0% found this document useful (0 votes)

68 views1,236 pages

Enterasys Matrix - Command Line Interface Reference Guide

Uploaded by

mickythekiller

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

68 views1,236 pages

Enterasys Matrix - Command Line Interface Reference Guide

Uploaded by

mickythekiller

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 1236

Enterasys Matrix ® X

Secure Core Router

Command Line Interface Reference Guide

Firmware Version 1.5.x

P/N 9034085-06 Rev. 0C

Notice
Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and
its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such
changes have been made.
The hardware, firmware, or software described in this document is subject to change without notice.
IN NO EVENT SHALL ENTERASYS NETWORKS BE LIABLE FOR ANY INCIDENTAL, INDIRECT, SPECIAL, OR
CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING OUT OF
OR RELATED TO THIS DOCUMENT, WEB SITE, OR THE INFORMATION CONTAINED IN THEM, EVEN IF
ENTERASYS NETWORKS HAS BEEN ADVISED OF, KNEW OF, OR SHOULD HAVE KNOWN OF, THE POSSIBILITY OF
SUCH DAMAGES.

Enterasys Networks, Inc.

50 Minuteman Road
Andover, MA 01810

© 2008 Enterasys Networks, Inc. All rights reserved.

Part Number: 9034085‐06 Rev. 0C July 2008

ENTERASYS, ENTERASYS NETWORKS, ENTERASYS SECURE NETWORKS, NETSIGHT, ENTERASYS NETSIGHT,

ENTERASYS MATRIX, and any logos associated therewith, are trademarks or registered trademarks of Enterasys Networks,
Inc., in the United States and/or other countries. For a complete list of Enterasys trademarks, see
http://www.enterasys.com/company/trademarks.aspx.
All other product names mentioned in this manual may be trademarks or registered trademarks of their respectivecompanies.

Documentation URL: http://www.enterasys.com/support/manuals

Documentacion URL: http://www.enterasys.com/support/manuals
Dokumentation im Internet: http://www.enterasys.com/support/manuals

i
Code Copyrights and Acknowledgements
Copyright (c) 1999‐2001 Internet Software Consortium.
All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following
conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided with the distribution.
3. Neither the name of The Internet Software Consortium nor the names of its contributors may be used to endorse or promote
products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND CONTRIBUTORS “AS IS” AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
INTERNET SOFTWARE CONSORTIUM OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
THE POSSIBILITY OF SUCH DAMAGE.
This software has been written for the Internet Software Consortium by Ted Lemon in cooperation with Vixie Enterprises and
Nominum, Inc.
To learn more about the Internet Software Consortium, see “http://www.isc.org/”. To learn more about Vixie Enterprises, see
“http://www.vix.com”. To learn more about Nominum, Inc., see “http://www.nominum.com”.

ii
ENTERASYS NETWORKS, INC. SOFTWARE LICENSE AGREEMENT
This document is an agreement (“Agreement”) between You, the end user, and Enterasys Networks, Inc. on behalf of itself and
its Affiliates (“Enterasys”) that sets forth your rights and obligations with respect to the software contained in CD‐ROM or
other media. “Affiliates” means any person, partnership, corporation, limited liability company, or other form of enterprise that
directly or indirectly through one or more intermediaries, controls, or is controlled by, or is under common control with the
party specified. BY INSTALLING THE ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME BOUND BY THE TERMS
OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE LIMITATION OF WARRANTY AND DISCLAIMER
OF LIABILITY. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, RETURN THE UNOPENED PRODUCT
TO ENTERASYS OR YOUR DEALER, IF ANY, WITHIN TEN (10) DAYS FOLLOWING THE DATE OF RECEIPT FOR A FULL
REFUND.
IF YOU HAVE ANY QUESTIONS ABOUT THIS AGREEMENT, CONTACT ENTERASYS NETWORKS, INC. (978) 684‐1000.
Attn: Legal Department.
Enterasys will grant You a non‐transferable, non‐exclusive license to use the machine‐readable form of software (the “Licensed
Software”) and the accompanying documentation (the Licensed Software, the media embodying the Licensed Software, and the
documentation are collectively referred to in this Agreement as the “Licensed Materials”) on one single computer if You agree
to the following terms and conditions:
1. TERM. This Agreement is effective from the date on which You open the package containing the Licensed Materials. You
may terminate the Agreement at any time by destroying the Licensed Materials, together with all copies, modifications and
merged portions in any form. The Agreement and your license to use the Licensed Materials will also terminate if You fail to
comply with any term or condition herein.
2. GRANT OF SOFTWARE LICENSE. The license granted to You by Enterasys when You open this sealed package
authorizes You to use the Licensed Software on any one, single computer only, or any replacement for that computer, for internal
use only. A separate license, under a separate Software License Agreement, is required for any other computer on which You or
another individual or employee intend to use the Licensed Software. YOU MAY NOT USE, COPY, OR MODIFY THE LICENSED
MATERIALS, IN WHOLE OR IN PART, EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT.
3. RESTRICTION AGAINST COPYING OR MODIFYING LICENSED MATERIALS. Except as expressly permitted in this
Agreement, You may not copy or otherwise reproduce the Licensed Materials. In no event does the limited copying or
reproduction permitted under this Agreement include the right to decompile, disassemble, electronically transfer, or reverse
engineer the Licensed Software, or to translate the Licensed Software into another computer language.
The media embodying the Licensed Software may be copied by You, in whole or in part, into printed or machine readable
form, in sufficient numbers only for backup or archival purposes, or to replace a worn or defective copy. However, You agree
not to have more than two (2) copies of the Licensed Software in whole or in part, including the original media, in your
possession for said purposes without Enterasys’ prior written consent, and in no event shall You operate more than one copy of
the Licensed Software. You may not copy or reproduce the documentation. You agree to maintain appropriate records of the
location of the original media and all copies of the Licensed Software, in whole or in part, made by You. You may modify the
machine‐readable form of the Licensed Software for (1) your own internal use or (2) to merge the Licensed Software into other
program material to form a modular work for your own use, provided that such work remains modular, but on termination of
this Agreement, You are required to completely remove the Licensed Software from any such modular work. Any portion of
the Licensed Software included in any such modular work shall be used only on a single computer for internal purposes and
shall remain subject to all the terms and conditions of this Agreement.
You agree to include any copyright or other proprietary notice set forth on the label of the media embodying the Licensed
Software on any copy of the Licensed Software in any form, in whole or in part, or on any modification of the Licensed Software
or any such modular work containing the Licensed Software or any part thereof.
4. TITLE AND PROPRIETARY RIGHTS.
(a) The Licensed Materials are copyrighted works and are the sole and exclusive property of Enterasys, any company or a
division thereof which Enterasys controls or is controlled by, or which may result from the merger or consolidation
with Enterasys (its “Affiliates”), and/or their suppliers. This Agreement conveys a limited right to operate the Licensed
Materials and shall not be construed to convey title to the Licensed Materials to You. There are no implied rights. You
shall not sell, lease, transfer, sublicense, dispose of, or otherwise make available the Licensed Materials or any portion
thereof, to any other party.
(b) You further acknowledge that in the event of a breach of this Agreement, Enterasys shall suffer severe and irreparable
damages for which monetary compensation alone will be inadequate. You therefore agree that in the event of a breach
of this Agreement, Enterasys shall be entitled to monetary damages and its reasonable attorney’s fees and costs in
enforcing this Agreement, as well as injunctive relief to restrain such breach, in addition to any other remedies available
to Enterasys.

iii
5. PROTECTION AND SECURITY. In the performance of this Agreement or in contemplation thereof, You and your
employees and agents may have access to private or confidential information owned or controlled by Enterasys relating to the
Licensed Materials supplied hereunder including, but not limited to, product specifications and schematics, and such
information may contain proprietary details and disclosures. All information and data so acquired by You or your employees or
agents under this Agreement or in contemplation hereof shall be and shall remain Enterasys’ exclusive property, and You shall
use your best efforts (which in any event shall not be less than the efforts You take to ensure the confidentiality of your own
proprietary and other confidential information) to keep, and have your employees and agents keep, any and all such information
and data confidential, and shall not copy, publish, or disclose it to others, without Enterasys’ prior written approval, and shall
return such information and data to Enterasys at its request. Nothing herein shall limit your use or dissemination of information
not actually derived from Enterasys or of information which has been or subsequently is made public by Enterasys, or a third
party having authority to do so.
You agree not to deliver or otherwise make available the Licensed Materials or any part thereof, including without
limitation the object or source code (if provided) of the Licensed Software, to any party other than Enterasys or its employees,
except for purposes specifically related to your use of the Licensed Software on a single computer as expressly provided in this
Agreement, without the prior written consent of Enterasys. You agree to use your best efforts and take all reasonable steps to
safeguard the Licensed Materials to ensure that no unauthorized personnel shall have access thereto and that no unauthorized
copy, publication, disclosure, or distribution, in whole or in part, in any form shall be made, and You agree to notify Enterasys
of any unauthorized use thereof. You acknowledge that the Licensed Materials contain valuable confidential information and
trade secrets, and that unauthorized use, copying and/or disclosure thereof are harmful to Enterasys or its Affiliates and/or
its/their software suppliers.
6. MAINTENANCE AND UPDATES. Updates and certain maintenance and support services, if any, shall be provided to
You pursuant to the terms of a Enterasys Service and Maintenance Agreement, if Enterasys and You enter into such an
agreement. Except as specifically set forth in such agreement, Enterasys shall not be under any obligation to provide Software
Updates, modifications, or enhancements, or Software maintenance and support services to You.
7. DEFAULT AND TERMINATION. In the event that You shall fail to keep, observe, or perform any obligation under this
Agreement, including a failure to pay any sums due to Enterasys, or in the event that You become insolvent or seek protection,
voluntarily or involuntarily, under any bankruptcy law, Enterasys may, in addition to any other remedies it may have under
law, terminate the License and any other agreements between Enterasys and You.
(a) Immediately after any termination of the Agreement or if You have for any reason discontinued use of Software, You
shall return to Enterasys the original and any copies of the Licensed Materials and remove the Licensed Software from
any modular works made pursuant to Section 3, and certify in writing that through your best efforts and to the best of
your knowledge the original and all copies of the terminated or discontinued Licensed Materials have been returned
to Enterasys.
(b) Sections 4, 5, 7, 8, 9, 10, 11, and 12 shall survive termination of this Agreement for any reason.
8. EXPORT REQUIREMENTS. You understand that Enterasys and its Affiliates are subject to regulation by agencies of the
U.S. Government, including the U.S. Department of Commerce, which prohibit export or diversion of certain technical products
to certain countries, unless a license to export the product is obtained from the U.S. Government or an exception from obtaining
such license may be relied upon by the exporting party.
If the Licensed Materials are exported from the United States pursuant to the License Exception CIV under the U.S. Export
Administration Regulations, You agree that You are a civil end user of the Licensed Materials and agree that You will use the
Licensed Materials for civil end uses only and not for military purposes.
If the Licensed Materials are exported from the United States pursuant to the License Exception TSR under the U.S. Export
Administration Regulations, in addition to the restriction on transfer set forth in Section 4 of this Agreement, You agree not to
(i) reexport or release the Licensed Software, the source code for the Licensed Software or technology to a national of a country
in Country Groups D:1 or E:2 (Albania, Armenia, Azerbaijan, Belarus, Cambodia, Cuba, Georgia, Iraq, Kazakhstan, Kyrgyzstan,
Laos, Libya, Macua, Moldova, Mongolia, North Korea, the People’s Republic of China, Russia, Tajikistan, Turkmenistan,
Ukraine, Uzbekistan, Vietnam, or such other countries as may be designated by the United States Government), (ii) export to
Country Groups D:1 or E:2 (as defined herein) the direct product of the Licensed Software or the technology, if such foreign
produced direct product is subject to national security controls as identified on the U.S. Commerce Control List, or (iii) if the
direct product of the technology is a complete plant o r any major component of a plant, export to Country Groups D:1 or E:2
the direct product of the plant or a major component thereof, if such foreign produced direct product is subject to national
security controls as identified on the U.S. Commerce Control List or is subject to State Department controls under the U.S.
Munitions List.

iv
9. UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The Licensed Materials (i) were developed solely at private
expense; (ii) contains “restricted computer software” submitted with restricted rights in accordance with section 52.227‐19 (a)
through (d) of the Commercial Computer Software‐Restricted Rights Clause and its successors, and (iii) in all respects is
proprietary data belonging to Enterasys and/or its suppliers. For Department of Defense units, the Licensed Materials are
considered commercial computer software in accordance with DFARS section 227.7202‐3 and its successors, and use,
duplication, or disclosure by the U.S. Government is subject to restrictions set forth herein.
10. LIMITED WARRANTY AND LIMITATION OF LIABILITY. The only warranty Enterasys makes to You in connection
with this license of the Licensed Materials is that if the media on which the Licensed Software is recorded is defective, it will be
replaced without charge, if Enterasys in good faith determines that the media and proof of payment of the license fee are
returned to Enterasys or the dealer from whom it was obtained within ninety (90) days of the date of payment of the license fee.
NEITHER ENTERASYS NOR ITS AFFILIATES MAKE ANY OTHER WARRANTY OR REPRESENTATION, EXPRESS OR
IMPLIED, WITH RESPECT TO THE LICENSED MATERIALS, WHICH ARE LICENSED ʺAS ISʺ. THE LIMITED WARRANTY
AND REMEDY PROVIDED ABOVE ARE EXCLUSIVE AND IN LIEU OF ALL OTHER WARRANTIES, INCLUDING
IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, WHICH ARE EXPRESSLY
DISCLAIMED, AND STATEMENTS OR REPRESENTATIONS MADE BY ANY OTHER PERSON OR FIRM ARE VOID. ONLY
TO THE EXTENT SUCH EXCLUSION OF ANY IMPLIED WARRANTY IS NOT PERMITTED BY LAW, THE DURATION OF
SUCH IMPLIED WARRANTY IS LIMITED TO THE DURATION OF THE LIMITED WARRANTY SET FORTH ABOVE. YOU
ASSUME ALL RISK AS TO THE QUALITY, FUNCTION AND PERFORMANCE OF THE LICENSED MATERIALS. IN NO
EVENT WILL ENTERASYS OR ANY OTHER PARTY WHO HAS BEEN INVOLVED IN THE CREATION, PRODUCTION OR
DELIVERY OF THE LICENSED MATERIALS BE LIABLE FOR SPECIAL, DIRECT, INDIRECT, RELIANCE, INCIDENTAL OR
CONSEQUENTIAL DAMAGES, INCLUDING LOSS OF DATA OR PROFITS OR FOR INABILITY TO USE THE LICENSED
MATERIALS, TO ANY PARTY EVEN IF ENTERASYS OR SUCH OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY
OF SUCH DAMAGES. IN NO EVENT SHALL ENTERASYS OR SUCH OTHER PARTYʹS LIABILITY FOR ANY DAMAGES
OR LOSS TO YOU OR ANY OTHER PARTY EXCEED THE LICENSE FEE YOU PAID FOR THE LICENSED MATERIALS.
Some states do not allow limitations on how long an implied warranty lasts and some states do not allow the exclusion or
limitation of incidental or consequential damages, so the above limitation and exclusion may not apply to You. This limited
warranty gives You specific legal rights, and You may also have other rights which vary from state to state.
11. JURISDICTION. The rights and obligations of the parties to this Agreement shall be governed and construed in
accordance with the laws and in the State and Federal courts of the Commonwealth of Massachusetts, without regard to its rules
with respect to choice of law. You waive any objections to the personal jurisdiction and venue of such courts. None of the 1980
United Nations Convention on the Limitation Period in the International Sale of Goods, and the Uniform Computer Information
Transactions Act shall apply to this Agreement.
12. GENERAL.
(a) This Agreement is the entire agreement between Enterasys and You regarding the Licensed Materials, and all prior
agreements, representations, statements, and undertakings, oral or written, are hereby expressly superseded and
canceled.
(b) This Agreement may not be changed or amended except in writing signed by both parties hereto.
(c) You represent that You have full right and/or authorization to enter into this Agreement.
(d) This Agreement shall not be assignable by You without the express written consent of Enterasys, The rights of
Enterasys and Your obligations under this Agreement shall inure to the benefit of Enterasys’ assignees, licensors, and
licensees.
(e) Section headings are for convenience only and shall not be considered in the interpretation of this Agreement.
(f) The provisions of the Agreement are severable and if any one or more of the provisions hereof are judicially
determined to be illegal or otherwise unenforceable, in whole or in part, the remaining provisions of this Agreement
shall nevertheless be binding on and enforceable by and between the parties hereto.
(g) Enterasys’ waiver of any right shall not constitute waiver of that right in future. This Agreement constitutes the entire
understanding between the parties with respect to the subject matter hereof, and all prior agreements, representations,
statements and undertakings, oral or written, are hereby expressly superseded and canceled. No purchase order shall
supersede this Agreement.
(h) Should You have any questions regarding this Agreement, You may contact Enterasys at the address set forth below.
Any notice or other communication to be sent to Enterasys must be mailed by certified mail to the following address:
ENTERASYS NETWORKS, INC., 50 Minuteman Road, Andover, MA 01810 Attn: Manager ‐ Legal Department.

v
vi
Contents
Using This Guide
Intended Audience ...................................................................................................................................... xxxvii
Conventions Used in This Guide ................................................................................................................ xxxvii
CLI Sections .............................................................................................................................................. xxxviii
Syntax ................................................................................................................................................. xxxviii
Parameters .......................................................................................................................................... xxxviii
Default ................................................................................................................................................. xxxviii
Mode ................................................................................................................................................... xxxviii
Usage .................................................................................................................................................. xxxviii
Example .............................................................................................................................................. xxxviii
Related Commands ............................................................................................................................ xxxviii

Chapter 1: Getting Started

Access and Navigation of the CLI .................................................................................................................. 1-2
Logging In with the Default User Account ................................................................................................ 1-2
Logging in with an Administratively Configured User Account ................................................................. 1-2
Using a Telnet Connection ....................................................................................................................... 1-2
Getting Help with CLI Syntax .......................................................................................................................... 1-3
Performing Keyword Lookups .................................................................................................................. 1-3
Displaying Scrolling Screens .................................................................................................................... 1-4
Abbreviating and Completing Commands and Filenames ....................................................................... 1-5
Listing Files .............................................................................................................................................. 1-5
Basic Line Editing Commands ................................................................................................................. 1-5
Using Regular Expressions in Searches .................................................................................................. 1-6
Setting User Accounts and Passwords .......................................................................................................... 1-7
Purpose .................................................................................................................................................... 1-7
Commands ............................................................................................................................................... 1-7
show system login .............................................................................................................................. 1-7
set system login .................................................................................................................................. 1-8
clear system login ............................................................................................................................... 1-9
set password .................................................................................................................................... 1-10
set system lockout ............................................................................................................................ 1-11
show system lockout ........................................................................................................................ 1-12
Setting the Login Authentication Method ...................................................................................................... 1-13
Purpose .................................................................................................................................................. 1-13
Commands ............................................................................................................................................. 1-13
show authentication login ................................................................................................................. 1-13
set authentication login..................................................................................................................... 1-14
clear authentication login.................................................................................................................. 1-15
Setting Basic Device Properties ................................................................................................................... 1-16
Purpose .................................................................................................................................................. 1-16
Commands ............................................................................................................................................. 1-16
show time ......................................................................................................................................... 1-17
set time ............................................................................................................................................. 1-18
show timezone.................................................................................................................................. 1-18
set timezone ..................................................................................................................................... 1-19
clear timezone .................................................................................................................................. 1-20
show summertime ............................................................................................................................ 1-20

Matrix X Router Command Line Interface Reference Guide vii

set summertime ................................................................................................................................ 1-21
clear summertime ............................................................................................................................. 1-21
set summertime recurring ................................................................................................................. 1-22
set prompt......................................................................................................................................... 1-23
show banner ..................................................................................................................................... 1-23
set banner......................................................................................................................................... 1-24
clear banner...................................................................................................................................... 1-26
show version..................................................................................................................................... 1-26
set system name .............................................................................................................................. 1-27
show system name........................................................................................................................... 1-27
set system location ........................................................................................................................... 1-28
show system location ....................................................................................................................... 1-28
set system contact............................................................................................................................ 1-29
show system contact ........................................................................................................................ 1-29
show width........................................................................................................................................ 1-30
set width ........................................................................................................................................... 1-31
clear width ........................................................................................................................................ 1-32
show length ...................................................................................................................................... 1-32
set length .......................................................................................................................................... 1-33
clear length ....................................................................................................................................... 1-34
show logout ...................................................................................................................................... 1-34
set logout ......................................................................................................................................... 1-35
set cli completion .............................................................................................................................. 1-35
show cli completion .......................................................................................................................... 1-36
clear cli completion ........................................................................................................................... 1-36
set cli maxsessions........................................................................................................................... 1-37
show cli maxsessions ....................................................................................................................... 1-38
clear cli maxsessions........................................................................................................................ 1-38
Setting and Displaying Command History .................................................................................................... 1-39
Purpose .................................................................................................................................................. 1-39
Commands ............................................................................................................................................. 1-39
history ............................................................................................................................................... 1-39
set history ......................................................................................................................................... 1-40
show history...................................................................................................................................... 1-40
Changing Modes, Clearing, and Closing the CLI ......................................................................................... 1-41
Purpose .................................................................................................................................................. 1-41
Commands ............................................................................................................................................. 1-41
cls (clear screen) .............................................................................................................................. 1-41
end.................................................................................................................................................... 1-42
exit | quit ........................................................................................................................................... 1-43
Starting and Configuring Telnet .................................................................................................................... 1-44
Purpose .................................................................................................................................................. 1-44
Commands ............................................................................................................................................. 1-44
show telnet ....................................................................................................................................... 1-44
set telnet ........................................................................................................................................... 1-45
telnet................................................................................................................................................. 1-46
Configuring Secure Shell (SSH) ................................................................................................................... 1-47
Purpose .................................................................................................................................................. 1-47
Commands ............................................................................................................................................. 1-47
show ssh........................................................................................................................................... 1-47
set ssh .............................................................................................................................................. 1-48
set ssh ciphers.................................................................................................................................. 1-48
set ssh hostkey................................................................................................................................. 1-49

viii
set ssh macs..................................................................................................................................... 1-50
set ssh port ....................................................................................................................................... 1-51
clear ssh ........................................................................................................................................... 1-51
ssh .................................................................................................................................................... 1-52
Configuring CDP ........................................................................................................................................... 1-53
Purpose .................................................................................................................................................. 1-53
Commands ............................................................................................................................................. 1-53
show cdp .......................................................................................................................................... 1-53
set cdp state ..................................................................................................................................... 1-55
set cdp auth ...................................................................................................................................... 1-56
set cdp interval ................................................................................................................................. 1-57
set cdp hold-time .............................................................................................................................. 1-57
clear cdp ........................................................................................................................................... 1-58
Gathering Technical Support Information ..................................................................................................... 1-59
Purpose .................................................................................................................................................. 1-59
Commands ............................................................................................................................................. 1-59
show technical-support..................................................................................................................... 1-59
loop................................................................................................................................................... 1-62
loop status ........................................................................................................................................ 1-65
loop terminate................................................................................................................................... 1-65
Entering Router Mode .................................................................................................................................. 1-67
Purpose .................................................................................................................................................. 1-67
Command ............................................................................................................................................... 1-67
router ................................................................................................................................................ 1-67

Chapter 2: Managing Hardware

General Hardware Commands ....................................................................................................................... 2-1
Purpose .................................................................................................................................................... 2-1
Commands ............................................................................................................................................... 2-1
show system....................................................................................................................................... 2-2
show system hardware....................................................................................................................... 2-3
show system uptime ........................................................................................................................... 2-7
show system utilization....................................................................................................................... 2-8
reset system ..................................................................................................................................... 2-10
Power Management Commands .................................................................................................................. 2-12
Purpose .................................................................................................................................................. 2-12
Commands ............................................................................................................................................. 2-12
show power ...................................................................................................................................... 2-13
set power iom ................................................................................................................................... 2-14
clear power iom ................................................................................................................................ 2-15
set power iom priority ....................................................................................................................... 2-15
clear power iom priority .................................................................................................................... 2-16
set power minimum-modules............................................................................................................ 2-17
clear power minimum-modules......................................................................................................... 2-18
set power source-voltage ................................................................................................................. 2-18
clear power source-voltage .............................................................................................................. 2-19
IOM Management Commands ..................................................................................................................... 2-21
Purpose .................................................................................................................................................. 2-21
Commands ............................................................................................................................................. 2-21
show iom parameters ....................................................................................................................... 2-21
set iom boot-retries........................................................................................................................... 2-22
clear iom boot-retries........................................................................................................................ 2-23

Matrix X Router Command Line Interface Reference Guide ix

set iom boot-timeout ......................................................................................................................... 2-23
clear iom boot-timeout ...................................................................................................................... 2-24
set iom reset-retries .......................................................................................................................... 2-24
clear iom reset-retries ....................................................................................................................... 2-25
set iom reset-timeout ........................................................................................................................ 2-25
clear iom reset-timeout ..................................................................................................................... 2-26
reset iom ........................................................................................................................................... 2-27
clear config iom ................................................................................................................................ 2-28
Fabric Module Commands ........................................................................................................................... 2-30
Purpose .................................................................................................................................................. 2-30
Commands ............................................................................................................................................. 2-30
show system fabric ........................................................................................................................... 2-31
show system fabric status ................................................................................................................ 2-32
show system fabric link..................................................................................................................... 2-33
set system fabric link ........................................................................................................................ 2-34
clear system fabric link ..................................................................................................................... 2-35
set system fabric max-bip ................................................................................................................. 2-35
clear system fabric max-bip .............................................................................................................. 2-36
set system fabric max-kerr-recvd ..................................................................................................... 2-37
clear system fabric max-kerr-recvd .................................................................................................. 2-37
set system fabric max-loss-of-sync .................................................................................................. 2-38
clear system fabric max-loss-of-sync ............................................................................................... 2-39
set system fabric max-rx-fifo-overflow .............................................................................................. 2-39
clear system fabric max-rx-fifo-overflow ........................................................................................... 2-40
set system fabric max-rxloss ............................................................................................................ 2-41
clear system fabric max-rxloss ......................................................................................................... 2-41
set system fabric max-ta................................................................................................................... 2-42
clear system fabric max-ta................................................................................................................ 2-43
set system fabric max-tx-fifo-overflow .............................................................................................. 2-43
clear system fabric max-tx-fifo-overflow ........................................................................................... 2-44
set system fabric retry-period ........................................................................................................... 2-45
clear system fabric retry-period ........................................................................................................ 2-45
reset fabric........................................................................................................................................ 2-46
High-Availability Commands ......................................................................................................................... 2-47
About System High-Availability ..............................................................................................................2-47
Memory Monitor Tool ............................................................................................................................. 2-47
Purpose .................................................................................................................................................. 2-48
Commands ............................................................................................................................................. 2-48
show system high-availability ........................................................................................................... 2-48
set system high-availability redundancy-mode ................................................................................. 2-51
clear system high-availability redundancy-mode .............................................................................. 2-52
set system high-availability monitor .................................................................................................. 2-52
clear system high-availability monitor ............................................................................................... 2-54

Chapter 3: Managing Firmware

Configuring Boot Firmware and FPGA Code ................................................................................................. 3-1
Purpose .................................................................................................................................................... 3-1
Commands ............................................................................................................................................... 3-1
show boot system ............................................................................................................................... 3-2
show boot backup............................................................................................................................... 3-2
set boot system .................................................................................................................................. 3-3

x
set boot backup .................................................................................................................................. 3-4
update system cm bootloader ............................................................................................................ 3-4
update system cm bios....................................................................................................................... 3-6
update system cm fpga ...................................................................................................................... 3-7
update system cm images .................................................................................................................. 3-8
update system iom bootloader ........................................................................................................... 3-9
update system iom fpga ................................................................................................................... 3-12
Hitless Upgrade ............................................................................................................................................ 3-13
Overview ................................................................................................................................................ 3-13
Commands ............................................................................................................................................. 3-14
reset system hitless .......................................................................................................................... 3-14
set boot hitless commit ..................................................................................................................... 3-20
set boot system hitless abort ............................................................................................................ 3-21

Chapter 4: File Management

Chapter 5: Broadcast Suppression Commands

Chapter 6: DNS Commands

Chapter 7: LACP (802.3ad) Commands

Matrix X Router Command Line Interface Reference Guide xi

clear lacp ............................................................................................................................................ 7-5
set lacp singleportlag.......................................................................................................................... 7-6
clear lacp singleportlag....................................................................................................................... 7-7
set lacp static...................................................................................................................................... 7-7
clear lacp static ................................................................................................................................... 7-8
show port lacp .................................................................................................................................... 7-9
set port lacp ...................................................................................................................................... 7-10
clear port lacp ................................................................................................................................... 7-12

Chapter 8: Logging and Network Management Commands

Overview ......................................................................................................................................................... 8-1
Configuring System Logging .......................................................................................................................... 8-1
Purpose .................................................................................................................................................... 8-1
Commands ............................................................................................................................................... 8-1
log....................................................................................................................................................... 8-3
show logging all .................................................................................................................................. 8-3
show logging server............................................................................................................................ 8-6
set logging server ............................................................................................................................... 8-7
clear logging server ............................................................................................................................ 8-8
show logging default........................................................................................................................... 8-8
set logging default .............................................................................................................................. 8-9
clear logging default ......................................................................................................................... 8-10
show logging application .................................................................................................................. 8-11
set logging application ...................................................................................................................... 8-13
clear logging application ................................................................................................................... 8-15
show logging local ............................................................................................................................ 8-16
set logging local................................................................................................................................ 8-16
clear logging local............................................................................................................................. 8-17
show logging here ............................................................................................................................ 8-18
set logging here ................................................................................................................................ 8-18
clear logging here ............................................................................................................................. 8-19
show logging buffer .......................................................................................................................... 8-20
clear logging buffer ........................................................................................................................... 8-22
show system error-log ...................................................................................................................... 8-22
clear system error-log ....................................................................................................................... 8-23
show logging hostname .................................................................................................................... 8-23
set logging hostname ....................................................................................................................... 8-24
clear logging hostname .................................................................................................................... 8-25
show logging interface...................................................................................................................... 8-26
set logging interface ......................................................................................................................... 8-27
clear logging interface ...................................................................................................................... 8-28
Monitoring Network Events and Status ........................................................................................................ 8-29
Commands ............................................................................................................................................. 8-29
ping................................................................................................................................................... 8-29
show users ....................................................................................................................................... 8-31
disconnect ........................................................................................................................................ 8-32
Managing Switch Network Addresses .......................................................................................................... 8-33
Commands ............................................................................................................................................. 8-33
traceroute ......................................................................................................................................... 8-33
show mac ......................................................................................................................................... 8-35
clear mac .......................................................................................................................................... 8-37
set mac ............................................................................................................................................. 8-39

xii
set movedaddrtrap............................................................................................................................ 8-40
show movedaddrtrap ........................................................................................................................ 8-41
Configuring Node Aliases ............................................................................................................................. 8-42
Commands ............................................................................................................................................. 8-42
show nodealias................................................................................................................................. 8-42
show nodealias mac ......................................................................................................................... 8-44
show nodealias protocol ................................................................................................................... 8-46
show nodealias config ...................................................................................................................... 8-47
set nodealias .................................................................................................................................... 8-48
set nodealias maxentries.................................................................................................................. 8-49
clear nodealias ................................................................................................................................. 8-49
clear nodealias config ....................................................................................................................... 8-50

Chapter 9: NetFlow Commands

Chapter 10: Packet Capture Commands

Chapter 11: Network Time Protocol Commands

Matrix X Router Command Line Interface Reference Guide xiii

clear ntp client .................................................................................................................................. 11-4
set ntp server.................................................................................................................................... 11-5
clear ntp server ................................................................................................................................. 11-5
set ntp broadcastdelay ..................................................................................................................... 11-6
clear ntp broadcastdelay .................................................................................................................. 11-6
set ntp timezone ............................................................................................................................... 11-7
clear ntp timezone ............................................................................................................................ 11-7
clear ntp summertime ....................................................................................................................... 11-8
set ntp summertime .......................................................................................................................... 11-8
set ntp summertime recurring ........................................................................................................... 11-9
set ntp poll-interval ......................................................................................................................... 11-10
clear ntp poll-interval ...................................................................................................................... 11-11

Chapter 12: Port Configuration Commands

Port Configuration Overview ......................................................................................................................... 12-1
Console Port .......................................................................................................................................... 12-1
Remote Management Port ..................................................................................................................... 12-2
IOM Ports ............................................................................................................................................... 12-2
Port Strings Used in the CLI ................................................................................................................... 12-2
VLAN, LAG, and Loopback Naming Formats ........................................................................................ 12-3
Examples ............................................................................................................................................... 12-5
Showing Console Port Properties ................................................................................................................. 12-6
Purpose .................................................................................................................................................. 12-6
Commands ............................................................................................................................................. 12-6
show console .................................................................................................................................... 12-6
show console baud........................................................................................................................... 12-7
show console flowcontrol.................................................................................................................. 12-7
show console bits ............................................................................................................................. 12-8
show console stopbits ...................................................................................................................... 12-8
show console parity .......................................................................................................................... 12-9
Reviewing Port Status ................................................................................................................................ 12-10
Purpose ................................................................................................................................................ 12-10
Commands ........................................................................................................................................... 12-10
show port ........................................................................................................................................ 12-10
show port detail .............................................................................................................................. 12-11
show port status ............................................................................................................................. 12-14
show port counters ......................................................................................................................... 12-15
clear port counters.......................................................................................................................... 12-16
show system ifIndex ....................................................................................................................... 12-17
Disabling / Enabling and Naming Ports ...................................................................................................... 12-19
Purpose ................................................................................................................................................ 12-19
Commands ........................................................................................................................................... 12-19
set port disable ............................................................................................................................... 12-19
set port enable................................................................................................................................ 12-20
show port alias................................................................................................................................ 12-21
set port alias ................................................................................................................................... 12-21
show port trap................................................................................................................................. 12-22
set port trap .................................................................................................................................... 12-23
Setting Speed and Duplex Mode ................................................................................................................ 12-24
Purpose ................................................................................................................................................ 12-24
Commands ........................................................................................................................................... 12-24
show port speed ............................................................................................................................. 12-24

xiv
set port speed................................................................................................................................. 12-25
show port duplex ............................................................................................................................ 12-26
set port duplex ................................................................................................................................ 12-27
Setting Auto-Negotiation and Advertised Ability ......................................................................................... 12-28
Purpose ................................................................................................................................................ 12-28
Commands ........................................................................................................................................... 12-28
show port negotiation ..................................................................................................................... 12-29
set port negotiation ......................................................................................................................... 12-30
set port parallel-detect .................................................................................................................... 12-30
show port parallel-detect ................................................................................................................ 12-31
show port advertise ........................................................................................................................ 12-32
set port advertise ............................................................................................................................ 12-34
clear port advertise ......................................................................................................................... 12-35
Setting Flow Control ................................................................................................................................... 12-37
Purpose ................................................................................................................................................ 12-37
Commands ........................................................................................................................................... 12-37
show port flowcontrol...................................................................................................................... 12-37
set port flowcontrol ......................................................................................................................... 12-39
Setting Port Traffic Handling Mode ............................................................................................................. 12-40
Purpose ................................................................................................................................................ 12-40
Commands ........................................................................................................................................... 12-40
set port mode.................................................................................................................................. 12-40
clear port mode............................................................................................................................... 12-41
show port mode .............................................................................................................................. 12-42
Selecting Port Connector Type ................................................................................................................... 12-43
Purpose ................................................................................................................................................ 12-43
Commands ........................................................................................................................................... 12-43
set port connector........................................................................................................................... 12-43
show port connector ....................................................................................................................... 12-44
Displaying Port Hardware Information ........................................................................................................ 12-45
Purpose ................................................................................................................................................ 12-45
Commands ........................................................................................................................................... 12-45
show port errors.............................................................................................................................. 12-45
clear port errors .............................................................................................................................. 12-47
show port transceiver ..................................................................................................................... 12-48
Configuring Port Mirroring .......................................................................................................................... 12-52
Port Mirroring Overview ....................................................................................................................... 12-52
Purpose ................................................................................................................................................ 12-52
Commands ........................................................................................................................................... 12-52
show port mirroring......................................................................................................................... 12-53
set port mirroring ............................................................................................................................ 12-54
clear port mirroring ......................................................................................................................... 12-56

Chapter 13: Policy Classification Commands

Matrix X Router Command Line Interface Reference Guide xv

Purpose .................................................................................................................................................. 13-7
Commands ............................................................................................................................................. 13-7
show policy rule ................................................................................................................................ 13-7
show policy capability ....................................................................................................................... 13-9
set policy rule.................................................................................................................................. 13-11
clear policy rule............................................................................................................................... 13-15
clear policy all-rules ........................................................................................................................ 13-16

Chapter 14: Port Priority and Rate Limiting Commands

Chapter 15: RADIUS Commands

Chapter 16: TACACS+ Commands

xvi
clear tacacs session ......................................................................................................................... 16-8
show tacacs command ..................................................................................................................... 16-9
set tacacs command......................................................................................................................... 16-9
show tacacs singleconnect............................................................................................................. 16-10
set tacacs singleconnect ................................................................................................................ 16-11
show tacacs interface ..................................................................................................................... 16-11
set tacacs interface......................................................................................................................... 16-12
clear tacacs interface...................................................................................................................... 16-12

Chapter 17: Remote Network Monitoring Commands

Chapter 18: SNMP Commands

Matrix X Router Command Line Interface Reference Guide xvii

set snmp group ............................................................................................................................... 18-15
clear snmp group ............................................................................................................................ 18-16
show snmp community ................................................................................................................... 18-16
set snmp community....................................................................................................................... 18-17
clear snmp community.................................................................................................................... 18-18
Configuring SNMP Access Rights .............................................................................................................. 18-19
Purpose ................................................................................................................................................ 18-19
Commands ........................................................................................................................................... 18-19
show snmp access ......................................................................................................................... 18-19
set snmp access............................................................................................................................. 18-21
clear snmp access.......................................................................................................................... 18-22
Configuring SNMP MIB Views .................................................................................................................... 18-23
Purpose ................................................................................................................................................ 18-23
Commands ........................................................................................................................................... 18-23
show snmp view ............................................................................................................................. 18-23
show snmp context......................................................................................................................... 18-25
set snmp view................................................................................................................................. 18-25
clear snmp view.............................................................................................................................. 18-26
Configuring SNMP Target Parameters ....................................................................................................... 18-27
Purpose ................................................................................................................................................ 18-27
Commands ........................................................................................................................................... 18-27
show snmp targetparams ............................................................................................................... 18-27
set snmp targetparams................................................................................................................... 18-29
clear snmp targetparams................................................................................................................ 18-30
Configuring SNMP Target Addresses ........................................................................................................ 18-31
Purpose ................................................................................................................................................ 18-31
Commands ........................................................................................................................................... 18-31
show snmp targetaddr .................................................................................................................... 18-31
set snmp targetaddr........................................................................................................................ 18-33
clear snmp targetaddr..................................................................................................................... 18-34
Configuring SNMP Notification Parameters ...............................................................................................18-35
Purpose ................................................................................................................................................ 18-35
Commands ........................................................................................................................................... 18-35
show snmp notify ............................................................................................................................ 18-36
set snmp notify ............................................................................................................................... 18-37
clear snmp notify ............................................................................................................................ 18-38
show snmp notifyfilter ..................................................................................................................... 18-38
set snmp notifyfilter......................................................................................................................... 18-39
clear snmp notifyfilter...................................................................................................................... 18-40
show snmp notifyprofile .................................................................................................................. 18-41
set snmp notifyprofile...................................................................................................................... 18-42
clear snmp notifyprofile................................................................................................................... 18-43

Chapter 19: Spanning Tree Commands

xviii
set spantree stpmode ....................................................................................................................... 19-8
clear spantree stpmode .................................................................................................................... 19-8
show spantree mstilist ...................................................................................................................... 19-9
set spantree msti .............................................................................................................................. 19-9
clear spantree msti ......................................................................................................................... 19-10
show spantree mstmap .................................................................................................................. 19-10
set spantree mstmap ...................................................................................................................... 19-11
clear spantree mstmap ................................................................................................................... 19-11
show spantree vlanlist .................................................................................................................... 19-12
show spantree mstcfgid .................................................................................................................. 19-12
set spantree mstcfgid ..................................................................................................................... 19-13
clear spantree mstcfgid .................................................................................................................. 19-14
set spantree priority ........................................................................................................................ 19-14
clear spantree priority ..................................................................................................................... 19-15
show spantree bridgehellomode..................................................................................................... 19-16
set spantree bridgehellomode ........................................................................................................ 19-16
clear spantree bridgehellomode ..................................................................................................... 19-17
set spantree hello ........................................................................................................................... 19-17
clear spantree hello ........................................................................................................................ 19-18
set spantree maxage ...................................................................................................................... 19-19
clear spantree maxage ................................................................................................................... 19-19
set spantree fwddelay..................................................................................................................... 19-20
clear spantree fwddelay.................................................................................................................. 19-21
show spantree autoedge ................................................................................................................ 19-21
set spantree autoedge.................................................................................................................... 19-22
clear spantree autoedge................................................................................................................. 19-22
show spantree legacypathcost ....................................................................................................... 19-23
set spantree legacypathcost........................................................................................................... 19-23
clear spantree legacypathcost ........................................................................................................ 19-24
show spantree tctrapsuppress........................................................................................................ 19-24
set spantree tctrapsuppress ........................................................................................................... 19-25
clear spantree tctrapsuppress ........................................................................................................ 19-26
show spantree txholdcount............................................................................................................. 19-26
set spantree txholdcount ................................................................................................................ 19-27
clear spantree txholdcount ............................................................................................................. 19-27
set spantree maxhops .................................................................................................................... 19-28
clear spantree maxhops ................................................................................................................. 19-28
show spantree spanguard .............................................................................................................. 19-29
set spantree spanguard .................................................................................................................. 19-29
clear spantree spanguard ............................................................................................................... 19-30
show spantree spanguardtimeout .................................................................................................. 19-30
set spantree spanguardtimeout ...................................................................................................... 19-31
clear spantree spanguardtimeout ................................................................................................... 19-31
show spantree spanguardlock ........................................................................................................ 19-32
clear spantree spanguardlock ........................................................................................................ 19-32
set spantree spanguardlock ........................................................................................................... 19-33
show spantree debug ..................................................................................................................... 19-33
clear spantree debug...................................................................................................................... 19-35
Reviewing and Setting Spanning Tree Port Parameters ............................................................................ 19-36
Purpose ................................................................................................................................................ 19-36
Commands ........................................................................................................................................... 19-36
show spantree portenable .............................................................................................................. 19-37
set spantree portenable .................................................................................................................. 19-38

Matrix X Router Command Line Interface Reference Guide xix

clear spantree portenable ............................................................................................................... 19-38
show spantree portadmin ............................................................................................................... 19-39
set spantree portadmin................................................................................................................... 19-39
clear spantree portadmin................................................................................................................ 19-40
set spantree protomigration ............................................................................................................19-40
show spantree portstate ................................................................................................................. 19-41
show spantree blockedports ........................................................................................................... 19-42
show spantree portpri ..................................................................................................................... 19-43
set spantree portpri......................................................................................................................... 19-44
clear spantree portpri...................................................................................................................... 19-44
set spantree porthello ..................................................................................................................... 19-45
clear spantree porthello .................................................................................................................. 19-46
show spantree porthello ................................................................................................................. 19-46
show spantree portcost .................................................................................................................. 19-47
show spantree adminpathcost ........................................................................................................ 19-47
set spantree adminpathcost ........................................................................................................... 19-48
clear spantree adminpathcost ........................................................................................................ 19-49
show spantree adminedge ............................................................................................................. 19-49
set spantree adminedge ................................................................................................................. 19-50
clear spantree adminedge .............................................................................................................. 19-51
show spantree operedge ................................................................................................................ 19-51
show spantree adminpoint.............................................................................................................. 19-52
show spantree operpoint ................................................................................................................ 19-52
set spantree adminpoint ................................................................................................................. 19-53
clear spantree adminpoint .............................................................................................................. 19-54

Chapter 20: 802.1Q VLAN Commands

xx
show vlan dynamicegress .............................................................................................................. 20-15
set vlan dynamicegress .................................................................................................................. 20-16
Enabling/Disabling GVRP (GARP VLAN Registration Protocol) ................................................................ 20-17
Purpose ................................................................................................................................................ 20-17
Commands ........................................................................................................................................... 20-17
show gvrp ....................................................................................................................................... 20-17
show garp timer .............................................................................................................................. 20-18
set gvrp........................................................................................................................................... 20-19
clear gvrp ........................................................................................................................................ 20-20
set garp timer.................................................................................................................................. 20-20
clear garp timer............................................................................................................................... 20-21

Chapter 21: CoS Commands

Chapter 22: Port-Based DSCP Remapping Commands

Matrix X Router Command Line Interface Reference Guide xxi

set dscp-out-map create ................................................................................................................... 22-7
clear dscp-out-map........................................................................................................................... 22-7
set dscp-out-map .............................................................................................................................. 22-8
show dscp-out-map .......................................................................................................................... 22-9
Map-to-Port Association Commands .......................................................................................................... 22-11
Purpose ................................................................................................................................................ 22-11
Commands ........................................................................................................................................... 22-11
set port dscp-recognition ................................................................................................................ 22-11
show port dscp-recognition............................................................................................................. 22-12
clear port dscp-recognition ............................................................................................................. 22-13
set port dscp-remark....................................................................................................................... 22-13
show port dscp-remark ................................................................................................................... 22-14
clear port dscp-remark.................................................................................................................... 22-15

Chapter 23: Router Configuration Commands

Configuring Global Router Parameters ........................................................................................................ 23-1
Purpose .................................................................................................................................................. 23-1
Commands ............................................................................................................................................. 23-1
router id ............................................................................................................................................ 23-2
Configuring Routing Interface Settings ......................................................................................................... 23-3
Purpose .................................................................................................................................................. 23-3
Commands ............................................................................................................................................. 23-3
interface............................................................................................................................................ 23-4
show interface .................................................................................................................................. 23-5
show ip interface............................................................................................................................... 23-7
ip address ......................................................................................................................................... 23-8
ip proxy-arp....................................................................................................................................... 23-9
ip redirects ...................................................................................................................................... 23-10
ip unreachables .............................................................................................................................. 23-12
mac-address................................................................................................................................... 23-13
mtu.................................................................................................................................................. 23-13
host-mobility ................................................................................................................................... 23-14
ip host-mobility................................................................................................................................ 23-16
show ip host-mobility ...................................................................................................................... 23-17
shutdown ........................................................................................................................................ 23-18
no shutdown ................................................................................................................................... 23-19
Managing Router Configurations ................................................................................................................ 23-20
Purpose ................................................................................................................................................ 23-20
Commands ........................................................................................................................................... 23-20
show running-config ....................................................................................................................... 23-21
show startup-config ........................................................................................................................ 23-22
write file .......................................................................................................................................... 23-25
Reviewing and Configuring ARP ................................................................................................................ 23-27
Purpose ................................................................................................................................................ 23-27
Commands ........................................................................................................................................... 23-27
arp .................................................................................................................................................. 23-27
arp timeout...................................................................................................................................... 23-28
clear arp.......................................................................................................................................... 23-29
show ip arp ..................................................................................................................................... 23-29
Configuring Broadcast Settings .................................................................................................................. 23-32
Purpose ................................................................................................................................................ 23-32
About DHCP/BOOTP Relay ................................................................................................................. 23-32

xxii
Commands ........................................................................................................................................... 23-32
ip forward-protocol.......................................................................................................................... 23-33
ip helper-address ............................................................................................................................ 23-34
Reviewing IP Traffic and Configuring Static Routes ................................................................................... 23-35
Purpose ................................................................................................................................................ 23-35
Commands ........................................................................................................................................... 23-35
show ip traffic.................................................................................................................................. 23-35
show ip cache................................................................................................................................. 23-36
ip route............................................................................................................................................ 23-38

Chapter 24: Access Control List Commands

Overview ....................................................................................................................................................... 24-1
ACL Configuration Limits ....................................................................................................................... 24-2
ACL Rule Match Logging ....................................................................................................................... 24-2
Numbered Access Control Lists ................................................................................................................... 24-5
Purpose .................................................................................................................................................. 24-5
Commands ............................................................................................................................................. 24-5
access-list (standard) ....................................................................................................................... 24-5
access-list (extended)....................................................................................................................... 24-7
Named Access Control Lists ...................................................................................................................... 24-11
Purpose ................................................................................................................................................ 24-11
Commands ........................................................................................................................................... 24-11
ip access-list standard .................................................................................................................... 24-11
ip access-list extended ................................................................................................................... 24-12
ip access-list resequence ............................................................................................................... 24-13
ip access-list copy .......................................................................................................................... 24-14
Access List Configuration Mode Commands .............................................................................................. 24-15
Purpose ................................................................................................................................................ 24-15
Commands ........................................................................................................................................... 24-15
delete.............................................................................................................................................. 24-15
deny................................................................................................................................................ 24-16
exit .................................................................................................................................................. 24-17
move ............................................................................................................................................... 24-18
no.................................................................................................................................................... 24-19
permit.............................................................................................................................................. 24-20
Displaying and Applying Access Lists ........................................................................................................ 24-21
Purpose ................................................................................................................................................ 24-21
Commands ........................................................................................................................................... 24-21
ip access-group .............................................................................................................................. 24-21
ip service-access ............................................................................................................................ 24-22
ip common-access.......................................................................................................................... 24-23
show ip common-access ................................................................................................................ 24-24
show access-lists............................................................................................................................ 24-25
clear access-list counters ............................................................................................................... 24-26
show ip access-groups ................................................................................................................... 24-27
clear ip access-group if-counters.................................................................................................... 24-28
show ip rule-space available .......................................................................................................... 24-29
show ip rule-space required ........................................................................................................... 24-31
show ip rule-space expected .......................................................................................................... 24-32
ACL Rule Match Logging Commands ........................................................................................................ 24-34
Purpose ................................................................................................................................................ 24-34
Commands ........................................................................................................................................... 24-34

Matrix X Router Command Line Interface Reference Guide xxiii

show ip log-access ......................................................................................................................... 24-34
ip log-access update-frequency...................................................................................................... 24-35
ip log-access max-count-per-interface ........................................................................................... 24-36
ip log-access................................................................................................................................... 24-37
ip log-access service-access-list .................................................................................................... 24-39

Chapter 25: Prefix List and Prefix Tree Commands

Chapter 26: Layer 3 Traffic Classification and Policy-Based Routing Commands

Chapter 27: Border Gateway Protocol Commands

xxiv
bgp bestpath compare-router-id ..................................................................................................... 27-10
bgp bestpath med confed ............................................................................................................... 27-11
bgp bestpath med missing-as-worst ...............................................................................................27-12
bgp cluster-id .................................................................................................................................. 27-13
bgp confederation identifier ............................................................................................................27-14
bgp confederation peers................................................................................................................. 27-15
bgp non-leading-confeds ................................................................................................................ 27-16
bgp open-on-accept........................................................................................................................ 27-17
bgp pass-optional-nontrans ............................................................................................................27-18
bgp restart-defer ............................................................................................................................. 27-19
bgp restart-time .............................................................................................................................. 27-20
bgp restart-timeout ......................................................................................................................... 27-21
bgp router-id ................................................................................................................................... 27-22
bgp send-group-always .................................................................................................................. 27-23
bgp tie-break-on-age ...................................................................................................................... 27-24
default-metric.................................................................................................................................. 27-25
distance .......................................................................................................................................... 27-26
distribute-list ................................................................................................................................... 27-27
enable............................................................................................................................................. 27-29
maximum-routes............................................................................................................................. 27-30
network ........................................................................................................................................... 27-31
preference2 .................................................................................................................................... 27-32
redistribute...................................................................................................................................... 27-33
timers bgp....................................................................................................................................... 27-34
trace file .......................................................................................................................................... 27-36
trace flag ......................................................................................................................................... 27-38
BGP Address Family Commands ............................................................................................................... 27-40
neighbor activate ............................................................................................................................ 27-40
neighbor graceful-restart ................................................................................................................ 27-41
BGP Neighbor Commands ......................................................................................................................... 27-42
neighbor add-communities ............................................................................................................. 27-44
neighbor aggregator-id ................................................................................................................... 27-45
neighbor allow ................................................................................................................................ 27-46
neighbor as-loop............................................................................................................................. 27-47
neighbor as-override....................................................................................................................... 27-48
neighbor aspath-prepend ............................................................................................................... 27-49
neighbor capability orf comm-filter.................................................................................................. 27-50
neighbor capability orf extcomm-filter ............................................................................................. 27-51
neighbor capability orf prefix-filter................................................................................................... 27-52
neighbor cluster-id .......................................................................................................................... 27-53
neighbor distance ........................................................................................................................... 27-54
neighbor dynamic ........................................................................................................................... 27-55
neighbor enable.............................................................................................................................. 27-56
neighbor end-of-rib ......................................................................................................................... 27-57
neighbor export-localpref................................................................................................................ 27-58
neighbor ignore-leading-as............................................................................................................. 27-59
neighbor import-localpref................................................................................................................ 27-60
neighbor keep................................................................................................................................. 27-61
neighbor keepalives-always ........................................................................................................... 27-62
neighbor local-as ............................................................................................................................ 27-63
neighbor log-up-down ..................................................................................................................... 27-64
neighbor maximum-routes .............................................................................................................. 27-65
neighbor metric-out......................................................................................................................... 27-67

Matrix X Router Command Line Interface Reference Guide xxv

neighbor multi-protocol-nexthop ..................................................................................................... 27-68
neighbor next-hop-self .................................................................................................................... 27-69
neighbor no-drop ............................................................................................................................ 27-70
neighbor orf comm-list .................................................................................................................... 27-71
neighbor orf extcomm-list ............................................................................................................... 27-72
neighbor orf prefix-list ..................................................................................................................... 27-73
neighbor out-delay.......................................................................................................................... 27-74
neighbor passive ............................................................................................................................ 27-75
neighbor password ......................................................................................................................... 27-76
neighbor pedantic ........................................................................................................................... 27-77
neighbor peer-group ....................................................................................................................... 27-78
neighbor preference2 ..................................................................................................................... 27-79
neighbor receive-buffer................................................................................................................... 27-80
neighbor remote-as ........................................................................................................................ 27-81
neighbor remove-private-as............................................................................................................27-82
neighbor route-map ........................................................................................................................ 27-83
neighbor route-reflector-client......................................................................................................... 27-84
neighbor route-to-peer.................................................................................................................... 27-85
neighbor send-buffer ...................................................................................................................... 27-86
neighbor send-community .............................................................................................................. 27-87
neighbor soft-reconfiguration inbound ............................................................................................ 27-88
neighbor timers ............................................................................................................................... 27-89
neighbor ttl...................................................................................................................................... 27-90
neighbor update-source.................................................................................................................. 27-91
neighbor use-med........................................................................................................................... 27-92
neighbor gateway ........................................................................................................................... 27-93
neighbor version ............................................................................................................................. 27-94
Querying and Clearing Commands ............................................................................................................27-95
clear ip bgp ..................................................................................................................................... 27-95
show ip bgp .................................................................................................................................... 27-96
show ip bgp instance ...................................................................................................................... 27-99
show ip bgp neighbors.................................................................................................................. 27-100
show ip bgp orf ............................................................................................................................. 27-101
show ip bgp paths......................................................................................................................... 27-102
show ip bgp peer-group ................................................................................................................ 27-103
show ip bgp summary................................................................................................................... 27-104
BGP Communities and Community Lists ................................................................................................. 27-105
ip community-list........................................................................................................................... 27-105
ip community-set .......................................................................................................................... 27-107

Chapter 28: AS Paths and AS Path Lists

xxvi
Chapter 29: DHCP Commands
Overview ....................................................................................................................................................... 29-1
DHCP Client Command ................................................................................................................................ 29-2
ip address dhcp ................................................................................................................................ 29-2
DHCP Server Commands ............................................................................................................................ 29-3
Interface and Global Server Configuration Commands ......................................................................... 29-3
ip dhcp server ................................................................................................................................... 29-3
ip dhcp excluded-address................................................................................................................. 29-4
ip dhcp ping packets......................................................................................................................... 29-5
ip dhcp ping timeout ......................................................................................................................... 29-5
ip dhcp pool ...................................................................................................................................... 29-6
Address Pool Configuration Mode Commands .......................................................................................29-7
network ............................................................................................................................................. 29-7
default-router .................................................................................................................................... 29-8
dns-server......................................................................................................................................... 29-9
domain-name.................................................................................................................................... 29-9
netbios-name-server....................................................................................................................... 29-10
netbios-node-type........................................................................................................................... 29-11
lease ............................................................................................................................................... 29-12
host................................................................................................................................................. 29-13
hardware-address........................................................................................................................... 29-14
client-identifier ................................................................................................................................ 29-15
client-name ..................................................................................................................................... 29-16
bootfile ............................................................................................................................................ 29-17
next-server...................................................................................................................................... 29-18
option.............................................................................................................................................. 29-19
Show and Clear Commands ................................................................................................................. 29-20
show ip dhcp binding ...................................................................................................................... 29-20
clear ip dhcp binding....................................................................................................................... 29-21
show ip dhcp server statistics......................................................................................................... 29-21
clear ip dhcp server statistics ......................................................................................................... 29-23

Chapter 30: DVMRP Commands

Matrix X Router Command Line Interface Reference Guide xxvii

Chapter 31: Multicast Commands
Commands ................................................................................................................................................... 31-1
clear ip mroute.................................................................................................................................. 31-2
ip multicast boundary........................................................................................................................ 31-3
ip multicast ttl-threshold .................................................................................................................... 31-4
show ip mroute ................................................................................................................................. 31-5
show ip multicast boundary .............................................................................................................. 31-6
show ip multicast ttl-threshold .......................................................................................................... 31-6

Chapter 32: IGMP Commands

Overview ....................................................................................................................................................... 32-1
Switch-Level IGMP Commands .................................................................................................................... 32-2
Purpose .................................................................................................................................................. 32-2
Commands ............................................................................................................................................. 32-2
show igmp enable............................................................................................................................. 32-3
set igmp enable ................................................................................................................................ 32-3
set igmp disable................................................................................................................................ 32-4
show igmp query .............................................................................................................................. 32-4
set igmp query-enable ...................................................................................................................... 32-5
set igmp query-disable ..................................................................................................................... 32-6
show igmp config .............................................................................................................................. 32-6
set igmp config ................................................................................................................................. 32-7
set igmp delete ................................................................................................................................. 32-8
show igmp groups ............................................................................................................................ 32-9
show igmp static ............................................................................................................................... 32-9
set igmp add-static ......................................................................................................................... 32-10
set igmp remove-static ................................................................................................................... 32-11
Router-Level IGMP Commands ................................................................................................................. 32-12
Purpose ................................................................................................................................................ 32-12
Commands ........................................................................................................................................... 32-12
clear ip igmp group ......................................................................................................................... 32-13
ip igmp ............................................................................................................................................ 32-14
ip igmp ignore-v1-messages .......................................................................................................... 32-15
ip igmp ignore-v2-messages .......................................................................................................... 32-16
ip igmp last-member-query-count ................................................................................................... 32-17
ip igmp last-member-query-interval ................................................................................................ 32-18
ip igmp query-interval ..................................................................................................................... 32-19
ip igmp query-max-response-time .................................................................................................. 32-20
ip igmp require-router-alert ............................................................................................................. 32-21
ip igmp robustness ......................................................................................................................... 32-22
ip igmp send-router-alert ................................................................................................................ 32-23
ip igmp startup-query-count ............................................................................................................32-24
ip igmp startup-query-interval ......................................................................................................... 32-25
ip igmp static-group ........................................................................................................................ 32-27
ip igmp trace file ............................................................................................................................. 32-28
ip igmp trace flag ............................................................................................................................ 32-30
ip igmp version ............................................................................................................................... 32-31
show ip igmp groups....................................................................................................................... 32-32
show ip igmp interface .................................................................................................................... 32-35
show ip igmp interface-summary .................................................................................................... 32-39
show ip igmp static-groups ............................................................................................................. 32-40

xxviii
Chapter 33: IS-IS Commands
Overview ....................................................................................................................................................... 33-1
Global Configuration Mode IS-IS Command ................................................................................................ 33-2
router isis .......................................................................................................................................... 33-2
Router Mode IS-IS Commands .................................................................................................................... 33-3
Purpose .................................................................................................................................................. 33-3
Commands ............................................................................................................................................. 33-3
address-family .................................................................................................................................. 33-4
area .................................................................................................................................................. 33-5
area-md5-key ................................................................................................................................... 33-6
area-password.................................................................................................................................. 33-8
domain-md5-key............................................................................................................................... 33-9
domain-password ........................................................................................................................... 33-11
domain-wide ................................................................................................................................... 33-12
enable............................................................................................................................................. 33-13
external-preference ........................................................................................................................ 33-14
internal-preference ......................................................................................................................... 33-15
is-hostname .................................................................................................................................... 33-16
is-type ............................................................................................................................................. 33-17
lsp-buffer-size ................................................................................................................................. 33-18
lsp-lifetime ...................................................................................................................................... 33-19
metric-style ..................................................................................................................................... 33-20
net................................................................................................................................................... 33-21
psnp-interval ................................................................................................................................... 33-22
redistribute...................................................................................................................................... 33-23
require-snp-authentication .............................................................................................................. 33-24
set-overload-bit ............................................................................................................................... 33-25
summary-filter ................................................................................................................................. 33-26
summary-originate .......................................................................................................................... 33-27
system-id ........................................................................................................................................ 33-28
trace file .......................................................................................................................................... 33-29
trace flag ......................................................................................................................................... 33-31
use-multicast-rib ............................................................................................................................. 33-33
IS-IS Interface Commands ......................................................................................................................... 33-34
Purpose ................................................................................................................................................ 33-34
Commands ........................................................................................................................................... 33-34
ip router isis .................................................................................................................................... 33-35
isis circuit-type ................................................................................................................................ 33-36
isis csnp-interval ............................................................................................................................. 33-37
isis dis-hello-interval ....................................................................................................................... 33-38
isis hello-interval ............................................................................................................................. 33-39
isis hello-multiplier .......................................................................................................................... 33-40
isis lsp-interval ................................................................................................................................ 33-41
isis max-burst ................................................................................................................................. 33-42
isis md5-key.................................................................................................................................... 33-43
isis mesh-group .............................................................................................................................. 33-45
isis metric........................................................................................................................................ 33-46
isis passive ..................................................................................................................................... 33-47
isis password .................................................................................................................................. 33-48
isis periodic-csn .............................................................................................................................. 33-49
isis priority....................................................................................................................................... 33-50
isis restart-hello-interval.................................................................................................................. 33-51

Matrix X Router Command Line Interface Reference Guide xxix

isis retransmit-interval..................................................................................................................... 33-52
IS-IS Query Commands ............................................................................................................................. 33-53
Purpose ................................................................................................................................................ 33-53
Commands ........................................................................................................................................... 33-53
show isis circuit............................................................................................................................... 33-53
show isis database ......................................................................................................................... 33-55
show isis summary ......................................................................................................................... 33-57

Chapter 34: Routing Kernel Commands

Chapter 35: Protocol Independent Multicast

Commands
Overview ....................................................................................................................................................... 35-1
PIM General Commands .............................................................................................................................. 35-2
ip pim assert-holdtime ...................................................................................................................... 35-3
ip pim dr-priority ................................................................................................................................ 35-4
ip pim enable .................................................................................................................................... 35-5
ip pim hello-holdtime......................................................................................................................... 35-6
ip pim hello-interval........................................................................................................................... 35-6
ip pim jp-holdtime ............................................................................................................................. 35-7
ip pim jp-interval ............................................................................................................................... 35-8
ip pim lan-delay ................................................................................................................................ 35-9
ip pim mrt-interval ........................................................................................................................... 35-10
ip pim mrt-stale-multiplier ............................................................................................................... 35-11
ip pim override-interval ................................................................................................................... 35-12
ip pim triggered-hello-delay ............................................................................................................35-13
show ip pim control-counters .......................................................................................................... 35-14
show ip pim interface...................................................................................................................... 35-15
show ip pim neighbor...................................................................................................................... 35-16
ip pim trace file ............................................................................................................................... 35-17
ip pim trace flag .............................................................................................................................. 35-19
PIM Sparse Mode Commands ................................................................................................................... 35-21
ip pim bsr-admin-scope .................................................................................................................. 35-22
ip pim bsr-border ............................................................................................................................ 35-22
ip pim bsr-candidate ....................................................................................................................... 35-23
ip pim bsr-candidate global............................................................................................................. 35-24
ip pim bsr-candidate group ............................................................................................................. 35-25
ip pim bsr-candidate interval........................................................................................................... 35-25

xxx
ip pim bsr-candidate priority ........................................................................................................... 35-26
ip pim bsr-holdtime ......................................................................................................................... 35-27
ip pim dr-switch-immediate ............................................................................................................. 35-28
ip pim mrt-spt-multiplier .................................................................................................................. 35-29
ip pim probe-interval ....................................................................................................................... 35-29
ip pim register-suppression-timeout ...............................................................................................35-30
ip pim rp-address ............................................................................................................................ 35-31
ip pim rp-candidate ......................................................................................................................... 35-32
ip pim rp-candidate advertisement-interval.....................................................................................35-33
ip pim rp-candidate group ............................................................................................................... 35-34
ip pim rp-candidate holdtime .......................................................................................................... 35-35
ip pim rp-candidate priority ............................................................................................................. 35-36
ip pim rp-switch-immediate ............................................................................................................. 35-37
ip pim sparse-mode ........................................................................................................................ 35-38
ip pim threshold .............................................................................................................................. 35-39
ip pim threshold-dr.......................................................................................................................... 35-40
ip pim threshold-rp.......................................................................................................................... 35-41
ip pim whole-packet-checksum ...................................................................................................... 35-42
show ip pim bsr-router .................................................................................................................... 35-43
show ip pim cbsr............................................................................................................................. 35-43
show ip pim rp ................................................................................................................................ 35-44
show ip pim rp-candidate................................................................................................................ 35-45
show ip pim rp-hash ....................................................................................................................... 35-45
show ip pim sparse-mode join-prune xmit ...................................................................................... 35-46
show ip pim sparse-mode mrt ........................................................................................................ 35-47

Chapter 36: OSPF Commands

Matrix X Router Command Line Interface Reference Guide xxxi

timers spf ........................................................................................................................................ 36-26
trace file .......................................................................................................................................... 36-27
trace flag ......................................................................................................................................... 36-29
transmit-delay ................................................................................................................................. 36-31
Area Commands ......................................................................................................................................... 36-32
area advertise-subnet..................................................................................................................... 36-33
area authentication ......................................................................................................................... 36-34
area dead-interval........................................................................................................................... 36-36
area hello-interval ........................................................................................................................... 36-37
area nssa........................................................................................................................................ 36-38
area nssa-range ............................................................................................................................. 36-39
area nssa-translate-always............................................................................................................. 36-40
area poll-interval ............................................................................................................................. 36-41
area priority..................................................................................................................................... 36-42
area range ...................................................................................................................................... 36-43
area retransmit-interval................................................................................................................... 36-44
area stub......................................................................................................................................... 36-45
area stubhost.................................................................................................................................. 36-46
area stubnetwork ............................................................................................................................ 36-47
area transmit-delay......................................................................................................................... 36-48
area virtual-link ............................................................................................................................... 36-49
Default Commands ..................................................................................................................................... 36-51
default-metric.................................................................................................................................. 36-51
default-nssa-metric ......................................................................................................................... 36-52
default-nssa-type ............................................................................................................................ 36-53
default-preference .......................................................................................................................... 36-54
default-tag....................................................................................................................................... 36-55
default-type..................................................................................................................................... 36-56
Interface Commands .................................................................................................................................. 36-57
ip ospf advertise-subnet ................................................................................................................. 36-58
ip ospf allow-all ............................................................................................................................... 36-59
ip ospf authentication...................................................................................................................... 36-60
ip ospf cost ..................................................................................................................................... 36-62
ip ospf dead-interval ....................................................................................................................... 36-63
ip ospf enable ................................................................................................................................. 36-64
ip ospf hello-interval........................................................................................................................ 36-64
ip ospf neighbor .............................................................................................................................. 36-65
ip ospf network ............................................................................................................................... 36-66
ip ospf no-multicast......................................................................................................................... 36-67
ip ospf passive-interface ................................................................................................................. 36-68
ip ospf poll-interval.......................................................................................................................... 36-69
ip ospf priority ................................................................................................................................. 36-70
ip ospf retransmit-interval ............................................................................................................... 36-71
ip ospf transmit-delay ..................................................................................................................... 36-72
Querying Commands .................................................................................................................................. 36-73
show ip ospf.................................................................................................................................... 36-73
show ip ospf border-routers ............................................................................................................36-74
show ip ospf database.................................................................................................................... 36-75
show ip ospf flood-list ..................................................................................................................... 36-76
show ip ospf interface ..................................................................................................................... 36-77
show ip ospf neighbor..................................................................................................................... 36-78
show ip ospf request-list ................................................................................................................. 36-79
show ip ospf retransmission-list...................................................................................................... 36-80

xxxii
show ip ospf summary-address...................................................................................................... 36-81
show ip ospf virtual-links................................................................................................................. 36-82

Chapter 37: RIP Commands

Overview ....................................................................................................................................................... 37-1
Global Configuration Mode Command ......................................................................................................... 37-1
router rip ........................................................................................................................................... 37-1
RIP Configuration Commands ...................................................................................................................... 37-3
auto-summarization .......................................................................................................................... 37-4
default-metric.................................................................................................................................... 37-5
distribute-list ..................................................................................................................................... 37-6
ecmp ................................................................................................................................................. 37-8
enable............................................................................................................................................... 37-9
flash-update-time ............................................................................................................................ 37-10
ignore-host-routes .......................................................................................................................... 37-11
ignore-must-be-zero ....................................................................................................................... 37-12
multicast-rib .................................................................................................................................... 37-13
network ........................................................................................................................................... 37-14
preference ...................................................................................................................................... 37-15
query-authentication ....................................................................................................................... 37-16
redistribute...................................................................................................................................... 37-18
send-updates.................................................................................................................................. 37-20
source-gateways ............................................................................................................................ 37-21
split-horizon .................................................................................................................................... 37-22
term-updates .................................................................................................................................. 37-23
timers basic .................................................................................................................................... 37-24
trace file .......................................................................................................................................... 37-25
trace flag ......................................................................................................................................... 37-27
trusted-gateways ............................................................................................................................ 37-28
RIP Interface Commands ........................................................................................................................... 37-30
ip rip authentication ........................................................................................................................ 37-30
ip rip enable .................................................................................................................................... 37-32
ip rip metric-in ................................................................................................................................. 37-32
ip rip metric-out ............................................................................................................................... 37-33
ip rip no-receive .............................................................................................................................. 37-34
ip rip no-send .................................................................................................................................. 37-35
ip rip secondary-authentication....................................................................................................... 37-36
ip rip version ................................................................................................................................... 37-37
Query Commands ...................................................................................................................................... 37-39
show ip rip database....................................................................................................................... 37-39
show ip rip gateway-summary ........................................................................................................ 37-40

Chapter 38: Router Discovery Commands

Matrix X Router Command Line Interface Reference Guide xxxiii

Chapter 39: Route Flap Damping Commands
Overview ....................................................................................................................................................... 39-1
Commands ................................................................................................................................................... 39-1
dampen-flap...................................................................................................................................... 39-2
keep-history ...................................................................................................................................... 39-3
max-flap............................................................................................................................................ 39-4
reach-decay...................................................................................................................................... 39-5
reach-tick .......................................................................................................................................... 39-6
reuse-below ...................................................................................................................................... 39-7
suppress-above ................................................................................................................................ 39-8
unreach-decay.................................................................................................................................. 39-9

Chapter 40: Route Map Commands

Commands ................................................................................................................................................... 40-1
match aggregate-contributors........................................................................................................... 40-3
match as ........................................................................................................................................... 40-4
match as-path................................................................................................................................... 40-5
match as-path-list ............................................................................................................................. 40-6
match community ............................................................................................................................. 40-7
match community-set ....................................................................................................................... 40-8
match distance ................................................................................................................................. 40-9
match extended-community-set ..................................................................................................... 40-10
match instance ............................................................................................................................... 40-11
match interface ............................................................................................................................... 40-12
match ip address access-list .......................................................................................................... 40-13
match ip address prefix-list............................................................................................................. 40-14
match ip address prefix-tree ........................................................................................................... 40-15
match ip gateway............................................................................................................................ 40-16
match ip next-hop ........................................................................................................................... 40-17
match ip route-source prefix-tree.................................................................................................... 40-18
match level ..................................................................................................................................... 40-19
match localpref ............................................................................................................................... 40-20
match med...................................................................................................................................... 40-21
match metric ................................................................................................................................... 40-22
match metric-type ........................................................................................................................... 40-23
match protocol ................................................................................................................................ 40-24
match ribs ....................................................................................................................................... 40-25
match tag........................................................................................................................................ 40-26
route-map ....................................................................................................................................... 40-27
set as-path prepend........................................................................................................................ 40-28
set community-set .......................................................................................................................... 40-29
set dampen-flap.............................................................................................................................. 40-30
set ip next-hop ................................................................................................................................ 40-31
set level .......................................................................................................................................... 40-32
set local-preference ........................................................................................................................ 40-33
set med........................................................................................................................................... 40-34
set metric ........................................................................................................................................ 40-35
set metric-type ................................................................................................................................ 40-36
set origin ......................................................................................................................................... 40-37
set preference................................................................................................................................. 40-38
set propagate.................................................................................................................................. 40-39
set ribs ............................................................................................................................................ 40-40

xxxiv
set tag............................................................................................................................................. 40-41

Chapter 41: Router Aggregation Commands

Chapter 42: VRRP Commands

Matrix X Router Command Line Interface Reference Guide xxxv

xxxvi
Using This Guide

This document is organized into chapters that group related Command Line Interface (CLI)
commands. It provides detailed information for the Enterasys Matrix® X Router commands, but
does not provide configuration information. Refer to the Matrix X Secure Core Router Configuration
Guide for configuration information.

Intended Audience
This document is intended for the person configuring the Matrix X Router. It assumes that you
have basic knowledge of switching and routing concepts.

Conventions Used in This Guide

The following conventions are used in the text of this document:

Convention Description

Bold font Indicates mandatory keywords, parameters or keyboard keys.

italic font Indicates complete document titles.

Courier font Used for examples of information displayed on the screen.

Courier font in italics Indicates a user-supplied value, either required or optional.

[] Square brackets indicate an optional value.

{} Braces indicate required values. One or more values may be required.

| A vertical bar indicates a choice in values.

[x | y | z] Square brackets with a vertical bar indicates a choice of a value.

{x | y | z} Braces with a vertical bar indicate a choice of a required value.

[x {y | z} ] A combination of square brackets with braces and vertical bars indicates a

required choice of an optional value.

The following icon is used in this document.

Note: Calls the reader’s attention to any item of information that may be of special importance.

Matrix X Router Command Line Interface Reference Guide xxxvii

CLI Sections
This section describes the CLI sections used in this document.

Syntax
The Syntax section lists the valid syntax configuration, including the no configuration (where
applicable).

Parameters
The Parameters section lists the information that is accepted in the referenced configuration. It
includes a description of parameters expected (for example, the number of start‐up seconds for a
query), and the range of values (for example, the startup query interval in ICMP accepts a value
between 0 and 31744).

Note: If the parameter is a value that is user-define, such as a time or a name, then the parameter is
displayed in italics (for example, time or value). If the parameter is one of several predetermined
options, such as version 1, 2, or 3 in IGMP, then that parameter is displayed in bold courier new format
(for example, version 3).

Default
The Default section contains the default value of the command and its content. For commands
without optional parameters, the Defaults section lists “None”.

Mode
The Mode section states where you execute the command.

Usage
The Usage section provides a description of command usage and restrictions that apply to the
command.

Example
The Example section lists valid configurations for a specified command.

Related Commands
The Related Commands section lists other commands of this guide that may be useful.

xxxviii
1
Getting Started

This chapter describes the Command Line Interface (CLI) startup information, CLI navigation,
and general system configuration information.

For information about... Refer to page...

Access and Navigation of the CLI 1-2

Getting Help with CLI Syntax 1-3

Setting User Accounts and Passwords 1-7

Setting the Login Authentication Method 1-13

Setting Basic Device Properties 1-16

Setting and Displaying Command History 1-39

Changing Modes, Clearing, and Closing the CLI 1-41

Starting and Configuring Telnet 1-44

Configuring Secure Shell (SSH) 1-47

Configuring CDP 1-53

Gathering Technical Support Information 1-59

Entering Router Mode 1-67

Matrix X Router Command Line Interface Reference Guide 1-1

Access and Navigation of the CLI

For information about... Refer to page...

Logging In with the Default User Account 1-2

Logging in with an Administratively Configured User Account 1-2

Using a Telnet Connection 1-2

Logging In with the Default User Account

By default the Matrix X Router is configured with super‐user access (admin) to modifiable
parameters. If this is your first time logging into the Matrix X Router, perform the following steps:
1. At the Username prompt, enter admin:
The Password prompt is displayed.
2. Leave the password string blank and press Enter.

Note: Administrators with Super User (su) access can use set system login on page 1-8 to create
and change user accounts, and set password on page 1-10 to change any local account
password.

Logging in with an Administratively Configured User Account

If the device’s default user account settings have been changed, perform the following steps:
1. At the login prompt, enter your administratively‐assigned user name and press Enter.
2. At the Password prompt, enter your password and press Enter.

Using a Telnet Connection

Typically, as one of the first steps in configuring the Matrix X Router, you will assign a valid
management network IP address to the Ethernet port on the CM (eth0) and connect that port to
the management network. Then, you can establish a Telnet session for remote management from
any TCP/IP based node on the network by performing the following steps:
1. Telnet to the IP address of the CM’s eth0 port.
2. Enter login (user name) and password information in one of the following ways:
• If the device’s default login and password settings have not been changed, follow the
steps listed in “Logging In with the Default User Account” on page 1‐2, or
• “Logging in with an Administratively Configured User Account” on page 1‐2.
For information about setting the IP address, refer to “Configuring Routing Interface Settings” on
page 23‐3.
For information about configuring Telnet settings, refer to “Starting and Configuring Telnet” on
page 1‐44.
Refer to the instructions included with the Telnet application for information about establishing a
Telnet session.

1-2 Getting Started

Getting Help with CLI Syntax

The Matrix X Router allows you to display usage and syntax information for individual
commands by typing help or ? after the command.

For information about... Refer to page...

Performing Keyword Lookups 1-3

Displaying Scrolling Screens 1-4

Abbreviating and Completing Commands and Filenames 1-5

Listing Files 1-5

Basic Line Editing Commands 1-5

Using Regular Expressions in Searches 1-6

Performing Keyword Lookups

Entering a space and a question mark (?) after a keyword will display all commands beginning
with the keyword. The example below performs a keyword lookup for the show snmp command.
In this case, 13 additional keywords are used by the show snmp command. Entering a space and a
question mark (?) after any of these parameters (such as show snmp ?) will display additional
parameters nested within the syntax as shown in the following example.
matrix-x(switch-su)-> show snmp ?
access Display SNMP access rights and security levels
community Display SNMP community names
context Display context lists for SNMPv3 view-based access control
counters Display SNMP agent traffic counters
engineid Display SNMPv3 engine ID
group Display SNMPv3 user group configuration
notify Displays notify entries for a specific notify name
targetaddr Display SNMP target address information.
targetparams Display SNMP target address information.
user Display information about registered SNMP users
view Display configuration for SNMPv3 view-based access

Entering a question mark (?) without a space after a partial keyword will display a list of
commands that begin with the partial keyword.
The following example uses this function for all commands beginning with co:
matrix-x(switch-su)-> co?
configure Execute a configuration file
copy Upload or download an image or configuration file
matrix-x(switch-su)-> co

Note: At the end of the lookup display, the system will repeat the command you entered without
the ?.

Matrix X Router Command Line Interface Reference Guide 1-3

Getting Help with CLI Syntax

Displaying Scrolling Screens

If the CLI screen length has been set using the set length command, CLI output requiring more
than one screen will display a “More” prompt to indicate continuing screens. To display
additional screen output:
• Press the space bar to advance the output one screen at a time.
• Press ! to display all the output.
• Press q to quit.
• Press b to scroll back after more than one screen has been displayed.
The following example shows how the show mac command indicates that output continues on
more than one screen.
matrix-x(switch-su)-> show mac

MAC Address FID Port Type

----------------- ---- ------------- -------
01-80-C2-00-00-00 0 none other
01-80-C2-00-00-01 0 none other
01-80-C2-00-00-02 0 none other
01-80-C2-00-00-03 0 none other
01-80-C2-00-00-04 0 none other
01-80-C2-00-00-05 0 none other
01-80-C2-00-00-06 0 none other
01-80-C2-00-00-07 0 none other
01-80-C2-00-00-08 0 none other
01-80-C2-00-00-09 0 none other
01-80-C2-00-00-0A 0 none other
01-80-C2-00-00-0B 0 none other
01-80-C2-00-00-0C 0 none other
01-80-C2-00-00-0D 0 none other
01-80-C2-00-00-0E 0 none other
01-80-C2-00-00-0F 0 none other
01-80-C2-00-00-21 0 none other
06-00-32-01-04-03 0 ge.4.4 self
06-00-32-01-04-04 0 ge.4.5 self
06-00-32-01-04-05 0 ge.4.6 self
06-00-32-01-04-06 0 ge.4.7 self
06-00-32-01-04-07 0 ge.4.8 self
06-00-32-01-04-08 0 ge.4.9 self
06-00-32-01-04-09 0 ge.4.10 self
06-00-32-01-04-0A 0 ge.4.11 self
06-00-32-01-04-0B 0 ge.4.12 self
06-00-32-01-04-0C 0 ge.4.13 self
06-00-32-01-04-0D 0 ge.4.14 self
--More-- <space> forward, <!> dump all output, <q> quit :

1-4 Getting Started

Getting Help with CLI Syntax

Abbreviating and Completing Commands and Filenames

You can abbreviate CLI commands, keywords, and filenames down to the number of characters
that will allow for a unique abbreviation.
Pressing the Tab or Space key after entering a unique partial character string will complete the
command, keyword, or filename in the CLI.
The following example shows how entering conf and pressing the Tab key would be completed as
configure:
matrix-x(switch-su)-> conf Tab
matrix-x(switch-su)-> configure

You can enable or disable command completion using the Space key with the set cli completion
command.

Listing Files
When your cursor is at the end of a line, in a place where the CLI is expecting a filename to be
entered, you can enter Control‐D to produce a list of all files that match the partial filename or
filename pattern you have typed.
This feature is useful when there are multiple possible completions for a filename, because
filename completion using the Tab or Space key will not function in such a case.

Basic Line Editing Commands

The CLI supports EMACs‐like line editing commands. Table 1‐1 lists some commonly used
commands.
Table 1-1 Basic Line Editing Commands

Key Sequence Command

Ctrl+A Move cursor to beginning of line.

Ctrl+B Move cursor back one character.

Ctrl+C Abort command.

Ctrl+D Delete a character.

Ctrl+E Move cursor to end of line.

Ctrl+F Move cursor forward one character.

Ctrl+H Delete character to left of cursor.

Ctrl+I or Tab Complete word.

Ctrl+K Delete all characters to the right of the cursor.

Ctrl+L or Ctrl+R Refresh line.

Ctrl+P Scroll to previous command in command history.

Ctrl+T Transpose characters.

Ctrl+U Delete entire line.

Matrix X Router Command Line Interface Reference Guide 1-5

Getting Help with CLI Syntax

Table 1-1 Basic Line Editing Commands (continued)

Key Sequence Command

Ctrl+W Delete word to the left of cursor.

Ctrl+X Delete all characters to the left of the cursor.

Ctrl+Y Restore the most recently deleted item.

Using Regular Expressions in Searches

A number of CLI commands that can display a large amount of information allow you to specify a
search string with regular expressions, to filter the display. Commands that offer the | search
regexp parameter can use the syntax of regexp summarized in the table below. Operators are
grouped by precedence, starting at the lowest precedence.
Table 1-2 Regular Expression Syntax for Searches

Operators Description

re1 | re2 Match re1 or match re2

re1 re2 Match re1 followed by re2

re? Match zero or one occurrences of re.

re* Match zero or more occurrences of re

re+ Match one or more occurrences of re

. Match any character except newline

_ Match a space

[chars] Match a character within the specified character set. A pair of characters
[^chars] separated by a dash represent a range. If the character set begins with a
caret (^), then the set is negated (the set matches all characters except
those specified). Within the character set, the characters |, ?, *, +, ., _, $, (,
and ) represent themselves. A leading or trailing dash or a trailing caret
represent themselves.

c Match character c. Any character except |, ?, *, +, ., _, [, ], \, ^, $, (, and )

matches itself.

\c Match character c. Any character preceded by a backslash matches the

specified character. This is used to escape operators. Thus \. matches dot
and \\ matches backslash.

^ Match start of line. If ^ is the not first character in the regular expression, it
matches itself.

( re ) Match re. Parentheses are only used for grouping.

1-6 Getting Started

show system login Setting User Accounts and Passwords

Setting User Accounts and Passwords

Purpose
These switch‐level commands are used to change the device’s default user login and password
settings, and to add new user accounts and passwords.

Commands
The commands used to set user accounts and passwords are listed below.

For information about... Refer to page...

show system login 1-7

set system login 1-8

clear system login 1-9

set password 1-10

set system lockout 1-11

show system lockout 1-12

show system login

This command displays user login account information.

Syntax
show system login

Parameters
None.

Mode
Switch command, read‐only.

Defaults
None.

Usage
This command displays information about the user accounts configured on the system, including
the default account of admin.

Example
The following example displays login account information.
matrix-x(switch-su)-> show system login

Matrix X Router Command Line Interface Reference Guide 1-7

Setting User Accounts and Passwords set system login

Username Access State

admin super-user enabled

jsmith read-write enabled

The following table provides an explanation of the command output.

Output What It Displays...

Username Login user names.

Access Access assigned to this user account: super-user, debug, read-write or

read-only.

State Whether this user account is enabled or disabled.

set system login

This command creates a new user login account, or disables or enables an existing account.

Syntax
set system login username {super-user | read-write | read-only | debug} {enable |
disable}

Parameters

username Specifies a login name for a new or existing user. This string can be up
to 80 characters in length, although a maximum of 16 characters is
recommended for proper viewing in the show system login display.
super‐user | Specifies the access privileges for this user.
read‐write |
• Accounts with read‐only privileges have access only to display
read‐only |
commands.
debug
• Accounts with read‐write or debug privileges have access to all
configuration commands except user account and RADIUS
commands.
• Accounts with super‐user privileges have access to all commands,
including user account and RADIUS commands
enable | disable Enables or disables the user account.

Defaults
None.

Mode
Switch command, read‐write.

Usage
The Matrix X Router supports up to 32 user accounts. At least one account must have super‐user
access privileges.

1-8 Getting Started

clear system login Setting User Accounts and Passwords

You can include spaces in the username string by enclosing the name in quotes.

Example
The following example enables a new user account with the login name “netops” with super user
access privileges:
matrix-x(switch-rw)-> set system login netops super-user enable

clear system login

This command removes a local login user account.

Syntax
clear system login username

Parameters

username Specifies the login name of the account to be cleared.

Defaults
None.

Mode
Switch command, read‐write.

Usage
At least one user account with super‐user access privileges must exist on the system. The system
will not allow you to delete the last super‐user account.

Examples
The following example removes the “netops” user account:
matrix-x(switch-su)-> clear system login netops

The following example shows the system response if you try to delete the last super‐user account:
matrix-x(switch-rw)-> show system login
Username Access State

jsmith read-write enabled

mwhite super-user enabled

matrix-x(switch-rw)-> clear system login mwhite

% Removing last superuser accounts is not allowed

Matrix X Router Command Line Interface Reference Guide 1-9

Setting User Accounts and Passwords set password

set password
This command changes system default passwords or sets a new login password for user accounts.

Syntax
set password [username]

Parameters
username (Only available to users with super‐user access.) Specifies a system
default or a user‐configured login account name.

Defaults
None.

Mode
Switch command. Read‐write and super user.

Usage
• Use this command to change the password for user accounts.
• By default, the Matrix X Router has one pre‐configured user account named admin, which has
super‐user access privileges.
• Once the default password (blank string) for the admin account has been changed, it cannot
be reset to a blank string.
• Super‐user access privileges provide Read‐Write access to all modifiable parameters,
including user accounts and passwords. Therefore, users with super‐user access privileges
can change any password on the system. In addition, super‐user access privilege is required to
configure any security‐sensitive parameters, such as those relating to authentication services.
• Users with Read‐Write access privileges can change their own passwords, but cannot enter or
modify other system passwords.
• Passwords must be a minimum of 8 characters and a maximum of 80 characters.

Examples
The following example shows a super‐user changing the password for the system default admin
named account from the system default (blank string):
matrix-x(switch-su)-> set password admin
Please enter new password: ********
Please re-enter new password: ********
Password changed.
matrix-x(switch-su)->

The following example shows how users with Read‐Write access would change their own
passwords:
matrix-x(switch-rw)-> set password
Please enter old password: ********
Please enter new password: ********

1-10 Getting Started

set system lockout Setting User Accounts and Passwords

Please re-enter new password: ********

Password changed.
matrix-x(switch-rw)->

set system lockout

Use this command to set the number of failed login attempts before locking out (disabling) a user
account, and the number of minutes to lockout the default user admin super user account after
maximum login attempts.

Notes: Once a user account is locked out, it can only be re-enabled by a super user using “set
system login” on page 1-8.

Syntax
set system lockout {[attempts attempts] [time time]}

Parameters

attempts attempts Specifies the number of failed login attempts allowed before a read‐write
or read‐only user’s account will be disabled. Valid values are 1 to 10.
time time Specifies the number of minutes the default admin user account will be
locked out after the maximum login attempts. Valid values are 0 to 60.

Defaults
Attempts: 3
Time: 15 minutes

Mode
Switch, super user.

Example
The following example shows how to set the login attempts to 5, and the lockout time to 30
minutes.
matrix-x(switch-su)-> set system lockout attempts 5 time 30
matrix-x(switch-su)->

Matrix X Router Command Line Interface Reference Guide 1-11

Setting User Accounts and Passwords show system lockout

show system lockout

Use this command to display the settings to lock out users after failed login attempts. These
settings are configured using set system login.

Syntax
show system lockout

Parameters
None.

Defaults
None.

Mode
Switch, super user.

Example
The following example shows how to display the lock out settings.
matrix-x(switch-su)-> show system lockout
Lockout attempts: 5
Lockout time: 30 minutes

The following table provides an explanation of the command output.

Output... What it displays...

Lockout attempts The number of failed attempts allowed to before a user’s

account is disabled.

Lockout time The number of minutes that the default admin account will be
locked out after the maximum login attempts.

1-12 Getting Started

show authentication login Setting the Login Authentication Method

Setting the Login Authentication Method

Purpose
These switch‐level commands are used to configure the login authentication method. Login
authentication can be via the local user database, configured with the set system login and set
password commands or via RADIUS. Refer to Chapter 15, RADIUS Commands, for more
information about configuring RADIUS authentication.

Commands
The commands used to configure the login authentication method are listed below.

For information about... Refer to page...

show authentication login 1-13

set authentication login 1-14

clear authentication login 1-15

show authentication login

This command displays the current login authentication method used for access to the interactive
Command Line Interface of the Matrix X Router.

Syntax
show authentication login

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays the current login authentication method:
matrix-x(switch-su)-> show authentication login
Login Authentication:
Method Status
------------------------------------------
RADIUS Primary
Local Secondary

Matrix X Router Command Line Interface Reference Guide 1-13

Setting the Login Authentication Method set authentication login

set authentication login

This command sets the authentication method used for interactive login.

Syntax
set authentication login {local | radius | tacacs}

Parameters
local Specifies that the local user database will be used for login
authentication.
radius Specifies that RADIUS will be used for login authentication.
tacacs Specifies that TACACS+ will be used for login authentication.

Defaults
Local authentication method.

Mode
Switch command, read‐write.

Usage
There are three login authentication methods available: the local user database, which contains
users added with the set system login and set password commands, RADIUS, and TACACS+. The
Matrix X Router can use both the local method and a remote method. If a remote method is
configured, it is used first. If the remote method times out, the local method is used.

Note: The local method is always configured — it is the secondary method if a remote method is
also configured, and it is the default primary method if no remote method is configured.

Example
The following example sets the primary login authentication method to use RADIUS
authentication:
matrix-x(switch-su)-> set authentication login radius

1-14 Getting Started

clear authentication login Setting the Login Authentication Method

clear authentication login

This command resets the authentication method used for interactive login to the default setting.

Syntax
clear authentication login

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Usage
This command resets the login authentication method to its default, which is the local user
database.

Example
The following example resets the login authentication method to its default:
matrix-x(switch-su)-> clear authentication login
matrix-x(switch-su)-> show authentication login
Login Authentication:
Method Status
------------------------------------------
Local Primary

Matrix X Router Command Line Interface Reference Guide 1-15

Setting Basic Device Properties clear authentication login

Setting Basic Device Properties

Purpose
These switch‐level commands are used to display and set basic system properties. Refer to
Chapter 2, Managing Hardware for commands related to managing the X Router hardware
components.

Commands
The commands used to manage basic system device properties are listed below.

For information about... Refer to page...

show time 1-17

set time 1-18

show timezone 1-18

set timezone 1-19

clear timezone 1-20

show summertime 1-20

set summertime 1-21

clear summertime 1-21

set summertime recurring 1-22

set prompt 1-23

show banner 1-23

set banner 1-24

clear banner 1-26

show version 1-26

set system name 1-27

show system name 1-27

set system location 1-28

show system location 1-28

set system contact 1-29

show system contact 1-29

show width 1-30

set width 1-31

clear width 1-32

show length 1-32

set length 1-31

1-16 Getting Started

show time Setting Basic Device Properties

For information about... Refer to page...

clear length 1-34

show logout 1-34

set logout 1-35

set cli completion 1-35

show cli completion 1-36

clear cli completion 1-36

set cli maxsessions 1-37

show cli maxsessions 1-38

clear cli maxsessions 1-38

show time
This command displays the current time of day in the system clock.

Syntax
show time

Parameters
None.

Mode
Switch command, read‐only.

Usage
If no time zone has been configured, this command displays the time as UTC (Coordinated
Universal Time).

Example
The following example first displays the system time before a time zone has been set, so the time
displayed is UTC. Then, a timezone is set and the time is redisplayed, showing the correct local
time.
matrix-x(switch-su)-> show time
Mon Aug 28 16:06:44 2006 UTC

matrix-x(switch-su)-> set timezone EST -5

matrix-x(switch-su)-> show time
Mon Aug 28 11:09:31 2006 EST

Matrix X Router Command Line Interface Reference Guide 1-17

Setting Basic Device Properties set time

set time
This command changes the time of day on the system clock when NTP is not enabled.

Syntax
set time [mm/dd/yyyy] [hh:mm:ss]

Parameters
[mm/dd/yyyy] [hh:mm:ss] Sets the time in month, day, year and/or 24‐hour format
At least one set of time parameters must be entered.

Defaults
None.

Mode
Switch command, read‐write.

Usage
This command can only be executed when NTP is not enabled. If NTP is enabled, an error
message will be returned.
By default, the time is UTC (Coordinated Universal Time) unless a time zone has been configured
with the set timezone command.

Example
The following example sets the system clock to 7:50 a.m:
matrix-x(switch-su)-> set time 7:50:00

show timezone
This command displays the current time zone of the system clock and the amount it is offset from
UTC (Coordinated Universal Time).

Syntax
show timezone

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

1-18 Getting Started

set timezone Setting Basic Device Properties

Usage
The timezone and offset displayed by this command is set with the set timezone command.

Examples
This example displays the output of this command when the time zone has not been set.
matrix-x(switch-ro)-> show timezone
Timezone: 'UTC', offset from UTC is 0 hours and 0 minutes
This example sets the time zone to EST, with an offset of minus 5 hours from UTC, then displays
the time zone.
matrix-x(switch-rw)-> set timezone EST -5
matrix-x(switch-rw)-> show timezone
Timezone: 'EST', offset from UTC is -5 hours and 0 minutes

set timezone
This command sets the time zone name and the hours and minutes it is offset from Coordinated
Universal Time (UTC).

Syntax
set timezone name [hours][minutes]

Parameters
name Specifies the time zone name.
hours (Optional) Specifies the number of hours this timezone will be offset from UTC.
Valid values are minus 12 (‐12) to 12.
minutes (Optional) Specifies the number of minutes this timezone will be offset from UTC.
Valid values are 0 to 59.

Defaults
If offset hours or minutes are not specified, none will be applied.

Mode
Switch command, read‐write

Example
The following example sets the time zone to EST with an offset of minus 5 hours:
matrix-x(switch-rw)-> set timezone EST -5 0

Matrix X Router Command Line Interface Reference Guide 1-19

Setting Basic Device Properties clear timezone

clear timezone
This command removes time zone adjustment values and returns the clock to UTC.

Syntax
clear timezone

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write

Example
The following example removes time zone adjustment values:
matrix-x(switch-rw)-> clear timezone

show summertime
This command displays whether Daylight Savings Time is enabled or disabled.

Syntax
show summertime

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Usage
Daylight Savings Time is enabled or disabled with the set summertime command.

Example
This example displays the output of this command when Daylight Savings Time has not been
enabled.
matrix-x(switch-ro)-> show summertime
Summertime: '', disabled

1-20 Getting Started

set summertime Setting Basic Device Properties

set summertime
This command enables or disables Daylight Savings Time (DST).

Syntax
set summertime {disable | enable} [zone]

Parameters
disable Disables Daylight Savings Time.
enable Enables Daylight Savings Time.
zone (Optional) The name of the time zone using three or more alphabetic
characters.

Mode
Switch command, read‐write

Examples
The following example enables Daylight Savings Time and describes the time zone as EDT:
matrix-x(switch-rw)-> set summertime enable EDT
The following example disables Daylight Savings Time:
matrix-x(switch-rw)-> set summertime disable

clear summertime
This command removes Daylight Savings Time settings.

Syntax
clear summertime

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write

Example
The following example removes summertime settings:
matrix-x(switch-su)-> clear summertime

Matrix X Router Command Line Interface Reference Guide 1-21

Setting Basic Device Properties set summertime recurring

set summertime recurring

This command configures Daylight Savings Time (DST) settings.

Syntax
set summertime recurring [start_week start_day start_month hh:mm end_week end_day
end_month hh:mm] [hr_offset min_offset]

Parameters
start_week Week of the month (first, second, third, fourth, or last) to begin DST.
start_day Day of the week (Monday, Tuesday ...) to begin DST.
start_month Month (January, February ...) to begin DST. Default is April.
hh:mm Starting (first instance) or ending hour and minute to begin or end DST.
end_week Week of the month (first, second, third, fourth or last) to finish DST.
end_day Day of the week (Monday, Tuesday ...) to finish DST.
end_month Month (January, February ...) to finish DST.
hr_offset Number of hours to add during DST, ranging from 0 to 12. Default is 1.
min_offset Number of minutes to add during DST, ranging from 0 to 59. Default is 0.

Defaults
If no parameters are entered, the rule for daylight savings time is as follows:
Start at 02:00 on the first Sunday of April, end at 02:00 on the last Sunday of October, and advance
the clock by 1 hour and 0 minutes for the duration of daylight savings time.

Mode
Switch command, read‐write

Example
The following example configures DST to begin the first week of June at 1 a.m. and end on August
31 at midnight. The clock will be set one hour and no minutes ahead, which is the default.
matrix-x(switch-su)-> set ntp summertime recurring first wednesday june 01.00
fourth wednesday august 24:00

1-22 Getting Started

set prompt Setting Basic Device Properties

set prompt
This command modifies the command prompt.

Syntax
set prompt “prompt_string”

Parameters
prompt_string Specifies a text string for the command prompt.

Defaults
None.

Mode
Switch command, read‐write.

Usage
A prompt string containing a space in the text must be enclosed in quotes.
Do not use the single or double quote characters, the back slash character, or any control
characters in prompt strings. Doing so may cause anomalous behavior in the CLI.

Example
The following example sets the command prompt to Xcore 1:
matrix-x(switch-su)-> set prompt “Xcore 1”
Xcore 1(switch-su)->

show banner
This command shows the login or message of the day banner, or displays the startup banner.

Syntax
show banner { motd | login | startup }

Parameters

motd Display the message of the day banner.

login Display the banner displayed before the username prompt for a CLI
session.
startup Display the read‐only startup banner.

Defaults
None.

Matrix X Router Command Line Interface Reference Guide 1-23

Setting Basic Device Properties set banner

Mode
Switch command, read‐only.

Usage
The login banner is displayed before the username prompt when a user starts a new CLI session.
The message of the day (motd) banner is displayed after session login. Both the login and motd
banners can be configured with the set banner command and cleared with the clear banner
command.
The startup banner is displayed when the software successfully completes its startup and is read‐
only.

Example
The following example displays the banner message of the day:

matrix-x(switch-su)-> show banner motd

Change is the price of survival.
-- Winston Churchill

set banner
This command sets the message of the day or the login banner contents.

Syntax
set banner { motd | login } [message | path-to/filename]

Parameters
motd Set the message of the day banner text.
login Set the login banner text.
message (Optional) Specifies the banner text. This is a text string that can be
formatted with tabs (\t) and new line escape (\n) characters. The \t
tabs will be converted into 8 spaces in the banner output.
path‐to/filename (Optional) Specifies a file containing the message text. Options for
path‐to are a file path on the active or standby CM, a file path on a
USB drive attached to the active or standby CM, or the URL of a
remote text file. Only the FTP, TFTP, and SCP protocols are
supported for URLs.
On the active CM, valid directories that can be specified are public or
local. On the standby CM, the valid directory is local. To specify the
standby CM, you must precede the directory with
standby:—otherwise, the active CM is assumed.
A file path on an attached USB drive is specified as usb:pathname or
standby:usb:pathname where pathname may include one or more
directory levels in addition to the filename itself.

Defaults
None.

1-24 Getting Started

set banner Setting Basic Device Properties

Mode
Switch command, read‐write.

Usage
There are two methods to directly enter the text of the message at the terminal. The first method is
to enter the text on the same line as the command, enclosing the text in double quotes. The text
string can be formatted with tabs (\t) and new line escape (\n) characters. The \t tabs will be
converted into 8 spaces in the banner output.
The second method is to enter the text on several lines, after you type in the command and press
the Enter key. The system will prompt you for input. When you are finished entering the text, type
END (upper case required) on a separate line.
You can also define the message in a file, located either locally or remotely, and specify the name
of the file with this command. To put a new line or TAB into the message, place a line break or a
TAB character into the file. If the file is located remotely, enter the URL. (FTP, TFTP, and SCP
protocol URLs are supported.) The message text can be up to 3000 characters in length.

Examples
The following example sets the message of the day banner to read “Change is the price of survival.
‐‐ Winston Churchill”
matrix-x(switch-su)-> set banner motd “Change is the price of survival. \n \t--
Winston Churchill”

The following example enters the message text on several lines:

matrix-x(switch-su)-> set banner login
Enter the desired message. Type END on a line by itself when done.
This is a new login
message
END

The following example specifies a file named “mymotd” in the public directory on the active CM :
matrix-x(switch-su)-> set banner motd public/mymotd

The following example specifies a file named “newmotd” in the local directory on the standby
CM :
matrix-x(switch-su)-> set banner motd standby:local/newmotd

The following example specifies a remote file containing the message of the day:
matrix-x(switch-su)-> set banner motd tftp://www.enterasys.com/motd

The following example specifies a file named “MayMotd” in the base directory on a USB drive
attached to the active CM :
matrix-x(switch-su)-> set banner motd usb:base/MayMotd

Matrix X Router Command Line Interface Reference Guide 1-25

Setting Basic Device Properties clear banner

clear banner
This command clears the login or message of the day banner text.

Syntax
clear banner { motd | login }

Parameters

motd Clear the message of the day banner.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example clears the message of the day banner:
matrix-x(switch-su)-> clear banner motd

show version
This command displays firmware information.

Syntax
show version

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

1-26 Getting Started

set system name Setting Basic Device Properties

Example
The following example displays version information:
matrix-x(switch-su)-> show version
Version 1.1.180.E
04/12/05 12:59:32 /view/mwhitt_rc1.1_2
Enterasys Networks Matrix X
crc 0x0
matrix-x(switch-su)->

set system name

This command configures a name for the system.

Syntax
set system name [string]

Parameters
string (Optional) Specifies a text string that identifies the system.
If no name is entered, the existing system name will be cleared.

Defaults
If string is not specified, the system name will be cleared.

Mode
Switch command, read‐write.

Usage
A name string containing a space in the text must be enclosed in quotes, as shown in the example
below. To clear an existing system name, enter this command with no text string.

Example
The following example sets the system name to Information Systems:
matrix-x(switch-su)-> set system name “Information Systems”

show system name

This command displays the configured system name.

Syntax
show system name

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 1-27

Setting Basic Device Properties set system location

Usage
This command displays the system name configured with the set system name command. The
system name is also displayed with the set system command.

Example
This example displays the system name previously set:
matrix-x(switch-su)-> show system name
System name: Information Systems

set system location

This command identifies the location of the system.

Syntax
set system location [string]

Parameters
string (Optional) Specifies a text string that indicates where the system is located.
If no location is entered, an existing location will be cleared.

Defaults
If string is not specified, the location name will be cleared.

Mode
Switch command, read‐write.

Usage
A location string containing a space in the text must be enclosed in quotes as shown in the
example below. To clear an existing location, enter this command with no text string.

Example
The following example sets the system location string:
matrix-x(switch-su)-> set system location “Bldg N32-04 Closet 9 Alpha Sierra”

show system location

This command displays the configured system location.

Syntax
show system location

Mode
Switch command, read‐only.

1-28 Getting Started

set system contact Setting Basic Device Properties

Usage
This command displays the system location configured with the set system location command.
The system location is also displayed with the set system command.

Example
The following example displays the system location previously set:
matrix-x(switch-su)-> show system location
System location: Bldg N32-04 Closet 9 Alpha Sierra

set system contact

This command identifies a contact person for the system.

Syntax
set system contact [string]

Parameters
string (Optional) Specifies a text string that contains the name of the person to contact for
system administration.
If no contact is entered, an existing contact will be cleared.

Defaults
If string is not specified, the contact name will be cleared.

Mode
Switch command, read‐write.

Usage
A contact string containing a space in the text must be enclosed in quotes, as shown in the example
below. To clear an existing contact, enter this command with no text string.

Example
The following example sets the system contact string:
matrix-x(switch-su)-> set system contact “Joe Smith”

show system contact

This command displays the configured system contact.

Syntax
show system contact

Matrix X Router Command Line Interface Reference Guide 1-29

Setting Basic Device Properties show width

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Usage
This command displays the system contact configured with the set system contact command. The
system contact is also displayed with the set system command.

Example
The following example displays the system contact previously set:
matrix-x(switch-su)-> show system contact
System contact: Joe Smith

show width
This command displays the number of columns displayed by the CLI currently.

Syntax
show width

Parameters
None.

Defaults
The default column width is 80 characters.

Mode
Switch mode, read‐only.

Example
The following example displays the CLI display width:
matrix-x(switch-su)-> show width
Screen width is 80 characters

1-30 Getting Started

set width Setting Basic Device Properties

set width
This command sets the number of columns displayed on the terminal connected to the device’s
console port. The number of rows displayed is set using the set length command.

Syntax
set width screenwidth [default]

Parameters
screenwidth The number of terminal columns. Valid values are 50 to 150.
default (Optional) Sets the width persistent across sessions, reboots, and
failovers.
Note: Omitting the default parameter only applies the width to the current
session.

Defaults
80 columns.

Mode
Switch command, read‐write.

Examples
The following example sets the terminal columns to 50 (on the current session), and then display
the current column width.
matrix-x(switch-su)-> set width 50
matrix-x(switch-su)-> show width
Screen width is 50 characters

The following example sets the terminal columns to 120, persistent across sessions, reboots, and
failovers.
matrix-x(switch-su)-> set width 120 default
matrix-x(switch-su)->

Matrix X Router Command Line Interface Reference Guide 1-31

Setting Basic Device Properties clear width

clear width
This command resets the number of columns displayed by the CLI to the default value.

Syntax
clear width [default]

Parameters

default (Optional) Resets the column width to the default, and is persistent
across sessions, reboots, and failovers.
Note: Omitting the default parameter only applies the width to the current
session.

Defaults
The default number of columns displayed in 80.

Mode
Switch mode, read‐write.

Examples
The following example resets the column width of the current session to the default:
matrix-x(switch-su)-> clear width
matrix-x(switch-su)-> show width
Screen width is 80 characters

The following example resets the column width to the default, and is persistent across sessions,
reboots, and failovers.
matrix-x(switch-su)-> clear width default
matrix-x(switch-su)-> show width
Screen width is 80 characters

show length
This command displays the number of rows displayed by the CLI currently.

Syntax
show length

Parameters
None.

Defaults
The default number of rows displayed is 24.

1-32 Getting Started

set length Setting Basic Device Properties

Mode
Switch mode, read‐only.

Example
The following example displays the current setting for rows displayed by the CLI:
matrix-x(switch-su)-> show length
Screen height is 24 lines.

set length
This command sets the number of rows displayed on the terminal connected to the device’s
console port. The number of columns displayed is set using the set width command.

Syntax
set length screenlength [default]

Parameters

screenlength Sets the number of rows displayed. Valid values are 0, which disables
the scrolling screen feature, and from 5 to 512.
default (Optional) Sets the number of rows persistent across sessions, reboots,
and failovers.
Note: Omitting the default parameter only applies the number of rows to the
current session.

Defaults
24 rows.

Mode
Switch command, read‐write.

Examples
The following example sets the terminal length of the current session to 50:
matrix-x(switch-su)-> set length 50

The following example sets the terminal length to 100 and, is persistent across sessions, reboots, and
failovers.
matrix-x(switch-su)-> set length 100 default

Matrix X Router Command Line Interface Reference Guide 1-33

Setting Basic Device Properties clear length

clear length
This command resets the number of rows displayed by the CLI to the default value.

Syntax
clear length [default]

Parameters
default (Optional) Resets the number of rows to the default, and is persistent
across sessions, reboots, and failovers.
Note: Omitting the default parameter only applies the number of rows to the
current session.

Defaults
The default number of rows displayed by the CLI is 24.

Mode
Switch mode, read‐write.

Examples
The following example returns the number of rows displayed in the current session to the default:
matrix-x(switch-su)-> clear length
matrix-x(switch-su)-> show length
Screen height is 24 lines.

The following example returns the number of rows displayed to the default, and is persistent
across sessions, reboots, and failovers.
matrix-x(switch-su)-> clear length default
matrix-x(switch-su)-> show length
Screen height is 24 lines.

show logout
This command displays the time (in seconds) an idle console or Telnet CLI session will remain
connected before timing out.

Syntax
show logout

Parameters
None.

Defaults
None.

1-34 Getting Started

set logout Setting Basic Device Properties

Mode
Switch command, read‐only.

Example
The following example displays the CLI logout setting:
matrix-x(switch-su)-> show logout
Logout time currently set to: 10 minutes

set logout
This command sets the time (in minutes) an idle console or Telnet CLI session will remain
connected before timing out.

Syntax
set logout timeout

Parameters
timeout Sets the number of minutes the system will remain idle before timing out. Value
of timeout can range from 0 to 9999 minutes. Default is 10 minutes.
Setting a value of 0 disables the timer.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example sets the system timeout to 20 minutes:
matrix-x(switch-su)-> set logout 20

set cli completion

This command enables or disables completion of CLI commands, facilities, and keywords using
the Space bar.

Syntax
set cli completion enable | disable

Parameters

enable Enable CLI word completion using the Space bar. This is the default condition.
disable Disable CLI word completion using the Space bar.

Matrix X Router Command Line Interface Reference Guide 1-35

Setting Basic Device Properties show cli completion

Defaults
Enabled.

Mode
Switch command, read‐write.

Usage
In addition to CLI word completion using the Tab key, the Space bar can also be used, if it is
enabled. CLI word completion applies to both switch and router mode CLI commands, facilities,
and keywords.
CLI word completion using the Tab key is always available.

Example
The following example disables CLI word completion with the Space bar.
matrix-x(switch-su)-> set cli completion disable

show cli completion

This command displays the current setting of completion of CLI commands, facilities, and
keywords using the Space bar.

Syntax
show cli completion

Mode
Switch mode, read‐only.

Example
The following example displays the output of this command:
matrix-x(switch-su)-> show cli completion
Space completion is enabled for this session, enabled for future sessions.

clear cli completion

This command resets CLI completion to its default.

Syntax
clear cli completion

Parameters
None.

Defaults
None.

1-36 Getting Started

set cli maxsessions Setting Basic Device Properties

Mode
Switch mode, read‐write.

Usage
The default condition is enabled.

Example
The following example displays the output of this command:
matrix-x(switch-su)-> clear cli completion
Space completion reset to factory default of enabled.

set cli maxsessions

This command sets the maximum number of concurrent remote Telnet and/or SSH CLI sessions
allowed on the Matrix X Router.

Syntax
set cli maxsessions num-sessions

Parameters

num‐sessions Specifies the maximum number of remote CLI sessions allowed. The
value of num‐sessions can range from 0 to 18.

Defaults
The default number of concurrent remote sessions allowed is 18.

Mode
Switch command, read‐write.

Usage
The number of concurrent remote sessions allowed on the Matrix X Router applies to Telnet and
SSH CLI sessions. Changing the number of remote sessions allowed will have no effect on
currently active sessions.
Refer to “Starting and Configuring Telnet” on page 1‐44 and “Configuring Secure Shell (SSH)” on
page 1‐47 for more information about using Telnet and SSH.

Example
The following example sets the maximum number of concurrent remote sessions to 4.
matrix-x(switch-rw)-> set cli maxsessions 4

Matrix X Router Command Line Interface Reference Guide 1-37

Setting Basic Device Properties show cli maxsessions

show cli maxsessions

This command displays the number of concurrent remote sessions allowed.

Syntax
show cli maxsessions

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
This example sets the number of remote sessions to 4 and then displays the number allowed.
matrix-x(switch-rw)-> set cli maxsessions 4
matrix-x(switch-rw)-> show cli maxsessions
Maximum number of concurrent remote CLI sessions is 4

clear cli maxsessions

This command resets the number of concurrent remote sessions allowed to the default value of 18.

