Cisco IOS Software Command Reference—Cisco ISR 4000 Series

This chapter provides the new Cisco IOS commands that were introduced for the E-Series Servers installed in the Cisco ISR 4000 series.


Note

The Cisco IOS commands are sometimes updated after original publication; therefore, for updated content, review the Cisco IOS Interface and Hardware Component Command Reference at http://www.cisco.com/en/US/docs/ios-xml/ios/interface/command/ir-cr-book.html.

This appendix includes the following sections:

debug platform software ucse

To debug the Cisco UCS E-Series Server platform software and display debug messages, use the debug platform software ucse command in privileged EXEC mode. To disable debug, use the no form of this command.

debug platform software ucse {all | error | normal}

no debug platform software ucse {all | error | normal}

Syntax Description

all

Displays all platform debug messages.

error

Displays error debug messages.

normal

Displays normal debug messages.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Usage Guidelines

After you use the debug platform software ucse all command, use the appropriate ucse command to display debug messages.

The following example shows how to display debug messages for the ucse subslot imc password-reset command: 


Router# debug platform software ucse all   
Router#
Router# ucse subslot 2/0 imc password-reset 
 ucse2/0/0
Password reset command sent.
Router#
 IMC ACK: UCSE password reset successful for IMC
 ACK received for UCSE: Password Reset Command

hw-module subslot session

To start or close a Cisco Integrated Management Controller (CIMC) session or host server module session, use the hw-module subslot session command in privileged EXEC mode.

hw-module subslot slot/subslot session {imc | server}

Syntax Description

slot/

Number of the router slot in which the server module is installed.

Note

 

For the NIM E-Series NCE, the slot number is 0.

subslot

Number of the subslot in which the server module is installed.

Note

 

For Cisco UCS E-Series Servers and the SM E-Series NCE, the subslot number is 0.

imc

Starts a session with CIMC.

server

Starts a session with the host server module.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Cisco IOS XE Release 3.15S

This command was supported on an additional platform: the NIM E-Series Network Compute Engine (NIM E-Series NCE) installed in a Cisco ISR 4000 series.

Usage Guidelines

Only one active session is allowed on the CIMC or server module at any time.

The following example shows how to start a CIMC session in an E-Series Server installed in a Cisco ISR 4000 series: 

Router# hardware-module subslot 1/0 session imc

The following example shows how to start a server module session in an E-Series Server installed in a Cisco ISR 4000 series: 

Router# hardware-module subslot 1/0 session server

imc ip dhcp

To configure a DHCP IP address for the Cisco Integrated Management Controller (CIMC), use the imc ip dhcp command in UCSE configuration mode. To remove the DHCP IP address, use the no form of this command.

imc ip dhcp

no imc ip dhcp

Syntax Description

This command has no arguments or keywords.

Command Modes


UCSE configuration (config-ucse)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

The following example shows how to configure a dynamic IP address for CIMC: 


Router# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# ucse subslot 1/0
Router(config-ucse)# imc ip dhcp
Router(config-ucse)#
 IMC ACK: DHCP enable received for IMC.
 
 IMC ACK: UCSE setting DHCP enable for IMC successful.

platform switchport

To enable the Switch Virtual Interface (SVI) configuration on a UCS E series server, use the platform switchport svi command in privileged EXEC mode. To disable the configuration, use the no form of this command.

platform switchport ucse interface svi

Syntax Description

ucse interface

Number of the UCSE interface. For Cisco UCS E-Series Servers, the UCSE interface number can be 0 or 1.

Command Modes


UCSE Config Mode (config-ucse)#

Command History

Release

Modification

Cisco IOS XE Release 3.15S

This command was introduced on Cisco ISR4000 Series Routers.

Usage Guidelines

Enabling or disabling the SVI configuration on a UCS-E subslot interface requires a module OIR or router reload after you save the configuration.

Before you use this command, you have to set the spanning tree mode. The following example shows how to set the spanning tree mode: 

spanning-tree vlan 1-4094 priority 24576

The following example shows how to enable Switch Virtual Interface (SVI) configuration on a UCS E series server: 

ISR4k(config-ucse)#platform switchport 1 svi
Ena/Dis SVI on UCSE needs a OIR or Router reload

After you use this command, the UCS-E interface shows up in the show spanning-tree command output:

SR4451-1#show spanning-tree
 
G0:VLAN0001
  Spanning tree enabled protocol rstp
  Root ID    Priority    24577
             Address     f07f.06bc.c0b1
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 
  Bridge ID  Priority    24577  (priority 24576 sys-id-ext 1)
             Address     f07f.06bc.c0b1
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300
 
Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
uc1/0/0             Desg FWD 4         128.257  P2p
uc1/0/1             Desg FWD 4         128.258  P2p
 
 
G0:VLAN0003
  Spanning tree enabled protocol rstp
  Root ID    Priority    24579
             Address     f07f.06bc.c0b1
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 
  Bridge ID  Priority    24579  (priority 24576 sys-id-ext 3)
             Address     f07f.06bc.c0b1
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300
 
Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
uc1/0/0             Desg FWD 4         128.257  P2p
uc1/0/1             Desg FWD 4         128.258  P2p
 
ISR4451-1#

show interfaces ucse

To display Cisco UCS E-Series Server interface statistics, use the show interfaces ucse command in privileged EXEC mode.

show interfaces ucse slot/subslot/ucse-interface [accounting | controller | counters | crb | dampening | description | etherchannel | history | irb | mac-accounting | monitor | mpls-exp | precedence | stats | summary | switchport]

Syntax Description

slot/

Number of the router slot in which the server module is installed.

Note

 

For the NIM E-Series NCE, the slot number is 0.

subslot

Number of the subslot in which the server module is installed.

Note

 

For Cisco UCS E-Series Servers and the SM E-Series NCE, the subslot number is 0.

ucse-interface

Number of the UCSE interface.

Note

 

For Cisco UCS E-Series Servers, the UCSE interface number can be 0 or 1.

accounting

(Optional) Displays the number of packets of each protocol type that have been sent through the interface.

controller

(Optional) Displays the interface, configuration, and controller status.

counters

(Optional) Displays the interface counters.

crb

(Optional) Displays interface routing or bridging information.

dampening

(Optional) Displays interface dampening information.

description

(Optional) Displays the interface description.

etherchannel

(Optional) Displays interface Ether Channel information.

history

(Optional) Displays interface history.

irb

(Optional) Displays interface routing or bridging information.

mac-accounting

(Optional) Displays interface MAC accounting information.

monitor

(Optional) Displays interface continuously.

mpls-exp

(Optional) Displays interface Multiprotocol Label Switching (MPLS) experimental accounting information.

precedence

(Optional) Displays interface precedence accounting information.

stats

(Optional) Displays the switching path, the packets in and packets out, and the characters in and characters out.

summary

(Optional) Displays the interface summary.

switchport

(Optional) Displays the switch port interface information.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Cisco IOS XE Release 3.15S

This command was supported on an additional platform: the NIM E-Series Network Compute Engine (NIM E-Series NCE) installed in a Cisco ISR 4000 Series.

