- cdp
- clear mac address-table dynamic
- clear spanning-tree counters
- clear spanning-tree detected-protocol
- clear vtp counters
- errdisable detect cause
- errdisable recovery cause
- errdisable recovery interval
- feature private-vlan
- feature vtp
- instance vlan
- ip igmp snooping (EXEC)
- ip igmp snooping (VLAN)
- link debounce
- lldp
- lldp tlv-set
- mac address-table aging-time
- mac address-table loop-detect port-down
- mac address-table notification
- mac address-table static
- mac-learn
- name (VLAN configuration)
- name (MST configuration)
- negotiate auto
- private-vlan
- private-vlan association
- private-vlan synchronize
- revision
- show consistency-checker l2
- show consistency-checker membership vlan
- show consistency-checker stp-state vlan
- show ip igmp snooping
- show lldp
- show mac-address-table
- show mac address-table aging-time
- show mac address-table count
- show mac address-table notification
- show mac address-table
- show running-config spanning-tree
- show running-config vlan
- show running-config vtp
- show spanning-tree
- show spanning-tree active
- show spanning-tree bridge
- show spanning-tree brief
- show spanning-tree detail
- show spanning-tree interface
- show spanning-tree mst
- show spanning-tree root
- show spanning-tree summary
- show spanning-tree vlan
- show udld
- show vlan
- show vlan dot1Q tag native
- show vlan id
- show vlan private-vlan
- show vtp counters
- show vtp interface
- show vtp password
- show vtp status
- shutdown (VLAN configuration)
- spanning-tree bpdufilter
- spanning-tree bpduguard
- spanning-tree bridge
- spanning-tree cost
- spanning-tree guard
- spanning-tree link-type
- spanning-tree loopguard default
- spanning-tree mode
- spanning-tree mst configuration
- spanning-tree mst cost
- spanning-tree mst forward-time
- spanning-tree mst hello-time
- spanning-tree mst max-age
- spanning-tree mst max-hops
- spanning-tree mst port-priority
- spanning-tree mst priority
- spanning-tree mst root
- spanning-tree mst simulate pvst
- spanning-tree mst simulate pvst global
- spanning-tree pathcost method
- spanning-tree port type edge
- spanning-tree port type edge bpdufilter default
- spanning-tree port type edge bpduguard default
- spanning-tree port type edge default
- spanning-tree port type network
- spanning-tree port type network default
- spanning-tree port-priority
- spanning-tree vlan
- state
- storm-control
- svi enable
- switchport access vlan
- switchport mode private-vlan host
- switchport mode private-vlan promiscuous
- switchport monitor rate-limit
- switchport private-vlan host-association
- switchport private-vlan mapping
- vlan
- vlan dot1Q tag native
- vtp (interface)
- vtp domain
- vtp file
- vtp mode
- vtp password
- vtp version
Layer 2 Commands
This chapter describes the Cisco NX-OS Layer 2 commands available on Cisco Nexus 3000 Series switches.
cdp
To enable the Cisco Discovery Protocol (CDP) and configure CDP attributes, use the cdp command. To disable CDP or reset CDP attributes, use the no form of this command.
cdp { advertise { v1 | v2 } | enable | format device-id { mac-address | serial-number | system-name } | holdtime seconds | timer seconds }
no cdp { advertise | enable | format device-id { mac-address | serial-number | system-name } | holdtime seconds | timer seconds }
Syntax Description
Command Default
Command Modes
Switch profile configuration mode
Command History
|
|
|
Examples
This example shows how to configure CDP advertisements on a switch profile:
This example shows how to configure the MAC address as the CDP device ID in a switch profile:
This example shows how to enable CDP on all Ethernet interfaces:
This example shows how to configure the MAC address as the CDP device ID:
This example shows how to disable CDP on all Ethernet interfaces:
Related Commands
|
|
|
|---|---|
Displays information about the switch profile and the configuration revision. |
|
clear mac address-table dynamic
To clear the dynamic address entries from the MAC address table, use the clear mac address-table dynamic command.
clear mac address-table dynamic [[ address mac-addr ] | [ interface { ethernet slot / port | port-channel number }]] [ vlan vlan-id ]
Syntax Description
Command Default
Command Modes
EXEC mode
Global configuration mode
Switch profile configuration mode
Command History
|
|
|
Usage Guidelines
Use the clear mac address-table dynamic command with no arguments to remove all dynamic entries from the table.
To clear static MAC addresses from the table, use the no mac address-table static command.
If the clear mac address-table dynamic command is entered with no options, all dynamic addresses are removed. If you specify an address but do not specify an interface, the address is deleted from all interfaces. If you specify an interface but do not specify an address, the switch removes all addresses on the specified interfaces.
Examples
This example shows how to clear all the dynamic entries from the MAC address table:
mac address-table dynamic
This example shows how to clear all the dynamic entries from the MAC address table for VLAN 2:
mac address-table dynamic vlan 2
This example shows how to clear all the dynamic entries from the MAC address table in a switch profile:
Related Commands
|
|
|
|---|---|
Displays information about the switch profile and the configuration revision. |
|
clear spanning-tree counters
To clear the counters for the Spanning Tree Protocol (STP), use the clear spanning-tree counters command.
clear spanning-tree counters [ interface { ethernet interface | port-channel channel }] [ vlan vlan-id ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
You can clear all the STP counters on the entire switch, per VLAN, or per interface.
Examples
This example shows how to clear the STP counters for VLAN 5:
switch# clear spanning-tree counters vlan 5
Related Commands
|
|
|
|---|---|
clear spanning-tree detected-protocol
To restart the protocol migration, use the clear spanning-tree detected-protocol command. With no arguments, the command is applied to every port of the switch.
clear spanning-tree detected-protocol [ interface { ethernet interface | port-channel channel }]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Rapid per VLAN Spanning Tree Plus (Rapid PVST+) and Multiple Spanning Tree (MST) have built-in compatibility mechanisms that allow them to interact properly with other versions of IEEE spanning tree or other regions. For example, a switch running Rapid PVST+ can send 802.1D bridge protocol data units (BPDUs) on one of its ports when it is connected to a legacy device. An MST switch can detect that a port is at the boundary of a region when it receives a legacy BPDU or an MST BPDU that is associated with a different region.
These mechanisms are not always able to revert to the most efficient mode. For example, a Rapid PVST+ switch that is designated for a legacy 802.1D bridge stays in 802.1D mode even after the legacy bridge has been removed from the link. Similarly, an MST port assumes that it is a boundary port when the bridges to which it is connected have joined the same region.
To force a port to renegotiate with its neighbors, enter the clear spanning-tree detected-protocol command.
Examples
This example shows how to restart the protocol migration on a specific interface:
switch# clear spanning-tree detected-protocol interface ethernet 1/4
Related Commands
|
|
|
|---|---|
clear vtp counters
To clear VLAN Trunking Protocol (VTP) counters, use the clear vtp counters command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Use this command to clear the VTP statistics, such as the VTP requests, VTP advertisements, and configuration revisions.
Examples
This example shows how to clear the VTP counters:
Related Commands
|
|
|
|---|---|
errdisable detect cause
To enable error-disable (err-disabled) detection in an application, use the errdisable detect cause command. To disable error disable detection, use the no form of this command.
errdisable detect cause { all | link-flap | loopback }
no errdisable detect cause { all | link-flap | loopback }
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
When error disable detection is enabled and a cause is detected on an interface, the interface is placed in an err-disabled state, which is an operational state that is similar to the link-down state.
Examples
This example shows how to enable the err-disabled detection on linkstate-flapping:
Related Commands
|
|
|
|---|---|
errdisable recovery cause
To configure the application to bring the interface out of the error-disabled (err-disabled) state and retry coming up, use the errdisable recovery cause command. To revert to the defaults, use the no form of this command.
errdisable recovery cause { all | bpduguard | failed-port-state | link-flap-recovery | pause-rate-limit | storm-control | udld }
no errdisable recovery cause { all | bpduguard | failed-port-state | link-flap-recovery | pause-rate-limit | storm-control | udld }
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
When an error-disables recovery is enabled, the interface automatically recovers from the error-disabled state, and the device retries bringing the interface up.
Examples
This example shows how to enable an error-disabled recovery from linkstate flapping:
This example shows how to enable an error-disabled recovery from storm control error disabled state:
Related Commands
|
|
|
|---|---|
errdisable recovery interval
To configure the recovery time interval to bring the interface out of the error-disabled (err-disabled) state, use the errdisable recovery interval command. To revert to the defaults, use the no form of this command.
errdisable recovery interval time
no errdisable recovery interval
Syntax Description
Error disable recovery time interval. The range is from 30 to 65535 seconds. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
When error disable recovery is enabled, the interface automatically recovers from the err-disabled state, and the device retries bringing the interface up.
Examples
This example shows how to enable error disable recovery time interval to 100 seconds:
Related Commands
|
|
|
|---|---|
feature private-vlan
To enable private VLANs, use the feature private-vlan command. To return to the default settings, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
The private VLAN commands are not available until you enable the private VLAN feature.
You cannot disable the private VLANs if there are operational ports on the switch that are in private VLAN mode.
Note
A private VLAN-isolated port on a Cisco Nexus 3000 Series switch running the current release of Cisco NX-OS does not support IEEE 802.1Q encapsulation and cannot be used as a trunk port.
Examples
This example shows how to enable private VLAN functionality on the switch:
switch(config)# feature private-vlan
Related Commands
feature vtp
To enable VLAN Trunking Protocol (VTP), use the feature vtp command. To disable VTP, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to enable VTP on the switch:
Related Commands
|
|
|
|---|---|
instance vlan
To map a VLAN or a set of VLANs to a Multiple Spanning Tree instance (MSTI), use the instance vlan command. To delete the instance and return the VLANs to the default instance (Common and Internal Spanning Tree [CIST]), use the no form of this command.
instance instance-id vlan vlan-id
no instance instance-id [ vlan vlan-id ]
Syntax Description
Instances to which the specified VLANs are mapped. The range is from 0 to 4094. |
|
Specifies the number of the VLANs that you are mapping to the specified MSTI. The VLAN ID range is from 1 to 4094. |
Command Default
No VLANs are mapped to any MST instance (all VLANs are mapped to the CIST instance).
Command Modes
Command History
|
|
|
Usage Guidelines
The VLAN identifier is entered as a single value or a range.
The mapping is incremental, not absolute. When you enter a range of VLANs, this range is added to or removed from the existing instances.
Any unmapped VLAN is mapped to the CIST instance.
When you change the VLAN-to-MSTI mapping, the system restarts MST.
Examples
This example shows how to map a range of VLANs to MSTI 4:
switch(config)# spanning-tree mst configuration
switch(config-mst)# instance 4 vlan 100-200
Related Commands
|
|
|
|---|---|
ip igmp snooping (EXEC)
To enable Internet Group Management Protocol (IGMP), use the ip igmp snooping command. To disable IGMP snooping, use the no form of this command.
Syntax Description
Command Default
Note If the global setting is disabled, then all VLANs are treated as disabled, whether they are enabled or not.
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to enable IGMP snooping:
Related Commands
|
|
|
|---|---|
ip igmp snooping (VLAN)
To configure Internet Group Management Protocol (IGMP) on a VLAN, use the ip igmp snooping command. To negate the command or return to the default settings, use the no form of this command
Syntax Description
Parameter to configure. See the “Usage Guidelines” section for additional information. |
Command Default
Command Modes
VLAN configuration mode
Switch profile VLAN configuration mode
Command History
|
|
|
|---|---|
Support was added for the following IGMP parameters in a switch profile: |
Usage Guidelines
Table 1 lists the valid values for parameter.