Syntax
clear cli maxsessions

Parameters
None.

Defaults
The default number of concurrent remote Telnet and/or SSH sessions allowed is 18.

Mode
Switch command, read‐write.

Example
This example resets the number of concurrent remote session allowed to the default of 18.
matrix-x(switch-rw)-> show cli maxsessions
Maximum number of concurrent remote CLI sessions is 4
matrix-x(switch-rw)-> clear cli maxsessions
matrix-x(switch-rw)-> show cli maxsessions
Maximum number of concurrent remote CLI sessions is 18

1-38 Getting Started

history Setting and Displaying Command History

Setting and Displaying Command History

Purpose
These commands are used to display commands entered on the CLI since your last login, and
configure and display the maximum size of the history buffer. They can be entered from either the
switch or router CLI.

Commands
The commands used to clear the screen, change mode, or close a CLI session are listed below.

For information about... Refer to page...

history 1-39

set history 1-40

show history 1-40

history
This command displays commands recently entered on the CLI.

Syntax
history

Parameters
None.

Defaults
None.

Mode
Switch or Router command, read only.

Example
The following example displays command history since login:
matrix-x(router-config)# history
1: router
2: config
3: history

Matrix X Router Command Line Interface Reference Guide 1-39

Setting and Displaying Command History set history

set history
This command configures the history buffer’s maximum size.

Syntax
set history lines

Parameters
lines Sets the maximum number of lines in the history buffer. The number can range
from 1 to 100.

Defaults
50 lines.

Mode
Switch or Router command, read‐write.

Example
The following example configures the history buffer at 75 lines:
matrix-x(switch-su)-> set history 75

show history
This command displays the size of the history buffer.

Syntax
show history

Parameters
None.

Defaults
None.

Mode
Switch or Router command, read only.

Example
The following example displays the configured buffer size:
matrix-x(router-config)# show history
History buffer size: 75 lines

1-40 Getting Started

cls (clear screen) Changing Modes, Clearing, and Closing the CLI

Changing Modes, Clearing, and Closing the CLI

Purpose
These commands are used to clear the CLI screen, change CLI modes, and to close your CLI
session.

Commands
The commands used to clear the screen, change mode, or close a CLI session are listed below.

For information about... Refer to page...

cls (clear screen) 1-41

end 1-42

exit | quit 1-43

cls (clear screen)

This command clears the screen for the current CLI session.

Syntax
cls

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example clears the CLI screen.
matrix-x(switch-su)-> cls

Matrix X Router Command Line Interface Reference Guide 1-41

Changing Modes, Clearing, and Closing the CLI end

end
This command exits router configuration mode.

Syntax
end

Parameters
None.

Defaults
None.

Mode
Any router configuration mode or context.

Usage
This command returns to router privileged mode from any router configuration context.

Example
The following example exits configuration mode:
matrix-x(config-router-ospf)# end
matrix-x(router-config)# end
matrix-x(router-exec)# exit
matrix-x(switch-su)->

Related Commands
exit | quit

1-42 Getting Started

exit | quit Changing Modes, Clearing, and Closing the CLI

exit | quit
In switch CLI mode, either of these commands exit a CLI session.
In router CLI mode, use quit to leave a CLI session. Use exit in router configuration mode to leave
the current configuration context or to exit configuration mode completely.
The key sequence CTRL‐Z also performs the “exit” function in switch and router modes.

Syntax
exit
quit

Parameters
None.

Defaults
The default timeout is 600 seconds (10 minutes).

Mode
Switch command, read‐only.
Any router mode.

Usage
By default, device timeout occurs after 10 minutes of user inactivity, automatically closing your
CLI mode session.
When operating in router configuration mode, the exit command (or CTRL‐Z) leaves the current
configuration context or exits configuration mode completely.

Example
The following example exits a switch CLI mode session:
matrix-x(switch-su)-> exit

Username:
The following example exits a router CLI mode session and returns to switch CLI mode:
matrix-x(router-config)# exit
matrix-x(router-exec)# exit
matrix-x(switch-su)->
The following example acquires router global configuration mode from router OSPF
configuration mode:
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# exit
matrix-x(router-exec)#

Related Commands
end

Matrix X Router Command Line Interface Reference Guide 1-43

Starting and Configuring Telnet show telnet

Starting and Configuring Telnet

Purpose
These switch‐level commands are used to enable or disable Telnet, and to start a Telnet session to
a remote host.
The Matrix X Router allows a maximum of 19 concurrent CLI sessions — one local session via the
console port on the active CM and 18 remote sessions via Telnet and/or SSH. You can limit the
number of remote Telnet and/or SSH sessions with the command set cli maxsessions on page 1‐37.
A request to establish a remote CLI session beyond the number allowed will be refused.

Commands
The commands used to enable, start and configure Telnet are listed below.

For information about... Refer to page...

show telnet 1-44

set telnet 1-45

telnet 1-46

show telnet
This command displays the status of Telnet on the device.

Syntax
show telnet

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays Telnet status:
matrix-x(switch-su)-> show telnet
Telnet inbound is currently: ENABLED
Telnet outbound is currently: ENABLED

1-44 Getting Started

set telnet Starting and Configuring Telnet

set telnet
This command enables or disables Telnet on the device.

Syntax
set telnet {enable | disable} [inbound | outbound | all]

Parameters

enable | disable Enables or disables Telnet services.

inbound | outbound | (Optional) Specifies inbound service (the ability to Telnet to this
all device), outbound service (the ability to Telnet to other devices), or
all (both inbound and outbound).

Defaults
If not specified, both inbound and outbound Telnet service will be enabled or disabled.

Mode
Switch command, read‐write.

Usage
This command disables all specified Telnet sessions. If you use this command to disable inbound
sessions while you are in an inbound Telnet session, your current session will also be terminated.
Current outbound sessions, however, are not terminated if you use this command to disable
outbound sessions.

Example
The following example disables inbound and outbound Telnet services:
matrix-x(switch-su)-> set telnet disable all

Matrix X Router Command Line Interface Reference Guide 1-45

Starting and Configuring Telnet telnet

telnet
This command starts a Telnet connection to a remote host.

Note: The DNS Client function must be configured before using a host name as a parameter in the
telnet command.

Syntax
telnet host [port]

Parameters

host Specifies the name or IPv4 address of the remote host.

port (Optional) Specifies the server port number.

Defaults
If not specified, the default port number 23 will be used.

Mode
Switch command, read‐write.

Usage
The Matrix X Router allows a maximum of 19 concurrent CLI sessions — one local session via the
console port on the active CM and 18 remote sessions via Telnet and/or SSH. A request to establish
a 19th remote CLI session will be refused.

Example
The following example starts a Telnet session to a host at 10.21.42.13:
matrix-x(switch-su)-> telnet 10.21.42.13

1-46 Getting Started

show ssh Configuring Secure Shell (SSH)

Configuring Secure Shell (SSH)

Purpose
These switch‐level commands are used to review, enable, disable, and configure the Secure Shell
(SSH) protocol. SSH is a remote login program that provides secure encrypted communications
using public‐key cryptography.
The Matrix X Router allows a maximum of 19 concurrent CLI sessions — one local session via the
console port on the active CM and 18 remote sessions via Telnet and/or SSH. You can limit the
number of remote Telnet and/or SSH sessions with the command set cli maxsessions on page 1‐37.
A request to establish a remote CLI session beyond the number allowed will be refused.

Commands
The command used to configure and use SSH are listed below.

For information about... Refer to page...

show ssh 1-47

set ssh 1-48

set ssh ciphers 1-48

set ssh hostkey 1-49

set ssh macs 1-50

set ssh port 1-51

clear ssh 1-51

ssh 1-52

show ssh
This command displays the current SSH status and configuration.

Syntax
show ssh

Mode
Switch command, read‐only.

Example
The following example shows the output of this command.
matrix-x(switch-su)-> show ssh
Current State: Disabled
Ciphers: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc
MACs: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160
Listening port: 22

Matrix X Router Command Line Interface Reference Guide 1-47

Configuring Secure Shell (SSH) set ssh

set ssh
This command enables or disables SSH on the router.

Syntax
set ssh {enable | disable}

Parameters

enable Enables SSH on the Matrix X Router.

disable Disables SSH on the Matrix X Router.

Defaults
Inbound and outbound SSH connections disabled.

Mode
Switch command, read‐write.

Usage
The SSH server handles inbound SSH connections to the Matrix X Router. The SSH client handles
outbound SSH connections from the router to a remote SSH server. By default, the SSH server and
client are disabled on the router. The SSH server on the Matrix X Router works with SSH protocol
version 2, and is not compatible with SSH protocol version 1.

Example
The following example enables the SSH server and client on the Matrix X Router.
matrix-x(switch-su)-> set ssh enable

set ssh ciphers

This command configures the accepted encryption algorithms for encrypting SSH sessions.

Syntax
set ssh ciphers {all | ciphername}

Parameters

all Specifies that all supported ciphers will be accepted.

ciphername Specifies one or more specific ciphers that will be accepted. Valid values are:
• aes128‐cbc
• 3des‐cbc
• blowfish‐cbc
• cast128‐cbc

1-48 Getting Started

set ssh hostkey Configuring Secure Shell (SSH)

Defaults
Factory default is all supported ciphers will be accepted.

Mode
Switch command, read‐write.

Usage
This command allows you to specify which encryption algorithms will be accepted and used for
SSH connections. You can enter more than one ciphername on the command line.

Example
The following example configures aes128‐cbc and blowfish‐cbc as the accepted ciphers. No other
ciphers will be accepted.
matrix-x(switch-su)-> set ssh ciphers aes128-cbc blowfish-cbc

set ssh hostkey

This command regenerates SSH authentication keys.

Syntax
set ssh hostkey

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example regenerates SSH keys:
matrix-x(switch-su)-> set ssh hostkeys

Matrix X Router Command Line Interface Reference Guide 1-49

Configuring Secure Shell (SSH) set ssh macs

set ssh macs

This command configures the cryptographic message authentication code (MAC) supported by
SSH on the router.

Syntax
set ssh macs {all|mac-name}

Parameters

all Specifies that all supported message authentication codes are accepted.
mac‐name Specifies one or more specific codes that will be accepted. Valid values
are:
• hmac‐md5c
• hmac‐md5‐96
• hmac‐ripemd160
• hmac‐sha1
• hmac‐sha1‐96

Defaults
The factory default is to accept all supported message authentication codes.

Mode
Switch command, read‐write.

Usage
This command allows you to specify which message authentication codes will be accepted and
used to ensure SSH session integrity. You can enter more than one mac_name on the command
line.

Example
The following example configures hmac‐md5 and hmac‐sha1 as the accepted codes. No other
message authentication codes will be accepted.
matrix-x(switch-su)-> set ssh macs hmac-md5 hmac-sha1

1-50 Getting Started

set ssh port Configuring Secure Shell (SSH)

set ssh port

This command sets the listening port for the SSH server.

Syntax
set ssh port port

Parameters

port Specifies the port on which the server listens for connections. The value
of port can range from 0 to 65535.

Defaults
Port 22.

Mode
Switch command, read‐write.

Example
The following example sets the listening port to 50.
matrix-x(switch-su)-> set ssh port 50

clear ssh
This command resets the SSH configuration values back to factory defaults.

Syntax
clear ssh

Parameters
None.

Defaults
The factory defaults for SSH are:
• State: disabled
• Cipher: all accepted ciphers allowed (aes128‐cbc, 3des‐cbc, blowfish‐cbc, cast128‐cbc)
• MACs: all accepted MACs allowed (hmac‐md5, hmac‐md5‐96, hmac‐ripemd160, hmac‐sha1,
hmac‐sha1‐96)
• Port: 22

Mode
Switch command, read‐write.

Matrix X Router Command Line Interface Reference Guide 1-51

Configuring Secure Shell (SSH) ssh

Usage
This command resets all SSH values back to their factory defaults, including disabling SSH on the
router.

Example
The following example uses the show ssh command to display current SSH values, then resets the
values with the clear ssh command, and then displays the results with the show ssh command.
matrix-x(switch-su)-> show ssh
Current State: Enabled
Ciphers: blowfish-cbc,cast128-cbc
MACs: hmac-sha1,hmac-md5
Listening port: 50

matrix-x(switch-su)-> clear ssh

matrix-x(switch-su)-> show ssh

Current State: Disabled
Ciphers: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc
MACs: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160
Listening port: 22

ssh
This command establishes an outbound SSH session with a remote SSH server.

Syntax
ssh ipaddr login [port]

Parameters

ipaddr Specifies the IPv4 address of the remote SSH server.

login Specifies a login name to be used for the SSH session.
port (Optional) Specifies the remote SSH server’s listening port. The value of
port can range from 0 to 65535. The default value is 22.

Defaults
Default listening port is 22.

Mode
Switch command, read‐write.

Example
The following example attempts to establish an outbound SSH session with a remote server at
10.10.10.12, using the login name of “rw”.
matrix-x(switch-su)-> ssh 10.10.10.12 rw

1-52 Getting Started

show cdp Configuring CDP

Configuring CDP

Purpose
To review and configure the CDP discovery protocol.

Commands
The commands used to review and configure the CDP discovery protocol are listed below.

For information about... Refer to page...

show cdp 1-53

set cdp state 1-55

set cdp auth 1-56

set cdp interval 1-57

set cdp hold-time 1-57

clear cdp 1-58

show cdp
This command displays the status of the CDP discovery protocol and message interval globally,
and on ports in switch mode.

Syntax
show cdp [port-string]

Parameters
port‐string (Optional) Displays CDP status for a specific port. For a detailed description of
possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
If port‐string is not specified, all CDP information will be displayed.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 1-53

Configuring CDP show cdp

Example
The following example displays global CDP information and also for Gigabit Ethernet ports 1
through 5 in module 4:
matrix-x(switch-su)-> show cdp
CDP Global Status : auto-enabled
CDP Versions Supported : 4,5,6
CDP Hold Time : 180 seconds
CDP Authentication Code : 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 0a hex
CDP Transmit Frequency : 60 seconds
enabled Ports : ge.4.1-5

The following table provides an explanation of the command output.

Output What It Displays...

CDP Global Status Whether CDP is globally auto-enabled, enabled or disabled. The default
state of auto-enabled can be reset with the set cdp state command.

CDP Versions CDP version number(s) supported by the device.

Supported

CDP Hold Time Minimum time interval (in seconds) at which CDP configuration messages
can be set. The default of 180 seconds can be reset with the set cdp hold-
time command.

CDP Authentication code for CDP discovery protocol. The default of 00-00-00-
Authentication 00-00-00-00-00 can be reset using the set cdp auth command.
Code

CDP Transmit Frequency (in seconds) at which CDP messages can be transmitted. The
Frequency default of 60 seconds can be reset with the set cdp interval command.

<status> Ports Whether ports in switch mode are enabled, disabled, or auto-enabled. If
no ports are in switch mode, this line will not be displayed.
For a detailed description of possible port-string values, refer to Port
Strings Used in the CLI on page 12-2.

1-54 Getting Started

set cdp state Configuring CDP

set cdp state

This command enables or disables the CDP discovery protocol on one or more ports.

Syntax
set cdp state {auto | disable | enable} [port-string]

Parameters

auto | disable | Auto‐enables, disables or enables the CDP protocol on the specified
enable port(s). In auto‐enable mode, a port automatically becomes CDP‐
enabled upon receiving its first CDP message.
port‐string (Optional) Enables or disables CDP on specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in
the CLI on page 12‐2.

Defaults
• The CDP default is auto‐enabled, globally and per port.
• If port‐string is not specified, the CDP state will be configured both globally and per port.

Mode
Switch command, read‐write.

Usage
Ports must be in switch mode before they can be configured for CDP. Use the set port mode
command to place ports in switch mode. By default, CDP is auto‐enabled globally and per port. In
auto‐enable mode, a port automatically becomes CDP‐enabled upon receiving its first CDP
message.

Examples
The following example globally enables CDP:
matrix-x(switch-su)-> set cdp state enable
The following example enables the CDP for Gigabit Ethernet port 1 in module 2:
matrix-x(switch-su)-> set cdp state enable ge.2.1
The following example disables the CDP for Gigabit Ethernet port 1 in module 2:
matrix-x(switch-su)-> set cdp state disable ge.2.1

Matrix X Router Command Line Interface Reference Guide 1-55

Configuring CDP set cdp auth

set cdp auth

This command sets a global CDP authentication code.

Syntax
set cdp auth auth-code

Parameters
auth‐code Specifies an authentication code for the CDP protocol of up to 16
hexadecimal values separated by a space.

Defaults
None.

Mode
Switch command, read‐write.

Usage
The CDP authentication code determines a device’s CDP domain. If two or more devices have the
same CDP authentication code, they will be entered into each otherʹs CDP neighbor tables. If they
have different authentication codes, they are in different domains and will not be entered into
each other’s CDP neighbor tables.
A device with the default authentication code (16 null characters) will recognize all devices, no
matter what their authentication code, and enter them into its CDP neighbor table.

Example
The following example sets the CDP authentication code to 1,2,3,4,5,6,7,8:
matrix-x(switch-su)-> set cdp auth 1 2 3 4 5 6 7 8 0 0 0 0 0 0 0 0

1-56 Getting Started

set cdp interval Configuring CDP

set cdp interval

This command sets the message interval frequency (in seconds) of the CDP discovery protocol.

Syntax
set cdp interval frequency

Parameters
frequency Sets the transmit frequency of CDP messages, ranging from 5 to 900 seconds.

Defaults
60 seconds.

Mode
Switch command, read‐write.

Example
The following example sets the CDP interval frequency to 15 seconds on Gigabit Ethernet port 8 in
module 1:
matrix-x(switch-su)-> set cdp interval 15 ge.1.8

set cdp hold-time

This command sets the hold time value for CDP discovery protocol configuration messages.

Syntax
set cdp hold-time hold-time

Parameters
hold‐time Sets the hold time value for CDP messages, ranging from 15 to 600 seconds.

Defaults
180 seconds.

Mode
Switch command, read‐write.

Example
The following example sets CDP hold time to 60 seconds:
matrix-x(switch-su)-> set cdp hold-time 60

Matrix X Router Command Line Interface Reference Guide 1-57

Configuring CDP clear cdp

clear cdp
This command resets CDP discovery protocol settings to defaults.

Syntax
clear cdp {[state] [port-state port-string] [interval] [hold-time] [auth-code]}

Parameters
state (Optional) Resets the global CDP state to auto‐enabled.
port‐state port‐string (Optional) Resets the port state on specific port(s) to auto‐enabled.
interval (Optional) Resets the message frequency interval to 60 seconds.
hold‐time (Optional) Resets the hold time value to 180 seconds.
auth‐code (Optional) Resets the authentication code to 16 bytes of 00 (00‐00‐00‐00‐
00‐00‐00‐00).

Defaults
At least one optional parameter must be entered.

Mode
Switch command, read‐write.

Example
The following example resets the CDP state to auto‐enabled:
matrix-x(switch-su)-> clear cdp state

1-58 Getting Started

show technical-support Gathering Technical Support Information

Gathering Technical Support Information

Purpose
These commands allow you to create a file of subsystem information to send to Enterasys
Networks technical support personnel, and to run commands in a loop to obtain state information
at specific intervals over a period of time.

Commands
For information about... Refer to page...

show technical-support 1-59

loop 1-62

loop status 1-65

loop terminate 1-65

show technical-support
This command gathers Matrix X Router subsystem information and writes it to a compressed file
that can be sent to Enterasys Networks technical support personnel. The information can also be
displayed to the screen.

Syntax
show technical-support subsystem [list] [outfile path-to/outfilename] [screen]
[| filter include-string]

Parameters
subsystem Specifies the subsystem for which to collect information. Possible values
are:
• all — Collect information for all subsystems.
• core — Add the most recent core files on the active CM and the
standby CM, if it is present and running, to the technical support
file.
• log — Add the system error log and the log files on the active CM
and the standby CM, if it is present and running, to the technical
support file.
• os — Collect information on operating system services.
• routing — Collect information on routing services.
• switching — Collect information on switching services.
• system — Collect information on the hardware systems.
• custom — Collect custom information defined in the file named
techSupport‐commands in the public directory.

Matrix X Router Command Line Interface Reference Guide 1-59

Gathering Technical Support Information show technical-support

list (Optional) List the available sections for the specified subsystem, but do
not run the commands.
Use the section names displayed by this parameter with the | filter
parameter to limit the output to only the sections of interest.
outfile path‐to/ (Optional) Specifies a file in which to store the information. Options for
outfilename path‐to are a file path on the active or standby CM, a file path on a USB
drive attached to the active or standby CM, or the URL of an FTP, SCP
(secure copy), or TFTP server.
On the active CM, valid directories that can be specified are public or
local. On the standby CM, the valid directory is local. To specify the
standby CM, you must precede the directory with standby:—otherwise,
the active CM is assumed.
A file path on an attached USB drive is specified as usb:pathname where
pathname may include one or more directory levels in addition to the
filename itself. If the USB drive is attached to the standby CM, use
standby: usb:pathname.
screen (Optional) Specifies that the output of the command should be
redirected to the screen, in addition to the output file.
| filter include‐string (Optional) Limit the output of the command to those sections of the
subsystem listed in the include‐string. Section names should be
separated by commas.
Use the list parameter to display the names of available sections.
Using this option also automatically activates the screen parameter.

Defaults
Output of the command is written to a file named techSupport‐subsystem in the public directory.

Mode
Switch mode, super‐user.

Usage
This command should be used only when requested by Enterasys Networks technical support
personnel. The compressed file generated by the command can then be forwarded to technical
support for troubleshooting and technical support purposes.
The file created is a Linux gzipped tar file that can be extracted by running the following
command on a Linux host:
tar -z -xvf filename.tar.gz
The file can also be extracted using WinZip on a system running Microsoft Windows as long as the
.tar.gz file extension has been preserved.
When you use the custom option, this command will execute the list of commands found in the
file public/techSupport‐commands. The file must be formatted as a comma‐separated variant
(CSV). Each line contains a record of four fields, separated by commas. The fields are defined as
follows:
• Field 1 = Subsystem. The only valid subsystem is custom.
• Field 2 = Section Name. Section names may contain any printable characters except a comma.
1-60 Getting Started
show technical-support Gathering Technical Support Information

• Field 3 = CLI mode. Valid modes are SwitchMode, RouterMode, and DebugMode. If this
field is left blank, the command will be considered a bash command and will be sent to the
operating system.
• Field 4 = CLI command. This field must contain the exact text of the command to be executed.
If you are entering a bash command, do not redirect the output (with > or >>) because the
output will be redirected by the show technical‐support command. Do not include any
commands that require user interaction.
Comment lines can be added to the file. Comment lines must begin with the pound sign (#), and
all text from the # to the end of the line will be ignored. Blank lines will be ignored, as will newline
characters.
The following examples show lines (records) from a techSupport‐commands file containing valid
commands that could be executed by the show technical‐support command:
custom, “System Health”, , ./ens/sbin/health_monitor
custom, High Availability, SwitchMode, “show system high-availability”

Examples
This example illustrates generating a file containing routing information and redirecting it to the
default compressed file. The dir command is then executed, to illustrate the default file name.
matrix-x(switch-su)-> show technical-support routing
Gathering data for: Routing--->Arp Summary...
Gathering data for: Routing--->Router Summary...
Gathering data for: Routing--->OSPF Neighbors...
Gathering data for: Routing--->OSPF Interfaces...
Gathering data for: Routing--->Routing Interfaces...
Done, output sent to: /config/public/techSupport-router

matrix-x(switch-su)-> dir public

public/
==================================================
Name : startup_config.txt
Type : Unknown
Size : 478 bytes
Last Access : Tue Apr 18 17:26:56 2006
Modification: Tue Apr 18 17:26:56 2006
Last Change : Tue Apr 18 17:26:56 2006

Name : techSupport-router.tar.gz
Type : Compressed file
Size : 877 bytes
Last Access : Tue Apr 18 21:11:15 2006
Modification: Tue Apr 18 21:11:15 2006
Last Change : Tue Apr 18 21:11:15 2006
The following example creates an output file named “techsupport1” on a remote server using
TFTP:
matrix-x(switch-su)-> show technical-support all outfile tftp://10.1.221.232/
techsupport1
The following example illustrates the output using the list parameter for the routing subsystem.
matrix-x(switch-su)-> show technical-support routing list
Arp Summary

Matrix X Router Command Line Interface Reference Guide 1-61

Gathering Technical Support Information loop

Router Summary
OSPF Neighbors
OSPF Interfaces
Routing Interfaces

loop
This command allows you to execute one or more commands in a loop, for a specified number of
times, separated by an optional delay period. The output of the command can be sent to the screen
or to a file.

Syntax
loop count [delay] [infile path-to/infilename] [outfile path-to/outfilename
[file-size]]

Parameters
count Specifies the number of times to run the commands. The value of count
can range from 0 to 100,000. A value of 0 indicates an infinite loop.
delay (Optional) Specifies the number of seconds between command loops.
The value of delay can range from 0 to 86,400. The default value is 0.
infile path‐to/ (Optional) Specifies an input file that contains the commands to run in a
infilename loop. The file can reside in the public or local directory on the active
CM.
By default, the commands to loop are entered at the terminal.
outfile path‐to/ (Optional) Specifies an output file for the output of the commands run
outfilename in a loop. The file can reside in the public or local directory on the
active CM.
By default, the output is displayed on the screen.
file‐size (Optional) Specifies the maximum size of the output file in kilobytes.
The value can range from 50 to 5000 kilobytes.
The default value is 5000 KB.

Defaults
Default delay value is 0 seconds.
Default input method is entering the commands interactively at the terminal.
Default output method is displaying on the screen.
Default maximum output file size is 5000 KB.

Mode
Switch command, read‐write.

Usage
The simplest way to use this command is to enter the commands to be looped directly at the
terminal when prompted. Each command is entered on a separate line, and the end of the

1-62 Getting Started

loop Gathering Technical Support Information

commands is indicated by typing “END.” Any CLI commands can be entered, including bash
shell commands, but the system does not check the commands entered for correctness or
completeness. When this command is running, it can be terminated by a CTRL‐C.
An alternative way of specifying the commands to be looped is by means of an input file, which
must reside in either the public or local directory on the active CM. Each command should be
listed on a separate line (the text “END” is not needed to indicate the end of the file).
By default, the output of the looped commands is displayed on the screen and no other commands
can be entered until the loop is complete or has been terminated. You can run the loop in the
background by specifying an output file. The file must reside in the public or local directory of the
active CM. If the file already exists, the output of the current loop will be appended.
If the maximum size of the output file is reached, the loop command will truncate the file from the
beginning, limiting the size but keeping the latest information.
You can use the loop status command to see if a loop command is running in the background and
the loop terminate command to terminate a background loop. Only one background loop
command can be active at any time.

Examples
This example illustrates entering the commands to be looped at the command line.
matrix-x(switch-su)-> loop 2

Enter the commands for the loop. Type END on a line by itself when done.
show version
router
show ip route
exit
bash date
END

Loop 1 of 2:

Running script...
matrix-x(switch-su)-> show version
Chassis Firmware Revision: images/dummy.xsi
Version 1.5.0.N
04/14/07 22:10:46 /view/BUILD_X-SERIES_1.5.0.N_14-APR-2007
Enterasys Networks Matrix X

matrix-x(switch-su)-> router
matrix-x(router-exec)# show ip route
FIB - Forwarding Information Base
Codes: C - connected, S - static, R - RIP, B - BGP, O - OSPF
D - DVMRP, 3 - OSPF3, I - IS-IS, K - Kernel
A - Aggregate

S 127.0.0.0/8 [0/0] via 127.0.0.1, 00:01:46, lo

C 127.0.0.1/32 [1/0] via 127.0.0.1, 00:01:46, lo
C 172.50.0.0/16 [1/0] via 172.50.1.101, 00:01:46, eth0
matrix-x(router-exec)# exit
matrix-x(switch-su)-> bash date
Mon Apr 16 19:22:57 UTC 2007
matrix-x(switch-su)->

Matrix X Router Command Line Interface Reference Guide 1-63

Gathering Technical Support Information loop

Loop 1 of 2 complete.

Loop 2 of 2:

Running script...
matrix-x(switch-su)-> show version
Chassis Firmware Revision: images/dummy.xsi
Version 1.5.0.N
04/14/07 22:10:46 /view/BUILD_X-SERIES_1.5.0.N_14-APR-2007
Enterasys Networks Matrix X

S 127.0.0.0/8 [0/0] via 127.0.0.1, 00:01:47, lo

C 127.0.0.1/32 [1/0] via 127.0.0.1, 00:01:47, lo
C 172.50.0.0/16 [1/0] via 172.50.1.101, 00:01:47, eth0
matrix-x(router-exec)# exit
matrix-x(switch-su)-> bash date
Mon Apr 16 19:22:58 UTC 2007
matrix-x(switch-su)->

Loop 2 of 2 complete.
matrix-x(switch-su)->

This example shows how to run the loop command in the background.
matrix-x(switch-su)-> loop 3 5 outfile public/loop.out
Enter the commands for the loop. Type END on a line by itself when done.
show version
show system hardware summary
show system utilization cpu
END
Loop command to be run with results to public/loop.out, maximum size 5000
kilobytes.
matrix-x(switch-su)->

1-64 Getting Started

loop status Gathering Technical Support Information

loop status
This command displays whether a loop command is currently running in the background.

Syntax
loop status

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Usage
If a loop command is running in the background, this command will display the number of loops
completed, the total number of loops, the delay, and the output file. Only one background loop
command can be active at any time.
If no loop command is running in the background, this command will tell you that.

Example
This example shows the output of this command when a background loop command is running.
matrix-x(switch-su)-> loop status
A background loop command is running.

Loop 2 of 3 is currently running with a 5 second delay between loops.

Output to file public/loop.out.
Output file size limit is 5000 kbytes.

loop terminate
This command terminates a loop command running in background.

Syntax
loop terminate

Parameters
None.

Defaults
None.

Matrix X Router Command Line Interface Reference Guide 1-65

Gathering Technical Support Information loop terminate

Mode
Switch command, read‐write.

Usage
Use this command to terminate a loop command running in background. CTRL‐C will not
terminate a command running in background.

Example
This example first shows that there is a loop command running, then terminates it.
matrix-x(switch-rw)-> loop status
A background loop command is running.

Loop 1 of 5 is currently running with a 20 second delay between loops.

Output to file public/loopoout.2.
Output file size limit is 5000 kbytes.

matrix-x(switch-rw)-> loop terminate

Terminating the background loop command.
matrix-x(switch-rw)->

1-66 Getting Started

router Entering Router Mode

Entering Router Mode

Purpose
This command enables the routing CLI.

Command

For information about... Refer to page...

router 1-67

router
This command acquires the routing CLI.

Syntax
router

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Usage
This command puts your session into router user mode, in which a limited number of commands
are available. To use the CLI to configure interfaces and routing protocols, you must first enter
privileged mode, by executing the enable command, and then enter configuration mode, by
executing the configuration command.
The following examples illustrate the steps to move from the switch CLI to the router CLI and
then into router configuration mode. Refer to Chapter 23, Router Configuration Commands, for
descriptions of the configuration commands available to you in router configuration mode.

Matrix X Router Command Line Interface Reference Guide 1-67

Entering Router Mode router

Examples
The following example acquires the routing CLI and displays the commands available in user
mode:
matrix-x(switch-su)-> router
matrix-x(router-exec>-> ?
enable Enter privileged mode
help Learn about context-sensitive help
history Show command history
logout Close the session
no Turn off a command
quit Close the session
router-context connect to Matrix X
show Show internal values
terminal Set terminal state
matrix-x(router-exec>->
The following example acquires the privileged mode from user mode and displays the commands
available in privileged mode:
matrix-x(router-exec>-> enable
Password:
matrix-x(router-exec>-> ?
clear clear state
configure configure router state
disable Leave privileged mode
help Learn about context-sensitive help
history Show command history
no Turn off a command
ping ping command
quit Close the session
show Show internal values
terminal Set terminal state
traceroute traceroute command
write Save running config to file
The following example acquires the configuration mode and enters configuration commands from
the terminal:
matrix-x(router-exec>-> configure
matrix-x(router-config) ?
file load configuration from a file
terminal enter configuration commands from the terminal
matrix-x(router-config)#configure
#
To start configuring interfaces, enter the interface command followed by a port string identifier.
The default for the interface is shutdown. Therefore, you must enter the no shutdown command
to enable the interface. Otherwise, when you leave the interface configuration mode, the interface
will be disabled.
The following example enters interface configuration mode for the Gigabit Ethernet port number
1 on the module in slot 4, and enables the interface.
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1->no shutdown
matrix-x(router-config-if-ge.4.1->

1-68 Getting Started

2
Managing Hardware

This chapter describes how to display information about the Matrix X Router chassis hardware,
how to set hardware parameters, and how to reset the system. Commands related to the high
availability status of the chassis are also provided in this chapter.

For information about... Refer to page...

General Hardware Commands 2-1

Power Management Commands 2-12

IOM Management Commands 2-21

Fabric Module Commands 2-30

High-Availability Commands 2-47

General Hardware Commands

Purpose
These switch mode commands allow you to display information about all the hardware
components of the X Router, and to reset the system.

Note: For information about performing a hitless upgrade of system firmware, which uses the
reset system hitless command, see Chapter 3, Managing Firmware.

Commands

For information about... Refer to page...

show system 2-2

show system hardware 2-3

show system uptime 2-7

show system utilization 2-8

reset system 2-10

Matrix X Router Command Line Interface Reference Guide 2-1

General Hardware Commands show system

show system
This command displays system information, including contact information, power and fan tray
status and uptime.

Syntax
show system

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays system information:
matrix-x(switch-ro)-> show system
System contact: John Smith
System location: Building A, 1st floor
System name: xcore_1

chassis Matrix X Router 16-slot

cm 1 not-present
cm 2 ok CM Version 1.0

fm 1 ok X16 FM Version 1.0

fm 2 not-present

iom 1 not-present
iom 2 not-present
iom 3 not-present
iom 4 not-present
iom 5 ok - In Service 2 Port 10 Gigabit Ethernet (Beta)
iom 6 not-present
iom 7 not-present
iom 8 not-present
iom 9 not-present
iom 10 not-present
iom 11 not-present
iom 12 not-present
iom 13 not-present
iom 14 not-present
iom 15 not-present
iom 16 ok - In Service 2 Port 10 Gigabit Ethernet (Beta)

power 1 not-present
power 2 not-present
power 3 not-present
power 4 not-present
power 5 ok PWR-Rev-1
power 6 ok PWR-Rev-1

2-2 Managing Hardware

show system hardware General Hardware Commands

fan 1 ok FAN-Rev-1
fan 2 ok FAN-Rev-1
fan 3 ok FAN-Rev-1
fan 4 ok FAN-Rev-1
fan 5 not-present
fan 6 ok FAN-Rev-1

show system hardware

This command displays the system’s hardware configuration.

Syntax
show system hardware [{| search regexp} | summary | cm n | iom n | fm n| fan n |
powersupply n]

Parameters

| search regexp (Optional) Display the lines in the hardware configuration output that
match the search regular expression. Refer to Table 1‐2 on page 1‐6 for a
list of regular expression operators.
summary (Optional) Display a summary of hardware configuration.
cm n (Optional) Display information about a specific Control Module. Value
of n can be 1 or 2.
fm n (Optional) Display information about a specific Fabric Module. Value of
n can be 1 or 2.
iom n (Optional) Display information about a specific Input/Output Module.
Value of n can be 1 through 4, 8, or 16, depending on the chassis type.
fan n (Optional) Display information about a specific fan tray. Value of n can
be 1 through 4 or 6, depending on the chassis type.
powersupply n (Optional) Display information about a specific power supply module.
Value of n can be 1 through 3, 4 or 6, depending on the chassis type.

Mode
Switch command, read‐only.

Usage
See Table 1‐2 on page 1‐6 for a complete description of the regular expression syntax that can be
used with this command.
The Temperature field displayed for the fan trays can indicate a status of OK or WARNING. For
the fan trays, a WARNING status indicates only that the ambient temperature conditions of the
chassis have increased. The chassis is still operating within the normal operating parameters.
The Temperature field displayed for the power supplies can indicate a status of OK or FAILURE.
A FAILURE status indicates an over‐temperature (OTP) shutdown of the power supply.

Matrix X Router Command Line Interface Reference Guide 2-3

General Hardware Commands show system hardware

Examples
The following example shows the information displayed with the show system hardware
command.

Note: Depending on the hardware configuration of your Matrix X Router, your output may vary from
the example shown.

matrix-x(switch-ro)-> show system hardware

CHASSIS HARDWARE INFORMATION

----------------------------
Chassis Type: X-Series 8-slot
905 Part number: 9053147000
905 Serial number: 000432005738
940 Part number: 0000000000
940 Serial number: 000000000000
Part number: X8-C
Base Mac Address: 00-01-f4-da-5a-2f
Board rev: 1.0
Board ID: 1.0
Engineering ID: 5

POWER/FAN MODULE INFORMATION

----------------------------
Power Supply Tray 1 [EMPTY]
Power Supply Tray 2 [EMPTY]
Power Supply Tray 3 [EMPTY]
Power Supply Tray 4 [EMPTY]
Power Supply Tray 5 [DC=OK] [AC=OK] [Temperature=OK]
Power Supply Tray 6 [DC=OK] [AC=OK] [Temperature=OK]

Fan Tray 1 [Status=OK] [Temperature=OK]

905 Part number: 9053216000
905 Serial number: 045001966642
940 Part number: 9403928000
940 Serial number: 050610460045
Part number: X-FAN
Part number: X-FAN
Board rev: 1.0
Board ID: 5.0
Engineering ID: 0

Fan Tray 2 [Status=OK] [Temperature=OK]

905 Part number: 9053216000
905 Serial number: 045001736642
940 Part number: 9403928000
940 Serial number: 050610480045
Part number: X-FAN
Part number: X-FAN
Board rev: 1.0
Board ID: 5.0
Engineering ID: 0

Fan Tray 3 [Status=OK] [Temperature=OK]

905 Part number: 9053216000
905 Serial number: 045002046642
940 Part number: 9403868000
940 Serial number: 050204560644
Part number: X-FAN

2-4 Managing Hardware

show system hardware General Hardware Commands

Part number: X-FAN

Board rev: 1.0
Board ID: 5.0
Engineering ID: 0

Fan Tray 4 [EMPTY]

Fan Tray 5 [EMPTY]
Fan Tray 6 [EMPTY]

CM MODULE INFORMATION
-------------------------
CM SLOT 1
Model: CM Version 1.0
State: Active
905 Part number: 9053167000
905 Serial number: 042800240004
940 Part number: 0000000000
940 Serial number: 000000000000
Part number: Part Num Not Set
Part number: Part Num Not Set
Board rev: 2.6
Board ID: 1.0
Engineering ID: 17
Hardware State: OK
Software State: OK
Bios Expected: 4.6.3
Bios Actual: 4.6.3
Bootloader Expected: 1.7
Bootloader Actual: 1.7
FPGA Expected: 3.28
FPGA Actual: 3.28
Software Version: 1.3.0
Memory Size: 1033276 KB
Flash Size: 1024 MB
CM SLOT 2
Model: CM Version 1.0
State: Standby
905 Part number: 9053167000
905 Serial number: 044200666607
940 Part number: 0000000000
940 Serial number: 000000000000
Part number: Part Num Not Set
Part number: Part Num Not Set
Board rev: 3.0
Board ID: 1.0
Engineering ID: 32
Hardware State: OK
Software State: OK
Bios Expected: 4.6.3
Bios Actual: 4.6.3
Bootloader Expected: 1.7
Bootloader Actual: 1.7
FPGA Expected: 3.28
FPGA Actual: 3.28
Software Version: 1.3.0
Memory Size: 1033276 KB
Flash Size: 1024 MB

FM MODULE INFORMATION
-------------------------
FM SLOT 1

Matrix X Router Command Line Interface Reference Guide 2-5

General Hardware Commands show system hardware

Model: X8 FM Version 1.0

905 Part number: 9053170000
905 Serial number: 044400596511
940 Part number: 0000000000
940 Serial number: 000000000000
Part number: Part Num Not Set
Base Mac Address: 00-01-f4-00-00-00
Board rev: 1.0
Board ID: 1.0
Engineering ID: 0
State: Board Active
Hardware State: OK
Software State: OK
FM SLOT 2
Model: X8 FM Version 1.0
905 Part number: 9053170000
905 Serial number: 044400596602
940 Part number: 0000000000
940 Serial number: 000000000000
Part number: Part Num Not Set
Base Mac Address: 00-01-f4-00-00-00
Board rev: 1.2
Board ID: 1.0
Engineering ID: 27
State: Board Active
Hardware State: OK
Software State: OK

IOM MODULE INFORMATION

-------------------------
IOM SLOT 1
Model: 32 Port Gigabit Ethernet (Version 1)
905 Part number: 9053195000
905 Serial number: 045200346607
940 Part number: 0000000000
940 Serial number: 000000000000
Part number: Part Num Not Set
Base Mac Address: 00-11-88-08-0e-ab
Board rev: 2.1
Board ID: 1.0
Engineering ID: 19
State: Board Active
Hardware State: OK
Software State: OK - In Service
Bootloader Expected: 1.19
Bootloader Actual: 1.20
** Info - actual version greater than expected version. Ok **
FPGA Expected: 3.4
FPGA Actual: 3.4
Software Version: 1.3.0
Uptime: 0 days 6 hours 37 mins 11 secs
Memory Size: 510544 KB
IOM SLOT 2
Model: 32 Port Gigabit Ethernet (Version 1)
905 Part number: 9053230000
905 Serial number: 050901316643
940 Part number: 9403950000
940 Serial number: 051000606642
Part number: X-G32-00
Base Mac Address: 00-11-88-03-de-09
Board rev: 3.0

2-6 Managing Hardware

show system uptime General Hardware Commands

Board ID: 4.10

Engineering ID: 0
State: Board Active
Hardware State: OK
Software State: OK - In Service
Bootloader Expected: 1.19
Bootloader Actual: 1.19
FPGA Expected: 3.4
FPGA Actual: 3.4
Software Version: 1.3.0
Uptime: 0 days 6 hours 37 mins 11 secs
Memory Size: 510544 KB
-------------------------
The following example displays the output of the show system hardware summary command:
matrix-x(switch-su)-> show system hardware summary

chassis X-Series 8-slot

cm 1 ok CM Version 1.0
cm 2 ok CM Version 1.0

fm 1 ok X8 FM Version 1.0
fm 2 ok X8 FM Version 1.0

iom 1 ok - In Service 32 Port Gigabit Ethernet (Version 1)

iom 2 ok - In Service 32 Port Gigabit Ethernet (Version 1)
iom 3 ok - In Service 32 Port Gigabit Ethernet (Version 1)
iom 4 not-present
iom 5 ok - In Service 32 Port 10/100/1000 Ethernet (Version 1)
iom 6 ok - In Service 32 Port Gigabit Ethernet (Version 1)
iom 7 ok - In Service 2 Port 10 Gigabit Ethernet (Version 1)
iom 8 ok - In Service 2 Port 10 Gigabit Ethernet (Version 1)

power 1 ok PWR-Rev-1
power 2 not-present
power 3 not-present
power 4 not-present

fan 1 ok FAN-Rev-1
fan 2 ok FAN-Rev-1
fan 3 ok FAN-Rev-1
fan 4 not-present
fan 5 not-present
fan 6 not-present

show system uptime

This command displays the length of time the system has been up and operational.

Syntax
show system uptime

Parameters
None.

Matrix X Router Command Line Interface Reference Guide 2-7

General Hardware Commands show system utilization

Mode
Switch command, read‐only.

Usage
The system up time is expressed in terms of days:hours:minutes:seconds.

Example
matrix-x(switch-ro)-> show system uptime
System uptime: 0d05h10m34s
matrix-x(switch-ro)->

show system utilization

This command displays system resource utilization information.

Syntax
show system utilization {cpu | process | storage | memory [detail {cm num | iom
num}]} [cm num | iom num]

Parameters
cpu Display total CPU utilization.
process Display the CPU’s process utilization.
storage Display the storage utilization.
memory Display memory utilization, at processor or per process level, for the
previous 15‐minute, 1‐hour, 6‐hour, and 1‐day intervals.
detail (Optional) Display a CM’s or IOM’s process memory utilization.
{cm num | iom num}
cm num (Optional) Display utilization information for the specified CM. The
value of num can be 1 or 2.
iom num (Optional) Display utilization information for the specified IOM. The
value of num can be 1 through 16.

Defaults
If a particular CM or IOM card is not specified, utilization information for all cards in the system
is displayed.

Mode
Switch command, read‐only.

Usage
Use the show system utilization memory command to help detect memory leaks. Using the
command without the detail parameter displays processor level memory changes. Using the
detail parameter displays process level changes.

Examples
This example displays CPU utilization for CM 1.

2-8 Managing Hardware

show system utilization General Hardware Commands

matrix-x(switch-ro)-> show system utilization cpu cm 1

Total CPU Utilization:

Card 15 sec 1 min 5 min

----------------------------------------------------
cm1 0.26 1.90 3.95
This example displays storage utilization for CM1.
matrix-x(switch-su)-> show system utilization storage
Storage Utilization:

Card: cm1

Type Description Size (Kb) Available (Kb)

---------------------------------------------------------------------------
RAM RAM 766500 483060
RAM Miscellaneous Non-Persistent Files 383248 383208
Flash Image Storage 63461 59334
Flash Configuration Data 126931 119941
Flash Crash Files 253871 229313
Flash Log Files 32768 30964
Flash Miscellaneous Persistent Files 253871 229313

This example displays processor level memory changes after a few CM failovers.
matrix-x(switch-su)-> show system utilization memory
Process Memory Utilization (all values in KB):
Name ProcID Current Deltas 15 Min 1 Hour 6 Hour 1 Day
---------------------------------------------------------------------------
cm1 0 172008 0 N/A N/A N/A
cm2 0 294932 + 12 N/A N/A N/A
iom1 0 230688 + 8 + 84 N/A N/A
iom2 - Not Present
iom3 - Not Present
iom4 - Not Present
iom5 - Not Present
iom6 - Not Present
iom7 - Not Present
iom8 - Not Present
iom9 - Not Present
iom10 - Not Present
iom11 - Not Present
iom12 - Not Present
iom13 - Not Present
iom14 - Not Present
iom15 - Not Present
iom16 - Not Present

This example displays process memory utilization for IOM 1 shown in the previous example. The
output indicates that the EPA and FEM processes may have leaked memory.
matrix-x(switch-su)-> show system utilization memory detail iom 1
Process Memory Utilization (all values in KB):
Card: iom1
Name ProcID Current Deltas 15 Min 1 Hour 6 Hour 1 Day
---------------------------------------------------------------------------
idle 0 0 0 0 0 0
init 1 572 0 0 N/A N/A
keventd 2 0 0 0 0 0

Matrix X Router Command Line Interface Reference Guide 2-9

General Hardware Commands reset system

portmap 3 500 0 0 N/A N/A

syslogd 4 1556 0 0 N/A N/A
klogd 5 1332 0 0 N/A N/A
xinetd 6 944 0 0 N/A N/A
sham_ppm 7 2292 0 0 N/A N/A
ipcd 8 1812 0 0 N/A N/A
nameserver 9 2248 0 0 N/A N/A
ipccfg 10 2300 0 0 N/A N/A
domainlink 11 2528 0 - 128 N/A N/A
domainlink 12 2676 0 + 160 N/A N/A
domainlink 13 2224 0 0 N/A N/A
<several applications deleted>
ccasyslogd 39 3768 0 0 N/A N/A
dlm 40 2504 0 0 N/A N/A
enmSysTimeClien 41 2172 0 0 N/A N/A
epa 42 2656 0 + 12 N/A N/A
ess 43 99468 0 0 N/A N/A
fabmIom 44 2584 0 0 N/A N/A
fem 45 86808 0 + 44 N/A N/A
iommIom 46 2376 0 0 N/A N/A
mmrIom 47 2132 0 0 N/A N/A
pm 48 2576 0 0 N/A N/A
qedIom 49 2704 0 0 N/A N/A
xflowAgent 50 2568 0 0 N/A N/A

reset system
This command resets the X Router without losing any user‐defined switch‐level configuration
settings.

Syntax
reset system

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Although switch‐level configuration settings are not lost when this command is executed, router‐
level configuration settings must have been saved with the write file command before this
command is executed in order to be saved.
If you press the RESET button located on the CM module, that CM will reset, causing the entire
system to restart.

Example
The following example resets the entire system:

2-10 Managing Hardware

reset system General Hardware Commands

matrix-x(switch-su)-> reset system

WARNING: This command will reset the router.

Do you really want to do this (Y/N)?

Matrix X Router Command Line Interface Reference Guide 2-11

Power Management Commands reset system

Power Management Commands

Purpose
Under normal power conditions, all IOMs inserted in the X Router chassis will be powered on at
system cold start. Under conditions of limited power availability, due to power supply failure or a
limited number of installed power supplies, the number of IOMs powered on at system cold start
will automatically be restricted to ensure that power requirements do not exceed the available
supply.
The power management commands allow you to:
• Directly turn IOM power on or off, overriding automatic control.
• Set the IOM power‐on priority to be used under conditions of limited power availability. By
default, IOMs are powered on in slot order until power demand reaches available supply.
• Indicate whether the incoming AC power source is 110 volts or 220 volts.
Once an IOM has been powered on, it will never automatically be powered off. Its power can be
powered off manually, using the set power iom CLI command at any time. Note that a manual
setting of off is persistent.
If an IOM is not automatically powered on, due to limited power conditions, it can be turned on
using the set power iom command. A manual setting of on is not persistent, in order to avoid
creating a potential continuous reboot condition if the power supply is limited. An empty IOM
slot cannot be powered on.

Caution: Manually turning on an IOM may cause the power supplies to be overloaded and cause
all installed modules to be underpowered. Significant underpowered conditions can lead to unstable
behavior, including chassis reboot.

Commands

For information about... Refer to page...

show power 2-13

set power iom 2-14

clear power iom 2-15

set power iom priority 2-15

clear power iom priority 2-16

set power minimum-modules 2-17

clear power minimum-modules 2-18

set power source-voltage 2-18

clear power source-voltage 2-19

2-12 Managing Hardware

show power Power Management Commands

show power
This command displays the X Router power configuration.

Syntax
show power

Parameters
None.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
The power management facility on the Matrix X Router determines the number and state of the
power supplies installed in the chassis, the number of IOMs installed and their power
requirements based on type (if known), and calculates the chassis power requirements, assuming
a full configuration of CMs, FMs, and fans.
This command displays the information gathered by the power management facility. Since IOM
type is not known until the IOM is active, during the intermediate period during a cold start,
maximum IOM power demand is assumed.

Example
This example illustrates the output of the show power command.
matrix-x(switch-su)-> show power

AC Power Source: 110 volts

2 Power Supplies are Installed in Chassis
2 Power Supplies are Operating Properly
Total Power Available in Chassis: 2400 watts

0 Power Supplies are Operating Spares

2 Power Supplies are Configured as Non-Spare

Total Power Available to Modules: 2400 watts
Base Power Load (CMs, FMs, Fans): 565 watts

Total Power Available for IOMs: 1835 watts

IOM Power IOM Power on Is IOM Is Slot Power

on Order Slot Priority Present Powered Demand
--------- ---- -------- ------- ------- -------
1 1 1 present yes 155
2 2 1 present yes 155
3 3 1 present yes 155
4 4 1 empty no 155 *
5 5 1 present yes 155

Matrix X Router Command Line Interface Reference Guide 2-13

Power Management Commands set power iom

6 6 1 present yes 155

7 7 1 present yes 155
8 8 1 present yes 155
* Power Demand Assumed; IOM type not yet known

Power Available for additional IOMs: 750 watts

set power iom

This command manually turns the power for an IOM on or off.

Syntax
set power iom slot {on | off}

Parameters
slot Specifies the slot number of the IOM. The value of slot can range from 1
to 16, depending on the type of chassis.
on Turns power on for the specified IOM slot, if it was not turned on
automatically. A setting of on is not persistent.
You cannot turn power on for a slot that does not contain an IOM.
off Turns power off for the specified IOM slot, if it was turned on. A setting
of off is persistent.
Power is automatically turned off for slots that do not contain an IOM.

Defaults
By default, power is turned on in slot order, starting at slot 1, until power demand reaches
available supply.

Mode
Switch mode, read‐write.

Usage
If an IOM is not automatically powered on, due to limited power conditions, it can be turned on
using this command. However, since this action can cause power supplies to be overloaded and
all modules installed in the chassis to be underpowered, leading to unstable behavior, an on
setting is not persistent across chassis cold boots. An off setting is persistent.
You can change the order that IOM slots are powered on, in the case of limited power availability,
using the set power iom priority command.

Example
This example turns on power to the IOM in slot 4.
matrix-x(switch-rw)-> set power iom 4 on

2-14 Managing Hardware

clear power iom Power Management Commands

clear power iom

This command resets the automatic power control state for the specified IOM back to its default.
The default is to automatically turn IOMs on, if sufficient power supply is available.

Syntax
clear power iom slot

Parameters
slot Specifies the slot number of the IOM. The value of slot can range from 1
to 16, depending on the type of chassis.

Defaults
The default is to automatically turn IOMs on, if sufficient power supply is available.

Mode
Switch mode, read‐write.

Usage
Use this command to reset the automatic power control state for an IOM back to the default state,
which is to turn on the IOM if sufficient power supply is available. If power has been turned off to
a slot, this command will turn power on to the slot, as long as sufficient power supply is available.
Note that this command will have no immediate affect, even in a power overload condition, if the
slot was previously powered on manually with the set power iom slot on command, since a
powered‐on IOM will never be automatically powered off.

Example
This example turns power on to the IOM in slot 4.
matrix-x(switch-rw)-> clear power iom 4

set power iom priority

This command sets the priority for automatic power‐on of the IOM.

Syntax
set power iom slot priority priority

Parameters
slot Specifies the slot number of the IOM. The value of slot can range from 1
to 16, depending on the type of chassis.
priority Specifies the priority for powering‐on the IOM in the specified slot. The
value of priority can range from 1 to 16, depending on the type of
chassis. A priority of 1 is the highest.

Defaults
By default, all IOMs have a priority of 1.

Matrix X Router Command Line Interface Reference Guide 2-15

Power Management Commands clear power iom priority

Mode
Switch mode, read‐write.

Usage
You can use this command to change the order in which IOM slots are powered on, in the case of
limited power availability. If two or more slots have the same configured priority, the slot with the
lowest slot number is turned on first. By default, all slots are assigned a priority of 1, so by default,
power is turned on in slot order, starting at slot 1.
Note that a powered‐on IOM will never be automatically powered off, so changing the power‐on
priority of an IOM may have no immediate effect.

This command defines the voltage type applied to the chassis.

Syntax
set power source-voltage [110v | 220v]

Parameters
110v | 220v (Optional) Sets the voltage type for the chassis. 110v is the default value.
If neither value is entered, the voltage type is set to 110v.
110v should be specified for any voltage type between 90 and 180 volts.
220v should be specified for any voltage type between 181 and 264
volts.

Defaults
110 volts.

2-18 Managing Hardware

clear power source-voltage Power Management Commands

Mode
Switch mode, read‐write.

Usage
Use this command to tell the power management facility the type of voltage provided to the
chassis. If no voltage type is specified, the facility assumes 110 volts.

Caution: Setting this parameter to 220v when source voltage is actually 110v can result in a power
overload condition not detected by the power management facility, which could lead to system
instability, including continuous chassis reboot.

Example
This example illustrates setting the voltage type to 220v.
matrix-x(switch-rw)-> set power source-voltage 220v

clear power source-voltage

This command resets the voltage type to the default of 110 volts.

Syntax
clear power source-voltage

Parameters
None.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to reset the voltage type used by the power management facility to 110 volts if
it has been set to 220 volts.

Example
The following example uses the show power command to display the current voltage setting, then
returns the setting to the default of 110 volts.
matrix-x(switch-su)-> show power

AC Power Source: 220 volts

0 Power Supplies are Installed in Chassis
6 Power Supplies are Operating Properly
Total Power Available in Chassis: 9000 watts

3 Power Supplies are Operating Spares

3 Power Supplies are Configured as Non-Spare

Total Power Available to Modules: 4500 watts
Base Power Load (CMs, FMs, Fans): 635 watts

Matrix X Router Command Line Interface Reference Guide 2-19

Power Management Commands clear power source-voltage

Total Power Available for IOMs: 3865 watts

IOM Power IOM Power on Is IOM Is Slot Power

on Order Slot Priority Present Powered Demand
--------- ---- -------- ------- ------- -------
1 3 1 empty no 155 *
2 4 1 present yes 155
3 5 1 empty no 155 *
4 6 1 empty no 155 *
5 7 1 empty no 155 *
6 8 1 empty no 155 *
7 9 1 empty no 155 *
8 10 1 empty no 155 *
9 11 1 empty no 155 *
10 12 1 empty no 155 *
11 13 1 empty no 155 *
12 14 1 empty no 155 *
13 15 1 empty no 155 *
14 16 1 empty no 155 *
15 2 15 empty no 155 *
16 1 16 empty no 155 *
* Power Demand Assumed; IOM type not yet known

Power Available for additional IOMs: 3710 watts

matrix-x(switch-rw)-> clear power source-voltage

2-20 Managing Hardware

show iom parameters IOM Management Commands

IOM Management Commands

Purpose
These switch mode commands are used to reset an IOM, clear all IOM configuration parameters
for a specific slot, and display and configure IOM restart parameters.
By default, IOMs will attempt to restart if a fault condition is detected. The number of attempts
and the time intervals over which these attempts are made are controlled with the IOM restart
commands.

Commands

For information about... Refer to page...

show iom parameters 2-21

set iom boot-retries 2-22

clear iom boot-retries 2-23

set iom boot-timeout 2-23

clear iom boot-timeout 2-24

set iom reset-retries 2-24

clear iom reset-retries 2-25

set iom reset-timeout 2-25

clear iom reset-timeout 2-26

reset iom 2-27

clear config iom 2-28

show iom parameters

This command displays the configured values of the IOM restart parameters for a given slot.

Syntax
show iom parameters slot

Parameters
slot Specifies the slot number for which to display IOM parameters. The
value of slot can range from 1 to 16, but is chassis‐specific.

Defaults
None.

Mode
Switch mode, read‐write.

Matrix X Router Command Line Interface Reference Guide 2-21

IOM Management Commands set iom boot-retries

Usage
Use this command to display the currently configured IOM restart parameters. These parameters
are set with the set iom boot‐retries, set iom boot‐timeout, set iom reset‐retries, and set iom
reset‐timeout commands.

Example
This example displays the IOM restart parameters for the IOM in slot 4.
matrix-x(switch-rw)-> show iom parameters 4
boot-retries: 10
boot-timeout: 360 seconds
bootloader-flags:
kernel-flags:
reset-retries: 6
reset-timeout: 45000 seconds

set iom boot-retries

This command sets the maximum number of retries for booting an IOM in a specific slot.

Syntax
set iom boot-retries slot retries

Parameters
slot Specifies the IOM slot in the chassis, ranging from 1 to 16.
retries Specifies the number of retries to attempt, ranging from 0 to 255.

Defaults
5 retries.

Mode
Switch command, read‐write.

Usage
If an IOM fails during initialization, the system will attempt to reset it the number of times
specified by this command before the IOM is held down (not allowed to boot).
Once an IOM is held down and not allowed to boot, the IOM can be restarted either by removing
and reinserting the board or by issuing the reset iom command.

Example
The following example sets the boot retries to 6 for the IOM in slot 4:
matrix-x(switch-su)-> set iom boot-retries 4 6

2-22 Managing Hardware

clear iom boot-retries IOM Management Commands

clear iom boot-retries

This command resets the maximum number of retries for booting an IOM in a specific slot to the
default value of 5.

Syntax
clear iom boot-retries slot

Parameters
slot Specifies the IOM slot in the chassis, ranging from 1 to 16.

Defaults
5 retries.

Mode
Switch mode, read‐write.

Example
This example resets the number of boot retries to the default value of 5 for the IOM in slot 4.
matrix-x(switch-rw)-> clear iom boot-retries 4

set iom boot-timeout

This command sets the timeout in seconds for booting an IOM in the given slot.

Syntax
set iom boot-timeout slot timeout

Parameters
slot Specifies the IOM slot in the chassis, ranging from 1 to 16.
timeout Specifies the time during which the IOM must reach the In Service state once it
starts to boot. The value of timeout can range from 0 to 65535 seconds.
The value of 0 turns off automatic resetting of an IOM which has not reached the
In Service state.

Defaults
240 seconds.

Mode
Switch command, read‐write.

Usage
The boot timer is started when the system starts downloading software to the IOM. If the IOM
does not reach the In Service state within the boot timer period, the system will attempt to reset it
the number of times specified by the set iom boot‐retries command (or the default of 5) before the
IOM is held down (not allowed to boot).

Matrix X Router Command Line Interface Reference Guide 2-23

IOM Management Commands clear iom boot-timeout

Once an IOM is held down and not allowed to boot, the IOM can be restarted either by removing
and reinserting the board or by issuing the reset iom command.

Example
The following example sets the boot timeout to 360 seconds for the IOM in slot 4:
matrix-x(switch-rw)-> set iom boot-timeout 4 360

clear iom boot-timeout

This command resets the timeout in seconds for booting an IOM in the given slot to the default
value of 240 seconds.

Syntax
clear iom boot-timeout slot

Parameters
slot Specifies the IOM slot in the chassis, ranging from 1 to 16.

Defaults
240 seconds.

Mode
Switch mode, read‐write.

Example
This example resets the boot timeout value to the default of 240 seconds for the IOM in slot 4.
matrix-x(switch-rw)-> clear iom boot-timeout 4

set iom reset-retries

This command sets the maximum number of retries for resetting an unstable IOM.

Syntax
set iom reset-retries slot retries

Parameters

slot Specifies the IOM slot in the chassis, ranging from 1 to 16.
retries Specifies the number of retries to attempt, ranging from 0 to 255.
The value of 0 turns off automatic resetting for an IOM which has reached In
Service state before failing.

Defaults
5 retries.

2-24 Managing Hardware

clear iom reset-retries IOM Management Commands

Mode
Switch command, read‐write.

Usage
If an IOM reaches the In Service state after initialization, but later fails, the system will attempt to
reset it the number of times specified by this command before determining that the IOM is
unstable. An unstable IOM will be held down (not allowed to boot).
Once an IOM is held down and not allowed to boot, the IOM can be restarted either by removing
and reinserting the board or by issuing the reset iom command.

Example
The following example sets the reset retries to 6 for the IOM in slot 4:
matrix-x(switch-su)-> set iom reset-retries 4 6

clear iom reset-retries

This command resets the maximum number of retries for resetting an unstable IOM to the default
value of 5.

Syntax
clear iom reset-retries slot

Parameters
slot Specifies the IOM slot in the chassis, ranging from 1 to 16.

Defaults
5 retries.

Mode
Switch command, read‐write.

Example
The following example resets the reset retries to 5 for the IOM in slot 4:
matrix-x(switch-rw)-> clear iom reset-retries 4

set iom reset-timeout

This command sets the time in seconds for determining that an IOM is stable.

Syntax
set iom reset-timeout slot timeout

Parameters

slot Specifies the IOM slot in the chassis, ranging from 1 to 16.

Matrix X Router Command Line Interface Reference Guide 2-25

IOM Management Commands clear iom reset-timeout

timeout Specifies the time during which the IOM must remain in the In Service
state in order to be considered stable.
The value of timeout can range from 0 to 2,592,000 seconds (30 days). A
value of 0 means never.

Defaults
43200 seconds (12 hours).

Mode
Switch command, read‐write.

Usage
An IOM must be in the In Service state for the length of this timeout before it is considered stable.
Once an IOM is considered stable, if it fails, the system will attempt to reset it up to the maximum
number of retries specified by the set iom reset‐retries command.

Example
The following example sets the reset timeout to 21600 seconds (6 hours) for the IOM in slot 4:
matrix-x(switch-su)-> set iom reset-timeout 4 21600

clear iom reset-timeout

This command resets the time in seconds for determining that an IOM is stable to the default value
of 43200 seconds.

Syntax
clear iom reset-timeout slot

Parameters
slot Specifies the IOM slot in the chassis, ranging from 1 to 16.

Defaults
43200 seconds (12 hours).

Mode
Switch command, read‐write.

Example
The following example resets the reset timeout to the default (12 hours) for the IOM in slot 4:
matrix-x(switch-rw)-> clear iom reset-timeout 4

2-26 Managing Hardware

reset iom IOM Management Commands

reset iom
This command resets/restarts the IOM is a given slot.

Syntax
reset iom slot [extdiags] [maintmode]

Parameters
slot Specifies the slot of the IOM to be reset. The value can range from 1 to
16, but is chassis specific.
extdiags (Optional) Run extended diagnostics immediately after the module is
reset.
maintmode (Optional) Run maintenance mode immediately after the module is
reset. Maintenance mode takes the IOM out of service so further
operations can be performed on it.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to reset/restart a specific IOM. You can use this command at any time to restart
an IOM, instead of physically removing and reinserting the module.
When you use the maintmode parameter, the IOM is taken out of service so further operations,
such as updating the FPGA code, can be performed. To return the IOM to service, execute the reset
iom slot command without any parameters.
When you use the extdiags parameter, the system runs extended diagnostics which perform an
exhaustive test of the hardware on that IOM. The process will take several minutes to complete.
Extended diagnostics should be run only when requested by Enterasys Technical Support
personnel. After the IOM has run extended diags, it must be returned to normal operation by
executing the reset iom slot command without any parameters.
Note that this command does not ask you to confirm the reset before taking the action.
You can view the status of IOM cards that have been put into maintenance mode or that have had
extended diagnostics run on them with the show system hardware iom slot command.
Descriptive text will be displayed in the Software State: field.

Examples
This example illustrates resetting the IOM in slot 4.
matrix-x(switch-rw)-> reset iom 4
Resetting IOM in slot 4.
matrix-x(switch-rw)->
Active IOM arrived in slot 4.. Please wait for initialization.

IOM in slot 4 is now initialized

Matrix X Router Command Line Interface Reference Guide 2-27

IOM Management Commands clear config iom

This example puts the IOM in slot 3 into maintenance mode, then displays the status of the IOM.
matrix-x(switch-rw)-> reset iom 3 maintmode
Resetting IOM in slot 3.
matrix-x(switch-rw)->
matrix-x(switch-su)-> show system hardware iom 3

IOM SLOT 3
Model: 2 Port 10 Gigabit Ethernet
905 Part number: 9053172000
905 Serial number: 044300196643
940 Part number: 9403872000
940 Serial number: 044400276609
Part number: Part Num Not Set
Base Mac Address: 00-01-f4-da-5b-0b
Board rev: 3.1
Board ID: 1.0
Engineering ID: 10
State: Board Not Active
Hardware State: OK
Software State: Maintenance Mode
Bootloader Expected: 1.26
Bootloader Actual: 1.26
Software Version: 1.3.0
Uptime: 0 days 0 hours 0 mins 37 secs
Memory Size: 515328 KB

clear config iom

This command clears all configuration parameters related to a given IOM slot.

Syntax
clear config iom slot

Parameters
slot Specifies the IOM slot to be cleared of configuration parameters. The
value of slot can range from 1 to 16, but is chassis‐specific.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
When you physically remove an IOM from a slot, configuration information related to that IOM
remains in the system as a “phantom” configuration, in case the IOM is reinserted into the slot or
another IOM of the same type is inserted.

2-28 Managing Hardware

clear config iom IOM Management Commands

If you physically install a different type of IOM into that slot, that “phantom” configuration
information is automatically removed from the system. If you install the same type of IOM into
that slot, the “phantom” configuration information is applied to the new IOM.
Alternatively, you can use this command to remove “phantom” configuration information related
to the IOM previously installed in the given slot. You can only execute this command if the
specified IOM slot is empty or powered off.

Examples
This example removes all phantom configuration information from slot 1:
matrix-x(switch-rw)-> clear config iom 4
This example illustrates that the slot must be empty before this command can be executed:
matrix-x(switch-rw)-> clear config iom 4
IOM slot must be empty or powered off
matrix-x(switch-rw)->

Matrix X Router Command Line Interface Reference Guide 2-29

Fabric Module Commands clear config iom

Fabric Module Commands

Every Matrix X Router supports eight fabric data links through the Fabric Modules. These fabric
data links are used for passing traffic through the router. The set/clear/show system fabric
commands allow you to configure parameters related to an automatic fabric data link error
detection and recovery process on the IOMs, and to display information about the fabric data link
status and configuration.

Purpose
These switch mode commands display information about the fabric modules (FMs) installed in
the chassis, to configure parameters for the fabric data link automatic error detection and recovery
process, and to allow you to reset the FMs.

Note: Refer to Chapter 21, CoS Commands, for information about the commands used to display
and clear QoS queue packet counters—show system fabric queues and clear system fabric
queues.

Commands

For information about... Refer to page...

show system fabric 2-31

show system fabric status 2-32

show system fabric link 2-33

set system fabric link 2-34

clear system fabric link 2-35

set system fabric max-bip 2-35

clear system fabric max-bip 2-36

set system fabric max-kerr-recvd 2-37

clear system fabric max-kerr-recvd 2-37

set system fabric max-loss-of-sync 2-38

clear system fabric max-loss-of-sync 2-39

set system fabric max-rx-fifo-overflow 2-39

clear system fabric max-rx-fifo-overflow 2-40

set system fabric max-rxloss 2-41

clear system fabric max-rxloss 2-41

set system fabric max-ta 2-42

clear system fabric max-ta 2-43

set system fabric max-tx-fifo-overflow 2-43

clear system fabric max-tx-fifo-overflow 2-44

set system fabric retry-period 2-45

clear system fabric retry-period 2-45

2-30 Managing Hardware

show system fabric Fabric Module Commands

For information about... Refer to page...

reset fabric 2-46

show system fabric

This command displays the status of the Fabric Modules (FMs) installed in the chassis.

Syntax
show system fabric

Parameters
None.

Mode
Switch command, read‐only.

Example
The following example displays output of the command:
matrix-x(switch-su)-> show system fabric
FM Slot 1, hwok, active, enabled, swok, queues used=60, queues free=964
FM Slot 2, hwok, active, enabled, swok, queues used=60, queues free=964
The following table describes command output parameters:

Output ... What it Describes ...

Fabric Slot The FM slot number in the chassis: 1 or 2

hwok The status of hardware.
active An internal state of FM.
enabled The status of the FM: enabled or disabled
swok The status of software.
queues used= The number of queues in use.
queues free= The number of queues available.

Matrix X Router Command Line Interface Reference Guide 2-31

Fabric Module Commands show system fabric status

show system fabric status

This command displays Fabric Module (FM) link status.

Syntax
show system fabric status [detail]

Parameters
detail (Optional) Display more detail of current fabric data link status.

Defaults
If detail is not specified, a summary of the status is displayed.

Mode
Switch command, read‐only.

Examples
The following example illustrates the output of this command when errors were detected in fabric
data links 4 and 5.
matrix-x(switch-su)-> show system fabric status

2-32 Managing Hardware

show system fabric link Fabric Module Commands

show system fabric link

This command displays the current settings of the fabric data link automatic error detection and
recovery configuration parameters and the current administrative status of the fabric data links.

Syntax
show system fabric link config

Parameters
config Display the current configuration settings and link administrative
status.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to display the current settings of the fabric data link automatic error detection
and recovery configuration parameters and the current administrative status of the fabric data
links.

Matrix X Router Command Line Interface Reference Guide 2-33

Fabric Module Commands set system fabric link

Example
This example illustrates the information displayed by this command.
matrix-x(switch-su)-> show system fabric link config

Max Loss Of Sync Errors (max-loss-of-sync): 1

Max Loss Of Signal Errors (max-rxloss): 1
Max Tx Overflow Errors (max-tx-fifo-overflow): unlimited
Max Rx Overflow Errors (max-rx-fifo-overflow): unlimited
Max Time Alignment Errors (max-ta): unlimited
Max BIP Errors (max-bip): unlimited
Max 8b10b Errors (max-kerr-recvd): 3
Retry Period (retry-period): 60

Logical Admin
Data Link Status
--------- --------
1 enabled
2 enabled
3 enabled
4 enabled
5 enabled
6 enabled
7 enabled
8 enabled

set system fabric link

This command enables or disables a fabric data link channel.

Syntax
set system fabric link {enable | disable} link-id

Parameters
enable | disable Specifies whether the link should be enabled or disabled.
link‐id Identifies the fabric data link to be enabled or disabled. The value can
range from 1 to 8.

Defaults
Default state is enabled.

Mode
Switch mode, read‐write.

Usage
This command allows you to manually enable or disable a fabric data link. Note that disabling
fabric data links may result in less than line rate performance. You can also use the clear system
fabric link command to enable links.

2-34 Managing Hardware

clear system fabric link Fabric Module Commands

Example
This example manually disables fabric data link 1.
matrix-x(switch-su)-> set system fabric link disable 1

clear system fabric link

This command returns a fabric data link channel administrative status to the default value of
enabled.

Syntax
clear system fabric link link-id

Parameters
link‐id Identifies the fabric data link to be enabled. The value can range from 1
to 8.

Defaults
Default state is enabled.

Mode
Switch mode, read‐write.

Usage
This command allows you to return a fabric data link to the default administrative status of
enabled. You can also use the set system fabric link command to enable links.

Example
This example returns fabric data link 1 to enabled administrative status.
matrix-x(switch-su)-> clear system fabric link 1

set system fabric max-bip

This command configures the number of BIP parity check errors that will cause an automatic
disabling of a fabric data link.

Syntax
set system fabric max-bip {unlimited | num}

Example
This example sets the number of 8b10b characters and disparity errors required to 5.
matrix-x(switch-su)-> set system fabric max-kerr-recvd 5

clear system fabric max-kerr-recvd

This command resets the number of invalid 8b10b characters and disparity errors received that
will cause an automatic disabling of a fabric data link to the default value of 3.

Syntax
clear system fabric max-kerr-recvd

Parameters
None.

Defaults
The occurence of 3 invalid 8b10b characters and disparity errors on a fabric data link will cause
automatic disabling of the link.

Matrix X Router Command Line Interface Reference Guide 2-37

Fabric Module Commands set system fabric max-loss-of-sync

Mode
Switch mode, read‐write.

Usage
Use this command to reset the number of invalid 8b10b characters and disparity errors that must
occur on a fabric data link to trigger an automatic disabling of that link to the default value of 3.
You can also use the set system fabric max‐kerr‐recvd command to reset this parameter to its
default value of 3.

Example
This example resets the number of 8b10b characters and disparity errors required to 3.
matrix-x(switch-su)-> clear system fabric max-kerr-recvd

set system fabric max-loss-of-sync

This command configures the number of loss of sync errors that will cause an automatic disabling
of a fabric data link.

Syntax
set system fabric max-loss-of-sync {unlimited | num}

Parameters
unlimited Specifies that loss of sync errors will not cause an automatic disabling of
a fabric data link.
num Specifies the number of loss of sync errors that will cause an automatic
disabling of a fabric data link. The value of num can range from 1 to
65535. The default value is 1.

Defaults
The occurence of 1 loss of sync errors on a fabric data link will cause automatic disabling of the
link.

Mode
Switch mode, read‐write.

Usage
Use this command to configure the number of loss of sync errors that must occur on a fabric data
link to trigger an automatic disabling of that link. If you specify unlimited, these errors will never
trigger an automatic disabling of a link.
You can also use the clear system fabric max‐loss ‐of‐sync command to reset this parameter to its
default value of 1.

Example
This example sets the number of loss of sync errors required to 2.
matrix-x(switch-su)-> set system fabric max-loss-of-sync 2

2-38 Managing Hardware

clear system fabric max-loss-of-sync Fabric Module Commands

clear system fabric max-loss-of-sync

This command resets the number of loss of sync errors that will cause an automatic disabling of a
fabric data link to the default value of 1.

Syntax
clear system fabric max-loss-of-sync

Parameters
None.

Defaults
The occurence of 1 loss of sync errors on a fabric data link will cause automatic disabling of the
link.

Mode
Switch mode, read‐write.

Usage
Use this command to reset the number of loss of sync errors that must occur on a fabric data link
to trigger an automatic disabling of that link to the default value of 1.
You can also use the set system fabric max‐loss ‐of‐sync command to reset this parameter to its
default value of 1.

Example
This example resets the number of loss of sync errors required to 1.
matrix-x(switch-su)-> clear system fabric max-loss-of-sync

set system fabric max-rx-fifo-overflow

This command configures the number of received FIFO overflow errors that will cause an
automatic disabling of a fabric data link.

Syntax
set system fabric max-rx-fifo-overflow {unlimited | num}

Parameters
unlimited Specifies that received FIFO overflow errors will not cause an automatic
disabling of a fabric data link. This is the default.
num Specifies the number of received FIFO overflow errors that will cause an
automatic disabling of a fabric data link. The value of num can range
from 1 to 65535.

Defaults
The occurence of received FIFO overflow errors on a fabric data link will not cause automatic
disabling of the link.

Matrix X Router Command Line Interface Reference Guide 2-39

Fabric Module Commands clear system fabric max-rx-fifo-overflow

Mode
Switch mode, read‐write.

Usage
Use this command to configure the number of received FIFO overflow errors that must occur on a
fabric data link to trigger an automatic disabling of that link. If you specify unlimited, received
FIFO overflow errors will never trigger an automatic disabling of a link.
You can also use the clear system fabric max‐rx‐fifo‐overflow command to reset this parameter to
its default value of unlimited.

Example
This example sets the number of received FIFO overflow errors required to 10.
matrix-x(switch-su)-> set system fabric max-rx-fifo-overflow 10

clear system fabric max-rx-fifo-overflow

This command resets the number of received FIFO overflow errors that will cause an automatic
disabling of a fabric data link to the default of unlimited.

Syntax
clear system fabric max-rx-fifo-overflow

Parameters
None.

Defaults
The occurence of received FIFO overflow errors on a fabric data link will not cause automatic
disabling of the link.

Mode
Switch mode, read‐write.

Usage
Use this command to reset the number of received FIFO overflow errors that must occur on a
fabric data link to trigger an automatic disabling of that link to the default value of unlimited.
You can also use the set system fabric max‐rx‐fifo‐overflow command to reset this parameter to
its default value of unlimited.

Example
This example resets the number of received FIFO overflow errors required to unlimited.
matrix-x(switch-su)-> clear system fabric max-rx-fifo-overflow

2-40 Managing Hardware

set system fabric max-rxloss Fabric Module Commands

set system fabric max-rxloss

This command configures the number of loss of signal errors that will cause an automatic
disabling of a fabric data link.

Syntax
set system fabric max-rxloss {unlimited | num}

Parameters
unlimited Specifies that loss of signal errors will not cause an automatic disabling
of a fabric data link.
num Specifies the number of loss of signal errors that will cause an automatic
disabling of a fabric data link. The value of num can range from 1 to
65535. The default value is 1.

Defaults
The occurence of one loss of signal error on a fabric data link will cause automatic disabling of the
link.

Mode
Switch mode, read‐write.

Usage
Use this command to configure the number of loss of signal errors that must occur on a fabric data
link to trigger an automatic disabling of that link. If you specify unlimited, loss of signal errors
will never trigger an automatic disabling of a link.
You can also use the clear system fabric max‐rxloss command to reset this parameter to its default
value of 1.

Example
This example sets the number of loss of signal errors required to 2.
matrix-x(switch-su)-> set system fabric max-rxloss 2

clear system fabric max-rxloss

This command reconfigures the number of loss of signal errors that will cause an automatic
disabling of a fabric data link to the default value of 1.

Syntax
clear system fabric max-rxloss

Parameters
None.

Defaults
The occurence of one loss of signal error on a fabric data link will cause automatic disabling of the
link.

Matrix X Router Command Line Interface Reference Guide 2-41

Fabric Module Commands set system fabric max-ta

Mode
Switch mode, read‐write.

Usage
Use this command to reset the number of loss of signal errors that must occur on a fabric data link
to trigger an automatic disabling of that link to the default of 1.
You can also use the set system fabric max‐rxloss command to reset this parameter to its default
value of 1.

Example
This example resets the number of loss of signal errors required to 1.
matrix-x(switch-su)-> clear system fabric max-rxloss

set system fabric max-ta

This command configures the number of time alignment errors that will cause an automatic
disabling of a fabric data link.

Syntax
set system fabric max-ta {unlimited | num}

Parameters
unlimited Specifies that time alignment errors will not cause an automatic
disabling of a fabric data link. This is the default.
num Specifies the number of time alignment errors that will cause an
automatic disabling of a fabric data link. The value of num can range
from 1 to 65535.

Defaults
The occurence of time alignment errors on a fabric data link will not cause automatic disabling of
the link.

Mode
Switch mode, read‐write.

Usage
Use this command to configure the number of time alignment errors that must occur on a fabric
data link to trigger an automatic disabling of that link. If you specify unlimited, time alignment
errors will never trigger an automatic disabling of a link.
You can also use the clear system fabric max‐ta command to reset this parameter to its default
value of unlimited.

Example
This example sets the number of time alignment errors required to 10.
matrix-x(switch-su)-> set system fabric max-ta 10

2-42 Managing Hardware

clear system fabric max-ta Fabric Module Commands

clear system fabric max-ta

This command reconfigures the number of time alignment errors that will cause an automatic
disabling of a fabric data link to the default to unlimited.

Syntax
clear system fabric max-ta

Parameters
None.

Defaults
The occurence of time alignment errors on a fabric data link will not cause automatic disabling of
the link.

Mode
Switch mode, read‐write.

Usage
Use this command to reset the number of time alignment errors that must occur on a fabric data
link to trigger an automatic disabling of that link to the default of unlimited.
You can also use the set system fabric max‐ta command to reset this parameter to its default value
of unlimited.

Example
This example resets the number of time alignment errors required to unlimited.
matrix-x(switch-su)-> clear system fabric max-ta 10

set system fabric max-tx-fifo-overflow

This command configures the number of transmit FIFO overflow errors that will cause an
automatic disabling of a fabric data link.

Syntax
set system fabric max-tx-fifo-overflow {unlimited | num}

Parameters
unlimited Specifies that transmit FIFO overflow errors will not cause an automatic
disabling of a fabric data link. This is the default.
num Specifies the number of transmit FIFO overflow errors that will cause an
automatic disabling of a fabric data link. The value of num can range
from 1 to 65535.

Defaults
The occurence of transmit FIFO overflow errors on a fabric data link will not cause automatic
disabling of the link.

Matrix X Router Command Line Interface Reference Guide 2-43

Fabric Module Commands clear system fabric max-tx-fifo-overflow

Mode
Switch mode, read‐write.

Usage
Use this command to configure the number of transmit FIFO overflow errors that must occur on a
fabric data link to trigger an automatic disabling of that link. If you specify unlimited, transmit
FIFO overflow errors will never trigger an automatic disabling of a link.
You can also use the clear system fabric max‐tx‐fifo‐overflow command to reset this parameter to
its default value of unlimited.

Example
This example sets the number of transmit FIFO overflow errors required to 10.
matrix-x(switch-su)-> set system fabric max-tx-fifo-overflow 10

clear system fabric max-tx-fifo-overflow

This command reconfigures the number of transmit FIFO overflow errors that will cause an
automatic disabling of a fabric data link to the default value of unlimited.

Syntax
clear system fabric max-tx-fifo-overflow

Parameters
None.

Defaults
The occurence of transmit FIFO overflow errors on a fabric data link will not cause automatic
disabling of the link.

Mode
Switch mode, read‐write.

Usage
Use this command to reconfigure the number of transmit FIFO overflow errors that must occur on
a fabric data link to trigger an automatic disabling of that link to its default value of unlimited.
You can also use the set system fabric max‐tx‐fifo‐overflow command to reset this parameter to
its default value of unlimited.

Example
This example resets the number of transmit FIFO overflow errors required to unlimited.
matrix-x(switch-su)-> clear system fabric max-tx-fifo-overflow

2-44 Managing Hardware

set system fabric retry-period Fabric Module Commands

set system fabric retry-period

This command sets the time period to wait, in seconds, before repairing previously automatically
disabled fabric data links.

Syntax
set system fabric retry-period {unlimited | sec}

Parameters
unlimited Specifies that automatically disabled links will never be enabled
automatically.
sec Specifies the number of seconds to wait before repairing automatically
disabled fabric data links. The value of sec can range from 1 to 65535.
The default is 60 seconds.

Defaults
The default retry period is 60 seconds.

Mode
Switch mode, read‐write.

Usage
Use this command to set the length of the retry period. The default is 60 seconds. If you specify
unlimited, the router will never try to repair/enable automatically disabled fabric data links.
You can also use the clear system fabric retry‐period command to reset this parameter to its
default value of 60 seconds.

Example
This example sets the retry period to 120 seconds.
matrix-x(switch-su)-> set system fabric retry-period 120

clear system fabric retry-period

This command resets the time period to wait, in seconds, before repairing previously
automatically disabled fabric data links to the default value of 60 seconds.

Syntax
clear system fabric retry-period

Parameters
None.

Defaults
The default retry period is 60 seconds.

Mode
Switch mode, read‐write.

Matrix X Router Command Line Interface Reference Guide 2-45

Fabric Module Commands reset fabric

Usage
Use this command to reset the length of the retry period to 60 seconds.
You can also use the set system fabric retry‐period command to reset this parameter to its default
value of 60 seconds.

Example
This example resets the retry period to 60 seconds.
matrix-x(switch-su)-> clear system fabric retry-period

reset fabric
This command resets a fabric module (FM).

Syntax
reset fabric slot

Parameters
slot Specifies the slot of the FM to reset. The value of slot can be 1 or 2.

Defaults
None.

Mode
Switch mode, read‐write.

Example
This example resets the FM in slot 1.
matrix-x(switch-rw)-> reset fabric 1

2-46 Managing Hardware

reset fabric High-Availability Commands

High-Availability Commands

About System High-Availability

When two Control Modules (CMs) are installed in a Matrix X Router, the router supports a 1+1
redundant control plane. At startup, the system uses a Last Active Weighting algorithm to
determine which of the CMs becomes the active CM, and which becomes the standby CM. All
application code runs on the active CM, while the standby CM begins monitoring the active CM
for faults. If the active CM fails, the standby CM immediately reassigns itself to the active role.

Startup Modes
The Matrix X Router has three startup modes:
• Cold start — Occurs when power is first applied or when a system fault causes a failover in a
non‐redundant system configuration. With a cold start, all configuration information is
reloaded from persistent storage, all IOM ports are brought down, all tunnels are torn down,
and all dynamic routing information is cleared.
• Warm start — Occurs when a system fault causes a failover in a redundant system
configuration, but the system cannot initiate a hot start. A warm start is functionally
equivalent to a cold start, except that downtime is reduced because the standby CM
immediately takes over.
• Hot start — Occurs when a system fault causes a failover in a redundant system configuration
and the system recovers its state. Service is continued without interruption.

Early Repetitive Failure Protection

If a system develops an error condition that is “remembered” through the resilient data
mechanism, the system could enter into a repetitive failure cycle where it continuously resets
itself. In order to prevent this type of cycle, the Matrix X Router has implemented Early Repetitive
Failure Protection (ERFP) based on a timer and a mechanism that keeps track of the
synchronization status of applications, data, and processes between the two CMs, indicating
whether a redundant system can perform a hot start.
The ERFP timer is 600 seconds (10 minutes) by default, and is started during CM activation. In a
redundant system, the standby CM must be booted for the length of the timer, and all applications
and processes must be synchronized between the active and standby CMs, before a failover will
cause a hot start. If either of these conditions is not true, then if a failover occurs, the system will
perform either a cold or a warm start.
You can use the show system high‐availability command to display the current status of the
ERFP timer and the high‐availability failover status, or type, of the system. If the failover status is
not “Hot‐Redundant” (meaning that two CMs are installed and if a failover/reset of the active CM
occurs, the standby CM will take over with a hot start), the reason or reasons for the status also
will be displayed.

Memory Monitor Tool

The memory monitor tool scans memory usage on the Matrix X Router and reports information by
means of syslog messages. By default, the tool is very “quiet.” It will not report anything until the
system is above its memory utilization threshold, set to 85% by default. After the threshold is met,
the tool will, by default, simply report that the system is running low on memory.

Matrix X Router Command Line Interface Reference Guide 2-47

High-Availability Commands show system high-availability

You can adjust the logging level of the memory monitor application, haSystemMonitor, using the
set logging application command. For example, if you set the logging level to “info,” the monitor
tool will write a large amount of information and statistics to the syslog.
You can also set the parameters of the monitor tool with the set system high‐availability monitor
command, including the utilization threshold, the scan interval, and the amount of change in
memory usage required to cause a report to be generated.

Purpose
These switch‐level commands are used to display system high‐availability status and to set the
high‐availability redundancy mode.

Commands

For information about... Refer to page...

show system high-availability 2-48

set system high-availability redundancy-mode 2-51

clear system high-availability redundancy-mode 2-52

set system high-availability monitor 2-52

clear system high-availability monitor 2-54

show system high-availability

This command displays the system high‐availability status.

Syntax
show system high-availability

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Usage
This command displays information about the current high‐availability status of the system. If the
system is in the process of switching between redundant CM modules, consecutive executions of
this command will display status changes and other explanatory information.

Examples
The following example displays the output of a stable system with redundant CMs:
matrix-x(switch-su)-> show system high-availability

2-48 Managing Hardware

show system high-availability High-Availability Commands

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Tue Aug 9 14:11:01 2005
Current Time: Wed Aug 10 13:00:38 2005
Total System Uptime: 0d22h49m37s
HA-Channel: Primary - Online
Configuration: Hot-Redundant
Total Failovers Since Coldstart: 0
Early Repetitive Failure Protection: 01m00s, Expired

Control Module Information:

--------------------------------
CM1 In-Service Active Uptime:0d22h49m37s v1.1.10
CM2 In-Service Standby Uptime:0d22h43m05s v1.1.10

Monitor Values
--------------------------------
Scan Interval: 60 s (default)
In-use memory threshold:85 % (default)
Memory change delta: 10240 KB (default)
Cpu Usage threshold: 80 .0% (default)
The following example displays the output of a non‐redundant CM system.
matrix-x(switch-su)-> show system high-availability

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Tue Apr 12 00:43:19 2005
Current Time: Tue Apr 12 01:56:04 2005
Total System Uptime: 0d01h12m45s
HA-Channel: Offline
Configuration: Non-Redundant (Coldstart after Reboot)
Total Failovers Since Coldstart: 0
Early Repetitive Failure Protection: 10m00s, Waiting For In-Service Standby

Control Module Information:

--------------------------------
CM1 In-Service Active Uptime:0d01h12m45s v1.1.180
CM2 Not-Present ---

The following conditions are preventing a Hot-Redundant configuration:

--------------------------------
* No in-service standby installed

Monitor Values
--------------------------------
Scan Interval: 60 s (default)
In-use memory threshold:85 % (default)
Memory change delta: 10240 KB (default)
Cpu Usage threshold: 80 .0% (default)

The following table describes the output fields.

Output What it Displays...

System Coldstart The time when the last system cold start occurred.

Current Time The current system time.

Matrix X Router Command Line Interface Reference Guide 2-49

High-Availability Commands show system high-availability

Output What it Displays...

Total System Uptime The length of time the system has been up and operational.

HA-Channel Offline or Online.

Configuration Describes the type of restart that will occur at a failover:

• Non-Redundant (Coldstart after Reboot) — only one CM
is installed and active. Therefore, any system restart will
be a cold start.
• Hot-Redundant — a standby CM is installed and
operational, and the active and standby CMs are
synchronized. Therefore, any system restart will be a hot
start.
• Warm-Redundant (Failover = Coldstart) — a standby CM
is installed and operational, but either the ERFP timer has
not yet timed out or synchronization between the two
CMs is not complete. Therefore, any system restart will
be a warm start.

Total Failovers Since Coldstart The number of failovers since the last cold start.

Early Repetitive Failure The status of the ERFP timer. The timer must be expired
Protection before a hot start can occur.

Control Module Information Identifies CM modules.

• CM1 = module in slot CM1
• CM2 = module in slot CM2

Provides the status of the standby (non-active) CM module.

Values can be:
• Not-Present — system does not contain a redundant CM
• In-Service — redundant CM is present and operational

(Reasons) Describes the reasons why a system is not Hot-Redundant.

These can include, for example:
• No in-service standby installed
• Early repetitive failure protection timer has not expired
• <application or process> is synchronizing

High Availability Monitor Values Lists the values used by the memory monitor tool.
• delta—the amount the memory usage must change, in
kilobytes, in order to report the change
• interval—the memory scan interval, in seconds
• percent—the in-use memory threshold percentage
• cpupercent—the CPU usage threshold percentage

2-50 Managing Hardware

set system high-availability redundancy-mode High-Availability Commands

set system high-availability redundancy-mode

This command sets the startup mode in a system with redundant CMs.

Syntax
set system high-availability redundancy-mode {hot | cold}

Parameters

hot Sets the startup mode to hot start in a system with redundant CMs.
cold Sets the startup mode to warm start in a system with redundant CMs.

Defaults
Hot start in systems with redundant CMs.

Mode
Switch command, read‐write.

Usage
When a Matrix X Router has redundant CMs installed, you can use this command to cause the
system to perform a warm start in the case of a failover, rather than a hot start.

Example
The following example illustrates the output of the show system high‐availability command after
the startup mode has been set to cold.

matrix-x(switch-su)-> set system high-availability redundancy-mode cold

matrix-x(switch-su)-> show system high-availability

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Fri May 27 17:16:10 2005
Current Time: Tue May 31 11:35:58 2005
Total System Uptime: 3d18h19m48s
HA-Channel: Primary - Online
Configuration: Warm-Redundant (Failover = Coldstart)
Total Failovers Since Coldstart: 1
Last Failover: Fri May 27 18:12:50 2005
Uptime Since Last Failover: 3d17h23m08s
Early Repetitive Failure Protection: 10m00s, Expired

Control Module Information:

--------------------------------
CM1 In-Service Active Uptime:3d17h23m08s v1.1.1
CM2 In-Service Standby Uptime:3d17h21m18s v1.1.1

The following conditions are preventing a Hot-Redundant configuration:

--------------------------------
* User Configuration Induced Cold Redundancy

Monitor Values
--------------------------------
Scan Interval: 60 s (default)

Matrix X Router Command Line Interface Reference Guide 2-51

High-Availability Commands clear system high-availability redundancy-mode

In-use memory threshold:85 % (default)

Memory change delta: 10240 KB (default)
Cpu Usage threshold: 80 .0% (default)

clear system high-availability redundancy-mode

This command resets redundancy mode to hot start in systems with redundant CMs.

Syntax
clear system high-availability redundancy-mode

Parameters
None.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to reset high‐availability redundancy mode back to the default of Hot‐
Redundant for systems with redundant CMs.

Example
This example will reset the redundancy mode to Hot‐Redundant.
matrix-x(switch-rw)-> clear system high-availability redundancy-mode

set system high-availability monitor

This command sets the parameters used by the memory usage monitor tool.

Syntax
set system high-availability monitor {delta KB | interval sec | percent percent |
cpupercent percent}

Parameters
delta KB Sets the memory change delta, in kilobytes, that will trigger writing a
“change in free memory” message to the syslog. Value can range from 0
to 4,294,967,295 kilobytes. Default is 10,240 KB.
interval sec Sets the memory scan interval, in seconds. Value can range from 60 to
86,400 seconds. Default is 60 seconds.
percent percent Sets the in‐use memory threshold, as a percent. The memory usage
monitor will not report any usage statistics until memory usage has
reached this threshold. Value can range from 0%, which means that the
monitor is always on, to 100%, which disables the monitor. Default
value is 85%.

2-52 Managing Hardware

set system high-availability monitor High-Availability Commands

cpupercent percent Sets the CPU usage threshold, as a percent. The value can range from
0% to 100%, where 0% indicates disabled and 100% indicates maximum
CPU usage. If a value greater than 0% is specified, CPU usage is
monitored and if the CPU usage exceeds the specified percentage over
the prior 60 second interval, a syslog message and SNMP trap (if
configured) are sent.

Defaults
Delta default is 10,240 kilobytes.
Interval default is 60 seconds.
Percent default is 85%.
CPU usage threshold is 80%.

Mode
Switch mode, read‐write.

Usage
Use this command to change the parameters used by memory usage monitor tool.

Example
The following example sets the in‐use memory threshold to 50% and the scan interval to 120
seconds. Then, the show system high‐availability command is executed to confirm the changes.
matrix-x(switch-rw)-> set system high-availability monitor percent 50
matrix-x(switch-rw)-> set system high-availability monitor interval 120
matrix-x(switch-su)-> show system high-availability

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Tue Feb 21 18:44:10 2006
Current Time: Tue Feb 21 19:00:40 2006
Total System Uptime: 0d00h16m30s
HA-Channel: Offline
Configuration: Non-Redundant (Coldstart after Reboot)
Total Failovers Since Coldstart: 0
Early Repetitive Failure Protection: 01m00s, Waiting For In-Service Standby

Control Module Information:

--------------------------------
CM1 In-Service Active Uptime:0d00h16m30s 1.3.0.N
CM2 Not-Present ---

The following conditions are preventing a Hot-Redundant configuration:

--------------------------------
* No in-service standby installed

Monitor Values
--------------------------------
Scan Interval: 120 s
In-use memory threshold:50 %
Memory change delta: 10240 KB (default)
Cpu Usage threshold: 80 .0% (default)

Matrix X Router Command Line Interface Reference Guide 2-53

High-Availability Commands clear system high-availability monitor

clear system high-availability monitor

This command resets the memory monitor parameters to their default values.

Syntax
clear system high-availability monitor {delta | interval | percent | cpupercent}

Parameters
delta Resets the memory change delta to the default of 10,240 KB.
interval Resets the memory scan interval to the default of 60 seconds.
percent Resets the in‐use memory threshold to the default value of 85%.
cpupercent Resets the CPU usage threshold to the default value of 80%.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to reset the parameters used by the memory monitor tool to their default
values.

Example
The following example resets the in‐use memory threshold and the scan interval to their default
values. Then, the show system high‐availability command is executed to confirm the changes.
matrix-x(switch-rw)-> clear system high-availability monitor percent
matrix-x(switch-rw)-> clear system high-availability monitor interval
matrix-x(switch-su)-> show system high-availability

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Tue Feb 21 18:44:10 2006
Current Time: Tue Feb 21 19:04:39 2006
Total System Uptime: 0d00h20m29s
HA-Channel: Offline
Configuration: Non-Redundant (Coldstart after Reboot)
Total Failovers Since Coldstart: 0
Early Repetitive Failure Protection: 01m00s, Waiting For In-Service Standby

Control Module Information:

--------------------------------
CM1 In-Service Active Uptime:0d00h20m29s 1.3.0.N
CM2 Not-Present ---

The following conditions are preventing a Hot-Redundant configuration:

--------------------------------
* No in-service standby installed

2-54 Managing Hardware

clear system high-availability monitor High-Availability Commands

Monitor Values
--------------------------------
Scan Interval: 60 s (default)
In-use memory threshold:85 % (default)
Memory change delta: 10240 KB (default)
Cpu Usage threshold: 80 .0% (default)

Matrix X Router Command Line Interface Reference Guide 2-55

High-Availability Commands clear system high-availability monitor

2-56 Managing Hardware

3
Managing Firmware

This chapter describes how to manage the firmware boot image, and how to update the FPGA
code on CMs and IOMs. This chapter also includes information about hitless upgrades.

For information about... Refer to page...

Configuring Boot Firmware and FPGA Code 3-1

Hitless Upgrade 3-13

Configuring Boot Firmware and FPGA Code

Purpose
These switch commands are used to display and set the image file the Matrix X Router loads at
startup, to synchronize the boot image and FPGA code on the active and standby CMs, and to
update the bootloader code on the CMs and IOMs.

Commands

For information about... Refer to page...

show boot system 3-2

show boot backup 3-2

set boot system 3-3

set boot backup 3-4

update system cm bootloader 3-4

update system cm bios 3-6

update system cm fpga 3-7

update system cm images 3-8

update system iom bootloader 3-9

update system iom fpga 3-12

Matrix X Router Command Line Interface Reference Guide 3-1

Configuring Boot Firmware and FPGA Code show boot system

show boot system

This command displays the firmware image the switch loads at startup.

Syntax
show boot system

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Usage
When the Matrix X Router is shipped from the factory, it is loaded with the latest firmware image,
which is configured as both the current boot image and the next boot image.

Example
The following example displays the switch’s boot firmware image:
matrix-x(switch-su)-> show boot system
Current boot image is images/28apr.xsi
Version 1.1.0.N
04/28/05 00:45:48 /view/BUILD_X-SERIES_1.1.0.N_28-APR-2005
Enterasys Networks Matrix X
crc 0x151dedd1
Next boot image is images/28apr.xsi
Version 1.1.0.N
04/28/05 00:45:48 /view/BUILD_X-SERIES_1.1.0.N_28-APR-2005
Enterasys Networks Matrix X
crc 0x151dedd1

show boot backup

This command displays the backup firmware image.

Syntax
show boot backup

Parameters
None.

Mode
Switch command, read‐only.

3-2 Managing Firmware

set boot system Configuring Boot Firmware and FPGA Code

Usage
When the Matrix X Router is shipped from the factory, it is loaded with the latest firmware image,
which is configured as both the current boot image and the next boot image. If you execute the
show boot backup command, you will see a file named “last‐known‐good.xsi” displayed as the
backup boot image. This backup image file is the same as the current boot image and can be used
to boot the system if necessary.
When you upgrade your system to a new firmware version, you may want to replace this factory
backup file with the image file that you are replacing, as a more meaningful backup file. Use the
set boot backup command to set the backup firmware image.

Example
The following example displays the switch’s backup firmware image:
matrix-x(switch-su)-> show boot backup
Backup boot image is images/last-known-good.xsi
Version 1.0.6.N
03/13/05 01:04:03 /view/BUILD_X-SERIES_1.0RC1_13-MAR-2005
Enterasys Networks Matrix X
crc 0x2dd4d4b2

set boot system

This command sets the firmware image the Matrix X Router loads at startup.

Syntax
set boot system images/filename

Parameters

images/filename Specify the name and path to the firmware image file. Image files must
be located in the images/ directory.

Defaults
None.

Mode
Switch command, read‐write.

Usage
When you execute this command, the system copies the contents of the specified file to the
location from which the system will boot next time. The system does not actually boot from the
file. Therefore, if you execute the set boot system command, then change the contents of the file
you specified and reboot the system without executing the set boot system command again, the
changes you made after executing the command will not take affect.
Firmware image files must be located in the images/ directory and must end in .xsi.

Note: This command will take a few moments to execute as it updates the flash. Wait for the
system prompt to be displayed before attempting to enter any further CLI commands.

Matrix X Router Command Line Interface Reference Guide 3-3

Configuring Boot Firmware and FPGA Code set boot backup

Example
The following example sets the boot firmware image file to the file named bootimage.xsi located in
the images/ directory on the file system:
matrix-x(switch-su)-> set boot system images/bootimage.xsi

set boot backup

This command sets the backup firmware image for the Matrix X Router. This emergency image
file is saved in the images/ directory.

Syntax
set boot backup images/filename

Parameters

images/filename Specify the name and path to the firmware image file. Image files must
be located in the images/ directory and must end in .xsi.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example sets the boot backup firmware image file to the file named backup_image.xsi
located in the images/ directory:
matrix-x(switch-su)-> set boot backup images/backup_image.xsi
Validating images/backup_image.xsi ... Ok
Setting file images/backup_image.xsi to be the backup image
done

update system cm bootloader

This command updates the bootloader on CMs to the expected version.

Syntax
update system cm bootloader

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

3-4 Managing Firmware

update system cm bootloader Configuring Boot Firmware and FPGA Code

Usage
Refer to the Release Notes accompanying X Router firmware releases to discover whether a
bootloader software update is required. Alternatively, use the show system hardware command
to display the expected and actual bootloader versions on the CMs. If a mismatch exists, the
output of the command will note the mismatch.
When you execute the update system cm bootloader command, if the system detects a difference
between the revision of bootloader code on the CMs and the revision of bootloader code in the
firmware package used to boot the system, the system will update the bootloader code on both the
active and standby CMs.

Example
The following example illustrates the use of the update system cm bootloader command. First,
the show system hardware command is used to discover if the actual bootloader version matches
the expected version. Since they do not match, the update system cm bootloader command is
used to update the version.
matrix-x(switch-su)-> show system hardware cm 1

CM SLOT 1
Model: CM Version 1.0
State: Active
905 Part number: 9053167000
905 Serial number: 042500270004
940 Part number: 0000000000
940 Serial number: 000000000000
Part number: Part Num Not Set
Part number: Part Num Not Set
Board rev: 2.6
Board ID: 1.0
Engineering ID: 3
Hardware State: OK
Software State: OK
Bios Expected: 4.6.3
Bios Actual: 4.6.3
Bootloader Expected: 1.7
Bootloader Actual: 1.6
** Warning - actual version less than expected. Upgrade suggested **
FPGA Expected: 3.28
FPGA Actual: 3.28
Memory Size: 905176 KB
Flash Size: 1024 MB

matrix-x(switch-su)-> update system cm bootloader

This will update the cm bootloader if needed

Do you really want to do this (Y/N)? y

Performing bootloader update (if needed) on standby cm

Standby bootloader updated

Performing bootloader update (if needed) on active cm

Active bootloader updated

The cm bootloaders have been updated to the expected version

matrix-x(switch-su)- >

Matrix X Router Command Line Interface Reference Guide 3-5

Configuring Boot Firmware and FPGA Code update system cm bios

update system cm bios

This command updates the BIOS on CMs to the expected version.

Syntax
update system cm bios

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Refer to the Release Notes accompanying X Router firmware releases to discover whether a BIOS
update is required. Alternatively, use the show system hardware command to display the
expected and actual BIOS versions on the CMs. If a mismatch exists, the output of the command
will note the mismatch.
When you execute the update system cm bios command, if the system detects a difference
between the revision of BIOS code on the CMs and the revision of BIOS code in the firmware
package used to boot the system, the system will update the BIOS code on both the active and
standby CMs.

Example
The following example illustrates the use of the update system cm bios command. First, the show
system hardware command is used to discover if the actual BIOS version matches the expected
version. Since they do not match, the update system cm bios command is used to update the
version.
matrix-x(switch-su)-> show system hardware cm 1

CM SLOT 1
Model: CM Version 1.0
State: Active
905 Part number: 9053167000
905 Serial number: 044000296607
940 Part number: 0000000000
940 Serial number: 000000000000
Part number: Part Num Not Set
Part number: Part Num Not Set
Board rev: 3.0
Board ID: 1.0
Engineering ID: 9
Hardware State: OK
Software State: OK
Bios Expected: 4.6.8
Bios Actual: 4.6.3
** Warning - actual version less than expected. Upgrade suggested **
Bootloader Expected: 1.9
Bootloader Actual: 1.9

3-6 Managing Firmware

update system cm fpga Configuring Boot Firmware and FPGA Code

FPGA Expected: 3.31

FPGA Actual: 3.31
Memory Size: 1032760 KB
Flash Size: 512 MB

matrix-x(switch-su)-> update system cm bios

Standby CM not present
This command will update the active and standby cm bios if needed.

Warning. Update command must be allowed to complete and can not be aborted using
control-c. Do not under any circumstances remove or reset any cards in the system
during this processing. This command may take up to 2 minutes. Are you sure you
want to continue?

Do you really want to do this (Y/N)? y

Standby CM not present

Performing bios update (if needed) on active cm Active cm bios slot cm1:
Update Successful

update system cm fpga

This command can be used to update the FPGA software on the two CMs.

Syntax
update system cm fpga

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Refer to the Release Notes accompanying X Router firmware releases to discover whether an
FPGA software update is required. Alternatively, use the show system hardware command to
display the expected and actual FPGA versions on the CMs and IOMs. If a mismatch exists, the
output of the command will note the mismatch.
When you execute the update system cm fpga command, if the system detects a difference
between the revision of FPGA code on the PROMs and the revision of FPGA code in the firmware
package used to boot the system, the system will update the contents of the FPGA PROMs on both
the active and standby CMs. If the update is performed, you will then be prompted to reboot the
system in order to start using the updated FPGA code.

Example
The following example illustrates the use of the update system cm fpga command.
matrix-x(switch-rw)-> update system cm fpga

Matrix X Router Command Line Interface Reference Guide 3-7

Configuring Boot Firmware and FPGA Code update system cm images

This will update the cm fpga if needed

The process takes up to 6 minutes

Do you really want to do this (Y/N)?Y

Performing fpga update on standby cm

This process could take up to 3 minutes
Do NOT reset the card until update is complete
/ens/sbin/fpgaload: Reading fpga file into memory
/ens/sbin/fpgaload: Reading fpga file complete

/ens/sbin/fpgaload: Loading /ens/fpga/cmf_v3.26.xsvf [6384586 bytes] into fpga -

pass 1

feawaitTime phase[2]...
feawaitTime phase[3]...
feawaitTime phase[4]...
feawaitTime phase[5]...
feawaitTime phase[6]...
feawaitTime phase[7]...
feawaitTime phase[8]...
feawaitTime phase[9]...
feawaitTime phase[10]...
feawaitTime phase[11]...
feawaitTime phase[12]...
feawaitTime phase[13]...
feawaitTime phase[14]...
feawaitTime phase[15]...
/ens/sbin/fpgaload: Execution Time = 178.590 seconds
/ens/sbin/fpgaload: FPGA Load Complete

Active fpga updated

At least one cm fpga was upgraded

It is strongly recommended to reset the system

matrix-x(switch-su)->

update system cm images

This command can be used to synchronize the firmware image software between the two CMs.

Syntax
update system cm images

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

3-8 Managing Firmware

update system iom bootloader Configuring Boot Firmware and FPGA Code

Usage
When you execute the update system cm images command, the system updates the /image
directory on the standby CM with the contents of the /image directory on the active CM. If the
standby CM had been running a firmware version different from the active CM firmware version,
the standby CM will automatically reset after the update process. If the standby CM had been
running the same firmware version, no reset will occur.
Note that if you update the FPGA code and reboot the system, the active and standby CMs will
automatically synchronize their running firmware images. Therefore, executing the update
system cm images command after executing the update system cm fpga command should not
cause a reset of the standby CM, although the contents of the /image directory may change. For
example, non‐running images such as a backup image may be updated, but this would not cause a
reset.

Example
The following example illustrates the use of the update system cm image command.
matrix-x(switch-rw)-> update system cm images

This will update the standby cm image directory if needed

The process takes up to 3 minutes and may reboot the standby cm

Do you really want to do this (Y/N)?

update system iom bootloader

This command updates the bootloader on IOMs to the expected version.

Syntax
update system iom bootloader [iomSlot n]

Parameters
iomSlot n (Optional) Updates a single IOM only. The value of n can range from 1
to 16, depending on the number of IOM slots in the chassis.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Refer to the Release Notes accompanying X Router firmware releases to discover whether a
bootloader software update is required. Alternatively, use the show system hardware command
to display the expected and actual bootloader versions on the IOMs. If a mismatch exists, the
output of the command will note the mismatch.
When you execute the update system iom bootloader command, if the system detects a difference
between the revision of bootloader code on the IOMs and the revision of bootloader code in the
firmware package used to boot the system, the system will update the IOM bootloader code.

Matrix X Router Command Line Interface Reference Guide 3-9

Configuring Boot Firmware and FPGA Code update system iom bootloader

Example
The following example illustrates the use of the update system iom bootloader command. First,
the show system hardware command is used to discover if the actual bootloader version matches
the expected version. Since they do not match on one of the IOMs, the update system iom
bootloader command is used to update the version. (Not all of the output of the show system
hardware command is displayed below.)
matrix-x(switch-su)-> show system hardware

CHASSIS HARDWARE INFORMATION

----------------------------
Chassis Type: X-Series 16-slot
905 Part number: 000000
905 Serial number: 00000000
940 Part number: 000000
940 Serial number: 00000000
Part number:
Part number:
Board rev: 0.0
Board ID: 0.0
Engineering ID: 0

[Output deleted here]

IOM MODULE INFORMATION

-------------------------
IOM SLOT 6
Model: 2 Port 10 Gigabit Ethernet (Version 1)
905 Part number: 9053172000
905 Serial number: 050700496643
940 Part number: 9403872000
940 Serial number: 050801486643
Part number: X-M2-00
Base Mac Address: 00-11-88-03-d4-ec
Board rev: 3.0
Board ID: 4.4
Engineering ID: 0
State: Board Active
Hardware State: OK
Software State: OK - In Service
Bootloader Expected: 1.20
Bootloader Actual: 1.19
** Warning - actual version less than expected. Upgrade suggested **
Uptime: 0 days 0 hours 5 mins 3 secs
Memory Size: 515404 KB
IOM SLOT 10
Model: 32 Port Gigabit Ethernet (Version 1)
905 Part number: 9053230000
905 Serial number: 050800206643
940 Part number: 9403950000
940 Serial number: 050701226641
Part number: X-G32-00
Base Mac Address: 00-11-88-03-dc-69
Board rev: 3.0
Board ID: 4.10
Engineering ID: 0
State: Board Active
Hardware State: OK
Software State: OK - In Service
Bootloader Expected: 1.20

3-10 Managing Firmware

update system iom bootloader Configuring Boot Firmware and FPGA Code

Bootloader Actual: 1.20

FPGA Expected: 3.4
FPGA Actual: 3.4
Uptime: 0 days 0 hours 4 mins 58 secs
Memory Size: 515404 KB
IOM SLOT 15
Model: 2 Port 10 Gigabit Ethernet (Version 1)
905 Part number: 9053172000
905 Serial number: 050700486643
940 Part number: 9403872000
940 Serial number: 050801816643
Part number: X-M2-00
Base Mac Address: 00-11-88-03-d4-d6
Board rev: 3.0
Board ID: 4.4
Engineering ID: 0
State: Board Active
Hardware State: OK
Software State: OK - In Service
Bootloader Expected: 1.20
Bootloader Actual: 1.20
Uptime: 0 days 0 hours 5 mins 1 secs
Memory Size: 515404 KB

matrix-x(switch-su)-> update system iom bootloader

This command will update all iom bootloaders if needed.

