Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Cisco IE 2000 Switch Command Reference Cisco IOS Release 15.0(2)EA

Book Contents
Find Matches in This Book
Available Languages

Results

Updated:
February 11, 2018

Chapter: show access-lists through vtp primary

show access-lists

To display access control lists (ACLs) configured on the switch, use the show access-lists command in privileged EXEC mode.

show access-lists [name | number | hardware counters | ipc ]

 
Syntax Description

name

(Optional) Name of the ACL.

number

(Optional) ACL number. The range is 1 to 2699.

hardware counters

(Optional) Displays global hardware ACL statistics for switched and routed packets.

ipc

(Optional) Displays Interprocess Communication (IPC) protocol access-list configuration download information.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The switch supports only IP standard and extended access lists. The allowed numbers are only 1 to 199 and 1300 to 2699.

This command also displays the MAC ACLs that are configured.

Note Though visible in the command-line help strings, the rate-limit keywords are not supported.

Examples

This is an example of output from the show access-lists command:

Switch# show access-lists
Standard IP access list 1
10 permit 1.1.1.1
20 permit 2.2.2.2
30 permit any
40 permit 0.255.255.255, wildcard bits 12.0.0.0
Standard IP access list videowizard_1-1-1-1
10 permit 1.1.1.1
Standard IP access list videowizard_10-10-10-10
10 permit 10.10.10.10
Extended IP access list 121
10 permit ahp host 10.10.10.10 host 20.20.10.10 precedence routine
Extended IP access list CMP-NAT-ACL
Dynamic Cluster-HSRP deny ip any any
10 deny ip any host 19.19.11.11
20 deny ip any host 10.11.12.13
Dynamic Cluster-NAT permit ip any any
10 permit ip host 10.99.100.128 any
20 permit ip host 10.46.22.128 any
30 permit ip host 10.45.101.64 any
40 permit ip host 10.45.20.64 any
50 permit ip host 10.213.43.128 any
60 permit ip host 10.91.28.64 any
70 permit ip host 10.99.75.128 any
80 permit ip host 10.38.49.0 any
 

This is an example of output from the show access-lists hardware counters command:

Switch# show access-lists hardware counters
L2 ACL INPUT Statistics
Drop: All frame count: 855
Drop: All bytes count: 94143
Drop And Log: All frame count: 0
Drop And Log: All bytes count: 0
Bridge Only: All frame count: 0
Bridge Only: All bytes count: 0
Bridge Only And Log: All frame count: 0
Bridge Only And Log: All bytes count: 0
Forwarding To CPU: All frame count: 0
Forwarding To CPU: All bytes count: 0
Forwarded: All frame count: 2121
Forwarded: All bytes count: 180762
Forwarded And Log: All frame count: 0
Forwarded And Log: All bytes count: 0
 
L3 ACL INPUT Statistics
Drop: All frame count: 0
Drop: All bytes count: 0
Drop And Log: All frame count: 0
Drop And Log: All bytes count: 0
Bridge Only: All frame count: 0
Bridge Only: All bytes count: 0
Bridge Only And Log: All frame count: 0
Bridge Only And Log: All bytes count: 0
Forwarding To CPU: All frame count: 0
Forwarding To CPU: All bytes count: 0
Forwarded: All frame count: 13586
Forwarded: All bytes count: 1236182
Forwarded And Log: All frame count: 0
Forwarded And Log: All bytes count: 0
 
L2 ACL OUTPUT Statistics
Drop: All frame count: 0
Drop: All bytes count: 0
Drop And Log: All frame count: 0
Drop And Log: All bytes count: 0
Bridge Only: All frame count: 0
Bridge Only: All bytes count: 0
Bridge Only And Log: All frame count: 0
Bridge Only And Log: All bytes count: 0
Forwarding To CPU: All frame count: 0
Forwarding To CPU: All bytes count: 0
Forwarded: All frame count: 232983
Forwarded: All bytes count: 16825661
Forwarded And Log: All frame count: 0
Forwarded And Log: All bytes count: 0
 
L3 ACL OUTPUT Statistics
Drop: All frame count: 0
Drop: All bytes count: 0
Drop And Log: All frame count: 0
Drop And Log: All bytes count: 0
Bridge Only: All frame count: 0
Bridge Only: All bytes count: 0
Bridge Only And Log: All frame count: 0
Bridge Only And Log: All bytes count: 0
Forwarding To CPU: All frame count: 0
Forwarding To CPU: All bytes count: 0
Forwarded: All frame count: 514434
Forwarded: All bytes count: 39048748
Forwarded And Log: All frame count: 0
Forwarded And Log: All bytes count: 0

 
Related Commands

Command
Description

access-list

Configures a standard or extended numbered access list on the switch. For syntax information, see the Cisco IOS Software Command Reference, Release 15.0.

ip access list

Configures a named IP access list on the switch. For syntax information, see the Cisco IOS Software Command Reference, Release 15.0.

mac access-list extended

Configures a named or numbered MAC access list on the switch.

show alarm description port

To display the alarm numbers with the text description, use the show alarm description port command in EXEC mode.

show alarm description port

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This example shows output from the show alarm description port command. It shows the alarm IDs and their respective alarm descriptions.

Switch> show alarm description port
1 Link Fault
2 Port Not Forwarding
3 Port Not Operating
4 FCS Error Rate exceeds threshold

 
Related Commands

Command
Description

alarm profile (global configuration)

Creates an alarm profile containing one or more alarm IDs and alarm options.

show alarm profile

Displays all alarm profiles or a specified alarm profile and lists the interfaces to which each profile is attached.

show alarm profile

To display all alarm profiles configured in the system or the specified profile and the interfaces to which each profile is attached, use the show alarm profile command in EXEC mode.

show alarm profile [ name ]

 
Syntax Description

name

(Optional) Displays only the profile with the specified name.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

If you do not enter a profile name, the display includes the profile information for all existing alarm profiles. This command does not display the default configuration settings.

The defaultPort profile is applied by default to all interfaces. This profile enables only the Port Not Operating (3) alarm. You can use the alarm profile defaultPort global configuration command and modify this profile to enable other alarms.

Examples

These are examples of output from the show alarm profile command.

This output displays all ports that are attached to the configured profiles:

Switch> show alarm profile GigE-UplinkPorts
Interface Gi1/2
Alarms 1,2,3,4
Syslog 1,2,3,4
Notifies 1,2,3,4
Relay-major 4
Relay-minor 1,2
 

This output displays all the configured profiles:

Switch> show alarm profile
Alarm Profile my_gig_port:
Interface Gi1/2
Alarms 1,2,3,4
Syslog 1,2,3,4
Notifies 1,2,3,4
Relay-major 4
Relay-minor 1,2
Alarm Profile my_fast_port:
Interface Fa1/1
Alarms 1,2,3,4
Syslog 1,2,3,4
Notifies 1,2,3,4
Relay-major 4
Relay-minor 1,2

 
Related Commands

Command
Description

alarm profile (global configuration)

Creates an alarm profile containing one or more alarm IDs and alarm options.

alarm profile (interface configuration)

Attaches an alarm profile to an interface.

show alarm settings

To display all environmental alarm settings on the switch, use the show alarm settings command in EXEC mode.

show alarm settings

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This example shows output from the show alarm settings command. It shows all the switch alarm settings that are on the switch:

Switch> show alarm settings
Alarm relay mode: Positive
 
Power Supply
Alarm Enabled
Relay MAJ
Notifies Enabled
Syslog Enabled
Temperature-Primary
Alarm Enabled
Thresholds MAX: 95C MIN: -20C
Relay MAJ
Notifies Enabled
Syslog Enabled
Temperature-Secondary
Alarm Disabled
Threshold
Relay
Notifies Disabled
Syslog Disabled
 

 
Related Commands

Command
Description

alarm facility power-supply

Sets power supply alarm options.

alarm facility temperature

Sets temperature alarm options.

power-supply dual

Sets dual powersupply mode.

show archive status

To display the status of a new image being downloaded to a switch with the HTTP or the TFTP protocol, use the show archive status command in Privileged EXEC mode.

show archive status

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

If you use the archive download-sw privileged EXEC command to download an image to a TFTP server, the output of the archive download-sw command shows the status of the download.

If you do not have a TFTP server, you can use Network Assistant or the embedded Device Manager to download the image by using HTTP. The show archive status command shows the progress of the download.

Examples

These are examples of output from the show archive status command:

Switch# show archive status
IDLE: No upgrade in progress
 
Switch# show archive status
LOADING: Upgrade in progress
 
Switch# show archive status
EXTRACT: Extracting the image
 
Switch# show archive status
VERIFY: Verifying software
 
Switch# show archive status
RELOAD: Upgrade completed. Reload pending

 
Related Commands

Command
Description

archive download-sw

Downloads a new image from a TFTP server to the switch.

show arp access-list

To display detailed information about Address Resolution Protocol (ARP) access control lists, use the show arp access-list command in EXEC mode.

show arp access-list [ acl-name ]

 
Syntax Description

acl-name

(Optional) Name of the ACL.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show arp access-list command:

Switch> show arp access-list
ARP access list rose
permit ip 10.101.1.1 0.0.0.255 mac any
permit ip 20.3.1.0 0.0.0.255 mac any

 
Related Commands

Command
Description

arp access-list

Defines an ARP ACL.

deny (ARP access-list configuration)

Denies an ARP packet based on matches against the Dynamic Host Configuration Protocol (DHCP) bindings.

ip arp inspection filter vlan

Permits ARP requests and responses from a host configured with a static IP address.

permit (ARP access-list configuration)

Permits an ARP packet based on matches against the DHCP bindings.

show authentication

To display information about authentication manager events on the switch, use the show authentication command EXEC mode.

show authentication { interface interface-id | registrations | sessions [ session-id session-id ] [ handle handle ] [ interface interface-id ] [ mac mac ] [ method method ] | statistics [ summary ]}

 
Syntax Description

interface interface-id

Displays all of the authentication manager details for the specified interface.

registrations

Displays authentication manager registrations

sessions

Displays details of the current authentication manager sessions (for example, client devices). If you do not enter any optional specifiers, all current active sessions are displayed. You can enter the specifiers singly or in combination to display a specific session (or group of sessions).

session-id session-id

(Optional) Specifies an authentication manager session.

handle handle

(Optional) Specifies a range from 1 to 4294967295.

mac mac

(Optional) Displays authentication manager information for a specified MAC address.

method method

(Optional) Displays all clients authorized by a specified authentication method (dot1x, mab, or webauth)

statistics

Displays authentication statistics in detail.

summary

(Optional) Displays authentication statistics summary.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Table 0-1 describes the significant fields shown in the output of the show authentication command.

Note The possible values for the status of sessions are shown in the table. For a session in terminal state, Authz Success or Authz Failed is displayed along with No methods if no method has provided a result.

 

Table 0-1 show authentication Command Output

Field
Description

Idle

The session has been initialized and no methods have run yet.

Running

A method is running for this session.

No methods

No method has provided a result for this session.

Authc Success

A method has resulted in authentication success for this session.

Authc Failed

A method has resulted in authentication fail for this session.

Authz Success

All features have been successfully applied for this session.

Authz Failed

A feature has failed to be applied for this session.

Table 0-2 lists the possible values for the state of methods. For a session in a terminal state, Authc Success, Authc Failed, or Failed over are displayed. Failed over means that an authentication method ran and then failed over to the next method, which did not provide a result. Not run appears for sessions that synchronized on standby.

 

Table 0-2 State Method Values
Method State
State Level
Description

Not run

Terminal

The method has not run for this session.

Running

Intermediate

The method is running for this session.

Failed over

Terminal

The method has failed and the next method is expected to provide a result.

Authc Success

Terminal

The method has provided a successful authentication result for the session.

Authc Failed

Terminal

The method has provided a failed authentication result for the session.

Examples

This example shows output of the show authentication registrations command:

Switch# show authentication registrations
Auth Methods registered with the Auth Manager:
Handle Priority Name
3 0 dot1x
2 1 mab
1 2 webauth
 

This example shows output of the show authentication interface interface-id command:

Switch# show authentication interface gigabitethernet1/2
Client list:
MAC Address Domain Status Handle Interface
000e.84af.59bd DATA Authz Success 0xE0000000 GigabitEthernet1//2
Available methods list:
Handle Priority Name
3 0 dot1x
Runnable methods list:
Handle Priority Name
3 0 dot1x
 

This example shows output of the show authentication sessions command:

Switch# show authentication sessions
Interface MAC Address Method Domain Status Session ID
Gi3/45 (unknown) N/A DATA Authz Failed 0908140400000007003651EC
Gi3/46 (unknown) N/A DATA Authz Success 09081404000000080057C274
 

This example shows output of the show authentication sessions command for a specified interface:

Switch# show authentication sessions int gigabitethernet 1/4
Interface: GigabitEthernet0/46 GigabitEthernet1/4
MAC Address: Unknown
IP Address: Unknown
Status: Authz Success
Domain: DATA
Oper host mode: multi-host
Oper control dir: both
Authorized By: Guest Vlan
Vlan Policy: 4094
Session timeout: N/A
Idle timeout: N/A
Common Session ID: 09081404000000080057C274
Acct Session ID: 0x0000000A
Handle: 0xCC000008
Runnable methods list:
Method State
dot1x Failed over
 

This example shows output of the show authentication sessions command for a specified MAC address:

Switch# show authentication sessions mac 000e.84af.59bd
Interface: GigabitEthernet1/4
MAC Address: 000e.84af.59bd
Status: Authz Success
Domain: DATA
Oper host mode: single-host
Authorized By: Authentication Server
Vlan Policy: 10
Handle: 0xE0000000
Runnable methods list:
Method State
dot1x Authc Success
 

This example shows output of the show authentication session method command for a specified method:

Switch# show authentication sessions method mab
No Auth Manager contexts match supplied criteria
Switch# show authentication sessions method dot1x
MAC Address Domain Status Handle Interface
000e.84af.59bd DATA Authz Success 0xE0000000 GigabitEthernet1/23

 
Related Commands

Command
Description

authentication control-direction

Configures the port mode as unidirectional or bidirectional.

authentication event

Sets the action for specific authentication events.

authentication fallback

Configures a port to use web authentication as a fallback method for clients that do not support IEEE 802.1x authentication.

authentication host-mode

Sets the authorization manager mode on a port.

authentication open

Enables or disables open access on a port.

authentication order

Sets the order of authentication methods used on a port.

authentication periodic

Enables or disables reauthentication on a port.

authentication port-control

Enables manual control of the port authorization state.

authentication priority

Adds an authentication method to the port-priority list.

authentication timer

Configures the timeout and reauthentication parameters for an 802.1x-enabled port.

show auto qos

To display the quality of service (QoS) commands entered on the interfaces on which automatic QoS (auto-QoS) is enabled, use the show auto qos command in EXEC mode.

show auto qos [ interface [ interface-id ]]

Note This command is available only when the switch is running the LAN Base image.

 
Syntax Description

interface [ interface-id ]

(Optional) Displays auto-QoS information for the specified port or for all ports. Valid interfaces include physical ports.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The show auto qos command output shows only the auto-QoS command entered on each interface. The show auto qos interface interface-id command output shows the auto-QoS command entered on a specific interface.

Use the show running-config privileged EXEC command to display the auto-QoS configuration and the user modifications.

The show auto qos command output also shows the service policy information for the Cisco IP phone.

To display information about the QoS configuration that might be affected by auto-QoS, use one of these commands:

  • show mls qos
  • show mls qos maps cos-dscp
  • show mls qos interface [ interface-id ] [ buffers | queueing ]
  • show mls qos maps [ cos-dscp | cos-input-q | cos-output-q | dscp-cos | dscp-input-q | dscp-output-q ]
  • show mls qos input-queue
  • show running-config

Examples

This is an example of output from the show auto qos command after the auto qos voip cisco-phone and the auto qos voip cisco-softphone interface configuration commands are entered:

Switch> show auto qos
 
GigabitEthernet1/1
auto qos voip cisco-softphone
 
 
GigabitEthernet1/3
auto qos voip cisco-phone
 
 
GigabitEthernet1/2
auto qos voip cisco-phone
 

This is an example of output from the show auto qos interface interface-id command when the auto qos voip cisco-phone interface configuration command is entered:

 
Switch> show auto qos interface gigabitethernet 1/1
 
GigabitEthernet1/1
auto qos voip cisco-phone
 

This is an example of output from the show running-config privileged EXEC command when the auto qos voip cisco-phone and the auto qos voip cisco-softphone interface configuration commands are entered:

Switch# show running-config
Building configuration...
...
mls qos map policed-dscp 24 26 46 to 0
mls qos map cos-dscp 0 8 16 26 32 46 48 56
mls qos srr-queue input bandwidth 90 10
mls qos srr-queue input threshold 1 8 16
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 67 33
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0
mls qos srr-queue input cos-map queue 2 threshold 1 2
mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7
mls qos srr-queue input cos-map queue 2 threshold 3 3 5
mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 32
mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48
mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56
mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 100 100 100 100
mls qos queue-set output 1 threshold 2 75 75 75 250
mls qos queue-set output 1 threshold 3 75 150 100 300
mls qos queue-set output 1 threshold 4 50 100 75 400
mls qos queue-set output 2 threshold 1 100 100 100 100
mls qos queue-set output 2 threshold 2 35 35 35 35
mls qos queue-set output 2 threshold 3 55 82 100 182
mls qos queue-set output 2 threshold 4 90 250 100 400
mls qos queue-set output 1 buffers 15 20 20 45
mls qos queue-set output 2 buffers 24 20 26 30
mls qos
...
!
class-map match-all AutoQoS-VoIP-RTP-Trust
match ip dscp ef
class-map match-all AutoQoS-VoIP-Control-Trust
match ip dscp cs3 af31
!
policy-map AutoQoS-Police-SoftPhone
class AutoQoS-VoIP-RTP-Trust
set dscp ef
police 320000 8000 exceed-action policed-dscp-transmit
class AutoQoS-VoIP-Control-Trust
set dscp cs3
police 32000 8000 exceed-action policed-dscp-transmit
!
policy-map AutoQoS-Police-CiscoPhone
class AutoQoS-VoIP-RTP-Trust
set dscp ef
police 320000 8000 exceed-action policed-dscp-transmit
class AutoQoS-VoIP-Control-Trust
set dscp cs3
police 32000 8000 exceed-action policed-dscp-transmit
...
!
interface FastEthernet1/1
switchport mode access
switchport port-security maximum 1999
speed 100
duplex full
srr-queue bandwidth share 10 10 60 20
priority-queue out
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
!
 
interface GigabitEthernet1/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport mode access
speed 10
srr-queue bandwidth share 10 10 60 20
priority-queue out
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
!
 
interface GigabitEthernet1/2
srr-queue bandwidth share 10 10 60 20
priority-queue out
mls qos trust device cisco-phone
mls qos trust cos
mls qos trust device cisco-phone
service-policy input AutoQoS-Police-CiscoPhone
 
<output truncated>
 

This is an example of output from the show auto qos interface interface-id command when the auto qos voip cisco-phone interface configuration command is entered:

Switch> show auto qos interface FastEthernet1/2
 
FastEthernet1/2
auto qos voip cisco-softphone
 

This is an example of output from the show auto qos command when auto-QoS is disabled on the switch:

Switch> show auto qos
AutoQoS not enabled on any interface
 

This is an example of output from the show auto qos i nterface interface-id command when auto-QoS is disabled on an interface:

Switch> show auto qos interface gigabitethernet1/1
AutoQoS is disabled

 
Related Commands

Command
Description

auto qos voip

Automatically configures QoS for VoIP within a QoS domain.

debug auto qos

Enables debugging of the auto-QoS feature.

show boot

To display the settings of the boot environment variables, use the show boot command in Privileged EXEC mode.

show boot

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show boot command. Table 0-3 describes each field in the display.

Switch# show boot
BOOT path-list : flash:/ie2k-universalk9-mz.150-0.27.EY/ie2k-universalk9-mz
.150-0.27.EY.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : yes
Manual Boot : no
HELPER path-list :
Auto upgrade : yes
Auto upgrade path :
Boot optimization : enabled
NVRAM/Config file
buffer size: 65536
Timeout for Config
Download: 0 seconds
Config Download
via DHCP: disabled (next boot: disabled)
Switch#

 

Table 0-3 show boot Field Descriptions

Field
Description

BOOT path-list

Displays a semicolon separated list of executable files to try to load and execute when automatically booting up.

If the BOOT environment variable is not set, the system attempts to load and execute the first executable image it can find by using a recursive, depth-first search through the flash file system. In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory.

If the BOOT variable is set but the specified images cannot be loaded, the system attempts to boot up with the first bootable file that it can find in the flash file system.

Config file

Displays the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration.

Private Config file

Displays the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration.

Enable Break

Displays whether a break during booting up is enabled or disabled. If it is set to yes, on, or 1, you can interrupt the automatic bootup process by pressing the Break key on the console after the flash file system is initialized.

Manual Boot

Displays whether the switch automatically or manually boots up. If it is set to no or 0, the bootloader attempts to automatically boot up the system. If it is set to anything else, you must manually boot up the switch from the bootloader mode.

Helper path-list

Displays a semicolon separated list of loadable files to dynamically load during the bootloader initialization. Helper files extend or patch the functionality of the bootloader.

Auto upgrade

Displays whether the switch is set to automatically copy its software version to an incompatible switch.

Boot optimization

Displays whether the switch is set to optimize the switch bootup time after a system crash.

NVRAM/Config file buffer size

Displays the buffer size that Cisco IOS uses to hold a copy of the configuration file in memory. The configuration file cannot be larger than the buffer size allocation.

 
Related Commands

Command
Description

boot config-file

Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration.

boot enable-break

Enables interrupting the automatic boot process.

boot manual

Enables manually booting up the switch during the next bootup cycle.

boot private-config-file

Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the private configuration.

boot system

Specifies the Cisco IOS image to load during the next bootup cycle.

show boot buffersize

To display the buffer size for file system-simulated NVRAM, use the show boot buffersize command in Privileged EXEC mode.

show boot buffersize

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This example shows how to display the file system-simulated NVRAM boot buffer size.

Switch(config)# show boot buffersize
15000
Switch(config)#

 
Related Commands

Command
Description

boot buffersize

Sets file system-simulated NVRAM buffer size.

show cable-diagnostics tdr

To display the Time Domain Reflector (TDR) results, use the show cable-diagnostics tdr command in Privileged EXEC mode.

show cable-diagnostics tdr interface interface-id

 
Syntax Description

interface interface-id

The interface on which TDR was run.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

For more information about TDR, see the software configuration guide for this release.

Examples

This is an example of output from the show cable-diagnostics tdr interface interface-id command:

Switch# show cable-diagnostics tdr interface gigabitethernet1/2
TDR test last run on: March 01 20:15:40
Interface Speed Local pair Pair length Remote pair Pair status
--------- ----- ---------- ------------------ ----------- --------------------
Gi1/2 auto Pair A 0 +/- 2 meters N/A Open
Pair B 0 +/- 2 meters N/A Open
Pair C 0 +/- 2 meters N/A Open
Pair D 0 +/- 2 meters N/A Open
 

This is an example of output from the show cable-diagnostics tdr interface interface-id command:

Switch# show cable-diagnostics tdr interface fa0/1
 
TDR test last run on: March 01 01:05:40
 
Interface Speed Local pair Pair length Remote pair Pair status
--------- ----- ---------- ------------------ ----------- --------------------
Fa0/1 100M Pair A N/A Pair A Normal
Pair B N/A Pair A Normal
Pair C N/A Pair A N/A
Pair D N/A Pair A N/A
 
 

Table 0-4 lists the descriptions of the fields in the show cable-diagnostics tdr command output.

 

Table 0-4 Fields Descriptions for the show cable-diagnostics tdr Command Output

Field
Description

Interface

Interface on which TDR was run.

Speed

Speed of connection.

Local pair

Name of the pair of wires that TDR is testing on the local interface.

Pair length

Location on the cable where the problem is, with respect to your switch. TDR can only find the location in one of these cases:

  • The cable is properly connected, the link is up, and the interface speed is 1000 Mb/s.
  • The cable is open.
  • The cable has a short.

Remote pair

Name of the pair of wires to which the local pair is connected. TDR can learn about the remote pair only when the cable is properly connected and the link is up.

