Catalyst 2950 Switch Command Reference

download Catalyst 2950 Switch Command Reference

of 674

Transcript of Catalyst 2950 Switch Command Reference

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    1/672

     

    Am ericas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan J ose, CA 95134-1706USAhttp://www.cisco.com Tel: 408 526-4000

    800 553-NETS (6387)Fax: 408 527-0883

    Catalyst 2950 and Catalyst 29 55 Sw itch

    Command ReferenceCisco IOS Release 12.1(22)EA11 and Later March 2008

     Text Part Number: OL-10102-02

    http://www.cisco.com/http://www.cisco.com/

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    2/672

     

    THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL

    STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT

    WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

    THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT

    SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE

    OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

    The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public

    domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

    NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH

    ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT

    LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF

    DEALING, USAGE, OR TRADE PRACTICE.

    IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,

    WITHOUT LIMITATION, LOST PROFITS OR L OSS OR DAMAGE TO DATA ARISING OUT OF THE USE O R INABILITY TO USE THIS MANUAL, EVEN IF CISCO

    OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

    CCDE, CCVP, Cisco Eos, Cisco StadiumVision, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and

    Learn is a service mark; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the

    Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration WithoutLimitation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient,

    IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace,

    MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise,

    The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the

    United States and certain other countries.

    All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship

    between Cisco and any other company. (0801R)

    Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the

    document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

    Catalyst 2950 and Catalyst 2955 Switch Command Reference Copyright © 2006 - 2008 Cisco Systems, Inc. All rights reserved

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    3/672

     

    ii i

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    C O N T E N T S

    Preface  xv

    Audience  xv

    Purpose  xv

    Conventions  xv

    Related Publication s  xvi

    Obtaining Documentat ion and Submitt ing a Service Request  xvii

    Using the Command-Line Interface  1-1

    Type of M emory  1-1

    Platforms  1-1

    CLI Command M odes  1-2

    User EXEC M ode  1-3

    Privil eged EXEC M ode  1-3

    Global Configuration M ode  1-4

    Interface Configuration M ode  1-4

    config-vlan M ode  1-4

    VLAN Configuration M ode  1-5

    Line Configurat ion M ode  1-5

    Command Summary  1-6

    Catalyst 2950 and 2955 Cisco IOS Commands  2-1

    aaa accounting dot1x  2-1

    aaa authentication dot1x  2-3

    access-list (IP extended)  2-5

    access-list (IP standard)  2-8

    archive download-sw   2-10

    archive tar  2-12

    archive upload-sw   2-15

    auto qos voip  2-17

    boot boothlpr  2-21

    boot buffersize  2-22

    boot config-fi le  2-23

    boot enable-break  2-24

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    4/672

     Contents

    iv

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    boot helper  2-25

    boot helper-config-fi le  2-26

    boot manual  2-27

    boot private-config-fi le   2-28

    boot system  2-29

    channel-group  2-30

    channel-protocol  2-33

    class  2-35

    class-map  2-37

    clear controllers ethernet-controller  2-39

    clear controllers lre  2-41

    clear controllers lre link monitor  2-42clear controllers lre log  2-43

    clear interface  2-44

    clear lacp  2-45

    clear lre rate selection  2-46

    clear mac address-table  2-47

    clear pagp  2-49

    clear port-security  2-50

    clear spanning-tree counters  2-52

    clear spanning-tree detected-protocols  2-53

    clear vmps statistics  2-54

    clear vtp counters  2-55

    cluster commander-address  2-56

    cluster di scovery hop-count  2-58

    cluster enable  2-59

    cluster holdtim e  2-60

    cluster management-vlan  2-61

    cluster member  2-62

    cluster run  2-64

    cluster standby-group  2-65

    cluster t imer  2-67

    controller longreachethernet   2-68

    cpe duplex  2-69

    cpe protected  2-71

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    5/672

     Contents

    v

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    cpe shutdow n  2-72

    cpe speed  2-74

    cpe toggle  2-76

    cpe type  2-78

    define interface-range  2-79

    delete  2-81

    deny (access-list configurati on)  2-82

    deny (M AC access-list configuration)  2-85

    dot1x  2-87

    dot1x auth-fail max-attempts  2-89

    dot1x auth-fail vlan  2-90

    dot1x control-direction  2-92dot1x default   2-94

    dot1x guest-vlan  2-95

    dot1x host-mode  2-97

    dot1x initialize  2-98

    dot1x max-req  2-99

    dot1x multi ple-hosts  2-100

    dot1x port-control   2-101

    dot1x re-authenticate 2-103

    dot1x re-authentication 2-104

    dot1x reauthentication 2-105

    dot1x timeout   2-106

    duplex  2-108

    errdisable detect cause  2-110

    errdisable recovery  2-112

    f lowcontrol   2-114

    hw -module slot  2-118

    interface  2-121

    interface port-channel  2-123

    interface range  2-124

    interleave   2-126

    ip access-group  2-128

    ip access-list   2-130

    ip address  2-132

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    6/672

     Contents

    vi

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    ip dhcp snooping  2-133

    ip dhcp snooping information option   2-134

    ip dhcp snooping information option allow -untrusted  2-136

    ip dhcp snooping l imit rate  2-138

    ip dhcp snooping trust   2-139

    ip dhcp snooping vlan  2-140

    ip igmp fi l ter  2-141

    ip igmp max-groups  2-142

    ip igmp profi le  2-144

    ip igmp snooping  2-146

    ip igmp snooping mrout er learn pim v2  2-147

    ip igmp snooping report -suppression  2-149ip igmp snooping source-only-learning  2-151

    ip igmp snooping vlan  2-153

    ip igmp snooping vlan immediate-leave  2-154

    ip igmp snooping vlan last-mem ber-query interval  2-155

    ip igmp snooping vlan mrouter  2-156

    ip igmp snooping vlan static  2-158

    ip ssh  2-159

    lacp port-priority  2-161

    lacp system-priority  2-163

    l ink monitor  2-165

    l ink monitor logging  2-166

    link monitor threshold rserr  2-167

    link monitor threshold snr   2-169

    local duplex  2-170

    local speed  2-171

    logging lre  2-172

    lre profi le  2-173

    lre rate selection sequence  2-175

    lre sequence  2-177

    lre syslog  2-179

    lre upbo  2-180

    lre upgrade default f amily  2-182

    mac access-group  2-184

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    7/672

     Contents

    vii

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    mac access-list extended  2-186

    mac address-table aging-time  2-188

    mac address-table notification  2-190

    mac address-table static  2-192

    mac address-table static drop  2-194

    macro apply  2-196

    macro description  2-199

    macro global  2-200

    macro global description  2-202

    macro name  2-203

    margin   2-205

    match  2-207media-type   2-209

    mls qos cos  2-211

    mls qos map  2-213

    mls qos trust   2-216

    monitor session  2-219

    mvr  2-222

    mvr immediate  2-225

    mvr type  2-227

    mvr vlan group  2-229

    pagp learn-method  2-230

    pagp port-priority  2-232

    permit (access-list configuration)  2-233

    permit (M AC access-list configurati on)  2-236

    persistence  2-238

    police  2-239

    policy-map  2-241

    port-channel load-balance  2-244

    profile (interface configuration)  2-246

    profile (sequence configurat ion)  2-248

    rate selection  2-250

    rate selection profile lock  2-251

    rate selection sequence  2-252

    rcommand  2-254

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    8/672

     Contents

    viii

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    remote-span  2-256

    rmon collection stats  2-258

    service passw ord-recovery  2-259

    service-policy  2-261

    set   2-262

    setup express  2-264

    show access-lists  2-266

    show auto qos  2-268

    show boot   2-271

    show class-map  2-273

    show cluster  2-275

    show cluster candidates  2-277show cluster members  2-279

    show controllers ethernet-controller  2-281

    show controllers lre cpe  2-290

    show controllers lre actual   2-293

    show controllers lre admin  2-296

    show controllers lre l ink monitor  2-298

    show controllers lre log  2-301

    show controllers lre profi le  2-303

    show controllers lre sequence  2-306

    show controllers lre status  2-308

    show controllers lre version  2-313

    show controllers uti l i zation  2-314

    show dot1x  2-316

    show env  2-320

    show errdisable recovery  2-321

    show etherchannel  2-323

    show f i le  2-326

    show f lowcontrol   2-329

    show int erfaces  2-331

    show interfaces counters  2-340

    show inventory  2-343

    show ip access-lists  2-344

    show ip dhcp snooping  2-346

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    9/672

     Contents

    ix

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    show ip dhcp snooping binding  2-347

