show access-lists
To display access control lists (ACLs) configured on the switch, use the show access-lists command in privileged EXEC mode.
show access-lists [name | number | hardware counters | ipc ]
Syntax Description
name |
(Optional) Name of the ACL. |
number |
(Optional) ACL number. The range is 1 to 2699. |
hardware counters |
(Optional) Displays global hardware ACL statistics for switched and routed packets. |
ipc |
(Optional) Displays Interprocess Communication (IPC) protocol access-list configuration download information. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The switch supports only IP standard and extended access lists. The allowed numbers are only 1 to 199 and 1300 to 2699.
This command also displays the MAC ACLs that are configured.
Note
Though visible in the command-line help strings, the rate-limit keywords are not supported.
Examples
This is an example of output from the show access-lists command:
Switch# show access-lists
Standard IP access list 1
40 permit 0.255.255.255, wildcard bits 12.0.0.0
Standard IP access list videowizard_1-1-1-1
Standard IP access list videowizard_10-10-10-10
Extended IP access list 121
10 permit ahp host 10.10.10.10 host 20.20.10.10 precedence routine
Extended IP access list CMP-NAT-ACL
Dynamic Cluster-HSRP deny ip any any
10 deny ip any host 19.19.11.11
20 deny ip any host 10.11.12.13
Dynamic Cluster-NAT permit ip any any
10 permit ip host 10.99.100.128 any
20 permit ip host 10.46.22.128 any
30 permit ip host 10.45.101.64 any
40 permit ip host 10.45.20.64 any
50 permit ip host 10.213.43.128 any
60 permit ip host 10.91.28.64 any
70 permit ip host 10.99.75.128 any
80 permit ip host 10.38.49.0 any
This is an example of output from the show access-lists hardware counters command:
Switch# show access-lists hardware counters
Drop: All frame count: 855
Drop: All bytes count: 94143
Drop And Log: All frame count: 0
Drop And Log: All bytes count: 0
Bridge Only: All frame count: 0
Bridge Only: All bytes count: 0
Bridge Only And Log: All frame count: 0
Bridge Only And Log: All bytes count: 0
Forwarding To CPU: All frame count: 0
Forwarding To CPU: All bytes count: 0
Forwarded: All frame count: 2121
Forwarded: All bytes count: 180762
Forwarded And Log: All frame count: 0
Forwarded And Log: All bytes count: 0
Drop And Log: All frame count: 0
Drop And Log: All bytes count: 0
Bridge Only: All frame count: 0
Bridge Only: All bytes count: 0
Bridge Only And Log: All frame count: 0
Bridge Only And Log: All bytes count: 0
Forwarding To CPU: All frame count: 0
Forwarding To CPU: All bytes count: 0
Forwarded: All frame count: 13586
Forwarded: All bytes count: 1236182
Forwarded And Log: All frame count: 0
Forwarded And Log: All bytes count: 0
Drop And Log: All frame count: 0
Drop And Log: All bytes count: 0
Bridge Only: All frame count: 0
Bridge Only: All bytes count: 0
Bridge Only And Log: All frame count: 0
Bridge Only And Log: All bytes count: 0
Forwarding To CPU: All frame count: 0
Forwarding To CPU: All bytes count: 0
Forwarded: All frame count: 232983
Forwarded: All bytes count: 16825661
Forwarded And Log: All frame count: 0
Forwarded And Log: All bytes count: 0
Drop And Log: All frame count: 0
Drop And Log: All bytes count: 0
Bridge Only: All frame count: 0
Bridge Only: All bytes count: 0
Bridge Only And Log: All frame count: 0
Bridge Only And Log: All bytes count: 0
Forwarding To CPU: All frame count: 0
Forwarding To CPU: All bytes count: 0
Forwarded: All frame count: 514434
Forwarded: All bytes count: 39048748
Forwarded And Log: All frame count: 0
Forwarded And Log: All bytes count: 0
Related Commands
|
|
access-list |
Configures a standard or extended numbered access list on the switch. For syntax information, see the Cisco IOS Software Command Reference, Release 15.0. |
ip access list |
Configures a named IP access list on the switch. For syntax information, see the Cisco IOS Software Command Reference, Release 15.0. |
mac access-list extended |
Configures a named or numbered MAC access list on the switch. |
show alarm description port
To display the alarm numbers with the text description, use the show alarm description port command in EXEC mode.
show alarm description port
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This example shows output from the show alarm description port command. It shows the alarm IDs and their respective alarm descriptions.
Switch> show alarm description port
4 FCS Error Rate exceeds threshold
show alarm profile
To display all alarm profiles configured in the system or the specified profile and the interfaces to which each profile is attached, use the show alarm profile command in EXEC mode.
show alarm profile [ name ]
Syntax Description
name |
(Optional) Displays only the profile with the specified name. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
If you do not enter a profile name, the display includes the profile information for all existing alarm profiles. This command does not display the default configuration settings.
The defaultPort profile is applied by default to all interfaces. This profile enables only the Port Not Operating (3) alarm. You can use the alarm profile defaultPort global configuration command and modify this profile to enable other alarms.
Examples
These are examples of output from the show alarm profile command.
This output displays all ports that are attached to the configured profiles:
Switch> show alarm profile GigE-UplinkPorts
This output displays all the configured profiles:
Switch> show alarm profile
Alarm Profile my_gig_port:
Alarm Profile my_fast_port:
show alarm settings
To display all environmental alarm settings on the switch, use the show alarm settings command in EXEC mode.
show alarm settings
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This example shows output from the show alarm settings command. It shows all the switch alarm settings that are on the switch:
Switch> show alarm settings
Alarm relay mode: Positive
Thresholds MAX: 95C MIN: -20C
show archive status
To display the status of a new image being downloaded to a switch with the HTTP or the TFTP protocol, use the show archive status command in Privileged EXEC mode.
show archive status
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
If you use the archive download-sw privileged EXEC command to download an image to a TFTP server, the output of the archive download-sw command shows the status of the download.
If you do not have a TFTP server, you can use Network Assistant or the embedded Device Manager to download the image by using HTTP. The show archive status command shows the progress of the download.
Examples
These are examples of output from the show archive status command:
Switch# show archive status
IDLE: No upgrade in progress
Switch# show archive status
LOADING: Upgrade in progress
Switch# show archive status
EXTRACT: Extracting the image
Switch# show archive status
VERIFY: Verifying software
Switch# show archive status
RELOAD: Upgrade completed. Reload pending
show arp access-list
To display detailed information about Address Resolution Protocol (ARP) access control lists, use the show arp access-list command in EXEC mode.
show arp access-list [ acl-name ]
Syntax Description
acl-name |
(Optional) Name of the ACL. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show arp access-list command:
Switch> show arp access-list
permit ip 10.101.1.1 0.0.0.255 mac any
permit ip 20.3.1.0 0.0.0.255 mac any
show authentication
To display information about authentication manager events on the switch, use the show authentication command EXEC mode.
show authentication { interface interface-id | registrations | sessions [ session-id session-id ] [ handle handle ] [ interface interface-id ] [ mac mac ] [ method method ] | statistics [ summary ]}
Syntax Description
interface interface-id |
Displays all of the authentication manager details for the specified interface. |
registrations |
Displays authentication manager registrations |
sessions |
Displays details of the current authentication manager sessions (for example, client devices). If you do not enter any optional specifiers, all current active sessions are displayed. You can enter the specifiers singly or in combination to display a specific session (or group of sessions). |
session-id session-id |
(Optional) Specifies an authentication manager session. |
handle handle |
(Optional) Specifies a range from 1 to 4294967295. |
mac mac |
(Optional) Displays authentication manager information for a specified MAC address. |
method method |
(Optional) Displays all clients authorized by a specified authentication method (dot1x, mab, or webauth) |
statistics |
Displays authentication statistics in detail. |
summary |
(Optional) Displays authentication statistics summary. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Table 0-1 describes the significant fields shown in the output of the show authentication command.
Note
The possible values for the status of sessions are shown in the table. For a session in terminal state, Authz Success or Authz Failed is displayed along with No methods if no method has provided a result.
Table 0-1 show authentication Command Output
|
|
Idle |
The session has been initialized and no methods have run yet. |
Running |
A method is running for this session. |
No methods |
No method has provided a result for this session. |
Authc Success |
A method has resulted in authentication success for this session. |
Authc Failed |
A method has resulted in authentication fail for this session. |
Authz Success |
All features have been successfully applied for this session. |
Authz Failed |
A feature has failed to be applied for this session. |
Table 0-2 lists the possible values for the state of methods. For a session in a terminal state, Authc Success, Authc Failed, or Failed over are displayed. Failed over means that an authentication method ran and then failed over to the next method, which did not provide a result. Not run appears for sessions that synchronized on standby.
Table 0-2 State Method Values
|
|
|
Not run |
Terminal |
The method has not run for this session. |
Running |
Intermediate |
The method is running for this session. |
Failed over |
Terminal |
The method has failed and the next method is expected to provide a result. |
Authc Success |
Terminal |
The method has provided a successful authentication result for the session. |
Authc Failed |
Terminal |
The method has provided a failed authentication result for the session. |
Examples
This example shows output of the show authentication registrations command:
Switch# show authentication registrations
Auth Methods registered with the Auth Manager:
This example shows output of the show authentication interface interface-id command:
Switch# show authentication interface gigabitethernet1/2
MAC Address Domain Status Handle Interface
000e.84af.59bd DATA Authz Success 0xE0000000 GigabitEthernet1//2
This example shows output of the show authentication sessions command:
Switch# show authentication sessions
Interface MAC Address Method Domain Status Session ID
Gi3/45 (unknown) N/A DATA Authz Failed 0908140400000007003651EC
Gi3/46 (unknown) N/A DATA Authz Success 09081404000000080057C274
This example shows output of the show authentication sessions command for a specified interface:
Switch# show authentication sessions int gigabitethernet 1/4
Interface: GigabitEthernet0/46 GigabitEthernet1/4
Oper host mode: multi-host
Authorized By: Guest Vlan
Common Session ID: 09081404000000080057C274
Acct Session ID: 0x0000000A
This example shows output of the show authentication sessions command for a specified MAC address:
Switch# show authentication sessions mac 000e.84af.59bd
Interface: GigabitEthernet1/4
MAC Address: 000e.84af.59bd
Oper host mode: single-host
Authorized By: Authentication Server
This example shows output of the show authentication session method command for a specified method:
Switch# show authentication sessions method mab
No Auth Manager contexts match supplied criteria
Switch# show authentication sessions method dot1x
MAC Address Domain Status Handle Interface
000e.84af.59bd DATA Authz Success 0xE0000000 GigabitEthernet1/23
show auto qos
To display the quality of service (QoS) commands entered on the interfaces on which automatic QoS (auto-QoS) is enabled, use the show auto qos command in EXEC mode.
show auto qos [ interface [ interface-id ]]
Note
This command is available only when the switch is running the LAN Base image.
Syntax Description
interface [ interface-id ] |
(Optional) Displays auto-QoS information for the specified port or for all ports. Valid interfaces include physical ports. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The show auto qos command output shows only the auto-QoS command entered on each interface. The show auto qos interface interface-id command output shows the auto-QoS command entered on a specific interface.
Use the show running-config privileged EXEC command to display the auto-QoS configuration and the user modifications.
The show auto qos command output also shows the service policy information for the Cisco IP phone.
To display information about the QoS configuration that might be affected by auto-QoS, use one of these commands:
- show mls qos
- show mls qos maps cos-dscp
- show mls qos interface [ interface-id ] [ buffers | queueing ]
- show mls qos maps [ cos-dscp | cos-input-q | cos-output-q | dscp-cos | dscp-input-q | dscp-output-q ]
- show mls qos input-queue
- show running-config
Examples
This is an example of output from the show auto qos command after the auto qos voip cisco-phone and the auto qos voip cisco-softphone interface configuration commands are entered:
auto qos voip cisco-softphone
auto qos voip cisco-phone
auto qos voip cisco-phone
This is an example of output from the show auto qos interface interface-id command when the auto qos voip cisco-phone interface configuration command is entered:
Switch> show auto qos interface gigabitethernet 1/1
auto qos voip cisco-phone
This is an example of output from the show running-config privileged EXEC command when the auto qos voip cisco-phone and the auto qos voip cisco-softphone interface configuration commands are entered:
Switch# show running-config
Building configuration...
mls qos map policed-dscp 24 26 46 to 0
mls qos map cos-dscp 0 8 16 26 32 46 48 56
mls qos srr-queue input bandwidth 90 10
mls qos srr-queue input threshold 1 8 16
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 67 33
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0
mls qos srr-queue input cos-map queue 2 threshold 1 2
mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7
mls qos srr-queue input cos-map queue 2 threshold 3 3 5
mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 32
mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48
mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56
mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 100 100 100 100
mls qos queue-set output 1 threshold 2 75 75 75 250
mls qos queue-set output 1 threshold 3 75 150 100 300
mls qos queue-set output 1 threshold 4 50 100 75 400
mls qos queue-set output 2 threshold 1 100 100 100 100
mls qos queue-set output 2 threshold 2 35 35 35 35
mls qos queue-set output 2 threshold 3 55 82 100 182
mls qos queue-set output 2 threshold 4 90 250 100 400
mls qos queue-set output 1 buffers 15 20 20 45
mls qos queue-set output 2 buffers 24 20 26 30
class-map match-all AutoQoS-VoIP-RTP-Trust
class-map match-all AutoQoS-VoIP-Control-Trust
policy-map AutoQoS-Police-SoftPhone
class AutoQoS-VoIP-RTP-Trust
police 320000 8000 exceed-action policed-dscp-transmit
class AutoQoS-VoIP-Control-Trust
police 32000 8000 exceed-action policed-dscp-transmit
policy-map AutoQoS-Police-CiscoPhone
class AutoQoS-VoIP-RTP-Trust
police 320000 8000 exceed-action policed-dscp-transmit
class AutoQoS-VoIP-Control-Trust
police 32000 8000 exceed-action policed-dscp-transmit
interface FastEthernet1/1
switchport port-security maximum 1999
srr-queue bandwidth share 10 10 60 20
mls qos trust device cisco-phone
auto qos voip cisco-phone
interface GigabitEthernet1/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
srr-queue bandwidth share 10 10 60 20
mls qos trust device cisco-phone
auto qos voip cisco-phone
interface GigabitEthernet1/2
srr-queue bandwidth share 10 10 60 20
mls qos trust device cisco-phone
mls qos trust device cisco-phone
service-policy input AutoQoS-Police-CiscoPhone
This is an example of output from the show auto qos interface interface-id command when the auto qos voip cisco-phone interface configuration command is entered:
Switch> show auto qos interface FastEthernet1/2
auto qos voip cisco-softphone
This is an example of output from the show auto qos command when auto-QoS is disabled on the switch:
AutoQoS not enabled on any interface
This is an example of output from the show auto qos i nterface interface-id command when auto-QoS is disabled on an interface:
Switch> show auto qos interface gigabitethernet1/1
show boot
To display the settings of the boot environment variables, use the show boot command in Privileged EXEC mode.
show boot
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show boot command. Table 0-3 describes each field in the display.
BOOT path-list : flash:/ie2k-universalk9-mz.150-0.27.EY/ie2k-universalk9-mz
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Boot optimization : enabled
via DHCP: disabled (next boot: disabled)
Table 0-3 show boot Field Descriptions
|
|
BOOT path-list |
Displays a semicolon separated list of executable files to try to load and execute when automatically booting up. If the BOOT environment variable is not set, the system attempts to load and execute the first executable image it can find by using a recursive, depth-first search through the flash file system. In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory. If the BOOT variable is set but the specified images cannot be loaded, the system attempts to boot up with the first bootable file that it can find in the flash file system. |
Config file |
Displays the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration. |
Private Config file |
Displays the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration. |
Enable Break |
Displays whether a break during booting up is enabled or disabled. If it is set to yes, on, or 1, you can interrupt the automatic bootup process by pressing the Break key on the console after the flash file system is initialized. |
Manual Boot |
Displays whether the switch automatically or manually boots up. If it is set to no or 0, the bootloader attempts to automatically boot up the system. If it is set to anything else, you must manually boot up the switch from the bootloader mode. |
Helper path-list |
Displays a semicolon separated list of loadable files to dynamically load during the bootloader initialization. Helper files extend or patch the functionality of the bootloader. |
Auto upgrade |
Displays whether the switch is set to automatically copy its software version to an incompatible switch. |
Boot optimization |
Displays whether the switch is set to optimize the switch bootup time after a system crash. |
NVRAM/Config file buffer size |
Displays the buffer size that Cisco IOS uses to hold a copy of the configuration file in memory. The configuration file cannot be larger than the buffer size allocation. |
Related Commands
|
|
boot config-file |
Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration. |
boot enable-break |
Enables interrupting the automatic boot process. |
boot manual |
Enables manually booting up the switch during the next bootup cycle. |
boot private-config-file |
Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the private configuration. |
boot system |
Specifies the Cisco IOS image to load during the next bootup cycle. |
show boot buffersize
To display the buffer size for file system-simulated NVRAM, use the show boot buffersize command in Privileged EXEC mode.
show boot buffersize
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This example shows how to display the file system-simulated NVRAM boot buffer size.
Switch(config)# show boot buffersize
show cable-diagnostics tdr
To display the Time Domain Reflector (TDR) results, use the show cable-diagnostics tdr command in Privileged EXEC mode.
show cable-diagnostics tdr interface interface-id
Syntax Description
interface interface-id |
The interface on which TDR was run. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
For more information about TDR, see the software configuration guide for this release.
Examples
This is an example of output from the show cable-diagnostics tdr interface interface-id command:
Switch# show cable-diagnostics tdr interface gigabitethernet1/2
TDR test last run on: March 01 20:15:40
Interface Speed Local pair Pair length Remote pair Pair status
--------- ----- ---------- ------------------ ----------- --------------------
Gi1/2 auto Pair A 0 +/- 2 meters N/A Open
Pair B 0 +/- 2 meters N/A Open
Pair C 0 +/- 2 meters N/A Open
Pair D 0 +/- 2 meters N/A Open
This is an example of output from the show cable-diagnostics tdr interface interface-id command:
Switch# show cable-diagnostics tdr interface fa0/1
TDR test last run on: March 01 01:05:40
Interface Speed Local pair Pair length Remote pair Pair status
--------- ----- ---------- ------------------ ----------- --------------------
Fa0/1 100M Pair A N/A Pair A Normal
Table 0-4 lists the descriptions of the fields in the show cable-diagnostics tdr command output.
Table 0-4 Fields Descriptions for the show cable-diagnostics tdr Command Output
|
|
Interface |
Interface on which TDR was run. |
Speed |
Speed of connection. |
Local pair |
Name of the pair of wires that TDR is testing on the local interface. |
Pair length |
Location on the cable where the problem is, with respect to your switch. TDR can only find the location in one of these cases:
- The cable is properly connected, the link is up, and the interface speed is 1000 Mb/s.
- The cable is open.
- The cable has a short.
|
Remote pair |
Name of the pair of wires to which the local pair is connected. TDR can learn about the remote pair only when the cable is properly connected and the link is up. |
Pair status |
The status of the pair of wires on which TDR is running:
- Normal—The pair of wires is properly connected.
- Not completed—The test is running and is not completed.
- Not supported—The interface does not support TDR.
- Open—The pair of wires is open.
- Shorted—The pair of wires is shorted.
- ImpedanceMis—The impedance is mismatched.
- Short/Impedance Mismatched—The impedance mismatched or the cable is short.