Examples
This example shows how to configure IGMP snooping parameters for VLAN 5:
Related Commands
|
|
|
|---|---|
link debounce
To enable the debounce timer on an interface, use the link debounce command. To disable the timer, use the no form of this command.
link debounce [ time milliseconds ]
Syntax Description
(Optional) Specifies the extended debounce timer. The range is from 0 to 5000 milliseconds. A value of 0 milliseconds disables the debounce time. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
The port debounce time is the amount of time that an interface waits to notify the supervisor of a link going down. During this time, the interface waits to see if the link comes back up. The wait period is a time when traffic is stopped.
When you enable the debounce timer, link up and link down detections are delayed, resulting in a loss of traffic during the debounce period. This situation might affect the convergence of some protocols.
Examples
This example shows how to enable the debounce timer and set the debounce time to 1000 milliseconds for an Ethernet interface:
This example shows how to disable the debounce timer for an Ethernet interface:
Related Commands
|
|
|
|---|---|
lldp
To configure the Link Layer Discovery Protocol (LLDP) global options, use the lldp command. To remove the LLDP settings, use the no form of this command.
lldp { holdtime seconds | reinit seconds | timer seconds | tlv-select { dcbxp | management-address [v4 | v6] | port-description | port-vlan | system-capabilities | system-description | system-name }}
no lldp { holdtime | reinit | timer | tlv-select { dcbxp | management-address | port-description | port-vlan | system-capabilities | system-description | system-name }}
Syntax Description
Command Default
Holdtime (before discarding): 120 seconds.
Reinitialization delay: 2 seconds.
Command Modes
Global configuration mode
Switch profile configuration mode
Command History
|
|
|
|---|---|
the v4 and v6 command options were introduced for the management-address keyword. |
|
Support was added to configure LLDP options in switch profiles. |
|
Usage Guidelines
Note LLDP, which is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network, is enabled on the switch by default.
The LLDP settings include the length of time before discarding LLDP information received from peers, the length of time to wait before performing LLDP initialization on any interface, and the rate at which LLDP packets are sent.
LLDP supports a set of attributes that it uses to discover neighbor devices. These attributes contain type, length, and value descriptions and are referred to as TLVs. LLDP supported devices can use TLVs to receive and send information to their neighbors. Details such as configuration information, device capabilities, and device identity can be advertised using this protocol.
The switch supports these basic management TLVs. These are mandatory LLDP TLVs.
- Data Center Ethernet Parameter Exchange (DCBXP) TLV
- Management address TLV
- Port description TLV
- Port VLAN ID TLV (IEEE 802.1 organizationally specific TLVs)
- System capabilities TLV
- System description TLV
- System name TLV
The Data Center Bridging Exchange Protocol (DCBXP) is an extension of LLDP. It is used to announce, exchange, and negotiate node parameters between peers. DCBXP parameters are packaged into a specific DCBXP TLV. This TLV is designed to provide an acknowledgement to the received LLDP packet.
DCBXP is enabled by default, provided LLDP is enabled. When LLDP is enabled, DCBXP can be enabled or disabled using the [ no ] lldp tlv-select dcbxp command. DCBXP is disabled on ports where LLDP transmit or receive is disabled.
Examples
This example shows how to configure the global LLDP holdtime to 200 seconds:
This example shows how to enable LLDP to send or receive the management address TLVs:
This example shows how to enable LLDP to send or receive IPv4 management address TLVs:
This example shows how to enable LLDP to send or receive IPv6 management address TLVs:
This example shows how to disable LLDP to send or receive the DCBXP TLVs:
This example shows how to configure the LLDP packet rate to 60 seconds in a switch profile:
Related Commands
|
|
|
|---|---|
Displays information about the switch profile and the configuration revision. |
|
lldp tlv-set
To specify the management IP address to be sent in the LLDP management TLV, use the lldp tlv-set command. To remove the specified management IP address from the LLDP management TLV, use the no form of this command.
lldp tlv-set { management-address ip-address [ipv6] | vlan [ vlan-id ]}
no lldp tlv-set { management-address ip-address [ipv6] | vlan [ vlan-id ]}
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before configuring the LLDP management TLV IP address, ensure that the LLDP management TLV option is configured.
Examples
This example shows how to specify the management IPv4 address in the management TLV:
This example shows how to specify the management IPv6 address in the management TLV:
This example shows how to specify the VLAN ID in the management TLV:
Related Commands
|
|
|
|---|---|
mac address-table aging-time
To configure the aging time for entries in the MAC address table, use the mac address-table aging-time command. To return to the default settings, use the no form of this command.
mac address-table aging-time seconds [ vlan vlan-id ]
no mac address-table aging-time [ vlan vlan-id ]
Syntax Description
Command Default
Command Modes
Global configuration mode
Switch profile configuration mode
Command History
|
|
|
Support to configure MAC address table aging time was added to switch profiles. |
Usage Guidelines
Enter 0 seconds to disable the aging process.
The age value may be rounded off to the nearest multiple of 5 seconds. If the system rounds the value to a different value from that specified by the user (from the rounding process), the system returns an informational message.
When you use this command, the age values of all VLANs for which a configuration has not been specified are modified and those VLANs with specifically modified aging times are not modified. When you use the no form of this command without the VLAN parameter, only those VLANs that have not been specifically configured for the aging time reset to the default value. Those VLANs with specifically modified aging times are not modified.
When you use this command and specify a VLAN, the aging time for only the specified VLAN is modified. When you use the no form of this command and specify a VLAN, the aging time for the VLAN is returned to the current global configuration for the aging time, which may or may not be the default value of 300 seconds depending if the global configuration of the switch for the aging time has been changed.
Note In Cisco NX-OS Release 5.0(3)U1(1), you can configure the MAC aging timer on a global basis but not on a per VLAN basis.
The aging time is counted from the last time that the switch detected the MAC address.
Examples
This example shows how to change the length of time an entry remains in the MAC address table to 500 seconds for the entire switch:
switch# configure terminal
switch(config)# mac address-table aging-time 500
This example shows how to change the length of time an entry remains in the MAC address table to 300 seconds for a switch profile:
Related Commands
|
|
|
|---|---|
Displays information about the switch profile and the configuration revision. |
|
mac address-table loop-detect port-down
To configure the action of bringing down the port with the lower interface index when a MAC address move loop is detected between two ports, use the mac address-table loop-detect port-down command. To revert to the default action of disabling MAC learning, use the no form of this command.
mac address-table loop-detect port-down
no mac address-table loop-detect port-down
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
When the number of MAC address moves between two ports exceeds a threshold, it forms a loop. Until Cisco NX-OS Release 6.0(2)U3(1), when a loop was detected between two ports, MAC learning was disabled for 180 seconds. You can now configure the action of bringing down the port with the lower interface index when such a loop is detected by using the mac address-table loop-detect port-down command.
Examples
This example shows how to configure port-down as the action for MAC move loop detection:
Related Commands
|
|
|
|---|---|
Displays the currently configured action for loop detection in the MAC address table. |
mac address-table notification
To configure a log message notification of MAC address table events, use the mac address-table notification command. To disable log message notifications, use the no form of this command.
mac address-table notification { mac-move | threshold [ limit percentage interval seconds ]}
no mac address-table notification { mac-move | threshold }
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to configure a log message notification when the threshold exceeds 45 percent, restricting the update interval to once every 1024 seconds:
Related Commands
|
|
|
|---|---|
mac address-table static
To configure a static entry for the MAC address table, use the mac address-table static command. To delete the static entry, use the no form of this command.
mac address-table static mac-address vlan vlan-id { drop | interface { ethernet slot/port | port-channel number } [ auto-learn ]
no mac address-table static mac-address { vlan vlan-id }
Syntax Description
Command Default
Command Modes
Global configuration mode
Switch profile configuration mode
Command History
|
|
|
Support was added to configure static MAC address table entries in switch profiles. |
Usage Guidelines
You cannot apply the mac address-table static mac-address vlan vlan-id drop command to a multicast MAC address.
When you install a static MAC address, it is associated with a port. If the same MAC address is seen on a different port, the entry is updated with the new port if you enter the auto-learn keyword.
Examples
This example shows how to add a static entry to the MAC address table:
This example shows how to add a static entry to the MAC address table in a switch profile:
Related Commands
|
|
|
|---|---|
Displays information about the switch profile and the configuration revision. |
|
mac-learn
To control the learning of MAC addresses per interface, use the mac-learn command. To delete the list, use the no form of this command.
Syntax Description
Command Default
Command Modes
Global configuration mode
Switch profile configuration mode
Command History
|
|
|
|---|---|
Usage Guidelines
By default, each interface automatically learns the MAC addresses of entering traffic.
After you disable MAC learning, enter the clear mac address-table dynamic command to clear the dynamic address entries from the MAC address table.
Examples
This example shows how to disable MAC address learning on the switch and then clear the the dynamic address entries from the MAC address table:
This example shows how to disable MAC address learning on a switch profile, and then clear the the dynamic address entries from the MAC address table:
Related Commands
|
|
|
|---|---|
Clears the dynamic address entries from the MAC address table. |
|
Displays information about the switch profile and the configuration revision. |
|
name (VLAN configuration)
To set the name for a VLAN, use the name command. To remove the user-configured name from a VLAN, use the no form of this command.
Syntax Description
Command Default
Command Modes
VLAN configuration mode
Switch profile VLAN configuration mode
Command History
|
|
|
|---|---|
Usage Guidelines
You cannot change the name for the default VLAN, VLAN 1, or for the internally allocated VLANs.
Examples
This example shows how to name VLAN 2:
switch# configure terminal
switch(config)# vlan 2
switch(config-vlan)# name accounting
This example shows how to name VLAN 3 in a switch profile:
Related Commands
|
|
|
|---|---|
name (MST configuration)
To set the name of a Multiple Spanning Tree (MST) region, use the name command. To return to the default name, use the no form of this command.
Syntax Description
Name to assign to the MST region. It can be any string with a maximum length of 32 alphanumeric characters. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Two or more switches with the same VLAN mapping and configuration version number are considered to be in different MST regions if the region names are different.
Be careful when using the
name command to set the name of an MST region. If you make a mistake, you can put the switch in a different region. The configuration name is a case-sensitive parameter.
Examples
This example shows how to name a region:
switch# configure terminal
switch(config)# spanning-tree mst configuration
switch(config-mst)# name accounting
Related Commands
|
|
|
|---|---|
negotiate auto
To enable autonegotiation on a specified 1-Gigabit Ethernet port, use the negotiate auto command. To disable autonegotiation, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
You can use this command only on Ethernet and EtherChannel interfaces.
Use the negotiate auto command with the speed command.
Use the no negotiate auto command to disable autonegotiation on 1-Gigabit ports when the connected peer does not support autonegotiation. By default, autonegotiation is enabled on 1-Gigabit ports and disabled on 10-Gigabit ports.
Note Beginning in 7.0(3)I2(1), no negotiate auto cannot be configured when the speed is set as speed auto. To configure no negotiate auto, change the speed to a fixed speed.
We do not recommend that you enable autonegotiation on 10-Gigabit ports. Enabling autonegotiation on 10-Gigabit ports brings the link down.
Examples
This example shows how to enable link negotiation on a specified Ethernet interface:
switch# configure terminal
switch(config)# interface ethernet 1/5
switch(config-if)# negotiate auto
switch(config-if)#
This example shows how to enable link negotiation on a specified Ethernet interface and advertise that the interface is capable of only 1000 megabyte speed.
switch# configure terminal
switch(config)# interface ethernet 1/5
switch(config-if)# negotiate auto
switch(config-if)#
This example shows how to enable link negotiation on a specified Ethernet interface and configure the interface to negotiate to all capable speeds. On an RJ45 jack, the interface can autonegotiate to 10, 100, or 1000 megabytes. (Autonegotiation is not possible on 10 or 40 Gigabyte interfaces.)
switch# configure terminal
switch(config)# interface ethernet 1/5
switch(config-if)# negotiate auto
switch(config-if)#
Related Commands
|
|
|
|---|---|
Displays the running configuration information for configured interfaces. |
private-vlan
To configure private VLANs, use the private-vlan command. To return the specified VLANs to normal VLAN mode, use the no form of this command.
private-vlan { isolated | community | primary }
no private-vlan { isolated | community | primary }
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
You must enable private VLANs by using the feature private-vlan command before you can configure private VLANs. The commands for configuring private VLANs are not visible until you enable private VLANs.
