos-map
CoS - CoS map:
CoS   CoS
---   ----
  0   0
  1   5
  2   4
  3   5
  4   4
  5   5
  6   6
  7   7
Console>
This example shows how to display the current CoS-to-CoS map on a specific port:
Console> show qos maps runtime cos-cos-map 3/2
CoS - CoS map:
CoS   CoS
---   ----
  0   0
  1   5
  2   4
  3   5
  4   4
  5   5
  6   6
  7   7
Console>
Related Commands

clear qos cos-cos-map
clear qos cos-dscp-map
clear qos dscp-mutation-map
clear qos dscp-mutation-table-map
clear qos policed-dscp-map
set qos map
set qos cos-cos-map
set qos cos-dscp-map
set qos dscp-mutation-map
set qos dscp-mutation-table-map

show qos policer

To display microflow or aggregate policers currently configured, use the show qos policer command.

show qos policer {config | runtime} {microflow [policer_name] | aggregate [policer_name] | all}
Syntax Description

config

Displays NVRAM QoS configuration.

runtime

Shows the current QoS runtime information.

microflow

Specifies microflow policing information.

aggregate

Specifies aggregate policing rule information.

policer_name

(Optional) Name of the policer.

all

Specifies all policing information.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

When a switchover occurs, you cannot view the ACLs and policers deployed using COPS-DS until the COPS-DS client on the new active supervisor engine establishes connection to the PDP and downloads the QoS policy. The runtime fields in the output display will be blank until QoS policy is downloaded to the new active supervisor engine.

Examples

This example shows how to display all currently configured policing information:
Console> show qos policer config all
QoS microflow policers:
Microflow name                  Avg. rate Burst size Exceed action
------------------------------- --------- ---------- -------------
mic                                    55         64 drop
                                ACL attached
                                ------------------------------------
QoS aggregate policers:
No aggregate policer found.
Console> 
This example shows how to display microflow policing information:
Console> show qos policer config microflow
QoS microflow policers:
Microflow name        Average rate     Burst size       Exceed action
--------------------  ---------------  ---------------  -------------
my-micro              1000             2000             drop
Microflow name        ACL attached
--------------------  -----------------------------------------------
my-micro              my-acl
Console> 
This example shows how to display aggregate policing information:
Console> show qos policer config aggregate
QoS aggregate policers:
No aggregate policer found.
Console> 
This example shows how to display aggregate policing information for a specific policer:
Console> show qos policer config aggregate
QoS aggregate policers:
Aggregate name                Normal rate (kbps)  Burst size (kb) Normal action
----------------------------- ------------------  --------------- -------------
test2                                         64             100  policed-dscp
                              Excess rate (kbps)  Burst size (kb) Excess action
                              ------------------  --------------  ---------------
                                         8000000             100  policed-dscp
                              ACL attached
                              ------------------------------------
Console>
Related Commands

clear qos policer
set qos policer

show qos policy-source

To display the QoS policy source information, use the show qos policy-source command.

show qos policy-source
Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

This command displays whether the QoS policy source is set to local or COPS.

Examples

This example shows how to view the QoS policy source:
Console> show qos policy-source
QoS policy source for the switch set to local.
Console>
Related Commands

set qos policy-source

show qos rsvp

To display RSVP information, use the show qos rsvp command.

show qos rsvp {info | flow-info}
Syntax Description

info

Displays RSVP status information.

flow-info

Displays RSVP flow information.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The maximum number of RSVP flows displayed in the show qos rsvp flow-info command output are as follows:

•1024 for switches configured with the Supervisor Engine 1 with Layer 3 Switching Engine Policy Feature Card (WS-F6K-PFC).

•1056 for systems configured with the Supervisor Engine 2 with Layer 3 Switching Engine II (PFC2)

Examples

This example shows how to display RSVP status information:
Console> (enable) show qos rsvp info
RSVP disabled.
RSVP policy timeout set to 30 minutes.
RSVP local policy set to forward.
Console> (enable) 
This example shows how to display RSVP flow information:
Console> (enable) show qos rsvp flow-info 
RSVP enabled. Only RSVP qualitative service supported.
RSVP policy timeout set to 30 minutes.
Flow # SrcAddr         DstAddr         SrcPort DstPort Prot DSCP Time Valid
------ --------------- --------------- ------- ------- ---- ---- -----------
1         172.21.23.34    177.23.45.67    3001    3101  UDP    6          30
2         172.21.23.34    177.23.45.67    3002    3102  UDP    4          15
3         172.21.23.34    177.23.45.67    3003    3103  TCP    2          68
4         172.21.34.67    177.68.89.23    4004    4005  UDP    1          23
Console> (enable) 
Related Commands

clear qos policer
set qos rsvp

show qos statistics

To display the various QoS-related counters for a specified port, use the show qos statistics command.

show qos statistics {mod[/port]}
show qos statistics l3stats
show qos statistics aggregate-policer [policer_name]
Syntax Description

mod/port

Number of the module and, optionally, the number of the port on the module.

l3stats

Displays Layer 3 statistics information.

aggregate-policer

Displays QoS aggregate policer statistics.

policer_name

(Optional) Policer name. See the "Usage Guidelines" section for more information.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

In the show qos statistics output, the Threshold #:Packets dropped field lists each threshold and the number of packets dropped. For example, 1:0 pkt, 2:0 pkts indicates that threshold 1 and threshold 2 dropped 0 packets.

If you do not enter a policer_name argument, the system displays statistics for all QoS aggregate policers.

Every 30 seconds, QoS port statistics, QoS Layer 3 statistics, and QoS aggregate policer statistics are collected and stored. The rate for these statistics types are averaged over a 300-second period (5 minutes). When you enter the show qos statistics mod/port command, the show qos statistics l3stats command, or the show qos statistics aggregate-policer command, the average for the last 300-second period is averaged with current statistics. This average value and the peak value over the last 300-second period is part of the command output.

