Cisco layer three switch configuration commands and explanations

Basic Configuration
S> enable access to privileged mode
s# configure terminal into global configuration mode
S (config) # hostname name change switch name
S (config) # Enable password level level_# password set user password (level_#=1) or privileged password (level_#=15)
S (config) # line console 0 enters the console interface
S (config-line) # password Console_password a command to set the console password
S (config) # line vty 0 15 Enter virtual Terminal
S (config-line) # password Telnet_password a command to set the Telnet password
S (config-line) # login allows Telnet login
S (config) # enable Password|secret Privilege_password Configure privileged passwords (encrypted or unencrypted)
S (config) # interface ethernet|fastethernet|gigabitethernet slot_#/port_# Enter interface sub-configuration mode
S (config-if) # [No] shutdown turn off or enable the interface (enabled by default)
S (config) # IP address ip_address sunbet_mask Specify IP addresses
S (config) # ip default-gateway router ' s_ip_address specifies which router address is the default gateway
s# Show Running-config View the current configuration
s# copy running-config Startup-config saves the current configuration in RAM into the NVRAM
S> show interface [Type slot_#/port_#] View information for all or specified interfaces
S> show IP Display IP configuration of the switch (available on 1900 series only)
S> Show version View device information
s# show ip interface brief verify IP configuration
S (config-if) # speed 10|100|auto set interface rate
S (config-if) # Duplex Auto|full|half Set Interface Duplex mode
S> show mac-address-table View Cam table
s# Clear Mac-address-table clears dynamic entries from the Cam table
1900 (config) # mac-address-table permanent mac_address type [slot_#/]port_# create a static entry in the Cam table
2950 (config) # mac-address-table static mac_address VLAN vlan_# interface type [slot_#/] port_# Create a static entry in the Cam table
1900 (config) # mac-address-table restricted static mac_address source_port list_of_allowed_interface Security
1900 (CONFIG-IF) # Port secure enable sticky learning
1900 (CONFIG-IF) # Port Secure Max-mac-count value sets the number of addresses that the Sticky learning feature can learn (default 132, value range is 1-132)
1900 (config) # address-violation suspend|ignore|disable Change security options
1900> Show mac-address-table Security authentication port safety measures
2950 (config) # switchport mode access defines the interface as a host port instead of a trunk port
2950 (config) # switchport port-security Enable port security
2950 (config) # switchport port-security Maximum value specifies the maximum number of devices that can be associated with this interface
2950 (config) # switchport port-security violation Protect|restrict|shutdown Specify what should happen when a security violation occurs
2950 (config) # switchport port-security mac-address mac_address specifies that the exact MAC address associated with this interface is allowed
2950 (config) # switchport port-security mac-address sticky enable sticky learning features
2950 (config) # show port interface type [slot_#/] port_# Verify interface configuration
2950 (config-if) Description Name set interface description information
2950# show buffers Viewing the size of the system cache
1900# copy nvram tftp://ip_address_of_tftp_server/file_name backup The configuration file to the TFTP server
1900# copy tftp://ip_address_of_tftp_server/file_name nvram Restore Configuration to NVRAM from the TFTP server
1900# Delete nvram deletion configuration file
2950# Erase Startup-config Deleting a configuration file
3550# Show Tcam QoS tcam_id Statistics view Tcam remaining capacity
4000> enable access to privileged mode
4000> (enable) Set password set user mode password
4000> (enable) Set Enablepass setting the authorization password
4000> (enable) set interface Sc0 IP_Address mask Configure IP Address
4000> (enable) set port enable|disable slot_#/port_# Enable/disable interface
4000> (enable) show port [slot_#/port_#] Display interface information
4000> (enable) set port name slot_#/port_# Name Set Switch interface description information