If you delete either the primary or secondary VLAN, the ports that are associated with the VLAN become inactive. When you enter the no private-vlan command, the VLAN returns to the normal VLAN mode. All primary and secondary associations on that VLAN are suspended, but the interfaces remain in private VLAN mode. When you reconvert the specified VLAN to private VLAN mode, the original associations are reinstated.
If you enter the no vlan command for the primary VLAN, all private VLAN associations with that VLAN are lost. If you enter the no vlan command for a secondary VLAN, the private VLAN associations with that VLAN are suspended and are reenabled when you recreate the specified VLAN and configure it as the previous secondary VLAN.
You cannot configure VLAN1 or the internally allocated VLANs as private VLANs.
A private VLAN is a set of private ports that are characterized by using a common set of VLAN number pairs. Each pair is made up of at least two special unidirectional VLANs and is used by isolated ports and/or by a community of ports to communicate with routers.
An isolated VLAN is a VLAN that is used by isolated ports to communicate with promiscuous ports. An isolated VLAN’s traffic is blocked on all other private ports in the same VLAN. Its traffic can only be received by standard trunking ports and promiscuous ports that are assigned to the corresponding primary VLAN.
A promiscuous port is defined as a private port that is assigned to a primary VLAN.
A community VLAN is defined as the VLAN that carries the traffic among community ports and from community ports to the promiscuous ports on the corresponding primary VLAN.
A primary VLAN is defined as the VLAN that is used to convey the traffic from the routers to customer end stations on private ports.
Multiple community and isolated VLANs are allowed. If you enter a range of primary VLANs, the system uses the first number in the range for the association.
Note A private VLAN-isolated port on a Cisco Nexus 3000 Series switch running the current release of Cisco NX-OS does not support IEEE 802.1Q encapsulation and cannot be used as a trunk port.
If VLAN Trunking Protocol (VTP) is enabled on a switch, you can configure private VLANs only on a device configured in Transparent mode.
Examples
This example shows how to assign VLAN 5 to a private VLAN as the primary VLAN:
This example shows how to assign VLAN 100 to a private VLAN as a community VLAN:
This example shows how to assign VLAN 109 to a private VLAN as an isolated VLAN:
Related Commands
|
|
|
|---|---|
private-vlan association
To configure the association between a primary VLAN and a secondary VLAN on a private VLAN, use the private-vlan association command. To remove the association, use the no form of this command.
private-vlan association {[ add ] secondary-vlan-list | remove secondary-vlan-list }
Syntax Description
Clears the association between a secondary VLAN and a primary VLAN. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
You must enable private VLANs by using the feature private-vlan command before you can configure private VLANs. The commands for configuring private VLANs are not visible until you enable private VLANs.
If you delete either the primary or secondary VLAN, the ports that are associated with the VLAN become inactive. When you enter the no private-vlan command, the VLAN returns to the normal VLAN mode. All primary and secondary associations on that VLAN are suspended, but the interfaces remain in private VLAN mode. However, when you reconvert the specified VLAN to private VLAN mode, the original associations are reinstated.
If you enter the no vlan command for the primary VLAN, all private VLAN associations with that VLAN are lost. However, if you enter the no vlan command for a secondary VLAN, the private VLAN associations with that VLAN are suspended and return when you recreate the specified VLAN and configure it as the previous secondary VLAN.
The secondary-vlan-list argument cannot contain spaces. It can contain multiple comma-separated items. Each item can be a single secondary VLAN ID or a hyphenated range of secondary VLAN IDs. The secondary-vlan-list parameter can contain multiple secondary VLAN IDs.
A private VLAN is a set of private ports that are characterized by using a common set of VLAN number pairs. Each pair is made up of at least two special unidirectional VLANs and is used by isolated ports and/or by a community of ports to communicate with routers.
Multiple community and isolated VLANs are allowed. If you enter a range of primary VLANs, the system uses the first number in the range for the association.
Isolated and community VLANs can only be associated with one primary VLAN. You cannot configure a VLAN that is already associated to a primary VLAN as a primary VLAN.
Note A private VLAN-isolated port on a Cisco Nexus 3000 Series switch running the current release of Cisco NX-OS does not support IEEE 802.1Q encapsulation and cannot be used as a trunk port.
Examples
This example shows how to create a private VLAN relationship between the primary VLAN 14, the isolated VLAN 19, and the community VLANs 20 and 21:
This example shows how to remove isolated VLAN 18 and community VLAN 20 from the private VLAN association:
Related Commands
|
|
|
|---|---|
private-vlan synchronize
To map the secondary VLANs to the same Multiple Spanning Tree (MST) instance as the primary VLAN, use the private-vlan synchronize command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
If you do not map secondary VLANs to the same MST instance as the associated primary VLAN when you exit the MST configuration mode, the device displays a warning message that lists the secondary VLANs that are not mapped to the same instance as the associated VLAN. The private-vlan synchronize command automatically maps all secondary VLANs to the same instance as the associated primary VLANs.
Examples
This example shows how to initialize private VLAN synchronization:
Related Commands
|
|
|
|---|---|
revision
To set the revision number for the Multiple Spanning Tree (MST) region configuration, use the revision command. To return to the default settings, use the no form of this command.
Syntax Description
Revision number for the MST region configuration. The range is from 0 to 65535. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Two or more switches with the same VLAN mapping and name are considered to be in different MST regions if the configuration revision numbers are different.
Be careful when using the
revision command to set the revision number of the MST region configuration because a mistake can put the switch in a different region.
Examples
This example shows how to set the revision number of the MST region configuration:
switch(config)# spanning-tree mst configuration
switch(config-mst)# revision 5
Related Commands
|
|
|
|---|---|
show consistency-checker l2
To trigger the Layer 2 Interface consistency checker for MAC addresses and display the results, use the show consistency-checker l2 command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Examples
This example shows how to trigger the Layer 2 consistency checker for a module and display the results:
Related Commands
show consistency-checker membership vlan
To trigger the VLAN membership consistency checker for members of a VLAN and display the results, use the show consistency-checker membership vlan command.
show consistency-checker membership vlan vlan id
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to trigger the VLAN membership consistency checker and display the results:
Related Commands
show consistency-checker stp-state vlan
To trigger the consistency checker for the spanning tree state of all interfaces in a VLAN and display the results, use the show consistency-checker stp-state vlan command.
show consistency-checker stp-state vlan vlan id
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to trigger the Layer 3 Interface consistency checker for a module and display the results:
Related Commands
|
|
|
|---|---|
Triggers the consistency checker on MAC addresses and displays the results. |
|
Triggers the consistency checker on all members of a vlan and displays the results. |
show ip igmp snooping
To display the Internet Group Management Protocol (IGMP) snooping configuration of the switch, use the show ip igmp snooping command.
show ip igmp snooping [ explicit-tracking vlan vlan-id | groups [ detail | vlan vlan-id ] | mrouter [ vlan vlan-id ] | querier [ vlan vlan-id ] | vlan vlan-id ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display the IGMP snooping configuration of the switch:
This example shows how to display the IGMP snooping configuration for VLAN 1:
Related Commands
|
|
|
|---|---|
Globally enables IGMP snooping. IGMP snooping must be globally enabled in order to be enabled on a VLAN. |
|
show lldp
To display information about the Link Layer Discovery Protocol (LLDP) configuration on the switch, use the show lldp command.
show lldp { interface { ethernet slot / port | mgmt intf-no } | neighbors [ detail | interface ] | timers | tlv-select | traffic [ interface { ethernet slot / port | mgmt intf-no }]}
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Note LLDP, which is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network, is enabled on the switch by default.
Examples
This example shows how to display LLDP interface information:
This example shows how to display LLDP management interface information:
This example shows how to display LLDP timers configured on the switch:
This example shows how to display LLDP neighbor information:
This example shows how to display LLDP information for a specified interface:
This example shows how to display the TLV information:
This example shows how to display LLDP traffic information:
Related Commands
|
|
|
|---|---|
show mac-address-table
To display the contents of the MAC address table, use the show mac-address-table command.
show mac-address-table [address mac-address ] [ aging-time] [loop-detect][dynamic | multicast | static] [interface {ethernet slot / port | port-channel number}] [vlan vlan-id]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Examples
This example shows how to display the MAC addresses table:
This example shows how to display the current aging time:
This example shows how to display information about the dynamic entries for the MAC address table:
Note On platforms where aging is not supported, the aging value will always be displayed as 0
This example shows how to display the currently configured action:
Related Commands
|
|
|
|---|---|
Configures the action of bringing down the port with the lower interface index when a MAC address move loop is detected between two ports. |
show mac address-table aging-time
To display information about the time-out values for the MAC address table, use the show mac address-table aging-time command.
show mac address-table aging-time
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display MAC address aging times:
Related Commands
|
|
|
|---|---|
Configures the aging time for entries in the MAC address table. |
|
show mac address-table count
To display the number of entries currently in the MAC address table, use the show mac address-table count command.
show mac address-table count [ address EEEE . EEEE . EEEE ] [ dynamic | static ] [ interface { ethernet slot / port | port-channel number }] [ vlan vlan-id ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display the number of dynamic entries currently in the MAC address table:
Related Commands
|
|
|
|---|---|
show mac address-table notification
To display notifications about the MAC address table, use the show mac address-table notification command.
show mac address-table notification { mac-move | threshold }
Syntax Description
Displays notification messages about MAC addresses that were moved. |
|
Displays notification messages sent when the MAC address table threshold was exceeded. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display MAC address move notifications:
Related Commands
|
|
|
|---|---|
Configures a log message notification when the MAC address is moved. |
|
show mac address-table
To display the information about the MAC address table, use the show mac address-table command.
show mac address-table [ address mac-address ] [ dynamic | multicast | static ] [ interface { ethernet slot / port | port-channel number }] [ vlan vlan-id ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
The switch maintains static MAC address entries that are saved in its startup configuration across reboots and flushes the dynamic entries.
Examples
This example shows how to display information about the entries for the MAC address table:
This example shows how to display information about the entries for the MAC address table for a specific MAC address:
This example shows how to display information about the dynamic entries for the MAC address table:
This example shows how to display information about the MAC address table for a specific interface:
This example shows how to display static entries in the MAC address table:
This example shows how to display entries in the MAC address table for a specific VLAN:
Related Commands
show running-config spanning-tree
To display the running configuration for the Spanning Tree Protocol (STP), use the show running-config spanning-tree command.
show running-config spanning-tree [ all | interface { ethernet slot / port | port-channel channel-num }]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display information on the running STP configuration:
This example shows how to display detailed information on the running STP configuration:
Note Display output differs slightly depending on whether you are running Rapid Per VLAN Spanning Tree Plus (Rapid PVST+) or Multiple Spanning Tree (MST).
Related Commands
|
|
|
|---|---|
show running-config vlan
To display the running configuration for a specified VLAN, use the show running-config vlan command.
show running-config vlan vlan-id
Syntax Description
Number of VLAN or range of VLANs. Valid numbers are from 1 to 4096. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
This command provides information on the specified VLAN, including private VLANs.
The display varies with your configuration. If you have configured the VLAN name, shutdown status, or suspended status, these are also displayed.