The following example provides sample output from the show interfaces ucse slot/0/0 switchport command in an E-Series Server installed in a Cisco ISR 4000 series: 


Router# show interfaces ucse 1/0/0 switchport

	Name: ucse 1/0/0
	Switchport: Enabled
	Administrative mode: trunk
	Operational Mode: trunk
	Administrative Trunking Encapsulation: dot1q
	Operational Trunking Encapsulation: native
	Negotiation of Trunking: Disabled
	Trunking Native Mode VLAN: 2352
	Trunking VLANs Enabled: 1-2349,2450-4094
	Voice VLAN: none

ucse subslot imc password-reset

To reset the Cisco Integrated Management Controller (CIMC) password, use the ucse subslot imc password-reset command in privileged EXEC mode.

ucse subslot slot/subslot imc password-reset

Syntax Description

slot/

Number of the router slot in which the server module is installed.

Note

 

For the NIM E-Series NCE, the slot number is 0.

subslot

Number of the subslot in which the server module is installed.

Note

 

For Cisco UCS E-Series Servers and the SM E-Series NCE, the subslot number is 0.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Cisco IOS XE Release 3.15S

This command was supported on an additional platform: the NIM E-Series Network Compute Engine (NIM E-Series NCE) installed in a Cisco ISR 4000 Series.

Usage Guidelines

After you enter this command, at the next login, the system requests that you set a new password to access CIMC.

The following example shows how to reset the CIMC password in an E-Series Server installed in a Cisco ISR 4000 series: 


Router# ucse subslot 1/0 imc password-reset
Router#
 IMC ACK: UCSE password reset successful for IMC

ucse subslot server

To reload, reset, start, or stop the hardware on the server module, use the ucse subslot server command in privileged EXEC mode.

ucse subslot slot/subslot server {reload | reset | start | stop}

Syntax Description

slot/

Number of the router slot in which the server module is installed.

Note

 

For the NIM E-Series NCE, the slot number is 0.

subslot

Number of the subslot in which the server module is installed.

Note

 

For Cisco UCS E-Series Servers and the SM E-Series NCE, the subslot number is 0.

reload

Powers down the server module and then powers it on.

Note

 

The reload keyword is not supported on the NIM E-Series-NCE. Instead, we recommend that you use the following commands from the router:

  1. Router # ucse subslot slot/subslot shutdown

  2. Router # ucse subslot slot/subslot start

If a reload is necessary, use the following command:

Router # hw-module subslot 0/NIM-slot-number reload

Note

 

This command power-cycles the module. The CIMC and server reboot.

reset

Resets the hardware on the server module.

start

Powers on the server module.

stop

Immediately powers down the server module.

Note

 

The stop keyword is not supported on the NIM E-Series-NCE. Instead, we recommend that you use the following command from the router:

Router # ucse subslot slot/subslot shutdown

If it is necessary to do an immediate power down of the server, use the following command:

Router # hw-module subslot 0/NIM-slot-number stop

Note

 

This command powers down the module. The CIMC and server power off.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Cisco IOS XE Release 3.15S

This command was supported on an additional platform: the NIM E-Series Network Compute Engine (NIM E-Series NCE) installed in a Cisco ISR 4000 Series.

Usage Guidelines

Use the reset keyword only to recover from a shutdown or failed state.


Caution

Using the reset keyword does not provide an orderly software shutdown and may impact file operations that are in progress.

The following example shows how to reload the E-Series Server installed in a Cisco ISR 4000 series: 


Router# ucse subslot 1/0 server reload
Router#
 IMC ACK: UCSE Server reload successful.

The following example shows how to reset the E-Series Server installed in a Cisco ISR 4000 series: 


Router# ucse subslot 1/0 server reset
Router#
 IMC ACK: UCSE Server reset successful.

The following example shows how to start the E-Series Server installed in a Cisco ISR 4000 series: 


Router# ucse subslot 1/0 server start
Router#
 IMC ACK: UCSE Server start successful.

The following example shows how to stop the E-Series Server installed in a Cisco ISR 4000 series: 


Router# ucse subslot 1/0 server stop
Router#
 IMC ACK: UCSE Server stop successful.

ucse subslot server password-reset

To reset the BIOS or RAID password, use the ucse subslot server password-reset command in privileged EXEC mode.

ucse subslot slot/subslot server password-reset {BIOS | RAID}

Syntax Description

slot/

Number of the router slot in which the server module is installed.

Note

 

For the NIM E-Series NCE, the slot number is 0.

subslot

Number of the subslot in which the server module is installed.

Note

 

For Cisco UCS E-Series Servers and the SM E-Series NCE, the subslot number is 0.

BIOS

Resets the BIOS password.

RAID

Resets the RAID password.

Note

 

RAID is not supported on the NIM E-Series NCE.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Cisco IOS XE Release 3.15S

This command was supported on an additional platform: the NIM E-Series Network Compute Engine (NIM E-Series NCE) installed in a Cisco ISR 4000 Series.

Usage Guidelines

After you enter this command, at the next login, the system requests that you set a new password to access BIOS or configure RAID.

The following example shows how to reset the BIOS password in an E-Series Server installed in a Cisco ISR 4000 series: 


Router# ucse subslot 1/0 server password-reset BIOS
Router#
 IMC ACK: UCSE password reset successful for BIOS

The following example shows how to reset the RAID password in an E-Series Server installed in a Cisco ISR 4000 series: 


Router# ucse subslot 1/0 server password-reset RAID
Router#
 IMC ACK: UCSE password reset successful for RAID

ucse subslot shutdown

To gracefully shut down the server module, use the ucse subslot shutdown command in privileged EXEC mode.

ucse subslot slot/subslot shutdown

Syntax Description

slot/

Number of the router slot in which the server module is installed.

Note

 

For the NIM E-Series NCE, the slot number is 0.

subslot

Number of the subslot in which the server module is installed.

Note

 

For Cisco UCS E-Series Servers and the SM E-Series NCE, the subslot number is 0.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Cisco IOS XE Release 3.15S

This command was supported on an additional platform: the NIM E-Series Network Compute Engine (NIM E-Series NCE) installed in a Cisco ISR 4000 Series.