4000> (enable) Set port speed slot_#/port_# 4|10|16|100|auto Set switch interface rate
4000> (enable) set port duplex slot_#/port_# full|half Set Switch interface duplex mode
4000> (enable) Clear Config all removes configuration information from NVRAM
4000> (enable) Erase all delete content in Flash
4000> (enable) Show Flash displays content in Flash
4000> (enable) show CAM [count] dynamic|static|permanent|system [vlan_#] Show cam table
VLAN 1900 (config) # VTP domain vtp_domain_name defining the switch domain name
1900 (config) # VTP server|client|transparent define switch VTP mode (default server)
1900 (config) # vtp password vtp_password config VTP password
1900 (config) # VTP pruning enable|disable Enable/disable trimming (enabled by default)
1900 (config) # VTP trap Enable SNMP trap enabled (enabled by default)
1900# Show VTP Validation VTP configuration
2950# VTP database access VLAN and VTP configuration (the following are used before IOS12.1, 12.1 is all in global configuration mode)
2950 (VLAN) # VTP domain vtp_domain_name defining the switch domain name
2950 (VLAN) # VTP server|client|transparent define switch VTP mode (default server)
2950 (VLAN) # VTP password Vtp_password configuring VTP passwords
2950 (VLAN) # VTP pruning Enable/disable trimming (enabled by default)
2950 (config) # Snmp-server enable traps VTP enabled SNMP traps (enabled by default)
2950# Show VTP status check VTP configuration
2950# Show VTP counters displays VTP statistics related to the sending and receiving of VTP messages
1900 (config-if) # trunk On|off|desirable|auto Specify relay type
1900# Show Trunk a| B Verify Interface relay (A is fa0/26,b is FA0/27)
2950 (config-if) # switchport mode trunk|dynamic desirable|dynamic auto|nonegotiate Specify relay type (default autonegotiation)
2950 (config-if) # switchport trunk native|allowed|pruning VLAN vlan_# configuration Relay
2950 (config-if) # switchport trunk Pruning VLAN remove vlan_# clear unwanted VLAN
2950# show interfaces [type 0/port_#] Switchport|trunk authentication Interface Relay
1900 (config) # vlan vlan_# [name Vlan_name] Create VLAN
1900 (config-if) # vlan-membership static vlan_# assigns the interface statically to a VLAN
1900# Show VLAN Authentication VLAN
1900# Show Vlan-membership View VLAN Membership
1900# show Spantree [vlan_#] View STP information for VLANs
2950# VLAN database enters VLAN databases (used before ISO12.1)
2950 (VLAN) # VLAN vlan_# [name Vlan_name] Creating VLANs
2950 (config) # VLAN vlan_# into the VLAN database (ISO12.1)
2950 (Config-vlan) # name Vlan_name Create VLAN
2950 (config-if) # switchport mode access specifies that the connection is an Access link connection
2950 (config-if) # switchport access VLAN vlan_# specified VLAN is an Access link connection
4000> (enable) Set VLAN vlan_# name Vlan_name Configure VLAN
4000> (enable) Set VLAN vlan_# slot_#/port_#-port_# assigning ports to VLANs
4000> (enable) set trunk slot_#/port_# [On|off|desirable|auto|nonegotiate] [vlan_#] [isl|dot1q|dot10|lane| Negotiate] Configuring Trunks
4000> (enable) Clear trunk slot_#/port_# vlan_# Delete VLAN
4000> (enable) Show trunk slot_#/port_# Verify trunk port
4000> (enable) Set VTP v2 enable configuration VTPv2
4000> (enable) set VTP [domain name] [mode client|server|transparent] [passwd password] [pruning enable|disable] [v2 ENA Ble|disable] Setting VTP
4000> (enable) Show VTP domain authentication information for VTP domains
4000> (enable) Show VTP statistics displays a summary of the VTP advertisement information sent or received
4000> (enable) set VTP pruneeligible vlan_# set VTP mitigation
4000> (Enable) Clear VTP pruneeligible vlan_# Eliminate unwanted VLANs

STP 4000> (enable) set Spantree enable|disable vlan_# Enable/disable STP (enabled by default)
2950 (config) # [no] spanning-tree VLAN vlan_# enable/disable STP (enabled by default)
4000> (enable) show Spantree [vlan_#] Verify STP status
2950# Show Spanning-tree Verify STP status
4000> (enable) set Spantree root [secondary] vlan_# [dia network_diameter] [Hello Hello_time] Set main root node bridge, backup node Bridge, maximum number of bridges (2-7) , Duration (1-10, default 2)
4000> (enable) set Spantree portcost slot_#/port_# cost_# setting port Overhead