- InProgress—The diagnostic test is in progress
|
This is an example of output from the show interfaces interface-id command when TDR is running:
Switch# show interfaces gigabitethernet1/2
gigabitethernet1/2 is up, line protocol is up (connected: TDR in Progress)
This is an example of output from the show cable-diagnostics tdr interface interface-id command when TDR is not running:
Switch# show cable-diagnostics tdr interface gigabitethernet1/2
% TDR test was never issued on Gi1/2
If an interface does not support TDR, this message appears:
% TDR test is not supported on switch 1
show cip
To display information about the Common Industrial Protocol (CIP) subsystem, use the show cip command in Privileged EXEC mode.
show cip { connection { count | explicit | implicit } | faults | file { config | eds | vlan }| miscellaneous | object { assembly | dhcp instance instance | ethernet link | identity | switch { paramenter }| sync | tcp/ip { interface }}| security | session | status }
Syntax Description
connection |
Displays the CIP connection information. |
count |
Displays the CIP connection count. |
explicit |
Displays the CIP connection explicit. |
implicit |
Displays the CIP connection implicit. |
faults |
Displays information about CIP faults. |
file |
Displays the information about the CIP file instances. |
config |
Displays the configuration file instance. |
eds |
Displays the EDS file instance. |
vlan |
Displays the VLAN file instance. |
miscellaneous |
Displays miscellaneous CIP system information. |
object |
Displays information about specific CIP objects. These objects include assembly, Ethernet link, identity, switch parameter, time sync, and TCP/IP objects. |
assembly |
Displays the CIP assembly link object. |
dhcp instance instance |
Displays the DHCP object for a specific instance; valid instances are 1 through 15. |
ethernet link |
Displays the CIP Ethernet object. |
identity |
Displays the CIP identity object. |
switch parameter |
Displays the switch parameters. |
sync |
Displays the CIP time sync object. |
tcp/ip interface |
Displays the TCP/IP object. |
security |
Displays the CIP security window status and settings. |
session |
Displays the active and inactive CIP sessions. |
status |
Displays the CIP status (enabled or disabled). |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show cip fault command:
Major/Minor Recoverable Faults
----------------------------------------------------
MAC address flap : Normal
CDP native vlan mismatch : Normal
Storm control event : Normal
Port security violation : Normal
Port in error-disable state: Normal
Major Unrecoverable Faults
----------------------------------------------------
POST detected HW failure : Normal
SFP in error-disable state : Normal
This is an example of output from the show cip security command:
Switch# show cip security
Window timeout: 600 seconds
show cisp
To display CISP information for a specified interface, use the show cisp command in Privileged EXEC mode.
show cisp {[ interface interface-id ] | clients | summary }
Syntax Description
interface interface-id |
(Optional) Displays CISP information about the specified interface. Valid interfaces include physical ports and port channels. |
clients |
Displays CISP client details. |
summary |
Displays all CISO information. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This example shows output from the show cisp interface command:
Switch# show cisp interface fast 0
CISP not enabled on specified interface
This example shows output from the show cisp summary command:
Switch# show cisp summary
CISP is not running on any interface
show class-map
To display quality of service (QoS) class maps, which define the match criteria to classify traffic, use the show class-map command in EXEC mode.
show class-map [ class-map-name ]
Syntax Description
class-map-name |
(Optional) The contents of the specified class map. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show class-map command:
Class Map match-all videowizard_10-10-10-10 (id 2)
Match access-group name videowizard_10-10-10-10
Class Map match-any class-default (id 0)
Class Map match-all dscp5 (id 3)
show cluster
To display the cluster status and a summary of the cluster to which the switch belongs, use the show cluster command in EXEC mode. This command can be entered on the cluster command switch and cluster member switches.
show cluster
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
If you enter this command on a switch that is not a cluster member, the error message Not a management cluster member
appears.
On a cluster member switch, this command displays the identity of the cluster command switch, the switch member number, and the state of its connectivity with the cluster command switch.
On a cluster command switch, this command displays the cluster name and the total number of members. It also shows the cluster status and time since the status changed. If redundancy is enabled, it displays the primary and secondary command-switch information.
Examples
This is an example of output when the show cluster command is entered on the active cluster command switch:
Command switch for cluster “cluster1
Total number of members: 7
Status: 1 members are unreachable
Time since last status change: 0 days, 0 hours, 2 minutes
Standby command switch: Member 1
Standby Group: cluster1_standby
Standby Group Number: 110
Extended discovery hop count: 3
This is an example of output when the show cluster command is entered on a cluster member switch:
Member switch for cluster “cluster2”
Management IP address: 192.192.192.192
Command switch mac address: 0000.0c07.ac14
This is an example of output when the show cluster command is entered on a cluster member switch that is configured as the standby cluster command switch:
Member switch for cluster “hapuna”
Member number: 3 (Standby command switch)
Management IP address: 192.192.192.192
Command switch mac address: 0000.0c07.ac14
This is an example of output when the show cluster command is entered on the cluster command switch that has lost connectivity with member 1:
Command switch for cluster “Ajang”
Total number of members: 7
Status: 1 members are unreachable
Time since last status change: 0 days, 0 hours, 5 minutes
Extended discovery hop count: 3
This is an example of output when the show cluster command is entered on a cluster member switch that has lost connectivity with the cluster command switch:
Member switch for cluster “hapuna”
Management IP address: 192.192.192.192
Command switch mac address: 0000.0c07.ac14
show cluster candidates
To display a list of candidate switches, use the show cluster candidates command in Privileged EXEC mode.
show cluster candidates [ detail | mac-address H.H.H. ]
Syntax Description
detail |
(Optional) Displays detailed information for all candidates. |
mac-address H.H.H. |
(Optional) Specifies the MAC address of the cluster candidate. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
This command is available only on the cluster command switch.
If the switch is not a cluster command switch, the command displays an empty line at the prompt.
The SN in the display means switch member number. If E appears in the SN column, it means that the switch is discovered through extended discovery. If E does not appear in the SN column, it means that the switch member number is the upstream neighbor of the candidate switch. The hop count is the number of devices the candidate is from the cluster command switch.
Examples
This is an example of output from the show cluster candidates command:
Switch> show cluster candidates
00d0.7961.c4c0 StLouis-2 WS-IE2000-4TC Gi1/1 2 1 Fa1/1
00d0.bbf5.e900 ldf-dist-128 WS-C3524-XL Fa1/7 1 0 Fa0/24
00e0.1e7e.be80 1900_Switch 1900 3 0 1 0 Fa0/11
00e0.1e9f.7a00 Surfers-24 WS-C2924-XL Fa1/5 1 0 Fa0/3
00e0.1e9f.8c00 Surfers-12-2 WS-C2912-XL Fa1/4 1 0 Fa0/7
00e0.1e9f.8c40 Surfers-12-1 WS-C2912-XL Fa1/1 1 0 Fa0/9
This is an example of output from the show cluster candidates command that uses the MAC address of a cluster member switch directly connected to the cluster command switch:
Switch> show cluster candidates mac-address 00d0.7961.c4c0
Device 'Tahiti-12' with mac address number 00d0.7961.c4c0
Device type: cisco WS-IE2000-4TC
Upstream MAC address: 00d0.796d.2f00 (Cluster Member 0)
Local port: Gi1/1 FEC number:
Upstream port: Gi2/2 FEC Number:
Hops from cluster edge: 1
Hops from command device: 1
This is an example of output from the show cluster candidates command that uses the MAC address of a cluster member switch three hops from the cluster edge:
Switch> show cluster candidates mac-address 0010.7bb6.1cc0
Device 'Ventura' with mac address number 0010.7bb6.1cc0
Device type: cisco WS-C2912MF-XL
Upstream MAC address: 0010.7bb6.1cd4
Local port: Fa2/1 FEC number:
Upstream port: Fa0/24 FEC Number:
Hops from cluster edge: 3
Hops from command device: -
This is an example of output from the show cluster candidates detail command:
Switch> show cluster candidates detail
Device 'Tahiti-12' with mac address number 00d0.7961.c4c0
Device type: cisco WS-C3512-XL
Upstream MAC address: 00d0.796d.2f00 (Cluster Member 1)
Local port: Fa0/3 FEC number:
Upstream port: Fa0/13 FEC Number:
Hops from cluster edge: 1
Hops from command device: 2
Device '1900_Switch' with mac address number 00e0.1e7e.be80
Upstream MAC address: 00d0.796d.2f00 (Cluster Member 2)
Local port: 3 FEC number: 0
Upstream port: Fa0/11 FEC Number:
Hops from cluster edge: 1
Hops from command device: 2
Device 'Surfers-24' with mac address number 00e0.1e9f.7a00
Device type: cisco WS-C2924-XL
Upstream MAC address: 00d0.796d.2f00 (Cluster Member 3)
Local port: Fa0/5 FEC number:
Upstream port: Fa0/3 FEC Number:
Hops from cluster edge: 1
Hops from command device: 2
Related Commands
|
|
show cluster |
Displays the cluster status and a summary of the cluster to which the switch belongs. |
show cluster members |
Displays information about the cluster members. |
show cluster members
To display information about the cluster members, use the show cluster members command in Privileged EXEC mode.
show cluster members [ n | detail ]
Syntax Description
n |
(Optional) Number that identifies a cluster member. The range is 0 to 15. |
detail |
(Optional) Displays detailed information for all cluster members. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
This command is available only on the cluster command switch.
If the cluster has no members, this command displays an empty line at the prompt.
Examples
This is an example of output from the show cluster members command. The SN in the display means switch number.
Switch# show cluster members
SN MAC Address Name PortIf FEC Hops SN PortIf FEC State
0 0002.4b29.2e00 StLouis1 0 Up (Cmdr)
1 0030.946c.d740 tal-switch-1 Fa0/13 1 0 Gi0/1 Up
2 0002.b922.7180 nms-2820 10 0 2 1 Fa0/18 Up
3 0002.4b29.4400 SanJuan2 Gi0/1 2 1 Fa0/11 Up
4 0002.4b28.c480 GenieTest Gi0/2 2 1 Fa0/9 Up
This is an example of output from the show cluster members for cluster member 3:
Switch# show cluster members 3
Device 'SanJuan2' with member number 3
Device type: cisco WS-IE2000
MAC address: 0002.4b29.4400
Upstream MAC address: 0030.946c.d740 (Cluster member 1)
Local port: Gi1/1 FEC number:
Upstream port: Gi2/3 FEC Number:
Hops from command device: 2
This is an example of output from the show cluster members detail command:
Switch# show cluster members detail
Device 'StLouis1' with member number 0 (Command Switch)
Device type: cisco WS-ies
MAC address: 0002.4b29.2e00
Upstream port: FEC Number:
Hops from command device: 0
Device 'tal-switch-14' with member number 1
Device type: cisco WS-C3548-XL
MAC address: 0030.946c.d740
Upstream MAC address: 0002.4b29.2e00 (Cluster member 0)
Local port: Fa0/13 FEC number:
Upstream port: Gi0/1 FEC Number:
Hops from command device: 1
Device 'nms-2820' with member number 2
MAC address: 0002.b922.7180
Upstream MAC address: 0030.946c.d740 (Cluster member 1)
Local port: 10 FEC number: 0
Upstream port: Fa0/18 FEC Number:
Hops from command device: 2
Device 'SanJuan2' with member number 3
Device type: cisco WS-ies
MAC address: 0002.4b29.4400
Upstream MAC address: 0030.946c.d740 (Cluster member 1)
Local port: Gi0/1 FEC number:
Upstream port: Fa0/11 FEC Number:
Hops from command device: 2
Device 'GenieTest' with member number 4
Device type: cisco SeaHorse
MAC address: 0002.4b28.c480
Upstream MAC address: 0030.946c.d740 (Cluster member 1)
Local port: Gi0/2 FEC number:
Upstream port: Fa0/9 FEC Number:
Hops from command device: 2
Device 'Palpatine' with member number 5
Device type: cisco WS-C2924M-XL
MAC address: 00b0.6404.f8c0
Upstream MAC address: 0002.4b29.2e00 (Cluster member 0)
Local port: Gi2/1 FEC number:
Upstream port: Gi0/7 FEC Number:
Hops from command device: 1
show controllers cpu-interface
To display the state of the CPU network interface ASIC and the send and receive statistics for packets reaching the CPU, use the show controllers cpu-interface command in Privileged EXEC mode.
show controllers cpu-interface
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch.
Examples
This is a partial output example from the show controllers cpu-interface command:
Switch# show controllers cpu-interface
cpu-queue-frames retrieved dropped invalid hol-block
----------------- ---------- ---------- ---------- ----------
routing protocol 96145 0 0 0
igmp snooping 68411 0 0 0
cpu heartbeat 1710501 0 0 0
Supervisor ASIC receive-queue parameters
----------------------------------------
queue 0 maxrecevsize 5EE pakhead 1419A20 paktail 13EAED4
queue 1 maxrecevsize 5EE pakhead 15828E0 paktail 157FBFC
queue 2 maxrecevsize 5EE pakhead 1470D40 paktail 1470FE4
queue 3 maxrecevsize 5EE pakhead 19CDDD0 paktail 19D02C8
Supervisor ASIC Mic Registers
------------------------------
MicDirectPollInfo 80000800
MicIndicationsReceived 00000000
MicInterruptsReceived 00000000
MicPlbMasterConfiguration 00000000
MicRxFifosAvailable 00000000
MicTimeOutPeriod: FrameTOPeriod: 00000EA6 DirectTOPeriod: 00004000
Fifo0: StartPtrs: 038C2800 ReadPtr: 038C2C38
WritePtrs: 038C2C38 Fifo_Flag: 8A800800
Fifo1: StartPtr: 03A9BC00 ReadPtr: 03A9BC60
WritePtrs: 03A9BC60 Fifo_Flag: 89800400
Fifo2: StartPtr: 038C8800 ReadPtr: 038C88E0
WritePtrs: 038C88E0 Fifo_Flag: 88800200
Fifo3: StartPtr: 03C30400 ReadPtr: 03C30638
WritePtrs: 03C30638 Fifo_Flag: 89800400
Fifo4: StartPtr: 03AD5000 ReadPtr: 03AD50A0
WritePtrs: 03AD50A0 Fifo_Flag: 89800400
Fifo5: StartPtr: 03A7A600 ReadPtr: 03A7A600
WritePtrs: 03A7A600 Fifo_Flag: 88800200
Fifo6: StartPtr: 03BF8400 ReadPtr: 03BF87F0
WritePtrs: 03BF87F0 Fifo_Flag: 89800400
Related Commands
|
|
show controllers ethernet-controller |
Displays per-interface send and receive statistics read from the hardware or the interface internal registers. |
show interfaces |
Displays the administrative and operational status of all interfaces or a specified interface. |
show controllers ethernet-controller
To display per-interface send and receive statistics read from the hardware, use the show controllers ethernet-controller command in Privileged EXEC mode without keywords.
show controllers ethernet-controller [ interface-id ] [ phy [ detail ]] [ port-asic { configuration | statistics }] [ fastethernet 0 ]
Syntax Description
interface-id |
(Optional) The physical interface (including type, module, and port number). |
phy |
(Optional) Displays the status of the internal registers on the switch physical layer device (PHY) for the device or the interface. This display includes the operational state of the automatic medium-dependent interface crossover (auto-MDIX) feature on an interface. |
detail |
(Optional) Displays details about the PHY internal registers. |
port-asic |
(Optional) Displays information about the port ASIC internal registers. |
configuration |
Displays port ASIC internal register configuration. |
statistics |
Displays port ASIC statistics, including the Rx/Sup Queue and miscellaneous statistics. |
fastethernet 0 |
(Optional) Displays the Fast Ethernet statistics. |
Command Modes
Privileged EXEC (only supported with the interface-id variable in EXEC mode)
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
This command without keywords provides traffic statistics, basically the RMON statistics for all interfaces or for the specified interface.
When you enter the phy or port-asic keywords, the displayed information is useful primarily for Cisco technical support representatives troubleshooting the switch.
Examples
This is an example of output from the show controllers ethernet-controller command for an interface. Table 0-5 describes the Transmit fields, and Table 0-6 describes the Receive fields.
