Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706 USAhttp://www.cisco.comTel: 408 526-4000

800 553-NETS (6387)Fax: 408 527-0883

Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

Text Part Number: OL-23829-01

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

CCDE, CCENT, CCSI, Cisco Eos, Cisco Explorer, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco TrustSec, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1002R))

Catalyst 4500 Series Switch Cisco IOS Command Reference Copyright 19992011 Cisco Systems, Inc. All rights reserved

Catalyst 4500 Series Switch OL-22172-01

packet-offset (netflow-lite sampler submode)packet-rate (netflow-lite sampler submode)packet-section size (netflow-lite sampler submodeport-channel standalone-disableqos account layer-all encapsulation

sampler (netflow-lite monitor submode))C H A P T E R

Catalyst 4500 Series IOS Commands

New Commandsaverage-packet-size (netflow-lite monitor submode)clear ip wccpclear netflow-lite exporter statisticsclear netflow-lite monitor statistics interface

cos (netflow-lite exporter submode)destination (netflow-lite exporter submode)dscp (netflow-lite exporter submode)export-protocol (netflow-lite exporter submode)exporter (netflow-lite monitor submode)hw-module system max-queue-limitip admission proxy http refresh-allip wccp check services all

ip wccp group-listenip wccp redirectip wccp redirect exclude innetflow-lite exporternetflow-lite monitornetflow-lite sampler

options timeout (netflow-lite exporter submode)-1Cisco IOS Command ReferenceRelease 15.0(2)SG

Chapter show ip wccpshow netflow-lite exporter

show netflow-lite monitorshow netflow-lite samplersource (netflow-lite exporter submode)source-interfacesource-ip-addresstemplate data timeout (netflow-lite exporter submode)transport udp (netflow-lite exporter submode)transport udp load-share (netflow-lite exporter submode)ttl (netflow-lite exporter submode)vrf (netflow-lite exporter submode)

Revised Commandsauthentication eventip wccp

private-vlanrep admin vlanrep block portrep lsl-age-timerrep preempt delayrep preempt segment

rep segment

rep stcn

show interfaces switchportshow vlan private-vlan

A Commandsaaa accounting dot1x default start-stop group radiusaaa accounting system default start-stop group radiusclear mac-address-tableaccess-group modeaccess-list hardware capture modeaccess-list hardware entriesaccess-list hardware regionaction

applyancp client server-2Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter ancp mode clientapply

arp access-listattach moduleauthentication control-directionauthentication critical recovery delayauthentication eventauthentication fallbackauthentication host-modeauthentication openauthentication orderauthentication periodicauthentication port-controlauthentication priority

authentication timerauthentication violationauto qos voip

auto-sync

average-packet-size (netflow-lite monitor submode)

C Commandscall-home (global configuration)call-home requestcall-home sendcall-home send alert-groupcall-home testchannel-group

channel-protocolcisp enableclass-map

clear counters clear errdisableclear hw-module slot passwordclear interface gigabitethernet clear interface vlan clear ip access-template

clear ip arp inspection log-3Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter clear ip arp inspection statisticsclear ip dhcp snooping bindingclear ip dhcp snooping databaseclear ip dhcp snooping database statisticsclear ip igmp group

clear ip mfib countersclear ip mfib fastdropclear ip wccp

clear lacp countersclear netflow-lite exporter statisticsclear netflow-lite monitor statistics interface

clear nmsp statisticsclear mac-address-table dynamicclear pagp

clear port-securityclear pppoe intermediate-agent statisticsclear qos

clear vlan countersclear vmps statisticscontrol-plane

cos (netflow-lite exporter submode)counter

D Commandsdebug adjacency debug backup debug condition interface debug condition standby debug condition vlandebug dot1xdebug etherchnl debug interface debug ip dhcp snooping eventdebug ip dhcp snooping packetdebug ip verify source packetdebug ipcdebug lacp-4Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter debug monitor debug nmspdebug nvram debug pagp debug platform packet protocol lacpdebug platform packet protocol pagpdebug pmdebug port-securitydebug pppoe intermediate-agentdebug redundancydebug spanning-tree debug spanning-tree backbonefast debug spanning-tree switch debug spanning-tree uplinkfast debug sw-vlan debug sw-vlan ifs debug sw-vlan notification debug sw-vlan vtpdebug udlddebug vqpcdefine interface-range denydestination (netflow-lite exporter submode)diagnostic fpga soft-error recoverdiagnostic monitor actiondiagnostic startdot1x auth-fail max-attemptsdot1x auth-fail vlandot1x credentials (global configuration)dot1x criticaldot1x critical eapoldot1x critical recovery delaydot1x critical vlandot1x control-directiondot1x guest-vlandot1x guest-vlan supplicantdot1x host-modedot1x initialize-5Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter dot1x mac-auth-bypassdot1x max-reauth-reqdot1x max-reqdot1x port-controldot1x re-authenticatedot1x re-authenticationdot1x system-auth-controldot1x timeoutdscp (netflow-lite exporter submode)duplex

E Commandserase

errdisable detect errdisable recoveryexport-protocol (netflow-lite exporter submode)exporter (netflow-lite monitor submode)

F Commandsflowcontrol

H Commandshardware statisticshw-module port-grouphw-module powerhw-module system max-queue-limithw-module uplink mode shared-backplanehw-module uplink select

I Commandsinstanceinterfaceinterface port-channel

interface range interface vlanip admission proxy http refresh-all-6Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter ip arp inspection filter vlanip arp inspection limit (interface)ip arp inspection log-bufferip arp inspection trustip arp inspection validateip arp inspection vlanip arp inspection vlan loggingip cef load-sharing algorithmip dhcp snoopingip dhcp snooping bindingip dhcp snooping databaseip dhcp snooping information optionip dhcp snooping information option allow-untrustedip dhcp snooping limit rateip dhcp snooping trustip dhcp snooping vlanip device tracking maximumip igmp filterip igmp max-groupsip igmp profile

ip igmp query-interval ip igmp snooping ip igmp snooping report-suppression

ip igmp snooping vlanip igmp snooping vlan explicit-tracking

ip igmp snooping vlan immediate-leaveip igmp snooping vlan mrouter ip igmp snooping vlan static

ip local-proxy-arp ip mfib fastdropip route-cache flow

ip source bindingip sticky-arpip verify header vlan allip verify sourceip verify unicast source reachable-viaip wccp

ip wccp check services all-7Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter ip wccp group-listenip wccp redirectp wccp redirect exclude inipv6 mld snoopingipv6 mld snooping last-listener-query-countipv6 mld snooping last-listener-query-intervalipv6 mld snooping listener-message-suppressionipv6 mld snooping robustness-variableipv6 mld snooping tcnipv6 mld snooping vlanissu abortversionissu acceptversionissu commitversionredundancy config-sync mismatched-commandsissu loadversionissu runversionissu set rollback-timer

L Commandsl2protocol-tunnell2protocol-tunnel cosl2protocol-tunnel drop-thresholdl2protocol-tunnel shutdown-thresholdlacp port-priority

lacp system-prioritylldp tlv-select power-managementlogging event trunk-status global (global configuration)logging event link-status global (global configuration)logging event link-status (interface configuration)logging event trunk-status (interface configuration)

M Commandsmatchmac access-list extendedmac-address-table aging-timemac-address-table dynamic group protocolsmac address-table learning vlan-8Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter mac-address-table notificationmac-address-table staticmacro apply cisco-desktopmacro apply cisco-phonemacro apply cisco-router

macro apply cisco-switchmacro auto devicemacro auto execute (built-in function)macro auto execute (remotely-defined trigger)macro auto execute (user-defined function)macro auto global processingmacro auto mac-address-groupmacro auto processingmacro auto sticky

macro global apply cisco-globalmacro global apply system-cppmacro global descriptionmain-cpumatchmatch flow ip

mdix automedia-typemodemonitor session mtu

O Commandsoptions timeout (netflow-lite exporter submode)