Examples

This example shows how to display the QoS statistics for module 5, port 1:
Console> show qos statistics 5/1 
Tx port type of port 5/1 : 2q2t
Q # Threshold #:Packets dropped; Packet drop rate (pps)
--- -----------------------------------------------
1   1:0 pkts; 0 pps; 0 pkts
1   2:0 pkts; 0 pps; 0 pkts
2   1:0 pkts; 0 pps; 0 pkts
2   2:0 pkts; 0 pps; 0 pkts
Console>
This example shows how to display the QoS Layer 3 statistics:
Console> show qos statistics average l3stats
                                     Total Packets Rate (pps)    Peak (packets)
                                     ------------- ------------- ------------- 
Packets dropped due to policing:          0             0              0
IP packets with ToS changed:              0             0              0
IP packets with CoS changed:              0             0              0
Non-IP packets with CoS changed:          0             0              0
Console>
This example shows how to display the QoS statistics for module 2:
Console> show qos statistics 2 
Warning: QoS is disabled.
On Transmit:Port 2/1 has 2 Queue(s) 2 Threshold(s)
Q #  Threshold #:Packets dropped
---  -----------------------------------------------
1    1:0 pkts, 2:0 pkts
2    1:0 pkts, 2:0 pkts
On Receive:Port 2/1 has 1 Queue(s) 4 Threshold(s)
Q #  Threshold #:Packets dropped
---  -----------------------------------------------
1    1:0 pkts, 2:0 pkts, 3:0 pkts, 4:0 pkts
On Transmit:Port 2/2 has 2 Queue(s) 2 Threshold(s)
Q #  Threshold #:Packets dropped
---  -----------------------------------------------
1    1:0 pkts, 2:0 pkts
2    1:0 pkts, 2:0 pkts
On Receive:Port 2/2 has 1 Queue(s) 4 Threshold(s)
Q #  Threshold #:Packets dropped
---  -----------------------------------------------
1    1:0 pkts, 2:0 pkts, 3:0 pkts, 4:0 pkts
Console>
This example shows how to display statistics for a QoS aggregate policer:
Console> show qos statistics aggregate-policer ag1
QoS aggregate-policer statistics:
Aggregate policer               Allowed byte   Bytes exceed 
                                count          excess rate
-----------------------         -------------- --------------
ag1                             12138176       4553555392
QoS aggregate-policer 5 minute rate statistics:
Aggregate policer               Allowed rate   Traffic exceeding 
                                (kbps)         excess rate
------------------------------- -------------- --------------
ag1                             0              0
QoS aggregate-policer Peak statistics:
Aggregate policer               Peak byte      Peak Traffic exceeding
                                count          excess rate
------------------------------- -------------- --------------
ag1                             766514432      320562695296
Console>
Related Commands

set qos
set qos drop-threshold
set qos mac-cos
set qos txq-ratio
set qos wrr

show qos statistics export info

To display QoS data export configuration and statistical information, use the show qos statistics export info command.

show qos statistics export info
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display QoS data export configuration and statistical information:
Console> (enable) show qos statistics export info
QoS Statistics Status and Configuration Information
---------------------------------------------------
Export Status: disabled.
Export time interval: 35 seconds
Export destination: Stargate, UDP port 9996
Port   Export
------ --------
 1/1    enabled
 1/2   disabled
 2/2    enabled
 2/5    enabled
 2/7    enabled      
Aggregate name  Export
--------------- --------
ipagg_1          enabled
ipagg_2         disabled
ipagg_3          enabled
Console> (enable) 
Related Commands

set qos statistics export aggregate
set qos statistics export port

show qos status

To display if QoS is enabled on the switch, use the show qos status command.

show qos status
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display if QoS is enabled on the switch:
Console> (enable) show qos status 
Qos is enabled on this switch.
DSCP rewrite has been globally disabled.
Console> (enable)
Related Commands

set qos
set qos dscp-rewrite

show radius

To display configured RADIUS parameters, use the show radius command.

show radius [noalias]
Syntax Description

noalias

(Optional) Forces the display to show IP addresses, not IP aliases.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

You can enter this command in normal or privileged mode, but the RADIUS key is displayed only if this command is entered in privileged mode.

Examples

This example shows how to display RADIUS information:
Console> show radius
Active RADIUS Server          : 0.0.0.0
RADIUS Deadtime               : 0 minutes
RADIUS Retransmit             : 2
RADIUS Timeout                : 5 seconds
Framed-Ip Address Transmit    : Disabled
RADIUS Framed MTU             : 1000 bytes
RADIUS Keepalive              : Enabled
RADIUS Keepalive Timer        : 5 minutes
RADIUS Autoinitialize Critical: Disabled
RADIUS-Server      Status  Auth-port Acct-port Resolved IP Address Operational State
------------------ ------- --------- --------- ------------------- ------------------
81.81.81.20        primary 1812      1813                          Active
10.6.89.200                1812      1813                          Dead
10.6.98.35                 1812      1813                          Checkup
Console> 
Related Commands

set radius attribute
set radius deadtime
set radius key
set radius retransmit
set radius server
set radius timeout

show rate-limit

To display rate-limiter settings and information, use the show rate-limit command.

show rate-limit [config]
Syntax Description

config

(Optional) Displays the Layer 2 rate-limiter administrative and operation status information.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

In the command output, the rate-limit status could be one of the following:

•On indicates a rate for that particular case has been set.

•Off indicates that the rate-limiter type has not been configured, and the packets for that case are not rate limited.

•On/Sharing indicates that a particular case (not manually configured) is affected by the configuration of another rate limiter belonging to the same sharing group.