Usage Guidelines

The NIM E-Series NCE might take up to 60 seconds to shut down. After two or three shut down attempts, if the NIM E-Series NCE does not shut down, enter the following commands from the router:

  1. Router # hw-module subslot 0/NIM-slot-number stop

  2. Router # hw-module subslot 0/NIM-slot-number start

The following example shows how to shut down an E-Series Server installed in a Cisco ISR 4000 series: 


Router# ucse subslot 1/0 shutdown 
Router# 
 IMC ACK: UCSE Server shutdown successful.

ucse subslot statistics

To display or clear server module statistics, use the ucse subslot statistics command in privileged EXEC mode.

ucse subslot slot/subslot statistics [clear]

Syntax Description

slot/

Number of the router slot in which the server module is installed.

Note

 

For the NIM E-Series NCE, the slot number is 0.

subslot

Number of the subslot in which the server module is installed.

Note

 

For Cisco UCS E-Series Servers and the SM E-Series NCE, the subslot number is 0.

clear

(Optional) Clears the server module statistics.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Cisco IOS XE Release 3.15S

This command was supported on an additional platform: the NIM E-Series Network Compute Engine (NIM E-Series NCE) installed in a Cisco ISR 4000 Series.

The following example shows how to display the statistics of an E-Series Server: 


Router# ucse subslot 1/0 statistics 
 Count of number of shutdowns command : 1
 Count of number of status commands : 0
 Count of number of server raid password  : 1
 Count of number of imc password-reset : 2
 Count of number of server bios password reset : 1
 Count of number of server reload : 1
 Count of number of server reset : 1
 Count of number of server start : 1
 Count of number of server stop : 1
 Count of number of vlan commands : 0
 Count of number of access-port commands : 1
 Count of number of IMC configured IP or DHCP commands: 1

ucse subslot status

To display configuration information related to the hardware and software on the server module, use the ucse subslot status command in privileged EXEC mode.

ucse subslot slot/subslot status [detailed]

Syntax Description

slot/

Number of the router slot in which the server module is installed.

Note

 

For the NIM E-Series NCE, the slot number is 0.

subslot

Number of the subslot in which the server module is installed.

Note

 

For Cisco UCS E-Series Servers and the SM E-Series NCE, the subslot number is 0.

detailed

(Optional) Displays detailed information about the server module, such as its status and settings of the reset and heartbeat-reset flags.

Command Modes


Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.9S

This command was introduced on the Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Router (ISR).

Cisco IOS XE Release 3.15S

This command was supported on an additional platform: the NIM E-Series Network Compute Engine (NIM E-Series NCE) installed in a Cisco ISR 4000 Series.

The following example shows how to display the status of an E-Series Server: 


Router#  ucse subslot 1/0 status
CPU info
        Name         Cores    Version                                            
        ------------ -------- -------------------------------------------------- 
        CPU1         4        Intel(R) Xeon(R) CPU E5-2418L 0 @ 2.00GHz          
 
Memory info
        Name                 Capacity        Channel Speed (MHz) Channel Type    
        -------------------- --------------- ------------------- --------------- 
        Node0_Dimm0          Not Installed   Unknown             Unknown         
        Node0_Dimm1          16384 MB        1333                DDR3            
        Node0_Dimm2          8192 MB         1333                DDR3            
 
Hard drive info
        Slot Number Controller Status                 Manufacturer   Model          Drive Firmware Coerced Size   Type  SED   
        ----------- ---------- ---------------------- -------------- -------------- -------------- -------------- ----- ----- 
        1           SLOT-5     online                 ATA            ST91000640NS   CC02           952720 MB      HDD   false 
        2           SLOT-5     online                 ATA            ST91000640NS   CC02           952720 MB      HDD   false 
        3           SLOT-5     online                 ATA            ST91000640NS   CC02           952720 MB      HDD   false 
 
Virtual drive info
        Virtual Drive  Status               Name                     Size       RAID Level 
        -------------- -------------------- ------------------------ ---------- ---------- 
        0              Optimal                                       1905440 MB RAID 5     
 
PCI card info
        Name                 Slot       Vendor ID            Device ID            Product Name              
        -------------------- ---------- -------------------- -------------------- ------------------------- 
        PCIe Adapter1        0          0xe414               0x5716               Broadcom 5719 1 Gbps 4... 
        PCIe Adapter2        2          0x0010               0x7300               LSI 9240-8i MegaRAID S... 
 
Network Setting
            IPv4 Address: 10.1.1.2
            IPv4 Netmask: 255.255.255.0
            IPv4 Gateway: 10.1.1.1
 
            NIC Mode: shared_lom
            NIC Redundancy: none
            NIC Interface: ge1

Commands Modified to Support Cisco ISR 4451-X

imc access-port

To configure Cisco Integrated Management Controller (CIMC) access through the server module's dedicated, management, or host ports, use the imc access-port command in interface configuration mode or UCSE configuration mode.

Cisco UCS E-Series Server Installed in Cisco 2900 and 3900 ISR G2 and the Cisco ISR 4451-X

imc access-port {dedicated | shared-lom [GE1 | GE2 | GE3 | console | failover [option] ]}

no imc access-port {dedicated | shared-lom [GE1 | GE2 | GE3 | console | failover [option] ]}

Cisco UCS E-Series Server Installed in the Cisco ISR 4451-X—Applicable Only with Cisco IOS XE Release 3.9S

imc access-port {MGMT | [GE0 | GE1 | GE2 | GE3 | | [failover-option] ]}

no imc access-port {MGMT | [GE0 | GE1 | GE2 | GE3 | | [failover-option] ]}

Syntax Description

Table 1. Cisco UCS E-Series Server Installed in Cisco 2900 and 3900 ISR G2 and the Cisco ISR 4451-X

dedicated

Configures CIMC access using the IMC dedicated port.

shared-lom

Configures CIMC access using one of the following host ports:

  • GE1

  • GE2

  • GE3

  • console

  • failover

    Note

     

    If you enter failover , you must also enter one additional parameter:

    • GE1 GE1 [GE2] | [GE3] [GE2 GE3]

    • GE2 GE2 GE3

Table 2. Cisco UCS E-Series Server Installed in the Cisco ISR 4451-X—Applicable Only with Cisco IOS XE Release 3.9S

MGMT

Configures CIMC access using the Cisco UCS E-Series Server's management port.

GE0, GE1, GE2, GE3

(Optional) Configures CIMC access using one of the following NIC interfaces:

  • GE0—Cisco UCS E-Series Server's internal NIC interface connecting to the router's UCSE slot/0/0 interface.

  • GE1—Cisco UCS E-Series Server's internal NIC interface connecting to the router's UCSE slot/0/1 interface.

  • GE2—Cisco UCS E-Series Server's external NIC interface.

  • GE3—Cisco UCS E-Series Server's external NIC interface. Applicable to double-wide Cisco UCS E-Series Servers.