N Commandsname

netflow-lite exporter

netflow-lite monitornetflow-lite sampler

P Commandspacket-offset (netflow-lite sampler submode)-9Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter packet-rate (netflow-lite sampler submode)packet-section size (netflow-lite sampler submode)pagp learn-method pagp port-priority passive-interface

permitpolicy-map port-channel load-balanceport-channel standalone-disableport-security mac-addressport-security mac-address stickyport-security maximumpower dc inputpower efficient-ethernet auto

power inlinepower inline logging globalport-security mac-addresspower inline policeport-security mac-addresspppoe intermediate-agent format-type (global)pppoe intermediate-agent (interface)pppoe intermediate-agent limit ratepppoe intermediate-agent trustpppoe intermediate-agent vendor-tag strippppoe intermediate-agent (interface vlan-range)pppoe intermediate-agent (interface vlan-range)priorityprivate-vlan

private-vlan mappingprivate-vlan synchronize

Q Commandsqos (global configuration mode) qos (interface configuration mode)qos account layer-all encapsulationqos account layer2 encapsulation

qos aggregate-policer -10Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter qos cos

qos dblqos dscpqos map cos

qos map dscp qos map dscp policedqos rewrite ip dscpqos trust

qos vlan-based queue-limit

R Commandsredundancyredundancy force-switchoverredundancy reloadremote login moduleremote-span

renew ip dhcp snooping databasereset

revision

S Commandssampler (netflow-lite monitor submode)service-policy (interface configuration) service-policy (policy-map class)service-policy input (control-plane)session moduleset

set cos

set dscpset precedenceset qos-group

shape (interface configuration)shell triggershow netflow-lite exporter

show netflow-lite monitorshow netflow-lite sampler-11Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter snmp ifindex clearsnmp ifindex persistsnmp-server enable trapssnmp-server ifindex persistsnmp-server ifindex persist compresssnmp trap mac-notification changesource (netflow-lite exporter submode)spanning-tree backbonefastspanning-tree bpdufilterspanning-tree bpduguardspanning-tree cost

spanning-tree etherchannel guard misconfigspanning-tree extend system-idspanning-tree guardspanning-tree link-typespanning-tree loopguard defaultspanning-tree modespanning-tree mstspanning-tree mst configurationspanning-tree mst forward-timespanning-tree mst hello-timespanning-tree mst max-agespanning-tree mst max-hops

spanning-tree mst rootspanning-tree pathcost methodspanning-tree portfast (interface configuration mode)spanning-tree portfast bpdufilter defaultspanning-tree portfast bpduguard defaultspanning-tree portfast defaultspanning-tree port-priority spanning-tree uplinkfast

spanning-tree vlan speed storm-control

storm-control broadcast include multicastswitchportswitchport access vlan

switchport autostate exclude-12Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter switchport blockswitchport modeswitchport port-securityswitchport private-vlan association trunkswitchport private-vlan host-association

switchport private-vlan mappingswitchport private-vlan trunk allowed vlanswitchport private-vlan trunk native vlan tag

switchport trunk switchport vlan mappingsystem mtu

Show Commandsshow access-group mode interfaceshow adjacencyshow ancp multicast

show arp access-listshow authenticationshow auto install status

show auto qosshow bootflash: show bootvar show cable-diagnostics tdrshow call-home

show cdp neighborsshow class-mapshow diagnostic contentshow diagnostic result moduleshow diagnostic result module testshow diagnostic result module test 2show diagnostic result module test 3show dot1xshow environment

show errdisable detect show errdisable recovery show etherchannel

show flowcontrol-13Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter show hw-module port-groupshow hw-module uplinkshow idprom show interfaces show interfaces capabilitiesshow interfaces counters show interfaces descriptionshow interfaces link

show interfaces mtushow interfaces private-vlan mappingshow interfaces status

show interfaces switchport show interfaces transceivershow interfaces trunk

show ip arp inspectionshow ip arp inspection logshow ip cef vlan

show ip dhcp snoopingshow ip dhcp snooping bindingshow ip dhcp snooping databaseshow ip igmp interface show ip igmp profileshow ip igmp snooping

show ip igmp snooping membershipshow ip igmp snooping mrouter

show ip igmp snooping vlanshow ip interfaceshow ip mfibshow ip mfib fastdropshow ip mroute show ip source bindingshow ip verify sourceshow ip wccpshow ipc

show ipv6 mld snoopingshow ipv6 mld snooping mroutershow ipv6 mld snooping queriershow ipv6 snooping counters-14Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter show issu capabilityshow issu clients

show issu comp-matrixshow issu endpointsshow issu entities

show issu fsmshow issu messageshow issu negotiatedshow issu rollback-timershow issu sessionsshow issu state

show l2protocol-tunnelshow lacpshow mabshow mac access-group interfaceshow mac-address-table address show mac-address-table aging-time show mac-address-table count show mac-address-table dynamic show mac-address-table interface show mac address-table learningshow mac-address-table multicast show mac-address-table notificationshow mac-address-table protocolshow mac-address-table static show mac-address-table vlanshow macro auto mac-address-groupshow macro auto device show macro auto interfaceshow module show monitor

show nmspshow pagp show policy-map

show policy-map control-planeshow policy-map interface show policy-map interface vlan

show port-security-15Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter show powershow power inline police

show qosshow pppoe intermediate-agent interfaceshow qos

show qos aggregate policer show qos dblshow qos interface

show qos mapsshow redundancyshow redundancy config-syncshow running-configshow slavebootflash:show slaveslot0:show slot0: show spanning-tree show spanning-tree mst

show storm-controlshow system mtushow tech-support

show udld show vlan show vlan access-map

show vlan countersshow vlan dot1q tag nativeshow vlan groupshow vlan internal usageshow vlan mapping

show vlan mtushow vlan private-vlanshow vlan remote-span

show vmpsshow vtp

T Commandstemplate data timeout (netflow-lite exporter submode)test cable-diagnostics tdr-16Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter traceroute mac

traceroute mac ip

transport udp (netflow-lite exporter submode)trust

ttl (netflow-lite exporter submode)tx-queue

U Commandsudld (global configuration mode) udld (interface configuration mode) udld resetunidirectionalusername

V Commandsverifyvlan (VLAN Database mode)vlan access-map

vlan configurationvlan database vlan dot1q tag nativevlan filtervlan group

vlan internal allocation policyvmps reconfirm (global configuration)vmps reconfirm (privileged EXEC)vmps retry

vmps server

vrf (netflow-lite exporter submode)vtp (global configuration mode) vtp client vtp domain vtp password vtp pruning vtp server

vtp transparent

vtp v2-mode-17Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

Chapter -18Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-22172-01

OL-23829-01

ancp client server 2-17

ancp mode client 2-18

apply 2-19r 2-16

C O N T E N T S

Preface xxi

Audience xxi

Organization xxi

Related Documentation xxi

Conventions xxii

Notices xxiii

Obtaining Documentation and Submitting a Service Request 1-xxv

Command-Line Interface 1-1

Getting Help 1-1

How to Find Command Options 1-2

Understanding Command Modes 1-5

Using the No and Default Forms of Commands 1-6

Using the CLI String Search 1-6

Saving Configuration Changes 1-11

show platform Commands 1-11

Cisco IOS Commands for the Catalyst 4500 Series Switches 2-1

#macro keywords 2-2

aaa accounting dot1x default start-stop group radius 2-4

aaa accounting system default start-stop group radius 2-5

access-group mode 2-6

access-list hardware capture mode 2-8

access-list hardware entries 2-10

access-list hardware region 2-12

action 2-13

active 2-14

ancp client port identifieiiiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