The following restrictions apply if you want to enable rate limiting:

•Hardware-based rate limiters are supported on Catalyst 6500 series switches that are configured with a Distributed Forwarding Card 3A (DFC3A) or the Policy Feature Card 3 (PFC3) only.

•The Catalyst 6500 series switch cannot be in truncated mode. If you attempt to enable rate limiting and you are in truncated mode, a message appears.

If the rate limiter is enabled and some events cause the system to go from nontruncated mode to truncated mode, rate limiting is disabled and a message appears.

Examples

This example shows how to display rate-limiter settings and information:
Console> show rate-limit
Configured Rate Limiter Settings:
Rate Limiter Type    Status  Rate (pps)     Burst
-------------------- ------  -------------- -----
VACL LOG             On      2500           1
ARP INSPECTION       On      500            1
MCAST NON RPF        Off     *              *
MCAST DFLT ADJ       On      100000         100
MCAST DIRECT CON     Off     *              *
ACL INGRESS BRIDGE   Off     *              *
ACL EGRESS BRIDGE    Off     *              *
L3 SEC FEATURES      Off     *              *
FIB RECEIVE          Off     *              *
FIB GLEAN            Off     *              *
MCAST PARTIAL SC     Off     *              *
RPF FAIL             On      500            10
TTL FAIL             Off     *              *
No Route             On      500            10
ICMP UNREACHABLE     On      500            10
ICMP REDIRECT        Off     *              *
MTU Fail             Off     *              *
Console>
This example shows how to display the Layer 2 rate-limiter operational status information:
Console> show rate-limit
Configured Rate Limiter Settings:
Rate Limiter Type    Status  Rate (pps)     Burst
-------------------- ------  -------------- -----
VACL LOG             On      2500           1
ARP INSPECTION       On      500            1
L2 PDU               On      1000           1
L2 PROTOCOL TUNNEL   On      1000           1
L2 PORT SECURITY     On      1000           1
MCAST NON RPF        Off     *              *
MCAST DFLT ADJ       Off     *              *
MCAST DIRECT CON     Off     *              *
ACL INGRESS BRIDGE   Off     *              *
ACL EGRESS BRIDGE    Off     *              *
L3 SEC FEATURES      Off     *              *
FIB RECEIVE          Off     *              *
FIB GLEAN            Off     *              *
MCAST PARTIAL SC     Off     *              *
RPF FAIL             Off     *              *
TTL FAIL             Off     *              *
NO ROUTE             Off     *              *
ICMP UNREACHABLE     Off     *              *
ICMP REDRECT         Off     *              *
MTU FAIL             Off     *              *
Console> 
This example shows how to display the Layer 2 rate-limiter administrative and operation status information:

Console> show rate-limit config
Rate Limiter Type    Admin Status Oper Status
-------------------- ------------ -----------
l2pdu                On           On
l2protocol-tunnel    On           On
l2port-security      On           On
Console> 
Related Commands

set rate-limit

show rcp

To display rcp information, use the show rcp command.

show rcp
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display rcp information:
Console> (enable) show rcp
rcp username for VMPS       :xena
rcp username for SysInfoLog :sarahkiki
rcp username for others     :jdoe
Console> (enable)
Related Commands

clear rcp
set rcp username

show reset

To display scheduled reset information, use the show reset command.

show reset
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display scheduled reset information:
Console> (enable) show reset
Reset schedule for Fri Jan 21 2000, 23:00:00 (in 3 days 12 hours 56 minutes 57 seconds).
Reset reason: Software upgrade
Console> (enable)
Related Commands

reset—switch

show rgmp group

To display all multicast groups or the count of multicast groups that are joined by RGMP-capable routers, use the show rgmp group command.

show rgmp group [mac_addr] [vlan_id]
show rgmp group count [vlan_id]
Syntax Description

mac_addr

(Optional) MAC destination address reserved for the use of RGMP packets.

vlan_id

(Optional) Number of the VLAN; valid values are from 1 to 1005.

count

Displays the total number of entries in a VLAN group that are joined by RGMP-capable routers.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example displays all multicast groups joined by RGMP-capable routers:
Console> show rgmp group
Vlan          Dest MAC/Route Des    RGMP Joined Router Ports
---------------------------------------------------------------------
1             01-00-5e-00-01-28          5/1,5/15
1             01-00-5e-01-01-01          5/1
2             01-00-5e-27-23-70*         3/1,5/1
Total Number of Entries=3
`*'- Configured manually 
Console> 
This example displays the total number of entries of VLAN group 1 that are joined by RGMP-capable routers:
Console> show rgmp group count 1
RGMP enabled.
Total Number of Entries=2
Console> 
Related Commands

clear rgmp statistics
set rgmp
show rgmp statistics

show rgmp statistics

To display all the RGMP-related statistics for a given VLAN, use the show rgmp statistics command.

show rgmp statistics [vlan]
Syntax Description

vlan

(Optional) Number of the VLAN.

Defaults

The default is VLAN 1.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example displays RGMP-related statistics for a specific VLAN:
Console> show rgmp statistics 23
RGMP enabled
RGMP Statistics for vlan <23>:
Recieve:
Valid pkts:       20
Hellos:           10
Joins:            5
Leaves:           5
Join Alls:        0
Leave Alls:       0
Byes:             0
Discarded:        0
Transmit:          
Total Pkts:       10
Failures:         0
Hellos:           10
Joins:            0
Leaves:           0
Join Alls:        0
Leave Alls:       0
Byes:             0
Console> 
Related Commands

clear rgmp statistics
set rgmp
show rgmp group

show rspan

To display the remote SPAN configuration, use the show rspan command.

show rspan
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The fields displayed depends on the configuration. For example, if this is a source session, the Destination, Incoming Packets, and Learning fields are not displayed. If this is a destination session, the Admin Source, Oper Source, Direction, Multicast, Filter, and Max Bandwidth fields are not displayed. If there is no VLAN filtering on the source session, the Filter field is not displayed.