  • failover-option—To configure failover, enter one additional parameter:

    • GE2 backplane —Applicable to single-wide and double-wide Cisco UCS E-Series Servers.

    • GE3 backplane —Applicable to double-wide Cisco UCS E-Series Servers.

    • GE2 GE3 —Applicable to double-wide Cisco UCS E-Series Servers.

    • GE3 GE2 —Applicable to double-wide Cisco UCS E-Series Servers.

    • GE2 GE3 backplane —Applicable to double-wide Cisco UCS E-Series Servers.

    • GE3 GE2 backplane —Applicable to double-wide Cisco UCS E-Series Servers.

Command Modes


Interface configuration (config-if) for a Cisco UCS E-Series Server installed in Cisco 2900 and 3900 ISR G2.


UCSE configuration (config-ucse) for a Cisco UCS E-Series Server installed in the Cisco ISR 4451-X.

Command History

Release

Modification

Cisco IOS Release 15.2(4)M

This command was introduced on the Cisco UCS E-Series Servers installed in Cisco 2900 and 3900 Series Integrated Services Routers (ISR G2).

Cisco IOS XE Release 3.9S

This command was implemented on Cisco UCS E-Series Servers installed in the Cisco 4451-X Integrated Services Router (Cisco ISR 4451-X).

Cisco IOS XE Release 3.10S

This command was modified so that all platforms—Cisco 2900 and 3900 ISR G2 and the Cisco ISR 4451-X—use the same command.

Usage Guidelines

If the Cisco UCS E-Series Server is installed in Cisco 2900 and 3900 ISR G2, use the imc access-port command in interface configuration mode: 


Router(config)# interface ucse 2/0 
Router(config-if)#

If the Cisco UCS E-Series Server is installed in Cisco ISR 4451-X, use the imc access port command in UCSE configuration mode: 

Router(config)# ucse subslot 1/0 
Router(config-ucse)#

Cisco UCS E-Series Server Installed in Cisco 2900 and 3900 ISR G2

The following example shows how to configure CIMC access using the dedicated port: 


Router# configure terminal
Router(config)# interface ucse 2/0
Router(config-if)# imc ip address 10.0.0.2 255.0.0.0 default-gateway 10.0.0.1
Router(config-if)# imc access-port dedicated
Router(config-if)# no shut
Router(config-if)# end

Cisco UCS E-Series Server Installed in the Cisco ISR 4451-X—Applicable Only with Cisco IOS XE Release 3.9S

The following example shows how to configure CIMC access using the MGMT port:


Router# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# ucse subslot 1/0
Router(config-ucse)# imc access-port mgmt
Router(config-ucse)#
 IMC ACK: Access ports received: MGMT 
 
 IMC ACK: UCSE access port operation successful.

switchport

Cisco 3550, 4000, and 4500 Series Switches

To put an interface that is in Layer 3 mode into Layer 2 mode for Layer 2 configuration, use the switchport command in interface configuration mode. To put an interface into Layer 3 mode, use the no form of this command.

switchport

no switchport

Cisco Catalyst 6500 and 6000 Series Switches and Cisco 7600 Series Routers

To modify the switching characteristics of the Layer 2-switched interface, use the switchport command (without keywords). Use the no form of this command (without keywords) to return the interface to the routed-interface status and cause all further Layer 2 configuration to be erased. Use the switchport commands (with keywords) to configure the switching characteristics.

switchport

switchport {host | nonegotiate}

no switchport

no switchport nonegotiate

Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

To configure the server module to communicate with the router over a high-speed Multi Gigabit Fabric (MGF) backplane switch port, use the switchport command (with keywords) in interface configuration mode.

switchport {access | mode | trunk}

Cisco 1000 Series Integrated Services Routers with 4 or 8 Front-Panel Switch Ports

To configure the flex Layer 2 and Layer 3 ports to Layer 2 interface, use the switchport command (without keywords). To configure to Layer 3 interface, use the no switchport command (without keywords).

switchport

no switchport

Syntax Description

Cisco 3550, 4000, and 4500 Series Switches

This command has no arguments or keywords.

Cisco Catalyst 6500 and 6000 Series Switches and Cisco 7600 Series Routers

Table 3. Syntax Description for Cisco Catalyst 6500 and 6000 Series Switches and Cisco 7600 Series Routers

host

Optimizes the port configuration for a host connection.

nonegotiate

Specifies that the device will not engage in negotiation protocol on this interface.

Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

Table 4. Syntax Description for Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

access

Sets the access mode characteristics of the interface.

mode

Sets the interface type: Access or Trunk.

trunk

Sets trunk characteristics when the interface is in Trunk mode. This is the default mode.

Cisco 1000 Series Integrated Services Routers with 4 or 8 Front-Panel Switch Ports

This command has no arguments or keywords.

Command Default

Cisco 3550, 4000, and 4500 Series Switches

All interfaces are in Layer 2 mode.

Catalyst 6500/6000 Series Switches and 7600 Series Routers

The default access VLAN and trunk-interface native VLAN are default VLANs that correspond to the platform or interface hardware.

Cisco 1000 Series Integrated Services Routers with 4 or 8 Front-Panel Switch Ports

The last two ports of the front-panel switch ports (flex ports) are set to Layer 2 interface by default.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

12.1(4)EA1

This command was introduced.

12.2(14)SX

Support for this command was introduced on the Supervisor Engine 720.

12.2(15)ZJ

This command was implemented on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

12.2(17d)SXB

Support for this command on the Supervisor Engine 2 was extended to Cisco IOS Release 12.2(17d)SXB.

12.3(4)T

This command was integrated into Cisco IOS Release 12.3(4)T on the following platforms: Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

15.1(2)T

Support for IPv6 was added.

Cisco IOS XE Release 3.9S

This command was implemented on Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Routers (ISR).

Cisco IOS XE Release 17.11.1a

This command was implemented to provide flex support on the last two Layer 2 switch ports of the Cisco 1000 Series ISRs with 4 or 8 Front-Panel Switch Ports.

Usage Guidelines

Cisco 3550, 4000, and 4500 Series Switches

Use the no switchport command to put the interface into the routed-interface status and to erase all Layer 2 configurations. You must use this command before assigning an IP address to a routed port. Entering the no switchport command shuts down the port and then reenables it, which might generate messages on the device to which the port is connected.

You can verify the switchport status of an interface by entering the show running-config privileged EXEC command.

Cisco Catalyst 6500 and 6000 Series Switches and Cisco 7600 Series Routers

You must enter the switchport command without any keywords to configure the LAN interface as a Layer 2 interface before you can enter additional switchport commands with keywords. This action is required only if you have not entered the switchport command for the interface.