2950 (config-if) # spanning-tree cost cost_# set port overhead
4000> (enable) set Spantree Portpri slot_#/port_# priority_# Setting Port priority
4000> (enable) set Spantree portvlanpri slot_#/port_# priority_# [vlan_#] Change the priority setting of the VLAN
2950 (config-if) # spanning-tree VLAN vlan_# port-priority priority_# Set Port priority
4000> (enable) set Spantree Fwddelay delay_# [vlan_#] Sets the time interval from the listening state to the learning state to the forwarding state (default 15 seconds, the value range is 4-30 seconds)
4000> (enable) set Spantree Hello Interval_time [vlan_#] Sets the time interval for the root node switch to send BPDUs (default 2 seconds, the value range is 1-10 seconds)
4000> (enable) set Spantree maxage agingtime [vlan_#] Sets the time at which the switch holds BPDUs (default 20 seconds, the value range is 6-40 seconds)
2950 (config) # spanning-tree VLAN vlan_# forward-time forward_time Set the interval from the listening state to the learning state to the forwarding state (default 15 seconds, the value range is 4-30 seconds)
2950 (config) # spanning-tree VLAN vlan_# hello-time hello_time Set the time interval for the root node switch to send BPDUs (default 2 seconds, the value range is 1-10 seconds)
2950 (config) # spanning-tree VLAN vlan_# max-age MaxAge Set the time the switch holds BPDUs (default 20 seconds, value range is 6-40 seconds)
4000> (enable) set port channel slot_#/port_# on to set up an Ethernet channel collection
4000> (enable) show Port capabilities slot_#/port_# View the configuration of ports
4000> (enable) show port channel Verify the configuration of the Ethernet channel collection
2950 (config-if) # Channel-group Group_number mode Auto|desirable|on establish an Ethernet channel collection
2950# Show EtherChannel group_number|brief|detail|load-balance|port|port-channel|summary Verifying the configuration of the Ethernet channel collection
4000> (enable) set Spantree Portfast slot_#/port_# enable configuration Portfast
2950 (config-if) # spanning-tree portfast configuration Portfast
4000> (enable) set Spantree uplinkfast enable|disable [rate station_update_rate] [all-protocols Off|on] Enable/ Disable Uplinkfast
4000> (enable) show Spantree Uplinkfast Verify Uplinkfast configuration
2950 (config) # spanning-tree uplinkfast [max_update_rate] Enable/disable Uplinkfast
2950# Show Spanning-tree uplinkfast verifying uplinkfast configuration
4000> (enable) set Spantree Backbonefast enable|disable Enable/disable Backbonefast
4000> (enable) show Spantree Backbonefast Verify Backbonefast configuration
2950 (config) # Spanning-tree backbonefast Enable Backbonefast

Virtual Inter-network routing
2600 (config) # interface type Slot_#/port_#.subint_number Configuration sub-interface
2600 (CONFIG-SUBIF) # encapsulation DOT1Q|ISL|SDE|TR-ISL vlan_# Configuration package Type
4000> (enable) Show module to view the hardware configuration of the switch
4000> (enable) session module_# Access L3SM
L3SM (config-if) # mac-address mac_address assigning MAC addresses
MLS 2600 (config) # MLS RP IP Boot MLS
2600 (CONFIG-IF) # MLS RP Vtp-domain domain_name Assigning router interfaces to a VTP domain
2600 (CONFIG-IF) # MLS RP Vlan-id vlan_# assigning VLANs to interfaces
2600 (CONFIG-IF) # MLS RP Management-interface Specifies that the interface is a management interface
2600# Show MLS RP provides global MLS information
2600# Show MLS RP Interface Type slot_#/port_# provides MLS information for the specified interface
2600# Show MLS RP Vtp-domain Domain_Name provides MLS information for VTP domains
6500> (enable) Set MLS enable to start MLS on Mls-se
6500> (enable) Set MLS include Rp_ip_address tells the switch which IP address is correct
6500> (enable) Show MLS include displays a list of IP addresses for the external routing processor
6500> (enable) Set MLS flow [Destination|destination-source|full] tells the MLS switch what information to cache the candidate packets
6500> (enable) Show MLS entry show third-tier cache table
6500> (enable) Set MLS Agingtime aging_time Change the cache's aging time (default 256 seconds, the value range is 8 times the number of 8-2032 seconds)
6500> (enable) Set MLS Agingtime fast Fast_aging_time pkt_threshold Change rapid aging cycle and packet thresholds