Examples

This example shows the display output from the show rspan command:
Console> (enable) show rspan
 
Destination     : -
Rspan Vlan      : 900
Admin Source    : VLAN 50
Oper Source     : Port 2/1,2/3,2/5,2/7,2/9,2/11,2/13,2/15,2/17,2/19
Direction       : receive
Incoming Packets: -
Learning        : -
Multicast       : disabled
Filter          : 10,20,30,40,500,600,700,800,900
Status          : active
 
--------------------------------------------
 
Destination     : Port 3/1
Rspan Vlan      : 901
Admin Source    : -
Oper Source     : -
Direction       : -
Incoming Packets: disabled
Learning        : disabled
Multicast       : -
Filter          : -
Status          : active
--------------------------------------------
Destination     : Port 6/1
Rspan Vlan      : 906
Admin Source    : -
Oper Source     : -
Direction       : -
Incoming Packets: disabled
Learning        : -
Multicast       : -
Filter          : -
 
--------------------------------------------
 
Destination     : -
Rspan Vlan      : 903
Admin Source    : INBAND
Oper Source     : INBAND
Direction       : transmit
Incoming Packets: -
Learning        : -
Multicast       : disabled
Filter          : -
 
--------------------------------------------
 
Destination     : Port 7/1
Rspan Vlan      : 902
Admin Source    : -
Oper Source     : -
Direction       : -
Incoming Packets: enabled
Learning        : -
Multicast       : -
Filter          : -
Console> (enable) 
Related Commands

set rspan

show running-config

To display the configuration information currently running on the switch or the configuration for a specific ACL, use the show running-config command.

show running-config [system | mod_num] [all]
show running-config acl location
show running-config qos acl {acl_name| all}
Syntax Description

system

(Optional) Displays current system configuration.

mod_num

(Optional) Number of the module.

all

(Optional) Specifies all modules and system configuration information, including the IP address.

acl location

Displays current ACL configuration information.

qos acl acl_name

Displays current QoS ACL configuration information for a specific ACL.

qos acl all

Displays current QoS ACL configuration information for all ACLs.

Defaults

The default displays only nondefault configurations.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

You can view the entire configuration by entering the all keyword.

Examples

This example shows how to display the nondefault system and module configuration:
Console> (enable) show running-config
This command shows non-default configurations only.
Use 'show config all' to show both default and non-default configurations.
..............
..................
....................
..
begin
!
# ***** NON-DEFAULT CONFIGURATION *****
!
!
#time: Mon Jun 11 2001, 08:22:17
!
#version 6.3(0.56)PAN
!
!
#!
#vtp
set vtp domain dan
set vtp mode transparent
set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active
set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state acti
e stp ieee
set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active s
p ibm
set vlan 2,10-11
set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state act
ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off
!
#ip
set interface sc0 1 172.20.52.19/255.255.255.224 172.20.52.31
set ip route 0.0.0.0/0.0.0.0         172.20.52.1
!
#set boot command
set boot config-register 0x10f
set boot system flash bootflash:cat6000-sup2-d.6-3-0-56-PAN.bin
set boot system flash bootflash:cat6000-sup2-d.6-3-0-54-PAN.bin
set boot system flash bootflash:cat6000-sup2-d.6-3-0-46-PAN.bin
set boot system flash bootflash:cat6000-sup2-d.6-3-0-44-PAN.bin
set boot system flash bootflash:
!
#qos
set qos wred 1p2q2t tx queue 1 60:80 80:100
set qos wred 1p2q2t tx queue 2 60:80 80:100
set qos wred 1p3q1t tx queue 1 80:100
set qos wred 1p3q1t tx queue 2 80:100
set qos wred 1p3q1t tx queue 3 80:100
!
#mmls nonrpf
set mmls nonrpf timer 0
!
#security ACLs
clear security acl all
#pbf set
set pbf mac 00-01-64-61-39-c3
#adj set
set security acl adjacency ADJ2 10 00-00-00-00-00-0a 00-00-00-00-00-0b mtu 9600
#
commit security acl all
!
# default port status is enable
!
!
#module 1 empty
!
#module 2 : 2-port 1000BaseX Supervisor
!
#module 3 : 48-port 10/100BaseTX Ethernet
set vlan 10   3/1
set vlan 11   3/2
!
#module 4 empty
!
#module 5 : 0-port Switch Fabric Module
!
#module 6 empty
!
#module 7 empty
!
#module 8 empty
!
#module 9 empty
!
#module 15 empty
!
#module 16 empty
end
Console> (enable)
This example shows how to display the nondefault system configuration for module 3:
Console> (enable) show running-config 3
This command shows non-default configurations only.
Use 'show config <mod> all' to show both default and non-default configurations.
....................
begin
!
# ***** NON-DEFAULT CONFIGURATION *****
!
!
#time: Mon Jun 11 2001, 08:33:25
!
# default port status is enable
!
!
#module 3 : 48-port 10/100BaseTX Ethernet
set vlan 10   3/1
set vlan 11   3/2
end
Console> (enable)
Related Commands

clear config
show startup-config
write

show security acl

To display the contents of the VACL that are currently configured or last committed to NVRAM and hardware, use the show security acl command.

show security acl
show security acl [editbuffer]
show security acl info {acl_name | adjacency | all} [editbuffer [editbuffer_index] |
statistics [ace_index]]
Syntax Description

editbuffer

(Optional) Displays the VACLs in the edit buffer.

info

Displays the contents of a VACL that were last committed to NVRAM and hardware.

acl_name

Name of the VACL to be displayed.

adjacency

Displays adjacency information.

all

Displays all ACL information.

editbuffer_index

(Optional) Name of the edit buffer index.

statistics

(Optional) Displays statistics for the specified ACL.

ace_index

(Optional) Name of the ACE index in the ACL list.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

In the output for the show security acl command, the (Statistics) field displays whether or not statistics are enabled for a specific ACL or VLAN. The field displays the following:

•Disable—Statistics are not enabled on the ACL.