Contents

arp access-list 2-21

attach module 2-22

authentication control-direction 2-23

authentication critical recovery delay 2-25

authentication event 2-26

authentication fallback 2-29

authentication host-mode 2-30

authentication open 2-32

authentication order 2-33

authentication periodic 2-35

authentication port-control 2-36

authentication priority 2-38

authentication timer 2-40

authentication violation 2-42

auto qos voip 2-44

auto-sync 2-47

average-packet-size (netflow-lite monitor submode) 2-48

bandwidth 2-50

call-home (global configuration) 2-53

call-home request 2-56

call-home send 2-58

call-home send alert-group 2-59

call-home test 2-61

channel-group 2-62

channel-protocol 2-64

cisp enable 2-66

class 2-67

class-map 2-70

clear counters 2-72

clear energywise neighbors 2-74

clear errdisable 2-75

clear hw-module slot password 2-76

clear interface gigabitethernet 2-77

clear interface vlan 2-78ivCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

clear ip access-template 2-79

clear ip arp inspection log 2-80

clear ip arp inspection statistics 2-81

clear ip dhcp snooping binding 2-82

clear ip dhcp snooping database 2-84

clear ip dhcp snooping database statistics 2-85

clear ip igmp group 2-86

clear ip igmp snooping membership 2-88

clear ip mfib counters 2-89

clear ip mfib fastdrop 2-90

clear ip wccp 2-91

clear lacp counters 2-92

clear mac-address-table 2-93

clear mac-address-table dynamic 2-95

clear netflow-lite exporter statistics 2-96

clear netflow-lite monitor statistics interface 2-97

clear nmsp statistics 2-98

clear pagp 2-99

clear port-security 2-100

clear pppoe intermediate-agent statistics 2-102

clear qos 2-103

clear vlan counters 2-105

clear vmps statistics 2-106

control-plane 2-107

cos (netflow-lite exporter submode) 2-109

counter 2-111

dbl 2-113

debug adjacency 2-115

debug backup 2-116

debug condition interface 2-117

debug condition standby 2-118

debug condition vlan 2-120

debug dot1x 2-122

debug etherchnl 2-123vCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

debug interface 2-125

debug ipc 2-126

debug ip dhcp snooping event 2-127

debug ip dhcp snooping packet 2-128

debug ip verify source packet 2-129

debug lacp 2-130

debug monitor 2-131

debug nmsp 2-132

debug nvram 2-133

debug pagp 2-134

debug platform packet protocol lacp 2-135

debug platform packet protocol pagp 2-136

debug pm 2-137

debug port-security 2-138

debug pppoe intermediate-agent 2-139

debug redundancy 2-141

debug spanning-tree 2-142

debug spanning-tree backbonefast 2-144

debug spanning-tree switch 2-145

debug spanning-tree uplinkfast 2-147

debug sw-vlan 2-148

debug sw-vlan ifs 2-149

debug sw-vlan notification 2-151

debug sw-vlan vtp 2-152

debug udld 2-153

debug vqpc 2-155

define interface-range 2-156

deny 2-157

destination (netflow-lite exporter submode) 2-159

destination address 2-161

destination message-size-limit bytes 2-163

destination preferred-msg-format 2-165

destination transport-method 2-167

diagnostic fpga soft-error recover 2-169viCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

diagnostic monitor action 2-170

diagnostic start 2-171

dot1x auth-fail max-attempts 2-172

dot1x auth-fail vlan 2-173

dot1x control-direction 2-174

dot1x credentials (global configuration) 2-175

dot1x critical 2-176

dot1x critical eapol 2-177

dot1x critical recovery delay 2-178

dot1x critical vlan 2-179

dot1x guest-vlan 2-180

dot1x guest-vlan supplicant 2-181

dot1x host-mode 2-182

dot1x initialize 2-184

dot1x mac-auth-bypass 2-185

dot1x max-reauth-req 2-186

dot1x max-req 2-187

dot1x port-control 2-189

dot1x re-authenticate 2-191

dot1x re-authentication 2-192

dot1x system-auth-control 2-193

dot1x timeout 2-194

dscp (netflow-lite exporter submode) 2-196

duplex 2-198

energywise (global configuration) 2-200

energywise (interface configuration) 2-202

energywise domain 2-205

energywise query 2-207

epm access control 2-211

erase 2-212

errdisable detect 2-215

errdisable recovery 2-217

export-protocol (netflow-lite exporter submode) 2-220viiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