Entering the no switchport command shuts down the port and then reenables it. This action may generate messages on the device to which the port is connected.

To optimize the port configuration, entering the switchport host command sets the switch port mode to access, enables spanning tree PortFast, and disables channel grouping. Only an end station can accept this configuration.

Because spanning-tree PortFast is enabled, you should enter the switchport host command only on ports that are connected to a single host. Connecting other Cisco 7600 series routers, hubs, concentrators, switches, and bridges to a fast-start port can cause temporary spanning-tree loops.

Enable the switchport host command to decrease the time that it takes to start up packet forwarding.

The no form of the switchport nonegotiate command removes nonegotiate status.

When using the nonegotiate keyword, Dynamic Inter-Switch Link Protocol and Dynamic Trunking Protocol (DISL/DTP)-negotiation packets are not sent on the interface. The device trunks or does not trunk according to the mode parameter given: access or trunk. This command returns an error if you attempt to execute it in dynamic (auto or desirable) mode.

You must force a port to trunk before you can configure it as a SPAN-destination port. Use the switchport nonegotiate command to force the port to trunk.

Cisco 3550, 4000, and 4500 Series Switches

The following example shows how to cause an interface to cease operating as a Layer 2 port and become a Cisco-routed (Layer 3) port: 


Router(config-if)#no switchport

Cisco Catalyst 6500 and 6000 Series Switches and Cisco 7600 Series Routers

The following example shows how to cause the port interface to stop operating as a Cisco-routed port and convert to a Layer 2-switched interface: 


Router(config-if)# 
switchport
Router(config-if)#

Note

The switchport command is not used on platforms that do not support Cisco-routed ports. All physical ports on such platforms are assumed to be Layer 2-switched interfaces.

The following example shows how to optimize the port configuration for a host connection: 


Router(config-if)# switchport host
switchport mode will be set to access
spanning-tree portfast will be enabled
channel group will be disabled
Router(config-if)#

This example shows how to cause a port interface that has already been configured as a switched interface to refrain from negotiating trunking mode and act as a trunk or access port (depending on the mode set): 


Router(config-if)# 
switchport nonegotiate
Router(config-if)#

The following example shows how to cause an interface to cease operating as a Cisco-routed port and to convert it into a Layer 2 switched interface: 


Router(config-if)# 
switchport

Note

The switchport command is not used on platforms that do not support Cisco-routed (Layer 3) ports. All physical ports on such platforms are assumed to be Layer 2 switched interfaces.

Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

The following example shows how to set the interface to access mode: 

Router#configure terminal
Router(config)# interface ucse 1/0/0 
Router(config-if)# switchport mode access

The following example shows how to set the interface to trunk mode: 

Router#configure terminal
Router(config)# interface ucse 1/0/0
Router(config-if)# switchport mode trunk

Cisco 1000 Series Integrated Services Routers with 4 or 8 Front-Panel Switch Ports

The following example shows how to convert a flex port to a Layer 3 port:

Device# configure terminal
Device(config)# interface GigabitEthernet 0/1/6
Device(config-if)# no switchport
Device(config-if)# ip address 10.10.0.1 255.255.255.0
Device(config-if)# exit

The following example shows how to convert a flex port to a Layer 2 port:

Device# configure terminal
Device(config)# interface GigabitEthernet 0/1/6
Device(config-if)# switchport
Device(config-if)# switchport mode access
Device(config-if)# exit

Related Commands

Command

Description

show interfaces switchport

Displays the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings.

show running-config

Displays the current operating configuration.

switchport access vlan

Sets the VLAN when the interface is in Access mode.

switchport mode

Sets the interface type: Access or Trunk

switchport trunk

Sets trunk characteristics when the interface is in Trunk mode.

switchport access vlan

To set the VLAN when the interface is in access mode, use the switchport access vlan command in interface configuration or template configuration mode. To reset the access-mode VLAN to the appropriate default VLAN for the device, use the no form of this command.

switchport access vlan vlan-id

no switchport access vlan

Syntax Description

vlan-id

VLAN to set when the interface is in access mode; valid values are from 1 to 4094.

Valid values for Cisco UCS E-Series Servers installed in Cisco 4400 Integrated Services Routers are:

  • 1-2349—VLAN ID Range 1

  • 2450-4095—VLAN ID Range 2

Command Default

The defaults are as follows:

  • Access VLAN and trunk-interface native VLAN are default VLANs that correspond to the platform or interface hardware.

  • All VLAN lists include all VLANs.

Command Modes

Interface configuration (config-if)

Template configuration (config-template)

Command History

Release

Modification

12.2(14)SX

Support for this command was introduced on the Supervisor Engine 720.

12.2(17d)SXB

Support for this command on the Supervisor Engine 2 was extended to Release 12.2(17d)SXB.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

Cisco IOS XE Release 3.9S

This command was implemented on Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Routers (ISR).

Cisco IOS XE Release 3.6E

This command was integrated into Cisco IOS XE Release 3.6E. This command is supported in template configuration mode.

Usage Guidelines

You must enter the switchport command without any keywords to configure the LAN interface as a Layer 2 interface before you can enter the switchport access vlan command. This action is required only if you have not entered the switchport command for the interface.

Entering the no switchport command shuts down the port and then reenables it. This action may generate messages on the device to which the port is connected.

The no form of the switchport access vlan command resets the access-mode VLAN to the appropriate default VLAN for the device.

The following example shows how to stop the port interface from operating as a Cisco-routed port and convert to a Layer 2 switched interface: 


Device(config-if)# switchport

Note

The switchport command is not used on platforms that do not support Cisco-routed ports. All physical ports on such platforms are assumed to be Layer 2-switched interfaces.

The following example shows how to make a port interface that has already been configured as a switched interface to operate in VLAN 2 instead of the platform’s default VLAN in interface configuration mode: 


Device(config-if)# switchport access vlan 2

The following example shows how to make a port interface that has already been configured as a switched interface to operate in VLAN 2 instead of the platform’s default VLAN, using an interface template in template configuration mode: 


Device# configure terminal
Device(config)# template user-template1
Device(config-template)# switchport access vlan 2 
Device(config-template)# end

Related Commands

Command

Description

show interfaces switchport

Displays the administrative and operational status of a switching (nonrouting) port.

switchport

Configures a LAN interface as a Layer 2 interface.

switchport mode

To set the interface type, use the switchport mode command in interface configuration mode. Use the appropriate no form of this command to reset the mode to the appropriate default mode for the device.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

switchport mode {access | trunk}

no switchport mode

Cisco Catalyst 6500/6000 Series Switches

switchport mode {access | dot1q-tunnel | dynamic {auto | desirable} | trunk}

no switchport mode

Cisco 7600 Series Routers

switchport mode {access | dot1q-tunnel | dynamic {auto | desirable} | private-vlan | trunk}

no switchport mode

switchport mode private-vlan {host | promiscuous}

no switchport mode private-vlan

Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

switchport mode {access | trunk}

no switchport mode {access | trunk}

Syntax Description

access

Sets a nontrunking, nontagged single VLAN Layer 2 interface.

trunk

Specifies a trunking VLAN Layer 2 interface.

dot1q-tunnel

Sets the trunking mode to TUNNEL unconditionally.

dynamic auto

Sets the interface to convert the link to a trunk link.

dynamic desirable

Sets the interface to actively attempt to convert the link to a trunk link.

private vlan host

Specifies that the ports with a valid private VLAN (PVLAN) association become active host private VLAN ports.

private vlan promiscuous

Specifies that the ports with a valid PVLAN mapping become active promiscuous ports.