•Enable—Statistics are enabled on the ACL.

•The numbers show the VLANS where per-VLAN statistics are enabled ("2-3" in the first example).

In the output for the show security acl info {acl_name | all} command, the redirect port for redirect entries is shown with an asterisk (*) next to it.

Examples

This example shows how to display the name and type of the VACLs currently configured:
Console> show security acl
ACL                               Type    VLANS     (Statistics)
--------------------------------  ----    -----     -------------------
ip1                               IP      2-9       (2-3 Enable )
ip2                               IP       10       ( Disable )
ip3                               IP       11       ( Disable )
Console>
This example shows how to display VACLs in the edit buffer:
Console> show security acl editbuffer
ACL                               Type Status
--------------------------------  ---- -------------------
ip1                               IP   Committed
ip2                               IP   Committed
ip3                               IP   Committed
ipx1                              IPX  Committed
ipx2                              IPX  Committed
ipx3                              IPX  Committed
mac2                              MAC  Committed
iplast                            IP   Committed
Console>
This example shows how to display the configuration for a specified VACL last committed to NVRAM and hardware:
Console> show security acl info ip1
set security acl ip ip1
---------------------------------------------------
1. permit any 
Console>
This example shows how to display the configuration for all VACLs last committed to NVRAM and 
hardware:
Console> show security acl info all
set security acl adjacency a_1
---------------------------------------------------
1. 2 00-0a-0a-0a-0a-0a
set security acl adjacency a_2
---------------------------------------------------
1. 2 00-0a-0a-0a-0a-0b
set security acl adjacency a_3
---------------------------------------------------
1. 2 00-0a-0a-0a-0a-0c
set security acl adjacency a_4
---------------------------------------------------
1. 2 00-0a-0a-0a-0a-0d
set security acl adjacency b_1
---------------------------------------------------
1. 1 00-20-20-20-20-20
set security acl adjacency b_2
---------------------------------------------------
1. 1 00-20-20-20-20-21
set security acl adjacency b_3
---------------------------------------------------
1. 1 00-20-20-20-20-22
set security acl adjacency b_4
---------------------------------------------------
1. 1 00-20-20-20-20-23
set security acl ip ip1
---------------------------------------------------
arp permit
1. redirect a_1 ip host 44.0.0.1 host 43.0.0.1
2. redirect a_2 ip host 44.0.0.2 host 43.0.0.2
3. redirect a_3 ip host 44.0.0.3 host 43.0.0.3
4. redirect a_4 ip host 44.0.0.4 host 43.0.0.4
5. permit ip any any
set security acl ip ip2
---------------------------------------------------
arp permit
1. redirect b_1 ip host 43.0.0.1 host 44.0.0.1
2. redirect b_2 ip host 43.0.0.2 host 44.0.0.2
3. redirect b_3 ip host 43.0.0.3 host 44.0.0.3
4. redirect b_4 ip host 43.0.0.4 host 44.0.0.4
5. permit ip any any
Console>
This example shows how to display the contents of the VACL edit buffer:
Console> show security acl info ip1 editbuffer
set security acl ip ip1
---------------------------------------------------
1. permit any 
ACL Status:Committed
Console>
The output of this example shows which port is the redirect port for redirect entries. The redirect port has an asterisk (*) next to it:
Console> (enable) show security acl info all
set security acl ip ip1
---------------------------------------------------
arp permit
1. redirect 3/1* ip any any
2. redirect 3/6 ip any any
This example shows how to display statistics for the specified ACL:
Console> show security acl info ACL1 statistics
Vlan: 1
set security acl ip ACL1 statistics
---------------------------------------------------
arp permit in: 132 out: 132
1. permit ip any any 
2. permit ip any any statistics  in: 0 out: 0
Console>
Related Commands

clear security acl
commit
rollback

show security acl arp-inspection

To display Address Resolution Protocol (ARP) inspection information, use the show security acl arp-inspection command.

show security acl arp-inspection config
show security acl arp-inspection statistics [acl_name]
Syntax Description

config

Displays ARP inspection configuration information.

statistics

Displays the number of packets permitted and denied by the ARP inspection task.

acl_name

(Optional) ACL name.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display the global ARP inspection configuration:
Console> show security acl arp-inspection config
ARP Inspection match-mac feature is enabled.
Address-validation feature is disabled.
Console>
This example shows how to display global ARP inspection statistics:
Console> show security acl arp-inspection statistics
ARP Inspection statistics
Packets forwarded = 0
Packets dropped = 0
RARP packets (forwarded) = 0
Packets for which Match-mac failed = 0
Packets for which Address Validation failed = 0
IP packets dropped = 0
Console>
Related Commands

set security acl arp-inspection

show security acl capture-ports

To display the capture port list, use the show security acl capture-ports command.

show security acl capture-ports
Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to display capture port list entries:
Console> (enable) show security acl capture-ports 
ACL Capture Ports: 1/2,2/2
Console> (enable) 
Related Commands

clear security acl capture-ports
set security acl capture-ports

show security acl cram

To display information about CRAM, use the show security acl cram command.

show security acl cram
Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal

Usage Guidelines

This command displays whether or not the automatic execution of the CRAM feature is enabled. It also shows the last time the CRAM feature was successfully executed.