exporter (netflow-lite monitor submode) 2-222

flowcontrol 2-224

hardware statistics 2-227

hw-module port-group 2-228

hw-module power 2-229

hw-module system max-queue-limit 2-230

hw-module uplink mode shared-backplane 2-231

hw-module uplink select 2-233

instance 2-235

interface 2-237

interface port-channel 2-239

interface range 2-240

interface vlan 2-242

ip admission proxy http refresh-all 2-243

ip arp inspection filter vlan 2-244

ip arp inspection limit (interface) 2-246

ip arp inspection log-buffer 2-248

ip arp inspection trust 2-250

ip arp inspection validate 2-251

ip arp inspection vlan 2-253

ip arp inspection vlan logging 2-255

ip cef load-sharing algorithm 2-257

ip device tracking maximum 2-259

ip dhcp snooping 2-260

ip dhcp snooping binding 2-261

ip dhcp snooping database 2-263

ip dhcp snooping information option 2-265

ip dhcp snooping information option allow-untrusted 2-267

ip dhcp snooping limit rate 2-268

ip dhcp snooping trust 2-269

ip dhcp snooping vlan 2-270

ip dhcp snooping vlan information option format-type circuit-id string 2-272

ip igmp filter 2-274

ip igmp max-groups 2-275

ip igmp profile 2-276viiiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

ip igmp query-interval 2-277

ip igmp snooping 2-279

ip igmp snooping report-suppression 2-281

ip igmp snooping vlan 2-283

ip igmp snooping vlan explicit-tracking 2-284

ip igmp snooping vlan immediate-leave 2-286

ip igmp snooping vlan mrouter 2-288

ip igmp snooping vlan static 2-290

ip local-proxy-arp 2-292

ip mfib fastdrop 2-293

ip multicast multipath 2-294

ip route-cache flow 2-296

ip source binding 2-298

ip sticky-arp 2-299

ip verify header vlan all 2-301

ip verify source 2-302

ip verify unicast source reachable-via 2-304

ip wccp 2-306

ip wccp check services all 2-309

ip wccp group-listen 2-311

ip wccp redirect 2-313

p wccp redirect exclude in 2-315

ipv6 mld snooping 2-317

ipv6 mld snooping last-listener-query-count 2-319

ipv6 mld snooping last-listener-query-interval 2-321

ipv6 mld snooping listener-message-suppression 2-323

ipv6 mld snooping robustness-variable 2-324

ipv6 mld snooping tcn 2-326

ipv6 mld snooping vlan 2-327

issu abortversion 2-329

issu acceptversion 2-331

issu commitversion 2-333

issu loadversion 2-335

issu runversion 2-337ixCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

issu set rollback-timer 2-339

l2protocol-tunnel 2-340

l2protocol-tunnel cos 2-342

l2protocol-tunnel drop-threshold 2-343

l2protocol-tunnel shutdown-threshold 2-345

lacp port-priority 2-347

lacp system-priority 2-348

lldp tlv-select power-management 2-349

logging event link-status global (global configuration) 2-350

logging event link-status (interface configuration) 2-351

logging event trunk-status global (global configuration) 2-353

logging event trunk-status (interface configuration) 2-354

mab 2-356

mac access-list extended 2-358

mac-address-table aging-time 2-361

mac-address-table dynamic group protocols 2-362

mac address-table learning vlan 2-365

mac-address-table notification 2-367

mac-address-table static 2-369

macro apply cisco-desktop 2-370

macro apply cisco-phone 2-372

macro apply cisco-router 2-374

macro apply cisco-switch 2-376

macro auto device 2-378

macro auto execute (built-in function) 2-380

macro auto execute (remotely-defined trigger) 2-383

macro auto execute (user-defined function) 2-385

macro auto global processing 2-387

macro auto mac-address-group 2-389

macro auto processing 2-390

macro auto sticky 2-392

macro global apply cisco-global 2-393

macro global apply system-cpp 2-394

macro global description 2-395

main-cpu 2-396xCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

match 2-397

match (class-map configuration) 2-399

match flow ip 2-402

mdix auto 2-406

media-type 2-408

mode 2-409

monitor session 2-411

mtu 2-417

name 2-418

netflow-lite exporter 2-419

netflow-lite monitor 2-421

netflow-lite sampler 2-423

nmsp 2-425

nmsp attachment suppress 2-426

options timeout (netflow-lite exporter submode) 2-427

packet-offset (netflow-lite sampler submode) 2-429

packet-rate (netflow-lite sampler submode) 2-430

packet-section size (netflow-lite sampler submode) 2-432

pagp learn-method 2-434

pagp port-priority 2-435

passive-interface 2-436

permit 2-439

police 2-441

police (percent) 2-446

police rate 2-448

police (two rates) 2-450

policy-map 2-454

port-channel load-balance 2-456

port-channel standalone-disable 2-458

port-security mac-address 2-459

port-security mac-address sticky 2-460

port-security maximum 2-461

power dc input 2-463

power efficient-ethernet auto 2-464

power inline 2-465xiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

power inline consumption 2-467

power inline logging global 2-469

power inline police 2-470

power redundancy-mode 2-472

pppoe intermediate-agent (global) 2-474

pppoe intermediate-agent (interface) 2-475

pppoe intermediate-agent (interface vlan-range) 2-477

pppoe intermediate-agent format-type (global) 2-478

pppoe intermediate-agent format-type (interface) 2-480

pppoe intermediate-agent format-type (interface vlan-range) 2-481

pppoe intermediate-agent limit rate 2-482

pppoe intermediate-agent trust 2-483

pppoe intermediate-agent vendor-tag strip 2-484

priority 2-485

private-vlan 2-487

private-vlan mapping 2-491

private-vlan synchronize 2-494

profile 2-495

qos (global configuration mode) 2-497

qos (interface configuration mode) 2-498

qos account layer-all encapsulation 2-499

qos account layer2 encapsulation 2-501

qos aggregate-policer 2-503

qos control-packets 2-506

qos cos 2-509

qos dbl 2-510

qos dscp 2-513

qos map cos 2-514

qos map dscp 2-516

qos map dscp policed 2-518

qos rewrite ip dscp 2-520

qos trust 2-521

qos vlan-based 2-523

queue-limit 2-525

redundancy 2-527xiiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

redundancy config-sync mismatched-commands 2-529

redundancy force-switchover 2-531

redundancy reload 2-532

remote login module 2-533

remote-span 2-534

renew ip dhcp snooping database 2-535

rep admin vlan 2-536

rep block port 2-537

rep lsl-age-timer 2-541

rep preempt delay 2-543

rep preempt segment 2-545

rep segment 2-546

rep stcn 2-549

reset 2-551

revision 2-552

sampler (netflow-lite monitor submode) 2-553

service-policy (interface configuration) 2-555

service-policy (policy-map class) 2-558

service-policy input (control-plane) 2-560

session module 2-562

set 2-564

set cos 2-566

set dscp 2-569

set precedence 2-572

set qos-group 2-575

shape (class-based queueing) 2-577

shape (interface configuration) 2-579

shell trigger 2-581

show access-group mode interface 2-583

show adjacency 2-584

show ancp multicast 2-586

show arp access-list 2-587

show authentication 2-588

show auto install status 2-592

show auto qos 2-593xiiiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

show bootflash: 2-594

show bootvar 2-596

show cable-diagnostics tdr 2-597

show call-home 2-599

show cdp neighbors 2-604

show class-map 2-607

show diagnostic content 2-609

show diagnostic result module 2-611

show diagnostic result module test 2-615

show diagnostic result module test 2 2-617

show diagnostic result module test 3 2-619

show dot1x 2-621

show energywise 2-625

show environment 2-629

show errdisable detect 2-632

show errdisable recovery 2-633

show etherchannel 2-635

show flowcontrol 2-639

show hw-module port-group 2-641

show hw-module uplink 2-642

show idprom 2-643

show interfaces 2-649

show interfaces capabilities 2-652

show interfaces counters 2-656

show interfaces description 2-658

show interfaces link 2-659

show interfaces mtu 2-660

show interfaces private-vlan mapping 2-661

show interfaces status 2-662

show interfaces switchport 2-664

show interfaces transceiver 2-666

show interfaces trunk 2-671

show ip arp inspection 2-673

show ip arp inspection log 2-676

show ip cef vlan 2-678xivCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

show ip dhcp snooping 2-679

show ip dhcp snooping binding 2-681

show ip dhcp snooping database 2-684

show ip igmp interface 2-686

show ip igmp profile 2-688

show ip igmp snooping 2-689

show ip igmp snooping membership 2-693

show ip igmp snooping mrouter 2-695

show ip igmp snooping vlan 2-696

show ip interface 2-698

show ip mfib 2-701

show ip mfib fastdrop 2-703

show ip mroute 2-704

show ip source binding 2-709

show ip verify source 2-710

show ip wccp 2-713

show ipc 2-720

show ipv6 mld snooping 2-722

show ipv6 mld snooping mrouter 2-724

show ipv6 mld snooping querier 2-725

show ipv6 snooping counters 2-727

show issu capability 2-728

show issu clients 2-730

show issu comp-matrix 2-732

show issu endpoints 2-737

show issu entities 2-738

show issu fsm 2-739

show issu message 2-740

show issu negotiated 2-742

show issu rollback-timer 2-743

show issu sessions 2-744

show issu state 2-745

show l2protocol-tunnel 2-747

show lacp 2-750

show mab 2-753xvCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

show mac access-group interface 2-756

show mac-address-table address 2-757

show mac-address-table aging-time 2-759

show mac-address-table count 2-761

show mac-address-table dynamic 2-763

show mac-address-table interface 2-765

show mac address-table learning 2-767

show mac-address-table multicast 2-768

show mac-address-table notification 2-770

show mac-address-table protocol 2-772

show mac-address-table static 2-774

show mac-address-table vlan 2-777

show macro auto mac-address-group 2-779

show macro auto device 2-780

show macro auto interface 2-781

show module 2-782

show monitor 2-784

show netflow-lite exporter 2-786

show netflow-lite monitor 2-788

show netflow-lite sampler 2-790

show nmsp 2-791

show pagp 2-794

show policy-map 2-796

show policy-map control-plane 2-797

show policy-map interface 2-800

show policy-map interface vlan 2-803

show port-security 2-805

show power 2-812

show power inline police 2-820

show pppoe intermediate-agent interface 2-821

show qos 2-823

show qos aggregate policer 2-824

show qos dbl 2-825

show qos interface 2-826

show qos maps 2-828xviCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

show redundancy 2-830