Do you really want to do this (Y/N)? y

Performing bootloader update (if needed) on iom6

IOM bootloader updated
Performing bootloader update (if needed) on iom10
IOM bootloader already at correct revision - no update performed
Performing bootloader update (if needed) on iom15
IOM bootloader already at correct revision - no update performed
All running IOM bootloaders have been updated

matrix-x(switch-su)->

Matrix X Router Command Line Interface Reference Guide 3-11

Configuring Boot Firmware and FPGA Code update system iom fpga

update system iom fpga

This command can be used to update the FPGA software on one or all IOMs.

Syntax
update system iom fpga [iomSlot num]

Parameters
iomSlot num (Optional) Specifies the slot of the IOM to be updated. The value of num
can range from 1 to 16, depending on the number of IOM slots in the
X Router chassis. If no slot number is specified, all IOMs are updated.

Defaults
All IOMs are updated if no slot number is entered.

Mode
Switch mode, read‐write.

Usage
Refer to the Release Notes accompanying X Router firmware releases to discover whether an
FPGA software update is required. Alternatively, use the show system hardware command to
display the expected and actual FPGA versions on the CMs and IOMs. If a mismatch exists, the
output of the command will note the mismatch.
Before you execute this command, you must put the IOM into maintenance mode by using the
reset iom command on page 2‐27.
When you execute the update system iom fpga command, if the system detects a difference
between the revision of FPGA code on the PROMs and the revision of FPGA code in the firmware
package used to boot the system, the system will update the contents of the FPGA PROMs on the
specified IOM or all IOMs. If the update is performed, you will then be prompted to reboot the
system in order to start using the updated FPGA code.
Use the update system cm fpga command to update CMs.

Example
The following example updates the FPGA code on the IOM in slot 4. Note that you must put the
IOM in maintenance mode before updating the FPGA.
matrix-x(switch-rw)-> reset iom 4 maintmode
Resetting IOM in slot 4.
matrix-x(switch-rw)->

matrix-x(switch-su)-> update system iom fpga iomSlot 4

This command will update the fpga on iom 4 if needed.

Do you really want to do this (Y/N)? Y

Performing fpga update (if needed) on iom4

3-12 Managing Firmware

update system iom fpga Hitless Upgrade

Hitless Upgrade

Overview
The hitless upgrade feature allows you to upgrade a Matrix X Router to a bugfix release without
interrupting the services the router is providing. A bugfix release typically is intended for a single
customer who is experiencing an issue that cannot wait for the next patch release for resolution.

Note: This feature does not apply to regular releases. Customers are encouraged to schedule
updates to regular releases (minor, such as 1.2, or patch, such as 1.2.1, that incorporate sets of
previous bugfixes), when those releases are available and when the router can be conveniently
reset.

If a failure occurs during a hitless upgrade, the X Router will automatically revert back to the
previous version of software. Service may be interrupted during the failure recovery.
If you decide to return to the original version of software, you can perform a “hot abort,” which
allows the X Router to gracefully return to the original image without interrupting service.
In order to perform a hitless upgrade, the Matrix X Router must have two CMs installed and the
system must be capable of hot‐failover. You can use the show system high‐availability command
to confirm that the two CMs are In‐Service and that the X Router has a Hot‐Redundant
configuration.
The high‐level procedure to perform a hitless upgrade is:
1. Copy the new version of software to the X Router.
2. Use the set boot system command to set the boot image to the new software version.
3. Execute the reset system hitless command to initiate the hitless upgrade process. The
following steps occur on the CMs:
a. The standby CM reboots to begin running the new software version.
b. The standby CM becomes hot‐failover capable after completing its HA synchronization.
c. The active CM reboots to begin running the new software version. This causes a
hot‐failover to the standby CM, which is running the new software.
d. The CM that was originally active becomes a hot‐failover capable standby, after
completing its HA synchronization.
4. When the system notifies you that the hitless upgrade process is complete, accept the new
software version with the set boot hitless commit command, or revert back to the previous
software version with the set boot hitless abort command.
If, during a hitless upgrade, either CM reboots for any reason other than a hitless upgrade reboot
(to begin running the new version of software), the system automatically reverts to the old version
of software. These reboots include application crashes that cause HA to reboot the card, kernel
crashes, watchdog timers, and user reboots. Depending on the state of the upgrade, service may
be interrupted. For example, if the active CM is still running the old version of software, service
will not be interrupted as just the standby CM will need to reboot. However, if the failover has
already occurred, both CMs are running the new version of software and will need to reboot to
revert back to the old version of software and the system canʹt be assumed to be hot failover
capable.

Matrix X Router Command Line Interface Reference Guide 3-13

Hitless Upgrade reset system hitless

Commands

For information about... Refer to page...

reset system hitless 3-14

set boot hitless commit 3-20

set boot system hitless abort 3-21

reset system hitless

This command initiates a hitless upgrade.

Syntax
reset system hitless

Parameters
None.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
In order to perform a hitless upgrade, the Matrix X Router must have two CMs installed and the
system must be capable of hot‐failover. You can use the show system high‐availability command
to confirm that the two CMs are In‐Service and that the X Router has a Hot‐Redundant
configuration.
In order to perform a hitless upgrade:
1. Copy the new version of software to the X Router.
2. Use the set boot system command to set the boot image to the new software version.
3. Execute the reset system hitless command to initiate the hitless upgrade process.
4. If desired, check the progress of the upgrade using the show system high‐availability
command.
5. When the system notifies you that the hitless upgrade process is complete, you can accept the
new software version with the set boot hitless commit command, or revert back to the
previous software version with the set boot hitless abort command.
Note that you do not have to commit or abort the upgrade at this point. The X Router will
continue to operate using the software you just installed, but if any system errors occur that
cause a reboot, the system will revert back to using the previous software version, not the
software upgrade.
This command will return an error if the X Router is unable to perform the hitless upgrade. In that
case, you will have to run the reset system command to begin running the new version of
software.

3-14 Managing Firmware

reset system hitless Hitless Upgrade

Example
This example assumes two console connections, to both the active and standby CMs, and that the
commands are being entered at the console. If you execute a hitless upgrade using a Telnet
session, you will not see all the system messages displayed below, and the Telnet session will be
disconnected when the active CM reboots. After a few seconds, you can then re‐establish the
Telnet session and use the show system high‐availability command to determine when the hitless
upgrade has completed.
From the console connection on the active CM (CM2), this example first confirms that the system
is capable of doing a hitless upgrade, using the show system high‐availability command. Then
the example downloads an image via FTP with user name of “netops”.
Next, the boot image is set to the new software, and the hitless upgrade is initiated. After the
standby CM (CM1) resets successfully and is running the new software, the active CM (CM2)
resets. At this point, the example displays the output from the console connection to the other CM
(CM1) that has taken over as the active CM.
From the console connection to CM1, the show system high‐availability command is executed
again to check on the status of the hitless upgrade. When the upgrade is complete, the new
software is accepted (committed).
matrix-x(switch-rw)-> show system high-availability

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Thu Jun 23 11:39:42 2005
Current Time: Thu Jun 23 11:42:27 2005
Total System Uptime: 0d00h02m45s
HA-Channel: Primary - Online
Configuration: Hot-Redundant
Total Failovers Since Coldstart: 0
Early Repetitive Failure Protection: 10m00s, Expired

Control Module Information:

--------------------------------
CM1 In-Service Standby Uptime:0d00h01m00s v1.2.2
CM2 In-Service Active Uptime:0d00h02m45s v1.2.2

matrix-x(switch-rw)-> copy ftp://netops@10.1.221.232/Images/mxs_cm.xsi images/

23June.xsi
Enter host password for user 'netops':
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 88 100 88 0 0 88 0 0:00:01 --:--:-- 0:00:01 0

matrix-x(switch-rw)-> set boot system images/23June.xsi

Validating images/23June.xsi ... Ok
Validating images/23June.xsi on the standby CM ... Ok
Setting file images/23June.xsi to be the boot image ... done
Setting file images/23June.xsi to be the boot image on the standby CM ... done

Matrix X Router Command Line Interface Reference Guide 3-15

Hitless Upgrade reset system hitless

matrix-x(switch-rw)-> reset system hitless

WARNING: This command will start a hitless upgrade that will gracefully reset \
the cm cards.

Do you really want to do this (Y/N)? y

***************************************************************************
Hitless upgrade initiate successful
The system is now gracefully resetting cards to bring the system to the new version
of software without impacting service. It is not recommended that the user make
any configuration changes until the process is complete. Once the system is
running the new images, the user must commit the new image using the 'set boot
hitless commit' command

matrix-x(switch-rw)-> show system high-availability

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Thu Jun 23 11:39:42 2005
Current Time: Thu Jun 23 11:47:11 2005
Total System Uptime: 0d00h07m29s
HA-Channel: Primary - Online
Configuration: Non-Redundant (Coldstart after Reboot)
Total Failovers Since Coldstart: 0
Early Repetitive Failure Protection: 01m00s, Expired

Control Module Information:

--------------------------------
CM1 Synchronizing Standby
CM2 In-Service Active Uptime:0d00h07m29s v1.2.2

Replication Status:
--------------------------------
configuration data 124 MB Copying 89.6% (1944 KBPS) 00m06s remain
high-availablity data 256 MB Copy-Pending

The following conditions are preventing a Hot-Redundant configuration:

--------------------------------
* Synchronizing configuration data
* Synchronizing high-availablity data

Hitless Upgrade In Progress

--------------------------------
Hitless Upgrade Status 33% Complete

3-16 Managing Firmware

reset system hitless Hitless Upgrade

* First card reset - waiting for it to be a hot failover capable standby

matrix-x(switch-rw)->

Note: At this point, the system automatically starts a failover to the standby CM (CM1), which is already
running the new software version. The following message appears on the active CM (CM2) console,
indicating that it is resetting.

matrix-x(switch-rw)->
******************************************************
The reset that is about to occur is a part of the
hitless upgrade processing. The system will perform a
hot failover to the new version of software without
effecting service.
******************************************************
PID 399 (/ens/sbin/sham_hu) has requested a local card shutdown: "Hitless Upgrade
Processing"

Note: The rest of the example output is from the console connection to CM1, which has taken over as the
active CM.

---- ATTEMPTING SYSTEM HOTSTART ----

Checking versions of firmware programmables...

Checking bios:
expected : 4.6.3
actual : 4.6.3
Checking bootloader:
expected : 1.6
actual : 1.6
Checking fpga:
expected : 3.28
actual : 3.28

Firmware versions OK

cpu MHz : 1599.868

MemTotal: 905176 kB

Matrix X Router Command Line Interface Reference Guide 3-17

Hitless Upgrade reset system hitless

---------------------------------------------------------------------------
__ __ _ _ __ __
| \/ | __ _| |_ _ __(_)_ __ \ \/ /
| |\/| |/ _` | __| '__| \ \/ / \ /
| | | | (_| | |_| | | |> < / \
|_| |_|\__,_|\__|_| |_/_/\_\ /_/\_\

Matrix X Router
---------------------------------------------------------------------------
Copyright (c) 2004, Enterasys Networks

File: vers-mxs_cm.xsi
Version 1.2.2.P1
06/23/05 12:58:15 /view/wbrother_rc3_new
Enterasys Networks Matrix X
Special Bugfix Release
Hitless-Upgradeable
Hitless-Predecessor 0

---- HOTSTART SUCCEEDED on Thu Jun 23 11:47:52 2005 in 2s ----

Service continuation from original cold-boot on Thu Jun 23 11:39:42 2005

Username:
******************************************************
Hitless upgrade in progress - this failover occurred
Due to normal hitless upgrade processing. It is
highly recommended not to make any configuration
changes until the upgrade is complete.
******************************************************

Username: admin
Password:

Default MOTD

matrix-x(switch-su)-> show system high-availability

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Thu Jun 23 11:39:42 2005
Current Time: Thu Jun 23 11:48:19 2005
Total System Uptime: 0d00h08m37s
HA-Channel: Offline
Configuration: Non-Redundant (Coldstart after Reboot)
Total Failovers Since Coldstart: 1
Last Failover: Thu Jun 23 11:47:49 2005

3-18 Managing Firmware

reset system hitless Hitless Upgrade

Uptime Since Last Failover: 0d00h00m30s

Early Repetitive Failure Protection: 10m00s, Waiting For In-Service Standby

Control Module Information:

--------------------------------
CM1 In-Service Active Uptime:0d00h00m30s v1.2.2
CM2 Booting ---

The following conditions are preventing a Hot-Redundant configuration:

--------------------------------
* No in-service standby installed

Hitless Upgrade In Progress

--------------------------------
Hitless Upgrade Status 50% Complete
* Second card reset - waiting for it to reboot

matrix-x(switch-su)->

******************************************************
Hitless upgrade Complete - The image must be committed
(set boot hitless commit) to keep the new image as the
system image or aborted (set boot hitless abort) to
revert to the previous version of software.
******************************************************

matrix-x(switch-su)-> show system high-availability

SYSTEM HIGH-AVAILABILITY INFORMATION

------------------------------------
System Coldstart: Tue Jun 23 11:39:42 2005
Current Time: Tue Jun 23 11:50:17 2005
Total System Uptime: 0d00h09m28s
HA-Channel: Primary - Online
Configuration: Hot-Redundant
Total Failovers Since Coldstart: 1
Last Failover: Tue Jun 23 11:47:49 2005
Uptime Since Last Failover: 0d00h02m32s
Early Repetitive Failure Protection: 10m00s, Expired

Control Module Information:

--------------------------------
CM1 In-Service Standby Uptime:0d00h00m12s 1.2.0.N
CM2 In-Service Active Uptime:0d00h02m32s 1.2.0.N

Matrix X Router Command Line Interface Reference Guide 3-19

Hitless Upgrade set boot hitless commit

Hitless Upgrade In Progress

--------------------------------
Hitless Upgrade Status 83% Complete
* Both cards are now running new version of software - wait for user commit

matrix-x(switch-su)-> set boot hitless commit

Hitless upgrade commit successful - new image accepted

set boot hitless commit

This command commits the hitless upgrade, which accepts the new image installed by the
upgrade process.

Syntax
set boot hitless commit

Parameters
None.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
You can execute this command after the hitless upgrade process has completed, indicated by a
system message on the console, or by running the show system high‐availability command.
If you try to commit before the hitless upgrade processing has completed, an error message will be
returned.
You do not have to commit or abort the upgrade immediately after the hitless upgrade process has
completed. The X Router will continue to operate using the software you just installed, but if any
system errors occur that cause a reboot, the system will revert back to using the previous software
version, not the software upgrade.

Example
This example illustrates accepting the new version of software.
matrix-x(switch-rw)->
******************************************************
Hitless upgrade Complete - The image must be committed
(set boot hitless commit) to keep the new image as the
system image or aborted (set boot hitless abort) to
revert to the previous version of software.
******************************************************
matrix-x(switch-rw)-> set boot hitless commit
Hitless upgrade commit successful - new image accepted

3-20 Managing Firmware

set boot system hitless abort Hitless Upgrade

set boot system hitless abort

This command reverts the X Router system back to the original image after a hitless upgrade.

Syntax
set boot system hitless abort {cold | hot}

Parameters
cold Perform a cold restoration of the original image. Use of this parameter
causes a system reset, which will interrupt service.
hot Perform a hot restoration of the original image. Use of this parameter
does not interrupt service.

Defaults
Cold restoration.

Mode
Switch mode, read‐write.

Usage
Using the cold parameter will help to ensure that the system comes back in a known state. Using
the hot parameter allows the system to return to the original image without impacting service.
You do not have to commit or abort a hitless upgrade immediately after the hitless upgrade
process has completed. The X Router will continue to operate using the software you just
installed, but if any system errors occur that cause a reboot, the system will revert back to using
the previous software version, not the software upgrade.

Example
This example illustrates a successful hot abort.
matrix-x(switch-rw)-> set boot hitless abort hot
Hitless upgrade abort successful - reverting back to old revision
matrix-x(switch-rw)->

Matrix X Router Command Line Interface Reference Guide 3-21

Hitless Upgrade set boot system hitless abort

3-22 Managing Firmware

4
File Management

The commands described in this chapter are used for managing files on the Matrix X Router file
system, including configuration text files.
Refer to “Getting Help with CLI Syntax” on page 1‐3 for more information about completing and
listing file names in the CLI.

Commands
.

For information about... Refer to page...

dir 4-2

copy 4-6

delete 4-8

show file 4-10

usbdir 4-11

show config 4-12

configure 4-15

show startuplog 4-17

clear config all 4-18

rename 4-19

Matrix X Router Command Line Interface Reference Guide 4-1

Commands dir

dir
This command lists files stored in the file system on the active or standby CM or on an attached
USB drive.

Syntax
Four command syntaxes are shown below. Use the first one to list the files stored on the active
CM, the second one to list the files stored on the standby CM, the third one to list the files on a
USB drive attached to the active CM, and the fourth one to list the files on a USB drive attached to
the standby CM.
dir [active:] | [core | images | public | local | log | trace [/filename]]

dir standby:{core | local | log | trace [/filename]}

dir usb:pathname

dir standby:usb:pathname

Parameters
active: (Optional) Specifies that all files in all directories on the active CM
should be listed.
core (Optional) Specifies that files in the core directory on the active CM
should be listed.
images (Optional) Specifies that files in the image directory on the active CM
should be listed.
public (Optional) Specifies that files in the public directory on the active CM
should be listed.
local (Optional) Specifies that files in the local directory on the active CM
should be listed.
log (Optional) Specifies that files in the log directory on the active CM
should be listed.
trace (Optional) Specifies that files in the trace directory on the active CM
should be listed.
filename (Optional) Specifies the file in the specified directory to list. You can use
asterisks ( * ) as wildcards in filenames.
standby: Specifies that files on the standby CM should be displayed. When
displaying files on the standby CM, you must also specify the directory.
usb: pathname Specifies that files on a USB drive attached to the active or standby CM,
in the location specified by pathname, should be listed. The pathname
standby:usb: pathname
may include one or more directory levels in addition to the filename
itself.
Asterisks ( * ) may be used as wildcards in filenames, but directories
cannot be specified using a wildcard.

Defaults
If no parameters are entered, all the files in the directories on the active and standby CMs are
listed.

4-2 File Management

dir Commands

Mode
Switch command, read‐only, for all directories in the file system on the CMs.
Super‐user access privilege is required for USB access.

Usage
When the standby: or usb: parameters are not entered, files on the active CM are listed. You can
only list files in the core, log, local, or trace directories on the standby CM.
Asterisks ( * ) may be used as wildcards in filenames, but directories (on the USB drive) cannot be
specified using a wildcard.
The local directory is a non‐replicated backup area that can be used to store files that you want to
keep during a firmware upgrade or downgrade, since an upgrade or downgrade may wipe out
the public directory. The local directory will not be overwritten during a firmware upgrade or
downgrade. Note that the recommended way to back up files is to copy them to another machine
on the network.
When you list files and directories on an attached USB drive, the display also includes the amount
of available space on the drive.
An attached USB drive will automatically be mounted whenever an operation is requested, and
then unmounted after the operation has completed. The error message “USB device not present”
will be displayed if a drive cannot be mounted successfully. A filesystem must be created on the
USB drive before the drive can be connected to the X Router. The supported filesystems are FAT,
ext2, and ext3.

Examples
The following example lists all the files in the file system on the active and standby CMs. In this
case, however, there is no standby CM.
matrix-x(switch-rw)-> dir

public/
==================================================

images/
==================================================
Name : last-known-good.xsi (Backup boot image)
Type : Image
Size : 53737066 bytes
Last Access : Fri Sep 2 14:13:28 2005
Build Info : Version 1.1.0.N
05/13/05 00:42:28 /view/BUILD_X-SERIES_1.1.0.N_13-MAY-2005
Enterasys Networks Matrix X
crc 0x18d8b9d2

Name : sept1-1.2.xsi (Current boot image) (Next boot image)

Type : Image
Size : 59188926 bytes
Last Access : Fri Sep 2 14:16:49 2005
Build Info : Version 1.2.0.N
09/01/05 01:08:11 /view/BUILD_X-SERIES_1.2.0.N_01-SEP-2005
Enterasys Networks Matrix X
crc 0xf3abf55c

core/
==================================================

Matrix X Router Command Line Interface Reference Guide 4-3

Commands dir

log/
==================================================
Name : ksyms.0
Type : Log
Size : 47708 bytes
Last Access : Fri Sep 2 14:13:02 2005
Modification: Fri Sep 2 14:13:02 2005
Last Change : Fri Sep 2 14:13:02 2005

Name : syslog.log
Type : Log
Size : 230452 bytes
Last Access : Fri Sep 2 14:13:05 2005
Modification: Fri Sep 2 14:17:32 2005
Last Change : Fri Sep 2 14:17:32 2005

Name : misc.log
Type : Log
Size : 1431 bytes
Last Access : Fri Sep 2 14:12:59 2005
Modification: Fri Sep 2 14:12:59 2005
Last Change : Fri Sep 2 14:12:59 2005

trace/
==================================================
Name : ospf
Type : Trace
Size : 22509 bytes
Last Access : Fri Sep 2 14:13:48 2005
Modification: Fri Sep 2 14:17:35 2005
Last Change : Fri Sep 2 14:17:35 2005

local/
==================================================

The following example lists the files in the images directory:

matrix-x(switch-su)-> dir images
images/
==================================================
Name : last-known-good.xsi (Backup boot image)
Type : Image
Size : 53737066 bytes
Last Access : Fri Sep 2 14:17:35 2005
Build Info : Version 1.1.0.N
05/13/05 00:42:28 /view/BUILD_X-SERIES_1.1.0.N_13-MAY-2005
Enterasys Networks Matrix X
crc 0x18d8b9d2

Name : sept1-1.2.xsi (Current boot image) (Next boot image)

Type : Image
Size : 59188926 bytes
Last Access : Fri Sep 2 14:20:23 2005
Build Info : Version 1.2.0.N
09/01/05 01:08:11 /view/BUILD_X-SERIES_1.2.0.N_01-SEP-2005
Enterasys Networks Matrix X
crc 0xf3abf55c

4-4 File Management

dir Commands

The following example uses a wildcard to list all the files in the public directory that end in .cfg:
matrix-x(switch-su)-> dir public/*.cfg

public/
==================================================
Name : test4.cfg
Type : Unknown
Size : 765 bytes
Last Access : Thu Mar 31 18:43:49 2005
Modification: Mon Mar 14 22:34:08 2005
Last Change : Mon Mar 14 22:34:08 2005

Name : test5.cfg
Type : Unknown
Size : 943 bytes
Last Access : Fri Apr 1 15:32:27 2005
Modification: Thu Mar 31 18:23:36 2005
Last Change : Thu Mar 31 18:23:36 2005

Name : test6.cfg
Type : Unknown
Size : 610 bytes
Last Access : Fri Apr 8 20:07:06 2005
Modification: Thu Mar 31 18:59:27 2005
Last Change : Thu Mar 31 18:59:27 2005

The following example lists the log files on the standby CM.
matrix-x(switch-su)-> dir standby:log

standby:log/
=========================================
Name : misc.log
Type : Log
Size : 133 bytes
Last Access : Fri May 27 10:05:06 2005
Modification: Fri May 27 10:05:06 2005
Last Change : Fri May 27 10:05:06 2005

This example lists the contents on the USB drive attached to the active CM at the lowest level. In
this example, there are two directories, named “base” and “images.” Note that the amount of
available space on the USB drive is also displayed.
matrix-x(switch-su)-> dir usb:*

usb:
==================================================
Name : base
Type : Directory
Size : 16384 bytes
Last Access : Thu Feb 2 12:27:36 2006
Modification: Thu Feb 2 12:27:36 2006
Last Change : Thu Feb 2 12:27:36 2006

Name : images
Type : Directory
Size : 16384 bytes
Last Access : Thu Feb 2 12:35:36 2006
Modification: Thu Feb 2 12:35:36 2006

Matrix X Router Command Line Interface Reference Guide 4-5

Commands copy

Last Change : Thu Feb 2 12:35:36 2006

Available space on USB drive: 71221248 bytes

This example displays the contents of the base/config/ directory on a USB drive attached to the
active CM.
matrix-x(switch-su)-> dir usb:base/config/*

usb:base/config/
==================================================
Name : myconfig_2Feb
Type : Unknown
Size : 43 bytes
Last Access : Thu Feb 2 12:30:00 2006
Modification: Thu Feb 2 12:30:00 2006
Last Change : Thu Feb 2 12:30:00 2006

Available space on USB drive: 71237632 bytes

copy
This command uploads or downloads an image, core, or a CLI configuration file to or from the
Matrix X Router.

Syntax
copy source destination

Parameters

source Specifies location and name of the source file to copy. Options are a file path
on the active or standby CM, a file path on a USB drive attached to the active
or standby CM, or the URL of an FTP, SCP (secure copy), or TFTP server.
On the active CM, valid source directories that can be specified are images,
public, local, log, core, or trace. On the standby CM, valid source directories
are core, local, log, or trace, and must be preceded by the standby: prefix.
A file path on an attached USB drive is specified as usb:pathname or standby:
usb:pathname where pathname may include one or more directory levels in
addition to the filename itself.
Asterisks ( * ) may be used as wildcards in filenames, but directories cannot be
specified using a wildcard.
destination Specifies location and name of the destination where the file will be copied.
Options are a file path on the active or standby CM, a file path on a USB drive
attached to the active CM, or the URL of an FTP, SCP, or TFTP server.
Valid local file path destination directories are the images, public, core, log,
trace, or local directories on the active CM only. On the standby CM, valid
destination directories are the core, log, trace, or local directories, and must be
preceded by the standby: prefix.
A file path on an attached USB drive is specified as usb:pathname or standby:
usb:pathname where pathname may include one or more directory levels in
addition to the filename itself.

4-6 File Management

copy Commands

Defaults
None.

Mode
Switch command, read‐write.
Super‐user access privilege is required for USB access.

Usage
Image files on the X Router reside in the images directory and have the suffix .xsi. When
downloading image files to the router, the destination must be specified as images/filename.xsi.
Similarly, when uploading an image file from the router, the source must be specified as images/
filename.xsi.
Core files on the router reside in the core directory and have the suffix .core. When uploading a
core file from the router, the source must be specified as core/filename.core.
Configuration and other ASCII files on the router reside in the public directory and do not
necessarily have any suffix. When downloading or uploading these files, you must specify the file
as public/filename.
Many different types of log files reside in the log directory, in addition to the syslog log files. Use
the dir log command to display the contents of the log directory.
The local directory is a non‐replicated backup area that can be used to store files that you want to
keep during a firmware upgrade or downgrade, since an upgrade or downgrade may wipe out
the public directory. The local directory will not be overwritten during a firmware upgrade or
downgrade. Note that the recommended way to back up files is to copy them to another machine
on the network.
To copy files from or to the standby CM, you must specify standby: in the syntax. For example:
copy standby:core/*.core ftp://<username>@<host>/<remote filename>
If you do not specify standby:, it is assumed you are copying from or to the active CM file system.
An attached USB drive will automatically be mounted whenever an operation is requested, and
then unmounted after the operation has completed. The error message “USB device not present”
will be displayed if a drive cannot be mounted successfully. A filesystem must be created on the
USB drive before the drive can be connected to the X Router. The supported filesystems are FAT,
ext2, and ext3.
Note that either the source or the destination, or both, must be a local file. This command does not
copy files between remote locations.

Note: This command does not present a warning message before overwriting an existing file.

Examples
The following example downloads an image via TFTP:
matrix-x(switch-su)-> copy tftp://myhost/Images/mxs_cm.xsi images/13Aug.xsi

The following example downloads an image via FTP with user name of “netops”. If no user name
is entered, then “anonymous” will be substituted, providing an anonymous login.
matrix-x(switch-su)-> copy ftp://netops@10.1.221.232/Images/mxs_cm.xsi images/
14Aug.xsi

Matrix X Router Command Line Interface Reference Guide 4-7

Commands delete

Enter host password for user 'netops':

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 88 100 88 0 0 88 0 0:00:01 --:--:-- 0:00:01 0

The following example uploads a core file from the standby CM using secure copy:
matrix-x(switch-su)-> copy standby:core/iom4-fem-403-1110298163-v1.1.0.N.core
scp://user@10.1.221.232/core1.core

The following example uploads a configuration file from the router using TFTP:
matrix-x(switch-su)-> copy public/myconfig tftp://10.1.221.232//myconfig1

The following example copies a file on the USB drive with the pathname base/config/
myconfig_2Feb to the public/ directory on the active CM.
matrix-x(switch-su)-> copy usb:base/config/myconfig_2Feb public/myconfig_2Feb
Verifying available space on active CM's flash ...... Passed
Copying file to active CM's flash ................... Done

delete
This command removes an image, core, log, trace, or CLI configuration file from the X Router, or
from a USB drive attached to the active CM.

Syntax
Four command syntaxes are shown below. Use the first one to delete files stored on the active CM,
the second one to delete files stored on the standby CM, the third one to delete files stored on an
attached USB drive, and the fourth one to delete files stored on a USB drive attached to the
standby CM.
delete {core | images | public | local | log | trace [/filename]} [force]

delete standby:{core | local | log | trace [/filename]} [force]

delete usb:pathname [force]

delete standby:usb:pathname [force]

Parameters

core | images | public Specifies the directory location of the file to be deleted. If no filename is
| local | log | trace entered, all the files in the specified directory will offered for deletion.
filename Specifies the name of the file to be deleted. Asterisks ( * ) may be used as
wildcards in filenames.
force (Optional) Do not prompt for confirmation before deleting each file in a
group of files being offered for deletion. If this parameter is not entered,
the system will ask for confirmation before deleting each file.
Note: Confirmation will never be requested if a filename without wildcards is
specified.
standby: Specifies that the file to be deleted is on the standby CM.

4-8 File Management

delete Commands

usb:pathname Specifies the files on a USB drive attached to the active or standby CM,
in the location specified by pathname, to be deleted. The pathname may
standby:usb:pathname
include one or more directory levels in addition to the filename itself.
Asterisks ( * ) may be used as wildcards in filenames, but directories
cannot be specified using a wildcard.

Defaults
If no CM is specified, the active CM is the default.
If force is not specified, the system will ask for confirmation before deleting each file in a group of
files.

Mode
Switch command, read‐write.
Super‐user access privilege is required for USB access.

Usage
Image files on the X Router reside in the images/ directory and have the suffix .xsi. To delete an
image file, the filename must be specified as images/filename.xsi.
Core files on the X Router reside in the core/ directory and have the suffix .core. To delete a core
file, the filename must be specified as core/filename.core.
Configuration and other ASCII files on the X Router reside in the public/ directory. To delete these
files, the filename must be specified as public/filename.
Many different types of log files reside in the log directory, in addition to the syslog log files. To
delete a file in the log directory, the filename must be specified as log/filename.
The local directory is a non‐replicated backup area that can be used to store files that you want to
keep during a firmware upgrade or downgrade. To delete a file in the local directory, the filename
must be specified as local/filename.
You can use an asterisk ( * ) as a wildcard in filenames.
Use the dir command to display current file names.
If you do not use the force parameter, the system will prompt you before deleting each file in a
group of files being offered for deletion.
An attached USB drive will automatically be mounted whenever an operation is requested, and
then unmounted after the operation has completed. The error message “USB device not present”
will be displayed if a drive cannot be mounted successfully. A filesystem must be created on the
USB drive before the drive can be connected to the X Router. The supported filesystems are FAT,
ext2, and ext3.

Examples
The following example deletes the “myconfig” configuration file from the X Router:
matrix-x(switch-su)-> delete public/myconfig
The following example deletes all core files from the standby CM on the X Router. Note that the
system prompts you to delete each file separately since the force parameter is not used.
matrix-x(switch-su)-> delete standby:core/*

This will delete the file core/iom4-fem-403-1110298163-v1.1.0.N.core.

Do you really want to do this (Y/N)? y

Matrix X Router Command Line Interface Reference Guide 4-9

Commands show file

This will delete the file core/cm1-cli-2346-1112391606-v1.1.0.N.core.

Do you really want to do this (Y/N)? y

The following example deletes all the files in the “base” directory on the attached USB drive.
matrix-x(switch-su)-> delete usb:base/* force

show file
This command displays the contents of a text file located in a directory in the file system on the
active or standby CM, or on a USB drive connected to the active or standby CM.

Syntax
Four command syntaxes are shown below. Use the first one to display the contents of a text file
stored on the active CM, the second one to display contents of a file stored on the standby CM, the
third one to display contents of a file on a USB drive attached to the active CM, the fourth one to
display contents of a file on a USB drive attached to the standby CM.
show file {core | images | public | local | log | trace}/filename

show file standby:{core | local | log | trace}/filename

show file usb:pathname

show file standby:usb:pathname

Parameters

core | images | public Specifies the directory and name of the file to display.
| local | log | trace /
filename
standby: Specifies that a file on the standby CM should be displayed.
usb:pathname Specifies that a file on a USB drive attached to the active or standby CM,
in the location specified by pathname, should be displayed. The pathname
standby:usb:pathname
may include one or more directory levels in addition to the filename
itself.

Defaults
None.

Mode
Switch command, read‐only.
Super‐user access privilege is required for USB access.

Usage
This command displays the contents of a text file stored in a directory of the file system on the
active or standby CM, or on a USB drive attached to the active or standby CM. You cannot display
the contents of non‐text files, such as image or core files located in the images/ or core/ directories.
You can use the dir file to list the files stored on the file system.

4-10 File Management

usbdir Commands

When the standby: parameter is not entered, a file on the active CM is displayed. You can only
display files in the core, local, log, or trace directories on the standby CM.
An attached USB drive will automatically be mounted whenever an operation is requested, and
then unmounted after the operation has completed. The error message “USB device not present”
will be displayed if a drive cannot be mounted successfully. A filesystem must be created on the
USB drive before the drive can be connected to the X Router. The supported filesystems are FAT,
ext2, and ext3.

Example
The following example displays the contents of a text file named “myfile” in the public/ directory
on the active CM:
matrix-x(switch-su)-> show file public/myfile
set width 150
set banner motd "no message today"
set prompt "matrix-x"

usbdir
This command creates or deletes directories on a USB drive connected to the active or standby
CM.

Syntax
usbdir {create | delete} dirname [active | standby]

Parameters
create Creates a directory on an attached USB drive.
delete Deletes a directory on an attached USB drive.
dirname The name of the directory being created or deleted. The dirname may
include multiple directory levels. Wildcards are not permitted.
active | standby (Optional) Use the USB drive on the active or standby CM. Default is
the USB drive on the active CM.

Defaults
By default, the USB drive on the active CM is used.

Mode
Switch command, super‐user.

Usage
Use this command to create or delete a directory on a USB drive connected to the active or standby
CM. When deleting a directory, all of its contents, both files and directories, will be deleted
without requesting user confirmation.
An attached USB drive will automatically be mounted whenever an operation is requested, and
then unmounted after the operation has completed. The error message “USB device not present”
will be displayed if a drive cannot be mounted successfully. A filesystem must be created on the
USB drive before the drive can be connected to the X Router. The supported filesystems are FAT,
ext2, and ext3.

Matrix X Router Command Line Interface Reference Guide 4-11

Commands show config

Example
The following example lists the directories on the USB drive on the active CM, then deletes the
directory named “images.”
matrix-x(switch-su)-> dir usb:*
usb:
==================================================
Name : base
Type : Directory
Size : 16384 bytes
Last Access : Thu Feb 2 12:27:36 2006
Modification: Thu Feb 2 12:27:36 2006
Last Change : Thu Feb 2 12:27:36 2006

Name : images
Type : Directory
Size : 16384 bytes
Last Access : Thu Feb 2 12:35:36 2006
Modification: Thu Feb 2 12:35:36 2006
Last Change : Thu Feb 2 12:35:36 2006

Available space on USB drive: 71221248 bytes

matrix-x(switch-su)-> usbdir delete images

show config
This command displays the system configuration or writes the configuration to a file.

Syntax
show config [all | section1 ... sectionn] [plain | prettyprint] [outfile path-to/
outfilename] | [| search regexp]

Parameters

all (Optional) Displays default and non‐default configuration settings.

section1 ... sectionn (Optional) Displays only the specified section or sections of the
configuration. A list of valid section names can be displayed by
entering show config ?.
Note that selecting some section types may enable additional specifiers.
plain (Optional) Displays only non‐default settings, without line numbers.
This is the default behavior for output to a file.
prettyprint (Optional) Displays only non‐default settings, with line numbers. This
is the default behavior for output to the screen.

4-12 File Management

show config Commands

outfile path‐to/ (Optional) Specifies a file in which to store the configuration. Options
outfilename for path‐to are a file path on the active or standby CM, a file path on a
USB drive attached to the active or standby CM, or the URL of an FTP,
SCP (secure copy), or TFTP server.
On the active CM, valid directories that can be specified are public or
local. On the standby CM, the valid directory is local. To specify the
standby CM, you must precede the directory with
standby:—otherwise, the active CM is assumed.
A file path on an attached USB drive is specified as usb:pathname or
standby:usb:pathname where pathname may include one or more
directory levels in addition to the filename itself.
| search regexp (Optional) Displays the lines in the configuration file that match the
search regular expression.

Defaults
Display only non‐default system configuration settings to the screen, with line numbers.

Mode
Switch command, read‐write.

Usage
If no parameters are specified, only non‐default system configuration settings will be displayed.
You can combine the optional parameters. For example, if you use both the all and outfile
parameters, the system will output both default and non‐default configuration settings to the
specified file.
See Table 1‐2 on page 1‐6 for a complete description of the regular expression syntax you can use
with this command.

Examples
The following example displays the current non‐default device configuration:
matrix-x(switch-su)-> show config

1: set width 150

2: set banner motd "no message today"
3: set prompt "matrix-x"

The following example displays all the configuration parameters.

matrix-x(switch-su)-> show config all

1: set length 24
2: set width 150
3: set banner motd "no message today"
4: set prompt "matrix-x"
5: set command completion enable
6: set ntp broadcastdelay 4000
7: set ntp client disable
8: set ip dns enable
9: set ip dns domain
10: set telnet enable inbound
11: set telnet enable outbound

Matrix X Router Command Line Interface Reference Guide 4-13

Commands show config

The following example directs the output to a file named “myconfig” in the public/ directory on
the active CM.
matrix-x(switch-su)-> show config all outfile public/myconfig

The following example creates an output file named “myconfig1” on a remote server using TFTP:
matrix-x(switch-su)-> show config all outfile tftp://10.1.221.232/myconfig1

The following example searches the entire configuration for the string “versio” and displays the
results in line numbered format:
matrix-x(switch-su)-> show config all prettyprint | search versio
4: ! CM firmware version 1.5.1.N
134: set netflow export-version 5 peer-as
1618: set spantree version mstp

The following example displays the contents of the “width” section of the configuration.
matrix-x(switch-ro)-> show config width

1: !
2: # width
3: set width 150 default

4-14 File Management

configure Commands

configure
This command executes a configuration file stored on the X Router or on a remote server.

Syntax
Five command syntaxes are shown below. Use the first one to execute a file stored on the active
CM, the second one to execute a file stored on the standby CM, the third one to execute a remote
file, and the last two to execute a file on a USB drive attached to the active or standby CM.
configure {public | local}/filename [append]
configure standby:local/filename [append]
configure service://[username@]remote-host/path-to-remote-file [append]
configure usb:pathname
configure standby:usb:pathname

Parameters

public | local Specifies the directory and file name of the configuration file to execute.
/filenamee
standby: Specifies that a file on the standby CM should be executed.
service:// The URL of a remote file to be executed. Only the FTP, SCP (secure
[username@]remote‐host copy), or TFTP protocols may be used.
/path‐to‐remote‐file
append (Optional) Executes the configuration as an appendage to the current
configuration.
usb:pathname Specifies that a file on a USB drive attached to the active or standby CM,
in the location specified by pathname, should be executed. The pathname
standby:usb:pathname
may include one or more directory levels in addition to the filename
itself.

Defaults
If append is not specified, the current running configuration will be replaced with the contents of
the configuration file, EXCEPT FOR those settings that require super‐user access privileges to set
or modify. (Such as user login accounts, passwords, RADIUS server settings, and certain SNMP
settings.) Executing this command without the append parameter causes an automated reset of
the chassis.

Mode
Switch command, super‐user or read‐write (for append).

Usage
Use the append parameter to append the contents of the specified file to the current running
configuration. This is equivalent to typing the contents of the specified file directly into the CLI
and can be used, for example, to make incremental adjustments to the current configuration.
The configure filename append command can be executed by users with read‐write privileges. The
configure filename command, without append, can only be executed by users with super‐user
privileges.

Matrix X Router Command Line Interface Reference Guide 4-15

Commands configure

When you use the configure filename command without the append parameter, the system
restarts and then starts its configuration using the contents of the specified file. The current
configuration will be completely overwritten by the contents of the specified file, with the
exception of configuration settings that require super‐user privileges for modification. Note that
the file may contain commands requiring super‐user privileges for execution.
The configuration script processing does not start until all the IOMs are up (or have failed). When
script processing starts, a “startuplog” is created into which messages related to the processing are
logged. Since the login prompt may be displayed before the configuration (from the file) is
complete, you should check the contents of the “startuplog” with the show startuplog command
to ensure the configuration is complete before entering any configuration CLI commands
interactively.
If a failure occurs during script processing, the script processing is aborted and a message is
written to the startuplog.
Scripts that are executed by users with read‐write privilege level, (that is, with the append
parameter) cannot contain any commands that require super‐user privilege level. Script
processing will abort if such commands are encountered. Also, scripts run with this command
should not contain any commands that will prompt for user input. Such commands will cause the
script to abort.

Examples
The following example illustrates the error messages that will be displayed if a user with read‐
write privileges appends a configuration file to the running configuration that contains
commands that require super‐user privileges.
matrix-x(switch-rw)-> configure public/test.cfg append

Running script...
matrix-x(switch-rw)-> <efault facility local2 severity error port 120
matrix-x(switch-rw)-> <rity warning descr "Log1" port 100 state enable
matrix-x(switch-rw)-> set logging server 2 ip-addr linux12
matrix-x(switch-rw)-> set logging application snmpManager module CM level info
matrix-x(switch-rw)-> <pplication snmpMasterAgent module CM level error
matrix-x(switch-rw)-> set logging application essRmon module IOM4 level error
matrix-x(switch-rw)-> set length 80
matrix-x(switch-rw)-> set logout 60
matrix-x(switch-rw)-> set snmp community public
^
% Insufficient privilege. Requires privilege of 15 or higher. at caret.

% There were one or more errors in the configuration script

matrix-x(switch-rw)->

The following example shows the system display when the configure command is used to
completely reconfigure the router. Use of this form of the command requires super‐user
privileges.
matrix-x(switch-su)-> configure public/test.cfg

WARNING: This command will wipe out all of the configuration settings
on your router, with the exception of user access parameters.

Do you really want to do this (Y/N)? y

Restarting system.

4-16 File Management

show startuplog Commands

show startuplog
This command displays the contents of the startuplog file generated when the system is
reconfigured using the configure filename command.

Syntax
show startuplog

Mode
Switch command, super‐user.

Usage
When you use the configure filename command without the append parameter, the system
restarts and then starts its configuration using the contents of the specified file. The current
configuration will be completely overwritten by the contents of the specified file, with the
exception of configuration settings that require super‐user privileges for modification.
The configuration script processing does not start until all the IOMs are up (or have failed). When
script processing starts, a “startuplog” is created into which messages related to the processing are
logged. Since the login prompt may be displayed before the configuration (from the file) is
complete, you can check the status of the script processing with this command, to ensure the
configuration is complete before entering any configuration CLI commands interactively.
This file is only created when the system is restarted and reconfigured with the configure filename
command. The contents of this file can only be viewed using this command.

Example
This example shows sample output after the system has been restarted with the configure
command.
Username: admin
Password:

Default MOTD

WARNING: Background execution of configuration script is pending.

Use 'show startuplog' to check progress.

matrix-x(switch-su)-> show startuplog

Configuration file processing has not yet started

matrix-x(switch-su)-> show startuplog

Configuration file processing started at Thu Mar 31 19:05:15 2005
matrix-x(switch-su)-> set port mode ge.4.1 switched
matrix-x(switch-su)-> set port mode ge.4.2 switched
matrix-x(switch-su)-> set port mode ge.4.3 switched
matrix-x(switch-su)-> set port mode ge.4.4 switched
matrix-x(switch-su)-> set port mode ge.4.5 switched
matrix-x(switch-su)-> set length 80
matrix-x(switch-su)-> set snmp community public
matrix-x(switch-su)-> set snmp enable
matrix-x(switch-su)-> <ofile 1 name profile1 pvid-status enable pvid 3 \
matrix-x(switch-su)-> <file port ge.4.1 mask 16 port-st\ring ge.4.1 admin-pid 1
matrix-x(switch-su)-> set policy rule 1 tcpdestport 514 mask 16 drop
matrix-x(switch-su)-> set policy rule 1 ether 0x800 mask 16 vlan 4
matrix-x(switch-su)-> set policy rule 1 ether 0x860 mask 16 cos 5
matrix-x(switch-su)-> router

Matrix X Router Command Line Interface Reference Guide 4-17

Commands clear config all

matrix-x(router-exec)# configure terminal

matrix-x(router-config)# exit
matrix-x(router-exec)# exit
matrix-x(switch-su)->

Configuration file processing finished at Thu Mar 31 19:05:31 2005

clear config all

This command clears all user‐defined switch and router configuration parameters.

Syntax
clear config [all ]

Parameters

all (Optional) Clears all configuration parameters, system‐wide. Entering

all is optional because executing clear config clears all configuration
parameters.

Defaults
Restarts and reverts back to factory settings, EXCEPT FOR those settings that require super‐user
access privileges to set or modify. ( Such as login accounts, passwords, RADIUS server settings,
and certain SNMP settings.)

Mode
Switch command, read‐write.

Usage
This command is used to clear configuration parameters, with the exception of the super‐user
access privileges. See Defaults.

Example
The following example clears configuration parameters on the Matrix X Router:
matrix-x(switch-su)-> clear config all
WARNING: This command will wipe out most or all of the configuration settings
on your router.
Do you really want to do this (Y/N)? Y
Restarting system.

4-18 File Management

rename Commands

rename
This command renames a file within a directory on the active or standby CM or on an attached
USB drive.

Syntax
rename path‐to/old‐filename path‐to/new‐filename

Parameters

path‐to/old‐filename Specifies the file to rename. Options for path‐to are a file path on the
active or standby CM, or a file path on a USB drive attached to the
active or standby CM.
On the active CM, valid directories that can be specified are core,
images, public, local, trace, or log. On the standby CM, the valid
directories are core, local, log, or trace. To specify the standby CM, you
must precede the directory with standby:—otherwise, the active CM is
assumed.
A file path on an attached USB drive is specified as usb:pathname or
standby:usb:pathname where pathname may include one or more
directory levels in addition to the filename itself.
path‐to/new‐filename Specifies the new name for the file. The path‐to for the new filename
must be the same as the path‐to of the old filename when you are
renaming files on the active or standby CM.

Defaults
None.

Mode
Switch command, read‐write.

Usage
This command is used to rename a file within a directory in the file system on a CM or on an
attached USB drive. You cannot move the file to a different directory in the file system on a CM
with this command, although you can move files between directories on an attached USB drive.

Example
The following example renames a file named “myconfig” in the local directory on the active CM.
matrix-x(switch-rw)-> dir local

local/
==================================================
Name : myconfig
Type : Unknown
Size : 1022 bytes
Last Access : Mon Jul 10 19:57:07 2006
Modification: Mon Jul 10 19:57:23 2006
Last Change : Mon Jul 10 19:57:23 2006

matrix-x(switch-rw)-> rename local/myconfig local/my2config

Matrix X Router Command Line Interface Reference Guide 4-19

Commands rename

matrix-x(switch-rw)-> dir local

local/
==================================================
Name : my2config
Type : Unknown
Size : 1022 bytes
Last Access : Mon Jul 10 19:57:07 2006
Modification: Mon Jul 10 19:57:23 2006
Last Change : Mon Jul 10 20:39:40 2006

4-20 File Management

5
Broadcast Suppression Commands

Overview
This chapter describes the switch commands used to review, disable or set the broadcast
thresholds on one or more ports. This limits the amount of received broadcast frames that the
specified port will be allowed to switch out to other ports. Broadcast suppression protects against
broadcast storms, leaving more bandwidth available for critical data.

Note: Broadcast suppression cannot be assigned to link aggregation groups (LAGs).

Commands

For information about... Refer to page...

show port broadcast 5-1

set port broadcast 5-2

clear port broadcast 5-3

show port broadcast

This command displays port broadcast suppression information for one or more switch ports.

Syntax
show port broadcast [port-string]

Parameters
port‐string (Optional) Displays broadcast status for specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.

Defaults
If port‐string is not specified, broadcast status of all ports will be displayed.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 5-1

Commands

Usage
Use this command to display information only for ports in switching mode. Ports in routing mode
are not displayed.

Example
This example displays broadcast information for Gigabit Ethernet port 2 in slot 5:
matrix-x(switch-su)-> show port broadcast ge.5.2
Port Total BC Threshold Peak Rate Peak Rate Time
Packets (pkts/s) (pkts/s) (ddd:hh:mm:ss)
-----------------------------------------------------------------------
ge.5.2 165 148810 8 000:05:57:37

The following table provides an explanation of the command output.

Output What It Displays...

Port Port designation. For a detailed description of possible port-string values, refer to
Port Strings Used in the CLI on page 12-2.

Total BC Packets Total broadcast packets received on this port.

Threshold (pkts/s) Current broadcast threshold in packets per second on this port.

Peak Rate (pkts/s) Peak rate of broadcast transmission received on this port in packets per second.
Peak Rate Time Time (in day, hours, minutes and seconds) the peak rate was reached on this port.
(ddd:hh:mm:ss)

set port broadcast

This command sets the broadcast suppression limit, in packets per second, on one or more ports.
This sets a threshold on the broadcast traffic that is received and switched out to other ports.

Syntax
set port broadcast port-string threshold-val

Parameters

port‐string Specifies the port(s) for which to set broadcast suppression. For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.
threshold‐val Sets the packets per second threshold on broadcast traffic. If set to the
maximum value, threshold will be disabled.
• The range of values for ports with 1 Gigabit port speed is from 1 to
1488100 packets per second.
• The range of values for ports with 10 Gigabit port speed is from 1 to
14880952 packets per second.

5-2 Broadcast Suppression Commands

Commands

Defaults
Threshold is disabled.

Mode
Switch command, read‐write.

Usage
Broadcast suppression cannot be assigned to link aggregation groups (LAGs).

Example
This example shows how to set broadcast suppression to 800 packets per second on 1 Gigabit
Ethernet ports 1 through 5 in slot 1:
matrix-x(switch-su)-> set port broadcast ge.1.1-5 800

clear port broadcast

This command resets the broadcast threshold or clears the peak rate and peak time values on one
or more ports.

Syntax
clear port broadcast port-string {threshold | peak}

Parameters
port‐string Specifies the port(s) on which broadcast settings will be cleared. For a
detailed description of possible port‐string values, refer to Port Strings
Used in the CLI on page 12‐2.
threshold Clears the broadcast threshold setting.
peak Clears the broadcast peak rate and peak rate time values.

Defaults
None.

Mode
Switch command, read‐write.

Example
This example clears the broadcast threshold setting on Gigabit Ethernet ports 1 through 5 in slot 1:
matrix-x(switch-su)-> clear port broadcast ge.1.1-5 threshold

Matrix X Router Command Line Interface Reference Guide 5-3

Commands

5-4 Broadcast Suppression Commands

6
DNS Commands

This chapter describes Domain Name Service (DNS) switch commands.

Commands

For information about... Refer to page...

set ip dns domain 6-1

clear ip dns domain 6-2

set ip dns server 6-2

clear ip dns server 6-3

show ip dns 6-3

clear ip dns 6-4

set ip dns enable/disable 6-4

set ip dns domain

This command specifies the DNS domain name.

Syntax
set ip dns domain domain-name

Commands

clear ip dns server

This command removes a server from the DNS server list.
Syntax
clear ip dns server [ip-address | all]

Parameters
ip-address Specifies an IP address of a DNS server.
all Specifies all configured DNS servers.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example removes the DNS server at IP address 134.141.92.37:
matrix-x(switch-su)-> clear ip dns server 134.141.92.37

show ip dns
This command displays DNS settings. DNS translates domain names into IP addresses.
Syntax
show ip dns

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays two DNS servers and a domain name of net.com:
matrix-x(switch-su)-> show ip dns
Current State: Enabled
Default DNS domain name: net.com
DNS Name Servers Status
-------------------- -------
173.1.2.1 primary
173.1.2.100 secondary

Matrix X Router Command Line Interface Reference Guide 6-3

Commands

clear ip dns
This command removes all DNS information from the DNS table.

Syntax
clear ip dns

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example removes all DNS information from the DNS table:
matrix-x(switch-su)-> clear ip dns

set ip dns enable/disable

This command enables or disables DNS functionality.

Syntax
set ip dns {enable | disable}

Parameters
enable Enables DNS functionality.
disable Disables DNS functionality.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example enables DNS functionality:
matrix-x(switch-su)-> set ip dns enable

6-4 DNS Commands

7
LACP (802.3ad) Commands

Overview
This chapter describes the commands used to review and configure Link Aggregation Control
Protocol (LACP).
Using multiple links simultaneously to increase bandwidth is a desirable switch feature, which
can be accomplished if both sides agree on a set of ports that are being used as a Link Aggregation
Group (LAG). Once a LAG is formed from selected ports, problems with looping can be avoided
since the Spanning Tree can treat this LAG as a single port.
LACP logically groups interfaces together to create a greater bandwidth uplink, or link
aggregation, according to the IEEE 802.3ad standard. This standard allows the switch to
determine which ports are in LAGs and configure them dynamically. Since the protocol is based
on the IEEE 802.3ad specification, any switch from any vendor that supports this standard can
aggregate links automatically.
802.3ad LACP aggregations can also be run to end‐users (that is, a server) or to a router.
These switch commands are used to disable and re‐enable the Link Aggregation Control Protocol
(LACP), to display and configure LACP settings for one or more aggregator ports, and to display
and configure the LACP settings for underlying physical ports that are potential members of a
link aggregation.

Commands

For information about... Refer to page...

set lacp 7-2

show lacp 7-2

set lacp asyspri 7-4

set lacp aadminkey 7-5

clear lacp 7-5

set lacp singleportlag 7-6

clear lacp singleportlag 7-7

set lacp static 7-7

clear lacp static 7-8

show port lacp 7-9

Matrix X Router Command Line Interface Reference Guide 7-1

Commands

For information about... Refer to page...

set port lacp 7-10

clear port lacp 7-12

set lacp
This command disables or enables the Link Aggregation Control Protocol (LACP) on the device.

Syntax
set lacp {disable | enable}

Parameters
disable | enable Disables or enables LACP.

Defaults
Enable.

Mode
Switch command, read‐write.

Example
The following example disables LACP:
matrix-x(switch-su)-> set lacp disable

show lacp
This command displays information about one or more aggregator ports.

Syntax
show lacp {lagportstring | singleportlag}

Parameters

port‐string Displays LACP data for specific LAG port(s), ranging from lag.0.1 to 32.
singleportlag Displays status of single port LAG setting.

Defaults
None.

Mode
Switch command, read‐only.

7-2 LACP (802.3ad) Commands

Commands

Usage
Each Matrix X Router provides 32 virtual link aggregator ports, which are designated in the CLI as
lag.0.1 through lag.0.32. Once underlying physical ports (such as ge.x.x, tg.x.x) are associated with
an aggregator port, the resulting aggregation will be represented as one Link Aggregation Group
(LAG) with a lag.x.x port designation.
Single port LAGs are enabled or disabled with the set lacp singleportlag command.

Example
The following example displays information for aggregator port 32:
matrix-x(switch-su)-> show lacp lag.0.32
Global Link Aggregation state: enabled
Single Port LAGs: enabled

Aggregator: lag.0.32
Actor Partner
System Identifier: 00:e0:63:9d:b5:87 00:00:00:00:00:00
System Priority: 32768 32768
Admin Key: 32768
Oper Key: 32768 32768
Attached Ports: None.

The following table provides an explanation of the command output.

Output What It Displays...

Global Link Whether LACP is globally enabled on the X Router.

Aggregation state

Single Port LAGs Whether single port LAGs are enabled or disabled.

Aggregator LAG port designation. Each Matrix X Router provides 32 virtual link aggregator ports,
which are designated in the CLI as lag.0.1 through lag.0.32. Once underlying
physical ports ( ge.x.x, ge.x.x) are associated with an aggregator port, the resulting
Link Aggregation Group (LAG) is represented with a lag.x.x port designation.

Actor Local device participating in LACP negotiation.

Partner Remote device participating in LACP negotiation.

System Identifier MAC addresses for actor and partner.

System Priority System priority value which determines aggregation precedence. Only one LACP
system priority can be set on a Matrix X Router using either the set lacp asyspri
command, or the set port lacp command.

Admin Key Port’s administratively assigned key.

Oper Key Port’s operational key, derived from the admin key. Only underlying physical ports
with oper keys matching the aggregator’s will be allowed to aggregate.

Attached Ports Underlying physical ports associated with this aggregator.

Matrix X Router Command Line Interface Reference Guide 7-3

Commands

set lacp asyspri

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
This example resets single port LAGs to disabled.
matrix-x(switch-rw)-> clear lacp singleportlag

set lacp static

This command assigns one or more underlying physical ports to a Link Aggregation Group
(LAG).

Syntax
set lacp static lagportstring [key key] port-string

Parameters
lagportstring Specifies the LAG aggregator port to which new ports will be assigned,
ranging from lag.0.1 to 32.
key key (Optional) Specifies the new member port and LAG port aggregator
admin key value. Only ports with matching keys are allowed to
aggregate. Valid values are 1 ‐ 65535.
Note: This key value must be unique. If ports other than the desired underlying
physical ports share the same admin key value, aggregation will fail or undesired
aggregations will form.
port‐string Specifies the member port(s) to add to the LAG. For a detailed description
of possible port‐string values, refer to Port Strings Used in the CLI on
page 12‐2.

Defaults
If not specified, a key will be assigned according to the specified aggregator. For example a key of
4 would be assigned to lag.0.4.

Matrix X Router Command Line Interface Reference Guide 7-7

Commands

Mode
Switch command, read‐write.

Usage
At least two ports need to be assigned to a LAG port for a Link Aggregation Group to form and
attach to the specified LAG port.
Static LAG configuration should be performed by personnel who are knowledgeable about Link
Aggregation.
Mis‐configuration can result in LAGs not being formed, or in ports attaching to the wrong LAG
port, affecting proper network operation.

Example
The following example adds port 6 in slot 1 to the LAG of aggregator port 32:
matrix-x(switch-su)-> set lacp static lag.0.32 ge.1.6

clear lacp static

This command removes specific ports from a Link Aggregation Group.

Syntax
clear lacp static lagportstring port-string

Parameters
lagportstring Specifies the LAG aggregator port from which ports will be removed.
port‐string Specifies the port(s) to remove from the LAG. For a detailed description of
possible port‐string values, refer to Port Strings Used in the CLI on
page 12‐2.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Executing the clear lacp static command does not clear the LAG actor admin key value. You must
execute the clear lacp aadminkey command to clear that value.

Example
The following example removes port 6 in slot 1 from the LAG of aggregator port 32:
matrix-x(switch-su)-> clear lacp static lag.0.32 ge.1.6

7-8 LACP (802.3ad) Commands

Commands

show port lacp

This command displays link aggregation information for one or more underlying physical ports.

Syntax
show port lacp port port-string {[status {detail | summary}] | [counters]}
[sort {port | lag}]

Parameters
port port‐string Displays LACP information for specific port(s). For a detailed description
of possible port‐string values, refer to Port Strings Used in the CLI on
page 12‐2.
status detail | Displays LACP status in detailed or summary information form.
summary
counters Displays LACP counter information.
sort port | lag (Optional) When summary is specified, sorts display by port designation
or LAG ID.

Defaults
None.

Mode
Switch command, read‐only.

Examples
The following example displays detailed LACP status information for port ge.6.12. A description
of the output follows the example.
matrix-x(switch-su)-> show port lacp port ge.6.12 status detail
Port Instance: ge.6.12 PortEnableState: Enable
ActorPort: 1411 PartnerAdminPort: 1411
ActorSystemPriority: 32768 PartnerOperPort: 1411
ActorPortPriority: 32768 PartnerAdminSystemPriority: 32768
ActorAdminKey: 32768 PartnerOperSystemPriority: 32768
ActorOperKey: 32768 PartnerAdminPortPriority: 32768
ActorAdminState: -----GlA PartnerOperPortPriority: 32768
ActorOperState: -F----lA PartnerAdminKey: 1411
ActorSystemID: 00-e0-63-9d-b5-87 PartnerOperKey: 1411
SelectedAggID: none PartnerAdminState: --DCSGlp
AttachedAggID: none PartnerOperState: --DC-Glp
MuxState: Detached PartnerAdminSystemID: 00-00-00-00-00-00
DebugRxState: port Disabled PartnerOperSystemID: 00-00-00-00-00-00

In example output above, state definitions, such as ActorAdminState and Partner AdminState, are
indicated with letter abbreviations. If the show port lacp command displays one or more of the
following letters, it means the state is true for the associated actor or partner ports:
E = Expired; F = Defaulted; D = Distributing (tx enabled); C = Collecting (rx enabled);
S = Synchronized (actor and partner agree); G = Aggregation allowed; S/l = Short/Long LACP
timeout; A/p = Active/Passive LACP.

Matrix X Router Command Line Interface Reference Guide 7-9

Commands

For more information about these states, refer to set port lacp and the IEEE 802.3 2002
specification.
The following example displays summarized LACP status information for port ge.6.12:
matrix-x(switch-su)-> show port lacp port ge.6.12 status summary
Port Aggr Actor System Partner System
Pri: System ID: Key: Pri: System ID: Key:
ge.6.12 none [(32768,00e0639db587,32768),(32768,000000000000, 1411)]

The following example displays LACP counters for port ge.6.12:

matrix-x(switch-su)-> show port lacp port ge.6.12 counters
Port Instance: ge.6.12
LACPDUsRx: 0 MarkerPDUsRX: 0
LACPDUsTx: 0 MarkerPDUsTx: 0
IllegalRx: 0 MarkerResponsePDUsRx: 0
UnknownRx: 0 MarkerResponsePDUsTx: 0
ActorSyncTransitionCount: 0 PartnerSyncTransitionCount: 0
ActorChangeCount: 1 PartnerChangeCount: 0
ActorChurnCount: 0 PartnerChurnCount: 0
ActorChurnState: ChurnMonitor PartnerChurnState: ChurnMonitor
MuxState: detached
MuxReason: BEGIN = TRUE

set port lacp

This command sets link aggregation parameters for one or more ports. These settings will
determine the specified underlying physical ports’ ability to join a LAG, and their administrative
state once aggregated.

Syntax
set port lacp port port-string {[aadminkey aadminkey] [aportpri aportpri] [asyspri
asyspri] [aadminstate {lacpactive | lacptimeout | lacpagg | lacpsync | lacpcollect
| lacpdist | lacpdef | lacpexpire}] [padminsyspri padminsyspri] [padminsysid
padminsysid] [padminkey padminkey] [padminportpri padminportpri] [padminport
padminport] [padminstate {lacpactive | lacptimeout | lacpagg | lacpsync |
lacpcollect | lacpdist | lacpdef | lacpexpire}] [enable | disable]}

Parameters

port port-string Specifies the physical port(s) on which to configure LACP. For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.
aadminkey Sets the port’s actor admin key. LACP will use this value to form an oper
aadminkey key and will determine which underlying physical ports are capable of
aggregating by comparing oper keys. Aggregator ports allow only
underlying ports with oper keys matching theirs to join their LAG. Valid
values are 1 ‐ 65535.
aportpri aportpri Sets the port’s actor port priority. Valid values are 0 ‐ 65535, with lower
values designating higher priority.

7-10 LACP (802.3ad) Commands

Commands

asyspri asyspri Sets the port’s actor system priority. The LACP implementation on the
Matrix X Router uses this value to determine aggregation precedence
when there are two devices competing for the same aggregator. Valid
values are 0 ‐ 65535, with higher precedence given to lower values.
Note: Only one LACP system priority can be set on a Matrix X Router, using either
this command, or the set lacp asyspri command.
aadminstate Sets the port’s actor LACP administrative state to allow for:
lacpactive |
• lacpactive ‐ Transmitting LACP PDUs.
lacptimeout |
lacpagg | lacpsync • lacptimeout ‐ Transmitting LACP PDUs every 1 sec. verses 30 sec.
| lacpcollect | (default).
lacpdist | lacpdef |
• lacpagg ‐ Aggregation on this port.
lacpexpire
• lacpsync ‐ Transition to synchronization state.
• lacpcollect ‐ Transition to collection state.
• lacpdist ‐ Transition to distribution state.
• lacpdef ‐ Transition to defaulted state.
• lacpexpire ‐ Transition to expired state.
padminsyspri Sets a default value to use as the port’s partner priority, ranging from 0 ‐
padminsyspri 65535, with lower values given higher priority.
padminsysid Sets a default value to use as the port’s partner system ID. This is a MAC
padminsysid address.
padminkey Sets a default value to use as the port’s partner admin key. Only ports
padminkey with matching admin keys are allowed to aggregate. Valid values are
1 ‐ 65535.
padminportpri Sets a a default value to use as the port’s partner port priority, ranging
padminportpri from 0 ‐ 65535, with lower values given higher priority.
padminport Sets a a default value to use as the port’s partner admin value, ranging
padminport from 1 ‐ 65535.
padminstate Sets a port’s partner LACP administrative state. See aadminstate for valid
lacpactive | options.
lacptimeout |
lacpagg | lacpsync
| lacpcollect |
lacpdist | lacpdef |
lacpexpire
enable (Optional) Enables LACPDU processing on this port.
disable (Optional) Disables LACPDU processing on this port.

Defaults
• At least one parameter must be entered per port‐string.
• If enable or disable are not specified, port(s) will be enabled with the LACP parameters
entered.

Matrix X Router Command Line Interface Reference Guide 7-11

Commands

Mode
Switch command, read‐write.

Usage
LACP commands and parameters beginning with an “a” (such as aadminkey) set actor values.
Corresponding commands and parameters beginning with a “p” (such as padminkey) set
corresponding partner values. Actor refers to the local device participating in LACP negotiation,
while partner refers to its remote device partner at the other end of the negotiation. Actors and
partners maintain current status of the other via LACPDUs containing information about their
ports’ LACP status and operational state.

Example
The following example sets the actor admin key to 3555 for port ge.6.12:
matrix-x(switch-su)-> set port lacp ge.6.12 aadminkey 3555

clear port lacp

This command clears link aggregation settings for one or more ports.

Syntax
clear port lacp port port-string {[aadminkey] [aportpri] [asyspri] [aadminstate
{lacpactive | lacptimeout | lacpagg | lacpsync | lacpcollect | lacpdist | lacpdef
| lacpexpire | all}] [padminsyspri] [padminsysid] [padminkey] [padminportpri]
[padminport] [padminstate {lacpactive | lacptimeout | lacpagg | lacpsync |
lacpcollect | lacpdist | lacpdef | lacpexpire | all}]}

Parameters

port port‐string Specifies the physical port(s) on which LACP settings will
be cleared. For a detailed description of possible port‐string
values, refer to “Port Strings Used in the CLI” on page 12‐2.
aadminkey Clears a port’s actor admin key.
aportpri Clears a port’s actor port priority.
asyspri Clears the port’s actor system priority.
aadminstate lacpactive | Clears a port’s specific actor admin state, or all actor admin
lacptimeout | lacpagg | lacpsync state(s). For descriptions of specific states, refer to the set
| lacpcollect | lacpdist | lacpdef port lacp command.
| lacpexpire | all
padminsyspri Clears the port’s default partner priority value.
padminsysid Clears the port’s default partner system ID.
padminkey Clears the port’s default partner admin key.
padminportpri Clears the port’s default partner port priority.
padminport Deletes a partner port from the LACP configuration.

7-12 LACP (802.3ad) Commands

Commands

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example clears all link aggregation parameters for port ge.6.12:
matrix‐x(switch‐su)‐> clear port lacp port ge.6.12 aadminstate all

Matrix X Router Command Line Interface Reference Guide 7-13

Commands

7-14 LACP (802.3ad) Commands

8
Logging and Network Management Commands

Overview
The switch‐level commands in this chapter are used to set up logging, and to perform some
network management tasks.

Note: The commands in this section pertain to network management of the Matrix X Router from
the switch CLI only. For information on router-related network management tasks, including
reviewing router ARP tables and IP traffic, refer to Chapter 23, Router Configuration Commands.

For information about... Refer to page...

Configuring System Logging 8-1

Monitoring Network Events and Status 8-29

Managing Switch Network Addresses 8-33

Configuring Node Aliases 8-42

Configuring System Logging

Purpose
These switch‐level commands are used to display and configure system logging, including Syslog
server settings, logging severity levels for various applications, Syslog default settings, and the
logging buffer. This section also includes the commands for managing the system error log.

Commands
Commands to configure system logging are listed below.

For information about... Refer to page...

log 8-3

show logging all 8-3

show logging server 8-6

set logging server 8-7

clear logging server 8-8

show logging default 8-8

Matrix X Router Command Line Interface Reference Guide 8-1

Configuring System Logging

For information about... Refer to page...

set logging default 8-9

clear logging default 8-10

show logging application 8-11

set logging application 8-13

clear logging application 8-15

show logging local 8-16

set logging local 8-16

clear logging local 8-17

show logging here 8-18

set logging here 8-18

clear logging here 8-19

show logging buffer 8-20

clear logging buffer 8-22

show system error-log 8-22

clear system error-log 8-23

show logging hostname 8-23

set logging hostname 8-24

clear logging hostname 8-25

show logging interface 8-26

set logging interface 8-27

clear logging interface 8-28

8-2 Logging and Network Management Commands

Configuring System Logging

log
This command enters a message in the system log.

Syntax
log string [severity severity]

Parameters
string The text you wish to enter in the system.log file. It must be enclosed by
quotation marks.
severity (Optional) The log priority you wish to attach to this message. You can enter
severity a numeric value ranging from 1 to 8, or one of the following keywords:
alert, critical, debug, emergency, error, info, notice, warning.

Mode
Switch command, read‐write.

Usage
This command is useful for marking the syslog with a record before executing a CLI command,
allowing you to review the syslog and quickly find the location where the particular action was
taken.

Note: By default all log messages at level notice (6) or lower are written to the syslog. A severity of
notice is required to see the message by default unless you change the general logging level.

Example
The following example adds the message “LJC ‐ resetting IOM 15” with a severity priority of notice
to the system log:
matrix-x(switch-su)->log “LJC ‐ resetting IOM 15” severity notice
The following entry will be entered in the log, accessed by the show logging buffer command:
May 4 19:59:19 cm1 cli: <Notice> NOTE: LJC - resetting IOM 15

show logging all

This command displays all configuration information for system logging.

Syntax
show logging all

Parameters
None.

Defaults
None.

Matrix X Router Command Line Interface Reference Guide 8-3

Configuring System Logging

Mode
Switch command, read‐only.

Example
The following example displays all system logging information. The output shown is only partial.
matrix-x(switch-su)-> show logging all
Minimum severity level for the CM is notice(6)
Minimum severity level for IOM #4 is notice(6)

Application Module Minimum Severity Level

--------------------------------------------------------------------
AAA Security Services CM notice(6)
ACL Manager CM notice(6)
CCA IPC CM notice(6)
CLI CM notice(6)
Command Processor CM notice(6)
Control Module Manager CM notice(6)
...
Port Manager IOM4 notice(6)
System Facility 'auth' IOM4 notice(6)
System Facility 'authpriv' IOM4 notice(6)
System Facility 'daemon' IOM4 notice(6)
System Facility 'ftp' IOM4 notice(6)
System Facility 'kern' IOM4 notice(6)
System Facility 'syslog' IOM4 notice(6)

Facility Severity Port

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Defaults: local4 debug(8) 514

Syslog Console Logging disabled

Syslog File Logging enabled

ID Address/Name Facility Severity Description Port Status

-- ------------------- -------- ------------ ------------------ ------ --------
1 10.10.10.10 local0 warning(5) Log1 100 enabled
2 0.0.0.0 local4 debug(8) 514 disabled
3 0.0.0.0 local4 debug(8) 514 disabled
4 0.0.0.0 local4 debug(8) 514 disabled
5 0.0.0.0 local4 debug(8) 514 disabled
6 0.0.0.0 local4 debug(8) 514 disabled
7 0.0.0.0 local4 debug(8) 514 disabled
8 0.0.0.0 local4 debug(8) 514 disabled

The following table provides an explanation of the command output.

Output What It Displays...

Minimum severity level The current severity filters for messages coming from each module.
for CM, IOMx

Application The name of the applications being logged.

Module The module on which the application is running.

8-4 Logging and Network Management Commands

Configuring System Logging

Output What It Displays...

Minimum Severity Level The current application-specific severity filters for messages coming from each
(per application) application. For details on setting this value, refer to set logging application on
page 8-13.

Defaults: Logging server default values. These default values are set with the set logging
Facility default command. When a logging server is configured with the set logging
Severity server command and no facility, severity, or port values are explicitly configured,
Port these default values apply.

Syslog Console Logging Displays whether logging to the console is enabled or disabled. Configured with
the set logging local command.

Syslog File Logging Displays whether logging to a file is enabled or disabled. Configured with the set
logging local command.

ID The index number (ID) of configured logging servers. For details on configuring
logging servers, refer to set logging server on page 8-7.

Address/Name The IP address or name of configured logging servers. For details on

configuring logging servers, refer to set logging server on page 8-7.

Facility The facility value configured for that logging server.

Severity The severity value configured for that logging server.

Description A descriptive text string configured for that logging server.

Port The UDP port configured for that logging server.

Status The status of that logging server, either enabled or disabled.

Matrix X Router Command Line Interface Reference Guide 8-5

Configuring System Logging

show logging server

This command displays the configured Syslog servers.

Syntax
show logging server [index]

Parameters

index (Optional) Displays information pertaining to a specific server table entry,

ranging from 1 ‐ 8.

Defaults
If index is not specified, information for all Syslog servers will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays information about Syslog server 1:
matrix-x(switch-ro)-> show logging server 1

ID Address/Name Facility Severity Description Port Status

-- ------------------- -------- ------------ ------------------ ------ --------
1 10.10.10.10 local0 warning(5) Log1 100 enabled

8-6 Logging and Network Management Commands

Configuring System Logging

set logging server

This command configures a Syslog server.

Syntax
set logging server index [ip-addr {ip-addr | name}] [facility facility] [severity
severity] [descr descr] [state {enable | disable}]

Parameters
index Sets the server table index number for this server, ranging from 1 ‐ 8.
ip‐addr ip‐addr| name Sets the IP address or hostname of the Syslog server being configured.
Note: The DNS Client function must be configured before using a host name as
a parameter.
facility facility (Optional) Specifies the facility to send to this server. Valid values are:
local0 to local7.
severity severity (Optional) Specifies the minimum severity level at which the server will
log messages for applications. To specify the level, you can enter either
a number from 1 through 8, or the following keywords:
1 or emergency — emergencies (system is unusable)
2 or alert — alerts (immediate action required)
3 or critical — critical conditions
4 or error — error conditions
5 or warning — warning conditions
6 or notice — notifications (normal but significant conditions)
7 or info — informational messages
8 or debug — debugging messages
descr descr (Optional) Specifies a textual string description of this server.
state enable | disable (Optional) Enables or disables this server configuration.

Defaults
Facility, and severity will be set to defaults configured with the command set logging default on
page 8‐9.

Mode
Switch command, read‐write.

Usage
If you do not specify values for facility or severity, this entry in the Syslog server table will use the
values specified by the set logging default command, or the system default, if set logging default
has not been used to change the system defaults.

Matrix X Router Command Line Interface Reference Guide 8-7

Configuring System Logging

Example
The following command configures a Syslog server with index 1. The server’s IP address is
134.141.89.113. The facility to send to the server is set to local2, the severity filter level is set to 5,
warning, and the server row is enabled.
matrix-x(switch-rw)-> set logging server 1 ip-addr 134.141.89.113 facility local2
severity 5 state enabled

clear logging server

This command removes a server from the Syslog server table.

Syntax
clear logging server index

Parameters
index Sets the server table index number for the server to be removed, ranging from 1 ‐ 8.

Mode
Switch command, read‐write.

Example
The following example removes the Syslog server with index 1 from the server table.
matrix-x(switch-rw)-> clear logging server 1

show logging default

This command displays the Syslog server default values.

Syntax
show logging default

Mode
Switch command, read‐only.

Example
This command displays the Syslog server default values.
matrix-x(switch-ro)-> show logging default
Facility Severity Port
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Defaults: local4 debug(8) 514

8-8 Logging and Network Management Commands

Configuring System Logging

set logging default

This command sets logging default values.

Syntax
set logging default {[facility facility] [severity severity]}

Parameters

facility facility (Optional) Specifies the default facility name. Valid values are: local0
to local7. The default facility is local4.
severity severity (Optional) Specifies the default minimum severity level. To specify
the level, you can enter either a number from 1 through 8, or the
following keywords:
1 or emergency — emergencies (system is unusable)
2 or alert — alerts (immediate action required)
3 or critical — critical conditions
4 or error — error conditions
5 or warning — warning conditions
6 or notice — notifications (normal but significant conditions)
7 or info — informational messages
8 or debug — debugging messages
The default severity level is 8, debug.

Defaults
• Default facility is local4.
• Default severity level is 8, debug.
• Default UDP port is 514. Note that you cannot change the default port.

Mode
Switch command, read‐write.

Usage
The default parameter values specified with this command are applied when Syslog servers are
configured without specifying values for these parameters. They also provide the default severity
level and facility code for local destinations — that is, the console or local file.

Matrix X Router Command Line Interface Reference Guide 8-9

Configuring System Logging

Example
The following example sets the Syslog default facility name to local2, the severity level to 5
(warning conditions). The default UDP port is not changed.
matrix-x(switch-su)-> set logging default facility local2 severity 5
matrix-x(switch-su)-> show logging default
Facility Severity Port
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Defaults: local2 warning(5) 514

clear logging default

This command resets logging default values.

Syntax
clear logging default [facility] [severity]

Parameters

facility (Optional) Resets the default facility name to local4.

severity (Optional) Resets the default logging severity level to 8 (debug).

Defaults
• Facility default is local4.
• Severity default is 8, debug.
• UDP port default is 514. Note that this value cannot be changed.

Mode
Switch command, read‐write.

Usage
To reset all logging values to defaults, execute the command without any parameters.

Example
The following example displays the current defaults, then resets the default severity level to 8:
matrix-x(switch-rw)-> show logging default
Facility Severity Port
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Defaults: local2 warning(5) 514

matrix-x(switch-rw)-> clear logging default severity

matrix-x(switch-rw)-> show logging default
Facility Severity Port
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Defaults: local2 debug(8) 514

8-10 Logging and Network Management Commands

Configuring System Logging

show logging application

This command displays the severity level of Syslog messages for one or all applications
configured for logging on your system.

Syntax
show logging application {name | all} [module string1 ... stringn]

Parameters
name | all (Optional) Displays logging severity level for one or all applications
configured for logging. Application names will vary depending on the
number and types of applications running on your system.
module string1 ... (Optional) Displays minimum application logging severity level and
stringn destination for specified line cards. The module string can be cm, iom1
through iom16. You can specify multiple modules per command, separated
by spaces.

Defaults
None.

Mode
Switch command, read‐only.

Usage
If you want to display information about a specific application, enter only the name of that
application. To display valid names that can be entered, type the command keywords followed by
a ? (for example, show logging application ?).
When you enter a ?, the running applications are displayed in two columns. The left column lists
the system “tag” name which is what you would see in a syslog message. The right column
displays a more readable and descriptive “display” name for the same application which is
displayed in the actual show logging application report.
You can use the names from either column. The CLI command‐completion facility works with tag
names, but not with display names. Also, you must use quotes around display names that include
spaces or other characters.

Examples
The following example displays system logging information pertaining to the Port Manager
application:
matrix-x(switch-ro)-> show logging application portManager

Application Module Minimum Severity Level

--------------------------------------------------------------------
Port Manager CM notice(6)
Port Manager IOM4 notice(6)

Matrix X Router Command Line Interface Reference Guide 8-11

Configuring System Logging

The following example displays system logging information about all applications on the IOM
card in slot 4. The output shown is partial.
matrix-x(switch-su)-> show logging application all module iom4

Application Module Minimum Severity Level

--------------------------------------------------------------------
CCA IPC IOM4 notice(6)
Control Module Manager IOM4 notice(6)
Data Link Manager IOM4 notice(6)
ESS API Dispatcher IOM4 notice(6)
ESS Bridge MIB Manager IOM4 notice(6)
ESS Broadcast Status IOM4 notice(6)
ESS CDP IOM4 notice(6)
ESS CLI IOM4 notice(6)
ESS CLI Configuration IOM4 notice(6)
ESS CPU Message IOM4 notice(6)
...

The following table provides an explanation of the command output.

Output What It Displays...

Application The names of the applications being logged.

Module The module on which the application is running.

This command resets the minimum logging severity level for one or all applications to the default
value of 6 (notifications of significant conditions).

Syntax
clear logging application {name | all} [module string1 ... stringn]

Parameters
name | all Resets the severity level for a specific application or for all applications.
module string1 (Optional) Specifies the cards on which to reset logging level. The module
... stringn string can be cm, iom1 through iom16. You can specify multiple modules
per command.

Defaults
If no parameters are specified, the level is reset to 6, notice, for all applications.

Mode
Switch command, read‐write.

Usage
If you want to clear logging for a specific application, enter only the name of that application. To
display valid names that can be entered, type the command keywords followed by a ? (for
example, clear logging application ?).
When you enter a ?, the running applications are displayed in two columns. The left column lists
the system “tag” name which is what you would see in a syslog message. The right column
displays a more readable and descriptive “display” name for the same application which is
displayed in show logging application reports.
You can use the names from either column. The CLI command‐completion facility works with tag
names, but not with display names. Also, you must use quotes around display names that include
spaces or other characters.

Example
The following example resets the severity level for all applications:
matrix-x(switch-su)-> clear logging application all

Matrix X Router Command Line Interface Reference Guide 8-15

Configuring System Logging

show logging local

This command displays the state of message logging to the console and a persistent file.

Syntax
show logging local

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.
Router command, all modes.

Example
The following example indicates local message logging is enabled for the console and a file:
matrix-x(switch-su)-> show logging local
Syslog Console Logging enabled
Syslog File Logging enabled

set logging local

This command configures local logging to the console or a file.

Syntax
set logging local console {enable | disable} file {enable | disable}

Parameters
console enable | disable Enables or disables logging to the console.
file enable | disable Enables or disables logging to a persistent file.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Local destinations (console or log file) implicitly take their minimum severity levels and desired
facility codes from the system defaults or the defaults set with the set logging default command.

8-16 Logging and Network Management Commands

Configuring System Logging

Example
This command enables logging to the console and disables logging to a persistent file.
matrix-x(switch-rw)-> set logging local console enable file disable

clear logging local

This command returns local logging to the default condition for the local session.

Syntax
clear logging local

Parameters
None.

Defaults
• File logging enabled.
• Console logging disabled.

Mode
Switch command, read‐write.

Usage
The default condition for local logging is file logging enabled and console logging disabled.

Example
The following example clears local logging:
matrix-x(switch-rw)-> clear logging local

matrix-x(switch-rw)-> show logging local

Syslog Console Logging disabled
Syslog File Logging enabled

Matrix X Router Command Line Interface Reference Guide 8-17

Configuring System Logging

show logging here

This command displays the state of message logging to the current CLI session.

Syntax
show logging here

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example indicates message logging is disabled for the current CLI session:
matrix-x(switch-ro)-> show logging here
Logging is disabled on this terminal.

set logging here

This command enables or disables the current CLI session as a Syslog destination.

Syntax
set logging here [enable] | disable

Parameters
enable (Optional) Enables logging Syslog messages to the current CLI session.
If you execute this command without entering either parameter,
logging to the current CLI session in enabled.
disable Disables displaying Syslog messages for the current CLI session.

Defaults
Executing the command without any parameter enables logging to the current CLI session.

Mode
Switch command, read‐write.

Usage
Local destinations implicitly take their minimum severity levels and desired facility codes from
the system defaults or the defaults set with the set logging default command.

8-18 Logging and Network Management Commands

Configuring System Logging

The effect of this command will be temporary if the current CLI session is using Telnet or SSH, but
persistent on the console.

Example
This command enables logging to the current CLI session.
matrix-x(switch-rw)-> set logging here
matrix-x(switch-rw)-> show logging here
Logging is enabled on this terminal.

clear logging here

This command returns logging to the default condition of disabled for the CLI session.

Syntax
clear logging here

Parameters
None.

Defaults
Disabled.

Mode
Switch command, read‐write.

Usage
Display of logging messages to the current CLI session is disabled by default.

Example
The following example clears logging to the current CLI session:
matrix-x(switch-rw)-> clear logging here

matrix-x(switch-rw)-> show logging here

Logging is disabled on this terminal.

Matrix X Router Command Line Interface Reference Guide 8-19

Configuring System Logging

show logging buffer

This command displays the contents of the logging buffer.

Syntax
show logging buffer [lines {all | num}] [severity level] [since [mm/dd]
[hh:mm[:ss]]] [| {search | exclude} string]

Parameters
lines all | num (Optional) Display all the lines in the buffer, or only the last num lines.
The value of num can range from 1 to 1000. If the lines parameter is not
used, the last 256 messages are displayed, except when the since
parameter is used.
severity level (Optional) Filter the output by severity level. To specify the level, you
can enter either a number from 1 through 8, or the following keywords:
1 or emergency — emergencies (system is unusable)
2 or alert — alerts (immediate action required)
3 or critical — critical conditions
4 or error — error conditions
5 or warning — warning conditions
6 or notice — notifications (significant conditions)
7 or info — informational messages
8 or debug — debugging messages
since [ mm/dd ] (Optional) Filter the output by date. You can enter just the month and
[ hh:mm[:ss] ] day (mm/dd), and/or just the hour and minute (hh:mm), and/or the
second (hh:mm:ss).
Use of this parameter assumes an implicit lines all parameter value,
unless a number of lines is explicitly specified with the lines parameter.
| {search | exclude } (Optional) Display (search) or hide (exclude) the lines in the logging
string buffer that match the string, which can be an application name or
regular‐expression. Refer to Table 1‐2 on page 1‐6 for a list of the
regular‐expression operators.

Defaults
The last 256 messages in the buffer are displayed if no line parameter value is specified, except in
the case of the since parameter, when lines all is implied.

Mode
Switch command, read‐only.
Router command, all modes.

8-20 Logging and Network Management Commands

Configuring System Logging

Usage
Since the logging buffer can become quite large, the default behavior of this command is to
display only the last 256 lines, or messages, logged in the buffer. You can use the lines parameter
to display all the lines in the buffer, or a specific number of lines from the end of the logging
buffer. You can use the since parameter to filter the output by date and time, and the severity
parameter to filter by severity level.
Use the | search parameter to display the output of a search of the buffer contents, based on either
an application name or a regular expression. Refer to Table 1-2 on page 1‐6 for a complete description
of regular expression operators.
Use the | exclude parameter to not display the lines of the buffer that contain the specified
application name or regular expression.
If paging is enabled, you can stop the output at the ‐‐MORE‐‐ prompt by typing “q”. If paging is
not enabled (set length 0), then you cannot manually stop the display. It will continue until all the
lines you requested have been displayed.

Examples
The following example displays the last 8 lines of the logging buffer:
matrix-x(switch-su)-> show logging buffer lines 8
Aug 17 19:45:40 iom4 essSmon: <Critical> [19:45:39] SMON:
verify_smon_stats_entry_exists
Aug 17 19:45:45 iom4 essSmon: <Critical> [19:45:45] SMON: stop_smon_stats_entry
Aug 17 19:45:45 iom4 essSmon: <Critical> [19:45:45] SMON:
verify_smon_stats_entry_exists
Aug 17 19:45:45 cm1 essSmon: <Critical> SMON: start_smon_stats_entry
Aug 17 19:45:45 cm1 essSmon: <Critical> SMON: verify_smon_stats_entry_exists
Aug 17 19:45:45 iom4 essSmon: <Critical> [19:45:45] SMON: start_smon_stats_entry
Aug 17 19:45:45 iom4 essSmon: <Critical> [19:45:45] SMON:
verify_smon_stats_entry_exists
Aug 17 19:47:08 cm1 login: <Notice> User admin logged in via console (session 0)

The following example uses the | search parameter with a regular expression:
matrix-x(switch-su)-> show logging buffer | search "cm1.*(Interface)|(failover)"

Aug 18 17:02:05 cm1 ers: <Debug> .248725+0.000192 task_set_option: task PIM socket
18 option MulticastInterface(12) interface 10.4.0.4(vlan.1.1004)
Aug 18 17:02:05 cm1 ers: <Debug> .798782+0.000106 task_set_option: task PIM socket
18 option MulticastInterface(12) interface 10.10.45.4(vlan.1.1010)
Aug 18 17:02:06 cm1 ers: <Debug> .778870+0.000191 task_set_option: task PIM socket
18 option MulticastInterface(12) interface 10.10.45.4(vlan.1.1010)
Aug 18 17:02:07 cm1 ers: <Debug> .198893+0.000155 task_set_option: task PIM socket
18 option MulticastInterface(12) interface 1.1.1.4(loopback1)
Aug 18 17:02:08 cm1 ers: <Error> OSPF: invalid packet: No such interface (7)
Aug 18 17:02:18 cm1 ers: <Error> OSPF: invalid packet: No such interface (7)
Aug 18 17:02:28 cm1 ers: <Error> OSPF: invalid packet: No such interface (7)
Aug 18 17:02:35 cm1 ers: <Debug> .251097+0.000188 task_set_option: task PIM socket
18 option MulticastInterface(12) interface 10.4.0.4(vlan.1.1004)

Matrix X Router Command Line Interface Reference Guide 8-21

Configuring System Logging

clear logging buffer

This command clears and rotates the local syslog file.

Syntax
clear logging buffer

Parameters
None.

Defaults
None.

Mode
Switch mode, read‐write.
Router command, all modes.

Usage
When you execute this command, the system closes the current syslog.log file, renames it
syslog.log.n, and opens a new syslog.log file for logging system messages. Up to three syslog.log
files will be stored on the Matrix X Router file system—syslog.log, syslog.log.1, and syslog.log.2.
When the current syslog.log file is closed, it is renamed syslog.log.1 and if there already was a
syslog.log.1 file on the system, that file is renamed syslog.log.2, overwriting any existing
syslog.log.2 file.
The Matrix X Router file system will also rotate the syslog files automatically, when the current
file reaches 3 Mbytes in size.
Use the show logging buffer command to display the contents of the current syslog.log file.

Example
matrix-x(switch-rw)-> clear logging buffer

show system error-log

8-24 Logging and Network Management Commands

Configuring System Logging

When no router‐wide logging hostname has been configured, syslog messages are labeled only
with CM and IOM module names.
The logging hostname can be set with this command, set logging hostname, or with the set
logging interface command.
If you use the set logging interface command after executing this command, the hostname will be
changed to the specified interface, but you can then overwrite that automatically assigned
hostname with this command.
The following lines show how a configured hostname (XRouter16) is used to label syslog
messages. Note that the module name (such as cm1) is displayed after the application name (for
example, login@cm1).
Aug 4 13:43:16 XRouter16 login@cm1: <Notice> [admin@console] Logged in
Aug 4 14:16:29 XRouter16 cli@cm1: <Notice> [admin@console] Configured local user
ro (priv=ro, state=enabled)
Aug 4 14:17:02 XRouter16 cli@cm1: <Notice> [admin@console] Changed password for
local user ro
For comparison, the following lines show syslog entries when no router‐wide logging hostname
has been configured.
Aug 4 15:32:37 cm1 login: <Notice> [admin@console] Logged out
Aug 4 15:32:42 cm1 login: <Notice> [ro@console] Logged in
Aug 4 15:32:51 cm1 cli: <Notice> [ro@console] Executed 'show logging buffer lines
10'

Example
This example sets the hostname with this command, then executes the show logging hostname
command to verify the change.
matrix-x(switch-rw)-> set logging hostname XRouter16

matrix-x(switch-rw)-> show logging hostname

Messages will be tagged with host name 'XRouter16'.

clear logging hostname

This command clears the configured hostname used in syslog messages.

Syntax
clear logging hostname

Parameters
None.

Defaults
None.

Mode
Switch mode, read‐write.

Matrix X Router Command Line Interface Reference Guide 8-25

Configuring System Logging

Usage
Use this command to remove the hostname used in syslog messages. The hostname is set with the
set logging hostname command or the set logging interface command.
When no router‐wide logging hostname has been configured, syslog messages are labeled only
with CM and IOM module names.

Monitoring Network Events and Status

These commands are used to discover network reach ability, and to display and disconnect
current user sessions.

Commands

For information about... Refer to page...

ping 8-29

show users 8-31

disconnect 8-32

ping
This command sends ICMP echo‐request packets to another node on the network from the switch
or router CLI.

Syntax
ping [-s] [-b] [-i ipaddr] host [count [size]]

Parameters
‐s (Optional) Causes a continuous ping, sending one datagram per second and
printing one line of output for every response received, until the user enters Ctrl+C.
‐b (Optional) Allows pinging a broadcast address.
‐i ipaddr (Optional) Sets the source address of the Echo Request packets to the specified
interface address. The value of ipaddr can be expressed as a numeric IP address or as
an interface name
host Specifies the hostname or IP address of the device to which the ping will be sent.
count (Optional) Specifies the number of packets to send. Valid values are from 1 to
2147483647.
size (Optional) Specifies the number of data bytes to sent in each Echo Request packet.
The value of size can range from 56 to 1472 bytes.
The default value is 56, which translates into 64 ICMP data bytes when combined
with the 8 bytes of ICMP header data.

Defaults
• If ‐s is not specified, the ping will not be continuous.
• Packet count of 4.
• Packet size of 56 bytes.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 8-29

Monitoring Network Events and Status

Router privileged execution: matrix-x(router-exec)#

Usage
This command is available in both switch and router mode.
The DNS Client function must be configured before using a host name as a parameter in the ping
command.

Examples
The following example pings IP address 134.141.89.29 with 10 packets:
matrix-x(switch-su)-> ping 134.141.89.29 10
PING 134.141.89.29: 56 data bytes
64 bytes from 134.141.89.29: icmp-seq=0. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=1. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=2. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=3. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=4. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=5. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=6. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=7. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=8. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=9. time=0. ms

----134.141.89.29 PING Statistics----

10 packets transmitted, 10 packets received, 0% packet loss round-trip (ms)
min/avg/max = 0/0/0

The following example shows a continuous ping of IP address 134.141.89.29. In this case, entering
Ctrl+C after 9 iterations caused command execution to stop:
matrix-x(switch-su)-> ping -s 134.141.89.29
PING 134.141.89.29: 56 data bytes
64 bytes from 134.141.89.29: icmp-seq=0. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=1. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=2. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=3. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=4. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=5. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=6. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=7. time=0. ms
64 bytes from 134.141.89.29: icmp-seq=8. time=0. ms

----134.141.89.29 PING Statistics----

9 packets transmitted, 9 packets received, 0% packet loss round-trip (ms)
min/avg/max = 0/0/0

8-30 Logging and Network Management Commands

Monitoring Network Events and Status

show users
This command displays information about the active CLI sessions.

Syntax
show users

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example shows the output of this command. In this output, the admin user is
logged in at the console and user “johns” has a Telnet CLI session. The asterisk before the Telnet
session indicates the current session.
matrix-x(switch-su)-> show users

matrix-x(switch-su)-> show users

Session User Location

------- ---------------- ----------------
console admin console
* telnet johns 10.1.221.232

Matrix X Router Command Line Interface Reference Guide 8-31

Monitoring Network Events and Status

disconnect
This command closes a specified CLI session.

Syntax
disconnect {host | console}

Parameters
host Specifies the host name or IP address of the host session to be
disconnected. This data is displayed in the output shown in show
users on page 8‐31.
console Closes an active console session.

Defaults
None.

Mode
Switch command, read‐write.

Examples
The following example closes a Telnet session to host 10.1.221.232. Since this is the current session,
indicated by the asterisk in the show users command, the system prompts for confirmation before
terminating the session.
matrix-x(switch-su)-> show users

Session User Location

------- ---------------- ----------------
console admin console
* telnet admin 10.1.221.232

matrix-x(switch-su)-> disconnect 10.1.221.232

Disconnect current session? (y/n)

The following example closes the current console session:

matrix x(switch-su)-> disconnect console

8-32 Logging and Network Management Commands

Managing Switch Network Addresses

These commands perform traceroutes and set and display MAC address information.

Commands
For information about... Refer to page...

traceroute 8-33

show mac 8-35

clear mac 8-37

set mac 8-39

set movedaddrtrap 8-40

show movedaddrtrap 8-41

traceroute
This command displays a hop‐by‐hop path through an IP network from the router to a specific
destination host. Three UDP or ICMP probes will be transmitted for each hop between the source
and the traceroute destination.

Syntax
traceroute [-w waittime] [-f first-ttl] [-m max-ttl] [-p port] [-q nqueries]
[-s src-addr] [-r] [-d] [-t tos] [-df] [-g gateway] [-I] [-n] [-v] [-x] host
[packetlen]

Parameters

‐w waittime (Optional) Specifies time in seconds to wait for a response to a probe.

‐f first‐ttl] (Optional) Specifies the time to live (TTL) of the first outgoing probe packet.
‐m max‐ttl (Optional) Specifies the maximum time to live (TTL) used in outgoing probe
packets.
‐p port (Optional) Specifies the base UDP port number used in probes.
‐q nqueries (Optional) Specifies the number of probe inquiries.
‐s src‐addr (Optional) Specifies the source IP address to use in outgoing probe packets.
‐r (Optional) Bypasses the normal host routing tables.
‐d (Optional) Sets the debug socket option.
‐t tos (Optional) Sets the type of service (TOS) to be used in probe packets.
‐df (Optional) Sets the don’t fragment bit.
‐g gateway (Optional) Specifies a loose source gateway (up to 8 can be specified).
‐I (Optional) Specifies the use of ICMP echo requests rather than UDP datagrams.
‐n (Optional) Displays hop addresses numerically.

Matrix X Router Command Line Interface Reference Guide 8-33

Managing Switch Network Addresses

‐v (Optional) Displays verbose output, including the size and destination of each
response.
‐x (Optional) Prevents traceroute from calculating checksums.
host Specifies the IP address or name of the host to which the route of an IP packet
will be traced.
Note: The DNS Client function must be configured before using a host name as a
parameter in the command.
packetlen (Optional) Sets the probe packet length, ranging from 38 to 32768 bytes.

Defaults
• If not specified, waittime will be set to 5 seconds.
• If not specified, first‐ttl will be set to 1 hop.
• If not specified, max‐ttl will be set to 30 hops.
• If not specified, port will be set to 33434.
• If not specified, nqueries will be set to 3.
• If ‐r is not specified, normal host routing tables will be used.
• If ‐d is not specified, the debug socket option will not be used.
• If not specified, tos will be set to 0.
• If ‐df is not specified, the don’t fragment bit will not be applied.
• If gateway is not specified, none will be applied.
• If ‐I is not specified, UDP datagrams will be used.
• If ‐v is not specified, summary output will be displayed.
• If ‐x is not specified, checksums will be calculated.
• If packetlen is not specified, the packet size is 38 bytes.

Mode
Switch command, read‐only.
Router privileged execution: matrix-x(router-exec)#

Example
The following example uses traceroute to display a round trip path to host 192.167.252.17. In this
case, hop 1 is the Matrix X Router, hop 2 is 14.1.0.45, and hop 3 is back to the host IP address.
Round trip times for each of the three UDP probes are displayed next to each hop:
matrix-x(switch-su)-> traceroute 192.167.252.17
traceroute to 192.167.252.17 (192.167.252.17), 30 hops max, 38 byte packets
1 matrix.enterasys.com (192.167.201.40) 20.000 ms 20.000 ms 20.000 ms
2 14.1.0.45 (14.1.0.45) 40.000 ms 10.000 ms 20.000 ms
3 192.167.252.17 (192.167.252.17) 50.000 ms 0.000 ms 20.000 ms

8-34 Logging and Network Management Commands

Managing Switch Network Addresses

show mac
This command displays information about MAC addresses in the switch’s filtering database.

Syntax
show mac [address mac-address] [agetime] [fid fid] [field-decode] [port
port-string] [type {other | invalid | learned | self | mgmt} [verbose] [vlan-id]

Parameters
address mac‐address (Optional) A MAC address (if known by the Matrix X).
agetime (Optional) The timeout period for aging learned MAC entries.
fid fid (Optional) The filter database identifier.
field‐decode (Optional) Displays descriptions of the fields in the output.
port port‐string (Optional) MAC addresses for specific port(s). For a detailed
description of possible port‐string values, refer to Chapter 3.
type {other | invalid | (Optional) Displays only other, invalid, learned, self, or mgmt
learned | self | mgmt} (management) address types.
verbose (Optional) Displays all information in detail.
vlan‐id (Optional) VLAN index from 1 to 4094.

Defaults
If no parameters are specified, all MAC addresses for the device will be displayed.

Mode
Switch command, read‐only.

Usage
To display static multicast entries, run the command show mac type mgmt .

Examples
The following example displays MAC address information for 1‐Gigabit Ethernet port 4 in slot 5:
matrix-x(switch-su)-> show mac port tg.5.4

MAC Address FID Port Type Status

----------------- ---------- ------------ ------- --------
00-00-F6-00-86-71 1 tg.5.4 learned
00-00-F8-07-1C-EE 1 tg.5.4 learned
00-00-F8-07-41-68 1 tg.5.4 learned
00-00-F8-78-D3-55 1 tg.5.4 learned
00-01-03-84-7C-44 1 tg.5.4 learned
00-01-03-85-3F-8B 1 tg.5.4 learned
00-01-F4-EE-7D-B8 1 tg.5.4 learned
00-10-A4-B3-C4-B7 1 tg.5.4 learned
00-10-A4-B8-D7-C3 1 tg.5.4 learned
00-80-C7-E9-D2-6B 1 tg.5.4 learned
00-90-27-A5-86-ED 1 tg.5.4 learned

Matrix X Router Command Line Interface Reference Guide 8-35

Managing Switch Network Addresses

00-90-27-A7-C1-D3 1 ge.5.4 learned

The following table provides an explanation of the command output.

Output What It Displays...

MAC Address MAC addresses mapped to the port(s) shown.

FID Filter database identifier.

Port Port designation.

Type Address type. Valid types are:

• learned
• self
• mgmt
• other
• invalid

Status Status of MAC address.

This example illustrates the default display of the command, using the field‐decode parameter.
matrix-x(switch-su)-> show mac field-decode

Blank = Not applicable

Type:
other = Entry is other than below
invalid = Entry is no longer valid, but has not been yet flushed-out
learned = Entry has been learned and is currently used
self = Entry represents one of the device's address
mgmt = Entry represents a dot1qStaticUnicastAddress
mcast = Entry represents a dot1qStaticMulticastAddress

Status:
other = Entry is other than below
invalid = Entry shall be removed
perm = Entry is currently in use and shall remain so AFTER the next reset
(permanent)

MAC Address FID Port Type Status

----------------- ---- ------------- ------- -------
00-11-88-03-D4-B0 0 tg.1.1 self
00-11-88-03-D5-70 0 tg.3.1 self
00-11-88-03-D5-71 0 tg.3.2 self
00-11-88-03-FA-89 0 ge.8.1 self
00-11-88-03-FA-8A 0 ge.8.2 self
00-11-88-03-FA-8B 0 ge.8.3 self
00-11-88-03-FA-A8 0 ge.8.32 self
00-01-F4-DA-5A-2F 100 tg.1.1 other
00-01-F4-DA-5A-2F 200 tg.1.1 other
00-A0-C9-CF-CF-48 200 ge.8.31 learned

MAC Address VLAN Port Type Status Egress Ports

----------------- ---- ------------- ------- ------- ---------------------------
01-80-C2-00-00-00 0 any mcast other
01-80-C2-00-00-01 0 any mcast other

8-36 Logging and Network Management Commands

Managing Switch Network Addresses

01-80-C2-00-00-02 0 any mcast other

01-80-C2-00-00-03 0 any mcast other
01-80-C2-00-00-04 0 any mcast other
01-80-C2-00-00-05 0 any mcast other
01-80-C2-00-00-06 0 any mcast other
01-80-C2-00-00-07 0 any mcast other
01-80-C2-00-00-08 0 any mcast other
01-80-C2-00-00-09 0 any mcast other
01-80-C2-00-00-0A 0 any mcast other
01-80-C2-00-00-0B 0 any mcast other
01-80-C2-00-00-0C 0 any mcast other
01-80-C2-00-00-0D 0 any mcast other
01-80-C2-00-00-0E 0 any mcast other
01-80-C2-00-00-0F 0 any mcast other
01-80-C2-00-00-21 0 any mcast other

Aging time: 300 seconds

This example displays the MAC timeout period:

matrix-x(switch-su)-> show mac agetime
Aging time: 300 seconds
This example displays static management MAC addresses:
matrix-x(switch-su)-> show mac type mgmt

MAC Address VLAN Port Type Status Egress Ports

----------------- ---- ------------- ------- ------- ---------------------------
01-BB-CC-DD-EE-FF 1 any mcast perm lag.0.1-32

clear mac
This command clears information about MAC addresses in the switch’s filtering database. These
are MAC addresses dynamically learned on a port through the switching process and /or statically
configured.

Syntax
clear mac [all] | [address mac-address] [fid fid] | [vlan-id <vlan-id>] |
[port-string port-string] [type {learned | mgmt} [agetime]

Parameters
all Clears all learned and management MAC address properties known
by the Matrix X.
address mac‐address (Optional) A MAC address (if known by the Matrix X).
fid fid (Optional) The filter database identifier.
vlan‐id (Optional) VLAN index from 1 to 4094.
port port‐string (Optional) MAC addresses for specific port(s). For a detailed
description of possible port‐string values, refer to Chapter 3.
type {learned | mgmt} (Optional) Clears dynamically learned or statically configured
(management) addresses by type.

Matrix X Router Command Line Interface Reference Guide 8-37

Managing Switch Network Addresses

agetime (Optional) Resets the timeout period for aging learned MAC entries
to the default value of 300 seconds.

Default
None.

Mode
Switch command, read‐write.

Usage
To remove a given static MAC entry, use the command clear mac address <mac-address>.

Examples
The following example resets the MAC timeout period to the default value and then displays it:
matrix-x(switch-su)-> clear mac agetime
matrix-x(switch-su)-> show mac agetime
Aging time: 300 seconds

The following example sets a static multicast MAC address, displays the results, clears all learned
and management MAC information, displays the results:
matrix-x(switch-su)-> set mac multicast 01-bb-cc-dd-ee-ff 5 *.*.*
matrix-x(switch-su)-> show mac

MAC Address VLAN Port Type Status Egress Ports

----------------- ---- ------------- ------- ------- ---------------------------
01-80-C2-00-00-00 0 any mcast other
01-80-C2-00-00-01 0 any mcast other
01-80-C2-00-00-02 0 any mcast other
01-80-C2-00-00-03 0 any mcast other
01-80-C2-00-00-04 0 any mcast other
01-80-C2-00-00-05 0 any mcast other
01-80-C2-00-00-06 0 any mcast other
01-80-C2-00-00-07 0 any mcast other
01-80-C2-00-00-08 0 any mcast other
01-80-C2-00-00-09 0 any mcast other
01-80-C2-00-00-0A 0 any mcast other
01-80-C2-00-00-0B 0 any mcast other
01-80-C2-00-00-0C 0 any mcast other
01-80-C2-00-00-0D 0 any mcast other
01-80-C2-00-00-0E 0 any mcast other
01-80-C2-00-00-0F 0 any mcast other
01-80-C2-00-00-21 0 any mcast other
01-BB-CC-DD-EE-FF 5 any mcast perm lag.0.1-32

Aging time: 300 seconds

matrix-x(switch-su)-> clear mac all

matrix-x(switch-su)-> show mac

MAC Address VLAN Port Type Status Egress Ports

8-38 Logging and Network Management Commands

Managing Switch Network Addresses

----------------- ---- ------------- ------- ------- ---------------------------

01-80-C2-00-00-00 0 any mcast other
01-80-C2-00-00-01 0 any mcast other
01-80-C2-00-00-02 0 any mcast other
01-80-C2-00-00-03 0 any mcast other
01-80-C2-00-00-04 0 any mcast other
01-80-C2-00-00-05 0 any mcast other
01-80-C2-00-00-06 0 any mcast other
01-80-C2-00-00-07 0 any mcast other
01-80-C2-00-00-08 0 any mcast other
01-80-C2-00-00-09 0 any mcast other
01-80-C2-00-00-0A 0 any mcast other
01-80-C2-00-00-0B 0 any mcast other
01-80-C2-00-00-0C 0 any mcast other
01-80-C2-00-00-0D 0 any mcast other
01-80-C2-00-00-0E 0 any mcast other
01-80-C2-00-00-0F 0 any mcast other
01-80-C2-00-00-21 0 any mcast other

Aging time: 300 seconds

set mac
This command sets the timeout period for aging learned MAC entries, defines the ports a
multicast address can be flooded to, and/or creates a static MAC address entry in the filtering
database(s).

Syntax
set mac {[agetime time] | [multicast mac-address vlan-id [port-string] {append |
clear}]}

Parameters
agetime time Specifies the timeout period for aging learned MAC entries
ranging from 10 to 65535 seconds.
multicast mac-address This command allows you to limit specific layer two multicast
vlan-id [port-string] addresses (mac‐address) to specific ports (port‐string) within a
{append | clear}] VLAN (vlan‐id). You can append or clear ports from the list of
ports the multicast MAC address is allowed to be flooded to.

Default
If you do not define port‐string with the set mac multicast command, the command will apply to
all ports.

Mode
Switch command, read‐write.

Matrix X Router Command Line Interface Reference Guide 8-39

Managing Switch Network Addresses

Examples
The following example sets the MAC timeout period to 600 seconds:
matrix-x(switch-su)-> set mac agetime 600
The following example sets a static MAC address on VLAN 1 for all ports and then displays the
results:
matrix-x(switch-su)-> set mac multicast 01-aa-bb-cc-dd-ee 1 *.*.*
matrix-x(switch-su)-> show mac

MAC Address VLAN Port Type Status Egress Ports

Aging time: 300 seconds

set movedaddrtrap
This command enables or disables SNMP trap messaging, globally or on one or more ports, when
moved source MAC addresses are detected.

Syntax
set movedaddrtrap [port-string] {enable | disable}

Parameters
port‐string (Optional) Specifies the port or ports on which to enable or disable
MAC address traps.
enable | disable Enables or disables SNMP trap messaging when moved source MAC
addresses are detected.

Defaults
If port‐string is not specified, MAC address traps will be globally enabled or disabled.

8-40 Logging and Network Management Commands

Managing Switch Network Addresses

Mode
Switch mode, read‐write.

Example
This example globally enables MAC address traps.
matrix-x(switch-rw)->set movedaddrtrap enable

show movedaddrtrap
This command displays the status of moved MAC address traps on one or more ports.

Syntax
show movedaddrtrap [port-string]

Parameters
port‐string (Optional) Specifies the port or ports for which to display the status of
MAC address traps.

Defaults
If port‐string is not specified, the status of MAC address traps for all ports will be displayed.

Mode
Switch mode, read‐write.

Example
This example displays the status of MAC address traps on ports ge.4.1 through ge.4.4.
matrix-x(switch-ro)-> show movedaddrtrap ge.4.1-4
Moved Address Traps Globally disabled

Port Enable State

--------- ------------
ge.4.1 disabled
ge.4.2 disabled
ge.4.3 disabled
ge.4.4 disabled

Matrix X Router Command Line Interface Reference Guide 8-41

Configuring Node Aliases

These switch‐level commands review, configure, disable and re‐enable node (port) alias
functionality, which determines what network protocols are running on one or more ports.

Commands
Commands to configure node aliases are listed below.

For information about... Refer to page...

show nodealias 8-42

show nodealias mac 8-44

show nodealias protocol 8-46

show nodealias config 8-47

set nodealias 8-48

set nodealias maxentries 8-49

clear nodealias 8-49

clear nodealias config 8-50

show nodealias
This command displays node alias properties for one or more ports.

Syntax
show nodealias [port-string]

Parameters
port-string (Optional) Displays node alias properties for specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.

Defaults
If port‐string is not specified, node alias properties will be displayed for all ports.

Mode
Switch command, read‐only.

Usage
Node aliases are dynamically assigned upon packet reception to ports enabled with an alias agent,
which is the default setting on the Matrix X Router. Node aliases cannot be statically created, but
can be deleted using the clear nodealias command (page 8‐49).

8-42 Logging and Network Management Commands

Configuring Node Aliases

Example
The following example (a portion of the command output) displays node alias properties for the
Gigabit Ethernet port 12 in module 6:
matrix-x(switch-su)-> show nodealias ge.6.12

Alias ID = 1533917044 Active = true

Vlan ID = 1 MAC Address = 00-e0-63-04-7b-00
Protocol = ip Source IP = 63.214.44.63

The following table provides an explanation of the command output.

Output What It Displays...

Alias ID Alias dynamically assigned to this port.

Active Whether or not this node alias entry is active.

Vlan ID VLAN ID associated with this alias.

MAC Address MAC address associated with this alias.

Protocol Networking protocol running on this port.

Address / Source IP When applicable, a protocol-specific address associated with this alias.

Matrix X Router Command Line Interface Reference Guide 8-43

Configuring Node Aliases

show nodealias mac

This command displays node alias entries based on MAC address and protocol.

Parameters

mac_address Specifies a MAC address for which to display node alias entries. You can
enter a full or partial address.
ip | apl | mac | (Optional) Displays node alias entries for one of the following protocols:
hsrp | dhcps |
• Internet Protocol (IP)
dhcpc | bootps |
bootpc | ospf | • Appletalk (APL)
vrrp | ipx | xrip | • Media Access Control (MAC)
xsap | ipx20 |
rtmp | netBios | • Hot Standby Routing Protocol (HSRP)
nbt | bgp | rip | • Dynamic Host Control Protocol Server (DHCPS)
igrp | dec | bpdu
• Dynamic Host Control Protocol Client (DHCPC)
| udp
• Boot Protocol Server (BOOTPS)
• Boot Protocol Client (BOOTPC)
• Open Shortest Path First (OSPF)
• Virtual Router Redundancy Protocol (VRRP)
• Internet Packet Exchange (IPX)
• IPX ROUTING INFORMATION PROTOCOL (XRIP)
• IPX Service Access Point (XSAP)
• PX Protocol 20 packet (IPX20)
• Routing Table Maintenance Protocol (RTMP)
• NetBIOS (raw) (NETBIOS)
• NetBIOS (over TCP/IP) (NBT)
• Border Gateway Protocol (BGP)
• Routing Information Protocol (RIP)
• Interior Gateway Routing Protocol (IGRP)
• Digital Equipment Corporation (DEC)
• Bridge Protocol Data Unit (BPDU)
• User Datagram Protocol (UDP)
port-string (Optional) Displays node alias properties for specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.