Pair status

The status of the pair of wires on which TDR is running:

  • Normal—The pair of wires is properly connected.
  • Not completed—The test is running and is not completed.
  • Not supported—The interface does not support TDR.
  • Open—The pair of wires is open.
  • Shorted—The pair of wires is shorted.
  • ImpedanceMis—The impedance is mismatched.
  • Short/Impedance Mismatched—The impedance mismatched or the cable is short.
  • InProgress—The diagnostic test is in progress

This is an example of output from the show interfaces interface-id command when TDR is running:

Switch# show interfaces gigabitethernet1/2
gigabitethernet1/2 is up, line protocol is up (connected: TDR in Progress)
 

This is an example of output from the show cable-diagnostics tdr interface interface-id command when TDR is not running:

Switch# show cable-diagnostics tdr interface gigabitethernet1/2
% TDR test was never issued on Gi1/2
 

If an interface does not support TDR, this message appears:

% TDR test is not supported on switch 1

 
Related Commands

Command
Description

test cable-diagnostics tdr

Enables and runs TDR on an interface.

show cip

To display information about the Common Industrial Protocol (CIP) subsystem, use the show cip command in Privileged EXEC mode.

show cip { connection { count | explicit | implicit } | faults | file { config | eds | vlan }| miscellaneous | object { assembly | dhcp instance instance | ethernet link | identity | switch { paramenter }| sync | tcp/ip { interface }}| security | session | status }

 
Syntax Description

connection

Displays the CIP connection information.

count

Displays the CIP connection count.

explicit

Displays the CIP connection explicit.

implicit

Displays the CIP connection implicit.

faults

Displays information about CIP faults.

file

Displays the information about the CIP file instances.

config

Displays the configuration file instance.

eds

Displays the EDS file instance.

vlan

Displays the VLAN file instance.

miscellaneous

Displays miscellaneous CIP system information.

object

Displays information about specific CIP objects. These objects include assembly, Ethernet link, identity, switch parameter, time sync, and TCP/IP objects.

assembly

Displays the CIP assembly link object.

dhcp instance instance

Displays the DHCP object for a specific instance; valid instances are 1 through 15.

ethernet link

Displays the CIP Ethernet object.

identity

Displays the CIP identity object.

switch parameter

Displays the switch parameters.

sync

Displays the CIP time sync object.

tcp/ip interface

Displays the TCP/IP object.

security

Displays the CIP security window status and settings.

session

Displays the active and inactive CIP sessions.

status

Displays the CIP status (enabled or disabled).

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show cip fault command:

Switch# show cip faults
Major/Minor Recoverable Faults
----------------------------------------------------
MAC address flap : Normal
CDP native vlan mismatch : Normal
Storm control event : Normal
Port security violation : Normal
Port in error-disable state: Normal
Major Unrecoverable Faults
----------------------------------------------------
POST detected HW failure : Normal
SFP in error-disable state : Normal
 

This is an example of output from the show cip security command:

Switch# show cip security
State : Enabled
Password: abc123
Window: Open
Owner IP: 172.20.140.147
Window timeout: 600 seconds
Window open tick: 17

 
Related Commands

Command
Description

cip enable

Enables CIP on a VLAN.

cip security

Sets CIP security options on the switch.

show cisp

To display CISP information for a specified interface, use the show cisp command in Privileged EXEC mode.

show cisp {[ interface interface-id ] | clients | summary }

 
Syntax Description

interface interface-id

(Optional) Displays CISP information about the specified interface. Valid interfaces include physical ports and port channels.

clients

Displays CISP client details.

summary

Displays all CISO information.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This example shows output from the show cisp interface command:

Switch# show cisp interface fast 0
CISP not enabled on specified interface
 

This example shows output from the show cisp summary command:

Switch# show cisp summary
CISP is not running on any interface

 
Related Commands

Command
Description

cisp enable

Enables Client Information Signalling Protocol (CISP)

dot1x credentials (global configuration) profile

Configures a profile on a supplicant switch

show class-map

To display quality of service (QoS) class maps, which define the match criteria to classify traffic, use the show class-map command in EXEC mode.

show class-map [ class-map-name ]

 
Syntax Description

class-map-name

(Optional) The contents of the specified class map.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show class-map command:

Switch> show class-map
Class Map match-all videowizard_10-10-10-10 (id 2)
Match access-group name videowizard_10-10-10-10
 
Class Map match-any class-default (id 0)
Match any
Class Map match-all dscp5 (id 3)
Match ip dscp 5

 
Related Commands

Command
Description

class-map

Creates a class map to be used for matching packets to the class whose name you specify.

match (class-map configuration)

Defines the match criteria to classify traffic.

show cluster

To display the cluster status and a summary of the cluster to which the switch belongs, use the show cluster command in EXEC mode. This command can be entered on the cluster command switch and cluster member switches.

show cluster

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

If you enter this command on a switch that is not a cluster member, the error message Not a management cluster member appears.

On a cluster member switch, this command displays the identity of the cluster command switch, the switch member number, and the state of its connectivity with the cluster command switch.

On a cluster command switch, this command displays the cluster name and the total number of members. It also shows the cluster status and time since the status changed. If redundancy is enabled, it displays the primary and secondary command-switch information.

Examples

This is an example of output when the show cluster command is entered on the active cluster command switch:

Switch> show cluster
Command switch for cluster “cluster1
Total number of members: 7
Status: 1 members are unreachable
Time since last status change: 0 days, 0 hours, 2 minutes
Redundancy: Enabled
Standby command switch: Member 1
Standby Group: cluster1_standby
Standby Group Number: 110
Heartbeat interval: 8
Heartbeat hold-time: 80
Extended discovery hop count: 3
 

This is an example of output when the show cluster command is entered on a cluster member switch:

Switch1> show cluster
Member switch for cluster “cluster2”
Member number: 3
Management IP address: 192.192.192.192
Command switch mac address: 0000.0c07.ac14
Heartbeat interval: 8
Heartbeat hold-time: 80
 

This is an example of output when the show cluster command is entered on a cluster member switch that is configured as the standby cluster command switch:

Switch> show cluster
Member switch for cluster “hapuna”
Member number: 3 (Standby command switch)
Management IP address: 192.192.192.192
Command switch mac address: 0000.0c07.ac14
Heartbeat interval: 8
Heartbeat hold-time: 80
 

This is an example of output when the show cluster command is entered on the cluster command switch that has lost connectivity with member 1:

Switch> show cluster
Command switch for cluster “Ajang”
Total number of members: 7
Status: 1 members are unreachable
Time since last status change: 0 days, 0 hours, 5 minutes
Redundancy: Disabled
Heartbeat interval: 8
Heartbeat hold-time: 80
Extended discovery hop count: 3
 

This is an example of output when the show cluster command is entered on a cluster member switch that has lost connectivity with the cluster command switch:

Switch> show cluster
Member switch for cluster “hapuna”
Member number: <UNKNOWN>
Management IP address: 192.192.192.192
Command switch mac address: 0000.0c07.ac14
Heartbeat interval: 8
Heartbeat hold-time: 80

 
Related Commands

Command
Description

cluster enable

Enables a command-capable switch as the cluster command switch, assigns a cluster name, and optionally assigns a member number to it.

show cluster candidates

Displays a list of candidate switches.

show cluster members

Displays information about the cluster members.

show cluster candidates

To display a list of candidate switches, use the show cluster candidates command in Privileged EXEC mode.

show cluster candidates [ detail | mac-address H.H.H. ]

 
Syntax Description

detail

(Optional) Displays detailed information for all candidates.

mac-address H.H.H.

(Optional) Specifies the MAC address of the cluster candidate.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

This command is available only on the cluster command switch.

If the switch is not a cluster command switch, the command displays an empty line at the prompt.

The SN in the display means switch member number. If E appears in the SN column, it means that the switch is discovered through extended discovery. If E does not appear in the SN column, it means that the switch member number is the upstream neighbor of the candidate switch. The hop count is the number of devices the candidate is from the cluster command switch.

Examples

This is an example of output from the show cluster candidates command:

Switch> show cluster candidates
00d0.7961.c4c0 StLouis-2 WS-IE2000-4TC Gi1/1 2 1 Fa1/1
00d0.bbf5.e900 ldf-dist-128 WS-C3524-XL Fa1/7 1 0 Fa0/24
00e0.1e7e.be80 1900_Switch 1900 3 0 1 0 Fa0/11
00e0.1e9f.7a00 Surfers-24 WS-C2924-XL Fa1/5 1 0 Fa0/3
00e0.1e9f.8c00 Surfers-12-2 WS-C2912-XL Fa1/4 1 0 Fa0/7
00e0.1e9f.8c40 Surfers-12-1 WS-C2912-XL Fa1/1 1 0 Fa0/9
 
 

This is an example of output from the show cluster candidates command that uses the MAC address of a cluster member switch directly connected to the cluster command switch:

Switch> show cluster candidates mac-address 00d0.7961.c4c0
 
Device 'Tahiti-12' with mac address number 00d0.7961.c4c0
Device type: cisco WS-IE2000-4TC
Upstream MAC address: 00d0.796d.2f00 (Cluster Member 0)
Local port: Gi1/1 FEC number:
Upstream port: Gi2/2 FEC Number:
Hops from cluster edge: 1
Hops from command device: 1
 

This is an example of output from the show cluster candidates command that uses the MAC address of a cluster member switch three hops from the cluster edge:

Switch> show cluster candidates mac-address 0010.7bb6.1cc0
Device 'Ventura' with mac address number 0010.7bb6.1cc0
Device type: cisco WS-C2912MF-XL
Upstream MAC address: 0010.7bb6.1cd4
Local port: Fa2/1 FEC number:
Upstream port: Fa0/24 FEC Number:
Hops from cluster edge: 3
Hops from command device: -
 

This is an example of output from the show cluster candidates detail command:

Switch> show cluster candidates detail
Device 'Tahiti-12' with mac address number 00d0.7961.c4c0
Device type: cisco WS-C3512-XL
Upstream MAC address: 00d0.796d.2f00 (Cluster Member 1)
Local port: Fa0/3 FEC number:
Upstream port: Fa0/13 FEC Number:
Hops from cluster edge: 1
Hops from command device: 2
Device '1900_Switch' with mac address number 00e0.1e7e.be80
Device type: cisco 1900
Upstream MAC address: 00d0.796d.2f00 (Cluster Member 2)
Local port: 3 FEC number: 0
Upstream port: Fa0/11 FEC Number:
Hops from cluster edge: 1
Hops from command device: 2
Device 'Surfers-24' with mac address number 00e0.1e9f.7a00
Device type: cisco WS-C2924-XL
Upstream MAC address: 00d0.796d.2f00 (Cluster Member 3)
Local port: Fa0/5 FEC number:
Upstream port: Fa0/3 FEC Number:
Hops from cluster edge: 1
Hops from command device: 2

 
Related Commands

Command
Description

show cluster

Displays the cluster status and a summary of the cluster to which the switch belongs.

show cluster members

Displays information about the cluster members.

show cluster members

To display information about the cluster members, use the show cluster members command in Privileged EXEC mode.

show cluster members [ n | detail ]

 
Syntax Description

n

(Optional) Number that identifies a cluster member. The range is 0 to 15.

detail

(Optional) Displays detailed information for all cluster members.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

This command is available only on the cluster command switch.

If the cluster has no members, this command displays an empty line at the prompt.

Examples

This is an example of output from the show cluster members command. The SN in the display means switch number.

Switch# show cluster members
|---Upstream---|
SN MAC Address Name PortIf FEC Hops SN PortIf FEC State
0 0002.4b29.2e00 StLouis1 0 Up (Cmdr)
1 0030.946c.d740 tal-switch-1 Fa0/13 1 0 Gi0/1 Up
2 0002.b922.7180 nms-2820 10 0 2 1 Fa0/18 Up
3 0002.4b29.4400 SanJuan2 Gi0/1 2 1 Fa0/11 Up
4 0002.4b28.c480 GenieTest Gi0/2 2 1 Fa0/9 Up
 

This is an example of output from the show cluster members for cluster member 3:

Switch# show cluster members 3
Device 'SanJuan2' with member number 3
Device type: cisco WS-IE2000
MAC address: 0002.4b29.4400
Upstream MAC address: 0030.946c.d740 (Cluster member 1)
Local port: Gi1/1 FEC number:
Upstream port: Gi2/3 FEC Number:
Hops from command device: 2
 

This is an example of output from the show cluster members detail command:

Switch# show cluster members detail
Device 'StLouis1' with member number 0 (Command Switch)
Device type: cisco WS-ies
MAC address: 0002.4b29.2e00
Upstream MAC address:
Local port: FEC number:
Upstream port: FEC Number:
Hops from command device: 0
Device 'tal-switch-14' with member number 1
Device type: cisco WS-C3548-XL
MAC address: 0030.946c.d740
Upstream MAC address: 0002.4b29.2e00 (Cluster member 0)
Local port: Fa0/13 FEC number:
Upstream port: Gi0/1 FEC Number:
Hops from command device: 1
Device 'nms-2820' with member number 2
Device type: cisco 2820
MAC address: 0002.b922.7180
Upstream MAC address: 0030.946c.d740 (Cluster member 1)
Local port: 10 FEC number: 0
Upstream port: Fa0/18 FEC Number:
Hops from command device: 2
Device 'SanJuan2' with member number 3
Device type: cisco WS-ies
MAC address: 0002.4b29.4400
Upstream MAC address: 0030.946c.d740 (Cluster member 1)
Local port: Gi0/1 FEC number:
Upstream port: Fa0/11 FEC Number:
Hops from command device: 2
Device 'GenieTest' with member number 4
Device type: cisco SeaHorse
MAC address: 0002.4b28.c480
Upstream MAC address: 0030.946c.d740 (Cluster member 1)
Local port: Gi0/2 FEC number:
Upstream port: Fa0/9 FEC Number:
Hops from command device: 2
Device 'Palpatine' with member number 5
Device type: cisco WS-C2924M-XL
MAC address: 00b0.6404.f8c0
Upstream MAC address: 0002.4b29.2e00 (Cluster member 0)
Local port: Gi2/1 FEC number:
Upstream port: Gi0/7 FEC Number:
Hops from command device: 1

 
Related Commands

Command
Description

show cluster

Displays the cluster status and a summary of the cluster to which the switch belongs.

show cluster candidates

Displays a list of candidate switches.

show controllers cpu-interface

To display the state of the CPU network interface ASIC and the send and receive statistics for packets reaching the CPU, use the show controllers cpu-interface command in Privileged EXEC mode.

show controllers cpu-interface

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch.

Examples

This is a partial output example from the show controllers cpu-interface command:

Switch# show controllers cpu-interface
cpu-queue-frames retrieved dropped invalid hol-block
----------------- ---------- ---------- ---------- ----------
rpc 4523063 0 0 0
stp 1545035 0 0 0
ipc 1903047 0 0 0
routing protocol 96145 0 0 0
L2 protocol 79596 0 0 0
remote console 0 0 0 0
sw forwarding 5756 0 0 0
host 225646 0 0 0
broadcast 46472 0 0 0
cbt-to-spt 0 0 0 0
igmp snooping 68411 0 0 0
icmp 0 0 0 0
logging 0 0 0 0
rpf-fail 0 0 0 0
queue14 0 0 0 0
cpu heartbeat 1710501 0 0 0
 
Supervisor ASIC receive-queue parameters
----------------------------------------
queue 0 maxrecevsize 5EE pakhead 1419A20 paktail 13EAED4
queue 1 maxrecevsize 5EE pakhead 15828E0 paktail 157FBFC
queue 2 maxrecevsize 5EE pakhead 1470D40 paktail 1470FE4
queue 3 maxrecevsize 5EE pakhead 19CDDD0 paktail 19D02C8
 
<output truncated>
 
Supervisor ASIC Mic Registers
------------------------------
MicDirectPollInfo 80000800
MicIndicationsReceived 00000000
MicInterruptsReceived 00000000
MicPcsInfo 0001001F
MicPlbMasterConfiguration 00000000
MicRxFifosAvailable 00000000
MicRxFifosReady 0000BFFF
MicTimeOutPeriod: FrameTOPeriod: 00000EA6 DirectTOPeriod: 00004000
 
<output truncated>
 
MicTransmitFifoInfo:
Fifo0: StartPtrs: 038C2800 ReadPtr: 038C2C38
WritePtrs: 038C2C38 Fifo_Flag: 8A800800
Weights: 001E001E
Fifo1: StartPtr: 03A9BC00 ReadPtr: 03A9BC60
WritePtrs: 03A9BC60 Fifo_Flag: 89800400
writeHeaderPtr: 03A9BC60
Fifo2: StartPtr: 038C8800 ReadPtr: 038C88E0
WritePtrs: 038C88E0 Fifo_Flag: 88800200
writeHeaderPtr: 038C88E0
Fifo3: StartPtr: 03C30400 ReadPtr: 03C30638
WritePtrs: 03C30638 Fifo_Flag: 89800400
writeHeaderPtr: 03C30638
Fifo4: StartPtr: 03AD5000 ReadPtr: 03AD50A0
WritePtrs: 03AD50A0 Fifo_Flag: 89800400
writeHeaderPtr: 03AD50A0
Fifo5: StartPtr: 03A7A600 ReadPtr: 03A7A600
WritePtrs: 03A7A600 Fifo_Flag: 88800200
writeHeaderPtr: 03A7A600
Fifo6: StartPtr: 03BF8400 ReadPtr: 03BF87F0
WritePtrs: 03BF87F0 Fifo_Flag: 89800400
 
<output truncated>

 
Related Commands

Command
Description

show controllers ethernet-controller

Displays per-interface send and receive statistics read from the hardware or the interface internal registers.

show interfaces

Displays the administrative and operational status of all interfaces or a specified interface.

show controllers ethernet-controller

To display per-interface send and receive statistics read from the hardware, use the show controllers ethernet-controller command in Privileged EXEC mode without keywords.

show controllers ethernet-controller [ interface-id ] [ phy [ detail ]] [ port-asic { configuration | statistics }] [ fastethernet 0 ]

 
Syntax Description

interface-id

(Optional) The physical interface (including type, module, and port number).

phy

(Optional) Displays the status of the internal registers on the switch physical layer device (PHY) for the device or the interface. This display includes the operational state of the automatic medium-dependent interface crossover (auto-MDIX) feature on an interface.

detail

(Optional) Displays details about the PHY internal registers.

port-asic

(Optional) Displays information about the port ASIC internal registers.

configuration

Displays port ASIC internal register configuration.

statistics

Displays port ASIC statistics, including the Rx/Sup Queue and miscellaneous statistics.

fastethernet 0

(Optional) Displays the Fast Ethernet statistics.

 
Defaults

None

 
Command Modes

Privileged EXEC (only supported with the interface-id variable in EXEC mode)

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

This command without keywords provides traffic statistics, basically the RMON statistics for all interfaces or for the specified interface.

When you enter the phy or port-asic keywords, the displayed information is useful primarily for Cisco technical support representatives troubleshooting the switch.

Examples

This is an example of output from the show controllers ethernet-controller command for an interface. Table 0-5 describes the Transmit fields, and Table 0-6 describes the Receive fields.

Switch# show controllers ethernet-controller gigabitethernet1/1
Transmit GigabitEthernet1/1 Receive
0 Bytes 0 Bytes
0 Unicast frames 0 Unicast frames
0 Multicast frames 0 Multicast frames
0 Broadcast frames 0 Broadcast frames
0 Too old frames 0 Unicast bytes
0 Deferred frames 0 Multicast bytes
0 MTU exceeded frames 0 Broadcast bytes
0 1 collision frames 0 Alignment errors
0 2 collision frames 0 FCS errors
0 3 collision frames 0 Oversize frames
0 4 collision frames 0 Undersize frames
0 5 collision frames 0 Collision fragments
0 6 collision frames
0 7 collision frames 0 Minimum size frames
0 8 collision frames 0 65 to 127 byte frames
0 9 collision frames 0 128 to 255 byte frames
0 10 collision frames 0 256 to 511 byte frames
0 11 collision frames 0 512 to 1023 byte frames
0 12 collision frames 0 1024 to 1518 byte frames
0 13 collision frames 0 Overrun frames
0 14 collision frames 0 Pause frames
0 15 collision frames 0 Symbol error frames
0 Excessive collisions
0 Late collisions 0 Invalid frames, too large
0 VLAN discard frames 0 Valid frames, too large
0 Excess defer frames 0 Invalid frames, too small
0 64 byte frames 0 Valid frames, too small
0 127 byte frames
0 255 byte frames 0 Too old frames
0 511 byte frames 0 Valid oversize frames
0 1023 byte frames 0 System FCS error frames
0 1518 byte frames 0 RxPortFifoFull drop frame
0 Too large frames
0 Good (1 coll) frames
 

 

Table 0-5 Transmit Field Descriptions

Field
Description

Bytes

The total number of bytes sent on an interface.

Unicast Frames

The total number of frames sent to unicast addresses.

Multicast frames

The total number of frames sent to multicast addresses.

Broadcast frames

The total number of frames sent to broadcast addresses.

Too old frames

The number of frames dropped on the egress port because the packet aged out.

Deferred frames

The number of frames that are not sent after the time exceeds 2*maximum-packet time.

MTU exceeded frames

The number of frames that are larger than the maximum allowed frame size.

1 collision frames

The number of frames that are successfully sent on an interface after one collision occurs.

2 collision frames

The number of frames that are successfully sent on an interface after two collisions occur.

3 collision frames

The number of frames that are successfully sent on an interface after three collisions occur.

4 collision frames

The number of frames that are successfully sent on an interface after four collisions occur.

5 collision frames

The number of frames that are successfully sent on an interface after five collisions occur.

6 collision frames

The number of frames that are successfully sent on an interface after six collisions occur.

7 collision frames

The number of frames that are successfully sent on an interface after seven collisions occur.

8 collision frames

The number of frames that are successfully sent on an interface after eight collisions occur.

9 collision frames

The number of frames that are successfully sent on an interface after nine collisions occur.

10 collision frames

The number of frames that are successfully sent on an interface after ten collisions occur.

11 collision frames

The number of frames that are successfully sent on an interface after 11 collisions occur.

12 collision frames

The number of frames that are successfully sent on an interface after 12 collisions occur.

13 collision frames

The number of frames that are successfully sent on an interface after 13 collisions occur.

14 collision frames

The number of frames that are successfully sent on an interface after 14 collisions occur.

15 collision frames

The number of frames that are successfully sent on an interface after 15 collisions occur.

Excessive collisions

The number of frames that could not be sent on an interface after 16 collisions occur.

Late collisions

After a frame is sent, the number of frames dropped because late collisions were detected while the frame was sent.

VLAN discard frames

The number of frames dropped on an interface because the CFI1 bit is set.

Excess defer frames

The number of frames that are not sent after the time exceeds the maximum-packet time.

64 byte frames

The total number of frames sent on an interface that are 64 bytes.

127 byte frames

The total number of frames sent on an interface that are from 65 to 127 bytes.

255 byte frames

The total number of frames sent on an interface that are from 128 to 255 bytes.

511 byte frames

The total number of frames sent on an interface that are from 256 to 511 bytes.

1023 byte frames

The total number of frames sent on an interface that are from 512 to 1023 bytes.

1518 byte frames

The total number of frames sent on an interface that are from 1024 to 1518 bytes.

Too large frames

The number of frames sent on an interface that are larger than the maximum allowed frame size.

Good (1 coll) frames

The number of frames that are successfully sent on an interface after one collision occurs. This value does not include the number of frames that are not successfully sent after one collision occurs.

1.CFI = Canonical Format Indicator

 

Table 0-6 Receive Field Descriptions

Field
Description

Bytes

The total amount of memory (in bytes) used by frames received on an interface, including the FCS2 value and the incorrectly formed frames. This value excludes the frame header bits.

Unicast frames

The total number of frames successfully received on the interface that are directed to unicast addresses.

Multicast frames

The total number of frames successfully received on the interface that are directed to multicast addresses.

Broadcast frames

The total number of frames successfully received on an interface that are directed to broadcast addresses.

Unicast bytes

The total amount of memory (in bytes) used by unicast frames received on an interface, including the FCS value and the incorrectly formed frames. This value excludes the frame header bits.

Multicast bytes

The total amount of memory (in bytes) used by multicast frames received on an interface, including the FCS value and the incorrectly formed frames. This value excludes the frame header bits.

Broadcast bytes

The total amount of memory (in bytes) used by broadcast frames received on an interface, including the FCS value and the incorrectly formed frames. This value excludes the frame header bits.

Alignment errors

The total number of frames received on an interface that have alignment errors.

FCS errors

The total number of frames received on an interface that have a valid length (in bytes) but do not have the correct FCS values.

Oversize frames

The number of frames received on an interface that are larger than the maximum allowed frame size.

Undersize frames

The number of frames received on an interface that are smaller than 64 bytes.

Collision fragments

The number of collision fragments received on an interface.

Minimum size frames

The total number of frames that are the minimum frame size.

65 to 127 byte frames

The total number of frames that are from 65 to 127 bytes.

128 to 255 byte frames

The total number of frames that are from 128 to 255 bytes.

256 to 511 byte frames

The total number of frames that are from 256 to 511 bytes.

512 to 1023 byte frames

The total number of frames that are from 512 to 1023 bytes.

1024 to 1518 byte frames

The total number of frames that are from 1024 to 1518 bytes.

Overrun frames

The total number of overrun frames received on an interface.

Pause frames

The number of pause frames received on an interface.

Symbol error frames

The number of frames received on an interface that have symbol errors.

Invalid frames, too large

The number of frames received that were larger than maximum allowed MTU3 size (including the FCS bits and excluding the frame header) and that have either an FCS error or an alignment error.

Valid frames, too large

The number of frames received on an interface that are larger than the maximum allowed frame size.

Invalid frames, too small

The number of frames received that are smaller than 64 bytes (including the FCS bits and excluding the frame header) and that have either an FCS error or an alignment error.

Valid frames, too small

The number of frames received on an interface that are smaller than 64 bytes (or 68 bytes for VLAN-tagged frames) and that have valid FCS values. The frame size includes the FCS bits but excludes the frame header bits.

Too old frames

The number of frames dropped on the ingress port because the packet aged out.