Examples
This example shows how to display the running configuration for VLAN 5:
Related Commands
|
|
|
|---|---|
show running-config vtp
To display the VLAN Trunking Protocol (VTP) running configuration, use the show running-config vtp command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display the VTP running configuration on the switch:
Related Commands
|
|
|
|---|---|
Copies the running configuration to the startup configuration file. |
|
show spanning-tree
To display information about the Spanning Tree Protocol (STP), use the show spanning-tree command.
show spanning-tree [ blockedports | inconsistentports | pathcost method ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
The STP port type displays only when you have configured the port as either an STP edge port or an STP network port. If you have not configured the STP port type, no port type displays.
Table 2 describes the fields that are displayed in the output of show spanning-tree commands.
Note Display output differs slightly depending on whether you are running Rapid Per VLAN Spanning Tree Plus (Rapid PVST+) or Multiple Spanning Tree (MST).
Examples
This example shows how to display spanning tree information:
This example shows how to display the blocked ports in spanning tree:
This example shows how to determine if any ports are in any STP-inconsistent state:
This example shows how to display the path cost method:
Related Commands
show spanning-tree active
To display Spanning Tree Protocol (STP) information on STP-active interfaces only, use the show spanning-tree active command.
show spanning-tree active [ brief | detail ]
Syntax Description
(Optional) Displays a brief summary of STP interface information. |
|
(Optional) Displays a detailed summary of STP interface information. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display STP information on the STP-active interfaces:
Related Commands
show spanning-tree bridge
To display the status and configuration of the local Spanning Tree Protocol (STP) Bridge Assurance, use the show spanning-tree bridge command.
show spanning-tree bridge [ address | brief | detail | forward-time | hello-time | id | max-age | priority [ system-id ] | protocol ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display the STP information for the bridge:
Table 3 describes the fields shown in the display.
This example shows how to display the STP address information for the bridge:
This example shows how to display the detailed STP information for the bridge:
This example shows how to display the STP forward delay interval for the bridge:
This example shows how to display the STP hello time for the bridge:
This example shows how to display the STP bridge ID for the bridge:
This example shows how to display the STP maximum-aging time for the bridge:
This example shows how to display the bridge priority with the system ID extension for the bridge:
This example shows how to display the STP protocol information for the bridge:
Table 3 describes the fields shown in the display.
Related Commands
|
|
|
|---|---|
Displays the running configuration information about the Bridge Assurance. |
|
show spanning-tree brief
To display a brief summary of the Spanning Tree Protocol (STP) status and configuration on the switch, use the show spanning-tree brief command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display a brief summary of STP information:
Related Commands
|
|
|
|---|---|
show spanning-tree detail
To display detailed information on the Spanning Tree Protocol (STP) status and configuration on the switch, use the show spanning-tree detail command.
show spanning-tree detail [ active ]
Syntax Description
(Optional) Displays information about STP active interfaces only. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display detailed information on the STP configuration:
Related Commands
|
|
|
|---|---|
show spanning-tree interface
To display information on the Spanning Tree Protocol (STP) interface status and configuration of specified interfaces, use the show spanning-tree interface command.
show spanning-tree interface { ethernet slot / port | port-channel number } [ active [ brief | detail ] | brief [ active ] | cost | detail [ active ] | edge | inconsistency | priority | rootcost | state ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
The STP port type displays only when you have configured the port as either an STP edge port or an STP network port. If you have not configured the STP port type, no port type displays.
If you specify an interface that is not running STP, the switch returns an error message.
When you are running Multiple Spanning Tree (MST), this command displays the Per VLAN Spanning Tree (PVST) simulation setting.
Note If you are running Multiple Spanning Tree (MST), use the show spanning-tree mst command to show more detail on the specified interfaces.
Examples
This example shows how to display STP information on a specified interface:
This example shows how to display detailed STP information on a specified interface:
This example shows how to display STP port inconsistency state information for a specified interface:
This example shows how to display STP port priority information for a specified interface:
Related Commands
|
|
|
|---|---|
show spanning-tree mst
To display information on Multiple Spanning Tree (MST) status and configuration, use the show spanning-tree mst command.
show spanning-tree mst [ instance-id [ detail | interface { ethernet slot / port | port-channel number } [ detail ]]
show spanning-tree mst [ configuration [ digest ]]
show spanning-tree mst [ detail | interface { ethernet slot / port | port-channel number } [ detail ]]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
If the switch is not running in STP Multiple Spanning Tree (MST) mode when you enter this command, it returns the following message:
Examples
This example shows how to display STP information about Multiple Spanning Tree (MST) instance information for the VLAN ports that are currently active:
This example shows how to display STP information about a specific Multiple Spanning Tree (MST) instance:
This example shows how to display detailed STP information about the Multiple Spanning Tree (MST) protocol:
This example shows how to display STP information about specified Multiple Spanning Tree (MST) interfaces:
This example shows how to display information about the Multiple Spanning Tree (MST) configuration:
This example shows how to display the MD5 digest included in the current Multiple Spanning Tree (MST) configuration:
Related Commands
|
|
|
|---|---|
show spanning-tree root
To display the status and configuration of the Spanning Tree Protocol (STP) root bridge, use the show spanning-tree root command.
show spanning-tree root [ address | brief | cost | detail | forward-time | hello-time | id | max-age | port | priority [ system-id ]]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display the detailed information for the root bridge:
Related Commands
|
|
|
|---|---|
show spanning-tree summary
To display summary Spanning Tree Protocol (STP) information on the switch, use the show spanning-tree summary command.
show spanning-tree summary [ totals ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
The display output for this command differs when you are running Rapid Per VLAN Spanning Tree Plus (Rapid PVST+) or Multiple Spanning Tree (MST).
Examples
This example shows how to display a summary of STP information on the switch:
Related Commands
|
|
|
|---|---|
show spanning-tree vlan
To display Spanning Tree Protocol (STP) information for specified VLANs, use the show spanning-tree vlan command.
show spanning-tree vlan { vlan-id } [ active [ brief | detail ]]
show spanning-tree vlan { vlan-id } [ blockedports ]
show spanning-tree vlan { vlan-id } [ bridge [ address ] | brief | detail | forward-time | hello-time | id | max-age | priority [ system-id ] | protocol ]
show spanning-tree vlan { vlan-id } [ brief [ active ]]
show spanning-tree vlan { vlan-id } [ detail [ active ]]
show spanning-tree vlan { vlan-id } [ inconsistentports ]
show spanning-tree vlan { vlan-id } [ interface { ethernet slot / port | port-channel number } [ active [ brief | detail ]] | brief [ active ] | cost | detail [ active ] | edge | inconsistency | priority | rootcost | state ]]
show spanning-tree vlan { vlan-id } [ root [ address | brief | cost | detail | forward-time | hello-time | id | max-age | port | priority [ system-id ]]
show spanning-tree vlan { vlan-id } [ summary ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display STP information on VLAN 1:
Related Commands
|
|
|
|---|---|
show udld
To display the Unidirectional Link Detection (UDLD) information for a switch, use the show udld command.
show udld [ ethernet slot / port | global | neighbors ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display UDLD information for all interfaces:
This example shows how to display the UDLD information for a specified interface:
This example shows how to display the UDLD global status and configuration on all interfaces:
This example shows how to display the UDLD neighbor interfaces:
Related Commands
|
|
|
|---|---|
show vlan
To display VLAN information, use the show vlan command.
show vlan [ brief | name { name } | summary ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
This command displays information for all VLANs, including private VLANs, on the switch.
Each access port can belong to only one VLAN. Trunk ports can be on multiple VLANs.
Note Although a port can be associated with a VLAN as an access VLAN, a native VLAN, or one of the trunk allowed ports, only access VLANs are shown under Ports in the display.
If you shut down a VLAN using the state suspend or the state active command, these values appear in the Status field:
If you shut down a VLAN using the shutdown command, these values appear in the Status field:
- act/lshut—VLAN status is active but shut down locally.
- sus/lshut—VLAN status is suspended but shut down locally.
If a VLAN is shut down internally, these values appear in the Status field:
- act/ishut—VLAN status is active but shut down internally.
- sus/ishut—VLAN status is suspended but shut down internally.
If a VLAN is shut down locally and internally, the value that is displayed in the Status field is act/ishut or sus/ishut. If a VLAN is shut down locally only, the value that is displayed in the Status field is act/lshut or sus/lshut.
Examples
This example shows how to display information for all VLANs on the switch:
This example shows how to display the VLAN name, status, and associated ports only:
This example shows how to display the VLAN information for a specific VLAN by name:
This example shows how to display information about the number of VLANs configured on the switch:
Related Commands
|
|
|
|---|---|
Displays information about the ports, including those in private VLANs. |
|
show vlan dot1Q tag native
To display the status of tagging on the native VLANs, use the show vlan dot1Q tag native command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display the status of 802.1Q tagging on the native VLANs:
Related Commands
|
|
|
|---|---|
Enables dot1q (IEEE 802.1Q) tagging for all native VLANs on all trunked ports on the switch. |
show vlan id
To display information and statistics for an individual VLAN or a range of VLANs, use the show vlan id command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Use this command to display information and statistics on an individual VLAN or a range of VLANs, including private VLANs.
Note You can also display information about individual VLANs using the show vlan name command.
Examples
This example shows how to display information for the individual VLAN 5:
Related Commands
|
|
|
|---|---|
show vlan private-vlan
To display private VLAN information, use the show vlan private-vlan command.
show vlan [ id { vlan-id }] private-vlan [ type ]
Syntax Description
(Optional) Displays private VLAN information for the specified VLAN. |
|
(Optional) Displays the private VLAN type (primary, isolated, or community). |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Examples
This example shows how to display information on all private VLANs on the switch:
This example shows how to display information for a specific private VLAN:
This example shows how to display information on the types of all private VLANs on the switch:
This example shows how to display information on the type for the specified private VLAN:
Related Commands
show vtp counters
To display the VLAN Trunking Protocol (VTP) statistics, use the show vtp counters command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before you use this command, you must enable VTP on the switch by using the feature vtp command.
Note VTP pruning is not supported in Cisco NX-OS Release 5.0(3)U1(1).
Examples
This example shows how to display the VTP counters:
Related Commands
|
|
|
|---|---|
show vtp interface
To display the VLAN Trunking Protocol (VTP) interface status and configuration information, use the show vtp interface command.
show vtp interface [ ethernet slot / port | port-channel channel-no ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before you use this command, you must enable VTP on the switch by using the feature vtp command.
Examples
This example shows how to display the VTP configuration information on all interfaces:
This example shows how to display the VTP configuration information for an Ethernet interface:
This example shows how to display the VTP configuration information for an EtherChannel interface:
Related Commands
|
|
|
|---|---|
show vtp password
To display the VLAN Trunking Protocol (VTP) administrative password, use the show vtp password command.
show vtp password [ domain domain-id ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before you use this command, you must enable VTP on the switch by using the feature vtp command.
Examples
This example shows how to display the VTP password configured for administrative domain 1:
Related Commands
|
|
|
|---|---|
show vtp status
To display the VLAN Trunking Protocol (VTP) domain status information, use the show vtp status command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before you use this command, you must enable VTP on the switch by using the feature vtp command.
Examples
This example shows how to display the VTP domain status:
Related Commands
|
|
|
|---|---|
shutdown (VLAN configuration)
To shut down the local traffic on a VLAN, use the shutdown command. To return a VLAN to its default operational state, use the no form of this command.
Syntax Description
Command Default
Command Modes
VLAN configuration mode
Switch profile VLAN configuration mode
Command History
|
|
|
|---|---|
Usage Guidelines
You cannot shut down, or disable, VLAN 1 or VLANs 1006 to 4094.