Switch# show controllers ethernet-controller gigabitethernet1/1
Transmit GigabitEthernet1/1 Receive
0 Unicast frames 0 Unicast frames
0 Multicast frames 0 Multicast frames
0 Broadcast frames 0 Broadcast frames
0 Too old frames 0 Unicast bytes
0 Deferred frames 0 Multicast bytes
0 MTU exceeded frames 0 Broadcast bytes
0 1 collision frames 0 Alignment errors
0 2 collision frames 0 FCS errors
0 3 collision frames 0 Oversize frames
0 4 collision frames 0 Undersize frames
0 5 collision frames 0 Collision fragments
0 7 collision frames 0 Minimum size frames
0 8 collision frames 0 65 to 127 byte frames
0 9 collision frames 0 128 to 255 byte frames
0 10 collision frames 0 256 to 511 byte frames
0 11 collision frames 0 512 to 1023 byte frames
0 12 collision frames 0 1024 to 1518 byte frames
0 13 collision frames 0 Overrun frames
0 14 collision frames 0 Pause frames
0 15 collision frames 0 Symbol error frames
0 Late collisions 0 Invalid frames, too large
0 VLAN discard frames 0 Valid frames, too large
0 Excess defer frames 0 Invalid frames, too small
0 64 byte frames 0 Valid frames, too small
0 255 byte frames 0 Too old frames
0 511 byte frames 0 Valid oversize frames
0 1023 byte frames 0 System FCS error frames
0 1518 byte frames 0 RxPortFifoFull drop frame
Table 0-5 Transmit Field Descriptions
|
|
Bytes |
The total number of bytes sent on an interface. |
Unicast Frames |
The total number of frames sent to unicast addresses. |
Multicast frames |
The total number of frames sent to multicast addresses. |
Broadcast frames |
The total number of frames sent to broadcast addresses. |
Too old frames |
The number of frames dropped on the egress port because the packet aged out. |
Deferred frames |
The number of frames that are not sent after the time exceeds 2*maximum-packet time. |
MTU exceeded frames |
The number of frames that are larger than the maximum allowed frame size. |
1 collision frames |
The number of frames that are successfully sent on an interface after one collision occurs. |
2 collision frames |
The number of frames that are successfully sent on an interface after two collisions occur. |
3 collision frames |
The number of frames that are successfully sent on an interface after three collisions occur. |
4 collision frames |
The number of frames that are successfully sent on an interface after four collisions occur. |
5 collision frames |
The number of frames that are successfully sent on an interface after five collisions occur. |
6 collision frames |
The number of frames that are successfully sent on an interface after six collisions occur. |
7 collision frames |
The number of frames that are successfully sent on an interface after seven collisions occur. |
8 collision frames |
The number of frames that are successfully sent on an interface after eight collisions occur. |
9 collision frames |
The number of frames that are successfully sent on an interface after nine collisions occur. |
10 collision frames |
The number of frames that are successfully sent on an interface after ten collisions occur. |
11 collision frames |
The number of frames that are successfully sent on an interface after 11 collisions occur. |
12 collision frames |
The number of frames that are successfully sent on an interface after 12 collisions occur. |
13 collision frames |
The number of frames that are successfully sent on an interface after 13 collisions occur. |
14 collision frames |
The number of frames that are successfully sent on an interface after 14 collisions occur. |
15 collision frames |
The number of frames that are successfully sent on an interface after 15 collisions occur. |
Excessive collisions |
The number of frames that could not be sent on an interface after 16 collisions occur. |
Late collisions |
After a frame is sent, the number of frames dropped because late collisions were detected while the frame was sent. |
VLAN discard frames |
The number of frames dropped on an interface because the CFI bit is set. |
Excess defer frames |
The number of frames that are not sent after the time exceeds the maximum-packet time. |
64 byte frames |
The total number of frames sent on an interface that are 64 bytes. |
127 byte frames |
The total number of frames sent on an interface that are from 65 to 127 bytes. |
255 byte frames |
The total number of frames sent on an interface that are from 128 to 255 bytes. |
511 byte frames |
The total number of frames sent on an interface that are from 256 to 511 bytes. |
1023 byte frames |
The total number of frames sent on an interface that are from 512 to 1023 bytes. |
1518 byte frames |
The total number of frames sent on an interface that are from 1024 to 1518 bytes. |
Too large frames |
The number of frames sent on an interface that are larger than the maximum allowed frame size. |
Good (1 coll) frames |
The number of frames that are successfully sent on an interface after one collision occurs. This value does not include the number of frames that are not successfully sent after one collision occurs. |
Table 0-6 Receive Field Descriptions
|
|
Bytes |
The total amount of memory (in bytes) used by frames received on an interface, including the FCS value and the incorrectly formed frames. This value excludes the frame header bits. |
Unicast frames |
The total number of frames successfully received on the interface that are directed to unicast addresses. |
Multicast frames |
The total number of frames successfully received on the interface that are directed to multicast addresses. |
Broadcast frames |
The total number of frames successfully received on an interface that are directed to broadcast addresses. |
Unicast bytes |
The total amount of memory (in bytes) used by unicast frames received on an interface, including the FCS value and the incorrectly formed frames. This value excludes the frame header bits. |
Multicast bytes |
The total amount of memory (in bytes) used by multicast frames received on an interface, including the FCS value and the incorrectly formed frames. This value excludes the frame header bits. |
Broadcast bytes |
The total amount of memory (in bytes) used by broadcast frames received on an interface, including the FCS value and the incorrectly formed frames. This value excludes the frame header bits. |
Alignment errors |
The total number of frames received on an interface that have alignment errors. |
FCS errors |
The total number of frames received on an interface that have a valid length (in bytes) but do not have the correct FCS values. |
Oversize frames |
The number of frames received on an interface that are larger than the maximum allowed frame size. |
Undersize frames |
The number of frames received on an interface that are smaller than 64 bytes. |
Collision fragments |
The number of collision fragments received on an interface. |
Minimum size frames |
The total number of frames that are the minimum frame size. |
65 to 127 byte frames |
The total number of frames that are from 65 to 127 bytes. |
128 to 255 byte frames |
The total number of frames that are from 128 to 255 bytes. |
256 to 511 byte frames |
The total number of frames that are from 256 to 511 bytes. |
512 to 1023 byte frames |
The total number of frames that are from 512 to 1023 bytes. |
1024 to 1518 byte frames |
The total number of frames that are from 1024 to 1518 bytes. |
Overrun frames |
The total number of overrun frames received on an interface. |
Pause frames |
The number of pause frames received on an interface. |
Symbol error frames |
The number of frames received on an interface that have symbol errors. |
Invalid frames, too large |
The number of frames received that were larger than maximum allowed MTU size (including the FCS bits and excluding the frame header) and that have either an FCS error or an alignment error. |
Valid frames, too large |
The number of frames received on an interface that are larger than the maximum allowed frame size. |
Invalid frames, too small |
The number of frames received that are smaller than 64 bytes (including the FCS bits and excluding the frame header) and that have either an FCS error or an alignment error. |
Valid frames, too small |
The number of frames received on an interface that are smaller than 64 bytes (or 68 bytes for VLAN-tagged frames) and that have valid FCS values. The frame size includes the FCS bits but excludes the frame header bits. |
Too old frames |
The number of frames dropped on the ingress port because the packet aged out. |
Valid oversize frames |
The number of frames received on an interface that are larger than the maximum allowed frame size and have valid FCS values. The frame size includes the FCS value but does not include the VLAN tag. |
System FCS error frames |
The total number of frames received on an interface that have a valid length (in bytes) but that do not have the correct FCS values. |
RxPortFifoFull drop frames |
The total number of frames received on an interface that are dropped because the ingress queue is full. |
This is an example of output from the show controllers ethernet-controller phy command for a specific interface:
Switch# show controllers ethernet-controller gigabitethernet1/1 phy
GigabitEthernet1/1 (gpn: 1, port-number: 1)
-----------------------------------------------------------
-----------------------------------------------
Transceiver : 0x00 0x00 0x00 0x08 0x00 0x00 0x00 0x00
Vendor Name : CISCO-METHODE
Vendor Part Number : SP7041
Vendor Revision : 0x43 0x20 0x20 0x20
Vendor Serial Number : 00000MTC1017075F
-----------------------------------------------
-------------------------------------------------------
Embedded PHY : not present
SFP failed oper flag : 0x0
This is an example of output from the show controllers ethernet-controller port-asic configuration command:
Switch# show controllers ethernet-controller port-asic configuration
========================================================================
Switch 1, PortASIC 0 Registers
------------------------------------------------------------------------
SupervisorReceiveFifoSramInfo : 000007D0 000007D0 40000000
SupervisorTransmitFifoSramInfo : 000001D0 000001D0 40000000
IndicationStatus : 00000000
IndicationStatusMask : FFFFFFFF
InterruptStatus : 00000000
InterruptStatusMask : 01FFE800
SupervisorDiag : 00000000
SupervisorFrameSizeLimit : 000007C8
SupervisorBroadcast : 000A0F01
GeneralIO : 000003F9 00000000 00000004
StackPcsInfo : FFFF1000 860329BD 5555FFFF FFFFFFFF
FF0FFF00 86020000 5555FFFF 00000000
StackRacInfo : 73001630 00000003 7F001644 00000003
24140003 FD632B00 18E418E0 FFFFFFFF
StackControlStatus : 18E418E0
stackControlStatusMask : FFFFFFFF
TransmitBufferFreeListInfo : 00000854 00000800 00000FF8 00000000
0000088A 0000085D 00000FF8 00000000
TransmitRingFifoInfo : 00000016 00000016 40000000 00000000
0000000C 0000000C 40000000 00000000
TransmitBufferInfo : 00012000 00000FFF 00000000 00000030
TransmitBufferCommonCount : 00000F7A
TransmitBufferCommonCountPeak : 0000001E
TransmitBufferCommonCommonEmpty : 000000FF
NetworkActivity : 00000000 00000000 00000000 02400000
DroppedStatistics : 00000000
FrameLengthDeltaSelect : 00000001
SneakPortFifoInfo : 00000000
MacInfo : 0EC0801C 00000001 0EC0801B 00000001
00C0001D 00000001 00C0001E 00000001
This is an example of output from the show controllers ethernet-controller port-asic statistics command:
Switch# show controllers ethernet-controller port-asic statistics
===========================================================================
Switch 1, PortASIC 0 Statistics
---------------------------------------------------------------------------
0 RxQ-0, wt-0 enqueue frames 0 RxQ-0, wt-0 drop frames
4118966 RxQ-0, wt-1 enqueue frames 0 RxQ-0, wt-1 drop frames
0 RxQ-0, wt-2 enqueue frames 0 RxQ-0, wt-2 drop frames
0 RxQ-1, wt-0 enqueue frames 0 RxQ-1, wt-0 drop frames
296 RxQ-1, wt-1 enqueue frames 0 RxQ-1, wt-1 drop frames
2836036 RxQ-1, wt-2 enqueue frames 0 RxQ-1, wt-2 drop frames
0 RxQ-2, wt-0 enqueue frames 0 RxQ-2, wt-0 drop frames
0 RxQ-2, wt-1 enqueue frames 0 RxQ-2, wt-1 drop frames
158377 RxQ-2, wt-2 enqueue frames 0 RxQ-2, wt-2 drop frames
0 RxQ-3, wt-0 enqueue frames 0 RxQ-3, wt-0 drop frames
0 RxQ-3, wt-1 enqueue frames 0 RxQ-3, wt-1 drop frames
0 RxQ-3, wt-2 enqueue frames 0 RxQ-3, wt-2 drop frames
15 TxBufferFull Drop Count 0 Rx Fcs Error Frames
0 TxBufferFrameDesc BadCrc16 0 Rx Invalid Oversize Frames
0 TxBuffer Bandwidth Drop Cou 0 Rx Invalid Too Large Frames
0 TxQueue Bandwidth Drop Coun 0 Rx Invalid Too Large Frames
0 TxQueue Missed Drop Statist 0 Rx Invalid Too Small Frames
74 RxBuffer Drop DestIndex Cou 0 Rx Too Old Frames
0 SneakQueue Drop Count 0 Tx Too Old Frames
0 Learning Queue Overflow Fra 0 System Fcs Error Frames
0 Learning Cam Skip Count
15 Sup Queue 0 Drop Frames 0 Sup Queue 8 Drop Frames
0 Sup Queue 1 Drop Frames 0 Sup Queue 9 Drop Frames
0 Sup Queue 2 Drop Frames 0 Sup Queue 10 Drop Frames
0 Sup Queue 3 Drop Frames 0 Sup Queue 11 Drop Frames
0 Sup Queue 4 Drop Frames 0 Sup Queue 12 Drop Frames
0 Sup Queue 5 Drop Frames 0 Sup Queue 13 Drop Frames
0 Sup Queue 6 Drop Frames 0 Sup Queue 14 Drop Frames
0 Sup Queue 7 Drop Frames 0 Sup Queue 15 Drop Frames
===========================================================================
Switch 1, PortASIC 1 Statistics
---------------------------------------------------------------------------
0 RxQ-0, wt-0 enqueue frames 0 RxQ-0, wt-0 drop frames
52 RxQ-0, wt-1 enqueue frames 0 RxQ-0, wt-1 drop frames
0 RxQ-0, wt-2 enqueue frames 0 RxQ-0, wt-2 drop frames
Related Commands
|
|
show controllers cpu-interface |
Displays the state of the CPU network ASIC and send and receive statistics for packets reaching the CPU. |
show controllers power inline |
Displays the state of registers for all ternary content addressable memory (TCAM) in the system and for TCAM interface ASICs that are CAM controllers. |
show controllers power inline
Use the show controllers power inline command in EXEC mode to display the values in the registers of the specified Power over Ethernet (PoE) controller.
show controllers power inline [ instance ]
Syntax Description
instance |
(Optional) Power controller instance, where each instance corresponds to four ports. If no instance is specified, information for all instances appear. |
Command Modes
User EXEC
Privileged EXEC
Command History
|
|
15.0(2)EA |
This command is introduced. |
Usage Guidelines
The instance range is 0 to 1. For instances other than 0 to 1, the switchs provides no output.
Though the instances are visible on all switches, this command is valid only for PoE switches. The command does not provide information for switches that do not support PoE.
The output provides information that might be useful for Cisco technical support representatives troubleshooting the switch.
Examples
This is an example of output from the show controllers power inline command on a switch:
Switch# show controllers power inline
Controller Instance 0, Address 0x50
Power Event Reg 0x2 = 0x0
Detect Event Reg 0x4 = 0x1
Fault Event Reg 0x6 = 0x0
T-Start Event Reg 0x8 = 0x0
Supply Event Reg 0xA = 0x0
Port 1 Status Reg 0xC = 0x6
Port 3 Status Reg 0xD = 0x6
Port 5 Status Reg 0xE = 0x6
Port 7 Status Reg 0xF = 0x6
Power Status Reg 0x10 = 0x0
Pin Status Reg 0x11 = 0x20
Operating Mode Reg 0x12 = 0xAA
Disconnect Enable Reg 0x13 = 0xF
Detect/Class Enable Reg 0x14 = 0xFF
Timing Config Reg 0x16 = 0x0
Misc Config Reg 0x17 = 0x80
ID Revision Reg 0x1B = 0x41
Police Value Reg 0x1E = 0xF
IEEE Type1 Penable Reg 0x23 = no
IEEE Type2 Penable Reg 0x23 = no
IEEEF Power On Fault Reg 0x24 = No Fault
2XPow Enabled Reg 0x40 = no
Police Value Reg 0x1E = 0xF
IEEE Type1 Penable Reg 0x23 = no
IEEE Type2 Penable Reg 0x23 = no
IEEEF Power On Fault Reg 0x24 = No Fault
2XPow Enabled Reg 0x40 = no
Police Value Reg 0x1F = 0xF
IEEE Type1 Penable Reg 0x23 = no
IEEE Type2 Penable Reg 0x23 = no
IEEEF Power On Fault Reg 0x24 = No Fault
2XPow Enabled Reg 0x40 = no
Police Value Reg 0x1F = 0xF
IEEE Type1 Penable Reg 0x23 = no
IEEE Type2 Penable Reg 0x23 = no
IEEEF Power On Fault Reg 0x24 = No Fault
2XPow Enabled Reg 0x40 = no
MCU temperature Reg 0x2C = 86
Vee Voltage Reg 0x2E/2F = 9285
Firmware Revision Reg 0x41 = 32
WdogTimer Disable Reg 0x42 = 11
WdogTimer Status Reg 0x42 = 0
SiliconRevision Reg 0x43 = 5
show controllers tcam
To display the state of the registers for all ternary content addressable memory (TCAM) in the system and for all TCAM interface ASICs that are CAM controllers, use the show controllers tcam command in Privileged EXEC mode.
show controllers tcam [ asic [ number ]] [ detail ]
Syntax Description
asic |
(Optional) Displays port ASIC TCAM information. |
number |
(Optional) Displays information for the specified port ASIC number. The range is from 0 to 15. |
detail |
(Optional) Displays detailed TCAM register information. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
This command provides information that might be useful for Cisco technical support representatives troubleshooting the switch.
Examples
This is an example of output from the show controllers tcam command:
Switch# show controllers tcam
------------------------------------------------------------------------
------------------------------------------------------------------------
GMR31: FF_FFFFFFFF_FFFFFFFF
GMR32: FF_FFFFFFFF_FFFFFFFF
GMR33: FF_FFFFFFFF_FFFFFFFF
=============================================================================
TCAM related PortASIC 1 registers
=============================================================================
LookupType: 89A1C67D_24E35F00
ForwardingRamBaseAddress:
00022A00 0002FE00 00040600 0002FE00 0000D400
00000000 003FBA00 00009000 00009000 00040600
00000000 00012800 00012900
show controllers utilization
To display bandwidth utilization on the switch or specific ports, use the show controllers utilization command in EXEC mode.
show controllers [ interface-id ] utilization
Syntax Description
interface-id |
(Optional) ID of the switch interface. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show controllers utilization command:
Switch> show controllers utilization
Port Receive Utilization Transmit Utilization
Switch Receive Bandwidth Percentage Utilization : 0
Switch Transmit Bandwidth Percentage Utilization : 0
Switch Fabric Percentage Utilization : 0
This is an example of output from the show controllers utilization command on a specific port:
Switch> show controllers gigabitethernet1/1 utilization
Receive Bandwidth Percentage Utilization : 0
Transmit Bandwidth Percentage Utilization : 0
Table 0-7 show controllers utilization Field Descriptions
|
|
Receive Bandwidth Percentage Utilization |
Displays the received bandwidth usage of the switch, which is the sum of the received traffic on all the ports divided by the switch receive capacity. |
Transmit Bandwidth Percentage Utilization |
Displays the transmitted bandwidth usage of the switch, which is the sum of the transmitted traffic on all the ports divided it by the switch transmit capacity. |
Fabric Percentage Utilization |
Displays the average of the transmitted and received bandwidth usage of the switch. |
show dot1x
To display IEEE 802.1x statistics, administrative status, and operational status for the switch or for the specified port, use the show dot1x command in EXEC mode.
show dot1x [{ all [ summary ] | interface interface-id } [ details | statistics ]]
Syntax Description
all summary |
(Optional) Displays the IEEE 802.1x status for all ports. |
interface interface-id |
(Optional) Displays the IEEE 802.1x status for the specified port (including type, module, and port number). |
details |
(Optional) Displays the IEEE 802.1x interface details. |
statistics |
(Optional) Displays IEEE 802.1x statistics for the specified port. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
If you do not specify a port, global parameters and a summary appear. If you specify a port, details for that port appear.
If the port control is configured as unidirectional or bidirectional control and this setting conflicts with the switch configuration, the show dot1x { all | interface interface-id } privileged EXEC command output has this information:
ControlDirection = In (Inactive)
Examples
This is an example of output from the show dot1x EXEC command:
Critical Recovery Delay 100
This is an example of output from the show dot1x all EXEC command:
Critical Recovery Delay 100
Dot1x Info for GigabitEthernet1/1
-----------------------------------
ReAuthentication = Disabled
ReAuthPeriod = 3600 (Locally configured)
This is an example of output from the show dot1x all summary EXEC command:
Interface PAE Client Status
--------------------------------------------------------
Gi1/1 AUTH none UNAUTHORIZED
Gi1/2 AUTH 00a0.c9b8.0072 AUTHORIZED
Fa1/1 AUTH none UNAUTHORIZED
This is an example of output from the show dot1x interface interface-id EXEC command:
Switch> show dot1x interface gigabitethernet1/2
Dot1x Info for GigabitEthernet1/2
-----------------------------------
ReAuthentication = Disabled
ReAuthPeriod = 3600 (Locally configured)
This is an example of output from the show dot1x interface interface-id details EXEC command:
Switch# show dot1x interface gigabitethernet1/2 details
Dot1x Info for GigabitEthernet1/2
-----------------------------------
ReAuthentication = Disabled
ReAuthPeriod = 3600 (Locally configured)
Dot1x Authenticator Client List Empty
This is an example of output from the show dot1x interface interface-id details commmand when a port is assigned to a guest VLAN and the host mode changes to multiple-hosts mode:
Switch# show dot1x interface gigabitethernet1/1 details
Dot1x Info for GigabitEthernet1/1
-----------------------------------
ReAuthentication = Enabled
ReAuthPeriod = 3600 (Locally configured)
Dot1x Authenticator Client List Empty
Authorized By = Guest-Vlan
Operational HostMode = MULTI_HOST
This is an example of output from the show dot1x interface interface-id statistics command. Table 0-8 describes the fields in the display.
Switch> show dot1x interface gigabitethernet1/2 statistics
Dot1x Authenticator Port Statistics for GigabitEthernet1/2
--------------------------------------------
RxStart = 0 RxLogoff = 0 RxResp = 1 RxRespID = 1
RxInvalid = 0 RxLenErr = 0 RxTotal = 2
TxReq = 2 TxReqID = 132 TxTotal = 134
RxVersion = 2 LastRxSrcMAC = 00a0.c9b8.0072
Table 0-8 show dot1x statistics Field Descriptions
|
|
RxStart |
Number of valid EAPOL-start frames that have been received. |
RxLogoff |
Number of EAPOL-logoff frames that have been received. |
RxResp |
Number of valid EAP-response frames (other than response/identity frames) that have been received. |
RxRespID |
Number of EAP-response/identity frames that have been received. |
RxInvalid |
Number of EAPOL frames that have been received and have an unrecognized frame type. |
RxLenError |
Number of EAPOL frames that have been received in which the packet body length field is invalid. |
RxTotal |
Number of valid EAPOL frames of any type that have been received. |
TxReq |
Number of EAP-request frames (other than request/identity frames) that have been sent. |
TxReqId |
Number of Extensible Authentication Protocol (EAP)-request/identity frames that have been sent. |
TxTotal |
Number of Extensible Authentication Protocol over LAN (EAPOL) frames of any type that have been sent. |
RxVersion |
Number of received packets in the IEEE 802.1x Version 1 format. |
LastRxSrcMac |
Source MAC address carried in the most recently received EAPOL frame. |
Related Commands
|
|
dot1x default |
Resets the IEEE 802.1x parameters to their default values. |
show dtp
To display Dynamic Trunking Protocol (DTP) information for the switch or for a specified interface, use the show dtp command in Privileged EXEC mode.
show dtp [ interface interface-id ]
Syntax Description
interface interface-id |
(Optional) Displays port security settings for the specified interface. Valid interfaces include physical ports (including type, module, and port number). |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show dtp command:
Sending DTP Hello packets every 30 seconds
Dynamic Trunk timeout is 300 seconds
This is an example of output from the show dtp interface command:
Switch# show dtp interface gigabitethernet1/1
DTP information for GigabitEthernet1/1:
TOS/TAS/TNS: ACCESS/AUTO/ACCESS
TOT/TAT/TNT: NATIVE/NEGOTIATE/NATIVE
Neighbor address 1: 000943A7D081
Neighbor address 2: 000000000000
Hello timer expiration (sec/state): 1/RUNNING
Access timer expiration (sec/state): never/STOPPED
Negotiation timer expiration (sec/state): never/STOPPED
Multidrop timer expiration (sec/state): never/STOPPED
3160 packets received (3160 good)
0 nonegotiate, 0 bad version, 0 domain mismatches, 0 bad TLVs, 0 other
6320 packets output (6320 good)
1 link ups, last link up on Mon Mar 01 1993, 01:02:29
show eap
To display Extensible Authentication Protocol (EAP) registration and session information for the switch or for the specified port, use the show eap command in Privileged EXEC mode.
show eap {{ registrations [ method [ name ] | transport [ name ]]} | { sessions [ credentials name [ interface interface-id ] | interface interface-id | method name | transport name ]}} [ credentials name | interface interface-id | transport name ]
Syntax Description
registrations |
Displays EAP registration information. |
method name |
(Optional) Displays EAP method registration information. |
transport name |
(Optional) Displays EAP transport registration information. |
sessions |
Displays EAP session information. |
credentials name |
(Optional) Displays EAP method registration information. |
interface interface-id |
(Optional) Displays the EAP information for the specified port (including type, module, and port number). |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
When you use the show eap registrations privileged EXEC command with these keywords, the command output shows this information:
- None—All the lower levels used by EAP and the registered EAP methods.