show redundancy config-sync 2-834

show running-config 2-837

show shell functions 2-839

show shell triggers 2-840

show slavebootflash: 2-841

show slaveslot0: 2-843

show slot0: 2-845

show spanning-tree 2-847

show spanning-tree mst 2-852

show storm-control 2-855

show system mtu 2-858

show tech-support 2-859

show udld 2-861

show vlan 2-864

show vlan access-map 2-868

show vlan counters 2-869

show vlan dot1q tag native 2-870

show vlan group 2-871

show vlan internal usage 2-872

show vlan mapping 2-873

show vlan mtu 2-875

show vlan private-vlan 2-876

show vlan remote-span 2-878

show vmps 2-879

show vtp 2-881

snmp ifindex clear 2-885

snmp ifindex persist 2-887

snmp-server enable traps 2-889

snmp-server ifindex persist 2-891

snmp-server ifindex persist compress 2-892

snmp trap mac-notification change 2-893

source (netflow-lite exporter submode) 2-894

source-interface 2-896

source-ip-address 2-897xviiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

spanning-tree backbonefast 2-898

spanning-tree bpdufilter 2-899

spanning-tree bpduguard 2-901

spanning-tree cost 2-902

spanning-tree etherchannel guard misconfig 2-903

spanning-tree extend system-id 2-904

spanning-tree guard 2-905

spanning-tree link-type 2-906

spanning-tree loopguard default 2-907

spanning-tree mode 2-908

spanning-tree mst 2-909

spanning-tree mst configuration 2-911

spanning-tree mst forward-time 2-913

spanning-tree mst hello-time 2-914

spanning-tree mst max-age 2-915

spanning-tree mst max-hops 2-916

spanning-tree mst root 2-917

spanning-tree pathcost method 2-919

spanning-tree portfast (interface configuration mode) 2-920

spanning-tree portfast bpdufilter default 2-922

spanning-tree portfast bpduguard default 2-924

spanning-tree portfast default 2-925

spanning-tree port-priority 2-926

spanning-tree uplinkfast 2-927

spanning-tree vlan 2-929

speed 2-931

storm-control 2-934

storm-control broadcast include multicast 2-936

subscribe-to-alert-group all 2-937

subscribe-to-alert-group configuration 2-939

subscribe-to-alert-group diagnostic 2-941

subscribe-to-alert-group environment 2-943

subscribe-to-alert-group inventory 2-945

subscribe-to-alert-group syslog 2-947

switchport 2-949xviiiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

switchport access vlan 2-951

switchport autostate exclude 2-953

switchport block 2-955

switchport mode 2-956

switchport port-security 2-961

switchport private-vlan association trunk 2-966

switchport private-vlan host-association 2-968

switchport private-vlan mapping 2-970

switchport private-vlan trunk allowed vlan 2-973

switchport private-vlan trunk native vlan tag 2-976

switchport trunk 2-977

switchport vlan mapping 2-981

system mtu 2-983

template data timeout (netflow-lite exporter submode) 2-985

test cable-diagnostics tdr 2-987

traceroute mac 2-989

traceroute mac ip 2-992

transport udp (netflow-lite exporter submode) 2-995

transport udp load-share (netflow-lite exporter submode) 2-997

trust 2-999

ttl (netflow-lite exporter submode) 2-1001

tx-queue 2-1003

udld (global configuration mode) 2-1005

udld (interface configuration mode) 2-1007

udld reset 2-1009

unidirectional 2-1010

username 2-1011

verify 2-1013

vlan (VLAN Database mode) 2-1015

vlan access-map 2-1018

vlan configuration 2-1020

vlan database 2-1022

vlan dot1q tag native 2-1024

vlan filter 2-1026

vlan group 2-1027xixCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Contents

vlan internal allocation policy 2-1029

vmps reconfirm (global configuration) 2-1030

vmps reconfirm (privileged EXEC) 2-1031

vmps retry 2-1032

vmps server 2-1033

vrf (netflow-lite exporter submode) 2-1035

vtp (global configuration mode) 2-1037

vtp client 2-1038

vtp domain 2-1039

vtp password 2-1040

vtp pruning 2-1041

vtp server 2-1042

vtp transparent 2-1043

vtp v2-mode 2-1044

A P P E N D I X A Abbreviations A-1

I N D E XxxCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Preface

This preface describes the audience, organization, and conventions of this publication, and provides information on how to obtain related documentation.

AudienceThis publication is for experienced network administrators who are responsible for configuring and maintaining Catalyst 4500 series switches.

OrganizationThis publication is organized as follows:

Related DocumentationThe Catalyst 4500 series Cisco IOS documentation set includes these publications:

Chapter Title Description

Chapter 1 Command-Line Interface Describes the Catalyst 4500 series switch CLI.

Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches

Lists all Catalyst 4500 series Cisco IOS commands alphabetically and provides detailed information on each command.

Appendix A Abbreviations Defines the acronyms used in this publication.xxiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Catalyst 4500 Series Switch Installation Guide Catalyst 4500 Series Switch Supervisor Engine Installation Note

Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide Catalyst 4500 Series Switch Cisco IOS System Message Guide Release Notes for Catalyst 4500 Series Switch Software

PrefaceNote Access the Catalyst 4500 Series Switch documentation library at the URL http://www.cisco.com/go/cat4500/docs

Other documents in the Cisco IOS documentation set include: Cisco IOS Release 12.2 Configuration Guides Cisco IOS Release 12.2 Command ReferencesFor information about MIBs, refer to this URL:http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

ConventionsThis document uses these conventions:

Convention Description

boldface font Boldface text indicates commands and keywords that you enter literally as shown.

italic font Italic text indicates arguments for which you supply values.[x] Square brackets enclose an optional element (keyword or

argument).| A vertical line indicates a choice within an optional or

required set of keywords or arguments.[x | y] Square brackets enclosing keywords or arguments separated

by a vertical line indicate an optional choice.{x | y} Braces enclosing keywords or arguments separated by a

vertical line indicate a required choice.[x {y | z}] Braces and a vertical line within square brackets indicate a

required choice within an optional element.string A nonquoted set of characters. Do not use quotation marks

around the string or the string will include the quotation marks.

screen font Terminal sessions and information the system displays are in screen font.

boldface screen font Information you must enter is in boldface screen font.italic screen font Arguments for which you supply values are in italic screen

font.^ The symbol ^ represents the key labeled Controlfor

example, the key combination ^D in a screen display means hold down the Control key while you press the D key.

< > Nonprinting characters, such as passwords, are in angle brackets.xxiiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

PrefaceNotes use this convention:

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication.

Cautions use this convention:

Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

NoticesThe following notices pertain to this software license.

OpenSSL/Open SSL ProjectThis product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).This product includes software written by Tim Hudson (tjh@cryptsoft.com).

License Issues

The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org.

OpenSSL License:

Copyright 1998-2007 The OpenSSL Project. All rights reserved.Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:1. Redistributions of source code must retain the copyright notice, this list of conditions and the

following disclaimer.2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions,

and the following disclaimer in the documentation and/or other materials provided with the distribution.

[ ] Default responses to system prompts are in square brackets.!, # An exclamation point (!) or a pound sign (#) at the beginning

of a line of code indicates a comment line.

Convention DescriptionxxiiiCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Preface3. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).

4. The names OpenSSL Toolkit and OpenSSL Project must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org.

5. Products derived from this software may not be called OpenSSL nor may OpenSSL appear in their names without prior written permission of the OpenSSL Project.

6. Redistributions of any form whatsoever must retain the following acknowledgment:This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT AS IS' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).

Original SSLeay License:

Copyright 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved.This package is an SSL implementation written by Eric Young (eay@cryptsoft.com).The implementation was written so as to conform with Netscapes SSL.This library is free for commercial and non-commercial use as long as the following conditions are adhered to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com).Copyright remains Eric Youngs, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package.Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:1. Redistributions of source code must retain the copyright notice, this list of conditions and the

following disclaimer.2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and

the following disclaimer in the documentation and/or other materials provided with the distribution.xxivCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

PrefaceObtaining Documentation and Submitting a Service Request3. All advertising materials mentioning features or use of this software must display the following acknowledgement:This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).The word cryptographic can be left out if the routines from the library being used are not cryptography-related.

4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: This product includes software written by Tim Hudson (tjh@cryptsoft.com).

THIS SOFTWARE IS PROVIDED BY ERIC YOUNG AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.The license and distribution terms for any publicly available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU Public License].