After you shut down a VLAN, the traffic ceases to flow on that VLAN. Access ports on that VLAN are also brought down; trunk ports continue to carry traffic for the other VLANs allowed on that port. However, the interface associations for the specified VLAN remain, and when you reenable, or recreate, that specified VLAN, the switch automatically reinstates all the original ports to that VLAN.
To find out if a VLAN has been shut down internally, check the Status field in the show vlan command output. If a VLAN is shut down internally, one of these values appears in the Status field:
- act/lshut—VLAN status is active and shut down internally.
- sus/lshut—VLAN status is suspended and shut down internally.
Note If the VLAN is suspended and shut down, you use both the no shutdown and state active commands to return the VLAN to the active state.
Examples
This example shows how to restore local traffic on VLAN 2 after you have shut down, or disabled, the VLAN:
switch(config)# vlan 2
switch(config-vlan)# no shutdown
This example shows how to shut down local traffic on VLAN 3 in a switch profile:
Related Commands
|
|
|
|---|---|
spanning-tree bpdufilter
To enable bridge protocol data unit (BPDU) Filtering on the interface, use the spanning-tree bpdufilter command. To return to the default settings, use the no form of this command.
spanning-tree bpdufilter { enable | disable }
Syntax Description
Command Default
The setting that is already configured when you enter the spanning-tree port type edge bpdufilter default command.
Command Modes
Command History
|
|
|
Usage Guidelines
Entering the spanning-tree bpdufilter enable command to enable BPDU Filtering overrides the spanning tree edge port configuration. That port then returns to the normal spanning tree port type and moves through the normal spanning tree transitions.
Be careful when you enter the
spanning-tree bpdufilter enable command on specified interfaces. Explicitly configuring BPDU Filtering on a port this is not connected to a host can cause a bridging loop because the port will ignore any BPDU that it receives, and the port moves to the STP forwarding state.
Use the spanning-tree port type edge bpdufilter default command to enable BPDU Filtering on all spanning tree edge ports.
Examples
This example shows how to explicitly enable BPDU Filtering on the Ethernet spanning tree edge port 1/4:
Related Commands
|
|
|
|---|---|
spanning-tree bpduguard
To enable bridge protocol data unit (BPDU) Guard on an interface, use the spanning-tree bpduguard command. To return to the default settings, use the no form of this command.
spanning-tree bpduguard { enable | disable }
Syntax Description
Command Default
The setting that is already configured when you enter the spanning-tree port type edge bpduguard default command.
Command Modes
Command History
|
|
|
Usage Guidelines
BPDU Guard prevents a port from receiving BPDUs. If the port still receives a BPDU, it is put in the error-disabled state as a protective measure.
Be careful when using this command. You should use this command only with interfaces that connect to end stations; otherwise, an accidental topology loop could cause a data-packet loop and disrupt the switch and network operation.
When you enable this BPDU Guard command globally, the command applies only to spanning tree edge ports. See the spanning-tree port type edge bpduguard default command for more information on the global command for BPDU Guard. However, when you enable this feature on an interface, it applies to that interface regardless of the spanning tree port type.
This command has three states:
- spanning-tree bpduguard enable —Unconditionally enables BPDU Guard on the interface.
- spanning-tree bpduguard disable —Unconditionally disables BPDU Guard on the interface.
- no spanning-tree bpduguard —Enables BPDU Guard on the interface if it is an operational spanning tree edge port and if the spanning-tree port type edge bpduguard default command is configured.
Typically, this feature is used in a service-provider environment where the network administrator wants to prevent an access port from participating in the spanning tree.
Examples
This example shows how to enable BPDU Guard on this interface:
Related Commands
|
|
|
|---|---|
spanning-tree bridge
To enable Bridge Assurance on the switch, use the spanning-tree bridge command. To disable Bridge Assurance, use the no form of this command.
spanning-tree bridge assurance
no spanning-tree bridge assurance
Syntax Description
Command Default
Command Modes
Global configuration mode
Switch profile configuration mode
Command History
|
|
|
Usage Guidelines
You can use Bridge Assurance to protect against certain problems that can cause bridging loops in the network. Bridge Assurance is enabled only on spanning tree network ports that are point-to-point links.
Examples
This example shows how to enable Bridge Assurance on all network ports on the switch:
This example shows how to enable Bridge Assurance in a switch profile:
Related Commands
|
|
|
|---|---|
Displays the running configuration information about spanning trees. |
spanning-tree cost
To set the path cost of the interface for Spanning Tree Protocol (STP) calculations, use the spanning-tree cost command. To return to the default settings, use the no form of this command.
spanning-tree [ vlan vlan-id ] cost { value | auto }
no spanning-tree [ vlan vlan-id ] cost
Syntax Description
(Optional) Lists the VLANs on this trunk interface for which you want to assign the path cost. You do not use this parameter on access ports. The range is from 1 to 4094. |
|
Value of the port cost. The available cost range depends on the path-cost calculation method as follows: |
|
Sets the value of the port cost by the media speed of the interface (see Table 4 for the values). |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
The STP port path cost default value is determined from the media speed and path cost calculation method of a LAN interface (see Table 4 ). See the spanning-tree pathcost method command for information on setting the path cost calculation method for Rapid per VLAN Spanning Tree Plus (Rapid PVST+).
|
|
|
|
|---|---|---|
When you configure the value, higher values will indicate higher costs.
On access ports, assign the port cost by port. On trunk ports, assign the port cost by VLAN; you can configure all the VLANs on a trunk port as the same port cost.
The EtherChannel bundle is considered as a single port. The port cost is the aggregation of all the configured port costs assigned to that channel.
Note Use this command to set the port cost for Rapid PVST+. Use the spanning-tree mst cost command to set the port cost for MST.
Examples
This example shows how to access an interface and set a path cost value of 250 for the spanning tree VLAN that is associated with that interface:
(config)# interface ethernet 1/4
(config-if)# spanning-tree cost 250
Related Commands
|
|
|
|---|---|
spanning-tree guard
To enable or disable Loop Guard or Root Guard, use the spanning-tree guard command. To return to the default settings, use the no form of this command.
spanning-tree guard { loop | none | root }
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
You cannot enable Loop Guard if Root Guard is enabled, although the switch accepts the command to enable Loop Guard on spanning tree edge ports.
Examples
This example shows how to enable Root Guard:
Related Commands
|
|
|
|---|---|
spanning-tree link-type
To configure a link type for a port, use the spanning-tree link-type command. To return to the default settings, use the no form of this command.
spanning-tree link-type { auto | point-to-point | shared }
Syntax Description
Sets the link type based on the duplex setting of the interface. |
|
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Fast transition (specified in IEEE 802.1w) functions only on point-to-point links between two bridges.
By default, the switch derives the link type of a port from the duplex mode. A full-duplex port is considered as a point-to-point link while a half-duplex configuration is assumed to be on a shared link.
Note On a Cisco Nexus 3000 Series switch, port duplex is not configurable.
Examples
This example shows how to configure the port as a shared link:
Related Commands
|
|
|
|---|---|
spanning-tree loopguard default
To enable Loop Guard as a default on all spanning tree normal and network ports, use the spanning-tree loopguard default command. To disable Loop Guard, use the no form of this command.
spanning-tree loopguard default
no spanning-tree loopguard default
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Loop Guard provides additional security in the bridge network. Loop Guard prevents alternate or root ports from becoming the designated port because of a failure that could lead to a unidirectional link.
Loop Guard operates only on ports that are considered point-to-point links by the spanning tree, and it does not run on spanning tree edge ports.
Entering the spanning-tree guard loop command for the specified interface overrides this global Loop Guard command.
Examples
This example shows how to enable Loop Guard:
Related Commands
|
|
|
|---|---|
spanning-tree mode
To switch between Rapid per VLAN Spanning Tree Plus (Rapid PVST+) and Multiple Spanning Tree (MST) Spanning Tree Protocol (STP) modes, use the spanning-tree mode command. To return to the default settings, use the no form of this command.
spanning-tree mode { rapid-pvst | mst }
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
You cannot simultaneously run MST and Rapid PVST+ on the switch.
Be careful when using the
spanning-tree mode command to switch between Rapid PVST+ and MST modes. When you enter the command, all STP instances are stopped for the previous mode and are restarted in the new mode. Using this command may cause the user traffic to be disrupted.
Examples
This example shows how to switch to MST mode:
switch(config)# spanning-tree mode mst
switch(config-mst)#
Related Commands
|
|
|
|---|---|
Displays the information about the spanning tree configuration. |
spanning-tree mst configuration
To enter the Multiple Spanning Tree (MST) configuration mode, use the spanning-tree mst configuration command. To return to the default settings, use the no form of this command.
spanning-tree mst configuration
no spanning-tree mst configuration
Syntax Description
Command Default
The default value for the MST configuration is the default value for all its parameters:
Command Modes
Command History
|
|
|
Usage Guidelines
The MST configuration consists of three main parameters:
- Instance VLAN mapping—See the instance vlan command.
- Region name—See the name (MST configuration) command.
- Configuration revision number—See the revision command.
The abort and exit commands allow you to exit MST configuration mode. The difference between the two commands depends on whether you want to save your changes or not:
- The exit command commits all the changes before leaving MST configuration mode.
- The abort command leaves MST configuration mode without committing any changes.
If you do not map secondary VLANs to the same instance as the associated primary VLAN, when you exit MST configuration mode, the following warning message is displayed:
See the switchport mode private-vlan host command to fix this problem.
Changing an MST configuration mode parameter can cause connectivity loss. To reduce service disruptions, when you enter MST configuration mode, make changes to a copy of the current MST configuration. When you are done editing the configuration, you can apply all the changes at once by using the exit keyword.
In the unlikely event that two administrators commit a new configuration at exactly the same time, this warning message is displayed:
Examples
This example shows how to enter MST-configuration mode:
switch(config)# spanning-tree mst configuration
switch(config-mst)#
This example shows how to reset the MST configuration (name, instance mapping, and revision number) to the default settings:
(config)# no spanning-tree mst configuration
Related Commands
|
|
|
|---|---|
spanning-tree mst cost
To set the path-cost parameter for any Multiple Spanning Tree (MST) instance (including the Common and Internal Spanning Tree [CIST] with instance ID 0), use the spanning-tree mst cost command. To return to the default settings, use the no form of this command.
spanning-tree mst instance-id cost { cost | auto }
no spanning-tree mst instance-id cost
Syntax Description
Port cost for an instance. The range is from 1 to 200,000,000. |
|
Sets the value of the port cost by the media speed of the interface. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
The port cost depends on the port speed; the faster interface speeds indicate smaller costs. MST always uses long path costs.
Higher cost values indicate higher costs. When entering the cost, do not include a comma in the entry; for example, enter 1000, not 1,000.
The EtherChannel bundle is considered as a single port. The port cost is the aggregation of all the configured port costs assigned to that channel.
Examples
This example shows how to set the interface path cost:
(config-if)# spanning-tree mst 0 cost 17031970
Related Commands
|
|
|
|---|---|
spanning-tree mst forward-time
To set the forward-delay timer for all the instances on the switch, use the spanning-tree mst forward-time command. To return to the default settings, use the no form of this command.
spanning-tree mst forward-time seconds
no spanning-tree mst forward-time
Syntax Description
Number of seconds to set the forward-delay timer for all the instances on the switch. The range is from 4 to 30 seconds. |
Command Default
Command Modes
Command History
|
|
|
Examples
This example shows how to set the forward-delay timer:
Related Commands
|
|
|
|---|---|
spanning-tree mst hello-time
To set the hello-time delay timer for all the instances on the switch, use the spanning-tree mst hello-time command. To return to the default settings, use the no form of this command.
spanning-tree mst hello-time seconds
no spanning-tree mst hello-time
Syntax Description
Number of seconds to set the hello-time delay timer for all the instances on the switch. The range is from 1 to 10 seconds. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
If you do not specify the hello-time value, the value is calculated from the network diameter.