8-44 Logging and Network Management Commands

Configuring Node Aliases

Defaults
• If protocol is not specified, node alias entries for all protocols will be displayed.
• If port‐string is not specified, node alias entries will be displayed for all ports.

Mode
Switch command, read‐only.

Example
The following example displays node alias entries for BPDU traffic on MAC addresses beginning
with 00‐e0:
matrix-x(switch-su)-> show nodealias mac 00-e0 bpdu
Port: lag.0.1 Time: 0 days 01 hrs 34 mins 53 secs
--------------------------------------------------------
Alias ID = 306783575 Active = true
Vlan ID = 1 MAC Address = 00-e0-63-59-f4-3d
Protocol = bpdu

Port: lag.0.1 Time: 0 days 01 hrs 34 mins 54 secs

--------------------------------------------------------
Alias ID = 306783579 Active = true
Vlan ID = 1 MAC Address = 00-e0-63-59-f4-55
Protocol = bpdu

Port: ge.3.9 Time: 0 days 00 hrs 00 mins 46 secs

--------------------------------------------------------
Alias ID = 613566759 Active = true
Vlan ID = 1 MAC Address = 00-e0-63-97-4b-69
Protocol = bpdu

Port: ge.3.9 Time: 0 days 03 hrs 03 mins 52 secs

--------------------------------------------------------
Alias ID = 613566837 Active = true
Vlan ID = 1 MAC Address = 00-e0-63-97-d0-a0
Protocol = bpdu
The following table provides an explanation of the command output.

Output What It Displays...

Alias ID Alias dynamically assigned to this port.

Active Whether or not this node alias entry is active.

Vlan ID VLAN ID associated with this alias.

MAC Address MAC address associated with this alias.

Protocol Networking protocol running on this port.

Address / Source IP When applicable, a protocol-specific address associated with this alias.

Matrix X Router Command Line Interface Reference Guide 8-45

Configuring Node Aliases

show nodealias protocol

This command displays node alias entries based on protocol and protocol address.

Syntax
show nodealias protocol {ip | apl | mac | hsrp | dhcps | dhcpc | bootps | bootpc
| ospf | vrrp | ipx | xrip | xsap | ipx20 | rtmp | netBios | nbt | bgp | rip |
igrp | dec | bpdu | udp} [ip-address ip-address] [port-string]

Defaults
• If ip‐address is not specified for the IP protocol, IP‐related entries will be displayed from all
source addresses.
• If port‐string is not specified, node alias entries will be displayed for all ports.

Mode
Switch command, read‐only.

Example
The following example displays node alias entries for IP traffic on Gigabit Ethernet port 12,
module 6:
matrix-x(switch-su)-> show nodealias protocol ip ge.6.12
Port: ge.6.12 Time: 1 days 03 hrs 33 mins 47 secs
--------------------------------------------------------
Alias ID = 1533917141 Active = true
Vlan ID = 1 MAC Address = 00-e0-63-04-7b-00
Protocol = ip Source IP = 199.45.62.25

The following table provides an explanation of the command output.

Output What It Displays...

Alias ID Alias dynamically assigned to this port.

Active Whether or not this node alias entry is active.

Vlan ID VLAN ID associated with this alias.

8-46 Logging and Network Management Commands

Configuring Node Aliases

Output What It Displays...

MAC Address MAC address associated with this alias.

Protocol Networking protocol running on this port.

Address / Source IP When applicable, a protocol-specific address associated with this alias.

show nodealias config

This command displays node alias configuration settings on one or more ports.

Syntax
show nodealias config [port-string]

Defaults
If port‐string is not specified, node alias configurations will be displayed for all ports.

Mode
Switch command, read‐only.

Example
The following example displays node alias configuration settings for Gigabit Ethernet ports 1
through 9 in module 2:
matrix-x(switch-su)-> show nodealias config ge.2.1-9

Max Control Entries = 0 Active Entries = 0

Purge Time = 00:00:00 State = ready(2)

Port Number Max Entries Used Entries Status

----------- ----------- ------------ ------
ge.2.1 16 0 Enabled
ge.2.2 47 0 Enabled
ge.2.3 47 2 Enabled
ge.2.4 47 0 Enabled
ge.2.5 47 0 Enabled
ge.2.6 47 2 Enabled
ge.2.7 47 0 Enabled
ge.2.8 47 0 Enabled
ge.2.9 4000 1 Enabled

The following table provides an explanation of the command output.

Matrix X Router Command Line Interface Reference Guide 8-47

Configuring Node Aliases

Output What It Displays...

Port Number Port designation.

Max Entries Maximum number of alias entries configured for this port. Set using set nodealias
maxentries on page 8-49.

Used Entries Number of alias entries (out of the maximum amount configured) already used by
this port.

Status Whether or not a node alias agent is enabled (default) or disabled on this port.

set nodealias
This command enables or disables a node alias agent on one or more ports.
set nodealias {enable | disable} [port-string]

Parameters
enable | disable Enables or disables a node alias agent.
port-string (Optional) Displays node alias properties for specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.

Default
None.

Mode
Switch command, read‐write.

Usage
Upon packet reception, node aliases are dynamically assigned to ports enabled with an alias
agent, which is the default setting on the Matrix X Router. Node aliases cannot be statically
created, but can be deleted using the clear nodealias command (page 8‐49).

Example
The following example disables the node alias agent on Gigabit Ethernet port 3 in module 1:
matrix-x(switch-su)-> set nodealias disable ge.1.3

8-48 Logging and Network Management Commands

Configuring Node Aliases

set nodealias maxentries

This command sets the maximum number of node alias entries allowed for one or more ports.

Syntax
set nodealias maxentries val port-string

Parameters
val Specifies the maximum number of alias entries, ranging from 0 to 2048.
port-string (Optional) Displays node alias properties for specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.

Default
None.

Mode
Switch command, read‐write.

Example
The following example sets the maximum node alias entries to 1000 on Gigabit Ethernet port 3 in
module 1:
matrix-x(switch-su)-> set nodealias maxentries 1000 ge.1.3

clear nodealias
This command removes one or more node alias entries.

Syntax
clear nodealias [port port-string | alias-id alias-id]

Parameters
port port‐string (Optional) Displays node alias properties for specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.
alias‐id alias‐id Specifies the ID of the node alias to remove. This value can be viewed
using the show nodealias command (page 8‐42).

Default
None.

Mode
Switch command, read‐write.

Matrix X Router Command Line Interface Reference Guide 8-49

Configuring Node Aliases

Example
The following example clears all node alias entries on Gigabit Ethernet port 3 in module 1:
matrix-x(switch-su)-> clear nodealias port-string ge.1.3

clear nodealias config

This command resets the node alias state to enabled and clear the maximum entries value.

Syntax
clear nodealias config port-string

Parameters
port-string Specifies the port(s) on which to reset the node alias configuration. For a
detailed description of possible port‐string values, refer to “Port Strings
Used in the CLI” on page 12‐2.

Parameters
None.

Default
None.

Mode
Switch command, read‐write.

Example
The following example resets the node alias configuration on Gigabit Ethernet port 3 in module 1:
matrix-x(switch-su)-> clear nodealias config ge.1.3

8-50 Logging and Network Management Commands

9
NetFlow Commands

This chapter describes the NetFlow commands and how to use them.

Overview
NetFlow is a protocol developed for collecting IP traffic information used for accounting, billing,
security analysis, network monitoring, traffic engineering, and application monitoring and
profiling.
Network devices (switches and routers) with NetFlow enabled generate NetFlow flow records,
which are exported from the device in UDP packets and collected by a NetFlow collector for
analysis by a NetFlow data analyzer application.
A flow is uniquely defined by seven key fields in an IP packet:
• Source input interface
• Source IP address
• Destination IP address
• Destination port (UDP/TCP port number)
• Source port (UDP/TCP port number)
• IP TOS field
• Layer 3 protocol
Each flow has different data, based on the NetFlow export version format supported by the
network device. This data can include such items as packet count, byte count, destination interface
index, start and end time, and next hop router.

Matrix X Router Implementation

On the Matrix X Router, NetFlow classification and caching is performed on the IOMs, while
NetFlow export functionality is performed on the CM. Packets are sampled at ingress at the rate
configured for the whole system with the set sampling‐rate command. The IOMs classify the
sampled packets into flows, update NetFlow counters, and determine the end of the flows. The
IOMs send flow data to the CM for export when the configured export‐interval time expires
(default is 30 minutes) or when the cache is full.
The NetFlow export process on the CM gathers any further data needed to complete the data
record format for the configured NetFlow version and sends the flow records to the configured
NetFlow collector. Note that only one NetFlow export destination (collector) can be configured
per X Router system.
NetFlow can be enabled on any port on the X Router.

Matrix X Router CLI Reference Guide 9-1

Commands

Version Support
The Matrix X Router currently supports data export Version 1 and Version 5. CLI commands are
provided to configure certain record format values required for Version 5, such as engine ID and
engine type.

Commands
For information about... Refer to page...

show netflow config 9-3

set netflow cache 9-5

set netflow export-destination 9-6

set netflow export-version 9-6

set netflow export-interval 9-7

set netflow entries 9-7

set netflow engine-id 9-8

set netflow interface 9-9

set netflow port 9-9

clear netflow port 9-10

clear netflow all 9-10

show netflow cache-flow 9-11

show netflow statistics 9-12

9-2 NetFlow Commands

show netflow config Commands

show netflow config

This command displays the current NetFlow configuration information and status.

Syntax
show netflow config

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Usage
Use this command to display all the NetFlow configuration information.

Example
This example displays the default NetFlow configuration settings.
matrix-x(switch-rw)-> show netflow config

Cache Status: disabled

Sampling Rate: 100
Engine Id: 0
Engine Type: 0
Administrative Interface: eth0
Destination IP:
Destination UDP port: 2055
Export Version: 5
Export Interval: 30 (min)
Export As: peer
Number of Entries: 64 (k)

Port State
-------- --------
The following table describes the output.

Table 9-1 NetFlow Configuration Settings

Output... What it displays...

Cache Status Whether NetFlow caching is globally enabled or

disabled. By default, NetFlow is disabled globally.

Sampling Rate The rate at which packets are captured, or sampled.

100 indicates that 1 in 100 packets are captured.
This value is set with the set sampling-rate
command. Default rate is 100.

Matrix X Router CLI Reference Guide 9-3

Commands show netflow config

Table 9-1 NetFlow Configuration Settings

Output... What it displays...

Engine ID The ID number of the flow switching engine. This ID

is required by NetFlow export version 5 format.
This value is set with the set netflow engine-id
command. The default value is 0.

Engine Type The type of flow switching engine. This type value is
required by NetFlow export version 5 format.
This value is set with the set netflow engine-id
command. The default value is 0.

Administrative Interface This is the interface used for the source IP address
of the exported NetFlow UDP datagrams.
The default interface is eth0. This value is set with
the set netflow interface command.

Destination IP The IP address of the NetFlow collector which is the

destination of the NetFlow UDP packets.
This value is set with the set netflow export-
destination command. There is no default value.

Destination UDP port The UDP port on the NetFlow collector.

This value is set with the set netflow export-
destination command. The default value is 2055.

Export Version The NetFlow flow record format used when

exporting NetFlow packets. Version can be either 1
or 5, with Version 5 as the default.
This value is set with the set netflow export-
version command.

Export Interval The time out interval when the NetFlow cache is
flushed and the data is exported, if the maximum
number of entries has not been reached.
This value is set with the set netflow export-
interval command. The default value is 30 minutes.

Export AS Whether the BGP AS addresses are origin or peer.

BGP AS addresses are not supported by Version 1.
This value is set with the set netflow export-
version command. The default value is peer.

Number of Entries The maximum number of flows saved into the

cache.
This value is set with the set netflow entries
command. The default value is 64 KB.

Port and State Displays the ports on which NetFlow is enabled.

NetFlow is enabled or disabled on a port with the set
netflow port command. NetFlow is disabled on
ports by default.

9-4 NetFlow Commands

set netflow cache Commands

set netflow cache

This command enables or disables NetFlow globally.

Syntax
set netflow cache {enable | disable}

Parameters
enable | disable Enables or disables NetFlow globally.

Defaults
By default, NetFlow is disabled globally.

Mode
Switch command, read‐write.

Usage
An export destination must be configured and a port enabled for NetFlow before NetFlow will
start sampling. When NetFlow is globally disabled, it will stop sampling on all enabled ports and
the cached records will be flushed when the export time out interval is reached.
The packet sampling rate can be configured with the set sampling‐rate command. The export time
out interval can be configured with the set netflow export‐interval command.

Examples
This example attempts to enable NetFlow before an export destination has been configured.
matrix-x(switch-rw)-> set netflow cache enable
% The netflow export-destination must be configured before enabling netflow.
This example enables NetFlow globally after configuring an export destination.
matrix-x(switch-rw)-> set netflow export-destination 192.168.10.1
matrix-x(switch-rw)-> set netflow cache enable

Matrix X Router CLI Reference Guide 9-5

Commands set netflow export-destination

set netflow export-destination

This command configures the NetFlow collector destination.

Syntax
set netflow export-destination ip-address [udp-port]

Parameters
ip‐address Specifies the IP address of the NetFlow collector.
udp‐port (Optional) Specifies the UDP port number used by the NetFlow
collector. Default is 2055.

Defaults
The default UDP port is 2055.

Mode
Switch command, read‐write.

Usage
Only one NetFlow collector destination can be configured on the X Router. A destination address
must be configured before the NetFlow cache can be enabled globally.

Example
This example configures a NetFlow collector and uses the default UDP port.
matrix-x(switch-rw)-> set netflow export-destination 192.168.10.1

set netflow export-version

This command sets the NetFlow flow record format used to export data.

Syntax
set netflow export version {1 | 5} [origin-as | peer-as]

Parameters
1|5 Specify the NetFlow flow record format to use when exporting NetFlow
packets, either Version 1 or 5.
The default is Version 5.
origin‐as | peer‐as (Optional) Specify the type of BGP AS addresses to use, for exporting
Version 5 flow records. The default is peer‐as.

Defaults
The default is Version 5, peer AS addresses.

Mode
Switch command, read‐write.

9-6 NetFlow Commands

set netflow export-interval Commands

Usage
The NetFlow version configured determines the type of information collected and the format of
the NetFlow UDP flow record packets sent to the collector.

Example
This example configures Version 1 to be used.
matrix-x(switch-rw)-> set netflow export-version 1

set netflow export-interval

This command configures the time out interval used to determine when the NetFlow cache should
be flushed and the data exported, if the maximum number of entries has not been reached.

Syntax
set netflow export-interval min

Parameters
min Specify the time out value in minutes. The default value is 30 minutes.

Defaults
30 minutes.

Mode
Switch command, read‐write.

Usage
The NetFlow cache on each IOM collects and stores the flow data. The data in the cache is sent to
the CM to be exported when:
• The cache has accumulated the maximum number of entries, or
• The export time out interval has been reached.

Example
This example sets the export time out interval to 20 minutes.
matrix-x(switch-rw)-> set netflow export-interval 20

set netflow entries

This command sets the maximum number of flows that can be saved into the cache.

Syntax
set netflow entries max-num

Parameters
max‐num Specify the maximum number of flows that can saved, in kilobytes. The
value can range from 16 to 128 K.

Matrix X Router CLI Reference Guide 9-7

Commands set netflow engine-id

Defaults
The default maximum number of entries is 64 kilobytes.

Mode
Switch command, read‐write.

Usage
When this number of entries is reached, the cache is flushed and the data records are exported.
When the size is changed, the current cached data is flushed so the new size can be allocated.

Example
This example shows how to set the maximum number of flows that can be saved in the cache to
128 K.
matrix-x(switch-rw)-> set netflow entries 128

set netflow engine-id

This command specifies the engine ID and engine type that should be included in the NetFlow
Version 5 data records.

Syntax
set netflow engine‐id engine‐id type engine‐type

Parameters
engine‐id Specifies the engine ID required by the NetFlow collector for Version 5
data records. The value can range from 0 to 255.
type engine‐type Specifies the engine type required by the NetFlow collector for Version
5 data records. The value for engine type can range from 0 to 255.

Defaults
The default value for engine ID and engine type is 0.

Mode
Switch command, read‐write.

Usage
The values configured with this command must come from the NetFlow collector application that
is configured as the NetFlow export destination for the X Router.

Example
This example configures the engine ID as 1 and the engine type as 1.
matrix-x(switch-rw)-> set netflow engine-id 1 type 1

9-8 NetFlow Commands

set netflow interface Commands

set netflow interface

This command sets the source IP address used in exported NetFlow UDP datagrams.

Syntax
set netflow interface port-string

Parameters
port‐string Specify the interface used as the source IP address for exported NetFlow
datagrams.

Defaults
If no interface is specified, the eth0 is used by default.

Mode
Switch command, read‐write.

Usage
The interface specified with this command must have an IP address configured on it.

Example
This example configures the interface ge.4.1 as the source IP address for exported NetFlow
datagrams.
matrix-x(switch-rw)-> set netflow interface ge.4.1

set netflow port

This command enables or disables NetFlow collection on one or more ports.

Syntax
set netflow port port-string {enable | disable}

Parameters
port‐string Specifies the port or ports on which to enable or disable NetFlow
collection.
enable | disable Enables or disables NetFlow collection on the specified port or ports.

Defaults
NetFlow collection is disabled by default.

Mode
Switch command, read‐write.

Matrix X Router CLI Reference Guide 9-9

Commands clear netflow port

Usage
You must configure a NetFlow export destination (set netflow export‐destination) before you can
enable NetFlow on any ports. You must enable NetFlow globally (set netflow cache) before
NetFlow will start sampling packets.
Upon disabling NetFlow on a port, NetFlow will stop sampling and the current flow data will be
exported when the export time out interval expires.

Example
This example shows how to enable NetFlow collection on ports ge.4.1 through ge.4.3.
matrix-x(switch-rw)-> set netflow export-destination 192.168.10.1
matrix-x(switch-rw)-> set netflow port ge.4.1-3 enable
matrix-x(switch-rw)-> set netflow cache enable

clear netflow port

This command clears (disables) NetFlow collection on one or more ports.

Syntax
clear netflow port port-string

Parameters
port‐string Specifies the port or ports on which to disable NetFlow collection.

Defaults
None.

Mode
Switch command, read‐write.

Example
This example disables NetFlow collection on port ge.4.3.
matrix-x(switch-rw)-> clear netflow port ge.4.3

clear netflow all

This command returns all NetFlow configuration settings to their default values. Refer to Table 9‐1
on page 9‐3 for a list of all the default configuration settings.

Syntax
clear netflow all

Parameters
None.

Defaults
Refer to Table 9‐1 on page 9‐3 for a list of all the default NetFlow configuration settings.

9-10 NetFlow Commands

show netflow cache-flow Commands

Mode
Switch command, read‐write.

Example
This example shows how to return all NetFlow configuration settings to their default settings.
matrix-x(switch-rw)-> clear netflow all

show netflow cache-flow

This command flow counters for the current cached NetFlow information, either system‐wide or
IOM‐specific.

Syntax
show netflow cache-flow [slot-id]

Parameters
slot‐id (Optional) Display IOM‐specific flow counter information.

Defaults
None.

Mode
Switch command, read‐only.

Usage
System‐wide flow counters are reset when NetFlow is globally (re)enabled. IOM‐specific flow
statistics are reset every time the cache on the IOM is flushed.

Examples
This example shows how to display system‐wide counters.
matrix-x(switch-ro)-> show netflow cache-flow

System flow counters:

Last Reset: Wed Apr 11 17:49:35 2007
----------------------------------------------
Flows Exported: 38
UDP Packets Exported: 31
UDP Packets Failed: 0
UDP Packets Dropped: 0
This example shows how to display IOM‐specific statistics.
matrix-x(switch-ro)-> show netflow cache-flow 4

Flow statistics for IOM 4

Last Reset: Wed Apr 11 16:48:43 2007
----------------------------------------------
Flows in Cache 3
Current Memory Usage 2343308B
Flows exported 38
Packets dropped due to congestion 0

Matrix X Router CLI Reference Guide 9-11

Commands show netflow statistics

TCP Packets Sampled 67

SSH Packets Sampled 67
Telnet Packets Sampled 0
HTTP Packets Sampled 0
UDP Packets Sampled 0
SNMP Packets Sampled 0

show netflow statistics

This command displays per‐port NetFlow statistics.

Syntax
show netflow statistics port-string

Parameters
port‐string Specifies the single port for which to display NetFlow statistics.

Defaults
None.

Mode
Switch command, read‐only.

Usage
Per‐port NetFlow statistics and reset whenever the port is (re)enabled.

Example
This example shows how to display NetFlow statistics for port ge.4.1.
matrix-x(switch-ro)-> show netflow statistics ge.4.1

Flows Sampled on Port ge.4.1

First Packet Sampled: Fri May 12 15:44:57 2006
Last Packet Sampled: Fri May 12 15:57:12 2006
-----------------------------------------------
VLAN Packets Sampled 0
ARP Packets Sampled 1
Multicast Packets Sampled 1
Non IPV4 Packets Sampled 1
IP Packets Sampled 473
ICMP Packets Sampled 353
TCP Packets Sampled 120
SSH Packets Sampled 120
Telnet Packets Sampled 0
HTTP Packets Sampled 0
UDP Packets Sampled 0
SNMP Packets Sampled 0
Other IP Packets Sampled 0
Fragmented Packets Sampled 0
Fragmented Packets Dropped 0
Total Packets Sampled 474

9-12 NetFlow Commands

10
Packet Capture Commands

This chapter describes the packet capture commands and how to use them.

Overview
The packet capture functionality provides a way to understand what traffic is flowing through the
Matrix X Router. Packets are sampled at a configurable rate and stored in a ring buffer for later
analysis. The packet buffer, which is in pcap format, can then be exported to a remote machine,
copied to the local public directory, or viewed locally.

Commands
For information about... Refer to page...

set sampling-rate 10-2

show packet-capture config 10-2

set packet-capture 10-3

set packet-capture port 10-3

set packet-capture files 10-4

set packet-capture file-size 10-5

set packet-capture max-packet-size 10-5

clear packet-capture all 10-6

clear packet-capture port 10-7

show packet-capture buffer 10-7

export packet-capture 10-8

Matrix X Router CLI Reference Guide 10-1

Commands set sampling-rate

set sampling-rate
This command sets the rate at which ingressing packets are sampled.

Syntax
set sampling-rate number

Parameters
number Sets the rate of capture to 1 in number of packets. The value of number
can range from 100 to 16382. The default value is 100.

Defaults
Capture 1 in 100 packets.

Mode
Switch command, read‐write.

Usage
Use this command to set the packet sampling rate used both for packet capture and for NetFlow.

Example
This example sets the sampling rate to 1 in 150 packets.
matrix-x(switch-rw)-> set sampling-rate 150

show packet-capture config

This command displays the packet capture configuration settings.

Syntax
show packet-capture config

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
This example shows how to display the packet capture configuration settings.
matrix-x(switch-ro)-> show packet-capture config

Sampling Rate: 100

Global State: enabled

10-2 Packet Capture Commands

set packet-capture Commands

File Size Max Pkt

Port State Files (Mbytes) Size (bytes)
-------- -------- ----- --------- ------------
ge.4.1 Enabled 2 2 128
ge.4.2 Enabled 2 2 128
ge.4.3 Enabled 2 2 128

set packet-capture
This command enables or disables packet capture globally on the X Router.

Syntax
set packet-capture {enable | disable}

Parameters
enable | disable Enables or disables packet capture globally.

Defaults
Packet capture is disabled globally by default.

Mode
Switch command, read‐write.

Usage
Packet capture must be enabled globally with this command and on a port, with the set
packet‐capture port command, before sampling begins.

Example
This example enables packet capture globally.
matrix-x(switch-rw)-> set packet-capture enable

set packet-capture port

This command enables or disables packet capture on one or more ports.

Syntax
set packet-capture port port-string {enable | disable}

Parameters
port‐string Specifies the port or ports on which to enable or disable packet capture.
enable | disable Enables or disables packet capture on the specified port or ports.

Defaults
Packet capture is disabled on ports by default.

Matrix X Router CLI Reference Guide 10-3

Commands set packet-capture files

Mode
Switch command, read‐write.

Usage
Packet capture must be enabled globally, with the set packet‐capture command, and on a port,
with this command, before sampling begins.

Example
This example enables packet capture on ports ge.4.1 through ge.4.3.
matrix-x(switch-rw)-> set packet-capture port ge.4.1-3

set packet-capture files

This command configures the number of packet capture files per port.

Syntax
set packet-capture files port-string num-files

Parameters
port‐string Specifies the port or ports for which to configure the number of packet
capture files.
num‐files Specifies the number of packet capture files. The value can range from 2
to 10. The default is 2.

Defaults
2 files per port.

Mode
Switch command, read‐write.

Usage
Use this command to specify the number of capture files per port. Captured packets are written to
the first capture file until the maximum file size (configured per port with the set packet‐capture
file‐size command) is reached. Then, captured packets are written to the second capture file until
the maximum file size is reached, and so on, until the configured number of files is reached. At
that point, packets are written to the first capture file again, overwriting the previous contents.
When you export the capture files, you will get the number of files created in the ring buffer, up to
the number of files you specified with this command. The files are named <port‐string>_1.cap,
<port‐string>_2.cap, and so on.
The maximum size of the directory holding packet capture files is 100 MB per IOM.

Example
This example sets the number of files for port ge.4.1 to 5.
matrix-x(switch-rw)-> set packet-capture files ge.4.1 5

10-4 Packet Capture Commands

set packet-capture file-size Commands

set packet-capture file-size

This command specifies the maximum size of packet capture files per port.

Syntax
set packet-capture file-size port-string file-size

Parameters
port‐string Specifies the port or ports for which to configure the maximum capture
file size.
file‐size Specifies the maximum capture file size. The value can range from 2 to
10 MB.

Defaults
The default maximum file size is 2 MB.

Mode
Switch command, read‐write.

Usage
The number of capture files per port is configured with the set packet‐capture file command.
Captured packets are written to the first capture file until the maximum file size (configured with
this command) is reached. Then, captured packets are written to the second capture file until the
maximum file size is reached, and so on, until the configured number of files is reached. At that
point, packets are written to the first capture file again, overwriting the previous contents.
The maximum size of the directory holding packet capture files is 100 MB per IOM.

Example
This example shows how to set the maximum file size to 3 MB for port ge.3.1.
matrix-x(switch-rw)-> set packet-capture file-size ge.3.1 3

set packet-capture max-packet-size

This command specifies the amount of the captured packets that should be saved, on a per‐port
basis. Any packet content beyond the maximum packet size will be truncated.

Syntax
set packet‐capture max‐packet‐size port‐string max‐pkt‐size

Parameters
port‐string Specifies the port or ports for which to configure the maximum packet
size that will be captured.
max‐pkt‐size Specifies the maximum packet size that will be captured. The value can
range from 64 to 9000 bytes.

Matrix X Router CLI Reference Guide 10-5

Commands clear packet-capture all

Defaults
The default maximum packet size is 128 bytes.

Mode
Switch command, read‐write.

Usage
A packet’s content up to the maximum packet size is saved in the capture file. Any content beyond
the maximum packet size is truncated.

Example
This example sets the maximum packet size to 64 bytes for port ge.4.1.
matrix-x(switch-rw)-> set packet-capture max-packet-size ge.4.1 64

clear packet-capture all

This command resets all packet capture configuration settings to their default values. This
command does not affect the configured sampling rate.

Syntax
clear packet-capture all

Parameters
None.

Defaults
The default values are:
• Global state for packet capture: disabled
• Port state for packet capture: disabled
• Number of files: 2
• File size: 2 MB
• Maximum packet size: 128 bytes

Mode
Switch command, read‐write.

Example
This example shows how to return all packet capture configuration settings to their defaults.
matrix-x(switch-rw)-> clear packet-capture all

10-6 Packet Capture Commands

clear packet-capture port Commands

clear packet-capture port

This command disables packet capture on one or more ports.

Syntax
clear packet-capture port port-string

Parameters
port‐string Specifies the port or ports on which to disable packet capture.

Defaults
None.

Mode
Switch command, read‐write.

Example
This example disables packet capture on port ge.5.1.
matrix-x(switch-rw)-> clear packet-capture port ge.5.1

show packet-capture buffer

This command displays the contents of the packet capture buffer for a single port.

Syntax
show packet-capture buffer port-string [header] [hex] [verbose | more-verbose |
most-verbose]

Parameters
port‐string Specifies the single port for which to display the packet capture buffer.
header (Optional) Specifies that the link‐level header should be printed on each
dump line. Equivalent to tcpdump ‐e.
hex (Optional) Specifies that each packet, minus its link‐level header, should
be printed in hex. Equivalent to tcpdump ‐x.
verbose (Optional) Prints the time to live, identification, total length and options
in an IP packet. Also enables additional packet integrity checks such as
verifying the IP and ICMP header checksum. Equivalent to tcpdump ‐v.
more‐verbose (Optional) Additional fields are printed from NFS reply packets, and
SMB packets are fully decoded. Equivalent to tcpdump ‐vv.
most‐verbose (Optional) The most information is printed. For example, telnet SB...SE
options are printed in full. Equivalent to tcpdump ‐vvv.

Defaults
If no optional parameters are entered, the basic link‐level header is displayed (source and
destination addresses and port, protocol, and packet length).

Matrix X Router CLI Reference Guide 10-7

Commands export packet-capture

Mode
Switch command, read‐write.

Usage
Use this command to display the packet capture buffer contents. The tcpdump tool is used to
parse the output of the capture buffer which is in pcap format.

Examples
This example shows how to display just the basic link‐level header information for port ge.4.1.
Note that only a portion of the output is shown in this example.
matrix-x(switch-rw)-> show packet-capture buffer ge.4.1

11:45:04.340517 802.1Q vlan#15 P0 182.5.0.2.63 > 182.1.13.15.63: udp 1472

11:45:04.340527 802.1Q vlan#15 P0 174.5.0.2.63 > 183.1.0.81.63: udp 18
11:45:04.341331 802.1Q vlan#15 P0 174.5.0.2.63 > 183.1.0.203.63: udp 18
11:45:04.349061 802.1Q vlan#15 P0 174.5.0.2.63 > 183.1.0.97.63: udp 18
11:45:04.349949 802.1Q vlan#15 P0 174.5.0.2.63 > 183.1.0.235.63: udp 18
11:45:04.354080 802.1Q vlan#15 P0 174.5.0.2.63 > 183.1.0.97.63: udp 18
11:45:04.355927 802.1Q vlan#15 P0 182.5.0.2.63 > 182.1.17.244.63: udp 1472
11:45:04.358941 802.1Q vlan#15 P0 174.5.0.2.63 > 183.1.0.73.63: udp 18
11:45:04.359589 802.1Q vlan#15 P0 182.5.0.2.63 > 182.1.19.30.63: udp 1472
11:45:04.369268 802.1Q vlan#15 P0 174.5.0.2.63 > 183.1.0.81.63: udp 18
11:45:04.369287 802.1Q vlan#15 P0 174.5.0.2.63 > 183.1.0.243.63: udp 18

This example shows how to display more header information for port ge.4.1. Only a portion of the
output is shown.
matrix-x(switch-rw)-> show packet-capture buffer ge.4.1 header verbose

11:45:04.340517 0:1:f4:da:5a:9f 0:1:f4:da:5a:47 8100 1518: 802.1Q vlan#15 P0

182.5.0.2.63 > 182.1.13.15.63: udp 1472 (ttl 63, id 0, len 1500)
11:45:04.340527 0:1:f4:da:5a:9f 0:1:f4:da:5a:47 8100 64: 802.1Q vlan#15 P0
174.5.0.2.63 > 183.1.0.81.63: [udp sum ok] udp 18 (ttl 63, id 0, len 46)
11:45:04.341331 0:1:f4:da:5a:9f 0:1:f4:da:5a:47 8100 64: 802.1Q vlan#15 P0
174.5.0.2.63 > 183.1.0.203.63: [udp sum ok] udp 18 (ttl 63, id 0, len 46)
11:45:04.349061 0:1:f4:da:5a:9f 0:1:f4:da:5a:47 8100 64: 802.1Q vlan#15 P0
174.5.0.2.63 > 183.1.0.97.63: [udp sum ok] udp 18 (ttl 63, id 0, len 46)
11:45:04.349949 0:1:f4:da:5a:9f 0:1:f4:da:5a:47 8100 64: 802.1Q vlan#15 P0
174.5.0.2.63 > 183.1.0.235.63: [udp sum ok] udp 18 (ttl 63, id 0, len 46)
11:45:04.354080 0:1:f4:da:5a:9f 0:1:f4:da:5a:47 8100 64: 802.1Q vlan#15 P0
174.5.0.2.63 > 183.1.0.97.63: [udp sum ok] udp 18 (ttl 63, id 0, len 46)

export packet-capture
This command exports a port’s packet capture files in pcap format to a remote destination or to the
local public directory.

Syntax
export packet-capture port-string {destURL | public}

Parameters
port‐string Specifies the port whose packet capture files should be exported.

10-8 Packet Capture Commands

export packet-capture Commands

destURL Specifies the remote destination where the files will be exported, as the
URL of an FTP, SCP, or TFTP server. For example:
ftp://username@host/remote‐dir
public Specifies that the files should be exported to the public directory on the
active CM.

Defaults
None.

Mode
Switch command, read‐write.

Usage
The number of files specified with set packet‐capture files will be exported. The exported files are
named using the following convention: <port‐string>_n.cap, where port‐string identifies the port
and n ranges from 1 to the number of capture files configured.
The format of the files is pcap, so you will need an analyzer tool to view the contents of the files.

Examples
This example exports the files from ge.4.1 to the public directory, and then uses the dir command
to display the files in public. Note that two files were exported.
matrix-x(switch-rw)-> export packet-capture ge.4.1 public
Copying file to active CM's flash .................... Done

matrix-x(switch-rw)-> dir public

public/
==================================================
Name : ge.4.1_1.cap
Type : Unknown
Size : 1999992 bytes
Last Access : Fri Apr 13 11:34:25 2007
Modification: Fri Apr 13 11:34:25 2007
Last Change : Fri Apr 13 11:34:25 2007

Name : ge.4.1_2.cap
Type : Unknown
Size : 322824 bytes
Last Access : Fri Apr 13 11:35:20 2007
Modification: Fri Apr 13 11:34:25 2007
Last Change : Fri Apr 13 11:34:25 2007

This example exports the files from ge.4.1 to the Analyze directory on an FTP server.
matrix-x(switch-rw)-> export packet-capture ge.4.1 ftp://netops@10.1.221.232/
Analyze

Matrix X Router CLI Reference Guide 10-9

Commands export packet-capture

10-10 Packet Capture Commands

11
Network Time Protocol Commands

Overview
This chapter describes the Network Time Protocol (NTP) switch commands.
The Network Time Protocol (NTP) provides a uniform, synchronized time base for the X Router
and other peer devices in the network. NTP enables the X Router to provide accurate time
comparisons that are used for procedures such as troubleshooting, authentication, logging, and
show command displays. By default, the NTP client is disabled on the X Router.

Commands

For information about... Refer to page...

show ntp 11-2

set ntp client 11-4

clear ntp client 11-4

set ntp server 11-5

clear ntp server 11-5

set ntp broadcastdelay 11-6

clear ntp broadcastdelay 11-6

set ntp timezone 11-7

clear ntp timezone 11-7

clear ntp summertime 11-8

set ntp summertime 11-8

set ntp summertime recurring 11-9

set ntp poll-interval 11-10

clear ntp poll-interval 11-11

Matrix X Router Command Line Interface Reference Guide 11-1

Commands

show ntp
This command displays NTP client settings.

Syntax
show ntp {config | status}

Parameters
config Displays the NTP configuration.
status Displays the status of NTP.

Mode
Switch command, read‐only.

Example
The following example displays NTP client settings:
matrix-x(switch-su)-> show ntp config
Current State: Enabled
Ntp Version: 4
Current Time: Tue Jul 13 10:24:49 2004 EDT
Timezone: 'EST', offset from UTC is 5 hours and 0 minutes
Summertime: 'EDT', enabled
Recurring: starting at 02:00 of the first Sunday of April
ending on 02:00 of the last Sunday of October
advance the clock 1 hour(s) and 0 minute(s)
Client Mode: Unicast
Minimum poll-interval: 64 seconds
Maximum poll-interval: 1024 seconds
Broadcast Delay: 4000 ms
NTP Servers:
------------
173.1.2.1 prefer
173.1.2.200
The table below explains command output.

Output What It Displays...

Current State State of the NTP client (enabled or disabled). Set using set ntp client on page 11-4.

NTP Version NTP version number.

Current Time Current time on the system clock.

Timezone Time zone name and amount it is offset from UTC (Universal Time). Set using set
ntp timezone on page 11-7.

Summertime The zone name and state for daylight savings time. Set using set ntp summertime
on page 11-8.

Recurring The rules for daylight savings time. Set using set ntp summertime on page 11-8.

Client Mode Whether NTP client is operating in unicast or broadcast mode. Set using set ntp
client on page 11-4

11-2 Network Time Protocol Commands

Commands

Output What It Displays...

Minimum and The range within which NTP can calculate the optimal polling interval. The default
Maximum polling range is between 64 and 1024 seconds. Change the polling range to be used
poll-interval by NTP using set ntp poll-interval on page 11-10.

Broadcast Delay Round trip delay for ntp broadcast frames. Default of 4000 microseconds can be
reset using set ntp broadcastdelay on page 11-6.

NTP Servers IP addresses of NTP servers. Set using set ntp server on page 11-5.

The following example displays NTP server status. In the following example, the first IP is
selected as the server and the clock is synced. The second IP is unreachable.
matrix-x(switch-su)-> show ntp status
remote local st t when poll reach delay offset disp
(s) (s) (ms) (ms) (ms)
==============================================================================
*173.1.2.1 173.1.1.150 2 u 181 1024 377 4.928 0.903 0.133
173.1.2.200 173.1.1.150 16 u - 64 0 0.000 0.000 4000.00
* master (synced), # master (unsynced), + selected, - candidate, ~ configured,
" " unreachable
The following table describes the command output.

Output What It Displays...

(Leading character) These characters show the synchronization status of each server:
* master (synced)
# master (unsynced)
+ selected
- candidate
~ configured
" " unreachable

remote IP address of the NTP server

local IP address of the local NTP client

st Stratum of the server

t Type of server:
l = local
u = unicast
m = multicast
b = broadcast

when (s) When the last packet was received, in seconds

poll (s) Polling interval, in seconds

reach Reachability register, in octal

delay (ms) Current estimated delay, in milliseconds

offset (ms) Offset of the server, in milliseconds

Matrix X Router Command Line Interface Reference Guide 11-3

Commands

set ntp client

This command sets the NTP operation mode.

Syntax
set ntp client {broadcast | unicast | disable}

Parameters
broadcast Enables NTP in broadcast client mode.
unicast Enables NTP in unicast (point‐to‐point) client mode in which the client must
supply the IP address from which to retrieve the current time.
disable Disables NTP.

Mode
Switch command, read‐write.

Example
The following example enables NTP in broadcast mode:
matrix-x(switch-su)-> set ntp client broadcast

clear ntp client

This command clears the NTP client’s operational mode.

Syntax
clear ntp client

Parameters
None.

Mode
Switch command, read‐write.

Example
The following example clears the NTP client’s operational mode:
matrix-x(switch-su)-> clear ntp client

11-4 Network Time Protocol Commands

Commands

set ntp server

This command adds a server from which the NTP client will retrieve the current time when
operating in Unicast mode. Up to 10 servers can be configured as NTP servers.

Syntax
set ntp server ip-address [prefer]

Parameters

ip-address Specifies the NTP server’s IP address.

prefer (Optional) Keyword that specifies this NTP server as preferred.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example sets the server at IP address 10.21.1.100 as an NTP server:
matrix-x(switch-su)-> set ntp server 10.21.1.100

clear ntp server

This command removes one or all servers from the NTP server list.

Syntax
clear ntp server {ip-address | all}

Parameters
ip-address Specifies the IP address of a server to remove from the NTP server list.
all Removes all servers from the NTP server list.

Mode
Switch command, read‐write.

Example
The following example removes the server at IP address 10.21.1.100 from the NTP server list:
matrix-x(switch-su)-> clear ntp server 10.21.1.100

Matrix X Router Command Line Interface Reference Guide 11-5

Commands

set ntp broadcastdelay

This command sets the round trip delay, in microseconds, for NTP broadcast frames.

Syntax
set ntp broadcastdelay time

Parameters
time Specifies broadcast delay time, ranging from 1 to 999999 microseconds.

Defaults
4000 microseconds.

Mode
Switch command, read‐write.

Example
The following example configures the NTP broadcast delay at 12000 microseconds:
matrix-x(switch-su)-> set NTP broadcastdelay 12000

clear ntp broadcastdelay

This command clears the round trip delay time for NTP broadcast frames.

Syntax
clear ntp broadcastdelay

Parameters
None.

Mode
Switch command, read‐write.

Example
The following example clears the NTP broadcast delay time:
matrix-x(switch-su)-> clear ntp broadcastdelay

11-6 Network Time Protocol Commands

Commands

set ntp timezone

This command sets the NTP time zone name and the hours and minutes it is offset from
Coordinated Universal Time (UTC).

Note: This command is a legacy command and should no longer be used. It has been replaced by
the set timezone command (page 1-19).

Syntax
set ntp timezone name [hours][minutes]

Defaults
If offset hours or minutes are not specified, none will be applied.

Mode
Switch command, read‐write.

Example
The following example sets the time zone to EST with an offset of minus 5 hours:
matrix-x(switch-su)-> set ntp timezone EST -5 0

clear ntp timezone

This command removes NTP time zone adjustment values.

Note: This command is a legacy command and should no longer be used. It has been replaced by
the clear timezone command (page 1-20).

Syntax
clear ntp timezone

Parameters
None.

Mode
Switch command, read‐write.

Matrix X Router Command Line Interface Reference Guide 11-7

Commands

Example
The following example removes NTP time zone adjustment values:
matrix-x(switch-su)-> clear ntp timezone

clear ntp summertime

This command removes NTP Daylight Savings Time settings.

Note: This command is a legacy command and should no longer be used. It has been replaced by
the clear summertime command (page 1-21).

Syntax
clear ntp summertime

Parameters
None.

Mode
Switch command, read‐write.

Example
The following example removes NTP Daylight Savings Time settings:
matrix-x(switch-su)-> clear ntp summertime

set ntp summertime

This command enables or disables NTP Daylight Savings Time (DST).

Note: This command is a legacy command and should no longer be used. It has been replaced by
the set summertime command (page 1-21).

Syntax
set ntp summertime {disable | enable}[zone]

Parameters
disable Disables DST for the specified time zone.
enable Enables DST for the specified time zone.
zone The name of the time zone using three or more alphabetic characters.

Mode
Switch command, read‐write.

11-8 Network Time Protocol Commands

Commands

Examples
The following example enables Daylight Savings Time for the Mountain time zone:
matrix-x(switch-su)-> set ntp summertime enable mountain
The following example disables Daylight Savings Time for the Pacific time zone:
matrix-x(switch-su)-> set ntp summertime disable pdt

set ntp summertime recurring

This command configures Daylight Savings Time (DST) settings.

Note: This command is a legacy command and should no longer be used. It has been replaced by
the set summertime recurring command (page 1-22).

Syntax
set ntp summertime recurring [start_week start_day start_month hh:mm end_week
end_day end_month hh:mm] [hr_offset min_offset]

Parameters
start_week Week of the month (first, second, third or fourth) to begin DST.
start_day Day of the week (Monday, Tuesday ...) to begin DST.
start_month Month (January, February ...) to begin DST. Default is April.
hh:mm Starting (first instance) or ending hour and minute to begin or end DST.
end_week Week of the month (first, second, third, fourth or last) to finish DST.
end_day Day of the week (Monday, Tuesday ...) to finish DST.
end_month Month (January, February ...) to finish DST.
hr_offset Number of hours to add during DST, ranging from 0 to 12. Default is 1.
min_offset Number of minutes to add during DST, ranging from 0 to 59. Default is 0.

Mode
Switch command, read‐write.

Matrix X Router Command Line Interface Reference Guide 11-9

Commands

set ntp poll-interval

This command configures the polling interval range for NTP unicast requests.

Syntax
set ntp poll-interval min min max max

Parameters
min min Sets the minimum polling interval in seconds. The value of min can
range between 16 and 131072 seconds, but it must be a power of 2. The
default value is 64 seconds.
max max Sets the maximum polling interval in seconds. The value of max can
range between 16 and 131072 seconds, but it must be a power of 2. The
default value is 1024 seconds.

Defaults
Minimum: 64 seconds.
Maximum: 1024 seconds.

Mode
Switch command, read‐write.

Usage
NTP uses a state machine to calculate the optimal polling interval within a specified range. The
optimal interval reduces network load while maintaining a quality of synchronization consistent
with the observed jitter and wander. On the X Router, the default polling range is between 64 and
1024 seconds. You can change the polling range to be used by NTP with this command.
The allowable minimum and maximum values must be a power of 2—that is, 16, 32, 64, 128, 256,
512, 1024, 2048, 4096, 8192, 16384, 32768, 65536, or 131072—and the minimum value must be less
than or equal to the maximum value.

Example
This example changes the NTP polling range values from the defaults, then uses the show ntp
config command to display the new values.
matrix-x(switch-su)-> set ntp poll-interval min 128 max 2048

matrix-x(switch-su)-> show ntp config

Current State: Disabled
NTP Version: 4
Current Time: Thu Feb 16 20:23:07 2006
Timezone: '', offset from UTC is 0 hours and 0 minutes
Summertime: '', disabled
Client Mode: Unicast
Minimum poll-interval: 128 seconds
Maximum poll-interval: 2048 seconds
Broadcast Delay: 4000 ms
NTP Servers:
------------

11-10 Network Time Protocol Commands

Commands

clear ntp poll-interval

This command clears the polling interval range for NTP unicast requests back to the default
values.

Syntax
clear ntp poll-interval

Parameters
None.

Defaults
Minimum: 64 seconds.
Maximum: 1024 seconds.

Mode
Switch command, read‐write.

Usage
Use this command to reset the NTP polling interval range back to the default values of 64 seconds
for the minimum value and 1024 seconds for the maximum value.

Example
This example resets the polling interval range to the defaults, then uses the show ntp config
command to verify the change.
matrix-x(switch-su)-> clear ntp poll-interval

matrix-x(switch-su)-> show ntp config

Current State: Disabled
NTP Version: 4
Current Time: Thu Feb 16 20:27:20 2006
Timezone: '', offset from UTC is 0 hours and 0 minutes
Summertime: '', disabled
Client Mode: Unicast
Minimum poll-interval: 64 seconds
Maximum poll-interval: 1024 seconds
Broadcast Delay: 4000 ms
NTP Servers:
------------

Matrix X Router Command Line Interface Reference Guide 11-11

Commands

11-12 Network Time Protocol Commands

12
Port Configuration Commands

This chapter provides some general port information, and then describes the Port Configuration
set of commands and how to use them.

For information about... Refer to page...

Port Configuration Overview 12-1

Showing Console Port Properties 12-6

Reviewing Port Status 12-10

Disabling / Enabling and Naming Ports 12-19

Setting Speed and Duplex Mode 12-24

Setting Auto-Negotiation and Advertised Ability 12-28

Setting Flow Control 12-37

Setting Port Traffic Handling Mode 12-40

Selecting Port Connector Type 12-43

Displaying Port Hardware Information 12-45

Syntax Conventions
Follow these conventions when entering port strings:
• Port type fields must be lower case text.
• Non‐contiguous ports may be entered separated by commas. For example: ge.1.1,5,20.
• Slot location and port numbers may contain one or more of the following, separated by a
comma:
– n which specifies a number
– ‐n which specifies a range from the lowest number to n
– n‐ which specifies a range from n to the highest number
– n‐m which specifies a range from n to m
• White space is treated as an invalid character.
• More than one complete entry may be place on one line, separated by semicolons. For
example: ge.1.*;tg.2.1.
• A wildcard (*) can be used to indicate all of an item. For example, ge.1.* represents all the
Gigabit Ethernet ports on the module in slot 1.

Note: Use caution when using wildcards. If you use a single wildcard to represent all ports, you will
also affect eth0 and loopback ports, which may not be what you intended. For example, the
command set port disable * will disable eth0, in addition to all IOM ports. To disable only IOM
ports, use set port disable *.*.*.

VLAN, LAG, and Loopback Naming Formats

VLAN Naming
The naming convention for VLANs is slightly different from port strings. A VLAN entity can be
specified in the CLI using the format:
vlan.instance.vlan_id
Where vlan is a required keyword, instance is the bridging instance, and vlan_id is the VLAN ID,
a number ranging from 1 to 4094.
When the CLI displays information, a VLAN is identified by its ID number. Currently, the Matrix
X Router supports only one bridging instance—therefore, instance is always 1.

Link Aggregation Group (LAG) Naming

Each Matrix X Router provides 32 virtual link aggregator ports. Once underlying physical ports
are associated with an aggregator port, the resulting aggregation will be represented as one Link
Aggregation Group (LAG) with a lag.0.x port designation.
The naming convention for LAGs uses the following format:
lag.0.x
Where x ranges from 1 to 32.

Matrix X Router Command Line Interface Reference Guide 12-3

Port Configuration Overview

Loopback Naming
Loopback interfaces are specified using the format:
loopback<number>
Where <number> identifies a specific loopback interface. To specify all loopback interfaces, use the
wildcard (*).

12-4 Port Configuration Commands

Port Configuration Overview

Examples

Port String Examples

The following table shows port‐string syntax examples.

To specify the port-string for... use syntax...

The 1‐Gigabit Ethernet port 2 of the module in chassis slot 3 ge.3.2

The 10‐Gigabit Ethernet ports 1 and 2 of the module in chassis slot 3 tg.3.1-2

All 1‐Gigabit Ethernet ports of the module in chassis slot 3 ge.3.*

All 10‐Gbps Ethernet ports in the chassis tg..

Gigabit Ethernet ports 1 through 5 on all slots ge.*.-5

Gigabit Ethernet port 4 on slot 3 ge.3.4

All ports (of any interface type) of all modules in the chassis *.*.*

VLAN, LAG, and Loopback Examples

The following example shows the syntax for specifying VLAN number 100:
vlan.1.100
The following example shows the syntax for specifying loopback interface 2:
loopback2
The following example shows the syntax for specifying LAG number 15:
lag.0.15

Matrix X Router Command Line Interface Reference Guide 12-5

Showing Console Port Properties

Purpose
These switch‐level commands are used to review parameters for the system’s console port

Commands
The commands used to review console port settings are listed below

For information about... Refer to page...

show console 12-6

show console baud 12-7

show console flowcontrol 12-7

show console bits 12-8

show console stopbits 12-8

show console parity 12-9

show console
This command displays properties for the console port on the active CM.

Syntax
show console

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays properties for the console port on the active CM:
matrix-x(switch-su)-> show console
Port Baud Flow Bits StopBits Parity
------------ ------ ------ ---- ---------- ------
com 19200 dsrdtr 8 one none

12-6 Port Configuration Commands

Showing Console Port Properties

show console baud

This command displays the baud rate for the console port on the active CM.

Syntax
show console baud

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays the baud rate for the console port:
matrix-x(switch-su)-> show console baud

Port Baud
------------ -------
com 38400

show console flowcontrol

This command displays the type of flow control setting for the console port on the active CM.

Syntax
show console flowcontrol

Showing Console Port Properties

show console parity

This command displays the type of parity checking set for the console port on the active CM.

Syntax
show console parity

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays parity type for the console port:
matrix-x(switch-su)-> show console parity
Port Parity
------------ --------
com none

Matrix X Router Command Line Interface Reference Guide 12-9

Reviewing Port Status

Purpose
These switch‐level commands are used to display operating status, duplex mode, speed, port
type, and statistical information about traffic received and transmitted through one or all switch
ports on the device.

Commands
The commands used to review port status are listed below.

For information about... Refer to page...

show port 12-10

show port detail 12-11

show port status 12-14

show port counters 12-15

clear port counters 12-16

show system ifIndex 12-17

show port
This command displays whether or not one or more ports are enabled to send and receive traffic.

Syntax
show port [port-string]

Parameters

port‐string (Optional) Displays operational status for specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in
the CLI on page 12‐2.

Defaults
If a port is not specified, operational status information for all ports will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays operational status information for 1‐Gigabit Ethernet port 1 on
module in slot 5:
matrix-x(switch-su)-> show port ge.5.1
Port ge.5.1 enabled

12-10 Port Configuration Commands

Reviewing Port Status

show port detail

This command displays detailed information about one or more ports.

Syntax
show port detail [port-string]

Parameters
port‐string (Optional) Displays detailed information for specific port(s). For a
description of possible port‐string values, refer to Port Strings Used in
the CLI on page 12‐2.

Defaults
Display detailed information for all ports.

Mode
Switch mode, read‐write.

Usage
If you do not specify a port string, information will be displayed for all ports, including LAGs and
VLANs.

Examples
This example displays detailed information for port ge.6.17. Note that negotiation is enabled and
has completed, and that the link is up with operating parameters as negotiated (1G, full duplex),
not as configured (100M, half duplex).
The output fields are described in Table 12‐1 following this example.
matrix-x(switch-su)-> show port detail ge.6.17
Port: ge.6.17 Mode: routed ifIndex: 6017
Admin: up Oper: up Traps : disabled
MAU present, type 100TX FD Jack: rj45 Jumbo : enabled
Auto-Negotiation: enabled - complete

port parameter configured operating (negotiated)

-----------------------------------------
Speed : 100.0M 1.0G
Duplex : half full
Tx Flow Control : disabled disabled Pause Count : 0
Rx Flow Control : disabled disabled Pause Count : 0

negotiation local port advertised remote link partner

parameter capability capability advertised capability
---------------------------------------------------------------
10BASE-T yes yes yes
10BASE-TFD yes yes yes
100BASE-TX yes yes yes
100BASE-TXFD yes yes yes
1000BASE-X no no no
1000BASE-XFD no no no
1000BASE-T no no no

Matrix X Router Command Line Interface Reference Guide 12-11

Reviewing Port Status

1000BASE-TFD yes yes yes

other no no no
pause yes no no
Apause yes no no
Spause yes no no
Bpause yes no no

Table 12-1 Output Details of show port detail Command

Output What It Displays...
Port Port designation. For a detailed description of possible port-string values, refer to
Port Strings Used in the CLI on page 12-2.

Mode Whether the port is in routed or switched mode. See set port mode on page 12-40.

IfIndex The port’s interface index. See also show system ifIndex on page 12-17.

Admin: Whether the specified port is enabled (up) or disabled (down). Refer to set port
disable on page 12-19 or details on changing the default port status of enabled.
Refer to set port enable on page 12-20 for details on re-enabling ports.

Oper: Whether the port is operationally up or down.

Traps Whether the sending of SNMP traps is enabled or disabled. See set port trap on
page 12-23.

MAU Whether a media access unit is present or not present, and if present, the type of
MAU. Possible types are:
• other
• 10T HD
• 10T FD
• 100TX HD
• 100TX FD
• 1000LX FD
• 1000SX FD
• 1000CX FD
• 1000T FD
• 10GLR
• 10GSR
• 10GCX4

Jack: If no MAU is present, Jack field displays “empty.”

Possible jack types are:
• Other
• rj45
• bnc
• fibersc
• mtrj
• hssdc
• fiberlc
• cx4
• ECX-7700-XFP

12-12 Port Configuration Commands

Reviewing Port Status

Table 12-1 Output Details of show port detail Command (continued)

Output What It Displays...
Auto-negotiation Whether auto-negotiation is enabled or disabled on port. See set port negotiation on
page 12-30. If enabled, displays status — complete, incomplete, or configuring.

Speed: Displays configured and operating values in megabits/second (M) or gigabits/second

(G). The operating speed may be the negotiated speed, if auto-negotiation is enabled
and complete. See set port speed on page 12-25.

Duplex Displays configured and operating values, either half or full duplex. The operating
duplex mode may be the negotiated mode, if auto-negotiation is enabled and
complete. See set port duplex on page 12-27.

Tx Flow Control Displays configured and operating transmit flow control status, either enabled or
disabled. See set port flowcontrol on page 12-39. Also displays number of Pause
frames transmitted.

Rx Flow Control Displays configured and operating receive flow control status, either enabled or
disabled. See set port flowcontrol on page 12-39. Also displays number of Pause
frames received.

Advertised Refer to Table 12-2 on page 12-33 and Table 12-3 on page 12-33 for an explanation
capability status of these fields. See set port advertise on page 12-34 for information on configuring
advertised capabilities.

This example displays information about link aggregation group 1.

matrix-x(switch-su)-> show port detail lag.0.1
Port: lag.0.1 Mode: n/a ifIndex: 2000001
Admin: up Oper: down Traps : disabled
This example displays information about VLAN 1.
matrix-x(switch-su)-> show port detail vlan.1.1
Port: vlan.1.1 Mode: n/a ifIndex: 1000001
Admin: down Oper: down Traps : disabled

Matrix X Router Command Line Interface Reference Guide 12-13

Reviewing Port Status

show port status

This command displays operating and administrative status, alias, speed, duplex mode, and port
type for one or more ports on the device.

Syntax
show port status [port-string]

Parameters

port‐string (Optional) Displays status for specific port(s). For a detailed description of
possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
If a port is not specified, status information for all ports will be displayed.

Mode
Switch command, read‐only.

Usage
This command displays port alias, operating and administrative status, speed, duplex mode, and
port type.

Example
The following example displays status information for 10‐Gigabit Ethernet ports 1 and 2 in the
module in slot 1:
matrix-x(switch-su)-> show port status tg.1.*

Port Alias Oper Admin Speed Duplex Type

(truncated) Status Status (oper) (oper)
-------- ----------- -------- -------- ------- ------- ---------------
tg.1.1 - up up 10.0G full 10GSR fiberlc
tg.1.2 - up up 10.0G full 10GLR fiberlc

The following table provides an explanation of the command output.

Output What It Displays...

Port Port designation. For a detailed description of possible port-string values, refer to
Port Strings Used in the CLI on page 12-2.

Alias (truncated) Alias configured for the port. For details on using the set port alias command, refer
to show port alias on page 12-21.

Oper Status Operating status (up or down).

Admin Status Whether the specified port is enabled or disabled. For details on using the set port
disable command to change the default port status of enabled, refer to set port
disable on page 12-19. For details on using the set port enable command to re-
enable ports, refer to set port enable on page 12-20.

12-14 Port Configuration Commands

Reviewing Port Status

Output What It Displays...

Speed Operational speed in Mbps of the specified port. For details on using the set port
speed command to change defaults, refer to set port speed on page 12-25.

Duplex Duplex mode (half or full) of the specified port. For details on using the set port
duplex command to change defaults, refer to set port duplex on page 12-27.

Type Physical port and interface type.

show port counters

This command displays port counter statistics detailing traffic through the device and through all
MIB2 network devices.

Syntax
show port counters [port-string] [mib2]

Parameters

port‐string (Optional) Displays counter statistics for specific port(s). For a detailed
description of possible port‐string values, refer to Port Strings Used in
the CLI on page 12‐2.
mib2 (Optional) Displays MIB2 statistics. MIB2 interface statistics detail
performance of all network devices.

Defaults
If a port is not specified, counter statistics will be displayed for all ports.
If mib2 is not specified, all counter statistics will be displayed for the specified port(s).

Mode
Switch command, read‐only.

Example
The following example displays all counter statistics for 10‐Gigabit Ethernet port 1 in slot 1:
matrix-x(switch-su)-> show port counters tg.1.1

Port: tg.1.1 MIB2 Interface: 1001 Bridge Port: 1

Discontinuity time 0
-------------------------------------------------------------------------------

MIB2 Interface Counters

-----------------------
In Octets 253501510661
In Unicast Pkts 2099149196
In Multicast Pkts 460447
In Broadcast Pkts 1
In Discards 0
In Errors 0
In Unknown Protocol 0

Matrix X Router Command Line Interface Reference Guide 12-15

Reviewing Port Status

Out Octets 239448942643

Out Unicast Pkts 2318952819
Out Multicast Pkts 2663
Out Broadcast Pkts 2
Out Discards 0
Out Errors 0
Out Queue Length n/a

The following table provides an explanation of the command output.

Output What It Displays...

Port Port designation. For a detailed description of possible port-string values, refer
to Port Strings Used in the CLI on page 12-2.

MIB2 Interface MIB2 interface designation.

Bridge Port IEEE 802.1D bridge port designation.

MIB2 Interface Counters MIB2 network traffic counts.

clear port counters

Clear port MIB‐II counter statistics.

Syntax
clear port counters [port-string]

Parameters
port‐string (Optional) Specifies the port or ports for which to clear counters. If this
parameter is not used, the counters for all ports are cleared.
For a detailed description of possible port‐string values, refer to Port
Strings Used in the CLI on page 12‐2.

Defaults
Clear counters for all ports.

Mode
Switch command, read‐write.

Example
This example clears the counters for ports ge.4.1 through ge.4.5/
matrix-x(switch-rw)-> clear port counters ge.4.1-5

12-16 Port Configuration Commands

Reviewing Port Status

show system ifIndex

This command displays the interface index for physical ports, VLANs, and link aggregation
groups (LAGs).

Syntax
show system ifIndex {ifIndex | port-string | all | vlan | lag}

Parameters
ifIndex Display the port associated with the specified interface index. The value
of ifIndex can range from 0 to 4,294,967,295.
port‐string Display the interface index associated with the specified port, VLAN, or
LAG. For a detailed description of possible port‐string values, refer to
Port Strings Used in the CLI on page 12‐2.
all Display all interface indexes and their related ports, VLANs, or LAGs.
vlan Display the interface indexes of all VLANs. To display the ifIndex for a
specific VLAN, enter the VLAN port string.
lag Display the interface indexes of all LAGs. To display the ifIndex for a
specific LAG, enter the LAG port string.

Defaults
None.

Mode
Switch command, read‐write.
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#

Usage
Use this command to discover the associated port, VLAN, or LAG when you know the interface
index (ifIndex) displayed by many log messages and debug output. Alternatively, you can find
the interface index for a specific port or ports, VLAN, or LAG. This command can be executed in
both switch and router modes.

Examples
This example displays the physical port associated with interface index 4001.
matrix-x(switch-su)-> show system ifIndex 4001

ifIndex Port
-------- ---------
4001 ge.4.1

Matrix X Router Command Line Interface Reference Guide 12-17

Reviewing Port Status

This example displays the interface index for port ge.4.1.

matrix-x(switch-su)-> show system ifIndex ge.4.1

ifIndex Port
-------- ---------
4001 ge.4.1

This example displays the interface index for VLAN 100 on the system.
matrix-x(router-exec)# show system ifIndex vlan.1.100

ifIndex Vlan
-------- ---------
1000100 vlan.1.100

This example displays the interface indexes for all LAGs.

matrix-x(router-config)# show system ifIndex lag
Port Lag
-------- ---------
2000001 lag.0.1
2000002 lag.0.2
2000003 lag.0.3
2000004 lag.0.4
2000005 lag.0.5
2000006 lag.0.6
2000007 lag.0.7
2000008 lag.0.8
2000009 lag.0.9
2000010 lag.0.10
2000011 lag.0.11
2000012 lag.0.12
2000013 lag.0.13
2000014 lag.0.14
2000015 lag.0.15
2000016 lag.0.16
2000017 lag.0.17
2000018 lag.0.18
2000019 lag.0.19
2000020 lag.0.20
2000021 lag.0.21
2000022 lag.0.22
--More-- <space> forward, <!> dump all output, <q> quit :

12-18 Port Configuration Commands

Disabling / Enabling and Naming Ports

Purpose
These switch‐level commands are used to disable and re‐enable one or more ports, to enable or
disable port link trap status, and to assign an alias to a port. By default, all ports are enabled at
device startup. You may want to disable ports for security or to troubleshoot network issues. By
default, all ports are also enabled to send SNMP trap messages indicating changes in their link
status (up or down).

Commands
The commands used to enable and disable ports are listed below.

For information about... Refer to page...

set port disable 12-19

set port enable 12-20

show port alias 12-21

set port alias 12-21

show port trap 12-22

set port trap 12-23

set port disable

This command administratively disables one or more ports.

Syntax
set port disable port-string

Parameters

port‐string Specifies the port(s) to disable. For a detailed description of possible

port‐string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
None.

Mode
Switch command, read‐write.

Matrix X Router Command Line Interface Reference Guide 12-19

Disabling / Enabling and Naming Ports

Usage
When you administratively disable a port, the port’s operating status also changes to disabled,
which you can show with the show port status command. When you administratively enable a
port (with the set port enable command), the operating status may also be enabled, if the port is
physically operational.

Example
The following example disables Gigabit Ethernet port 1 in slot 4:
matrix-x(switch-su)-> set port disable ge.4.1

set port enable

This command administratively enables one or more ports.

Syntax
set port enable port-string

Parameters

port‐string Specifies the port(s) to enable. For a detailed description of possible

port‐string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
None.

Mode
Switch command, read‐write.

Usage
When you administratively enable a port, the port’s operating status may also be enabled, if the
port is physically operational. Ports can be administratively disabled with the set port disable
command.

Example
The following example shows how to enable the Gigabit Ethernet port 1 in slot 4:
matrix-x(switch-su)-> set port enable ge.4.1

12-20 Port Configuration Commands

Disabling / Enabling and Naming Ports

show port alias

This command displays alias name(s) assigned to one or more ports.

Syntax
show port alias [port-string]

Parameters

port‐string (Optional) Displays alias name(s) for specific port(s). For a detailed description of
possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
If a port is not specified, aliases for all ports will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays alias information for Gigabit Ethernet port 1 in slot 4:
matrix-x(switch-su)-> show port alias ge.4.1
Alias on port ge.4.1 set to: myport

set port alias

This command assigns an alias name to a port or to clear an existing alias.

Syntax
set port alias {port-string} [string]

Parameters
port‐string Specifies the port to which an alias will be assigned. For a detailed description of
possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.
string (Optional) Assigns a text string name to the port.

Defaults
If an alias is not specified, the alias assigned to the port will be cleared.

Mode
Switch command, read‐write.

Example
The following example assigns the alias management to Gigabit Ethernet port 1 in slot 4:
matrix-x(switch-su)-> set port alias ge.4.1 management

Matrix X Router Command Line Interface Reference Guide 12-21

Disabling / Enabling and Naming Ports

show port trap

This command displays whether the port is enabled for generating an SNMP trap message if its
link state changes.

Syntax
show port trap [port-string]

Parameters
port‐string (Optional) Displays link trap status for specific port(s). For a detailed description
of possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
If port‐string is not specified, the trap status for all ports will be displayed.

Mode
Switch command, read‐only.

Example
This example displays link trap status for Gigabit Ethernet ports 5 through 9 in slot 5:
matrix-x(switch-su)-> show port trap ge.5.5-9
Link traps enabled on port ge.5.5.
Link traps enabled on port ge.5.6.
Link traps enabled on port ge.5.7.
Link traps enabled on port ge.5.8.
Link traps enabled on port ge.5.9.

12-22 Port Configuration Commands

Disabling / Enabling and Naming Ports

set port trap

This command enables or disables ports for sending SNMP trap messages when their link status
changes.

Syntax
set port trap port-string {enable | disable}

Parameters
port‐string Specifies the port(s) for which to enable or disable link trap messages. For a
detailed description of possible port‐string values, refer to Port Strings Used
in the CLI on page 12‐2.
enable | disable Enables or disables link traps.

Defaults
By default, ports are disabled (will not send link trap messages).

Mode
Switch command, read‐write.

Example
This example enables link traps for Gigabit Ethernet port 3 in slot 5:
matrix-x(switch-su)-> set port trap ge.5.3 enable

Matrix X Router Command Line Interface Reference Guide 12-23

Setting Speed and Duplex Mode

Purpose
These switch‐level commands are used to review and set the configured speed in Mbps and the
configured duplex mode: Half, for half duplex, or Full, for full duplex for one or more ports.

Note: Configured settings for speed, duplex, and flow control only affect port / link operation on
ports that have auto-negotiation disabled.

Commands
The commands used to review and set port speed and duplex mode are listed below.

For information about... Refer to page...

show port speed 12-24

set port speed 12-25

show port duplex 12-26

set port duplex 12-27

show port speed

This command displays the configured speed setting on one or more ports.

Syntax
show port speed [port-string]

Parameters

port‐string (Optional) Displays configured speed settings and operating speeds, if the link is
up, for the specified ports. For a detailed description of possible port‐string values,
refer to Port Strings Used in the CLI on page 12‐2.

Defaults
If a port is not specified, speed settings for all ports will be displayed.

Mode
Switch command, read‐only.

12-24 Port Configuration Commands

Setting Speed and Duplex Mode

Example
The following example displays the configured and operating speed settings for 1‐Gigabit
Ethernet ports 1 through 3 in slot 6:
matrix-x(switch-su)-> show port speed ge.6.1-3
Port configured operating
------------- ---------- ---------
ge.6.1 100.0M 1.0G
ge.6.2 10.0M 1.0G
ge.6.3 100.0M ---

set port speed

This command sets the configured speed of one or more ports.

Syntax
set port speed {port-string} {10 | 100 | 1000 | 10000}

Parameters

port‐string Specifies the ports for which to configure a speed value. For a
detailed description of possible port‐string values, refer to Port
Strings Used in the CLI on page 12‐2.
10 | 100 | 1000 | 10000 Specifies the port speed in megabits per second. Valid values are:
10 Mbps — Ethernet speed
100 Mbps — Fast Ethernet speed
1000 Mbps — Gigabit Ethernet speed
10000 Mbps — Ten Gigabit Ethernet speed

Defaults
None.

Mode
Switch command, read‐write.

Usage
Configured speed only affects port operation on ports that have auto‐negotiation disabled.
Configuration of a speed of 1000 Mbps on a triple speed copper Ethernet port (10BASE‐T/
100BASE‐TX/1000BASE‐T) is prevented, since this type of port requires negotiation for Gigabit
speed to be supported on the link.

Example
The following example configures the Gigabit Ethernet port 1 in slot 1 to a port speed of 100 Mbps:
matrix-x(switch-su)-> set port speed ge.1.1 100

Matrix X Router Command Line Interface Reference Guide 12-25

Setting Speed and Duplex Mode

show port duplex

This command displays the configured duplex setting (half or full) for one or more ports.

Syntax
show port duplex [port-string]

Parameters

port‐string (Optional) Displays configured duplex settings and operating duplex

characteristics, if the link is up, for the specified ports. For a detailed description
of possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
If a port is not specified, duplex settings for all ports will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays the configured and operating duplex settings for Gigabit Ethernet
ports 1 through 3 in slot 6:
matrix-x(switch-su)-> show port duplex ge.6.1-3
Port configured operating
------------- ---------- ---------
ge.6.1 full full
ge.6.2 half full
ge.6.3 full --

12-26 Port Configuration Commands

Setting Speed and Duplex Mode

set port duplex

This command sets the configured duplex characteristic for one or more ports.

Syntax
set port duplex {port-string} {full | half}

Parameters
port‐string Specifies the port(s) for which duplex characteristic will be set. For a detailed
description of possible port‐string values, refer to Port Strings Used in the CLI on
page 12‐2.
full | half Configures the specified ports for full‐duplex or half‐duplex operation.

Defaults
None.

Mode
Switch command, read‐write.

Usage
The configured duplex setting only affects port operation on ports that have auto‐negotiation
disabled.

Example
The following example sets Gigabit Ethernet port 1 in slot 4 to full duplex:
matrix-x(switch-su)-> set port duplex ge.4.1 full

Matrix X Router Command Line Interface Reference Guide 12-27

Setting Auto-Negotiation and Advertised Ability

Purpose
These switch‐level commands are used to review, configure, disable, or enable auto‐negotiation.
Auto‐negotiation is enabled by default on X Router ports. When negotiation is enabled, during the
negotiation process, a port advertises its capabilities, or a user‐configured subset of them, to the
device at the remote end of the link. If the remote device also has negotiation enabled, then it will
advertise its capabilites. When negotiation completes, the link will operate using the “best” set of
mutually advertised capabilites.
If negotiation is enabled, but does not complete (for example, because the remote device does not
support it), then the link will not operate. However, see the Usage discussion for the set port
parallel‐detect command (page 12‐30) for further information.
You may configure the port to advertise any subset of its capabilites to the remote device.
You also may choose to disable negotiation, in which case the port reverts to the values of speed,
duplex and flow control charateristics configured by the set port speed, set port duplex, and set
port flowcontrol commands.
It is important to recognize that speed, duplex, and flow control characteristics of an operating
port are determined by means of either negotiation or configuration, but never a combination of
the two.

Note: Configured values of speed, duplex, and flow control apply only if negotiation is disabled.
Advertised values of these parameters apply only if negotiation is enabled.

Commands
The commands used to review and configure auto‐negotiation and advertised ability are listed
below.

For information about... Refer to page...

show port negotiation 12-29

set port negotiation 12-30

set port parallel-detect 12-30

show port parallel-detect 12-31

show port advertise 12-32

set port advertise 12-34

clear port advertise 12-35

12-28 Port Configuration Commands

Setting Auto-Negotiation and Advertised Ability

show port negotiation

This command displays the status of auto‐negotiation of port speed, duplex, and flow control for
one or more ports.

Syntax
show port negotiation [port-string]

Parameters

port‐string (Optional) Displays auto‐negotiation status for specific port(s). Refer to Port
Strings Used in the CLI on page 12‐2 for a description of port‐string values.

Defaults
If a port is not specified, auto‐negotiation status for all ports will be displayed.

Mode
Switch command, read‐only.

Usage
The output of this command displays whether auto‐negotiation is enabled, and if enabled,
whether it has completed.

Example
The following example displays auto‐negotiation status for Gigabit Ethernet ports 1 through 3 in
slot 6. Note that negotiation is complete on ports 1 and 2, but is still in process on port 3.
matrix-x(switch-su)-> show port negotiation ge.6.1-3
auto-negotiation is enabled - complete on port ge.6.1
auto-negotiation is enabled - complete on port ge.6.2
auto-negotiation is enabled - configuring on port ge.6.3

Matrix X Router Command Line Interface Reference Guide 12-29

Setting Auto-Negotiation and Advertised Ability

set port negotiation

This command enables or disables auto‐negotiation of port speed, duplex, and flow control on one
or more ports.

Syntax
set port negotiation {port-string} {enable | disable}

Parameters

port‐string Specifies the port(s) to enable or disable auto‐negotiation. Refer to Port

Strings Used in the CLI on page 12‐2 for a description of port‐string values.
enable | disable Enables or disables auto‐negotiation.

Defaults
By default, negotiation is enabled on all Gigabit and triple speed Ethernet ports.

Mode
Switch command, read‐write.

Example
This example disables auto‐negotiation on 1‐Gigabit Ethernet port 3 in slot 5:
matrix-x(switch-su)-> set port negotiation ge.5.3 disable

set port parallel-detect

This command allows you to enable or disable the parallel detect function, which allows 10/100
Ethernet/Fast Ethernet ports to determine link speed only, when negotiation is enabled but not
completed.

Syntax
set port parallel-detect port-string {enable | disable}

Parameters
port‐string Specifies the port(s) to enable or disable parallel detect. Refer to Port
Strings Used in the CLI on page 12‐2 for a description of port‐string
values.
enable | disable Enables or disables parallel detect.

Defaults
Parallel detect is disabled by default on triple speed ports.

Mode
Switch command, read‐write.

12-30 Port Configuration Commands

Setting Auto-Negotiation and Advertised Ability

Usage
The parallel detect function is applicable only to triple speed copper Ethernet ports (10Base‐T/
100Base‐TX/1000Base‐T).
When parallel detect is enabled, and auto‐negotiation is enabled but does not complete because
the remote device is not capable of auto‐negotiation or does not have it enabled, then speed (10 or
100 Mbps) is determined by means of parallel detect. In this case, port duplex defaults to half,
which can lead to misconfiguration of the link.
To reduce the possibility of link misconfiguration, parallel detect is disabled by default. You can
use this command to enable or disable this function.

Note: The parallel detect setting affects port behavior only when negotiating is enabled.

Example
This example enables parallel detect on port ge.4.1.
matrix-x(switch-rw)-> set port parallel-detect ge.4.1 enable

show port parallel-detect

This command displays the status of parallel detect on one or all ports.

Syntax
show port parallel-detect [port-string]

Parameters
port‐string (Optional) Specifies the ports to display parallel detect status. Refer to
Port Strings Used in the CLI on page 12‐2 for a description of port‐string
values.

Defaults
If no port string is specified, the parallel detect status for all ports is displayed.

Mode
Switch command, read‐only.

Example
This example displays the status of parallel detect on port ge.4.1.
matrix-x(switch-ro)-> show port parallel-detect ge.4.1
parallel-detect is disabled on port ge.4.1

Matrix X Router Command Line Interface Reference Guide 12-31

Setting Auto-Negotiation and Advertised Ability

show port advertise

This command displays the advertised ability on one or more ports.

Syntax
show port advertise [port-string]

Parameters

port‐string (Optional) Displays advertised ability for specific ports. For more details on
possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
If a port is not specified, advertised ability for all ports will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays advertised ability on Gigabit Ethernet port 2 in slot 6
matrix-x(switch-su)-> show port advertise ge.6.2
ge.6.2
negotiation local port advertised remote link partner
parameter capability capability advertised capability
---------------------------------------------------------------
10BASE-T yes no yes
10BASE-TFD yes yes yes
100BASE-TX yes no yes
100BASE-TXFD yes yes yes
1000BASE-X no no no
1000BASE-XFD no no no
1000BASE-T no no no
1000BASE-TFD yes yes yes
other no no no
pause yes yes no
Apause yes no no
Spause yes yes no
Bpause yes no no

Table 12‐2 provides an explanation of the command output.

12-32 Port Configuration Commands

Setting Auto-Negotiation and Advertised Ability

Table 12-2 Output Details of show port advertise Command

Output What It Displays...

negotiation Lists all the possible port parameters that can be negotiated by local ports with their remote
parameter link partners.

10BASE-T — 10BaseT half duplex mode

10BASE-TFD — 10BASE-T full duplex mode
100BASE-TX — 100BASE-TX half duplex mode
100BASE-TXFD — 100BASE-TX full duplex mode
1000BASE-X — 1000BASE-X, -LX, -SX, -CX half duplex mode
1000BASE-XFD — 1000BASE-X, -LX, -SX, -CX full duplex mode
1000BASE-T — 1000BASE-T half duplex mode
1000BASE-TFD — 1000BASE-T full duplex mode
other — Other modes.
pause — Indicates the value of the single bit pause. If bit is on, it indicates that the port can
both transmit and receive pause frames. If both the local and remote ends of a link support
this pause, then bi-directional flow control is possible. If one or both ends of the link do not
support pause, then no flow control is possible.
apause — Indicates whether the apause bit only is set (for two-bit pause). See Table 12-3
for explanation of flow control operation.
spause — Indicates whether the pause bit only is set (for two-bit pause). See Table 12-3 for
explanation of flow control operation.
bpause — Indicates whether both the pause bit and the apause bit are set. See Table 12-3
for explanation of flow control operation.
Note: apause, spause, and bpause are mutually exclusive.

local port Whether or not the local port is capable of operating in the listed modes.
capability

advertised Whether or not the port is configured to advertise its capability of operating in the modes
capability listed.

remote link Whether this port’s link partner is advertising the listed mode.
partner
advertised
capability

For a given link, assuming auto‐negotiation is enabled on both the local and remote ports, pause
advertisement results in flow control operation as described in the following table.

Table 12-3 Flow Control Results from Pause Advertisement

Local Port Pause Remote Port Pause

Resulting Flow Control
Advertisement Advertisement

None n/a None

Apause None or Apause None

Apause Spause None

Apause Bpause Uni-directional — Traffic toward

local port is flow controlled
(local transmit pause, remote
receive pause)

Spause None or Apause None

Matrix X Router Command Line Interface Reference Guide 12-33

Setting Auto-Negotiation and Advertised Ability

Table 12-3 Flow Control Results from Pause Advertisement

Local Port Pause Remote Port Pause

Resulting Flow Control
Advertisement Advertisement

Spause or Bpause Spause or Bpause Full bi-directional flow control

Bpause None None

Bpause Apause Uni-directional — Traffic from

local port is flow controlled
(local receive pause, remote
transmit pause)

set port advertise

This command configures, or sets, advertised capability on one or more ports.

Syntax
set port advertise {port-string} [10t] [10tfd] [100tx] [100txfd] [1000x] [1000xfd]
[1000t] [1000tfd] [pause] [apause] [spause] [bpause]

Parameters

port‐string Specifies the port(s) for which to set advertised capability. For a detailed
description of possible port‐string values, refer to Port Strings Used in the CLI on
page 12‐2.
10t (Optional) Advertises 10BASE‐T half duplex mode.
10tfd (Optional) Advertises 10BASE‐T full duplex mode.
100tx (Optional) Advertises 100BASE‐TX half duplex mode.
100txfd (Optional) Advertises 100BASE‐TX full duplex mode.
1000x (Optional) Advertises 1000BASE‐X, ‐LX, ‐SX, ‐CX half duplex mode.
1000xfd (Optional) Advertises 1000BASE‐X, ‐LX, ‐SX, ‐CX full duplex mode.
1000t (Optional) Advertises 1000BASE‐T half duplex mode.
1000tfd (Optional) Advertises 1000BASE‐T full duplex mode.
pause (Optional) Advertises status of single bit pause for full‐duplex links.
apause (Optional) Advertises asymmetric PAUSE for full‐duplex links.
spause (Optional) Advertises symmetric PAUSE for full‐duplex links.
bpause (Optional) Advertises asymmetric and symmetric PAUSE for full‐duplex links.

Defaults
At least one optional parameter must be specified.

Mode
Switch command, read‐write.

12-34 Port Configuration Commands

Setting Auto-Negotiation and Advertised Ability

Usage
Advertised capability can be configured at any time, but capabilities are advertised to the remote
device only when auto‐negotiation is enabled.
Port capability varies by type of port. Any port can be configured to advertise any subset of its
capabilities, except that apause, spause, and bpause are mutually exclusive.

Example
The following example sets Gigabit Ethernet port 1 in slot 4 to advertise 1000BASE‐X, ‐LX, ‐SX, ‐
CX full duplex mode:
matrix-x(switch-su)-> set port advertise ge.4.1 1000xfd

clear port advertise

This command clears advertised capability on one or more ports.

Syntax
clear port advertise {port-string} [10t | 10tfd | 100tx | 100txfd | 1000x |
1000txfd | 1000t | 1000tfd | pause | apause | spause | bpause]

Parameters

port‐string Specifies ports for which capabilities will not be advertised. For more detail on
possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.
10t (Optional) Clears 10BASE‐T half duplex mode from the port’s advertised
capability.
10tfd (Optional) Clears 10BASE‐T full duplex mode from the port’s advertised capability.
100tx (Optional) Clears 100BASE‐TX half duplex mode from the port’s advertised
capability.
100txfd (Optional) Clears 100BASE‐TX full duplex mode from the port’s advertised
capability.
1000x (Optional) Clears 1000BASE‐X, ‐LX, ‐SX, ‐CX half duplex mode from the port’s
advertised capability.
1000xfd (Optional) Clears 1000BASE‐X, ‐LX, ‐SX, ‐CX full duplex mode from the port’s
advertised capability.
1000t (Optional) Clears 1000BASE‐T half duplex mode from the port’s advertised
capability.
1000tfd (Optional) Clears 1000BASE‐T full duplex mode from the port’s advertised
capability.
pause (Optional) Clears single bit pause for full‐duplex links from the port’s advertised
capability.
apause (Optional) Clears asymmetric PAUSE for full‐duplex links from the port’s
advertised capability.
spause (Optional) Clears symmetric PAUSE for full‐duplex links from the port’s
advertised capability.

Matrix X Router Command Line Interface Reference Guide 12-35

Setting Auto-Negotiation and Advertised Ability

bpause (Optional) Clears asymmetric and symmetric PAUSE for full‐duplex links from the
port’s advertised capability.

Defaults
If no mode is specified, default advertised capabilities will be restored.

Mode
Switch command, read‐write.

Example
This example resets all advertised capability to default settings on Gigabit Ethernet port 4 in slot 3:
matrix-x(switch-su)-> clear port advertise ge.3.4

12-36 Port Configuration Commands

Setting Flow Control

Purpose
These switch‐level commands are used to review and set configured port flow control parameters.
Flow control is used to manage the transmission between two devices as specified by IEEE 802.3x
to prevent receiving ports from being overwhelmed by frames from transmitting devices.

Note: Configured settings for speed, duplex, and flow control only affect port / link operation on
ports that have auto-negotiation disabled.

Commands
The commands used to review and set port flow control are listed below.

For information about... Refer to page...

show port flowcontrol 12-37

set port flowcontrol 12-39

show port flowcontrol

This command displays the flow control state for one or more ports.

Syntax
show port flowcontrol {port-string}

Parameters

port‐string (Optional) Displays configured flow control state for specific port(s). Refer to
Port Strings Used in the CLI on page 12‐2 for a detailed description of port‐
string values.

Defaults
If a port is not specified, flow control information for all ports will be displayed.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 12-37

Setting Flow Control

Example
The following example displays the port flow control state for Gigabit Ethernet ports 1 through 3
in slot 6.
matrix-x(switch-su)-> show port flowcontrol ge.6.1-3

Port TX Confg TX Oper RX Confg Rx Oper TX Pause Count RX Pause Count

------------- -------- ------- -------- ------- -------------- --------------
ge.6.1 disabled disabled disabled disabled 0 0
ge.6.2 disabled disabled disabled disabled 0 0
ge.6.3 disabled -- disabled --

The following table provides an explanation of the command output.

Output What It Displays...

Port Port designation. For a detailed description of possible port-string values, refer
to Port Strings Used in the CLI on page 12-2.

TX Confg Whether or not the port is configured as enabled or disabled for sending flow
control frames.

TX Oper Whether or not the port is operationally enabled or disabled for sending flow
control frames.

RX Confg Whether or not the port is configured as enabled or disabled for acknowledging
received flow control frames.

RX Oper Whether or not the port is operationally enabled or disabled for acknowledging
received flow control frames.

TX Pause Count Number of Pause frames transmitted.

RX Pause Count Number of Pause frames received.

12-38 Port Configuration Commands

Setting Flow Control

set port flowcontrol

This command configures flow control settings for one or more ports.

Syntax
set port flowcontrol {port-string} {receive | send | both}{enable | disable}

Parameters

port‐string Specifies port(s) for which to configure flow control. For a detailed
description of possible port‐string values, refer to Port Strings Used in
the CLI on page 12‐2.
receive | send | both Configures the port(s) to receive, or send, or both receive and send,
flow control packets.
enable | disable Enables or disables flow control settings.

Defaults
None.

Mode
Switch command, read‐write.

Usage
These configured settings only affect port/link operation on ports that have auto‐negotiation
disabled.

Example
The following example enables Gigabit Ethernet ports 1 through 5 in slot 3 to send and receive
flow control packets:
matrix-x(switch-su)-> set port flowcontrol ge.3.1-5 both enable

Matrix X Router Command Line Interface Reference Guide 12-39

Setting Port Traffic Handling Mode

Purpose
By default, all Matrix X Router ports are configured to route traffic. Ports will not bridge traffic
unless they are configured to do so.
These switch‐mode commands are used to configure a port to handle bridged or routed traffic,
and to display a port’s current traffic handling mode.

Commands

For information about... Refer to page...

set port mode 12-40

clear port mode 12-41

show port mode 12-42

set port mode

This command configures a port to handle bridged traffic, rather than routed traffic.

Syntax
set port mode {port-string} switched

Parameters

port‐string Change the port mode from routing to bridging on the specified port or ports.
For a detailed description of possible port‐string values, refer to Port Strings Used
in the CLI on page 12‐2.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Use the clear port mode command to change a port in bridging mode to routing mode. Use the
show port mode command to display one or more ports’ current mode.

12-40 Port Configuration Commands

Setting Port Traffic Handling Mode

Example
This example changes Gigabit Ethernet ports 1 through 4 on the module in slot 4 from routing
mode to bridging mode, and then uses the show port mode command to display their status.
matrix-x(switch-su)-> set port mode ge.4.1-4 switched
matrix-x(switch-su)-> show port mode ge.4.*

Port Oper
Status
-------- --------
ge.4.1 switched
ge.4.2 switched
ge.4.3 switched
ge.4.4 switched
ge.4.5 routed
ge.4.6 routed
ge.4.7 routed
ge.4.8 routed
ge.4.9 routed
ge.4.10 routed

clear port mode

This command configures a port to handle routed traffic, not bridged traffic.

Syntax
clear port mode {port-string} switched

Parameters

port‐string Change the port mode from bridging to routing on the specified port or ports.
For a detailed description of possible port‐string values, refer to Port Strings Used
in the CLI on page 12‐2.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Ports can be configured to handle bridged traffic, rather than routed traffic, with the set port mode
command. Use the show port mode command to display the current traffic handling mode status.

Example
This example changes Gigabit Ethernet ports 1 through 4 on the module in slot 4 from bridging
mode to routing mode:
matrix-x(switch-su)-> clear port switched ge.4.1-4

Matrix X Router Command Line Interface Reference Guide 12-41

Setting Port Traffic Handling Mode

show port mode

This command displays the traffic handling mode of ports.

Syntax
show port mode [port-string]

Parameters

port‐string (Optional) Display the port mode for the specified port or ports. For a detailed
description of possible port‐string values, refer to Port Strings Used in the CLI on
page 12‐2.

Defaults
If port‐string is not entered, the port mode for all ports is displayed.

Mode
Switch command, read‐only.

Usage
This command displays the current traffic handling mode for ports. By default, ports handle
routed traffic only, not bridged traffic. They can be configured to handle bridged, or switched,
traffic with the set port mode. Use the clear port mode command to return a port to routing mode.

Example
The following example displays the traffic handling mode for all the ports on the module in slot 4:
matrix-x(switch-su)-> show port mode ge.4.*

Port Oper
Status
-------- --------
ge.4.1 switched
ge.4.2 switched
ge.4.3 switched
ge.4.4 switched
ge.4.5 routed
ge.4.6 routed
ge.4.7 routed
ge.4.8 routed
ge.4.9 routed
ge.4.10 routed

12-42 Port Configuration Commands

Selecting Port Connector Type

Purpose
These commands allow you to select the type of physical connector to use for ports on IOMs that
have multiple connector types.

Commands

For information about... Refer to page...

set port connector 12-43

show port connector 12-44

set port connector

This command changes the physical connector used by a particular port on an IOM that has
multiple connector types, such as the X‐GT16‐00 IOM.

Syntax
set port connector port-string {rj45 | sfp | xfp}

Parameters
port‐string Specifies the port or ports. For a detailed description of possible port‐
string values, refer to Port Strings Used in the CLI on page 12‐2.
rj45 | sfp | xfp Sets the connector type to RJ45, SFP, or XFP.

Defaults
On the X‐GT16‐00 IOM, only 16 ports can be active at a time. By default, SFP interfaces 1 through
8 and RJ45 interfaces 9 through 16 are active. SFP interfaces 9 through 16 are inactive.

Mode
Switch mode, read‐write.

Usage
On some IOMs, multiple port connector types are available but the number of ports that can be
active at a time is limited. This command allows you to specify which connector type should be
active for the ports that can switch connector type.
For ports that can have more than one connector type, each connector will have its own port
configuration and reporting status. The configuration applied to a connector will only be valid
while that connector is in use. When the connector type is changed, the configuration for that port
will revert to the factory default settings for that connector type and status will be cleared.
Note that although port configuration parameters are not persistent when the connector type is
changed, a port’s bridging and routing configuration parameters are persistent.

Matrix X Router Command Line Interface Reference Guide 12-43

Selecting Port Connector Type

Example
This example changes ports 9 through 16 on an X‐GT16‐00 IOM in slot 4 to use SFP connectors.
matrix-x(switch-rw)-> set port connector ge.4.9-16 sfp

show port connector

This command displays the connector type being used by ports.

Syntax
show port connector port-string

Parameters
port‐string Specifies the port or ports for which to display port connector type. For
a detailed description of possible port‐string values, refer to Port Strings
Used in the CLI on page 12‐2.

Defaults
None.

Mode
Switch mode, read‐only.

Usage
Use this command to display the currently configured port connector type on one or more ports.

Example
This example displays the port connector type for ge.4.1.
matrix-x(switch-ro)-> show port connector ge.4.1
ge.4.1 has connector type sfp

12-44 Port Configuration Commands

Displaying Port Hardware Information

Purpose
To display information about port Ethernet error counts and transceiver information and to clear
error counts for one or more ports.

Commands

For information about... Refer to page...

show port errors 12-45

clear port errors 12-47

show port transceiver 12-48

show port errors

This command displays Ethernet error counts for one or all ports.

Syntax
show port errors [port-string]

Parameters
port‐string (Optional) Specifies the port or ports for which to display port error
counts. For a detailed description of possible port‐string values, refer to
Port Strings Used in the CLI on page 12‐2.

Defaults
If port‐string is not specified, error counts for all ports are displayed.

Mode
Switch command, read‐write.

Usage
For more information about the information displayed by this command, refer to RFC 3635,
Definitions of Managed Objects for the Ethernet‐like Interface Types.

Example
This example shows the output of this command. The output fields are described in the following
table.
matrix-x(switch-su)-> show port errors ge.4.1

Port: ge.4.1 MIB2 Interface: 4001 Bridge Port: 385

-------------------------------------------------------------------------------

Matrix X Router Command Line Interface Reference Guide 12-45

Displaying Port Hardware Information

Ethernet Error Counts

---------------------
Alignment errors 100
FCS errors 410
Frame Too Long errors 2
Internal MAC Receive errors n/a
Late collisions 0
Excessive collisions 0
Internal MAC Transmit errors 0
Carrier Sense errors n/a
Single Collision frames 2365
Multiple Collision frames 1560
Deferred transmissions 18497
Symbol errors 0
Excessive deferrals 0
The following table describes the output of this command.

Output Field Description

Port: Identifies the port for which error counts are displayed.

MIB2 Interface: Interface index.

Bridge Port: Bridge port index.

Alignment errors A count of frames received on this interface that are not an integral
number of octets in length and do not pass the FCS check.

FCS errors A count of frames received on this interface that are an integral
number of octets in length but do not pass the FCS check. This count
does not include frames received with frame-too-long or frame-too-
short error.

Frame Too Long errors A count of frames received on this interface that exceed the maximum
permitted frame size.

Internal MAC Receive errors A count of frames for which reception on this interface fails due to an
internal MAC sublayer receive error.

Late collisions The number of times that a collision is detected on this interface later
than one slotTime into the transmission of a packet.

Excessive collisions A count of frames for which transmission on this interface fails due to
excessive collisions.
This counter does not increment when the interface is operating in full-
duplex mode.

Internal MAC Transmit errors A count of frames for which transmission on this interface fails due to
an internal MAC sublayer transmit error.

Carrier Sense errors The number of times that the carrier sense condition was lost or never
asserted when attempting to transmit a frame on this interface.

Single Collision frames A count of frames that are involved in a single collision, and are
subsequently transmitted successfully.

Multiple Collision frames A count of frames that are involved in more than one collision and are
subsequently transmitted successfully.

12-46 Port Configuration Commands

Displaying Port Hardware Information

Output Field Description

Deferred transmissions A count of frames for which the first transmission attempt on this
interface is delayed because the medium is busy.

Symbol errors For an interface operating at 100 Mb/s, the number of times there was
an invalid data symbol when a valid carrier was present.
For an interface operating in half-duplex mode at 1000 Mb/s, the
number of times the receiving media is non-idle (a carrier event) for a
period of time equal to or greater than slotTime, and during which there
was at least one occurrence of an event that causes the PHY to
indicate 'Data reception error' or 'carrier extend error' on the GMII.
For an interface operating in full-duplex mode at 1000 Mb/s, the
number of times the receiving media is non-idle (a carrier event) for a
period of time equal to or greater than minFrameSize, and during
which there was at least one occurrence of an event that causes the
PHY to indicate 'Data reception error' on the GMII.
For an interface operating at 10 Gb/s, the number of times the
receiving media is non-idle (a carrier event) for a period of time equal
to or greater than minFrameSize, and during which there was at least
one occurrence of an event that causes the PHY to indicate 'Receive
Error' on the XGMII.

Excessive deferrals Indicates half-duplex/full-duplex mismatches.

If the remote Ethernet peer is configured to full-duplex, and the X
Router is configured to half-duplex, this counter will go up when the
link is heavily used.

clear port errors

This command clears the error counters for one or more ports.

Syntax
clear port errors [port-string]

Parameters
port‐string (Optional) Specifies the port or ports for which to clear port error
counts. For a detailed description of possible port‐string values, refer to
Port Strings Used in the CLI on page 12‐2.

Defaults
If port‐string is not specified, error counts for all ports are cleared.

Mode
Switch command, read‐write.

Example
This example shows how to clear Ethernet error counts for a specific port.
matrix-x(switch-su)-> clear port errors ge.4.1

Matrix X Router Command Line Interface Reference Guide 12-47

Displaying Port Hardware Information

show port transceiver

This command displays Ethernet transceiver information for one or more ports.

Syntax
show port transceiver [port-string]

Parameters
port‐string (Optional) Specifies the port or ports for which to display transceiver
information. For a detailed description of possible port‐string values,
refer to Port Strings Used in the CLI on page 12‐2.

Defaults
If no port‐string is specified, information about all Ethernet ports will be displayed.

Mode
Switch mode, read‐only.

Usage
You can use this command to find out if a transceiver is present in the port, and if it is, transceiver
vendor information, and operational parameters for the transceiver. The information displayed is
based on the “Small Form‐factor Pluggable (SFP) Transceiver MultiSource Agreement (MSA).”

Examples
This example illustrates the output of this command when no transceiver is installed in a port.
matrix-x(switch-su)-> show port transceiver tg.4.2

Port: tg.4.2 MIB2 Interface: 4002 Bridge Port: 386

---------------------------------------------------------------------

Port connector type XFP

Port supports removable transceivers yes
Transceiver present no

This example displays information about the SFP transceiver in port ge.1.9. The following table
describes the output fields.
matrix-x(switch-su)-> show port transceiver ge.1.9

Port: ge.1.9 MIB2 Interface: 1009 Bridge Port: 9

------------------------------------------------------------------------

Port connector type SFP

Port supports removable transceivers yes
Transceiver present yes
Nominal bit rate 1.3 Gbps
Link length for 9/125mm fiber 0 m
Link length for 50/125mm fiber 500 m
Link length for 62.5/125mm fiber 300 m
Link length for copper 0 m

12-48 Port Configuration Commands

Displaying Port Hardware Information

Upper bit rate margin 5%

Lower bit rate margin 5%
Transceiver vendor JDS UNIPHASE
Vendor OUI 00-01-9c
Vendor part number JSP-12S0AA1
Vendor revision 2
Vendor serial number F4344347011B
Manufacturing date (MM/DD/YY) 08/19/04
Manufacturing lot 01
The following table describes the output of this command.

Field Description

Port connector type SFP (small form factor pluggable) or

XFP (10-Gigabit small form factor pluggable)

Port supports removable transceivers yes or no

Transceiver present yes or no

Nominal bit rate The nominal bit rate is specified in units of 100
Megabits per second, rounded off to the nearest 100
Megabits per second.
The bit rate includes those bits necessary to encode
and delimit the signal, as well as those bits carrying
data information. The actual information transfer rate
will depend on the encoding of the data, as defined
by the encoding value.
A value of 0 indicates that the bit rate is not specified
and must be determined from the transceiver
technology.

Link length for 9/125mm fiber This value specifies the link length that is supported
by the SFP transceiver while operating in
compliance with the applicable standards using
single mode fiber.
A value of 25500 meters means that the transceiver
supports a link length greater than 25.4 km. A value
of zero means that the SFP transceiver does not
support single mode fiber or that the length
information must be determing from the transceiver
technology.

Link length for 50/125mm fiber This value specifies the link length that is supported
by the SFP transceiver while operating in
compliance with the applicable standards using 50
micron multi-mode fiber.
A value of 2550 meters means that the SFP
transceiver supports a link length greater than 2.54
km. A value of zero means that the transceiver does
not support 50 micron multi-mode fiber or that the
length information must be determined from the
transceiver technology.

Matrix X Router Command Line Interface Reference Guide 12-49

Displaying Port Hardware Information

Field Description

Link length for 62.5/125mm fiber This value specifies the link length that is supported
by the SFP transceiver while operating in
compliance with the applicable standards using 62.5
micron multi-mode fiber.
A value of 2550 meters means that the SFP
transceiver supports a link length greater than 2.54
km. A value of zero means that the SFP transceiver
does not support 62.5 micron multi-mode fiber or
that the length information must determined from the
transceiver technology. It is common for the SFP
transceiver to support both 50 micron and 62.5
micron fiber.

Link length for copper This value specifies the minimum link length that is
supported by the SFP transceiver while operating in
compliance with the applicable standards using
copper cable.
The value is in units of 1 meter. A value of 255
means that the SFP transceiver supports a link
length greater than 254 meters. A value of zero
means that the SFP transceiver does not support
copper cables or that the length information must be
determined from the transceiver technology.
Further information about the cable design,
equalization, and connectors is usually required to
guarantee meeting a particular length requirement.

Upper bit rate margin The upper bit rate limit at which the SFP transceiver
will still meet its specifications. This value is
specified in units of 1% above the nominal bit rate. A
value of zero indicates that this field is not specified.

Lower bit rate margin The lower bit rate limit at which the SFP transceiver
will still meet its specifications. This value is
specified in units of 1% below the nominal bit rate. A
value of zero indicates that this field is not specified.

Transceiver vendor The name of the vendor, in the form of the full name
of the corporation, a commonly accepted
abbreviation of the corporation name, the SCSI
company code for the corporation, or the stock
exchange code for the corporation.

Vendor OUI The vendor organizationally unique identifier field

(vendor OUI) is the IEEE Company Identifier for the
vendor. A value of all zero in the field indicates that
the Vendor OUI is unspecified.

Vendor part number The vendor part number is a 16-byte field that
contains ASCII characters defining the vendor part
number or product name. A value of all zero in the
16-byte field indicates that the vendor PN is
unspecified.

12-50 Port Configuration Commands

Displaying Port Hardware Information

Field Description

Vendor revision The vendor’s product revision number. A value of all

zero in the field indicates that the vendor revision is
unspecified.

Vendor serial number The vendor’s serial number for the transceiver. A
value of all zero in the field indicates that the vendor
serial number is unspecified.

Manufacturing date (MM/DD/YY) The vendor’s date code.

Manufacturing lot The vendor’s manufacturing lot number. Nothing in

the field indicates that the manufacturing lot number
is unspecified.

Matrix X Router Command Line Interface Reference Guide 12-51

Configuring Port Mirroring

Port Mirroring Overview

The Matrix X Router allows you to mirror (or redirect) received traffic being switched on a port for
the purposes of network traffic analysis and connection assurance. When port mirroring is
enabled, one port becomes a monitor port for another port within the system.
The X Router supports only many‐to‐one mirroring, not one‐to‐many mirroring, and only on
physical ports on IOMs. Only one unique mirror can be active per forwarding engine (FE) on each
IOM. So, for example, on an IOM with 32 ports, ports 1 through 16 can have one active mirror and
ports 17 through 32 can have one active mirror. If two or more mirrors are configured and
administratively enabled on an FE, the mirror with the lowest interface index (IfIndex) will be
operationally enabled and the others will be operationally disabled.
Ports must be in switch mode in order to participate in mirroring.

Caution: Port mirroring configuration should be performed only by personnel who are
knowledgeable about the effects of port mirroring and its impact on network operation.

Purpose
These switch mode commands are used to display and configure mirroring relationships between
physical IOM ports.

Commands

For information about... Refer to page...

show port mirroring 12-53

set port mirroring 12-54

clear port mirroring 12-56

12-52 Port Configuration Commands

Configuring Port Mirroring

show port mirroring

This command displays the source and target ports for mirroring, and whether mirroring is
currently administratively or operationally enabled or disabled for those ports.

Syntax
show port mirroring

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Examples
This example displays port mirroring information. In this case, ports ge.4.1 through ge.4.5 are
mirrored to port ge.4.32, a many‐to‐one mirror.
matrix-x(switch-ro)-> show port mirroring
Source Destination Direction AdminStatus OperStatus
------------ ------------ --------- ----------- ----------
ge.4.1 ge.4.32 Rx only enabled enabled
ge.4.2 ge.4.32 Rx only enabled enabled
ge.4.3 ge.4.32 Rx only enabled enabled
ge.4.4 ge.4.32 Rx only enabled enabled
ge.4.5 ge.4.32 Rx only enabled enabled

This example illustrates that only one mirror per FE can be administratively and operationally
active at a time. The mirror from port ge.4.1 to ge.4.31 is active, since it has the lowest interface
index. The mirror from ports ge.4.2 through ge.4.5 to ge.4.32 is not operationally active.
matrix-x(switch-su)-> show port mirroring
Source Destination Direction AdminStatus OperStatus
------------ ------------ --------- ----------- ----------
ge.4.1 ge.4.31 Rx only enabled enabled
ge.4.2 ge.4.32 Rx only enabled disabled
ge.4.3 ge.4.32 Rx only enabled disabled
ge.4.4 ge.4.32 Rx only enabled disabled
ge.4.5 ge.4.32 Rx only enabled disabled

Matrix X Router Command Line Interface Reference Guide 12-53

Configuring Port Mirroring

set port mirroring

This command creates a new mirroring relationship or enables or disables an existing mirroring
relationship between two ports.

Syntax
set port mirroring {create | disable | enable} source destination [rx]

Parameters
create Creates a mirroring relationship.
disable Disables a mirroring relationship.
enable Enables a mirroring relationship.
source Specifies the source port designation. This is the port or ports on which
the received traffic will be monitored.
destination Specifies the target port designation. This is the port that will duplicate or
“mirror” all the traffic on the monitored port.
rx (Optional) Specifies that only frames received by the source port are
mirrored.

Defaults
The default is to mirror only received frames.

Mode
Switch command, read‐write.

Usage
Ports must be in switch mode in order to participate in a mirroring relationship.
Only one unique mirror can be active per forwarding engine (FE) on each IOM. For example, a 32
port IOM has two FEs, one for ports 1 through 16 and one for ports 17 through 32. Therefore, ports
1 through 16 can have one active mirror and ports 17 through 32 can have one active mirror.
If two or more mirrors are configured and administratively enabled on an FE, the mirror with the
lowest interface index (IfIndex) will be operationally enabled and the others will be operationally
disabled.

Examples
This example creates a many‐to‐one port mirroring of received frames with ports ge.4.1 through
ge.4.5 as the source ports and ge.4.32 as the target port:
matrix-x(switch-rw)-> set port mode ge.4.1-5 switched
matrix-x(switch-rw)-> set port mode ge.4.31-32 switched
matrix-x(switch-su)-> set port mirroring create ge.4.1-5 ge.4.32

matrix-x(switch-su)-> show port mirroring

Source Destination Direction AdminStatus OperStatus
------------ ------------ --------- ----------- ----------
ge.4.1 ge.4.32 Rx only enabled enabled
ge.4.2 ge.4.32 Rx only enabled enabled
ge.4.3 ge.4.32 Rx only enabled enabled

12-54 Port Configuration Commands

Configuring Port Mirroring

ge.4.4 ge.4.32 Rx only enabled enabled

ge.4.5 ge.4.32 Rx only enabled enabled

This example disables one of the mirroring relationships:

matrix-x(switch-su)-> set port mirroring disable ge.4.1 ge.4.32

matrix-x(switch-su)-> show port mirroring

Source Destination Direction AdminStatus OperStatus
------------ ------------ --------- ----------- ----------
ge.4.1 ge.4.32 Rx only disabled disabled
ge.4.2 ge.4.32 Rx only enabled enabled
ge.4.3 ge.4.32 Rx only enabled enabled
ge.4.4 ge.4.32 Rx only enabled enabled
ge.4.5 ge.4.32 Rx only enabled enabled

This example illustrates that only one mirroring relationship can be active per FE. When a mirror
is established between ge.4.1 and ge.4.31, the previously established mirror is operationally
disabled because the IfIndex of the second relationship is lower.
matrix-x(switch-su)-> set port mirroring create ge.4.1 ge.4.31

matrix-x(switch-su)-> show port mirroring

Source Destination Direction AdminStatus OperStatus
------------ ------------ --------- ----------- ----------
ge.4.1 ge.4.31 Rx only enabled enabled
ge.4.1 ge.4.32 Rx only enabled disabled
ge.4.2 ge.4.32 Rx only enabled disabled
ge.4.3 ge.4.32 Rx only enabled disabled
ge.4.4 ge.4.32 Rx only enabled disabled
ge.4.5 ge.4.32 Rx only enabled disabled

Matrix X Router Command Line Interface Reference Guide 12-55

Configuring Port Mirroring

clear port mirroring

This command clears a port mirroring relationship.

Syntax
clear port mirroring source destination

Parameters
source Specifies the source port of the mirroring configuration to be cleared.
destination Specifies the target port of the mirroring configuration to be cleared.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example clears port mirroring between source port ge.4.1 and target port ge.4.31:
matrix-x(switch-su)-> show port mirroring
Source Destination Direction AdminStatus OperStatus
------------ ------------ --------- ----------- ----------
ge.4.1 ge.4.31 Rx only enabled enabled
ge.4.1 ge.4.32 Rx only enabled disabled
ge.4.2 ge.4.32 Rx only enabled disabled
ge.4.3 ge.4.32 Rx only enabled disabled
ge.4.4 ge.4.32 Rx only enabled disabled
ge.4.5 ge.4.32 Rx only enabled disabled

matrix-x(switch-rw)->clear port mirroring ge.4.1 ge.4.31

matrix-x(switch-su)-> show port mirroring

12-56 Port Configuration Commands

13
Policy Classification Commands

Overview
This chapter describes the switch mode Policy Classification set of commands and how to use
them.
Matrix X Routers support policy profile‐based provisioning of network resources by allowing IT
administrators to:
• Create, change, or remove policy profiles, which are a set of classification rules that define
how packets should be handled.
• Permit or deny access to specific services by creating classification rules which perform
protocol‐based packet filtering and by assigning the classification rules to policy profiles.
• Assign or unassign policy profiles to ports.

Note: Enterasys recommends that you use NetSight Policy Manager as an alternative to CLI for
configuring policy classification on theMatrix X Router.

The commands in this chapter are organized into these sections:

For information about... Refer to page...

Configuring Policy Profiles 13-2

Configuring Classification and Admin Rules 13-7

Matrix X Router Command Line Interface Reference Guide 13-1

Configuring Policy Profiles

Purpose
These switch level commands are used to review, create, change and remove policy profiles for
managing network resources.

Commands
The commands used to review and configure policy profiles are listed below.

For information about... Refer to page...

show policy profile 13-2

set policy profile 13-4

clear policy profile 13-6

show policy profile

This command displays policy profile information.

Syntax
show policy profile {all | profile-index [consecutive-pids]} [verbose]

Parameters
all | profile‐index Displays policy information for all policy profiles or a specific policy profile,
identified by its index.
consecutive‐pids (Optional) Displays information for the specified number of consecutive
policy profiles.
verbose (Optional) Displays detailed information.

Defaults
If all is used without the verbose parameter, summary information is displayed.

Mode
Switch command, read‐only.

Example
This example displays information for policy profile 11:
matrix-x(switch-su)-> show policy profile 11
Profile Index :11
Profile Name :MacAuth1
Row Status :active
Port VID Status :enabled

13-2 Policy Classification Commands

Configuring Policy Profiles

Port VID Override :11

CoS Status :disabled
CoS :0
Tagged Egress VLAN List :11
Forbidden VLAN List :none
Untagged VLAN List :none
Replace TCI Status :enabled
Admin Profile Usage :ge.7.1-2
Oper Profile Usage :ge.7.1-2
Dynamic Profile Usage :none

The following table provides an explanation of the command output.

Output What It Displays...

Profile Index Index number of the policy profile.

Profile Name User-supplied name assigned to this policy profile.

Row Status Whether or not the policy profile is active (enabled) or not In Service
(disabled).

Port VID Status Whether or not PVID override is enabled or disabled for this policy profile. If
none of the classification rules associated with this profile are matched, then
this parameter, if specified, determines default behavior.

Port VID Override The PVID to assign to packets, if PVID override is enabled.

CoS Status Whether or not Class of Service override is enabled or disabled for this
profile. If none of the classification rules associated with this profile are
matched, then this parameter, if specified, determines default behavior.

CoS The CoS priority value to assign to packets, if CoS override is enabled.

Tagged Egress VLAN List VLAN(s) that ports to which this policy profile is assigned can use for tagged
egress.

Forbidden VLAN List VLAN(s) forbidden to ports to which this policy profile is assigned.

Untagged VLAN List VLAN(s) that ports to which this policy profile is assigned can use for untagged
egress.

Replace TCI status Whether or not the TCI overwrite function is enabled or disabled for this
profile.

This command deletes a policy profile.

Syntax
clear policy profile profile-index

Parameters
profile‐index Specifies the index number of the policy profile to be deleted, ranging from 1 to
1023.

Defaults
None.

Mode
Switch command, read‐write.

Example
This example deletes policy profile 8:
matrix-x(switch-su)-> clear policy profile 8

13-6 Policy Classification Commands

Configuring Classification and Admin Rules

Purpose
These switch level commands allow you to review, create, assign, and unassign classification and
admin rules. Classification rules define protocol‐based frame filtering policies. Admin rules assign
policy profiles to one or more ingress ports.

Commands

For information about... Refer to page...

show policy rule 13-7

show policy capability 13-9

set policy rule 13-11

clear policy rule 13-15

clear policy all-rules 13-16

show policy rule

This command displays classification and admin rule information.