    show ip igmp profi le  2-349

    show i p igmp snooping  2-350

    show ip igmp snooping querier detail  2-353

    show lacp  2-355

    show lre upgrade  2-357

    show mac access-group  2-361

    show mac address-table  2-363

    show mac address-table multicast   2-366

    show mac address-table notification  2-368

    show m ls masks  2-369

    show m ls qos interface  2-371show m ls qos maps  2-373

    show monitor  2-375

    show mvr  2-377

    show mvr interface  2-378

    show m vr members  2-380

    show pagp  2-382

    show parser macro  2-384

    show policy-map  2-387

    show port-security   2-389

    show rps  2-391

    show running-config vlan  2-393

    show setup express  2-395

    show spanning-tree  2-396

    show storm-control  2-401

    show system mtu  2-404

    show udld  2-405

    show version  2-408

    show vlan  2-410

    show vmps  2-413

    show vtp  2-415

    show wrr-queue bandwidth  2-420

    show w rr-queue cos-map  2-421

    shutdown  2-422

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    10/672

     Contents

    x

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    shutdown vlan  2-423

    snmp-server enable traps 2-424

    snmp-server host   2-427

    snmp trap mac-notification  2-431

    spanning-tree backbonefast   2-432

    spanning-tree bpdufilter 2-433

    spanning-tree bpduguard 2-435

    spanning-tree cost   2-437

    spanning-tree etherchannel guard misconfig  2-439

    spanning-tree extend system-id  2-441

    spanning-tree guard  2-443

    spanning-tree link-type  2-445spanning-tree loopguard default   2-446

    spanning-tree mode  2-448

    spanning-tree mst configuration  2-450

    spanning-tree mst cost   2-452

    spanning-tree mst forw ard-time  2-454

    spanning-tree mst hello-time  2-455

    spanning-tree mst max-age  2-456

    spanning-tree mst max-hops  2-458

    spanning-tree mst port-priority  2-459

    spanning-tree mst priority  2-461

    spanning-tree mst root   2-462

    spanning-tree port-priority  2-464

    spanning-tree portfast (global configuration)  2-466

    spanning-tree portfast (interface configuration)  2-468

    spanning-tree st ack-port   2-470

    spanning-tree uplinkfast   2-472

    spanning-tree vlan  2-474

    speed  2-477

    storm-control   2-480

    swit chport access  2-483

    swi tchport block  2-485

    swi tchport host   2-487

    swit chport mode  2-489

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    11/672

     Contents

    xi

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    swi tchport nonegotiate  2-491

    swi tchport port-security  2-493

    switchport port-security aging  2-497

    swi tchport priority extend  2-499

    swi tchport protected  2-501

    swi tchport trunk  2-502

    swi tchport voice vlan  2-505

    system mtu  2-507

    traceroute mac  2-509

    traceroute mac ip  2-512

    udld  2-514

    udld port   2-516udld reset   2-518

    upgrade binary  2-519

    upgrade p reserve  2-520

    vlan (global configuration)  2-521

    vlan (VLAN configu ration)  2-527

    vlan database  2-533

    vmps reconfirm (global configuration)  2-536

    vmps reconfirm (privileged EXEC)  2-537

    vmps retry  2-538

    vmps server  2-539

    vtp (global configuration)  2-541

    vtp (privileg ed EXEC)  2-545

    vtp (VLAN configurat ion)  2-547

    w rr-queue bandwidth   2-551

    wrr-queue cos-map  2-553

    Catalyst 2955 AlarmCommands  A-1

    alarm facility fcs-hysteresis  A-2

    alarm facil i ty power-supply  A-3

    alarm facil i ty t emperature  A-4

    alarm profile (global configuration)  A-6

    alarm profile (interface configuration)  A-8

    fcs-threshold  A-9

    power-supply dual  A-10

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    12/672

     Contents

    xi i

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    show alarm description port   A-11

    show alarm profi le  A-12

    show alarm settings  A-14

    show env  A-16

    show facil i ty-alarm relay  A-18

    show f acil i ty-alarm status  A-19

    show fcs-threshold  A-20

    test relay  A-21

    Catalyst 2950 and 2955 SwitchBoot Loader Commands  B-1

    boot   B-2

    cat   B-3copy  B-4

    delete  B-5

    di r  B-6

    f lash_init   B-8

    format  B-9

    fsck  B-10

    help  B-11

    load_helper  B-12

    memory  B-13

    mkdir  B-15

    more  B-16

    rename  B-17

    reset  B-18

    rmdir  B-19

    set   B-20

    type  B-23

    unset  B-24

    version  B-26

    Catalyst 2950 and 2955 Switch Debug Commands  C-1

    debug auto qos  C-2

    debug dot1x  C-4

    debug etherchannel  C-5

    debug lre  C-6

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    13/672

     Contents

    xiii

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    debug pagp  C-7

    debug pm  C-8

    debug spanning-tree  C-10

    debug spanning-tree backbonefast   C-12

    debug spanning-tree bpdu  C-13

    debug spanning-tree bpdu-opt   C-14

    debug spanning-tree mstp  C-15

    debug spanning-tree switch  C-17

    debug spanning-tree uplinkfast   C-19

    debug swit ch dhcp  C-20

    debug sw-vlan  C-21

    debug sw -vlan ifs  C-23debug sw-vlan notification  C-24

    debug sw-vlan vtp  C-26

    debug udld  C-28

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    14/672

     Contents

    xiv

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    15/672

     

    xv

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Preface

    AudienceThis guide is for the networking professional using the Cisco IOS command-line interface (CLI) to

    manage the Catalyst 2950 and 2955 switches, hereafter referred to as the switches. Before using thisguide, you should have experience working with the Cisco IOS and be familiar with the concepts and

    terminology of Ethernet and local area networking.

    PurposeThe Catalyst 2950 switch is supported by either the standard software image (SI) or the enhanced

    software image (EI). The Catalyst 2955 and the Catalyst 2950 Long-Reach Ethernet (LRE) switches are

    supported only by the EI. The EI provides a richer set of features, including access control lists (ACLs),

    enhanced quality of service (QoS) features, extended-range VLANs, the IEEE 802.1s Multiple STP,

    Remote Switched Port Analyzer (RSPAN), and unicast MAC address filtering.

    This guide provides the information you need about the commands that have been created or changed

    for use with the Catalyst 2950 family of switches. For information about the standard Cisco IOS Release

    12.1 commands, see the Cisco IOS documentation set available from the Cisco.com home page by

    selecting Service and Support > Technical Documents. On the Cisco Product Documentation homepage, select Release 12.1 from the Cisco IOS Software drop-down list.

    This guide does not provide procedures for configuring your switch. For detailed configuration

    procedures, see the software configuration guide for this release.

    This guide does not describe system messages you might encounter. For more information, see the

    system message guide for this release.

    For documentation updates, see the release notes for this release.

    ConventionsThis guide uses these conventions to convey instructions and information:

    Command descriptions use these conventions:

      Commands and keywords are in boldface text.

    • Arguments for which you supply values are in italic.

      • Square brackets ([ ]) mean optional elements.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    16/672

     

    xvi

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Preface

     

    • Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.

      • Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional

    element.

    Interactive examples use these conventions:

      • Terminal sessions and system displays are in screen font.

      • Information you enter is in boldface screen font.

      • Nonprinting characters, such as passwords or tabs, are in angle brackets (< >).

    Notes, cautions, and tips use these conventions and symbols:

    Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in

    this manual.

    Caution Means reader be careful. In this situation, you might do something that could result in equipment

    damage or loss of data.

    Related PublicationsThese documents provide complete information about the switch and are available from this URL:

    http://www.cisco.com/en/US/products/ps6738/tsd_products_support_series_home.html

    http://www.cisco.com/en/US/products/hw/switches/ps628/tsd_products_support_series_home.html

      •   Release Notes for the Catalyst 2955, Catalyst 2950, and Catalyst 2940 Switches

    •   Catalyst 2955, 2950 and 2940 Switch System Message Guide

    Note Switch requirements and procedures for initial configurations and software upgrades tend to

    change and therefore appear only in the release notes. Before installing, configuring, or

    upgrading the switch, see the release notes on Cisco.com for the latest information.