Examples
This example shows how to set the hello-time delay timer:
Related Commands
|
|
|
|---|---|
spanning-tree mst max-age
To set the max-age timer for all the instances on the switch, use the spanning-tree mst max-age command. To return to the default settings, use the no form of this command.
spanning-tree mst max-age seconds
Syntax Description
Number of seconds to set the max-age timer for all the instances on the switch. The range is from 6 to 40 seconds. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Examples
This example shows how to set the max-age timer:
Related Commands
|
|
|
|---|---|
spanning-tree mst max-hops
To specify the number of possible hops in the region before a bridge protocol data unit (BPDU) is discarded, use the spanning-tree mst max-hops command. To return to the default settings, use the no form of this command.
spanning-tree mst max-hops hop-count
Syntax Description
Number of possible hops in the region before a BPDU is discarded. The range is from 1 to 255 hops. |
Command Default
Command Modes
Command History
|
|
|
Examples
This example shows how to set the number of possible hops:
Related Commands
|
|
|
|---|---|
spanning-tree mst port-priority
To set the port-priority parameters for any Multiple Spanning Tree (MST) instance, including the Common and Internal Spanning Tree (CIST) with instance ID 0, use the spanning-tree mst port-priority command. To return to the default settings, use the no form of this command.
spanning-tree mst instance-id port-priority priority
no spanning-tree mst instance-id port-priority
Syntax Description
Port priority for an instance. The range is from 0 to 224 in increments of 32. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Higher port-priority priority values indicate smaller priorities.
The priority values are 0, 32, 64, 96, 128, 160, 192, and 224. All other values are rejected.
Examples
This example shows how to set the interface priority:
(config-if)# spanning-tree mst 0 port-priority 64
Related Commands
|
|
|
|---|---|
Configures the port priority for the default STP, which is Rapid PVST+. |
spanning-tree mst priority
To set the bridge priority, use the spanning-tree mst priority command. To return to the default setting, use the no form of this command.
spanning-tree mst instance-id priority priority-value
no spanning-tree mst instance-id priority
Syntax Description
Instance identification number. The range is from 0 to 4094. |
|
Bridge priority. See the “Usage Guidelines” section for valid values and additional information. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
You can set the bridge priority in increments of 4096 only. When you set the priority, valid values are 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and 61440.
You can set the priority-value argument to 0 to make the switch root.
You can enter the instance-id argument as a single instance or a range of instances, for example, 0-3,5,7-9.
Examples
This example shows how to set the bridge priority:
Related Commands
|
|
|
|---|---|
spanning-tree mst root
To designate the primary and secondary root and set the timer value for an instance, use the spanning-tree mst root command. To return to the default settings, use the no form of this command.
spanning-tree mst instance-id root { primary | secondary } [ diameter dia [ hello-time hello-time ]]
no spanning-tree mst instance-id root
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
You can enter the instance-id argument as a single instance or a range of instances, for example, 0-3,5,7-9.
If you do not specify the hello-time argument, the argument is calculated from the network diameter. You must first specify the diameter dia keyword and argument before you can specify the hello-time hello-time keyword and argument.
Examples
This example shows how to designate the primary root:
This example shows how to set the priority and timer values for the bridge:
Related Commands
|
|
|
|---|---|
spanning-tree mst simulate pvst
To reenable specific interfaces to automatically interoperate between Multiple Spanning Tree (MST) and Rapid per VLAN Spanning Tree Plus (Rapid PVST+), use the spanning-tree mst simulate pvst command. To prevent specific MST interfaces from automatically interoperating with a connecting device running Rapid PVST+, use the spanning-tree mst simulate pvst disable command. To return specific interfaces to the default settings that are set globally for the switch, use the no form of this command.
spanning-tree mst simulate pvst
spanning-tree mst simulate pvst disable
no spanning-tree mst simulate pvst
Syntax Description
Command Default
Enabled. By default, all interfaces on the switch interoperate seamlessly between MST and Rapid PVST+. See the spanning-tree mst simulate pvst global command to change this setting globally.
Command Modes
Command History
|
|
|
Usage Guidelines
MST interoperates with Rapid PVST+ with no need for user configuration. The PVST+ simulation feature enables this seamless interoperability. However, you may want to control the connection between MST and Rapid PVST+ to protect against accidentally connecting an MST-enabled port to a Rapid PVST+-enabled port.
When you use the spanning-tree mst simulate pvst disable command, specified MST interfaces that receive a Rapid PVST+ (SSTP) bridge protocol data unit (BPDU) move into the STP blocking state. Those interfaces remain in the inconsistent state until the port stops receiving Rapid PVST+ BPDUs, and then the port resumes the normal STP transition process.
Note To block automatic MST and Rapid PVST+ interoperability for the entire switch, use no spanning-tree mst simulate pvst global command.
This command is useful when you want to prevent accidental connection with a device running Rapid PVST+.
To reenable seamless operation between MST and Rapid PVST+ on specific interfaces, use the spanning-tree mst simulate pvst command.
Examples
This example shows how to prevent specified ports from automatically interoperating with a connected device running Rapid PVST+:
switch(config-if)# spanning-tree mst simulate pvst disable
Related Commands
|
|
|
|---|---|
Enables global seamless interoperation between MST and Rapid PVST+. |
spanning-tree mst simulate pvst global
To prevent the Multiple Spanning Tree (MST) switch from automatically interoperating with a connecting device running Rapid per VLAN Spanning Tree Plus (Rapid PVST+), use the spanning-tree mst simulate pvst global command. To return to the default settings, which is a seamless operation between MST and Rapid PVST+ on the switch, use the no spanning-tree mst simulate pvst global command.
spanning-tree mst simulate pvst global
no spanning-tree mst simulate pvst global
Syntax Description
Command Default
Enabled. By default, the switch interoperates seamlessly between MST and Rapid PVST+.
Command Modes
Command History
|
|
|
Usage Guidelines
MST does not require user configuration to interoperate with Rapid PVST+. The PVST+ simulation feature enables this seamless interoperability. However, you may want to control the connection between MST and Rapid PVST+ to protect against accidentally connecting an MST-enabled port to a Rapid PVST+-enabled port.
When you use the no spanning-tree mst simulate pvst global command, the switch running in MST mode moves all interfaces that receive a Rapid PVST+ (SSTP) bridge protocol data unit (BPDU) into the Spanning Tree Protocol (STP) blocking state. Those interfaces remain in the inconsistent state until the port stops receiving Rapid PVST+ BPDUs, and then the port resumes the normal STP transition process.
You can also use this command from the interface mode, and the configuration applies to the entire switch.
Note To block automatic MST and Rapid PVST+ interoperability for specific interfaces, see the spanning-tree mst simulate pvst command.
This command is useful when you want to prevent accidental connection with a device not running MST.
To return the switch to seamless operation between MST and Rapid PVST+, use the spanning-tree mst simulate pvst global command.
Examples
This example shows how to prevent all ports on the switch from automatically interoperating with a connected device running Rapid PVST+:
switch(config)# no spanning-tree mst simulate pvst global
Related Commands
|
|
|
|---|---|
Enables seamless interoperation between MST and Rapid PVST+ by the interface. |
spanning-tree pathcost method
To set the default path-cost calculation method, use the spanning-tree pathcost method command. To return to the default settings, use the no form of this command.
spanning-tree pathcost method { long | short }
no spanning-tree pathcost method
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
The long path-cost calculation method uses all 32 bits for path-cost calculations and yields valued in the range of 2 through 2,00,000,000.
The short path-cost calculation method (16 bits) yields values in the range of 1 through 65535.
Note This command applies only to the Rapid per VLAN Spanning Tree Plus (Rapid PVST+) spanning tree mode, which is the default mode. When you are using Multiple Spanning Tree (MST) spanning tree mode, the switch uses only the long method for calculating path cost; this is not user-configurable for MST.
Examples
This example shows how to set the default pathcost method to long:
switch(config)# spanning-tree pathcost method long
Related Commands
|
|
|
|---|---|
spanning-tree port type edge
To configure an interface connected to a host as an edge port, which automatically transitions the port to the spanning tree forwarding state without passing through the blocking or learning states, use the spanning-tree port type edge command. To return the port to a normal spanning tree port, use the no spanning-tree port type command.
spanning-tree port type edge [ trunk ]
Syntax Description
(Optional) Configures the trunk port as a spanning tree edge port. |
Command Default
The default is the global setting for the default port type edge that is configured when you entered the spanning-tree port type edge default command. If you did not configure a global setting, the default spanning tree port type is normal.
Command Modes
Command History
|
|
|
Usage Guidelines
You can also use this command to configure a port in trunk mode as a spanning tree edge port.
You should use this command only with interfaces that connect to end stations; otherwise, an accidental topology loop could cause a data-packet loop and disrupt the switch and network operation.
When a linkup occurs, spanning tree edge ports are moved directly to the spanning tree forwarding state without waiting for the standard forward-time delay.
Note This is the same functionality that was previously provided by the Cisco-proprietary PortFast feature.
When you use this command, the system returns a message similar to the following:
When you use this command without the trunk keyword, the system returns an additional message similar to the following:
To configure trunk interfaces as spanning tree edge ports, use the spanning-tree port type trunk command. To remove the spanning tree edge port type setting, use the no spanning-tree port type command.
Examples
This example shows how to configure an interface connected to a host as an edge port, which automatically transitions that interface to the forwarding state on a linkup:
(config-if)# spanning-tree port type edge
Related Commands
|
|
|
|---|---|
spanning-tree port type edge bpdufilter default
To enable bridge protocol data unit (BPDU) Filtering by default on all spanning tree edge ports, use the spanning-tree port type edge bpdufilter default command. To disable BPDU Filtering by default on all edge ports, use the no form of this command.
spanning-tree port type edge bpdufilter default
no spanning-tree port type edge bpdufilter default
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
To enable BPDU Filtering by default, you must do the following:
- Configure the interface as a spanning tree edge port, using the spanning-tree port type edge or the spanning-tree port type edge default command.
- Enable BPDU Filtering.
Use this command to enable BPDU Filtering globally on all spanning tree edge ports. BPDU Filtering prevents a port from sending or receiving any BPDUs.
Be cautious when using this command; incorrect usage can cause bridging loops.
You can override the global effects of this spanning-tree port type edge bpdufilter default command by configuring BPDU Filtering at the interface level. See the spanning-tree bpdufilter command for complete information on using this feature at the interface level.
Note The BPDU Filtering feature’s functionality is different when you enable it on a per-port basis or globally. When enabled globally, BPDU Filtering is applied only on ports that are operational spanning tree edge ports. Ports send a few BPDUs at a linkup before they effectively filter outbound BPDUs. If a BPDU is received on an edge port, that port immediately becomes a normal spanning tree port with all the normal transitions and BPDU Filtering is disabled. When enabled locally on a port, BPDU Filtering prevents the switch from receiving or sending BPDUs on this port.
Examples
This example shows how to enable BPDU Filtering globally on all spanning tree edge operational ports by default:
switch(config)# spanning-tree port type edge bpdufilter default
Related Commands
|
|
|
|---|---|
Displays the information about the spanning tree configuration. |
|
spanning-tree port type edge bpduguard default
To enable bridge protocol data unit (BPDU) Guard by default on all spanning tree edge ports, use the spanning-tree port type edge bpduguard default command. To disable BPDU Guard on all edge ports by default, use the no form of this command.
spanning-tree port type edge bpduguard default
no spanning-tree port type edge bpduguard default
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
To enable BPDU Guard by default, you must do the following:
- Configure the interface as spanning tree edge ports by entering the spanning-tree port type edge or the spanning-tree port type edge default command.
- Enable BPDU Guard.