Valid oversize frames

The number of frames received on an interface that are larger than the maximum allowed frame size and have valid FCS values. The frame size includes the FCS value but does not include the VLAN tag.

System FCS error frames

The total number of frames received on an interface that have a valid length (in bytes) but that do not have the correct FCS values.

RxPortFifoFull drop frames

The total number of frames received on an interface that are dropped because the ingress queue is full.

2.FCS = frame check sequence

3.MTU = maximum transmission unit

This is an example of output from the show controllers ethernet-controller phy command for a specific interface:

Switch# show controllers ethernet-controller gigabitethernet1/1 phy
GigabitEthernet1/1 (gpn: 1, port-number: 1)
-----------------------------------------------------------
 
General SFP Information
-----------------------------------------------
Identifier : 0x03
Connector : 0x00
Transceiver : 0x00 0x00 0x00 0x08 0x00 0x00 0x00 0x00
Encoding : 0x01
BR_Nominal : 0x0D
Vendor Name : CISCO-METHODE
Vendor Part Number : SP7041
Vendor Revision : 0x43 0x20 0x20 0x20
Vendor Serial Number : 00000MTC1017075F
-----------------------------------------------
 
Other Information
-------------------------------------------------------
Port asic num : 0
Port asic port num : 0
XCVR init completed : 0
Embedded PHY : not present
SFP presence index : 0
SFP iter cnt : 30
SFP failed oper flag : 0x0
IIC error cnt : 0
IIC error dsb cnt : 0
IIC max sts cnt : 50
Chk for link status : 1
Link Status : 1
Link Status Media : 2
 

This is an example of output from the show controllers ethernet-controller port-asic configuration command:

Switch# show controllers ethernet-controller port-asic configuration
========================================================================
Switch 1, PortASIC 0 Registers
------------------------------------------------------------------------
DeviceType : 000101BC
Reset : 00000000
PmadMicConfig : 00000001
PmadMicDiag : 00000003
SupervisorReceiveFifoSramInfo : 000007D0 000007D0 40000000
SupervisorTransmitFifoSramInfo : 000001D0 000001D0 40000000
GlobalStatus : 00000800
IndicationStatus : 00000000
IndicationStatusMask : FFFFFFFF
InterruptStatus : 00000000
InterruptStatusMask : 01FFE800
SupervisorDiag : 00000000
SupervisorFrameSizeLimit : 000007C8
SupervisorBroadcast : 000A0F01
GeneralIO : 000003F9 00000000 00000004
StackPcsInfo : FFFF1000 860329BD 5555FFFF FFFFFFFF
FF0FFF00 86020000 5555FFFF 00000000
StackRacInfo : 73001630 00000003 7F001644 00000003
24140003 FD632B00 18E418E0 FFFFFFFF
StackControlStatus : 18E418E0
stackControlStatusMask : FFFFFFFF
TransmitBufferFreeListInfo : 00000854 00000800 00000FF8 00000000
0000088A 0000085D 00000FF8 00000000
TransmitRingFifoInfo : 00000016 00000016 40000000 00000000
0000000C 0000000C 40000000 00000000
TransmitBufferInfo : 00012000 00000FFF 00000000 00000030
TransmitBufferCommonCount : 00000F7A
TransmitBufferCommonCountPeak : 0000001E
TransmitBufferCommonCommonEmpty : 000000FF
NetworkActivity : 00000000 00000000 00000000 02400000
DroppedStatistics : 00000000
FrameLengthDeltaSelect : 00000001
SneakPortFifoInfo : 00000000
MacInfo : 0EC0801C 00000001 0EC0801B 00000001
00C0001D 00000001 00C0001E 00000001
 
<output truncated>
 

This is an example of output from the show controllers ethernet-controller port-asic statistics command:

Switch# show controllers ethernet-controller port-asic statistics
===========================================================================
Switch 1, PortASIC 0 Statistics
---------------------------------------------------------------------------
0 RxQ-0, wt-0 enqueue frames 0 RxQ-0, wt-0 drop frames
4118966 RxQ-0, wt-1 enqueue frames 0 RxQ-0, wt-1 drop frames
0 RxQ-0, wt-2 enqueue frames 0 RxQ-0, wt-2 drop frames
 
0 RxQ-1, wt-0 enqueue frames 0 RxQ-1, wt-0 drop frames
296 RxQ-1, wt-1 enqueue frames 0 RxQ-1, wt-1 drop frames
2836036 RxQ-1, wt-2 enqueue frames 0 RxQ-1, wt-2 drop frames
 
0 RxQ-2, wt-0 enqueue frames 0 RxQ-2, wt-0 drop frames
0 RxQ-2, wt-1 enqueue frames 0 RxQ-2, wt-1 drop frames
158377 RxQ-2, wt-2 enqueue frames 0 RxQ-2, wt-2 drop frames
 
0 RxQ-3, wt-0 enqueue frames 0 RxQ-3, wt-0 drop frames
0 RxQ-3, wt-1 enqueue frames 0 RxQ-3, wt-1 drop frames
0 RxQ-3, wt-2 enqueue frames 0 RxQ-3, wt-2 drop frames
 
 
15 TxBufferFull Drop Count 0 Rx Fcs Error Frames
0 TxBufferFrameDesc BadCrc16 0 Rx Invalid Oversize Frames
0 TxBuffer Bandwidth Drop Cou 0 Rx Invalid Too Large Frames
0 TxQueue Bandwidth Drop Coun 0 Rx Invalid Too Large Frames
0 TxQueue Missed Drop Statist 0 Rx Invalid Too Small Frames
74 RxBuffer Drop DestIndex Cou 0 Rx Too Old Frames
0 SneakQueue Drop Count 0 Tx Too Old Frames
0 Learning Queue Overflow Fra 0 System Fcs Error Frames
0 Learning Cam Skip Count
 
15 Sup Queue 0 Drop Frames 0 Sup Queue 8 Drop Frames
0 Sup Queue 1 Drop Frames 0 Sup Queue 9 Drop Frames
0 Sup Queue 2 Drop Frames 0 Sup Queue 10 Drop Frames
0 Sup Queue 3 Drop Frames 0 Sup Queue 11 Drop Frames
0 Sup Queue 4 Drop Frames 0 Sup Queue 12 Drop Frames
0 Sup Queue 5 Drop Frames 0 Sup Queue 13 Drop Frames
0 Sup Queue 6 Drop Frames 0 Sup Queue 14 Drop Frames
0 Sup Queue 7 Drop Frames 0 Sup Queue 15 Drop Frames
===========================================================================
Switch 1, PortASIC 1 Statistics
---------------------------------------------------------------------------
0 RxQ-0, wt-0 enqueue frames 0 RxQ-0, wt-0 drop frames
52 RxQ-0, wt-1 enqueue frames 0 RxQ-0, wt-1 drop frames
0 RxQ-0, wt-2 enqueue frames 0 RxQ-0, wt-2 drop frames
 
<output truncated>
 

 
Related Commands

Command
Description

show controllers cpu-interface

Displays the state of the CPU network ASIC and send and receive statistics for packets reaching the CPU.

show controllers power inline

Displays the state of registers for all ternary content addressable memory (TCAM) in the system and for TCAM interface ASICs that are CAM controllers.

show controllers power inline

Use the show controllers power inline command in EXEC mode to display the values in the registers of the specified Power over Ethernet (PoE) controller.

show controllers power inline [ instance ]

 
Syntax Description

instance

(Optional) Power controller instance, where each instance corresponds to four ports. If no instance is specified, information for all instances appear.

 
Command Modes

User EXEC
Privileged EXEC

 
Command History

Release
Modification

15.0(2)EA

This command is introduced.

 
Usage Guidelines

The instance range is 0 to 1. For instances other than 0 to 1, the switchs provides no output.

Though the instances are visible on all switches, this command is valid only for PoE switches. The command does not provide information for switches that do not support PoE.

The output provides information that might be useful for Cisco technical support representatives troubleshooting the switch.

Examples

This is an example of output from the show controllers power inline command on a switch:

Switch# show controllers power inline

Controller Instance 0, Address 0x50
 
Standard Registers:
-------------------
Interrupt Reg 0x0 = 0x8
Intr Mask Reg 0x1 = 0xF6
Power Event Reg 0x2 = 0x0
Detect Event Reg 0x4 = 0x1
Fault Event Reg 0x6 = 0x0
T-Start Event Reg 0x8 = 0x0
Supply Event Reg 0xA = 0x0
Port 1 Status Reg 0xC = 0x6
Port 3 Status Reg 0xD = 0x6
Port 5 Status Reg 0xE = 0x6
Port 7 Status Reg 0xF = 0x6
Power Status Reg 0x10 = 0x0
Pin Status Reg 0x11 = 0x20
Operating Mode Reg 0x12 = 0xAA
Disconnect Enable Reg 0x13 = 0xF
Detect/Class Enable Reg 0x14 = 0xFF
Reserved Reg 0x15 = 0x0
Timing Config Reg 0x16 = 0x0
Misc Config Reg 0x17 = 0x80
ID Revision Reg 0x1B = 0x41
 
Extended Registers:
-------------------
Port 1 :
Police Value Reg 0x1E = 0xF
IEEE Type1 Penable Reg 0x23 = no
IEEE Type2 Penable Reg 0x23 = no
IEEEF Power On Fault Reg 0x24 = No Fault
2XPow Enabled Reg 0x40 = no
ICUT Reg 0x2A = 352 mA
Current Reg 0x30/31 = 0
Voltage Reg 0x32/33 = 0
Port 3:
Police Value Reg 0x1E = 0xF
IEEE Type1 Penable Reg 0x23 = no
IEEE Type2 Penable Reg 0x23 = no
IEEEF Power On Fault Reg 0x24 = No Fault
2XPow Enabled Reg 0x40 = no
ICUT Reg 0x2A = 352 mA
Current Reg 0x34/35 = 0
Voltage Reg 0x36/37 = 0
Port 5:
Police Value Reg 0x1F = 0xF
IEEE Type1 Penable Reg 0x23 = no
IEEE Type2 Penable Reg 0x23 = no
IEEEF Power On Fault Reg 0x24 = No Fault
2XPow Enabled Reg 0x40 = no
ICUT Reg 0x2B = 352 mA
Current Reg 0x38/39 = 0
Voltage Reg 0x3A/3B = 0
Port 7:
Police Value Reg 0x1F = 0xF
IEEE Type1 Penable Reg 0x23 = no
IEEE Type2 Penable Reg 0x23 = no
IEEEF Power On Fault Reg 0x24 = No Fault
2XPow Enabled Reg 0x40 = no
ICUT Reg 0x2B = 352 mA
Current Reg 0x3C/3D = 0
Voltage Reg 0x3E/3F = 0
 
MCU temperature Reg 0x2C = 86
Vee Voltage Reg 0x2E/2F = 9285
Firmware Revision Reg 0x41 = 32
WdogTimer Disable Reg 0x42 = 11
WdogTimer Status Reg 0x42 = 0
DeviceID Reg 0x43 = 5
SiliconRevision Reg 0x43 = 5

 
Related Commands

Command
Description

logging event power-inline-status

Enables the logging of PoE events.

power inline

Configures the power management mode for the specified PoE port or for all PoE ports.

show profinet

Displays the PoE status for the specified PoE port or for all PoE ports.

show controllers tcam

To display the state of the registers for all ternary content addressable memory (TCAM) in the system and for all TCAM interface ASICs that are CAM controllers, use the show controllers tcam command in Privileged EXEC mode.

show controllers tcam [ asic [ number ]] [ detail ]

 
Syntax Description

asic

(Optional) Displays port ASIC TCAM information.

number

(Optional) Displays information for the specified port ASIC number. The range is from 0 to 15.

detail

(Optional) Displays detailed TCAM register information.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

This command provides information that might be useful for Cisco technical support representatives troubleshooting the switch.

Examples

This is an example of output from the show controllers tcam command:

Switch# show controllers tcam
------------------------------------------------------------------------
TCAM-0 Registers
------------------------------------------------------------------------
REV: 00B30103
SIZE: 00080040
ID: 00000000
CCR: 00000000_F0000020
 
RPID0: 00000000_00000000
RPID1: 00000000_00000000
RPID2: 00000000_00000000
RPID3: 00000000_00000000
 
HRR0: 00000000_E000CAFC
HRR1: 00000000_00000000
HRR2: 00000000_00000000
HRR3: 00000000_00000000
HRR4: 00000000_00000000
HRR5: 00000000_00000000
HRR6: 00000000_00000000
HRR7: 00000000_00000000
<output truncated>
 
GMR31: FF_FFFFFFFF_FFFFFFFF
GMR32: FF_FFFFFFFF_FFFFFFFF
GMR33: FF_FFFFFFFF_FFFFFFFF
 
=============================================================================
TCAM related PortASIC 1 registers
=============================================================================
LookupType: 89A1C67D_24E35F00
LastCamIndex: 0000FFE0
LocalNoMatch: 000069E0
ForwardingRamBaseAddress:
00022A00 0002FE00 00040600 0002FE00 0000D400
00000000 003FBA00 00009000 00009000 00040600
00000000 00012800 00012900

 
Related Commands

Command
Description

show controllers cpu-interface

Displays the state of the CPU network ASIC and send and receive statistics for packets reaching the CPU.

show controllers ethernet-controller

Displays per-interface send and receive statistics read from the hardware or the interface internal registers.

show controllers utilization

To display bandwidth utilization on the switch or specific ports, use the show controllers utilization command in EXEC mode.

show controllers [ interface-id ] utilization

 
Syntax Description

interface-id

(Optional) ID of the switch interface.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show controllers utilization command:

Switch> show controllers utilization
Port Receive Utilization Transmit Utilization
Fa1/1 0 0
Fa1/2 0 0
Fa1/3 0
Fa1/4 0 0
Fa1/5 0 0
Fa1/6 0 0
Fa1/7 0 0
<output truncated>
 
<output truncated>
 
Switch Receive Bandwidth Percentage Utilization : 0
Switch Transmit Bandwidth Percentage Utilization : 0
 
Switch Fabric Percentage Utilization : 0
 

This is an example of output from the show controllers utilization command on a specific port:

Switch> show controllers gigabitethernet1/1 utilization
Receive Bandwidth Percentage Utilization : 0
Transmit Bandwidth Percentage Utilization : 0
 

 

Table 0-7 show controllers utilization Field Descriptions
Field
Description

Receive Bandwidth Percentage Utilization

Displays the received bandwidth usage of the switch, which is the sum of the received traffic on all the ports divided by the switch receive capacity.

Transmit Bandwidth Percentage Utilization

Displays the transmitted bandwidth usage of the switch, which is the sum of the transmitted traffic on all the ports divided it by the switch transmit capacity.

Fabric Percentage Utilization

Displays the average of the transmitted and received bandwidth usage of the switch.

 
Related Commands

Command
Description

show controllers ethernet-controller

Displays the interface internal registers.

show dot1x

To display IEEE 802.1x statistics, administrative status, and operational status for the switch or for the specified port, use the show dot1x command in EXEC mode.

show dot1x [{ all [ summary ] | interface interface-id } [ details | statistics ]]

 
Syntax Description

all summary

(Optional) Displays the IEEE 802.1x status for all ports.

interface interface-id

(Optional) Displays the IEEE 802.1x status for the specified port (including type, module, and port number).

details

(Optional) Displays the IEEE 802.1x interface details.

statistics

(Optional) Displays IEEE 802.1x statistics for the specified port.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

If you do not specify a port, global parameters and a summary appear. If you specify a port, details for that port appear.

If the port control is configured as unidirectional or bidirectional control and this setting conflicts with the switch configuration, the show dot1x { all | interface interface-id } privileged EXEC command output has this information:

ControlDirection = In (Inactive)
 

Examples

This is an example of output from the show dot1x EXEC command:

Switch> show dot1x
Sysauthcontrol Enabled
Dot1x Protocol Version 2
Critical Recovery Delay 100
Critical EAPOL Disabled
 

This is an example of output from the show dot1x all EXEC command:

Switch> show dot1x all
Sysauthcontrol Enabled
Dot1x Protocol Version 2
Critical Recovery Delay 100
Critical EAPOL Disabled
 
Dot1x Info for GigabitEthernet1/1
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = Both
HostMode = SINGLE_HOST
Violation Mode = PROTECT
ReAuthentication = Disabled
QuietPeriod = 60
ServerTimeout = 30
SuppTimeout = 30
ReAuthPeriod = 3600 (Locally configured)
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
RateLimitPeriod = 0
 
<output truncated>
 

This is an example of output from the show dot1x all summary EXEC command:

Interface PAE Client Status
--------------------------------------------------------
Gi1/1 AUTH none UNAUTHORIZED
Gi1/2 AUTH 00a0.c9b8.0072 AUTHORIZED
Fa1/1 AUTH none UNAUTHORIZED
 

This is an example of output from the show dot1x interface interface-id EXEC command:

Switch> show dot1x interface gigabitethernet1/2
Dot1x Info for GigabitEthernet1/2
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = In
HostMode = SINGLE_HOST
ReAuthentication = Disabled
QuietPeriod = 60
ServerTimeout = 30
SuppTimeout = 30
ReAuthPeriod = 3600 (Locally configured)
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
RateLimitPeriod = 0
 

This is an example of output from the show dot1x interface interface-id details EXEC command:

Switch# show dot1x interface gigabitethernet1/2 details
Dot1x Info for GigabitEthernet1/2
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = Both
HostMode = SINGLE_HOST
ReAuthentication = Disabled
QuietPeriod = 60
ServerTimeout = 30
SuppTimeout = 30
ReAuthPeriod = 3600 (Locally configured)
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
RateLimitPeriod = 0
 
Dot1x Authenticator Client List Empty
 

This is an example of output from the show dot1x interface interface-id details commmand when a port is assigned to a guest VLAN and the host mode changes to multiple-hosts mode:

Switch# show dot1x interface gigabitethernet1/1 details
Dot1x Info for GigabitEthernet1/1
-----------------------------------
PAE = AUTHENTICATOR
PortControl = AUTO
ControlDirection = Both
HostMode = SINGLE_HOST
ReAuthentication = Enabled
QuietPeriod = 60
ServerTimeout = 30
SuppTimeout = 30
ReAuthPeriod = 3600 (Locally configured)
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
RateLimitPeriod = 0
Guest-Vlan = 182
 
Dot1x Authenticator Client List Empty
 
Port Status = AUTHORIZED
Authorized By = Guest-Vlan
Operational HostMode = MULTI_HOST
Vlan Policy = 182
 

This is an example of output from the show dot1x interface interface-id statistics command. Table 0-8 describes the fields in the display.

Switch> show dot1x interface gigabitethernet1/2 statistics
Dot1x Authenticator Port Statistics for GigabitEthernet1/2
--------------------------------------------
RxStart = 0 RxLogoff = 0 RxResp = 1 RxRespID = 1
RxInvalid = 0 RxLenErr = 0 RxTotal = 2
 
TxReq = 2 TxReqID = 132 TxTotal = 134
 
RxVersion = 2 LastRxSrcMAC = 00a0.c9b8.0072
 

 

Table 0-8 show dot1x statistics Field Descriptions

Field
Description

RxStart

Number of valid EAPOL-start frames that have been received.

RxLogoff

Number of EAPOL-logoff frames that have been received.

RxResp

Number of valid EAP-response frames (other than response/identity frames) that have been received.

RxRespID

Number of EAP-response/identity frames that have been received.

RxInvalid

Number of EAPOL frames that have been received and have an unrecognized frame type.

RxLenError

Number of EAPOL frames that have been received in which the packet body length field is invalid.

RxTotal

Number of valid EAPOL frames of any type that have been received.

TxReq

Number of EAP-request frames (other than request/identity frames) that have been sent.

TxReqId

Number of Extensible Authentication Protocol (EAP)-request/identity frames that have been sent.

TxTotal

Number of Extensible Authentication Protocol over LAN (EAPOL) frames of any type that have been sent.

RxVersion

Number of received packets in the IEEE 802.1x Version 1 format.

LastRxSrcMac

Source MAC address carried in the most recently received EAPOL frame.

 
Related Commands

Command
Description

dot1x default

Resets the IEEE 802.1x parameters to their default values.

show dtp

To display Dynamic Trunking Protocol (DTP) information for the switch or for a specified interface, use the show dtp command in Privileged EXEC mode.

show dtp [ interface interface-id ]

 
Syntax Description

interface interface-id

(Optional) Displays port security settings for the specified interface. Valid interfaces include physical ports (including type, module, and port number).

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show dtp command:

Switch# show dtp
Global DTP information
Sending DTP Hello packets every 30 seconds
Dynamic Trunk timeout is 300 seconds
21 interfaces using DTP
 

This is an example of output from the show dtp interface command:

Switch# show dtp interface gigabitethernet1/1
DTP information for GigabitEthernet1/1:
TOS/TAS/TNS: ACCESS/AUTO/ACCESS
TOT/TAT/TNT: NATIVE/NEGOTIATE/NATIVE
Neighbor address 1: 000943A7D081
Neighbor address 2: 000000000000
Hello timer expiration (sec/state): 1/RUNNING
Access timer expiration (sec/state): never/STOPPED
Negotiation timer expiration (sec/state): never/STOPPED
Multidrop timer expiration (sec/state): never/STOPPED
FSM state: S2:ACCESS
# times multi & trunk 0
Enabled: yes
In STP: no
 
Statistics
----------
3160 packets received (3160 good)
0 packets dropped
0 nonegotiate, 0 bad version, 0 domain mismatches, 0 bad TLVs, 0 other
6320 packets output (6320 good)
3160 native
0 output errors
0 trunk timeouts
1 link ups, last link up on Mon Mar 01 1993, 01:02:29
0 link downs

 
Related Commands

Command
Description

show interfaces trunk

Displays interface trunking information.

show eap

To display Extensible Authentication Protocol (EAP) registration and session information for the switch or for the specified port, use the show eap command in Privileged EXEC mode.

show eap {{ registrations [ method [ name ] | transport [ name ]]} | { sessions [ credentials name [ interface interface-id ] | interface interface-id | method name | transport name ]}} [ credentials name | interface interface-id | transport name ]

 
Syntax Description

registrations

Displays EAP registration information.

method name

(Optional) Displays EAP method registration information.

transport name

(Optional) Displays EAP transport registration information.

sessions

Displays EAP session information.

credentials name

(Optional) Displays EAP method registration information.

interface interface-id

(Optional) Displays the EAP information for the specified port (including type, module, and port number).

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

When you use the show eap registrations privileged EXEC command with these keywords, the command output shows this information:

  • None—All the lower levels used by EAP and the registered EAP methods.
  • method name keyword—The specified method registrations.
  • transport name keyword—The specific lower-level registrations.

When you use the show eap sessions privileged EXEC command with these keywords, the command output shows this information:

  • None—All active EAP sessions.
  • credentials name keyword—The specified credentials profile.
  • interface interface-id keyword—The parameters for the specified interface.
  • method name keyword—The specified EAP method.
  • transport name keyword—The specified lower layer.

Examples

This is an example of output from the show eap registrations all privileged EXEC command:

Switch> show eap registrations
Registered EAP Methods:
Method Type Name
4 Peer MD5
 
Registered EAP Lower Layers:
Handle Type Name
2 Authenticator Dot1x-Authenticator
1 Authenticator MAB
 

This is an example of output from the show eap registrations transport privileged EXEC command:

Switch> show eap registrations transport all
Registered EAP Lower Layers:
Handle Type Name
2 Authenticator Dot1x-Authenticator
1 Authenticator MAB
 

This is an example of output from the show eap sessions privileged EXEC command:

Switch> show eap sessions
Role: Authenticator Decision: Fail
Lower layer: Dot1x-AuthenticaInterface: Gi1/1
Current method: None Method state: Uninitialised
Retransmission count: 0 (max: 2) Timer: Authenticator
ReqId Retransmit (timeout: 30s, remaining: 2s)
EAP handle: 0x5200000A Credentials profile: None
Lower layer context ID: 0x93000004 Eap profile name: None
Method context ID: 0x00000000 Peer Identity: None
Start timeout (s): 1 Retransmit timeout (s): 30 (30)
Current ID: 2 Available local methods: None
 
Role: Authenticator Decision: Fail
Lower layer: Dot1x-AuthenticaInterface: Gi1/2
Current method: None Method state: Uninitialised
Retransmission count: 0 (max: 2) Timer: Authenticator
ReqId Retransmit (timeout: 30s, remaining: 2s)
EAP handle: 0xA800000B Credentials profile: None
Lower layer context ID: 0x0D000005 Eap profile name: None
Method context ID: 0x00000000 Peer Identity: None
Start timeout (s): 1 Retransmit timeout (s): 30 (30)
Current ID: 2 Available local methods: None
 
<Output truncated>
 

This is an example of output from the show eap sessions interface interface-id privileged EXEC command:

Switch# show eap sessions interface gigabitethernet1/1
Role: Authenticator Decision: Fail
Lower layer: Dot1x-AuthenticaInterface: Gi1/1
Current method: None Method state: Uninitialised
Retransmission count: 1 (max: 2) Timer: Authenticator
ReqId Retransmit (timeout: 30s, remaining: 13s)
EAP handle: 0x5200000A Credentials profile: None
Lower layer context ID: 0x93000004 Eap profile name: None
Method context ID: 0x00000000 Peer Identity: None
Start timeout (s): 1 Retransmit timeout (s): 30 (30)
Current ID: 2 Available local methods: None
 

 
Related Commands

Command
Description

clear eap sessions

Clears EAP session information for the switch or for the specified port.

show env

To show switch environment information, use the show env command in EXEC mode.

show env { all | power | temperature [ status ]}

 
Syntax Description

all

Displays both fan and temperature environmental status.

power

Displays the switch power status.

temperature

Displays the switch temperature status.

status

(Optional) Displays the switch internal temperature.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The command output shows the green and yellow states as OK and the red state as FAULTY.