    For information about the switch, see these documents:

    •   Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

    •   Catalyst 2950 and Catalyst 2955 Switch Command Reference

    • Device manager online help (available on the switch)

    •   Catalyst 2950 Switch Hardware Installation Guide 

    •   Catalyst 2950 Switch Getting Started Guide

      •   Regulatory Compliance and Safety Information for the Catalyst 2950 Switch

    •   Catalyst 2955 Hardware Installation Guide 

    For information about related products, see these documents:

      •   Catalyst GigaStack Gigabit Interface Converter Hardware Installation Guide 

    •   CWDM Passive Optical System Installation Note

    •   1000BASE-T Gigabit Interface Converter Installation Notes

    http://www.cisco.com/en/US/products/hw/switches/ps628/tsd_products_support_series_home.htmlhttp://www.cisco.com/en/US/products/hw/switches/ps628/tsd_products_support_series_home.html

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    17/672

     

    xvii

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Preface

      •   Cisco LRE CPE Hardware Installation Guide 

    •   Installation and Warranty Notes for the Cisco LRE 48 POTS Splitter  

    •   Getting Started with Cisco Network Assistant

    •   Release Notes for Cisco Network Assistant

    •   Cisco Small Form-Factor Pluggable Modules Installation Notes 

    •   Cisco CWDM GBIC and CWDM SFP Installation Note 

    • For information about the Network Admission Control (NAC) features, see the Network Admission

    Control Software Configuration Guide

    Obtaining Documentation and Submitting a Service RequestFor information on obtaining documentation, submitting a service request, and gathering additional

    information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and

    revised Cisco technical documentation, at:

    http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

    Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed

    and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free

    service and Cisco currently supports RSS version 2.0.

    http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.htmlhttp://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    18/672

     

    xviii

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Preface

     

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    19/672

    C H A P T E R

     

    1-1

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    1Using the Command-Line Interface

    The Catalyst 2950 and 2955 switches are supported by Cisco IOS software. This chapter describes how

    to use the switch command-line interface (CLI) to configure the software features.

    For a complete description of the commands that support these features, see Chapter 2, “Catalyst 2950

    and 2955 Cisco IOS Commands.” For more information on Cisco IOS Release 12.1, see the command

    references for Cisco IOS Release 12.1 at this URL:

    http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/tsd_products_support_series_home.html

    For task-oriented configuration steps, see the software configuration guide for this release.

    The switches are preconfigured and begin forwarding packets as soon as they are attached to compatible

    devices.

    Note In this document, IP refers to IP version 4 (IPv4). Layer 3 IP version 6 (IPv6) packets are treated as

    non-IP packets.

    Type of MemoryThe switch flash memory stores the Cisco IOS software image, the startup and private configuration

    files, and helper files.

    PlatformsThis software release runs on a variety of switches. For a complete list, see the release notes.

    http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/tsd_products_support_series_home.htmlhttp://www.cisco.com/en/US/products/sw/iosswrel/ps1831/tsd_products_support_series_home.htmlhttp://www.cisco.com/en/US/products/sw/iosswrel/ps1831/tsd_products_support_series_home.html

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    20/672

     

    1-2

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 1 Using the Command-Line Interface

      CLI Command Modes

    CLI Command ModesThis section describes the CLI command mode structure. Command modes support specific Cisco IOS

    commands. For example, the interface type_number  command works only when entered in globalconfiguration mode. These are the main command modes:

      • User EXEC

    • Privileged EXEC

    • Global configuration

    • Interface configuration

    • Config-vlan

    • VLAN configuration

    • Line configuration

    Table 1-1 lists the command modes, how to access each mode, the prompt you see in that mode, and how

    to exit that mode. The prompts listed assume the default name Switch.

     

    Table 1-1 Command Modes Summary

    Command Mode Access Method Prompt Exit or Access Next Mode

    User EXEC This is the first level of access.

    (For the switch) Change terminal

    settings, perform basic tasks, and

    list system information.

    Switch> Enter the logout command.

    To enter privileged EXEC mode, enter

    the enable command.

    Privileged EXEC From user EXEC mode, enter the

    enable command.

    Switch# To exit to user EXEC mode, enter the

    disable command.

    To enter global configuration mode,

    enter the configure command.

    Global

    configuration

    From privileged EXEC mode,

    enter the configure command.

    Switch(config)# To exit to privileged EXEC mode, enter

    the exit or end command, or pressCtrl-Z.

    To enter interface configuration mode,

    enter the interface command.

    Interface

    configuration

    From global configuration mode,

    specify an interface by entering

    the interface command.

    Switch(config-if)# To exit to privileged EXEC mode, enter

    the end command, or press Ctrl-Z.

    To exit to global configuration mode,

    enter the exit command.

    To enter subinterface configurationmode, specify a subinterface with the

    interface command.

    Config-vlan In global configuration mode,

    enter the vlan vlan-id  command.

    Switch(config-vlan)# To exit to global configuration mode,

    enter the exit command.

    To return to privileged EXEC mode,

    enter the end command, or press

    Ctrl-Z.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    21/672

     

    1-3

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 1 Using the Command-Line Interface

      CLI Command Modes

    User EXEC Mode

    After you access the device, you are automatically in user EXEC command mode. The EXEC commands

    available at the user level are a subset of those available at the privileged level. In general, use the userEXEC commands to change terminal settings temporarily, to perform basic tests, and to list system

    information.

    The supported commands can vary depending on the version of software in use. To view a

    comprehensive list of commands, enter a question mark (?) at the prompt.

    Switch> ?

    Privileged EXEC Mode

    Because many of the privileged commands configure operating parameters, privileged access should be

    password-protected to prevent unauthorized use. The privileged command set includes those commands

    contained in user EXEC mode, as well as the configure command through which you access theremaining command modes.

    If your system administrator has set a password, you are prompted to enter it before being granted access

    to privileged EXEC mode. The password does not appear on the screen and is case sensitive.

    The privileged EXEC mode prompt is the device name followed by the pound sign (#).

    Switch#

    Enter the enable command to access privileged EXEC mode:

    Switch> enableSwitch#

    The supported commands can vary depending on the version of software in use. To view acomprehensive list of commands, enter a question mark (?) at the prompt.

    Switch# ?

    To return to user EXEC mode, enter the disable command.

    VLAN

    configuration

    From privileged EXEC mode,

    enter the vlan database 

    command.

    Switch(vlan)# To exit to privileged EXEC mode, enter

    the exit command.

    Line configuration From global configuration mode,

    specify a line by entering the line command.

    Switch(config-line)# To exit to global configuration mode,

    enter the exit command.

    To return to privileged EXEC mode,

    enter the end command, or pressCtrl-Z.

    Table 1-1 Command Modes Summary (continued)

    Command Mode Access Method Prompt Exit or Access Next Mode

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    22/672

     

    1-4

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 1 Using the Command-Line Interface

      CLI Command Modes

    Global Configuration Mode

    Global configuration commands apply to features that affect the device as a whole. Use the configure privileged EXEC command to enter global configuration mode. The default is to enter commands from

    the management console.

    When you enter the configure command, a message prompts you for the source of the configurationcommands:

    Switch# configureConfiguring from terminal, memory, or network [terminal]?

    You can specify either the terminal or NVRAM as the source of configuration commands.

    This example shows you how to access global configuration mode:

    Switch# configure terminalEnter configuration commands, one per line. End with CNTL/Z.

    The supported commands can vary depending on the version of software in use. To view a

    comprehensive list of commands, enter a question mark (?) at the prompt.

    Switch(config)# ?

    To exit global configuration command mode and to return to privileged EXEC mode, enter the end orexit command, or press Ctrl-Z.

    Interface Configuration Mode

    Interface configuration commands modify the operation of the interface. Interface configuration

    commands always follow a global configuration command, which defines the interface type.

    Use the interface type_number.subif  command to access interface configuration mode. The new prompt

    shows interface configuration mode.Switch(config-if)#

    The supported commands can vary depending on the version of software in use. To view a

    comprehensive list of commands, enter a question mark (?) at the prompt.

    Switch(config-if)# ?