Use this command to enable BPDU Guard globally on all spanning tree edge ports. BPDU Guard disables a port if it receives a BPDU.
Global BPDU Guard is applied only on spanning tree edge ports.
You can also enable BPDU Guard per interface; see the spanning-tree bpduguard command for more information.
Note We recommend that you enable BPDU Guard on all spanning tree edge ports.
Examples
This example shows how to enable BPDU Guard by default on all spanning tree edge ports:
(config)# spanning-tree port type edge bpduguard default
Related Commands
|
|
|
|---|---|
Displays the information about the spanning tree configuration. |
|
spanning-tree port type edge default
To configure all access ports that are connected to hosts as edge ports by default, use the spanning-tree port type edge default command. To restore all ports connected to hosts as normal spanning tree ports by default, use the no form of this command.
spanning-tree port type edge default
no spanning-tree port type edge default
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Use this command to automatically configure all interfaces as spanning tree edge ports by default. This command will not work on trunk ports.
Be careful when using this command. You should use this command only with interfaces that connect to end stations; otherwise, an accidental topology loop could cause a data-packet loop and disrupt the switch and network operation.
When a linkup occurs, an interface configured as an edge port automatically moves the interface directly to the spanning tree forwarding state without waiting for the standard forward-time delay. (This transition was previously configured as the Cisco-proprietary PortFast feature.)
When you use this command, the system returns a message similar to the following:
You can configure individual interfaces as edge ports using the spanning-tree port type edge command.
Examples
This example shows how to globally configure all ports connected to hosts as spanning tree edge ports:
(config)# spanning-tree port type edge default
Related Commands
|
|
|
|---|---|
spanning-tree port type network
To configure the interface that connects to a switch as a network spanning tree port, regardless of the global configuration, use the spanning-tree port type network command. To return the port to a normal spanning tree port, use the use the no form of this command.
spanning-tree port type network
Syntax Description
Command Default
The default is the global setting for the default port type network that is configured when you entered the spanning-tree port type network default command. If you did not configure a global setting, the default spanning tree port type is normal.
Command Modes
Command History
|
|
|
Usage Guidelines
Use this command to configure an interface that connects to a switch as a spanning tree network port. Bridge Assurance runs only on Spanning Tree Protocol (STP) network ports.
Note If you mistakenly configure ports connected to hosts as STP network ports and enable Bridge Assurance, those ports will automatically move into the blocking state.
Note Bridge Assurance is enabled by default, and all interfaces configured as spanning tree network ports have Bridge Assurance enabled.
To configure a port as a spanning tree network port, use the spanning-tree port type network command. To remove this configuration, use the no spanning-tree port type command. When you use the no spanning-tree port type command, the software returns the port to the global default setting for network port types.
You can configure all ports that are connected to switches as spanning tree network ports by default by entering the spanning-tree port type network default command.
Examples
This example shows how to configure an interface connected to a switch or bridge as a spanning tree network port:
(config-if)# spanning-tree port type network
switch(config-if)#
Related Commands
|
|
|
|---|---|
Displays information about the spanning tree configuration per specified interface. |
spanning-tree port type network default
To configure all ports as spanning tree network ports by default, use the spanning-tree port type network default command. To restore all ports to normal spanning tree ports by default, use the no form of this command.
spanning-tree port type network default
no spanning-tree port type network default
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Use this command to automatically configure all interfaces that are connected to switches as spanning tree network ports by default. You can then use the spanning-tree port type edge command to configure specified ports that are connected to hosts as spanning-tree edge ports.
Note If you mistakenly configure ports connected to hosts as Spanning Tree Protocol (STP) network ports and Bridge Assurance is enabled, those ports will automatically move into the blocking state.
Configure only the ports that connect to other switches as network ports because the Bridge Assurance feature causes network ports that are connected to hosts to move into the spanning tree blocking state.
You can identify individual interfaces as network ports by using the spanning-tree port type network command.
Examples
This example shows how to globally configure all ports connected to switches as spanning tree network ports:
(config)# spanning-tree port type network default
switch(config)#
Related Commands
|
|
|
|---|---|
spanning-tree port-priority
To set an interface priority when two bridges compete for position as the root bridge, use the spanning-tree port-priority command. The priority you set breaks the tie. To return to the default settings, use the no form of this command.
spanning-tree [ vlan vlan-id ] port-priority value
no spanning-tree [ vlan vlan-id ] port-priority
Syntax Description
(Optional) Specifies the VLAN identification number. The range is from 0 to 4094. |
|
Port priority. The range is from 1 to 224, in increments of 32. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Do not use the vlan vlan-id parameter on access ports. The software uses the port priority value for access ports and the VLAN port priority values for trunk ports.
The priority values are 0, 32, 64, 96, 128, 160, 192, and 224. All other values are rejected.
Note Use this command to configure the port priority for Rapid per VLAN Spanning Tree Plus (Rapid PVST+) spanning tree mode, which is the default STP mode. To configure the port priority for Multiple Spanning Tree (MST) spanning tree mode, use the spacing-tree mst port-priority command.
Examples
This example shows how to increase the probability that the spanning tree instance on access port interface 2/0 is chosen as the root bridge by changing the port priority to 32:
(config-if)# spanning-tree port-priority 32
switch(config-if)#
Related Commands
|
|
|
|---|---|
Displays information on the spanning tree port priority for the interface. |
spanning-tree vlan
To configure Spanning Tree Protocol (STP) parameters on a per-VLAN basis, use the spanning-tree vlan command. To return to the default settings, use the no form of this command.
spanning-tree vlan vlan-id [ forward-time value | hello-time value | max-age value | priority value | [ root { primary | secondary } [ diameter dia [ hello-time value ]]]]
no spanning-tree vlan vlan-id [ forward-time | hello-time | max-age | priority | root ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
When disabling spanning tree on a VLAN using the
no spanning-tree vlan
vlan-id command, ensure that all switches and bridges in the VLAN have spanning tree disabled. You cannot disable spanning tree on some switches and bridges in a VLAN and leave it enabled on other switches and bridges in the same VLAN because switches and bridges with spanning tree enabled have incomplete information about the physical topology of the network.
We do not recommend disabling spanning tree even in a topology that is free of physical loops. Spanning tree is a safeguard against misconfigurations and cabling errors. Do not disable spanning tree in a VLAN without ensuring that there are no physical loops present in the VLAN.
When setting the max-age seconds, if a bridge does not see BPDUs from the root bridge within the specified interval, it assumes that the network has changed and recomputes the spanning-tree topology.
The spanning-tree root primary alters this switch’s bridge priority to 24576. If you enter the spanning-tree root primary command and the switch does not become the root, then the bridge priority is changed to 4096 less than the bridge priority of the current bridge. The command fails if the value required to be the root bridge is less than 1. If the switch does not become the root, an error results.
If the network devices are set for the default bridge priority of 32768 and you enter the spanning-tree root secondary command, the software alters this switch’s bridge priority to 28762. If the root switch fails, this switch becomes the next root switch.
Use the spanning-tree root commands on the backbone switches only.
Examples
This example shows how to enable spanning tree on VLAN 200:
switch(config)# spanning-tree vlan 200
switch(config)#
This example shows how to configure the switch as the root switch for VLAN 10 with a network diameter of 4:
switch(config)# spanning-tree vlan 10 root primary diameter 4
switch(config)#
This example shows how to configure the switch as the secondary root switch for VLAN 10 with a network diameter of 4:
switch(config)# spanning-tree vlan 10 root secondary diameter 4
switch(config)#
Related Commands
|
|
|
|---|---|
state
To set the operational state for a VLAN, use the state command. To return a VLAN to its default operational state, use the no form of this command.
Syntax Description
Command Default
Command Modes
VLAN configuration mode
Switch profile VLAN configuration mode
Command History
|
|
|
|---|---|
Support for this command was introduced in a switch profile. |
Usage Guidelines
You cannot suspend the state for VLAN 1 or VLANs 1006 to 4094.
Examples
This example shows how to suspend VLAN 2:
switch(config)# vlan 2
switch(config-vlan)# state suspend
switch(config-vlan)#
This example shows how to suspend VLAN 5 in a switch profile:
Related Commands
|
|
|
|---|---|
storm-control
To configure traffic storm control for traffic on an interface, use the storm-control command. To disable traffic storm control on an interface, use the no form of this command.
storm-control [broadcast | multicast | unicast] level percentage[.fraction] | [action {[no] shutdown | trap }]
no storm-control [broadcast | multicast | unicast] level percentage[.fraction] | [action { [no] shutdown | trap }]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
- You can configure traffic storm control on a port-channel interface.
- Because of hardware limitations and the method by which packets of different sizes are counted, the level percentage is an approximation. Depending on the sizes of the frames that make up the incoming traffic, the actual enforced level might differ from the configured level by several percentage points.
- Due to a hardware limitation, the output for the show interface counters storm-control command does not show ARP suppressions when storm control is configured and the interface is actually suppressing some traffic. Packet drops due to storm control are counted in the input discard counter.
- Due to a hardware limitation, the packet drop counter cannot distinguish between packet drops caused by a traffic storm and other discarded input frames. This can lead to the configured action being triggered even in the absence of a traffic storm.
- Storm control is only for ingress traffic, specifically for unknown unicast, unknown multicast, and broadcast traffic.
- Storm-control is applied on each member of a port channel individually and not on the port channel as a whole.
Examples
This example shows how to configure traffic storm control for port channels 122 and 123:
This example shows how to configure the port to shut down during a traffic storm:
This example shows how to configure the port to generate an SNMP trap during a traffic storm:
Related Commands
|
|
|
|---|---|
Displays the running configuration information for configured interfaces. |
svi enable
To enable the creation of VLAN interfaces, use the svi enable command. To disable the VLAN interface feature, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
You must use the feature interface-vlan command before you can create VLAN interfaces.
Examples
This example shows how to enable the interface VLAN feature on the switch:
switch(config)#
Related Commands
|
|
|
|---|---|
switchport access vlan
To set the access VLAN when the interface is in access mode, use the switchport access vlan command. To reset the access-mode VLAN to the appropriate default VLAN for the switch, use the no form of this command.
switchport access vlan vlan-id
Syntax Description
VLAN to set when the interface is in access mode. The range is from 1 to 4094, except for the VLANs reserved for internal use. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
Use the no form of the switchport access vlan command to reset the access-mode VLAN to the appropriate default VLAN for the switch. This action may generate messages on the device to which the port is connected.
Examples
This example shows how to configure an Ethernet interface to join VLAN 2:
switch(config)# interface ethernet 1/7
switch(config-if)# switchport access vlan 2
switch(config-if)#
Related Commands
|
|
|
|---|---|
Displays the administrative and operational status of a port. |
switchport mode private-vlan host
To set the interface type to be a host port for a private VLAN, use the switchport mode private-vlan host command.
switchport mode private-vlan host
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
When you configure a port as a host private VLAN port and one of the following applies, the port becomes inactive:
- The port does not have a valid private VLAN association configured.
- The port is a Switched Port Analyzer (SPAN) destination.
- The private VLAN association is suspended.
If you delete a private VLAN port association, or if you configure a private port as a SPAN destination, the deleted private VLAN port association or the private port that is configured as a SPAN destination becomes inactive.
Note We recommend that you enable spanning tree BPDU Guard on all private VLAN host ports.
Examples
This example shows how to set a port to host mode for private VLANs:
switch(config-if)# switchport mode private-vlan host
Related Commands
|
|
|
|---|---|
Displays information on all interfaces configured as switch ports. |
|
switchport mode private-vlan promiscuous
To set the interface type to be a promiscuous port for a private VLAN, use the switchport mode private-vlan promiscuous command.
switchport mode private-vlan promiscuous
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
When you configure a port as a promiscuous private VLAN port and one of the following applies, the port becomes inactive:
- The port does not have a valid private VLAN mapping configured.
