Catalyst 4500 Series Switch Cisco IOS Command Reference ... Contents vi Catalyst 4500 Series Switch Cisco IOS Command Reference—Release 12.2(25)SG OL-7657-01 dot1x system-auth-control

Catalyst 4500 Series Switch Cisco IOS Command Reference Release 12.2(25)SG

Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000

800 553-NETS (6387) Fax: 408 526-4100

Text Part Number: OL-7657-01

http://www.cisco.com

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Catalyst 4500 Series Switch Cisco IOS Command Reference Copyright © 2005 Cisco Systems, Inc. All rights reserved

CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R)

Catalyst 4500 Series Switc OL-7657-01

C O N T E N T S

Preface xv

Audience xv

Organization xv

Related Documentation xv

Conventions xvi

Obtaining Documentation xvii

Documentation Feedback xviii

Cisco Product Security Overview xviii

Obtaining Technical Assistance xix

Obtaining Additional Publications and Information xxi

C H A P T E R 1 Command-Line Interface 1-1

Getting Help 1-1

How to Find Command Options 1-2

Understanding Command Modes 1-4

Using the No and Default Forms of Commands 1-6

Using the CLI String Search 1-6

Saving Configuration Changes 1-11

show platform Commands 1-11

C H A P T E R 2 Cisco IOS Commands for the Catalyst 4500 Series Switches 2-1

#macro keywords 2-2

aaa accounting dot1x default start-stop group radius 2-3

aaa accounting system default start-stop group radius 2-4

access-group mode 2-5

access-list hardware entries 2-6

action 2-8

apply 2-9

arp access-list 2-10

attach module 2-11

auto qos voip 2-12

auto-sync 2-15

iii h Cisco IOS Command Reference—Release 12.2(25)SG

Contents

channel-group 2-16

channel-protocol 2-18

class-map 2-20

clear counters 2-22

clear hw-module slot password 2-24

clear interface gigabitethernet 2-25

clear interface vlan 2-26

clear ip access-template 2-27

clear ip arp inspection log 2-28

clear ip arp inspection statistics 2-29

clear ip dhcp snooping database 2-30

clear ip dhcp snooping database statistics 2-31

clear ip igmp group 2-32

clear ip igmp snooping membership 2-34

clear ip mfib counters 2-35

clear ip mfib fastdrop 2-36

clear lacp counters 2-37

clear mac-address-table dynamic 2-38

clear pagp 2-39

clear port-security 2-40

clear qos 2-41

clear vlan counters 2-42

clear vmps statistics 2-43

debug adjacency 2-44

debug backup 2-45

debug condition interface 2-46

debug condition standby 2-47

debug condition vlan 2-49

debug dot1x 2-50

debug etherchnl 2-51

debug interface 2-53

debug ipc 2-54

debug ip dhcp snooping event 2-55

debug ip dhcp snooping packet 2-56

debug ip verify source packet 2-57

iv Catalyst 4500 Series Switch Cisco IOS Command Reference—Release 12.2(25)SG

OL-7657-01

Contents

debug lacp 2-58

debug monitor 2-59

debug nvram 2-60

debug pagp 2-61

debug platform packet protocol lacp 2-62

debug platform packet protocol pagp 2-63

debug pm 2-64

debug psecure 2-65

debug redundancy 2-66

debug smf updates 2-67

debug spanning-tree 2-68

debug spanning-tree backbonefast 2-69

debug spanning-tree switch 2-70

debug spanning-tree uplinkfast 2-72

debug sw-vlan 2-73

debug sw-vlan ifs 2-74

debug sw-vlan notification 2-75

debug sw-vlan vtp 2-76

debug udld 2-77

debug vqpc 2-78

define interface-range 2-79

deny 2-80

diagnostic monitor action 2-82

diagnostic start 2-83

dot1x auth-fail max-attempts 2-84

dot1x auth-fail vlan 2-85

dot1x guest-vlan 2-86

dot1x guest-vlan supplicant 2-87

dot1x initialize 2-88

dot1x max-reauth-req 2-89

dot1x max-req 2-90

dot1x multiple-hosts 2-91

dot1x port-control 2-92

dot1x re-authenticate 2-94

dot1x re-authentication 2-95

v Catalyst 4500 Series Switch Cisco IOS Command Reference—Release 12.2(25)SG

OL-7657-01

Contents

dot1x system-auth-control 2-96

dot1x timeout 2-97

duplex 2-99

erase 2-101

errdisable detect 2-104

errdisable recovery 2-106

flowcontrol 2-109

hw-module power 2-112

hw-module uplink select 2-113

instance 2-115

interface 2-117

interface port-channel 2-119

interface range 2-120

interface vlan 2-122

ip arp inspection filter vlan 2-123

ip arp inspection limit (interface) 2-125

ip arp inspection log-buffer 2-127

ip arp inspection trust 2-129

ip arp inspection validate 2-130

ip arp inspection vlan 2-132

ip arp inspection vlan logging 2-133

ip cef load-sharing algorithm 2-135

ip dhcp snooping 2-137

ip dhcp snooping binding 2-138

ip dhcp snooping database 2-139

ip dhcp snooping information option 2-141

ip dhcp snooping information option allow-untrusted 2-142

ip dhcp snooping limit rate 2-143

ip dhcp snooping trust 2-144

ip dhcp snooping vlan 2-145

ip igmp filter 2-147

ip igmp max-groups 2-148

ip igmp profile 2-149

ip igmp query-interval 2-150

ip igmp snooping 2-151

vi Catalyst 4500 Series Switch Cisco IOS Command Reference—Release 12.2(25)SG

OL-7657-01

Contents

ip igmp snooping report-suppression 2-153

ip igmp snooping vlan 2-155

ip igmp snooping vlan explicit-tracking 2-156

ip igmp snooping vlan immediate-leave 2-157

ip igmp snooping vlan mrouter 2-158

ip igmp snooping vlan static 2-160

ip local-proxy-arp 2-161

ip mfib fastdrop 2-162

ip route-cache flow 2-163

ip source binding 2-165

ip sticky-arp 2-166

ip verify header vlan all 2-168

ip verify source vlan dhcp-snooping 2-169

l2protocol-tunnel 2-171

l2protocol-tunnel cos 2-172

l2protocol-tunnel drop-threshold 2-173

l2protocol-tunnel shutdown-threshold 2-175

lacp port-priority 2-177

lacp system-priority 2-178

logging event link-status global (global configuration) 2-179

logging event link-status (interface configuration) 2-180

logging event trunk-status global (global configuration) 2-182

logging event trunk-status (interface configuration) 2-183

mac access-list extended 2-185