6500> (enable) Show MLS IP authentication mls-se Configuration
6500> (enable) Clear MLS entry [destination IP_Address] [source ip_address] [flow Protocol] [Source_port] [Destination_ Port] [ALL] Delete all or specify MLS cache records
3550 (config) # IP routing start IP routing
3550 (config) # IP CEF start CEF
3550 (config-if) # No Switchport converts the second layer interface to a third-level interface
3550 (config-if) # IP Route-cache CEF starts CEF on the interface
3550# show ip CEF authentication CEF

Multicast
3640 (config) # IP multicast-routing Multicast service on the boot router
3640 (config-if) # IP PIM Dense-mode set interface to PIM dense mode
3640 (config-if) # IP PIM Sparse-mode set interface to PIM sparse mode
3640 (config-if) # IP PIM Sparsed-dense-mode set interface to PIM sparse-dense mode
3640 (config) # ip PIM rp-address ip_address group_acl_# [override] Manually configure the RP
3640 (config) # ip PIM send-rp-announce type slot_#/port_# scope ttl_value group-list acl_# Advertise the distribution of the RP Group
3640 (config) # ip PIM send-rp-discovery scope ttl_value Configure RP Mapping agent
3640 (config-if) # IP multicast ttl-threshold ttl_value set TTL thresholds
3640 (config-if) # IP IGMP join-group group_address join a multicast group
3640# show ip mroute View multicast information
3640# Ping to verify the connection between the RP or other multicast routers
3640# mtrace source_ip_address [destination_ip_address] [group] multicast traceroute
3640 (config-if) # IP cGMP configuration cGMP router
4000> (enable) Set cGMP enable cGMP activation
4000> (enable) Show cGMP statistics View cGMP statistics
4000> (enable) Show multicast group cGMP View the multicast group information learned by the switch
4000> (enable) Set cGMP leave enable to check the departure information of IGMPV2 generated by the client
4000> (enable) Set IGMP enable to start IGMP
4000> (enable) IP IGMP snooping start IGMP snooping
4000> (enable) Set IGMP Fastleave enable quick leave process
4000> (enable) Show IGMP statistics displays status information for IGMP snooping on the switch
QoS 2950 (config) # wrr-queue cos-map queue_id cos_value Build Queue
2950 (config) # Wrr-queue bandwidth Bandwidth_value Set Queue threshold
2950 (config) # Class-maps name defines the criteria for matching information transmission classifications
2950 (config-cmap) # match Access-group acl_# recognition of classified information transmission
2950 (config) # Policy-map name determines the classification criteria set for access information transfer
2950 (CONFIG-PMAP) # class name
2950 (CONFIG-PMAP-C) # set IP DSCP number
2950 (config-if) # Service-policy input name applies policy to this interface
3550 (config) # MLS QoS start QoS
3550 (config-if) # Auto QoS VoIP initiates automatic quality of service on the interface
3550 (config) # priority-list priority_queue_# Protocol Protocol High|medium|normal|low [list acl_#] Define the flow of information for the priority queue
3550 (config) # priority-list priority_queue_# queue-limit limit_# defines the maximum queue space for a specific priority queue
3550 (config-if) # Priority-group priority_queue_# Assigning a priority queue to a specific output interface
3550 (config) # queue-list queue_list_# interface type slot_#/port_# queue_number define the flow of information for a specific custom queue
3550 (config) # queue-list queue_list_# queue queue_number byte-count size_in_bytes [Limit Number_of_queue] Define the maximum space for a queue for a specific custom queue
3550 (config-if) # custom-queue-list Custom_queue_number Assigning a priority queue to a specific output interface
4840 (config) # IP slb serverfarm serverfarm_name configuring SLB Redundancy
4840 (config-slb-sfarm) # real ip_address [port_#] Specify virtual IP address
4840 (config-slb-sfarm) # Inservice Start server
4840 (config) # virtual ip_address [Network_mask] tcp|udp [PORT_NUMBER|WSP|WSP-WTP|WSP-WTLS|WSP-WTP-WTLS] [service SERVICE_NAME] Establishing the virtual server IP address

This article is from the "Dream to Reality" blog, please be sure to keep this source http://lookingdream.blog.51cto.com/5177800/1825296

Cisco layer three switch configuration commands and explanations