If you enter the show env all command on this switch, the command output is the same as the show env temperature status command output.

For more information about the threshold levels, see the software configuration guide for this release.

Examples

This is an example of output from the show env all command:

Switch> show env all
TEMPERATURE is OK
Temperature Value: 48 Degree Celsius
POWER SUPPLY A is DC OK
POWER SUPPLY B is DC OK
 

 

This is an example of output from the show env power command.

Switch> show env power
Power supply A is DC OK
Power supply B is DC FAULTY
 

This is an example of output from the show env temperature command.

Switch> show env temperature
Temperature is OK
 

This is an example of output from the show env temperature status command.

Switch> show env temperature status
Temperature Value: 48 Degree Celsius
 

show env alarm-contact

To show the alarm contact information, use the show env alarm contact command in EXEC mode.

show env alarm contact

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This example shows the output of the show env alarm-contact command:

Switch# show env alarm-contact
ALARM CONTACT 1
Status: not asserted
Description: line
Severity: minor
Trigger: closed
ALARM CONTACT 2
Status: not asserted
Description: external alarm contact 2
Severity: minor
Trigger: closed
Switch#

 
Related Commands

Command
Description

alarm contact

Configures the system alarm contact settings.
 

show errdisable detect

To display error-disabled detection status, use the show errdisable detect command in EXEC mode.

show errdisable detect

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

A displayed gbic-invalid error reason refers to an invalid small form-factor pluggable (SFP) module.

Examples

This is an example of output from the show errdisable detect command:

Switch> show errdisable detect
ErrDisable Reason Detection Mode
----------------- --------- ----
arp-inspection Enabled port
bpduguard Enabled vlan
channel-misconfig Enabled port
community-limit Enabled port
dhcp-rate-limit Enabled port
dtp-flap Enabled port
gbic-invalid Enabled port
inline-power Enabled port
invalid-policy Enabled port
l2ptguard Enabled port
link-flap Enabled port
loopback Enabled port
lsgroup Enabled port
pagp-flap Enabled port
psecure-violation Enabled port/vlan
security-violatio Enabled port
sfp-config-mismat Enabled port
storm-control Enabled port
udld Enabled port
vmps Enabled port

 
Related Commands

Command
Description

errdisable detect cause

Enables error-disabled detection for a specific cause or all causes.

show errdisable flap-values

Displays error condition recognition information.

show errdisable recovery

Displays error-disabled recovery timer information.

show interfaces status

Displays interface status or a list of interfaces in error-disabled state.

show errdisable flap-values

To display conditions that cause an error to be recognized for a cause, use the show errdisable flap-values command in EXEC mode.

show errdisable flap-values

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The Flaps column in the command display shows how many changes to the state within the specified time interval will cause an error to be detected and a port to be disabled. For example, the display shows that an error will be assumed and the port shut down if three Dynamic Trunking Protocol (DTP)-state (port mode access/trunk) or Port Aggregation Protocol (PAgP) flap changes occur during a 30-second interval, or if 5 link-state (link up/down) changes occur during a 10-second interval.

ErrDisable Reason Flaps Time (sec)
----------------- ------ ----------
pagp-flap 3 30
dtp-flap 3 30
link-flap 5 10
 

Examples

This is an example of output from the show errdisable flap-values command:

Switch> show errdisable flap-values
ErrDisable Reason Flaps Time (sec)
----------------- ------ ----------
pagp-flap 3 30
dtp-flap 3 30
link-flap 5 10

 
Related Commands

Command
Description

errdisable detect cause

Enables error-disabled detection for a specific cause or all causes.

show errdisable detect

Displays error-disabled detection status.

show errdisable recovery

Displays error-disabled recovery timer information.

show interfaces status

Displays interface status or a list of interfaces in error-disabled state.

show errdisable recovery

To display the error-disabled recovery timer information, use the show errdisable recovery command in EXEC mode.

show errdisable recovery

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

A gbic-invalid error-disable reason shown in the command output refers to an invalid small form-factor pluggable (SFP) module interface.

Examples

This is an example of output from the show errdisable recovery command:

Switch> show errdisable recovery
ErrDisable Reason Timer Status
----------------- --------------
udld Disabled
bpduguard Disabled
security-violatio Disabled
channel-misconfig Disabled
vmps Disabled
pagp-flap Disabled
dtp-flap Disabled
link-flap Enabled
l2ptguard Disabled
psecure-violation Disabled
gbic-invalid Disabled
dhcp-rate-limit Disabled
unicast-flood Disabled
storm-control Disabled
arp-inspection Disabled
loopback Disabled
 
Timer interval:300 seconds
 
Interfaces that will be enabled at the next timeout:
 
Interface Errdisable reason Time left(sec)
--------- ----------------- --------------
Gi1/2 link-flap 279
 

Note Though visible in the output, the unicast-flood field is not valid.

 
Related Commands

Command
Description

errdisable recovery

Configures the recover mechanism variables.

show errdisable detect

Displays error-disabled detection status.

show errdisable flap-values

Displays error condition recognition information.

show interfaces status

Displays interface status or a list of interfaces in error-disabled state.

show etherchannel

To display EtherChannel information for a channel, use the show etherchannel command in EXEC mode.

show etherchannel [ channel-group-number { detail | port | port-channel | protocol | summary }] { detail | load-balance | port | port-channel | protocol | summary }

 
Syntax Description

channel-group - number

(Optional) Number of the channel group. The range is 1 to 6.

detail

Displays detailed EtherChannel information.

load-balance

Displays the load-balance or frame-distribution scheme among ports in the port channel.

port

Displays EtherChannel port information.

port-channel

Displays port-channel information.

protocol

Displays the protocol that is being used in the EtherChannel.

summary

Displays a one-line summary per channel-group.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

If you do not specify a channel-group-number value, all channel groups are displayed.

In the output, the Passive port list field is displayed only for Layer 3 port channels. This field means that the physical port, which is still not up, is configured to be in the channel group (and indirectly is in the only port channel in the channel group).

Examples

This is an example of output from the show etherchannel 1 detail command:

Switch> show etherchannel 1 detail
Group state = L2
Ports: 2 Maxports = 16
Port-channels: 1 Max Port-channels = 16
Protocol: LACP
Ports in the group:
-------------------
Port: Gi1/1
------------
 
Port state = Up Mstr In-Bndl
Channel group = 1 Mode = Active Gcchange = -
Port-channel = Po1 GC = - Pseudo port-channel = Po1
Port index = 0 Load = 0x00 Protocol = LACP
 
Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDU
A - Device is in active mode. P - Device is in passive mode.
 
Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi1/1 SA bndl 32768 0x0 0x1 0x0 0x3D
 
Age of the port in the current state: 01d:20h:06m:04s
Port-channels in the group:
----------------------
 
Port-channel: Po1 (Primary Aggregator)
------------
 
Age of the Port-channel = 01d:20h:20m:26s
Logical slot/port = 10/1 Number of ports = 2
HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
 
Ports in the Port-channel:
 
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gi1/1 Active 0
0 00 Gi1/2 Active 0
 
Time since last port bundled: 01d:20h:20m:20s Gi1/2
 

This is an example of output from the show etherchannel 1 summary command:

Switch> show etherchannel 1 summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
u - unsuitable for bundling
U - in use f - failed to allocate aggregator
d - default port
 
Number of channel-groups in use: 1
Number of aggregators: 1
 
Group Port-channel Protocol Ports
------+-------------+-----------+----------------------------------------
1 Po1(SU) LACP Gi1/1(P) Gi1/2(P)
 

This is an example of output from the show etherchannel 1 port-channel command:

Switch> show etherchannel 1 port-channel
Port-channels in the group:
----------------------
Port-channel: Po1 (Primary Aggregator)
 
------------
 
Age of the Port-channel = 01d:20h:24m:50s
Logical slot/port = 10/1 Number of ports = 2
HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
 
Ports in the Port-channel:
 
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gi1/1 Active 0
0 00 Gi1/2 Active 0
 
Time since last port bundled: 01d:20h:24m:44s Gi1/2
 

This is an example of output from the show etherchannel protocol command:

Switch# show etherchannel protocol
Channel-group listing:
-----------------------
Group: 1
----------
Protocol: LACP
 
Group: 2
----------
Protocol: PAgP

 
Related Commands

Command
Description

channel-group

Assigns an Ethernet port to an EtherChannel group.

channel-protocol

Restricts the protocol used on a port to manage channeling.

interface port-channel

Accesses or creates the port channel.

show facility-alarm status

To display all generated alarms for the switch, use the show facility-alarm status command in EXEC mode.

show facility-alarm status [ critical | info | major | minor ]

 
Syntax Description

critical

(Optional) Displays only critical facility alarms.

info

(Optional) Displays all facility alarms.

major

(Optional) Displays major facility alarms and higher.

minor

(Optional) Displays major facility alarms and higher.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show facility-alarm status command. It displays alarm information for the switch.

Switch# show facility-alarm status
 
Source Severity Description Relay Time
toyota_S16_sps1 MAJOR 1 Temp above max primary thresh MAJ Oct 06
Syslog Disabled
Switch> show facility-alarm status
Source Severity Description Relay Time
FastEthernet1/3 MINOR 2 Port Not Forwarding NONE Mar 01
1993 00:02:22
 

 
Related Commands

Command
Description

alarm facility power-supply

Sets power supply alarm options.

alarm facility temperature

Sets temperature alarm options.

alarm profile (global configuration)

Creates alarm profiles with alarm IDs and alarm options to be attached to interfaces.

show fallback profile

To display the fallback profiles that are configured on a switch, use the show fallback profile command in Privileged EXEC mode.

show fallback profile

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use the show fallback profile privileged EXEC command to display profiles that are configured on the switch.

Examples

This is an example of output from the show fallback profile command:

switch# show fallback profile
Profile Name: dot1x-www
------------------------------------
Description : NONE
IP Admission Rule : webauth-fallback
IP Access-Group IN: default-policy
Profile Name: dot1x-www-lpip
------------------------------------
Description : NONE
IP Admission Rule : web-lpip
IP Access-Group IN: default-policy
Profile Name: profile1
------------------------------------
Description : NONE
IP Admission Rule : NONE
IP Access-Group IN: NONE

 
Related Commands

Command
Description

dot1x fallback

Configures a port to use web authentication as a fallback method for clients that do not support IEEE 802.1x authentication.

fallback profile

Creates a web authentication fallback profile.

ip admission

Enables web authentication on a switch port

ip admission name proxy http

Enables web authentication globally on a switch

show dot1x [ interface interface-id ]

Displays IEEE 802.1x status for the specified port.

show fcs-threshold

To display the frame check sequence (FCS) bit error-rate settings on the switch interfaces, use the show fcs-threshold command in EXEC mode.

show fcs-threshold

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The Ethernet standard calls for a maximum bit error rate of 10-8. In the switch, the configurable bit error-rate range is from 10-6 to 10-11. The bit error-rate input to the switch is a positive exponent. The output displays the positive exponent; an output of 9 means that the bit error-rate is 10-9.

Examples

This is an example of output from the show fcs-threshold command. It shows the output when all ports are set to the default FCS threshold.

Switch# show fcs-threshold
Port FCS Threshold
Fa1/1 8
Fa1/2 8
Fa1/3 8
Fa1/4 8
Fa2/1 8
Fa2/2 8
Fa2/3 8
Fa2/4 8
Fa2/5 8
Fa2/6 8
Fa2/7 8
Fa2/8 8
Fa3/1 8
Fa3/2 8
Fa3/3 8
Fa3/4 8
Fa3/5 8
Fa3/6 8
Fa3/7 8
Fa3/8 8
Gi1/1 8
Gi1/2 8

 
Related Commands

Command
Description

fcs-threshold

Sets the FCS threshold on an interface.

show flowcontrol

To display the flow control status and statistics, use the show flowcontrol command in EXEC mode.

show flowcontrol [ interface interface-id | module number ]

 
Syntax Description

interface interface-id

(Optional) Displays the flow control status and statistics for a specific interface.

module number

(Optional) Displays the flow control status and statistics for all interfaces on the switch. Module number is 1. This option is not available if you have entered a specific interface ID.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use this command to display the flow control status and statistics on the switch or for a specific interface.

Use the show flowcontrol command to display information about all the switch interfaces. The output from the show flowcontrol command is the same as the output from the show flowcontrol module number command.

Use the show flowcontrol interface interface-id command to display information about a specific interface.

Examples

This is an example of output from the show flowcontrol command.

Switch> show flowcontrol
Port Send FlowControl Receive FlowControl RxPause TxPause
admin oper admin oper
--------- -------- -------- -------- -------- ------- -------
Gi1/1 Unsupp. Unsupp. off off 0 0
Gi1/2 desired off off off 0 0
Gi1/3 desired off off off 0 0
<output truncated>
 

This is an example of output from the show flowcontrol interface interface-id command:

Switch> show flowcontrol interface gigabitethernet1/2
Port Send FlowControl Receive FlowControl RxPause TxPause
admin oper admin oper
--------- -------- -------- -------- -------- ------- -------
Gi1/2 desired off off off 0 0

 
Related Commands

Command
Description

flowcontrol

Sets the receive flow-control state for an interface.

show interfaces

To display the administrative and operational status of all interfaces or a specified interface, use the show interfaces command in Privileged EXEC mode.

show interfaces [ interface-id | vlan vlan-id ] [ accounting | capabilities [ module number ] | counters | description | etherchannel | flowcontrol | rep | pruning | stats | status [ err-disabled ] | [ backup | module number ] | transceiver | properties | detail [ module number ] | trunk ]

 
Syntax Description

interface-id

(Optional) Valid interfaces include physical ports (including type, module, and port number) and port channels. The port-channel range is 1 to 6.

vlan vlan-id

(Optional) Specifies VLAN identification. The range is 1 to 4094.

accounting

(Optional) Displays accounting information on the interface, including active protocols and input and output packets and octets.

Note The display shows only packets processed in software; hardware-switched packets do not appear.

capabilities

(Optional) Displays the capabilities of all interfaces or the specified interface, including the features and options that you can configure on the interface. Though visible in the command line help, this option is not available for VLAN IDs.

module number

(Optional) Displays capabilities or transceiver characteristics (depending on preceding keyword) of all interfaces on the switch. The only valid module number is 1. This option is not available if you enter a specific interface ID.

counters

(Optional) Displays the show interfaces counters information.

description

(Optional) Displays the administrative status and description set for an interface.

etherchannel

(Optional) Displays interface EtherChannel information.

flowcontrol

(Optional) Displays interface flow control information

pruning

(Optional) Displays interface trunk VTP pruning information.

rep

(Optional) Displays the show interfaces rep information.

stats

(Optional) Displays the input and output packets by switching path for the interface.

status

(Optional) Displays the status of the interface. A status of unsupported in the Type field means that a non-Cisco small form-factor pluggable (SFP) module is inserted in the module slot.

err-disabled

(Optional) Displays interfaces in error-disabled state.

backup

(Optional) Displays Flex Link backup interface configuration and status for the specified interface or all interfaces on the switch.

transceiver detail | properties

(Optional) Displays the physical properties of a CWDM or DWDM small form-factor (SFP) module interface. The keywords have these meanings:

  • detail (Optional) Displays calibration properties, including high and low numbers and any alarm information.
  • properties —( Optional) Displays speed and duplex settings on an interface.

trunk

Displays interface trunk information. If you do not specify an interface, only information for active trunking ports appears.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The show interfaces capabilities command with different keywords has these results:

  • Use the show interfaces capabilities module 1 to display the capabilities of all interfaces on the switch. Entering any other number is invalid.
  • Use the show interfaces interface-id capabilities to display the capabilities of the specified interface.
  • Use the show interfaces capabilities (with no module number or interface ID) to display the capabilities of all interfaces on the switch.

Note Though visible in the command-line help strings, the crb, fair-queue, irb, mac-accounting, precedence, random-detect, rate-limit, and shape keywords are not supported.

Examples

This is an example of output from the show interfaces interface-id command for an interface:

 
Switch# show interface GigabitEthernet1/2
GigabitEthernet1/2 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 001e.1300.4882 (bia 001e.1300.4882)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not set
Full-duplex, 100Mb/s, link type is auto, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:00, output hang never
Last clearing of ''show interface'' counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 4 packets/sec
5 minute output rate 17000 bits/sec, 27 packets/sec
553226 packets input, 39772509 bytes, 0 no buffer
Received 530934 broadcasts (529980 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 529980 multicast, 0 pause input
0 input packets with dribble condition detected
4031941 packets output, 317450903 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
 

This is an example of output from the show interfaces accounting command.

Switch# show interfaces accounting
Vlan1
Protocol Pkts In Chars In Pkts Out Chars Out
IP 1094395 131900022 559555 84077157
Spanning Tree 283896 17033760 42 2520
ARP 63738 3825680 231 13860
Interface Vlan2 is disabled
Vlan7
Protocol Pkts In Chars In Pkts Out Chars Out
No traffic sent or received on this interface.
Vlan31
Protocol Pkts In Chars In Pkts Out Chars Out
No traffic sent or received on this interface.
 
GigabitEthernet1/1
Protocol Pkts In Chars In Pkts Out Chars Out
No traffic sent or received on this interface.
GigabitEthernet1/2
Protocol Pkts In Chars In Pkts Out Chars Out
No traffic sent or received on this interface.
 
<output truncated>
 

This is an example of output from the show interfaces capabilities interface-id command for an interface.

 
Switch# show interfaces GigabitEthernet1/2 capabilities
GigabitEthernet1/2
Model: IE-3000-4TC
Type: Not Present
Speed: 10,100,1000,auto
Duplex: half,full,auto
Trunk encap. type: 802.1Q
Trunk mode: on,off,desirable,nonegotiate
Channel: yes
Broadcast suppression: percentage(0-100)
Flowcontrol: rx-(off,on,desired),tx-(none)
Fast Start: yes
QoS scheduling: rx-(not configurable on per port basis),
tx-(4q3t) (3t: Two configurable values and one fixed.)
CoS rewrite: yes
ToS rewrite: yes
UDLD: yes
Inline power: no
SPAN: source/destination
PortSecure: yes
Dot1x: yes
Multiple Media Types: rj45, sfp, auto-select
 

This is an example of output from the show interfaces interface description command when the interface has been described as Connects to Marketing by using the description interface configuration command.

Switch# show interfaces gigabitethernet1/2 description
Interface Status Protocol Description
Gi1/2 up down Connects to Marketing
 

This is an example of output from the show interfaces etherchannel command when port channels are configured on the switch:

Switch# show interfaces etherchannel
----
Port-channel1:
Age of the Port-channel = 03d:20h:17m:29s
Logical slot/port = 10/1 Number of ports = 0
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel Ag-Not-Inuse
 
Port-channel2:
Age of the Port-channel = 03d:20h:17m:29s
Logical slot/port = 10/2 Number of ports = 0
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel Ag-Not-Inuse
 
Port-channel3:
Age of the Port-channel = 03d:20h:17m:29s
Logical slot/port = 10/3 Number of ports = 0
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel Ag-Not-Inuse
 

This is an example of output from the show interfaces interface-id pruning command when pruning is enabled in the VTP domain:

Switch# show interfaces gigibitethernet1/2 pruning
Port Vlans pruned for lack of request by neighbor
Gi1/2 3,4
 
Port Vlans traffic requested of neighbor
Gi1/2 1-3
 

This is an example of output from the show interfaces stats command for a specified VLAN interface.

Switch# show interfaces vlan 1 stats
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 1165354 136205310 570800 91731594
Route cache 0 0 0 0
Total 1165354 136205310 570800 91731594
 

This is an example of partial output from the show interfaces status command. It displays the status of all interfaces.

Switch# show interfaces status
Port Name Status Vlan Duplex Speed Type
Fa1/1 notconnect 1 auto auto 10/100BaseTX
Fa1/2 notconnect 1 auto auto 10/100BaseTX
Fa1/3 notconnect 1 auto auto 10/100BaseTX
Fa1/4 notconnect 1 auto auto 10/100BaseTX
Fa2/1 notconnect 1 auto auto 10/100BaseTX
Fa2/2 notconnect 1 auto auto 10/100BaseTX
Fa2/3 notconnect 1 auto auto 10/100BaseTX
Fa2/4 notconnect 1 auto auto 10/100BaseTX
Fa2/5 notconnect 1 auto auto 10/100BaseTX
Fa2/6 notconnect 1 auto auto 10/100BaseTX
Fa2/7 notconnect 1 auto auto 10/100BaseTX
Fa2/8 notconnect 1 auto auto 10/100BaseTX
 
<output truncated>
 

This is an example of output from the show interfaces status err-disabled command. It displays the status of interfaces in the error-disabled state.

Switch# show interfaces status err-disabled
Port Name Status Reason
Gi1/2 err-disabled dtp-flap
 

This is an example of output from the show interfaces interface-id pruning command:

Switch# show interfaces gigibitethernet1/2 pruning
Port Vlans pruned for lack of request by neighbor
 

This is an example of output from the show interfaces interface-id trunk command. It displays trunking information for the port.

Switch# show interfaces gigabitethernet1/1 trunk
Port Mode Encapsulation Status Native vlan
Gi1/1 auto negotiate trunking 1
 
Port Vlans allowed on trunk
Gi1/1 1-4094
 
Port Vlans allowed and active in management domain
Gi1/1 1-4
 
Port Vlans in spanning tree forwarding state and not pruned
Gi1/1 1-4
 

This is an example of output from the show interfaces interface-id transceiver properties command:

Switch# show interfaces gigabitethernet1/2 transceiver properties
Name : Gi1/2
Administrative Speed: auto
Operational Speed: auto
Administrative Duplex: auto
Operational Duplex: auto
Administrative Auto-MDIX: off
Operational Auto-MDIX: off
 

This is an example of output from the show interfaces interface-id transceiver detail command:

Switch# show interfaces gigabitethernet1/3 transceiver detail
ITU Channel not available (Wavelength not available),
Transceiver is externally calibrated.
mA:milliamperes, dBm:decibels (milliwatts), N/A:not applicable.
++:high alarm, +:high warning, -:low warning, -- :low alarm.
A2D readouts (if they differ), are reported in parentheses.
The threshold values are uncalibrated.
 
High Alarm High Warn Low Warn Low Alarm
Temperature Threshold Threshold Threshold Threshold
Port (Celsius) (Celsius) (Celsius) (Celsius) (Celsius)
------- ------------------ ---------- --------- --------- ---------
Gi1/3 41.5 110.0 103.0 -8.0 -12.0
 
High Alarm High Warn Low Warn Low Alarm
Voltage Threshold Threshold Threshold Threshold
Port (Volts) (Volts) (Volts) (Volts) (Volts)
------- --------------- ---------- --------- --------- ---------
Gi1/3 3.20 4.00 3.70 3.00 2.95
 
High Alarm High Warn Low Warn Low Alarm
Current Threshold Threshold Threshold Threshold
Port (milliamperes) (mA) (mA) (mA) (mA)
------- ----------------- ---------- --------- --------- ---------
Gi1/3 31.0 84.0 70.0 4.0 2.0
 
Optical High Alarm High Warn Low Warn Low Alarm
Transmit Power Threshold Threshold Threshold Threshold
Port (dBm) (dBm) (dBm) (dBm) (dBm)
------- ----------------- ---------- --------- --------- ---------
Gi1/3 -0.0 ( -0.0) -0.0 -0.0 -0.0 -0.0
 
Optical High Alarm High Warn Low Warn Low Alarm
Receive Power Threshold Threshold Threshold Threshold
Port (dBm) (dBm) (dBm) (dBm) (dBm)
------- ----------------- ---------- --------- --------- ---------
Gi1/3 N/A ( -0.0) -- -0.0 -0.0 -0.0 -0.0
 

 
Related Commands 0

Command
Description

switchport access

Configures a port as a static-access or a dynamic-access port.

switchport backup interface

Configures Flex Links, a pair of Layer 2 interfaces that provide mutual backup.

switchport block

Blocks unknown unicast or multicast traffic on an interface.

switchport mode

Configures the VLAN membership mode of a port.

switchport protected

Isolates unicast, multicast, and broadcast traffic at Layer 2 from other protected ports on the same switch.

switchport trunk pruning

Configures the VLAN pruning-eligible list for ports in trunking mode.

show interfaces counters

To display various counters for the switch or for a specific interface, use the show interfaces counters command in Privileged EXEC mode.

show interfaces [ interface-id | vlan vlan-id ] counters [ errors | etherchannel | protocol status | trunk ]

 
Syntax Description

interface-id

(Optional) ID of the physical interface, including type, module, and port number.

vlan vlan-id

(Optional) ID of the VLAN.

errors

(Optional) Displays error counters.

etherchannel

(Optional) Displays EtherChannel counters, including octets, broadcast packets, multicast packets, and unicast packets received and sent.

protocol status

(Optional) Displays status of protocols enabled on interfaces.

trunk

(Optional) Displays trunk counters.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

If you do not enter any keywords, all counters for all interfaces are included.