    To exit interface configuration mode and to return to global configuration mode, enter the exit command.To exit interface configuration mode and to return to privileged EXEC mode, enter the end command,or press Ctrl-Z.

    config-vlan ModeUse this mode to configure normal-range VLANs (VLAN IDs 1 to 1005) or, when VTP mode is

    transparent, to configure extended-range VLANs (VLAN IDs 1006 to 4094). When VTP mode is

    transparent, the VLAN and VTP configuration is saved in the running configuration file, and you can

    save it to the switch startup configuration file by using the copy running-config startup-config privileged EXEC command. The configurations of VLAN IDs 1 to 1005 are saved in the VLAN database

    if VTP is in transparent or server mode. The extended-range VLAN configurations are not saved in the

    VLAN database.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    23/672

     

    1-5

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 1 Using the Command-Line Interface

      CLI Command Modes

    Enter the vlan vlan-id  global configuration command to access config-vlan mode:

    Switch(config)# vlan 2000Switch(config-vlan)#

    The supported keywords can vary but are similar to the commands available in VLAN configuration

    mode. To view a comprehensive list of commands, enter a question mark (?) at the prompt.Switch(config-vlan)# ?

    For extended-range VLANs, all characteristics except MTU size must remain at the default setting.

    To return to global configuration mode, enter exit; to return to privileged EXEC mode, enter end. Allcommands except shutdown take effect when you exit config-vlan mode.

    VLAN Configuration Mode

    You can use the VLAN configuration commands to create or modify VLAN parameters for VLANs 1 to

    1005. Enter the vlan database privileged EXEC command to access VLAN configuration mode:

    Switch# vlan databaseSwitch(vlan)#

    The supported commands can vary depending on the version of software in use. To view a

    comprehensive list of commands, enter a question mark (?) at the prompt.

    Switch(vlan)# ?

    To return to privileged EXEC mode, enter the abort command to abandon the proposed database.Otherwise, enter exit to implement the proposed new VLAN database and to return to privileged EXECmode.

    Line Configuration ModeLine configuration commands modify the operation of a terminal line. Line configuration commands

    always follow a line command, which defines a line number. Use these commands to change terminal

    parameter settings line-by-line or for a range of lines.

    Use the line vty line_number  [ending_line_number ] command to enter line configuration mode. Thenew prompt indicates line configuration mode.

    This example shows how to enter line configuration mode for virtual terminal line 7:

    Switch(config)# line vty 0 7

    The supported commands can vary depending on the version of software in use. To view a

    comprehensive list of commands, enter a question mark (?) at the prompt.

    Switch(config-line)# ?

    To exit line configuration mode and to return to global configuration mode, use the exit command.To exit line configuration mode and to return to privileged EXEC mode, enter the end command, or pressCtrl-Z.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    24/672

     

    1-6

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 1 Using the Command-Line Interface

      Command Summary

    Command SummaryTable 1-2 lists and describes commands that have the same function but different syntax in software

    releases earlier than Cisco IOS Release 12.1(6)EA2 and in Cisco IOS Release 12.1(6)EA2 or later. It

    lists the commands supported in releases earlier than Cisco IOS Release 12.1(6)EA2, the equivalent

    commands in Cisco IOS Release 12.1(6)EA2 or later, and command descriptions.

    If you are running Cisco IOS Release 12.1(6)EA2 or later, the switch supports the commands in the left

    column of Table 1-2 only if they are in a saved configuration file. When you save the switch

    configuration after modifying it, the commands in Table 1-2 are replaced by equivalent commands

    supported in Cisco IOS Release 12.1(6)EA2 or later.

    For information about commands listed in the left column of Table 1-2, see the Catalyst 2950 Desktop

    Switch Command Reference, Cisco IOS Release 12.0(5.2)WC(1)  (April 2001). You can access this

    document at this URL:

    http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.0_5.2_wc_1_/command/r 

    eference/cli.html.

    Table 1-2 Command Comparison

    Command in Cisco IOSreleases earlier than CiscoIOS Release 12.1(6)EA2

    Command in Cisco IOSRelease 12.1(6)EA2 or later Description

    mac-address-table secure switchport port-securitymac-address

    Adds secure addresses to the MAC

    address table.

    no negotiation auto speed nonegotiate Disables autonegotiation on1000BASE-X, -LX, and -ZX GBIC1 

    ports.

    port group channel-group Assigns a port to a Fast EtherChannel or

    Gigabit EtherChannel port group.port monitor monitor session Enables SPAN2 port monitoring on a

    port.

    port protected switchport protected Isolates Layer 2 unicast, multicast, andbroadcast traffic from other protected

    ports on the same switch.

    port security switchport port-security Enables port security on a port andrestricts the use of the port to a

    user-defined group of stations.

    port security action switchport port-securityviolation

    Specifies the action to take when an

    address violation occurs on a secure

    port.

    port securitymax-mac-count

    switchport port-securitymaximum

    Specifies the maximum number of

    secure addresses supported by a secure

    port.

    port storm-control storm-control Enables unicast, multicast, or broadcaststorm control on a port, and specifies

    storm-control parameters on a port.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    25/672

     

    1-7

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 1 Using the Command-Line Interface

      Command Summary

    Table 1-3 lists and describes the commands that are not supported in Cisco IOS Release 12.1(6)EA2 orlater. These commands are supported only in software releases earlier than Cisco IOS

    Release 12.1(6)EA2. If you are running Cisco IOS Release 12.1(6)EA2 or later, the switch supports the

    commands listed in Table 1-3 only if they are in a saved configuration file.

    show mac-address-tablesecure

    show port-security Displays the port security settings foran interface and the secure addresses in

    the MAC address table.

    show port group show etherchannel Displays EtherChannel information fora channel.

    show port monitor show monitor Displays SPAN session information.

    show port protected show interfaces switchport Displays the port protection settings ofa port.

    show port security show port-security Displays the port security settingsdefined for a port.

    show port storm-control show storm-control Displays the packet-storm controlinformation.

    spanning-tree rootguard spanning-tree guard Enables the root guard feature for allVLANs associated with a port.

    switchport priority mls qos cos Defines the default CoS3 value of a port.

    switchport priorityoverride

    mls qos cos override Assigns the default CoS value to allincoming packets on a port.

    1. GBIC = Gigabit Interface Converter

    2. SPAN = Switched Port Analyzer

    3. CoS = class of service

    Table 1-2 Command Comparison (continued)

    Command in Cisco IOSreleases earlier than CiscoIOS Release 12.1(6)EA2

    Command in Cisco IOSRelease 12.1(6)EA2 or later Description

    Table 1-3 Commands Not Supported in Cisco IOS Release 12.1(6)EA2 or Later 

    Command Description

    clear ip address Deletes an IP address for a switch without disabling the IPprocessing.

    clear mac-address-table static Deletes static entries from the MAC address table.

    management Shuts down the current management VLAN interface andenables the new management VLAN interface.

    show mac-address-table self  Displays the addresses added by the switch itself to the MACaddress table.

    spanning-tree protocol Specifies the STP1 to be used for specified spanning-treeinstances.

    In Cisco IOS Release 12.1(6)EA2 or later, the switch supports

    only IEEE Ethernet STP.

    1. STP = Spanning Tree Protocol

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    26/672

     

    1-8

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 1 Using the Command-Line Interface

      Command Summary

    For detailed command syntax and descriptions, see Chapter 2, “Catalyst 2950 and 2955 Cisco IOS

    Commands.” For task-oriented configuration steps, see the software configuration guide for this release.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    27/672

    C H A P T E R

     

    2-1

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    2Catalyst 2950 and 2955 Cisco IOS Commands

    aaa accounting dot1xUse the aaa accounting dot1x global configuration command to enable authentication, authorization,

    and accounting (AAA) accounting and to create method lists defining specific accounting methods on aper-line or per-interface basis for IEEE 802.1x sessions. Use the no form of this command to disableIEEE 802.1x accounting.

    aaa accounting dot1x {name | default} start-stop {broadcast group {name | radius | tacacs+} [group {name | radius | tacacs+} ... ] | group {name | radius | tacacs+} [group {name | radius| tacacs+} ...]}

    no aaa accounting dot1x {name | default}

    Syntax Description   name Name of a server group. This is optional when you enter it after thebroadcast group and group keywords.

    default Use the accounting methods that follow as the default list for accountingservices.

    start-stop Send a start accounting notice at the beginning of a process and a stopaccounting notice at the end of a process. The start accounting record is sent

    in the background. The requested-user process begins regardless of whether

    or not the start accounting notice was received by the accounting server.

    broadcast Enable accounting records to be sent to multiple AAA servers and sendaccounting records to the first server in each group. If the first server is

    unavailable, the switch uses the list of backup servers to identify the first

    server.

    group Specify the server group to be used for accounting services. These are valid

    server group names:

    •   name—Name of a server group.