- method name keyword—The specified method registrations.
- transport name keyword—The specific lower-level registrations.
When you use the show eap sessions privileged EXEC command with these keywords, the command output shows this information:
- None—All active EAP sessions.
- credentials name keyword—The specified credentials profile.
- interface interface-id keyword—The parameters for the specified interface.
- method name keyword—The specified EAP method.
- transport name keyword—The specified lower layer.
Examples
This is an example of output from the show eap registrations all privileged EXEC command:
Switch> show eap registrations
Registered EAP Lower Layers:
2 Authenticator Dot1x-Authenticator
This is an example of output from the show eap registrations transport privileged EXEC command:
Switch> show eap registrations transport all
Registered EAP Lower Layers:
2 Authenticator Dot1x-Authenticator
This is an example of output from the show eap sessions privileged EXEC command:
Switch> show eap sessions
Role: Authenticator Decision: Fail
Lower layer: Dot1x-AuthenticaInterface: Gi1/1
Current method: None Method state: Uninitialised
Retransmission count: 0 (max: 2) Timer: Authenticator
ReqId Retransmit (timeout: 30s, remaining: 2s)
EAP handle: 0x5200000A Credentials profile: None
Lower layer context ID: 0x93000004 Eap profile name: None
Method context ID: 0x00000000 Peer Identity: None
Start timeout (s): 1 Retransmit timeout (s): 30 (30)
Current ID: 2 Available local methods: None
Role: Authenticator Decision: Fail
Lower layer: Dot1x-AuthenticaInterface: Gi1/2
Current method: None Method state: Uninitialised
Retransmission count: 0 (max: 2) Timer: Authenticator
ReqId Retransmit (timeout: 30s, remaining: 2s)
EAP handle: 0xA800000B Credentials profile: None
Lower layer context ID: 0x0D000005 Eap profile name: None
Method context ID: 0x00000000 Peer Identity: None
Start timeout (s): 1 Retransmit timeout (s): 30 (30)
Current ID: 2 Available local methods: None
This is an example of output from the show eap sessions interface interface-id privileged EXEC command:
Switch# show eap sessions interface gigabitethernet1/1
Role: Authenticator Decision: Fail
Lower layer: Dot1x-AuthenticaInterface: Gi1/1
Current method: None Method state: Uninitialised
Retransmission count: 1 (max: 2) Timer: Authenticator
ReqId Retransmit (timeout: 30s, remaining: 13s)
EAP handle: 0x5200000A Credentials profile: None
Lower layer context ID: 0x93000004 Eap profile name: None
Method context ID: 0x00000000 Peer Identity: None
Start timeout (s): 1 Retransmit timeout (s): 30 (30)
Current ID: 2 Available local methods: None
Related Commands
|
|
clear eap sessions |
Clears EAP session information for the switch or for the specified port. |
show env
To show switch environment information, use the show env command in EXEC mode.
show env { all | power | temperature [ status ]}
Syntax Description
all |
Displays both fan and temperature environmental status. |
power |
Displays the switch power status. |
temperature |
Displays the switch temperature status. |
status |
(Optional) Displays the switch internal temperature. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The command output shows the green and yellow states as OK and the red state as FAULTY.
If you enter the show env all command on this switch, the command output is the same as the show env temperature status command output.
For more information about the threshold levels, see the software configuration guide for this release.
Examples
This is an example of output from the show env all command:
Temperature Value: 48 Degree Celsius
This is an example of output from the show env power command.
Power supply B is DC FAULTY
This is an example of output from the show env temperature command.
Switch> show env temperature
This is an example of output from the show env temperature status command.
Switch> show env temperature status
Temperature Value: 48 Degree Celsius
show env alarm-contact
To show the alarm contact information, use the show env alarm contact command in EXEC mode.
show env alarm contact
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This example shows the output of the show env alarm-contact command:
Switch# show env alarm-contact
Description: external alarm contact 2
show errdisable detect
To display error-disabled detection status, use the show errdisable detect command in EXEC mode.
show errdisable detect
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
A displayed gbic-invalid
error reason refers to an invalid small form-factor pluggable (SFP) module.
Examples
This is an example of output from the show errdisable detect command:
Switch> show errdisable detect
ErrDisable Reason Detection Mode
----------------- --------- ----
arp-inspection Enabled port
channel-misconfig Enabled port
community-limit Enabled port
dhcp-rate-limit Enabled port
gbic-invalid Enabled port
inline-power Enabled port
invalid-policy Enabled port
psecure-violation Enabled port/vlan
security-violatio Enabled port
sfp-config-mismat Enabled port
storm-control Enabled port
show errdisable flap-values
To display conditions that cause an error to be recognized for a cause, use the show errdisable flap-values command in EXEC mode.
show errdisable flap-values
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The Flaps column in the command display shows how many changes to the state within the specified time interval will cause an error to be detected and a port to be disabled. For example, the display shows that an error will be assumed and the port shut down if three Dynamic Trunking Protocol (DTP)-state (port mode access/trunk) or Port Aggregation Protocol (PAgP) flap changes occur during a 30-second interval, or if 5 link-state (link up/down) changes occur during a 10-second interval.
ErrDisable Reason Flaps Time (sec)
----------------- ------ ----------
Examples
This is an example of output from the show errdisable flap-values command:
Switch> show errdisable flap-values
ErrDisable Reason Flaps Time (sec)
----------------- ------ ----------
show errdisable recovery
To display the error-disabled recovery timer information, use the show errdisable recovery command in EXEC mode.
show errdisable recovery
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
A gbic-invalid error-disable reason shown in the command output refers to an invalid small form-factor pluggable (SFP) module interface.
Examples
This is an example of output from the show errdisable recovery command:
Switch> show errdisable recovery
ErrDisable Reason Timer Status
----------------- --------------
security-violatio Disabled
channel-misconfig Disabled
psecure-violation Disabled
Timer interval:300 seconds
Interfaces that will be enabled at the next timeout:
Interface Errdisable reason Time left(sec)
--------- ----------------- --------------
Note
Though visible in the output, the unicast-flood field is not valid.
show etherchannel
To display EtherChannel information for a channel, use the show etherchannel command in EXEC mode.
show etherchannel [ channel-group-number { detail | port | port-channel | protocol | summary }] { detail | load-balance | port | port-channel | protocol | summary }
Syntax Description
channel-group - number |
(Optional) Number of the channel group. The range is 1 to 6. |
detail |
Displays detailed EtherChannel information. |
load-balance |
Displays the load-balance or frame-distribution scheme among ports in the port channel. |
port |
Displays EtherChannel port information. |
port-channel |
Displays port-channel information. |
protocol |
Displays the protocol that is being used in the EtherChannel. |
summary |
Displays a one-line summary per channel-group. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
If you do not specify a channel-group-number value, all channel groups are displayed.
In the output, the Passive port list field is displayed only for Layer 3 port channels. This field means that the physical port, which is still not up, is configured to be in the channel group (and indirectly is in the only port channel in the channel group).
Examples
This is an example of output from the show etherchannel 1 detail command:
Switch> show etherchannel 1 detail
Port-channels: 1 Max Port-channels = 16
Port state = Up Mstr In-Bndl
Channel group = 1 Mode = Active Gcchange = -
Port-channel = Po1 GC = - Pseudo port-channel = Po1
Port index = 0 Load = 0x00 Protocol = LACP
Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDU
A - Device is in active mode. P - Device is in passive mode.
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi1/1 SA bndl 32768 0x0 0x1 0x0 0x3D
Age of the port in the current state: 01d:20h:06m:04s
Port-channels in the group:
Port-channel: Po1 (Primary Aggregator)
Age of the Port-channel = 01d:20h:20m:26s
Logical slot/port = 10/1 Number of ports = 2
Port state = Port-channel Ag-Inuse
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
Time since last port bundled: 01d:20h:20m:20s Gi1/2
This is an example of output from the show etherchannel 1 summary command:
Switch> show etherchannel 1 summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
u - unsuitable for bundling
U - in use f - failed to allocate aggregator
Number of channel-groups in use: 1
Group Port-channel Protocol Ports
------+-------------+-----------+----------------------------------------
1 Po1(SU) LACP Gi1/1(P) Gi1/2(P)
This is an example of output from the show etherchannel 1 port-channel command:
Switch> show etherchannel 1 port-channel
Port-channels in the group:
Port-channel: Po1 (Primary Aggregator)
Age of the Port-channel = 01d:20h:24m:50s
Logical slot/port = 10/1 Number of ports = 2
Port state = Port-channel Ag-Inuse
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
Time since last port bundled: 01d:20h:24m:44s Gi1/2
This is an example of output from the show etherchannel protocol command:
Switch# show etherchannel protocol
show facility-alarm status
To display all generated alarms for the switch, use the show facility-alarm status command in EXEC mode.
show facility-alarm status [ critical | info | major | minor ]
Syntax Description
critical |
(Optional) Displays only critical facility alarms. |
info |
(Optional) Displays all facility alarms. |
major |
(Optional) Displays major facility alarms and higher. |
minor |
(Optional) Displays major facility alarms and higher. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show facility-alarm status command. It displays alarm information for the switch.
Switch# show facility-alarm status
Source Severity Description Relay Time
toyota_S16_sps1 MAJOR 1 Temp above max primary thresh MAJ Oct 06
Switch> show facility-alarm status
Source Severity Description Relay Time
FastEthernet1/3 MINOR 2 Port Not Forwarding NONE Mar 01
show fallback profile
To display the fallback profiles that are configured on a switch, use the show fallback profile command in Privileged EXEC mode.
show fallback profile
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use the show fallback profile privileged EXEC command to display profiles that are configured on the switch.
Examples
This is an example of output from the show fallback profile command:
switch# show fallback profile
------------------------------------
IP Admission Rule : webauth-fallback
IP Access-Group IN: default-policy
Profile Name: dot1x-www-lpip
------------------------------------
IP Admission Rule : web-lpip
IP Access-Group IN: default-policy
------------------------------------
Related Commands
|
|
dot1x fallback |
Configures a port to use web authentication as a fallback method for clients that do not support IEEE 802.1x authentication. |
fallback profile |
Creates a web authentication fallback profile. |
ip admission |
Enables web authentication on a switch port |
ip admission name proxy http |
Enables web authentication globally on a switch |
show dot1x [ interface interface-id ] |
Displays IEEE 802.1x status for the specified port. |
show fcs-threshold
To display the frame check sequence (FCS) bit error-rate settings on the switch interfaces, use the show fcs-threshold command in EXEC mode.
show fcs-threshold
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The Ethernet standard calls for a maximum bit error rate of 10-8. In the switch, the configurable bit error-rate range is from 10-6 to 10-11. The bit error-rate input to the switch is a positive exponent. The output displays the positive exponent; an output of 9 means that the bit error-rate is 10-9.
Examples
This is an example of output from the show fcs-threshold command. It shows the output when all ports are set to the default FCS threshold.
Switch# show fcs-threshold
show flowcontrol
To display the flow control status and statistics, use the show flowcontrol command in EXEC mode.
show flowcontrol [ interface interface-id | module number ]
Syntax Description
interface interface-id |
(Optional) Displays the flow control status and statistics for a specific interface. |
module number |
(Optional) Displays the flow control status and statistics for all interfaces on the switch. Module number is 1. This option is not available if you have entered a specific interface ID. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use this command to display the flow control status and statistics on the switch or for a specific interface.
Use the show flowcontrol command to display information about all the switch interfaces. The output from the show flowcontrol command is the same as the output from the show flowcontrol module number command.
Use the show flowcontrol interface interface-id command to display information about a specific interface.
Examples
This is an example of output from the show flowcontrol command.
Port Send FlowControl Receive FlowControl RxPause TxPause
--------- -------- -------- -------- -------- ------- -------
Gi1/1 Unsupp. Unsupp. off off 0 0
Gi1/2 desired off off off 0 0
Gi1/3 desired off off off 0 0
This is an example of output from the show flowcontrol interface interface-id command:
Switch> show flowcontrol interface gigabitethernet1/2
Port Send FlowControl Receive FlowControl RxPause TxPause
--------- -------- -------- -------- -------- ------- -------
Gi1/2 desired off off off 0 0
Related Commands
|
|
flowcontrol |
Sets the receive flow-control state for an interface. |
show interfaces
To display the administrative and operational status of all interfaces or a specified interface, use the show interfaces command in Privileged EXEC mode.
show interfaces [ interface-id | vlan vlan-id ] [ accounting | capabilities [ module number ] | counters | description | etherchannel | flowcontrol | rep | pruning | stats | status [ err-disabled ] | [ backup | module number ] | transceiver | properties | detail [ module number ] | trunk ]
Syntax Description
interface-id |
(Optional) Valid interfaces include physical ports (including type, module, and port number) and port channels. The port-channel range is 1 to 6. |
vlan vlan-id |
(Optional) Specifies VLAN identification. The range is 1 to 4094. |
accounting |
(Optional) Displays accounting information on the interface, including active protocols and input and output packets and octets. Note The display shows only packets processed in software; hardware-switched packets do not appear. |
capabilities |
(Optional) Displays the capabilities of all interfaces or the specified interface, including the features and options that you can configure on the interface. Though visible in the command line help, this option is not available for VLAN IDs. |
module number |
(Optional) Displays capabilities or transceiver characteristics (depending on preceding keyword) of all interfaces on the switch. The only valid module number is 1. This option is not available if you enter a specific interface ID. |
counters |
(Optional) Displays the show interfaces counters information. |
description |
(Optional) Displays the administrative status and description set for an interface. |
etherchannel |
(Optional) Displays interface EtherChannel information. |
flowcontrol |
(Optional) Displays interface flow control information |
pruning |
(Optional) Displays interface trunk VTP pruning information. |
rep |
(Optional) Displays the show interfaces rep information. |
stats |
(Optional) Displays the input and output packets by switching path for the interface. |
status |
(Optional) Displays the status of the interface. A status of unsupported in the Type field means that a non-Cisco small form-factor pluggable (SFP) module is inserted in the module slot. |
err-disabled |
(Optional) Displays interfaces in error-disabled state. |
backup |
(Optional) Displays Flex Link backup interface configuration and status for the specified interface or all interfaces on the switch. |
transceiver detail | properties |
(Optional) Displays the physical properties of a CWDM or DWDM small form-factor (SFP) module interface. The keywords have these meanings:
- detail — (Optional) Displays calibration properties, including high and low numbers and any alarm information.
- properties —( Optional) Displays speed and duplex settings on an interface.
|
trunk |
Displays interface trunk information. If you do not specify an interface, only information for active trunking ports appears. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The show interfaces capabilities command with different keywords has these results:
- Use the show interfaces capabilities module 1 to display the capabilities of all interfaces on the switch. Entering any other number is invalid.
- Use the show interfaces interface-id capabilities to display the capabilities of the specified interface.
- Use the show interfaces capabilities (with no module number or interface ID) to display the capabilities of all interfaces on the switch.
Note
Though visible in the command-line help strings, the crb, fair-queue, irb, mac-accounting, precedence, random-detect, rate-limit, and shape keywords are not supported.
Examples
This is an example of output from the show interfaces interface-id command for an interface:
Switch# show interface GigabitEthernet1/2
GigabitEthernet1/2 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 001e.1300.4882 (bia 001e.1300.4882)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s, link type is auto, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:00, output hang never
Last clearing of ''show interface'' counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 4 packets/sec
5 minute output rate 17000 bits/sec, 27 packets/sec
553226 packets input, 39772509 bytes, 0 no buffer
Received 530934 broadcasts (529980 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 529980 multicast, 0 pause input
0 input packets with dribble condition detected
4031941 packets output, 317450903 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
This is an example of output from the show interfaces accounting command.
Switch# show interfaces accounting
Protocol Pkts In Chars In Pkts Out Chars Out
IP 1094395 131900022 559555 84077157
Spanning Tree 283896 17033760 42 2520
ARP 63738 3825680 231 13860
Interface Vlan2 is disabled
Protocol Pkts In Chars In Pkts Out Chars Out
No traffic sent or received on this interface.
Protocol Pkts In Chars In Pkts Out Chars Out
No traffic sent or received on this interface.
Protocol Pkts In Chars In Pkts Out Chars Out
No traffic sent or received on this interface.
Protocol Pkts In Chars In Pkts Out Chars Out
No traffic sent or received on this interface.
This is an example of output from the show interfaces capabilities interface-id command for an interface.
Switch# show interfaces GigabitEthernet1/2 capabilities
Trunk encap. type: 802.1Q
Trunk mode: on,off,desirable,nonegotiate
Broadcast suppression: percentage(0-100)
Flowcontrol: rx-(off,on,desired),tx-(none)
QoS scheduling: rx-(not configurable on per port basis),
tx-(4q3t) (3t: Two configurable values and one fixed.)
Multiple Media Types: rj45, sfp, auto-select
This is an example of output from the show interfaces interface description command when the interface has been described as Connects to Marketing by using the description interface configuration command.
Switch# show interfaces gigabitethernet1/2 description
Interface Status Protocol Description
Gi1/2 up down Connects to Marketing
This is an example of output from the show interfaces etherchannel command when port channels are configured on the switch:
Switch# show interfaces etherchannel
Age of the Port-channel = 03d:20h:17m:29s
Logical slot/port = 10/1 Number of ports = 0
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel Ag-Not-Inuse
Age of the Port-channel = 03d:20h:17m:29s
Logical slot/port = 10/2 Number of ports = 0
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel Ag-Not-Inuse
Age of the Port-channel = 03d:20h:17m:29s
Logical slot/port = 10/3 Number of ports = 0
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel Ag-Not-Inuse
This is an example of output from the show interfaces interface-id pruning command when pruning is enabled in the VTP domain:
Switch# show interfaces gigibitethernet1/2 pruning
Port Vlans pruned for lack of request by neighbor
Port Vlans traffic requested of neighbor
This is an example of output from the show interfaces stats command for a specified VLAN interface.
Switch# show interfaces vlan 1 stats
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 1165354 136205310 570800 91731594
Total 1165354 136205310 570800 91731594
This is an example of partial output from the show interfaces status command. It displays the status of all interfaces.
Switch# show interfaces status
Port Name Status Vlan Duplex Speed Type
Fa1/1 notconnect 1 auto auto 10/100BaseTX
Fa1/2 notconnect 1 auto auto 10/100BaseTX
Fa1/3 notconnect 1 auto auto 10/100BaseTX
Fa1/4 notconnect 1 auto auto 10/100BaseTX
Fa2/1 notconnect 1 auto auto 10/100BaseTX
Fa2/2 notconnect 1 auto auto 10/100BaseTX
Fa2/3 notconnect 1 auto auto 10/100BaseTX
Fa2/4 notconnect 1 auto auto 10/100BaseTX
Fa2/5 notconnect 1 auto auto 10/100BaseTX
Fa2/6 notconnect 1 auto auto 10/100BaseTX
Fa2/7 notconnect 1 auto auto 10/100BaseTX
Fa2/8 notconnect 1 auto auto 10/100BaseTX
This is an example of output from the show interfaces status err-disabled command. It displays the status of interfaces in the error-disabled state.
Switch# show interfaces status err-disabled
Gi1/2 err-disabled dtp-flap
This is an example of output from the show interfaces interface-id pruning command:
Switch# show interfaces gigibitethernet1/2 pruning
Port Vlans pruned for lack of request by neighbor
This is an example of output from the show interfaces interface-id trunk command. It displays trunking information for the port.