Syntax
show policy rule [all] | [admin-profile] | [profile-index] [ether |ipproto |
ipfrag | llcDsapSsap | macsource | tci | port | tcpdestport | udpdestport |
vlantag] [data] [mask mask] [port-string port-string] [rule-status {active |
not-in-service | not-ready}] [vlan vlan | drop | forward] [cos cos] [admin-pid
profile-index] [verbose]

Parameters
all | admin‐ Displays all admin and classification rules, or admin rules (admin‐profile
profile | parameter), or classification rules for a specific profile‐index number. Valid
profile‐index index values are 1 ‐ 1023.
ether Displays Ethernet type II rules.
ipproto Displays IP protocol field in IP packet rules.
ipfrag Displays IP fragmentation rules.
llcDsapSsap Displays DSAP/SSAP rules.
macsource Displays MAC source address rules.
tci Displays rules based on the user priority bits in the 802.1Q Tag Control
Information (TCI) field.
port Displays port related rules.
tcpdestport Displays TCP destination port rules.

Matrix X Router Command Line Interface Reference Guide 13-7

Configuring Classification and Admin Rules

udpdestport Displays UDP destination port rules.

vlantag Displays VLAN tag rules.
data (Not required for ipfrag classification.) Displays rules for a predefined
classifier. This value is dependent on the classification type entered. Refer to
Table 13‐4 on page 13‐13 for valid values for each classification type.
mask mask (Optional) Displays rules for a specific data mask. Refer to Table 13‐4 on
page 13‐13 for valid values for each classification type and data value.
port‐string (Optional) Displays rules related to a specific ingress port.
port‐string
rule‐status active (Optional) Displays rules related to a specific rules status.
| not‐in‐service |
not‐ready
vlan vlan (Optional) Displays rules for a specific VLAN ID.
drop | forward (Optional) Displays rules based on whether matching packets will be
dropped or forwarded.
Note that vlan, drop, and forward parameters are mutually exclusive.
cos cos (Optional) Displays rules for a Class‐of‐Service value.
admin‐pid Displays rules associated with a specific policy profile index.
profile‐index
verbose (Optional) Displays detailed information.

Defaults
• If port‐string or rule status are not specified, all rules related to other specifications will be
displayed.
• If verbose is not specified, summary information will be displayed.

Mode
Switch command, read‐only.

Examples
The following example displays classification rule information for Ethernet type 2 rules:
matrix-x(switch-su)-> show policy rule ether
|PID |Rule Type |Rule Data |Mk|PortStr |RS|ST|VLAN|CoS |
| 1 |Ether |2048 (0x0800) |16|All | A|NV| 2| 3|
| 1 |Ether |2054 (0x0806) |16|All | A|NV| 2| |
| 1 |Ether |32821 (0x8035) |16|All | A|NV| 2| |

The following example displays admin rule information for the policy profile with index number
1:
matrix-x(switch-su)-> show policy rule admin-pid 1
|Admin|Rule Type |Rule Data |Mk|PortStr |RS|ST|dPID|aPID|
|admin|Port |ge.1.8 |16|ge.1.8 | A|NV| | 1|
|admin|Port |ge.1.9 |16|ge.1.9 | A|NV| | 1|
|admin|Port |ge.1.10 |16|ge.1.10 | A|NV| | 1|

13-8 Policy Classification Commands

Configuring Classification and Admin Rules

The following table provides an explanation of the command output.

Output
What Is Displayed...
Field Label

PID Policy profile index number to which this classification rule is associated. (Classification
rules only.)

Admin Indicates an admin rule is displayed.

Rule Type Traffic attribute that will cause a rule match. Rule type can be either Ether (for classification
rules) or Port (for admin rules).

Rule Data Rule data value. Refer to Table 13-4 on page 13-13 for valid values for the ether
classification type.

Mk Rule data mask. Refer to Table 13-4 on page 13-13 for valid values for ether classification
data value.
PortStr Ingress port(s) to which this rule applies.

RS Whether the status of this rule is active (A), not in service or not ready.

ST Whether this rule’s storage type is non-volatile (NV) or volatile (V).

Vlan VLAN ID to be assigned to traffic matching this rule, or whether matching packets will be
dropped or forwarded.

CoS Class of Service to be assigned to traffic matching this rule.

dPID A policy profile index indicates a dynamic admin rule assigned the specified policy. A value
of -1 indicates no dynamic assignment.

aPID A policy profile index indicates a static admin rule administratively (statically) assigned the
specified policy profile.

show policy capability

This command displays all the policy classification capabilities supported by your Matrix X
Router.

Syntax
show policy capability

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 13-9

Configuring Classification and Admin Rules

Usage
The output of this command shows a table listing classifiable packet attributes and the type of
actions, by rule type, that can be executed relative to each attribute. Above the table is a list of all
the actions possible on this device.
The left‐most column of the table lists all possible classifiable packet attributes. The next two
columns from the left indicate how policy profiles may be assigned, either administratively or
dynamically. The next four columns from the left indicate the actions that may be performed. The
last three columns indicate auditing options.
An x in an action column for a traffic attribute row indicates that your system has the capability to
perform that action for traffic classified by that attribute.

Note: In this software release, the table includes classifiable traffic attributes and actions that are
not supported by the software.

Example
This example displays the device’s policy classification capabilities. Refer to set policy rule on
page 13‐11 for a description of the parameters displayed:
matrix-x(switch-su)-> show policy capability
The following supports related to policy are supported in this device:
VLAN Forwarding Priority Permit
Deny TCI Overwrite Rules Table

=============================================================
| | D | | | | | F | | | D |
| | Y | | | | | O | S | | I |
| | N | A | | | | R | Y | | S |
| | A | D | V | | D | W | S | T | A |
| | M | M | L | C | R | A | L | R | B |
| | I | I | A | O | O | R | O | A | L |
| SUPPORTED RULE TYPES | C | N | N | S | P | D | G | P | E |
=============================================================
|MAC source address | | | | X | X | X | | | |
|MAC destination address | | | | | | | | | |
|IPX source address | | | | | | | | | |
|IPX destination address | | | | | | | | | |
|IPX source socket | | | | | | | | | |
|IPX destination socket | | | | | | | | | |
|IPX transmission control | | | | | | | | | |
|IPX type field | | | | | | | | | |
|IPv6 source address | | | | | | | | | |
|IPv6 destination address | | | | | | | | | |
|IPv6 flow label | | | | | | | | | |
|IP source address | | | | | | | | | |
|IP destination address | | | | | | | | | |
|IP fragmentation | | | | X | X | X | | | |
|UDP port source | | | | | | | | | |
|UDP port destination | | | | X | X | X | | | |
|TCP port source | | | | | | | | | |
|TCP port destination | | | | X | X | X | | | |
|ICMP packet type | | | | | | | | | |
|TTL | | | | | | | | | |

13-10 Policy Classification Commands

Configuring Classification and Admin Rules

|IP type of service | | | | | | | | | |

|IP proto | | | | X | X | X | | | |
|Ether II packet type | | | X | X | X | X | | | |
|LLC DSAP/SSAP/CTRL | | | X | | | | | | |
|VLAN tag | | | | X | X | X | | | |
|Replace tci | | | | X | X | X | | | |
|Port string | | X | | | | | | | |
=============================================================

set policy rule

This command has 2 forms of syntax, one to set an admin rule that applies a policy profile to a
port, and the other to create a classification rule and attach it to a policy profile.

Syntax
set policy rule admin-profile {port port-string [mask mask]} port-string port-
string admin-pid profile-index

set policy rule profile-index {ether | ipproto | ipfrag | llcDsapSSap | macsource

| tci | tcpdestport | udpdestport | vlantag} [data [mask mask]] [vlan vlan | drop
| forward] [cos cos]

Parameters
The following parameters apply to setting an admin rule:

admin‐profile Specifies that this is an admin rule.

port port‐string Specifies the port traffic attribute to which the admin rule applies.
(Traffic attributes describe what you are looking for in a packet.)
Note: Policy rules cannot be applied to link aggregation groups (LAGs).
mask mask (Optional) Specifies the number of significant bits to match.
Currently, the only valid mask value is 16.
port‐string Set the scope of the rule.
port‐string
(Scope describes where you are looking for the traffic attribute.)
Currently, an admin profile can be scoped to only one port.
Note: Policy rules cannot be applied to link aggregation groups (LAGs).
admin‐pid Associates this admin rule with a policy profile, identified by its index
profile‐index number. Valid values are 1 ‐ 1023.

The following parameters apply to setting a classification rule. The parameters are grouped into
two groups within the table:
• The set of parameters that specify a traffic attribute to match, and
• The set of actions that can be taken once the traffic attribute is matched.

Matrix X Router Command Line Interface Reference Guide 13-11

Configuring Classification and Admin Rules

profile‐index Associates this classification rule with a policy profile, identified by its index
number ranging from 1 to 1023.
The following parameters specify the traffic attribute to match:
ether Classifies based on type field in Ethernet II packet. An ether rule can perform
both VLAN classification and CoS priority classification.
ipfrag Performs CoS priority classification based on IP fragmentation. When a
frame is fragmented, the first fragmented packet will have the More
fragment bit set and the fragment offset value equal to 0. Subsequent
fragmented packets will have the More fragment bit set and the fragment
offset value not equal to 0. The last fragment will have the More bit unset and
the fragment offset value not equal to 0.
On the X Router, the first fragmented packet will not be classified, but
subsequent fragmented packets will be classified.
llcDsapSsap Performs VLAN classification based on the specific protocol type of each
frame, defined in the DSAP (Destination Service Access Point), SSAP (Source
Service Access Point), and Control fields of LLC (Logical Link Control)
PDUs. The DSAP and SSAP values are one byte each, and they must match.
The Control field values are also one byte.
Only one llcDsapSsap rule is allowed per IOM.
llcDsapSsap rules apply only to untagged packets. LLC packets preceded by
an 802.1P/Q header will not activate an llcDsapSsap rule. They will, instead,
be forwarded according to classification by other rules and/or the default
forwarding configuration.
Well‐known DSAP/SSAP types and their values:
• IP – 0x0606
• IPX – 0xe0e0
• NetBIOS – 0xf0f0
• Banyan – 0xbcbc
• SNA – 0x0404
ipproto Performs CoS priority classification based on the protocol field in IP header.
macsource Performs CoS priority classification based on MAC source address.
tci Performs CoS priority classification based on the user priority bits in the
802.1Q Tag Control Information field.
tcpdestport Performs CoS priority classification based on TCP port destination.
udpdestport Performs CoS priority classificationbased on UDP port destination.Performs
priority classification
vlantag Performs CoS priority classification based on VLAN tag.
data Specifies the data value for the classifier. This value is dependent on the
classification type entered.
mask mask (Optional) Specifies the number of significant bits to match, dependent on
the data value entered. Refer to Table 13‐4 on page 13‐13 for valid values for
each classification type and data value.

13-12 Policy Classification Commands

Configuring Classification and Admin Rules

These parameters specify the action to take if the attribute is matched:

vlan vlanid (Optional) Specifies that this rule will classify to the VLAN ID specified by
the vlanid value. A value of ‐1 indicates that no VLAN or forwarding
behavior modification is desired.
Note: Only ether and llcDsapSsap rules can classify to a VLAN ID.
drop | forward (Optional) Drops or forwards frames for this rule.
Note that the vlan, drop, and forward parameters are mutually exclusive.
cos cos (Optional) Specifies that this rule will classify to the Class‐of‐Service priority
indicated by cos value. Valid values are 0‐7. A value of ‐1 indicates that no
CoS or forwarding behavior modification is desired.

Defaults
Refer to Table 13‐4 on page 13‐13.

Mode
Switch command, read‐write.

Usage
Use the set policy rule admin‐profile syntax to apply a policy profile to a specific port. Currently,
an admin rule can be scoped to only one port. Admin rules cannot be scoped to link aggregation
groups (LAGs).
Use the set policy rule profile‐index syntax to create a classification rule and attach it to a policy
profile. Classification rules are automatically enabled when created.
When creating a classification rule with this command, you specify the packet attribute that will
be the trigger for classification (the parameter, such as ether or ipproto, for example, and the data
value and mask for that parameter), and then you specify the action (change the VLAN id, drop,
or change the CoS priority).
Table 13‐4 provides the data values for the set policy rule profile‐index syntax that can be entered
for the classification types, and the mask bits that can be entered for the classifier.

Table 13-4 Valid Values for Policy Classification Rules

Classification Rule
Data Value Mask Bits
Parameter
ether Type field in Ethernet II packet: 1536 - 65535 or 16
0x600 - 0xFFFF

ipproto Protocol field in IP packet: 0 - 255 or 0 - 0xFF 8

ipfrag Not applicable. Not applicable

Matrix X Router Command Line Interface Reference Guide 13-13

Configuring Classification and Admin Rules

Table 13-4 Valid Values for Policy Classification Rules (continued)

Classification Rule
Data Value Mask Bits
Parameter
llcDsapSsap DSAP/SSAP/CTRL field in LLC: aa-bb-cc-000 1 - 24
Well-known DSAP/SSAP types and their values:
• IP – 0x0606
• IPX – 0xe0e0
• NetBIOS – 0xf0f0
• Banyan – 0xbcbc
• SNA – 0x0404

Note: Data value AA-AA-03-000 is not supported by

this rule type.

macsource MAC Address: 00-00-00-00-00-00 24 or 48

tci User priority bits in the Tag Control Information field: 3

0 - 65535 or 0 - 0xFFFF
tcpdestport TCP Port Number: 0 - 65535 or 0 - 0xFFFF 16

udpdestport UDP Port Number: 0 - 65535 or 0 - 0xFFFF 16

vlantag VLAN tag: 1- 4094 or 1 - 0xFFF 12

Examples
This example creates a classification rule to associate with the policy profile with index number 1.
This rule will classify Ethernet II Type 1536 frames to VLAN 7:
matrix-x(switch-su)->set policy rule 1 ether 1536 vlan 7
This example creates a classification rule that classifies IP packets to VLAN 2 and associates the
rule with policy profile number 1.
matrix-x(switch-su)-> set policy rule 1 llcDsapSsap 06-06-00-000 mask 24 vlan 2
This example configures an admin rule that assigns the policy profile with index number 1 to
ingress port ge.1.1:
matrix-x(switch-su)->set policy rule admin-profile port ge.1.1 port-string ge.1.1
admin-pid 1

13-14 Policy Classification Commands

Configuring Classification and Admin Rules

clear policy rule

This command deletes one or all classification or administrative (admin) rules.

Syntax
This command has two syntax forms, one to clear admin rules and the other to clear classification
rules.
clear policy rule admin-profile { all-pid-entries | port port-string [mask mask]
[port-string port-string]}

clear policy rule profile-index { all-pid-entries | ether | ipproto | ipfrag |

llcDsapSsap | macsource | tci | tcpdestport | udpdestport | vlantag} data [mask
mask] }

Parameters
The following parameters apply to the clear policy rule admin‐profile syntax:

admin‐profile Deletes an administrative rule.

all‐pid‐entries Deletes all admin rules.
port port‐string Deletes associated port‐string admin rules.
mask mask (Optional) Deletes associated data mask.
Currently, valid mask value is 16.
port‐string (Optional) Deletes specified rule entries for specific ingress port(s).
port‐string

The following parameters apply to the clear policy rule profile‐index syntax:

profile‐index Deletes rules associated with a specific policy profile index number. Valid
profile‐index values are 1 ‐ 1023.
all‐pid‐entries Deletes all classification rules associated with the specified policy profile
index number.
ether For the specified policy profile index number, delete classification rule
based on type field in Ethernet II packet.
ipfrag For the specified policy profile index number, delete classification rule
based on IP fragmentation flag.
ipproto For the specified policy profile index number, delete classification rule
based on protocol field in IP packet.
llcDsapSsap For the specified policy profile index number, delete classification rule
based on DSAP/SSAP/CTRL fields in LLC PDU.
macsource For the specified policy profile index number, delete classification rule
based on MAC source address.
tci For the specified policy profile index number, delete classification rule
based on user priority bits in Tag Control Information field.
tcpdestport For the specified policy profile index number, delete classification rule
based on TCP port destination.

Matrix X Router Command Line Interface Reference Guide 13-15

Configuring Classification and Admin Rules

udpdestport For the specified policy profile index number, delete classification rule
based on UDP port destination.
vlantag For the specified policy profile index number, delete classification rule
based on VLAN tag.
data Specifies the data value associated with the classification rule to be
deleted. Refer to Table 13‐4 on page 13‐13 for valid values for the
classification type.
mask mask (Optional) Specifies the data mask associated with the data value. Refer to
Table 13‐4 on page 13‐13 for valid values for the classification type and
data value.

Defaults
When applicable, data, mask, and port‐string must be specified for individual rules to be cleared.

Mode
Switch command, read‐write.

Examples
This example deletes all classification rules associated with policy profile 1:
matrix-x(switch-su)->clear policy rule 1 all-pid-entries
This example deletes the llcDsapSsap rule associated with policy profile 1:
matrix-x(switch-rw)-> clear policy rule 1 llcDsapSsap aa-aa-03-000 mask 24

clear policy all-rules

This command removes all admin and classification rules.

Syntax
clear policy all-rules

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
This example removes all admin and classification rules:
matrix-x(switch-su)->clear policy all-rules

13-16 Policy Classification Commands

14
Port Priority and Rate Limiting Commands

Overview
This chapter describes the Port Priority and Rate Limiting set of commands, and how to use them.
The Matrix X Router supports Class of Service (CoS), which allows you to assign mission‐critical
data to higher priority through the device by delaying less critical traffic during periods of
congestion. The higher priority traffic through the device is serviced first before lower priority
traffic. The Class of Service capability of the device is implemented by a priority queueing
mechanism. Class of Service is based on the IEEE 802.1D (802.1p) standard specification, and
allows you to define eight priorities (0 through 7) and up to 8 transmit queues (0‐7) of traffic for
each port:
A priority 0 through 7 can be set on each port, with 0 being the lowest priority. A port receiving a
frame without priority information in its tag header is assigned a priority according to the default
priority setting on the port. For example, if the priority of a port is set to 5, the frames received
through that port without a priority indicated in their tag header are classified as a priority 5 and
transmitted according to that priority.
In addition, the device’s rate limiting capabilities allow you to further prioritize traffic by limiting
the rate of inbound or outbound traffic on a per port/priority basis.

Note: When CoS override is enabled using the set policy profile command, CoS-based
classification rules will take precedence over priority settings configured with the set port priority
command described in this section.

For information about... Refer to page...

Configuring Port Priority 14-2

Configuring Priority to Transmit Queue Mapping 14-5

Configuring Port Traffic Rate Limiting 14-8

Configuring Regenerated User Priority 14-13

Matrix X Router Command Line Interface Reference Guide 14-1

Configuring Port Priority

Purpose
These switch‐level commands are used to view or set port priority characteristics as follows:
• Display or change port default Class‐of Service (CoS) transmit priority (0 through 7) of each
port for frames that are received (ingress) without priority information in their tag header.
• Display the current traffic class mapping‐to‐priority of each port.
• Set each port to transmit frames according to 802.1D (802.1p) priority transmit queues set in
the frame header.

Commands
The commands to configure port priority are listed below.

For information about... Refer to page...

show port priority 14-2

set port priority 14-3

clear port priority 14-4

show port priority

This command displays the 802.1D priority for one or more ports.

Syntax
show port priority [port-string]

Parameters
port‐string (Optional) Displays priority information for a specific port.

Defaults
If port‐string is not specified, priority for all ports will be displayed.

Mode
Switch command, read‐only.

Example
This example displays the port priority for the Gigabit Ethernet ports 1 through 5 in slot 5:
matrix-x(switch-su)-> show port priority ge.5.1-5
ge.5.1 is set to 0
ge.5.2 is set to 0
ge.5.3 is set to 0
ge.5.4 is set to 0

14-2 Port Priority and Rate Limiting Commands

Configuring Port Priority

ge.5.5 is set to 0

set port priority

This command sets the 802.1D (802.1p) Class‐of‐Service priority (0 through 7) on each port.

Syntax
set port priority port-string priority

Parameters

port‐string Specifies the port for which to set priority.

priority Specifies a value of 0 ‐ 7 to set the CoS priority for the port entered in the
port‐string. 0 is the lowest priority.

Mode
Switch command, read‐write.

Usage
A port receiving a frame without priority information in its tag header is assigned a priority
according to the priority setting on the port. For example, if the priority of a port is set to 5, the
frames received through that port without a priority indicated in their tag header are classified as
a priority 5.
A frame with priority information in its tag header is transmitted according to that priority.

Note: When CoS override is enabled using the set policy profile command, CoS-based
classification rules will take precedence over priority settings configured with this command.

Example
This example sets a default priority of 6 on Gigabit Ethernet port 3 in slot 1. Frames received by
port 3 without priority information in their frame header are set to the default setting of 6:
matrix-x(switch-su)-> set port priority ge.1.3 6

Matrix X Router Command Line Interface Reference Guide 14-3

Configuring Port Priority

clear port priority

This command resets the current CoS port priority setting to 0. This will cause all frames received
without a priority value in its header to be set to priority 0.

Syntax
clear port priority port-string

Parameters

port‐string Specifies the port for which to clear priority.

Mode
Switch command, read‐write.

Example
This example resets Gigabit Ethernet port 11 in slot 1 to the default priority:
matrix-x(switch-su)-> clear port priority ge.1.11

14-4 Port Priority and Rate Limiting Commands

Configuring Priority to Transmit Queue Mapping

Purpose
These switch‐level commands are used to perform the following:
• View the current priority to transmit queue mapping of each port, which includes both
physical and virtual ports.
• Configure each port to either transmit frames according to the port priority transmit queues
(set using the set port priority command), or according to a priority based on a percentage of
port transmission capacity (set using the set port priority‐queue command).
• Clear current port priority queue settings for one or more ports.

Commands
The commands used in configuring transmit priority queues are listed below.

For information about... Refer to page...

show port priority-queue 14-5

set port priority-queue 14-6

clear port priority-queue 14-7

show port priority-queue

This command displays the port priority levels.

Syntax
show port priority-queue [port-string]

Parameters

port‐string (Optional) Specifies the port for which to show priority queue levels.

Defaults
If port‐string is not specified, priority queue information for all ports will be displayed.

Mode
Switch command, read‐only.

Usage
This command displays the port priority levels (0 through 7, with 0 as the lowest level) associated
with the current transmit queue (0 ‐ 7, with 0 being the lowest priority) for each priority of the
selected port. A frame with a certain port priority is transmitted according to the settings entered
using the set port priority‐queue command.

Matrix X Router Command Line Interface Reference Guide 14-5

Configuring Priority to Transmit Queue Mapping

Example
The following example displays priority queue information for Gigabit Ethernet port 1 in slot 4. In
this case:
• Frames with a priority of 0 are transmitted out transmit queue 2, the third lowest transmit
priority.
• Frames with a priority of 1 are transmitted out queue 0, the lowest transmit priority.
• Frames with a priority of 2 are transmitted out queue 1.
• Frames with higher priorities 3 through 7 are transmitted out queues that match their
priorities.
matrix-x(switch-su)-> show port priority-queue ge.4.1
Port P0 P1 P2 P3 P4 P5 P6 P7
------------ -- -- -- -- -- -- -- --
ge.4.1 2 0 1 3 4 5 6 7

set port priority-queue

This command maps 802.1D (802.1p) priorities to transmit queues.

Syntax
set port priority-queue port-string priority queue

Parameters

port‐string Specifies the port for which to set priority queue.

priority Specifies the 802.1p priority that is being mapped to a transmit queue with this
command. The value of priority can range from 0 to 7, with 0 being the lowest
priority.
queue Specifies the transmit queue that is being mapped to a frame priority with this
command. The value of queue can range from 0 to 7.

Mode
Switch command, read‐write.

Usage
This command enables you to change the priority queue (0‐7, with 0 being the lowest priority
queue) for each port priority of the selected port. You can apply the new settings to one or more
ports.
For example, if the priority queue is set to 3 for those frames with a port priority 7, then those
frames would be transmitted before any frames contained in traffic classes 2 through 0.

Example
This example sets priority 5 frames received on Gigabit Ethernet port 12 in slot 2 to transmit at the
lowest priority queue of 0:
matrix-x(switch-su)->set port priority-queue ge.2.12 5 0

14-6 Port Priority and Rate Limiting Commands

Configuring Priority to Transmit Queue Mapping

clear port priority-queue

This command resets port priority queue settings back to defaults for one or more ports.

Syntax
clear port priority-queue port-string

Parameters

port‐string Specifies the port for which to clear priority queue. For a detailed
description of possible port‐string values, refer to “Port Strings Used in the
CLI” on page 12‐2.

Mode
Switch command, read‐write.

Example
This example clear the priority queue settings on Gigabit Ethernet port 12 in slot 2:
matrix-x(switch-su)->clear port priority-queue ge.2.12

Matrix X Router Command Line Interface Reference Guide 14-7

Configuring Port Traffic Rate Limiting

Purpose
These switch‐level commands are used to limit the rate of inbound traffic on the Matrix X Router
device on a per port/priority basis. The allowable range for the rate limiting is from 64 kilobytes
per second minimum up to the maximum transmission rate allowable on the interface type.
Rate limit is configured for a given port and list of priorities. The list of priorities can include one,
some, or all of the eight 802.1p priority levels. Once configured, the rate of all traffic entering the
port with the priorities configured to that port is not allowed to exceed the programmed limit. If
the rate exceeds the programmed limit, frames are dropped until the rate falls below the limit.

Commands
The commands to configure traffic rate limiting are listed below.

For information about... Refer to page...

show port ratelimit 14-8

set port ratelimit 14-10

clear port ratelimit 14-12

show port ratelimit

This command shows the traffic rate limiting configuration on one or more ports.

Syntax
show port ratelimit [port-string]

Parameters

port‐string (Optional) Displays rate limiting information for specific port(s).

Defaults
If port‐string is not specified, rate limiting information will be displayed for all ports.

Mode
Switch command, read‐only.

14-8 Port Priority and Rate Limiting Commands

Configuring Port Traffic Rate Limiting

Example
The following example displays the current rate limiting information for Gigabit Ethernet port 1 in
slot 5:
matrix-x(switch-su)-> show port ratelimit ge.5.1
Global Ratelimiting status is disabled.

Port Threshold Priority

Number Index (kByte/s) Action Direction List Status
----------- ----- --------- ------------ --------- ----------- --------
ge.5.1 1 64 discard inbound 0,2,4,6 enabled
ge.5.1 2 128 discard inbound 1,3,5,7 enabled

The following table shows a detailed explanation of the command output.

Output What It Displays...

Port Number Port designation.

Index Index number of this rate limiting rule.

Threshold (kB/s) Port rate limiting threshold in kilobytes per second.

Action Whether or not frames not conforming to rate limiting will be discarded.

Direction The direction of the traffic to which rate limiting is applied.

Priority List 802.1D (802.1p) priority level to which the rate limiting is applied.

Status Whether or not this rule is active or disabled

Matrix X Router Command Line Interface Reference Guide 14-9

Configuring Port Traffic Rate Limiting

set port ratelimit

This command configures the traffic rate limiting status and threshold (in kilobytes per second)
for one or more ports.

Syntax
set port ratelimit {disable | enable} | port-string priority threshold {disable |
enable} [inbound ] [index]

Parameters

disable | enable When entered without a port‐string, globally disables or enables the port
rate limiting function. When entered with a port‐string, disables or enables
rate limiting on specific port(s) when the global function is enabled.
port‐string Specifies a port or ports on which to set the rate limiting threshold and
other values.
priority Specifies the 802.1D (802.1p) VLAN priority level to which this rate limiting
will be applied. Multiple priorities may be entered in a comma‐separated
list. The values for priority can be:
• 0 – 7, with 0 specifying the lowest priority, and
• all to set the rate limiting threshold and other parameters on all priority
levels associated with the port‐string.
threshold Specifies a port rate limiting threshold, ranging from 64 kilobytes per
second rate to the maximum rate for the given interface. The maximum
value that can be entered is 1,250,000 kilobytes per second, but you should
enter a value that is relevant to the type of interface you are configuring.
inbound (Optional) Applies this rate policing rule to inbound traffic. Inbound is the
default value.
index (Optional) Assigns a resource index for this rate limiting rule. The index
value can be 1 or 2.

Defaults
If index is not specified, the first available index value will be applied.

Mode
Switch command, read‐write.

Usage
Ports must be in switch mode to be configured for rate limiting.

Examples
The following example displays:
• Globally enabling rate limiting
• Configuring rate limiting for inbound traffic on port ge.5.1, priority 5, to a threshold of 128
kilobytes/second:

14-10 Port Priority and Rate Limiting Commands

Configuring Port Traffic Rate Limiting

matrix-x(switch-su)-> set port ratelimit enable

matrix-x(switch-su)-> set port ratelimit ge.5.1 5 128 enable inbound
The following example first creates three switch mode ports, then enables rate limiting globally,
and then configures rate limiting on one of the switch mode ports. For port ge.4.1, inbound traffic
with even‐numbered VLAN priorities will be rate limited to 64 kilobytes per second, while
inbound traffic with odd‐numbered VLAN priorities will be rate limited to 128 kilobytes per
second.
matrix-x(switch-su)-> set port mode ge.4.1-3 switched

matrix-x(switch-su)-> set port ratelimit enable

matrix-x(switch-su)-> set port ratelimit ge.4.1 0,2,4,6 64 enable inbound 1
matrix-x(switch-su)-> set port ratelimit ge.4.1 1,3,5,7 128 enable inbound 2

matrix-x(switch-su)-> show port ratelimit

Global Ratelimiting status is enabled.

Port Threshold Priority

Number Index (kByte/s) Action Direction List Status
----------- ----- --------- ------------ --------- ----------- --------
ge.4.1 1 64 discard inbound 0,2,4,6 enabled
ge.4.1 2 128 discard inbound 1,3,5,7 enabled
ge.4.2 1 64 discard inbound 0 disabled
ge.4.2 2 64 discard inbound 0 disabled
ge.4.3 1 64 discard inbound 0 disabled
ge.4.3 2 64 discard inbound 0 disabled

Matrix X Router Command Line Interface Reference Guide 14-11

Configuring Port Traffic Rate Limiting

clear port ratelimit

This command clears rate limiting parameters for one or more ports.

Syntax
clear port ratelimit port-string [index]

Parameters

port‐string Specifies the port(s) on which to clear rate limiting.

index (Optional) Specifies the associated resource index to be reset.

Defaults
If not specified, all index entries will be reset.

Mode
Switch command, read‐write.

Example
The following example clears the rate limiting parameters associated with index 1 on port ge.5.1:
matrix-x(switch-su)-> clear port ratelimit ge.4.1 1
matrix-x(switch-su)-> show port ratelimit ge.4.1
Global Ratelimiting status is enabled.

Port Threshold Priority

Number Index (kByte/s) Action Direction List Status
----------- ----- --------- ------------ --------- ----------- --------
ge.4.1 1 64 discard inbound 0 disabled
ge.4.1 2 128 discard inbound 1,3,5,7 enabled

14-12 Port Priority and Rate Limiting Commands

Configuring Regenerated User Priority

Purpose
These switch‐level commands are used to view and set how the user priorities of received frames
on specific ports are regenerated into 802.1D priorities.

Commands

For information about... Refer to page...

show port priority-regen 14-13

set port priority-regen 14-14

clear port priority-regen 14-15

show port priority-regen

This command displays the current regenerated user priority information.

Syntax
show port priority-regen [port-string]

Parameters

port‐string (Optional) Display information for one or more ports. For a detailed description
of possible port‐string values, refer to Port Strings Used in the CLI on page 12‐2.
If this parameter is not used, all ports will be displayed.

Defaults
If no port string is entered, information for all ports is displayed.

Mode
Switch command, read‐only.

Example
The following example displays priority regeneration information for ports 2 through 4 on the
module in slot 4:
matrix-x(switch-su)-> show port priority-regen ge.4.2-4
Port P0 P1 P2 P3 P4 P5 P6 P7
------------ -- -- -- -- -- -- -- --
ge.4.2 0 1 2 3 4 5 6 7
ge.4.3 0 1 2 3 4 5 6 7
ge.4.4 0 1 2 3 4 5 6 7

Matrix X Router Command Line Interface Reference Guide 14-13

Configuring Regenerated User Priority

set port priority-regen

This command specifies how user priority values of received frames should be mapped to 802.1D
priorities when user priorities are regenerated on the port.

Syntax
set port priority-regen port-string user-pri regen-pri

Parameters
port‐string Specifies the port or ports for which priority values are being mapped.
For a detailed description of possible port‐string values, refer to Port Strings Used
in the CLI on page 12‐2.
user‐pri Specifies the user priority to be mapped. The value of user‐pri can range from 0,
the lowest priority, to 7.
regen‐pri Specifies the priority value to which the received user priority should be
regenerated. The value of regen‐pri can range from 0, the lowest priority, to 7.

Defaults
By default, received user priority values are regenerated to the same value.

Mode
Switch command, read‐write.

Usage
When frames are received by a bridging port, the user priority of the received frame is
regenerated, based on the User Priority Regeneration Table settings for that port. Use this
command to set the priority values to which received priority values should be regenerated.
By default, received user priority values will be regenerated to the same value. That is, a priority
value of 0 will be regenerated to 0, a priority value of 1 will be regenerated to 1, and so on.

Example
The following example changes the mapping of user priority 2 to a regenerated priority value of 4
on port 2 on the module in slot 4. Then, the changed mapping is displayed.
matrix-x(switch-su)-> set port priority-regen ge.4.2 2 4
matrix-x(switch-su)-> show port priority-regen ge.4.2-4
Port P0 P1 P2 P3 P4 P5 P6 P7
------------ -- -- -- -- -- -- -- --
ge.4.2 0 1 4 3 4 5 6 7
ge.4.3 0 1 2 3 4 5 6 7
ge.4.4 0 1 2 3 4 5 6 7

14-14 Port Priority and Rate Limiting Commands

Configuring Regenerated User Priority

clear port priority-regen

This command returns regeneration mappings to their default values.

Syntax
clear port priority-regen port-string

Parameters
port‐string Specifies the port or ports to be returned to default values.
For a detailed description of possible port‐string values, refer to Port
Strings Used in the CLI on page 12‐2.

Defaults
None.

Mode
Switch command, read‐write.

Usage
This command returns any remapped user priorities to their default mapping, which is to the
same priority values. That is, a received user priority of 0 will be regenerated to 0, a received user
priority of 1 will be regenerated to 1, and so on.

Example
The following example returns the remapped values for port 2 on the module in slot 4 to their
default values. Then, the results of the command are displayed.
matrix-x(switch-su)-> clear port priority-regen ge.4.2
matrix-x(switch-su)-> show port priority-regen ge.4.2
Port P0 P1 P2 P3 P4 P5 P6 P7
------------ -- -- -- -- -- -- -- --
ge.4.2 0 1 2 3 4 5 6 7

Matrix X Router Command Line Interface Reference Guide 14-15

Configuring Regenerated User Priority

14-16 Port Priority and Rate Limiting Commands

15
RADIUS Commands

Overview
This chapter describes the RADIUS set of commands, and how to use them.
When RADIUS authentication is enabled with the set authentication login radius command,
RADIUS authentication will be used as the primary authentication method. The user names and
passwords used to access the device via Telnet, SSH, and console sessions will be validated against
the configured RADIUS server. Only in the case of a RADIUS timeout will those credentials be
compared against credentials locally configured on the Matrix X Router and stored in the local
user database.

Commands

For information about... Refer to page...

show radius 15-2

set radius 15-3

clear radius 15-5

Matrix X Router Command Line Interface Reference Guide 15-1

Commands

show radius
This command displays the current RADIUS client/server configuration.

Syntax
show radius [interface | status | retries | timeout | server {index | all}]

Parameters
interface (Optional) Displays the local administrative interface of the RADIUS client.
status (Optional) Displays the RADIUS status, either enabled or disabled.
retries (Optional) Displays the maximum number of attempts a user can contact
the RADIUS server before timing out.
server index | all (Optional) Displays RADIUS server configuration information. Specify a
single server to display by its index, or display all servers.
timeout (Optional) Displays the maximum amount of time (in seconds) to establish
contact with the RADIUS server before timing out.

Defaults
If no parameters are specified, all RADIUS configuration information will be displayed.

Mode
Switch command, super‐user.

Example
This example displays all RADIUS configuration information:
matrix-x(switch-su)-> show radius
RADIUS status: Disabled
RADIUS Client Administrative Interface: eth0
RADIUS retries: 3
RADIUS timeout: 20 seconds
RADIUS Server IP Address Auth-Port Realm-Type Status
--------------- --------------- --------- ------------------ -------
1 100.10.0.100 1812 any Active

The following table provides an explanation of the command output.

Output What It Displays...

RADIUS status Whether RADIUS is enabled or disabled.

Commands
For information about... Refer to page...

show tacacs 16-2

set tacacs 16-3

show tacacs server 16-4

set tacacs server 16-4

clear tacacs server 16-5

show tacacs session 16-6

set tacacs session 16-6

clear tacacs session 16-8

show tacacs command 16-9

set tacacs command 16-9

show tacacs singleconnect 16-10

set tacacs singleconnect 16-11

show tacacs interface 16-11

set tacacs interface 16-12

clear tacacs interface 16-12

Matrix X Router CLI Reference Guide 16-1

Commands show tacacs

show tacacs
This command displays the current TACACS+ configuration information and status.

Syntax
show tacacs [status]

Parameters
status (Optional) Displays only the TACACS+ client status.

Defaults
If status is not specified, all TACACS+ configuration information will be displayed.

Mode
Switch command, super‐user.

Usage
Use this command to display all the TACACS+ configuration information, or only whether the
client is enabled or disabled.

Example
This example displays all TACACS+ configuration settings.
matrix-x(switch-su)-> show tacacs

TACACS+ Client administrative interface: ge.1.1

TACACS+ status: Enabled
TACACS+ session accounting status: Enabled
TACACS+ command authorization status: Disabled
TACACS+ command accounting status: Disabled
TACACS+ single-connect status: Enabled
TACACS+ service: exec
TACACS+ session authorization A-V pairs:
access level attribute value
read-only priv-lvl 0
read-write priv-lvl 1
super-user priv-lvl 15
debug priv-lvl 14
TACACS+ Server IP Address TCP Port Timeout Status
-------------- --------------- -------- ------- --------
1 10.10.10.10 635 30 Active

The following table describes the output.

Output... What it displays...

TACACS+ Client administrative interface The interface whose IP address is used as the
source address of packets sent by the TACACS+
client.

TACACS+ status Whether the TACACS+ client is enabled or disabled.

TACACS+ session accounting status Whether TACACS+ session accounting is enabled

or disabled.

16-2 TACACS+ Commands

set tacacs Commands

Output... What it displays...

TACACS+ command authorization status Whether TACACS+ command authorization is
enabled or disabled.

TACACS+ command accounting status Whether TACACS+ command accounting is

enabled or disabled.

TACACS+ single-connect status Whether TACACS+ singleconnect is enabled or

disabled.
When enabled, the TACACS+ client sends multiple
requests over a single TCP connection.

TACACS+ service The name of the service that is requested by the

TACACS+ client for session authorization. “exec” is
the default service name.

TACACS+ session authorization A-V pairs Displays the attribute – value pairs that are mapped
to the X Router read-only, read-write, super-user,
and debug access privilege levels for the service
requested for session authorization.
The attribute names and values shown in the
example above are the default values.

TACACS+ Server Displays the TACACS+ server information used by

the TACACS+ client.

set tacacs
This command enables or disables the TACACS+ client.

Syntax
set tacacs {enable | disable}

Parameters
enable | disable Enables or disables the TACACS+ client.

Defaults
By default, the TACACS+ client is disabled.

Mode
Switch command, super‐user.

Usage
Once the TACACS+ client has been enabled, you must use this command to disable it.

Example
This example enables the TACACS+ client.
matrix-x(switch-su)-> set tacacs enable

Matrix X Router CLI Reference Guide 16-3

Commands show tacacs server

show tacacs server

This command displays the current configuration for one or all configured TACACS+ servers.

Syntax
show tacacs server {index | all}

Parameters
index Display the configuration of the TACACS+ server identified by index.
The value of index can range from 1 to 65535.
all Display the configuration for all configured TACACS+ servers.

Defaults
None.

Mode
Switch command, super‐user.

Usage
Up to 8 TACACS+ servers can be configured.

Example
This example displays configuration information for all configured TACACS+ servers.
matrix-x(switch-su)-> show tacacs server all
TACACS+ Server IP Address TCP Port Timeout Status
-------------- --------------- -------- ------- -------
1 192.168.10.10 49 10 Active
2 192.168.1.116 49 10 Active

set tacacs server

This command configures the TACACS+ server(s) to be used by the TACACS+ client. You can
configure the time out value for a single server, or you can configure the IP address, TCP port, and
secret for a single server.

Syntax
set tacacs server index (timeout sec | ip-address port secret)

Parameters
index Specify the index number of the TACACS+ server being configured. The
index value can range from 1 to 65535.
timeout sec The period of time (in seconds) the X Router will wait for a response
from the TACACS+ server before it times out and declares an error.
Specify the server time out value, in seconds. The value can range from
1 to 30 seconds.
ip‐address Specify the IP address of the TACACS+ server.
port Specify the server’s TCP port. Typically, port 49 is used.
secret Specify the server’s shared secret.
16-4 TACACS+ Commands
clear tacacs server Commands

Defaults
The default timeout value is 10 seconds.

Mode
Switch command, super‐user.

Usage
You can configure either the IP address, TCP port, and shared secret for a TACACS+ server, or you
can configure a server’s timeout value.

Examples
This example configures TACACS+ server 1 with an IP address, TCP port, and secret.
matrix-x(switch-su)-> set tacacs server 1 192.168.10.1 49 QX0678abc

This example changes server 1’s time out value from the default of 10 seconds to 30 seconds.
matrix-x(switch-su)-> set tacacs server 1 timeout 30

clear tacacs server

This command clears the TACACS+ settings for one or all servers.

Syntax
clear tacacs server {index | all} [timeout]

Parameters
index Specify a single TACACS+ server to clear. The value of index can range
from 1 to 65535.
all Specify that all TACACS+ servers are to be cleared.
timeout (Optional) Specifies that the timeout value is to be cleared to its default
value of 10 seconds.

Defaults
If timeout is not specified, the specified server(s) are deleted from the list of servers. If timeout is
specified, the timeout value is returned to its default value of 10 seconds.

Mode
Switch command, super‐user.

Usage
Use this command to delete one or all configured servers from the list of servers used by the
TACACS+ client, or to return the timeout value for one or all servers to the default value.

Example
This example removes TACACS+ server with index number 1 from the list of servers.
matrix-x(switch-su)-> clear tacacs server 1

Matrix X Router CLI Reference Guide 16-5

Commands show tacacs session

show tacacs session

This command displays the current TACACS+ client session settings.

Syntax
show tacacs session

Parameters
None.

Defaults
None.

Mode
Switch command, super‐user.

Example
This example shows how to display the TACAS+ session settings.
matrix-x(switch-su)-> show tacacs session

TACACS+ session accounting status: Enabled

TACACS+ service: exec
TACACS+ session authorization A-V pairs:
access level attribute value
read-only priv-lvl 0
read-write priv-lvl 1
super-user priv-lvl 15
debug priv-lvl 14

set tacacs session

This command enables or disables TACACS+ session accounting or configures TACACS+ session
authorization parameters.

Syntax
Separate syntax formats are shown for configuring session accounting and session authorization.
set tacacs session accounting {enable | disable}

set tacacs session authorization {service name | debug attribute value | read-only
attribute value | read-write attribute value | super-user attribute value}

Parameters
accounting Specifies that TACACS+ session accounting is being configured.
enable | disable Enables or disables TACACS+ session accounting.
authorization Specifies that TACACS+ session authorization is being configured.
service name Specifies the name of the service that the TACACS+ client will request
from the TACACS+ server for session authorization. The name specified
here must match the name of a service configured on the server.

16-6 TACACS+ Commands

set tacacs session Commands

debug attribute value Specifies that the X Router debug access privilege level should be
matched to a privilege level configured on the TACACS+ server by
means of an attribute‐value pair specified by attribute and value.
By default, attribute is “priv‐lvl” and value is 14.
read‐only attribute Specifies that the X Router read‐only access privilege level should be
value matched to a privilege level configured on the TACACS+ server by
means of an attribute‐value pair specified by attribute and value.
By default, attribute is “priv‐lvl” and value is 0.
read‐write attribute Specifies that the X Router read‐write access privilege level should be
value matched to a privilege level configured on the TACACS+ server by
means of an attribute‐value pair specified by attribute and value.
By default, attribute is “priv‐lvl” and value is 1.
super‐user attribute Specifies that the X Router super‐user access privilege level should be
value matched to a privilege level configured on the TACACS+ server by
means of an attribute‐value pair specified by attribute and value.
By default, attribute is “priv‐lvl” and value is 15.

Defaults
None.

Mode
Switch command, super‐user.

Usage
When session accounting is enabled, the TACACS+ server will log accounting information, such as
start and stop times, IP address of the remote user, and so forth, for each authorized client session.
Once session accounting has been enabled, you can disable it with this command.
When the TACACS+ client is enabled on the X Router (with the set tacacs enable command), the
session authorization parameters configured with this command are sent by the client to the
TACACS+ server when a session is initiated on the X Router. The parameter values must match a
service and access level attribute‐value pairs configured on the server for the session to be
authorized. If the parameter values do not match, the session will not be allowed.
The service name and attribute‐value pairs can be any character string, and are determined by
your TACACS+ server configuration.

Examples
This example configures the service requested by the TACACS+ client as the service name “basic.”
matrix-x(switch-su)-> set tacacs session authorization service basic
This example maps the X Router read‐write access privilege level to an attribute named “priv‐lvl”
with the value of 5 configured on the TACACS+ server.
matrix-x(switch-su)-> set tacacs session authorization read-write priv-lvl 5
This example enables session accounting.
matrix-x(switch-su)-> set tacacs session accounting enable

Matrix X Router CLI Reference Guide 16-7

Commands clear tacacs session

clear tacacs session

This command returns the TACACS+ session authorization settings to their default values.

Syntax
clear tacacs session authorization {[service] | [read-only] [read-write]
[super-user] [debug]}

Parameters
authorization Clears the TACACS+ session authorization parameters.
service (Optional) Clears the TACACS+ session authorization service name to
the default value of “exec.”
read‐only (Optional) Clears the TACACS+ session authorization read‐only
attribute‐value pair to their default values of “priv‐lvl” and 0.
read‐write (Optional) Clears the TACACS+ session authorization read‐write
attribute‐value pair to their default values of “priv‐lvl” and 1.
super‐user (Optional) Clears the TACACS+ session authorization super‐user
attribute‐value pair to their default values of “priv‐lvl” and 15.
debug (Optional) Clears the TACACS+ session authorization debug
attribute‐value pair to their default values of “priv‐lvl” and 14.

Defaults
At least one optional parameter must be entered.

Mode
Switch command, super‐user.

Examples
This example shows how to return only the service name to the default of “exec.”
matrix-x(switch-su)-> clear tacacs session authorization service
This example shows how to return read‐only and read‐write attribute value‐pairs to their default
values.
matrix-x(switch-su)-> clear tacacs session authorization read-only read-write

16-8 TACACS+ Commands

show tacacs command Commands

show tacacs command

This command displays the status of TACACS+ accounting and authorization on a per‐command
basis.

Syntax
show tacacs command

Parameters
None.

Defaults
None.

Mode
Switch command, super‐user.

Example
This example shows how to display TACACS+ accounting and authorization on a per‐command
basis.
matrix-x(switch-su)-> show tacacs command

TACACS+ command authorization status: Disabled

TACACS+ command accounting status: Disabled

set tacacs command

This command enables or disables TACACS+ accounting or authorization on a per‐command
basis.

Syntax
set tacacs command {accounting | authorization} {enable | disable}

Parameters
accounting | Specifies either TACACS+ accounting or authorization to be enabled or
authorization disabled.
enable | disable Enables or disables accounting or authorization on a per‐command
basis.

Defaults
Accounting and authorization on a per‐command basis is disabled by default.

Mode
Switch command, super‐user.

Matrix X Router CLI Reference Guide 16-9

Commands show tacacs singleconnect

Usage
In order for per‐command accounting or authorization by a TACACS+ server to take place, the
command must be executed within an authorized session.
When per‐command accounting is enabled, the TACACS+ server will log accounting information,
such as the command string, IP address of the remote user, and so forth, for each command
executed during the session.
When per‐command authorization is enabled, the TACACS+ server will check whether each
command is permitted for that authorized session and return a success or fail. If the authorization
fails, the command is not executed.

Example
This example enables per‐command TACACS+ authorization.
matrix-x(switch-su)-> set tacacs command authorization enable

show tacacs singleconnect

This command displays the current status of the TACACS+ client’s ability to send multiple
requests over a single TCP connection.

Syntax
show tacacs singleconnect

Parameters
None.

Defaults
None.

Mode
Switch command, super‐user.

Example
This example shows how to display the state of the TACACS+ client’s ability to send multiple
requests over a single connection.
matrix-x(switch-su)-> show tacacs singleconnect

TACACS+ single-connect status: Enabled

16-10 TACACS+ Commands

set tacacs singleconnect Commands

set tacacs singleconnect

This command enables or disables the ability of the TACACS+ client to send multiple requests
over a single TCP connection.

Syntax
set tacacs singleconnect {enable | disable}

Parameters
enable | disable Enables or disables the ability to send multiple requests over a single
TCP connection.

Defaults
None.

Mode
Switch command, super‐user.

Usage
When single connect is enabled, the TACACS+ client will use a single TCP connection for all
requests to a given TACACS+ server.

Example
This example shows how to disable sending multiple requests over a single connection.
matrix-x(switch-su)-> set tacacs singleconnect disable

show tacacs interface

This command displays the interface configured as the source IP address of the TACACS+ client.

Syntax
show tacacs interface

Parameters
None.

Defaults
None.

Mode
Switch command, super‐user.

Example
This example shows how to display the TACACS+ client interface.
matrix-x(switch-su)-> show tacacs interface

TACACS+ Client administrative interface: ge.1.1

Matrix X Router CLI Reference Guide 16-11

Commands set tacacs interface

set tacacs interface

This command configures the interface used for the source IP address of the TACACS+ client.

Syntax
set tacacs interface port-string

Parameters
port‐string Specifies the interface used for the source IP address of the TACACS+
client. This interface should be configured with an IP address.

Defaults
None.

Mode
Switch command, super‐user.

Usage
If configured, the TACACS+ client administrative interface is the interface whose IP address will
be used as the source IP address of the TACACS+ client. If no interface is specifically configured,
the source IP address used in packets sent by the client will be that of the transmitting interface.

Example
This example configures interface ge.1.1 as the TACACS+ client administrative interface.
matrix-x(switch-su)-> set tacacs interface ge.1.1

clear tacacs interface

This command clears the interface previously configured as the TACACS+ client administrative
interface.

Syntax
clear tacacs interface

Parameters
None.

Defaults
None.

Mode
Switch command, super‐user.

Example
This example removes the previously configured client administrative interface.
matrix-x(switch-su)-> clear tacacs interface

16-12 TACACS+ Commands

17
Remote Network Monitoring Commands

Overview
This chapter describes the Remote Network Monitoring (RMON) set of commands, and how to
use them.
RMON provides comprehensive network fault diagnosis, planning, and performance tuning
information and allows for interoperability between SNMP management stations and monitoring
agents. RMON extends the SNMP MIB capability by defining additional MIBs that generate a
much richer set of data about network usage. These MIB “groups” each gather specific sets of data
to meet common network monitoring requirements. RMON is defined in RFC 2819.
The commands for configuring each monitoring group are grouped together in the following
sections:

For information about... Refer to page...

RMON Monitoring Groups 17-2

Statistics Group Commands 17-3

History Group Commands 17-6

Alarm Group Commands 17-9

Event Group Commands 17-13

Matrix X Router Command Line Interface Reference Guide 17-1

RMON Monitoring Groups

Table 17‐1 lists the RMON monitoring groups supported on the Matrix X Router, describes each
group’s function and the elements it monitors, and lists the associated configuration commands
needed.

Table 17-1 RMON Monitoring Group Functions and Commands

RMON
What It Does... What It Monitors... CLI Command(s)
Group

Statistics Records statistics Packets dropped, packets • show rmon stats on page 17-3
measured by the RMON sent and received, bytes
probe for each monitored sent (octets), broadcast
interface on the device. and multicast packets,
CRC errors, oversized and
undersized packets,
fragments, jabbers, and
counters for packets.

History Records periodic statistical Sample period, number of • show rmon history on page 17-6
samples from a network. samples and item(s) • set rmon history on page 17-7
sampled. • clear rmon history on page 17-8

Alarm Periodically gathers Alarm type, interval, • show rmon alarm on page 17-9
statistical samples from starting threshold, stop • set rmon alarm properties on
variables in the probe and threshold. page 17-10
compares them with • set rmon alarm status on
previously configured page 17-12
thresholds. If the monitored • clear rmon alarm on page 17-12
variable crosses a
threshold, an event is
generated.

Event Controls the generation Event type, description, last • show rmon event on page 17-13
and notification of events time event was sent. • set rmon event properties on
from the device. page 17-14
• set rmon event status on
page 17-15
• clear rmon event on page 17-16

17-2 Remote Network Monitoring Commands

Statistics Group Commands

Purpose
This switch‐level command is used to display the RMON statistics.

Commands
The statistics group commands are:

For information about... Refer to page...

show rmon stats 17-3

show rmon stats

This command displays RMON statistics measured for one or more ports.

Syntax
show rmon stats [port-string]

Parameters
port-string (Optional) Displays RMON statistics for specific port(s). For a detailed
description of possible port‐string values, refer to “Port Strings Used in the
CLI” on page 12‐2.

Defaults
If port‐string is not specified, RMON stats will be displayed for all ports.

Mode
Switch command, read‐only.

Example
The following example displays RMON statistics for Gigabit Ethernet port 4 in slot 1:
matrix-x(switch-su)-> show rmon stats ge.4.1
Port: ge.4.1
----------------
Index = 4001
Owner = monitor
Data Source = ifIndex.4001

Drop Events = 0 Packets = 0

Collisions = 0 Octets = 0
Jabbers = 0 0 - 64 Octets = 0
Broadcast Pkts = 0 65 - 127 Octets = 0
Multicast Pkts = 0 128 - 255 Octets = 0
CRC Errors = 0 256 - 511 Octets = 0

Matrix X Router Command Line Interface Reference Guide 17-3

Statistics Group Commands

Undersize Pkts = 0 512 - 1023 Octets = 0

Oversize Pkts = 0 1024 - 1518 Octets = 0
Fragments = 0

The following table provides an explanation of the command output.

Output What It Displays...

Port Port designation.

Index Index number of this entry.

Owner Name of the entity that configured this entry. Monitor is default.

Data Source Data source of the statistics being displayed.

Drop Events Sum of times that the switch was forced to discard frames due to lack of available
switch device resources. This does not display the number of frames dropped, only
the number of times the switch was forced to discard frames.

Collisions Sum of collisions that have occurred on this interface.

Jabbers Sum of frames that were greater than 1518 bytes and had either a bad FCS or a bad
CRC.
Broadcast Pkts Sum of good frames that were directed to the broadcast address. This value does
not include multicast frames.

Multicast Pkts Sum of good frames that were directed to the multicast address. This value does not
include broadcast frames.

CRC Errors Number of frames with bad Cyclic Redundancy Checks (CRC) received from the
network. The CRC is a 4-byte field in the data frame that ensures that the data
received is the same as the data that was originally sent.

Undersize Pkts Number of frames received containing less than the minimum Ethernet frame size of
64 bytes (not including the preamble) but having a valid CRC.

Oversize Pkts Number of frames received that exceeded 1518 data bytes (not including the
preamble) but had a valid CRC.

Fragments Number of received frames that are not the minimum number of bytes in length, or
received frames that had a bad or missing Frame Check Sequence (FCS), were less
than 64 bytes in length (excluding framing bits, but including FCS bytes) and had an
invalid CRC. It is normal for this value to increment since fragments are a normal
result of collisions in a half-duplex network.

Packets Sum of frames (including bad frames, broadcast frames, and multicast frames)
received on this interface.

Octets Sum of octets (bytes) of data, including those in bad frames, received on this
interface.

0 – 64 Octets Sum of frames, including bad frames, received that were 64 bytes in length
(excluding framing bits, but including FCS bytes).

65 – 127 Octets Sum of frames, including bad frames, received that were between 65 and 127 bytes
in length (excluding framing bits, but including FCS bytes).

128 – 255 Octets Sum of frames, including bad frames, received that were between 128 and 255
bytes in length (excluding framing bits, but including FCS bytes).

17-4 Remote Network Monitoring Commands

Statistics Group Commands

Output What It Displays...

256 – 511 Octets Sum of frames, including bad frames, received that were between 256 and 511
bytes in length (excluding framing bits, but including FCS bytes).

512 – 1023 Octets Sum of frames, including bad frames, received that were between 512 and 1023
bytes in length (excluding framing bits, but including FCS bytes).

1024 – 1518 Octets Sum of frames, including bad frames, received that were between 1024 and 1518
bytes in length (excluding framing bits, but including FCS bytes).

Matrix X Router Command Line Interface Reference Guide 17-5

History Group Commands

Commands
The History group commands are:

For information about... Refer to page...

show rmon history 17-6

set rmon history 17-7

clear rmon history 17-8

show rmon history

This command displays RMON history properties and statistics. The RMON history group
records periodic statistical samples from a network.

Syntax
show rmon history [port-string]

Parameters
port-string (Optional) Displays RMON history entries for specific port(s).

Default
If port‐string is not specified, information about all RMON history entries will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays RMON history entries for Gigabit Ethernet port 3 in slot 4. A
control entry displays first, followed by actual entries corresponding to the control entry. In this
case, the default settings for entry owner, sampling interval, and maximum number of entries
(buckets) have not been changed from their default values (as described in “set rmon history” on
page 17‐7).
matrix-x(switch-su)-> show rmon history ge.4.1
Port: ge.4.1
---------------------------------------
Index 4001
Owner = monitor
Status = valid
Data Source = ifIndex.4001
Interval = 30
Buckets Requested = 50
Buckets Granted = 50

Sample 44 xxxxxxInterval Start: 0 days 19 hours 11 minutes 35 seconds

17-6 Remote Network Monitoring Commands

History Group Commands

Drop Events = 0 Undersize Pkts = 0

Octets = 0 Oversize Pkts = 0
Packets = 0 Fragments = 0
Broadcast Pkts = 0 Jabbers = 0
Multicast Pkts = 0 Collisions = 0
CRC Align Errors = 0 Utilization(%) = 0

set rmon history

This command configures an RMON history entry.

Syntax
set rmon history index-list [port-string] [buckets buckets] [interval interval]
[owner owner]

Parameters
index-list Specifies an index number for this entry, ranging from 1 to 65535.
port-string (Optional) Assigns this entry to a specific port.
buckets buckets (Optional) Specifies the maximum number of entries to maintain.
interval interval (Optional) Specifies the sampling interval in seconds.
owner owner (Optional) Specifies an owner for this entry.

Defaults
• If port‐string is not specified, the history entry will be valid on all ports.
• If buckets is not specified, the maximum number of entries maintained will be 50.
• If not specified, interval will be set to 1800 seconds.
• If owner is not specified, monitor will be applied.

Mode
Switch command, read‐write.

Example
The following example configures RMON history entry 1 on port ge.4.1 to sample every 20
seconds:
matrix-x(switch-su)-> set rmon history 1 ge.4.1 interval 20

Matrix X Router Command Line Interface Reference Guide 17-7

History Group Commands

clear rmon history

This command deletes one or more RMON history entries or resets one or more entries to default
values. For specific values, refer to “set rmon history” on page 17‐7.

Syntax
clear rmon history {index-list | to-defaults}

Parameters
index-list Specifies one or more history entries to be reset to default values,
ranging from 1 to 65535.
to-defaults Resets all history entries to default values.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets RMON history entry 1:
matrix-x(switch-su)-> clear rmon history 1

17-8 Remote Network Monitoring Commands

Alarm Group Commands

Commands
The Alarm group commands are:

For information about... Refer to page...

show rmon alarm 17-9

set rmon alarm properties 17-10

set rmon alarm status 17-12

clear rmon alarm 17-12

show rmon alarm

This command displays RMON alarm entries. The RMON alarm group periodically takes
statistical samples from RMON variables and compares them with previously configured
thresholds. If the monitored variable crosses a threshold an RMON event is generated.

Syntax
show rmon alarm [index]

Parameters
index (Optional) Displays RMON alarm entries for a specific entry index ID.

Defaults
If index is not specified, information about all RMON alarm entries will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays RMON alarm entry 3:
matrix-x-> show rmon alarm 3
Index 3
---------------------
Owner = Manager
Status = valid
Variable = 1.3.6.1.4.1.5624.1.2.29.1.2.1.0
Sample Type = delta Startup Alarm = rising
Interval = 30 Value = 0
Rising Threshold = 1 Falling Threshold = 0
Rising Event Index = 2 Falling Event Index = 0
Table 17‐2 provides an explanation of the command output.

Matrix X Router Command Line Interface Reference Guide 17-9

Alarm Group Commands

Table 17-2 show rmon alarm Output Details

Output What It Displays...

Index Index number for this alarm entry.

Owner Text string identifying who configured this entry.

Status Whether this event entry is enabled (valid) or disabled.

Variable MIB object to be monitored.

Sample Type Whether the monitoring method is an absolute or a delta sampling.

Startup Alarm Whether alarm generated when this entry is first enabled is rising, falling, or either.

Interval Interval in seconds at which RMON will conduct sample monitoring.

Rising Threshold Minimum threshold for causing a rising alarm.

Falling Threshold Maximum threshold for causing a falling alarm.

Rising Event Index Index number of the RMON event to be triggered when the rising threshold is
crossed.

Falling Event Index Index number of the RMON event to be triggered when the falling threshold is
crossed.

set rmon alarm properties

This command configures an RMON alarm entry, or to create a new alarm entry with an unused
alarm index number.

Syntax
set rmon alarm properties index [interval interval] [object object] [type
{absolute | delta}] [startup {rising | falling | either}] [rthresh rthresh]
[fthresh fthresh] [revent revent] [fevent fevent] [owner owner]

Parameters
index Specifies an index number for this entry. Maximum number or entries is 50.
Maximum value is 65535.
interval interval (Optional) Specifies an interval (in seconds) for RMON to conduct sample
monitoring.
object object (Optional) Specifies a MIB object to be monitored.
Note: This parameter is not mandatory for executing the command, but must
be specified in order to enable the alarm entry configuration.
type absolute | (Optional) Specifies the monitoring method as: sampling the absolute value of
delta the object, or the difference (delta) between object samples.

17-10 Remote Network Monitoring Commands

Alarm Group Commands

startup rising | (Optional) Specifies the type of alarm generated when this event is first
falling | either enabled as:
• rising ‐ Sends alarm when an RMON event reaches a maximum threshold
condition is reached, for example, more than 30 collisions per second.
• falling ‐ Sends alarm when RMON event falls below a minimum
threshold, for example when the network is behaving normally again.
• either ‐ Sends alarm when either a rising or falling threshold is reached.
rthresh rthresh (Optional) Specifies a minimum threshold for causing a rising alarm.
fthresh fthresh Specifies a maximum threshold for causing a falling alarm.
revent revent Specifies the RMON event index number to be triggered when the rising
threshold is crossed.
fevent fevent Specifies the RMON event index number to be triggered when the falling
threshold is crossed.
owner owner (Optional) Specifies the name of the entity that configured this alarm entry.

Defaults
• interval ‐ 3600 seconds
• type ‐ absolute
• startup ‐ rising
• rthresh ‐ 0
• fthresh ‐ 0
• revent ‐ 0
• fevent ‐ 0
• owner ‐ monitor

Mode
Switch command, read‐write.

Example
The following example configures a rising RMON alarm. This entry will conduct monitoring of
the delta between samples every 30 seconds:
matrix-x(switch-su)-> set rmon alarm properties 3 interval 30 object
1.3.6.1.4.1.5624.1.2.29.1.2.1.0 type delta rthresh 1 revent 2 owner Manager

Matrix X Router Command Line Interface Reference Guide 17-11

Alarm Group Commands

set rmon alarm status

This command enables an RMON alarm entry. An alarm is a notification that a statistical sample
of a monitored variable has crossed a configured threshold.

Syntax
set rmon alarm status index enable

Note: An RMON alarm entry can be created with this command, configured using the “set rmon
alarm properties” on page 17-10, then enabled using this command. An RMON alarm entry can be
created and set at the same time by specifying an unused index with the set properties command.

Parameters
index Specifies an index number for this entry. Maximum number or entries is 50.
Maximum value is 65535.
enable Enables this alarm entry.

Mode
Switch command, read‐write.

Example
The following example enables RMON alarm entry 3:
matrix-x(switch-su)-> set rmon alarm status 3 enable

clear rmon alarm

This command deletes an RMON alarm entry.

Syntax
clear rmon alarm index

Parameters
index Specifies the index number of entry to be cleared.

Default
None.

Mode
Switch command, read‐write.

Example
The following example clears RMON alarm entry 1:
matrix-x(switch-su)-> clear rmon alarm 1

17-12 Remote Network Monitoring Commands

Event Group Commands

Commands
The Event group commands are:

For information about... Refer to page...

show rmon event 17-13

set rmon event properties 17-14

set rmon event status 17-15

clear rmon event 17-16

show rmon event

This command displays RMON event entry properties.

Syntax
show rmon event [index]

Parameters
index (Optional) Displays RMON properties and log entries for a specific entry index ID.

Defaults
If index is not specified, information about all RMON entries will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays RMON event entry 3:
matrix-x(switch-su)-> show rmon event 3
Index 3
----------------
Owner = Manager
Status = valid
Description = STP Topology change
Type = log-and-trap
Community = public
Last Time Sent = 0 days 0 hours 0 minutes 37 seconds
Table 17‐3 provides an explanation of the command output.

Matrix X Router Command Line Interface Reference Guide 17-13

Event Group Commands

Table 17-3 show rmon event Output Details

Output What It Displays...

Index Index number for this event entry.

Owner Text string identifying who configured this entry.

Status Whether this event entry is enabled (valid) or disabled.

Description Text string description of this event.

Type Whether the event notification will be a log entry, and SNMP trap, both, or none.

Community SNMP community name if message type is set to trap.

Last Time Sent When an event notification matching this entry was sent.

set rmon event properties

This command configures an RMON event entry, or creates a new event entry with an unused
event index number.

Syntax
set rmon event properties index [description description] [type {none | log | trap
| both}] [community community] [owner owner]

Parameters
index Specifies an index number for this entry. Maximum number of entries is
100. Maximum value is 65535.
description (Optional) Specifies a text string description of this event.
description
type none | log | (Optional) Specifies the type of RMON event notification as: none, a log
trap | both table entry, an SNMP trap, or both a log entry and a trap message.
community (Optional) Specifies an SNMP community name to use if the message type
community is set to trap. For details on setting SNMP traps and community names,
refer to Chapter 4.
owner owner (Optional) Specifies the name of the entity that configured this entry.

Defaults
• If description is not specified, none will be applied.
• If not specified, type none will be applied.
• If owner is not specified, monitor will be applied.

Mode
Switch command, read‐write.

17-14 Remote Network Monitoring Commands

Event Group Commands

Example
The following example creates and enables an RMON event entry called STP topology change that
will send both a log entry and an SNMP trap message to the “public” community:
matrix-x(switch-su)-> set rmon event properties 2 description "STP topology
change" type both community public owner Manager

set rmon event status

This command enables an RMON event entry.

Syntax
set rmon event status index enable

Parameters
index Specifies an index number for this entry. Maximum number of entries
is 100. Maximum value is 65535.
enable Enables this event entry.

Default
None.

Mode
Switch command, read‐write.

Usage
An RMON event entry describes the parameters of an RMON event that can be triggered. Events
can be fired by RMON alarms and can be configured to create a log entry, generate a trap, or both.
An RMON event entry can be created using this command, configured using the set rmon event
properties command, then enabled using this command. An RMON event entry can be created
and configured at the same time by specifying an unused index with the set rmon event properties
command.

Example
The following example enables RMON event entry 1:
matrix-x(switch-su)-> set rmon event status 1 enable

Matrix X Router Command Line Interface Reference Guide 17-15

Event Group Commands

clear rmon event

This command deletes an RMON event entry and any associated log entries.

Syntax
clear rmon event index

Parameters
index Specifies the index number of the entry to be cleared.

Default
None.

Mode
Switch command, read‐write.

Example
The following example clears RMON event 1:
matrix-x(switch-su)-> clear rmon event 1

17-16 Remote Network Monitoring Commands

18
SNMP Commands

Overview
This chapter describes the switch‐level commands related to SNMP.

For information about... Refer to page...

Enabling/Disabling SNMP and Reviewing SNMP Statistics 18-1

Configuring SNMP Users, Groups and Communities 18-8

Configuring SNMP Access Rights 18-19

Configuring SNMP MIB Views 18-23

Configuring SNMP Target Parameters 18-27

Configuring SNMP Target Addresses 18-31

Configuring SNMP Notification Parameters 18-35

Enabling/Disabling SNMP and Reviewing SNMP Statistics

Purpose
These switch‐level commands allow you to enable and disable SNMP on the system, and to
review SNMP statistics. By default, SNMP is disabled on the Matrix X Router.

Commands
The commands used to enable/disable SNMP and to review SNMP statistics are listed below.

For information about... Refer to page...

set snmp 18-2

show snmp status 18-3

show snmp engineid 18-3

show snmp counters 18-4

Matrix X Router Command Line Interface Reference Guide 18-1

Enabling/Disabling SNMP and Reviewing SNMP Statistics

set snmp
This command enables or disables SNMP management on the router.

Syntax
set snmp {enable|disable}

Parameters

enable Enable SNMP management. By default, SNMP management is disabled

on the Matrix X Router.
disable Disable SNMP management.

Defaults
By default, SNMP management is disabled.

Mode
Switch mode, read‐write.

Usage
The factory default for the Matrix X Router is for the SNMP master agent to be disabled, and no
default community strings to be provided. Therefore, to allow communication with the Matrix X
Router via SNMPv1 or SNMPv2, SNMP must be explicitly enabled with this command and a
community string must be configured with the set snmp community command. In addition to
enabling SNMP with this command, SNMPv3 is disabled until an SNMPv3 user is explicitly
configured.
If you disable SNMP with this command, no requests are accepted (SNMPv1, SNMPv2c, or
SNMPv3). However, if no community strings and no SNMPv3 users are configured, then all
incoming requests will be dropped at validation, effectively disabling SNMP.

Example
The following example enables SNMP management on the Matrix X Router and defines a
community string of “netops,” allowing communication with the Matrix X Router via SNMPv1 or
SNMPv2.
matrix-x(switch-su)-> set snmp enable
matrix-x(switch-su)-> set snmp community netops

18-2 SNMP Commands

Enabling/Disabling SNMP and Reviewing SNMP Statistics

show snmp status

This command displays the current status of SNMP management.

Syntax
show snmp status

Parameters
None.

Defaults
By default, SNMP management is disabled.

Mode
Switch mode, read‐only.

Usage
This command displays whether SNMP management is enabled or disabled.

Example
The following example shows the output when SNMP is disabled.
matrix-x(switch-su)-> show snmp status
Snmp currently disabled

show snmp engineid

This command displays the SNMP local engine ID, the SNMP v3 engine’s administratively unique
identifier.

Syntax
show snmp engineid

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays SNMP engine properties:
matrix-x(switch-su)-> show snmp engineid
EngineId: 80:00:15:f8:03:00:e0:63:9d:b5:87

Matrix X Router Command Line Interface Reference Guide 18-3

Enabling/Disabling SNMP and Reviewing SNMP Statistics

Engine Boots = 12
Engine Time = 162181
Max Msg Size = 2048

The following table shows a detailed explanation of the command output.

Output What It Displays...

EngineId String identifying the SNMP agent on the device.

Engine Boots Number of times the SNMP engine has been started or
reinitialized.

Engine Time Time in seconds since last reboot.

Max Msg Size Maximum accepted length, in bytes, of SNMP frame.

show snmp counters

This command displays SNMP traffic counter values.

Syntax
show snmp counters

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays the SNMP counters.
matrix-x(switch-su)-> show snmp counters

--- mib2 SNMP group counters:

snmpInPkts = 396601
snmpOutPkts = 396601
snmpInBadVersions = 0
snmpInBadCommunityNames = 0
snmpInBadCommunityUses = 0
snmpInASNParseErrs = 0
snmpInTooBigs = 0
snmpInNoSuchNames = 0
snmpInBadValues = 0
snmpInReadOnlys = 0
snmpInGenErrs = 0
snmpInTotalReqVars = 403661
snmpInTotalSetVars = 534

18-4 SNMP Commands

Enabling/Disabling SNMP and Reviewing SNMP Statistics

snmpInGetRequests = 290
snmpInGetNexts = 396279
snmpInSetRequests = 32
snmpInGetResponses = 0
snmpInTraps = 0
snmpOutTooBigs = 0
snmpOutNoSuchNames = 11
snmpOutBadValues = 0
snmpOutGenErrs = 0
snmpOutGetRequests = 0
snmpOutGetNexts = 0
snmpOutSetRequests = 0
snmpOutGetResponses = 396601
snmpOutTraps = 0
snmpSilentDrops = 0
snmpProxyDrops = 0

--- USM Stats counters:

usmStatsUnsupportedSecLevels = 0
usmStatsNotInTimeWindows = 0
usmStatsUnknownUserNames = 0
usmStatsUnknownEngineIDs = 0
usmStatsWrongDigests = 0
usmStatsDecryptionErrors = 0

The following table shows a detailed explanation of the command output.

Output What It Displays...

snmpInPkts Number of messages delivered to the SNMP entity from the transport
service.

snmpOutPkts Number of SNMP messages passed from the SNMP protocol entity to
the transport service.

snmpInBadVersions Number of SNMP messages delivered to the SNMP entity for an

unsupported SNMP version.

snmpInBadCommunityNames Number of SNMP messages delivered to the SNMP entity that used an
SNMP community name not known to the entity.

snmpInBadCommunityUses Number of SNMP messages delivered to the SNMP entity that

represented an SNMP operation not allowed by the SNMP community
named in the message.

snmpInASNParseErrs Number of ASN.1 (Abstract Syntax Notation) or BER (Basic Encoding

Rules) errors encountered by the SNMP entity when decoding received
SNMP messages.

snmpInTooBigs Number of SNMP PDUs delivered to the SNMP protocol entity with the
value of the error-status field as "tooBig."

snmpInNoSuchNames Number of SNMP PDUs delivered to the SNMP protocol entity with the
value of the error-status field as "noSuchName."

snmpInBadValues Number of SNMP PDUs delivered to the SNMP protocol entity with the
value of the error-status field as "badValue."

snmpInReadOnlys Number of valid SNMP PDUs delivered to the SNMP protocol entity with
the value of the error-status field as "ReadOnly."

Matrix X Router Command Line Interface Reference Guide 18-5

Enabling/Disabling SNMP and Reviewing SNMP Statistics

Output What It Displays...

snmpInGenErrs Number of SNMP PDUs delivered to the SNMP protocol entity with the
value of the error-status field as "genErr."

snmpInTotalReqVars Number of MIB objects retrieved successfully by the SNMP protocol

entity as the result of receiving valid SNMP Get-Request and Get-Next
PDUs.

snmpInTotalSetVars Number of MIB objects altered successfully by the SNMP protocol entity
as the result of receiving valid SNMP Set-Request PDUs.

snmpInGetRequests Number of SNMP Get-Request PDUs accepted and processed by the

SNMP protocol entity.

snmpInGetNexts Number of SNMP Get-Next PDUs accepted and processed by the SNMP
protocol entity.

snmpInSetRequests Number of SNMP Set-Request PDUs accepted and processed by the

SNMP protocol entity.

snmpInGetResponses Number of SNMP Get-Response PDUs accepted and processed by the

SNMP protocol entity.

snmpInTraps Number of SNMP Trap PDUs accepted and processed by the SNMP
protocol entity.

snmpOutTooBigs Number of SNMP PDUs generated by the SNMP protocol entity with the
value of the error-status field as "tooBig."

snmpOutNoSuchNames Number of SNMP PDUs generated by the SNMP protocol entity with the
value of the error-status as "noSuchName."

snmpOutBadValues Number of SNMP PDUs generated by the SNMP protocol entity with the
value of the error-status field as "badValue."

snmpOutGenErrs Number of SNMP PDUs generated by the SNMP protocol entity with the
value of the error-status field as "genErr."

snmpOutGetRequests Number of SNMP Get-Request PDUs generated by the SNMP protocol

entity.

snmpOutGetNexts Number of SNMP Get-Next PDUs generated by the SNMP protocol

entity.

snmpOutSetRequests Number of SNMP Set-Request PDUs generated by the SNMP protocol

entity.

snmpOutGetResponses Number of SNMP Get-Response PDUs generated by the SNMP protocol

entity.

snmpOutTraps Number of SNMP Trap PDUs generated by the SNMP protocol entity.

snmpSilentDrops Number of SNMP Get, Set, or Inform request error messages that were
dropped because the reply was larger than the requestor’s maximum
message size.

snmpProxyDrops Number of SNMP Get, Set, or Inform request error messages that were
dropped because the reply was larger than the proxy target’s maximum
message size.

usmStatsUnsupportedSec Number of packets received by the SNMP engine that were dropped
Levels because they requested a security level that was unknown to the SNMP
engine or otherwise unavailable.

18-6 SNMP Commands

Enabling/Disabling SNMP and Reviewing SNMP Statistics

Output What It Displays...

usmStatsNotInTimeWindows Number of packets received by the SNMP engine that were dropped
because they appeared outside of the authoritative SNMP engine's
window.

usmStatsUnknownUserNames Number of packets received by the SNMP engine that were dropped
because they referenced a user that was not known to the SNMP engine.

usmStatsUnknownEngineIDs Number of packets received by the SNMP engine that were dropped
because they referenced an snmpEngineID that was not known to the
SNMP engine.

usmStatsWrongDigests Number of packets received by the SNMP engine that were dropped
because they did not contain the expected digest value.

usmStatsDecriptionErrors Number of packets received by the SNMP engine that were dropped
because they could not be decrypted.

Matrix X Router Command Line Interface Reference Guide 18-7

Configuring SNMP Users, Groups and Communities

Purpose
These switch‐level commands are used to review and configure SNMP users, groups and
communities. SNMP users, groups and communities are defined as follows:
• User — a person registered in SNMPv3 to access SNMP management.
• Group — a collection of users who share the same SNMP access privileges.
• Community — a name used to authenticate SNMPv1 and SNMPv2 users.

Commands
The commands used to review and configure SNMP users, groups and communities are listed
below.

For information about... Refer to page...

set snmp interface 18-9

clear snmp interface 18-9

show snmp user 18-10

set snmp user 18-12

clear snmp user 18-13

show snmp group 18-13

set snmp group 18-15

clear snmp group 18-16

show snmp community 18-16

set snmp community 18-17

clear snmp community 18-18

18-8 SNMP Commands

Configuring SNMP Users, Groups and Communities

set snmp interface

This command specifies the interface used for the source IP address of the SNMP Agent when
generating traps.

Syntax
set snmp interface port-string

Parameters
port‐string A valid interface name currently configured on the system, in
media[.slot.port] format.

Defaults
The default interface is eth0.

Mode
Switch command, read‐write.

Usage
Specifies the source interface (and source IP address) to be used by the SNMP Agent when
generating SNMP traps. The interface must have an IP address assigned to it. You can use this
command to specify an interface other than eth0 if the IP address for eth0 has not been assigned.

Note: Use this command only if you have not assigned an IP address to eth0.

Example
This example sets the SNMP interface to VLAN 100.
matrix-x(switch-rw)-> set snmp interface vlan.1.100

clear snmp interface

This command sets the interface used for the source IP address of the SNMP Agent when
generating traps back to the default of eth0.

Syntax
clear snmp interface

Parameters
None.

Defaults
None.

Matrix X Router Command Line Interface Reference Guide 18-9

Configuring SNMP Users, Groups and Communities

Mode
Switch command, read‐write.

Usage
Use this command to set the interface used for the source IP address of the SNMP Agent when
generating traps back to the default of eth0. The eth0 interface must have an IP address assigned
to it.
This command is equivalent to executing set snmp interface eth0.

Example
This example sets the SNMP interface to eth0.
matrix-x(switch-rw)-> clear snmp interface

show snmp user

This command displays data about SNMP users ‐ people registered to access SNMP management.

Syntax
show snmp user [list] | [user] | [remote remote ] [volatile | nonvolatile]

Parameters

list (Optional) Displays a list of registered SNMP user names.

user (Optional) Displays information about a specific user.
remote remote (Optional) Displays information about users on a specific remote
SNMP engine.
volatile | nonvolatile (Optional) Displays user information for a specified storage type.

Defaults
• If list is not specified, detailed SNMP information will be displayed.
• If user is not specified, information about all SNMP users will be displayed.
• If remote is not specified, user information about the local SNMP engine will be displayed.
• If a storage type is not specified, user information for all storage types will be displayed.

Mode
Switch command, read‐only.

Examples
The following example displays an SNMP user list:
matrix-x(switch-su)-> show snmp user list
guest
admin1
admin2

18-10 SNMP Commands

Configuring SNMP Users, Groups and Communities

netops

The following example displays information for the SNMP “guest” user.
matrix-x(switch-su)-> show snmp user guest

EngineId xxxxxxxxxxxxxxx= 80:00:15:f8:03:00:e0:63:9d:cb:89

Username = guest
Auth protocol = usmHMACMD5AuthProtocol
Privacy protocol = usmDESPrivProtocol
Storage type = nonVolatile
Status xxxxxxxxxxxxxxxxx= active

The table below shows a detailed explanation of the command output.

Output What It Displays...

EngineId SNMP local engine identifier.

Username SNMPv1 or v2 community name or SNMPv3 user

name.

Auth protocol Type of authentication protocol applied to this user.

Privacy protocol Whether a privacy protocol is applied when

authentication protocol is in use.

Storage type Whether entry is stored in volatile or nonvolatile

memory.

Status Status of this entry: active, notInService, or notReady.

Matrix X Router Command Line Interface Reference Guide 18-11

Configuring SNMP Users, Groups and Communities

set snmp user

This command creates a new SNMPv3 user.

Syntax
set snmp user user [remote remoteid] [authentication {md5 | sha}] [authpassword]
[privacy privpassword] [volatile | nonvolatile]

Parameters

user Specifies a name for the SNMPv3 user.

remote remoteid (Optional) Registers the user on a specific remote SNMP engine.
authentication md5 | (Optional) Specifies the authentication type required for this user as
sha MD5 or SHA.
authpassword (Optional) Specifies a password for this user when authentication is
required. Minimum of 8 characters.
privacy privpassword (Optional) Applies encryption and specifies an encryption password.
Minimum of 8 characters
volatile | nonvolatile (Optional) Specifies a storage type for this user entry.

Defaults
• If remote is not specified, the user will be registered for the local SNMP engine.
• If authentication is not specified, no authentication will be applied.
• If privacy is not specified, no encryption will be applied.
• If storage type is not specified, nonvolatile will be applied.

Mode
Switch command, read‐write.

Example
The following example creates a new SNMP user named “netops”. By default, this user will be
registered on the local SNMP engine without authentication and encryption. Entries related to this
user will be stored in permanent (nonvolatile) memory.
matrix-x(switch-su)-> set snmp user netops

18-12 SNMP Commands

Configuring SNMP Users, Groups and Communities

clear snmp user

This command removes a user from the SNMPv3 security‐model list.

Syntax
clear snmp user user [remote remote]

Parameters

user Specifies an SNMPv3 user to remove.

remote remote (Optional) Removes the user from a specific remote SNMP engine.

Defaults
If remote is not specified, the user will be removed from the local SNMP engine.

Mode
Switch command, read‐write.

Example
The following example removes the SNMP user named “bill”:
matrix-x(switch-su)-> clear snmp user bill

show snmp group

This command displays an SNMP group configuration. An SNMP group is a collection of
SNMPv3 users who share the same access privileges.

Syntax
show snmp group [groupname groupname] [user user] [security-model {v1 | v2c | usm}]
[volatile | nonvolatile]

Parameters
groupname groupname (Optional) Displays information for a specific SNMP group.
user user (Optional) Displays information about users within the specified
group.
security‐model v1 | v2c (Optional) Displays information about groups assigned to a specific
| usm security SNMP model. The usm option is the SNMPv3 User‐based
Security Model.
volatile | nonvolatile (Optional) Displays SNMP group information for a specified storage
type.

Defaults
• If groupname is not specified, information about all SNMP groups will be displayed.
• If user is not specified, information about all SNMP users will be displayed.

Matrix X Router Command Line Interface Reference Guide 18-13

Configuring SNMP Users, Groups and Communities

• If security‐model is not specified, user information about all SNMP versions will be
displayed.
• If not specified, information for all storage types will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays SNMP group information.
matrix-x(switch-su)-> show snmp group
Security model = SNMPv1
Group name = groupRW
Security/user name = public
Storage type = nonVolatile
Status = active

Security model = SNMPv2c

Group name = groupRW
Security/user name = public
Storage type = nonVolatile
Status = active

The following table provides an explanation of the command output.

Output What It Displays...

Security model SNMP version associated with this group.

Group name Name of SNMP group.

Security/user name User belonging to the SNMP group.

Storage type Whether entry is stored in volatile or nonvolatile memory.

Status Status of this entry: active, notInService, or notReady.

18-14 SNMP Commands

Configuring SNMP Users, Groups and Communities

set snmp group

This command creates an SNMP group. It associates SNMPv3 users to a group that shares
common access privileges.

Syntax
set snmp group groupname user user security-model {v1 | v2c | usm} [volatile |
nonvolatile]

Parameters

groupname Specifies an SNMP group name to create.

user user Specifies an SNMPv3 user name to assign to the group.
security‐model v1 | v2c Specifies an SNMP security model to assign to the group. The usm
| usm option is the SNMPv3 User‐based Security Model.
volatile | nonvolatile (Optional) Specifies a storage type for SNMP entries associated with
the group.

Defaults
If storage type is not specified, nonvolatile storage will be applied.

Mode
Switch command, read‐write.

Example
The following example creates an SNMP group called “anyone”, assigns a user named “public”
and assigns SNMPv3 security to the group.
matrix-x(switch-su)-> set snmp group anyone user public security-model usm

Matrix X Router Command Line Interface Reference Guide 18-15

Configuring SNMP Users, Groups and Communities

clear snmp group

This command clears SNMP group settings globally or for a specific SNMP group and user.

Syntax
clear snmp group groupname user [security-model {v1 | v2c | usm}]

Parameters

groupname Specifies the SNMP group to be cleared.

Example
The following example deletes the community name “vip.”
matrix-x(switch-su)->clear snmp community vip

18-18 SNMP Commands

Configuring SNMP Access Rights

Purpose
These switch‐level commands are used to review and configure SNMP access rights, assigning
viewing privileges and security levels to SNMP user groups.

Commands
The commands used to review and configure SNMP access are listed below.

For information about... Refer to page...

show snmp access 18-19

set snmp access 18-21

clear snmp access 18-22

show snmp access

This command displays access rights and security levels configured for SNMP one or more
groups.

Syntax
show snmp access [groupname] [security-model {v1 | v2c | usm}] [noauthentication
| authentication | privacy] [context context] [volatile | nonvolatile | read-only]

Parameters

groupname (Optional) Displays access information for a specific SNMPv3 group.

security‐model v1 | v2c (Optional) Displays access information for SNMP security model
| usm version 1, 2c or 3 (usm).
noauthentication | (Optional) Displays access information for a specific security level.
authentication | privacy
context context (Optional) For this release, the Matrix X Router only supports one
SNMP context which is the “default context”. There is no need to
configure this parameter.
volatile | nonvolatile (Optional) Displays access entries for a specific storage type.

Defaults
• If groupname is not specified, access information for all SNMP groups will be displayed.
• If security‐model is not specified, access information for all SNMP versions will be displayed.
• If noauthentication, authentication or privacy are not specified, access information for all
security levels will be displayed.
• If volatile or nonvolatile is not specified, all entries of all storage types will be displayed.

Matrix X Router Command Line Interface Reference Guide 18-19

Configuring SNMP Access Rights

Mode
Switch command, read‐only.

Example
The following example displays SNMP access information.
matrix-x(switch-su)->show snmp access
Group = groupRW
Security model = SNMPv1
Security level = noAuthNoPriv
Read View = All
Write View = All
Notify View = All
Context match = "default context" (exact)
Storage type = nonVolatile
Status = active

Group = groupRW
Security model = SNMPv2c
Security level = noAuthNoPriv
Read View = All
Write View = All
Notify View = All
Context match = "default context" (exact)
Storage type = nonVolatile
Status = active

The following table shows a detailed explanation of the command output.

Output What It Displays...

Group SNMP group name.

Security model Security model applied to this group. Valid types are: SNMPv1,
SNMPv2c, and USM (SNMPv3 User based Security Model).

Security level Security level applied to this group. Valid levels are:
noAuthNoPrivacy (no authentication required)
AuthNoPrivacy (authentication required)
authPriv (privacy -- most secure level)

Read View Name of the view that allows this group to view SNMP MIB objects.

Write View Name of the view that allows this group to configure the contents of the
SNMP agent.
Notify View Name of the view that allows this group to send an SNMP trap message.

Context match For this release, the Matrix X Router only supports one SNMP context
which is the “default context”. There is no need to configure this
parameter.

Storage type Whether access entries for this group are stored in volatile or
nonvolatile memory.

Status Status of this entry: active, notInService, or notReady.

18-20 SNMP Commands

Configuring SNMP Access Rights

set snmp access

This command sets an SNMP access configuration.

Syntax
set snmp access groupname security-model {v1 | v2c | usm} [noauthentication |
authentication | privacy] [context context] [exact | prefix] [read read] [write
write] [notify notify] [volatile | nonvolatile]

Parameters

groupname Specifies a name for an SNMPv3 group.

security‐model v1 | v2c Specifies SNMP version 1, 2c or 3 (usm).
| usm
noauthentication | (Optional) Applies SNMP security level as no authentication,
authentication | privacy authentication (without privacy) or privacy. Privacy specifies that
messages sent on behalf of the user are protected from disclosure.
context context (Optional) For this release, the Matrix X Router only supports one
SNMP context which is the “default context”. There is no need to
exact | prefix
configure this parameter.
read read (Optional) Specifies a read access view.
write write (Optional) Specifies a write access view.
notify notify (Optional) Specifies a notify access view.
volatile | nonvolatile (Optional) Stores associated SNMP entries as temporary or
permanent.

Defaults
• If security level is not specified, no authentication will be applied.
• If read view is not specified none will be applied.
• If write view is not specified, none will be applied.
• If notify view is not specified, none will be applied.
• If storage type is not specified, nonvolatile (permanent) will be applied.

Mode
Switch command, read‐write.

Example
The following example permits the “powergroup” to manage all MIBs via SNMPv3.
matrix-x(switch-su)->set snmp access powergroup security-model usm

Matrix X Router Command Line Interface Reference Guide 18-21

Configuring SNMP Access Rights

clear snmp access

This command clears the SNMP access entry of a specific group, including its set SNMP security‐
model, and level of security.

Syntax
clear snmp access groupname security-model {v1 | v2c | usm} [noauthentication |
authentication | privacy] [context context]

Parameters

groupname Specifies the name of the SNMP group for which to clear access.
security‐model v1 | v2c Specifies the security model to be cleared for the SNMP access group.
| usm
noauthentication | (Optional) Clears a specific security level for the SNMP access group.
authentication | privacy
context context (Optional) For this release, the Matrix X Router only supports one
SNMP context which is the “default context”. There is no need to
configure this parameter.

Defaults
• If security level is not specified, all levels will be cleared.

Mode
Switch command, read‐write.

Example
This example clears SNMP version 3 access for the “mis‐group” via the authentication protocol.
matrix-x(switch-su)->clear snmp access mis-group security-model usm
authentication

18-22 SNMP Commands

Configuring SNMP MIB Views

Purpose
These switch‐level commands are used to review and configure SNMP MIB views. SNMP views
map SNMP objects to access rights.

Commands
The commands used to review and configure SNMP MIB views are listed below.

For information about... Refer to page...

show snmp view 18-23

show snmp context 18-25

set snmp view 18-25

clear snmp view 18-26

show snmp view

This command displays the MIB configuration for SNMPv3 view‐based access (VACM).

Syntax
show snmp view [viewname] [subtree oid‐or‐mibobject] [volatile | nonvolatile]

Parameters

viewname (Optional) Displays information for a specific MIB view.

subtree oid‐or‐mibobject (Optional) Displays information for a specific MIB subtree when
viewname is specified.
volatile | nonvolatile (Optional) Displays entries for a specific storage type.

Defaults
If no parameters are specified, all SNMP MIB view configuration information will be displayed.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 18-23

Configuring SNMP MIB Views

Example
The following example displays SNMP MIB view configuration information.
matrix-x(switch-su)-> show snmp view
View Name = All
Subtree OID = 1
Subtree mask =
View Type = included
Storage type = nonVolatile
Status xxxxx = active

View Name = All

Subtree OID = 0.0
Subtree mask =
View Type = included
Storage type = nonVolatile
Status xxxxx = active

View Name = Network

Subtree OID = 1.3.6.1.2.1
Subtree mask =
View Type = included
Storage type = nonVolatile
Status xxxxx = active

The following table provides an explanation of the command output. Refer to the set snmp view
command for details on how to assign variables.

Output What It Displays...

View Name Name assigned to a MIB view.

Subtree OID Name identifying a MIB subtree.

Subtree mask Bitmask applied to a MIB subtree.

View Type Whether or not subtree use must be included or excluded for this view.

Storage type Whether storage is in nonVolatile or Volatile memory

Status Status of this entry: active, notInService, or notReady.

18-24 SNMP Commands

Configuring SNMP MIB Views

show snmp context

This command displays the context list configuration for SNMP’s view‐based access control.

Syntax
show snmp context

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Usage
An SNMP context is a collection of management information that can be accessed by an SNMP
agent or entity. The default context allows all SNMP agents to access all management information
(MIBs).

Example
The following example displays a list of all SNMP contexts known to the device.
matrix-x(switch-su)-> show snmp context

--- Configured contexts:

default context (all mibs)

set snmp view

This command sets a MIB configuration for SNMPv3 view‐based access (VACM).

Syntax
set snmp view viewname viewname subtree subtree [mask mask] [included | excluded]
[volatile | nonvolatile]

Parameters

viewname viewname Specifies a name for a MIB view.

subtree subtree Specifies a MIB subtree name.
mask mask (Optional) Specifies a bitmask for a subtree. The mask must be
entered in the form of two hex digits per octet, separated by colons,
and contained within double quotes.
included | excluded (Optional) Grant or deny access to/use of subtree. Displayed as
“View Type.” The default is included.

Matrix X Router Command Line Interface Reference Guide 18-25

Configuring SNMP MIB Views

volatile | nonvolatile (Optional) Specifies the use of permanent storage. The default is
nonvolatile.

Defaults
• If not specified, mask will be set to ff:ff:ff:ff.
• If access is not specified, subtree will be set to included.
• If storage type is not specified, nonvolatile (permanent) will be applied.

Mode
Switch command, read‐write.

Example
The following example sets an SNMP MIB view to “public” with a subtree name of 1.3.6.1
included.
matrix-x(switch-su)->set snmp view viewname public subtree 1.3.6.1 included

clear snmp view

This command deletes an SNMPv3 MIB view.

Syntax
clear snmp view viewname subtree

Parameters

viewname Specifies the MIB view name to be deleted.

subtree Specifies the subtree name of the MIB view to be deleted.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example deletes SNMP MIB view “public”:
matrix-x(switch-su)->clear snmp view public 1.3.6.1

18-26 SNMP Commands

Configuring SNMP Target Parameters

Purpose
These switch‐level commands are used to review and configure SNMP target parameters, which
control where and under what circumstances SNMP notifications will be sent. A target parameter
entry can be bound to a target IP address allowed to receive SNMP notification messages with the
set snmp targetaddr command.

Commands
The commands used to review and configure SNMP target parameters are listed below.

For information about... Refer to page...

show snmp targetparams 18-27

set snmp targetparams 18-29

clear snmp targetparams 18-30

show snmp targetparams

This command displays SNMP parameters used to generate a message to a target.

Syntax
show snmp targetparams [targetParams] [volatile | nonvolatile]

Parameters

targetParams (Optional) Displays entries for a specific target parameter.

volatile | nonvolatile (Optional) Displays target parameter entries for a specific storage
type.

Defaults
• If targetParams is not specified, entries associated with all target parameters will be displayed.
• If not specified, entries of all storage types will be displayed.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 18-27

Configuring SNMP Target Parameters

Example
The following example displays SNMP target parameters information.
matrix-x(switch-su)-> show snmp targetparams
Target Parameter Name = v1ExampleParams
Security Name = public
Message Proc. Model = SNMPv1
Security Level = noAuthNoPriv
Storage type = nonVolatile
Status xxxxx xxxxxxxx= active

Target Parameter Name = v2cExampleParams

Security Name = public
Message Proc. Model = SNMPv2c
Security Level = noAuthNoPriv
Storage type = nonVolatil
Status xxxxx xxxxxxxx= active

Target Parameter Name = v3ExampleParams

Security Name = CharlieDChief
Message Proc. Model = USM
Security Level = authNoPriv
Storage type = nonVolatile
Status xxxxx xxxxxxxx= active

The following table shows a detailed explanation of the command output.

Output What It Displays...

Target Parameter Name Unique identifier for the parameter in the SNMP target parameters table.
Maximum length is 32 characters.

Security Name Security string definition.

Message Proc. Model SNMP version.

Security Level Type of security level (auth, noAuth, privacy, NoPriv)

Storage type Whether entry is stored in volatile or nonvolatile memory.

Status Status of this entry: active, notInService, or notReady.

18-28 SNMP Commands

Configuring SNMP Target Parameters

set snmp targetparams

This command sets SNMP target parameters, a named set of security/authorization criteria used
to generate a message to a target.

Syntax
set snmp targetparams paramsname user user security-model {v1 | v2c | usm} message-
processing {v1 | v2c | v3} [noauthentication | authentication | privacy] [volatile
| nonvolatile]

Parameters

paramsname Specifies a name identifying parameters used to generate SNMP

messages to a particular target.
user user Specifies an SNMPv1 or v2 community name or an SNMPv3 user
name. Maximum length is 32 characters.
security‐model v1 | v2c Specifies the SNMP security model applied to this target parameter
| usm as version 1, 2c or 3 (usm).
message‐processing Specifies the SNMP message processing model applied to this target
v1 | v2c | v3 parameter as version 1, 2c or 3.
noauthentication | (Optional) Specifies the SNMP security level applied to this target
authentication | privacy parameter as no authentication, authentication (without privacy) or
privacy. Privacy specifies that messages sent on behalf of the user are
protected from disclosure.
volatile | nonvolatile (Optional) Specifies the storage type applied to this target parameter.

Defaults
• If not specified, security level will be set to noauthentication.
• If not specified, storage type will be set to nonvolatile.

Mode
Switch command, read‐write.

Example
The following example sets SNMP target parameters named “v3ExampleParams” for a user
named “fred” using version 3 security model, version 3 message processing, and authentication.
matrix-x(switch-su)->set snmp targetparams v3ExampleParams user fred security-
model usm message-processing v3 authentication

Related Commands
set snmp targetaddr

Matrix X Router Command Line Interface Reference Guide 18-29

Configuring SNMP Target Parameters

clear snmp targetparams

This command clears the SNMP target parameter configuration.

Syntax
clear snmp targetparams targetParams

Parameters

targetParams Specifies the name of the parameter in the SNMP target parameters
table to be cleared.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example clears SNMP target parameters named “v1ExampleParams”:
matrix-x(switch-su)->clear snmp targetparams v1ExampleParams

18-30 SNMP Commands

Configuring SNMP Target Addresses

Purpose
These switch‐level commands are used to review and configure SNMP target addresses which
will receive SNMP notification messages. An address configuration can be linked to optional
SNMP transmit, or target, parameters (such as timeout, retry count, and UDP port) set with the
set snmp targetparams command. Additionally, these commands are used to indicate that
community strings should only be accepted if they originate from the specified target address.

Commands
The commands used to review and configure SNMP target addresses are listed below.

For information about... Refer to page...

show snmp targetaddr 18-31

set snmp targetaddr 18-33

clear snmp targetaddr 18-34

show snmp targetaddr

This command displays SNMP target address information.

Syntax
show snmp targetaddr [targetAddr] [volatile | nonvolatile]

Parameters

targetAddr (Optional) Displays information for a specific target address name.

volatile | nonvolatile (Optional) When target address is specified, displays target address
information for a specific storage type.

Defaults
• If targetAddr is not specified, entries for all target address names will be displayed.
• If storage type is not specified, entries of all storage types will be displayed for a target
address.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 18-31

Configuring SNMP Target Addresses

Example
The following example displays SNMP target address information:
matrix-x(switch-su)-> show snmp targetaddr
Target Address Name = labmachine
Tag List = v2cTrap
IP Address = 10.2.3.116
UDP Port# = 162
Target Mask = 255.255.255.255
Timeout = 1500
Retry count = 4
Parameters = v2cParams
Storage type = nonVolatile
Status xxxxx xxxxxxxx= active
The following table shows a detailed explanation of the command output.

Output What It Displays...

Target Address Name Unique identifier in the snmpTargetAddressTable.

Tag List Tags a location to the target address as a place to send notifications.

IP Address Target IP address.

UDP Port# Number of the UDP port of the target host to use.

Target Mask Target IP address mask.

Timeout Timeout setting for the target address.

Retry count Retry setting for the target address.

Parameters Entry in the snmpTargetParamsTable.

Storage type Whether entry is stored in volatile or nonvolatile memory.

Status Status of this entry: active, notInService, or notReady.

18-32 SNMP Commands

Configuring SNMP Target Addresses

set snmp targetaddr

This command configures an SNMP target address.

Syntax
set snmp targetaddr targetaddr ipaddr param param [udpport udpport] [mask mask]
[timeout timeout] [retries retries] [taglist taglist] [volatile | nonvolatile]

Parameters

targetaddr Specifies a unique identifier to index the snmpTargetAddrTable.

Maximum length is 32 characters.
ipaddr Specifies the IP address of the target.
param param Specifies an entry in the SNMP target parameters table, which is used
when generating a message to the target. Maximum length is 32
characters.
udpport udpport (Optional) Specifies which UDP port of the target host to use. Default
is 162.
mask mask (Optional) Specifies the IP mask of the target. Default is
255.255.255.255.
timeout timeout (Optional) Specifies the maximum round trip time allowed to
communicate to this target address. This value is in 01 seconds and
the default is 1500 (15 seconds.)
retries retries (Optional) Specifies the number of message retries allowed if a
response is not received. Default is 3.
taglist taglist (Optional) Specifies a list of SNMP notify tag values. This tags a
location to the target address as a place to send notifications. List
must be enclosed in quotes and tag values must be separated by a
space (for example: “tag 1 tag 2”)
volatile | nonvolatile (Optional) Specifies temporary (default), or permanent storage for
SNMP entries.

Defaults
• If not specified, udpport will be set to 162.
• If not specified, mask will be set to 255.255.255.255.
• If not specified, timeout will be set to 1500 (15 seconds).
• If not specified, number of retries will be set to 3.
• If taglist is not specified, none will be set.
• If not specified, storage type will be nonvolatile.

Mode
Switch command, read‐write.

Matrix X Router Command Line Interface Reference Guide 18-33

Configuring SNMP Target Addresses

Usage
The target address is a unique identifier and a specific IP address that will receive SNMP
notification messages. This address configuration can be linked to optional SNMP transmit
parameters (such as timeout, retry count, and UDP port). This command can control the address
from which community strings are accepted.

Example
The following example configures a trap notification called “TrapSink.” This trap notification will
be sent to the workstation 192.168.190.80 (which is target address “tr”). It will use security and
authorization criteria contained in a target parameters entry called “v2cExampleParams”.
matrix-x(switch-su)-> set snmp targetaddr tr 192.168.190.80 param
v2cExampleParams taglist TrapSink

Related Commands
set snmp targetparams
set snmp community

clear snmp targetaddr

This command deletes an SNMP target address entry.

Syntax
clear snmp targetaddr targetAddr

Parameters

targetAddr Specifies the target address entry to delete.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example clears SNMP target address entry “tr”;
matrix-x(switch-su)->clear snmp targetaddr tr

18-34 SNMP Commands

Configuring SNMP Notification Parameters

Purpose
These switch‐level command are used to configure SNMP notification parameters and optional
filters. Notifications are entities which handle the generation of SNMP v1 and v2 “traps” or SNMP
v3 “inform” messages to select management targets. Optional notification filters identify which
targets should not receive notifications.

About SNMP Notify Filters

Profiles indicating which targets should not receive SNMP notification messages are kept in the
NotifyFilter table. If this table is empty, meaning that no filtering is associated with any SNMP
target, then no filtering will take place. “Traps” or “informs” will be sent to all destinations in the
SNMP targetAddrTable that have tags matching those found in the NotifyTable.
When the NotifyFilter table contains profile entries, the SNMP agent will find any filter profile
name that corresponds to the target parameter name contained in an outgoing notification
message. It will then apply the appropriate subtree‐specific filter when generating notification
messages.

Commands
The commands used to configure SNMP notification parameters and filters are listed below.

For information about... Refer to page...

show snmp notify 18-36

set snmp notify 18-37

clear snmp notify 18-38

show snmp notifyfilter 18-38

set snmp notifyfilter 18-39

clear snmp notifyfilter 18-40

show snmp notifyprofile 18-41

set snmp notifyprofile 18-42

clear snmp notifyprofile 18-43

Matrix X Router Command Line Interface Reference Guide 18-35

Configuring SNMP Notification Parameters

show snmp notify

This command displays the SNMP notify configuration, which determines which management
targets will receive SNMP notifications.

Syntax
show snmp notify [notify] [volatile | nonvolatile

Parameters
notify (Optional) Displays notify entries for a specific notify name.
volatile | nonvolatile (Optional) Displays notify entries for a specific storage type.

Defaults
• If a notify name is not specified, all entries will be displayed.
• If volatile, nonvolatile is not specified, all storage type entries will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays the SNMP notify information.
matrix-x(switch-su)-> show snmp notify

--- SNMP notifyTable information ---

Notify name = 1
Notify Tag = Console
Notify Type = trap
Storage type = nonVolatile
Status xxxxx = active

Notify name = 2
Notify Tag = TrapSink
Notify Type = trap
Storage type = nonVolatile
Status xxxxx = active

The following table shows a detailed explanation of the command output.

Output What It Displays...

Notify name A unique identifier used to index the SNMP notify table.

Notify Tag Name of the entry in the SNMP notify table.

Notify Type Type of notification: SNMPv1 or v2 trap or SNMPv3

InformRequest message.

Storage type Whether access entry is stored in volatile or nonvolatile memory.

Status Status of this entry: active, notInService, or notReady.

18-36 SNMP Commands

Configuring SNMP Notification Parameters

set snmp notify

This command sets the SNMP notify configuration.

Syntax
set snmp notify notify tag tag [trap | inform] [volatile | nonvolatile]

Parameters
notify Specifies an SNMP notify name.
tag tag Specifies an single SNMP notify tag. This binds the notify name to
the SNMP target address table. The string must be in quotes and
contain no spaces.
trap | inform (Optional) Specifies SNMPv1 or v2 Trap messages (default) or
SNMPv3 InformRequest messages. Trap is the default.
volatile | nonvolatile (Optional) Specifies temporary (default), or permanent storage for
SNMP entries. Nonvolatile is the default.

Defaults
• If not specified, message type will be set to trap.
• If not specified, storage type will be set to nonvolatile.

Mode
Switch command, read‐write.

Usage
This command creates an entry in the SNMP notify table, which is used to select management
targets who should receive notification messages. The tag parameter can be used to bind each
entry to a target address using the set snmp targetaddr command.

Example
The following example sets an SNMP notify configuration with a notify name of “hello” and a
notify tag of “world”. Notifications will be sent as trap messages and storage type will
automatically default to permanent.
matrix-x(switch-su)-> set snmp notify hello tag world trap

Matrix X Router Command Line Interface Reference Guide 18-37

Configuring SNMP Notification Parameters

clear snmp notify

This command clears an SNMP notify configuration.

Syntax
clear snmp notify notify

Parameters
notify Specifies an SNMP notify name to clear.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example clears the SNMP notify configuration for “hello”:
matrix-x(switch-su)-> clear snmp notify hello

show snmp notifyfilter

This command displays SNMP notify filter information, identifying which profiles will not receive
SNMP notifications.

Syntax
show snmp notifyfilter [profile] [subtree oid-or-mibobject] [volatile |
nonvolatile]

Parameters
profile (Optional) Displays a specific notify filter.
subtree oid‐or‐mibobject (Optional) Displays a notify filter within a specific subtree.
volatile | nonvolatile (Optional) Displays notify filter entries of a specific storage type.

Defaults
If no parameters are specified, all notify filter information will be displayed.

Mode
Switch command, read‐only.

Usage
Refer to RFC 3413 and “About SNMP Notify Filters” on page 18‐35 for more information about
notify filters.

18-38 SNMP Commands

Configuring SNMP Notification Parameters

Example
The following example displays SNMP notify filter information. In this case, the notify profile
“pilot1” in subtree 1.3.6 will not receive SNMP notification messages.
matrix-x(switch-su)-> show snmp notifyfilter
Profile = pilot1
Subtree = 1.3.6
Subtree mask
Filter type = included
Storage type = nonVolatile
Status xxxxx = active

set snmp notifyfilter

This command creatse an SNMP notify filter configuration. It identifies which management
targets should NOT receive notification messages, which is useful for fine‐tuning the amount of
SNMP traffic generated.

Syntax
set snmp notifyfilter profile subtree oid-or-mibobject [mask mask] [included |
excluded] [volatile | nonvolatile]

Parameters
profile Specifies an SNMP filter notify name.
subtree oid‐or‐mibobject Specifies a MIB subtree ID target for the filter.
mask mask (Optional) Applies a subtree mask.
The mask must be entered in the form of two hex digits per octet,
separated by colons, and contained within double quotes.
included | excluded (Optional) Specifies that subtree is included or excluded. Default is
included.
volatile | nonvolatile (Optional) Specifies a storage type. Default is nonvolatile.

Defaults
• If not specified, mask is not set.
• If access is not specified, it will beset to included.
• If storage type is not specified, nonvolatile (permanent) will be applied.

Mode
Switch command, read‐write.

Usage
Refer to RFC 3413 and “About SNMP Notify Filters” on page 18‐35 for more information about
notify filters.

Matrix X Router Command Line Interface Reference Guide 18-39

Configuring SNMP Notification Parameters

Examples
The following example creates an SNMP notify filter called “pilot1” with a MIB subtree ID of 1.3.6:
matrix-x(switch-su)-> set snmp notifyfilter pilot1 subtree 1.3.6

The following example creates a notify filter with a subtree mask:

matrix-x(switch-su)-> set snmp notifyfilter admin1 subtree 1.5.5 mask
“a1:bc:99:00”

clear snmp notifyfilter

This command deletes an SNMP notify filter configuration.

Syntax
clear snmp notifyfilter profile subtree oid-or-mibobject

Parameters
profile Specifies an SNMP filter notify name to delete.
subtree oid‐or‐mibobject Specifies a MIB subtree ID containing the filter to be deleted.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Refer to RFC 3413 and “About SNMP Notify Filters” on page 18‐35 for more information about
notify filters.

Example
The following example deletes the SNMP notify filter “pilot1”.
matrix-x(switch-su)->clear snmp notifyfilter pilot1 subtree 1.3.6

18-40 SNMP Commands

Configuring SNMP Notification Parameters

show snmp notifyprofile

This command displays SNMP notify profile information. It associates target parameters to an
SNMP notify filter to determine who should not receive SNMP notifications.

Syntax
show snmp notifyprofile [profile] [targetparam targetparam] [volatile |
nonvolatile ]

Parameters
profile (Optional) Displays a specific notify profile.
targetparam targetparam (Optional) Displays entries for a specific target parameter.
volatile | nonvolatile (Optional) Displays notify filter entries of a specific storage type.

Defaults
If no parameters are specified, all notify profile information will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays SNMP notify information for the profile named “area51”.
matrix-x(switch-su)-> show snmp notifyprofile area51
Notify Profile = area51
TargetParam = v3ExampleParams
Storage type = nonVolatile
Status xxxxx = active

Matrix X Router Command Line Interface Reference Guide 18-41

Configuring SNMP Notification Parameters

set snmp notifyprofile

This command creates an SNMP notify filter profile configuration.

Syntax
set snmp notifyprofile profile targetparam targetparam [volatile | nonvolatile]

Parameters
profile Specifies an SNMP filter notify name.
targetparam targetparam Specifies an associated entry in the SNMP Target Params Table.
volatile | nonvolatile (Optional) Specifies a storage type.

Defaults
If storage type is not specified, nonvolatile (permanent) will be applied.

Mode
Switch command, read‐write.

Usage
This command associates a notification filter, created with the set snmp notifyfilter command, to a
set of SNMP target parameters (set snmp targetparams) to determine which management targets
should not receive SNMP notifications.

Example
The following example creates an SNMP notify profile named area51 and associate a target
parameters entry.
matrix-x(switch-su)->set snmp notifyprofile area51 targetparam v3ExampleParams

18-42 SNMP Commands

Configuring SNMP Notification Parameters

clear snmp notifyprofile

This command deletes an SNMP notify profile configuration.

Syntax
clear snmp notifyprofile profile targetparam targetparam

Parameters
profile Specifies an SNMP filter notify name to delete.
targetparam targetparam Specifies an associated entry in the snmpTargetParamsTable.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example deletes SNMP notify profile “area51”.
matrix-x(switch-su)->clear snmp notifyprofile area51 targetparam v3ExampleParams

Matrix X Router Command Line Interface Reference Guide 18-43

Configuring SNMP Notification Parameters

18-44 SNMP Commands

19
Spanning Tree Commands

Overview
This chapter describes the Spanning Tree Configuration set of commands and how to use them.
The commands are separated into two groups. The first group of commands are used to review
and set spanning tree bridge parameters. The second group of commands are used to review and
set spanning tree port parameters.

For information about... Refer to page...