    • radius—List of all RADIUS hosts.

    • tacacs+ —List of all TACACS+ hosts.

    The group keyword is optional when you enter it after the broadcast group and group keywords. You can enter more than optional group keyword.

    radius (Optional) Enable RADIUS authorization.

    tacacs+ (Optional) Enable TACACS+ accounting.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    28/672

     

    2-2

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      aaa accounting dot1x

    Defaults AAA accounting is disabled.

    Command Modes Global configuration

    Command History

    Usage Guidelines This command requires access to a RADIUS server.

    Note We recommend that you enter the dot1x re-authentication interface configuration command beforeconfiguring IEEE 802.1x RADIUS accounting on an interface.

    Examples This example shows how to configure IEEE 802.1x accounting:

    Switch(config)# aaa new modelSwitch(config)# aaa accounting dot1x default start-stop group radius

    Note The RADIUS authentication server must be properly configured to accept and log update or watchdog

    packets from the AAA client.

    Related Commands

    Release Modification

    12.1(20)EA2 This command was introduced.

    Command Description

    aaa authenticationdot1x

    Specifies one or more AAA methods for use on interfaces running

    IEEE 802.1x.

    dot1x reauthentication Enables or disables periodic re-authentication.

    dot1x timeout 

    reauth-period

    Sets the number of seconds between re-authentication attempts.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    29/672

     

    2-3

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      aaa authentication dot1x

    aaa authentication dot1xUse the aaa authentication dot1x global configuration command to specify the authentication,authorization, and accounting (AAA) method to use on ports complying with IEEE 802.1x

    authentication. Use the no form of this command to disable authentication.

    aaa authentication dot1x {default} method1

    no aaa authentication dot1x {default}

    Syntax Description

    Note Though other keywords are visible in the command-line help strings, only the default and group radius keywords are supported.

    Defaults No authentication is performed.

    Command Modes Global configuration

    Command History

    Usage Guidelines The method  argument identifies the method that the authentication algorithm tries in the given sequenceto validate the password provided by the client. The only method that is truly IEEE 802.1x-compliant is

    the group radius method, in which the client data is validated against a RADIUS authentication server.

    If you specify group radius, you must configure the RADIUS server by entering the radius-server host global configuration command.

    Use the show running-config privileged EXEC command to display the configured lists of

    authentication methods.

    Examples This example shows how to enable AAA and how to create an IEEE 802.1x-compliant authenticationlist. This authentication first tries to contact a RADIUS server. If this action returns an error, the user is

    not allowed access to the network.

    Switch(config)# aaa new modelSwitch(config)# aaa authentication dot1x default group radius

    You can verify your settings by entering the  show running-config privileged EXEC command.

    default Use the listed authentication method that follows this argument as the defaultmethod when a user logs in.

    method1 Enter the group radius keywords to use the list of all RADIUS servers forauthentication.

    Release Modification

    12.1(6)EA2 This command was introduced.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    30/672

     

    2-4

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      aaa authentication dot1x

    Related Commands Command Description

    aaa new-model Enables the AAA access control model. For syntax information, select CiscoIOS Security Command Reference for Release 12.1 > Authentication,Authorization, and Accounting > Authentication Commands.

    show running-config Displays the configuration information running on the switch. For syntaxinformation, select Cisco IOS Configuration Fundamentals CommandReference for Release 12.1 > Cisco IOS File Management Commands >Configuration File Commands.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    31/672

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    32/672

     

    2-6

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      access-list (IP extended)

    Defaults The default extended ACL is always terminated by an implicit deny statement for all packets.

    Command Modes Global configuration

    Command History

    Usage Guidelines Plan your access conditions carefully. The ACL is always terminated by an implicit deny statement forall packets.

    You can use ACLs to control virtual terminal line access by controlling the transmission of packets on

    an interface.

    Extended ACLs support only the TCP and UDP protocols.

    Use the show ip access-lists command to display the contents of IP ACLs.

    Use the show access-lists command to display the contents of all ACLs.

    Note For more information about configuring IP ACLs, see the “Configuring Network Security with ACLs”

    chapter in the software configuration guide for this release.

    operator port  (Optional) Define a source or destination port.

    The operator  can be only eq (equal).

    If operator  is after the source IP address and wildcard, conditions match

    when the source port matches the defined port.

    If operator  is after the destination IP address and wildcard, conditionsmatch when the destination port matches the defined port.

    The port  is a decimal number or name of a TCP or User Datagram

    Protocol (UDP) port. The number can be from 0 to 65535.

    Use TCP port names only for TCP traffic.

    Use UDP port names only for UDP traffic.

    dscp dscp-value (Optional) Define a Differentiated Services Code Point (DSCP) value toclassify traffic.

    For the dscp-value, enter any of the 13 supported DSCP values (0, 8, 10,

    16, 18, 24, 26, 32, 34, 40, 46, 48, and 56), or use the question mark (?) to

    see a list of available values.time-range time-range-name

    (Optional) For the time-range keyword, enter a meaningful name toidentify the time range. For a more detailed explanation of this keyword,

    see the software configuration guide.

    Release Modification

    12.1(6)EA2 This command was introduced.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    33/672

     

    2-7

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      access-list (IP extended)

    Examples This example shows how to configure an extended IP ACL that allows only TCP traffic to the destinationIP address 128.88.1.2 with a TCP port number of 25 and how to apply it to an interface:

    Switch(config)# access-list 102 permit tcp any host 128.88.1.2 eq 25Switch(config)# interface fastethernet0/8Switch(config-if)# ip access-group 102 in

    This is an example of an extended ACL that allows TCP traffic only from two specified networks. The

    wildcard bits apply to the host portions of the network addresses. Any host with a source address that

    does not match the ACL statements is denied.

    access-list 104 permit tcp 192.5.0.0 0.0.255.255 anyaccess-list 104 permit tcp 128.88.0.0 0.0.255.255 any

    Note In these examples, all other IP access is implicitly denied.

    You can verify your settings by entering the show ip access-lists or show access-lists privileged EXECcommand.

    Related Commands Command Description

    access-list (IP standard) Configures a standard IP ACL.

    ip access-group Controls access to an interface.

    show access-lists Displays ACLs configured on the switch.

    show ip access-lists Displays IP ACLs configured on the switch.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    34/672

     

    2-8

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      access-list (IP standard)

    access-list (IP standard)Use the standard version of the access-list global configuration command to configure a standard IPaccess control list (ACL). Use the no form of this command to remove a standard IP ACL.

    access-list access-list-number  {deny | permit | remark} {source source-wildcard  | host source |any}

    no access-list access-list-number 

    This command is available on physical interfaces only if your switch is running the enhanced software

    image (EI).

    Syntax Description

    Defaults The default standard ACL is always terminated by an implicit deny statement for all packets.

    Command Modes Global configuration

    Command History

    Usage Guidelines Plan your access conditions carefully. The ACL is always terminated by an implicit deny statement forall packets.

    You can use ACLs to control virtual terminal line access by controlling the transmission of packets on

    an interface.

    Use the show ip access-lists command to display the contents of IP ACLs.

    access-list-number  Number of an ACL. The range is 1 to 99 and1300 to 1999.

    deny Deny access if conditions are matched.

    permit Permit access if conditions are matched.

    remark ACL entry comment up to 100 characters.

    source source-wildcard  |

    host source | anyDefine a source IP address and wildcard.

    The source is the source address of the network or host from which the

    packet is being sent, specified in one of these ways:

      • The 32-bit quantity in dotted-decimal format. The source-wildcard  

    applies wildcard bits to the source.

      • The keyword host, followed by the 32-bit quantity in dotted-decimalformat, as an abbreviation for source and source-wildcard  of source 

    0.0.0.0.

      • The keyword any as an abbreviation for source and source-wildcard  

    of 0.0.0.0 255.255.255.255. You do not need to enter a

    source-wildcard.

    Release Modification12.1(6)EA2 This command was introduced.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    35/672

     

    2-9

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      access-list (IP standard)

    Use the show access-lists command to display the contents of all ACLs.

    Note For more information about configuring IP ACLs, see the “Configuring Network Security with ACLs”

    chapter in the software configuration guide for this release.