Table 5. Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

access

Sets a nontrunking, nontagged single VLAN Layer 2 interface.

trunk

Specifies a trunking VLAN Layer 2 interface.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The default is access mode.

The default mode is dependent on the platform; it should be either dynamic auto for platforms that are intended as wiring closets or dynamic desirable for platforms that are intended as backbone switches. The default for PVLAN ports is that no mode is set.

The defaults are as follows:

  • The mode is dependent on the platform; it should either be dynamic auto for platforms that are intended for wiring closets or dynamic desirable for platforms that are intended as backbone switches.

  • No mode is set for PVLAN ports.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

12.0(7)XE

This command was introduced on the Cisco Catalyst 6000 family switches.

12.1(1)E

This command was integrated on the Cisco Catalyst 6000 family switches.

12.1(8a)EX

The switchport mode private -vlan {host | promiscuous } syntax was added.

12.2(2)XT

Creation of switchports became available on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

12.2(8)T

This command was integrated into Cisco IOS Release 12.2(8)T for creation of switchports on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

12.2(14)SX

Support for this command was introduced on the Supervisor Engine 720.

12.2(17d)SXB

Support for this command on the Supervisor Engine 2 was extended to Cisco IOS Release 12.2(17d)SXB.

Cisco IOS XE Release 3.9S

This command was implemented on Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Routers (ISR).

Usage Guidelines

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

If you enter a forced mode, the interface does not negotiate the link to the neighboring interface. Ensure that the interface ends match.

The no form of the command is not supported on the Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

Cisco Catalyst 6500/6000 Switches and Cisco 7600 Series Routers

If you enter access mode, the interface goes into permanent nontrunking mode and negotiates to convert the link into a nontrunk link even if the neighboring interface does not agree to the change.

If you enter trunk mode, the interface goes into permanent trunking mode and negotiates to convert the link into a trunk link even if the neighboring interface does not agree to the change.

If you enter dynamic auto mode, the interface converts the link to a trunk link if the neighboring interface is set to trunk or desirable mode.

If you enter dynamic desirable mode, the interface becomes a trunk interface if the neighboring interface is set to trunk , desirable , or auto mode.

If you configure a port as a promiscuous or host-PVLAN port and one of the following applies, the port becomes inactive:

  • The port does not have a valid PVLAN association or mapping configured.

  • The port is a SPAN destination.

If you delete a private-port PVLAN association or mapping, or if you configure a private port as a SPAN destination, the deleted private-port PVLAN association or mapping or the private port that is configured as a SPAN destination becomes inactive.

If you enter dot1q-tunnel mode, PortFast Bridge Protocol Data Unit (BPDU) filtering is enabled and Cisco Discovery Protocol (CDP) is disabled on protocol-tunneled interfaces.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The following example shows how to set the interface to access mode: 

Router#configure terminal
Router(config)# interface fastethernet 4/1 
Router(config-if)#switchport mode access

The following example shows how to set the interface to trunk mode: 

Router#configure terminal
Router(config)# interface fastethernet 4/1
Router(config-if)#switchport mode trunk

Cisco Catalyst 6500/6000 Switches and Cisco 7600 Series Routers

The following example shows how to set the interface to dynamic desirable mode: 

Router#configure terminal
Router(config)# interface fastethernet 4/1
Router(config-if)# switchport mode dynamic desirable

The following example shows how to set a port to PVLAN-host mode: 

Router#configure terminal
Router(config)# interface fastethernet 4/1
Router(config-if)# switchport mode private-vlan host

The following example shows how to set a port to PVLAN-promiscuous mode: 

Router#configure terminal 
Router(config)# interface fastethernet 4/1
Router(config-if)# switchport mode private-vlan promiscuous

The following example shows how to configure tunneling on port 4/1 and verify the configuration: 

Router#configure terminal 
Router(config)# interface fastethernet 4/1
Router(config-if)# switchport mode dot1q-tunnel
Router(config-if)# end

Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

The following example shows how to set the interface to access mode: 

Router#configure terminal
Router(config)# interface ucse 1/0/0 
Router(config-if)# switchport mode access

The following example shows how to set the interface to trunk mode: 

Router#configure terminal
Router(config)# interface ucse 1/0/0
Router(config-if)# switchport mode trunk

Related Commands

Command

Description

show dot1q-tunnel

Displays a list of 802.1Q tunnel-enabled ports.

show interfaces switchport

Displays administrative and operational status of a switching (nonrouting) port.

show interfaces trunk

Displays trunk information.

switchport

Modifies the switching characteristics of the Layer 2-switched interface.

switchport private vlan host association

Defines a PVLAN association for an isolated or community port.

switchport private vlan mapping

Defines the PVLAN mapping for a promiscuous port.

switchport trunk

Sets trunk characteristics when the interface is in trunking mode.

switchport trunk

To set the trunk characteristics when the interface is in trunking mode, use the switchport trunk command in interface configuration mode. To reset all of the trunking characteristics back to the original defaults, use the no form of this command.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

switchport trunk {encapsulation dot1q | native vlan | allowed vlan}

no switchport trunk {encapsulation dot1q | native vlan | allowed vlan}

Cisco 7600 Series Routers and Catalyst 6500 Series Switches

{switchport trunk encapsulation {isl | dot1q [ethertype value] | negotiate} | native vlan {tag | vlan-id} | allowed vlan vlan-list | pruning vlan vlan-list}

no switchport trunk {encapsulation {isl | dot1q [ethertype value] | negotiate} | native vlan [tag] | allowed vlan | pruning vlan}

Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

switchport trunk {native vlan vlan-id | allowed vlan vlan-list}

no switchport trunk {native vlan vlan-id | allowed vlan vlan-list}

Syntax Description

encapsulation isl

Sets the trunk encapsulation format to Inter-Switch Link (ISL).

encapsulation dot1q

Sets the trunk encapsulation format to 802.1Q.

native vlan

Sets the native VLAN for the trunk in 802.1Q trunking mode.

allowed vlan vlan list

Sets the list of allowed VLANs that transmit traffic from this interface in tagged format when in trunking mode.

ethertype value

(Optional) Sets the EtherType value; valid values are from 0x0 to 0x5EF-0xFFFF.

encapsulation negotiate

Specifies that if the Dynamic Inter-Switch Link (DISL) protocol and Dynamic Trunking Protocol (DTP) negotiation do not resolve the encapsulation format, ISL is the selected format.

native vlan tag

Enables the native VLAN tagging state on the interface.

native vlan vlan id

The particular native VLAN.

pruning vlan vlan list

Sets the list of VLANs that are enabled for VLAN Trunking Protocol (VTP) pruning when the interface is in trunking mode. See the “Usage Guidelines” section for the vlan list argument formatting guidelines.