Reviewing and Setting Spanning Tree Bridge Parameters 19-1

Reviewing and Setting Spanning Tree Port Parameters 19-36

Reviewing and Setting Spanning Tree Bridge Parameters

Purpose
These switch commands are used to display and set Spanning Tree bridge parameters, including
device priorities, hello time, maximum age time, forward delay, path cost, topology change trap
suppression, and transmit hold count.

Commands
The commands used to review and set Spanning Tree bridge parameters are listed below.

For information about... Refer to page...

show spantree stats 19-4

show spantree version 19-6

set spantree version 19-6

clear spantree version 19-7

set spantree stpmode 19-8

clear spantree stpmode 19-8

show spantree mstilist 19-9

set spantree msti 19-9

clear spantree msti 19-10

Matrix X Router Command Line Interface Reference Guide 19-1

Reviewing and Setting Spanning Tree Bridge Parameters

For information about... Refer to page...

show spantree mstmap 19-10

set spantree mstmap 19-11

clear spantree mstmap 19-11

show spantree vlanlist 19-12

show spantree mstcfgid 19-12

set spantree mstcfgid 19-13

clear spantree mstcfgid 19-14

set spantree priority 19-14

clear spantree priority 19-15

show spantree bridgehellomode 19-16

set spantree bridgehellomode 19-16

clear spantree bridgehellomode 19-17

set spantree hello 19-17

clear spantree hello 19-18

set spantree maxage 19-19

clear spantree maxage 19-19

set spantree fwddelay 19-20

clear spantree fwddelay 19-21

show spantree autoedge 19-21

set spantree autoedge 19-22

clear spantree autoedge 19-22

show spantree legacypathcost 19-23

set spantree legacypathcost 19-23

clear spantree legacypathcost 19-24

show spantree tctrapsuppress 19-24

set spantree tctrapsuppress 19-25

clear spantree tctrapsuppress 19-26

show spantree txholdcount 19-26

set spantree txholdcount 19-27

clear spantree txholdcount 19-27

set spantree maxhops 19-28

clear spantree maxhops 19-28

show spantree spanguard 19-29

set spantree spanguard 19-29

19-2 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

For information about... Refer to page...

clear spantree spanguard 19-30

show spantree spanguardtimeout 19-30

set spantree spanguardtimeout 19-31

clear spantree spanguardtimeout 19-31

show spantree spanguardlock 19-32

clear spantree spanguardlock 19-32

set spantree spanguardlock 19-33

show spantree debug 19-33

clear spantree debug 19-35

Matrix X Router Command Line Interface Reference Guide 19-3

Reviewing and Setting Spanning Tree Bridge Parameters

show spantree stats

This command displays Spanning Tree information for one or more ports.

Syntax
show spantree stats [port port-string] [sid sid] [active]

Parameters
port (Optional) Displays information for the specified ports. For a detailed
port‐string description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.
sid sid (Optional) Displays information for a specific Spanning Tree identifier. If
not specified, SID 0 is assumed.
active (Optional) Displays information for ports that have received STP BPDUs
since boot.

Defaults
• If port‐string is not specified, no port information will be displayed.
• If sid is not specified, information for Spanning Tree 0 will be displayed.
• If active is not specified, information for all specified ports will be displayed regardless of
whether or not they have received BPDUs.

Mode
Switch command, read‐only.

Example
The following example displays the device’s Spanning Tree configuration.
matrix-x(switch-su)-> show spantree stats

Spanning tree status - enabled

Spanning tree instance - 0
Designated Root MacAddr - 00-00-1d-00-00-01
Designated Root Priority - 32768
Designated Root Cost - 0
Designated Root Port - 0
Root Max Age - 20 sec
Root Hello Time - 2 sec
Root Forward Delay - 15 sec
Bridge ID MAC Address - 00-00-1d-00-00-01
Bridge ID Priority - 32768
Bridge Max Age - 20 sec
Bridge Hello Time - 2 sec
Bridge Forward Delay - 15 sec
Topology Change Count - 0
Time Since Top Change - 00 days 00:08:53
Max Hops - 20

The following table shows a detailed explanation of command output.

19-4 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

Output What It Displays...

Spanning tree instance Spanning Tree ID.

Spanning tree status Mode currently enabled.

Designated Root MacAddr MAC address of the designated Spanning Tree root bridge.

Designated Root Priority Priority of the designated root bridge. The device with the highest priority
becomes the STA root device.

Designated Root Cost Total path cost to reach the root.

Designated Root Port Port through which the root bridge can be reached.

Root Max Age Amount of time (in seconds) a BPDU packet should be considered valid.

Root Hello Time Interval (in seconds) at which the root device sends BPDU (Bridge
Protocol Data Unit) packets.

Root Forward Delay Amount of time (in seconds) the root device spends in listening or
learning mode.

Bridge ID MAC Address Unique bridge MAC address, recognized by all bridges in the network.

Bridge ID Priority Bridge priority, which is a default value, or is assigned using the set
spantree priority command.

Bridge Max Age Maximum time (in seconds) the bridge can wait without receiving a
configuration message (bridge “hello”) before attempting to reconfigure.
This is a default value, or is assigned using the set spantree maxage
command.

Bridge Hello Time Amount of time (in seconds) the bridge sends BPDUs. This is a default
value, or is assigned using the set spantree hello command.

Bridge Forward Delay Amount of time (in seconds) the bridge spends in listening or learning
mode. This is a default value, or is assigned using the set spantree
fwddelay command.

Topology Change Count Number of times topology has changed on the bridge.

Time Since Top Change Amount of time (in days, hours, minutes and seconds) since the last
topology change.
Max Hops The maximum number of hops that the information for a particular
Spanning Tree instance may traverse (via relay of BPDUs within the
applicable MST region) before being discarded. This is a default value or
is assigned using the set spantree maxhops command.

Matrix X Router Command Line Interface Reference Guide 19-5

Reviewing and Setting Spanning Tree Bridge Parameters

show spantree version

This command displays the current version of the Spanning Tree protocol running on the device.

Syntax
show spantree version

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays Spanning Tree version information for the device.
matrix-x(switch-su)-> show spantree version
Force Version is mstp

set spantree version

This command sets the version of the Spanning Tree protocol to MSTP (Multiple Spanning Tree
Protocol), RSTP (Rapid Spanning Tree Protocol) or to STP 802.1D‐compatible.

Syntax
set spantree version {mstp | stpcompatible | rstp}

Parameters
mstp Sets the version to STP 802.1s‐compatible.
stpcompatible Sets the version to STP 802.1D‐compatible.
rstp Sets the version to 802.1w‐compatible.

Defaults
MSTP.

Mode
Switch command, read‐write

19-6 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

Usage
In most networks, Spanning Tree version should not be changed from its default setting of mstp
(Multiple Spanning Tree Protocol) mode. MSTP mode is fully compatible and interoperable with
legacy STP 802.1D and Rapid Spanning Tree (RSTP) bridges. Setting the version to stpcompatible
mode will cause the bridge to transmit only 802.1D BPDUs, and will prevent non‐edge ports from
rapidly transitioning to forwarding state.

Example
The following example globally changes the Spanning Tree version from the default of MSTP to
RSTP.
matrix-x(switch-su)->set spantree version rstp

clear spantree version

This command resets the Spanning Tree version to MSTP mode.

Syntax
clear spantree version

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets the Spanning Tree version.
matrix-x(switch-su)->clear spantree version

Matrix X Router Command Line Interface Reference Guide 19-7

Reviewing and Setting Spanning Tree Bridge Parameters

set spantree stpmode

This command globally enables or disables the Spanning Tree Protocol (STP) mode.

Syntax
set spantree stpmode {none | ieee8021}

Parameters
none Disables Spanning Tree.
ieee8021 Enables 802.1 Spanning Tree mode.

Defaults
IEEE 802.1

Mode
Switch command, read‐write.

Example
The following example disables Spanning Tree.
matrix-x(switch-su)->set spantree stpmode none

clear spantree stpmode

This command resets the Spanning Tree protocol mode to the default setting of IEEE 802.1. This
re‐enables Spanning Tree.

Syntax
clear spantree stpmode

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets the STP mode to IEEE 802.1.
matrix-x(switch-su)->clear spantree stpmode

19-8 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

show spantree mstilist

This command displays a list of Multiple Spanning Tree (MST) instances configured on the device.

Syntax
show spantree mstilist

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
This example shows spanning tree instance 2 has been configured:
matrix-x(switch-su)-> show spantree mstilist
Configured Multiple Spanning Tree Instances:
2

set spantree msti

This command creates or deletes a Multiple Spanning Tree instance.

Syntax
set spantree msti [sid]sid {create | delete}

Parameters

[sid] sid Sets the Multiple Spanning Tree ID. Valid values are 1 ‐ 4094. Entering
the keyword sid is optional.
Matrix X Router supports up to 32 MST instances.
create | delete Creates or deletes an MST instance.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example creates MST instance 2, using the optional keyword sid:

Matrix X Router Command Line Interface Reference Guide 19-9

Reviewing and Setting Spanning Tree Bridge Parameters

matrix-x(switch-su)-> set spantree msti sid 2 create

clear spantree msti

This command deletes one or more Multiple Spanning Tree instances.

Syntax
clear spantree msti [sid]

Parameters
sid (Optional) Deletes a specific multiple Spanning Tree ID.

Defaults
If sid is not specified, all MST instances will be cleared.

Mode
Switch command, read‐write.

Example
The following example deletes all MST instances.
matrix-x(switch-su)-> clear spantree msti

show spantree mstmap

This command displays the mapping of a filtering database ID (FID) to a Spanning Trees. Since
VLANs are mapped to FIDs, this shows to which SID a VLAN is mapped.

Syntax
show spantree mstmap [fid fid]

Parameters
fid fid (Optional) Displays information for specific FIDs. The value of fid can
range from 2 to 4094.

Defaults
If fid is not specified, information for all assigned FIDs will be displayed.

Mode
Switch command, read‐only.

Usage
Only non‐default mappings are displayed by this command. That is, nothing mapped to sid 0 is
displayed.

19-10 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

Example
The following example displays all non‐default SID to FID mapping information.
matrix-x(switch-su)-> show spantree mstmap

Fid 20 is mapped to Sid 3

Fid 40 is mapped to Sid 3
Fid 60 is mapped to Sid 10

set spantree mstmap

This command maps a filtering database ID (FID) to a SID. Since VLANs are mapped to FIDs, this
essentially maps one or more VLAN IDs to a Spanning Tree (SID).

Syntax
set spantree mstmap fid [sid sid]

Parameters
fid Specifies one or a range of FIDs to assign to the MST, ranging from 1 to 4094, and
must correspond to a VLAN ID created using the set vlan create command.
sid sid (Optional) Specifies a Multiple Spanning Tree ID, ranging from 1 to 4094, and must
correspond to a SID created using the set spantree msti command.

Defaults
If sid is not specified, FID(s) will be mapped to Spanning Tree 0.

Mode
Switch command, read‐write.

Example
The following example maps FID 3 to SID 2.
matrix-x(switch-su)-> set spantree mstmap 3 sid 2

clear spantree mstmap

This command maps a FID back to SID 0.

Syntax
clear spantree mstmap fid

Parameters
fid Specifies one or more FIDs to reset to 0, ranging from 2 to 4094.

Defaults
If fid is not specified, all SID to FID mappings will be reset.

Matrix X Router Command Line Interface Reference Guide 19-11

Reviewing and Setting Spanning Tree Bridge Parameters

Mode
Switch command, read‐write.

Example
The following example maps FID 2 back to SID 0:
matrix-x(switch-su)-> clear spantree mstmap 2

show spantree vlanlist

This command displays the Spanning Tree IDs assigned to one or more VLANs.

Syntax
show spantree vlanlist [vlan-list]

Parameters
vlan-list (Optional) Displays VLANs assigned to specific SIDs.

Defaults
If not specified, SID assignment will be displayed for all VLANs.

Mode
Switch command, read‐only.

Example
The following example displays the SIDs mapped to VLAN 2. In this case, SID 2 is mapped to
VLAN 2. For this information to display, the SID instance must be created using the set spantree
msti command and the FIDs must be mapped to SID 2 using the set spantree mstmap command.
matrix-x(switch-su)-> show spantree vlanlist 2
Vlan 2 is mapped to Sid 2

show spantree mstcfgid

This command displays the MST configuration identifier elements, including format selector,
configuration name, revision level, and configuration digest.

Syntax
show spantree mstcfgid

Parameters
None.

Defaults
None.

19-12 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

Mode
Switch command, read‐only.

Example
The following example displays the MST configuration identifier elements. In this case, the default
revision level of 0, and the default configuration name (a string representing the bridge MAC
address) have not been changed. Refer to the set spantree mstcfgid command for information on
changing these settings.
matrix-x(switch-su)-> show spantree mstcfgid
MST Configuration Identifier:
Format Selector: 0
Configuration Name: 00:01:f4:89:51:94
Revision Level: 0
Configuration Digest: ac:36:17:7f:50:28:3c:d4:b8:38:21:d8:ab:26:de:62

set spantree mstcfgid

This command sets the MST configuration name and/or revision level.

Syntax
set spantree mstcfgid {cfgname name | rev level}

Parameters
cfgname name Specifies an MST configuration name.
rev level Specifies an MST revision level. Valid values are 0 ‐ 65535.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example sets the MST configuration name to “mstconfig”.
matrix-x(switch-su)#set spantree mstconfigid cfgname mstconfig

Matrix X Router Command Line Interface Reference Guide 19-13

Reviewing and Setting Spanning Tree Bridge Parameters

clear spantree mstcfgid

This command resets the MST revision level to a default value of 0, and the configuration name to
a default string representing the bridge MAC address.

Syntax
clear spantree mstcfgid

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets the MST configuration identifier elements to default values.
matrix-x(switch-su)#clear spantree mstcfgid

set spantree priority

This command sets the device’s Spanning Tree priority.

Syntax
set spantree priority priority [sid]

Parameters
priority Specifies the priority of the bridge, ranging from 0 to 65535 (in increments of 4096),
with 0 indicating high priority and 65535 low priority.
sid (Optional) Speicifes a specific Spanning Tree instance. If not specified, SID 0 is
assumed. Valid values range from 0 to 4094.

Defaults
• 32768 priority
• If sid is not specified, priority will be set on Spanning Tree 0.

Mode
Switch command, read‐write

Usage
The device with the highest priority becomes the Spanning Tree root device. If all devices have the
same priority, the device with the lowest MAC address will then become the root device.

19-14 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

Example
The following example sets the bridge priority to 4096 on SID 1.
matrix-x(switch-su)->set spantree priority 4096 1

clear spantree priority

This command resets the Spanning Tree priority to the default value of 32768.

Syntax
clear spantree priority [sid]

Parameters
sid (Optional) Specifies the specific Spanning Tree instance to reset
priority on. If not specified, SID 0 is assumed. Valid values range from
0 to 4094.

Defaults
If sid is not specified, priority will be reset on Spanning Tree 0.

Mode
Switch command, read‐write.

Example
The following example resets the bridge priority on SID 1.
matrix-x(switch-su)->clear spantree priority 1

Matrix X Router Command Line Interface Reference Guide 19-15

Reviewing and Setting Spanning Tree Bridge Parameters

show spantree bridgehellomode

This command displays the status of bridge hello mode on the device. When enabled, a single
bridge administrative hello time is being used. When disabled, per‐port administrative hello times
are being used.

Syntax
show spantree bridgehellomode

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays the Spanning Tree bridge hello mode. In this case, a single bridge
hello mode has been enabled using the set spantree bridgehellomode command.
matrix-x(switch-su)->show spantree bridgehellomode
Bridge Hello Mode is currently enabled.

set spantree bridgehellomode

This command enables or disables bridge hello mode on the device.

Syntax
set spantree bridgehellomode {enable | disable}

Parameters
enable Enables single Spanning Tree bridge hello mode.
disable Disables single Spanning Tree bridge hello mode, allowing for the
configuration of per‐port hello times.

Defaults
Enabled.

Mode
Switch command, read‐write.

19-16 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

Usage
When bridge hello mode is enabled, a single bridge administrative hello time is used. When
bridge hello mode is disabled, per‐port administrative hello times are used. Per‐port hello times
can be configured using the set spantree porthello command.

Example
The following example disables single Spanning Tree hello mode on the device. Per‐port hello
times can now be configured using the set spantree porthello command:
matrix-x(switch-su)->set spantree bridgehellomode disable

clear spantree bridgehellomode

This command resets the Spanning Tree administrative hello mode to enabled.

Syntax
clear spantree bridgehellomode

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets the Spanning Tree bridge hello mode to enabled:
matrix-x(switch-su)#clear spantree bridgehellomode

set spantree hello

This command sets the device’s Spanning Tree hello interval.

Syntax
set spantree hello sec

Parameters
sec Specifies the interval in seconds the system waits before broadcasting a bridge hello
message (a multicast message indicating that the system is active). Valid values
range from 1 to 10 seconds.

Defaults
2 seconds.

Matrix X Router Command Line Interface Reference Guide 19-17

Reviewing and Setting Spanning Tree Bridge Parameters

Mode
Switch command, read‐write

Usage
The Spanning Tree hello time is the time interval (in seconds) the device waits between
transmissions of BPDUs indicating it is active.

Example
The following example globally sets the Spanning Tree hello time to 10 seconds:
matrix-x(switch-su)->set spantree hello 10

clear spantree hello

This command resets the Spanning Tree hello time to the default value of 2 seconds.

Syntax
clear spantree hello

Parameters
None

Defaults
None

Mode
Switch command, read‐write

Example
The following example globally resets the Spanning Tree hello interval:
matrix-x(switch-su)->clear spantree hello

19-18 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

set spantree maxage

This command sets the maximum age of a BPDU message before the message times out.

Syntax
set spantree maxage age

Parameters
age Specifies the maximum interval in seconds that the system retains data
received from other bridges through STP. Valid values range from 6 to 40
seconds.

Defaults
20 seconds.

Mode
Switch command, read‐write

Usage
The bridge maximum aging time is the maximum time (in seconds) a device can wait without
receiving a configuration message (bridge “hello”) before attempting to reconfigure. All device
ports (except for designated ports) should receive configuration messages at regular intervals.
Any port that ages out STP information provided in the last configuration message becomes the
designated port for the attached LAN. If it is a root port, a new root port is selected from among
the device ports attached to the network.

Example
The following example sets the maximum aging time to 25 seconds:
matrix-x(switch-su)-> set spantree maxage 25

clear spantree maxage

This command resets the maximum age before a BPDU message times out to the default value of
20 seconds.

Syntax
clear spantree maxage

Parameters
None.

Defaults
None.

Matrix X Router Command Line Interface Reference Guide 19-19

Reviewing and Setting Spanning Tree Bridge Parameters

Mode
Switch command, read‐write

Example
The following example globally resets the maximum aging time:
matrix-x(switch-su)-> clear spantree maxage

set spantree fwddelay

This command sets the Spanning Tree forward delay.

Syntax
set spantree fwddelay interval

Parameters
interval Sets the interval for the bridge forward delay in seconds. Valid values range from 4
to 30 seconds.

Defaults
15 seconds.

Mode
Switch command, read‐write

Usage
The forward delay value is the maximum time (in seconds) the root device will wait before
changing states (that is, from listening state to learning state to forwarding state). This delay is
required because every device must receive information about topology changes before it starts to
forward frames. In addition, each port needs time to listen for conflicting information that would
make it return to a blocking state; otherwise, temporary data loops might result.

Example
The following example globally sets the bridge forward delay to 16 seconds:
matrix-x(switch-su)-> set spantree fwddelay 16

19-20 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

clear spantree fwddelay

This command resets the Spanning Tree forward delay to the default setting of 15 seconds.

Syntax
clear spantree fwddelay

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write

Example
The following example globally resets the bridge forward delay:
matrix-x(switch-su)-> clear spantree fwddelay

show spantree autoedge

This command displays the status of automatic edge port detection.

Syntax
show spantree autoedge

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only

Example
The following example displays the status of the automatic edge port detection function:
matrix-x(switch-su)-> show spantree autoedge
Auto Edge is set to enable

Matrix X Router Command Line Interface Reference Guide 19-21

Reviewing and Setting Spanning Tree Bridge Parameters

set spantree autoedge

This command enables or disables the automatic edge port detection function.

Syntax
set spantree autoedge {disable | enable}

Parameters
disable | enable Disables or enables automatic edge port detection.

Defaults
The default is enabled.

Mode
Switch command, read‐write

Example
The following example disables automatic edge port detection:
matrix-x(switch-su)-> set spantree autoedge disable

clear spantree autoedge

This command resets automatic edge port detection to the default state of enabled.

Syntax
clear spantree autoedge

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write

Example
The following example resets automatic edge port detection to enabled:
matrix-x(switch-su)-> clear spantree autoedge

19-22 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

show spantree legacypathcost

This command displays the default Spanning Tree path cost setting.

Syntax
show spantree legacypathcost

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only

Example
The following example displays the default Spanning Tree path cost setting:
matrix-x(switch-su)-> show spantree legacypathcost
Legacy Path Cost is disabled

set spantree legacypathcost

This command enables or disables legacy (802.1D) path cost values.

Syntax
set spantree legacypathcost {disable | enable}

Parameters
disable | enable Enables or disables legacy (802.1D) path cost values.

Defaults
The default is disabled.

Mode
Switch command, read‐write

Usage
By default, legacy path cost is disabled. Enabling the device to calculate legacy path costs affects
the range of valid values that can be entered in the show spantree adminpathcost command.

Example
The following example sets the default path cost values to 802.1D:
matrix-x(switch-su)-> set spantree legacypathcost enable

Matrix X Router Command Line Interface Reference Guide 19-23

Reviewing and Setting Spanning Tree Bridge Parameters

clear spantree legacypathcost

This command sets the Spanning Tree default value for legacy path cost to 802.1t values.

Syntax
clear spantree legacypathcost

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write

Example
The following example sets the default path cost values to 802.1t:
matrix-x(switch-su)-> clear spantree legacypathcost

show spantree tctrapsuppress

This command displays the status of topology change trap suppression on Rapid Spanning Tree
edge ports.

Syntax
show spantree tctrapsuppress

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only

Example
The following example displays the status of topology change trap suppression:
matrix-x(switch-su)-> show spantree tctrapsuppress
Topology change trap suppression is currently enabled.

19-24 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

set spantree tctrapsuppress

This command disables or enables topology change trap suppression on Rapid Spanning Tree
edge ports.

Syntax
set spantree tctrapsuppress {disable | enable}

Parameters

disable | enable Disables or enables topology change trap suppression.

Defaults
Enabled

Mode
Switch command, read‐write

Usage
By default, RSTP non‐edge (bridge) ports that transition to forwarding or blocking cause the
switch to issue a topology change trap. When topology change trap suppression is enabled, which
is the device default, edge ports (such as end station PCs) are prevented from sending topology
change traps. This is because there is usually no need for network management to monitor edge
port STP transition states, such as when PCs are powered on.
When topology change trap suppression is disabled, all ports, including edge and bridge ports,
will transmit topology change traps.

Example
The following example allows Rapid Spanning Tree edge ports to transmit topology change traps:
matrix-x(switch-su)# set spantree tctrapsuppress disable

Matrix X Router Command Line Interface Reference Guide 19-25

Reviewing and Setting Spanning Tree Bridge Parameters

clear spantree tctrapsuppress

This command clears topology change trap suppression settings.

Syntax
clear spantree tctrapsuppress

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write

Example
The following example clears topology change trap suppression settings:
matrix-x(switch-su)# clear spantree tctrapsuppress

show spantree txholdcount

This command displays the maximum BPDU transmission rate.

Syntax
show spantree txholdcount

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only

Example
The following example displays the transmit hold count setting:
matrix-x(switch-su)# show spantree txholdcount
Tx hold count is 6

19-26 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

set spantree txholdcount

This command sets the maximum BPDU transmission rate. This is the number of BPDUs which
will be transmitted before transmissions are subject to a one‐second timer.

Syntax
set spantree txholdcount txholdcount

Parameters
txholdcount Specifies the maximum number of BPDUs to be transmitted before
transmissions are subject to a one‐second timer. Valid values are 1 ‐ 10.
Default value is 6.

Defaults
6

Mode
Switch command, read‐write

Example
The following example globally sets the transmit hold count to 5:
matrix-x(switch-su)# set spantree txholdcount 5

clear spantree txholdcount

This command resets the transmit hold count to the default value of 6.

Syntax
clear spantree txholdcount

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write

Example
The following example resets the transmit hold count:
matrix-x(switch-su)# clear spantree txholdcount

Matrix X Router Command Line Interface Reference Guide 19-27

Reviewing and Setting Spanning Tree Bridge Parameters

set spantree maxhops

This command sets the Spanning Tree maximum hop count. This is the maximum number of hops
that the information for a particular Spanning Tree instance may traverse (via relay of BPDUs
within the applicable MST region) before being discarded.

Syntax
set spantree maxhops max_hop_count

Parameters
max_hop_count Sets the maximum number of hops allowed, ranging from 0 to 255.

Defaults
Max Hop count: 20

Mode
Switch command, read‐write.

Example
The following example sets the maximum hop count to 40:
matrix-x(switch-su)# set spantree maxhops 40

clear spantree maxhops

This command resets the maximum hop count to the default value of 20.

Syntax
clear spantree maxhops

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets the maximum hop count to 20:
matrix-x(switch-su)# clear spantree maxhops

19-28 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

show spantree spanguard

This command displays the status of the Spanning Tree span guard function.

Syntax
show spantree spanguard

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays the span guard function status:
matrix-x(switch-su)# show spantree spanguard
Span Guard is currently disabled

set spantree spanguard

This command enables or disables the Spanning Tree span guard function.

Syntax
set spantree spanguard {enable | disable}

Parameters
enable | disable Enables or disables the span guard function.

Defaults
Disabled.

Mode
Switch command, read‐write.

Usage
When enabled, this function prevents an unauthorized bridge from becoming part of the active
Spanning Tree topology. It does this by disabling a port that receives a BPDU when that port has
been defined as an edge (user) port with the set spantree adminedge command. This port will
remain disabled until the amount of time, defined by the set spantree spanguardtimeout
command, has passed since the last seen BPDU or the port is manually unlocked, with the clear
spantree spanguardlock command.

Matrix X Router Command Line Interface Reference Guide 19-29

Reviewing and Setting Spanning Tree Bridge Parameters

Example
The following example enables the span guard function:
matrix-x(switch-su)# set spantree spanguard enable

clear spantree spanguard

This command resets the status of the Spanning Tree span guard function to disabled.

Syntax
clear spantree spanguard

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets the status of the span guard function to disabled:
matrix-x(switch-su)# clear spantree spanguard

show spantree spanguardtimeout

This command displays the Spanning Tree span guard timeout setting.

Syntax
show spantree spanguardtimeout

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays the span guard timeout setting:
matrix-x(switch-su)-> show spantree spanguardtimeout
Span Guard Timeout is set at 300 seconds.

19-30 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

set spantree spanguardtimeout

This command sets the amount of time (in seconds) an edge port will remain locked by the span
guard function.

Syntax
set spantree spanguardtimeout timeout

Parameters
timeout Specifies a timeout value in seconds. Valid values are 0 (forever) to
65535 seconds.

Defaults
300 seconds.

Mode
Switch command, read‐write.

Example
The following example sets the span guard timeout to 600 seconds:
matrix-x(switch-su)#set spantree spanguardtimeout 600

clear spantree spanguardtimeout

This command resets the Spanning Tree span guard timeout to the default value of 300 seconds.

Syntax
clear spantree spanguardtimeout

Reviewing and Setting Spanning Tree Bridge Parameters

Example
The following example unlocks all the Gigabit Ethernet ports in slot 4:
matrix-x(switch-su)# clear spantree spanguardlock ge.4.*

set spantree spanguardlock

This command unlocks one or more ports locked by the Spanning Tree span guard function.

Syntax
set spantree spanguardlock port-string

Parameters
port-string Specifies ports to unlock. For a detailed description of possible port‐
string values, refer to Port Strings Used in the CLI on page 12‐2.

Defaults
None.

Mode
Switch command, read‐write.

Usage
When span guard is enabled, it locks ports that receive BPDUs when those ports have been
defined as edge (user) ports (using the set spantree adminedge command). The command clear
spantree spanguardlock can also be used to clear the span guard lock on a port.

Example
The following example unlocks all the Gigabit Ethernet ports in slot 4:
matrix-x(switch-su)# set spantree spanguardlock ge.4.*

show spantree debug

This command displays Spanning Tree debug counters for one or more ports.

Syntax
show spantree debug [port port-string] [sid sid] [active]

Parameters
port port‐string (Optional) Displays debug counters for specific ports. For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.
sid sid (Optional) Displays the debug counters for a specific Spanning Tree
identifier. Valid values are 0 ‐ 4094. If not specified, SID 0 is assumed.

Matrix X Router Command Line Interface Reference Guide 19-33

Reviewing and Setting Spanning Tree Bridge Parameters

active (Optional) Displays only the debug counters for ports that have received at
least one configuration or RSTP BPDU.

Defaults
• If port‐string is not specified, debug counters will be displayed for all Spanning Tree ports.
• If sid is not specified, debug counters will be displayed for Spanning Tree 0.
• If active is not specified, debug counters will be displayed for active and inactive Spanning
Tree ports.

Mode
Switch command, read‐only

Example
The following example displays Spanning Tree debug counters for link aggregation port 3, SID 0:
matrix-x(switch-su)-> show spantree debug port lag.0.3

STP Diagnostic Common Counters for SID 0

-----------------------------------------
Topology Change Count - 379
Message Expiration Count - 16
Invalid BPDU Count - 0
STP BPDU Rx Count - 3
STP BPDU Tx Count - 3
STP TCN BPDU Rx Count - 335
STP TCN BPDU Tx Count - 0
STP TC BPDU Rx Count - 0
STP TC BPDU Tx Count - 0
RST BPDU Rx Count - 81812
RST BPDU Tx Count - 790319
RST TC BPDU Rx Count - 2131
RST TC BPDU Tx Count - 26623
MST BPDU Rx Count - 0
MST BPDU Tx Count - 0
MST CIST TC BPDU Rx Count - 0
MST CIST TC BPDU Tx Count - 0

STP Diagnostic Port Counters for Interface Number lag.0.3

------------------------------------------------------------
Port Role - RootPort
Message Expiration Count - 4
Invalid BPDU Count - 0
STP BPDU Rx Count - 0
STP BPDU Tx Count - 0
STP TCN BPDU Rx Count - 0
STP TCN BPDU Tx Count - 0
STP TC BPDU Rx Count - 0
STP TC BPDU Tx Count - 0
RST BPDU Rx Count - 50263
RST BPDU Tx Count - 47602
RST TC BPDU Rx Count - 497
RST TC BPDU Tx Count - 3325
MST BPDU Rx Count - 0

19-34 Spanning Tree Commands

Reviewing and Setting Spanning Tree Bridge Parameters

MST BPDU Tx Count - 0

MST CIST TC BPDU Rx Count - 0
MST CIST TC BPDU Tx Count - 0

clear spantree debug

This command clears Spanning Tree debug counters.

Syntax
clear spantree debug

Parameters
None.

Defaults
None.

Mode
Switch command, read‐write

Example
The following example clears Spanning Tree debug counters:
matrix-x(switch-su)#clear spantree debug

Matrix X Router Command Line Interface Reference Guide 19-35

Reviewing and Setting Spanning Tree Port Parameters

Purpose
These switch commands are used to display and set Spanning Tree port or module parameters,
including enabling or disabling the Spanning Tree algorithm on one or more ports, displaying
designated bridge, port and root information, displaying blocked ports, displaying and setting
Spanning Tree port priorities and costs, configuring edge port parameters, and setting point‐to‐
point protocol mode.

Commands
The commands used to review and set Spanning Tree port parameters are listed below.

For information about... Refer to page...

show spantree portenable 19-37

set spantree portenable 19-38

clear spantree portenable 19-38

show spantree portadmin 19-39

set spantree portadmin 19-39

clear spantree portadmin 19-40

set spantree protomigration 19-40

show spantree portstate 19-41

show spantree blockedports 19-42

show spantree portpri 19-43

set spantree portpri 19-44

clear spantree portpri 19-44

set spantree porthello 19-45

clear spantree porthello 19-46

show spantree portcost 19-47

show spantree adminpathcost 19-47

set spantree adminpathcost 19-48

clear spantree adminpathcost 19-49

show spantree adminedge 19-49

set spantree adminedge 19-50

clear spantree adminedge 19-51

show spantree operedge 19-51

show spantree adminpoint 19-52

show spantree operpoint 19-52

19-36 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

For information about... Refer to page...

set spantree adminpoint 19-53

clear spantree adminpoint 19-54

show spantree portenable

This command displays the port status on one or more Spanning Tree ports.

Syntax
show spantree portenable [port port-string]

Parameters
port port‐string (Optional) Displays status for specific ports. For a detailed description of
possible port‐string values, refer to Port Strings Used in the CLI on
page 12‐2.

Defaults
If port‐string is not specified, status will be displayed for all ports.

Mode
Switch command, read‐only

Example
The following example displays status for port ge. 5.12:
matrix-x(switch-su)#show spantree portenable port ge.5.12
Port ge.5.12 has a Port Status of Enabled

Matrix X Router Command Line Interface Reference Guide 19-37

Reviewing and Setting Spanning Tree Port Parameters

set spantree portenable

This command sets the port status on one or more Spanning Tree ports.

Syntax
set spantree portenable port-string {enable | disable}

Parameters
port-string Specifies the ports to enable or disable. Refer to Port Strings Used in the
CLI on page 12‐2 for a detailed description of port‐string values.
enable | disable Enables or disables the Spanning Tree port.

Defaults
Enabled.

Mode
Switch command, read‐write

Example
The following example enables Spanning Tree port ge. 5. 12:
matrix-x(switch-su)#set spantree portenable ge.5.12

clear spantree portenable

This command resets the default value for one or more Spanning Tree ports to enabled.

Syntax
clear spantree portenable [port-string]

Parameters
port-string (Optional) Resets port enable of specific ports. Refer to Port Strings Used
in the CLI on page 12‐2 for a detailed description of port‐string values.

Defaults
If port‐string is not specified, port enable will be reset on all ports.

Mode
Switch command, read‐write

Example
The following example resets the default Spanning Tree port status value to enabled on ten
Gigabit port 2 in slot 1:
matrix-x(switch-su)clear spantree portenable tg.2.1

19-38 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

show spantree portadmin

This command displays the status of the Spanning Tree algorithm on one or more ports.

Syntax
show spantree portadmin [port port-string]

Parameters
port port‐string (Optional) Displays status for specific ports. Refer to Port Strings Used in
the CLI on page 12‐2 for a detailed description of port‐string values.

Defaults
If port‐string is not specified, status will be displayed for all ports.

Mode
Switch command, read‐only

Example
The following example displays port admin status for ten Gigabit Ethernet port 1 in slot 7:
matrix-x(switch-su)# show spantree portadmin port tg.7.1
Port tg.7.1 has portadmin set to enable

set spantree portadmin

This command disables or enables the Spanning Tree algorithm on one or more ports.

Syntax
set spantree portadmin port-string {disable | enable}

Parameters
port-string Specifies the ports for which to enable or disable Spanning Tree. Refer to
Port Strings Used in the CLI on page 12‐2 for a detailed description of
port‐string values.
disable | enable Disables or enables Spanning Tree.

Defaults
Disabled.

Mode
Switch command, read‐write

Example
The following example disables Spanning Tree on ten Gigabit Ethernet port 2 in slot 5:
matrix-x(switch-su)# set spantree portadmin tg.5.2 disable

Matrix X Router Command Line Interface Reference Guide 19-39

Reviewing and Setting Spanning Tree Port Parameters

clear spantree portadmin

This command resets the default Spanning Tree admin status to disable on one or more ports.

Syntax
clear spantree portadmin port-string

Parameters
port-string Resets the default admin status on specific ports. Refer to Port Strings
Used in the CLI on page 12‐2 for a detailed description of port‐string
values.

Defaults
Disable.

Mode
Switch command, read‐write

Example
The following example resets the default Spanning Tree admin state to disable Gigabit Ethernet
port 2 in slot 5:
matrix-x(switch-su)# clear spantree portadmin tg.5.2

set spantree protomigration

This command resets the protocol state migration machine for one or more Spanning Tree ports.
When operating in RSTP mode, this forces a port to transmit MSTP BPDUs.

Syntax
set spantree protomigration port-string true

Parameters
port-string Specifies the ports for which protocol migration mode will be enabled.
For a detailed description of possible port‐string values, refer to Port
Strings Used in the CLI on page 12‐2.
true Enables protocol migration mode.

Defaults
None.

Mode
Switch command, read‐write

19-40 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

Example
The following example resets the protocol state migration machine on ten Gigabit Ethernet port 2
in slot 5:
matrix-x(switch-su)# set spantree protomigration tg.5.2 true

show spantree portstate

This command displays the state (blocking, forwarding, or listening) for a port on one or more
Spanning Trees.

Syntax
show spantree portstate [port port-string] [sid sid]

Parameters
port port‐string (Optional) Displays the Spanning Tree state for specific Spanning Tree
ports. For a detailed description of possible port‐string values, refer to Port
Strings Used in the CLI on page 12‐2.
sid sid (Optional) Displays the state for a specific Spanning Tree identifier. Valid
values are 0 ‐ 4094. If not specified, SID 0 is assumed.

Defaults
• If port‐string is not specified, current state will be displayed for all Spanning Tree ports.
• If sid is not specified, current port state will be displayed for Spanning Tree 0.

Mode
Switch command, read‐only

Example
The following example displays the Spanning Tree state for ten Gigabit Ethernet port 2 in slot 7:
matrix-x(switch-su)# show spantree portstate port tg.7.2
Port tg.7.2 has a Port State of Forwarding on SID 0

Matrix X Router Command Line Interface Reference Guide 19-41

Reviewing and Setting Spanning Tree Port Parameters

show spantree blockedports

This command displays the ports in a Spanning Tree that are enabled, have link and are blocked.
Ports that do not have link or are disabled are not displayed.

Syntax
show spantree blockedports [sid]

Parameters

sid (Optional) Displays ports on a specific Spanning Tree that are enabled,
have link and are blocked, ranging from 0 to 4094.

Defaults
If sid is not specified, blocked ports will be displayed for Spanning Tree 0.

Mode
Switch command, read‐only.

Usage
A port in a blocked state is enabled and has link but does not participate in the transmission of
frames, thus preventing duplication arising through multiple paths existing in the active topology
of the bridged LAN. It receives Spanning Tree configuration messages, but does not forward
packets.

Example
The following example displays blocked ports on SID 1:
matrix-x(switch-su)# show spantree blockedports 1
1 ge.5.1
1 ge.5.3
1 ge.5.5
1 ge.5.6
1 ge.5.7
1 ge.5.8
1 ge.5.10
1 ge.5.11
1 ge.5.12

Number of blocked ports in SID 1 : 9

19-42 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

show spantree portpri

This command shows the Spanning Tree priority for one or more ports. Port priority is a
component of the port ID, which is one element used in determining Spanning Tree port roles.

Syntax
show spantree portpri [port port-string] [sid sid]

Parameters
port port‐string (Optional) Specifies the ports for which to display Spanning Tree priority.
For a detailed description of possible port‐string values, refer to Port Strings
Used in the CLI on page 12‐2.
sid sid (Optional) Displays port priority for a specific Spanning Tree identifier.
Valid values are 0 ‐ 4094. If not specified, SID 0 is assumed.

Defaults
• If port‐string is not specified, port priority will be displayed for all Spanning Tree ports.
• If sid is not specified, port priority will be displayed for Spanning Tree 0.

Mode
Switch command, read‐only.

Example
The following example displays the port priority for ten Gigabit Ethernet port 2 in slot 7:
matrix-x(switch-su)# show spantree portpri port tg.7.2
Port tg.7.2 has a Port Priority of 128 on SID 0

Matrix X Router Command Line Interface Reference Guide 19-43

Reviewing and Setting Spanning Tree Port Parameters

set spantree portpri

This command sets a port’s Spanning Tree priority.

Syntax
set spantree portpri port-string priority [sid sid]

Parameters
port-string Specifies the ports for which to set Spanning Tree port priority. For a
detailed description of possible port‐string values, refer to Port Strings
Used in the CLI on page 12‐2.
priority Specifies a number that represents the priority of a link in a Spanning Tree
bridge, ranging from 0 to 240 (in increments of 16) with 0 indicating high
priority.
sid sid (Optional) Sets port priority for a specific Spanning Tree identifier. Valid
values are 0 ‐ 4094. If not specified, SID 0 is assumed.

Defaults
If sid is not specified, port priority will be set for Spanning Tree 0.

Mode
Switch command, read‐write.

Example
The following example sets the priority of Gigabit Ethernet port 3 in slot 1 to 240 on SID 1.
matrix-x(switch-su)# set spantree portpri ge.1.3 240 sid 1

clear spantree portpri

This command resets the bridge priority of a Spanning Tree port to a default value of 128.

Syntax
clear spantree portpri port-string [sid sid]

Parameters
port‐string Specifies the ports for which to set Spanning Tree port priority. For a
detailed description of possible port‐string values, refer to Port Strings
Used in the CLI on page 12‐2.
sid sid (Optional) Resets the port priority for a specific Spanning Tree identifier.
Valid values are 0 ‐ 4094. If not specified, SID 0 will be assumed.

Defaults
If sid is not specified, port priority will be set for Spanning Tree 0.

19-44 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

Mode
Switch command, read‐write.

Example
The following example resets the priority of Gigabit Ethernet port 3 in slot 1 to 128 on SID 1.
matrix-x(switch-su)#clear spantree portpri ge.1.3 sid 1

set spantree porthello

This command sets the hello time for one or more Spanning Tree ports.

Syntax
set spantree porthello port-string interval

Parameters
port‐string Specifies the ports for which to set hello time.
interval Specifies the number of seconds the system waits before broadcasting a
bridge hello message. Valid values are 1 ‐ 10.

Defaults
2 seconds.

Mode
Switch command, read‐write.

Usage
This command sets the Spanning Tree port hello time, which is the time interval in seconds the
ports will transmit BPDUs.
This command can be executed only if bridge hello mode is disabled. Refer to the set spantree
bridgehellomode command for information about disabling bridge hello mode.

Example
The following example sets the hello time to 10 seconds for port ge.1.4:
matrix-x(switch-su)#set spantree porthello ge.1.4 10

Matrix X Router Command Line Interface Reference Guide 19-45

Reviewing and Setting Spanning Tree Port Parameters

clear spantree porthello

This command resets the hello time for one or more Spanning Tree ports to the default.

Syntax
clear spantree porthello port-string

Parameters
port‐string Specifies the ports for which to reset hello time.

Defaults
2 seconds

Mode
Switch command, read‐write.

Example
The following example resets the hello time to 2 seconds for port ge.1.4:
matrix-x(switch-su)#clear spantree porthello ge.1.4

show spantree porthello

This command displays the hello time for all ports.

Syntax
show spantree porthello [port-range]

Parameters
port‐string (Optional) Specifies the ports for which to display.

Defaults
If a port string is not specified, the hello time for all ports is displayed.

Mode
Switch, read‐only.

Example
The following example shows the port hello time for all ports.
matrix-x(switch-su)-> show spantree porthello
Port hello time for port lag.0.1 is 2 seconds.
Port hello time for port lag.0.2 is 2 seconds.
Port hello time for port lag.0.3 is 2 seconds.
Port hello time for port lag.0.4 is 2 seconds.
--More-- <space> forward, <!> dump all output, <q> quit :

19-46 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

show spantree portcost

This command displays cost values assigned to one or more Spanning Tree ports.

Syntax
show spantree portcost [port port-string] [sid sid]

Parameters
port port‐string (Optional) Displays cost values for specific ports. For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2
sid sid (Optional) Displays port cost for a specific Spanning Tree identifier. Valid
values are 0 ‐ 4094. If not specified, SID 0 will be assumed.

Defaults
• If port‐string is not specified, port cost will be displayed for all Spanning Tree ports.
• If sid is not specified, port cost will be displayed for all Spanning Trees.

Mode
Switch command, read‐only

Example
The following example displays the port cost for Gigabit Ethernet port 21 in slot 7:
matrix-x(switch-su)# show spantree portcost port ge.7.21
Port ge.7.21 has a Port Path Cost of 20000 on SID 0

show spantree adminpathcost

This command displays the admin path cost for a port on one or more Spanning Trees.

Syntax
show spantree adminpathcost [port port-string] [sid sid]

Parameters
port port‐string (Optional) Displays the admin path cost value for specific ports. For a
detailed description of possible port‐string values, refer to Port Strings
Used in the CLI on page 12‐2.
sid sid (Optional) Displays the admin path cost for a specific Spanning Tree
identifier. Valid values are 0 ‐ 4094. If not specified, SID 0 will be assumed.

Defaults
• If port‐string is not specified, admin path cost for all Spanning Tree ports will be displayed.
• If sid is not specified, admin path cost for Spanning Tree 0 will be displayed.

Matrix X Router Command Line Interface Reference Guide 19-47

Reviewing and Setting Spanning Tree Port Parameters

Mode
Switch command, read‐only

Example
The following example displays the admin path cost for Gigabit Ethernet port 10 in slot 7 on SID 1:
matrix-x(switch-su)# show spantree adminpathcost port ge.7.10 sid 1
Port ge.7.18 has a Port Admin Path Cost of 0 on SID 1

set spantree adminpathcost

This command sets the administrative path cost on a port and one or more Spanning Trees.

Syntax
set spantree adminpathcost port-string cost [sid sid]

Parameters

port‐string Sets the ports on which to set an admin path cost. Refer to Port Strings
Used in the CLI on page 12‐2 for a detailed description of port‐string
values.
cost Specifies the port path cost. Va1id values are:
0 ‐ 65535 if legacy path cost is enabled.
0 ‐ 200000000 if legacy path cost is disabled.
sid sid (Optional) Sets the admin path cost for a specific Spanning Tree identifier.
Valid values are 0 ‐ 4094. If not specified, SID 0 will be assumed.

Defaults
If sid is not specified, admin path cost will be set for Spanning Tree 0.

Mode
Switch command, read‐write

Usage
By default, the admin path cost value is set to 0, which forces the port to recalculate Spanning Tree
path cost based on the speed of the port and whether or not legacy path cost is enabled. Refer to
the set spantree legacypathcost command for more details.

Example
The following example sets the admin path cost to 200 for Gigabit Ethernet port 10 in slot 7 on SID
1:
matrix-x(switch-su)# set spantree adminpathcost ge.7.10 200 sid 1

19-48 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

clear spantree adminpathcost

This command resets the Spanning Tree default value for port admin path cost to 0.

Syntax
clear spantree adminpathcost port-string [sid sid]

Parameters
port‐string Specifies the ports for which to reset admin path cost. For a detailed
description of possible port‐string values, refer to Port Strings Used in
the CLI on page 12‐2.
sid sid (Optional) Resets the admin path cost for specific Spanning Tree.
Valid values are 0 ‐ 4094. If not specified, SID 0 is assumed.

Defaults
If sid is not specified, admin path cost will be reset for Spanning Tree 0.

Mode
Switch command, read‐write

Usage
This command will force Spanning Tree path cost to be recalculated on specified ports based on
whether or not set spantree legacypathcost is enabled.

Example
The following example resets the admin path cost to 0 for port 10 in slot 7 on SID 1:
matrix-x(switch-su)# clear spantree adminpathcost ge.7.10 sid 1

show spantree adminedge

This command displays the edge port administrative status for a port.

Syntax
show spantree adminedge port-string

Parameters
port‐string Specifies the ports for which to display edge port administrative
status. For a detailed description of possible port‐string values,
refer to Port Strings Used in the CLI on page 12‐2.

Defaults
None.

Matrix X Router Command Line Interface Reference Guide 19-49

Reviewing and Setting Spanning Tree Port Parameters

Mode
Switch command, read‐only

Example
The following example displays the edge port status for ten Gigabit port 2 in slot 1:
matrix-x(switch-su)# show spantree adminedge tg.1.2
Port tg.1.2 has a Port Admin Edge of Edge-Port

set spantree adminedge

This command sets the edge port administrative status on a Spanning Tree port.

Syntax
set spantree adminedge port-string {true | false}

Parameters
port-string Specifies the edge port. For a detailed description of possible port‐string
values, refer to Port Strings Used in the CLI on page 12‐2.
true | false Enables (true) or disables (false) the specified port as a Spanning Tree
edge port.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example sets Gigabit Ethernet port 11 in slot 1 as an edge port:
matrix-x(switch-su)# set spantree adminedge ge.1.11 true

19-50 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

clear spantree adminedge

This command resets a Spanning Tree port to non‐edge status.

Syntax
clear spantree adminedge port-string

Parameters
port‐string Specifies ports on which to reset edge port status. For a detailed description
of possible port‐string values, refer to Port Strings Used in the CLI on
page 12‐2.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets port 11 in slot 1 as a non‐edge port:
matrix-x(switch-su)# clear spantree adminedge ge.1.11

show spantree operedge

This command displays the Spanning Tree edge port operating status for a port.

Syntax
show spantree operedge [port port-string]

Parameters
port port‐string (Optional) Displays edge port operating status for specific ports. See Port
Strings Used in the CLI on page 12‐2 for a description of port‐string
values.

Defaults
If port‐string is not specified edge port operating status will be displayed for all Spanning Tree
ports.

Mode
Switch command, read‐only.

Example
The following example displays the edge port status for port 21 in slot 7:
matrix-x(switch-su)# show spantree operedge port ge.7.21

Matrix X Router Command Line Interface Reference Guide 19-51

Reviewing and Setting Spanning Tree Port Parameters

Port ge.7.21 has a Port Oper Edge of Edge-Port

show spantree adminpoint

This command displays the administrative point‐to‐point status of the LAN segment attached to a
Spanning Tree port.

Syntax
show spantree adminpoint [port port-string]

Parameters
port port‐string (Optional) Displays point‐to‐point status for specific ports. For a detailed
description of possible port‐string values, refer to Port Strings Used in the
CLI on page 12‐2.

Defaults
If port‐string is not specified, status will be displayed for all Spanning Tree ports.

Mode
Switch command, read‐only.

Example
The following example displays the point‐to‐point status of the LAN segment attached to port 21
in slot 7.
matrix-x(switch-su)# show spantree adminpoint port ge.7.21
Port ge.7.21 has a Port Admin Point to Point of Auto

show spantree operpoint

This command displays the operating point‐to‐point status of the LAN segment attached to a port.

Syntax
show spantree operpoint [port port-string]

Parameters
port port‐string (Optional) Displays point‐to‐point operating status for specific ports. For a
detailed description of possible port‐string values, refer to Port Strings Used
in the CLI on page 12‐2.

Defaults
If not specified, status will be displayed for all ports.

Mode
Switch command, read‐only.

19-52 Spanning Tree Commands

Reviewing and Setting Spanning Tree Port Parameters

Example
The following example displays the point‐to‐point status operating of the LAN segment attached
to port 21 in slot 7.
matrix-x(switch-su)# show spantree operpoint port ge.7.21
Port fg.7.21 has a Port Oper Point to Point of False on SID 1

set spantree adminpoint

This command sets the administrative point‐to‐point status of the LAN segment attached to a
Spanning Tree port.

Syntax
set spantree adminpoint port-string {true | false | auto}

Parameters

port‐string Specifies the port on which to set point‐to‐point protocol status. For a
detailed description of possible port‐string values, refer to Port Strings Used
in the CLI on page 12‐2.
true | false | auto Specifies the point‐to‐point status of the LAN attached to the specified port.
• true forces the port to be considered point‐to‐point.
• false forces the port to be considered non point‐to‐point.
• auto (the default setting) allows the firmware to determine the port’s
point‐to‐point status.

Mode
Switch command, read‐write.

Example
The following example sets the LAN attached to port 3 in slot 1 as a point‐to‐point segment.
matrix-x(switch-su)# set spantree adminpoint ge.1.3 true

Matrix X Router Command Line Interface Reference Guide 19-53

Reviewing and Setting Spanning Tree Port Parameters

clear spantree adminpoint

This command resets the administrative point‐to‐point status of the LAN segment attached to a
Spanning Tree port to auto mode.

Syntax
clear spantree adminpoint [port-string]

Parameters
port‐string (Optional) Resets point‐to‐point protocol status on specific ports. For a
detailed description of possible port‐string values, refer to Port Strings Used
in the CLI on page 12‐2.

Defaults
If port‐string is not specified, point‐to‐point status will be reset for all Spanning Tree ports.

Mode
Switch command, read‐write.

Example
The following example resets all ports on all Spanning Trees to auto point‐to‐point status.
matrix-x(switch-su)# clear spantree adminpoint

19-54 Spanning Tree Commands

20
802.1Q VLAN Commands

Overview
This chapter describes the Matrix X Router’s 802.1Q virtual LAN (VLAN) commands.
The Matrix X Router can support up to 1024 802.1Q VLANs. VLAN ID 1 is reserved by the device
as the default VLAN. All other available VLAN IDs can be assigned and configured with the CLI.
:

For information about... Refer to page...

Creating and Naming Static VLANs 20-1

Assigning Port VLAN IDs (PVIDs) and Ingress Filtering 20-5

Configuring the VLAN Egress List 20-12

Enabling/Disabling GVRP (GARP VLAN Registration Protocol) 20-17

Creating and Naming Static VLANs

Purpose
These switch‐level commands are used to create a new static VLAN, or to enable or disable
existing VLAN(s).

Commands
The commands used to create and name static VLANs are listed below.

For information about... Refer to page...

set vlan create 20-2

set vlan name 20-3

clear vlan 20-3

show vlan 20-4

Matrix X Router Command Line Interface Reference Guide 20-1

Creating and Naming Static VLANs

set vlan create

This command creates a new static IEEE 802.1Q VLAN.

Syntax
set vlan create vlan-id

Parameters
vlan‐id Valid values are 1‐4094. Each vlan‐id must be unique. If an existing vlan‐id
is entered, the existing VLAN is modified.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Once a VLAN is created, you can assign it a name using set vlan name on page 20‐3.
Each VLAN ID must be unique. If a duplicate VLAN ID is entered, the device assumes that the
Administrator intends to modify the existing VLAN.

Examples
The following example creates VLAN 3:
matrix-x(switch-su)->set vlan create 3
The following example disables VLAN 3:
matrix-x(switch-su)->set vlan disable 3

20-2 802.1Q VLAN Commands

Creating and Naming Static VLANs

set vlan name

This command sets or changes the ASCII name for a new or existing VLAN.

Syntax
set vlan name vlan-id string

Parameters
vlan‐id Valid values are 1‐4094. Each vlan‐id must be unique. If an existing vlan‐id is
entered, the existing VLAN is modified.
string Specifies the string used as the name of the VLAN (1 to 32 characters).

Defaults
None.

Mode
Switch command, read‐write.

Example
This example sets the name for VLAN 7 to green:
matrix-x(switch-su)->set vlan name 7 green

clear vlan
This command removes a static VLAN from the list of VLANs recognized by the device.

Syntax
clear vlan vlan-list

Parameters
vlan‐list Specifies the VLAN ID of the VLAN(s) to be removed.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example removes a static VLAN 9 from the device’s VLAN list:
matrix-x(switch-su)#clear vlan 9

Matrix X Router Command Line Interface Reference Guide 20-3

Creating and Naming Static VLANs

show vlan
This command displays existing VLANs.

Syntax
show vlan [static] [vlan-list]

Parameters
static (Optional) Displays information related to static VLANs. Static VLANs are
manually created using the set vlan create command or SNMP MIBs. The
default VLAN, VLAN 1, is always statically configured and can’t be
deleted. Only ports that use a specified VLAN as their default VLAN
(PVID) will be displayed.
vlan‐list (Optional) Displays information for a specific VLAN or range of VLANs.

Defaults
• If static is not specified, information for static and dynamic VLANs will be displayed.
• If vlan‐list is not specified, information for all VLANs will be displayed.

Mode
Switch command, read‐only.

Example
The following example shows the output of this command.
matrix-x(switch-su)-> show vlan static
VLAN: 1 NAME: DEFAULT VLAN Status: Enabled
VLAN Type: Permanent FID: 1
Creation Time: 0 days 1 hours 58 minutes 58 seconds ago
Egress Ports
None.
Forbidden Egress Ports
None.
Untagged Ports
None.

20-4 802.1Q VLAN Commands

Assigning Port VLAN IDs (PVIDs) and Ingress Filtering

About PVIDs and Policy Classification to a VLAN

Port VLAN IDs (PVIDs) assign VLAN IDs to untagged frames on one or more ports. Using the set
port vlan command, you can, for example, assign ports 1, 5, 8, and 9 to VLAN 3. Untagged frames
received on those ports will be assigned to VLAN 3. (By default, all ports are members of VLAN
ID 1, the default VLAN.)
Policy classification to a VLAN takes precedence over PVID assignment if:
• Policy classification is configured to a VLAN and
• PVID override has been enabled for a policy profile and assigned to port(s) associated with
the PVID.

Purpose
These switch‐level commands are used to assign default VLAN IDs to untagged frames on one or
more ports, to configure MIB‐II interface mapping to a VLAN, to configure VLAN ingress
filtering, and to set the frame discard mode.

Commands
The commands used to configure port VLAN IDs and ingress filtering are listed below.

For information about... Refer to page...

show port vlan 20-6

set port vlan 20-7

clear port vlan 20-8

show port ingress-filter 20-8

set port ingress-filter 20-9

show port discard 20-10

set port discard 20-11

clear port discard 20-11

Matrix X Router Command Line Interface Reference Guide 20-5

Assigning Port VLAN IDs (PVIDs) and Ingress Filtering

show port vlan

This command displays port VLAN identifier (PVID) information. PVID determines the VLAN to
which all untagged frames received on one or more ports will be classified.

Syntax
show port vlan [port-string]

Parameters
port‐string (Optional) Displays PVID information for specific port(s).

Defaults
If port ‐string is not specified, port VLAN information for all ports will be displayed.

Mode
Switch command, read‐only.

Example
The following example displays PVIDs assigned to Gigabit Ethernet ports 1 through 6 in slot 5. In
this case, untagged frames received on these ports will be classified to VLAN. Note that by
default, all switch ports have a PVID equal to 1.
matrix-x(switch-su)#show port vlan ge.5.1-6
ge.5.1 is set to 1
ge.5.2 is set to 1
ge.5.3 is set to 1
ge.5.4 is set to 1
ge.5.5 is set to 1
ge.5.6 is set to 1

20-6 802.1Q VLAN Commands

Assigning Port VLAN IDs (PVIDs) and Ingress Filtering

set port vlan

This command configures the PVID (port VLAN identifier) for one or more ports.

Syntax
set port vlan port-string pvid

Parameters
port‐string Specifies the port(s) for which to configure a VLAN identifier.
pvid Specifies the VLAN ID of the VLAN to which port(s) will be added.

Defaults
None.

Mode
Switch command, read‐write.

Usage
The PVID is used to classify untagged frames as they ingress into a given port. If the specified
VLAN has not already been created, this command will create it, add the VLAN to the port’s
egress list as untagged, and remove the default VLAN from the port’s egress list.
By default, all switch ports have a PVID equal to 1.

Example
The following example adds Gigabit Ethernet port 10 in slot 1 to the port VLAN list of VLAN 4
(PVID 4). Since VLAN 4 is a new VLAN, it is created. Then port ge.1.10 is added to VLAN 4’s
untagged egress list, and is cleared from the egress list of VLAN 1 (the default VLAN):
matrix-x(switch-su)#set port vlan ge.1.10 4
matrix-x(switch-su)#set vlan 4 create
matrix-x(switch-su)#set vlan egress 4 ge.1.10 untagged
matrix-x(switch-su)#clear vlan egress 1 ge.1.10

Matrix X Router Command Line Interface Reference Guide 20-7

Assigning Port VLAN IDs (PVIDs) and Ingress Filtering

clear port vlan

This command resets a port’s 802.1Q port VLAN ID (PVID) to the host VLAN ID 1.

Syntax
clear port vlan port-string

Parameters
port‐string Specifies the port(s) to be reset to the host VLAN ID 1.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example resets the Gigabit Ethernet ports 3 and 11 in slot 1 to a VLAN ID of 1 (Host
VLAN):
matrix-x(switch-su)#clear port vlan ge.1.3,ge.1.11

show port ingress-filter

This command shows all ports that are enabled for port ingress filtering, which limits incoming
VLAN ID frames according to a port VLAN egress list. If the VLAN ID specified in the received
frame is not on the port’s VLAN egress list, then that frame is dropped and not forwarded.

Syntax
show port ingress-filter [port-string]

Parameters
port‐string (Optional) Specifies the port(s) for which to display ingress filtering status.

Defaults
If port‐string is not specified, ingress filtering status for all ports will be displayed.

Mode
Switch command, read‐only.

Example
This example displays the port ingress filter status for Gigabit Ethernet ports 10 through 15 in slot
1. By default, ingress filtering is enabled on all switch ports.
matrix-x(switch-su)#show port ingress-filter ge.1.10-15
Port State

20-8 802.1Q VLAN Commands

Assigning Port VLAN IDs (PVIDs) and Ingress Filtering

-------- ---------
ge.1.10 enabled
ge.1.11 enabled
ge.1.12 enabled
ge.1.13 enabled
ge.1.14 enabled
ge.1.15 enabled

set port ingress-filter

This command discards all frames received with a VLAN ID that do not match the port’s VLAN
egress list.

Syntax
set port ingress-filter port-string {disable | enable}

Parameters
port‐string Specifies the port(s) on which to enable of disable ingress filtering.
disable | enable Disables or enables ingress filtering. Ingress filtering is enabled by default
on all switch ports.

Defaults
None.

Mode
Switch command, read‐write.

Usage
When ingress filtering is enabled on a port, the VLAN IDs of incoming frames are compared to the
port’s egress list. If the received VLAN ID does not match a VLAN ID on the port’s egress list, then
the frame is dropped.
Ingress filtering is implemented according to the IEEE 802.1Q standard.

Example
This example disables port ingress filtering on Gigabit Ethernet port 3 in slot 1:
matrix-x(switch-su)#set port ingress-filter ge.1.3 disable

Matrix X Router Command Line Interface Reference Guide 20-9

Assigning Port VLAN IDs (PVIDs) and Ingress Filtering

show port discard

This command displays the frame discard mode for one or more ports. Ports can be set to discard
frames based on whether or not they contain a VLAN tag. They can also be set to discard both
frame types or none of the frames received.

Syntax
show port discard [port-string]

Parameters
port‐string (Optional) Displays the frame discard mode for specific port(s).

Defaults
If port‐string is not specified, frame discarded mode will be displayed for all ports.

Mode
Switch command, read‐only.

Example
The following example displays the frame discard mode for Gigabit Ethernet port 7 in slot 5. In
this case, the port has been set to discard all tagged frames:
matrix-x(switch-su)#show port discard ge.5.7
Port Discard Mode
------------ -------------
ge.5.7 tagged

20-10 802.1Q VLAN Commands

Assigning Port VLAN IDs (PVIDs) and Ingress Filtering

set port discard

This command sets the frame discard mode on one or more ports.

Syntax
set port discard port-string {tagged | untagged | none | both}

Parameters
port‐string Specifies the port(s) for which to set frame discard mode.
tagged | untagged Sets the port(s) to discard tagged or untagged frames, no frames, or both
| none | both types of frames.

Defaults
By default, no frames are discarded based on received format.

Mode
Switch command, read‐write.

Example
This example sets Gigabit Ethernet port 7 in slot 5 to discard both tagged and untagged frames:
matrix-x(switch-su)#set port discard ge.5.7 both

clear port discard

This command resets the frame discard mode to the factory default setting (none).

Syntax
clear port discard port-string

Parameters
port‐string Specifies the port(s) for which to reset frame discard mode.

Defaults
None.

Mode
Switch command, read‐write.

Example
This example resets Gigabit Ethernet port 7 in slot 5 to the default discard mode of “none”:
matrix-x(switch-su)# clear port discard ge.5.7

Matrix X Router Command Line Interface Reference Guide 20-11

Configuring the VLAN Egress List

Purpose
Switch commands are used to assign or remove ports on the egress list of a particular VLAN. This
determines which ports will be eligible to transmit frames for a particular VLAN. For example,
ports 1, 5, 9, 8 could be assigned to transmit frames belonging to VLAN 5 (VLAN ID=5).
The port egress type for all ports defaults to tagging transmitted frames, but can be changed to
forbidden or untagged. In general, VLANs have no egress until they are configured by static
administration, or through dynamic mechanisms (that is, GVRP, policy classification, or Enterasys
dynamic egress).
Setting a port to forbidden prevents it from participating in the specified VLAN and ensures that
any dynamic requests (either through GVRP or dynamic egress) for the port to join the VLAN will
be ignored. Setting a port to untagged allows it to transmit frames without a tag header. This
setting is usually used to configure a port connected to an end user device.

Commands
The commands used to configure VLAN egress and dynamic VLAN egress are listed below.

For information about... Refer to page...

set vlan egress 20-13

clear vlan egress 20-14

show vlan dynamicegress 20-15

set vlan dynamicegress 20-16

20-12 802.1Q VLAN Commands

Configuring the VLAN Egress List

set vlan egress

This command adds ports to the VLAN egress list for the device, or prevents one or more ports
from participating in a VLAN. This determines which ports will transmit frames for a particular
VLAN.

Syntax
set vlan egress vlan-list port-string [untagged | forbidden | tagged]

Parameters
vlan‐list Specifies the VLAN where a port(s) will be added to the egress list.
port‐string Specifies one or more ports to add to the VLAN egress list of the specified
vlan‐list.
untagged | (Optional) Adds the specified ports as:
forbidden |
• untagged — Causes the port(s) to transmit frames without an IEEE
tagged
802.1Q header tag.
• forbidden — Instructs the device to ignore dynamic requests (either
through GVRP or dynamic egress) from the port(s) to join the VLAN
and disallows egress on that port.
• tagged — Causes the port(s) to transmit 802.1Q tagged frames.

Defaults
If untagged, forbidden or tagged is not specified, the port will be added to the VLAN egress list
as tagged.

Mode
Switch command, read‐write.

Examples
The following example adds Gigabit Ethernet ports 5 through 10 in slot 1 to the egress list of
VLAN 7. This means that these ports will transmit VLAN 7 frames as tagged:
matrix-x(switch-su)# set vlan egress 7 ge.1.5-10
The following example forbids Gigabit Ethernet ports 13 through 15 in slot 1 from joining VLAN 7
and disallow egress on those ports:
matrix-x(switch-su)# set vlan egress 7 ge.1.13-15 forbidden
The following example allows Gigabit Ethernet port 2 in slot 1 to transmit VLAN 7 frames as
untagged:
matrix-x(switch-su)# set vlan egress 7 ge.1.2 untagged

Matrix X Router Command Line Interface Reference Guide 20-13

Configuring the VLAN Egress List

clear vlan egress

This command removes ports from a VLAN’s egress list.

Syntax
clear vlan egress vlan-list port-string [forbidden]

Parameters
vlan‐list Specifies the number of the VLAN from which a port(s) will be removed
from the egress list.
port‐string Specifies one or more ports to be removed from the VLAN egress list of the
specified vlan‐list.
forbidden (Optional) Clears the forbidden setting from the specified port(s) and resets
the port(s) as able to egress frames if so configured by either static or
dynamic means.

Defaults
If forbidden is not specified, tagged and untagged settings will be cleared.

Mode
Switch command, read‐write.

Examples
The following example removes Gigabit Ethernet port 1 in slot 3 from the egress list of VLAN 9:
matrix-x(switch-su)# clear vlan egress 9 ge.3.1
The following example removes all Gigabit Ethernet ports in slot 2 from the egress list of VLAN 4:
matrix-x(switch-su)# clear vlan egress 4 ge.2.*

20-14 802.1Q VLAN Commands

Configuring the VLAN Egress List

show vlan dynamicegress

This command displays which VLANs are currently enabled for VLAN dynamic egress.

Syntax
show vlan dynamicegress [vlan-list]

Parameters
vlan‐list (Optional) Displays dynamic egress status for specific VLAN(s).

Defaults
If vlan‐list is not specified, status for all VLANs where dynamic egress is enabled will be
displayed.

Mode
Switch command, read‐only.

Example
The following example displays which VLANs are enabled for dynamic egress:
matrix-x(switch-su)# show vlan dynamicegress
VLAN 1 is enabled
VLAN 101 is enabled
VLAN 102 is enabled
VLAN 105 is enabled

Matrix X Router Command Line Interface Reference Guide 20-15

Configuring the VLAN Egress List

set vlan dynamicegress

This command sets the administrative status of one or more VLANs’ dynamic egress capability. If
VLAN dynamic egress is enabled, the device will add the port receiving a tagged frame to the
VLAN egress list of the port according to the frame VLAN ID.

Syntax
set vlan dynamicegress vlan-list {enable | disable}

Parameters
vlan‐list Specifies the number of the VLAN(s) where dynamic egress will be
enabled or disabled.
enable | disable Enables or disables dynamic egress.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example enables the dynamic egress function on VLAN 7:
matrix-x(switch-su)# set vlan dynamicegress 7 enable

20-16 802.1Q VLAN Commands

Enabling/Disabling GVRP (GARP VLAN Registration Protocol)

Purpose
These switch‐level commands are used to dynamically create VLANs across a switched network.
The GVRP command set is used to display GVRP configuration information, the current global
GVRP state setting, individual port settings (enable or disable) and timer settings. By default,
GVRP is enabled globally on the device but disabled on all ports.

Commands
The commands used to configure GVRP are listed below.

For information about... Refer to page...

show gvrp 20-17

show garp timer 20-18

set gvrp 20-19

clear gvrp 20-20

set garp timer 20-20

clear garp timer 20-21

show gvrp
This command displays GVRP configuration information.

Syntax
show gvrp [port-string]

Parameters
port-string (Optional) Displays GVRP configuration information for specific port(s).

Defaults
If port‐string is not specified, GVRP configuration data is displayed for all ports and the device.

Mode
Switch command, read‐only.

Example
The following example displays GVRP status for the device and Gigabit Ethernet port 1 in slot 7:
matrix-x(switch-su)# show gvrp ge.7.1
Global GVRP status is enabled.

Matrix X Router Command Line Interface Reference Guide 20-17

Enabling/Disabling GVRP (GARP VLAN Registration Protocol)

Port Number GVRP status Last PDU Origin

----------- ----------- -----------------
ge.7.1 enabled 00-e0-63-97-d4-36
The following table describes the output.

Output What It Displays

Port Number Port designation.

GVRP status Whether GVRP is enabled or disabled on the port.

Last PDU Origin MAC address of the last GVRP frame received on the port

show garp timer

This command displays Group Address Registration Protocol (GARP) timer values for one or
more ports.

Syntax
show garp timer [port-string]

Parameters
port‐string (Optional) Displays GARP timer data for specific port(s).

Defaults
If port‐string is not specified, GARP timer information will be displayed for all ports.

Mode
Switch command, read‐only.

Example
The following example displays GARP timer data on Gigabit Ethernet ports 1 through 10 in slot 1:

matrix-x(switch-su)# show garp timer ge.1.1-10

Port based GARP Configuration: (Timer units are centiseconds)
Port Number Join Leave Leaveall
----------- ----- ------- --------
ge.1.1 20 60 1000
ge.1.2 20 60 1000
ge.1.3 20 60 1000
ge.1.4 20 60 1000
ge.1.5 20 60 1000
ge.1.6 20 60 1000
ge.1.7 20 60 1000
ge.1.8 20 60 1000
ge.1.9 20 60 1000
ge.1.10 20 60 1000
The table below describes the command output. See set gvrp for details on enabling or disabling
GVRP. See set garp timer for details on changing default timer values.

20-18 802.1Q VLAN Commands

Enabling/Disabling GVRP (GARP VLAN Registration Protocol)

Output What It Displays

Port Number Port designation. For a detailed description of possible port-string values, refer
to Port Strings Used in the CLI on page 12-2.

Join Join timer setting.

Leave Leave timer setting.

Leaveall Leavall timer setting.

Note: For a functional description of the terms join, leave, and leaveall timers, refer to standard
IEEE 802.1Q documentation, which is not supplied with this device.

set gvrp
This command enables or disables GVRP globally on the device or on one or more ports.

Syntax
set gvrp {enable | disable} [port-string]

Parameters
enable | disable Disables or enables GVRP on the device.
port‐string (Optional) Disables or enables GVRP on specific port(s).

Defaults
If port‐string is not specified, GVRP will be disabled or enabled for the device, but not ports.

Mode
Switch command, read‐write.

Examples
The following example enables GVRP globally on the device:
matrix-x(switch-su)#set gvrp enable
The following example disables GVRP globally on the device:
matrix-x(switch-su)#set gvrp disable
The following example enables GVRP on Gigabit Ethernet port 3 in slot 1:
matrix-x(switch-su)#set gvrp enable ge.1.3

Matrix X Router Command Line Interface Reference Guide 20-19

Enabling/Disabling GVRP (GARP VLAN Registration Protocol)

clear gvrp
This command clears GVRP status or on one or more ports.

Syntax
clear gvrp [port-string]

Parameters
port‐string (Optional) Clears GVRP status on specific port(s).

Defaults
If port‐string is not specified, GVRP status will be cleared for the device only.

Mode
Switch command, read‐write.

Examples
The following example returns global GVRP status on the device to its default value of enabled:
matrix-x(switch-su)#clear gvrp
The following example returns GVRP status on Gigabit Ethernet port 1 in slot 4 to its default value
of disabled.
matrix-x(switch-rw)# clear gvrp ge.4.1

set garp timer

This command adjusts the values of the join, leave, and leave all timers.

Syntax
set garp timer {[join timer-value][leave timer-value][leaveall timer-value]}
port-string

Parameters
join timer‐value Sets the GARP join timer in centiseconds. The value can range from 1
to 2147483647 centiseconds. Default is 20.
leave timer‐value Sets the GARP leave timer in centiseconds. The value can range from
1 to 2147483647 centiseconds. Default is 60.
leaveall timer‐value Sets the GARP leaveall timer in centiseconds. The value can range
from 1 to 2147483647 centiseconds. Default is 1000.
port‐string Specifies the port(s) on which to configure GARP timer settings. For a
detailed description of possible port‐string values, refer to Port Strings
Used in the CLI on page 12‐2.

20-20 802.1Q VLAN Commands

Enabling/Disabling GVRP (GARP VLAN Registration Protocol)

Defaults
• Join 20 centiseconds
• Leave 60 centiseconds
• Leaveall 1000 centiseconds

Mode
Switch command, read‐write.

Usage
The setting of these timers is critical and should only be changed by personnel familiar with the
802.1Q standards documentation, which is not supplied with this device.

Examples
The following example sets the GARP join timer value to 100 centiseconds for all ports:
matrix-x(switch-su)#set garp timer join 100 *.*.*
The following example sets the leave timer value to 300 centiseconds for all ports:
matrix-x(switch-su)#set garp timer leave 300 *.*.*
The following example sets the leaveall timer value to 20000 centiseconds for all ports:
matrix-x(switch-su)#set garp timer leaveall 20000 *.*.*

clear garp timer

This command resets GARP timers to default values.

Syntax
clear garp timer {[join] [leave] [leaveall]} port-string

Parameters
join (Optional) Resets the join timer to 20 centiseconds.
leave (Optional) Resets the leave timer to 60 centiseconds.
leaveall (Optional) Resets the leaveall timer to 1000 centiseconds.
port‐string Specifies the port(s) on which to reset GARP timer(s).

Defaults
At least one optional parameter must be entered.

Mode
Switch command, read‐write.

Matrix X Router Command Line Interface Reference Guide 20-21

Enabling/Disabling GVRP (GARP VLAN Registration Protocol)

Example
The following example resets the GARP leave timer to 60 centiseconds on Gigabit Ethernet port 3
in slot 5:
matrix-x(switch-su)#clear garp timer leave ge.5.3

20-22 802.1Q VLAN Commands

21
CoS Commands

This chapter describes the CLI commands used for QoS queue management.

For information about... Refer to page...

Overview 21-1

Configuring Control Packet CoS 21-3

Configuring User-Defined Traffic Profiles 21-7

Adding QoS Queues to Ports 21-13

Displaying and Clearing QoS Queue Packet Counters 21-18

Overview
A QoS Queue is a virtual, chassis‐wide entity, identified by a CoS (class‐of‐service) number which
is a number between 0 and 7. A physical queue is a real hardware queue identified by a CoS
number and an egress node and port.
A QoS Queue must be bound to a given egress port before it can be used for forwarding to that
port. Until a QoS Queue is bound to a port, it consumes no fabric resources.

Default IOM Configuration

By default, a newly inserted IOM is automatically configured with two QoS Queues per port:
• cos=0 is configured as the best‐effort queue and is automatically added to every physical port
on the IOM. This queue also carries low‐priority locally transmitted control packets. This
queue is created with the pre‐defined be traffic‐profile.
• cos=7 is configured as the high‐priority queue and is automatically added to every physical
port on the IOM. This queue also carries high‐priority locally transmitted control packets. This
queue is created with the pre‐defined local traffic‐profile.
You can modify the parameters for all QoS Queues including the queue depth parameter (given in
buffer memory pages), the scheduling algorithm, and shaping.

Control Packet Transmit Queues

Control packets are protocol or management packets sent from the software running locally on the
X Router CPUs. These packets are normally given higher priority to ensure that the protocols
function correctly. The X Router distinguishes between low‐priority and high‐priority control
packets. Low‐priority packets are high‐frequency packets which can be dropped without major

Matrix X Router Command Line Interface Reference Guide 21-1

Overview

network problems occurring. Low priority packets include normal management functions such as
Telnet, FTP, and ARP. High‐priority packets should never be dropped even when the port is
heavily congested. High priority packets include special protocol packets such as OSPF and 802.1
bridge PDUs.
Locally originated control packets are sent on QoS queues with special treatment so that they are
immune to WRED discards when the port becomes congested. This is to guarantee that local
packets are sent for protocol and network stability. In rare circumstances, the IOM may run out of
buffer memory and the queues may even discard control packets. This problem is avoided by
using a separate queue for control packets and reserving buffer space for that queue.
The X Router maps low‐priority packets to cos=0 and high‐priority packets to cos=7, by default.
You can change the CoS value assigned at egress to different types of control packets sourced from
VLAN interfaces with the set system priority and clear system priority commands. Use the show
system priority command to display the current priority settings for the different types of control
packets. Note, however, that egress remarking (see Chapter 22, Port‐Based DSCP Remapping
Commands) will affect the final priority value in the 802.1Q VLAN tag.
Control packets can be directed to use a specific queue with the set port control‐queue command.
If a port does not use network protocols, physical queue resources can be freed up by using the set
port control‐queue and clear port cos commands.

Traffic Profiles
Since many physical queues will share the same set of parameters (which are generally chassis‐
wide), a profile facility is used to configure traffic and shaping parameters per queue. These are
called traffic profiles and can be configured independently of the queues which use them.
Traffic profiles are referenced when a QoS Queue is bound to a port using the set port cos
command. Once the profile is referenced, it cannot be removed without first clearing the
configured QoS Queues. A referenced profile can be modified at any time. The modification will
automatically reconfigure all queues which reference them.
You can create up to 244 user‐defined traffic profiles. In addition there are a number of predefined
profiles which are used for system purposes. The predefined profiles are be, mcb0 to mcb7 , local
and local0 to local7. By default, the be profile is used to configure the best‐effort (cos=0) queue
and the local profile is used to create the high‐priority (cos=7) queue. The mcb0 to mcb7 profiles
are used to configure all multicast and broadcast queues. The local0 to local7 profiles are used to
configure the local management packet receive queues. You should never have to change the
predefined traffic profiles.

Queuing Modes
The Matrix X Router supports two modes of queuing:
• Strict priority (SP)
• Weighted fair queuing (WFQ)
A user‐defined traffic profile can only be configured to use strict priority queueing. The
predefined local0 to local7 queues may be configured to use either mode.
When WFQ and SP are mixed on the same port, the SP queues are always serviced first, and the
WFQ queues are serviced when no SP queues have data.
In SP mode, a queue is configured with a priority of 0 to 7. The higher number indicates a higher
priority for delivery. In WFQ mode, the queue is configured with a guaranteed bandwidth given
in Mbps.

21-2 CoS Commands

Configuring Control Packet CoS

Weighted Random Early Discard (WRED)

The Matrix X Router supports WRED and you can configure a set of WRED parameters for each of
the three DPs (drop precedence, sometimes referred to as the color) for a given packet. The
X Router will set the DP based on a configured policer or using bits in the packetʹs control header.
The DP value (0 to 2, or red, yellow, green) is then used to select the WRED parameters for discard
treatment.

High-Level Configuration Process

The process for configuring QoS queues using CLI commands is:
1. Optionally, create and configure a non‐default traffic profile, with the set traffic‐profile
command.
2. Apply (or bind) a QoS queue to a port and assign a traffic profile, with the set port cos
command. Use the clear port cos command to remove a QoS queue from a port.
3. Optionally, configure specific QoS queues for high‐priority and low‐priority local control
packets, with the set port control‐queue command.
4. Display QoS queue bindings, with the show port cos command.
5. Display QoS queue packet counters, with the show system fabric queues command.

Configuring Control Packet CoS

Purpose
To review and configure the class of service (CoS) values assigned by the Control Module (CM) to
egressing Layer 3 frames originating from routing protocols and host services and sourced from a
VLAN interface. The CoS value added to the user‐priority field of the TCI field in the 802.1Q
VLAN tag header affects how the traffic is treated as it travels across the network.

Commands

For information about... Refer to page...

show system priority 21-4

set system priority 21-5

clear system priority 21-6

Matrix X Router Command Line Interface Reference Guide 21-3

Configuring Control Packet CoS

show system priority

This command displays the current CoS settings for control packet frames by service.

Syntax
show system priority

Parameters
None.

Defaults
None.

Mode
Switch command, read‐only.

Example
This example displays the current CoS priorities assigned to VLAN‐tagged control packets by the
CM based on the type of service.
matrix-x(switch-ro)-> show system priority
Service Priority
======= ========

rip 7
ospf 7
bgp 7
pim 7
dvmrp 7
vrrp 7
telnet 0
ssh 0
snmp 0
ntp 0
dns 0

21-4 CoS Commands

Configuring Control Packet CoS

set system priority

This command sets the CoS priority by service type for VLAN‐tagged control packets. This value
is assigned by the CM to egressing packets.

Syntax
set system priority {bgp|dns|dvmrp|ntp|ospf|pim|rip|snmp|ssh|telnet|vrrp}
priority

Parameters
bgp Sets the priority value for Border Gateway Protocol packets. Default
priority is 7.
dns Sets the priority value for Domain Name System packets. Default
priority is 7.
dvmrp Sets the priority value for Distance Vector Multicast Routing Protocol
packets and Internet Group Management Protocol (IGMP) queries and
reports. Default priority is 7.
ntp Sets the priority value for Network Time Protocol packets. Default
priority is 0.
ospf Sets the priority value for Open Shortest Path First protocol packets.
Default priority is 7.
pim Sets the priority value for Protocol Independent Multicast packets.
Default priority is 7.
rip Sets the priority value for Routing Information Protocol packets.
Default priority is 7.
snmp Sets the priority value for Simple Network Management Protocol
packets. Default priority is 0.
ssh Sets the priority value for Secure Shell packets. Default priority is 0.
telnet Sets the priority value for Telnet packets. Default priority is 0.
vrrp Sets the priority value for Virtual Router Redundancy Protocol packets.
Default priority is 7.
priority Specifies the CoS priority value, which can range from 0 to 7.

Defaults
Routing protocols: 7
Host services: 0

Mode
Switch mode, read‐write.

Usage
Note the following:
• Setting DVMRP priority also sets the priority for IGMP query and report packets.

Matrix X Router Command Line Interface Reference Guide 21-5

Configuring Control Packet CoS

• ICMP and ARP are prioritized with a value of 0 and are not configurable.
• DHCP server, relay, and client services are prioritized with a value of 0 and are not
configurable.
• The ISIS routing protocol is prioritized with a value of 7 and is not configurable.
• Egress remarking will affect the final priority value in the VLAN tag header.

Example
This example sets the CoS priority assigned by the CM to SNMP packets to 2.
matrix-x(switch-rw)-> set system priority snmp 2

clear system priority

This command returns the CoS priorities for VLAN‐tagged control packets to their default values,
by service type.

Syntax
clear system priority {all|bgp|dns|dvmrp|ntp|ospf|pim|rip|snmp|ssh|telnet|vrrp}

Parameters
all Returns all priorities to their default values.
bgp Returns the priority value for Border Gateway Protocol packets to the
default priority of 7.
dns Returns the priority value for Domain Name System packets to the
default priority of 7.
dvmrp Returns the priority value for Distance Vector Multicast Routing
Protocol packets and IGMP packets to the default priority of 7.
ntp Returns the priority value for Network Time Protocol packets to the
default priority of 0.
ospf Returns the priority value for Open Shortest Path First protocol packets
to the default priority of 7.
pim Returns the priority value for Protocol Independent Multicast packets to
the default priority of 7.
rip Returns the priority value for Routing Information Protocol packets to
the default priority of 7.
snmp Returns the priority value for Simple Network Management Protocol
packets to the default priority of to the default priority of 0.
ssh Returns the priority value for Secure Shell packets to the default priority
of 0.
telnet Returns the priority value for Telnet packets to the default priority of 0.
vrrp Returns the priority value for Virtual Router Redundancy Protocol
packets to the default priority of 7.

21-6 CoS Commands

Configuring User-Defined Traffic Profiles

Defaults
Routing protocols: 7
Host services: 0

Mode
Switch mode, read‐write.

Example
This example returns the CoS priority assigned by the CM to SNMP packets to the default of 0.
matrix-x(switch-rw)-> clear system priority snmp

Configuring User-Defined Traffic Profiles

Purpose
To review, create, change, and remove user‐defined traffic profiles. Refer to “Traffic Profiles” on
page 21‐2 for information about the system predefined traffic profiles that cannot be deleted and
should not be changed.

Commands
The commands used to review and configure CoS profiles are listed below.

For information about... Refer to page...

show traffic-profile 21-7

set traffic-profile 21-9

clear traffic-profile 21-9

show traffic-profile
This command displays one or all configured traffic profiles, both user‐defined and system
default profiles.

Syntax
show traffic-profile [profile-name]

Parameters
profile‐name (Optional) Name of the default or user‐configured traffic profile.

Defaults
If you do not specify a profile name, the Matrix X Router will display all profiles, both user‐
defined and system default profiles.

Matrix X Router Command Line Interface Reference Guide 21-7

Configuring User-Defined Traffic Profiles

Mode
Switch command, read‐only.

Example
The following example displays the best‐effort system default traffic profile, named be:
matrix-x(switch-su)-> show traffic-profile be
pri=0, weight=0, max-depth=16777216, bw-limit=10240
wred is disable
green: wred-slope-den=4, wred-slope-num=1
wred-min=2097152, wred-ecn=4194304, wred-max=8388608
yellow: wred-slope-den=4, wred-slope-num=1
wred-min=1048576, wred-ecn=2097152, wred-max=4194304
red: wred-slope-den=4, wred-slope-num=1
wred-min=524288, wred-ecn=1048576, wred-max=2097152

The following table describes output shown in the above example.

Output What It Displays...

pri = n Displays the absolute priority for the profile, for Strict Priority (SP) mode
queuing. The value can range from 0 to 7, with 7 indicating the highest
priority.
If the traffic profile uses WFQ, then the priority value is 0.

weight = n Displays the guaranteed bandwidth for the profile, for WFQ queuing mode.
The value can range from 1 to 10240 Mbps. If the traffic profile uses Strict
Priority queuing mode, then the weight value is 0.

max-depth = n Displays the maximum queue depth for the profile. Units are in 64 KB pages.

bw-limit = n Displays the bandwidth to limit (or shape) the rate for the profile. This value
configures an upper bandwidth threshold, ranging from 1 to 10240 Mbps,
above which packets will be dropped.

green: Drop precedence (DP), or color. Green = DP2, Yellow = DP1, Red = DP0.
yellow: Separate WRED parameters for discard treatment are defined for each color.
red:
wred-slope-den = n Weighted random early detection (WRED) slope denominator for the profile.

wred-slope-num = n WRED slope numerator for the profile.

wred-min = n WRED minimum queue depth for the profile, in bytes.

wred-ecn = n WRED explicit congestion notification (ECN) for the profile, in bytes.

wred-max = n WRED maximum queue depth for the profile, in bytes.

21-8 CoS Commands

Configuring User-Defined Traffic Profiles

set traffic-profile
This command creates or edits a non‐default, user‐defined traffic profile.

Syntax
set traffic-profile profile-name [create] [priority pri] [reset] [weight value]
[bw-limit bandwidth] [max-depth pages] [wred-ecn ecn-depth [yellow|red|green]]
[wred-max max-depth [yellow|red|green]] [wred-min min-depth [yellow|red|green]]
[wred-slope-den denominator [yellow|red|green]] [wred-slope-num numerator
[yellow|red|green]]

Parameters
profile‐name Specifies the name of a non‐default traffic profile. The default parameters
on a newly created profile are equivalent to a best effort (be) profile.
create (Optional) Creates a new traffic profile. You must create a profile before
you can specify any of the other parameters.
priority pri (Optional) Specifies Strict Priority (absolute) queuing mode for the traffic
profile being configured. Priority value pri can range from 0 to 7, with 7
indicating the highest priority for delivery.
The default queuing mode for a user‐defined traffic profile is Strict
Priority, with a priority value of 7.
weight value (Optional) Specifies WFQ queuing mode for the traffic profile being
configured. The value specifies guaranteed bandwidth, ranging from 1 to
10,240 Mbps.
Notes: This parameter can only be applied to the predefined local0 through
local7 profiles.
The weight value must be less than or equal to the bw-limit value.
bw‐limit bandwidth (Optional) Specifies the upper bandwidth to limit (shape) the rate,
ranging from 1 to 10,240 Mbps. This parameter specifies the maximum
rate for the queue to deliver packets.
Note: This parameter can only be applied to the predefined mcb0 through mcb7
and local0 through local7 profiles.
max‐depth pages (Optional) Specifies the maximum queue depth in 64 KB pages, ranging
from 2 to 2,048 pages. This parameter limits the amount of queue
memory a given queue can allocate when it queues packets.
wred‐ecn ecn‐depth (Optional) Specifies the queue depth at which WRED will start marking
[yellow|red|green] Explicit Congestion Notification (ECN) bits in the packet. This parameter
value may result in the packet getting treated differently at later hops.
The ecn‐depth can range from 1 to 134,217,728 bytes.
The wred‐ecn queue depth must be less than or equal to the wred‐max
queue depth.
If no color is specified, this parameter is set for all colors. Otherwise, the
parameter is set only for the specified color.

Matrix X Router Command Line Interface Reference Guide 21-9

Configuring User-Defined Traffic Profiles

wred‐max max‐depth (Optional) Specifies the maximum queue depth at which WRED will
[yellow|red|green] discard all packets. The value of max‐depth can range from 1 to
134,217,728 bytes.
If no color is specified, this parameter is set for all colors. Otherwise, the
parameter is set only for the specified color.
wred‐min min‐depth (Optional) Specifies the queue depth at which WRED begins to operate
[yellow|red|green] (to randomly discard). The value of min‐depth can range from 1 to
134,217,728 bytes. A lower value indicates more aggressive discarding.
The wred‐min queue depth must be less than or equal to the wred‐ecn
queue depth.
If no color is specified, this parameter is set for all colors. Otherwise, the
parameter is set only for the specified color.
wred‐slope‐den (Optional) Specifies the slope denominator to control how steep the
denominator WRED slope is. The denominator can range from 1 to 65535. You should
[yellow|red|green] not have to change this parameter from the default.
If no color is specified, this parameter is set for all colors. Otherwise, the
parameter is set only for the specified color.
wred‐slope‐num (Optional) Specifies the WRED slope numerator, to control how steep the
numerator WRED slope is. The numerator can range from 0 to 15. You should not
[yellow|red|green] have to change this parameter from the default.
If no color is specified, this parameter is set for all colors. Otherwise, the
parameter is set only for the specified color.

Defaults
Default values for a newly created profile are set to the best effort (be) profile values.

Mode
Switch command, read‐write.

Usage
Use this command to create a non‐default, user‐defined traffic profile and to configure an existing
traffic profile. Up to 244 user‐defined traffic profiles can be created on an X Router, in addition to
the predefined profiles.
You must create a profile, using the create parameter, before you can change any of its default
parameters. A new traffic profile is created using the parameters of the best effort, or be,
predefined traffic profile.
User‐defined profiles can only use Strict Priority queueing mode, set with the priority parameter.
Pre‐defined traffic profiles local0 to local7 may use either Strict Priority or weighted fair queuing
(WFQ), set with the weight parameter. Note that the value of the weight parameter must be less
than or equal to the value of the bw‐limit parameter.
.

Note: Changing a parameter for a profile which is in use will dynamically change the physical queue
parameters for all queues using the profile.

The predefined traffic profiles, which cannot be deleted, and which should not be changed, are:

21-10 CoS Commands

Configuring User-Defined Traffic Profiles

• be – Best Effort. This profile is used to configure the best effort default forwarding queue,
cos=0.
• local – Locally originating packets. This profile is used to create the high‐priority (cos=7)
queue.
• mcb0 – mcb7 – Multicast and Broadcast. A set of profiles used to configure all multicast and
broadcast queues.
• local0 ‐ local7 – A set of profiles used to configure the local management receive queues.

Note: When configuring weighted random early detection (WRED) queue depths, ensure that
wred-min depth <= wred-ecn depth <= wred-max depth.

Example
This example creates and configures the traffic profile VoIP. The set port cos command binds VoIP
to port ge4.1 with a QoS queue priority of 6.
matrix-x(switch-su)-> set traffic-profile VoIP create
matrix-x(switch-su)-> set traffic-profile VoIP priority 6
matrix-x(switch-su)-> set port cos ge.4.1 class-of-service 6 VoIP

clear traffic-profile
This command deletes a user‐defined traffic profile.

Syntax
clear traffic-profile profile-name

Parameters
profile‐name Specifies the name of a non‐default traffic profile.

Defaults
None.

Mode
Switch command, read‐write.

Usage
User‐defined traffic profiles are created and configured using the set traffic‐profile command.
Traffic profiles are referenced when a QoS Queue is bound to a port using the set port cos
command. Once a profile is referenced, it cannot be deleted without first clearing the QoS Queues
using the clear port cos command.
A referenced profile can be modified at any time. The modification will automatically reconfigure
all queues which reference that profile.

Matrix X Router Command Line Interface Reference Guide 21-11

Configuring User-Defined Traffic Profiles

Example
The following example deletes traffic profile VoIP. Since the profile had been associated with a
port and Class of Service, it must be cleared from that port and Class of Service first.
matrix-x(switch-su)-> set traffic-profile VoIP create
matrix-x(switch-su)-> set traffic-profile VoIP priority 6
matrix-x(switch-su)-> set port cos ge.4.1 class-of-service 6 VoIP
matrix-x(switch-su)-> show port cos ge.4.1
Port CoS TC Ctrl Profile
ge.4.1 0 2 LH local0
ge.4.1 6 6 VoIP
ge.4.1 7 7 local7

matrix-x(switch-su)-> clear traffic-profile VoIP

% Profile is in use and cannot be cleared
matrix-x(switch-su)-> clear port cos ge.4.1 class-of-service 6
matrix-x(switch-su)-> show port cos ge.4.1
Port CoS TC Ctrl Profile
ge.4.1 0 2 LH local0
ge.4.1 7 7 local7
matrix-x(switch-su)-> clear traffic-profile VoIP
matrix-x(switch-su)->

21-12 CoS Commands

Adding QoS Queues to Ports

Purpose
These switch level commands are used to display, add (bind), and delete QoS queues to ports.

Commands

For information about... Refer to page...

show port cos 21-13

set port cos 21-14

clear port cos 21-15

set port control-queue 21-16

show port cos

This command displays information about the active bindings of QoS queues to one or all ports.

Syntax
show port cos [port-string] [class-of-service cos | traffic-class tc}

Parameters
port‐string (Optional) Specifies the port in media.slot.port format for
which to display inforamation.
class‐of‐service cos (Optional) Display information about a specific CoS number
configured on ports. The value of cos can range from 0 to 7.
traffic‐class tc (Optional) Display information about a specific traffic class
number configured on ports. The value of tc can range from
0 to 7.

Defaults
If a port‐string parameter is not specified, information for all ports is displayed.
If neither class‐of‐service or traffic‐class is specified, information for all CoS and TC values are
displayed.

Mode
Switch command, read‐only.

Examples
This example displays output for port ge.4.1:
matrix-x(switch-su)-> show port cos ge.4.1

Matrix X Router Command Line Interface Reference Guide 21-13

Adding QoS Queues to Ports

Port CoS TC Ctrl Profile

ge.4.1 0 2 LH be
ge.4.1 6 6 local6
The following example displays output only for CoS 6 on port ge.4.1:
matrix-x(switch-su)-> show port cos ge.4.1 class-of-service 6
Port CoS TC Ctrl Profile
ge.4.1 6 6 local6
The following table describes the contents of the output fields of this command.

Field Description

Port The egress port on which the QoS queue is bound.

CoS The class of service number of the QoS queue. Values range from 0 to 7.

TC The mapped traffic class of the QoS queue. Values range from 0 to 7.

Ctrl Indicates whether control packets are mapped onto the queue. The value L indicates
low-priority packets are mapped to the queue, while the value H indicates that high-
prority packets are mapped to the queue.

Profile Indicates the traffic profile referenced by the queue.

set port cos

This command adds (binds) a QoS queue to a port.

Syntax
set port cos port-string {class-of-service cos | traffic-class tc} traffic-profile

Parameters
port‐string Specifies the port to which the QoS queue is to be bound.
class‐of‐service cos Specifies the QoS queue by CoS number, ranging from 0 to 7.
traffic‐class tc Specifies the QoS queue by traffic class number, ranging from0 to 7.
traffic‐profile Specifies the traffic profile to bind to the port.

Defaults
None.

Mode
Switch command, read‐write.

Usage
This command binds a QoS queue, a virtual, chassis‐wide entity designated by a COS
identification number or traffic class number, to a given port, and assigns the traffic forwarding
profile.

21-14 CoS Commands

Adding QoS Queues to Ports

Be careful when binding cos=7 since this will allow forwarded packets to share the queue with
locally transmitted packets, creating a possible denial‐of‐service security issue.
A QoS Queue must be bound to a given egress port before it can be used for forwarding to that
port and until that is done, it consumes no FM resources.

Examples
This example first displays the QoS queue bindings on port ge.4.11. Then, the example binds the
QoS queue with CoS of 4 on port ge.4.1, using the user‐defined traffic profile tf1:
matrix-x(switch-su)-> show port cos ge.4.11
Port CoS TC Ctrl Profile
ge.4.11 0 2 L be
ge.4.11 7 7 H local

matrix-x(switch-su)-> set port cos ge.4.11 class-of-service 4 tf1

matrix-x(switch-su)-> show port cos ge.4.11

Port CoS TC Ctrl Profile
ge.4.11 0 2 L be
ge.4.11 4 4 tf1
ge.4.11 7 7 H local
matrix-x(switch-su)->

clear port cos

This command deletes a QoS queue from a port.

Syntax
clear port cos port-string {class-of-service cos | traffic-class tc}

Defaults
None.

Mode
Switch command, read‐write.

Example
This example deletes the QoS queue with CoS number 4 on interface ge.4.11:
matrix-x(switch-su)-> show port cos ge.4.11
Port CoS TC Ctrl Profile
ge.4.11 0 2 L be

Matrix X Router Command Line Interface Reference Guide 21-15

Adding QoS Queues to Ports

ge.4.11 4 4 tf1
ge.4.11 7 7 H local

matrix-x(switch-su)-> clear port cos ge.4.11 class-of-service 4

matrix-x(switch-su)-> show port cos ge.4.11
Port CoS TC Ctrl Profile
ge.4.11 0 2 L be
ge.4.11 7 7 H local

set port control-queue

This command configures a port to use a specified CoS numbered queue for sending control
packets.

Syntax
set port control-queue {high-priority | low-priority} port-string
{class-of-service cos | traffic-class tc}

Parameters
port‐string Specifies the port in media.slot.port format.
class‐of‐service cos Specifies the QoS queue by CoS number, ranging from 0 to 7.
traffic‐class tc Specifies the QoS queue by traffic class number, ranging from0 to 7.
high‐priority Specifies that high‐priority control packets should use this queue.
low‐priority Specifies that low‐priority control packets should use this queue.

Defaults
None.

Mode
Switch command, read‐write.

Usage
Control packets are protocol or management packets sent from the software running locally on the
X Router CPUs. These packets are normally given higher priority to ensure that the protocols
function correctly. The X Router distinguishes between low‐priority and high‐priority control
packets. Low‐priority packets are high‐frequency packets which can be dropped without major
network problems occurring. Low priority packets include normal management functions such as
Telnet, FTP, and ARP. High‐priority packets should never be dropped even when the port is
heavily congested. High priority packets include special protocol packets such as OSPF and 802.1
bridge PDUs.
By default, a newly inserted IOM is automatically configured with two QoS Queues per port:
• cos=0 is configured as the best‐effort queue and is automatically added to every physical port
on the IOM. This queue also carries low‐priority locally transmitted control packets. This
queue is created with the pre‐defined be traffic‐profile.

21-16 CoS Commands

Adding QoS Queues to Ports

• cos=7 is configured as the high‐priority queue and is automatically added to every physical
port on the IOM. This queue also carries high‐priority locally transmitted control packets. This
queue is created with the pre‐defined local traffic‐profile.
Note that you cannot remove a queue which is configured for control traffic. You must explicitely
move that traffic to another queue first.
Use the show port cos command to see what queues the high‐priority and low‐priority control
packets are mapped to.

Example
The following example illustrates using the set port control‐queue command to change the queue
used for sending high‐priority control packets. First, the show port cos command is used to
display what queues high‐ and low‐priority control packets are mapped to. Then, the example
shows that you cannot remove a queue that is configured for sending control packets.
The queue with CoS of 4 is then configured to handle high‐priority control packets, allowing the
queue with CoS 7 to be cleared.
matrix-x(switch-su)-> show port cos ge.4.11
Port CoS TC Ctrl Profile
ge.4.11 0 2 L be
ge.4.11 4 4 tf1
ge.4.11 7 7 H local

matrix-x(switch-su)-> clear port cos ge.4.11 class-of-service 7

% Cannot remove CoS from port ge.4.11: used for sending control packets

matrix-x(switch-su)-> set port control-queue high-priority ge.4.11

class-of-service 4

matrix-x(switch-su)-> show port cos ge.4.11

Port CoS TC Ctrl Profile
ge.4.11 0 2 L be
ge.4.11 4 4 H tf1
ge.4.11 7 7 local

matrix-x(switch-su)-> clear port cos ge.4.11 class-of-service 7

matrix-x(switch-su)-> show port cos ge.4.11

Port CoS TC Ctrl Profile
ge.4.11 0 2 L be
ge.4.11 4 4 H tf1

Matrix X Router Command Line Interface Reference Guide 21-17

Displaying and Clearing QoS Queue Packet Counters

Purpose
These switch level commands are used to display and clear the QoS queue counters.

Commands

For information about... Refer to page...

show system fabric queues 21-18

clear system fabric queues 21-19

show system fabric queues

This command displays information concerning the Fabric Module including Fabric mode, and
number of incoming, outgoing, or locally‐delivered packets and bytes queued and dropped.

Syntax
show system fabric queues {in slot [mbc | out slot port] | local [slot]}

Parameters
in slot Specifies that incoming data on a slot, ranging from 1 to 16, should be
displayed.
out slot port Optionally, specifies outgoing data on an X Router slot, ranging from 1 to
16, and port, ranging from 1 to 256, should be displayed.
mbc Optionally, specifies that only the multicast and broadcast queues should
be displayed.
local [slot] Specifies that counters for locally delivered packets should be displayed.
Optionally, you can specify the slot, from 1 to 16.

Defaults
None.

Mode
Switch command, read‐only.

Examples
The following example displays incoming Fabric data in slot 16.
matrix-x(switch-su)-> show system fabric queues in 16
CoS PacketsQueued BytesQueued PacketsDropped BytesDropped
0 4448492894 293677779873 0 0
1 0 0 0 0
2 0 0 0 0

21-18 CoS Commands

Displaying and Clearing QoS Queue Packet Counters

3 0 0 0 0
4 0 0 0 0
5 0 0 0 0
6 0 0 0 0
7 0 0 0 0
The following example displays counters for locally delivered packets on slot 8.
matrix-x(switch-su)-> show system fabric queues local 8
Slot CoS PacketsQueued BytesQueued PacketsDropped BytesDropped
8 0 18 1260 0 0
8 1 0 0 0 0
8 2 2000 140000 0 0
8 3 197766 26498710 1483726 198819140
8 4 0 0 0 0
8 5 44 4874 0 0
8 6 22498 5775496 0 0
8 7 0 0 0 0

clear system fabric queues

This command clears the Fabric queue counters.

Syntax
clear system fabric queues [in slot [mbc | out slot port] | local [slot]]

Parameters
in slot (Optional) Specifies that inbound queue counters on a slot, ranging from
1 to 16, should be cleared.
out slot port Optionally, specifies that egress queue counters on an X Router slot,
ranging from 1 to 16, and port, ranging from 1 to 256, should be cleared.
mbc Optionally, specifies that only the multicast and broadcast queue
counters should be cleared.
local [slot] (Optional) Specifies that queue counters for locally delivered packets
should be cleared. Optionally, you can specify the slot, from 1 to 16.

Defaults
If no parameters are specified, all queue counters are cleared.

Mode
Switch command, read‐only.

Examples
The following example clears all the Fabric queue counters:
matrix-x(switch-su)-> clear system fabric queues
matrix-x(switch-su)->

Matrix X Router Command Line Interface Reference Guide 21-19

Displaying and Clearing QoS Queue Packet Counters

21-20 CoS Commands

22
Port-Based DSCP Remapping Commands

This chapter describes the switch mode commands used to configure remapping between DSCP
values and CoS and DP values at the port level.

For information about... Refer to page...

Overview 22-1

DSCP Mapping Commands 22-2

Map-to-Port Association Commands 22-11

Overview
The commands described in this chapter enable the remapping of DiffServ Code Point (DSCP)
values carried in the Type of Service (ToS) field of ingressing packets to a combination of Class of
Service (CoS) and Drop Precedence (DP) values used by the IP Policy Manager functionality on
the Matrix X Router. On egressing packets, CoS and DP values can also be remapped to DSCP
values. This remapping is enabled at the physical port level.
A maximum of 32 ingress maps and 32 egress maps can be configured. There are two predefined,
permanent, read‐only ingress and egress maps, named “default” and “besteffort.” All
user‐defined maps must be derived, or cloned, from these predefined maps, or from existing
clones of these maps.
You can display the mappings of ingress maps, including the “default” and “besteffort” ingress
maps, with the show dscp‐in‐map mapname command. To display the mappings of egress maps,
including the “default” and “besteffort” egress maps, use the show dscp‐out‐map mapname
command.
The high‐level configuration process is:
1. Optionally, create or edit ingress and/or egress maps with the set dscp‐in‐map and set dscp‐
out‐map commands.
2. Display the contents of the predefined or user‐defined maps with the show dscp‐in‐map
mapname and show dscp‐out‐map mapname commands.
3. Assign an ingress map to a physical port with the set port dscp‐recognition command.
4. Assign an egress map to a physical port with the set port dscp‐remark command.
5. Remove maps from physical ports with the clear port dscp‐recognition and clear port
dscp‐remark commands.

Matrix X Router Command Line Interface Reference Guide 22-1

DSCP Mapping Commands set dscp-in-map create

DSCP Mapping Commands

Purpose
These switch mode commands are used to create, edit, delete, and display ingress and egress
maps which map DSCP values to Cos/DP values.

Commands

For information about... Refer to page...

set dscp-in-map create 22-2

clear dscp-in-map 22-3

set dscp-in-map 22-4

show dscp-in-map 22-5

set dscp-out-map create 22-7

clear dscp-out-map 22-7

set dscp-out-map 22-8

show dscp-out-map 22-9

set dscp-in-map create

This command creates a user‐defined ingress map.

Syntax
set dscp-in-map create newname from existing_mapname

Parameters
newname Specifies the name of the new ingress map being created.
from existing_mapname Specifies the existing ingress map from which this map will be
cloned.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
This command creates a copy of the specified existing_mapname ingress map and names it
newname. The ingress map specified with the from parameter must exist or the command will fail.
The new map name cannot be specifies as “default” or “besteffort.” All user‐defined ingress maps
must be copied from an existing map, which can be the predefined “default” or “besteffort” maps.
A maximum of 32 ingress maps may be created.

22-2 Port-Based DSCP Remapping Commands

clear dscp-in-map DSCP Mapping Commands

After creating a new map, use the set dscp‐in‐map mapname command to change its mappings.

Example
The following example creates a new ingress map named “in_map1” from the predefined
“besteffort” ingress map.
matrix-x(switch-su)-> set dscp-in-map create in_map1 from besteffort

clear dscp-in-map
This command deletes a user‐defined ingress map.

Syntax
set dscp-in-map mapname

Parameters
mapname Specifies the ingress map to delete. Note that a map cannot be deleted if
it is currently associated with a port.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to delete a user‐defined ingress map. The predefined ingress maps “default”
and “besteffort” cannot be deleted. An ingress map cannot be deleted if it is still associated with
any physical ports.

Example
The following example creates ingress map “in_map1” and then associates it with a physical port,
ge.4.1. When an attempt is made to delete ingress map “in_map1,” it does not succeed. After the
ingress map is removed from the port, it can be deleted.
matrix-x(switch-su)-> set dscp-in-map create in_map1 from besteffort
matrix-x(switch-su)-> set port dscp-recognition ge.4.1 in_map1
matrix-x(switch-su)-> clear dscp-in-map in_map1
Error: requested DSCP map is still in used by one or more ports.
% Unable to perform requested operation
matrix-x(switch-su)-> clear port dscp-recognition ge.4.1
matrix-x(switch-su)-> clear dscp-in-map in_map1
matrix-x(switch-su)->

Matrix X Router Command Line Interface Reference Guide 22-3

DSCP Mapping Commands set dscp-in-map

set dscp-in-map
This command allows you to configure mapping values in an existing ingress map.

Syntax
set dscp-in-map mapname dscp dscp cos cos dp dp

Parameters
mapname Specifies the name of the ingress map to configure.
dscp dscp Specifies the DSCP value to be mapped to a CoS/DP pair of values. The dscp
value can be an integer between 0 and 63, or a service class name. Refer to
Table 22‐4 on page 22‐4 for a list of valid DSCP values.
cos cos Specifies the CoS value to be mapped to the specified DSCP value. The
value of cos can be an integer between 0 and 7.
dp dp Specifies the drop precedence value to be mapped to the specified DSCP
value. The value of dp can be green, yellow, red, or immune.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to configure an ingress map that has already been created with the set
dscp‐in‐map create. You can remap a DSCP value to a pair of CoS/ Drop Precedence values. Since
all ingress maps must be cloned from one of the permanent, predefined maps or another existing
map, any mappings that you don’t configure with this command will have the values of the
“parent” map. Refer to Table 22‐4 for the mappings in the permanent, predefined “default”
ingress map. Note that the mappings in the permanent, predefined “besteffort” ingress map maps
all DSCP values to a CoS of 0 and DP of green.

Table 22-4 DSCP to CoS/DP Mappings of Default Ingress Map

Mapped to: Mapped to:
DSCP on ingress CoS DP DSCP on ingress CoS DP
0 (be) 0 green 32 (cs4) 4 green
1 0 green 33 (cs4) 4 green
2 0 green 34 (cs4/af41 4 green
3 0 green 35 (cs4) 4 green
4 0 green 36 (cs4/af42) 4 yellow
5 0 green 37 (cs4) 4 green
6 0 green 38 (cs4/af43) 4 red
7 0 green 39 (cs4) 4 green
8 (cs1) 1 green 40 (cs5) 5 green
9 (cs1) 1 green 41 (cs5) 5 green
10 (cs1/af11) 1 green 42 (cs5) 5 green

22-4 Port-Based DSCP Remapping Commands

show dscp-in-map DSCP Mapping Commands

Table 22-4 DSCP to CoS/DP Mappings of Default Ingress Map (continued)

Mapped to: Mapped to:
DSCP on ingress CoS DP DSCP on ingress CoS DP
11 (cs1) 1 green 43 (cs5) 5 green
12 (cs1/af12) 1 yellow 44 (cs5) 5 green
13 (cs1) 1 green 45 (cs5) 5 green
14 (cs1/af13) 1 red 46 (cs5/ef) 5 green
15 (cs1) 1 green 47 (cs5) 5 green
16 (cs2) 2 green 48 (cs6) 6 green
17 (cs2) 2 green 49 (cs6) 6 green
18 (cs2/af21) 2 green 50 (cs6) 6 green
19 (cs2) 2 green 51 (cs6) 6 green
20 (cs2 / af22) 2 yellow 52 (cs6) 6 green
21 (cs2) 2 green 53 (cs6) 6 green
22 (cs2 / af23) 2 red 54 (cs6) 6 green
23 (cs2) 2 green 55 (cs6) 6 green
24 (cs3) 3 green 56 (cs7) 7 green
25 (cs3) 3 green 57 (cs7) 7 green
26 (cs3 / af31) 3 green 58 (cs7) 7 green
27 (cs3) 3 green 59 (cs7) 7 green
28 (cs3 / af32) 3 yellow 60 (cs7) 7 green
29 (cs3) 3 green 61 (cs7) 7 green
30 (cs3 / af33) 3 red 62 (cs7) 7 green
31 (cs3) 3 green 63 (cs7) 7 green

Example
The following example creates a new ingress map named in_map2 from the default predefined
map, then changes the mapping for DSCP 15 to CoS 2.
matrix-x(switch-su)-> set dscp-in-map create in_map2 from default
matrix-x(switch-su)-> set dscp-in-map dscp 15 cos 2 dp green

show dscp-in-map
This command displays information about ingress maps.

Syntax
show dscp-in-map [map-name]

Parameters
map‐name (Optional) Specifies an ingress map to display information about. If an
individual map in not specified, a list of all existing ingress maps is
displayed.

Matrix X Router Command Line Interface Reference Guide 22-5

DSCP Mapping Commands show dscp-in-map

Defaults
Display the names of all existing maps.

Mode
Switch mode, read‐write.

Usage
To display the actual mappings contained in an ingress map, specify the map by name.