Examples

This example shows how to display information about the CRAM feature:
Console> show security acl cram
Cram auto mode is enabled. Timer is 300.
Cram last run on Fri Jun 18 2004, 10:06:29
Security ACL mask usage before: 0.17%
Security ACL mask usage after: 0.12%
Total number of cram executions = 2
Console>
Related Commands

clear security acl cram
set security acl cram

show security acl downloaded-acl

To display information about downloaded ACLs, use the show security acl downloaded-acl command.

show security acl downloaded-acl
show security acl downloaded-acl user-map
show security acl downloaded-acl port [mod/port]
show security acl downloaded-acl ipphone-map
Syntax Description

user-map

Displays the mapping between the user and the downloaded ACL.

port

Displays the downloaded ACL information for a given port.

mod

(Optional) Number of the module.

port

(Optional) Number of the port on the module.

ipphone-map

Displays the IP phone mapping information for ports with downloaded ACLs.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Enabled.

Usage Guidelines

This command displays a summary of downloaded ACLs. This command also shows the date and time each ACL was downloaded. You can also display the mapping between the user and downloaded ACLs, the downloaded ACL information for a given port, and the IP phone mapping information for ports with downloaded ACLs.

Examples

This example shows how to display downloaded ACL information:
Console> (enable) show security acl downloaded-acl all
Downloaded ACL Summary: 
    ACL Name                          Date/Time                      
--------------------------------------------------------------
  1.#ACSACL#-IP-test_acl2-44cf4bcd    Tue Aug 1 2006, 03:14:54      
  2.#ACSACL#-IP-lpipacl-44a100c7      Tue Aug 1 2006, 03:04:56      
This example shows detailed information about a downloaded ACL:
Console> (enable) show security acl downloaded-acl #ACSACL#-IP-test_acl2-44cf4bcd
Downloaded ACE's for #ACSACL#-IP-test_acl2-44cf4bcd :
  1. permit ip any host 10.1.1.1 
  2. permit tcp any host 100.1.1.3 
  3. permit udp any host 10.76.88.34 
  4. deny ip any host 9.6.5.7 
  5. deny tcp any host 2.3.4.5 
  6. deny udp any host 3.4.5.5 
  7. permit icmp any host 100.1.1.5
This example shows how to display mapping information about a downloaded ACL:
Console> (enable) show security acl downloaded-acl user-map
Downloaded ACL User Map: 
ACL Name : #ACSACL#-IP-test_acl2-44cf4bcd
User Count : 1
Num of Aces : 7
     Ip Address                          mNo/pNo     Feature
------------------------------------------------------------
  1. 10.1.1.5                              3/13      dot1x
This example shows how to display host information on a port:
Console> (enable) show security acl downloaded-acl port 3/45
Port  IP Address       Feature    Downloaded ACL
----- ---------------- ---------- ----------------------------
3/45  9.6.2.233        dot1x      #ACSACL#-IP-testacl-44c7197a
This example shows how to display host information on a port:
Port  IP Address
----- ------------------------------
3/45  10.1.1.5
Related Commands

set security acl ip

show security acl feature ratelimit

To display the rate at which packets are sent by security ACL features to the supervisor engine for processing and to display the features that share this rate limit value, use the show security acl feature ratelimit command.

show security acl feature ratelimit
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display rate limit information:
Console> show security acl feature ratelimit
Rate limit value in packets per second = 1000
Features set for rate limiting = ARP Inspection, DHCP Snooping, and Dot1x DHCP
Related Commands

set security acl feature ratelimit

show security acl log

To display VACL log information, use the show security acl log command.

show security acl log config
show security acl log flow protocol {src_ip_spec | dest_ip_spec} [vlan vlan_num]
show security acl log flow {ip} {src_ip_spec | dest_ip_spec} [vlan vlan_num]
show security acl log flow {icmp | 1} {src_ip_spec | dest_ip_spec} [icmp_type [icmp_code]] [vlan vlan_num]
show security acl log flow {tcp | 6} {{src_ip_spec [operator port [port]]} | {dest_ip_spec [operator port [port]]}} [vlan vlan_num]
show security acl log flow {udp | 17} src_ip_spec [operator port [port]] dest_ip_spec [operator port [port]] [vlan vlan_num]
show security acl log flow arp [host IP_Address [vlan vlan_num]]
Syntax Description

config

Displays the VACL log configuration information including the maximum number of the flow pattern and redirect rate.

flow

Displays the flow information specified by the arguments since its last syslog report.

protocol

Keyword or number of an IP protocol; valid numbers are from 0 to 255 representing an IP protocol number. See the "Usage Guidelines" section for the list of valid keywords.

src_ip_spec

Source IP address and the source mask. See the "Usage Guidelines" section for the format.

dest_ip_spec

Destination IP address and the destination mask. See the "Usage Guidelines" section for the format.

vlan vlan_num

(Optional) Number of the VLAN to be displayed; valid values are from 1 to 4094.

ip

Matches any IP packets.

icmp | 1

Matches ICMP packets.

icmp_type

(Optional) ICMP message type name or a number; valid values are from 0 to 255. See the "Usage Guidelines" section for a list of valid names.

icmp_code

(Optional) ICMP message code name or a number; valid values are from 0 to 255. See the "Usage Guidelines" section for a list of valid names.

tcp | 6

Matches TCP packets.

operator

(Optional) Operands; valid values include lt (less than), gt (greater than), eq (equal), neq (not equal), and range (inclusive range).

port

(Optional) Number or name of a TCP or UDP port; valid port numbers are from 0 to 65535. See the "Usage Guidelines" section for a list of valid names.

udp | 17

Matches UDP packets.

arp

Displays all logged ARP packets.

host IP_Address

(Optional) Specifies the IP address of an IP host.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

This command is supported on systems configured with Supervisor Engine 2 with Layer 3 Switching Engine II (PFC2) only.