- The port is a Switched Port Analyzer (SPAN) destination.
If you delete a private VLAN port mapping or if you configure a private port as a SPAN destination, the deleted private VLAN port mapping or the private port that is configured as a SPAN destination becomes inactive.
See the private-vlan command for more information on promiscuous ports.
Examples
This example shows how to set a port to promiscuous mode for private VLANs:
switch(config-if)# switchport mode private-vlan promiscuous
switch(config-if)#
Related Commands
|
|
|
|---|---|
Displays information on all interfaces configured as switch ports. |
|
switchport monitor rate-limit
To configure a rate limit to monitor traffic on an interface, use the switchport monitor rate-limit command. To remove a rate limit, use the no form of this command.
switchport monitor rate-limit 1G
no switchport monitor rate-limit [ 1G ]
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Examples
This example shows how to limit the bandwidth on Ethernet interface 1/2 to 1 GB:
Related Commands
|
|
|
|---|---|
Displays information on all interfaces configured as switch ports. |
switchport private-vlan host-association
To define a private VLAN association for an isolated or community port, use the switchport private-vlan host-association command. To remove the private VLAN association from the port, use the no form of this command.
switchport private-vlan host-association { primary-vlan-id } { secondary-vlan-id }
no switchport private-vlan host-association
Syntax Description
Number of the primary VLAN of the private VLAN relationship. |
|
Number of the secondary VLAN of the private VLAN relationship. |
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
There is no run-time effect on the port unless it is in private VLAN-host mode. If the port is in private VLAN-host mode but neither of the VLANs exist, the command is allowed but the port is made inactive. The port also may be inactive when the association between the private VLANs is suspended.
The secondary VLAN may be an isolated or community VLAN.
See the private-vlan command for more information on primary VLANs, secondary VLANs, and isolated or community ports.
Note A private VLAN-isolated port on a Cisco Nexus 3000 Series switch running the current release of Cisco NX-OS does not support IEEE 802.1Q encapsulation and cannot be used as a trunk port.
Examples
This example shows how to configure a Layer 2 host private VLAN port with a primary VLAN (VLAN 18) and a secondary VLAN (VLAN 20):
switch(config-if)# switchport private-vlan host-association 18 20
switch(config-if)#
This example shows how to remove the private VLAN association from the port:
switch(config-if)# no switchport private-vlan host-association
Related Commands
|
|
|
|---|---|
switchport private-vlan mapping
To define the private VLAN association for a promiscuous port, use the switchport private-vlan mapping command. To clear all mapping from the primary VLAN, use the no form of this command.
switchport private-vlan mapping { primary-vlan-id } {[ add ] secondary-vlan-id | remove secondary-vlan-id }
no switchport private-vlan mapping
Syntax Description
Command Default
Command Modes
Command History
|
|
|
Usage Guidelines
There is no run-time effect on the port unless it is in private VLAN-promiscuous mode. If the port is in private VLAN-promiscuous mode but the primary VLAN does not exist, the command is allowed but the port is made inactive.
The secondary VLAN may be an isolated or community VLAN.
See the private-vlan command for more information on primary VLANs, secondary VLANs, and isolated or community ports.
Note A private VLAN-isolated port on a Cisco Nexus 3000 Series switch running the current release of Cisco NX-OS does not support IEEE 802.1Q encapsulation and cannot be used as a trunk port.
Examples
This example shows how to configure the associated primary VLAN 18 to secondary isolated VLAN 20 on a private VLAN promiscuous port:
switch(config-if)# switchport private-vlan mapping 18 20
This example shows how to add a VLAN to the association on the promiscuous port:
switch(config-if)# switchport private-vlan mapping 18 add 21
This example shows how to remove all private VLAN associations from the port:
switch(config-if)# no switchport private-vlan mapping
Related Commands
|
|
|
|---|---|
Displays information on all interfaces configured as switch ports. |
|
Displays the information about the private VLAN mapping for VLAN interfaces or switch virtual interfaces (SVIs). |
vlan
To add a VLAN or to enter the VLAN configuration mode, use the vlan command. To delete the VLAN and exit the VLAN configuration mode, use the no form of this command.
no vlan { vlan-id | vlan-range }
Syntax Description
Command Default
Command Modes
Global configuration mode
Switch profile configuration mode
Note You can also create and delete VLANs in the VLAN configuration mode using these same commands.
Command History
|
|
|
|---|---|
Usage Guidelines
When you enter the vlan vlan-id command, a new VLAN is created with all default parameters and causes the CLI to enter VLAN configuration mode. If the vlan-id argument that you entered matches an existing VLAN, nothing happens except that you enter VLAN configuration mode.
You can enter the vlan-range using a comma (,), a dash (-), and the number.
VLAN 1 parameters are factory configured and cannot be changed; you cannot create or delete this VLAN. Additionally, you cannot create or delete VLAN 4095 or any of the internally allocated VLANs.
When you delete a VLAN, all the access ports in that VLAN are shut down and no traffic flows. On trunk ports, the traffic continues to flow for the other VLANs allowed on that port, but the packets for the deleted VLAN are dropped. However, the system retains all the VLAN-to-port mapping for that VLAN, and when you reenable, or recreate, that specified VLAN, the switch automatically reinstates all the original ports to that VLAN.
In Cisco NX-OS 5.0(3)U1(1), you can configure VLANs on a device configured as a VLAN Trunking Protocol (VTP) server or transparent device. If the VTP device is configured as a client, you cannot add a VLAN or enter the VLAN configuration mode.
Examples
This example shows how to add a new VLAN and enter VLAN configuration mode:
switch(config)# vlan 2
switch(config-vlan)#
This example shows how to add a range of new VLANs and enter VLAN configuration mode:
switch(config)# vlan 2,5,10-12,20,25,4000
switch(config-vlan)#
This example shows how to add a new VLAN and enter VLAN configuration mode in a switch profile:
This example shows how to delete a VLAN:
switch(config)# no vlan 2
switch(config)#
Related Commands
|
|
|
|---|---|
Configures the Internet Group Management Protocol (IGMP) on a VLAN. |
|
vlan dot1Q tag native
To enable dot1q (IEEE 802.1Q) tagging for all native VLANs on all trunked ports on the switch, use the vlan dot1Q tag native command. To disable dot1q (IEEE 802.1Q) tagging for all native VLANs on all trunked ports on the switch, use the no form of this command.
Syntax Description
Command Default
Command Modes
Global configuration mode
Switch profile configuration mode
Command History
|
|
|
|---|---|
Usage Guidelines
Typically, you configure 802.1Q trunks with a native VLAN ID, which strips tagging from all packets on that VLAN.
To maintain the tagging on the native VLAN and drop untagged traffic, use the vlan dot1q tag native command. The switch will tag the traffic received on the native VLAN and admit only 802.1Q-tagged frames, dropping any untagged traffic, including untagged traffic in the native VLAN.
Control traffic continues to be accepted as untagged on the native VLAN on a trunked port, even when the vlan dot1q tag native command is enabled.
Note The vlan dot1q tag native command is enabled on global basis.
Examples
This example shows how to enable 802.1Q tagging on the switch:
This example shows how to disable 802.1Q tagging on the switch:
This example shows how to enable 802.1Q tagging in a switch profile:
Related Commands
|
|
|
|---|---|
vtp (interface)
To enable VLAN Trunking Protocol (VTP) on an interface, use the vtp command. To disable VTP on an interface, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before you use this command, you must enable VTP on the switch by using the feature vtp command.
VLAN Trunking Protocol (VTP) is a Cisco Proprietary Layer 2 messaging protocol used to distribute the VLAN configuration information across multiple devices within a VTP domain.
Examples
This example shows how to enable VTP on an interface:
Related Commands
|
|
|
|---|---|
Copies the running configuration to the startup configuration. |
|
Enables Simple Network Management Protocol (SNMP) notifications. |
vtp domain
To configure the name of the VLAN Trunking Protocol (VTP) administrative domain, use the vtp domain command. To remove the domain name, use the no form of this command.
Syntax Description
VTP domain name. The name can be a maximum of 32 ASCII characters. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before you use this command, you must enable VTP on the switch by using the feature vtp command.
VLAN Trunking Protocol (VTP) is a Cisco Proprietary Layer 2 messaging protocol used to distribute the VLAN configuration information across multiple devices within a VTP domain. Without VTP, you must configure VLANs in each device in the network. Using VTP, you configure VLANs on a VTP server and then distribute the configuration to other VTP devices in the VTP domain.
Examples
This example shows how to create a VTP domain named accounting:
Related Commands
|
|
|
|---|---|
vtp file
To store the VLAN Trunking Protocol (VTP) configuration information in a file, use the vtp file command. To stop storing the configuration in a file, use the no form of this command.
vtp file bootflash: server [ directory/ ] filename
Syntax Description
Note There can be no spaces in the bootflash://server/directory/filename string. Individual elements of this string are separated by colons (:) and slashes (/).
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before you use this command, you must enable VTP on the switch by using the feature vtp command.
The default configuration file is stored in the VTP database, vlan.dat, in NVRAM. VTP configuration information is also stored in the startup configuration file.
Note Do not delete the vlan.dat file.
When a switch in a VTP domain reloads, the switch updates the VTP domain and VLAN configuration information from the information contained in the VTP database file (vlan.dat) or the startup configuration file.
If both the VTP database and the startup configuration file show the VTP mode as transparent and the VTP domain names match, the VTP database is ignored. The VTP and VLAN configurations in the startup configuration file are used to restore the configuration in this VTP device.
If the VTP domain information in the startup configuration file does not match with that in the VTP database file, then the configuration in the VTP database file is used to restore the configuration in the transparent VTP device.
Examples
This example shows how to store the VTP configuration to a file named myvtp.txt in the local writable storage file system, bootflash:
Related Commands
|
|
|
|---|---|
vtp mode
To configure the VLAN Trunking Protocol (VTP) device mode, use the vtp mode command. To revert to the default server mode, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
VLAN Trunking Protocol (VTP) is a Cisco Proprietary Layer 2 messaging protocol used to distribute the VLAN configuration information across multiple devices within a VTP domain. Without VTP, you must configure VLANs in each device in the network. Using VTP, you configure VLANs on a VTP server and then distribute the configuration to other VTP devices in the VTP domain.
In VTP transparent mode, you can configure VLANs (add, delete, or modify) and private VLANs. VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. The VTP configuration revision number is always set to zero (0). Transparent switches do forward VTP advertisements that they receive out their trunk ports in VTP Version 2.
Examples
This example shows how to configure a VTP device in transparent mode and add VLANs 2, 3, and 4:
Related Commands
|
|
|
|---|---|
vtp password
To set the password for the VTP administrative domain, use the vtp password command. To remove the administrative password, use the no form of this command.
Syntax Description
VTP domain password. The password is in ASCII text and can be a maximum of 64 characters. |
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
If you configure a password for VTP, you must configure the password on all switches in the VTP domain. The password must be the same password on all those switches. The VTP password that you configure is translated by an algorithm into a 16-byte word (MD5 value) that is carried in all summary-advertisement VTP packets.
Examples
This example shows how to configure a password for the VTP administrative domain named accounting:
Related Commands
|
|
|
|---|---|
vtp version
To configure the administrative domain to a VLAN Trunking Protocol (VTP) version, use the vtp version command. To revert to the default version, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
|
|---|---|
Usage Guidelines
Before you use this command, you must enable VTP on the switch by using the feature vtp command.
If you enable VTP, you must configure either version 1 or version 2. If you are using VTP in a Token Ring environment, you must use version 2.
Examples
This example shows how to enable VTP version 2 for Token Ring VLANs:
Related Commands
|
|
|
|---|---|
Feedback