Switch# show interfaces gigabitethernet1/1 trunk
Port Mode Encapsulation Status Native vlan
Gi1/1 auto negotiate trunking 1
Port Vlans allowed on trunk
Port Vlans allowed and active in management domain
Port Vlans in spanning tree forwarding state and not pruned
This is an example of output from the show interfaces interface-id transceiver properties command:
Switch# show interfaces gigabitethernet1/2 transceiver properties
Administrative Speed: auto
Administrative Duplex: auto
Administrative Auto-MDIX: off
Operational Auto-MDIX: off
This is an example of output from the show interfaces interface-id transceiver detail command:
Switch# show interfaces gigabitethernet1/3 transceiver detail
ITU Channel not available (Wavelength not available),
Transceiver is externally calibrated.
mA:milliamperes, dBm:decibels (milliwatts), N/A:not applicable.
++:high alarm, +:high warning, -:low warning, -- :low alarm.
A2D readouts (if they differ), are reported in parentheses.
The threshold values are uncalibrated.
High Alarm High Warn Low Warn Low Alarm
Temperature Threshold Threshold Threshold Threshold
Port (Celsius) (Celsius) (Celsius) (Celsius) (Celsius)
------- ------------------ ---------- --------- --------- ---------
Gi1/3 41.5 110.0 103.0 -8.0 -12.0
High Alarm High Warn Low Warn Low Alarm
Voltage Threshold Threshold Threshold Threshold
Port (Volts) (Volts) (Volts) (Volts) (Volts)
------- --------------- ---------- --------- --------- ---------
Gi1/3 3.20 4.00 3.70 3.00 2.95
High Alarm High Warn Low Warn Low Alarm
Current Threshold Threshold Threshold Threshold
Port (milliamperes) (mA) (mA) (mA) (mA)
------- ----------------- ---------- --------- --------- ---------
Gi1/3 31.0 84.0 70.0 4.0 2.0
Optical High Alarm High Warn Low Warn Low Alarm
Transmit Power Threshold Threshold Threshold Threshold
Port (dBm) (dBm) (dBm) (dBm) (dBm)
------- ----------------- ---------- --------- --------- ---------
Gi1/3 -0.0 ( -0.0) -0.0 -0.0 -0.0 -0.0
Optical High Alarm High Warn Low Warn Low Alarm
Receive Power Threshold Threshold Threshold Threshold
Port (dBm) (dBm) (dBm) (dBm) (dBm)
------- ----------------- ---------- --------- --------- ---------
Gi1/3 N/A ( -0.0) -- -0.0 -0.0 -0.0 -0.0
show interfaces counters
To display various counters for the switch or for a specific interface, use the show interfaces counters command in Privileged EXEC mode.
show interfaces [ interface-id | vlan vlan-id ] counters [ errors | etherchannel | protocol status | trunk ]
Syntax Description
interface-id |
(Optional) ID of the physical interface, including type, module, and port number. |
vlan vlan-id |
(Optional) ID of the VLAN. |
errors |
(Optional) Displays error counters. |
etherchannel |
(Optional) Displays EtherChannel counters, including octets, broadcast packets, multicast packets, and unicast packets received and sent. |
protocol status |
(Optional) Displays status of protocols enabled on interfaces. |
trunk |
(Optional) Displays trunk counters. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
If you do not enter any keywords, all counters for all interfaces are included.
Note
Though visible in the command-line help string, the vlan vlan-id keyword is not supported.
Examples
This is an example of partial output from the show interfaces counters command. It displays all counters for the switch:
Switch# show interfaces counters
Port InOctets InUcastPkts InMcastPkts InBcastPkts
This is an example of partial output from the show interfaces counters protocol status command for all interfaces:
Switch# show interfaces counters protocol status
FastEthernet1/1: Other, IP, ARP, CDP
FastEthernet1/2: Other, IP
FastEthernet1/3: Other, IP
FastEthernet1/4: Other, IP
FastEthernet1/5: Other, IP
FastEthernet1/6: Other, IP
FastEthernet1/7: Other, IP
FastEthernet1/8: Other, IP
FastEthernet1/9: Other, IP
FastEthernet1/10: Other, IP, CDP
This is an example of output from the show interfaces counters trunk command. It displays trunk counters for all interfaces:
Switch# show interfaces counters trunk
Port TrunkFramesTx TrunkFramesRx WrongEncap
show interfaces rep
To display Resilient Ethernet Protocol (REP) configuration and status for a specified interface or for all interfaces, use the show interfaces rep command in EXEC mode.
show interfaces [ interface-id ] rep [ detail ]
Syntax Description
interface-id |
(Optional) A specified physical interface or port channel ID. |
detail |
(Optional) Displays detailed REP configuration and status information. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
In the output for the show interface rep [ detail ] command, in addition to an Open, Fail, or AP (alternate port) state, the Port Role might show as Fail Logical Open (FailLogOpen) or Fail No Ext Neighbor (FailNoNbr). These states indicate that the port is physically up, but REP is not configured on the neighboring port. In this case, one port goes into a forwarding state for the data path to help maintain connectivity during configuration. The Port Role for this port shows as Fail Logical Open; the port forwards all data traffic on all VLANs. The other failed Port Role shows as Fail No Ext Neighbor; this port blocks traffic for all VLANs.
When the external neighbors for the failed ports are configured, the failed ports go through the alternate port state transitions and eventually go to an Open state or remain as the alternate port, based on the alternate port election mechanism.
In the show interfaces rep command output, ports configured as edge no-neighbors are designated with an asterisk (*) in front of Primary Edge or Secondary Edge. In the output of the show interfaces rep detail command, No-Neighbor is spelled out.
The output of this command is also included in the show tech-support privileged EXEC command output.
Examples
This is sample output from the show interface rep command:
Switch # show interface rep
Interface Seg-id Type LinkOp Role
---------------------- ------ ------------ ----------- ----
GigabitEthernet 1/1 1 Primary Edge TWO_WAY Open
GigabitEthernet 1/2 1 Edge TWO_WAY Open
FastEthernet 1/4 2 INIT_DOWN Fail
This is sample output from the show interface rep command when the edge port is configured to have no REP neighbor. Note the asterisk (*) next to Primary Edge.
Switch# show interface rep
Interface Seg-id Type LinkOp Role
---------------------- ------ -------------- ----------- ----
GigabitEthernet1/1 2 TWO_WAY Open
GigabitEthernet1/2 2 Primary Edge* TWO_WAY Open
This is sample output from the show interface rep command when external neighbors are not configured:
Switch # show interface rep
Interface Seg-id Type LinkOp Role
---------------------- ------ ------------ ----------- ----
GigabitEthernet1/1 1 NO_NEIGHBOR FailNoNbr
GigabitEthernet1/2 2 NO_NEIGHBOR FailLogOpen
This is sample output from the show interface rep detail command for a specified interface:
Switch # show interface gigabitethernet1/2 rep detail
GigabitEthernet1/2 REP enabled
Operational Link Status: INIT_DOWN
Current Key: 00000000000000000000
Preempt Delay Timer: disabled
LSL Ageout Timer: 5000 ms
Configured Load-balancing Block Port: 1234567890123456
Configured Load-balancing Block VLAN: 1-4094
BPA (STCN, LSL) TLV rx: 0, tx: 0
BPA (STCN, HFL) TLV rx: 0, tx: 0
EPA-ELECTION TLV rx: 0, tx: 0
EPA-COMMAND TLV rx: 0, tx: 0
EPA-INFO TLV rx: 0, tx: 0
Related Commands
|
|
rep segment |
Enables REP on an interface and assigns a segment ID. This command is also used to configure a port as an edge port, a primary edge port, or a preferred port. |
show rep topology [ detail ] |
Displays information about all ports in the segment, including which one was configured and selected as the primary edge port. |
show inventory
To display product identification (PID) information for the hardware, use the show inventory command in EXEC mode.
show inventory [ entity-name | raw ]
Syntax Description
entity-name |
(Optional) The specified entity. For example, enter the interface (such as gigabitethernet1/1) into which a small form-factor pluggable (SFP) module is installed. |
raw |
(Optional) Displays every entity in the device. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The command is case sensitive. With no arguments, the show inventory command produces a compact dump of all identifiable entities that have a product identifier. The compact dump displays the entity location (slot identity), entity description, and the unique device identifier (UDI) (PID, VID, and SN) of that entity.
Note
If there is no PID, no output appears when you enter the show inventory command.
Examples
This is example output from the show inventory command:
NAME: ''1'', DESCR: ''IE-3000-4TC''
PID: IE-3000-4TC, VID:, SN: FHK1152UZRW
NAME: ''IE-3000-4TC - Module in slot 1'', DESCR: ''IE-3000-4TC - Module in slot 1''
PID: 800-28491-01, VID: C1151V545FOC11504, SN: S9FOC115040MRFOC11503J7JF
NAME: ''IEM-3000-8TM - Module in slot 2'', DESCR: ''IEM-3000-8TM - Module in slot 2''
PID: 800-28540-01, VID: C1151V332FOC11515, SN: P0FOC11504ML3
NAME: ''IEM-3000-8FM - Module in slot 3'', DESCR: ''IEM-3000-8FM - Module in slot 3''
PID: 800-28543-01, VID: C1151V462FOC11505, SN: GTFOC11505JMPFOC11505JDX
show ip arp inspection
To display the configuration and the operating state of dynamic Address Resolution Protocol (ARP) inspection or the status of this feature for all VLANs or for the specified interface or VLAN, use the show ip arp inspection command in Privileged EXEC mode.
show ip arp inspection [ interfaces [ interface-id ] | log | statistics [ vlan vlan-range ] | vlan vlan-range ]
Syntax Description
interfaces interface-id |
(Optional) Displays the trust state and the rate limit of ARP packets for the specified interface or all interfaces. Valid interfaces include physical ports and port channels. |
log |
(Optional) Displays the configuration and contents of the dynamic ARP inspection log buffer. |
statistics |
(Optional) Displays statistics for forwarded, dropped, MAC validation failure, IP validation failure, access control list (ACL) permitted and denied, and DHCP permitted and denied packets for the specified VLAN. If no VLANs are specified or if a range is specified, displays information only for VLANs with dynamic ARP inspection enabled (active). |
vlan vlan-range |
(Optional) Displays the configuration and the operating state of dynamic ARP inspection for the specified VLAN. If no VLANs are specified or if a range is specified, displays information only for VLANs with dynamic ARP inspection enabled (active). You can specify a single VLAN identified by VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. The range is 1 to 4094. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show ip arp inspection command:
Switch# show ip arp inspection
Source Mac Validation : Disabled
Destination Mac Validation : Disabled
IP Address Validation : Enabled
Vlan Configuration Operation ACL Match Static ACL
---- ------------- --------- --------- ----------
1 Enabled Active deny-all No
Vlan ACL Logging DHCP Logging Probe Logging
---- ----------- ------------ -------------
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ---------
Vlan DHCP Permits ACL Permits Probe Permits Source MAC Failures
---- ------------ ----------- ------------- -------------------
Vlan Dest MAC Failures IP Validation Failures Invalid Protocol Data
---- ----------------- ---------------------- ---------------------
This is an example of output from the show ip arp inspection interfaces command:
Switch# show ip arp inspection interfaces
Interface Trust State Rate (pps) Burst Interval
--------------- ----------- ---------- --------------
This is an example of output from the show ip arp inspection interfaces interface-id command:
Switch# show ip arp inspection interfaces gigabitethernet1/1
Interface Trust State Rate (pps) Burst Interval
--------------- ----------- ---------- --------------
This is an example of output from the show ip arp inspection log command. It shows the contents of the log buffer before the buffers are cleared:
Switch# show ip arp inspection log
Total Log Buffer Size : 32
Syslog rate : 10 entries per 300 seconds.
Interface Vlan Sender MAC Sender IP Num Pkts Reason Time
---------- ---- -------------- --------------- --------- ----------- ----
Gi1/1 5 0003.0000.d673 192.2.10.4 5 DHCP Deny 19:39:01 UTC Mon Mar 1 1993
Gi1/1 5 0001.0000.d774 128.1.9.25 6 DHCP Deny 19:39:02 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1111 10.10.10.1 7 DHCP Deny 19:39:03 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1112 10.10.10.2 8 DHCP Deny 19:39:04 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1114 173.1.1.1 10 DHCP Deny 19:39:06 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1115 173.1.1.2 11 DHCP Deny 19:39:07 UTC Mon Mar 1 1993
Gi1/1 5 0001.c940.1116 173.1.1.3 12 DHCP Deny 19:39:08 UTC Mon Mar 1 1993
If the log buffer overflows, it means that a log event does not fit into the log buffer, and the display for the show ip arp inspection log privileged EXEC command is affected. A -- in the display appears in place of all data except the packet count and the time. No other statistics are provided for the entry. If you see this entry in the display, increase the number of entries in the log buffer, or increase the logging rate in the ip arp inspection log-buffer global configuration command.
This is an example of output from the show ip arp inspection statistics command. It shows the statistics for packets that have been processed by dynamic ARP inspection for all active VLANs:
Switch# show ip arp inspection statistics
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ---------
Vlan DHCP Permits ACL Permits Source MAC Failures
---- ------------ ----------- -------------------
Vlan Dest MAC Failures IP Validation Failures
---- ----------------- ----------------------
For the show ip arp inspection statistics command, the switch increments the number of forwarded packets for each ARP request and response packet on a trusted dynamic ARP inspection port. The switch increments the number of ACL or DHCP permitted packets for each packet that is denied by source MAC, destination MAC, or IP validation checks, and the switch increments the appropriate failure count.
This is an example of output from the show ip arp inspection statistics vlan 5 command. It shows statistics for packets that have been processed by dynamic ARP for VLAN 5:
Switch# show ip arp inspection statistics vlan 5
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ---------
Vlan DHCP Permits ACL Permits Source MAC Failures
---- ------------ ----------- -------------------
Vlan Dest MAC Failures IP Validation Failures Invalid Protocol Data
---- ----------------- ---------------------- ---------------------
This is an example of output from the show ip arp inspection vlan 5 command. It shows the configuration and the operating state of dynamic ARP inspection for VLAN 5:
Switch# show ip arp inspection vlan 5
Source Mac Validation :Enabled
Destination Mac Validation :Enabled
IP Address Validation :Enabled
Vlan Configuration Operation ACL Match Static ACL
---- ------------- --------- --------- ----------
5 Enabled Active second No
Vlan ACL Logging DHCP Logging
---- ----------- ------------
show ip dhcp snooping
To display the DHCP snooping configuration, use the show ip dhcp snooping command in EXEC mode.
show ip dhcp snooping
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
This command displays only the results of global configuration. Therefore, in this example, the circuit ID suboption appears in its default format of vlan - mod - port, even if a string is configured for the circuit ID.
Examples
This is an example of output from the show ip dhcp snooping command:
Switch> show ip dhcp snooping
Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
Insertion of option 82 is enabled
circuit-id format: vlan-mod-port
Option 82 on untrusted port is allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
------------------------ ------- ----------------
GigabitEthernet1/1 yes unlimited
GigabitEthernet1/2 yes unlimited
show ip dhcp snooping binding
To display the DHCP snooping binding database and configuration information for all interfaces on a switch, use the show ip dhcp snooping binding command in EXEC mode.
show ip dhcp snooping binding [ ip-address ] [ mac-address ] [ interface interface-id ] [ vlan vlan-id ]
Syntax Description
ip-address |
(Optional) The binding entry IP address. |
mac-address |
(Optional) The binding entry MAC address. |
interface interface-id |
(Optional) The binding input interface. |
vlan vlan-id |
(Optional) The binding entry VLAN. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The show ip dhcp snooping binding command output shows only the dynamically configured bindings. Use the show ip source binding privileged EXEC command to display the dynamically and statically configured bindings in the DHCP snooping binding database.
If DHCP snooping is enabled and an interface changes to the down state, the switch does not delete the statically configured bindings.
Examples
This example shows how to display the DHCP snooping binding entries for a switch:
Switch> show ip dhcp snooping binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
01:02:03:04:05:06 10.1.2.150 9837 dhcp-snooping 20 GigabitEthernet1/1
00:D0:B7:1B:35:DE 10.1.2.151 237 dhcp-snooping 20 GigabitEthernet1/2
Total number of bindings: 2
This example shows how to display the DHCP snooping binding entries for a specific IP address:
Switch> show ip dhcp snooping binding 10.1.2.150
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
01:02:03:04:05:06 10.1.2.150 9810 dhcp-snooping 20 GigabitEthernet1/1
Total number of bindings: 1
This example shows how to display the DHCP snooping binding entries for a specific MAC address:
Switch> show ip dhcp snooping binding 0102.0304.0506
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
01:02:03:04:05:06 10.1.2.150 9788 dhcp-snooping 20 GigabitEthernet1/2
Total number of bindings: 1
This example shows how to display the DHCP snooping binding entries on a port:
Switch> show ip dhcp snooping binding interface gigabitethernet1/2
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
00:30:94:C2:EF:35 10.1.2.151 290 dhcp-snooping 20 GigabitEthernet1/2
Total number of bindings: 1
This example shows how to display the DHCP snooping binding entries on VLAN 20:
Switch> show ip dhcp snooping binding vlan 20
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
01:02:03:04:05:06 10.1.2.150 9747 dhcp-snooping 20 GigabitEthernet1/1
00:00:00:00:00:02 10.1.2.151 65 dhcp-snooping 20 GigabitEthernet1/2
Total number of bindings: 2
Table 0-9 describes the fields in the show ip dhcp snooping binding command output.
Table 0-9 show ip dhcp snooping binding Command Output
|
|
MacAddress |
Client hardware MAC address. |
IpAddress |
Client IP address assigned from the DHCP server. |
Lease(sec) |
Remaining lease time for the IP address. |
Type |
Binding type. |
VLAN |
VLAN number of the client interface. |
Interface |
Interface that connects to the DHCP client host. |
Total number of bindings |
Total number of bindings configured on the switch. Note The command output might not show the total number of bindings. For example, if 200 bindings are configured on the switch and you stop the display before all the bindings appear, the total number does not change. |
show ip dhcp snooping database
To display the status of the DHCP snooping binding database agent, use the show ip dhcp snooping database command in EXEC mode.
show ip dhcp snooping database [ detail ]
Syntax Description
detail |
(Optional) Displays detailed status and statistics information. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show ip dhcp snooping database command:
Switch> show ip dhcp snooping database
Write delay Timer : 300 seconds
Abort Timer : 300 seconds
Delay Timer Expiry : Not Running
Abort Timer Expiry : Not Running
Last Succeded Time : None
Last Failed Reason : No failure recorded.
Total Attempts : 0 Startup Failures : 0
Successful Transfers : 0 Failed Transfers : 0
Successful Reads : 0 Failed Reads : 0
Successful Writes : 0 Failed Writes : 0
This is an example of output from the show ip dhcp snooping database detail command:
Switch# show ip dhcp snooping database detail
Agent URL : tftp://10.1.1.1/directory/file
Write delay Timer : 300 seconds
Abort Timer : 300 seconds
Delay Timer Expiry : 7 (00:00:07)
Abort Timer Expiry : Not Running
Last Succeded Time : None
Last Failed Time : 17:14:25 UTC Sat Jul 7 2001
Last Failed Reason : Unable to access URL.
Total Attempts : 21 Startup Failures : 0
Successful Transfers : 0 Failed Transfers : 21
Successful Reads : 0 Failed Reads : 0
Successful Writes : 0 Failed Writes : 21
First successful access: Read
Last ignored bindings counters :
Binding Collisions : 0 Expired leases : 0
Invalid interfaces : 0 Unsupported vlans : 0
Total ignored bindings counters:
Binding Collisions : 0 Expired leases : 0
Invalid interfaces : 0 Unsupported vlans : 0
show ip dhcp snooping statistics
To display DHCP snooping statistics in summary or detail form, use the show ip dhcp snooping statistics command in EXEC mode.
show ip dhcp snooping statistics [ detail ]
Syntax Description
detail |
(Optional) Displays detailed statistics information. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
In a switch stack, all statistics are generated on the stack master. If a new stack master is elected, the statistics counters reset.