Examples
The following example displays the list of all existing ingress maps.
matrix-x(switch-su)-> show dscp-in-map
Existing ingress DSCP map names:
in_map1
besteffort
default
The following example displays the contents of the “besteffort” ingress map. Only a portion of the
output is shown in the example.
matrix-x(switch-su)-> show dscp-in-map besteffort
Ingress DSCP Map : besteffort
(permanent, read-only map)

DSCP -> COS DP

-----------------------------------
0 (be) -> 0 green
1 -> 0 green
2 -> 0 green
3 -> 0 green
4 -> 0 green
5 -> 0 green
6 -> 0 green
7 -> 0 green
8 (cs1) -> 1 green
9 (cs1) -> 1 green
10 (cs1 / af11) -> 1 green
...

22-6 Port-Based DSCP Remapping Commands

set dscp-out-map create DSCP Mapping Commands

set dscp-out-map create

This command creates a user‐defined egress map.

Syntax
set dscp-out-map create newname from existing_mapname

Parameters
newname Specifies the name of the new egress map being created.
from existing_mapname Specifies the existing egress map from which this map will be
cloned.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
This command creates a copy of the specified existing_mapname egress map and names it newname.
The egress map specified with the from parameter must exist or the command will fail. The new
map name cannot be specifies as “default” or “besteffort.” All user‐defined egress maps must be
copied from an existing map, which can be the predefined “default” or “besteffort” maps.
A maximum of 32 egress maps may be created.
After creating a new map, use the set dscp‐out‐map mapname command to change its mappings.

Example
The following example creates my_out1 from the predefined egress map named “default”.
matrix-x(switch-su)-> set dscp-out-map create my_out1 from default

clear dscp-out-map
This command deletes a user‐defined egress map.

Syntax
clear dscp-out-map mapname

Parameters
mapname Specifies the name of the egress map to be deleted.

Defaults
None.

Mode
Switch mode, read‐write.

Matrix X Router Command Line Interface Reference Guide 22-7

DSCP Mapping Commands set dscp-out-map

Usage
Use this command to delete a user‐defined egress map. The predefined egress maps “default” and
“besteffort” cannot be deleted. An egress map cannot be deleted if it is still associated with any
physical ports.

Example
The following example creates egress map “my_out1” and then associates it with a physical port,
ge.4.1. When an attempt is made to delete egress map “my_out1,” it does not succeed. After the
egress map is removed from the port, it can be deleted.
matrix-x(switch-su)-> set dscp-out-map create my_out1 from default
matrix-x(switch-su)-> set port dscp-remark ge.4.1 my_out1
matrix-x(switch-su)-> clear dscp-out-map my_out1
Error: requested DSCP map is still in use by one or more ports.
% Unable to perform requested operation
matrix-x(switch-su)-> clear port dscp-remark ge.4.1
matrix-x(switch-su)-> clear dscp-out-map my_out1
matrix-x(switch-su)->

set dscp-out-map
This command configures mapping values in an existing egress map.

Syntax
set dscp-out-map mapname cos cos dp dp dscp dscp

Parameters
mapname Specifies the name of the egress map to be configured.
cos cos Specifies the CoS value to be mapped to the specified DSCP value. The
value of cos can be an integer between 0 and 7.
dp dp Specifies the drop precedence value to be mapped to the specified DSCP
value. The value of dp can be green, yellow, red, or immune.
dscp dscp Specifies the DSCP value to be mapped to a CoS/DP pair of values. The
dscp value can be an integer or service class name. Refer to Table 22‐5 on
page 22‐9 for a list of valid DSCP service class names. An integer dscp
value can range from 0 to 63.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to configure an egress map that has already been created with the set
dscp‐out‐map create. You can remap a pair of CoS/ Drop Precedence values to a DSCP value.
Since all egress maps must be cloned from one of the permanent, predefined maps or another
existing map, any mappings that you don’t configure with this command will have the values of

22-8 Port-Based DSCP Remapping Commands

show dscp-out-map DSCP Mapping Commands

the “parent” map. Refer to Table 22‐5 for the mappings in the permanent, predefined “default”
egress map. In the permanent, predefined “besteffort” egress map, all CoS and DP pairs are
mapped to the DSCP value 0 (be).

Table 22-5 Cos/DP to DSCP Mappings of Default Egress Map

Mapped to: Mapped to:
CoS DP DSCP on egress CoS DP DSCP on egress

0 green 0 (be) 4 green 34 (cs4/af41)

0 yellow 0 (be) 4 yellow 36 (cs4/af42)

0 red 0 (be) 4 red 38 (cs4/af43)

0 immune 0 (be) 4 immune 32 (cs4)

1 green 10 (cs1/af11) 5 green 46 (cs5/ef)

1 yellow 12 (cd1/af12) 5 yellow 40 (cs5)

1 red 14 (cs1/af13) 5 red 40 (cs5)

1 immune 8 (cs1) 5 immune 40 (cs5)

2 green 18 (cs2/af21) 6 green 48 (cs6)

2 yellow 20 (cs2/af22) 6 yellow 48 (cs6)

2 red 22 (cs2/af23) 6 red 48 (cs6)

2 immune 16 (cs2) 6 immune 48 (cs6)

3 green 26 (cs3/af31) 7 green 56 (cs7)

3 yellow 28 (cs3/af32) 7 yellow 56 (cs7)

3 red 30 (cs3/af33) 7 red 56 (cs7)

3 immune 24 (cs3) 7 immune 56 (cs7)

Example
The following example configures the egress map “my_out1” previously created from the
predefined “default” egress map.
matrix-x(switch-su)-> set dscp-out-map create my_out1 from default
matrix-x(switch-su)-> set dscp-out-map my_out1 cos 2 dp yellow dscp 18

show dscp-out-map
This command displays information about egress maps.

Syntax
show dscp-out-map [map-name]

Parameters
map‐name (Optional) Specifies an egress map to display information about. If an
individual map in not specified, a list of all existing egress maps is
displayed.

Matrix X Router Command Line Interface Reference Guide 22-9

DSCP Mapping Commands show dscp-out-map

Defaults
Display the names of all existing egress maps.

Mode
Switch mode, read‐write.

Usage
To display the actual mappings contained in an egress map, specify the map by name.

Examples
The following example displays the list of all existing egress maps.
matrix-x(switch-su)-> show dscp-out-map
Existing egress DSCP map names:
my_out1
besteffort
default
The following example changes the mapping of CoS 2 and DP yellow to a DSCP value of 18, then
displays the revised egress map. Note that only a partial display of the map is shown here.
matrix-x(switch-su)-> set dscp-out-map my_out1 cos 2 dp yellow dscp 18
matrix-x(switch-su)-> show dscp-out-map my_out1
Egress DSCP Map : my_out1
(cloned from default)
COS DP -> DSCP
---------------------------------------------
0 green -> 0 (be)
0 yellow -> 0 (be)
0 red -> 0 (be)
0 immune -> 0 (be)
1 green -> 10 (cs1 / af11)
1 yellow -> 12 (cs1 / af12)
1 red -> 14 (cs1 / af13)
1 immune -> 8 (cs1)
2 green -> 18 (cs2 / af21)
2 yellow -> 18 (cs2 / af21)
2 red -> 22 (cs2 / af23)
2 immune -> 16 (cs2)
...

22-10 Port-Based DSCP Remapping Commands

set port dscp-recognition Map-to-Port Association Commands

Map-to-Port Association Commands

Purpose
These switch mode commands are used to associate and disassociate ingress and egress maps
with physical ports.

Commands

For information about... Refer to page...

set port dscp-recognition 22-11

show port dscp-recognition 22-12

clear port dscp-recognition 22-13

set port dscp-remark 22-13

show port dscp-remark 22-14

clear port dscp-remark 22-15

set port dscp-recognition

This command associates an ingress map with one or more ports.

Syntax
set port dscp-recognition port-string inmapname

Parameters
port‐string Specifies one or more ports to which the ingress map will be associated.
Refer to “Port Strings Used in the CLI” on page 12‐2 for more
information.
inmapname Specifies the name of the ingress map to associate with the ports.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Use this command to apply an ingress map, which remaps DiffServ Code Point (DSCP) values
carried in the Type of Service (ToS) field of ingressing packets to a combination of Class of Service
(CoS) and Drop Precedence (DP) values, to one or more physical ports.
Each port may be associated with only one ingress map, although an ingress map may be
associated with many ports.

Matrix X Router Command Line Interface Reference Guide 22-11

Map-to-Port Association Commands show port dscp-recognition

Example
The following command associates the predefined “default” ingress map to ports ge.4.1 through
ge.4.4.
matrix-x(switch-su)-> set port dscp-recognition ge.4.1-4 default

show port dscp-recognition

This command displays the port‐to‐ingress map associations.

Syntax
show port dscp-recognition [port-string]

Example
The following example maps the predefined egress map “default” to ports ge.4.1 through ge.4.4.
matrix-x(switch-su)-> set port dscp-remark ge.4.1-4 default

show port dscp-remark

This command displays the port‐to‐egress map associations.

Syntax
show port dscp-remark [port-string]

Parameters
port‐string (Optional) Specifies the port or ports for which to display egress map
associations.

Defaults
If no port‐string is specified, egress map associations are displayed for all ports.

Mode
Switch mode, read‐write.

Usage
Use this command to display the name of the DSCP egress map associated with one or more ports.
If no map is associated with a port, the command output displays a hyphen (‐).

Example
This example displays the egress map associations for ports ge.1.1 through ge.1.3, and for ports
ge.1.6 and ge.1.7. Note that since no egress map is associated with port ge.1.7, the command
output displays a hyphen in the field.
matrix-x(switch-rw)-> show port dscp-remark ge.1.1-3,6,7
Port dscp-out-map
-------- -----------
ge.1.1 outmap-1
ge.1.2 default
ge.1.3 outmap-2
ge.1.6 newoutmap
ge.1.7 -

22-14 Port-Based DSCP Remapping Commands

clear port dscp-remark Map-to-Port Association Commands

clear port dscp-remark

This command disassociates an egress map from one or more ports.

Syntax
clear port dscp-remark port-string

Parameters
port‐string Specifies the port or ports from which to disassociate the egress map.
Refer to “Port Strings Used in the CLI” on page 12‐2 for more
information.

Defaults
None.

Mode
Switch mode, read‐write.

Usage
Each port can have only one egress map associated with it. Use this command to delete the
associated egress map from one or more ports.
Egress maps cannot be deleted as long as they are associated with any port.

Example
The following example removes any egress maps associated with ports ge.4.1 through ge.4.4.
matrix-x(switch-su)-> clear port dscp-remark ge.4.1-4

Matrix X Router Command Line Interface Reference Guide 22-15

Map-to-Port Association Commands clear port dscp-remark

22-16 Port-Based DSCP Remapping Commands

23
Router Configuration Commands

This chapter describes router configuration commands, including interface configuration.

For information about... Refer to page...

Configuring Global Router Parameters 23-1

Configuring Routing Interface Settings 23-3

Managing Router Configurations 23-20

Reviewing and Configuring ARP 23-27

Configuring Broadcast Settings 23-32

Reviewing IP Traffic and Configuring Static Routes 23-35

Configuring Global Router Parameters

Purpose
These commands set parameters at the global router level. These parameter settings can often be
overridden at a protocol‐specific level.

Commands
The commands used to configure global router parameters are listed below.

For information about... Refer to page...

router id 23-2

Matrix X Router Command Line Interface Reference Guide 23-1

Configuring Global Router Parameters

router id
This command configures the global router ID.

Syntax
router id ipv4_address
no router id ipv4_address

Parameters
ipv4_address Specifies a valid IPv4 address.

Defaults
None.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use the router id command to configure the global Router ID. The router ID configured with this
command can be overridden in BGP and OSPF.
The system’s router ID is chosen at boot time as follows:
• If a router id is configured with this command, this value is used as the router id.
• If no router id is configured, then the lowest loopback interface IP address is used as the
router id.
• If no loopback interfaces are configured, the lowest interface IP address is used as the router
id.
• If no interfaces are configured at boot time, then random#.0.0.1 is used as the router id, where
random# will be in the range 11 through 223 inclusive.
The least significant 32 bits of the chassis’ MAC address are used to seed the random number
generator, so the default router id for a specific chassis should not change. However, since it is
still possible for more than one chassis to end up with the same default router id, it is strongly
recommended that a unique router id should be manually assigned to each router on the
network. Note that the address 127.0.0.1 will not be used as the default router id.
Once a router id has been chosen by this process at boot time, the only way to change it without
rebooting the system is to use the no router id command.

Note: It is strongly recommended that you set the router ID with the router id command, to avoid
unexpected results.

Example
This example sets the router ID to 1.1.1.1:
matrix-x(router-config)# router id 1.1.1.1

23-2 Router Configuration Commands

Configuring Routing Interface Settings

Purpose
These router commands are used to enable routing interface configuration mode on the device, to
create VLAN or loopback routing interfaces, to review the usability status of interfaces configured
for IP, to set IP addresses for interfaces, and to enable interfaces for IP routing at device startup.
See the individual routing protocol chapters in this book for protocol‐specific interface
configuration commands.

Commands
The commands used to review and configure interface settings are listed below.

For information about... Refer to page...

interface 23-4

show interface 23-5

show ip interface 23-7

ip address 23-8

ip proxy-arp 23-9

ip redirects 23-10

ip unreachables 23-12

mac-address 23-13

mtu 23-13

host-mobility 23-14

show ip host-mobility 23-17

shutdown 23-18
no shutdown 23-19

Matrix X Router Command Line Interface Reference Guide 23-3

Configuring Routing Interface Settings

interface
This command acquires router interface configuration mode for the specified physical port,
loopback interface or VLAN.

Syntax
interface {vlan.1.vlan-id | loopbackloopback-id | port-string}

Parameters
vlan.1.vlan-id | Specifies the number of the VLAN (ranging from 1 to 4094) or
loopbackloopback-id loopback interface (ranging from 1 to 99) to be configured for routing.
port-string Specifies the physical port to be configured, as described in Port
Strings Used in the CLI on page 12‐2.

Mode
Global Router Configuration.
After executing this command, Router Interface Configuration is acquired:
matrix-x(router-config-if-xx.x.x)##

Usage
This command configures interfaces for IP routing. It acquires Router Interface Configuration Mode,
and, if the interface has not previously been created, creates a new routing interface.
VLANs must be created from the switch CLI before they can be configured for IP routing. For
details on creating VLANs and configuring them for IP, refer to Chapter 20, 802.1Q VLAN
Commands.
Each VLAN or loopback interface must be configured for routing separately using the interface
command. To end configuration on one interface before configuring another, type exit at the
command prompt to return to global router configuration mode. Alternatively, you can simply
enter another interface command to start configuring another interface. Enabling Router Interface
Configuration mode is required for completing interface‐specific configuration tasks.
Each Matrix X routing module can support up to 256routing interfaces. Each interface can be
configured for the routing protocols.

Example
The following example describes how to:
1. Enter Router User Mode from the switch CLI by executing the router command
2. Enter Router Configuration Mode by executing the configure command and specifying that
commands will be entered at the terminal
3. Enter Router Interface Configuration Mode for Gigabit Ethernet port 1 on slot 4.

matrix-x(switch-su)-> router
matrix-x(router-exec)# configure terminal
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)#

23-4 Router Configuration Commands

Configuring Routing Interface Settings

show interface
This command displays interface information, for a single interface or all interfaces.

Syntax
show interface [eth0 | port-string]

Parameters
eth0 | port-string (Optional) Displays interface information for a specific interface. An
interface can be identified by its physical port string. For a detailed
description of possible port string values, refer to Port Strings Used in the
CLI on page 12‐2.

Use the key word eth0 to specify the Ethernet management port on the
active Control Module (CM).

Defaults
If no interface is specified, information is displayed for all interfaces, including the loopback
interface and the Ethernet management port.

Mode
Router privileged execution: matrix‐x(router‐exec)#

Usage
If a physical interface has not been configured as an IP routed interface, the information displayed
by this command is limited to physical port information. If the interface has been configured as a
routed interface, additional information about the logical interface is displayed.

Examples
The following example shows what is displayed for an IP routed interface:
matrix-x(router-exec)#show interface ge.4.1
Physical interface: ge.4.1 index 4001
type: 802.2 MTU: 1500
status: up MAC: 2:0:8:1:0:0
refcount: 2 up-to-down-transitions: 0
p2p: no maskedp2p: no loop: no simplex: no allmulti: no
Logical interface: 192.168.1.10
Index: 4001 MTU: 1436 masklen: 24
As Number: 0 refcount: 2
broadcast address: 192.168.1.255
primary: yes active: yes bcast: yes loop: no
mcast: yes simplex: no noroute: no tun: no
reg: no del: no keepall: no priv: no disable: no
The following example shows how to set the descriptive text for a VLAN interface and then
display that information:
matrix-x(router-config)# interface vlan.1.1
matrix-x(router-config-if-vlan.1.1)# description "Engineering Network"
matrix-x(router-config-if-vlan.1.1)# end
matrix-x(router-exec)# show interface vlan.1.1

Matrix X Router Command Line Interface Reference Guide 23-5

Configuring Routing Interface Settings

Physical interface: vlan.1.1 index 1000001

description: Engineering Network
type: 802.2 MTU: 1500
status: up MAC: 2:0:98:1:0:0
refcount: 1 up-to-down-transitions: 0
p2p: no maskedp2p: no loop: no simplex: no allmulti: no

23-6 Router Configuration Commands

Configuring Routing Interface Settings

show ip interface
This command displays data, including administrative status, IP address, MTU (Maximum
Transmission Unit) size and bandwidth, and ACL configurations, for IP‐configured interfaces.

Syntax
show ip interface [port-string] [brief]

Parameters

vlan vlan‐id | (Optional) Displays information for a specific VLAN or loopback

loopback loopback‐id interface.
port‐string (Optional) Specifies the interface media type, slot number, and port
number, as described in Port Strings Used in the CLI on page 12‐2.
brief (Optional) Displays a brief summary of all IP interfaces.

Mode
Switch mode, read‐only.
Router privileged execution: matrix‐x(router‐exec)#

Defaults
If no parameters are specified, all information for all IP interfaces is displayed.

Examples
The following example illustrates the command output when no parameters are specified:
matrix-x(switch-rw)-> show ip interface
ge.4.6 is administratively down, line protocol is down
Internet address is 10.10.10.10/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 9000 bytes
Helper address is not set
Directed broadcast forwarding is enabled
No Multicast groups joined
Proxy ARP is not enabled
ICMP redirects are not being sent
ICMP unreachables are always sent
ICMP mask replies are never sent
ge.4.7 is administratively down, line protocol is down
Internet address is 20.20.20.20/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is enabled
No Multicast groups joined
Proxy ARP is not enabled
ICMP redirects are not being sent
ICMP unreachables are always sent
ICMP mask replies are never sent

Matrix X Router Command Line Interface Reference Guide 23-7

Configuring Routing Interface Settings

The following example displays output of a configuration using the brief parameter:
matrix-x(switch-su)-> show ip interface brief
Interface IP-Address Status Proto
ge.1.1 1.2.3.4/16 up up
2.4.6.8/24 secondary
3.6.9.12/24 secondary
2.5.6.8/24 secondary
2.6.6.8/24 secondary
2.7.6.8/24 secondary
2.8.6.8/24 secondary
2.9.6.8/24 secondary
2.10.6.8/24 secondary
2.11.6.8/24 secondary
2.12.6.8/24 secondary
2.13.6.8/24 secondary
2.14.6.8/24 secondary
2.15.6.8/24 secondary
2.16.6.8/24 secondary
ge.1.4 11.1.1.1/16 up up
loopback1 1.1.1.1/32 up up
vlan.1.100 100.1.1.1/16 up down

ip address
This command sets, removes, or disables a primary or secondary IP address for an interface.

Syntax
ip address ip-address ip-mask [secondary]
no ip address ip-address ip-mask

Parameters
ip‐address Specifies the IP address of the interface to be added or removed.
ip‐mask Specifies the mask for the associated IP subnet, either in 0‐32 or a.b.c.d format
secondary (Optional) Specifies that the configured IP address is a secondary address.

Defaults
If secondary is not specified, the configured address will be the primary address for the interface.

Mode
Router Interface Configuration.

Usage
Each Matrix X routing module supports up to 1024 routing interfaces, with up to 64 secondary
addresses allowed for each primary IP address. The no form removes the specified IP address and
disables the interface for IP processing.
Since interfaces are not enabled by default, you must use the no shutdown command to enable
them. Otherwise, when you leave interface configuration mode, the interface will be disabled.

23-8 Router Configuration Commands

Configuring Routing Interface Settings

Example
The following example sets the IP address to 192.168.1.1 and the network mask to 255.255.255.0 for
the Gigabit Ethernet port 1 on the module in slot 2:
matrix-x(router-config)# interface ge.2.1
matrix-x(router-config-if-ge-2.1)# ip address 192.168.1.1 255.255.255.0
matrix-x(router-config-if-ge-2.1)# no shutdown

ip proxy-arp
This command enables or disables proxy ARP on an interface.

Syntax
ip proxy-arp [default-route]

no ip proxy-arp [default-route]

Parameters
default‐route (Optional) Enables both proxy ARP and proxy ARP on the default
route.
When used with the no form of this command, disables only proxy
ARP on the default route, and will have no effect on proxy ARP over
other routes.

Defaults
Disabled.

Mode
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use this command to allow the X Router to answer ARP requests intended for another machine on
this interface.
When ip proxy‐arp is executed without the default‐route parameter, proxy ARP is enabled but
NOT for the default route. When ip proxy‐arp default route is executed, both proxy ARP and
proxy ARP on the default route are enabled.
The no ip proxy‐arp command without the default‐route parameter disables both proxy ARP and
proxy ARP on the default route. The no ip proxy‐arp default‐route command disables only proxy
ARP on the default route, and will have no effect on proxy ARP over other routes.

Example
The following example first shows that proxy ARP is not enabled on interface ge.4.1, then enables
it, then shows that the interface configuration has changed. Note that proxy ARP on the default
route is not enabled.
matrix-x(router-config-if-ge.4.1)# show ip interface ge.4.1
ge.4.1 is administratively up, line protocol is up
Internet address is 10.10.10.10/24

Matrix X Router Command Line Interface Reference Guide 23-9

Configuring Routing Interface Settings

Broadcast address is 10.10.10.255

Address determined by setup command
MTU is 9000 bytes
Helper address is not set
Directed broadcast forwarding is enabled
No Multicast groups joined
Proxy ARP is not enabled
Proxy ARP on the default route is not enabled
ICMP redirects are being sent
ICMP unreachables are not being sent
ICMP mask replies are never sent

matrix-x(router-config-if-ge.4.1)# ip proxy-arp

matrix-x(router-config-if-ge.4.1)# show ip interface ge.4.1

ge.4.1 is administratively up, line protocol is up
Internet address is 10.10.10.10/24
Broadcast address is 10.10.10.255
Address determined by setup command
MTU is 9000 bytes
Helper address is not set
Directed broadcast forwarding is enabled
No Multicast groups joined
Proxy ARP is enabled
Proxy ARP on the default route is not enabled
ICMP redirects are being sent
ICMP unreachables are not being sent
ICMP mask replies are never sent

ip redirects
This command enables ICMP redirection on the specified interface.

Syntax
ip redirects

no ip redirects

Parameters
None.

Defaults
Enabled.

Mode
Router Interface Configuration.

Usage
ICMP redirects are messages sent by a router to an originator of data, indicating that a different
hop should be used to reach the destination. A router sends a redirect when a routing table lookup
for a received datagram results in transmission of the datagram out the same interface on which it
was received.

23-10 Router Configuration Commands

Configuring Routing Interface Settings

The negative form of this command, no ip redirects, rejects ICMP redirects.

Example
The following example rejects ICMP redirects on interface eth0:
matrix-x(router-config)# interface eth0
matrix-x(router-config-if-eth0)# no ip redirects

Matrix X Router Command Line Interface Reference Guide 23-11

Configuring Routing Interface Settings

ip unreachables
This command enables or disables sending ICMP destination unreachable messages on this
interface.

Syntax
ip unreachables

no ip unreachables

Parameters
None.

Defaults
Enabled.

Mode
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use this command to enable or disable the X Router from sending ICMP destination unreachable
messages. Use the no form of this command to disable sending these messages.

Example
The following example disables sending ICMP destination unreachable messages and then
displays the routing interface configuration.
matrix-x(router-config-if-ge.4.1)# no ip unreachables

matrix-x(router-config-if-ge.4.1)# show ip interface ge.4.1

ge.4.1 is administratively up, line protocol is up
Internet address is 10.10.10.10/24
Broadcast address is 10.10.10.255
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is enabled
No Multicast groups joined
Proxy ARP is not enabled
ICMP redirects are not being sent
ICMP unreachables are not being sent
ICMP mask replies are never sent

matrix-x(router-config-if-ge.4.1)#

23-12 Router Configuration Commands

Configuring Routing Interface Settings

mac-address
This command sets a MAC (Media Access Control) address on an interface.

Syntax
mac-address mac-address

no mac-address mac-address

Parameters

mac-address Specifies a 48‐bit MAC address in hexadecimal format.

Defaults
By default, every routing interface uses the same MAC address. If the user needs interfaces to use
different MAC addresses, this command will allow it. It is the user’s responsibility to select a MAC
address that will not conflict with other devices.

Mode
Router Interface Configuration.

Examples
The following example shows the assignment of MAC address 003.4317.7a99 to interface ge.4.2.
matrix-x(router-config-if-ge.4.2)# mac-address 003.4317.7a99
The following example clears the assignment of MAC address 003.4317.7a99 to interface ge.4.2.
matrix-x(router-config-if-ge.4.2)# no mac-address 003.4317.7a99

mtu
This command sets the maximum transmission unit (MTU) of the interface.

Syntax
mtu mtu_bytes

no mtu

Parameters
mtu_bytes Specifies the maximum transmission unit for the interface. The value
can range from 68 to 9000 bytes.

Defaults
1500 bytes.

Mode
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Matrix X Router Command Line Interface Reference Guide 23-13

Configuring Routing Interface Settings

Usage
The maximum transmission unit is the largest possible unit of data that can be sent on a given
physical medium. Use this command to set the MTU for an interface. The no form of this
command resets the MTU to the default value of 1500 bytes.
To take advantage of BGP jumbo frame support, you should configure both ingress and egress
interfaces to use an MTU of 9000 bytes.

Example
The following example sets the MTU for interface ge.4.1 to 9000 bytes.
matrix-x(router-config-if-ge.4.1)# mtu 9000

matrix-x(router-config-if-ge.4.1)# show ip interface ge.4.1

ge.4.1 is administratively up, line protocol is up
Internet address is 10.10.10.10/24
Broadcast address is 10.10.10.255
Address determined by setup command
MTU is 9000 bytes
Helper address is not set
Directed broadcast forwarding is enabled
No Multicast groups joined
Proxy ARP is not enabled
ICMP redirects are being sent
ICMP unreachables are being sent
ICMP mask replies are never sent

host-mobility
Use this command to detect when an IP host moves within a VLAN.

Syntax
host-mobility

no host-mobility

Parameters
None.

Defaults
• Enabled on VLAN interface.
• Disabled on physical interfaces, and is not configurable.

Mode
Router Interface Configuration. For VLAN interfaces only.

Usage
Host mobility enables the hardware to detect when an IP host moves within a VLAN. However,
there are asymmetrical routing topologies where mobility thrashing can occur. If this happens, it is
recommended that you disable host mobility by using the no host‐mobility command.

23-14 Router Configuration Commands

Configuring Routing Interface Settings

Note: The show running-config command does not display host mobility enabled.

Examples
The following example disables host‐mobility on interface VLAN.1.2.
matrix-x(switch-su)-> router
matrix-x(router-exec)# config
matrix-x(router-config)# interface vlan.1.2
matrix-x(router-config-if-vlan.1.2)# ip address 10.2.2.2/24
matrix-x(router-config-if-vlan.1.2)# no host-mobility
matrix-x(router-config-if-vlan.1.2)#no shutdown
matrix-x(router-config-if-vlan.1.2)# show running-config

interface vlan.1.2
ip address 10.2.2.2 255.255.255.0
no host-mobility
no shutdown
exit

matrix-x(router-config-if-vlan-2)#

The following example enables host‐mobility on interface VLAN.1.2. Note that you cannot see
host‐mobility enabled using the show running‐config command.
matrix-x(router-config)# interface vlan.1.2
matrix-x(router-config-if-vlan.1.2)# ip address 10.2.2.2/24
matrix-x(router-config-if-vlan.1.2)# host-mobility
matrix-x(router-config-if-vlan.1.2)#no shutdown
matrix-x(router-config-if-vlan.1.2)# show running-config

interface vlan.1.2
ip address 10.2.2.2 255.255.255.0
no shutdown
exit

matrix-x(router-config-if-vlan.1.2)#

Matrix X Router Command Line Interface Reference Guide 23-15

Configuring Routing Interface Settings

ip host-mobility
Use this command to remove the specified host IP address from the no host mobility (host
mobility disabled) table and restore the learned or static non‐clustered ARP entry to the interface
state.

Syntax
ip host-mobility {IP address}

no ip host-mobility {IP address}

Parameters

IP address Specify the IP address to add to or remove from the no host mobility
table.

Mode
Router configuration mode: matrix‐x(router‐config)#

Defaults
None.

Usage
This command removes the specified host IP address from the no‐host‐mobility table and restores
the learned or static non‐clustered ARP entry to the interface state. If the interface state is off then
it remains off. To preserve precedence order, delete the dynamic ARP entry and allow ARP to
reccur. Static non‐clustered ARP entries must manually corrected.

Examples
The following example enters the 1.2.3.4 address into the no ip host mobility table, displays the
entire table, then removes the 1.2.3.4 address from the no ip host mobility table and, finally,
displays the empty table:
matrix-x(router-config)# no ip host-mobility 1.2.3.4
matrix-x(router-config)# show ip host-mobility

Protocol Address
----------------
Internet 1.2.3.4

matrix-x(router-config)# ip host-mobility 1.2.3.4

matrix-x(router-config)# show ip host-mobility

Protocol Address
----------------

23-16 Router Configuration Commands

Configuring Routing Interface Settings

show ip host-mobility
Use this command to display the no IP host mobility (host mobility disabled) table.

Syntax
show ip host-mobility [IP address]

Parameters

IP address (Optional) Specifies a particular IP address to return host mobility

information for.

Mode
Switch mode, read‐only.
Router configuration mode: matrix‐x(router‐config)#
Router privileged execution: matrix‐x(router‐exec)#

Defaults
If no parameters are specified, all information for the no host mobility table is displayed.

Examples
The following example illustrates the command output when no parameters are specified:
matrix-x(switch-su)-> show ip host-mobility

Protocol Address
----------------
Internet 1.2.3.4

Matrix X Router Command Line Interface Reference Guide 23-17

Configuring Routing Interface Settings

shutdown
This command sets the interface’s operational status to down.

Syntax
shutdown

Parameters
None.

Defaults
The interface is disabled.

Mode
Router Interface Configuration.

Usage
Moves the interface to a disabled operational status.

Example
The following example puts the interface ge.4.2 into a down state, and displays the current status.
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# shutdown
matrix-x(router-config-if-ge.4.2)# show interface ge.4.2
Physical interface: ge.4.2 index 4002
type: 802.2 MTU: 1500
status: down MAC: 2:0:46:1:0:0
refcount: 1 up-to-down-transitions: 1
p2p: no maskedp2p: no loop: no simplex: no allmulti: no
matrix-x(router-config-if-ge.4.2)#

Related Commands
no shutdown

23-18 Router Configuration Commands

Configuring Routing Interface Settings

no shutdown
This command sets the interface’s operational status to up.

Syntax
no shutdown

Parameters
None.

Defaults
The interface is disabled.

Mode
Router Interface Configuration.

Usage
The default for the interface is shutdown. Therefore, you must enter the no shutdown command
to enable the interface. Otherwise, when you leave the interface configuration mode, the interface
will remain disabled.

Example
The following example puts the interface ge.4.2 into a up state, and displays the current status.
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# no shutdown
matrix-x(router-config-if-ge.4.2)# show interface ge.4.2
Physical interface: ge.4.2 index 4002
type: 802.2 MTU: 1500
status: up MAC: 2:0:46:1:0:0
refcount: 1 up-to-down-transitions: 0
p2p: no maskedp2p: no loop: no simplex: no allmulti: no
matrix-x(router-config-if-ge.4.2)#

Matrix X Router Command Line Interface Reference Guide 23-19

Managing Router Configurations

Router configuration is done with router mode CLI commands, while switch configuration is
done with switch mode CLI commands.
This section demonstrates managing router configuration while operating in router mode only.

Warning: Configurations created in router mode are not automatically persistent, unlike switch
mode. You must execute the write file command to save router configurations.

Purpose
These router commands are used to review and save the current router configuration.

Commands
The commands used to review and save the router configuration are listed below.

For information about... Refer to page...

show running-config 23-21

show startup-config 23-22

write file 23-25

23-20 Router Configuration Commands

Managing Router Configurations

show running-config
This command displays the user‐supplied router configuration commands that have been entered
to this point while configuring the Matrix X Router.

Syntax
show running-config [section] [outfile path-to/outfilename] [| search regexp]

Parameters
section (Optional) Display only the specified section of the configuration. A list
of valid section names can be displayed by entering show
running‐config ?.
outfile path‐to/ (Optional) Specifies a file in which to store the configuration. Options
outfilename for path‐to are a file path on the active or standby CM, a file path on a
USB drive attached to the active or standby CM, or the URL of an FTP,
SCP (secure copy), or TFTP server.
On the active CM, valid directories that can be specified are public or
local. On the standby CM, the valid directory is local. To specify the
standby CM, you must precede the directory with standby:—otherwise,
the active CM is assumed.
A file path on an attached USB drive is specified as usb:pathname or
standby:usb:pathname where pathname may include one or more
directory levels in addition to the filename itself.
| search regexp (Optional) Display the lines in the configuration file that match the
search regular expression.

Mode
Router global execution mode: matrix‐x(router‐exec)#
Router configuration mode: matrix‐x(router‐config)#
Switch mode, read‐only

Usage
This command displays the current router configuration that is running on the X Router. The
running configuration includes all those CLI configuration commands that have been entered
manually since the last system restart. Commands entered manually are not saved as part of the
startup configuration until the write file command is executed, at which point the running
configuration is stored on the system in NVRAM and becomes the startup configuration.
Use the show startup‐config command to display the startup configuration, which includes all the
router configuration commands that were entered up to the point when the write file command
was executed.

Examples
The following example shows the output of this command:
matrix-x(router-exec)# show running-config

interface ge.4.1

Matrix X Router Command Line Interface Reference Guide 23-21

Managing Router Configurations

ip address 10.10.10.10 255.255.255.0

no shutdown
exit
interface ge.4.2
ip address 20.20.20.20 255.255.255.0
no shutdown
exit
interface ge.4.3
ip address 30.30.30.30 255.255.255.0
no shutdown
exit

This example displays only the policy map section of the running config.
matrix-x(router-config)# show running-config policy-map

!
# router
router
configure terminal
policy-map myPolicyMap
description "My policy map"
exit
exit
exit

show startup-config
This command displays the user‐supplied router configuration commands that have been entered
and saved as the startup configuration by executing the write file command.

Syntax
show startup-config [outfile path-to/outfilename] [| search regexp]

Parameters
outfile path‐to/ (Optional) Specifies a file in which to store the configuration. Options
outfilename for path‐to are a file path on the active or standby CM, a file path on a
USB drive attached to the active or standby CM, or the URL of an FTP,
SCP (secure copy), or TFTP server.
On the active CM, valid directories that can be specified are public or
local. On the standby CM, the valid directory is local. To specify the
standby CM, you must precede the directory with standby:—otherwise,
the active CM is assumed.
A file path on an attached USB drive is specified as usb:pathname or
standby:usb:pathname where pathname may include one or more
directory levels in addition to the filename itself.
| search regexp (Optional) Pipe command output through the filter defined by the
search regular expression and display the lines in the configuration file
that match the search regular expression.

23-22 Router Configuration Commands

Managing Router Configurations

Defaults
If a search filter is not defined, all the contents of the startup configuration are displayed.

Mode
Router global execution mode: matrix‐x(router‐exec)#
Router configuration mode: matrix‐x(router‐config)#
Switch mode, read‐only

Usage
This command displays the CLI configuration commands that have been entered manually since
the last system restart and that have been saved as part of the startup configuration with the write
file command.
The output of this command may differ from the output of the show running‐config command,
because only the commands that were entered prior to executing the last write file command are
displayed by this command. The show running‐config command displays all the CLI commands
entered since the system was restarted, including those command entered after the execution of
the write file command.

Example
In the following example, the output of the show startup‐config command at first is different
from the output of the show running‐config command. Then, the write file command is
executed, which causes the running configuration to be saved as the startup configuration. By
executing the show startup‐config command after the write file command, we show that the
startup configuration is now the same as the running configuration.
matrix-x(router-exec)# show startup-config
interface ge.4.1
ip address 10.10.10.10 255.255.255.0
no shutdown
exit
interface ge.4.2
ip address 20.20.20.20 255.255.255.0
no shutdown
exit

matrix-x(router-exec)# show running-config

interface ge.4.1
ip address 10.10.10.10 255.255.255.0
no shutdown
exit
interface ge.4.2
ip address 20.20.20.20 255.255.255.0
no shutdown
exit
interface ge.4.3
ip address 30.30.30.30 255.255.255.0
no shutdown
exit

matrix-x(router-exec)# write file

Matrix X Router Command Line Interface Reference Guide 23-23

Managing Router Configurations

matrix-x(router-exec)# show startup-config

23-24 Router Configuration Commands

Managing Router Configurations

write file
This command saves the router running configuration.

Warning: Configurations created in router mode are not automatically persistent, unlike switch
mode. You must execute the write file command to save router configurations.

Syntax
write file

Parameters
None.

Defaults
None.

Mode
Router global execution mode: matrix‐x(router‐exec)#
Router configuration mode: matrix‐x(router‐config)#

Usage

The write file command must be executed in order to save the router running configuration to
NVRAM. If this command is not executed, router configuration changes will not be saved upon
reboot.
Executing this command also creates or overwrites a file named startup_config.txt in the public
directory. The contents of the startup_config.txt file is the same running configuration that is
saved to NVRAM.

Example
The following example illustrates the write file command and the startup_config.txt file created
by executing this command.
matrix-x(router-exec)# write file

matrix-x(router-exec)# exit

matrix-x(switch-su)-> dir public

public/
==================================================
Name : startup_config.txt
Type : Unknown
Size : 258 bytes
Last Access : Mon Sep 19 18:52:04 2005
Modification: Mon Sep 19 18:52:04 2005
Last Change : Mon Sep 19 18:52:04 2005

matrix-x(switch-su)-> show file public/startup_config.txt

interface ge.4.1

Matrix X Router Command Line Interface Reference Guide 23-25

Managing Router Configurations

ip address 10.10.10.10 255.255.255.0

no shutdown
exit
interface ge.4.2
ip address 20.20.20.20 255.255.255.0
no shutdown
exit
interface ge.4.3
ip address 30.30.30.30 255.255.255.0
no shutdown
exit
matrix-x(switch-su)->

23-26 Router Configuration Commands

Reviewing and Configuring ARP

Purpose
These router level commands are used to review and configure the routing ARP table.

Commands
The commands used to review and configure the ARP table are listed below.

For information about... Refer to page...

arp 23-27

arp timeout 23-28

clear arp 23-29

show ip arp 23-29

arp
This command adds static entries to the ARP table.

Syntax
arp ip-address MAC-addr arpa port-string

no arp ip-address MAC-addr arpa port-string

Parameters

ip-address Specifies the IP address of the interface being added.

MAC-addr Specifies the MAC address of the interface being added.
arpa Specifies the type of ARP entry.
port-string Specifies the interface media type, slot number, and port number, as
described in Port Strings Used in the CLI on page 12‐2.

Defaults
None.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
You can delete static entries from the ARP table with the no form of this command, but you cannot
delete ARP entries for local interfaces.

Matrix X Router Command Line Interface Reference Guide 23-27

Reviewing and Configuring ARP

The clear arp‐cache command removes dynamic ARP entries only, not local or static entries.

Examples
The following example adds a static entry to the ARP table:
matrix-x(router-config)# arp 192.168.20.1 0200.0801.0000 arpa ge.4.2
The following example removes the static entry added in the above example:
matrix-x(router-config)# no arp 192.168.20.1 0200.0801.0000 arpa ge.4.2

Related Commands
clear arp

arp timeout
This command sets the duration (in seconds) for entries to stay in the ARP table before expiring.

Syntax
arp timeout seconds

no arp timeout seconds

Parameters
seconds Specifies the interval an entry remains in the ARP cache, ranging from 0 to 65535
seconds. A value of 0 specifies that ARP entries will never be aged out.

Defaults
21,600 seconds (6 hours)

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
The Matrix X Router can support up to 2000 outstanding unresolved ARP entries. The no form
restores the default value of 21,600 seconds.

Example
The following example sets the ARP timeout to 600 seconds:
matrix-x(router-config)# arp timeout 600

23-28 Router Configuration Commands

Reviewing and Configuring ARP

clear arp
This command deletes all nonstatic (dynamic) entries from the ARP table.

Syntax
clear arp [ip_address]

Parameters

ip_address (Optional) Specifies the entry to delete.

Defaults
If an IP address is not specified, all dynamic entries are deleted.

Mode
Router privileged execution: matrix‐x(router‐exec)#

Example
The following example deletes all dynamic entries from the ARP table:
matrix-x(router-exec)# clear arp-cache

show ip arp
This command displays entries in the ARP (Address Resolution Protocol) table. ARP converts an
IP address into a physical address.

Syntax
show ip arp [stats] [stats_brief] [summary] [| search string]
[ip-address [stats] [stats_brief] [verbose]] [H.H.H [stats]]
[Interface {eth0 | port-string} [stats] [stats_brief]]

Parameters

ip‐address (Optional) Displays ARP entries related to a specific IP address.

H.H.H (Optional) Displays ARP entries related to a specific 48‐bit hardware
address, in xxxx.xxxx.xxxx format.
Interface (Optional) Displays ARP entries related to a specific interface. An interface
[eth0 | port‐string] can be identified by its physical port string. For a detailed description of
possible port string values, refer to Port Strings Used in the CLI on
page 12‐2.
Use the key word eth0 to specify the Ethernet management port on the
active Control Module (CM).
stats (Optional) Shows packet and byte statistics for each entry.
stats_brief (Optional) Shows only packet statistics for each entry.

Matrix X Router Command Line Interface Reference Guide 23-29

Reviewing and Configuring ARP

summary (Optional) Displays the summary of all ARPs.

| search string (Optional) Displays the contents of the ARP table that match the search
string. Refer to Table 1‐2 on page 1‐6 for a list of the regular‐expression
operators that can be used as the search string.

Defaults
If no parameters are specified, all entries in the ARP cache will be displayed.

Mode
Router privileged execution: matrix‐x(router‐exec)#

Examples
The following example displays output from the command without any optional parameters.
matrix-x(router-exec)# show ip arp

Protocol Address Age(min) Hardware Addr Type Interface

-------------------------------------------------------------------------------
Internet 10.1.216.1 21 00e0.6368.ebf1 ARPA eth0
Internet 10.1.221.30 - 0001.f4da.5a5c ARPA eth0
Internet 10.1.221.232 - 00c0.9f29.ee39 ARPA eth0
Internet 1.3.0.1 14 0001.f4da.5a3f ARPA vlan.1.1003
Internet 1.3.0.2 - 0001.f4da.5a5b ARPA vlan.1.1003
Internet 2.1.0.1 - 0001.f4da.5a5b ARPA vlan.1.2001
Internet 2.1.0.2 17 0001.f4da.3ca8 ARPA vlan.1.2001
Internet 2.2.0.1 - 0001.f4da.5a5b ARPA vlan.1.2002
Internet 2.2.0.2 17 0001.f43a.d36e ARPA vlan.1.2002

The following table provides an explanation of the command output.

Output What It Displays...

Protocol ARP entry’s type of network address.

Address Network address mapped to the entry’s MAC address.

Age (min) Interval (in minutes) since the entry was entered in the table.

Hardware Addr MAC address mapped to the entry’s network address.

Type Encapsulation type used for the entry’s network address.

Interface The physical interface.

The following example displays packet and byte statistics.

matrix-x(router-exec)# show ip arp stats

Address Age(min) Hardware Addr Interface Packets Bytes

-------------------------------------------------------------------------------
10.1.216.1 23 00e0.6368.ebf1 eth0 0 0
10.1.221.30 - 0001.f4da.5a5c eth0 0 0
10.1.221.232 1 00c0.9f29.ee39 eth0 0 0
1.3.0.1 15 0001.f4da.5a3f vlan.1.1003 0 0
1.3.0.2 - 0001.f4da.5a5b vlan.1.1003 0 0

23-30 Router Configuration Commands

Reviewing and Configuring ARP

2.1.0.1 - 0001.f4da.5a5b vlan.1.2001 0 0

2.1.0.2 19 0001.f4da.3ca8 vlan.1.2001 78646969 5977169644
2.2.0.1 - 0001.f4da.5a5b vlan.1.2002 0 0
2.2.0.2 19 0001.f43a.d36e vlan.1.2002 38331428 2913188528

Matrix X Router Command Line Interface Reference Guide 23-31

Configuring Broadcast Settings

Purpose
These router level commands configure IP broadcast settings.

About DHCP/BOOTP Relay

DHCP/BOOTP relay functionality is applied with the help of UDP broadcast forwarding. A
typical situation occurs when a host requests an IP address with no DHCP server located on that
network segment. A routing interface can forward the DHCP request to a server located on
another network if:
• UDP broadcast forwarding is enabled with the ip forward‐protocol command, and
• The address of the DHCP server is configured as a helper address on the receiving interface
with the ip helper‐address command.
The DHCP/BOOTP relay function will detect the DHCP request and make the necessary changes
to the header, replacing the destination address with the address of the server, and the source with
its own address, and send it to the server. When the response comes from the server, the DHCP/
BOOTP relay function sends it to the host.

Commands
The commands used to configure IP broadcast settings are:

For information about... Refer to page...

ip forward-protocol 23-33

ip helper-address 23-34

23-32 Router Configuration Commands

Configuring Broadcast Settings

ip forward-protocol
This command enables UDP broadcast forwarding, specifying which protocols will be forwarded.

Syntax
ip forward-protocol {udp [port]}

no ip forward-protocol {udp [port]}

Parameters
udp Specifies UDP as the IP protocol subject to broadcast forwarding.
port (Optional) Specifies a destination port that controls which UDP services are
forwarded. If not specified, received UDP broadcasts are forwarded on the
following default ports:
• Trivial File Transfer Protocol (TFTP) — port 69
• Domain Naming System — port 53
• Time service — port 37
• NetBIOS Name Server — port 137
• NetBIOS Datagram Server — port 138
• TACACS service — port 49
• EN‐116 Name Service — port 42
• Boot Protocol (BOOTP) client and server datagrams — ports 67 and 68

Defaults
If a port is not specified, default forwarding services will be performed as listed above.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
This command works in conjunction with the ip helper‐address command to configure UDP
broadcast forwarding. Refer to the ip helper‐address command for information on specifying a
new destination for UDP broadcasts.
The no form of this command removes a UDP port or protocol, disabling forwarding. If a port is
not specified, UDP broadcast forwarding will be disabled on all ports.

Note: If a certain service exists inside the device, the no form of this command should be used to
disable the forwarding for the associated port. In particular, DHCP/BOOTP relay and DHCP server
may not be enabled concurrently in the device.

Example
This example enables forwarding of Domain Naming System UDP broadcasts.
matrix-x(router-config)# ip forward-protocol udp 53

Matrix X Router Command Line Interface Reference Guide 23-33

Configuring Broadcast Settings

ip helper-address
This command enables DHCP/BOOTP relay and the forwarding of local UDP broadcasts
specifying a new destination address.

Syntax
ip helper-address address

no ip helper-address address

Parameters
address Specifies a destination address for forwarding UDP broadcasts. This address must
be a unicast address.

Defaults
None.

Mode
Router Interface Configuration.

Usage
This command works in conjunction with the ip forward‐protocol command, which defines the
forward protocol and port number. You can use this command to define up to 20 helper address
per interface.
The no form of this command disables forwarding UDP datagrams to the specified address.

Example
The following example permits UDP broadcasts from hosts received on VLAN 1 to reach server
191.168.1.10 and broadcasts received on VLAN 2 to reach server 192.24.1.2:
matrix-x(router-config)#ip forward-protocol udp
matrix-x(router-config)# interface vlan 1
matrix-x(router-config-if-vlan-1)# ip helper-address 192.168.1.10
matrix-x(router-config-if-vlan-1)# exit
matrix-x(router-config)# interface vlan 2
matrix-x(router-config-if-vlan-2)# ip helper-address 192.24.1.2

23-34 Router Configuration Commands

Reviewing IP Traffic and Configuring Static Routes

Purpose
To review IP traffic and configure static routes.

Commands
The commands used to review IP traffic and configure routes are listed below.

For information about... Refer to page...

show ip traffic 23-35

show ip cache 23-36

ip route 23-38

show ip traffic
This command displays statistics about IP traffic sent to and received from the Matrix X Router’s
Control Module (CM).

Syntax
show ip traffic

Parameters
None.

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#

Example
The following example displays sample output from the command:
matrix-x(router-exec)# show ip traffic
IP Statistics:
Rcvd: 20788 total, 20654 local destination
0 header errors, 0 unknown protocol
Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble
0 fragmented, 0 couldn't fragment
Mcast/Bcast: 0 received
Sent: 21264 generated, 0 forwarded, 0 no route

Matrix X Router Command Line Interface Reference Guide 23-35

Reviewing IP Traffic and Configuring Static Routes

ICMP Statistics:
Rcvd: 92 total, 0 checksum errors, 0 redirects, 74 unreachable, 2 echo
16 echo reply, 0 mask requests, 0 quench
0 parameter, 0 timestamp, 0 time exceeded,
Sent: 77 total, 0 redirects, 75 unreachable, 0 echo, 2 echo reply
0 mask requests, 0 mask replies, 0 quench, 0 timestamp
0 time exceeded, 0 parameter problem

TCP statistics:
Rcvd: 17233 total, 0 checksum errors
Sent: 17149 total

UDP Statistics:
Rcvd: 3376 total, 85 checksum errors, 1 no port
Sent: 4021 total

matrix-x(router-exec)#

show ip cache
This command displays information about the forwarding cache.

Syntax
show ip cache [stats] [stats_brief] [summary] [| search string]
[ip-addr mask [stats] [stats_brief] [verbose]]

Parameters
stats (Optional) Show packet and byte statistics for each route.
stats_brief (Optional) Show only packet statistics for each route.
summary (Optional) Show a summary of all IP cache routes.
| search string (Optional) Display the contents of the cache that match the search
string. Refer to Table 1‐2 on page 1‐6 for a list of the regular‐expression
operators that can be used as the search string.
ip‐addr mask (Optional) Show information for the route specified by IPv4 address
and mask. The mask can be entered as an integer between 0 and 32 (for
example, /24) or in dotted quad notation (for example, 255.255.255.0).
verbose (Optional) Show all statistics information available.

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#

23-36 Router Configuration Commands

Reviewing IP Traffic and Configuring Static Routes

Examples
The following example displays output from this command with no parameters:
matrix-x(router-exec)# show ip cache

Prefix Next Hop Status Interface

1.1.1.4/32 Direct Local loopback1
10.1.216.0/21 Direct Local eth0
10.4.0.0/16 Direct Local vlan.1.1004
10.10.54.0/24 Direct Local ge.8.5
10.10.45.0/24 Direct Local vlan.1.1010
1.1.1.5/32 10.10.54.5 Resolved ge.8.5
10.5.0.0/16 10.10.54.5 Resolved ge.8.5
10.10.54.5/32 10.10.54.5 Resolved ge.8.5
10.10.45.5/32 10.10.45.5 Resolved vlan.1.1010
The following example displays packet and byte statistics.
matrix-x(router-config)# show ip cache stats

Prefix Next Hop Status Interface Packets Bytes

1.1.1.4/32 Direct Local loopback1 884 123856
10.1.216.0/21 Direct Local eth0 0 0
10.4.0.0/16 Direct Local vlan.1.1004 0 0
10.10.54.0/24 Direct Local ge.8.5 2 256
10.10.45.0/24 Direct Local vlan.1.1010 14 1812
1.1.1.5/32 10.10.54.5 Resolved ge.8.5 0 0
10.5.0.0/16 10.10.54.5 Resolved ge.8.5 0 0
10.10.54.5/32 10.10.54.5 Resolved ge.8.5 0 0
10.10.45.5/32 10.10.45.5 Resolved vlan.1.1010 0 0
The following example displays the output of the summary parameter.
matrix-x(router-config)# show ip cache summary

Route Cache Summary

Number of Routes: 9
The following example displays the output when using the IP address and verbose parameters.
matrix-x(router-config)# show ip cache 10.10.45.4/24 verbose

Ip Cache Verbose
Destination Stats Per IOM
IOM Packets Bytes
8 14 1812
8 14 1812
Ip Route: 10.10.45.5/32

Nexthops
10.10.45.5 State: Resolved Interface: vlan.1.1010

Destination Stats Per IOM

IOM Packets Bytes
Total 0 0

Matrix X Router Command Line Interface Reference Guide 23-37

Reviewing IP Traffic and Configuring Static Routes

The following example displays the use of a search string.

matrix-x(router-config)# show ip cache | search "10.10.*"

Prefix Next Hop Status Interface

10.10.45.0/24 Direct Local vlan.1.1010
1.1.1.5/32 10.10.45.5 Resolved vlan.1.1010
10.5.0.0/16 10.10.45.5 Resolved vlan.1.1010
10.10.45.5/32 10.10.45.5 Resolved vlan.1.1010

ip route
This command adds or removes a static IP route.

Syntax
ip route prefix {mask | masklen} {ipv4-address | interface-name | next-hop}
[distance] [tag tag] [metric value] [unicast] [multicast] [noinstall] [reject]
[retain] [blackhole]

no ip route prefix {mask | masklen} {ipv4-address | interface-name | next-hop}

[distance] [tag tag] [metric value] [unicast] [multicast] [noinstall] [reject]
[retain] [blackhole]

Parameters

prefix Specifies an IPv4 address as a single destination for which a static route is
being defined.
[mask | masklen] The prefix mask for the destination, specified in dotted‐quad format or the
length of a mask specified as an integer from 0 to 32, inclusive.
[ipv4‐address | Specifies either an IPv4 address as the next hop for the static route or the
interface‐name | physical interface name to be used with the static route.
next‐hop]
distance (Optional) Specifies an administrative distance for this route, ranging from 1
to 255, and it defaults to 60 if it is not specified.
tag tag (Optional) Specifies a tag value that can be used as a match value for
controlling redistribution via route maps. The value for tag can be an integer
from 0 to 4,294,967,295, inclusive.
metric value (Optional) Specifies a metric for the route ranging from 0 to 2,147,483,647.
Optionally specify one or more of the following command flags:
unicast Indicates that this static route should be installed in the unicast RIB.
This flag is implicitly specified by default.
multicast Indicates that this static route should be installed in the multicast RIB.
noinstall Specifies that this static route is not to be installed in the kernel forwarding
table.
reject Causes the router to refuse to route traffic that would be forwarded
according to the associated static route. Instead of forwarding a packet as a
normal route, reject routes cause packets to be dropped and unreachable
messages to be sent to the packet originators.

23-38 Router Configuration Commands

Reviewing IP Traffic and Configuring Static Routes

retain Prevents specific static routes from being removed.

blackhole Causes this route to be installed as a blackhole route, enabling the router to
refuse to route various prefixes.

Defaults
Static routes are not explicitly configured by default.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use the ip route command to configure up to 2048 static routes within the router. Each static route
must consist of a valid IP prefix and mask as the destination. Each static route must also contain
either an IPv4 address, which acts as the static route next hop, and/or a physical interface to be
associated with the static route. In addition, you can specify a preference for each configured static
route and flags to be associated with each route.
The negative form of this command, no ip route, removes a static route. Because you can
configure multiple static routes for a single prefix, you must include all arguments that were used
to configure the route in the negative form of this command.

Examples
The following example configures a static route for prefix 192.168.0.0 with a mask of 255.255.0.0.
The next hop is configured to be 10.1.1.1, and the preference is configured as 50.
matrix-x(router-config)# ip route 192.168.0.0 255.255.0.0 10.1.1.1 50
The following example configures a static route for prefix 10.1.0.0 with a mask of 255.255.0.0. This
static route is going to be associated with interface ge.4.2 with a preference of 20 and a tag value of
2. Finally, this static route will be installed in both the unicast and multicast RIBs, but it will not be
installed in the kernel forwarding table. Note that order is not important when specifying static
route flags.
matrix-x(router-config)#ip route 10.1.0.0 255.255.0.0 ge.4.2 20 tag 2 unicast
multicast noinstall
The following example configures two static routes for the same prefix, 192.2.0.0 255.255.0.0. The
first is configured for interface ge.4.1 with a preference of 40. The second is configured for
interface ge.4.2 with a preference of 50. Both are configured to be installed in the multicast RIB.
matrix-x(router-config)# ip route 192.2.0.0 255.255.0.0 ge.4.1 40 multicast
matrix-x(router-config)# ip route 192.2.0.0 255.255.0.0 ge.4.2 50 multicast
In the following example, the second configuration in the previous example is removed:
matrix-x(router-config)# no ip route 192.2.0.0 255.255.0.0 ge.4.2 50 multicast
The basic forms of the show ip route command are described individually below:
matrix-x(router-exec)# show ip route summary
This form of the command returns summarized route information that includes the number of
nodes and the number of routes:
matrix-x(router-exec)# show ip route [unicast | multicast]

Matrix X Router Command Line Interface Reference Guide 23-39

Reviewing IP Traffic and Configuring Static Routes

This form of the command returns all routes stored in either the unicast or multicast RIB. If a RIB
specified is not given, then all routes in the unicast RIB are reported:
matrix-x(router-exec)# show ip route [unicast | multicast] [ipv4-addr (mask ||
longer-prefixes)]
This form of the command allows you to query a RIB given a specific destination address. If no
mask is given, then the natural mask of the user‐supplied destination is assumed. If the longer-
prefixes option is not specified, then only an exact match in the RIB for the supplied destination
(and mask) is reported. On the other hand, if longer-prefixes is specified, then routes for all
destinations covered by the destination (and mask) are reported.
matrix-x(router-exec)# show ip route [unicast | multicast] [rip | bgp | static |
dvmrp | isis | connected]
When specifying the OSPF protocol, you can also optionally provide an instance‐id. Within the
Matrix X Router, you can run multiple instances of OSPF, where each instance is identified with
an instance ID. By specifying an instance‐id, you can query for all routes installed by a specific
instance of OSPF. If the instance‐id is omitted, then routes installed by all OSPF instances are
returned.
matrix-x(router-exec)# show ip route [unicast | multicast] list access-list-name
This form of the command allows you to, in effect, query a RIB for only those routes covered by an
access list. An error is generated if an access list named, access‐list‐name, has not been defined.
K 0.0.0.0/0 [0/40] via 65.247.36.1, 21d21h, ex0
K 10.128.0.0/9 [0/40] via 65.247.36.2, 21d21h, ex0
C 65.247.36.0/25 [1/0] via 65.247.36.97, 21d21h, ex0
K 65.247.36.97/32 [0/40] via 127.0.0.1, 21d21h, lo0
S 127.0.0.0/8 [0/0] via 127.0.0.1, 21d21h, lo0
C 127.0.0.1/32 [1/0] via 127.0.0.1, 21d21h, lo0
The following example returns information for all routes in the unicast RIB installed by OSPF. The
results indicate that the unicast RIB contains only one such route.
matrix-x(router-exec)# show ip route ospf
Codes: C - connected, S - static, R - RIP, B - BGP,
O - OSPF, D - DVMRP, 3 - OSPF3, I - IS-IS,
K - Kernel, A - Aggregate
O 65.247.36.224/28 [1/0] via 65.247.36.254 21d21h, ex0

23-40 Router Configuration Commands

24
Access Control List Commands

This chapter describes the commands used to create, apply, and display numbered and named
access control lists (ACLs). This chapter also describes the commands used to configure and
display ACL rule match logging.

For information about... Refer to page...

Overview 24-1

Numbered Access Control Lists 24-5

Named Access Control Lists 24-11

Access List Configuration Mode Commands 24-15

Displaying and Applying Access Lists 24-21

ACL Rule Match Logging Commands 24-34

Overview
The Matrix X Router supports configuration of both standard and extended access control lists
(ACLs). Standard access control lists allow only the packet source IP address to be configured,
while extended ACLs allow both source and destination IP addresses to be configured, as well as
protocol and port matching.
Both standard and extended access lists can be numbered or named. Standard ACL numbers can
range from 1 to 99. Extended ACL numbers can range from 100 to 199. Names can be up to 64
characters in length.
Rules in an ACL are order‐dependent. A packet is either forwarded (a permit rule) or not
forwarded (a deny rule) according to the first rule that is matched. As soon as a rule is matched,
processing of the access list stops. For packet filtering, there is an implicit “deny all” rule at the
end of every ACL.
When you create a named ACL, you move into access list configuration mode, as indicated by a
modified router configuration prompt. In this mode you can enter a set of individual rules at one
time for the ACL. Each rule must start with a permit or deny statement. Rules for numbered ACLs
may be entered either in access list configuration mode or as individual commands.
The rules that comprise a given ACL may be copied to a new ACL or appended to an existing
ACL using the ip access‐list copy command.
Once you have defined ACLs, you can apply them in a variety of ways. You can use ACLs to filter
traffic on individual interfaces, with or without a directional context (inbound or outbound). You
can also apply pre‐defined ACLs as Service or Common ACLs. Service access control lists apply
existing standard ACLs to permit or deny traffic based on type of service (such as SSH, or SNMP

Matrix X Router Command Line Interface Reference 24-1

Overview

traffic) only when the service traffic is bound to router‐owned IP addresses. For example, a service
ACL can be used to restrict Telnet access to the router to one or two source IP values. Common
access lists apply existing standard or extended ACLs commonly across all interfaces. When any
ACL is applied as a common ACL, the final implicit “deny all” rule in the ACL is not used. See
“Displaying and Applying Access Lists” (page 24‐21) for more common ACL
implementation‐specific details.
ACL rule matching can also be logged. See “ACL Rule Match Logging” on page 24‐2 for
information about logging occurrences of ACL rule matches.

ACL Configuration Limits

Before you configure ACLs on the X Router, it is important to consider the following:
• When used for packet filtering on an interface, one ACL may be applied per traffic direction.
ACLs can be applied to both inbound and outbound interfaces, including physical ports and
VLAN interfaces.
• An ACL is comprised of one or more entries which are then converted to rules on the IOM as
an access group for interface filtering. Only one ACL may be applied to an interface in a given
direction (inbound or outbound).
• Each IOM can support up to 1010 ingress (inbound) and 1024 egress (outbound) rules per
forwarding engine (FE), and each IOM can support up to two FEs for inbound traffic and two
FEs for outbound traffic. Therefore, each IOM can support a maximum of 2020 rules inbound
and 2048 rules outbound. The X‐GT16‐00 IOM supports a maximum of 1010 policy rules
inbound and 1024 policy rules outbound. Both Layer 2 policy rules and Layer 3 policy and
ACL rules use the same pool of available rule space.
To help you manage rule‐space related configuration and available resources, the following
commands have been added to the Matrix X Router CLI. These commands let you determine
available rule space for, rule space required by, and rule space either expected to be used by
applying or expected to be reclaimed by removing, a particular set of rules:
• The show ip rule‐space available command displays the minimum amount of rule space
currently available per IOM associated with a given interface.
• The show ip rule‐space required command displays the amount of rule space required for
rules that would be generated by an access group and/or policy map. This assumes an
interface with no other ACLs, Common ACLs, policy maps or ACL logging applied.
• The show ip rule‐space expected command displays the amount of rule space expected to be
available per IOM if applying or removing a specific ACL, Common ACL, or ACL logging, on
a given interface.

ACL Rule Match Logging

You can configure the Matrix X Router to log traffic “hits” of ingress ACL rules by means of syslog
messaging. Configuration parameters allow you to specify whether traffic flows hitting particular
ACL rule‐entries or any ACL entry are logged. You can also specify the type of rule to
log—permit, deny, or both and whether or not to include the first 64 bytes of a matching frame in
the rule hit log message.

Note: ACL rule match logging is intended to be used as a diagnostic tool. Since enabling logging
increases host processing, you should keep logged traffic to the minimum amount necessary.

24-2 Access Control List Commands

Overview

You can control the amount of data logged by enabling periodic updates and the frequency of the
updates, as well as configuring the maximum number of flows to log for each interface with
logging enabled. By default, periodic updates are enabled, the update frequency is set at 300
seconds, and the maximum number of flows logged per interface is 100.
When periodic updates are enabled, only the first entry for each unique flow that matches an ACL
entry on an interface is logged. Data about future received matches to the ACL entry for each
unique flow are stored but only logged by means of a periodic update message every update
interval. Periodic update messages list the percentage of received frames for each flow that has
been matched at least once over the previous interval. After each periodic update, the utilization
data is reset.
When periodic updates are disabled, all flow matches are logged as received on a best effort basis.
If a large amount of data is expected to be logged, it is recommended that you enable periodic
updates. If you disable the maximum count of flows per interface, the X Router will log hits up to
the maximum number allowed.
The high‐level configuration steps are:
1. If desired, enable logging for specific ACL rules by adding the log parameter to individual
ACL rule‐entries as you create or edit an access control list.
2. In global configuration mode, configure periodic updating with the ip log‐access
update‐frequency command.
3. In global configuration mode, configure the maximum number of unique flows to log per
interface with the ip log‐access max‐count‐per‐interface command.
4. In interface configuration mode, enable logging and configure the type of ingress ACL rule
hits that should be logged with the ip log‐access all‐entries or ip log‐access log‐entries
commands. Use the verbose parameter to log frame data as well.
5. In interface configuration mode, apply the access control list to the desired interfaces with the
ip access‐group command.
Refer to “ACL Rule Match Logging Commands” on page 24‐34 for more information about the
ACL logging commands.

Rule Match Logging Formats

When ACL rule match logging is enabled on an interface, the syslog entries are written following
the standard log format shown below. If periodic updating is also enabled, only the first entry for
each unique traffic flow follows the standard format. Subsequent updates follow the periodic log
format shown below.
When verbose logging is configured, the first 64 bytes of a frame hit are also logged, as shown
below in the example verbose log output.

Standard Log Format

[SysLog Preamble] [PERMIT|DENY|HIT] ACL [AclName] on “Interface” PktType
SrcIP-Port -> DestIP-Port

Standard Log Example Output

Feb 3 13:00:28 cm1 aclLogging: <Notice> HIT ACL [1] on “ge.3.1” UDP TOS 0
173.116.0.254-138 -> 173.116.255.255-138

Matrix X Router Command Line Interface Reference 24-3

Overview

Periodic Log Format

[SysLog Preamble] [PERMIT|DENY|HIT] ACL [AclName] on “Interface” PktType
SrcIP-Port -> DestIP-Port %Interface-%AllInterfaces
where %Interface is a percentage of hits for that interface based on the total number of frames
processed and %AllInterfaces is a percentage of hits with respect to all frames processed on all
interfaces.

Periodic Log Example Output

Feb 3 13:03:42 cm1 aclLogging: <Notice> Periodic Log Results For Interface ge.3.1
Feb 3 13:03:42 cm1 aclLogging: <Notice> HIT ACL [1] on “ge.3.1” ICMP TOS 0
Type/Code 8/0 173.116.1.1 -> 173.116.1.10 37-37 %
Feb 3 13:03:42 cm1 aclLogging: <Notice> HIT ACL [1] on “ge.3.1” UDP TOS 0
173.116.1.1-137 -> 173.116.255.255-137 53-53 %
Feb 3 13:03:42 cm1 aclLogging: <Notice> HIT ACL [1] on “ge.3.1” UDP TOS 0
173.116.1.1-138 -> 173.116.255.255-138 5-5 %
Feb 3 13:03:42 cm1 aclLogging: <Notice> HIT ACL [1] on “ge.3.1” UDP TOS 0
173.116.0.254-138 -> 173.116.255.255-138 5-5 %

Example Verbose Log Output

Feb 3 13:01:10 cm1 aclLogging: <Notice> HIT ACL [1] on “ge.3.1” UDP TOS 0
173.116.1.1-138 -> 173.116.255.255-138
Feb 3 13:01:10 cm1 aclLogging: <Notice> FFFFFFFFFFFF#020074020101#0800#4500#
00F10000400040#11#DE12#AD740101#AD74FFFF#008A#008A#00DD8605110A5B90AD740101008A0
0C7000020464345464545

24-4 Access Control List Commands

Numbered Access Control Lists

Purpose
These router commands are used to create numbered standard and extended IP access lists.

Commands
The commands used to configure numbered access control lists are:

For information about... Refer to page...

access-list (standard) 24-5

access-list (extended) 24-7

access-list (standard)
This command configures a numbered standard access control list. Standard ACLs filter packets
based on source IP address only.

Syntax
access-list number [sequence seq_value] {deny | permit} {ip4_addr wildcard | any
| host ip4_addr} [log]

no access-list number [sequence seq_value] [{deny | permit} {ip4_addr wildcard |

any | host ip4_addr}] [log]

Parameters

number Specify a number for this access list, ranging from 1 to 99.
sequence (Optional) Sequence number for this entry in the access list, specified as an
seq_value integer between 0 and 65535.
Note: Sequence numbers are generated automatically in increments of 10, except
when this parameter is used. By using this parameter, you can insert an entry
between two existing entries, instead of having a new entry automatically added at
the end of the list.
deny | permit Deny or permit access if the specified conditions are met.
ipv4‐addr wildcard Specify the IPv4 source address to be permitted or denied, with a wildcard
that specifies the bits to ignore in the source address.
Note: The wildcard bits act in the inverse manner of an IP network mask.
any Specify that any IPv4 source address should be permitted or denied.
host ip4_addr Specify a host IPv4 source address to be permitted or denied.
log (Optional) Tag this entry for ACL rule match logging. Refer to the ip
log‐access command for more information about how this tag is used.

Matrix X Router Command Line Interface Reference 24-5

Numbered Access Control Lists

Defaults
Access lists are not configured by default.

Mode
Router Global Configuration.

Usage
Use this access‐list command syntax to configure a numbered standard access list. Entries are
added to the list in the order in which they are configured, with a sequence number automatically
assigned in increments of 10, except when the optional sequence parameter is used. By specifying
a sequence number for an entry, you can insert that entry between two existing entries, or leave a
bigger gap between two entries.
Every entry in the access list is associated with a permit/deny indicator, used to indicate to the
filtering function whether a matched element should be permitted (allowed access) or denied.
When using an access list with route maps, a permit indicates a successful match whereas a deny
result causes the match element to fail.
When you tag access list entries with the log keyword, you can configure ACL rule match logging
on an interface to log only rule type matches whose entries contain the log keyword. Refer to the
ip log‐access command (page 24‐37) for more information.
By default, the end of the access list contains an implicit deny statement for everything.
Use the no form of this command to delete all entries or specific entries in an access list. One way
to remove a specific entry from an access list is to specify all parameters that were specified when
the entry was created. Another way is to specify the sequence number of the entry. When only the
access list number is used with the no form, the entire ACL is deleted.
You can also use the ip access‐list standard command to create and edit standard ACLs.

Examples
The following example configures an access list called “10” that denies all prefixes matching
128.0.0.0/8:
matrix-x(router-config)# access-list 10 deny 128.0.0.0 0.255.255.255

The following example configures three entries in access list number 1. The first list entry permits
the single address 10.11.0.12. The second list entry denies all other addresses in 10.11/16 and
includes the log keyword. The third entry permits all addresses in 10/8.
matrix-x(router-config)# access-list 1 permit 10.11.0.12 0.0.0.0
matrix-x(router-config)# access-list 1 deny 10.11.0.0 0.0.255.255 log
matrix-x(router-config)# access-list 1 permit 10.0.0.0 0.255.255.255

The following example deletes the first entry configured in access list number 1, shown in the
second example above:
matrix-x(router-config)# no access-list 1 permit 10.11.0.12 0.0.0.0

The following example shows another way to delete the first entry configured in access list
number 1, shown in the second example above:
matrix-x(router-config)# no access-list 1 seq 10

24-6 Access Control List Commands

Numbered Access Control Lists

access-list (extended)
This command configures a numbered extended access control list. Extended ACLs allow filtering
based on both source and destination IP addresses, as well as protocol and port matching.

Syntax
Separate syntax statements are shown for each protocol option.

Protocol Number
access-list number {deny | permit}{protocol_number}
{src_ip4_addr wildcard | any | host ip4_addr}
{dst_ip4_addr wildcard | any | host ip4_addr}
{{[precedence prec] [tos tos]} | [dscp dscp]} [log]

no access-list number {deny | permit}{protocol_number}

{src_ip4_addr wildcard | any | host ip4_addr}
{dst_ip4_addr wildcard | any | host ip4_addr}
{{[precedence prec] [tos tos]} | [dscp dscp]} [log]

TCP Protocol
access-list number {deny | permit} tcp
{src_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
{dst_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
[established] {{[precedence prec] [tos tos]} | [dscp dscp]} [log]

no access-list number {deny | permit} tcp

{src_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
{dst_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
[established] {{[precedence prec] [tos tos]} | [dscp dscp]} [log]

UDP Protocol
access-list number {deny | permit} udp
{src_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
{dst_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
{{[precedence prec] [tos tos]} | [dscp dscp]} [log]

no access-list number {deny | permit} udp

{src_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
{dst_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
{{[precedence prec] [tos tos]} | [dscp dscp]} [log]

ICMP Protocol
access-list number {deny | permit} icmp
{src_ip4_addr wildcard | any | host ip4_addr}
{dst_ip4_addr wildcard | any | host ip4_addr}
[icmp-type [icmp-code] | icmp-message]
{{[precedence prec] [tos tos]} | [dscp dscp]} [log]

no access-list number {deny | permit} icmp

{src_ip4_addr wildcard | any | host ip4_addr}
{dst_ip4_addr wildcard | any | host ip4_addr}
[icmp-type [icmp-code] | icmp-message]
{{[precedence prec] [tos tos]} | [dscp dscp]} [log]

Matrix X Router Command Line Interface Reference 24-7

Purpose
These router commands are used to create, copy, and resequence named standard and extended
IP access lists.

Commands
The commands used to configure named access control lists are:

For information about... Refer to page...

ip access-list standard 24-11

ip access-list extended 24-12

ip access-list resequence 24-13

ip access-list copy 24-14

ip access-list standard
This command configures named standard ACLs in access list configuration mode.

Syntax
ip access-list standard {number | name}

Parameters
number Specify the standard ACL to set by number, ranging from 1 to 99.
name Specify the standard ACL to set by name which can be up to 64 characters long.

Defaults
None.

Mode
Router Global Configuration.

Usage
Use this command to specify a standard ACL to configure in access list configuration mode. After
you enter this command, the mode changes to ACL configuration mode, in which you can enter a
set of deny/permit statements, and delete or move list entries. Refer to “Access List Configuration
Mode Commands” on page 24‐15 for the commands you can use in ACL configuration mode.
When you use a number to refer to an ACL with this command, you are referring to the same ACL
that can be referred to with the numbered standard access list command, access‐list.

Matrix X Router Command Line Interface Reference 24-11

Named Access Control Lists

Example
The following example creates a standard access list named 50:
matrix-x(router-config)# ip access-list standard 50
matrix-x(config-std-nacl)#

ip access-list extended
This command configures named extended ACLs in access list configuration mode.

Syntax
ip access-list extended {number | name}

Parameters
number Specify the standard ACL to set by number, ranging from 1 to 99.
name Specify the standard ACL to set by name which can be up to 64 characters long.

Defaults
None.

Mode
Router Global Configuration.

Usage
Use this command to specify an extended ACL to configure in access list configuration mode.
After you enter this command, the mode changes to ACL configuration mode, in which you can
enter a set of deny/permit statements, and delete or move list entries. Refer to Access List
Configuration Mode Commands on page 24‐15 for the commands you can use in ACL
configuration mode.
When you use a number to refer to an ACL with this command, you are referring to the same ACL
that can be referred to with the numbered extended access list command, access‐list.

Example
The following example creates an extended access list named 150:
matrix-x(router-config)# ip access-list extended 150
matrix-x(config-ext-nacl)#

24-12 Access Control List Commands

Named Access Control Lists

ip access-list resequence
This command resequences the entries in named or numbered access control lists.

Syntax
ip access-list resequence name start increment

Parameters
name Specify the standard ACL to set by name which can be up to 64 characters long.
start Specify the starting sequence number for the first entry, ranging from 1 to 65535.
increment Specify the increment for successive entries, ranging from 1 to 1000.

Defaults
None.

Mode
Router Global Configuration.

Usage
Use this command to change the sequence numbers of all the entries in an existing access list. By
making the increment between entries larger, you can make room for additional new entries.
Sequence numbers can be seen by entering the show access‐list command. Sequence numbers are
resilient but are not persistent data.

Example
The following example displays an existing access list, then resequences the entries to start at 10
and increment by 20:
matrix-x(router-config)# show access-lists 110
Extended IP access list 110
10 deny ip 128.0.0.0 wildcard 0.255.255.255 any
20 deny tcp any range 20 23 host 192.168.10.10
30 permit ip any any

matrix-x(router-config)# ip access-list resequence 110 10 20

matrix-x(router-config)# show access-lists 110
Extended IP access list 110
10 deny ip 128.0.0.0 wildcard 0.255.255.255 any
30 deny tcp any range 20 23 host 192.168.10.10
50 permit ip any any

Matrix X Router Command Line Interface Reference 24-13

Named Access Control Lists

ip access-list copy
This command copies the contents of an existing access control list, either standard or extended, to
a new list, or appends the contents to an existing list.

Syntax
ip access-list copy {src-number | src-name} to {dst-number | dst-name}

Parameters
src‐number Specify the source ACL by number, ranging from 1 to 199.
src‐name Specify the source ACL by name which can be up to 64 characters long.
to Indicate the destination ACL.
dst‐number Specify the destination ACL by number, ranging from 1 to 199.
dst‐name Specify the destination ACL by name which can be up to 64 characters long.

Defaults
None.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use this command to copy an entire named access list to a new one, or to append the contents of
an existing access list to another access list. By appending, you can concatenate several access lists
on a single one.
You cannot copy a standard access list to an extended one, or an extended list to a standard one.

Example
This example copies an existing standard ACL, with the number of 1, to a new access list with the
name of “one.”
matrix-x(router-config)# show access-lists
Standard IP access list 1
10 permit host 10.10.10.10
20 deny 10.10.10.0 wildcard 0.0.0.255

matrix-x(router-config)# ip access-list copy 1 to one

matrix-x(router-config)# show access-lists

Standard IP access list 1
10 permit host 10.10.10.10
20 deny 10.10.10.0 wildcard 0.0.0.255
Standard IP access list one
10 permit host 10.10.10.10
20 deny 10.10.10.0 wildcard 0.0.0.255

24-14 Access Control List Commands

Access List Configuration Mode Commands

Purpose
These commands are used to create, delete, and move access control list entries, when in access list
configuration mode, and to exit access list configuration mode.

Commands
The access list configuration mode commands are:

For information about... Refer to page...

delete 24-15

deny 24-16

exit 24-17

move 24-18

no 24-19

permit 24-20

delete
This command deletes a range of access list entries.

Syntax
delete from init-seq-num to final-seq-num

Parameters
from init‐seq‐num Specifies the sequence number of the first entry in the range to delete.
The value can range from 1 to 65535.
to final‐seq‐num Specifies the sequence number of the last entry in the range to delete.
The value can range from 1 to 65535.

Defaults
None.

Mode
Router Access List Configuration.

Usage
Use this command in ACL configuration mode to delete a range of existing entries. You can also
use the no command to delete a single entry.

Matrix X Router Command Line Interface Reference 24-15

Access List Configuration Mode Commands

Example
This example displays extended ACL 110, then deletes the entries numbered 11 and 12, then
redisplays the ACL to show the results of the deletion:
matrix-x(config-ext-nacl)# show access-lists 110
Extended IP access list 110
10 deny tcp any range 20 23 host 192.168.10.10
11 deny icmp 195.0.0.0 wildcard 0.255.255.255 any 0 0
12 deny ip 128.0.0.0 wildcard 0.255.255.255 any
22 permit ip any any
matrix-x(config-ext-nacl)# delete from 11 to 12
matrix-x(config-ext-nacl)# show access-lists 110
Extended IP access list 110
10 deny tcp any range 20 23 host 192.168.10.10
22 permit ip any any
matrix-x(config-ext-nacl)#

deny
This command adds a deny statement to a standard or extended access list.

Syntax
Separate syntax statements are shown for standard and extended ACLs.

Standard ACLs
deny {ip4_addr wildcard | any | host ip4_addr} [log]

Extended ACLs
deny {protocol}
{src_ip4_addr wildcard |any | host ip4_addr} [eq|gt|lt|neq|{range int} int]
{dst_ip4_addr wildcard |any | host ip4_addr} [eq|gt|lt|neq| {range int} int]
[established] {{[precedence prec] [tos tos]} | [dscp dscp]} [log]

Parameters
For standard ACLs, refer to the parameters described for access‐list (standard) on page 24‐5.
For extended ACLs, refer to the parameters described for access‐list (extended) on page 24‐7.

Defaults
None.

Mode
Router Access List Configuration.

Usage
Use this command in access list configuration mode to add deny statements. The syntax of the
statements is the same as that used to configure numbered standard and extended access lists with
the access‐list (standard) and access‐list (extended) commands.

24-16 Access Control List Commands

Access List Configuration Mode Commands

Example
The following example adds a deny statement to an extended access list:
matrix-x(router-config)# ip access-list extended 110
matrix-x(config-ext-nacl)# deny icmp 195.0.0.0 0.255.255.255 any

exit
This command exits from ACL configuration mode.

Syntax
exit

Parameters
None.

Defaults
None.

Mode
Router Access List Configuration.

Usage
Use this command to move up one mode level, out of ACL configuration mode.

Example
This example exits from ACL configuration mode:
matrix-x(router-config)# ip access-list extended 110
matrix-x(config-ext-nacl)# deny icmp 195.0.0.0 0.255.255.255 any
matrix-x(config-ext-nacl)# exit

Matrix X Router Command Line Interface Reference 24-17

Access List Configuration Mode Commands

move
This command moves a range of entries within an access list.

Syntax
move before insert-seq-num from init-seq-num to final-seq-num

Parameters
before insert‐seq‐num Specifies the sequence number of the entry before which the moved
entries will be inserted, ranging from 1 to 65535.
from init‐seq‐num Specifies the sequence number of the first entry in the range to move,
ranging from 1 to 65535.
to final‐seq‐num Specifies the sequence number of the last entry in the range to move.
The value can range from 1 to 65535.

Defaults
None.

Mode
Router Access List Configuration.

Usage
Use this command in access list configuration mode to move a range of existing entries in an
access list from one location to another.

Example
The following example moves the entry with sequence number 60 to before the entry with
sequence number 50:
matrix-x(config-ext-nacl)# show access-lists 110
Extended IP access list 110
10 deny ip 128.0.0.0 wildcard 0.255.255.255 any
30 deny tcp any range 20 23 host 192.168.10.10
50 permit ip any any
60 deny icmp 195.0.0.0 wildcard 0.255.255.255 any 0 0

matrix-x(config-ext-nacl)# move before 50 from 60 to 60

Resequenced 60-60 and 50-50

matrix-x(config-ext-nacl)# show access-list 110

Extended IP access list 110
10 deny ip 128.0.0.0 wildcard 0.255.255.255 any
30 deny tcp any range 20 23 host 192.168.10.10
50 deny icmp 195.0.0.0 wildcard 0.255.255.255 any 0 0
51 permit ip any any

24-18 Access Control List Commands

Access List Configuration Mode Commands

no
This command deletes a single ACL entry.

Syntax
no seq-num

Parameters
seq‐num Sets the sequence number of the entry to delete, ranging from 1 to 65535.

Defaults
None.

Mode
Router Access List Configuration.

Usage
Use this command in access list configuration mode to delete a single entry. You can use the delete
command to delete a range of entries.

Example
The following example deletes the entry with sequence number 10:
matrix-x(router-config)# ip access-list extended 110
matrix-x(config-ext-nacl)# show access-list 110
Extended IP access list 110
10 deny ip 128.0.0.0 wildcard 0.255.255.255 any
30 deny tcp any range 20 23 host 192.168.10.10
50 deny icmp 195.0.0.0 wildcard 0.255.255.255 any 0 0
51 permit ip any any
matrix-x(config-ext-nacl)# no 10
matrix-x(config-ext-nacl)# show access-list 110
Extended IP access list 110
30 deny tcp any range 20 23 host 192.168.10.10
50 deny icmp 195.0.0.0 wildcard 0.255.255.255 any 0 0
51 permit ip any any

Matrix X Router Command Line Interface Reference 24-19

Access List Configuration Mode Commands

permit
This command adds a permit statement to a standard or extended ACL.

Syntax
Separate syntax statements are shown for standard and extended ACLs.

Standard ACLs
permit {ip4_addr wildcard | any | host ip4_addr} [log]

Extended ACLs
permit {protocol}
{src_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq | {range int} int]
{dst_ip4_addr wildcard | any | host ip4_addr} [eq|gt|lt|neq | {range int} int]
[established] {{[precedence prec] [tos tos]} | [dscp dscp]} [log]

Defaults
None.

Mode
Router Access List Configuration.

Usage
Use this command in ACL configuration mode to add permit statements. The syntax of the
statements is the same as that used to configure numbered standard and extended access lists with
the access‐list (standard) and access‐list (extended) commands.

Example
The following example permits TCP packets from source address 192.168.10.10 and ports in the
range of 20 to 23 to be sent to the destination address 20.20.20.20:
matrix-x(router-config)# ip access-list extended 110
matrix-x(config-ext-nacl)# permit tcp host 192.168.10.10 range 20 23 host
20.20.20.20

24-20 Access Control List Commands

Displaying and Applying Access Lists

Purpose
These commands are used to apply access lists to routing interfaces, display the contents of access
lists, clear the match counters for access‐lists, and display the amount of space for rules available
to a specific interface and the amount of rule space required to apply a specified access list and/or
policy map to a specific interface.

Commands

For information about... Refer to page...

ip access-group 24-21

ip service-access 24-22

ip common-access 24-23

show access-lists 24-25

clear access-list counters 24-26

show ip access-groups 24-27

clear ip access-group if-counters 24-28

show ip rule-space available 24-29

show ip rule-space required 24-31

show ip rule-space expected 24-32

ip access-group
This command applies access restrictions to inbound or outbound packets on an interface when
operating in Router Interface Configuration mode.

Syntax
ip access-group list-id {in | out}

no ip access-group list-id {in | out}

Parameters
list‐id Specifies the number or name of the ACL to apply to the interface. The
value of list‐id is a number from 1 to 199 or a name.
in Filters inbound frames.
out Filters outbound frames.

Defaults
None.

Matrix X Router Command Line Interface Reference 24-21

Displaying and Applying Access Lists

Mode
Router Interface Configuration.

Usage
Applies an ACL to the routed or management interface, either inbound or outbound.

Note: The available rule-space in a given FE is shared among all interfaces that belong to it. If an
ACL with 1010 rules is applied to an interface, no rule-space will be available to any other interfaces
that belong to that FE.

Examples
This example creates ACL 1 and then applies it to the interface on Gigabit Ethernet port 2 on IOM
module 1. By definition, only packets with source address 192.5.34.0 will be routed. All packets
with other source addresses received on the port will be dropped.
matrix-x(router-config)# access-list 1 permit 192.5.34.0 0.0.0.255
matrix-x(router-config)# interface ge.1.2
matrix-x(router-config-if-ge.1.2)# ip access-group 1 in
This example creates ACL 2 and then applies it to all outbound packets on the interface on Gigabit
Ethernet port 2 on IOM module 1.
matrix-x(router-config)# access-list 2 permit 192.5.34.0 0.0.0.255
matrix-x(router-config)# interface ge.1.2
matrix-x(router-config-if-ge.1.2)# ip access-group 2 out

ip service-access
This command references an existing standard access list to filter packets bound for a specific
service, such as SSH, that are destined to any of the routerʹs IP addresses. This is known as a
service ACL.

Warning: Ensure that your source host address is permitted in a given ACL before applying that
ACL to the SSH or Telnet service. If your source host address is not present in the ACL, your router
CLI session may freeze. If this happens, you may have to connect to the router using the serial
console port to access the CLI and correct the problem.

Syntax
ip service-access acl-id {http | snmp | ssh | telnet}

no ip service-access acl-id {http | snmp | ssh | telnet}

Parameters
acl‐id The name or number of an existing standard access list to apply.
http Specifies HTTP as the service to filter on.
snmp Specifies SNMP as the service to filter on.
ssh Specifies SSH as the service to filter on.
telnet Specifies Telnet as the service to filter on.

24-22 Access Control List Commands

Displaying and Applying Access Lists

Defaults
None.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use the ip service‐access command to apply an existing access list to one or more service types.
Standard ACLs (either named or numbered) can be used as service ACLs. Only one ACL can be
referenced per targeted service, though all of the services may reference the same ACL. Applying
extended ACLs to services is not supported. All service traffic destined to any of the routerʹs IP
addresses will be evaluated against the rules of any configured Service ACLs before any other
ACLs are evaluated.

Example
This example applies an existing ACL (ACL 1) to the SSH service. All inbound packets destined
for the well‐known SSH port (port 22) will be routed according to the filter defined in ACL 1.
matrix-x(router-config)# ip service-access 1 ssh

ip common-access
This command applies an access list (standard or extended) commonly across all interfaces.

Syntax
ip common-access acl-id {prefix | suffix} {inbound | outbound}

no ip common-access acl-id {[prefix | suffix] [inbound | outbound]}

Parameters
acl‐id The name or number of an existing standard or extended access list to
apply.
prefix Specify that this ACL be commonly applied first on interfaces. This
ACL will be prefixed to any applied access group.
suffix Specify that this ACL be commonly applied last on interfaces. This
ACL will be suffixed to any applied access group.
inbound Specify that this ACL be commonly applied to filter ingress packets.
outbound Specify that this ACL be commonly applied to filter egress packets.

Defaults
None.

Mode
Router global configuration: matrix‐x(router‐config)#

Matrix X Router Command Line Interface Reference 24-23

Displaying and Applying Access Lists

Usage
Using this command conserves rule space because a single copy of the rules are stored in each FE
and effectively applied on all interfaces.
Furthermore, for a given direction, up to two Common ACLs (prefix, suffix, or both) may be
applied.
Prefix means prefixed to any applied ACL. Suffix means suffixed to the explicit rules of any
applied ACL. If there is an applied ACL, the suffixed rules of the Common ACL precede the
implicit deny. If there is no applied ACL, there is no implicit deny.

Note: We strongly recommend that you use separate ACLs for prefix Common ACLs, suffix
Common ACLs, or applied ACLs.

You can apply up to a maximum of four common ACLs. Of these, two may be applied in the
ingress direction, one as a prefix before any interface‐specific ACL being applied, and the other as
a suffix after any interface‐specific ACL being applied. Up to two may also be applied in the
egress direction, one as a prefix and one as a suffix.
Unlike all other ACLs, Common ACLs are not terminated with an implicit deny statement. A
common ACL applies an existing ACL commonly to all routed interfaces. The existing source
ACL is terminated with an implicit deny but the Common ACL is not. The implicit deny‐any rule
of an ACL is not used when that ACL is applied as a Common ACL.
The lack of an implicit deny in a prefix Common ACL allows rules in any subsequent applied
ACL to be evaluated. If there is both an applied ACL and a suffix Common ACL, the implicit deny
of the applied ACL is evaluated after the suffix ACL rules.

Example
This example applies an existing ACL “1” commonly across interfaces. In this example, the
common ACL’s rules will be evaluated prior to any other interface ACLs and will filter ingress
packets only.
matrix-x(router-config)# ip common-access 1 prefix inbound
matrix-x(router-config)# show ip common-access brief
Common-access standard IP access list 1, prefix inbound (1 entries)

show ip common-access
This command displays information about commonly‐applied access lists, for all interfaces or a
single interface.

Parameters
brief (Optional) Display a summary of all applied common access
group(s).
both‐prefix‐and‐suffix (Optional) Show both prefixed and suffixed access groups.

24-24 Access Control List Commands

Displaying and Applying Access Lists

prefix (Optional) Show the applied access group(s) prefixed to any

interface.
suffix (Optional) Show the applied access group(s) suffixed to any
interface.
both‐in‐and‐out (Optional) Show access lists applied as both inbound (ingress) and
outbound (egress) filters.
inbound (Optional) Show access lists applied as inbound filters.
outbound (Optional) Show access lists applied as outbound filters.

Defaults
If no optional parameters are specified, common access lists applying to all routed interfaces are
displayed.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router access list configuration: matrix‐x(config‐xxx‐nacl)#

Examples
This example displays information about common access lists applying to all routed interfaces
that have been pre‐pended and filter inbound traffic only.
matrix-x(router-config)# show ip common-access prefix inbound
Common-access standard IP access list 1, prefix inbound (2 entries)
10 permit host 192.168.1.1
20 permit host 192.168.1.2
This example displays summary information about all configured common access lists.
matrix-x(router-config)# show ip common-access brief
Common-access standard IP access list 1, prefix inbound (2 entries)

show access-lists
This command displays information about configured ACLs.

Syntax
show access-lists [brief] [list_id [from num] [to num]]

Parameters

brief (Optional) Display a summary of all applied access group(s).

list‐id (Optional) The name or number of a configured access list. If no access
list is specified, information about all configured lists is displayed.
from num (Optional) Specify the sequence number of the first entry to show,
ranging from 1 to 65535.

Matrix X Router Command Line Interface Reference 24-25

Displaying and Applying Access Lists

to num (Optional) Specify the sequence number of the last entry to show,
ranging from 1 to 65535.

Defaults
Display information about all configured ACLs.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#
Router access list configuration: matrix‐x(config‐xxx‐nacl)#

Usage
Use the show access‐lists query to display information about all or specific ACLs configured in
global configuration mode using the access‐lists command.
If this command is issued without arguments, then information about all configured access lists is
returned. Alternatively, the command can be issued naming a specific access list. In this case, the
reply will contain information pertaining only to the referenced access list.
For each entry in an access list, this command displays the number of packets received, if any, that
matched the entry conditions. This number is an aggregate count across all interfaces to which the
access list was applied.

Example
The following example displays information about ACL 10. Note that 814 packets were received
that matched sequence number 30 and 10 that matched sequence number 40:
matrix-x(router-exec)# show access-lists 10
Standard IP access-list 10
10 deny 192.168.100.0 0.0.0.0
20 deny 192.168.200.0 0.0.0.0
30 permit 192.168.30.1 0.0.0.0 (814 matches)
40 deny 192.168.20.1 0.0.0.0 (10 matches)
50 permit 0.0.0.0 255.255.255.255

clear access-list counters

This command clears the counters that keep track of access list entry matches.

Syntax
clear access-list counters {number | name}

Parameters
number Specify the access control list to clear by number, ranging from 1 to 199.
name Specify the access control list to clear by name.

24-26 Access Control List Commands

Displaying and Applying Access Lists

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#

Usage
Use this command to clear the match counters for all the entries in the specified access control list.
This command applies to both standard and extended access lists, numbered and named.
The counts cleared are aggregate counts across all interfaces to which the access list was applied.

Example
The following example shows the use of the clear access‐list counters command.
matrix-x(router-exec)# show access-lists 10
Standard IP access-list 10
10 deny 192.168.100.0 0.0.0.0
20 deny 192.168.200.0 0.0.0.0
30 permit 192.168.30.1 0.0.0.0 (814 matches)
40 deny 192.168.20.1 0.0.0.0 (10 matches)
50 permit 0.0.0.0 255.255.255.255

matrix-x(router-exec)# clear access-list counters 10

matrix-x(router-exec)# show access-lists 10

Standard IP access-list 10
10 deny 192.168.100.0 0.0.0.0
20 deny 192.168.200.0 0.0.0.0
30 permit 192.168.30.1 0.0.0.0
40 deny 192.168.20.1 0.0.0.0
50 permit 0.0.0.0 255.255.255.255

show ip access-groups
This command displays information about applied access lists, for all interfaces or a single
interface.

Syntax
show ip access-groups [brief]
| [inbound {all-interfaces | port-string [from num] [to num]}]
| [outbound {all-interfaces | port-string [from num] [to num]}]

Parameters
brief (Optional) Display a summary of all applied access group(s).
inbound (Optional) Specify access lists applied as inbound (ingress) filters.
outbound (Optional) Specify access lists applied as outbound (egress) filters.
all‐interfaces Display information for all interfaces to which ACLs are applied.

Matrix X Router Command Line Interface Reference 24-27

Displaying and Applying Access Lists

port‐string Display information only for the interface specified.

You can use a wildcard (*) character to indicate all of an item for the
interface port‐string parameter. For example, ge.1.* represents all the
Gigabit Ethernet ports on the module in slot 1 while *.*.* represents all
ports of either a physical or VLAN interface type on all modules in the
chassis.
from num (Optional) Specify the sequence number of the first entry to show,
ranging from 1 to 65535.
to num (Optional) Specify the sequence number of the last entry to show,
ranging from 1 to 65535.

Defaults
If no parameters are specified, all applied access lists are displayed. If sequence numbers are not
specified, all ACL entries are displayed.

Usage
Use this command to display ACLs applied to routing interfaces and counts of the number of
packets received per interface, if any, that matched the ACL entry conditions.
When you display information for specific interfaces, rather than all‐interfaces, you can limit the
display to a range to entries of the applied access list.

Example
This example displays information about the access list applied to interface ge.4.2. The display is
limited to the entries numbered between 1 and 50. Note that the display shows the count of
matches to entries 30 and 40.
matrix-x(router-exec)# show ip access-groups inbound ge.4.2 from 1 to 50
Inbound on interface ge.4.2, Standard IP access-list 10
10 deny 192.168.100.0 0.0.0.0
20 deny 192.168.200.0 0.0.0.0
30 permit 192.168.30.1 0.0.0.0 (814 matches)
40 deny 192.168.20.1 0.0.0.0 (10 matches)
50 permit 0.0.0.0 255.255.255.255

clear ip access-group if-counters

This command clears the access list entry match counts from all routing interfaces or a single
interface.

Syntax
clear ip access-group if-counters inbound {all-interfaces | port-string}

24-28 Access Control List Commands

Displaying and Applying Access Lists

Parameters
inbound Specifies access lists applied as inbound filters.
all‐interfaces Clears match counters for all interfaces to which ACLs are applied.
port‐string Clears match counters only for the interface specified.
You can use a wildcard (*) character to indicate all of an item for the
interface port‐string parameter. For example, ge.1.* represents all the
Gigabit Ethernet ports on the module in slot 1 while *.*.* represents all
ports of either a physical or VLAN interface type on all modules in the
chassis.

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#

Usage
Use this command to clear the match counters for all the entries in the access control lists applied
to all interfaces, or for a specific interface.
Note that this command does not affect the aggregate counts for the access lists displayed by the
show access‐lists command.

Example
This example clears the entry match counters for the access list applied to interface ge.4.2.
matrix-x(router-exec)# clear ip access-group if-counters inbound ge.4.2

show ip rule-space available

This command displays the amount of rule space, measured in number of rules, available to a
specific interface.

Syntax
show ip rule-space available {inbound | outbound} port-string

Parameters
inbound Specifies an inbound interface.
outbound Specifies an outbound interface.
port‐string Specifies the interface for which to show the available rule space.
You can use a wildcard (*) character to indicate all of an item for the
interface port‐string parameter. For example, ge.1.* represents all the
Gigabit Ethernet ports on the module in slot 1 while *.*.* represents all
ports of either a physical or VLAN interface type on all modules in the
chassis.

Matrix X Router Command Line Interface Reference 24-29

Displaying and Applying Access Lists

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use this command to display the number of rules for which there is space available for a physical
or VLAN interface. An interface may span multiple FEs, which may not have equal rule space
available. This command displays the minimum amount of rule space available per slot. This
command can be used in conjunction with the show ip rule‐space required command to
determine whether an access list and/or policy map can be successfully assigned to an interface.

Note: Enabling ACL logging on an interface effectively doubles any Common ACL rules for that
interface which reduces available rules space.

Examples
This example displays the number of rules for which there is space available for VLAN 111.
matrix-x(router-exec)# show ip rule-space available inbound vlan.1.111
interface vlan.1.111
Space is available for 1009 rules on interface vlan.1.111
-- by slot: 4:1009,
This example displays the number of rules for which there is space available on all Gigabit
Ethernet ports on the module in slot 1 in the outbound direction.
matrix-x(router-config-if-ge.1.4)# show ip rule-space available outbound ge.1.*
interface ge.1.1
Space is available for 1024 rules on interface ge.1.1 outbound

interface ge.1.2
Space is available for 1024 rules on interface ge.1.2 outbound

interface ge.1.3
Space is available for 1024 rules on interface ge.1.3 outbound

interface ge.1.4
Space is available for 1024 rules on interface ge.1.4 outbound

24-30 Access Control List Commands

Displaying and Applying Access Lists

show ip rule-space required

This command displays the amount of rule space required for a successful application of a
specified access list and/or policy map.

Syntax
show ip rule-space required {access-group acl-id | policy-map map-name} [and
{access-group acl-id | policy-map map-name}]

Parameters
access‐group acl‐id Specifies the access list for which to count rules.
policy‐map map‐name Specifies the policy map for which to count rules.
and (Optional) Allows you to specify a policy map or access list in addition
to the access list or policy map already specified.

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use this command to display the number of rules that will be generated by the specified access list
and/or policy map. This command can be used in conjunction with the show ip rule‐space
available command to determine whether an access list or policy map can be successfully assigned
to an interface if ACL logging is not applied on that interface.

Note: The rule-space required for certain extended ACLs may be more than is suggested by the
actual number of entries you have explicitly configured. Refer to show ip rule-space expected for
more details.

Example
This example displays the number of rules for which space must be available if access list 100 were
applied by itself, policy map POLICY1 were applied by itself, and if both were applied together to
an interface.
matrix-x(config-ext-nacl)# show ip rule-space required access-group 100
Note rules are generated to handle fragments for any tcp/udp port reference.
For access-group 100:
Count assumes on an interface without acl logging.
Space is needed for 5 rules inbound.
Space is needed for 5 rules outbound.
matrix-x(config-ext-nacl)# show ip rule-space required policy-map POLICY1
Note rules are generated to handle fragments for any tcp/udp port reference.
For policy-map POLICY1:
Count includes common-access rules if any are configured.

Matrix X Router Command Line Interface Reference 24-31

Displaying and Applying Access Lists

Space is needed for 5 rules inbound.

Space is needed for 5 rules outbound.
matrix-x(config-ext-nacl)# show ip rule-space required access-group 100 and
policy-map POLICY1
Note rules are generated to handle fragments for any tcp/udp port reference.
For policy-map POLICY1 and access-group 100 together:
Count includes common-access rules if any are configured.
Space is needed for 6 rules inbound.
Space is needed for 6 rules outbound.

show ip rule-space expected

This command provides information about the amount of rule space that would exist if a given
configuration change were to be made.

Syntax
show ip rule-space expected if {{apply | remove}
{access-group acl-id {inbound | outbound}
| {common-access acl-id {prefix | suffix} {inbound | outbound}
| {log-access inbound}
| {policy-map map-name {inbound | outbound} port-string}

Parameters
apply Specifies the application of the given Common ACL, policy map,
ACL, or ACL logging.
remove Specifies the removal of the given item.
access‐group acl‐id Specifies the access list to test the rule space change expected.
common‐access acl‐id Specifies the common‐access list to test the rule space change
expected.
log‐access Specifies access logging to test the rule space change expected.
policy‐map map‐name Specifies the policy map to test the rule space change expected.
inbound Specifies an inbound interface.
outbound Specifies an outbound interface.
prefix Specifies that this ACL will be applied first on all routed interfaces
(eth0 is not included). This ACL will be prefixed to any applied
access group.
suffix Specifies that this ACL will be applied last on all routed interfaces
(eth0 is not included). This ACL will be suffixed to any applied
access group.
port‐string Specifies the interface for which to show the available rule space.
You can use a wildcard (*) character to indicate all of an item for the
interface port‐string parameter. For example, ge.1.* represents all
the Gigabit Ethernet ports on the module in slot 1 while *.*.*
represents all ports of either a physical or VLAN interface type on
all modules in the chassis.

24-32 Access Control List Commands

Displaying and Applying Access Lists

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use this command to display both the rule space (in number of rules) currently available for an
interface as well as the amount of rule space that would be available after the specified change was
made. Potential changes include applying or removing a Common ACL, a policy map, an ACL, or
ACL logging on an interface. Running this command provides the number of rules expected to be
used on or reclaimed from the FE associated with a given interface by applying or removing the
specified configuration to that interface.

Examples
This example displays both the amount of rule space currently available and the potential result of
removing access list 1 from interface ge.1.1. In this case, space for two rules is expected to be
reclaimed.
matrix-x(router-config-if-ge.1.1)# show ip rule-space expected if remove
access-group 1 inbound ge.1.1
interface ge.1.1 inbound
Before potential remove the space available is 1008 rules.
After potential remove the space available would be 1010 rules.
Similarly, the following example displays the amount of rule space currently available and
expected to be available after applying access list 1 to interface ge.1.1.
matrix-x(router-config-if-ge.1.1)# show ip rule-space expected if apply
access-group 1 inbound ge.1.1
interface ge.1.1 inbound
Before potential apply the space available is 1010 rules.
After potential apply the space available would be 1008 rules.
This example displays both the amount of rule space currently available and the potential result of
applying ACL 1 as a common acccess list.
matrix-x(router-exec)# show ip rule-space expected if apply common-access 1 prefix
inbound
Before potential apply the space available is 1010 rules.
-- by slot: 1:1010,
After potential apply the space available would be 1009 rules.
-- by slot: 1:1009,

Matrix X Router Command Line Interface Reference 24-33

ACL Rule Match Logging Commands

Purpose
These router commands are used to configure global and interface‐specific ACL rule match
logging parameters, and to display the status of global ACL logging parameters. Refer to “ACL
Rule Match Logging Commands” on page 24‐34 for information about the ACL entry match
logging feature.

Commands

For information about... Refer to page...

show ip log-access 24-34

ip log-access update-frequency 24-35

ip log-access max-count-per-interface 24-36

ip log-access 24-37

ip log-access service-access-list 24-39

show ip log-access
This command displays the current status of the global ACL entry match logging parameters.

Syntax
show ip log-access

Parameters
None.

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#

Usage
Use this command to display the current status of periodic logging (enabled or disabled), the
frequency with which the periodic update messages will be written to syslog, and the maximum
number of unique traffic flows that will be logged per interface enabled for logging.

Example
This example shows the output of this command for the default configuration of ACL logging.
matrix-x(router-exec)# show ip log-access

24-34 Access Control List Commands

ACL Rule Match Logging Commands

Access List periodic logging is ENABLED, update frequency is 300 seconds.

Maximum number of Log entries per interface is 100
Service Access List logging is disabled

ip log-access update-frequency
This command sets the frequency of periodic updates for logging. The no form of this command
sets the update frequency of periodic updates to the default value of 300 seconds.

Syntax
ip log-access update-frequency [seconds]

no ip log-access update-frequency

Parameters
seconds Sets the frequency of periodic updates. The value of seconds can range
from 15 to 600 seconds. Default value is 300 seconds.

Defaults
By default, periodic updates are enabled and the update frequency is 300 seconds.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use this command to change the frequency of periodic updates from the default value of 300
seconds, by entering a frequency value, or to reset the frequency to 300 seconds and re‐enable
periodic updates if it has been disabled.
Use the no form of this command to set the update frequency of periodic updates to the default
value of 300 seconds. To disable periodic updates, use this command to set the update frequency
to zero (0).
When periodic updates are enabled, only the first entry for each unique flow that matches an ACL
entry on an interface is logged. Data about future received matches to the ACL entry for each
unique flow are stored but only logged by means of a periodic update message every update
frequency interval. Periodic update messages list the percentage of received frames for each traffic
flow that has been matched at least once over the previous interval. After each periodic update,
the utilization data is reset. By default, periodic updates are enabled with a frequency of 300
seconds.
When periodic updates are disabled, all flow matches are logged as received on a best effort basis.
If a large amount of data is expected to be logged, it is recommended that you enable periodic
updates. If you disable the maximum count of flows per interface, the X Router will log hits up to
the maximum number allowed (set with the ip log‐access max‐count‐per‐interface command).

Examples
The following example sets the update frequency to 600 seconds, then uses the show ip log‐access
command to display the current status.
matrix-x(router-config)# ip log-access update-frequency 600

Matrix X Router Command Line Interface Reference 24-35

ACL Rule Match Logging Commands

matrix-x(router-config)# show ip log-access

Access List periodic logging is ENABLED, update frequency is 600 seconds.
Maximum number of Log entries per interface is 100
Service Access List logging is disabled
The following example disables periodic updates by setting update frequency to zero, then uses
the show ip log‐access command to display the current status.
matrix-x(router-config)# ip log-access update-frequency 0
matrix-x(router-config)# show ip log-access
Access List periodic logging is DISABLED
Maximum number of Log entries per interface is 100
Service Access List logging is disabled
The following example sets periodic updates to the default value of 300 seconds, then uses the
show ip log‐access command to display the current status.
matrix-x(router-config)# no ip log-access update-frequency
matrix-x(router-config)# show ip log-access
Access List periodic logging is ENABLED, update frequency is 300 seconds.
Maximum number of Log entries per interface is 100
Service Access List logging is disabled

ip log-access max-count-per-interface
This command configures the maximum number of unique traffic flows to log for each interface
that has logging enabled. Entering the no version of the command sets count to the default value
of 100.

Syntax
ip log-access max-count-per-interface [count]

no ip log-access max-count-per-interface

Parameters
count (Optional) Specifies the maximum number of unique flows to log for
each interface that has logging enabled. The value of count can range
from 1 to 1000. Default value is 100.

Defaults
Default count is 100.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
You can configure the Matrix X Router to log traffic “hits” of ingress ACL rules by means of syslog
messages. You can control the amount of data logged by enabling periodic updates and the
frequency of the updates (set with the ip log‐access update‐frequency command), as well as
configuring the maximum number of unique traffic flows to log for each interface with logging
enabled.

24-36 Access Control List Commands

ACL Rule Match Logging Commands

Use this command to set the maximum number of unique traffic flows to log per interface. Use the
no form of the command to set the number to the default value of 100.

Examples
This example sets the maximum count to 200, then uses the show ip log‐access command to
display the new status.
matrix-x(router-config)# ip log-access max-count-per-interface 200
matrix-x(router-config)# show ip log-access
Access List periodic logging is ENABLED, update frequency is 300 seconds.
Maximum number of Log entries per interface is 200
Service Access List logging is disabled

This example sets the maximum count to the maximum allowed value.
matrix-x(router-config)# ip log-access max-count-per-interface 1000
matrix-x(router-config)# show ip log-access
Access List periodic logging is ENABLED, update frequency is 300 seconds.
Maximum number of Log entries per interface is 1000
Service Access List logging is disabled

This example resets the maximum count to the default value of 100.
matrix-x(router-config)# no ip log-access max-count-per-interface
matrix-x(router-config)# show ip log-access
Access List periodic logging is ENABLED, update frequency is 300 seconds.
Maximum number of Log entries per interface is 100
Service Access List logging is disabled

ip log-access
This command enables and configures ACL rule match logging on a specific interface.

Syntax
ip log-access {all-entries | log-entries} [both-permit-and-deny | deny-only |
permit-only] [verbose]

no ip log-access

Parameters
all‐entries Rule matches to all ACL entries should be logged.
log‐entries Only rule matches to ACL entries containing the log keyword should
be logged.
both‐permit‐and‐deny (Optional) Log traffic flows that match both permit and deny rules.
This is the default value if no rule type parameters are entered with
this command.
deny‐only (Optional) Log only traffic flows that match deny rules.
permit‐only (Optional) Log only traffic flows that match permit rules.
verbose (Optional) Log frame data.

Matrix X Router Command Line Interface Reference 24-37

ACL Rule Match Logging Commands

Defaults
ACL rule match logging is disabled by default.
If the command is executed without any rule type parameters, traffic flows that match both permit
and deny rules are logged.

Mode
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use this command to enable logging of traffic flows that match ACL rules of the specified type for
the interface being configured. If you specify all‐entries, traffic flows that match the specified rule
type in any ACL entry will be logged, even if the entries have not been tagged with the log
keyword.
If you specify log‐entries, only traffic flows that match the specified rule type in ACL entries that
have been tagged with the log keyword will be logged. Refer to “Numbered Access Control Lists”
on page 24‐5 and “Named Access Control Lists” on page 24‐11 for descriptions of using the log
keyword when creating access control lists.
You can log matches of permit rules, deny rules, or both permit and deny rules.
If you specify the verbose parameter, the X Router will also log the first 64 bytes of a frame hit, in
addition to the standard ACL rule hit log message. For examples of the syslog messages, refer to
“Rule Match Logging Formats” on page 24‐3.
Use the no form of this command to disable logging of traffic flow rule matches for this interface.
You can display the current status of ACL rule match logging for an interface with the show ip
interface command.

Examples
This example enables logging of traffic flows that match deny rules in any ACL entry on interface
ge.1.1. The show ip interface command is used to display the status of logging on the interface.
matrix-x(router-config-if-ge.1.1)# ip log-access all-entries deny-only verbose

matrix-x(router-config-if-ge.1.1)# show ip interface ge.1.1

ge.1.1 is administratively up, line protocol is up
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is not enabled
Inbound access list is 2
Proxy ARP is not enabled
ICMP redirects are not being sent
ICMP unreachables are being sent
ICMP mask replies are never sent
Logging on for all deny access group entries (verbose)

This example enables logging of traffic flows that match deny rule entries that have been tagged
with the log keyword.
matrix-x(router-config-if-ge.1.1)# ip log-access log-entries deny-only

matrix-x(router-config)# show ip interface ge.1.1

24-38 Access Control List Commands

ACL Rule Match Logging Commands

ge.1.1 is administratively up, line protocol is up

Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is not enabled
Inbound access list is 2
Proxy ARP is not enabled
ICMP redirects are not being sent
ICMP unreachables are being sent
ICMP mask replies are never sent
Logging on for designated access deny entries

ip log-access service-access-list
This command enables and configures ACL rule match logging for service ACLs.