Note Though visible in the command-line help string, the vlan vlan-id keyword is not supported.

Examples

This is an example of partial output from the show interfaces counters command. It displays all counters for the switch:

Switch# show interfaces counters
Port InOctets InUcastPkts InMcastPkts InBcastPkts
Gi1/1 0 0 0 0
Gi1/2 0 0 0 0
 
<output truncated>
 

This is an example of partial output from the show interfaces counters protocol status command for all interfaces:

Switch# show interfaces counters protocol status
Protocols allocated:
Vlan1: Other, IP
Vlan20: Other, IP, ARP
Vlan30: Other, IP, ARP
Vlan40: Other, IP, ARP
Vlan50: Other, IP, ARP
Vlan60: Other, IP, ARP
Vlan70: Other, IP, ARP
Vlan80: Other, IP, ARP
Vlan90: Other, IP, ARP
Vlan900: Other, IP, ARP
Vlan3000: Other, IP
Vlan3500: Other, IP
FastEthernet1/1: Other, IP, ARP, CDP
FastEthernet1/2: Other, IP
FastEthernet1/3: Other, IP
FastEthernet1/4: Other, IP
FastEthernet1/5: Other, IP
FastEthernet1/6: Other, IP
FastEthernet1/7: Other, IP
FastEthernet1/8: Other, IP
FastEthernet1/9: Other, IP
FastEthernet1/10: Other, IP, CDP
 
<output truncated>
 

This is an example of output from the show interfaces counters trunk command. It displays trunk counters for all interfaces:

Switch# show interfaces counters trunk
Port TrunkFramesTx TrunkFramesRx WrongEncap
Gi1/1 0 0 0
Gi1/2 0 0 0
Gi1/1 80678 4155 0
Gi1/2 82320 126 0
 
<output truncated>

 
Related Commands

Command
Description

show interfaces

Displays additional interface characteristics.

show interfaces rep

To display Resilient Ethernet Protocol (REP) configuration and status for a specified interface or for all interfaces, use the show interfaces rep command in EXEC mode.

show interfaces [ interface-id ] rep [ detail ]

 
Syntax Description

interface-id

(Optional) A specified physical interface or port channel ID.

detail

(Optional) Displays detailed REP configuration and status information.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

In the output for the show interface rep [ detail ] command, in addition to an Open, Fail, or AP (alternate port) state, the Port Role might show as Fail Logical Open (FailLogOpen) or Fail No Ext Neighbor (FailNoNbr). These states indicate that the port is physically up, but REP is not configured on the neighboring port. In this case, one port goes into a forwarding state for the data path to help maintain connectivity during configuration. The Port Role for this port shows as Fail Logical Open; the port forwards all data traffic on all VLANs. The other failed Port Role shows as Fail No Ext Neighbor; this port blocks traffic for all VLANs.

When the external neighbors for the failed ports are configured, the failed ports go through the alternate port state transitions and eventually go to an Open state or remain as the alternate port, based on the alternate port election mechanism.

In the show interfaces rep command output, ports configured as edge no-neighbors are designated with an asterisk (*) in front of Primary Edge or Secondary Edge. In the output of the show interfaces rep detail command, No-Neighbor is spelled out.

The output of this command is also included in the show tech-support privileged EXEC command output.

Examples

This is sample output from the show interface rep command:

Switch # show interface rep
Interface Seg-id Type LinkOp Role
---------------------- ------ ------------ ----------- ----
GigabitEthernet 1/1 1 Primary Edge TWO_WAY Open
GigabitEthernet 1/2 1 Edge TWO_WAY Open
FastEthernet 1/4 2 INIT_DOWN Fail
 
 

This is sample output from the show interface rep command when the edge port is configured to have no REP neighbor. Note the asterisk (*) next to Primary Edge.

Switch# show interface rep
Interface Seg-id Type LinkOp Role
---------------------- ------ -------------- ----------- ----
GigabitEthernet1/1 2 TWO_WAY Open
GigabitEthernet1/2 2 Primary Edge* TWO_WAY Open
 
 

This is sample output from the show interface rep command when external neighbors are not configured:

Switch # show interface rep
Interface Seg-id Type LinkOp Role
---------------------- ------ ------------ ----------- ----
GigabitEthernet1/1 1 NO_NEIGHBOR FailNoNbr
GigabitEthernet1/2 2 NO_NEIGHBOR FailLogOpen
 

This is sample output from the show interface rep detail command for a specified interface:

Switch # show interface gigabitethernet1/2 rep detail
GigabitEthernet1/2 REP enabled
Segment-id: 1 (Segment)
PortID: 00030019E85BDD00
Preferred flag: No
Operational Link Status: INIT_DOWN
Current Key: 00000000000000000000
Port Role: Fail
Blocked VLAN: 1-4094
Admin-vlan: 1
Preempt Delay Timer: disabled
LSL Ageout Timer: 5000 ms
Configured Load-balancing Block Port: 1234567890123456
Configured Load-balancing Block VLAN: 1-4094
STCN Propagate to: none
LSL PDU rx: 0, tx: 0
HFL PDU rx: 0, tx: 0
BPA TLV rx: 0, tx: 0
BPA (STCN, LSL) TLV rx: 0, tx: 0
BPA (STCN, HFL) TLV rx: 0, tx: 0
EPA-ELECTION TLV rx: 0, tx: 0
EPA-COMMAND TLV rx: 0, tx: 0
EPA-INFO TLV rx: 0, tx: 0

 
Related Commands

Command
Description

rep segment

Enables REP on an interface and assigns a segment ID. This command is also used to configure a port as an edge port, a primary edge port, or a preferred port.

show rep topology [ detail ]

Displays information about all ports in the segment, including which one was configured and selected as the primary edge port.

show inventory

To display product identification (PID) information for the hardware, use the show inventory command in EXEC mode.

show inventory [ entity-name | raw ]

 
Syntax Description

entity-name

(Optional) The specified entity. For example, enter the interface (such as gigabitethernet1/1) into which a small form-factor pluggable (SFP) module is installed.

raw

(Optional) Displays every entity in the device.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The command is case sensitive. With no arguments, the show inventory command produces a compact dump of all identifiable entities that have a product identifier. The compact dump displays the entity location (slot identity), entity description, and the unique device identifier (UDI) (PID, VID, and SN) of that entity.

Note If there is no PID, no output appears when you enter the show inventory command.

Examples

This is example output from the show inventory command:

Switch> show inventory
NAME: ''1'', DESCR: ''IE-3000-4TC''
PID: IE-3000-4TC, VID:, SN: FHK1152UZRW
 
NAME: ''IE-3000-4TC - Module in slot 1'', DESCR: ''IE-3000-4TC - Module in slot 1''
PID: 800-28491-01, VID: C1151V545FOC11504, SN: S9FOC115040MRFOC11503J7JF
 
NAME: ''IEM-3000-8TM - Module in slot 2'', DESCR: ''IEM-3000-8TM - Module in slot 2''
PID: 800-28540-01, VID: C1151V332FOC11515, SN: P0FOC11504ML3
 
NAME: ''IEM-3000-8FM - Module in slot 3'', DESCR: ''IEM-3000-8FM - Module in slot 3''
PID: 800-28543-01, VID: C1151V462FOC11505, SN: GTFOC11505JMPFOC11505JDX
 
Switch>

show ip arp inspection

To display the configuration and the operating state of dynamic Address Resolution Protocol (ARP) inspection or the status of this feature for all VLANs or for the specified interface or VLAN, use the show ip arp inspection command in Privileged EXEC mode.

show ip arp inspection [ interfaces [ interface-id ] | log | statistics [ vlan vlan-range ] | vlan vlan-range ]

 
Syntax Description

interfaces interface-id

(Optional) Displays the trust state and the rate limit of ARP packets for the specified interface or all interfaces. Valid interfaces include physical ports and port channels.

log

(Optional) Displays the configuration and contents of the dynamic ARP inspection log buffer.

statistics

(Optional) Displays statistics for forwarded, dropped, MAC validation failure, IP validation failure, access control list (ACL) permitted and denied, and DHCP permitted and denied packets for the specified VLAN. If no VLANs are specified or if a range is specified, displays information only for VLANs with dynamic ARP inspection enabled (active).

vlan vlan-range

(Optional) Displays the configuration and the operating state of dynamic ARP inspection for the specified VLAN. If no VLANs are specified or if a range is specified, displays information only for VLANs with dynamic ARP inspection enabled (active).

You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. The range is 1 to 4094.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show ip arp inspection command:

Switch# show ip arp inspection
 
Source Mac Validation : Disabled
Destination Mac Validation : Disabled
IP Address Validation : Enabled
 
Vlan Configuration Operation ACL Match Static ACL
---- ------------- --------- --------- ----------
1 Enabled Active deny-all No
 
Vlan ACL Logging DHCP Logging Probe Logging
---- ----------- ------------ -------------
1 Acl-Match All Permit
 
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ---------
1 0 0 0 0
 
Vlan DHCP Permits ACL Permits Probe Permits Source MAC Failures
---- ------------ ----------- ------------- -------------------
1 0 0 0 0
 
Vlan Dest MAC Failures IP Validation Failures Invalid Protocol Data
---- ----------------- ---------------------- ---------------------
1 0 0 0
 

This is an example of output from the show ip arp inspection interfaces command:

Switch# show ip arp inspection interfaces
Interface Trust State Rate (pps) Burst Interval
--------------- ----------- ---------- --------------
Gi1/1 Untrusted 15 1
Gi1/2 Untrusted 15 1
Gi1/3 Untrusted 15 1
 

This is an example of output from the show ip arp inspection interfaces interface-id command:

Switch# show ip arp inspection interfaces gigabitethernet1/1
Interface Trust State Rate (pps) Burst Interval
--------------- ----------- ---------- --------------
Gi1/1 Untrusted 15 1
 

This is an example of output from the show ip arp inspection log command. It shows the contents of the log buffer before the buffers are cleared:

Switch# show ip arp inspection log
Total Log Buffer Size : 32
Syslog rate : 10 entries per 300 seconds.
 
Interface Vlan Sender MAC Sender IP Num Pkts Reason Time
---------- ---- -------------- --------------- --------- ----------- ----
Gi1/1 5 0003.0000.d673 192.2.10.4 5 DHCP Deny 19:39:01 UTC Mon Mar 1 1993
Gi1/1 5 0001.0000.d774 128.1.9.25 6 DHCP Deny 19:39:02 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1111 10.10.10.1 7 DHCP Deny 19:39:03 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1112 10.10.10.2 8 DHCP Deny 19:39:04 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1114 173.1.1.1 10 DHCP Deny 19:39:06 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1115 173.1.1.2 11 DHCP Deny 19:39:07 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1116 173.1.1.3 12 DHCP Deny 19:39:08 UTC Mon Mar 1 1993
 

If the log buffer overflows, it means that a log event does not fit into the log buffer, and the display for the show ip arp inspection log privileged EXEC command is affected. A -- in the display appears in place of all data except the packet count and the time. No other statistics are provided for the entry. If you see this entry in the display, increase the number of entries in the log buffer, or increase the logging rate in the ip arp inspection log-buffer global configuration command.

This is an example of output from the show ip arp inspection statistics command. It shows the statistics for packets that have been processed by dynamic ARP inspection for all active VLANs:

Switch# show ip arp inspection statistics
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ---------
5 3 4618 4605 4
2000 0 0 0 0
 
Vlan DHCP Permits ACL Permits Source MAC Failures
---- ------------ ----------- -------------------
5 0 12 0
2000 0 0 0
 
Vlan Dest MAC Failures IP Validation Failures
---- ----------------- ----------------------
5 0 9
2000 0 0
 

For the show ip arp inspection statistics command, the switch increments the number of forwarded packets for each ARP request and response packet on a trusted dynamic ARP inspection port. The switch increments the number of ACL or DHCP permitted packets for each packet that is denied by source MAC, destination MAC, or IP validation checks, and the switch increments the appropriate failure count.

This is an example of output from the show ip arp inspection statistics vlan 5 command. It shows statistics for packets that have been processed by dynamic ARP for VLAN 5:

Switch# show ip arp inspection statistics vlan 5
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ---------
5 3 4618 4605 4
 
Vlan DHCP Permits ACL Permits Source MAC Failures
---- ------------ ----------- -------------------
5 0 12 0
 
Vlan Dest MAC Failures IP Validation Failures Invalid Protocol Data
---- ----------------- ---------------------- ---------------------
5 0 9 3
 

This is an example of output from the show ip arp inspection vlan 5 command. It shows the configuration and the operating state of dynamic ARP inspection for VLAN 5:

Switch# show ip arp inspection vlan 5
Source Mac Validation :Enabled
Destination Mac Validation :Enabled
IP Address Validation :Enabled
 
Vlan Configuration Operation ACL Match Static ACL
---- ------------- --------- --------- ----------
5 Enabled Active second No
 
Vlan ACL Logging DHCP Logging
---- ----------- ------------
5 Acl-Match All

 
Related Commands

Command
Description

arp access-list

Defines an ARP ACL.

clear arp inspection log

Clears the dynamic ARP inspection log buffer.

clear ip arp inspection statistics

Clears the dynamic ARP inspection statistics.

ip arp inspection log-buffer

Configures the dynamic ARP inspection logging buffer.

ip arp inspection vlan logging

Controls the type of packets that are logged per VLAN.

show arp access-list

Displays detailed information about ARP access lists.

show ip dhcp snooping

To display the DHCP snooping configuration, use the show ip dhcp snooping command in EXEC mode.

show ip dhcp snooping

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

This command displays only the results of global configuration. Therefore, in this example, the circuit ID suboption appears in its default format of vlan - mod - port, even if a string is configured for the circuit ID.

Examples

This is an example of output from the show ip dhcp snooping command:

Switch> show ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
40-42
Insertion of option 82 is enabled
circuit-id format: vlan-mod-port
remote-id format: string
Option 82 on untrusted port is allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
GigabitEthernet1/1 yes unlimited
GigabitEthernet1/2 yes unlimited

 
Related Commands

Command
Description

show ip dhcp snooping binding

Displays the DHCP snooping binding information.

show ip dhcp snooping binding

To display the DHCP snooping binding database and configuration information for all interfaces on a switch, use the show ip dhcp snooping binding command in EXEC mode.

show ip dhcp snooping binding [ ip-address ] [ mac-address ] [ interface interface-id ] [ vlan vlan-id ]

 
Syntax Description

ip-address

(Optional) The binding entry IP address.

mac-address

(Optional) The binding entry MAC address.

interface interface-id

(Optional) The binding input interface.

vlan vlan-id

(Optional) The binding entry VLAN.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The show ip dhcp snooping binding command output shows only the dynamically configured bindings. Use the show ip source binding privileged EXEC command to display the dynamically and statically configured bindings in the DHCP snooping binding database.

If DHCP snooping is enabled and an interface changes to the down state, the switch does not delete the statically configured bindings.

Examples

This example shows how to display the DHCP snooping binding entries for a switch:

Switch> show ip dhcp snooping binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
01:02:03:04:05:06 10.1.2.150 9837 dhcp-snooping 20 GigabitEthernet1/1
00:D0:B7:1B:35:DE 10.1.2.151 237 dhcp-snooping 20 GigabitEthernet1/2
Total number of bindings: 2
 

This example shows how to display the DHCP snooping binding entries for a specific IP address:

Switch> show ip dhcp snooping binding 10.1.2.150
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
01:02:03:04:05:06 10.1.2.150 9810 dhcp-snooping 20 GigabitEthernet1/1
Total number of bindings: 1
 

This example shows how to display the DHCP snooping binding entries for a specific MAC address:

Switch> show ip dhcp snooping binding 0102.0304.0506
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
01:02:03:04:05:06 10.1.2.150 9788 dhcp-snooping 20 GigabitEthernet1/2
Total number of bindings: 1
 

This example shows how to display the DHCP snooping binding entries on a port:

Switch> show ip dhcp snooping binding interface gigabitethernet1/2
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
00:30:94:C2:EF:35 10.1.2.151 290 dhcp-snooping 20 GigabitEthernet1/2
Total number of bindings: 1
 

This example shows how to display the DHCP snooping binding entries on VLAN 20:

Switch> show ip dhcp snooping binding vlan 20
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
01:02:03:04:05:06 10.1.2.150 9747 dhcp-snooping 20 GigabitEthernet1/1
00:00:00:00:00:02 10.1.2.151 65 dhcp-snooping 20 GigabitEthernet1/2
Total number of bindings: 2
 

Table 0-9 describes the fields in the show ip dhcp snooping binding command output.

 

Table 0-9 show ip dhcp snooping binding Command Output

Field
Description

MacAddress

Client hardware MAC address.

IpAddress

Client IP address assigned from the DHCP server.

Lease(sec)

Remaining lease time for the IP address.

Type

Binding type.

VLAN

VLAN number of the client interface.

Interface

Interface that connects to the DHCP client host.

Total number of bindings

Total number of bindings configured on the switch.

Note The command output might not show the total number of bindings. For example, if 200 bindings are configured on the switch and you stop the display before all the bindings appear, the total number does not change.

 
Related Commands

Command
Description

ip dhcp snooping binding

Configures the DHCP snooping binding database

show ip dhcp snooping

Displays the DHCP snooping configuration.

show ip dhcp snooping database

To display the status of the DHCP snooping binding database agent, use the show ip dhcp snooping database command in EXEC mode.

show ip dhcp snooping database [ detail ]

 
Syntax Description

detail

(Optional) Displays detailed status and statistics information.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show ip dhcp snooping database command:

Switch> show ip dhcp snooping database
Agent URL :
Write delay Timer : 300 seconds
Abort Timer : 300 seconds
 
Agent Running : No
Delay Timer Expiry : Not Running
Abort Timer Expiry : Not Running
 
Last Succeded Time : None
Last Failed Time : None
Last Failed Reason : No failure recorded.
 
Total Attempts : 0 Startup Failures : 0
Successful Transfers : 0 Failed Transfers : 0
Successful Reads : 0 Failed Reads : 0
Successful Writes : 0 Failed Writes : 0
Media Failures : 0
 

This is an example of output from the show ip dhcp snooping database detail command:

Switch# show ip dhcp snooping database detail
Agent URL : tftp://10.1.1.1/directory/file
Write delay Timer : 300 seconds
Abort Timer : 300 seconds
 
Agent Running : No
Delay Timer Expiry : 7 (00:00:07)
Abort Timer Expiry : Not Running
 
Last Succeded Time : None
Last Failed Time : 17:14:25 UTC Sat Jul 7 2001
Last Failed Reason : Unable to access URL.
 
Total Attempts : 21 Startup Failures : 0
Successful Transfers : 0 Failed Transfers : 21
Successful Reads : 0 Failed Reads : 0
Successful Writes : 0 Failed Writes : 21
Media Failures : 0
 
First successful access: Read
 
Last ignored bindings counters :
Binding Collisions : 0 Expired leases : 0
Invalid interfaces : 0 Unsupported vlans : 0
Parse failures : 0
Last Ignored Time : None
 
Total ignored bindings counters:
Binding Collisions : 0 Expired leases : 0
Invalid interfaces : 0 Unsupported vlans : 0
Parse failures : 0

 
Related Commands

Command
Description

ip dhcp snooping

Enables DHCP snooping on a VLAN.

ip dhcp snooping database

Configures the DHCP snooping binding database agent or the binding file.

show ip dhcp snooping

Displays DHCP snooping information.

show ip dhcp snooping statistics

To display DHCP snooping statistics in summary or detail form, use the show ip dhcp snooping statistics command in EXEC mode.

show ip dhcp snooping statistics [ detail ]

 
Syntax Description

detail

(Optional) Displays detailed statistics information.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

In a switch stack, all statistics are generated on the stack master. If a new stack master is elected, the statistics counters reset.

Examples

This is an example of output from the show ip dhcp snooping statistics command:

Switch> show ip dhcp snooping statistics
Packets Forwarded = 0
Packets Dropped = 0
Packets Dropped From untrusted ports = 0
 

This is an example of output from the show ip dhcp snooping statistics detail command:

Switch> show ip dhcp snooping statistics detail
Packets Processed by DHCP Snooping = 0
Packets Dropped Because
IDB not known = 0
Queue full = 0
Interface is in errdisabled = 0
Rate limit exceeded = 0
Received on untrusted ports = 0
Nonzero giaddr = 0
Source mac not equal to chaddr = 0
Binding mismatch = 0
Insertion of opt82 fail = 0
Interface Down = 0
Unknown output interface = 0
Reply output port equal to input port = 0
Packet denied by platform = 0
 

Table 0-10 shows the DHCP snooping statistics and their descriptions:

Table 0-10 DHCP Snooping Statistics

DHCP Snooping Statistic
Description

Packets Processed by DHCP Snooping

Total number of packets handled by DHCP snooping, including forwarded and dropped packets.

Packets Dropped Because IDB not known

Number of errors when the input interface of the packet cannot be determined.

Queue full

Number of errors when an internal queue used to process the packets is full. This might happen if DHCP packets are received at an excessively high rate and rate limiting is not enabled on the ingress ports.

Interface is in errdisabled

Number of times a packet was received on a port that has been marked as error disabled. This might happen if packets are in the processing queue when a port is put into the error-disabled state and those packets are subsequently processed.

Rate limit exceeded

Number of times the rate limit configured on the port was exceeded and the interface was put into the error-disabled state.

Received on untrusted ports

Number of times a DHCP server packet (OFFER, ACK, NAK, or LEASEQUERY) was received on an untrusted port and was dropped.

Nonzero giaddr

Number of times the relay agent address field (giaddr) in the DHCP packet received on an untrusted port was not zero, or the no ip dhcp snooping information option allow-untrusted global configuration command is not configured and a packet received on an untrusted port contained option-82 data.

Source mac not equal to chaddr

Number of times the client MAC address field of the DHCP packet (chaddr) does not match the packet source MAC address and the ip dhcp snooping verify mac-address global configuration command is configured.

Binding mismatch

Number of times a RELEASE or DECLINE packet was received on a port that is different than the port in the binding for that MAC address-VLAN pair. This indicates someone might be trying to spoof the real client, or it could mean that the client has moved to another port on the switch and issued a RELEASE or DECLINE. The MAC address is taken from the chaddr field of the DHCP packet, not the source MAC address in the Ethernet header.

Insertion of opt82 fail

Number of times the option-82 insertion into a packet failed. The insertion might fail if the packet with the option-82 data exceeds the size of a single physical packet on the internet.

Interface Down

Number of times the packet is a reply to the DHCP relay agent, but the SVI interface for the relay agent is down. This is an unlikely error that occurs if the SVI goes down between sending the client request to the DHCP server and receiving the response.

Unknown output interface

Number of times the output interface for a DHCP reply packet cannot be determined by either option-82 data or a lookup in the MAC address table. The packet is dropped. This can happen if option 82 is not used and the client MAC address has aged out. If IPSG is enabled with the port-security option and option 82 is not enabled, the MAC address of the client is not learned, and the reply packets will be dropped.

Reply output port equal to input port

Number of times the output port for a DHCP reply packet is the same as the input port, causing a possible loop. Indicates a possible network misconfiguration or misuse of trust settings on ports.

Packet denied by platform

Number of times the packet has been denied by a platform-specific registry.

 
Related Commands

Command
Description

clear ip dhcp snooping

Clears the DHCP snooping binding database, the DHCP snooping binding database agent statistics, or the DHCP snooping statistics counters.

show ip igmp profile

To display all configured Internet Group Management Protocol (IGMP) profiles or a specified IGMP profile, use the show ip igmp profile command in Privileged EXEC mode.

show ip igmp profile [ profile number ]

 
Syntax Description

profile number

(Optional) The IGMP profile number to be displayed. The range is 1 to 4294967295. If no profile number is entered, all IGMP profiles are displayed.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

These are examples of output from the show ip igmp profile privileged EXEC command, with and without specifying a profile number. If no profile number is entered, the display includes all profiles configured on the switch.

Switch# show ip igmp profile 40
IGMP Profile 40
permit
range 233.1.1.1 233.255.255.255
 
Switch# show ip igmp profile
IGMP Profile 3
range 230.9.9.0 230.9.9.0
IGMP Profile 4
permit
range 229.9.9.0 229.255.255.255

 
Related Commands

Command
Description

ip igmp profile

Configures the specified IGMP profile number.

show ip igmp snooping

To display the Internet Group Management Protocol (IGMP) snooping configuration of the switch or the VLAN, use the show ip igmp snooping EXEC command.

show ip igmp snooping [ groups | mrouter | querier ] [ vlan vlan-id ]

 
Syntax Description

groups

(Optional) Displays the show ip igmp snooping groups information.

mrouter

(Optional) Displays the show ip igmp snooping mrouter information.

querier

(Optional) Displays the show ip igmp snooping querier information.

vlan vlan-id

(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094 (available only in privileged EXEC mode).

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use this command to display snooping configuration for the switch or for a specific VLAN.

VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping.

Examples

This is an example of output from the show ip igmp snooping vlan 1 command. It shows snooping characteristics for a specific VLAN.