Obtaining Documentation and Submitting a Service RequestFor information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly Whats New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.htmlSubscribe to the Whats New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.xxvCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

PrefaceObtaining Documentation and Submitting a Service RequestxxviCatalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Catalyst 4500 Series Switch OL-23829-01

? Lists all command ? Lists all

betweencommand keyword ? Lists all

betweencommands for the command mode. keywords for the command. Leave a space the command and the question mark.arguments for the keyword. Leave a space C H A P T E R

1Command-Line Interface

This chapter provides information for understanding and using the Cisco IOS command-line interface (CLI) on the Catalyst 4500 series switch. This chapter includes the following sections: Getting Help, page 1-1 How to Find Command Options, page 1-2 Understanding Command Modes, page 1-5 Using the No and Default Forms of Commands, page 1-6 Using the CLI String Search, page 1-6 Saving Configuration Changes, page 1-11For an overview of the Catalyst 4500 series switch Cisco IOS configuration, refer to the Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide.

Getting HelpTo display a list of commands that you can use within a command mode, enter a question mark (?) at the system prompt. You also can display keywords and arguments for each command with this context-sensitive help feature.

Table 1-1 lists commands you can enter to get help that is specific to a command mode, a command, a keyword, or an argument.

Table 1-1 Getting Help

Command Purpose

abbreviated-command-entry? Displays a list of commands that begin with a particular character string. (Do not leave a space between the command and question mark.)

abbreviated-command-entry Completes a partial command name. 1-1Cisco IOS Command ReferenceRelease 15.0(2)SG

the keyword and the question mark.

Chapter 1 Command-Line InterfaceHow to Find Command OptionsHow to Find Command OptionsThis section provides an example of how to display syntax for a command. The syntax can consist of optional or required keywords. To display keywords for a command, enter a question mark (?) at the command prompt or after entering part of a command followed by a space. The Catalyst 4500 series switch software displays a list of available keywords along with a brief description of the keywords. For example, if you are in global configuration mode and want to see all the keywords for the arap command, you enter arap ?. Table 1-2 shows examples of how you can use the question mark (?) to assist you in entering commands and also guides you through entering the following commands: interface gigabitethernet 1/1 channel-group 1 mode auto

Table 1-2 How to Find Command Options

Command Purpose

Switch> enablePassword: Switch#

Enter the enable command and password to access privileged EXEC commands. You are in privileged EXEC mode when the prompt changes to Switch#.

Switch# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#

Enter global configuration mode.You are in global configuration mode when the prompt changes to Switch(config)#.

Switch(config)# interface gigabitethernet ? GigabitEthernet interface number Switch(config)# interface gigabitethernet 1/1Switch(config-if)#

Enter interface configuration mode by specifying the Gigabit Ethernet interface that you want to configure using the interface gigabitethernet global configuration command.Enter a ? to display what you must enter next on the command line. In this example, you must enter an interface number from 1 to 9 in the format module-number/port-number.You are in interface configuration mode when the prompt changes to Switch(config-if)#.1-2Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceHow to Find Command OptionsSwitch(config-if)#?Interface configuration commands: access-expression Build a bridge boolean access expression apollo Apollo interface subcommands appletalk Appletalk interface subcommands arp Set arp type (arpa, probe, snap) or timeout backup Modify backup parameters bandwidth Set bandwidth informational parameter bgp-policy Apply policy propogated by bgp community string bridge-group Transparent bridging interface parameters carrier-delay Specify delay for interface transitions cdp CDP interface subcommands channel-group Etherchannel/port bundling configuration clns CLNS interface subcommands cmns OSI CMNS custom-queue-list Assign a custom queue list to an interface decnet Interface DECnet config commands default Set a command to its defaults delay Specify interface throughput delay description Interface specific description dlsw DLSw interface subcommands dspu Down Stream PU exit Exit from interface configuration mode fair-queue Enable Fair Queuing on an Interface flowcontrol Configure flow operation. fras DLC Switch Interface Command help Description of the interactive help system hold-queue Set hold queue depth ip Interface Internet Protocol config commands ipx Novell/IPX interface subcommands isis IS-IS commands iso-igrp ISO-IGRP interface subcommands

.

.

.

Switch(config-if)#

Enter a ? to display a list of all the interface configuration commands available for the Gigabit Ethernet interface.

Switch(config-if)# channel-group ? group channel-group of the interface

Switch(config-if)#channel-group

Enter the command that you want to configure for the controller. In this example, the channel-group command is used. Enter a ? to display what you must enter next on the command line. In this example, you must enter the group keyword.Because a is not displayed, it indicates that you must enter more information to complete the command.

Table 1-2 How to Find Command Options (continued)

Command Purpose1-3Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceHow to Find Command OptionsSwitch(config-if)# channel-group ? Channel group number

Switch(config-if)#channel-group

After you enter the group keyword, enter a ? to display what you must enter next on the command line. In this example, you must enter a channel group number from 1 to 256. Because a is not displayed, it indicates that you must enter more information to complete the command.

Switch(config-if)# channel-group 1 ? mode Etherchannel Mode of the interface

Switch(config-if)#

After you enter the channel group number, enter a ? to display what you must enter next on the command line. In this example, you must enter the mode keyword.Because a is not displayed, it indicates that you must enter more information to complete the command.

Switch(config-if)# channel-group 1 mode ? auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only

Switch(config-if)#

After you enter the mode keyword, enter a ? to display what you must enter next on the command line. In this example, you must enter the auto, desirable, or on keyword.Because a is not displayed, it indicates that you must enter more information to complete the command.

Switch(config-if)# channel-group 1 mode auto ?

Switch(config-if)#

In this example, the auto keyword is entered. After you enter the auto keyword, enter a ? to display what you must enter next on the command line. Because a is displayed, it indicates that you can press Return to complete the command. If additional keywords are listed, you can enter more keywords or press Return to complete the command.

Switch(config-if)# channel-group 1 mode autoSwitch(config-if)#

In this example, press Return to complete the command.

Table 1-2 How to Find Command Options (continued)

Command Purpose1-4Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceUnderstanding Command ModesUnderstanding Command ModesThe Cisco IOS user interface on the Catalyst 4500 series switch has many different modes. The commands that are available to you depend on which mode you are currently in. You can obtain a list of commands available for each command mode by entering a question mark (?) at the system prompt.When you start a session on the Catalyst 4500 series switch, you begin in user mode, often called EXEC mode. Only a limited subset of the commands are available in EXEC mode. In order to have access to all commands, you must enter privileged EXEC mode. Normally, you must enter a password to enter privileged EXEC mode. From privileged EXEC mode, you can enter any EXEC command or enter global configuration mode. Most EXEC commands are one-time commands, such as show commands, which show the current status of a given item, and clear commands, which clear counters or interfaces. The EXEC commands are not saved across reboots of the Catalyst 4500 series switch.The configuration modes provide a way for you to make changes to the running configuration. When you save changes to the configuration, the changes remain intact when the Catalyst 4500 series switch reboots. From global configuration mode, you can enter interface configuration mode, subinterface configuration mode, and other protocol-specific modes.ROM-monitor mode is a separate mode used when the Catalyst 4500 series switch cannot boot properly. If your Catalyst 4500 series switch or access server does not find a valid system image when it is booting, or if its configuration file is corrupted at startup, the system might enter ROM-monitor mode. Table 1-3 provides a summary of the main command modes.

Table 1-3 Summary of Main Command Modes

Command Mode Access Method Prompt Exit Method

User EXEC mode

Log in. Switch> Use the logout command.

Privileged EXEC mode

From user EXEC mode, enter the enable EXEC command.

Switch# To exit to user EXEC mode, enter the disable command.To enter global configuration mode, enter the configure terminal privileged EXEC command.

Global configuration mode

From privileged EXEC mode, enter the configure terminal privileged EXEC command.