Examples
This is an example of output from the show ip dhcp snooping statistics command:
Switch> show ip dhcp snooping statistics
Packets Dropped From untrusted ports = 0
This is an example of output from the show ip dhcp snooping statistics detail command:
Switch> show ip dhcp snooping statistics detail
Packets Processed by DHCP Snooping = 0
Interface is in errdisabled = 0
Received on untrusted ports = 0
Source mac not equal to chaddr = 0
Insertion of opt82 fail = 0
Unknown output interface = 0
Reply output port equal to input port = 0
Packet denied by platform = 0
Table 0-10 shows the DHCP snooping statistics and their descriptions:
Table 0-10 DHCP Snooping Statistics
|
|
Packets Processed by DHCP Snooping |
Total number of packets handled by DHCP snooping, including forwarded and dropped packets. |
Packets Dropped Because IDB not known |
Number of errors when the input interface of the packet cannot be determined. |
Queue full |
Number of errors when an internal queue used to process the packets is full. This might happen if DHCP packets are received at an excessively high rate and rate limiting is not enabled on the ingress ports. |
Interface is in errdisabled |
Number of times a packet was received on a port that has been marked as error disabled. This might happen if packets are in the processing queue when a port is put into the error-disabled state and those packets are subsequently processed. |
Rate limit exceeded |
Number of times the rate limit configured on the port was exceeded and the interface was put into the error-disabled state. |
Received on untrusted ports |
Number of times a DHCP server packet (OFFER, ACK, NAK, or LEASEQUERY) was received on an untrusted port and was dropped. |
Nonzero giaddr |
Number of times the relay agent address field (giaddr) in the DHCP packet received on an untrusted port was not zero, or the no ip dhcp snooping information option allow-untrusted global configuration command is not configured and a packet received on an untrusted port contained option-82 data. |
Source mac not equal to chaddr |
Number of times the client MAC address field of the DHCP packet (chaddr) does not match the packet source MAC address and the ip dhcp snooping verify mac-address global configuration command is configured. |
Binding mismatch |
Number of times a RELEASE or DECLINE packet was received on a port that is different than the port in the binding for that MAC address-VLAN pair. This indicates someone might be trying to spoof the real client, or it could mean that the client has moved to another port on the switch and issued a RELEASE or DECLINE. The MAC address is taken from the chaddr field of the DHCP packet, not the source MAC address in the Ethernet header. |
Insertion of opt82 fail |
Number of times the option-82 insertion into a packet failed. The insertion might fail if the packet with the option-82 data exceeds the size of a single physical packet on the internet. |
Interface Down |
Number of times the packet is a reply to the DHCP relay agent, but the SVI interface for the relay agent is down. This is an unlikely error that occurs if the SVI goes down between sending the client request to the DHCP server and receiving the response. |
Unknown output interface |
Number of times the output interface for a DHCP reply packet cannot be determined by either option-82 data or a lookup in the MAC address table. The packet is dropped. This can happen if option 82 is not used and the client MAC address has aged out. If IPSG is enabled with the port-security option and option 82 is not enabled, the MAC address of the client is not learned, and the reply packets will be dropped. |
Reply output port equal to input port |
Number of times the output port for a DHCP reply packet is the same as the input port, causing a possible loop. Indicates a possible network misconfiguration or misuse of trust settings on ports. |
Packet denied by platform |
Number of times the packet has been denied by a platform-specific registry. |
Related Commands
|
|
clear ip dhcp snooping |
Clears the DHCP snooping binding database, the DHCP snooping binding database agent statistics, or the DHCP snooping statistics counters. |
show ip igmp profile
To display all configured Internet Group Management Protocol (IGMP) profiles or a specified IGMP profile, use the show ip igmp profile command in Privileged EXEC mode.
show ip igmp profile [ profile number ]
Syntax Description
profile number |
(Optional) The IGMP profile number to be displayed. The range is 1 to 4294967295. If no profile number is entered, all IGMP profiles are displayed. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
These are examples of output from the show ip igmp profile privileged EXEC command, with and without specifying a profile number. If no profile number is entered, the display includes all profiles configured on the switch.
Switch# show ip igmp profile 40
range 233.1.1.1 233.255.255.255
Switch# show ip igmp profile
range 230.9.9.0 230.9.9.0
range 229.9.9.0 229.255.255.255
show ip igmp snooping
To display the Internet Group Management Protocol (IGMP) snooping configuration of the switch or the VLAN, use the show ip igmp snooping EXEC command.
show ip igmp snooping [ groups | mrouter | querier ] [ vlan vlan-id ]
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use this command to display snooping configuration for the switch or for a specific VLAN.
VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping.
Examples
This is an example of output from the show ip igmp snooping vlan 1 command. It shows snooping characteristics for a specific VLAN.
Switch# show ip igmp snooping vlan 1
Global IGMP Snooping configuration:
-----------------------------------
IGMPv3 snooping (minimal) :Enabled
Report suppression :Enabled
TCN solicit query :Disabled
Last member query interval : 100
Immediate leave :Disabled
Multicast router learning mode :pim-dvmrp
Source only learning age timer :10
CGMP interoperability mode :IGMP_ONLY
Last member query interval : 100
This is an example of output from the show ip igmp snooping command. It displays snooping characteristics for all VLANs on the switch.
Switch> show ip igmp snooping
Global IGMP Snooping configuration:
-----------------------------------
IGMPv3 snooping (minimal) : Enabled
Report suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Last member query interval : 100
Immediate leave :Disabled
Multicast router learning mode :pim-dvmrp
Source only learning age timer :10
CGMP interoperability mode :IGMP_ONLY
Last member query interval : 100
Immediate leave :Disabled
Multicast router learning mode :pim-dvmrp
Source only learning age timer :10
CGMP interoperability mode :IGMP_ONLY
Last member query interval : 333
show ip igmp snooping groups
To display the Internet Group Management Protocol (IGMP) snooping multicast table for the switch or the multicast information, use the show ip igmp snooping groups command in Privileged EXEC mode. Use with the vlan keyword to display the multicast table for a specified multicast VLAN or specific multicast information.
show ip igmp snooping groups [ vlan vlan-id [ ip_address ] | dynamic | user ] [ count ]
Syntax Description
vlan vlan-id |
(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094. |
ip_address |
(Optional) The specified group IP address. |
dynamic |
(Optional) Displays entries learned by IGMP snooping. |
user |
Optional) Displays only the user-configured multicast entries. |
count |
(Optional) Displays the total number of entries for the specified command options instead of the actual entries. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use this command to display multicast information or the multicast table.
VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping.
Examples
This is an example of output from the show ip igmp snooping groups command without any keywords. It displays the multicast table for the switch.
Switch# show ip igmp snooping groups
Vlan Group Type Version Port List
-------------------------------------------------------------
104 224.1.4.2 igmp v2 Gi1/1, Gi1/2
104 224.1.4.3 igmp v2 Gi1/1, Gi1/2
This is an example of output from the show ip igmp snooping groups count command. It displays the total number of multicast groups on the switch.
Switch# show ip igmp snooping groups count
Total number of multicast groups: 2
This is an example of output from the show ip igmp snooping groups dynamic command. It shows only the entries learned by IGMP snooping.
Switch# show ip igmp snooping groups vlan 1 dynamic
Vlan Group Type Version Port List
-------------------------------------------------------------
104 224.1.4.2 igmp v2 Gi1/1, Fa1/8
104 224.1.4.3 igmp v2 Gi1/1, Fa1/8
This is an example of output from the show ip igmp snooping groups vlan vlan-id ip-address command. It shows the entries for the group with the specified IP address.
Switch# show ip igmp snooping groups vlan 104 224.1.4.2
Vlan Group Type Version Port List
-------------------------------------------------------------
104 224.1.4.2 igmp v2 Gi1/1, Fa1/8
show ip igmp snooping mrouter
To display the Internet Group Management Protocol (IGMP) snooping dynamically learned and manually configured multicast router ports for the switch or for the specified multicast VLAN, use the show ip igmp snooping mrouter command in Privileged EXEC mode.
show ip igmp snooping mrouter [ vlan vlan-id ]
Syntax Description
vlan vlan-id |
(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use this command to display multicast router ports on the switch or for a specific VLAN.
VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping.
When multicast VLAN registration (MVR) is enabled, the show ip igmp snooping mrouter command displays MVR multicast router information and IGMP snooping information.
Examples
This is an example of output from the show ip igmp snooping mrouter command. It shows how to display multicast router ports on the switch.
Switch# show ip igmp snooping mrouter
show ip igmp snooping querier
To display the configuration and operation information for the IGMP querier configured on a switch, use the show ip igmp snooping querier detail command in EXEC mode.
show ip igmp snooping querier [ detail | vlan vlan-id [ detail ]]
Syntax Description
detail |
(Optional) Displays detailed IGMP querier information. |
vlan vlan-id detail |
(Optional) Displays IGMP querier information for the specified VLAN. The range is 1 to 1001 and 1006 to 4094. Use the detail keyword to display detailed information. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use the show ip igmp snooping querier command to display the IGMP version and the IP address of a detected device, also called a querier , t hat sends IGMP query messages. A subnet can have multiple multicast routers but has only one IGMP querier. In a subnet running IGMPv2, one of the multicast routers is elected as the querier. The querier can be a Layer 3 switch.
The show ip igmp snooping querier command output also shows the VLAN and the interface on which the querier was detected. If the querier is the switch, the output shows the Port field as Router. If the querier is a router, the output shows the port number on which the querier is learned in the Port field.
The show ip igmp snooping querier detail EXEC command is similar to the show ip igmp snooping querier command. However, the show ip igmp snooping querier command displays only the device IP address most recently detected by the switch querier.
The show ip igmp snooping querier detail command di splays the device IP address most recently detected by the switch querier and this additional information:
- The elected IGMP querier in the VLAN
- The configuration and operational information pertaining to the switch querier (if any) that is configured in the VLAN
Examples
This is an example of output from the show ip igmp snooping querier command:
Switch> show ip igmp snooping querier
Vlan IP Address IGMP Version Port
---------------------------------------------------
This is an example of output from the show ip igmp snooping querier detail command:
Switch> show ip igmp snooping querier detail
Vlan IP Address IGMP Version Port
-------------------------------------------------------------
Global IGMP switch querier status
--------------------------------------------------------
source IP address : 0.0.0.0
query-interval (sec) : 60
max-response-time (sec) : 10
querier-timeout (sec) : 120
tcn query interval (sec) : 10
Vlan 1: IGMP switch querier status
--------------------------------------------------------
elected querier is 1.1.1.1 on port Fa1/1
--------------------------------------------------------
source IP address : 10.1.1.65
query-interval (sec) : 60
max-response-time (sec) : 10
querier-timeout (sec) : 120
tcn query interval (sec) : 10
operational state : Non-Querier
tcn query pending count : 0
show ip source binding
To display the IP source bindings on the switch, use the show ip source binding command in EXEC mode.
show ip source binding [ ip-address ] [ mac-address ] [ dhcp-snooping | static ] [ interface interface-id ] [ vlan vlan-id ]
Syntax Description
ip-address |
(Optional) IP source bindings for a specific IP address. |
mac-address |
(Optional) IP source bindings for a specific MAC address. |
dhcp-snooping |
(Optional) Displays IP source bindings that were learned by DHCP snooping. |
static |
(Optional) Displays static IP source bindings. |
interface interface-id |
(Optional) Displays IP source bindings on a specific interface. |
vlan vlan-id |
(Optional) Displays IP source bindings on a specific VLAN. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
The show ip source binding command output shows the dynamically and statically configured bindings in the DHCP snooping binding database. Use the show ip dhcp snooping binding privileged EXEC command to display only the dynamically configured bindings.
Examples
This is an example of output from the show ip source binding command:
Switch> show ip source binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
-------------- --------------- ---------- ------------- ---- --------------------
00:00:00:0A:00:0B 11.0.0.1 infinite static 10 GigabitEthernet1/1
00:00:00:0A:00:0A 11.0.0.2 10000 dhcp-snooping 10 GigabitEthernet1/1
show ip verify source
To display the IP source guard configuration on the switch or on a specific interface, use the show ip verify source command in EXEC mode.
show ip verify source [ interface interface-id ]
Syntax Description
interface interface-id |
(Optional) Displays IP source guard configuration on a specific interface. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show ip verify source command:
Switch> show ip verify source
Interface Filter-type Filter-mode IP-address Mac-address Vlan
--------- ----------- ----------- --------------- -------------- ---------
gi1/1 ip active 10.0.0.1 10
gi1/1 ip active deny-all 11-20
gi1/2 ip inactive-trust-port
gi1/3 ip inactive-no-snooping-vlan
gi1/4 ip-mac active 10.0.0.2 aaaa.bbbb.cccc 10
gi1/4 ip-mac active 11.0.0.1 aaaa.bbbb.cccd 11
gi1/4 ip-mac active deny-all deny-all 12-20
gi1/5 ip-mac active 10.0.0.3 permit-all 10
gi1/5 ip-mac active deny-all permit-all 11-20
In the previous example, this is the IP source guard configuration:
- On the Gigabit Ethernet 1 interface, DHCP snooping is enabled on VLANs 10 to 20. For VLAN 10, IP source guard with IP address filtering is configured on the interface, and a binding exists on the interface. For VLANs 11 to 20, the second entry shows that a default port access control lists (ACLs) is applied on the interface for the VLANs on which IP source guard is not configured.
- The Gigabit Ethernet 2 interface is configured as trusted for DHCP snooping.
- On the Gigabit Ethernet 3 interface, DHCP snooping is not enabled on the VLANs to which the interface belongs.
- On the Gigabit Ethernet 4 interface, IP source guard with source IP and MAC address filtering is enabled, and static IP source bindings are configured on VLANs 10 and 11. For VLANs 12 to 20, the default port ACL is applied on the interface for the VLANs on which IP source guard is not configured.
- On the Gigabit Ethernet 5 interface, IP source guard with source IP and MAC address filtering is enabled and configured with a static IP binding, but port security is disabled. The switch cannot filter source MAC addresses.
This is an example of output on an interface on which IP source guard is disabled:
Switch> show ip verify source gigabitethernet 1/6
IP source guard is not configured on the interface gi1/16.
show ipc
To display Interprocess Communications Protocol (IPC) configuration, status, and statistics, use the show ipc command in EXEC mode.
show ipc { hog-info | mcast { appclass | groups | status } | nodes | ports [ open ] | queue | rpc | session { all | rx | tx } [ verbose ] | status [ cumlulative ] | zones }
Syntax Description
hog-info |
Displays the IPC message consumed excessive CPU. |
mcast appclass | groups | status |
Displays the IPC multicast routing information. The keywords have these meanings:
- appclass —Displays the IPC multicast application classes.
- groups —Displays the IPC multicast groups.
- status —Displays the IPC multicast routing status.
|
nodes |
Displays participating nodes. |
ports open |
Displays local IPC ports. The keyword has this meaning:
- open —(Optional) Displays only the open ports.
|
queue |
Displays the contents of the IPC transmission queue. |
rpc |
Displays the IPC remote-procedure statistics. |
session all | rx | tx |
Displays the IPC session statistics (available only in privileged EXEC mode). The keywords have these meanings:
- all —Displays all the session statistics.
- rx —Displays the sessions statistics for traffic that the switch receives
- tx —Displays the sessions statistics for traffic that the switch forwards.
|
verbose |
(Optional) Displays detailed statistics (available only in privileged EXEC mode). |
status cumlulative |
Displays the status of the local IPC server. The keyword has this meaning:
- cumlulative — ( Optional) Displays the status of the local IPC server since the switch was started or restarted.
|
zones |
Displays the participating IPC zones. The switch supports a single IPC zone. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
This command is available only when the switch is running the IP services image.
Examples
This example shows how to display the IPC routing status:
Switch> show ipc mcast status
Total control Frames dropped 0 0
Total Reliable messages 0 0
Total Reliable messages acknowledged 0 0
Total Out of Band Messages 0 0
Total Out of Band messages acknowledged 0 0
Total No Mcast groups 0 0
Total Retries 0 Total Timeouts 0
Total OOB Retries 0 Total OOB Timeouts 0
Total flushes 0 Total No ports 0
This example shows how to display the participating nodes:
There is 1 node in this IPC realm.
10000 Local IPC Master 0 0
This example shows how to display the local IPC ports:
There are 8 ports defined.
Port ID Type Name (current/peak/total)
There are 8 ports defined.
10000.1 unicast IPC Master:Zone
10000.2 unicast IPC Master:Echo
10000.3 unicast IPC Master:Control
10000.4 unicast IPC Master:Init
10000.5 unicast FIB Master:DFS.process_level.msgs
10000.6 unicast FIB Master:DFS.interrupt.msgs
10000.7 unicast MDFS RP:Statistics
port_index = 0 seat_id = 0x10000 last sent = 0 last heard = 0
10000.8 unicast Slot 1 :MDFS.control.RIL
port_index = 0 seat_id = 0x10000 last sent = 0 last heard = 0
RPC packets:current/peak/total
This example shows how to display the contents of the IPC retransmission queue:
There are 0 IPC messages waiting for acknowledgement in the transmit queue.
There are 0 IPC messages waiting for a response.
There are 0 IPC messages waiting for additional fragments.
There are 0 IPC messages currently on the IPC inboundQ.
Messages currently in use : 3
Message cache size : 1000
Maximum message cache usage : 1000
0 times message cache crossed 5000 [max]
Emergency messages currently in use : 0
There are 2 messages currently reserved for reply msg.
Inbound message queue depth 0
Zone inbound message queue depth 0
This example shows how to display all the IPC session statistics:
Switch# show ipc session all
10000.7 Unicast MDFS RP:Statistics
port_index = 0 type = Unreliable last sent = 0 last heard = 0
Msgs requested = 180 Msgs returned = 180
10000.8 Unicast Slot 1 :MDFS.control.RIL
port_index = 0 type = Reliable last sent = 0 last heard = 0
Msgs requested = 0 Msgs returned = 0
10000.7 Unicast MDFS RP:Statistics
port_index = 0 seat_id = 0x10000 last sent = 0 last heard = 0
No of msgs requested = 180 Msgs returned = 180
10000.8 Unicast Slot 1 :MDFS.control.RIL
port_index = 0 seat_id = 0x10000 last sent = 0 last heard = 0
No of msgs requested = 0 Msgs returned = 0
This example shows how to display the status of the local IPC server:
Switch> show ipc status cumulative
Time last IPC stat cleared :never
This processor is the IPC master server.
Do not drop output of IPC frames for test purposes.
1000 IPC Message Headers Cached.
Total from Local Ports 13080 574
Total Protocol Control Frames 116 17
Total via Unreliable Connection-Less Service 12783 171
Total via Unreliable Sequenced Connection-Less Svc 0 0
Total via Reliable Connection-Oriented Service 17 116
Related Commands
|
|
clear ipc |
Clears the IPC multicast routing statistics. |
show ipv6 dhcp conflict
To display address conflicts found by a Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server when addresses are offered to the client, use the show ipv6 dhcp conflict command in Privileged EXEC mode.
show ipv6 dhcp conflict
Note
This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch and the switch is running the IP services image.
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command, and reload the switch.
When you configure the DHCPv6 server to detect conflicts, it uses ping. The client uses neighbor discovery to detect clients and reports to the server through a DECLINE message. If an address conflict is detected, the address is removed from the pool, and the address is not assigned until the administrator removes the address from the conflict list.
Examples
This is an example of the output from the show ipv6 dhcp conflict command:
Switch# show ipv6 dhcp conflict
Pool 350, prefix 2001:1005::/48
show ipv6 mld snooping
To display IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping configuration of the switch or the VLAN, use the show ipv6 mld snooping command in EXEC mode.
show ipv6 mld snooping [ vlan vlan-id ]
Syntax Description
vlan vlan-id |
(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use this command to display MLD snooping configuration for the switch or for a specific VLAN.
VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.
To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.
Note
This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
Examples
This is an example of output from the show ipv6 mld snooping vlan command. It shows snooping characteristics for a specific VLAN.