    Examples This example shows how to configure a standard IP ACL that allows only traffic from the host network128.88.1.10 and how to apply it to an interface:

    Switch(config)# access-list 12 permit host 128.88.1.10Switch(config)# interface gigabitethernet0/1Switch(config-if)# ip access-group 12 in

    This is an example of an standard ACL that allows traffic only from three specified networks. The

    wildcard bits apply to the host portions of the network addresses. Any host with a source address that

    does not match the ACL statements is denied.

    access-list 14 permit 192.5.34.0 0.0.0.255

    access-list 14 permit 128.88.0.0 0.0.0.255access-list 14 permit 36.1.1.0 0.0.0.255

    Note In these examples, all other IP access is implicitly denied.

    You can verify your settings by entering the show ip access-lists or show access-lists privileged EXECcommand.

    Related Commands Command Description

    access-list (IP extended) Configures an extended IP ACL.

    ip access-group Controls access to an interface.

    show access-lists Displays ACLs configured on the switch.

    show ip access-lists Displays IP ACLs configured on the switch.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    36/672

     

    2-10

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      archive download-sw

    archive download-swUse the archive download-sw privileged EXEC command to download a new image from a TFTP serverto a Catalyst 2950 Long-Reach Ethernet (LRE) switch and to overwrite or to keep the existing image.

    archive download-sw { /force-reload | /imageonly | /leave-old-sw | /no-set-boot | /overwrite  | /reload | /safe} source-url

    This command is available only on the Catalyst 2950 LRE switches.

    Syntax Description

    Defaults Both the software image and device manager files are downloaded.

    The new image is downloaded to the flash: file system.

    The BOOT environment variable is changed to point to the new software image on the flash: file system.

    Image names are case sensitive; the image file is provided in tar format.

    Command Modes Privileged EXEC

     /force-reload Unconditionally force a system reload after successfully downloading thesoftware image.

     /imageonly Download only the software image but not the files associated with the devicemanager. The device manager files for the existing version are deleted only if

    the existing version is being overwritten or removed.

     /leave-old-sw Keep the old software version after a successful download. /no-set-boot Do not alter the setting of the BOOT environment variable to point to the new

    software image after it is successfully downloaded.

     /overwrite Overwrite the software image in flash memory with the downloaded image.

     /reload Reload the system after successfully downloading the image unless theconfiguration has been changed and not been saved.

     /safe Keep the current software image; do not delete it to make room for the newsoftware image before the new image is downloaded. The current image is

    deleted after the download.

    source-url The source URL alias for a local or network file system. These options are

    supported:

      • The syntax for the local flash file system: flash:

      • The syntax for the FTP:

    ftp:[[ // username[: password ]@location]/ directory] / image-name.tar

      • The syntax for the Remote Copy Protocol (RCP):

    rcp:[[ // username@location]/ directory] / image-name.tar

      • The syntax for the TFTP: tftp:[[ // location]/ directory] / image-name.tar

    The image-name.tar is the software image to download and install on theswitch.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    37/672

     

    2-11

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      archive download-sw

    Command History

    Usage Guidelines Use the /overwrite  option to overwrite the image on the flash device with the downloaded one.

    If the flash device has sufficient space to hold two images and you want to overwrite one of these images

    with the same version, you must specify the /overwrite  option.

    If you specify the command without the /overwrite  option, the download algorithm verifies that the newimage is not the same as the one on the switch flash device. If the images are the same, the download

    does not occur. If the images are different, the old image is deleted, and the new one is downloaded.

    The /imageonly  option removes the device manager files for the existing image if the existing image isbeing removed or replaced. Only the software image (without the device manager files) is downloaded.

    Using the /safe or /leave-old-sw option can cause the new image download to fail if there is insufficientflash space.

    If you used the /leave-old-sw option and did not overwrite the old image when you downloaded the newone, you can remove the old image by using the delete privileged EXEC command. For moreinformation, see the delete command.

    If you leave the existing software in place before downloading the new image, an error results if the

    existing software prevents the new image from fitting onto flash memory.

    After downloading a new image, enter the reload privileged EXEC command to begin using the newimage, or specify the /reload or /force-reload  option in the archive download-sw command.

    Examples This example shows how to download a new image from a TFTP server at 172.20.129.10 and tooverwrite the image on the switch:

    Switch# archive download-sw /overwrite tftp://172.20.129.10/test-image.tar 

    This example shows how to download only the software image from a TFTP server at 172.20.129.10 to

    the switch:

    Switch# archive download-sw /imageonly tftp://172.20.129.10/test-image.tar 

    This example shows how to keep the old software version after a successful download:

    Switch# archive download-sw /leave-old-sw tftp://172.20.129.10/test-image.tar 

    Related Commands

    Release Modification

    12.1(11)YJ This command was introduced.

    Command Description

    archive tar Creates a tar file, lists the files in a tar file, or extracts the files from a tar file.

    archive upload-sw Uploads an existing image on the switch to a server.

    delete Deletes a file or directory on the flash memory device.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    38/672

     

    2-12

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      archive tar

    archive tarUse the archive tar privileged EXEC command to create a tar file, to list files in a tar file, or to extractthe files from a tar file.

    archive tar { /create destination-url flash:/  file-url} | { /table source-ur l} | { /xtract source-urlflash:/  file-url [dir  /  file.. .]}

    Syntax Description  /create destination-urlflash:/  file-url

    Create a new tar file on the local or network file system.

    For destination-url, specify t he destination URL alias for the local or

    network file system and the name of the tar file to create. These options

    are supported:

      • The syntax for the local flash file system: flash:

      • The syntax for the FTP:

    ftp:[[ // username[: password ]@location]/ directory] / tar-filename.tar

      • The syntax for the Remote Copy Protocol (RCP) is:

    rcp:[[ // username@location]/ directory] / tar-filename.tar

      • The syntax for the TFTP:

    tftp:[[ // location]/ directory] / tar-filename.tar

    The tar-filename.tar is the tar file to be created.

    For flash:/  file-url, specify t he location on the local flash file system fromwhich the new tar file is created.

    An optional list of files or directories within the source directory can be

    specified to write to the new tar file. If none are specified, all files and

    directories at this level are written to the newly created tar file.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    39/672

     

    2-13

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      archive tar

    Defaults No default is defined.

    Command Modes Privileged EXEC

    Command History

    Usage Guidelines Filenames and directory names are case sensitive.

    Image names are case sensitive.

     /table source-url Display the contents of an existing tar file to the screen.

    For source-url, specify the source URL alias for the local or network file

    system. These options are supported:

      • The syntax for the local flash file system: flash: 

    • The syntax for the FTP:

    ftp:[[ // username[: password ]@location]/ directory] / tar-filename.tar

      • The syntax for the RCP:

    rcp:[[ // username@location]/ directory] / tar-filename.tar

      • The syntax for the TFTP:

    tftp:[[ // location]/ directory] / tar-filename.tar

    The tar-filename.tar is the tar file to display.

     /xtract source-urlflash:/  file-url [dir  /  file.. .]

    Extract files from a tar file to the local file system.

    For source-url, specify t he source URL alias for the local file system.

    These options are supported:  • The syntax for the local flash file system: 

    flash: 

    • The syntax for the FTP:

    ftp:[[ // username[: password ]@location]/ directory] / tar-filename.tar

      • The syntax for the RCP:

    rcp:[[ // username@location]/ directory] / tar-filename.tar

      • The syntax for the TFTP:

    tftp:[[ // location]/ directory] / tar-filename.tar

    The tar-filename.tar is the tar file from which to extract.

    For flash:/  file-url [dir/file...], specify t he location on the local flash filesystem into which the tar file is extracted. Use the dir/file... option to

    specify an optional list of files or directories within the tar file to be

    extracted. If none are specified, all files and directories are extracted.

    Release Modification

    12.1(6)EA2 This command was introduced.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    40/672

     

    2-14

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      archive tar

    Examples This example shows how to create a tar file. The command writes the contents of the new-configs directory on the local flash device to a file named saved.tar  on the TFTP server at 172.20.136.9:

    Switch# archive tar /create tftp:172.20.136.9/saved.tar flash:/new-configs

    This example shows how to display the contents of the saved.tar  file that is in flash memory. The

    contents of the tar file appear on the screen.