Table 6. Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers

native vlan vlan-id

The particular native VLAN. Valid values are:

  • 1-2349—VLAN ID Range 1

  • 2450-4095—VLAN ID Range 2

allowed vlan vlan-list

Sets the list of allowed VLANs that transmit traffic from this interface in tagged format when in trunking mode.

Note

 

For vlan-list format, see Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers section under Usage Guidelines.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

  • The default encapsulation type is dot1q.

  • The default access VLAN and trunk interface native VLAN are default VLANs that correspond to the platform or interface hardware.

  • The default for all VLAN lists is to include all VLANs.

  • The encapsulation type is dependent on the platform or interface hardware.

  • The access VLAN and trunk interface native VLAN are default VLANs that correspond to the platform or interface hardware.

  • The default for all VLAN lists is to include all VLANs.

  • ethertype value for 802.1Q encapsulation is 0x8100.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

12.0(7)XE

This command was introduced on the Catalyst 6500 series switches.

12.1(1)E

Switchport creation on Catalyst 6500 series switches was added.

12.2(2)XT

This command was introduced to support switchport creation on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

12.2(8)T

This command was integrated into Cisco IOS Release 12.2(8)T to support switch port creation on Cisco 2600 series, Cisco 3600 series, and Cisco 3700 series routers.

12.2(14)SX

This command was integrated into Cisco IOS Release 12.2(14)SX to support the Supervisor Engine 720 on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.2(17a)SX

This command was modified to include the following:

  • Restriction of ISL trunk-encapsulation.

  • Addition of the dot1q keyword and ethertype value keyword and argument.

12.2(17d)SXB

Support for the Supervisor Engine 2 on the Cisco 7600 series routers and Catalyst 6500 series switches was added.

12.2(18)SXD

This command was modified to allow the switchport trunk allowed vlan command to be entered on interfaces where the span destination port is either a trunk or an access port.

12.2(18)SXE

This command added a restriction that Gigabit Ethernet (GE) Optimized Layer 2 WAN ports are not supported on the Supervisor Engine 720.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.4(15)T

This command was modified to extend the range of valid VLAN IDs from 1 to 4094 for specified platforms.

12.2(33)SXH

This command was changed as follows:

  • Allowed the tagging of native VLAN traffic on a per-port basis.

  • Introduced on the Supervisor Engine 720-10GE.

Cisco IOS XE Release 3.9S

This command was implemented on Cisco UCS E-Series Servers installed in the Cisco 4400 Series Integrated Services Routers (ISR).

Usage Guidelines

802.1Q Trunks

  • When you connect Cisco switches through an 802.1Q trunk, make sure that the native VLAN for an 802.1Q trunk is the same on both ends of the trunk link. If the native VLAN on one end of the trunk is different from the native VLAN on the other end, spanning-tree loops might result.

  • Disabling spanning tree on the native VLAN of an 802.1Q trunk without disabling spanning tree on every VLAN in the network can cause spanning-tree loops. Cisco recommends that you leave spanning tree enabled on the native VLAN of an 802.1Q trunk. If this is not possible, disable spanning tree on every VLAN in the network. Make sure that your network is free of physical loops before disabling spanning tree.

  • When you connect two Cisco switches through 802.1Q trunks, the switches exchange spanning-tree bridge protocol data units (BPDUs) on each VLAN allowed on the trunks. The BPDUs on the native VLAN of the trunk are sent untagged to the reserved IEEE 802.1d spanning-tree multicast MAC address (01-80-C2-00-00-00). The BPDUs on all other VLANs on the trunk are sent tagged to the reserved Shared Spanning Tree Protocol (SSTP) multicast MAC address (01-00-0c-cc-cc-cd).

  • The 802.1Q switches that are not Cisco switches maintain only a single instance of spanning-tree (Mono Spanning Tree [MST]) that defines the spanning-tree topology for all VLANs. When you connect a Cisco switch to a switch through an 802.1Q trunk without a Cisco switch, the MST of the switch and the native VLAN spanning tree of the Cisco switch combine to form a single spanning-tree topology known as the Common Spanning Tree (CST).

  • Because Cisco switches transmit BPDUs to the SSTP multicast MAC address on VLANs other than the native VLAN of the trunk, switches that are not Cisco switches do not recognize these frames as BPDUs and flood them on all ports in the corresponding VLAN. Other Cisco switches connected to the 802.1Q cloud receive these flooded BPDUs. This condition allows Cisco switches to maintain a per-VLAN spanning-tree topology across a cloud of 802.1Q switches that are not Cisco switches. The 802.1Q cloud of switches separating the Cisco switches is treated as a single broadcast segment among all switches connected to the 802.1Q cloud of switches that are not Cisco switches through 802.1Q trunks.

  • Make sure that the native VLAN is the same on all of the 802.1Q trunks that connect the Cisco switches to the 802.1Q cloud of switches that are not Cisco switches.

  • If you are connecting multiple Cisco switches to a 802.1Q cloud of switches that are not Cisco switches, all of the connections must be through 802.1Q trunks. You cannot connect Cisco switches to an 802.1Q cloud of switches that are not Cisco switches through ISL trunks or through access ports. Doing so will cause the switch to place the ISL trunk port or access port into the spanning-tree “port inconsistent” state and no traffic will pass through the port.

Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers

The switchport trunk encapsulation command is supported only for platforms and interface hardware that can support 802.1Q formats.

The vlan list format is all | none | add | remove | except vlan list [,vlan list ...] where:

  • all --Specifies all VLANs from 1 to 1005. Beginning with Cisco IOS Release 12.4(15)T, the valid VLAN ID range is from 1 to 4094.

  • none --Indicates an empty list. This keyword is not supported in the switchport trunk allowed vlan form of the command.