Switch> show ipv6 mld snooping vlan 100
Global MLD Snooping configuration:
-------------------------------------------
MLDv2 snooping (minimal) : Enabled
Listener message suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Last listener query count : 2
Last listener query interval : 1000
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Last listener query count : 2
Last listener query interval : 1000
This is an example of output from the show ipv6 mld snooping command. It displays snooping characteristics for all VLANs on the switch.
Switch
>
show ipv6 mld snooping
Global MLD Snooping configuration:
-------------------------------------------
MLDv2 snooping (minimal) : Enabled
Listener message suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Last listener query count : 2
Last listener query interval : 1000
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Last listener query count : 2
Last listener query interval : 1000
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Last listener query count : 2
Last listener query interval : 1000
Related Commands
|
|
ipv6 mld snooping |
Enables and configures MLD snooping on the switch or on a VLAN. |
sdm prefer |
Configures an SDM template to optimize system resources based on how the switch is being used. |
show ipv6 mld snooping address
To display all or specified IP version 6 (IPv6) multicast address information maintained by Multicast Listener Discovery (MLD) snooping, use the show ipv6 mld snooping address command in EXEC mode.
show ipv6 mld snooping address [[ vlan vlan-id ] [ ipv6 multicast-address ]] [ vlan vlan-id ] [ count | dynamic | user ]
Syntax Description
vlan vlan-id |
(Optional) Specifies a VLAN about which to show MLD snooping multicast address information. The VLAN ID range is 1 to 1001 and 1006 to 4094. |
ipv6-multicast-address |
(Optional) Displays information about the specified IPv6 multicast address. This keyword is only available when a VLAN ID is entered. |
count |
(Optional) Displays the number of multicast groups on the switch or in the specified VLAN. |
dynamic |
(Optional) Displays MLD snooping learned group information. |
user |
(Optional) Displays MLD snooping user-configured group information. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use this command to display IPv6 multicast address information.
You can enter an IPv6 multicast address only after you enter a VLAN ID.
VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.
Use the dynamic keyword to display information only about groups that are learned. Use the user keyword to display information only about groups that have been configured.
To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.
Note
This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
Examples
This is an example of output from the show ipv6 mld snooping address EXEC command:
Switch> show ipv6 mld snooping address
Vlan Group Type Version Port List
-------------------------------------------------------------
2 FF12::3 user Fa1/2, Gi1/2, Gi1/1,Gi1/3
This is an example of output from the show ipv6 mld snooping address count EXEC command:
Switch> show ipv6 mld snooping address count
Total number of multicast groups: 2
This is an example of output from the show ipv6 mld snooping address User command:
Switch> show ipv6 mld snooping address user
Vlan Group Type Version Port List
-------------------------------------------------------------
2 FF12::3 user v2 Fa1/2, Gi1/2, Gi1/1,Gi1/3
Related Commands
|
|
ipv6 mld snooping vlan |
Configures IPv6 MLD snooping on a VLAN. |
sdm prefer |
Configures an SDM template to optimize system resources based on how the switch is being used. |
show ipv6 mld snooping mrouter
To display dynamically learned and manually configured IP version 6 (IPv6) Multicast Listener Discovery (MLD) router ports for the switch or a VLAN, use the show ipv6 mld snooping mrouter command in EXEC mode.
show ipv6 mld snooping mrouter [ vlan vlan-id ]
Syntax Description
vlan vlan-id |
(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use this command to display MLD snooping router ports for the switch or for a specific VLAN.
VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.
To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.
Note
This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
Examples
This is an example of output from the show ipv6 mld snooping mrouter command. It displays snooping characteristics for all VLANs on the switch that are participating in MLD snooping.
Switch> show ipv6 mld snooping mrouter
This is an example of output from the show ipv6 mld snooping mrouter vlan command. It shows multicast router ports for a specific VLAN.
Switch> show ipv6 mld snooping mrouter vlan 100
Related Commands
|
|
ipv6 mld snooping |
Enables and configures MLD snooping on the switch or on a VLAN. |
ipv6 mld snooping vlan mrouter interface interface-id | static ipv6-multicast-address interface interface-id ] |
Configures multicast router ports for a VLAN. |
sdm prefer |
Configures an SDM template to optimize system resources based on how the switch is being used. |
show ipv6 mld snooping querier
To display IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping querier-related information most recently received by the switch or the VLAN, use the show ipv6 mld snooping querier command in EXEC mode.
show ipv6 mld snooping querier [ vlan vlan-id ] [ detail ]
Note
This command is available only if you have configured a dual IPv4 and IPv6 Switch Database Management (SDM) template on the switch.
Syntax Description
vlan vlan-id |
(Optional) Specifies a VLAN; the range is 1 to 1001 and 1006 to 4094. |
detail |
(Optional) Displays MLD snooping detailed querier information for the switch or for the VLAN. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use the show ipv6 mld snooping querier command to display the MLD version and IPv6 address of a detected device that sends MLD query messages, which is also called a querier. A subnet can have multiple multicast routers but has only one MLD querier. The querier can be a Layer 3 switch.
The show ipv6 mld snooping querier command output also shows the VLAN and interface on which the querier was detected. If the querier is the switch, the output shows the Port field as Router. If the querier is a router, the output shows the port number on which the querier is learned in the Port field.
The output of the show ipv6 mld snoop querier vlan command displays the information received in response to a query message from an external or internal querier. It does not display user-configured VLAN values, such as the snooping robustness variable on the particular VLAN. This querier information is used only on the MASQ message that is sent by the switch. It does not override the user-configured robustness variable that is used for aging out a member that does not respond to query messages.
VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.
To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show ipv6 mld snooping querier command:
Switch> show ipv6 mld snooping querier
Vlan IP Address MLD Version Port
-------------------------------------------------------------
2 FE80::201:C9FF:FE40:6000 v1 Gi1/1
This is an example of output from the show ipv6 mld snooping querier detail command:
Switch> show ipv6 mld snooping querier detail
Vlan IP Address MLD Version Port
-------------------------------------------------------------
2 FE80::201:C9FF:FE40:6000 v1 Gi1/1
This is an example of output from the show ipv6 mld snooping querier vlan command:
Switch> show ipv6 mld snooping querier vlan 2
IP address : FE80::201:C9FF:FE40:6000
Max response time : 1000s
show ipv6 route updated
To display the current contents of the IPv6 routing table, use the show ipv6 route updated command in EXEC command.
show ipv6 route updated [ boot-up ]{ hh:mm | day { month [ hh:mm ]} [{ hh:mm | day { month [ hh:mm ]}]
Syntax Description
boot-up |
(Optional) Displays the current contents of the IPv6 routing table. |
hh:mm |
The time entered as a 2-digit number for a 24-hour clock. Make sure to use the colons (:). For example, enter 13:32 |
day |
The day of the month. The range is from 1 to 31. |
month |
The month entered in uppercase or lowercase letters. You can enter the full name of the month, such as January or august, or the first three letters of the month, such as jan or Aug. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use the show ipv6 route privileged EXEC command to display the current contents of the IPv6 routing table.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show ipv6 route updated rip command:
Switch> show ipv6 route rip updated
IPv6 Routing Table - 12 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, I1 - ISIS L1, I2 - ISIS L2
IA - ISIS interarea, IS - ISIS summary
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
via FE80::A8BB:CCFF:FE00:8D01, GigabitEthernet1/1
Last updated 10:31:10 27 February 2007
via FE80::A8BB:CCFF:FE00:9001, GigabitEthernet1/2
Last updated 17:23:05 22 February 2007
via FE80::A8BB:CCFF:FE00:9001, GigabitEthernet1/3
Last updated 17:23:05 22 February 2007
via FE80::A8BB:CCFF:FE00:9001, GigabitEthernet1/4
Last updated 17:23:05 22 February 2007
via FE80::A8BB:CCFF:FE00:9001, GigabitEthernet1/5
Last updated 17:23:05 22 February 2007
Related Commands
|
|
show ipv6 route |
Displays the current contents of the IPv6 routing table. For syntax information, see the Cisco IOS Software Command Reference, Release 15.0. |
show l2nat instance
To show the configuration details for an Layer 2 NAT instance, enter the show l2nat instance command in EXEC mode.
show l2nat instance [ instance_name ]
Syntax Description
instance_name |
(Optional) The Layer 2 NAT instance that you want to display. If this parameter is omitted, all Layer 2 NAT instances are displayed. |
Command Modes
EXEC
Command History
|
|
15.0(2)EB |
This command was introduced. |
Examples
This example shows how to display the configuration details of all Layer 2 NAT instances.
Switch# show l2nat instance
inside from host 10.10.20.5 to 10.10.30.5
inside from host 10.10.11.1 to 10.10.12.1
inside from host 10.10.10.1 to 20.20.20.1
Related Commands
|
|
inside from |
Translates inside addresses to outside addresses by using Layer 2 NAT. |
l2nat |
Applies an Layer 2 NAT instance to one or all VLANs on a selected interface. |
l2nat instance |
Creates an Layer 2 NAT instance or enters the submode for the specified Layer 2 NAT instance. |
outside from |
Translates outside addresses to inside addresses by using Layer 2 NAT. |
show l2nat interface |
Displays the configuration details for Layer 2 NAT instances on one or more interfaces. |
show l2nat statistics |
Displays the Layer 2 NAT statistics for all interfaces. |
show l2nat statistics interface |
Displays the Layer 2 NAT statistics for a specified interface. |
show l2nat interface
To display the configuration details for an Layer 2 NAT instance on a particular interface and/or VLAN, use the show l2nat interface command in EXEC mode. If you do not specify an interface or a VLAN, all are included.
show l2nat interface [ int ] [ vlan ]
Syntax Description
int |
(Optional) The interface. If this parameter is omitted, all interfaces are included. |
vlan |
(Optional) The VLAN ID. Include this parameter only if an interface is specified. If this parameter is omitted, all VLANs are included. |
Command Modes
EXEC
Command History
|
|
15.0(2)EB |
This command was introduced. |
Examples
This example shows how to display the configuration details of all Layer 2 NAT instances on all interfaces.
Switch# show l2nat interface
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/2
=======================================================================
INSTANCE ATTACHED TO VLAN 24
inside from host 10.10.11.1 to 10.10.12.1
=======================================================================
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/1
=======================================================================
INSTANCE ATTACHED TO VLAN 11
inside from host 10.10.11.1 to 10.10.12.1
=======================================================================
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/1
=======================================================================
INSTANCE ATTACHED TO VLAN 6
inside from host 10.10.20.6 to 10.10.30.6
This example shows how to display the configuration details of the Layer 2 NAT instance on interface Gi1/1, VLAN 10.
Switch# show l2nat interface Gi1/1 10
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/1
=======================================================================
INSTANCE ATTACHED TO VLAN 10
inside from host 10.10.11.1 to 10.10.12.1
=======================================================================
FOLLOWING INSTANCES ARE ATTACHED TO INTERFACE Gi1/1
=======================================================================
=======================================================================
show l2nat statistics
To show statistics for all Layer 2 NAT instances, use the show l2nat statistics command in EXEC mode.
show l2nat statistics
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Usage Guidelines
For each Layer 2 NAT instance, the statistics include the number of bypassed, discarded, and translated packets; the number of fixups for ARP, ICMP, NSMP, and Profinet; and the number of IGMP, multicast, unmatched, and unicast packets. There are also global statistics for all of the above.
Additional statistics include the number of active translations in the past 90 seconds, the total translations, and the total instances that are attached to interfaces.
Command History
|
|
15.0(2)EB |
This command was introduced. |
Examples
This example shows how to display all l2nat statistics.
Switch# show l2nat statistics
STATS FOR INSTANCE: NewInstance1 (IN PACKETS)
TRANSLATED STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN BYPASSED DISCARDED TRANSLATED TOTAL PACKETS
Gi1/1 EGRESS 10 0 153 127305106 127305259
Gi1/1 INGRESS 10 0 0 127305104 127305105
-------------------------------------------------------------------------------
PROTOCOL FIXUP STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN ARP ICMP SNMP PROFINET
-------------------------------------------------------------------------------
IGMP AND MULTICAST STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN IGMP MULTICAST UNMATCHED UNICAST
Gi1/1 EGRESS 10 0 1134 1150 127304124
Gi1/1 INGRESS 10 0 0 0 127305103
-------------------------------------------------------------------------------
PER TRANSLATION STATS (IN PACKETS)
===============================================================================
TYPE DIRECTION SA/DA ORIGINAL IP TRANSLATED IP COUNT ACTIVE(90Sec)
INSIDE EGRESS SA 172.16.1.1 20.1.1.1 127305166 4847525
INSIDE INGRESS DA 20.1.1.1 172.16.1.1 127305165 4847525
OUTSIDE INGRESS SA 20.1.1.254 172.16.1.254 1 0
OUTSIDE EGRESS DA 172.16.1.254 20.1.1.254 1 0
-------------------------------------------------------------------------------
STATS FOR INSTANCE: NewInstance2 (IN PACKETS)
TRANSLATED STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN BYPASSED DISCARDED TRANSLATED TOTAL PACKETS
Gi1/1 EGRESS 4094 9588 0 127305222 127314836
Gi1/1 INGRESS 4094 0 0 127305222 127305222
-------------------------------------------------------------------------------
PROTOCOL FIXUP STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN ARP ICMP SNMP PROFINET
Gi1/1 EGRESS 4094 1 0 0 0
Gi1/1 INGRESS 4094 1 0 0 0
-------------------------------------------------------------------------------
IGMP AND MULTICAST STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN IGMP MULTICAST UNMATCHED UNICAST
Gi1/1 EGRESS 4094 0 8464 8624 127306355
Gi1/1 INGRESS 4094 0 0 0 127305222
-------------------------------------------------------------------------------
PER TRANSLATION STATS (IN PACKETS)
===============================================================================
TYPE DIRECTION SA/DA ORIGINAL IP TRANSLATED IP COUNT ACTIVE(90Sec)
OUTSIDE INGRESS SA 10.1.1.254 192.168.1.254 1 0
OUTSIDE EGRESS DA 192.168.1.254 10.1.1.254 1 0
INSIDE EGRESS SA 192.168.1.1 10.1.1.1 127305292 4847645
INSIDE INGRESS DA 10.1.1.1 192.168.1.1 127305292 4847645
-------------------------------------------------------------------------------
===============================================================================
NUMBER OF ACTIVE TRANSLATIONS IN THE PAST 90 SECONDS: 2
TOTAL INSTANCES ATTACHED: 2
===============================================================================
===============================================================================
Total Number of NAT Packets = 509230422
Total Number of TRANSLATED NAT Packets = 509220654
Total Number of BYPASSED NAT Packets = 9588
Total Number of DISCARDED NAT Packets = 153
Total Number of ARP FIX UP Packets = 4
Total Number of ICMP FIX UP Packets = 0
Total Number of SNMP FIX UP Packets = 0
Total Number of PROFINET FIX UP Packets = 0
Total Number of IPV4 MULTICAST Packets = 9598
Total Number of IGMP Packets = 0
Total Number of UNMATCHED Packets = 9774
Total Number of IPV4 UNICAST Packets = 509220804
===============================================================================
===============================================================================
show l2nat statistics interface
To show the statistics for a specified interface or VLAN, use the show l2nat statistics interface command in EXEC mode.
show l2nat statistics interface [ int ] [ vlan ]
Syntax Description
int |
The interface. If this parameter is omitted, all interfaces are included. |
vlan |
The VLAN ID. Include this parameter only if an interface is specified. If this parameter is omitted, all VLANs are included. |
Command Modes
EXEC
Usage Guidelines
If you do not specify an interface or a VLAN, all are included. Statistics include the number of bypassed, discarded, and translated packets; the number of fixups for ARP, ICMP, pass-through protocols SNMP, PROFINET, SIP, PTP, Telnet, FTP, and the number of IGMP, multicast, unmatched, and unicast packets.
Command History
|
|
15.0(2)EB |
This command was introduced. |
Examples
This example shows how to display the l2nat statistics for interface Gi1/1, VLAN10.
Switch# show l2nat statistics interface Gi1/1 10
TRANSLATED STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN BYPASSED DISCARDED TRANSLATED TOTAL PACKETS
Gi1/1 EGRESS 10 0 153 127305106 127305259
Gi1/1 INGRESS 10 0 0 127305104 127305105
-------------------------------------------------------------------------------
PROTOCOL FIXUP STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN ARP ICMP SNMP PROFINET
-------------------------------------------------------------------------------
IGMP AND MULTICAST STATS (IN PACKETS)
===============================================================================
INTERFACE DIRECTION VLAN IGMP MULTICAST UNMATCHED UNICAST
Gi1/1 EGRESS 10 0 1134 1150 127304124
Gi1/1 INGRESS 10 0 0 0 127305103
-------------------------------------------------------------------------------
Related Commands
|
|
l2nat instance |
Creates an Layer 2 NAT instance or enters the submode for the specified Layer 2 NAT instance. |
show l2nat instance |
Displays the configuration details for a specified Layer 2 NAT instance. |
show l2nat interface |
Displays the configuration details for Layer 2 NAT instances on one or more interfaces. |
show l2nat statistics |
Displays the Layer 2 NAT statistics for all interfaces. |
show lacp
To display Link Aggregation Control Protocol (LACP) channel-group information, use the show lacp command in EXEC mode.
show lacp [ channel-group-number ] { counters | internal | neighbor | sys-id }
Syntax Description
channel-group-number |
(Optional) Number of the channel group. The range is 1 to 6. |
counters |
Displays traffic information. |
internal |
Displays internal information. |
neighbor |
Displays neighbor information. |
sys-id |
Displays the system identifier that is being used by LACP. The system identifier is made up of the LACP system priority and the switch MAC address. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
You can enter any show lacp command to display the active channel-group information. To display specific channel information, enter the show lacp command with a channel-group number.
If you do not specify a channel group, information for all channel groups appears.
You can enter the channel-group-number option to specify a channel group for all keywords except sys-id.
Examples
This is an example of output from the show lacp counters EXEC command. Table 0-11 describes the fields in the display.
Switch> show lacp counters
LACPDUs Marker Marker Response LACPDUs
Port Sent Recv Sent Recv Sent Recv Pkts Err
---------------------------------------------------------------------
Table 0-11 show lacp counters Field Descriptions
|
|
LACPDUs Sent and Recv |
The number of LACP packets sent and received by a port. |
Marker Sent and Recv |
The number of LACP marker packets sent and received by a port. |
Marker Response Sent and Recv |
The number of LACP marker response packets sent and received by a port. |
LACPDUs Pkts and Err |
The number of unknown and illegal packets received by LACP for a port. |
This is an example of output from the show lacp channel-group-number internal command:
Switch> show lacp 1 internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi1/1 SA bndl 32768 0x3 0x3 0x4 0x3D
Gi1/2 SA bndl 32768 0x3 0x3 0x5 0x3D
Table 0-12 describes the fields in the display.
Table 0-12 show lacp internal Field Descriptions
|
|
State |
State of the specific port. These are the allowed values:
- – —Port is in an unknown state.
- bndl —Port is attached to an aggregator and bundled with other ports.
- susp —Port is in a suspended state; it is not attached to any aggregator.
- hot-sby —Port is in a hot-standby state.
- indiv —Port is incapable of bundling with any other port.
- indep —Port is in an independent state (not bundled but able to switch data traffic. In this case, LACP is not running on the partner port).