    Switch # archive tar /table tftp://172.20.136.9/saved.tarLoading saved.tar from 172.20.136.9 (via Vlan1):!info (247 bytes)c2950lre-i6l2q4-mz.121/ (directory)c2950lre-i6l2q4-mz.121/html/ (directory)c2950lre-i6l2q4-mz.121/html/homepage.htm (3990 bytes)!

    c2950lre-i6l2q4-mz.121/lre-bin/CISCO585-LRE_MC8051boot_01.03.00.bin (688bytes)c2950lre-i6l2q4-mz.121/lre-bin/CISCO585-LRE_vdslsngl_51.00.00.bin (8896bytes)!!

    c2950lre-i6l2q4-mz.121/pef22824.bin (32768 bytes)!!!!!!!c2950lre-i6l2q4-mz.121/info (247 bytes)info.ver (247 bytes)[OK - 4279808/8559616 bytes]

    This example shows how to extract the contents of a tar file on the TFTP server at 172.20.10.30. This

    command extracts just the new-configs directory into the root directory on the local flash file system.

    The remaining files in the saved.tar  file are ignored.

    Switch# archive tar /xtract tftp:/172.20.10.30/saved.tar flash:/ new-configs

    Related Commands Command Description

    archive download-sw Downloads a new image to the switch.archive upload-sw Uploads an existing image on the switch to a server.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    41/672

     

    2-15

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      archive upload-sw

    archive upload-swUse the archive upload-sw privileged EXEC command to upload an existing Long-Reach Ethernet(LRE) switch image to a server.

    archive upload-sw [ /version version_string] destination-url

    This command is supported only on Catalyst 2950 LRE switches.

    Syntax Description

    Defaults The switch uploads the currently running image from the flash: file system.

    Command Modes Privileged EXEC

    Command History

    Usage Guidelines Use the upload feature only if the files associated with the device manager have been installed with the

    existing image.The files are uploaded in this sequence: info, the software image, the device manager files, LRE binary

    files, and info.ver. After these files are uploaded, the software creates the tar file.

    Image names are case sensitive.

    Examples This example shows how to upload the currently running image to a TFTP server at 172.20.140.2:

    Switch# archive upload-sw tftp://172.20.140.2/test-image.tar 

     /version version_string (Optional) Specify the version string of the image to be uploaded.

    destination-url The destination URL alias for a local or network file system. These options

    are supported:

      • The syntax for the local flash file system: flash:

      • The syntax for the FTP:

    ftp:[[ // username[: password ]@location]/ directory] / image-name.tar

      • The syntax for the Remote Copy Protocol (RCP):

    rcp:[[ // username@location]/ directory] / image-name.tar

      • The syntax for the TFTP:

    tftp:[[ // location]/ directory] / image-name.tar

    The image-name.tar is the name of software image to be stored on theserver.

    Release Modification

    12.1(11)YJ This command was introduced.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    42/672

     

    2-16

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      archive upload-sw

    Related Commands Command Description

    archive download-sw Downloads a new image to a Catalyst 2950 LRE switch.

    archive tar Creates a tar file, lists the files in a tar file, or extracts the files from a tar file.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    43/672

     

    2-17

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      auto qos voip

    auto qos voipUse the auto qos voip interface configuration command to configure automatic quality of service(auto-QoS) for voice over IP (VoIP) within a QoS domain. Use the no form of this command to changethe auto-QoS configuration settings to the standard-QoS defaults.

    auto qos voip {cisco-phone | cisco-softphone  | trust}

    no auto qos voip

    This command is available only if your switch is running the enhanced software image (EI).

    Syntax Description

    Defaults Auto-QoS is disabled on all interfaces.

    When auto-QoS is enabled, it uses the ingress packet label to categorize traffic and to configure the

    egress queues as summarized in Table 2-1.

    Table 2-2 lists the auto-QoS configuration for the egress queues.

    cisco-phone Identify this interface as connected to a Cisco IP phone, and automaticallyconfigure QoS for VoIP. The QoS labels of incoming packets are trusted

    only when the phone is detected.

    cisco-softphone Identify this port as connected to a device running the Cisco SoftPhone, and

    automatically configure QoS for VoIP.

    trust Identify this interface as connected to a trusted switch or router. The QoSlabels of incoming packets are trusted.

    Table 2-1 Traffic Types, Packet Labels, and Egress Queues

    VoIP DataTraffic

    VoIP ControlTraffic

    Routing ProtocolTraffic

    STP1 BPDU2 Traffic

    1. STP = Spanning Tree Protocol

    2. BPDU = bridge protocol data unit

    Real-TimeVideo Traffic All Other Traffic

    DSCP3

    3. DSCP = Differentiated Services Code Point

    46 24, 26 48 56 34 —

    CoS 5 3 6 7 4 —

    CoS-to-Queue

    Map

    5 3, 6, 7 4 2 0, 1

    Egress Queue 1% WRR4 

    (queue 4)

    4. WRR = weighted round robin

    70% WRR (queue 3) 20% WRR

    (queue 2)

    20% WRR

    (queue 2)

    10% WRR

    (queue 1)

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    44/672

     

    2-18

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      auto qos voip

    Command Modes Interface configuration

    Command History

    Usage Guidelines Use this command to configure the QoS that is appropriate for VoIP traffic within the QoS domain. TheQoS domain includes the switch, the interior of the network, and the edge devices that can classify

    incoming traffic for QoS.

    In releases earlier than Cisco IOS Release 12.2(20)EA2, auto-QoS configures the switch only for VoIP

    with Cisco IP Phones on switch ports.

    In Cisco IOS Release 12.2(20)EA2 or later, auto-QoS configures the switch for VoIP with Cisco IP

    Phones and for VoIP with devices running the Cisco SoftPhone application. These releases support only

    Cisco IP SoftPhone Version 1.3(3) or later. Connected devices must use Cisco Call Manager Version 4or later.

    To take advantage of the auto-QoS defaults, you should enable auto-QoS before you configure other QoS

    commands. You can fine-tune the auto-QoS configuration after  you enable auto-QoS.

    Note The switch applies the auto-QoS-generated commands as if the commands were entered from the

    command-line interface (CLI). An existing user configuration can cause the application of the generated

    commands to fail or to be overridden by the generated commands. These actions occur without warning.

    If all the generated commands are successfully applied, any user-entered configuration that was not

    overridden remains in the running configuration. Any user-entered configuration that was overridden can

    be retrieved by reloading the switch without saving the current configuration to memory. If the generated

    commands fail to be applied, the previous running configuration is restored.

    If this is the first port on which you have enabled auto-QoS, the auto-QoS-generated global configuration

    commands are executed followed by the interface configuration commands. If you enable auto-QoS on

    another port, only the auto-QoS-generated interface configuration commands for that port are executed.

    When you enable the auto-QoS feature on the first interface, these automatic actions occur:

      • When you enter the auto qos voip cisco-phone interface configuration command on a port at theedge of the network that is connected to a Cisco IP Phone, the switch enables the trusted boundary

    feature. The switch uses the Cisco Discovery Protocol (CDP) to detect the presence or absence of a

    Table 2-2 Auto-QoS Configuration for the Egress Queues

    Egress Queue Queue Number CoS-to-Queue Map Queue Weight

    1% WRR 4 5 1 percent

    70% WRR 3 3, 6, 7 70 percent

    20% WRR 2 2, 4 20 percent

    10% WRR 1 0, 1 10 percent

    Release Modification

    12.1(12c)EA1 This command was introduced.

    12.1(20)EA2 The cisco-softphone  keyword was added, and the generated auto-QoSconfiguration changed.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    45/672

     

    2-19

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      auto qos voip

    Cisco IP Phone. When a Cisco IP Phone is detected, the ingress classification on the interface is set

    to trust the QoS label received in the packet. When a Cisco IP Phone is absent, the ingress

    classification is set to not trust the QoS label in the packet. The egress queues on the interface are

    also reconfigured (see Table 2-2).

      • When you enter the auto qos voip cisco-softphone interface configuration command on a port at

    the edge of the network that is connected to a device running the Cisco SoftPhone, the switch usespolicing to decide whether a packet is in or out of profile and to specify the action on the packet. If

    the packet does not have a DSCP value of 24, 26, or 46 or is out of profile, the switch changes the

    DSCP value to 0. The egress queues on the interface are also reconfigured (see Table 2-2).

      • When you enter the auto qos voip trust interface configuration command on a port connected to theinterior of the network, the ingress classification on the interface is set to trust the QoS label received

    in the packet, and the egress queues on the interface are reconfigured (see Table 2-2).