  • add --Adds the defined list of VLANs to those currently set instead of replacing the list.

  • remove --Removes the defined list of VLANs from those currently set instead of replacing the list.

  • except --Lists the VLANs that should be calculated by inverting the defined list of VLANs.

  • vlan list-- Is either a single VLAN number from 1 to 1005 or a continuous range of VLANs described by two VLAN numbers, the lesser one first, separated by a hyphen that represents the VLAN IDs of the allowed VLANs when this port is in trunking mode. Beginning with Cisco IOS Release 12.4(15)T, the valid VLAN ID range is from 1 to 4094.

Cisco 7600 Series Routers and Catalyst 6500 Series Switches

This command is not supported on GE Layer 2 WAN ports.

You can enter the switchport trunk command only on the PO. If you enter the switchport trunk command on a port member the following message is displayed: 


Configuration is not allowed on Port members. Remove the interface from the Port Channel to modify its config

The switchport trunk encapsulation dot1q command is supported only for platforms and interface hardware that can support both ISL and 802.1Q formats. Only 802.1Q encapsulation is supported by shared port adapters (SPAs).

If you enter the switchport trunk encapsulation isl command on a port channel containing an interface that does not support ISL-trunk encapsulation, the command is rejected.

You can enter the switchport trunk allowed vlan command on interfaces where the span destination port is either a trunk or an access port.

You can enter the switchport trunk native vlan tag command to enable the tagging of native VLAN traffic on a per-port basis. When tagging is enabled, all the packets on the native VLAN are tagged and all incoming untagged data packets are dropped, but untagged control packets are accepted. When tagging is disabled, the native VLAN packets going out on trunk ports are not tagged and the incoming untagged packets are allowed and assigned to the native VLAN. The no switchport trunk native vlan tag command overrides the vlan dot1q tag native command for global tagging.


Note

The switchport trunk native vlan tag interface configuration mode command does not enable native VLAN tagging unless you first configure the switch to tag native VLAN traffic globally. To enable native VLAN tagging globally, use the vlan dot1q tag native command in global configuration mode.


Note

The switchport trunk pruning vlan vlan-list command does not support extended-range VLANs; valid vlan-list values are from 1 to 1005.

The dot1q ethertype value keyword and argument are not supported on port-channel interfaces. You can enter the command on the individual port interface only. Also, you can configure the ports in a channel group to have different EtherType configurations.


Caution

Be careful when configuring the custom EtherType value on a port. If you enter the negotiate keyword and DISL and Dynamic Trunking Protocol (DTP) negotiation do not resolve the encapsulation format, then ISL is the selected format and may pose as a security risk. The no form of this command resets the trunk-encapsulation format to the default.

  • The no form of the switchport trunk native vlan command resets the native mode VLAN to the appropriate default VLAN for the device.

  • The no form of the switchport trunk native vlan tag command configures the Layer 2 port not to tag native VLAN traffic.

  • The no form of the switchport trunk allowed vlan command resets the list to the default list, which allows all VLANs.

  • The no form of the switchport trunk pruning vlan command resets the list to the default list, which enables all VLANs for VTP pruning.

  • The no form of the switchport trunk encapsulation dot1qethertype value command resets the list to the default value.

The vlan-list format is all | none | add | remove | except [vlan-list [, vlan-list ...]] where:

  • all --Specifies all the appropriate VLANs. This keyword is not supported in the switchporttrunkpruningvlan command.

  • none --Indicates an empty list. This keyword is not supported in the switchporttrunkallowedvlan command.

  • add vlan-list , vlan-list... ]-- Adds the defined list of VLANs to those currently set instead of replacing the list.

  • remove vlan-list , vlan-list... ]-- Removes the defined list of VLANs from those currently set instead of replacing the list. You can remove VLAN 1. If you remove VLAN 1 from a trunk, the trunk interface continues to send and receive management traffic (for example, Cisco Discovery Protocol, version 3; VTP; Port Aggregation Protocol, version 4 (PAgP4); and DTP) in VLAN 1.


Note

You can remove any of the default VLANs (1002 to 1005) from a trunk; this action is not allowed in earlier releases.

  • except vlan-list , vlan-list... ] --Excludes the specified list of VLANs from those currently set instead of replacing the list.

  • vlan-list , vlan-list... -- Specifies a single VLAN number from 1 to 4094 or a continuous range of VLANs that are described by two VLAN numbers from 1 to 4094. You can specify multiple VLAN numbers or ranges of numbers using a comma-separated list.

To specify a range of VLANs, enter the smaller VLAN number first, separated by a hyphen and the larger VLAN number at the end of the range.

Do not enable the reserved VLAN range (1006 to 1024) on trunks when connecting a Cisco 7600 series router running the Cisco IOS software on both the supervisor engine and the Multilayer Switch Feature Card (MSFC) to a Cisco 7600 series router running the Catalyst operating system. These VLANs are reserved in Cisco 7600 series routers running the Catalyst operating system. If enabled, Cisco 7600 series routers running the Catalyst operating system may disable the ports if a trunking channel is between these systems.

Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers


Note

To set trunk characteristics, the interface must be in trunk mode.
The vlan-list format is all | none | add | remove | except | WORD , where:

  • all —Specifies all VLANs: 1-2349—VLAN IDs in range 1; and 2450-4095—VLAN IDs in range 2.

  • none —Indicates an empty list.

  • add —Adds the defined list of VLANs to those currently set instead of replacing the list.

  • remove —Removes the defined list of VLANs from those currently set instead of replacing the list.

  • except —Lists the VLANs that should be calculated by inverting the defined list of VLANs.

  • WORD —Is either a single VLAN number from 1 to 4095 or a continuous range of VLANs described by two VLAN numbers, the lesser one first, separated by a hyphen that represents the VLAN IDs of the allowed VLANs when this port is in trunking mode.

The following example shows how to cause a port interface configured as a switched interface to encapsulate in 802.1Q trunking format regardless of its default trunking format in trunking mode:

Router(config-if)# switchport trunk encapsulation dot1q

The following example shows how to configure the Layer 2 port to tag native VLAN traffic: 


Router(config-if)# 
switchport trunk native vlan tag

Cisco UCS E-Series Server Installed in Cisco 4400 Integrated Services Routers


Note

To set trunk characteristics, the interface must be in trunk mode.

The following example shows how to allow trunking on specified VLANs:

Router(config)# interface ucse 1/0/0 
Router(config-if)# switchport mode trunk 
Router(config-if)# switchport trunk allowed vlan 1-2,40,60,1002-1005

Related Commands

Command

Description

show interfaces switchport

Displays administrative and operational status of a switching (nonrouting) port.

vlan dot1q tag native

Enables dot1q tagging for all VLANs in a trunk.