Configurations you make by entering this command are saved to NVRAM and hardware only after you enter the commit command. Enter ACEs in batches and then enter the commit command to save them in NVRAM and in the hardware.

When you specify the source IP address and the source mask, use the form source_ip_address source_mask and follow these guidelines:

•The source_mask is required; 0 indicates a care bit, 1 indicates a don't-care bit.

•Use a 32-bit quantity in four-part dotted-decimal format.

•Use the keyword any as an abbreviation for a source and source-wildcard of 0.0.0.0 255.255.255.255.

•Use host source as an abbreviation for a source and source-wildcard of source 0.0.0.0.

Valid protocol keywords include icmp (1), ip, ipinip (4), tcp (6), udp (17), igrp (9), eigrp (88), gre (47), nos (94), ospf (89), ahp (51), esp (50), pcp (108), and pim (103). The IP number is displayed in parentheses. Use the keyword ip to match any Internet Protocol.

ICMP packets that are matched by ICMP message type can also be matched by the ICMP message code.

Valid names for icmp_type and icmp_code are administratively-prohibited, alternate-address, conversion-error, dod-host-prohibited, dod-net-prohibited, echo, echo-reply, general-parameter-problem, host-isolated, host-precedence-unreachable, host-redirect, host-tos-redirect, host-tos-unreachable, host-unknown, host-unreachable, information-reply, information-request, mask-reply, mask-request, mobile-redirect, net-redirect, net-tos-redirect, net-tos-unreachable, net-unreachable, network-unknown, no-room-for-option, option-missing, packet-too-big, parameter-problem, port-unreachable, precedence-unreachable, protocol-unreachable, reassembly-timeout, redirect, router-advertisement, router-solicitation, source-quench, source-route-failed, time-exceeded, timestamp-reply, timestamp-request, traceroute, ttl-exceeded, and unreachable.

If the operator is positioned after the source and source-wildcard, it must match the source port. If the operator is positioned after the destination and destination-wildcard, it must match the destination port. The range operator requires two port numbers. All other operators require one port number.

TCP port names can be used only when filtering TCP. Valid names for TCP ports are bgp, chargen, daytime, discard, domain, echo, finger, ftp, ftp-data, gopher, hostname, irc, klogin, kshell, lpd, nntp, pop2, pop3, smtp, sunrpc, syslog, tacacs-ds, talk, telnet, time, uucp, whois, and www.

UDP port names can be used only when filtering UDP. Valid names for UDP ports are biff, bootpc, bootps, discard, dns, dnsix, echo, mobile-ip, nameserver, netbios-dgm, netbios-ns, ntp, rip, snmp, snmptrap, sunrpc, syslog, tacacs-ds, talk, tftp, time, who, and xdmcp.

The number listed with the protocol type is the layer protocol number (for example, udp | 17).

Examples

This example shows how to display VACL log information:
Console> (enable) show security acl log config
VACL LOG Configration
-------------------------------------------------------------
Max Flow Pattern    : 512
Redirect Rate (pps) : 1000
Console> (enable) 
This example shows how to display the flow information:
Console> (enable) show security acl log flow ip vlan 1
Total matched entry number = 1
Entry No. #1, IP Packet
----------------------------------------
Vlan Number            : 1
Mod/Port Number        : 2/1
Source IP address      : 21.0.0.0
Destination IP address : 255.255.255.255
TCP Source port        : 2000
TCP Destination port   : 3000
Received Packet Number : 10
Console> (enable) 
Related Commands

clear security acl log flow
set security acl log

show security acl map

To display ACL-to-VLAN or ACL-to-port mapping for a specific ACL, port, or VLAN, use the show security acl map command.

show security acl map {config | runtime} {acl_name | mod/port | vlan | all | all-vlans | all-ports}
Syntax Description

config

Displays ACL mapping that is stored in NVRAM.

runtime

Displays ACL mapping that is programmed in hardware.

acl_name

Name of the ACL to be displayed.

mod/port

Number of the module and the port on the module.

vlan

Number of the VLAN to be displayed; valid values are from 1 to 4094.

all

Displays all ACL mappings.

all-vlans

Displays all VACL mappings.

all-ports

Displays all PACL mappings.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display the mappings of a specific ACL:
Console> show security acl map IPACL1
ACL IPACL1 is mapped to VLANs:
1
Console>
This example shows how to display the mappings of a specific VLAN:
Console> show security acl map 1
VLAN 1 is mapped to IP ACL IPACL1.
VLAN 1 is mapped to IPX ACL IPXACL1.
VLAN 1 is mapped to MAC ACL MACACL1.
Console>
This example shows how to display all ACL mappings that are stored in NVRAM:
Console> show security acl map config all
ACL Name                         Type Ports/Vlans
-------------------------------- ---- --------------
ipacl1                           IP   11
ipacl2                           IP   3/1
Console>
This example shows how to display ACL mappings that are stored in NVRAM for all ports:
Console> show security acl map config all-ports
ACL Name                         Type Ports
-------------------------------- ---- --------------
ipacl2                           IP   3/1
Console>
This example shows how to display the ACL mapping that is programmed in hardware for a specific port:
Console> show security acl map runtime 3/1 
Port 3/1 is mapped to IP ACL ipacl1.
Console>
This example shows how to display the ACL mapping for a specific VLAN:
Console> show security acl map runtime 1
Vlan ACL name                         Type
---- -------------------------------- ----
   1 ipacl2                           IP
Console>
Related Commands

clear security acl map
commit
rollback
set security acl map

show security acl resource-usage

To display VACL management information, use the show security acl resource-usage command.

show security acl resource-usage
Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Usage Guidelines

The switch interface mapping table that associates an interface (for example, VLANs) into flows programmed in TCAM.