    You can enable auto-QoS on static, dynamic-access, voice VLAN access, and trunk ports.

    Note When a device running Cisco SoftPhone is connected to a switch or routed port, the switch supports only

    one Cisco SoftPhone application per port.

    After auto-QoS is enabled, do not modify a policy map or aggregate policer that includes AutoQoS  in its

    name. If you need to modify the policy map or aggregate policer, make a copy of it, and change the

    copied policy map or policer. To use the new policy map instead of the generated one, remove the

    generated policy, and apply the new policy map.

    To display the QoS configuration that is automatically generated when auto-QoS is enabled, enable

    debugging before you enable auto-QoS. Use the debug auto qos privileged EXEC command to enableauto-QoS debugging.

    To disable auto-QoS on an interface, use the no auto qos voip interface configuration command. Whenyou enter this command, the switch changes the auto-QoS settings to the standard-QoS default settings

    for that interface.

    To disable auto-QoS on the switch and return to the default port trust state (untrusted), follow these steps:

    1. Use the no auto qos voip interface configuration command on all interfaces on which auto-QoS isenabled. To disable auto-QoS on multiple interfaces at the same time, you can use the interfacerange global configuration command.

    2. After disabling auto-QoS on all interfaces on which auto-QoS was enabled, return the egress queues

    and CoS-to-DSCP map to the default settings by using these global configuration commands:

      • no wrr-queue bandwidth

      • no wrr-queue cos-map

      • no mls qos map cos-dscp

    Examples This example shows how to enable auto-QoS and to trust the QoS labels received in incoming packetswhen the switch or router connected to a port is a trusted device:

    Switch(config)# interface gigabitethernet0/1Switch(config-if)# auto qos voip trust

    This example shows how to enable auto-QoS and to trust the QoS labels received in incoming packets

    when the device connected to a port is detected as a Cisco IP phone:

    Switch(config)# interface fastethernet0/1Switch(config-if)# auto qos voip cisco-phone

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    46/672

     

    2-20

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      auto qos voip

    This example shows how to display the QoS configuration that is automatically generated when

    auto-QoS is enabled:

    Switch# debug auto qos AutoQoS debugging is onSwitch# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Switch(config)# interface fastethernet0/1Switch(config-if)# auto qos voip cisco-phone00:02:54:wrr-queue bandwidth 10 20 70 100:02:55:no wrr-queue cos-map00:02:55:wrr-queue cos-map 1 0 100:02:56:wrr-queue cos-map 2 2 400:02:57:wrr-queue cos-map 3 3 6 700:02:58:wrr-queue cos-map 4 500:02:59:mls qos map cos-dscp 0 8 16 26 32 46 48 5600:03:00:interface FastEthernet0/100:03:00: mls qos trust device cisco-phone00:03:00: mls qos trust cosSwitch(config-if)# interface fastethernet0/2

    Switch(config-if)# auto qos voip trust00:03:15:interface FastEthernet0/200:03:15: mls qos trust cosSwitch(config-if)#

    You can verify your settings by entering the show auto qos interface interface-id  privileged EXECcommand.

    Related Commands Command Description

    debug auto qos Enable debugging of the auto-QoS feature.

    mls qos map  Defines the CoS-to-DSCP map or the DSCP-to-CoS map.

    mls qos trust Configures the port trust state.show auto qos Displays auto-QoS information.

    show mls qos maps Displays QoS mapping information.

    show mls qos interface Displays QoS information at the interface level.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    47/672

     

    2-21

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      boot boothlpr

    boot boothlprUse the boot boothlpr global configuration command to load a special software image, which whenloaded into memory, can load a second software image into memory and start it. This variable is used

    only for internal development and testing. Use the no form of this command to return to the default setting.

    boot boothlpr filesystem:/  file-url

    no boot boothlpr

    This command is available only on Catalyst 2950 Long-Reach Ethernet (LRE) switches.

    Syntax Description

    Defaults No helper image is loaded.

    Command Modes Global configuration

    Command History

    Usage Guidelines Filenames and directory names are case sensitive.

    This command changes the setting of the BOOTHLPR environment variable. For more information, see

    Appendix B, “Catalyst 2950 and 2955 Switch Boot Loader Commands.”

    Related Commands

     filesystem: Alias for a flash file system. Use flash: for the system board flash device.

     /  file-url The path (directory) and name of a bootable helper image.

    Release Modification

    12.1(11)YJ This command was introduced.

    Command Description

    show boot Displays the settings of the boot environment variables.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    48/672

     

    2-22

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      boot buffersize

    boot buffersizeUse the boot buffersize global configuration command to specify the size of the file system-simulatedNVRAM in flash memory. The buffer holds a copy of the configuration file in memory. Use the no formof this command to return to the default setting.

    boot buffersize size

    no boot buffersize

    This command is available only on Catalyst 2950 Long-Reach Ethernet (LRE) switches.

    Syntax Description

    Defaults The default is 32 KB.

    Command Modes Global configuration

    Command History

    Usage Guidelines The configuration file cannot be larger than the buffer size allocation.

    You must reload the switch by using the reload privileged EXEC command for this command to takeeffect.

    This command changes the setting of the CONFIG_BUFSIZE environment variable. For more

    information, see Appendix B, “Catalyst 2950 and 2955 Switch Boot Loader Commands.”

    Related Commands

    size The buffer allocation size in bytes. The range is 4096 to 524288 bytes.

    Release Modification

    12.1(11)YJ This command was introduced.

    Command Description

    show boot Displays the settings of the boot environment variables.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    49/672

     

    2-23

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      boot config-file

    boot config-fileUse the boot config-file global configuration command to specify the filename that the software uses toread and write a nonvolatile copy of the system configuration. Use the no form of this command to returnto the default setting.

    boot config-file flash:/  file-url

    no boot config-file

    This command is available only on Catalyst 2950 Long-Reach Ethernet (LRE) switches.

    Syntax Description

    Defaults The default configuration file is flash:config.text.

    Command Modes Global configuration

    Command History

    Usage Guidelines Filenames and directory names are case sensitive.

    This command changes the setting of the CONFIG_FILE environment variable. For more information,

    see Appendix B, “Catalyst 2950 and 2955 Switch Boot Loader Commands.”

    Related Commands

    flash:/  file-url The path (directory) and name of the configuration file.

    Release Modification

    12.1(11)YJ This command was introduced.

    Command Description

    show boot Displays the settings of the boot environment variables.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    50/672

     

    2-24

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      boot enable-break 

    boot enable-break Use the boot enable-break global configuration command to enable interrupting the automatic bootprocess on a Catalyst 2950 Long-Reach Ethernet (LRE) switch. Use the no form of this command toreturn to the default setting.

    boot enable-break

    no boot enable-break

    This command is available only on Catalyst 2950 LRE switches.

    Syntax Description This command has no arguments or keywords.

    Defaults The automatic start up process cannot be interrupted by pressing the Break key on the console.

    Command Modes Global configuration

    Command History

    Usage Guidelines When you enter this command, you can interrupt the automatic boot process by pressing the Break key

    on the console after the flash file system is initialized.

    Note Despite the setting of this command, you can interrupt the automatic boot process at any time by pressing

    the MODE button on the switch front panel.

    This command changes the setting of the ENABLE_BREAK environment variable. For more

    information, see Appendix B, “Catalyst 2950 and 2955 Switch Boot Loader Commands.”

    Related Commands

    Release Modification

    12.1(11)YJ This command was introduced.

    Command Description

    show boot Displays the settings of the boot environment variables.

  • 8/15/2019 Catalyst 2950 Switch Command Reference

    51/672

     

    2-25

    Catalyst 2950 and Catalyst 2955 Switch Command Reference

    OL-10102-02

    Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands

      boot helper

    boot helperUse the boot helper global configuration command to dynamically load files during boot loaderinitialization to extend or to patch the functionality of the boot loader. Use the no form of this commandto return to the default setting.

    boot helper filesystem:/  file-url ...

    no boot helper

    This command is available only on Catalyst 2950 Long-Reach Ethernet (LRE) switches.

    Syntax Description

    Defaults No helper files are loaded.

    Command Modes Global configuration

    Command History

    Usage Guidelines Filenames and directory names are case sensitive.

    This command changes the setting of the HELPER environment variable. For more information, see

    Appendix B, “Catalyst 2950 and 2955 Switch Boot Loader Commands.”

    Related Commands

     filesystem: Alias for a flash file system. Use f