Switch# show ip igmp snooping vlan 1
Global IGMP Snooping configuration:
-----------------------------------
IGMP snooping :Enabled
IGMPv3 snooping (minimal) :Enabled
Report suppression :Enabled
TCN solicit query :Disabled
TCN flood query count :2
Last member query interval : 100
 
Vlan 1:
--------
IGMP snooping :Enabled
Immediate leave :Disabled
Multicast router learning mode :pim-dvmrp
Source only learning age timer :10
CGMP interoperability mode :IGMP_ONLY
Last member query interval : 100
 

This is an example of output from the show ip igmp snooping command. It displays snooping characteristics for all VLANs on the switch.

Switch> show ip igmp snooping
Global IGMP Snooping configuration:
-----------------------------------
IGMP snooping : Enabled
IGMPv3 snooping (minimal) : Enabled
Report suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Last member query interval : 100
 
Vlan 1:
--------
IGMP snooping :Enabled
Immediate leave :Disabled
Multicast router learning mode :pim-dvmrp
Source only learning age timer :10
CGMP interoperability mode :IGMP_ONLY
Last member query interval : 100
 
Vlan 2:
--------
IGMP snooping :Enabled
Immediate leave :Disabled
Multicast router learning mode :pim-dvmrp
Source only learning age timer :10
CGMP interoperability mode :IGMP_ONLY
Last member query interval : 333
 
<output truncated>

 
Related Commands

Command
Description

ip igmp snooping

Enables IGMP snooping on the switch or on a VLAN.

ip igmp snooping last-member-query-interval

Enables the IGMP snooping configurable-leave timer.

ip igmp snooping querier

Enables the IGMP querier function in Layer 2 networks.

ip igmp snooping report-suppression

Enables IGMP report suppression.

ip igmp snooping tcn

Configures the IGMP topology change notification behavior.

ip igmp snooping tcn flood

Specifies multicast flooding as the IGMP spanning-tree topology change notification behavior.

ip igmp snooping vlan immediate-leave

Enables IGMP snooping immediate-leave processing on a VLAN.

ip igmp snooping vlan mrouter

Adds a multicast router port or configures the multicast learning method.

ip igmp snooping vlan static

Statically adds a Layer 2 port as a member of a multicast group.

show ip igmp snooping groups

Displays the IGMP snooping multicast table for the switch.

show ip igmp snooping mrouter

Displays IGMP snooping multicast router ports for the switch or for the specified multicast VLAN.

show ip igmp snooping querier

Displays the configuration and operation information for the IGMP querier configured on a switch.

show ip igmp snooping groups

To display the Internet Group Management Protocol (IGMP) snooping multicast table for the switch or the multicast information, use the show ip igmp snooping groups command in Privileged EXEC mode. Use with the vlan keyword to display the multicast table for a specified multicast VLAN or specific multicast information.

show ip igmp snooping groups [ vlan vlan-id [ ip_address ] | dynamic | user ] [ count ]

 
Syntax Description

vlan vlan-id

(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094.

ip_address

(Optional) The specified group IP address.

dynamic

(Optional) Displays entries learned by IGMP snooping.

user

Optional) Displays only the user-configured multicast entries.

count

(Optional) Displays the total number of entries for the specified command

options instead of the actual entries.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use this command to display multicast information or the multicast table.

VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping.

Examples

This is an example of output from the show ip igmp snooping groups command without any keywords. It displays the multicast table for the switch.

Switch# show ip igmp snooping groups
Vlan Group Type Version Port List
-------------------------------------------------------------
104 224.1.4.2 igmp v2 Gi1/1, Gi1/2
104 224.1.4.3 igmp v2 Gi1/1, Gi1/2
 

This is an example of output from the show ip igmp snooping groups count command. It displays the total number of multicast groups on the switch.

Switch# show ip igmp snooping groups count
Total number of multicast groups: 2
 

This is an example of output from the show ip igmp snooping groups dynamic command. It shows only the entries learned by IGMP snooping.

Switch# show ip igmp snooping groups vlan 1 dynamic
Vlan Group Type Version Port List
-------------------------------------------------------------
104 224.1.4.2 igmp v2 Gi1/1, Fa1/8
104 224.1.4.3 igmp v2 Gi1/1, Fa1/8
 

This is an example of output from the show ip igmp snooping groups vlan vlan-id ip-address command. It shows the entries for the group with the specified IP address.

Switch# show ip igmp snooping groups vlan 104 224.1.4.2
Vlan Group Type Version Port List
-------------------------------------------------------------
104 224.1.4.2 igmp v2 Gi1/1, Fa1/8

 
Related Commands

Command
Description

ip igmp snooping

Enables IGMP snooping on the switch or on a VLAN.

ip igmp snooping vlan mrouter

Configures a multicast router port.

ip igmp snooping vlan static

Statically adds a Layer 2 port as a member of a multicast group.

show ip igmp snooping

Displays the IGMP snooping configuration of the switch or the VLAN.

show ip igmp snooping mrouter

Displays IGMP snooping multicast router ports for the switch or for the specified multicast VLAN.

show ip igmp snooping mrouter

To display the Internet Group Management Protocol (IGMP) snooping dynamically learned and manually configured multicast router ports for the switch or for the specified multicast VLAN, use the show ip igmp snooping mrouter command in Privileged EXEC mode.

show ip igmp snooping mrouter [ vlan vlan-id ]

 
Syntax Description

vlan vlan-id

(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use this command to display multicast router ports on the switch or for a specific VLAN.

VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping.

When multicast VLAN registration (MVR) is enabled, the show ip igmp snooping mrouter command displays MVR multicast router information and IGMP snooping information.

Examples

This is an example of output from the show ip igmp snooping mrouter command. It shows how to display multicast router ports on the switch.

Switch# show ip igmp snooping mrouter
Vlan ports
---- -----
1 Gi1/1(dynamic)

 
Related Commands

Command
Description

ip igmp snooping

Enables IGMP snooping on the switch or on a VLAN.

ip igmp snooping vlan mrouter

Adds a multicast router port.

ip igmp snooping vlan static

Statically adds a Layer 2 port as a member of a multicast group.

show ip igmp snooping

Displays the IGMP snooping configuration of the switch or the VLAN

show ip igmp snooping groups

Displays IGMP snooping multicast information for the switch or for the specified parameter.

show ip igmp snooping querier

To display the configuration and operation information for the IGMP querier configured on a switch, use the show ip igmp snooping querier detail command in EXEC mode.

show ip igmp snooping querier [ detail | vlan vlan-id [ detail ]]

 
Syntax Description

detail

(Optional) Displays detailed IGMP querier information.

vlan vlan-id detail

(Optional) Displays IGMP querier information for the specified VLAN. The range is 1 to 1001 and 1006 to 4094. Use the detail keyword to display detailed information.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use the show ip igmp snooping querier command to display the IGMP version and the IP address of a detected device, also called a querier , t hat sends IGMP query messages. A subnet can have multiple multicast routers but has only one IGMP querier. In a subnet running IGMPv2, one of the multicast routers is elected as the querier. The querier can be a Layer 3 switch.

The show ip igmp snooping querier command output also shows the VLAN and the interface on which the querier was detected. If the querier is the switch, the output shows the Port field as Router. If the querier is a router, the output shows the port number on which the querier is learned in the Port field.

The show ip igmp snooping querier detail EXEC command is similar to the show ip igmp snooping querier command. However, the show ip igmp snooping querier command displays only the device IP address most recently detected by the switch querier.

The show ip igmp snooping querier detail command di splays the device IP address most recently detected by the switch querier and this additional information:

  • The elected IGMP querier in the VLAN
  • The configuration and operational information pertaining to the switch querier (if any) that is configured in the VLAN

Examples

This is an example of output from the show ip igmp snooping querier command:

Switch> show ip igmp snooping querier
Vlan IP Address IGMP Version Port
---------------------------------------------------
1 172.20.50.11 v3 Gi1/1
2 172.20.40.20 v2 Router
 

This is an example of output from the show ip igmp snooping querier detail command:

Switch> show ip igmp snooping querier detail
 
Vlan IP Address IGMP Version Port
-------------------------------------------------------------
1 1.1.1.1 v2 Fa1/1
 
Global IGMP switch querier status
--------------------------------------------------------
admin state : Enabled
admin version : 2
source IP address : 0.0.0.0
query-interval (sec) : 60
max-response-time (sec) : 10
querier-timeout (sec) : 120
tcn query count : 2
tcn query interval (sec) : 10
 
Vlan 1: IGMP switch querier status
 
--------------------------------------------------------
elected querier is 1.1.1.1 on port Fa1/1
--------------------------------------------------------
admin state : Enabled
admin version : 2
source IP address : 10.1.1.65
query-interval (sec) : 60
max-response-time (sec) : 10
querier-timeout (sec) : 120
tcn query count : 2
tcn query interval (sec) : 10
operational state : Non-Querier
operational version : 2
tcn query pending count : 0

 
Related Commands

Command
Description

ip igmp snooping

Enables IGMP snooping on the switch or on a VLAN.

ip igmp snooping querier

Enables the IGMP querier function in Layer 2 networks.

show ip igmp snooping

Displays IGMP snooping multicast router ports for the switch or for the specified multicast VLAN.

show ip source binding

To display the IP source bindings on the switch, use the show ip source binding command in EXEC mode.

show ip source binding [ ip-address ] [ mac-address ] [ dhcp-snooping | static ] [ interface interface-id ] [ vlan vlan-id ]

 
Syntax Description

ip-address

(Optional) IP source bindings for a specific IP address.

mac-address

(Optional) IP source bindings for a specific MAC address.

dhcp-snooping

(Optional) Displays IP source bindings that were learned by DHCP snooping.

static

(Optional) Displays static IP source bindings.

interface interface-id

(Optional) Displays IP source bindings on a specific interface.

vlan vlan-id

(Optional) Displays IP source bindings on a specific VLAN.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

The show ip source binding command output shows the dynamically and statically configured bindings in the DHCP snooping binding database. Use the show ip dhcp snooping binding privileged EXEC command to display only the dynamically configured bindings.

Examples

This is an example of output from the show ip source binding command:

Switch> show ip source binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
-------------- --------------- ---------- ------------- ---- --------------------
00:00:00:0A:00:0B 11.0.0.1 infinite static 10 GigabitEthernet1/1
00:00:00:0A:00:0A 11.0.0.2 10000 dhcp-snooping 10 GigabitEthernet1/1

 
Related Commands

Command
Description

ip dhcp snooping binding

Configures the DHCP snooping binding database.

ip source binding

Configures static IP source bindings on the switch.

show ip verify source

To display the IP source guard configuration on the switch or on a specific interface, use the show ip verify source command in EXEC mode.

show ip verify source [ interface interface-id ]

 
Syntax Description

interface interface-id

(Optional) Displays IP source guard configuration on a specific interface.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show ip verify source command:

Switch> show ip verify source
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- -------------- ---------
gi1/1 ip active 10.0.0.1 10
gi1/1 ip active deny-all 11-20
gi1/2 ip inactive-trust-port
gi1/3 ip inactive-no-snooping-vlan
gi1/4 ip-mac active 10.0.0.2 aaaa.bbbb.cccc 10
gi1/4 ip-mac active 11.0.0.1 aaaa.bbbb.cccd 11
gi1/4 ip-mac active deny-all deny-all 12-20
gi1/5 ip-mac active 10.0.0.3 permit-all 10
gi1/5 ip-mac active deny-all permit-all 11-20
 

In the previous example, this is the IP source guard configuration:

  • On the Gigabit Ethernet 1 interface, DHCP snooping is enabled on VLANs 10 to 20. For VLAN 10, IP source guard with IP address filtering is configured on the interface, and a binding exists on the interface. For VLANs 11 to 20, the second entry shows that a default port access control lists (ACLs) is applied on the interface for the VLANs on which IP source guard is not configured.
  • The Gigabit Ethernet 2 interface is configured as trusted for DHCP snooping.
  • On the Gigabit Ethernet 3 interface, DHCP snooping is not enabled on the VLANs to which the interface belongs.
  • On the Gigabit Ethernet 4 interface, IP source guard with source IP and MAC address filtering is enabled, and static IP source bindings are configured on VLANs 10 and 11. For VLANs 12 to 20, the default port ACL is applied on the interface for the VLANs on which IP source guard is not configured.
  • On the Gigabit Ethernet 5 interface, IP source guard with source IP and MAC address filtering is enabled and configured with a static IP binding, but port security is disabled. The switch cannot filter source MAC addresses.

This is an example of output on an interface on which IP source guard is disabled:

Switch> show ip verify source gigabitethernet 1/6
IP source guard is not configured on the interface gi1/16.

 
Related Commands

Command
Description

ip verify source

Enables IP source guard on an interface.

show ipc

To display Interprocess Communications Protocol (IPC) configuration, status, and statistics, use the show ipc command in EXEC mode.

show ipc { hog-info | mcast { appclass | groups | status } | nodes | ports [ open ] | queue | rpc | session { all | rx | tx } [ verbose ] | status [ cumlulative ] | zones }

 
Syntax Description

hog-info

Displays the IPC message consumed excessive CPU.

mcast appclass | groups | status

Displays the IPC multicast routing information. The keywords have these meanings:

  • appclass —Displays the IPC multicast application classes.
  • groups —Displays the IPC multicast groups.
  • status —Displays the IPC multicast routing status.

nodes

Displays participating nodes.

ports open

Displays local IPC ports. The keyword has this meaning:

  • open —(Optional) Displays only the open ports.

queue

Displays the contents of the IPC transmission queue.

rpc

Displays the IPC remote-procedure statistics.

session all | rx | tx

Displays the IPC session statistics (available only in privileged EXEC mode). The keywords have these meanings:

  • all —Displays all the session statistics.
  • rx —Displays the sessions statistics for traffic that the switch receives
  • tx —Displays the sessions statistics for traffic that the switch forwards.

verbose

(Optional) Displays detailed statistics (available only in privileged EXEC mode).

status cumlulative

Displays the status of the local IPC server. The keyword has this meaning:

  • cumlulative ( Optional) Displays the status of the local IPC server since the switch was started or restarted.

zones

Displays the participating IPC zones. The switch supports a single IPC zone.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

This command is available only when the switch is running the IP services image.

Examples

This example shows how to display the IPC routing status:

Switch> show ipc mcast status
IPC Mcast Status
Tx Rx
 
Total Frames 0 0
Total control Frames 0 0
Total Frames dropped 0 0
Total control Frames dropped 0 0
 
Total Reliable messages 0 0
Total Reliable messages acknowledged 0 0
Total Out of Band Messages 0 0
Total Out of Band messages acknowledged 0 0
 
Total No Mcast groups 0 0
 
Total Retries 0 Total Timeouts 0
Total OOB Retries 0 Total OOB Timeouts 0
Total flushes 0 Total No ports 0
 

This example shows how to display the participating nodes:

Switch> show ipc nodes
There is 1 node in this IPC realm.
ID Type Name Last Last
Sent Heard
10000 Local IPC Master 0 0
 

This example shows how to display the local IPC ports:

Switch> show ipc ports
There are 8 ports defined.
 
Port ID Type Name (current/peak/total)
There are 8 ports defined.
10000.1 unicast IPC Master:Zone
10000.2 unicast IPC Master:Echo
10000.3 unicast IPC Master:Control
10000.4 unicast IPC Master:Init
10000.5 unicast FIB Master:DFS.process_level.msgs
10000.6 unicast FIB Master:DFS.interrupt.msgs
10000.7 unicast MDFS RP:Statistics
port_index = 0 seat_id = 0x10000 last sent = 0 last heard = 0
0/2/159
 
10000.8 unicast Slot 1 :MDFS.control.RIL
port_index = 0 seat_id = 0x10000 last sent = 0 last heard = 0
0/0/0
 
RPC packets:current/peak/total
0/1/4
 

This example shows how to display the contents of the IPC retransmission queue:

Switch> show ipc queue
There are 0 IPC messages waiting for acknowledgement in the transmit queue.
There are 0 IPC messages waiting for a response.
There are 0 IPC messages waiting for additional fragments.
There are 0 IPC messages currently on the IPC inboundQ.
Messages currently in use : 3
Message cache size : 1000
Maximum message cache usage : 1000
 
0 times message cache crossed 5000 [max]
 
Emergency messages currently in use : 0
 
There are 2 messages currently reserved for reply msg.
 
Inbound message queue depth 0
Zone inbound message queue depth 0
 

This example shows how to display all the IPC session statistics:

Switch# show ipc session all
Tx Sessions:
Port ID Type Name
10000.7 Unicast MDFS RP:Statistics
port_index = 0 type = Unreliable last sent = 0 last heard = 0
Msgs requested = 180 Msgs returned = 180
 
10000.8 Unicast Slot 1 :MDFS.control.RIL
port_index = 0 type = Reliable last sent = 0 last heard = 0
Msgs requested = 0 Msgs returned = 0
 
Rx Sessions:
Port ID Type Name
10000.7 Unicast MDFS RP:Statistics
port_index = 0 seat_id = 0x10000 last sent = 0 last heard = 0
No of msgs requested = 180 Msgs returned = 180
 
10000.8 Unicast Slot 1 :MDFS.control.RIL
port_index = 0 seat_id = 0x10000 last sent = 0 last heard = 0
No of msgs requested = 0 Msgs returned = 0
 

This example shows how to display the status of the local IPC server:

Switch> show ipc status cumulative
IPC System Status
 
Time last IPC stat cleared :never
 
This processor is the IPC master server.
Do not drop output of IPC frames for test purposes.
 
1000 IPC Message Headers Cached.
 
Rx Side Tx Side
 
Total Frames 12916 608
0 0
Total from Local Ports 13080 574
Total Protocol Control Frames 116 17
Total Frames Dropped 0 0
 
Service Usage
 
Total via Unreliable Connection-Less Service 12783 171
Total via Unreliable Sequenced Connection-Less Svc 0 0
Total via Reliable Connection-Oriented Service 17 116
<output truncated>

 
Related Commands

Command
Description

clear ipc

Clears the IPC multicast routing statistics.

show ipv6 dhcp conflict

To display address conflicts found by a Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server when addresses are offered to the client, use the show ipv6 dhcp conflict command in Privileged EXEC mode.

show ipv6 dhcp conflict

Note This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch and the switch is running the IP services image.

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command, and reload the switch.

When you configure the DHCPv6 server to detect conflicts, it uses ping. The client uses neighbor discovery to detect clients and reports to the server through a DECLINE message. If an address conflict is detected, the address is removed from the pool, and the address is not assigned until the administrator removes the address from the conflict list.

Examples

This is an example of the output from the show ipv6 dhcp conflict command:

Switch# show ipv6 dhcp conflict
Pool 350, prefix 2001:1005::/48
2001:1005::10
 

 
Related Commands

Command
Description

clear ipv6 dhcp conflict

Clears an address conflict from the DHCPv6 server database.

ipv6 dhcp pool

Configures a DHCPv6 pool and enters DHCPv6 pool configuration mode.

show ipv6 mld snooping

To display IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping configuration of the switch or the VLAN, use the show ipv6 mld snooping command in EXEC mode.

show ipv6 mld snooping [ vlan vlan-id ]

 
Syntax Description

vlan vlan-id

(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use this command to display MLD snooping configuration for the switch or for a specific VLAN.

VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.

To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.

Note This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.

Examples

This is an example of output from the show ipv6 mld snooping vlan command. It shows snooping characteristics for a specific VLAN.

Switch> show ipv6 mld snooping vlan 100
Global MLD Snooping configuration:
-------------------------------------------
MLD snooping : Enabled
MLDv2 snooping (minimal) : Enabled
Listener message suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Robustness variable : 3
Last listener query count : 2
Last listener query interval : 1000
Vlan 100:
--------
MLD snooping : Disabled
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Robustness variable : 3
Last listener query count : 2
Last listener query interval : 1000
 

This is an example of output from the show ipv6 mld snooping command. It displays snooping characteristics for all VLANs on the switch.

Switch> show ipv6 mld snooping
Global MLD Snooping configuration:
-------------------------------------------
MLD snooping : Enabled
MLDv2 snooping (minimal) : Enabled
Listener message suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Robustness variable : 3
Last listener query count : 2
Last listener query interval : 1000
 
Vlan 1:
--------
MLD snooping : Disabled
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Robustness variable : 1
Last listener query count : 2
Last listener query interval : 1000
 
<output truncated>
 
Vlan 951:
--------
MLD snooping : Disabled
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Robustness variable : 3
Last listener query count : 2
Last listener query interval : 1000

 
Related Commands

Command
Description

ipv6 mld snooping

Enables and configures MLD snooping on the switch or on a VLAN.

sdm prefer

Configures an SDM template to optimize system resources based on how the switch is being used.

show ipv6 mld snooping address

To display all or specified IP version 6 (IPv6) multicast address information maintained by Multicast Listener Discovery (MLD) snooping, use the show ipv6 mld snooping address command in EXEC mode.

show ipv6 mld snooping address [[ vlan vlan-id ] [ ipv6 multicast-address ]] [ vlan vlan-id ] [ count | dynamic | user ]

 
Syntax Description

vlan vlan-id

(Optional) Specifies a VLAN about which to show MLD snooping multicast address information. The VLAN ID range is 1 to 1001 and 1006 to 4094.

ipv6-multicast-address

(Optional) Displays information about the specified IPv6 multicast address. This keyword is only available when a VLAN ID is entered.

count

(Optional) Displays the number of multicast groups on the switch or in the specified VLAN.

dynamic

(Optional) Displays MLD snooping learned group information.

user

(Optional) Displays MLD snooping user-configured group information.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use this command to display IPv6 multicast address information.

You can enter an IPv6 multicast address only after you enter a VLAN ID.

VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.

Use the dynamic keyword to display information only about groups that are learned. Use the user keyword to display information only about groups that have been configured.

To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.

Note This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.

Examples

This is an example of output from the show ipv6 mld snooping address EXEC command:

Switch> show ipv6 mld snooping address

Vlan Group Type Version Port List
-------------------------------------------------------------
2 FF12::3 user Fa1/2, Gi1/2, Gi1/1,Gi1/3
 

This is an example of output from the show ipv6 mld snooping address count EXEC command:

Switch> show ipv6 mld snooping address count
Total number of multicast groups: 2
 

This is an example of output from the show ipv6 mld snooping address User command:

Switch> show ipv6 mld snooping address user
Vlan Group Type Version Port List
-------------------------------------------------------------
2 FF12::3 user v2 Fa1/2, Gi1/2, Gi1/1,Gi1/3
 

 
Related Commands

Command
Description

ipv6 mld snooping vlan

Configures IPv6 MLD snooping on a VLAN.

sdm prefer

Configures an SDM template to optimize system resources based on how the switch is being used.

show ipv6 mld snooping mrouter

To display dynamically learned and manually configured IP version 6 (IPv6) Multicast Listener Discovery (MLD) router ports for the switch or a VLAN, use the show ipv6 mld snooping mrouter command in EXEC mode.

show ipv6 mld snooping mrouter [ vlan vlan-id ]

 
Syntax Description

vlan vlan-id

(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use this command to display MLD snooping router ports for the switch or for a specific VLAN.

VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.

To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.

Note This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.

Examples

This is an example of output from the show ipv6 mld snooping mrouter command. It displays snooping characteristics for all VLANs on the switch that are participating in MLD snooping.

Switch> show ipv6 mld snooping mrouter
Vlan ports
---- -----
2 Gi1/11(dynamic)
72 Gi1/11(dynamic)
200 Gi1/11(dynamic)
 

This is an example of output from the show ipv6 mld snooping mrouter vlan command. It shows multicast router ports for a specific VLAN.

Switch> show ipv6 mld snooping mrouter vlan 100
Vlan ports
---- -----
2 Gi1/11(dynamic)

 
Related Commands

Command
Description

ipv6 mld snooping

Enables and configures MLD snooping on the switch or on a VLAN.

ipv6 mld snooping vlan mrouter interface interface-id | static ipv6-multicast-address interface interface-id ]

Configures multicast router ports for a VLAN.

sdm prefer

Configures an SDM template to optimize system resources based on how the switch is being used.

show ipv6 mld snooping querier

To display IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping querier-related information most recently received by the switch or the VLAN, use the show ipv6 mld snooping querier command in EXEC mode.

show ipv6 mld snooping querier [ vlan vlan-id ] [ detail ]

Note This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.

 
Syntax Description

vlan vlan-id

(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094.

detail

(Optional) Displays MLD snooping detailed querier information for the switch or for the VLAN.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use the show ipv6 mld snooping querier command to display the MLD version and IPv6 address of a detected device that sends MLD query messages, which is also called a querier. A subnet can have multiple multicast routers but has only one MLD querier. The querier can be a Layer 3 switch.

The show ipv6 mld snooping querier command output also shows the VLAN and interface on which the querier was detected. If the querier is the switch, the output shows the Port field as Router. If the querier is a router, the output shows the port number on which the querier is learned in the Port field.

The output of the show ipv6 mld snoop querier vlan command displays the information received in response to a query message from an external or internal querier. It does not display user-configured VLAN values, such as the snooping robustness variable on the particular VLAN. This querier information is used only on the MASQ message that is sent by the switch. It does not override the user-configured robustness variable that is used for aging out a member that does not respond to query messages.

VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.