- down —Port is down.
|
LACP Port Priority |
Port priority setting. LACP uses the port priority to put ports in standby mode when there is a hardware limitation that prevents all compatible ports from aggregating. |
Admin Key |
Administrative key assigned to this port. LACP automatically generates an administrative key value as a hexadecimal number. The administrative key defines the ability of a port to aggregate with other ports. A port’s ability to aggregate with other ports is determined by the port physical characteristics (for example, data rate and duplex capability) and configuration restrictions that you establish. |
Oper Key |
Runtime operational key that is being used by this port. LACP automatically generates this value as a hexadecimal number. |
Port Number |
Port number. |
Port State |
State variables for the port, encoded as individual bits within a single octet with these meanings:
- bit0: LACP_Activity
- bit1: LACP_Timeout
- bit2: Aggregation
- bit3: Synchronization
- bit4: Collecting
- bit5: Distributing
- bit6: Defaulted
- bit7: Expired
Note In the list above, bit7 is the MSB and bit0 is the LSB. |
This is an example of output from the show lacp neighbor command:
Switch> show lacp neighbor
Flags: S - Device is sending Slow LACPDUs F - Device is sending Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 3 neighbors
Port System ID Port Number Age Flags
Gi1/1 32768,0007.eb49.5e80 0xC 19s SP
LACP Partner Partner Partner
Port Priority Oper Key Port State
Port System ID Port Number Age Flags
Gi1/2 32768,0007.eb49.5e80 0xD 15s SP
LACP Partner Partner Partner
Port Priority Oper Key Port State
This is an example of output from the show lacp sys-id command:
The system identification is made up of the system priority and the system MAC address. The first two bytes are the system priority, and the last six bytes are the globally administered individual MAC address associated to the system.
show link-diag error-rate
To display link diagnostic error rate information, use the show link state group command in Privileged EXEC mode.
show link-diag error-rate { fastethernet interface | gigabitethernet interface | window-size }
Syntax Description
fastethernet interface |
Displays the fastethernet interface number which ranges from 1-1. |
gigabitethernet interface |
Displays the gigabitethernet interface number which ranges from 1-1. |
window-size |
Displays the link diagnostics error rate window size. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This example shows how to display show link diagnostics error rates:
Switch# show link-diag error-rate
Port Receive Err-Rate Transmit Err-Rate
---- ---------------- -----------------
This example shows how to display Fast Ethernet link diagnostics error rates:
Switch# show link-diag error-rate fastethernet 1/1
Port Receive Err-Rate Transmit Err-Rate
---- ---------------- -----------------
This example shows how to display Gigabit Ethernet link diagnostics error rates:
Switch# show link-diag error-rate gigabitethernet 1/1
Port Receive Err-Rate Transmit Err-Rate
---- ---------------- -----------------
show location
To display location information for an endpoint, use the show location command in EXEC mode.
show location [ admin-tag ] [ civic-location | elin-location { cdp | identifier id | interface interface-id | static }]
Syntax Description
admin-tag |
(Optional) Displays administrative tag or site information. |
civic-location |
(Optional) Displays civic location information. |
elin-location |
(Optional) Displays emergency location information (ELIN). |
cdp |
(Optional) Displays CDP location information. |
identifier id |
(Optional) Specifies the ID for the civic location or the elin location. The ID range is 1 to 4095. |
interface interface-id |
(Optional) Displays location information for the specified interface or all interfaces. Valid interfaces include physical ports. |
static |
(Optional) Displays static configuration information. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use the show location command to display location information for an endpoint.
Examples
This is an example of output from the show location civic-location command that displays location information for an interface:
Switch> show location civic interface gigibitethernet1/1
Civic location information
--------------------------
Primary road name : Cisco Way
This is an example of output from the show location civic-location identifier command that displays all the civic location information:
Switch> show location civic-location static
Civic location information
--------------------------
Primary road name : Cisco Way
--------------------------
Street number suffix : West
Landmark : Golden Gate Bridge
Primary road name : 19th Ave
--------------------------
This is an example of output from the show location elin-location command that displays the emergency location information:
Switch> show location elin-location identifier 1
Elin location information
--------------------------
This is an example of output from the show location elin static command that displays all emergency location information:
Switch> show location elin static
Elin location information
--------------------------
--------------------------
--------------------------
show link state group
To display the link-state group information, use the show link state group command in Privileged EXEC mode.
show link state group [ number ] [ detail ]
Syntax Description
number |
(Optional) Number of the link-state group. |
detail |
(Optional) Specifies that detailed information appears. |
Command Modes
Privileged EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use the show link state group command to display the link-state group information. Enter this command without keywords to display information about all link-state groups. Enter the group number to display information specific to the group.
Enter the detail keyword to display detailed information about the group. The output for the show link state group detail command displays only those link-state groups that have link-state tracking enabled or that have upstream or downstream interfaces (or both) configured. If there is no link-state group configuration for a group, it is not shown as enabled or disabled.
Examples
This is an example of output from the show link state group 1 command:
Switch> show link state group 1
Link State Group: 1 Status: Enabled, Down
This is an example of output from the show link state group detail command:
Switch> show link state group detail
(Up):Interface up (Dwn):Interface Down (Dis):Interface disabled
Link State Group: 1 Status: Enabled, Down
Upstream Interfaces : Gi1/1(Dwn) Gi1/2(Dwn)
Downstream Interfaces : Fa1/5(Dis) Fa1/6(Dis) Fa1/7(Dis) Fa1/8(Dis)
Link State Group: 2 Status: Enabled, Down
Upstream Interfaces : Gi1/1(Dwn) Gi1/2(Dwn) Gi1/3(Dwn)
Downstream Interfaces : Fa1/5(Dis) Fa1/6(Dis) Fa1/7(Dis) Fa1/8(Dis)
(Up):Interface up (Dwn):Interface Down (Dis):Interface disabled
show mac access-group
To display the MAC access control lists (ACLs) configured for an interface or a switch, use the show mac access-group command in EXEC mode.
show mac access-group interface interface-id
Syntax Description
interface interface-id |
(Optional) Displays the MAC ACLs configured on a specific interface. Valid interfaces are physical ports and port channels; the port-channel range is 1 to 6 (available only in privileged EXEC mode). |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Examples
This is an example of output from the show mac-access group EXEC command. Port 2 has the MAC access list macl_e1 applied; no MAC ACLs are applied to other interfaces.
Switch> show mac access-group
Interface GigabitEthernet1/1:
Inbound access-list is not set
Interface GigabitEthernet1/2:
Inbound access-list is macl_e1
Interface GigabitEthernet1/3:
Inbound access-list is not set
Interface GigabitEthernet1/4:
Inbound access-list is not set
This is an example of output from the show mac access-group interface command:
Switch# show mac access-group interface gigabitethernet1/1
Interface GigabitEthernet1/1:
Inbound access-list is macl_e1
show mac address-table
To display a specific MAC address table static and dynamic entry or the MAC address table static and dynamic entries on a specific interface or VLAN, use the show mac address-table command in EXEC mode.
show mac address-table
Syntax Description
This command has no keywords or arguments.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table command:
Switch> show mac address-table
------------------------------------------
Vlan Mac Address Type Ports
---- ----------- ---- -----
All 0000.0000.0001 STATIC CPU
All 0000.0000.0002 STATIC CPU
All 0000.0000.0003 STATIC CPU
All 0000.0000.0009 STATIC CPU
All 0000.0000.0012 STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
1 0030.9441.6327 DYNAMIC Gi1/2
Total Mac Addresses for this criterion: 12
show mac address-table address
To display MAC address table information for the specified MAC address, use the show mac address-table address command in EXEC mode.
show mac address-table address mac-address [ interface interface-id ] [ vlan vlan-id ]
Syntax Description
mac-address |
The 48-bit MAC address; the valid format is H.H.H. |
interface interface-id |
(Optional) Displays information for a specific interface. Valid interfaces include physical ports and port channels. |
vlan vlan-id |
(Optional) Displays entries for the specific VLAN only. The range is 1 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table address command:
Switch# show mac address-table address 0002.4b28.c482
------------------------------------------
Vlan Mac Address Type Ports
---- ----------- ---- -----
All 0002.4b28.c482 STATIC CPU
Total Mac Addresses for this criterion: 1
show mac address-table aging-time
Use the show mac address-table aging-time command in EXEC mode to display the aging time of a specific address table instance, all address table instances on a specified VLAN or, if a specific VLAN is not specified, on all VLANs.
show mac address-table aging-time [ vlan vlan-id ]
Syntax Description
vlan vlan-id |
(Optional) Displays aging time information for a specific VLAN. The range is 1 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
If no VLAN number is specified, the aging time for all VLANs appears.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table aging-time command:
Switch> show mac address-table aging-time
This is an example of output from the show mac address-table aging-time vlan 10 command:
Switch> show mac address-table aging-time vlan 10
show mac address-table count
To display the number of addresses present in all VLANs or the specified VLAN, use the show mac address-table count command in EXEC mode.
show mac address-table count [ vlan vlan-id ]
Syntax Description
vlan vlan-id |
(Optional) Displays the number of addresses for a specific VLAN. The range is 1 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
If no VLAN number is specified, the address count for all VLANs appears.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table count command:
Switch# show mac address-table count
---------------------------
Dynamic Address Count : 2
show mac address-table dynamic
To display only dynamic MAC address table entries, use the show mac address-table dynamic command in EXEC mode.
show mac address-table dynamic [ address mac-address ] [ interface interface-id ] [ vlan vlan-id ]
Syntax Description
address mac-address |
(Optional) Specifies a 48-bit MAC address; the valid format is H.H.H (available in privileged EXEC mode only). |
interface interface-id |
(Optional) Specifies an interface to match; valid interfaces include physical ports and port channels. |
vlan vlan-id |
(Optional) Displays entries for a specific VLAN; the range is 1 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table dynamic command:
Switch> show mac address-table dynamic
------------------------------------------
Vlan Mac Address Type Ports
---- ----------- ---- -----
1 0030.b635.7862 DYNAMIC Gi1/2
1 00b0.6496.2741 DYNAMIC Gi1/2
Total Mac Addresses for this criterion: 2
show mac address-table interface
To display the MAC address table information for the specified interface in the specified VLAN, use the show mac address-table interface user command.
show mac address-table interface interface-id [ vlan vlan-id ]
Syntax Description
interface-id |
An interface type; valid interfaces include physical ports and port channels. |
vlan vlan-id |
(Optional) Displays entries for a specific VLAN; the range is 1 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table interface command:
Switch> show mac address-table interface gigabitethernet1/2
------------------------------------------
Vlan Mac Address Type Ports
---- ----------- ---- -----
1 0030.b635.7862 DYNAMIC Gi1/2
1 00b0.6496.2741 DYNAMIC Gi1/2
Total Mac Addresses for this criterion: 2
show mac address-table learning
To display the status of MAC address learning for all VLANs or the specified VLAN u se the show mac address-table learning command in EXEC mode.
show mac address-table learning [ vlan vlan-id ]
Syntax Description
vlan vlan-id |
(Optional) Displays information for a specific VLAN. The range is 1 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use the show mac address-table learning command without any keywords to display configured VLANs and whether MAC address learning is enabled or disabled on them. The default is that MAC address learning is enabled on all VLANs. Use the command with a specific VLAN ID to display the learning status on an individual VLAN.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table learning EXEC command showing that MAC address learning is disabled on VLAN 200:
Switch> show mac address-table learning
show mac address-table move update
To display the MAC address-table move update information on the switch, use the show mac address-table move update command in EXEC mode.
show mac address-table move update
Syntax Description
This command has no keywords or arguments.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table move update command:
Switch> show mac address-table move update
Switch-ID : 010b.4630.1780
Dst mac-address : 0180.c200.0010
Vlans/Macs supported : 1023/8320
Default/Current settings: Rcv Off/On, Xmt Off/On
Max packets per min : Rcv 40, Xmt 60
Rcv conforming packet count : 5
Rcv invalid packet count : 0
Rcv packet count this min : 0
Rcv threshold exceed count : 0
Rcv last sequence# this min : 0
Rcv last src-mac-address : 0003.fd6a.8701
Rcv last switch-ID : 0303.fd63.7600
Xmt packet count this min : 0
Xmt threshold exceed count : 0
Xmt pak buf unavail cnt : 0
Xmt last interface : None
show mac address-table notification
To display the MAC address notification settings for all interfaces or the specified interface, use the show mac address-table notification command in EXEC mode.
show mac address-table notification { change [ interface [ interface-id ] | mac-move | threshold }
Syntax Description
change |
Displays the MAC change notification feature parameters and the history table. |
interface |
(Optional) Displays information for all interfaces. Valid interfaces include physical ports and port channels. |
interface-id |
(Optional) The specified interface. Valid interfaces include physical ports and port channels. |
mac-move |
Displays status for MAC address move notifications. |
threshold |
Displays status for MAC-address table threshold monitoring. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Use the show mac address-table notification change command without keywords to see if the MAC address change notification feature is enabled or disabled, the MAC notification interval, the maximum number of entries allowed in the history table, and the history table contents.
Use the interface keyword to display the notifications for all interfaces. If the interface-id is included, only the flags for that interface appear.
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table notification change command:
Switch> show mac address-table notification change
MAC Notification Feature is Enabled on the switch
Interval between Notification Traps : 60 secs
Number of MAC Addresses Added : 4
Number of MAC Addresses Removed : 4
Number of Notifications sent to NMS : 3
Maximum Number of entries configured in History Table : 100
Current History Table Length : 3
MAC Notification Traps are Enabled
History Index 0, Entry Timestamp 1032254, Despatch Timestamp 1032254
Operation: Added Vlan: 2 MAC Addr: 0000.0000.0001 Module: 0 Port: 1
History Index 1, Entry Timestamp 1038254, Despatch Timestamp 1038254
Operation: Added Vlan: 2 MAC Addr: 0000.0000.0000 Module: 0 Port: 1
Operation: Added Vlan: 2 MAC Addr: 0000.0000.0002 Module: 0 Port: 1
Operation: Added Vlan: 2 MAC Addr: 0000.0000.0003 Module: 0 Port: 1
History Index 2, Entry Timestamp 1074254, Despatch Timestamp 1074254
Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0000 Module: 0 Port: 1
Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0001 Module: 0 Port: 1
Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0002 Module: 0 Port: 1
Operation: Deleted Vlan: 2 MAC Addr: 0000.0000.0003 Module: 0 Port: 1
show mac address-table static
To display only static MAC address table entries, use the show mac address-table static command in EXEC mode.
show mac address-table static [ address mac-address ] [ interface interface-id ] [ vlan vlan-id ]
Syntax Description
address mac-address |
(Optional) Specifies a 48-bit MAC address; the valid format is H.H.H (available in privileged EXEC mode only). |
interface interface-id |
(Optional) Specifies an interface to match; valid interfaces include physical ports and port channels. |
vlan vlan-id |
(Optional) Displays addresses for a specific VLAN. The range is 1 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table static command:
Switch> show mac address-table static
------------------------------------------
Vlan Mac Address Type Ports
---- ----------- ---- -----
All 0100.0ccc.cccc STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
4 0001.0002.0004 STATIC Drop
6 0001.0002.0007 STATIC Drop
Total Mac Addresses for this criterion: 8
show mac address-table vlan
To display the MAC address table information for the specified VLAN, use the show mac address-table vlan command in EXEC mode.
show mac address-table vlan vlan-id
Syntax Description
vlan-id |
(Optional) Displays addresses for a specific VLAN. The range is 1 to 4094. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mac address-table vlan 1 command:
Switch> show mac address-table vlan 1
------------------------------------------
Vlan Mac Address Type Ports
---- ----------- ---- -----
1 0100.0ccc.cccc STATIC CPU
1 0180.c200.0000 STATIC CPU
1 0100.0ccc.cccd STATIC CPU
1 0180.c200.0001 STATIC CPU
1 0180.c200.0002 STATIC CPU
1 0180.c200.0003 STATIC CPU
1 0180.c200.0005 STATIC CPU
1 0180.c200.0006 STATIC CPU
1 0180.c200.0007 STATIC CPU
Total Mac Addresses for this criterion: 9
show mls qos
To display global quality of service (QoS) configuration information, use the show mls qos command in EXEC mode.
show mls qos
Note
This command is available only when the switch is running the LAN Base image.
Syntax Description
This command has no keywords or arguments.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mls qos command when QoS is enabled and DSCP transparency is enabled:
QoS ip packet dscp rewrite is enabled
Related Commands
|
|
mls qos |
Enables QoS for the entire switch. |
show mls qos aggregate-policer
To display the quality of service (QoS) aggregate policer configuration, use the show mls qos aggregate-policer command in EXEC mode. A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if either maximum is exceeded.
show mls qos aggregate-policer [ aggregate-policer-name ]
Note
This command is available only when the switch is running the LAN Base image.
Syntax Description
aggregate-policer-name |
(Optional) The policer configuration for the specified name. |
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mls qos aggregate-policer command:
Switch> show mls qos aggregate-policer policer1
aggregate-policer policer1 1000000 2000000 exceed-action drop
Not used by any policy map
show mls qos input-queue
To display quality of service (QoS) settings for the ingress queues, use the show mls qos input-queue command in EXEC mode.
show mls qos input-queue
Note
This command is available only when the switch is running the LAN Base image.
Syntax Description
This command has no keyword or arguments.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mls qos input-queue command:
Switch> show mls qos input-queue
----------------------------------------------
show mls qos interface
To display quality of service (QoS) information at the port level, use the show mls qos interface command in EXEC mode.
show mls qos interface [ interface-id ] [ buffers | queueing | statistics ]
Note
This command is available only when the switch is running the LAN Base image.
Syntax Description
interface-id |
(Optional) The specified port. Valid interfaces include physical ports. |
buffers |
(Optional) Displays the buffer allocation among the queues. |
queueing |
(Optional) Displays the queueing strategy (shared or shaped) and the weights corresponding to the queues. |
statistics |
(Optional) Displays statistics for sent and received Differentiated Services Code Points (DSCPs) and class of service (CoS) values, the number of packets enqueued or dropped per egress queue, and the number of in-profile and out-of-profile packets for each policer. |
Note
Though visible in the command-line help string, the policer keyword is not supported.
Command Modes
EXEC
Command History
|
|
15.0(1)EY |
This command was introduced. |
Usage Guidelines
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output do not appear, but the lines that contain Output appear.
Examples
This is an example of output from the show mls qos interface interface-id command when VLAN-based QoS is enabled:
Switch> show mls qos interface gigabitethernet1/1
DSCP Mutation Map:Default DSCP Mutation Map
This is an example of output from the show mls qos interface interface-id command when VLAN-based QoS is disabled:
Switch> show mls qos interface gigabitethernet1/2
DSCP Mutation Map:Default DSCP Mutation Map
This is an example of output from the show mls qos interface interface-id buffers command:
Switch> show mls qos interface gigabitethernet1/2 buffers
The port is mapped to qset : 1
The allocations between the queues are : 25 25 25 25
This is an example of output from the show mls qos interface interface-id queueing command. The egress expedite queue overrides the configured shaped round robin (SRR) weights.
Switch> show mls qos interface gigabitethernet1/2 queueing
Egress Priority Queue :enabled
Shaped queue weights (absolute) : 25 0 0 0
Shared queue weights : 25 25 25 25
The port bandwidth limit : 100 (Operational Bandwidth:100.0)
The port is mapped to qset : 1
This is an example of output from the show mls qos interface interface-id statistics command. Table 0-13 describes the fields in this display.
Switch> show mls qos interface gigabitethernet1/2 statistics
-------------------------------
-------------------------------
-------------------------------
-------------------------------
Policer: Inprofile: 0 OutofProfile: 0
Table 0-13 show mls qos interface statistics Field Descriptions
|
|
|
DSCP |
incoming |
Number of packets received for each DSCP value. |
outgoing |
Number of packets sent for each DSCP value. |
CoS |
incoming |
Number of packets received for each CoS value. |
outgoing |
Number of packets sent for each CoS value. |
Policer |
Inprofile |
Number of in profile packets for each policer. |
Outofprofile |
Number of out-of-profile packets for each policer. |
show mls qos maps
To display quality of service (QoS) mapping information, use the show mls qos maps command in EXEC mode. During classification, QoS uses the mapping tables to represent the priority of the traffic and to derive a corresponding class of service (CoS) or Differentiated Services Code Point (DSCP) value from the received CoS, DSCP, or IP precedence value.
show mls qos maps [ cos-dscp | cos-input-q | cos-output-q | dscp-cos | dscp-input-q | dscp-mutation dscp-mutation-name | dscp-output-q | ip-prec-dscp | policed-dscp ]
Note
This command is available only when the switch is running the LAN Base image.
Syntax Description
cos-dscp |
(Optional) Displays class of service (CoS)-to-DSCP map. |
cos-input-q |
|