Switch(config)# To exit to privileged EXEC mode, enter the exit or end command or press Ctrl-Z.To enter interface configuration mode, enter an interface configuration command.

Interface configuration mode

From global configuration mode, enter by specifying an interface with an interface command.

Switch(config-if)# To exit to global configuration mode, enter the exit command. To exit to privileged EXEC mode, enter the exit command or press Ctrl-Z.To enter subinterface configuration mode, specify a subinterface with the interface command.1-5Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceUsing the No and Default Forms of CommandsFor more information on command modes, refer to the Using the Command Line Interface chapter of the Configuration Fundamentals Configuration Guide.

Using the No and Default Forms of CommandsAlmost every configuration command has a no form. In general, enter the no form to disable a function. Use the command without the keyword no to reenable a disabled function or to enable a function that is disabled by default. For example, IP routing is enabled by default. To disable IP routing, specify the no ip routing command and specify ip routing to reenable it. This publication provides the complete syntax for the configuration commands and describes what the no form of a command does.Some configuration commands have a default form. The default form of a command returns the command setting to its default settings. Most commands are disabled by default, so the default form is the same as the no form. However, some commands are enabled by default, with variables set to certain default values. In these cases, the default form of the command enables the command and returns its variables to their default values.

Using the CLI String SearchThe pattern in the command output is referred to as a string. The CLI string search feature allows you to search or filter any show or more command output and allows you to search and filter at --More-- prompts. This feature is useful when you need to sort though large amounts of output, or if you want to exclude output that you do not need to see.With the search function, you can begin unfiltered output at the first line that contains a regular expression you specify. You can then specify a maximum of one filter per command or start a new search from the --More-- prompt.

A regular expression is a pattern (a phrase, number, or more complex pattern) software uses to match against show or more command output. Regular expressions are case sensitive and allow for complex matching requirements. Examples of simple regular expressions are Serial, misses, and 138. Examples of complex regular expressions are 00210..., ( is ), and [Oo]utput.

Subinterface configuration

From interface configuration mode, specify a subinterface with an interface command.

Switch(config-subif)# To exit to global configuration mode, enter the exit command.To enter privileged EXEC mode, enter the end command or press Ctrl-Z.

ROM monitor From privileged EXEC mode, enter the reload EXEC command. Press the Break key during the first 60 seconds while the system is booting.

Rommon> To exit ROM-monitor mode, you must reload the image by entering the boot command. If you use the boot command without specifying a file or any other boot instructions, the system boots from the default Flash image (the first image in onboard Flash memory). Otherwise, you can instruct the system to boot from a specific Flash image (using the boot system flash filename command).

Table 1-3 Summary of Main Command Modes (continued)

Command Mode Access Method Prompt Exit Method1-6Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceUsing the CLI String SearchYou can perform three types of filtering: Use the begin keyword to begin output with the line that contains a specified regular expression. Use the include keyword to include output lines that contain a specified regular expression. Use the exclude keyword to exclude output lines that contain a specified regular expression.You can then search this filtered output at the --More-- prompts.

Note The CLI string search function does not allow you to search or filter backward through previous output; filtering cannot be specified using HTTP access to the CLI.

Regular ExpressionsA regular expression can be a single character that matches the same single character in the command output or multiple characters that match the same multiple characters in the command output. This section describes how to create both single-character patterns and multiple-character patterns and how to create more complex regular expressions using multipliers, alternation, anchoring, and parentheses.

Single-Character Patterns

The simplest regular expression is a single character that matches the same single character in the command output. You can use any letter (A-Z, a-z) or digit (0-9) as a single-character pattern. You can also use other keyboard characters (such as ! or ~) as single-character patterns, but certain keyboard characters have special meaning when used in regular expressions. Table 1-4 lists the keyboard characters that have special meaning.

To enter these special characters as single-character patterns, remove the special meaning by preceding each character with a backslash (\). These examples are single-character patterns matching a dollar sign, an underscore, and a plus sign, respectively.\$ \_ \+

Table 1-4 Characters with Special Meaning

Character Special Meaning

. Matches any single character, including white space.* Matches 0 or more sequences of the pattern.+ Matches 1 or more sequences of the pattern.? Matches 0 or 1 occurrences of the pattern.^ Matches the beginning of the string.$ Matches the end of the string._ (underscore) Matches a comma (,), left brace ({), right brace (}), left parenthesis ( ( ),

right parenthesis ( ) ), the beginning of the string, the end of the string, or a space.1-7Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceUsing the CLI String SearchYou can specify a range of single-character patterns to match against command output. For example, you can create a regular expression that matches a string containing one of the following letters: a, e, i, o, or u. One and only one of these characters must exist in the string for pattern matching to succeed. To specify a range of single-character patterns, enclose the single-character patterns in square brackets ([ ]). For example,[aeiou] matches any one of the five vowels of the lowercase alphabet, while[abcdABCD] matches any one of the first four letters of the lower- or uppercase alphabet.You can simplify ranges by entering only the end points of the range separated by a dash (-). Simplify the previous range as follows:[a-dA-D] To add a dash as a single-character pattern in your range, include another dash and precede it with a backslash:[a-dA-D\-] You can also include a right square bracket (]) as a single-character pattern in your range. To do so, enter the following:[a-dA-D\-\]] The previous example matches any one of the first four letters of the lower- or uppercase alphabet, a dash, or a right square bracket. You can reverse the matching of the range by including a caret (^) at the start of the range. This example matches any letter except the ones listed: [^a-dqsv] This example matches anything except a right square bracket (]) or the letter d:[^\]d]

Multiple-Character Patterns

When creating regular expressions, you can also specify a pattern containing multiple characters. You create multiple-character regular expressions by joining letters, digits, or keyboard characters that do not have special meaning. For example, a4% is a multiple-character regular expression. Put a backslash in front of the keyboard characters that have special meaning when you want to remove their special meaning. With multiple-character patterns, order is important. The regular expression a4% matches the character a followed by a 4 followed by a % sign. If the string does not have a4%, in that order, pattern matching fails. This multiple-character regular expression:a.

uses the special meaning of the period character to match the letter a followed by any single character. With this example, the strings ab, a!, or a2 are all valid matches for the regular expression. You can remove the special meaning of the period character by putting a backslash in front of it. In the following expression:a\. only the string a. matches this regular expression.1-8Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceUsing the CLI String SearchYou can create a multiple-character regular expression containing all letters, all digits, all keyboard characters, or a combination of letters, digits, and other keyboard characters. These examples are all valid regular expressions:telebit 3107 v32bis

Multipliers

You can create more complex regular expressions to match multiple occurrences of a specified regular expression by using some special characters with your single- and multiple-character patterns. Table 1-5 lists the special characters that specify multiples of a regular expression.

This example matches any number of occurrences of the letter a, including none:a*

This pattern requires that at least one letter a in the string is matched: a+

This pattern matches the string bb or bab:ba?b This string matches any number of asterisks (*):\** To use multipliers with multiple-character patterns, you enclose the pattern in parentheses. In the following example, the pattern matches any number of the multiple-character string ab:(ab)* As a more complex example, this pattern matches one or more instances of alphanumeric pairs (but not none; that is, an empty string is not a match):([A-Za-z][0-9])+ The order for matches using multipliers (*, +, or ?) is to put the longest construct first. Nested constructs are matched from outside to inside. Concatenated constructs are matched beginning at the left side of the construct. Thus, the regular expression matches A9b3, but not 9Ab3 because the letters are specified before the numbers.

Table 1-5 Special Characters Used as Multipliers

Character Description

* Matches 0 or more single- or multiple-character patterns.+ Matches 1 or more single- or multiple-character patterns.? Matches 0 or 1 occurrences of the single- or multiple-character patterns.1-9Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceUsing the CLI String SearchAlternationAlternation allows you to specify alternative patterns to match against a string. You separate the alternative patterns with a vertical bar (|). Exactly one of the alternatives can match the string. For example, the regular expression

codex | telebit matches the string codex or the string telebit, but not both codex and telebit.