To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show ipv6 mld snooping querier command:

Switch> show ipv6 mld snooping querier
Vlan IP Address MLD Version Port
-------------------------------------------------------------
2 FE80::201:C9FF:FE40:6000 v1 Gi1/1
 

This is an example of output from the show ipv6 mld snooping querier detail command:

Switch> show ipv6 mld snooping querier detail
Vlan IP Address MLD Version Port
-------------------------------------------------------------
2 FE80::201:C9FF:FE40:6000 v1 Gi1/1
 

This is an example of output from the show ipv6 mld snooping querier vlan command:

Switch> show ipv6 mld snooping querier vlan 2
IP address : FE80::201:C9FF:FE40:6000
MLD version : v1
Port : Gi1/1
Max response time : 1000s

 
Related Commands

Command
Description

ipv6 mld snooping

Enables and configures IPv6 MLD snooping on the switch or on a VLAN.

ipv6 mld snooping last-listener-query-count

Configures the maximum number of queries that the switch sends before aging out an MLD client.

ipv6 mld snooping

Enables and configures IPv6 MLD snooping on the switch or on a VLAN.

ipv6 mld snooping last-listener-query-interval

Configures the maximum response time after sending out a query that the switch waits before deleting a port from the multicast group.

ipv6 mld snooping robustness-variable

Configures the maximum number of queries that the switch sends before aging out a multicast address when there is no response.

sdm prefer

Configures an SDM template to optimize system resources based on how the switch is being used.

show ipv6 route updated

To display the current contents of the IPv6 routing table, use the show ipv6 route updated command in EXEC command.

show ipv6 route updated [ boot-up ]{ hh:mm | day { month [ hh:mm ]} [{ hh:mm | day { month [ hh:mm ]}]

 
Syntax Description

boot-up

(Optional) Displays the current contents of the IPv6 routing table.

hh:mm

The time entered as a 2-digit number for a 24-hour clock. Make sure to use the colons (:). For example, enter 13:32

day

The day of the month. The range is from 1 to 31.

month

The month entered in uppercase or lowercase letters. You can enter the full name of the month, such as January or august, or the first three letters of the month, such as jan or Aug.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use the show ipv6 route privileged EXEC command to display the current contents of the IPv6 routing table.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show ipv6 route updated rip command:

Switch> show ipv6 route rip updated
IPv6 Routing Table - 12 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, I1 - ISIS L1, I2 - ISIS L2
IA - ISIS interarea, IS - ISIS summary
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
R 2001::/64 [120/2]
via FE80::A8BB:CCFF:FE00:8D01, GigabitEthernet1/1
Last updated 10:31:10 27 February 2007
R 2004::/64 [120/2]
via FE80::A8BB:CCFF:FE00:9001, GigabitEthernet1/2
Last updated 17:23:05 22 February 2007
R 4000::/64 [120/2]
via FE80::A8BB:CCFF:FE00:9001, GigabitEthernet1/3
Last updated 17:23:05 22 February 2007
R 5000::/64 [120/2]
via FE80::A8BB:CCFF:FE00:9001, GigabitEthernet1/4
Last updated 17:23:05 22 February 2007
R 5001::/64 [120/2]
via FE80::A8BB:CCFF:FE00:9001, GigabitEthernet1/5
Last updated 17:23:05 22 February 2007

 
Related Commands

Command
Description

show ipv6 route

Displays the current contents of the IPv6 routing table. For syntax information, see the Cisco IOS Software Command Reference, Release 15.0.

show l2nat instance

To show the configuration details for an Layer 2 NAT instance, enter the show l2nat instance command in EXEC mode.

show l2nat instance [ instance_name ]

 
Syntax Description

instance_name

(Optional) The Layer 2 NAT instance that you want to display. If this parameter is omitted, all Layer 2 NAT instances are displayed.

 
Command Default

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(2)EB

This command was introduced.

Examples

This example shows how to display the configuration details of all Layer 2 NAT instances.

Switch# show l2nat instance
l2nat instance Instance3
fixup : arp, icmp
inside from host 10.10.20.5 to 10.10.30.5
l2nat instance Instance2
fixup : arp, icmp
inside from host 10.10.11.1 to 10.10.12.1
l2nat instance Instance1
fixup : arp, icmp
inside from host 10.10.10.1 to 20.20.20.1

 

 
Related Commands

Command
Description

inside from

Translates inside addresses to outside addresses by using Layer 2 NAT.

l2nat

Applies an Layer 2 NAT instance to one or all VLANs on a selected interface.

l2nat instance

Creates an Layer 2 NAT instance or enters the submode for the specified Layer 2 NAT instance.

outside from

Translates outside addresses to inside addresses by using Layer 2 NAT.

show l2nat interface

Displays the configuration details for Layer 2 NAT instances on one or more interfaces.

show l2nat statistics

Displays the Layer 2 NAT statistics for all interfaces.

show l2nat statistics interface

Displays the Layer 2 NAT statistics for a specified interface.

show l2nat interface

To display the configuration details for an Layer 2 NAT instance on a particular interface and/or VLAN, use the show l2nat interface command in EXEC mode. If you do not specify an interface or a VLAN, all are included.

show l2nat interface [ int ] [ vlan ]

 
Syntax Description

int

(Optional) The interface. If this parameter is omitted, all interfaces are included.

vlan

(Optional) The VLAN ID. Include this parameter only if an interface is specified. If this parameter is omitted, all VLANs are included.

 
Command Default

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(2)EB

This command was introduced.

Examples

This example shows how to display the configuration details of all Layer 2 NAT instances on all interfaces.

Switch# show l2nat interface
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/2
=======================================================================
 
INSTANCE ATTACHED TO VLAN 24
l2nat instance Instance1
fixup : arp, icmp
inside from host 10.10.11.1 to 10.10.12.1
=======================================================================
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/1
=======================================================================
 
INSTANCE ATTACHED TO VLAN 11
l2nat instance Instance2
fixup : arp, icmp
inside from host 10.10.11.1 to 10.10.12.1
=======================================================================
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/1
=======================================================================
 
INSTANCE ATTACHED TO VLAN 6
l2nat instance Instance3
fixup : arp, icmp
inside from host 10.10.20.6 to 10.10.30.6
 
 

This example shows how to display the configuration details of the Layer 2 NAT instance on interface Gi1/1, VLAN 10.

Switch# show l2nat interface Gi1/1 10
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/1
=======================================================================
 
INSTANCE ATTACHED TO VLAN 10
l2nat instance Instance2
fixup : arp, icmp
inside from host 10.10.11.1 to 10.10.12.1
=======================================================================
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/1
=======================================================================
=======================================================================
 

 
Related Commands

Command
Description

l2nat instance

Creates an Layer 2 NAT instance or enters the submode for the specified Layer 2 NAT instance.

show l2nat instance

Displays the configuration details for a specified Layer 2 NAT instance.

show l2nat statistics

Displays the Layer 2 NAT statistics for all interfaces.

show l2nat statistics interface

Displays the Layer 2 NAT statistics for a specified interface.

show l2nat statistics

To show statistics for all Layer 2 NAT instances, use the show l2nat statistics command in EXEC mode.

show l2nat statistics

 
Syntax Description

This command has no arguments or keywords.

 
Command Default

None

 
Command Modes

EXEC

 
Usage Guidelines

For each Layer 2 NAT instance, the statistics include the number of bypassed, discarded, and translated packets; the number of fixups for ARP, ICMP, NSMP, and Profinet; and the number of IGMP, multicast, unmatched, and unicast packets. There are also global statistics for all of the above.

Additional statistics include the number of active translations in the past 90 seconds, the total translations, and the total instances that are attached to interfaces.

 
Command History

Release
Modification

15.0(2)EB

This command was introduced.

Examples

This example shows how to display all l2nat statistics.

Switch# show l2nat statistics
 
STATS FOR INSTANCE: NewInstance1 (IN PACKETS)
 
TRANSLATED STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN BYPASSED DISCARDED TRANSLATED TOTAL PACKETS
Gi1/1 EGRESS 10 0 153 127305106 127305259
Gi1/1 INGRESS 10 0 0 127305104 127305105
-------------------------------------------------------------------------------
 
PROTOCOL FIXUP STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN ARP ICMP SNMP PROFINET
Gi1/1 EGRESS 10 1 0 0 0
Gi1/1 INGRESS 10 1 0 0 0
-------------------------------------------------------------------------------
 
IGMP AND MULTICAST STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN IGMP MULTICAST UNMATCHED UNICAST
Gi1/1 EGRESS 10 0 1134 1150 127304124
Gi1/1 INGRESS 10 0 0 0 127305103
-------------------------------------------------------------------------------
 
PER TRANSLATION STATS (IN PACKETS)
===============================================================================
TYPE DIRECTION SA/DA ORIGINAL IP TRANSLATED IP COUNT ACTIVE(90Sec)
INSIDE EGRESS SA 172.16.1.1 20.1.1.1 127305166 4847525
INSIDE INGRESS DA 20.1.1.1 172.16.1.1 127305165 4847525
OUTSIDE INGRESS SA 20.1.1.254 172.16.1.254 1 0
OUTSIDE EGRESS DA 172.16.1.254 20.1.1.254 1 0
-------------------------------------------------------------------------------
 
STATS FOR INSTANCE: NewInstance2 (IN PACKETS)
 
TRANSLATED STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN BYPASSED DISCARDED TRANSLATED TOTAL PACKETS
Gi1/1 EGRESS 4094 9588 0 127305222 127314836
Gi1/1 INGRESS 4094 0 0 127305222 127305222
-------------------------------------------------------------------------------
 
PROTOCOL FIXUP STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN ARP ICMP SNMP PROFINET
Gi1/1 EGRESS 4094 1 0 0 0
Gi1/1 INGRESS 4094 1 0 0 0
-------------------------------------------------------------------------------
IGMP AND MULTICAST STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN IGMP MULTICAST UNMATCHED UNICAST
Gi1/1 EGRESS 4094 0 8464 8624 127306355
Gi1/1 INGRESS 4094 0 0 0 127305222
-------------------------------------------------------------------------------
 
PER TRANSLATION STATS (IN PACKETS)
===============================================================================
TYPE DIRECTION SA/DA ORIGINAL IP TRANSLATED IP COUNT ACTIVE(90Sec)
OUTSIDE INGRESS SA 10.1.1.254 192.168.1.254 1 0
OUTSIDE EGRESS DA 192.168.1.254 10.1.1.254 1 0
INSIDE EGRESS SA 192.168.1.1 10.1.1.1 127305292 4847645
INSIDE INGRESS DA 10.1.1.1 192.168.1.1 127305292 4847645
-------------------------------------------------------------------------------
===============================================================================
 
NUMBER OF ACTIVE TRANSLATIONS IN THE PAST 90 SECONDS: 2
TOTAL TRANSLATIONS : 4
TOTAL INSTANCES ATTACHED: 2
===============================================================================
 
GLOBAL NAT STATISTICS
===============================================================================
Total Number of NAT Packets = 509230422
Total Number of TRANSLATED NAT Packets = 509220654
Total Number of BYPASSED NAT Packets = 9588
Total Number of DISCARDED NAT Packets = 153
Total Number of ARP FIX UP Packets = 4
Total Number of ICMP FIX UP Packets = 0
Total Number of SNMP FIX UP Packets = 0
Total Number of PROFINET FIX UP Packets = 0
Total Number of IPV4 MULTICAST Packets = 9598
Total Number of IGMP Packets = 0
Total Number of UNMATCHED Packets = 9774
Total Number of IPV4 UNICAST Packets = 509220804
===============================================================================
===============================================================================
 

 
Related Commands

Command
Description

l2nat instance

Creates an Layer 2 NAT instance or enters the submode for the specified Layer 2 NAT instance.

show l2nat instance

Displays the configuration details for a specified Layer 2 NAT instance.

show l2nat interface

Displays the configuration details for Layer 2 NAT instances on one or more interfaces.

show l2nat statistics interface

Displays the Layer 2 NAT statistics for a specified interface.

show l2nat statistics interface

To show the statistics for a specified interface or VLAN, use the show l2nat statistics interface command in EXEC mode.

show l2nat statistics interface [ int ] [ vlan ]

 
Syntax Description

int

The interface. If this parameter is omitted, all interfaces are included.

vlan

The VLAN ID. Include this parameter only if an interface is specified. If this parameter is omitted, all VLANs are included.

 
Command Default

None

 
Command Modes

EXEC

 
Usage Guidelines

If you do not specify an interface or a VLAN, all are included. Statistics include the number of bypassed, discarded, and translated packets; the number of fixups for ARP, ICMP, pass-through protocols SNMP, PROFINET, SIP, PTP, Telnet, FTP, and the number of IGMP, multicast, unmatched, and unicast packets.

 
Command History

Release
Modification

15.0(2)EB

This command was introduced.

Examples

This example shows how to display the l2nat statistics for interface Gi1/1, VLAN10.

Switch# show l2nat statistics interface Gi1/1 10
 
TRANSLATED STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN BYPASSED DISCARDED TRANSLATED TOTAL PACKETS
Gi1/1 EGRESS 10 0 153 127305106 127305259
Gi1/1 INGRESS 10 0 0 127305104 127305105
-------------------------------------------------------------------------------
 
PROTOCOL FIXUP STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN ARP ICMP SNMP PROFINET
Gi1/1 EGRESS 10 1 0 0 0
Gi1/1 INGRESS 10 1 0 0 0
-------------------------------------------------------------------------------
 
IGMP AND MULTICAST STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN IGMP MULTICAST UNMATCHED UNICAST
Gi1/1 EGRESS 10 0 1134 1150 127304124
Gi1/1 INGRESS 10 0 0 0 127305103
-------------------------------------------------------------------------------

 
Related Commands

Command
Description

l2nat instance

Creates an Layer 2 NAT instance or enters the submode for the specified Layer 2 NAT instance.

show l2nat instance

Displays the configuration details for a specified Layer 2 NAT instance.

show l2nat interface

Displays the configuration details for Layer 2 NAT instances on one or more interfaces.

show l2nat statistics

Displays the Layer 2 NAT statistics for all interfaces.

show lacp

To display Link Aggregation Control Protocol (LACP) channel-group information, use the show lacp command in EXEC mode.

show lacp [ channel-group-number ] { counters | internal | neighbor | sys-id }

 
Syntax Description

channel-group-number

(Optional) Number of the channel group. The range is 1 to 6.

counters

Displays traffic information.

internal

Displays internal information.

neighbor

Displays neighbor information.

sys-id

Displays the system identifier that is being used by LACP. The system identifier is made up of the LACP system priority and the switch MAC address.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

You can enter any show lacp command to display the active channel-group information. To display specific channel information, enter the show lacp command with a channel-group number.

If you do not specify a channel group, information for all channel groups appears.

You can enter the channel-group-number option to specify a channel group for all keywords except sys-id.

Examples

This is an example of output from the show lacp counters EXEC command. Table 0-11 describes the fields in the display.

Switch> show lacp counters
LACPDUs Marker Marker Response LACPDUs
Port Sent Recv Sent Recv Sent Recv Pkts Err
---------------------------------------------------------------------
Channel group:1
Gi1/1 19 10 0 0 0 0 0
Gi1/2 14 6 0 0 0 0 0
 

 

Table 0-11 show lacp counters Field Descriptions

Field
Description

LACPDUs Sent and Recv

The number of LACP packets sent and received by a port.

Marker Sent and Recv

The number of LACP marker packets sent and received by a port.

Marker Response Sent and Recv

The number of LACP marker response packets sent and received by a port.

LACPDUs Pkts and Err

The number of unknown and illegal packets received by LACP for a port.

This is an example of output from the show lacp channel-group-number internal command:

Switch> show lacp 1 internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
 
Channel group 1
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi1/1 SA bndl 32768 0x3 0x3 0x4 0x3D
Gi1/2 SA bndl 32768 0x3 0x3 0x5 0x3D
 

Table 0-12 describes the fields in the display.

 

Table 0-12 show lacp internal Field Descriptions

Field
Description

State

State of the specific port. These are the allowed values:

  • – —Port is in an unknown state.
  • bndl —Port is attached to an aggregator and bundled with other ports.
  • susp —Port is in a suspended state; it is not attached to any aggregator.
  • hot-sby —Port is in a hot-standby state.
  • indiv —Port is incapable of bundling with any other port.
  • indep —Port is in an independent state (not bundled but able to switch data traffic. In this case, LACP is not running on the partner port).
  • down —Port is down.

LACP Port Priority

Port priority setting. LACP uses the port priority to put ports in standby mode when there is a hardware limitation that prevents all compatible ports from aggregating.

Admin Key

Administrative key assigned to this port. LACP automatically generates an administrative key value as a hexadecimal number. The administrative key defines the ability of a port to aggregate with other ports. A port’s ability to aggregate with other ports is determined by the port physical characteristics (for example, data rate and duplex capability) and configuration restrictions that you establish.

Oper Key

Runtime operational key that is being used by this port. LACP automatically generates this value as a hexadecimal number.

Port Number

Port number.

Port State

State variables for the port, encoded as individual bits within a single octet with these meanings:

  • bit0: LACP_Activity
  • bit1: LACP_Timeout
  • bit2: Aggregation
  • bit3: Synchronization
  • bit4: Collecting
  • bit5: Distributing
  • bit6: Defaulted
  • bit7: Expired

Note In the list above, bit7 is the MSB and bit0 is the LSB.

This is an example of output from the show lacp neighbor command:

Switch> show lacp neighbor
Flags: S - Device is sending Slow LACPDUs F - Device is sending Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
 
Channel group 3 neighbors
 
Partner’s information:
 
Partner Partner Partner
Port System ID Port Number Age Flags
Gi1/1 32768,0007.eb49.5e80 0xC 19s SP
 
LACP Partner Partner Partner
Port Priority Oper Key Port State
32768 0x3 0x3C
 
Partner’s information:
 
Partner Partner Partner
Port System ID Port Number Age Flags
Gi1/2 32768,0007.eb49.5e80 0xD 15s SP
 
LACP Partner Partner Partner
Port Priority Oper Key Port State
32768 0x3 0x3C
 

This is an example of output from the show lacp sys-id command:

Switch> show lacp sys-id
32765,0002.4b29.3a00
 

The system identification is made up of the system priority and the system MAC address. The first two bytes are the system priority, and the last six bytes are the globally administered individual MAC address associated to the system.

 
Related Commands

Command
Description

clear lacp

Clears the LACP channel-group information.

lacp port-priority

Configures the LACP port priority.

lacp system-priority

Configures the LACP system priority.

show link-diag error-rate

To display link diagnostic error rate information, use the show link state group command in Privileged EXEC mode.

show link-diag error-rate { fastethernet interface | gigabitethernet interface | window-size }

 
Syntax Description

fastethernet interface

Displays the fastethernet interface number which ranges from 1-1.

gigabitethernet interface

Displays the gigabitethernet interface number which ranges from 1-1.

window-size

Displays the link diagnostics error rate window size.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This example shows how to display show link diagnostics error rates:

Switch# show link-diag error-rate
Port Receive Err-Rate Transmit Err-Rate
---- ---------------- -----------------
Fa1/1 0 0
Fa1/2 0 0
Fa1/3 0 0
Fa1/4 0 0
Gi1/1 0 0
Gi1/2 0 0
Switch#
 

This example shows how to display Fast Ethernet link diagnostics error rates:

Switch# show link-diag error-rate fastethernet 1/1
Port Receive Err-Rate Transmit Err-Rate
---- ---------------- -----------------
Fa1/1 0 0
Switch#
 

This example shows how to display Gigabit Ethernet link diagnostics error rates:

Switch# show link-diag error-rate gigabitethernet 1/1
Port Receive Err-Rate Transmit Err-Rate
---- ---------------- -----------------
Gi1/1 0 0
Switch#

 
Related Commands

Command
Description

link-diag error-rate

Configures the window size for the link diagnostics feature.

show location

To display location information for an endpoint, use the show location command in EXEC mode.

show location [ admin-tag ] [ civic-location | elin-location { cdp | identifier id | interface interface-id | static }]

 
Syntax Description

admin-tag

(Optional) Displays administrative tag or site information.

civic-location

(Optional) Displays civic location information.

elin-location

(Optional) Displays emergency location information (ELIN).

cdp

(Optional) Displays CDP location information.

identifier id

(Optional) Specifies the ID for the civic location or the elin location. The ID range is 1 to 4095.

interface interface-id

(Optional) Displays location information for the specified interface or all interfaces. Valid interfaces include physical ports.

static

(Optional) Displays static configuration information.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use the show location command to display location information for an endpoint.

Examples

This is an example of output from the show location civic-location command that displays location information for an interface:

Switch> show location civic interface gigibitethernet1/1
Civic location information
--------------------------
Identifier : 1
County : Santa Clara
Street number : 3550
Building : 19
Room : C6
Primary road name : Cisco Way
City : San Jose
State : CA
Country : US

 

This is an example of output from the show location civic-location identifier command that displays all the civic location information:

Switch> show location civic-location static
Civic location information
--------------------------
Identifier : 1
County : Santa Clara
Street number : 3550
Building : 19
Room : C6
Primary road name : Cisco Way
City : San Jose
State : CA
Country : US
Ports : Gi1/1
--------------------------
Identifier : 2
Street number : 24568
Street number suffix : West
Landmark : Golden Gate Bridge
Primary road name : 19th Ave
City : San Francisco
Country : US
--------------------------
 
This is an example of output from the show location elin-location command that displays the emergency location information:
 
Switch> show location elin-location identifier 1
Elin location information
--------------------------
Identifier : 1
Elin : 14085553881
Ports : Gi1/2
 
This is an example of output from the show location elin static command that displays all emergency location information:
 
Switch> show location elin static
Elin location information
--------------------------
Identifier : 1
Elin : 14085553881
Ports : Gi1/2
--------------------------
Identifier : 2
Elin : 18002228999
--------------------------
 

 
Related Commands

Command
Description

location (global configuration)

Configures the global location information for an endpoint.

location (interface configuration)

Configures the location information for an interface.

show link state group

To display the link-state group information, use the show link state group command in Privileged EXEC mode.

show link state group [ number ] [ detail ]

 
Syntax Description

number

(Optional) Number of the link-state group.

detail

(Optional) Specifies that detailed information appears.

 
Defaults

None

 
Command Modes

Privileged EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use the show link state group command to display the link-state group information. Enter this command without keywords to display information about all link-state groups. Enter the group number to display information specific to the group.

Enter the detail keyword to display detailed information about the group. The output for the show link state group detail command displays only those link-state groups that have link-state tracking enabled or that have upstream or downstream interfaces (or both) configured. If there is no link-state group configuration for a group, it is not shown as enabled or disabled.

Examples

This is an example of output from the show link state group 1 command:

Switch> show link state group 1
Link State Group: 1 Status: Enabled, Down
 

This is an example of output from the show link state group detail command:

Switch> show link state group detail
(Up):Interface up (Dwn):Interface Down (Dis):Interface disabled
 
Link State Group: 1 Status: Enabled, Down
Upstream Interfaces : Gi1/1(Dwn) Gi1/2(Dwn)
Downstream Interfaces : Fa1/5(Dis) Fa1/6(Dis) Fa1/7(Dis) Fa1/8(Dis)
 
Link State Group: 2 Status: Enabled, Down
Upstream Interfaces : Gi1/1(Dwn) Gi1/2(Dwn) Gi1/3(Dwn)
Downstream Interfaces : Fa1/5(Dis) Fa1/6(Dis) Fa1/7(Dis) Fa1/8(Dis)
 
(Up):Interface up (Dwn):Interface Down (Dis):Interface disabled
 

 
Related Commands

Command
Description

link state group

Configures an interface as a member of a link-state group.

link state track

Enables a link-state group.

show mac access-group

To display the MAC access control lists (ACLs) configured for an interface or a switch, use the show mac access-group command in EXEC mode.

show mac access-group interface interface-id

 
Syntax Description

interface interface-id

(Optional) Displays the MAC ACLs configured on a specific interface. Valid interfaces are physical ports and port channels; the port-channel range is 1 to 6 (available only in privileged EXEC mode).

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

Examples

This is an example of output from the show mac-access group EXEC command. Port 2 has the MAC access list macl_e1 applied; no MAC ACLs are applied to other interfaces.