Hardware resources are used to calculate Layer 4 port operation; for example, if you enter the permit tcp any lt 20 host 1.2.3.4 gt 30 command, "lt 20" and "gt 30" are the Layer 4 port operation.

Examples

This example shows how to display VACL management information:
Console> (enable) show security acl resource-usage
ACL resource usage:
ACL storage (mask/value) :(50%/19%)
ACL to switch interface mapping table :2%
ACL layer 4 port operators :0%
Console> (enable) 
Table 2-86 describes the possible fields in the show security acl resource-usage command output.

Table 2-86 show security acl resource-usage Command Output Fields

Field

Description

ACL storage (mask/value)

Status of mask entry usage, where mask is the percentage of mask entries used, and value is the percentage of value entries currently used.

ACL to switch interface mapping table

Percentage of ACL to switch interface mapping table usage.

ACL layer 4 port operators

Percentage of ACL Layer 4 port operators.

Related Commands

clear security acl
commit
rollback

show security acl tcam interface

To display the TCAM details for a specified VLAN, use the show security acl tcam interface command.

show security acl tcam interface vlan
Syntax Description

vlan

Number of the VLAN; valid values are from 1 to 4094.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal.

Examples

This example shows how to display TCAM details for the specified VLAN:
Console> (enable) show security acl tcam interface 1
Input 
0. permit arp (matches 45745)
1. deny (l3) tcp any any fragment (matches 0)
2. deny (l3) ip host 21.0.0.130 any (matches 0)
3. deny (l3) udp 1.2.2.0 0.0.0.255 any (matches 0)
4. deny (l3) tcp any any 2001 (matches 0)
5. deny (l3) ip host 21.0.0.128 any (matches 0)
6. deny ip any any (matches 3)
Output
0. permit arp (matches 0)
1. deny (l3) tcp any any fragment (matches 0)
2. deny (l3) ip host 21.0.0.130 any (matches 0)
3. deny (l3) udp 1.2.2.0 0.0.0.255 any (matches 0)
4. deny (l3) tcp any any 2001 (matches 0)
5. deny (l3) ip host 21.0.0.128 any (matches 0)
6. deny (l3) ip any any (matches 0)
Console> (enable)
Table 2-87 describes the possible fields in the show security acl tcam interface command output.

Table 2-87 show security acl tcam interface Command Output Fields

Field

Description

deny (l3)

Layer 3 traffic is denied; Layer 2 traffic is permitted.

redirect (l3)

Only Layer 3 traffic is redirected.

bridge

Traffic that hits this entry is bridged.

redirect (adj)

Traffic is rewritten by the adjacency information.

show snmp

To display SNMP information, use the show snmp command.

show snmp [noalias]
Syntax Description

noalias

(Optional) Keyword that forces the display to show IP addresses, not IP aliases.

Defaults

This command has no default settings.

Command Types

Switch command.

Command Modes

Normal and privileged.

Usage Guidelines

If you enter show snmp in privileged mode, the output display includes information for the read-only, the read-write, and the read-write-all community strings. If you enter show snmp in normal mode, the display includes only information for the read-only community string.

Examples

This example shows SNMP information when you enter the show snmp command in normal mode:
Console> show snmp
RMON:                       Disabled
Extended RMON Netflow Enabled : None.
Memory usage limit for new RMON entries: 85 percent
EngineId:00:00:00:09:00:01:64:41:5e:00:00:00
Chassis Alias:my chassis
Traps Enabled:
None
Port Traps Enabled: None
Community-Access     Community-String
----------------     --------------------
read-only            public
Trap-Rec-Address                           Trap-Rec-Community
----------------------------------------   --------------------
192.122.173.42                             public
Console> 
This example shows SNMP information when you enter the show snmp command in privileged mode:
Console> (enable) show snmp
SNMP:Enabled
RMON:Disabled
Extended RMON:Extended RMON module is not present
Extended RMON Netflow:Disabled
Extended RMON Vlanmode:Disabled
Extended RMON Vlanagent:Disabled
EngineId:00:00:00:09:00:01:64:41:5e:00:00:00
Chassis Alias:my chassis
Traps Enabled:
None
Port Traps Enabled:None
Community-Access Community-String
---------------- --------------------
read-only        public
read-write       private
read-write-all   secret
Trap-Rec-Address Trap-Rec-Community Trap-Rec-Port Trap-Rec-Owner Trap-Rec-Index
---------------- ------------------ ------------- -------------- --------------
Console> (enable)
Table 2-88 describes the possible fields (depending on the port type queried) in the show snmp command output.

Table 2-88 show snmp Command Output Fields

Field

Description

SNMP

Status of whether SNMP processing is enabled or disabled.

RMON

Status of whether RMON is enabled or disabled.

Extended RMON

Status of whether extended RMON is enabled or disabled.

Extended RMON Netflow

Status of whether extended RMON Netflow is enabled or disabled.

Extended RMON Vlanmode

Status of whether extended RMON VLAN mode is enabled or disabled.

Extended RMON Vlanagent

Status of whether extended RMON VLAN agent is enabled or disabled.

EngineId

SNMP engine identifier.

Chassis Alias

Chassis entPhysicalAlias.

Traps Enabled

Trap types that are enabled.

Port Traps Enabled

Set of ports whose linkup/linkdown trap is enabled.

Community-Access

Configured SNMP communities.

Community-String

SNMP community strings associated with each SNMP community.

Trap-Rec-Address

IP address or IP alias of trap receiver hosts.

Trap-Rec-Community

SNMP community string used for trap messages to the trap receiver.

Related Commands

set snmp
set snmp chassis-alias
set snmp rmon
set snmp trap