AnchoringYou can match a regular expression pattern against the beginning or the end of the string. That is, you can specify that the beginning or end of a string contains a specific pattern. You anchor these regular expressions to a portion of the string using the special characters shown in Table 1-6.

This regular expression matches a string only if the string starts with abcd:^abcd In contrast, this expression is in a range that matches any single letter, as long as it is not the letters a, b, c, or d:[^abcd] With this example, the regular expression matches a string that ends with .12:$\.12 Contrast these anchoring characters with the special character underscore (_). The underscore matches the beginning of a string (^), the end of a string ($), parentheses ( ), space ( ), braces { }, comma (,), or underscore (_). With the underscore character, you can specify that a pattern exist anywhere in the string. For example:

_1300_ matches any string that has 1300 somewhere in the string. The strings 1300 can be preceded by or end with a space, brace, comma, or underscore. For example:{1300_ matches the regular expression, but 21300 and 13000 do not. Using the underscore character, you can replace long regular expression lists, such as the following: ^1300$ ^1300(space) (space)1300 {1300, ,1300, {1300} ,1300, (1300 with _1300_

Table 1-6 Special Characters Used for Anchoring

Character Description

^ Matches the beginning of the string. $ Matches the end of the string.1-10Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line InterfaceSaving Configuration ChangesParentheses for RecallAs shown in the Multipliers section on page 1-9, you use parentheses with multiple-character regular expressions to multiply the occurrence of a pattern. You can also use parentheses around a single- or multiple-character pattern to remember a pattern for use elsewhere in the regular expression.To create a regular expression that recalls a previous pattern, you use parentheses to indicate a remembered specific pattern and a backslash (\) followed by an integer to reuse the remembered pattern. The integer specifies the occurrence of the parentheses in the regular expression pattern. If you have more than one remembered pattern in your regular expression, then \1 indicates the first remembered pattern, \2 indicates the second remembered pattern, and so on. This regular expression uses parentheses for recall:a(.)bc(.)\1\2 This regular expression matches an a followed by any character (call it character 1), followed by bc followed by any character (character 2), followed by character 1 again, followed by character 2 again. So, the regular expression can match aZbcTZT. The software remembers that character 1 is Z and character 2 is T and then uses Z and T again later in the regular expression.

Saving Configuration ChangesTo save your configuration changes to your startup configuration so that they will not be lost if there is a system reload or power outage, enter the following command:Switch# copy system:running-config nvram:startup-configBuilding configuration...

It might take a minute or two to save the configuration. After the configuration has been saved, the following output appears:[OK]Switch#

On most platforms, this step saves the configuration to NVRAM. On the Class A Flash file system platforms, this step saves the configuration to the location specified by the CONFIG_FILE environment variable. The CONFIG_FILE environment variable defaults to NVRAM.

show platform CommandsYou should use these commands only when you are working directly with your technical support representative, while troubleshooting a problem. Do not use these commands unless your technical support representative asks you to do so.

Note The show platform commands are not described in this document.1-11Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 1 Command-Line Interfaceshow platform Commands1-12Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Catalyst 4500 Series Switch OL-23829-01C H A P T E R

2Cisco IOS Commands for the Catalyst 4500 Series Switches

This chapter contains an alphabetical listing of Cisco IOS commands for the Catalyst 4500 series switches. For information about Cisco IOS commands that are not included in this publication, refer to Cisco IOS Release 12.2 configuration guides and command references at this URL:http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_product_indices_list.html 2-1Cisco IOS Command ReferenceRelease 15.0(2)SG

Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches#macro keywords#macro keywords To specify the help string for the macro keywords, use the #macro keywords command.

#macro keywords [keyword1] [keyword2] [keyword3]

Syntax Description

Defaults This command has no default settings.

Command Modes Global configuration mode

Command History

Usage Guidelines If you do not specify the mandatory keywords for a macro, the macro is to be considered invalid and fails when you attempt to apply it. By entering the #macro keywords command, you will receive a message indicating what you need to include to make the syntax valid.

Examples This example shows how to specify the help string for keywords associated with a macro named test:Switch(config)# macro name testmacro name testEnter macro commands one per line. End with the character '@'.#macro keywords $VLAN $MAXswichport@

Switch(config)# int gi1/1Switch(config-if)# macro apply test ? WORD Keyword to replace with a value e.g $VLAN, $MAX

Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches#macro keywordsRelated Commands Command Description

macro apply cisco-desktop Enables the Cisco-recommended features and settings that are suitable for connecting a switch port to a standard desktop.

macro apply cisco-phone Enables the Cisco-recommended features and settings that are suitable for connecting a switch port to a standard desktop and a Cisco IP phone.

macro apply cisco-router Enables the Cisco-recommended features and settings that are suitable for connecting a switch port to a router.

macro apply cisco-switch Enables the Cisco-recommended features and settings that are suitable for connecting a switch port to another switch.2-3Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switchesaaa accounting dot1x default start-stop group radiusaaa accounting dot1x default start-stop group radiusTo enable accounting for 802.1X authentication sessions, use the aaa accounting dot1x default start-stop group radius command. To disable accounting, use the no form of this command.

aaa accounting dot1x default start-stop group radius

no aaa accounting dot1x default start-stop group radius

Syntax Description This command has no arguments or keywords.

Defaults Accounting is disabled.

Command Modes Global configuration mode

Command History

Usage Guidelines 802.1X accounting requires a RADIUS server.This command enables the Authentication, Authorization, and Accounting (AAA) clients accounting feature to forward 802.1X update and watchdog packets from the 802.1X supplicant (workstation client) to the authentication (RADIUS) server. (Watchdog packets are defined as EAPOL-LOGON, EAPOL-LOGOFF, and EAPOL-INTERIM messages.) Successful authentication and authorization of the supplicant by the authentication server is required before these packets are considered valid and are forwarded. When the client is reauthenticated, an interim-update accounting notice is sent to the accounting server.

Examples This example shows how to configure 802.1X accounting:Switch(config)# aaa accounting dot1x default start-stop group radius

Note The RADIUS authentication server must be properly configured to accept and log update or watchdog packets from the AAA client.

Related Commands

Release Modification

12.2(18)EW Support for this command was introduced on the Catalyst 4500 series switch.

Command Description

aaa accounting system default start-stop group radius

Receives the session termination messages after the switch reboots.2-4Catalyst 4500 Series Switch Cisco IOS Command ReferenceRelease 15.0(2)SG

OL-23829-01

Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switchesaaa accounting system default start-stop group radiusaaa accounting system default start-stop group radiusTo receive the session termination messages after the switch reboots, use the aaa accounting system default start-stop group radius command. To disable accounting, use the no form of this command.

aaa accounting system default start-stop group radius

no aaa accounting system default start-stop group radius

Syntax Description This command has no arguments or keywords.

Defaults Accounting is disabled.

Command Modes Global configuration mode

Command History

Usage Guidelines 802.1X accounting requires the RADIUS server.This command enables the AAA clients accounting feature to forward 802.1X update and watchdog packets from the 802.1X supplicant (workstation client) to the authentication (RADIUS) server. (Watchdog packets are defined as EAPOL-LOGON, EAPOL-LOGOFF, and EAPOL-INTERIM messages.) Successful authentication and authorization of the supplicant by the authentication server is required before these packets are considered valid and are forwarded. When the client is reauthenticated, an interim-update accounting notice is sent to the accounting server.

Examples This example shows how to generate a logoff after a switch reboots:Switch(config)# aaa accounting system default start-stop group radius

Note The RADIUS authentication server must be properly configured to accept and log update or watchdog packets from the AAA client.

Related Commands

Release Modification

12.2(18)EW Support for this command was introduced on the Catalyst 4500 series switch.