Switch> show mac access-group
Interface GigabitEthernet1/1:
Inbound access-list is not set
Interface GigabitEthernet1/2:
Inbound access-list is macl_e1
Interface GigabitEthernet1/3:
Inbound access-list is not set
Interface GigabitEthernet1/4:
Inbound access-list is not set
 
<output truncated>
 

This is an example of output from the show mac access-group interface command:

Switch# show mac access-group interface gigabitethernet1/1
Interface GigabitEthernet1/1:
Inbound access-list is macl_e1

 
Related Commands

Command
Description

mac access-group

Applies a MAC access group to an interface.

show mac address-table

To display a specific MAC address table static and dynamic entry or the MAC address table static and dynamic entries on a specific interface or VLAN, use the show mac address-table command in EXEC mode.

show mac address-table

 
Syntax Description

This command has no keywords or arguments.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table command:

Switch> show mac address-table
Mac Address Table
------------------------------------------
Vlan Mac Address Type Ports
---- ----------- ---- -----
All 0000.0000.0001 STATIC CPU
All 0000.0000.0002 STATIC CPU
All 0000.0000.0003 STATIC CPU
All 0000.0000.0009 STATIC CPU
All 0000.0000.0012 STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
1 0030.9441.6327 DYNAMIC Gi1/2
Total Mac Addresses for this criterion: 12

 
Related Commands

Command
Description

clear mac address-table dynamic

Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.

show mac address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac address-table dynamic

Displays dynamic MAC address table entries only.

show mac address-table interface

Displays the MAC address table information for the specified interface.

show mac address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac address-table static

Displays static MAC address table entries only.

show mac address-table vlan

Displays the MAC address table information for the specified VLAN.

show mac address-table address

To display MAC address table information for the specified MAC address, use the show mac address-table address command in EXEC mode.

show mac address-table address mac-address [ interface interface-id ] [ vlan vlan-id ]

 
Syntax Description

mac-address

The 48-bit MAC address; the valid format is H.H.H.

interface interface-id

(Optional) Displays information for a specific interface. Valid interfaces include physical ports and port channels.

vlan vlan-id

(Optional) Displays entries for the specific VLAN only. The range is 1 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table address command:

Switch# show mac address-table address 0002.4b28.c482
Mac Address Table
------------------------------------------
 
Vlan Mac Address Type Ports
---- ----------- ---- -----
All 0002.4b28.c482 STATIC CPU
Total Mac Addresses for this criterion: 1

 
Related Commands

Command
Description

show mac address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac address-table dynamic

Displays dynamic MAC address table entries only.

show mac address-table interface

Displays the MAC address table information for the specified interface.

show mac address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac address-table static

Displays static MAC address table entries only.

show mac address-table vlan

Displays the MAC address table information for the specified VLAN.

show mac address-table aging-time

Use the show mac address-table aging-time command in EXEC mode to display the aging time of a specific address table instance, all address table instances on a specified VLAN or, if a specific VLAN is not specified, on all VLANs.

show mac address-table aging-time [ vlan vlan-id ]

 
Syntax Description

vlan vlan-id

(Optional) Displays aging time information for a specific VLAN. The range is 1 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

If no VLAN number is specified, the aging time for all VLANs appears.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table aging-time command:

Switch> show mac address-table aging-time
Vlan Aging Time
---- ----------
1 300
 

This is an example of output from the show mac address-table aging-time vlan 10 command:

Switch> show mac address-table aging-time vlan 10
Vlan Aging Time
---- ----------
10 300
 

 
Related Commands

Command
Description

mac address-table aging-time

Sets the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated.

show mac address-table address

Displays MAC address table information for the specified MAC address.

show mac address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac address-table dynamic

Displays dynamic MAC address table entries only.

show mac address-table interface

Displays the MAC address table information for the specified interface.

show mac address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac address-table static

Displays static MAC address table entries only.

show mac address-table vlan

Displays the MAC address table information for the specified VLAN.

show mac address-table count

To display the number of addresses present in all VLANs or the specified VLAN, use the show mac address-table count command in EXEC mode.

show mac address-table count [ vlan vlan-id ]

 
Syntax Description

vlan vlan-id

(Optional) Displays the number of addresses for a specific VLAN. The range is 1 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

If no VLAN number is specified, the address count for all VLANs appears.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table count command:

Switch# show mac address-table count
Mac Entries for Vlan : 1
---------------------------
Dynamic Address Count : 2
Static Address Count : 0
Total Mac Addresses : 2

 
Related Commands

Command
Description

show mac address-table address

Displays MAC address table information for the specified MAC address.

show mac address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac address-table dynamic

Displays dynamic MAC address table entries only.

show mac address-table interface

Displays the MAC address table information for the specified interface.

show mac address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac address-table static

Displays static MAC address table entries only.

show mac address-table vlan

Displays the MAC address table information for the specified VLAN.

show mac address-table dynamic

To display only dynamic MAC address table entries, use the show mac address-table dynamic command in EXEC mode.

show mac address-table dynamic [ address mac-address ] [ interface interface-id ] [ vlan vlan-id ]

 
Syntax Description

address mac-address

(Optional) Specifies a 48-bit MAC address; the valid format is H.H.H (available in privileged EXEC mode only).

interface interface-id

(Optional) Specifies an interface to match; valid interfaces include physical ports and port channels.

vlan vlan-id

(Optional) Displays entries for a specific VLAN; the range is 1 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table dynamic command:

Switch> show mac address-table dynamic
Mac Address Table
------------------------------------------
 
Vlan Mac Address Type Ports
---- ----------- ---- -----
1 0030.b635.7862 DYNAMIC Gi1/2
1 00b0.6496.2741 DYNAMIC Gi1/2
Total Mac Addresses for this criterion: 2

 
Related Commands

Command
Description

clear mac address-table dynamic

Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.

show mac address-table address

Displays MAC address table information for the specified MAC address.

show mac address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac address-table interface

Displays the MAC address table information for the specified interface.

show mac address-table static

Displays static MAC address table entries only.

show mac address-table vlan

Displays the MAC address table information for the specified VLAN.

show mac address-table interface

To display the MAC address table information for the specified interface in the specified VLAN, use the show mac address-table interface user command.

show mac address-table interface interface-id [ vlan vlan-id ]

 
Syntax Description

interface-id

An interface type; valid interfaces include physical ports and port channels.

vlan vlan-id

(Optional) Displays entries for a specific VLAN; the range is 1 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table interface command:

Switch> show mac address-table interface gigabitethernet1/2
Mac Address Table
------------------------------------------
 
Vlan Mac Address Type Ports
---- ----------- ---- -----
1 0030.b635.7862 DYNAMIC Gi1/2
1 00b0.6496.2741 DYNAMIC Gi1/2
Total Mac Addresses for this criterion: 2

 
Related Commands

Command
Description

show mac address-table address

Displays MAC address table information for the specified MAC address.

show mac address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac address-table dynamic

Displays dynamic MAC address table entries only.

show mac address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac address-table static

Displays static MAC address table entries only.

show mac address-table vlan

Displays the MAC address table information for the specified VLAN.

show mac address-table learning

To display the status of MAC address learning for all VLANs or the specified VLAN u se the show mac address-table learning command in EXEC mode.

show mac address-table learning [ vlan vlan-id ]

 
Syntax Description

vlan vlan-id

(Optional) Displays information for a specific VLAN. The range is 1 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use the show mac address-table learning command without any keywords to display configured VLANs and whether MAC address learning is enabled or disabled on them. The default is that MAC address learning is enabled on all VLANs. Use the command with a specific VLAN ID to display the learning status on an individual VLAN.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table learning EXEC command showing that MAC address learning is disabled on VLAN 200:

Switch> show mac address-table learning
VLAN Learning Status
---- ---------------
1 yes
100 yes
200 no

 
Related Commands

Command
Description

mac address-table learning vlan

Enables or disables MAC address learning on a VLAN.

show mac address-table move update

To display the MAC address-table move update information on the switch, use the show mac address-table move update command in EXEC mode.

show mac address-table move update

 
Syntax Description

This command has no keywords or arguments.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table move update command:

Switch> show mac address-table move update
Switch-ID : 010b.4630.1780
Dst mac-address : 0180.c200.0010
Vlans/Macs supported : 1023/8320
Default/Current settings: Rcv Off/On, Xmt Off/On
Max packets per min : Rcv 40, Xmt 60
Rcv packet count : 10
Rcv conforming packet count : 5
Rcv invalid packet count : 0
Rcv packet count this min : 0
Rcv threshold exceed count : 0
Rcv last sequence# this min : 0
Rcv last interface : Po2
Rcv last src-mac-address : 0003.fd6a.8701
Rcv last switch-ID : 0303.fd63.7600
Xmt packet count : 0
Xmt packet count this min : 0
Xmt threshold exceed count : 0
Xmt pak buf unavail cnt : 0
Xmt last interface : None
switch#

 
Related Commands

Command
Description

clear mac address-table move update

Clears the MAC address-table move update counters.

mac address-table move update { receive | transmit }

Configures MAC address-table move update on the switch.

show mac address-table notification

To display the MAC address notification settings for all interfaces or the specified interface, use the show mac address-table notification command in EXEC mode.

show mac address-table notification { change [ interface [ interface-id ] | mac-move | threshold }

 
Syntax Description

change

Displays the MAC change notification feature parameters and the history table.

interface

(Optional) Displays information for all interfaces. Valid interfaces include physical ports and port channels.

interface-id

(Optional) The specified interface. Valid interfaces include physical ports and port channels.

mac-move

Displays status for MAC address move notifications.

threshold

Displays status for MAC-address table threshold monitoring.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Use the show mac address-table notification change command without keywords to see if the MAC address change notification feature is enabled or disabled, the MAC notification interval, the maximum number of entries allowed in the history table, and the history table contents.

Use the interface keyword to display the notifications for all interfaces. If the interface-id is included, only the flags for that interface appear.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table notification change command:

Switch> show mac address-table notification change
MAC Notification Feature is Enabled on the switch
Interval between Notification Traps : 60 secs
Number of MAC Addresses Added : 4
Number of MAC Addresses Removed : 4
Number of Notifications sent to NMS : 3
Maximum Number of entries configured in History Table : 100
Current History Table Length : 3
MAC Notification Traps are Enabled
History Table contents
----------------------
History Index 0, Entry Timestamp 1032254, Despatch Timestamp 1032254
MAC Changed Message :
Operation: Added Vlan: 2 MAC Addr: 0000.0000.0001 Module: 0 Port: 1
 
History Index 1, Entry Timestamp 1038254, Despatch Timestamp 1038254
MAC Changed Message :
Operation: Added Vlan: 2 MAC Addr: 0000.0000.0000 Module: 0 Port: 1
Operation: Added Vlan: 2 MAC Addr: 0000.0000.0002 Module: 0 Port: 1
Operation: Added Vlan: 2 MAC Addr: 0000.0000.0003 Module: 0 Port: 1
 
History Index 2, Entry Timestamp 1074254, Despatch Timestamp 1074254
MAC Changed Message :
Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0000 Module: 0 Port: 1
Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0001 Module: 0 Port: 1
Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0002 Module: 0 Port: 1
Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0003 Module: 0 Port: 1

 
Related Commands

Command
Description

clear mac address-table notification

Clears the MAC address notification global counters.

mac address-table notification

Enables the MAC address notification feature for MAC address changes, moves, or address-table thresholds.

show mac address-table address

Displays MAC address table information for the specified MAC address.

show mac address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac address-table dynamic

Displays dynamic MAC address table entries only.

show mac address-table interface

Displays the MAC address table information for the specified interface.

show mac address-table static

Displays static MAC address table entries only.

show mac address-table vlan

Displays the MAC address table information for the specified VLAN.

show mac address-table static

To display only static MAC address table entries, use the show mac address-table static command in EXEC mode.

show mac address-table static [ address mac-address ] [ interface interface-id ] [ vlan vlan-id ]

 
Syntax Description

address mac-address

(Optional) Specifies a 48-bit MAC address; the valid format is H.H.H (available in privileged EXEC mode only).

interface interface-id

(Optional) Specifies an interface to match; valid interfaces include physical ports and port channels.

vlan vlan-id

(Optional) Displays addresses for a specific VLAN. The range is 1 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table static command:

Switch> show mac address-table static
Mac Address Table
------------------------------------------
 
Vlan Mac Address Type Ports
---- ----------- ---- -----
All 0100.0ccc.cccc STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
4 0001.0002.0004 STATIC Drop
6 0001.0002.0007 STATIC Drop
Total Mac Addresses for this criterion: 8

 
Related Commands

Command
Description

mac address-table static

Adds static addresses to the MAC address table.

mac address-table static drop

Enables unicast MAC address filtering and configures the switch to drop traffic with a specific source or destination MAC address.

show mac address-table address

Displays MAC address table information for the specified MAC address.

show mac address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac address-table dynamic

Displays dynamic MAC address table entries only.

show mac address-table interface

Displays the MAC address table information for the specified interface.

show mac address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac address-table vlan

Displays the MAC address table information for the specified VLAN.

show mac address-table vlan

To display the MAC address table information for the specified VLAN, use the show mac address-table vlan command in EXEC mode.

show mac address-table vlan vlan-id

 
Syntax Description

vlan-id

(Optional) Displays addresses for a specific VLAN. The range is 1 to 4094.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mac address-table vlan 1 command:

Switch> show mac address-table vlan 1
Mac Address Table
------------------------------------------
 
Vlan Mac Address Type Ports
---- ----------- ---- -----
1 0100.0ccc.cccc STATIC CPU
1 0180.c200.0000 STATIC CPU
1 0100.0ccc.cccd STATIC CPU
1 0180.c200.0001 STATIC CPU
1 0180.c200.0002 STATIC CPU
1 0180.c200.0003 STATIC CPU
1 0180.c200.0005 STATIC CPU
1 0180.c200.0006 STATIC CPU
1 0180.c200.0007 STATIC CPU
Total Mac Addresses for this criterion: 9

 
Related Commands

Command
Description

show mac address-table address

Displays MAC address table information for the specified MAC address.

show mac address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac address-table dynamic

Displays dynamic MAC address table entries only.

show mac address-table interface

Displays the MAC address table information for the specified interface.

show mac address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac address-table static

Displays static MAC address table entries only.

show mls qos

To display global quality of service (QoS) configuration information, use the show mls qos command in EXEC mode.

show mls qos

Note This command is available only when the switch is running the LAN Base image.

 
Syntax Description

This command has no keywords or arguments.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mls qos command when QoS is enabled and DSCP transparency is enabled:

Switch> show mls qos
QoS is enabled
QoS ip packet dscp rewrite is enabled

 
Related Commands

Command
Description

mls qos

Enables QoS for the entire switch.

show mls qos aggregate-policer

To display the quality of service (QoS) aggregate policer configuration, use the show mls qos aggregate-policer command in EXEC mode. A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if either maximum is exceeded.

show mls qos aggregate-policer [ aggregate-policer-name ]

Note This command is available only when the switch is running the LAN Base image.

 
Syntax Description

aggregate-policer-name

(Optional) The policer configuration for the specified name.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mls qos aggregate-policer command:

Switch> show mls qos aggregate-policer policer1
aggregate-policer policer1 1000000 2000000 exceed-action drop
Not used by any policy map

 
Related Commands

Command
Description

mls qos aggregate-policer

Defines policer parameters that can be shared by multiple classes within a policy map.

show mls qos input-queue

To display quality of service (QoS) settings for the ingress queues, use the show mls qos input-queue command in EXEC mode.

show mls qos input-queue

Note This command is available only when the switch is running the LAN Base image.

 
Syntax Description

This command has no keyword or arguments.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mls qos input-queue command:

Switch> show mls qos input-queue
Queue : 1 2
----------------------------------------------
buffers : 90 10
bandwidth : 4 4
priority : 0 10
threshold1: 100 100
threshold2: 100 100

 
Related Commands

Command
Description

mls qos srr-queue input bandwidth

Assigns shaped round robin (SRR) weights to an ingress queue.

mls qos srr-queue input buffers

Allocates the buffers between the ingress queues.

mls qos srr-queue input cos-map

Maps assigned class of service (CoS) values to an ingress queue and assigns CoS values to a queue and to a threshold ID.

mls qos srr-queue input dscp-map

Maps assigned Differentiated Services Code Point (DSCP) values to an ingress queue and assigns DSCP values to a queue and to a threshold ID.

mls qos srr-queue input priority-queue

Configures the ingress priority queue and guarantees bandwidth.

mls qos srr-queue input threshold

Assigns weighted tail-drop (WTD) threshold percentages to an ingress queue.

show mls qos interface

To display quality of service (QoS) information at the port level, use the show mls qos interface command in EXEC mode.

show mls qos interface [ interface-id ] [ buffers | queueing | statistics ]

Note This command is available only when the switch is running the LAN Base image.

 
Syntax Description

interface-id

(Optional) The specified port. Valid interfaces include physical ports.

buffers

(Optional) Displays the buffer allocation among the queues.

queueing

(Optional) Displays the queueing strategy (shared or shaped) and the weights corresponding to the queues.

statistics

(Optional) Displays statistics for sent and received Differentiated Services Code Points (DSCPs) and class of service (CoS) values, the number of packets enqueued or dropped per egress queue, and the number of in-profile and out-of-profile packets for each policer.

Note Though visible in the command-line help string, the policer keyword is not supported.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

Examples

This is an example of output from the show mls qos interface interface-id command when VLAN-based QoS is enabled:

Switch> show mls qos interface gigabitethernet1/1
GigabitEthernet1/1
trust state:not trusted
trust mode:not trusted
trust enabled flag:ena
COS override:dis
default COS:0
DSCP Mutation Map:Default DSCP Mutation Map
Trust device:none
qos mode:vlan-based
 

This is an example of output from the show mls qos interface interface-id command when VLAN-based QoS is disabled:

Switch> show mls qos interface gigabitethernet1/2
GigabitEthernet1/2
trust state:not trusted
trust mode:not trusted
trust enabled flag:ena
COS override:dis
default COS:0
DSCP Mutation Map:Default DSCP Mutation Map
Trust device:none
qos mode:port-based
 

This is an example of output from the show mls qos interface interface-id buffers command:

Switch> show mls qos interface gigabitethernet1/2 buffers
GigabitEthernet1/2
The port is mapped to qset : 1
The allocations between the queues are : 25 25 25 25
 

This is an example of output from the show mls qos interface interface-id queueing command. The egress expedite queue overrides the configured shaped round robin (SRR) weights.

Switch> show mls qos interface gigabitethernet1/2 queueing
GigabitEthernet1/2
Egress Priority Queue :enabled
Shaped queue weights (absolute) : 25 0 0 0
Shared queue weights : 25 25 25 25
The port bandwidth limit : 100 (Operational Bandwidth:100.0)
The port is mapped to qset : 1
 

This is an example of output from the show mls qos interface interface-id statistics command. Table 0-13 describes the fields in this display.

Switch> show mls qos interface gigabitethernet1/2 statistics
GigabitEthernet1/2
 
dscp: incoming
-------------------------------
 
0 - 4 : 4213 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 6 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
dscp: outgoing
-------------------------------
 
0 - 4 : 363949 0 0 0 0
5 - 9 : 0 0 0 0 0
10 - 14 : 0 0 0 0 0
15 - 19 : 0 0 0 0 0
20 - 24 : 0 0 0 0 0
25 - 29 : 0 0 0 0 0
30 - 34 : 0 0 0 0 0
35 - 39 : 0 0 0 0 0
40 - 44 : 0 0 0 0 0
45 - 49 : 0 0 0 0 0
50 - 54 : 0 0 0 0 0
55 - 59 : 0 0 0 0 0
60 - 64 : 0 0 0 0
cos: incoming
-------------------------------
 
0 - 4 : 132067 0 0 0 0
5 - 9 : 0 0 0
cos: outgoing
-------------------------------
 
0 - 4 : 739155 0 0 0 0
5 - 9 : 90 0 0
 
Policer: Inprofile: 0 OutofProfile: 0
 

 

Table 0-13 show mls qos interface statistics Field Descriptions

Field
 
Description

DSCP

incoming

Number of packets received for each DSCP value.

outgoing

Number of packets sent for each DSCP value.

CoS

incoming

Number of packets received for each CoS value.

outgoing

Number of packets sent for each CoS value.

Policer

Inprofile

Number of in profile packets for each policer.

Outofprofile

Number of out-of-profile packets for each policer.

 
Related Commands

Command
Description

mls qos queue-set output buffers

Allocates buffers to a queue-set.

mls qos queue-set output threshold

Configures the weighted tail-drop (WTD) thresholds, guarantees the availability of buffers, and configures the maximum memory allocation to a queue-set.

mls qos srr-queue input bandwidth

Assigns SRR weights to an ingress queue.

mls qos srr-queue input buffers

Allocates the buffers between the ingress queues.

mls qos srr-queue input cos-map

Maps CoS values to an ingress queue or maps CoS values to a queue and to a threshold ID.

mls qos srr-queue input dscp-map

Maps DSCP values to an ingress queue or maps DSCP values to a queue and to a threshold ID.

mls qos srr-queue input priority-queue

Configures the ingress priority queue and guarantees bandwidth.

mls qos srr-queue input threshold

Assigns WTD threshold percentages to an ingress queue.

mls qos srr-queue output cos-map

Maps CoS values to an egress queue or maps CoS values to a queue and to a threshold ID.

mls qos srr-queue output dscp-map

Maps DSCP values to an egress queue or maps DSCP values to a queue and to a threshold ID.

policy-map

Creates or modifies a policy map.

priority-queue

Enables the egress expedite queue on a port.

queue-set

Maps a port to a queue-set.

srr-queue bandwidth limit

Limits the maximum output on a port.

srr-queue bandwidth shape

Assigns the shaped weights and enables bandwidth shaping on the four egress queues mapped to a port.

srr-queue bandwidth share

Assigns the shared weights and enables bandwidth sharing on the four egress queues mapped to a port.

show mls qos maps

To display quality of service (QoS) mapping information, use the show mls qos maps command in EXEC mode. During classification, QoS uses the mapping tables to represent the priority of the traffic and to derive a corresponding class of service (CoS) or Differentiated Services Code Point (DSCP) value from the received CoS, DSCP, or IP precedence value.

show mls qos maps [ cos-dscp | cos-input-q | cos-output-q | dscp-cos | dscp-input-q | dscp-mutation dscp-mutation-name | dscp-output-q | ip-prec-dscp | policed-dscp ]

Note This command is available only when the switch is running the LAN Base image.

 
Syntax Description

cos-dscp

(Optional) Displays class of service (CoS)-to-DSCP map.

cos-input-q

(Optional) Displays the CoS input queue threshold map.

cos-output-q

(Optional) Displays the CoS output queue threshold map.

dscp-cos

(Optional) Displays DSCP-to-CoS map.

dscp-input-q

(Optional) Displays the DSCP input queue threshold map.

dscp-mutation dscp-mutation-name

(Optional) Displays the specified DSCP-to-DSCP-mutation map.

dscp-output-q

(Optional) Displays the DSCP output queue threshold map.

ip-prec-dscp

(Optional) Displays the IP-precedence-to-DSCP map.

policed-dscp

(Optional) Displays the policed-DSCP map.

 
Defaults

None

 
Command Modes

EXEC

 
Command History

Release
Modification

15.0(1)EY

This command was introduced.

 
Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.

The policed-DSCP, DSCP-to-CoS, and the DSCP-to-DSCP-mutation maps appear as a matrix. The d1 column specifies the most-significant digit in the DSCP. The d2 row specifies the least-significant digit in the DSCP. The intersection of the d1 and d2 values provides the policed-DSCP, the CoS, or the mutated-DSCP value. For example, in the DSCP-to-CoS map, a DSCP value of 43 corresponds to a CoS value of 5.

The DSCP input queue threshold and the DSCP output queue threshold maps appear as a matrix. The d1 column specifies the most-significant digit of the DSCP number. The d2 row specifies the least-significant digit in the DSCP number. The intersection of the d1 and the d2 values provides the queue ID and threshold ID. For example, in the DSCP input queue threshold map, a DSCP value of 43 corresponds to queue 2 and threshold 1 (02-01).

The CoS input queue threshold and the CoS output queue threshold maps show the CoS value in the top row and the corresponding queue ID and threshold ID in the second row. For example, in the CoS input queue threshold map, a CoS value of 5 corresponds to queue 2 and threshold 1 (2-1).

Examples

This is an example of output from the show mls qos maps command:

Switch> show mls qos maps
Policed-dscp map:
d1 : d2 0 1 2 3 4 5 6 7 8 9
---------------------------------------
0 : 00 01 02 03 04 05 06 07 08 09
1 : 10 11 12 13 14 15 16 17 18 19
2 : 20 21 22 23 24 25 26 27 28 29
3 : 30 31 32 33 34 35 36 37 38 39
4 : 40 41 42 43 44 45 46 47 48 49
5 : 50 51 52 53 54 55 56 57 58 59
6 : 60 61 62 63
 
Dscp-cos map:
d1 : d2 0 1 2 3 4 5 6 7 8 9
---------------------------------------
0 : 00 00 00 00 00 00 00 00 01 01
1 : 01 01 01 01 01 01 02 02 02 02
2 : 02 02 02 02 03 03 03 03 03 03
3 : 03 03 04 04 04 04 04 04 04 04
4 : 05 05 05 05 05 05 05 05 06 06
5 : 06 06 06 06 06 06 07 07 07 07
6 : 07 07 07 07
 
Cos-dscp map:
cos: 0 1 2 3 4 5 6 7
--------------------------------
dscp: 0 8 16 24 32 40 48 56
 
IpPrecedence-dscp map:
ipprec: 0 1 2 3 4 5 6 7
--------------------------------
dscp: 0 8 16 24 32 40 48 56
 
Dscp-outputq-threshold map:
d1 :d2 0 1 2 3 4 5 6 7 8 9
--------------------------------------------------------------------
0 : 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01
1 : 02-01 02-01 02-01 02-01 02-01 02-01 03-01 03-01 03-01 03-01
2 : 03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-01
3 : 03-01 03-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01
4 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 04-01 04-01
5 : 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01
6 : 04-01 04-01 04-01 04-01
 
Dscp-inputq-threshold map:
d1 :d2 0 1 2 3 4 5 6 7 8 9
--------------------------------------------------------------------
0 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
1 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
2 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01