Syntax
ip log-access service-access-list {all-entries | log-entries}
[both-permit-and-deny | deny-only | permit-only] [verbose]

no ip log-access service-access-list

Defaults
Service ACL rule match logging is is disabled by default.
If the command is executed without any rule type parameters, traffic flows that match both permit
and deny rules are logged.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use this command to enable logging of traffic flows that match service ACL rules. If you specify
all‐entries, traffic flows that match the specified rule type in any ACL entry will be logged, even if
the entries have not been tagged with the log keyword.
If you specify log‐entries, only traffic flows that match the specified rule type in ACL entries that
have been tagged with the log keyword will be logged. Refer to “Numbered Access Control Lists”

Matrix X Router Command Line Interface Reference 24-39

ACL Rule Match Logging Commands

on page 24‐5 and “Named Access Control Lists” on page 24‐11 for descriptions of using the log
keyword when creating access control lists.
You can log matches of permit rules, deny rules, or both permit and deny rules.
If you specify the verbose parameter, the X Router will also log the first 64 bytes of a frame hit, in
addition to the standard ACL rule hit log message. For examples of the syslog messages, refer to
“Rule Match Logging Formats” on page 24‐3.
Use the no form of this command to disable logging of traffic flow rule matches for this interface.
You can display the current status of ACL rule match logging for an interface with the show ip
interface command.

Example
The following example enables logging for all service access list matches that occur as a result of
deny rules:
matrix-x(router-config)# ip log-access service-access-list all-entries deny-only
matrix-x(router-config)# show ip log-access
Access List periodic logging is ENABLED, update frequency is 300 seconds.
Maximum number of Log entries per interface is 100
Service Access List logging is all-entries deny-only

24-40 Access Control List Commands

25
Prefix List and Prefix Tree Commands

Overview
The Matrix X Router provides two types of prefix based lists—Prefix Lists and Prefix Trees. Prefix
Trees return the longest match as the true match, whereas Prefix Lists simulate a sequential
lookup and return the first matched entry as the true match.
The commands include:

For information about... Refer to page...

ip prefix-list 25-2

ip prefix-tree 25-3

show ip prefix-list 25-4

show ip prefix-tree 25-5

Matrix X Router Command Line Interface Reference Guide 25-1

Overview ip prefix-list

ip prefix-list
This command creates a prefix list.

Syntax
ip prefix-list list_id [seq seq_value] {deny | permit} {network/masklen}
[ge length] [le length]
no ip prefix-list list_id [seq seq_value] {deny | permit} {network/masklen}
[ge length] [le length]

Parameters
list_id A string of characters or an integer.
seq seq_value This is specified as an integer between 0 and 65535, inclusive.
Note: Sequence numbers are generated automatically in increments of 5 unless
automatic generation is turned off. If automatic generation is disabled, then the
sequence number must be specified. Otherwise, specifying this command is
optional.
deny | permit Denies or permits the specified source address.
network/masklen Specify a valid IPv4 address with a mask length. The IPv4 address is
specified in dotted‐quad format.
The mask length can be specified as an integer from 0 to 32, inclusive
(note that the ʺ/ʺ is required) or in dotted‐quad (A.B.C.D) format.
ge length (Optional) Specifies that the IPv4 address matches (prefix, mask) pairs
with exactly the same prefix address and mask lengths that are greater
than or equal to the value of the ge command. This value can be in the
range of 0 to 32, but it must be at least the value of masklen and no
greater than the value of le.
le length (Optional) Specifies that the IPv4 address matches (prefix, mask) pairs
with exactly the same prefix address and mask lengths that are less than
or equal to the value of the le command. This value can be in the range
of 0 to 32, but it must be at least the value of masklen and no less than
the value of ge.

Defaults
Prefix lists are not configured by default.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Prefix lists simulate a sequential lookup and return the first matched entry as the true match. The
entries are ordered according to the sequential value. Sequence numbers are generated
automatically unless automatic generation is disabled. If the automatic generation of sequence
numbers is disabled, then the sequence number for each entry must be specified.
The optional ge and le commands can be used to specify the range of the prefix length to be
matched for prefixes that are more specific than a network and netmask value. If only the ge length
is specified, then the range is assumed to be from ge length to 32. If only the le length is specified,
then the range is assumed to be less than the le length. An exact match is assumed when neither ge
nor le is specified.

25-2 Prefix List and Prefix Tree Commands

ip prefix-tree Overview

Use the negative form of this command to delete all entries or specific entries in a prefix list. One
way to remove a specific entry from a prefix list is to specify all parameters that were specified
when the entry was created. Another way is to specify the sequence number of the entry, which is
either automatically generated or explicitly configured.

Examples
The following example configures a prefix list ʺabcʺ that denies all prefixes in 128.0.0.0/8 with a
prefix length of 24.
matrix-x(router-config)# ip prefix-list abc deny 128.0.0.0/8 ge 24 le 24
The following example configures a prefix list ʺabcʺ with three list entries. The first and second
entries permit all routes matching 10.0.0.0 with prefix length equal to 8 (second entry) except
10.1.1.1 (first entry). Since the prefix list simulates a sequential lookup and returns the first
matched entry as the true match, the order of these entries will deny the route 10.1.1.1 and allow
the rest of the 10.0.0.0/8 routes. The third entry permits all other IPv4 routes. An implicit deny is
assumed for all other routes.
matrix-x(router-config)# ip prefix-list abc seq 5 deny 10.1.1.1/32 ge 32 le 32
matrix-x(router-config)# ip prefix-list abc seq 10 permit 10.0.0.0/8 ge 8 le8
matrix-x(router-config)# ip prefix-list abc seq 15 permit 0.0.0.0/0 le 32

ip prefix-tree
This command configures a prefix tree.

Syntax
ip prefix-tree tree_id {deny | permit} {network/masklen} [ge length] [le length]
no ip prefix-tree tree_id {deny | permit} {network/masklen} [ge length]
[le length]

Parameters
tree_id A string of characters.
deny | permit Denies or permits the specified source address.
network/masklen Specify a valid IPv4 address with a mask length. The IPv4 address is
specified in dotted‐quad format; the mask length is an integer from 0 to
32, inclusive. Note that the ʺ/ʺ is required.
ge length Specifies that the IPv4 address matches (prefix, mask) pairs with exactly
the same prefix address and mask lengths that are greater than or equal
to the value of the ge command. This value can be in the range of 0 to
32, but it must be at least the value of masklen and no greater than the
value of le.
le length Specifies that the IPv4 address matches (prefix, mask) pairs with exactly
the same prefix address and mask lengths that are less than or equal to
the value of the le command. This value can be in the range of 0 to 32,
but it must be at least the value of masklen and no less than the value
of ge.

Defaults
Prefix trees are not configured by default.

Matrix X Router Command Line Interface Reference Guide 25-3

Overview show ip prefix-list

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Prefix Trees return the longest match as the true match, whereas Prefix Lists simulate a sequential
lookup and return the first matched entry as the true match.
The optional ge and le commands can be used to specify the range of the prefix length to be
matched for prefixes that are more specific than a network and netmask value. If only the ge length
is specified, then the range is assumed to be from ge length to 32. If only the le length is specified,
then the range is assumed to be less than the le length.
Use the negative form of this command to delete all entries or specific entries in a prefix tree. You
can remove a specific entry from a prefix tree by specifying all parameters that were specified
when the entry was created.

Examples
The following example configures a prefix tree ʺabcʺ that denies all prefixes in 128.0.0.0/8 with a
prefix length of 24.
matrix-x(router-config)# ip prefix-tree abc deny 128.0.0.0/8 ge 24 le 24
The following example configures a prefix tree ʺabcʺ with three list entries. The first and second
entries permit all routes matching 10.0.0.0 with prefix length equal to 8 (first entry) except 10.1.1.1
(second entry). The third entry permits all other IPv4 routes. An implicit deny is assumed for all
other routes.
matrix-x(router-config)# ip prefix-tree abc permit 10.0.0.0/8 ge 8 le 32
matrix-x(router-config)# ip prefix-tree abc deny 10.1.1.1/32
matrix-x(router-config)# ip prefix-tree abc permit 0.0.0.0/0 le 32

show ip prefix-list
This command displays information about all or specific prefix lists.

Syntax
show ip prefix-list [ list_id ] [ detail | summary ]

Parameters
list_id (Optional) A string of characters or an integer that represents the ID of a
configured prefix list. The Matrix X Router will return information for
all configured IPv4 prefix lists if a list_id is not specified.
detail | summary (Optional) Specify whether you want the query to respond with a more
verbose format. Summary information is returned by default.

Defaults
Summary information is returned by default.
Information for all configured IPv4 prefix lists is displayed by default.

Mode
Router privileged execution: matrix‐x(router‐exec)#

25-4 Prefix List and Prefix Tree Commands

show ip prefix-tree Overview

Usage
The show ip prefix‐list query displays information about all or specific prefix lists.
This query has two forms. If it is issued without arguments, then information about all configured
IPv4 prefix lists is returned. Alternatively, the query can be issued naming a specific prefix list. In
this case, the reply will contain information pertaining only to the referenced prefix list.

Examples
The following query is a request for summary information about a prefix list named ʺpfxtest1ʺ.
matrix-x(router-exec)# show ip prefix-list pfxtest1
ip prefix-list pfxtest1: 3 entries
seq 3 deny 10.10.0.0/16 ge 20 le 20
seq 8 permit 10.10.0.0/16 ge 24 le 28
seq 13 permit 12.12.0.0/16
The following query is a request for summary information about all configured IPv4 prefix lists.
matrix-x(router-exec)# show ip prefix-list
ip prefix-list pfxtest1: 3 entries
seq 3 deny 10.10.0.0/16 ge 20 le 20
seq 8 permit 10.10.0.0/16 ge 24 le 28
seq 13 permit 12.12.0.0/16
ip prefix-list pfxtest2: 4 entries
seq 3 permit 10.2.2.2/24 ge 24 le 24
seq 8 deny 10.1.1.1/32 ge 32 le 32
seq 10 permit 10.0.0.0/8 ge 8 le 8
seq 11 permit 0.0.0.0/8 le 8
The following is a request for detail information about a prefix list named ʺpfxtest2ʺ.
matrix-x(router-exec)# show ip prefix-list detail pfxtest2
ip prefix-list pfxtest2:
count: 4, sequences 3 - 11
seq 3 permit 10.2.2.2/24 ge 24 le 24
seq 8 deny 10.1.1.1/32 ge 32 le 32
seq 10 permit 10.0.0.0/8 ge 8 le 8
seq 11 permit 0.0.0.0/8 le 8

show ip prefix-tree
This command displays information about all or specific prefix trees.

Syntax
show ip prefix-tree [ detail | summary ] [tree_id ]

Parameters
detail | summary (Optional) Specify whether you want the query to respond with a more
verbose format. Summary information is returned by default.
tree_id (Optional) A string of characters or an integer that represents the ID of a
configured prefix tree. The Matrix X Router will return information for
all configured IPv4 prefix trees if a tree_id is not specified.

Matrix X Router Command Line Interface Reference Guide 25-5

Overview show ip prefix-tree

Defaults
Summary information is returned by default.
Information for all configured IPv4 prefix trees is displayed by default.

Mode
Router privileged execution: matrix‐x(router‐exec)#

Usage
The show ip prefix‐tree query displays information about all or specific prefix trees.
This query has two forms. If it is issued without arguments, then summary information about all
configured IPv4 prefix trees is returned. Alternatively, the query can be issued naming a specific
prefix tree. In this case, the reply will contain information pertaining only to the referenced prefix
tree.

Examples
The following query is a request for summary information about a prefix tree named ʺpfxtest1ʺ.
matrix-x(router-exec)# show ip prefix-tree pfxtest1
ip prefix-tree abc: 1 entries
deny 128.0.0.0 0.255.255.255 ge 24 le 24
The following query is a request for summary information about all configured IPv4 prefix trees.
matrix-x(router-exec)# show ip prefix-tree
ip prefix-tree pfxtest1: 3 entries
deny 10.10.0.0 0.0.255.255 ge 20 le 20
permit 10.10.0.0 0.0.255.255 ge 24 le 28
permit 12.12.0.0 0.0.255.255
ip prefix-tree pfxtest2: 4 entries
permit 10.2.2.2 0.255.255.255 ge 24 le 24
deny 10.1.1.1 255.255.255.255 ge 32 le 32
permit 10.0.0.0 0.0.0.255 ge 8 le 8
permit 0.0.0.0 0.0.0.255 le 8
The following is a request for detail information about a prefix tree named ʺpfxtest2ʺ.
matrix-x(router-exec)# show ip prefix-tree detail pfxtest2
ip prefix-tree pfxtest2:
count: 4, sequences 3 - 11
permit 10.2.2.2 0.255.255.255 ge 24 le 24
deny 10.1.1.1 255.255.255.255 ge 32 le 32
permit 10.0.0.0 0.0.0.255 ge 8 le 8
permit 0.0.0.0 0.0.0.255 le 8

25-6 Prefix List and Prefix Tree Commands

26
Layer 3 Traffic Classification and Policy-Based
Routing Commands

This chapter describes the commands used to configure Layer 3 traffic classification for QoS
prioritization and policy‐based routing (PBR) functionality.

For information about... Refer to page...

Overview 26-1

Class Map Commands 26-2

Policy Map Commands 26-12

Overview
On the Matrix X Router, traffic classification at the routing level (Layer 3) provides the ability to
filter, set the Class of Service and drop precedence values, and police packets. Policy‐based
routing allows rerouting of packets. Policy maps are the basis for both traffic classification and
PBR, and are applied on ingress interfaces.
A policy map specifies a list of traffic classes and the associated actions to perform if the class is
matched—for example, set a Class of Service value and drop precedence to define internal
per‐hop behavior, or reroute the packet to the next hop configured for that policy. A traffic class is
defined by a class map, based on access control lists, the ingress interface, and/or the DSCP or IP
precedence value in the received packet.
A policy map may contain a list of class maps with associated policy actions. When a policy map is
applied to an ingress interface, the policies are converted to an ordered list of rules and passed to
the hardware classifier. The classifier checks the rules in order for each ingressing packet. The first
rule a packet matches, if any, causes the check to exit and the policy actions associated with that
rule’s class to be performed. If no rules match, the packet is simply permitted.
Access control lists, both standard and extended, are used to apply filtering on a routed interface
and to define traffic classes in policy‐based routing and traffic classification for QoS prioritization.
Each entry in each policy access control list must be converted into a rule in the ordered list passed
to the hardware classifier.
The semantics of classifying traffic based on a policy access control list concerns the permit or
deny action of each of the list’s entries. Matching a permit entry means the class is matched and
the classification is finished. Matching a deny entry, including the final implicit deny entry, means
the class is not matched and processing continues at the next match condition after that access
control list.
Since the rule space in the Matrix X Router hardware classifier table is not unlimited, and since the
way access control list and policy rules are processed on the router is somewhat complicated, two

Matrix X Router Command Line Interface Reference Guide 26-1

Class Map Commands

commands have been added to the CLI to help you determine how much rule space is available
and how much space is required for a particular set of rules.
The show ip rule‐space required command (page 24‐31) displays the amount of space that would
be required for rules generated by a specific access group or policy map. The show ip rule‐space
available command (page 24‐29) displays the amount of rule space available for a specific
interface.

Configuration Process
The high‐level configuration process is:
1. Create class maps, which define how traffic entering the router should be classified.
2. Create policy maps, which define how traffic classes (defined by class maps) should be
treated. This includes setting a policy‐based routing action by specifying a next hop.
3. Assign policy maps to interfaces.

Note: Refer to Chapter 21, QoS Configuration, and Chapter 22, Policy-Based Routing and
Policing Configuration, in the Matrix X Router Configuration Guide for more information about
how to use the commands in this chapter to configure Quality of Service functionality and policy-
based routing.

Class Map Commands

The class map commands are listed below:

For information about... Refer to page...

class-map 26-3

match access-group 26-4

match any 26-5

match input-interface 26-5

match ip dscp 26-6

match ip precedence 26-9

Usage
Use this command to specify that any packet will match the traffic class being defined. Use the no
form of this command to remove this criteria from this traffic class.
Use the exit or end commands to leave class‐map configuration mode and return to global
configuration mode.

Example
matrix-x(router-config)# class-map match-any gold
matrix-x(config-cmap)# match any
matrix-x(config-cmap)#

match input-interface
This command specifies an input interface as a match criteria for the traffic class being defined.

Syntax
match input-interface port-string
no match input-interface port-string

Parameters
port‐string Specifies the port. Refer to the section, “Port Strings Used in the CLI,”
on page 12‐2 for more information.

Defaults
None.

Mode
Router class‐map configuration: matrix‐x(config‐cmap)#

Matrix X Router Command Line Interface Reference Guide 26-5

Class Map Commands match ip dscp

Usage
Use this command to add an input interface as a match criteria for this traffic class. Use the no
form of this command to remove a previously configured interface from this traffic class.
Use the exit or end commands to leave class‐map configuration mode and return to global
configuration mode.

Example
The following example adds the numbered standard access control list “10” to the class map
named “gold” and then adds the input interface ge.4.1 to the class map.
matrix-x(router-config)# class-map match-any gold
matrix-x(config-cmap)# match access-group 10
matrix-x(config-cmap)# match input-interface ge.4.1
matrix-x(config-cmap)#

match ip dscp
This command specifies a DiffServ code point in the ingressing packet as a match criteria for the
traffic class being defined.

Syntax
match ip dscp dscp
no match ip dscp dscp

Parameters
dscp Specifies the DiffServ code point, as a number between 0 and 63, or as
one of the following keywords (per‐hop behaviors).
• af11 Assured Forwarding 11
• af12 Assured Forwarding 12
• af13 Assured Forwarding 13
• af21 Assured Forwarding 21
• af22 Assured Forwarding 22
• af23 Assured Forwarding 23
• af31 Assured Forwarding 31
• af32 Assured Forwarding 32
• af33 Assured Forwarding 33
• af41 Assured Forwarding 41
• af42 Assured Forwarding 42
• af43 Assured Forwarding 43
• be Best effort
• cs1 Class Selector 1
• cs2 Class Selector 2
• cs3 Class Selector 3
• cs4 Class Selector 4

26-6 Layer 3 Traffic Classification and Policy-Based Routing Commands

match ip dscp Class Map Commands

• cs5 Class Selector 5

• cs6 Class Selector 6
• cs7 Class Selector 7
• ef Expedited forwarding

Defaults
None.

Mode
Router class‐map configuration: matrix‐x(config‐cmap)#

Usage
Use this command to add a DiffServ code point as a match criteria for this traffic class. Use the no
form of this command to remove a previously configured DSCP from this traffic class.
Use the exit or end commands to leave class‐map configuration mode and return to global
configuration mode.
For your convenience, Table 26‐1 lists the decimal equivalents (both 6 bit and 8 bit) for the
alphanumeric DSCP keywords, as well as the equivalent 8 bit hexadecimal TOS values.

Table 26-1 DSCP Equivalencies

DiffServ Code Point DSCP TOS Value 6 Bit Decimal 8 Bit Decimal
Keyword Bit Pattern (8 bit Hex) Equivalent Equivalent

af11 001010 28 10 40

af12 001100 30 12 48

af13 001110 38 14 56

af21 010010 48 18 72

af22 010100 50 20 80

af23 010110 58 22 88

af31 011010 68 26 104

af32 011100 70 28 112

af33 011110 78 30 120

af41 100010 88 34 136

af42 100100 90 36 144

af43 100110 98 38 152

cs1 001000 20 8 32

cs2 010000 40 16 64

cs3 011000 60 12 96

cs4 100000 80 32 128

cs5 101000 A0 40 160

cs6 110000 C0 48 192

cs7 111000 E0 56 224

Matrix X Router Command Line Interface Reference Guide 26-7

Class Map Commands match ip dscp

Table 26-1 DSCP Equivalencies (continued)

DiffServ Code Point DSCP TOS Value 6 Bit Decimal 8 Bit Decimal
Keyword Bit Pattern (8 bit Hex) Equivalent Equivalent

ef 101110 B8 46 184

Example
The following example adds the numbered standard access control list “10” and the input
interface ge.4.1 to the class map named “gold,” and then adds DSCP af11 to the class map.
matrix-x(router-config)# class-map match-any gold
matrix-x(config-cmap)# match access-group 10
matrix-x(config-cmap)# match input-interface ge.4.1
matrix-x(config-cmap)# match ip dscp af11
matrix-x(config-cmap)#

26-8 Layer 3 Traffic Classification and Policy-Based Routing Commands

match ip precedence Class Map Commands

match ip precedence
This command specifies an IP precedence value in the ingressing packet as a match criteria for the
traffic class being defined.

Syntax
match ip precedence prec-number
no match ip precedence prec-number

Parameters
prec‐number Specifies an IP precedence value as a number between 0 and 7 or as one
of the following keyword:
• critical — Critical precedence (5)
• flash — Flash precedence (3)
• flash‐override — Flash override precedence (4)
• immediate — Immediate precedence (2)
• internetwork — Internetwork control precedence (6)
• network — Network control precedence (7)
• priority — Priority precedence (1)
• routine — Routine precedence (0)

Defaults
None.

Mode
Router class‐map configuration: matrix‐x(config‐cmap)#

Usage
Use this command to add an IP precedence value as a match criteria for this traffic class. Use the
no form of this command to remove a previously configured IP precedence value from this traffic
class.
Use the exit or end commands to leave class‐map configuration mode and return to global
configuration mode.

Example
The following example adds the IP precedence value of priority to the class map named “gold”
and then exits class‐map configuration mode.
matrix-x(router-config)# class-map match-any gold
matrix-x(config-cmap)# match access-group 10
matrix-x(config-cmap)# match input-interface ge.4.1
matrix-x(config-cmap)# match ip dscp af11
matrix-x(config-cmap)# match ip precedence priority
matrix-x(config-cmap)# exit
matrix-x(router-config)#

Matrix X Router Command Line Interface Reference Guide 26-9

Class Map Commands description

description
This command allows you to include descriptive text as part of the class map.

Syntax
description text

Parameters
text Specifies the descriptive text. Use quotes around text strings containing
spaces.

Defaults
None.

Mode
Router class‐map configuration: matrix‐x(config‐cmap)#

Usage
Use this command to add descriptive text to a class map. Use the exit or end commands to leave
class‐map configuration mode and return to global configuration mode.

Example
The following example adds a description to the class map “gold.”
matrix-x(router-config)# class-map match-any gold
matrix-x(config-cmap)# description “best service class”

show class-map
This command displays one or all configured class maps.

Syntax
show class-map [cname]

Parameters
cname Specifies the name of the class map to display. If no name is specified,
all configured class maps are displayed.

Defaults
If no class map is specified, all class maps are displayed.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router class‐map configuration: matrix‐x(config‐cmap)#

26-10 Layer 3 Traffic Classification and Policy-Based Routing Commands

show class-map Class Map Commands

Example
The following example displays all configured class maps.
matrix-x(router-config)# show class-map
Class Map match-any gold
best service class
Match access-group 10
Match input-interface ge.4.1
Match ip dscp af11
Match ip precedence priority

Class Map match-any silver

Match access-group 20
Match input-interface ge.4.2
Match ip dscp cs1
Match ip precedence flash

Matrix X Router Command Line Interface Reference Guide 26-11

Policy Map Commands policy-map

Policy Map Commands

The policy map commands are listed below:

For information about... Refer to page...

policy-map 26-12

description 26-13

class 26-14

set ip cos drop-precedence 26-15

police 26-16

set next-hop 26-17

ip policy 26-18

show policy-map 26-19

clear policy-map counters 26-20

Example
The following example creates a policy map named “policy1” and adds traffic class map “gold” to
the policy map. The mode changes to policy‐map‐class configuration mode.
matrix-x(router-config)# policy-map policy1
matrix-x(config-pmap)# class gold
matrix-x(config-pmap-c)#

26-14 Layer 3 Traffic Classification and Policy-Based Routing Commands

set ip cos drop-precedence Policy Map Commands

set ip cos drop-precedence

This command specifies that the policy action for the given class map is to set a Class of Service
value and drop precedence color.

Syntax
set ip cos cos drop-precedence dp
no set ip cos cos drop-precedence dp

Parameters

cos Specifies a Class of Service value, as an integer between 0 and 7.

dp Specifies a drop precedence. The value of dp can be one of the following
key words:
• green—indicates lowest drop precedence.
• yellow—indicates medium drop precedence.
• red—indicates highest drop precedence. Most likely to be dropped.
• immune—indicates no drop precedence. This value is equivalent to
green, and can never be downgraded to yellow or red.

Defaults
None.

Mode
Router policy‐map‐class configuration: matrix‐x(config‐pmap‐c)#

Usage
Use this command to specify a Class of Service value and drop precedence for packets of the given
class. The CoS value determines the egress QoS queue the packet is placed on. The drop
precedence value is used by the WRED (weighted random early discard) functionality which
monitors egress queues.
If DSCP remarking has been configured on the egress port, a DSCP value may be assigned to the
packet based on the CoS and DP values assigned by the policy map. The mapping of CoS/DP
values to DSCP values is specified by the DSCP egress map applied to the port. Refer to
Chapter 22, Port‐Based DSCP Remapping Commands, for more information about DSCP
remarking.

Note: QoS configuration is described in detail in Chapter 21, QoS Configuration in the Matrix X
Router Configuration Guide. Refer to that chapter for information about using CoS and DP values
for configuring internal per-hop behavior by the Matrix X Router.

Use the no form of the this command to remove this action from the given policy map and class.
Use the exit or end commands to leave policy‐map‐class configuration mode.

Matrix X Router Command Line Interface Reference Guide 26-15

Policy Map Commands police

Example
The following example remarks the CoS to 4 and the drop precedence to green for packets
classified by traffic class map “gold” within policy map named “policy1.”
matrix-x(router-config)# policy-map policy1
matrix-x(config-pmap)# class gold
matrix-x(config-pmap-c)# set ip cos 4 dp green

police
This command allows you to specify policing parameters and actions for traffic classified by the
given class map.

Syntax
police kbps burst excess [mark-aware] [drop-on-violate]
no police kbps burst excess

Parameters
kbps Specifies the average conforming rate, in kilobits per second. The value
of kbps can range from 1 to 10,000,000 kilobits per second.
burst Specifies the normal burst size, in bytes. The value of burst can range
from 1 to 10,000,000 bytes.
The values of kbps and burst define the conforming flow rate of the
classified traffic.
excess Specifies the excess burst size, in bytes. The value of excess can range
from 1 to 10,000,000 bytes.
mark‐aware (Optional) Specifies that the minimum drop precedence of ingressing
packets cannot be set any lower than the precedence assigned to the
packet on ingress. For example, a packet marked with a drop
precedence of yellow at ingress will never be marked internally as
green, although it could be marked up to red.
drop‐on‐violate (Optional) Drop packets received at rates beyond the excess value.

Defaults
Packets will be policed according to the default behavior on the router.

Mode
Router policy‐map configuration: matrix‐x(config‐pmap)#

Usage
Use this command to define the conforming flow rate for traffic classified by the given class map,
and optionally, non‐default policing behavior. Policing is the process of discarding packets within
a traffic stream in order to enforce a traffic policy.
Note that recoloring to a higher drop precedence may affect packets being dropped, but this
depends on the configuration of the fabric QoS queues. See the QoS queue management
commands described in Chapter 21, CoS Commands.
Use the no form of the command to remove the policing parameters from the policy map.
Use the exit or end commands to leave policy‐map‐class configuration mode.

26-16 Layer 3 Traffic Classification and Policy-Based Routing Commands

set next-hop Policy Map Commands

Refer to Chapter 22, Policy‐Based Routing and Policing Configuration in the Matrix X Router
Configuration Guide for more information about configuring policing on the Matrix X Router.

Example
The following example sets the conforming flow rate for traffic classified by the class map “silver.”
matrix-x(router-config)# policy-map policy1
matrix-x(config-pmap)# class silver
matrix-x(config-pmap-c)# police 5000 3000 4000 drop-on-violate

set next-hop
This command allows you to specify up to five next hop addresses for policy‐based routing action
on traffic classified by the given class map.

Syntax
set next-hop {no-require | require} {pinger | no-pinger} ip-addr1 [ip-addr2 ...
ip-addr5]

Parameters
no‐require If all next hops specified by this command are down or their status is
unknown, then this routing action is not applied and the packet next
hop choice is determined by a route table (FIB) lookup.
require Classified packets are always steered toward one of the set of next hops
defined by this command. If all of the defined next hops are known to
be down, the packets are dropped.
pinger Ping the specified next hops for up/down status.
no‐pinger Disregard the up/down status of the specified next hops.
ip‐addr1 The IP address of the first next hop, specified in dotted decimal format.
ip‐addr2 ... ip‐addr5 (Optional) Up to five next hop addresses may be specified.

Defaults
None.

Mode
Router policy‐map‐class configuration: matrix‐x(config‐pmap‐c)#

Usage
Use this command to configure policy‐based routing actions for a given traffic class. Up to five
next hops may be configured. Regardless of the choice of no‐require or require, next hops that are
known to be up are chosen before next hops of unknown status.
Refer to Chapter 22, Policy‐Based Routing and Policing Configuration in the Matrix X Router
Configuration Guide for more information about configuring policy‐based routing on the Matrix X
Router.

Example
The following example configures three next hop addresses that will be used for packets classified
by the gold traffic class in the policy map “goldstar.” Since the no‐require and pinger parameters

Matrix X Router Command Line Interface Reference Guide 26-17

Policy Map Commands ip policy

are specified, if none of the next hops are up, the packets will be forwarded based on a route table
lookup.
matrix-x(router-config)# policy-map goldstar
matrix-x(config-pmap)# class gold
matrix-x(config-pmap-c)# set next-hop no-require pinger 192.168.10.10
192.168.20.20 192.168.30.30
matrix-x(config-pmap-c)# exit
matrix-x(config-pmap)# exit
matrix-x(router-config)#

ip policy
This command applies a policy map to an interface.

Syntax
ip policy policy-name
no ip policy policy-name

Parameters
policy‐name Specifies the name of the policy map to apply to the interface.

Defaults
None.

Mode
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use this command in interface configuration mode to apply a policy map to an ingress interface.
Use the no form of the command to remove a policy map from an interface.
You can use the show ip rule‐space available (page 24‐29) and show ip rule‐space required (page
24‐31) commands to determine whether a policy map can be successfully assigned to an interface.

Example
The following example creates policy map “policy1” and then applies it to interface ge.4.1.
matrix-x(router-config)# policy-map policy1
matrix-x(config-pmap)# class silver
matrix-x(config-pmap-c)# police 5000 3000 4000 drop-on-violate
matrix-x(config-pmap-c)# exit
matrix-x(config-pmap)# exit
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip policy policy1
matrix-x(router-config-if-ge.4.1)# exit
matrix-x(router-config)#

26-18 Layer 3 Traffic Classification and Policy-Based Routing Commands

show policy-map Policy Map Commands

show policy-map
This command displays information about one or all configured policy maps.

Syntax
show policy-map [policy-name] | [interface [port-string]] | [all-interfaces]

Parameters
policy‐name (Optional) Specifies the name of a specific policy map to display.
If no policy map name is specified, nor any other optional parameters,
the contents of all configured policy maps are displayed.
interface [port‐string] (Optional) Displays information about the policy maps that have been
applied to ingress routing interfaces, either physical ports or VLAN
interfaces.
If a port‐string is specified, only information about the specified
interface is displayed.
If no port‐string is specified, information about all interfaces is
displayed.
all‐interfaces (Optional) Displays information about policy maps for all interfaces
that have had a policy map applied.

Defaults
If no policy map name is specified, nor any other optional parameters, the contents of all
configured policy maps is displayed.
If no interface is specified, policy map information for all interfaces to which a policy map has
been applied is displayed.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router policy‐map configuration: matrix‐x(config‐pmap)#

Usage
You can display the contents of one or all policy maps with this command, or you can display
policy map information by interface. If you display policy map information by interface, you can
specify a single interface or all interfaces.
When you display the contents of one or all policy maps, the information displayed includes, for
each class in the policy map, the number of packets received, if any, that matched the class. This
number is an aggregate count across all interfaces to which the policy map was applied.
The information displayed by interface includes the contents of the policy map applied to the
interface, and for each class in the policy map, the number of packets received, if any, that
matched the class. This number is a count for the interface to which the policy map was applied.

Examples
The following example displays information about policy map ”p100.” Note that the aggregate
matches (across all interfaces) for the class 107 are shown.

Matrix X Router Command Line Interface Reference Guide 26-19

Policy Map Commands clear policy-map counters

matrix-x(router-exec)# show policy-map p100

Policy Map p100

Class 107 (19484239 matches)
set ip cos 7 drop-precedence green
Class 108
set ip cos 7 drop-precedence yellow
Class 109
set ip cos 7 drop-precedence red

The following example displays policy map information for interface ge.4.1.
matrix-x(router-config)# show policy-map interface ge.4.1
interface ge.4.1

Policy Map policy1

Class silver
police 5000 3000 4000 drop-on-violate

clear policy-map counters

This command clears policy map hit counters for a specific policy map.

Syntax
clear policy-map counters policy-name [[inbound] interface port-string]

Parameters
policy‐name Specifies the name of the policy map for which to clear counters.
inbound (Optional) Clears the interface‐level counters of the specified policy
map for the specified interface to which the policy map was applied as
ingress policy.
interface port‐string (Optional) Specifies the interface for which to clear the interface‐level
counters of the specified policy map.

Defaults
If the interface parameter is not used, all counters, both aggregate and interface level, are cleared.

Mode
Router privileged execution: matrix‐x(router‐exec)#

Usage
The Matrix X Router keeps track of the number of packets received that matched the classes in
applied policy maps, on an aggregate basis across all interfaces to which the policy map was
applied, as well as on an interface basis for each interface to which the policy map was applied.
Use this command to clear policy map counters. You can clear all counters, both aggregate and
interface level, by specifying only the policy map name. If you want to clear only the interface

26-20 Layer 3 Traffic Classification and Policy-Based Routing Commands

clear policy-map if-counters Policy Map Commands

level counters, use the interface parameter. Note that you can specify only a single interface at a
time.
The inbound parameter allows you to clear the counters for policy maps applied as ingress
policies.

Example
The following example clears the counters for the policy map named gold2silver applied to ge.4.2.
matrix-x(router-config)# clear policy-map counters gold2silver interface ge.4.2

clear policy-map if-counters

This command clears policy map hit counters on interfaces.

Syntax
clear policy-map if-counters inbound {all-interfaces | port-string}

Parameters
inbound Clears the interface level counters for policy maps applied as an ingress
policy on the specified interfaces.
all‐interfaces Clear the interface level policy map counters on all interfaces.
port‐string Specifies the interface on which to clear policy map counters.

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#

Usage
The Matrix X Router keeps track of the number of packets received that matched the classes in
applied policy maps, on an aggregate basis across all interfaces to which the policy map was
applied, as well as on an interface basis for each interface to which the policy map was applied.
Use this command to clear policy map counters for one or all interfaces to which a policy map has
been applied. This command will not clear aggregate policy map counters.

Example
This example clears policy map counters on VLAN 20.
matrix-x(router-config)# clear policy-map if-counters vlan.1.20

Matrix X Router Command Line Interface Reference Guide 26-21

Policy Map Commands show ip pinger

show ip pinger
This command displays the ping status of the next hops the pinger application was requested to
watch for policy‐based routing.

Syntax
show ip pinger

Parameters
None.

Defaults
None.

Mode
Switch mode, read‐only
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router policy‐map configuration: matrix‐x(config‐pmap)#

Usage
Use this command to display the status of the next hops the pinger application is watching. The
next hops are configured using the set next‐hop command in policy‐map‐class configuration
mode.
Use the router configuration mode command ip pinger to change parameters for a specific next
hop.

Example
The following example displays the output of the show ip pinger command.
matrix-x(switch-su)-> show ip pinger
application ping-type next-hop-addr nh-port interval retries status
-----------------------------------------------------------------------------
ippolicy ICMP-PING 10.10.10.2 0 5 5 down
ippolicy ICMP-PING 20.20.20.2 0 5 5 down
The following command describes the output fields.

Output Column What It Displays ...

application The name of the application using that next hop. For example, “ippolicy”
indicates the Diffserv and Policy-Based Routing application.

ping-type The type of ping message sent.

next-hop-addr The IP address of the next hop being pinged. This value is set by the
application. For example, for Policy-Based Routing, the next hop address is set
with the policy map set next-hop command.

nh-port The port on the next hop.

The interval in seconds between pings. Can be changed with the router
interval configuration ip pinger command.

26-22 Layer 3 Traffic Classification and Policy-Based Routing Commands

ip pinger Policy Map Commands

Output Column What It Displays ...

The number of ping attempts. Can be changed with the router configuration ip
retries pinger command.

status The status of the next hop. The status can be up, down, or unknown.

ip pinger
This command allows you to change the parameters used by the pinger application for a specific
configured next hop address.

Syntax
ip pinger next-hop-addr [interval sec retries num]

Parameters
next‐hop‐addr The address of the next hop for which pinger parameters are being
changed.
interval sec (Optional) Specifies the interval between pings, in seconds. The value of
sec can range from 1 to 30 seconds. Default is 5 seconds.
retries num (Optional) Specifies the number of ping attempts. The value of num can
range from to 10. Default is 5.

Defaults
If interval and retries are not specified, the values for the next hop are reset to the defaults of 5
seconds and 5 attempts.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
When a next hop to be pinged is configured (for example, by the policy map set next‐hop
command), default values for interval and retries are assigned to that next hop address. Use this
command to change the interval and retries parameters used by the pinger application for a
specific next hop address.

Example
The following example sets the interval to 15 seconds and the retries to 3 for next hop address
20.20.20.2.
matrix-x(router-config)# ip pinger 20.20.20.2 interval 15 retries 3

matrix-x(router-config)# show ip pinger

application ping-type next-hop-addr nh-port interval retries status
-----------------------------------------------------------------------------
ippolicy ICMP-PING 10.10.10.2 0 5 5 down
ippolicy ICMP-PING 20.20.20.2 0 15 3 down

Matrix X Router Command Line Interface Reference Guide 26-23

Policy Map Commands ip pinger

26-24 Layer 3 Traffic Classification and Policy-Based Routing Commands

27
Border Gateway Protocol Commands

Overview
This chapter describes the Border Gateway Protocol (BGP) commands.
BGP is an exterior gateway protocol (EGP) that is used to exchange routing information among
neighboring routers in different Autonomous Systems (AS). An autonomous system is a set of
routers under a single administration. AS numbers supported are 1 to 65535.
An AS typically uses a single Interior Gateway Protocol (IGP) to propagate routing information
among its routers.
A BGP system establishes sessions with neighboring routers, or peers, and maintains a database of
network reachability information that it exchanges with its neighbors via update messages. BGP
uses the Transmission Control Protocol (TCP) and port 179 for establishing connections.
BGP routing updates include the complete route to each destination, as well as other information
related to the route. The route to each destination is called the AS path, which is a list of the
autonomous systems that the path traverses. Related route information is included in the path
attributes. BGP uses the AS path and the path attributes to determine the network topology. This,
in turn, enables BGP to detect and eliminate routing loops and to make routing policy decisions.
You can redistribute routing information between BGP and another protocol, and use route maps
to control the route updates.
For more information, refer to the Matrix X Secure Core Router Configuration Guide.

For information about... Refer to page...

Global BGP Configuration Commands 27-2

BGP Address Family Commands 27-40

BGP Neighbor Commands 27-42

Querying and Clearing Commands 27-95

BGP Communities and Community Lists 27-105

Matrix X Router Command Line Interface Reference Guide 27-1

Global BGP Configuration Commands

Commands to configure at Global BGP Configuration mode are listed below.

For information about... Refer to page...

router bgp 27-3

address-family 27-4

bgp always-compare-med 27-5

bgp as-path-loops 27-6

bgp bestpath as-path ignore 27-7

bgp bestpath compare-cluster-list-length 27-8

bgp bestpath compare-originator-id 27-9

bgp bestpath compare-router-id 27-10

bgp bestpath med confed 27-11

bgp bestpath med missing-as-worst 27-12

bgp cluster-id 27-13

bgp confederation identifier 27-14

bgp confederation peers 27-15

bgp non-leading-confeds 27-16

bgp open-on-accept 27-17

bgp pass-optional-nontrans 27-18

bgp restart-defer 27-19

bgp restart-time 27-20

bgp restart-timeout 27-21

bgp router-id 27-22

bgp send-group-always 27-23

bgp tie-break-on-age 27-24

default-metric 27-25

distance 27-26

distribute-list 27-27

enable 27-29

maximum-routes 27-30

network 27-31

preference2 27-32
redistribute 27-33

timers bgp 27-34

27-2 Border Gateway Protocol Commands

Global BGP Configuration Commands

For information about... Refer to page...

trace file 27-36

trace flag 27-38

router bgp
This command configures BGP on a router and specifies the router’s Autonomous System (AS)
number.

Syntax
router bgp as_number

no router bgp as_number

Parameters
as_number An integer between 1 and 65535.

Defaults
BGP is disabled by default.

Mode
Global Configuration.

Usage
The router bgp command enables BGP on a router. Because there is no default as_number, an
autonomous system number must also be specified. The negative form of this command, no
router bgp, disables BGP on a router.

Examples
The following example configures the router to be a BGP speaker in AS number 2.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)#
The following example turns off BGP on the router:
matrix-x(config-router)# no router bgp 2
matrix-x(config-router)#

Matrix X Router Command Line Interface Reference Guide 27-3

Global BGP Configuration Commands

address-family
This command configures multi‐protocol support for BGP peers.

Syntax
address-family [ipv4 (unicast | multicast)]

no address-family [ipv4 (unicast | multicast)]

Parameters
ipv4 Configures address family mode for IPv4.
unicast | multicast Configures address family mode for either unicast or multicast.

Defaults
This command is not explicitly configured by default.

Mode
BGP Router Configuration.

Examples
The following example enters the address family mode for IPv4 multicast and assumes that you
already assigned the neighbor to a remote AS or peer group:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# address-family ipv4 multicast
matrix-x(config-router-af)# neighbor 1.2.3.4 activate
The following example removes all address‐family configuration for IPv4 multicast:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# no address-family ipv4 multicast

27-4 Border Gateway Protocol Commands

Global BGP Configuration Commands

bgp always-compare-med
This command specifies whether to compare when routes with differing Multi‐Exit
Discriminators (MEDs) are received from peers in different Autonomous Systems.

Syntax
bgp always-compare-med

no bgp always-compare-med

Parameters
None.

Defaults
The default is bgp always‐compare‐med.

Mode
BGP Router Configuration.

Usage
When two routes to the same destination are received from peers in different Autonomous
Systems, they can have different MEDs. The bgp always‐compare‐med command allows you to
specify whether to compare those MEDs. When choosing between these routes, assuming that
nothing else makes one preferable to the other (such as a configured policy), the values of the
differing MEDs are used to choose the route to use. In this comparison, the route with the lowest
MED is preferred.
Routes without MEDs are treated as having the best possible MED.

Example
The following example enables the comparison of MEDs among confederation paths:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# bgp always-compare-med

Matrix X Router Command Line Interface Reference Guide 27-5

bgp bestpath med confed

This command specifies that confederation segments within a route’s AS_PATH should not be
considered when determining the neighboring AS that a route was learned from, during MED
comparison.

Syntax
bgp bestpath med confed

no bgp bestpath med confed

Parameters
None.

Defaults
The default is no bgp bestpath med confed.

Mode
BGP Router Configuration.

Usage
When comparing MEDs, use bgp bestpath med confed to specify whether confederation
segments within a route’s AS_PATH should not be considered when determining the neighboring
AS that a route was learned from.

Matrix X Router Command Line Interface Reference Guide 27-11

Global BGP Configuration Commands

bgp bestpath med missing-as-worst

This command specifies whether routes received without a MED are to be considered when
comparing BGP routes.

Syntax
bgp bestpath med missing-as-worst

no bgp bestpath med missing-as-worst

Parameters
None.

Defaults
The default is no bgp bestpath med missing‐as‐worst.

Mode
BGP Router Configuration.

Usage
When breaking ties between BGP routes, use the bgp bestpath med missing‐as‐worst command
to specify whether routes received without a MED are to be considered to have the worst legal
MED.

Example
The following example causes the Matrix X Router to consider routes without a MED to have the
worst legal MED:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# bgp bestpath med missing-as-worst

27-12 Border Gateway Protocol Commands

bgp non-leading-confeds
This command specifies the action to take when malformed AS_PATHs containing non‐prefixed
confederation segments are received.

Syntax
bgp non-leading-confeds {notify | ignore | drop}

no bgp non-leading-confeds {notify | ignore | drop}

Parameters
notify Specifies that receipt of non‐prefixed confederation segments will cause BGP to
send a notification message.
ignore Specifies that routes containing non‐prefixed confederation segments will be
logged and ignored.
drop Specifies that routes containing non‐prefixed confederation segments will be
logged and discarded.

Defaults
The default is bgp non‐leading‐confeds notify.

Mode
BGP Router Configuration.

Usage
“Buggy” routers on the Internet will sometimes illegally advertise AS_PATHs containing
confederation segments outside of a confederation boundary. If these routes propagate beyond
the confederation boundary edge, they will cause the peering session of any router that does not
accept confederation segments from non‐confederation peers to drop the peering session and thus
disrupt service.
• drop ‐ causes BGP to discard AS_PATHs that are received from BGP peers where there are
BGP Confederation AS_PATH segments (AS_CONFED_SEQUENCE, AS_CONFED_SET)
occurring anywhere other than at the left‐hand side of the AS_PATH.
• ignore ‐ causes BGP to ignore AS_PATHs that are received from BGP peers where there are
BGP Confederation AS_PATH segments (AS_CONFED_SEQUENCE, AS_CONFED_SET)
occurring anywhere other than at the left‐hand side of the AS_PATH. This option will cause
routes containing non‐prefixed confederation segments to be logged and stored in the RIB
with a preference or distance of ‐1.
• notify ‐ causes BGP to send a notification upon receipt of BGP peers where there are BGP
Confederation AS_PATH segments (AS_CONFED_SEQUENCE, AS_CONFED_SET)
occurring anywhere other than at the left‐hand side of the AS_PATH.
The negative form of this command, no bgp non‐leading‐confeds, removes the user‐defined
configuration and returns this to its default value of notify.

Note: Specifying a value for this command in the no form has no effect on the configuration. Thus,
it is displayed above as optional.

27-16 Border Gateway Protocol Commands

Global BGP Configuration Commands

Examples
The following example causes the Matrix X Router to log and ignore non‐prefixed confederation
segments:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# bgp non-leading-confeds ignore
The following example removes the previously configured ignore command and returns this to its
default value of notify:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# no bgp non-leading-confeds

bgp open-on-accept
This command specifies that the Matrix X Router will send the Open message when the TCP
connection has completed for configured peers.

Syntax
bgp open-on-accept

no bgp open-on-accept

Parameters
None.

Defaults
The default is no bgp open‐on‐accept.

Mode
BGP Router Configuration.

Usage
When the bgp open‐on‐accept command is configured, the Matrix X Router will immediately
send the Open message when the TCP connection has completed for configured peers.

Example
The following example enables the open‐on‐accept feature:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# bgp open-on-accept

Matrix X Router Command Line Interface Reference Guide 27-17

Global BGP Configuration Commands

bgp pass-optional-nontrans
This command specifies whether to propagate unrecognized, optional, non‐transitive attributes.

Syntax
bgp pass-optional-nontrans

Parameters
metric A 32‐bit value ranging from 0 to 4,294,967,295, inclusive.

Defaults
Disabled.

Mode
BGP Router Configuration.

Usage
The default‐metric command causes a BGP MED to be set on routes when they are advertised to
peers. This value applies to all BGP peers. It can be overridden on a per‐peer or per‐group basis.
The negative form of this command, no default‐metric, removes the configured value.

Note: Specifying a value for metric in the no form has no effect on the configuration. Thus, it is
displayed above as optional.

Examples
The following example causes the Matrix X Router to advertise a MED value of 50 to its BGP
peers:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# default-metric 50

The following example removes the previously configured default‐metric value on the router:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# no default-metric 50

Matrix X Router Command Line Interface Reference Guide 27-25

Global BGP Configuration Commands

distance
This command specifies the way that active routes learned from BGP will be selected, compared to
other protocols.

Syntax
distance dist

no distance [dist]

Parameters
dist An integer between 0 and 255, inclusive

Defaults
170

Mode
BGP Router Configuration.

Usage
The distance command specifies how active routes that are learned from BGP will be
selected, compared to other protocols. When a route has been learned from more than one
protocol, the active route will be selected from the protocol with the lowest distance (or
preference).
The negative form of this command, no distance, removes the configured value and returns
this to its default value of 170.

Note: Specifying a value for dist in the no form has no effect on the configuration. So, it is displayed
above as optional.

Examples
The following example configures the global BGP distance (preference) to be 140.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# distance 140
The following example deletes the globally configured BGP distance (preference) and reverts to
the default value of 170.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# no distance 140

27-26 Border Gateway Protocol Commands

Global BGP Configuration Commands

distribute-list
This command provides policy filtering for BGP routes.

Syntax
distribute-list access_list_name {in | out [protocol]}

no distribute-list access_list_name {in | out [protocol]}

Parameters
access_list_name The name of an access list.
in | out Specifies whether the route applies to imported (in) or exported (out)
routes.
protocol For exported routes (out), optionally specify a redistributed protocol to
filter. Valid values include: aggregate, bgp, kernel, ospf, ospfase, rip, and
static.

Defaults
Disabled.

Global BGP Configuration Commands

matrix-x(config-router)# router bgp 2

matrix-x(config-router-bgp)# redistribute ospf route-map setmed
In the following example, route map abc is configured with the following match criteria. If a route
matches interface ge.1.1, then communities specified in community com‐set‐1 will be added to the
route and the metric of the route will be set to 50.
matrix-x(config-router)# route-map abc
matrix-x(config-router-route-map)# match interface ge.1.1
matrix-x(config-router-route-map)# set community-set com-set-1
matrix-x(config-router-route-map)# set metric 50
This route map is then applied to static routes and exported into BGP:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# redistribute static route-map abc
matrix-x(config-router-bgp)# exit

Related Commands
distribute-list

timers bgp
This command specifies global keepalive and holdtime values for BGP.

Syntax
timers bgp [keepalive_value holdtime_value]

no timers bgp [keepalive_value holdtime_value]

Parameters
keepalive_value (Optional) The interval between keepalive messages ranging from 0 to
4,294,967,295 seconds.
holdtime_value (Optional) The interval of the BGP hold timer with a value of 0 or a
value between 3 and 4,294,967,295 seconds.

Defaults
• keepalive: 60 seconds.
• holdtime: 180 seconds

Mode
BGP Router Configuration.

27-34 Border Gateway Protocol Commands

Global BGP Configuration Commands

The holdtime value specifies the number of seconds to use when negotiating a peering session. If
the Matrix X Router does not receive a keepalive, update, or notification message within the
specified period, then the BGP connection will be closed. The negotiated holdtime value is the
lesser of the values sent in the exchanged BGP Open messages. If a time of zero is specified, no
keepalives will be sent. If a time of zero is received from the remote peer, then the holdtime must
be configured to be zero in order for the peering session to become established.

Note: You cannot specify a holdtime value of 1 or 2. The value can be 0 or at least 3.

The negative form of this command, no bgp timers, removes the configured values and returns
this to its default values of 180 and 60 seconds, respectively.

Note: Specifying a value for keepalive and holdtime in the no form of this command has no effect
on the configuration. Thus, it is displayed above as optional.

Examples
The following example sets the BGP keepalive value to 30 seconds and the holdtime value to 90
seconds. Notice that the values have positional significance. The keepalive value must appear
first, and the holdtime value must appear second.
matrix-x(config)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# timers bgp 30 90
This example removes the user‐configured timer values and returns these to their defaults:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# no timers bgp

Matrix X Router Command Line Interface Reference Guide 27-35

Global BGP Configuration Commands

trace file
This command specifies the file to receive tracing information, the size of the file, whether to
overwrite existing files, and the maximum number of files allowed.

Syntax
trace file file_name {max-size file_size[M | m | K | k] | max-files num_files
{no-timestamp | overwrite}

no trace file file_name {max-size file_size[M | m | K | k] | max-files num_files

{no-timestamp | overwrite}

Parameters
file_name Specifies the name of the file to receive the tracing information. Note
that the file name is not specified in quotes.
max‐size file_size[M | Specifies the maximum file size in bytes (by default) or megabytes or
m | K | k] kilobytes. The acceptable value range is 10K to 4,294,967,295 bytes.
Notice that there is no space between the file_size parameter and the
unit type.
max‐files num_files Specifies the maximum number of files allowed in the directory. The
acceptable value range is 2 to 4,294,967,295, with a default value of
4,294,967,295 files.
no‐timestamp Specifies that a timestamp should not be prepended to all trace lines
overwrite Specifies to begin tracing by appending or truncating an existing file

Defaults
Disabled.

Mode
BGP Router Configuration.

Usage
This command specifies a file for tracing of all BGP events. The negative form of this command
disables this tracing. The specific events that are traced are controlled by the trace flag command.
The trace file command is also associated with each protocol, so that information pertaining to a
single protocol can be written to its own file.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
The max‐size option sets a maximum on the size of the trace file. The size can be specified in
megabytes by giving ʹMʹ or ʹmʹ (without a leading space), or it can be specified in kilobytes by
giving ʹKʹ or ʹkʹ. If no units are given, the size is assumed to be in bytes. The range of this
parameter is 10K to 2^32‐1 bytes (about 4294M). When the maximum file size is reached, the file is
closed and renamed to fname.0, then fname.1, and so on, until the maximum number of files
specified by the max‐files option is reached. The default is unlimited. The size of a trace file is
limited by the file system on which the trace file resides.

27-36 Border Gateway Protocol Commands

Global BGP Configuration Commands

The no‐timestamp option disables the prepending of a timestamp to all lines written to the trace
file. The default is to prepend a timestamp to all lines written to a trace file.

Note: These options are not cumulative across multiple commands.

Consider the following example:

router(config-router-bgp)# trace file bgp.log no-timestamp
router(config-router-bgp)# trace file bgp.log max-files 10
The option given in the second command completely replaces that given in the first. In order to
specify both no‐timestamp and max‐files 10, they must be entered on the same line as follows.
matrix-x(config-router-bgp)# trace file bgp max-files 10 no-timestamp

Example
In the following example, BGP tracing is written to the file /var/trace/bgp.log. The maximum size of
the file is configured to be 1024 KB, and the maximum number of files permitted is 3. When the file
reaches 1 megabyte in size (the maximum size in this configuration), the file is renamed to
bgp.log.0, and bgp.log is re‐created. This continues until four log files exist (the maximum allowed
in this configuration). No timestamp will display at the beginning of the trace lines.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# trace file bgp.log max-size 1024k max-files 4 no-
timestamp

Matrix X Router Command Line Interface Reference Guide 27-37

Global BGP Configuration Commands

trace flag
This command specifies BGP‐specific tracing options as well as options common to all protocols.

Syntax
trace flag {route | normal | state | policy | task | timer | all}| {packets | open
| update | keepalive} {send | receive | send-receive} [detail]

no trace flag {route | normal | state | policy | task | timer | all} | {packets |
open | update | keepalive} [send | receive | send-receive] [detail]

Parameters
Flags common to all protocols:
[route | normal | state | policy | task | timer | all]
These tracing flags are common to all protocols and cannot be associated with a send, receive, or
send‐receive action item. Similarly, you cannot specify to show detailed information when tracing
these flags.

route Trace routing table changes for routes installed by this protocol or peer
normal Trace normal protocol occurrences.
Abnormal protocol occurrences are always traced.
state Trace state machine transition in the protocol
policy Trace the application of protocol and user‐specified policy to routes being
imported or exported
task Trace system interface and processing associated with this protocol
timer Trace timer usage by this protocol
all Turns on all trace flags.
Note: When issuing a show command, the output will display all the trace flags rather
than this all keyword.

BGP-specific flags:
[packets | open | The following BGP specific flags can be associated with the send, receive,
update | keepalive] send‐receive, and detail action items. They are defined as follows:
packets Trace all BGP packets
open Trace BGP Open packets
update Trace BGP Update packets
keepalive Trace BGP Keepalive packets [send | receive | send‐receive] Optionally
specify whether to limit the tracing to packets sent, received, or both
[detail] Optionally specify to use a more verbose format when displaying
information about the contents of packets instead of one or two lines

Mode
BGP Router Configuration.

27-38 Border Gateway Protocol Commands

Global BGP Configuration Commands

Defaults
The default is for no flags to be explicitly configured.

Usage
Use the trace flag command to specify tracing flags for BGP tracing.
Each flag must reside on its own configuration line. For example, you cannot specify to trace both
open and keepalive packets in the same command.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.

Example
In the following example, trace flags specify that both the sent and received update and keepalive
messages are traced in detail. This tracing information will be written to the file /var/trace/bgp.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# trace file bgp max-size 1024k
matrix-x(config-router-bgp)# trace flag update send-receive detail
matrix-x(config-router-bgp)# trace flag keepalive send-receive detail

Matrix X Router Command Line Interface Reference Guide 27-39

BGP Address Family Commands

BGP Address Family Configuration mode commands are listed below.

For information about... Refer to page...

neighbor activate 27-40

neighbor graceful-restart 27-41

neighbor activate
This command enables multi‐protocol capability for a peer.

Syntax
neighbor {ip_address | groupID} activate

no neighbor {ip_address | groupID} activate

Parameters
ip_address IP address of a BGP peer specified as a valid IPv4 address in dotted‐quad
format.
groupID Name of a BGP peer group specified as a string of characters. If an invalid IP
address is set (e.g. 256.1.1.1), it will be read as a group name.

Defaults
Disabled.

Mode
BGP Address Family Configuration.

Usage
The neighbor activate command sets a list of multi‐protocol capabilities to send to a group of
peers (using the BGP Capability Advertisement mechanism defined in RFC 2842).
Notes: This address family must match the address family specified in the address-family
command.
Because IPv4 unicast is always on, this command is not valid if the address family is IPv4 unicast.

Examples
The following example causes the IPv4 address family to be enabled for this peer:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# address-family ipv4 multicast
matrix-x(config-router-af)# neighbor 1.2.3.4 activate

Related Commands
address‐family

27-40 Border Gateway Protocol Commands

BGP Address Family Commands

neighbor graceful-restart
This command configures graceful restart capability for the family/sub address family pair.

Syntax
neighbor {ip_address | groupID} graceful-restart

no neighbor {ip_address | groupID} graceful-restart

Defaults
Enabled

Mode
BGP Address Family Configuration.

Usage
Use restart to turn on or off the Grace Restart capability for the family/ sub address family pair.

Note: For graceful restart to be useful beyond IPv4 unicast, the corresponding multi-protocol
capability must also be in effect.

Example
The following example turns graceful‐restart on for IPv4 multicast:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# address-family ipv4 multicast
matrix-x(config-router-af)# neighbor 1.2.3.4 graceful-restart

Matrix X Router Command Line Interface Reference Guide 27-41

BGP Neighbor Commands

Neighbor commands are listed below.

For information about... Refer to page...

neighbor add-communities 27-44

neighbor aggregator-id 27-45

neighbor allow 27-46

neighbor as-loop 27-47

neighbor as-override 27-48

neighbor aspath-prepend 27-49

neighbor capability orf comm-filter 27-50

neighbor capability orf extcomm-filter 27-51

neighbor capability orf prefix-filter 27-52

neighbor cluster-id 27-53

neighbor distance 27-54

neighbor dynamic 27-55

neighbor enable 27-56

neighbor end-of-rib 27-57

neighbor export-localpref 27-58

neighbor ignore-leading-as 27-59

neighbor import-localpref 27-60

neighbor keep 27-61

neighbor keepalives-always 27-62

neighbor local-as 27-63

neighbor log-up-down 27-64

neighbor maximum-routes 27-65

neighbor metric-out 27-67

neighbor multi-protocol-nexthop 27-68

neighbor next-hop-self 27-69

neighbor no-drop 27-70

neighbor orf comm-list 27-71

neighbor orf extcomm-list 27-72

neighbor orf prefix-list 27-73

neighbor out-delay 27-74

neighbor passive 27-75

27-42 Border Gateway Protocol Commands

BGP Neighbor Commands

For information about... Refer to page...

neighbor password 27-76

neighbor pedantic 27-77

neighbor peer-group 27-78

neighbor preference2 27-79

neighbor receive-buffer 27-80

neighbor remote-as 27-81

neighbor remove-private-as 27-82

neighbor route-map 27-83

neighbor route-reflector-client 27-84

neighbor route-to-peer 27-85

neighbor send-buffer 27-86

neighbor send-community 27-87

neighbor soft-reconfiguration inbound 27-88

neighbor timers 27-89

neighbor ttl 27-90

neighbor update-source 27-91

neighbor use-med 27-92

neighbor gateway 27-93

Note: The BGP protocol specifies you must add your local AS number to the AS_PATH attribute.
The aspath-prepend option lets you do it more than once.

Mode
BGP Router Configuration.

Usage
Use the neighbor aspath‐prepend command to configure the number of times that this router will
prepend its AS number to a route’s AS Path when it sends the route to an external peer. Larger
values are typically used to bias upstream peers’ route selection. Most routers will prefer routes
with shorter AS Path. Using this command, the AS Path that this router sends can be artificially
lengthened.

Example
In the following example, the router is configured to prepend its AS number to a route’s AS Path
five times.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# neighbor 10.1.1.1 remote-as 5
matrix-x(config-router-bgp)# neighbor 10.1.1.1 aspath-prepend 5

Matrix X Router Command Line Interface Reference Guide 27-49

BGP Neighbor Commands

neighbor capability orf comm-filter

This command specifies whether the ORF capability for community filtering is to be sent to the
BGP peer or group, received from the BGP peer or group, or both.

Syntax
neighbor {ip_address | groupID} capability orf comm-filter {send | receive | both}

no neighbor {ip_address | groupID} capability orf comm-filter {send | receive |

both}

Parameters
ip_address A BGP peer’s valid IPv4 address specified in dotted‐quad format
groupID A BGP peer group name specified as a string of characters. If an
invalid IP address is specified (e.g. 256.1.1.1), it will be read as a group
name.
send | receive | both Specifies the action to take when filtering communities.

Defaults
Disabled

Mode
BGP Router Configuration.

Usage
The neighbor capability orf comm‐filter command sets whether ORF capability for community
filtering will be sent from a BGP peer or group, accepted on a BGP peer or group, or both. The
command’s negative form, no neighbor capability orf commfilter, removes the capability.

Example
This example specifies that BGP peer 4.3.2.1 will send the ORF capability for community filtering:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# neighbor 4.3.2.1 remote-as 65001
matrix-x(config-router-bgp)# neighbor 4.3.2.1 capability orf comm-filter send

Related Commands
address‐family

27-50 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor capability orf extcomm-filter

This command specifies whether the ORF capability for extended community filtering is to be sent
to the BGP peer or group, received from the BGP peer or group, or both.

Syntax
neighbor {ip_address | groupID} capability orf extcomm-filter {send | receive |
both}

no neighbor {ip_address | groupID} capability orf extcomm-filter {send | receive

| both}

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad format.
groupID A BGP peer group name specified as a string of characters. If an invalid
IP address is specified (e.g. 256.1.1.1), it will be read as a group name.
send | receive | both Specifies the action to take when filtering extended communities.

Defaults
Disabled

Mode
BGP Router Configuration.

Usage
The neighbor capability orf extcomm‐filter commands specifies whether the ORF capability for
extended community filtering is to be sent from a BGP peer or group, accepted on a BGP peer or
group, or both. The negative form of this command, no neighbor capability orf extcomm‐filter,
removes the capability.

Note: When configured in BGP Router Configuration mode, the address family sent will be IPv4
unicast.

Example
This example specifies BGP peer 4.3.2.1 to send ORF capability for extended community filtering:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# neighbor 4.3.2.1 remote-as 65001
matrix-x(config-router-bgp)# neighbor 4.3.2.1 capability orf extcomm-filter send

Related Commands
address‐family

Matrix X Router Command Line Interface Reference Guide 27-51

BGP Neighbor Commands

neighbor capability orf prefix-filter

This command specifies whether the ORF capability for prefix filtering is to be sent from and/or
received on the BGP peer or group.

Syntax
neighbor {ip_address | groupID} capability orf prefix-filter {send | receive |
both}

no neighbor {ip_address | groupID} capability orf prefix-filter {send | receive |

both}

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad format.
groupID BGP peer group name specified as a character string. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
send | receive | both Specifies the action to take when filtering prefixes.

Defaults
ORF capabilities are not explicitly configured by default.

Mode
BGP Router Configuration.

Usage
The neighbor capability orf prefix‐filter commands specifies whether the ORF capability for
prefix filtering will be sent from a BGP peer or group, accepted on a BGP peer or group, or both.
The command’s negative form, no neighbor capability orf prefixfilter, removes the capability.

Example
This example specifies BGP peer 4.3.2.1 to send the ORF capability for prefix filtering:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# neighbor 4.3.2.1 remote-as 65001
matrix-x(config-router-bgp)# neighbor 4.3.2.1 capability orf prefix-filter send

27-52 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor cluster-id
This command specifies the route reflection cluster ID for a peer or peer group in BGP.

Syntax
neighbor {ip_address | groupID} cluster-id router-id

no neighbor {ip_address | groupID} cluster-id router-id

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad format.
groupID A BGP peer group name specified as a string of characters. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
router‐id A router ID in dotted‐quad format used by a route reflector to prevent
route propagation loops within the cluster.

Defaults
The cluster ID value defaults to the router ID.

Parameters
ip_address A BGP peer specified as a valid IPv4 adress in dotted‐quad format.
groupID A BGP peer group name specified as a string of characters. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
localpref An integer from 0 to 4,294,967,295, inclusive.

Usage
Use the neighbor export‐localpref command to configure the Local_Pref value that is sent in the
BGP Update packet when advertising a route to an internal or confederation peer. This value
overrides the calculated Local_Pref on the route. BGP will export the route with the calculated
Local_Pref value. The higher the local pref value guarantees its selection.
The negative form of this command, no neighbor export‐localpref, removes the configured
local_pref value and returns this to its default value of 100.

Defaults
100

Mode
BGP Router Configuration.

Example
The following example configures the export Local_Pref value to be 200:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# neighbor 1.1.1.1 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.1.1.1 export-localpref 200

27-58 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor ignore-leading-as
This command directs the Matrix X Router to keep route server routes.

Syntax
neighbor [ip_address | groupID] ignore-leading-as

no neighbor [ip_address | groupID] ignore-leading-as

Usage
Some routers are capable of propagating routes without appending their own autonomous system
number to the AS Path. By default, the Matrix X Router will drop such routes. The neighbor
ignore‐leading‐as command allows the Matrix X Router to keep these routes. This command
should be used only if there is no doubt that these peers are route servers and not normal routers.

Defaults
Disabled

Mode
BGP Router Configuration.

Example
The following example enables the ignore‐leading‐as feature:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# neighbor 1.1.1.1 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.1.1.1 ignore-leading-as

Matrix X Router Command Line Interface Reference Guide 27-59

BGP Neighbor Commands

neighbor import-localpref
This command specifies the Local_Pref value that is received in the BGP Update packet when
advertising a route to an external or confederation peer.

Syntax
neighbor {p_address | groupID} import-localpref local_pref

no neighbor {ip_address | groupID} import-localpref local_pref

Usage
Use the neighbor import‐localpref command to configure the Local_Pref value that is sent in the
BGP Update packet when advertising a route to an external or confederation peer. This value
overrides the calculated Local_Pref on the route. BGP will import the route with the calculated
Local_Pref value. The higher the local pref value guarantees its selection.
The negative form of this command, no neighbor import‐localpref, removes the configured
local_pref value and returns this to its default value of 100.

Note: Specifying a value for local_pref in the no form has no effect on the configuration. Thus, it is
displayed above as optional.

Defaults
100

Mode
BGP Router Configuration.

Example
The following example configures the import Local_Pref value to be 200:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# neighbor 1.1.1.1 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.1.1.1 import-localpref 200

27-60 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor keep
This command specifies the action to take when routes are received containing a router’s
own Autonomous System number.

Syntax
neighbor [ip_address | groupID] keep [normal | all | none]

no neighbor [ip_address | groupID] keep [normal | all | none]

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad format.
groupID A BGP peer group name specified as a string of characters. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
normal Discards routes that contain a router’s own autonomous system number.
all Retains routes learned from a peer even if the routes’ AS paths contain the
routerʹs own AS number.
none Discards routes that have failed import policy.

Usage
Use neighbor keep to specify whether to keep routes containing a routerʹs own autonomous
system number or routes that have failed import policy.
normal causes the Matrix X Router to discard routes that contain a routerʹs own autonomous
system number. Also by default, the Matrix X Router will retain routes that have failed import
policy so that these routes may be re‐examined when import policy is changed during
reconfiguration.
all causes the Matrix X Router to retain all routes that contain the routerʹs own autonomous
system number. In combination with the “loops” command in the autonomous system command,
this can allow a healing of a partitioned AS via the Internet.
none causes the Matrix X Router to discard all routes that have failed import policy. This can
result in a substantial saving in space in the router. However, this requires either resetting the BGP
peering session to re‐acquire discarded routes or the use of the BGP Route Refresh feature. Since
flapping a peering session has bad operational consequences, it is recommended that this feature
not be used unless Route Refresh is supported.

Defaults
Enabled

Mode
BGP Router Configuration.

Matrix X Router Command Line Interface Reference Guide 27-61

BGP Neighbor Commands

Examples
The following example causes the Matrix X Router to keep routes learned from this peer even if
they container our own AS number:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 keep all
The following example causes the Matrix X Router to revert to the value of “normal” for keep:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# no neighbor 1.2.3.4. keep all

neighbor keepalives-always
This command causes the Matrix X Router to always send keepalives.

Syntax
neighbor [ip_address | groupID] keepalives-always

no neighbor [ip_address | groupID] keepalives-always

Usage
The neighbor keepalives‐always command causes the Matrix X Router to always send
keepalives, even when an update may have correctly substituted for one. This command allows
inter‐operability with routers that do no completely obey the protocol specifications on this point.

Defaults
Disabled

Mode
BGP Router Configuration.

Example
The following example enables the keepalives‐always feature for peer 1.2.3.4:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 keepalives-always

27-62 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor local-as
This command identifies the AS that the Matrix X Router represents to a group of peers.

Syntax
neighbor [ip_address | groupID] local-as as-num

no neighbor [ip_address | groupID] local-as as-num

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad format.
groupID A BGP peer group name specified as a string of characters. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
as‐num A number between 1 and 65535, specifying a set of routers under a single
technical administration and assigned by the Internet Assigned Numbers
Authority.

Usage
The neighbor local‐as command identifies the AS that the Matrix X Router is representing to a
group of peers.

Note: This command is valid only for external peers.

Defaults
The default AS number for this command is the current AS (configured with the router bgp
command in Global Configuration mode).

Mode
BGP Router Configuration.

Examples
The following example causes BGP to represent itself to the peer 1.2.3.4 as being in AS 100:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 local-as 100
The following example causes BGP to cease representing itself to peer 1.2.3.4 as being in AS 100.
Instead, it will represent itself as being in AS 2:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# no neighbor 1.2.3.4 local-as 100

Matrix X Router Command Line Interface Reference Guide 27-63

BGP Neighbor Commands

neighbor log-up-down
This command causes a message to be logged via the syslog mechanism whenever a BGP peer or
peer group enters or leaves the Established state.

Syntax
neighbor [ip_address | groupID] log-up-down

no neighbor [ip_address | groupID] log-up-down

Defaults
Disabled

Mode
BGP Router Configuration.

Usage
The neighbor log‐up‐down command specifies whether a message will be logged via the syslog
mechanism whenever a BGP peer or peer group enters or leaves the Established state.

Example
The following example causes a message to be logged in syslog whenever this peer leaves or
enters the Established state:
matrix-x(config-router)# bgp router 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 log-up-down

27-64 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor maximum-routes
This command specifies the peak number of routes that BGP will accept for installation into the
Matrix X Router Routing Information Base (RIB).

Syntax
neighbor [ip_address | groupID] maximum-routes num [threshold] [(restart time-
minutes) | (warning-only)]

no neighbor [ip_address | groupID] maximum-routes num [threshold] [(restart time-

minutes) | (warning-only)]

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad formatt.
groupID A BGP peer group name specified as a string of characters. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
num An integer between 1 and 4,294,967,295.
threshold A percentage.
restart time‐minutes An integer from 1 to 65535, specifying a number of minutes. This specifies
the amount of time that will elapse before a restart occurs.
warning‐only Specifies to log a warning message, stop accepting routes, and keep the
established peering session.

Defaults
Num: 4294967295.

Mode
BGP Router Configuration.

Usage
The neighbor maximum‐routes command configures the maximum number of routes that a non‐
group peer or peers in a peer group will accept for installation into the Matrix X Router. You can
also specify a threshold percentage. When this percentage of maximum routes are accepted, the
configured action will occur. In addition, an action can be configured to occur when this
maximum number is exceeded. The action can be one of the following:
• If warning‐only is specified, log a warning message and stop accepting additional routes, but
still keep the established peer session
• if restart is specified, close the peer session and restart after the specified number of minutes
• if neither warning‐only nor restart is configured, close the peer session and keep this in idle
state until the clear ip bgp command is issued.
The negative form of this command, no neighbor maximum‐routes, removes the configure route
limit and returns this setting to its default value of unlimited.

Matrix X Router Command Line Interface Reference Guide 27-65

BGP Neighbor Commands

Examples
The following example causes the Matrix X Router to install a maximum of 1000 routes learned
from peer 1.2.3.4 into the routing table. If this amount is exceeded, then the BGP peering session
will restart after 10 minutes:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 maximum-routes 1000 restart 10
The following example causes the Matrix X Router to install a maximum of 1000 routes learned
from peer 10.23.12.13 into the routing table. If more than 80% of these routes are installed, then the
Matrix X Router closes the peering session and keep it down until a clear ip bgp command is
specified.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# neighbor 10.23.12.13 remote-as 5
matrix-x(config-router-bgp)# neighbor 10.23.12.13 maximum-routes 1000 80
The following example causes the Matrix X Router to install a maximum of 1000 routes learned
from peer 4.3.2.1 into the routing table. If this number is exceeded, then the Matrix X Router will
log a warning message and stop accepting additional routes.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 4.3.2.1 remote-as 5
matrix-x(config-router-bgp)# neighbor 4.3.2.1 maximum-routes 1000 warning-only

27-66 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor metric-out
This command causes BGP to send a metric value when routes are advertised to peers.

Syntax
neighbor [ip_address | groupID] metric-out num

no neighbor [ip_address | groupID] metric-out num

Defaults
Disabled

Note: When configured in BGP Router Configuration mode, the address family sent will be IPv4
unicast.

Example
The following example specifies that BGP peer 4.3.2.1 will send and receive ORF capability for
prefixes filtering information. In addition, a prefixes ORF message with the filter specified by
prefix list preflist1 will be sent to peer 4.3.2.1:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.2.3.4
matrix-x(config-router-bgp)# neighbor 4.3.2.1 remote-as 65001
matrix-x(config-router-bgp)# neighbor 4.3.2.1 orf capability prefix-filter both
matrix-x(config-router-bgp)# neighbor 4.3.2.1 orf prefix-list preflist1

Related Commands
address‐family

Matrix X Router Command Line Interface Reference Guide 27-73

BGP Neighbor Commands

neighbor out-delay
This command specifies the interval that a route must be present in the Matrix X Router routing
database before it is exported to BGP.

Syntax
neighbor {ip_address | groupID} [out-delay sec]

no neighbor {ip_address | groupID} [out-delay sec]

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad format.
groupID A BGP peer group name specified as a string of characters. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
out‐delay sec (Optional) The number of seconds, specified as an integer between 0 and
4,294,967,295, inclusive. Default is 0.

Defaults
Disabled. However, if a neighbor address is configured, the out‐delay time will default to 0.

Mode
BGP Router Configuration.

Usage
Use the neighbor out‐delay command to damp route fluctuations. The out‐delay time is the
amount of time that a route must be present in the Matrix X Router routing database before it is
exported to BGP.

Note: Weighted Route Damping may be better suited for improving overall network stability. The
use of this option may delay route convergence for well-behaved routers.

Example
The following example enables an out‐delay value of 10 seconds on the neighbor 1.2.3.4.
matrix-x(config-router)# neighbor 1.2.3.4
matrix-x(config-router)# router bgp 3
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 out-delay 10

27-74 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor passive
This command prevents the Matrix X Router from ever trying to open a BGP connection with
peers in this group.

Syntax
neighbor [ip_address | groupID] passive

no neighbor [ip_address | groupID] passive

Defaults
Disabled

neighbor {ip_address | groupID} peer-group pgname

no neighbor {ip_address | groupID} peer-group pgname

Parameters
groupID A string of characters indicating A BGP peer group name.
ip_address An IPv4 address to add to a peer group. IPv4 addresses are specified in
dotted‐quad format.
pgname The name of a peer group into which you want the neighbor added. The peer
group name is specified using the neighbor peer‐group command, and that
command must be specified before neighbors can be added to it.

Defaults
This command is not explicitly configured by default.

Mode
BGP Router Configuration.

Usage
Use the neighbor peer‐group command to create a peer group. BGP peers can then be added to
that group. After this command is issued, peers are added to the group using the neighbor
ip_address peergroup name command. All peers within a group must have the same AS number.

Note: Once you put a neighbor in a group, it loses all options previously configured on the neighbor,
except for its AS number (see the second example). Thus, changes to neighbor configuration
options should be entered after putting the neighbor in a group.

Examples
The following example configures peer group abc with peers 1.2.3.4 and 4.3.2.1 added to it.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 4.3.2.1 remote-as 5
matrix-x(config-router-bgp)# neighbor abc peer-group
matrix-x(config-router-bgp)# neighbor 1.2.3.4 peer group abc
matrix-x(config-router-bgp)# neighbor 4.3.2.1 peer-group abc

27-78 Border Gateway Protocol Commands

BGP Neighbor Commands

The following example configures peer group xyz. Peer 10.133.10.23 is configured separately, then
route map import is imported into that peer. The peer is then added to the peer group. The result of
adding this neighbor to peer group xyz is that the route‐map setting is lost because once a
neighbor is added to a group, it loses all earlier configured options on the neighbor except its AS.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# neighbor xyz peer-group
matrix-x(config-router-bgp)# neighbor 10.133.10.23 remote-as 2
matrix-x(config-router-bgp)# neighbor 10.133.10.23 route-map import in
matrix-x(config-router-bgp)# neighbor 10.133.10.23 peer-group xyz

neighbor preference2
This command breaks a preference tie between two groups in a BGP peer.

Syntax
neighbor {ip_address | groupID} preference2 pref2

Defaults
Enabled

Mode
BGP Router Configuration.

Examples
The following example causes the Matrix X Router to send any specific community values to peer
1.2.3.4:
matrix-x(config-router)# router bgp 3
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 send-community
The following example causes the Matrix X Router to not send any communities to this peer:
matrix-x(config-router)# router bgp 3
matrix-x(config-router-bgp)# no neighbor 1.2.3.4 send-community

Matrix X Router Command Line Interface Reference Guide 27-87

BGP Neighbor Commands

neighbor soft-reconfiguration inbound

This command activates the route refresh capability for a peer or peer group.

Syntax
neighbor [ip_address | groupID] soft-reconfiguration inbound

no neighbor [ip_address | groupID] soft-reconfiguration inbound

Defaults
Disabled

Mode
BGP Router Configuration.

Example
The following example turns on the route refresh capability for peer 1.2.3.4.
matrix-x(config-router)# router bgp 3
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 soft reconfiguration inbound

27-88 Border Gateway Protocol Commands

BGP Neighbor Commands

neighbor timers
This command specifies holdtime and keepalive time values within a BGP peer.

Syntax
neighbor {ip_address | groupID} timers {keepalive_value holdtime_value}

no neighbor {ip_address | groupID} timers {keepalive_value holdtime_value}

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad format.
groupID A BGP peer group name specified as a character string. If an invalid
IP address is specified (e.g. 256.1.1.1), it will be read as a group name.
keepalive_value The interval between keepalive messages ranging from 0 to
4,294,967,295 seconds.
holdtime_value The interval of the BGP Hold Timer with a value of 0 or a value
between 3 and 65535 of the BGP Hold Timer with a value of 0 or a
value between 3 and 65535 seconds.

Defaults
• keepalive: 60 seconds.
• holdtime: 180 seconds

Mode
BGP Router Configuration.

Usage
The BGP keepalive timer will be set to one‐third of the negotiated holdtime by default. If the
administrative keepalive time is set to greater than one‐third of the hold time, the router will
default to to one‐third of the negotiated hold time. Use keepalive to specify the number of seconds
that will elapse between keepalive messages.
The holdtime value specifies the number of seconds to use when negotiating a peering session
within this group. If the Matrix X Router does not receive a keepalive, update, or notification
message within the specified period, then the BGP connection will be closed.
The negotiated holdtime value is the lesser of the values sent in the exchanged BGP Open
messages. If a time of zero is specified, no keepalives will be sent. If a time of zero is received from
the remote peer, then the holdtime must be configured to be zero in order for the peering session
to become established.

Note: You cannot specify a holdtime value of 1 or 2. Attempting to do so will result in an error.

Matrix X Router Command Line Interface Reference Guide 27-89

BGP Neighbor Commands

The negative form of this command, no neighbor timers, removes the configured values and
returns this to its default values of 180 and 60 seconds, respectively.

Note: Specifying a value for this command in the no form has no effect on the configuration. Thus,
it is displayed above as optional.

Example
This example sets keepalive and holdtime values of 40and 90 seconds, respectively, for this peer:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 timers 40 90

neighbor ttl
This command specifies time to live (TTL) value.

Syntax
neighbor {ip_address | groupID} ttl ttl_num

no neighbor {ip_address | groupID} ttl ttl_num

Parameters
ip_address A BGP peer specified as a valid IPv4 address in dotted‐quad format.
groupID A BGP peer group name specified as a string of characters. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
ttl_num An integer from 1 to 255 specifying either a number of seconds or a number
of hops.

Defaults
The Matrix X Router sets the IP TTL for local peers to 1 and the TTL for nonlocal peers to the
default kernel value.

Mode
BGP Router Configuration.

Usage
The neighbor ttl command is provided mainly for attempting to communicate with improperly
functioning routers that ignore packets sent with a TTL value of 1. The ttl_num value has two
units: seconds and number of hops. Either of these can be used.

Note: Not all kernels allow the TTL to be specified for TCP connections.

27-90 Border Gateway Protocol Commands

BGP Neighbor Commands

Example
The following example configures a TTL value of 5 for this peer.
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1
matrix-x(config-router-bgp)# neighbor 1.2.3.4 remote-as 5
matrix-x(config-router-bgp)# neighbor 1.2.3.4 ttl 5

neighbor update-source
This command sets the IP address to be used on the local end of the TCP connection with the peer.

Syntax
neighbor {ip_address | groupID} update-source source_addr

no neighbor {ip_address | groupID} update-source source-addr

Parameters
ip_address A BGP peer specified as a valid IP address in dotted‐quad format.
groupID A BGP peer group name specified as a string of characters. If an invalid IP
address is specified (e.g. 256.1.1.1), it will be read as a group name.
source‐addr The local IP interface address.

Defaults
The default update‐source address is a shared interface.

Mode
BGP Router Configuration.

Usage
Use neighbor update‐source to specify the IP address to be used on the local end of the TCP
connection with the peer. This is the address of a broadcast, NBMA or loopback interface and the
local address of a point‐to‐ point interface.
For external peers, the local address must be on an interface that is shared with the peer or with
the peer’s gateway when a gateway is used.
A session with an external peer will be opened only when an interface with the appropriate local
address (through which the peer or gateway address is directly reachable) is operating. For
internal peers, a peer session will be maintained when any interface with the specified local
address is operating. In any case, an incoming connection will be recognized as a match for a
configured peer only if it is addressed to the configured local address.

Examples
The following example causes the TCP session to peer 1.2.3.4 to be established over the interface
4.3.2.1:
matrix-x(config-router)# router bgp 2
matrix-x(config-router-bgp)# bgp router-id 1.1.1.1

Matrix X Router Command Line Interface Reference Guide 27-91

27-94 Border Gateway Protocol Commands

Querying and Clearing Commands

Querying and clearing commands are listed below.

For information about... Refer to page...

clear ip bgp 27-95

show ip bgp 27-96

show ip bgp neighbors 27-100

show ip bgp orf 27-101

show ip bgp peer-group 27-103

clear ip bgp
This command resets BGP peering sessions and sends route refresh requests.

Syntax
clear ip bgp {peer | *} [soft]

Parameters
peer Specify a single BGP peer to clear.
* Clears all peers.
soft (Optional) Specify to send a Route Refresh message (if supported by the
peer).

Mode
User Execution.

Usage
Use the clear ip bgp command to reset BGP peering sessions or to send a Route Refresh request.

Examples
The following example specifies to clear the BGP peer 1.2.3.4:
matrix-x(router-exec)# clear ip bgp clear ip bgp 1.2.3.4

The following example clears all BGP peers and send a Route Refresh message.
matrix-x(router-exec)# clear ip bgp clear ip bgp * soft

Matrix X Router Command Line Interface Reference Guide 27-95

Querying and Clearing Commands

show ip bgp
This command displays information about BGP routes installed in the BGP routing information
base (RIB).

Syntax
show ip bgp [ip_address/mask] [longer-prefixes] [peer ip-addr
{all-received-routes | received-routes | advertised-routes}]

Parameters
ip_address/mask Optionally specify an IP address and mask
longer‐prefixes Optionally specify to show routes matching the specified Network/
Mask pair only.
peer ip‐addr (Optional) Specifies the peer to display route information for. The type
of route information to display is specified by one of the following
parameters.
all‐received‐routes Show all received routes from the peer before import policies are
applied matching prefix and mask (rib‐in).
Output from this command complies with the “neighbor keep”
configuration discard policy. See the neighbor keep command for
details.
received‐routes Show received routes from the peer after import policies are applied
matching prefix and mask (local‐rib)
advertised‐routes Show all routes advertised to the peer after export policies have been
applied that match a prefix and mask (rib‐out).

Mode
User Execution.

Usage
Use the show ip bgp query to obtain information about BGP routes installed in the BGP RIB.
The functionality of show ip bgp and show ip bgp peer n.n.n.n received‐routes is similar, except
that show ip bgp displays chosen routes from all peers, while show ip bgp peer n.n.n.n received‐
routes displays chosen routes only from a single peer.

Examples
The following example returns BGP information for all BGP routes installed in the BGP RIB.
matrix-x(router-config)# show ip bgp
Route status codes: s - suppressed, * - valid, > - active

Network Next Hop R Metric LocPref Path

* > 200.10.1.4/24 192.165.251.1 9 100 201 (3) 4 1 IGP (Id 6)
* 200.10.1.5/24 192.165.251.1 10 100 201 (3) 2 IGP (Id 3)
The following table describes the fields that appear in the BGP Query.

27-96 Border Gateway Protocol Commands

Querying and Clearing Commands

Output What It Displays...

Network The value of a BGP route

Next Hop The Next Hop address corresponding to the BGP route

R Specifies whether the route is installed in the unicast or multicast RIB

Metric The MED value for the route

LocPref The Local Preference value for the route

Path The route’s AS Path

The following example shows all received routes from peer 1.1.1.2 before import policies are
applied.
matrix-x(router-exec)# show ip bgp peer 1.1.1.2 all-received-routes

Route status codes: s - suppressed, * - valid, > - active

Network Next Hop R Metric LocPref Path
> 1.0.0.0/8 - u 0 100 (1) 2 IGP (Id 3)
* > 7.0.0.0/8 1.1.1.2 u 0 100 (1) 2 IGP (Id 3)
* > 22.0.0.0/8 1.1.1.2 u 0 100 (1) 2 IGP (Id 3)
* > 23.0.0.0/8 1.1.1.2 u 0 100 (1) 2 IGP (Id 3)
* > 24.0.0.0/8 1.1.1.2 u 0 100 (1) 2 IGP (Id 3)
* > 172.23.0.0/16 1.1.1.2 u 0 100 (1) 2 IGP (Id 3)
* > 22.1.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.2.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.3.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.4.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.5.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.6.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.7.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.8.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.9.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)

The following example shows received routes from peer 1.1.1.2 after import policies are applied
matching the prefix/mask 22.0.0.0/8.
matrix-x(router-exec)# show ip bgp 22.0.0.0/8 peer 1.1.1.2 received-routes
Route status codes: s - suppressed, * - valid, > - active

Network Next Hop R Metric LocPref Path

* > 22.0.0.0/8 1.1.1.2 u 0 100 (1) 2 IGP (Id 3)
* > 22.1.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.2.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.3.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.4.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.5.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.6.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.7.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.8.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)
* > 22.9.0.0/16 1.1.1.2 u 0 100 (1) 2 Incomplete (Id 4)

The following example show all routes advertised to peer 1.1.1.2 after export policies have been
applied that match prefix/mask 11.0.0.0/8.
matrix-x(router-exec)# show ip bgp 11.0.0.0/8 peer 1.1.1.2 advertised-routes

Matrix X Router Command Line Interface Reference Guide 27-97

Querying and Clearing Commands

Route status codes: s - suppressed, * - valid, > - active

Network Next Hop R Metric LocPref Path

* > 11.1.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.2.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.3.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.4.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.5.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.6.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.7.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.8.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.9.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.10.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.11.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.12.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.13.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.14.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.15.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.16.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.17.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.18.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.19.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.20.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.21.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.22.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.23.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.24.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.25.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.26.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.27.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.28.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.29.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.30.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.31.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.32.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.33.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.34.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.35.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.36.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.37.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.38.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)
* > 11.39.0.0/16 1.1.1.1 u 0 0 Incomplete (Id 2)

27-98 Border Gateway Protocol Commands

Querying and Clearing Commands

show ip bgp instance

This command shows current BGP instance information.

Syntax
show ip bgp instance

Parameters
None.

Mode
User Execution.

Usage
Use the instance query to obtain summarized information about the current BGP instance.

Example
The following example shows information about the current BGP instance.
matrix-x(router-config)# show ip bgp instance
Instance ID is 0
IPv4 nexthop Cisco compatible yes

Matrix X Router Command Line Interface Reference Guide 27-99

Querying and Clearing Commands

show ip bgp neighbors

This command displays information about the state of BGP’s IPv4 peering sessions.

Syntax
show ip bgp neighbors [ipv4-address]

Parameters
ipv4‐address Optionally enter an IPv4 address to view data for only the specified neighbor.

Mode
Privileged Execution.

Usage
Use the show ip bgp neighbors query to get detailed data about the state of BGP’s peering
sessions. You can optionally specify an IPv4 address.

Example
The following example shows detailed information about all BGP peering sessions.
matrix-x(router-config)# show ip bgp neighbors

BGP neighbor is 10.11.31.32, remote AS 1

BGP version is 4, remote router ID 10.133.10.32
Negotiated version is 4
TTL is 0
holdtime is 180
restart-time is 0
Restarting: no
Current state is “Established”
Last state was “OpenConfirm”
Last event was “RecvKeepAlive”
Last error code was 0
Last error subcode was 0
Local address is 10.11.31.31
Local AS is 5
Local router ID is 192.168.11.31
Capabilities:
Multicprotocol IPv4 Unicast: no
Graceful Restart IPv4 Unicast: no
Multiprotocol IPv4 Multicast: no
Graceful Restart IPv4 Multicast: no
Route Refresh: no
Send End-of-RIB messages: no
Dynamic Capabilities: no
BGP neighbor is 10.11.31.33, remote AS 65533
BGP version is 4, remote router ID 192.168.11.33
Negotiated version is 4
TTL is 0
holdtime is 180
restart-time is 0
Restarting: no

27-100 Border Gateway Protocol Commands

Querying and Clearing Commands

Current state is “Established”

Last state was “OpenConfirm”
Last event was “RecvKeepAlive”
Last error code was 0
Last error subcode was 0
Local address is 10.11.31.31
Local AS is 5
Local router ID is 192.168.11.31
Capabilities:
Multiprotocol IPv4 Unicast: no
Graceful Restart IPv4 Unicast: no
Multiprotocol IPv4 Multicast: no
Graceful Restart IPv4 Multicast: no
Route Refresh: no
Send End-of-RIB messages: no
Dynamic Capabilities: no

show ip bgp orf

This command displays ORF‐related information for all peers or for a specific peer.

Syntax
show ip bgp orf [ip_address]

Parameters
ip_address Optionally specify the peer IP address for which you want ORF data returned.

Mode
User Execution.

Usage
Use the show ip bgp orf query to view ORF‐related information for a single peer or for all peers.

Examples
In the following example, ORF information for all peers is displayed:
matrix-x(router-exec)# show ip bgp orf

ORFs for peer 1.2.3.4

prefix 10.0.0.0/8 ge 8 le 8 deny
community 200:300
extcommunity rt 192.168.10.2:500
ORFs for peer 2.2.2.2
community 202:302
community 400:500
In the following example, ORF information is returned for peer 2.2.2.2 only:
matrix-x(router-exec)# show ip bgp orf 2.2.2.2

ORFs for peer 2.2.2.2

community 202:302
community 400:500

Matrix X Router Command Line Interface Reference Guide 27-101

Querying and Clearing Commands

The following table explanains the command output.

Output What It Displays...

ORFs for peer The IPv4 address of the BGP peer

prefix Prefix filter information, including the prefix, mask, permit or deny, and the range

community The community filter

extcommunity The extended community filter

show ip bgp paths

This command displays BGP AS Path information

Syntax
show ip bgp paths

Parameters
None.

Defaults
None.

Mode
Router privileged execution
User execution

Usage
Use the show ip bgp paths query to view AS Path information.

Example
The following example is a query for AS Paths.
matrix-x(router-exec)# show ip bgp paths
Refcount Metric Path
5 0 IGP (Id 2)
12 0 Incomplete (Id 1)

27-102 Border Gateway Protocol Commands

Querying and Clearing Commands

show ip bgp peer-group

This command displays information about BGP peer groups.

Syntax
show ip bgp peer-group name

Parameters
name Optionally specify the name of a peer group.

Usage
Use the show ip bgp peer‐group query to obtain BGP peer group information. If a name is not
specified, then information about all BGP peer groups is displayed.

Mode
User Execution.

Example
The following example returns information for all BGP peer groups.
matrix-x(router-exec)# show ip bgp peer-group

BGP peer-group is abc

BGP version 4
For address family: IPv4 Unicast
BGP neighbor is abc, peer-group external, members:
192.168.100.1
192.168.100.2
The following table provides an explanation of the command output.

Output What It Displays...

Version The version of BGP that this group is using.

peer-group external/internal The type of this peer group members: List of IP addresses of peers that
belong to this group.

Matrix X Router Command Line Interface Reference Guide 27-103

Querying and Clearing Commands

show ip bgp summary

This command shows summarized BGP information.

Syntax
show ip bgp summary

Parameters
None.

Defaults
None.

Mode
User execution

Usage
Use the show ip bgp summary command to view summarized BGP information, including the
router ID and the local AS number.

Example
The following example shows a request for summarized BGP information.
matrix-x(router-exec)# show ip bgp summary
BGP router identifier 65.247.36.97, local AS number 4
matrix-x(router-exec)#

27-104 Border Gateway Protocol Commands

BGP Communities and Community Lists

BGP updates carry a number of path attributes. Some of these, like the AS_PATH, are mandatory
and appear in every update message sent. Others are optional, and may or may not appear in any
given update. Of the optional attributes, two can be specified arbitrarily by administrators to ease
configuration. These two attributes are “communities” and “extended communities.” Both of
these attributes operate by “coloring” routes received in updates where these attributes are
present; every router keeps track of the set of communities and extended communities with which
a route was learned. The particular communities (or extended communities) with which a route
was learned can be used to indicate that a particular set of policies should be applied to those
routes.
The commands include:

For information about... Refer to page...

ip community-list 27-105

ip community-set 27-107

ip community-list
Specifies a community or group of communities used in filtering or modifying community values.

Syntax
ip community-list name {permit | deny} {comm-set commset_name} [exact]
[standard | extended]

no ip community-list name {permit | deny} [comm-set commset_name] [exact]

[standard | extended]

Parameters
name A string of characters that uniquely identifies this community list.
permit | deny Permits or denies the entries in the community list. When creating a
community list, by default, the end of the community list contains an
implicit deny statement for everything.
comm‐set Specify a community set or an extended community set.
commset_name
exact (Optional) Specify whether an entire community list must be matched
exactly.
standard (Optional) Specifies that the referenced community set is a standard
(non‐extended) community set. standard and extended are mutually
exclusive.
Note: If neither standard nor extended is specified for a standard community
list, then the default value is standard. If both are configured, the keyword
supplied last will override the previous.

Matrix X Router Command Line Interface Reference Guide 27-105

BGP Communities and Community Lists

extended (Optional) Specifies that the referenced community set is an extended

(non‐standard) community set. standard and extended are mutually
exclusive. If both are configured, the keyword supplied last will
override the previous.

Defaults
Community lists are not configured by default.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
This command is used to specify a community, an extended community, or groups of both used in
filtering or modifying community values. Multiple community lists for the same name can be
specified to create multiple elements in the list. This list is generated in the order in which the
commands are entered.

Examples
The following example configures a community list with two list entries. The first entry permits a
community set labeled set1, and the second entry permits a community set labeled set2. Note that
set1 and set2 are implicitly taken to refer to the names in the standard community set name space.
matrix-x(router-config)# ip community-set set1 101:101
matrix-x(router-config)# ip community-set set2 101:104
matrix-x(router-config)# ip community-list abc permit comm-set set1 exact
matrix-x(router-config)# ip community-list abc permit comm-set set2 exact
The following example configures a community set, ʺset1ʺ, that includes AS:num 101:102. It then
configures an extended community set ʺext‐set1ʺ, that includes Route Target AS:num 201:202. The
two are then added to an extended community list, called ʺcommlist1ʺ.
matrix-x(router-config)# ip community‐set set1 101:102

matrix-x(router-config)# ip community‐set ext‐set1 extended rt 201:202

matrix-x(router-config)# ip community‐list commlist1 permit comm‐set set1 extended

matrix-x(router-config)# ip community‐list commlist1 permit comm‐set ext‐set1 extended

27-106 Border Gateway Protocol Commands

BGP Communities and Community Lists

ip community-set
Specifies a community or group of communities or extended communities used in filtering or
modifying community values.

Syntax
Standard BGP Communities
ip community-set set_id {as:num | comm-num | local-as | no-advertise | no-export
| none }
no community-set set_id {as:num | comm-num | local-as | no-advertise | no-export
| none }

Extended BGP Communities

ip community-set set_id extended {(*:*) | (none) | [(rt [as:num | ip:num]) ||
(soo [as:num | ip:num]) || (lbw as:float)] }
no community-set set_id extended {(*:*) | (none) | [(rt [as:num | ip:num]) ||
(soo [as:num | ip:num]) || (lbw as:float)] }

Parameters
Standard BGP Communities

set_id A string of characters that uniquely identifies this community set.

as:num The autonomous system (AS) number to be concatenated with a
number specified as a 16‐bit number. This is used for specifying a
community in the ʺcommunity‐splitʺ style.
comm-num The concatenation value of the two sixteen‐bit numbers used for this
arbitrary community.
local-as Specifies the well‐known community NO_EXPORT_SUBCONFED as
defined in RFC 1997. Routes tagged with this community are not to be
advertised to external peers, including those peers in other members’
autonomous systems inside of a BGP confederation.
no-advertise Specifies the well‐known community NO_ADVERTISE as defined in
RFC 1997. Routes tagged with this community are not to be advertised
to any other peers.
no-export Specifies the well‐known community NO_EXPORT as defined in RFC
1997. Routes tagged with this community are not to be exported outside
of a confederation boundary when confederations are in use or if they
are outside of the local AS when confederations are not configured.
none Specifies the empty set of communities. It is useful only where matches
are being attempted. When used in that context, if a route has any
communities associated with it, then it does not match. Otherwise, it
does match.
Note: Empty sets of communities cannot be combined with other communities
in the list.

Extended BGP Communities

set_id A string of characters that uniquely identifies this community set.

Matrix X Router Command Line Interface Reference Guide 27-107

BGP Communities and Community Lists

: Specifies all extended communities.

none Specifies the empty set of extended communities.
Note: Empty sets of extended communities cannot be combined with other
communities in the list.
rt (as:num | ip:num) Specifies the Route Target extended community. This is followed by
either the autonomous system (AS) number to be concatenated with
num (specified as a 32‐bit number), or an IPv4 address in dotted‐quad
format with a 16‐bit number value for num.
Note: This can be combined with the Site of Origin and Link Bandwidth
parameters.
soo (as:num | ip:num) Specifies the Site of Origin (Route Origin) extended community. This is
followed by either the autonomous system (AS) number to be
concatenated with num (specified as a 32‐bit number), or an IPv4
address in dotted‐quad format with a 16‐bit number value for num.
Note: This can be combined with the Route Target and Link Bandwidth
parameters.
lbw as:float Specifies the Link Bandwidth extended community. This is followed by
the autonomous system number and floating point numbering
expressing the speed of a link in bytes per second.
Note: This can be combined with the Route Target and Site of Origin
parameters.

Defaults
Community sets are not configured by default.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
The ip community‐set command is used to specify a set of communities and extended
communities that must be matched for a route to be considered a match.
BGP updates carry a number of path attributes. Some of these, like the AS_PATH, are mandatory
and appear in every update message sent. Others are optional, and may or may not appear in any
given update. Of the optional attributes, two can be specified arbitrarily by administrators to ease
configuration. These two attributes are “communities” and “extended communities.” Both of
these attributes operate by “coloring” routes received in updates where these attributes are
present. Every router keeps track of the set of communities and extended communities with which
a route was learned. The particular communities (or extended communities) with which a route
was learned can be used to indicate that a particular set of policies should be applied to those
routes.

Notes: You cannot mix standard and extended communities in the same community set.
If you configure a community set twice, the second configuration overwrites the first. The two
configurations will not merge.
Separate name spaces are used for standard and extended community sets. Thus, the same set
name can be used for both a standard and an extended community set.

27-108 Border Gateway Protocol Commands

BGP Communities and Community Lists

Examples
The following example configures a community set named ʺabcʺ that includes AS:num 201:202.
matrix-x(router-config)# ip community‐set abc permit 201:202
The following example configures an extended community set ʺext‐set1ʺ, with a Route Target
AS:num 201:202 and a site of origin IP number 10.1.2.3:100.
matrix-x(router-config)# ip community‐set ext‐set1 extended rt 201:202 soo 10.1.2.3:100

Matrix X Router Command Line Interface Reference Guide 27-109

BGP Communities and Community Lists

27-110 Border Gateway Protocol Commands

28
AS Paths and AS Path Lists

Overview
An AS path includes a list of autonomous systems that routing information has passed through to
get to a specified router and an indicator of the origin of this route. The AS path is used to prevent
routing loops in BGP.
This routing information can be used to prefer one path to a destination network over another.
The primary method for preferring a route with the X Router is to specify a list of filters to be
applied to AS paths when importing and exporting routes. Each autonomous system through
which a route passes prepends its AS number to the beginning of the AS path.

Regular Expressions
The Matrix X Router includes a powerful implementation of AS path regular expressions. The
entire AS path regular expression must be contained within angle brackets <...> or parentheses (...).
The content is read from left to right. The left side matches the beginning of the AS path, while the
right side matches the end of the AS path. The alphabet (set of valid members) is the valid range of
AS numbers, or more specifically, {1 ... 65535}.
The X Router also supports the following “wildcards” or expressions that can be used to build a
regular expression:
. - (period) represents any valid member of the alphabet
* - (asterisk) matches zero or more of the preceding element/expression
+ - (plus sign) matches one or more of the preceding element/expression
# - (pound sign) matches zero or one occurrence of the preceding element/expression
Binary operators:
_ - (underscore) any sequence of elements and/or expressions separated by an underscore
| (OR) - (pipe) any sequence of elements and/or expressions separated by the vertical line
symbol (|)
The bracket symbols [] are used to delimit a set of AS numbers. The set may be a list of AS
numbers separated by a space or a range of AS numbers separated by a dash (-). If the entire list of
members is prefixed with a ^, then the valid members are those not listed in the set. (Because a
null string or empty string is not an instance in the alphabet, AS numbers such as [^808] will not
match an empty string.)

Matrix X Router Command Line Interface Reference Guide 28-1

Overview

Regular Expression Examples

This section provides examples of AS path regular expressions.
Match any single AS number as the AS path:
.
Match all AS paths coming from a given AS that start with 808:
808_.*
Match all paths that do not end with the given AS numbers but must have at least one AS:
.*[^808_809]
Match a path that has only valid exterior AS numbers:
[1-6451]+
Match 305 808 and exactly one other AS number other than 100:
305_808_[^100]
Match 305 808 and any other AS number except 100 or no additional AS. That is, match either 305
808 as the complete path or 305 808 x, where x is any integer other than 100:
305_808_[^100]
Match either 808 or 305 with no additional AS numbers in the path:
305|808

28-2 AS Paths and AS Path Lists

ip as-path access-list AS Paths and AS Path Lists Commands

AS Paths and AS Path Lists Commands

For information about... Refer to page...

ip as-path access-list 28-3

ip as-path name 28-4

show ip bgp paths 28-5

ip as-path access-list
Specifies a BGP AS_PATH regular expression to be used in filtering.

Syntax
ip as-path access-list name {[ permit | deny ] regexp origin}| {named as-path-name}
no ip as-path access-list name

Parameters
name The name of this AS Path access list specified as a string of characters.
permit | deny Specifies whether to allow or reject this AS Path regular expression.
regexp The regular expression.
origin One of either egp, igp, incomplete, or any.
named Specifies the name of a configured access list.
as‐path‐name

Defaults
No AS path access lists are defined by default.

Mode
Router global configuration.

Usage
The ip as‐path access‐list command specifies a BGP AS _PATH regular expression used in
filtering. An AS path access list does nothing until it is referred to in the context of policy. This
must be done within a route map and then referred to within a protocol.
The origin specifies whether the route was learned from an EGP source, an IGP source, or another
source. An origin of igp indicates the route was learned from an Intra‐Domain Routing Protocol
and is most likely complete. An origin of egp indicates the route was learned from the EGP
protocol, and the path is most likely not complete. When the route is learned from another source,
an origin of incomplete is used. An origin of any can be used to match any origin.

Examples
The following example configures an access list named “abc” with two list entries. The first entry
permits regular expression 808.* with an origin of any. The second entry denies regular expression
900.* with an origin of any.
matrix-x(router-config)# ip as-path access-list abc permit 808.* any

Matrix X Router Command Line Interface Reference Guide 28-3

AS Paths and AS Path Lists Commands ip as-path name

matrix-x(router-config)# ip as-path access-list abc deny 909.* any

The following example configures an access list named “abc” to apply the regular expression of a
configured AS path named “blah.”
matrix-x(router-config)# ip as-path access-list abc named blah

ip as-path name
Specifies a BGP AS_PATH regular expression to be used in filtering.

Syntax
ip as-path name name regexp origin
no ip as-path name name

Parameters
name The name of this AS Path regular expression specified as a string of
characters.
regexp The regular expression.
origin One of either egp, igp, incomplete, or any.

Defaults
No AS paths are defined by default.

Mode
Router global configuration.

Usage
The ip as‐path name command is used to specify a BGP AS _PATH regular expression used in
filtering. An AS path list does nothing until it is referred to in the context of policy. This must be
done within a route map and then referred to within a protocol.
The origin specifies whether the route was learned from an EGP source, an IGP source, or another
source. An origin of igp indicates the route was learned from an Intra‐Domain Routing Protocol
and is most likely complete. An origin of egp indicates the route was learned from the EGP
protocol, and the path is most likely not complete. When the route is learned from another source,
an origin of incomplete is used. An origin of any can be used to match any origin.

Examples
The following example configures an AS path regular expression called “bar” that permits regular
expression 808.* with an origin of any.
matrix-x(router-config)# ip as-path name bar 808.* any
The following example configures an AS path regular expression called “bar” that permits regular
expression 808.* with an origin of any. The configured AS path regular expression is then
referenced in an AS Path Access List configuration.
matrix-x(router-config)# ip as-path name bar 808.* any
matrix-x(router-config)# ip as-path access-list abc permit named bar

28-4 AS Paths and AS Path Lists

show ip bgp paths AS Paths and AS Path Lists Commands

show ip bgp paths

Displays information about BGP AS Paths

Syntax
show ip bgp paths

Parameters
None.

Mode
Router execution.

Usage
Use the show ip bgp paths query to obtain information about all BGP AS Paths.

Example
The following example returns information for BGP AS Paths.
matrix-x(router-exec)# show ip bgp paths
Refcount Metric Path
5 50 202 201 200
10 10 200
The following table describes the fields that appear in the BGP AS Path Query.

Output... What it displays...

Refcount The number of routes using that path.

Metric The MED value for the path.

Path The AS Path value.

Matrix X Router Command Line Interface Reference Guide 28-5

AS Paths and AS Path Lists Commands show ip bgp paths

28-6 AS Paths and AS Path Lists

29
DHCP Commands

This chapter first provides some general information about the Dynamic Host Configuration
Protocol (DHCP), and then describes the Client and Server sets of commands.

For information about... Refer to page...

Overview 29-1

DHCP Client Command 29-2

DHCP Server Commands 29-3

Overview
The Dynamic Host Configuration Protocol (DHCP) provides services for allocating and delivering
IP addresses and other configuration parameters to Internet hosts.
The DHCP protocol is based on a client‐server model in which a designated DHCP server
allocates network addresses from a configured pool of IP addresses and delivers configuration
parameters to dynamically configured clients. A DHCP relay agent passes DHCP messages
between clients and servers located on different physical subnets.
The DHCP client function can be configured on each of the Matrix X Router’s interfaces with the
ip address dhcp command. When configured and enabled on an interface, the client function will
attempt to acquire an IP address for that interface from a DHCP server when the interface comes
online.
The DHCP relay agent function can be configured on each of the Matrix X Router’s routing
interfaces, as described in About DHCP/BOOTP Relay on page 23‐32. The relay agent can forward
a DHCP client’s request to a DHCP server located on a different network if UDP broadcast
forwarding is enabled on the receiving interface (refer to ip forward‐protocol on page 23‐33) and
the address of the server is configured as a helper address on the receiving interface (refer to ip
helper‐address on page 23‐34). The relay agent interface must be configured with an IP address.
The server function provides the following services to DHCP clients:
• Assigning IP addresses from configured address pools
• Assigning default routers
• Assigning DNS servers and domain name
• Assigning NetBIOS WINS servers and node name
• Specifying a boot file
• Providing other DHCP options, as defined by RFC 2132

Matrix X Router Command Line Interface Reference Guide 29-1

DHCP Client Command

The amount of time that a particular IP address is valid for a system is called a lease. The X Router
maintains a lease database which contains information about each assigned IP address, the MAC
address of the client to which it is assigned, the lease expiration, and whether the address
assignment is automatic or manual. The DHCP lease database is stored in flash memory.

DHCP Client Command

The ip address dhcp command is used to configure the DHCP client function on an interface.

ip address dhcp
This command is used to configure an interface to use DHCP to request an IP address from a
DHCP server.

Syntax
ip address dhcp

no ip address dhcp

Parameters
None.

Defaults
Disabled.

Mode
Router Interface Configuration.

Usage
Use this command to enable or disable the DHCP client function on an interface. If an interface
already has a static IP address (primary or secondary) assigned to it, the DHCP client function will
not be enabled and an error message will be displayed.
If an interface has the DHCP client function enabled (with this command), any attempt to
configure a static IP address (primary or secondary) on that interface will fail and an error
message will be displayed.
If an interface has acquired an IP address via DHCP, disabling the DHCP client function on that
interface will de‐configure that address, and a release indication will be sent to the corresponding
DHCP server.

Example
The following example enables the DHCP client function on the Gigabit Ethernet port 2 in slot 4:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip address dhcp

29-2 DHCP Commands

DHCP Server Commands

The DHCP server commands are divided into global server configuration commands, DHCP
address pool configuration commands, and show and clear commands executed in privileged
execution mode.

For information about... Refer to page...

Interface and Global Server Configuration Commands 29-3

Address Pool Configuration Mode Commands 29-7

Show and Clear Commands 29-20

Interface and Global Server Configuration Commands

The interface and global DHCP server configuration commands are:

For information about... Refer to page...

ip dhcp server 29-3

ip dhcp excluded-address 29-4

ip dhcp ping packets 29-5

ip dhcp ping timeout 29-5

ip dhcp pool 29-6

ip dhcp server
This command enables the DHCP server on an interface. The no form disables the DHCP server.

Syntax
ip dhcp server

no ip dhcp server

Parameters
None.

Defaults
DHCP server is disabled by default.

Mode
Router Interface Configuration.

Usage
Use this command to enable DHCP server functionality on Matrix X Router IP interfaces. DHCP
server is disabled by default. The no form of the command disables DHCP server functionality.

Matrix X Router Command Line Interface Reference Guide 29-3

DHCP Server Commands

Note: DHCP server and DHCP/BOOTP relay may not be enabled concurrently in the router.

Example
This example enables DHCP server on the interface ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip dhcp server
matrix-x(router-config-if-ge.4.1)# no shutdown

ip dhcp excluded-address
This command specifies IP addresses which are to be excluded from assignment by the DHCP
server.

Syntax
ip dhcp excluded-address low-address [high-address]

no ip dhcp excluded-address low-address [high-address]

Parameters
low‐address Specifies the first IP address in the range to be excluded from this pool.
high‐address (Optional) Specifies the last IP address in the range to be excluded.

Defaults
None.

Mode
Router Global Configuration.

Usage
Use this command to specify ranges of IP addresses to be excluded from assignment by the server.
Up to 100 ranges of IP addresses to be excluded may be configured, following these guidelines:
• A new exclusion range may not overlap any existing exclusion ranges.
• A new exclusion range must be completely contained within the assignable address range of a
configured automatic pool.
When an automatic IP address pool is defined, storage is allocated in RAM for all possible leases
that may be assigned from the pool. In order to conserve memory resources, it is recommended
that the hostid portion of the subnet mask (configured with the network command) be as small as
is practicable. Alternatively, addresses may be excluded from assignment with the ip dhcp
excluded‐address command.
The no form of this command removes addresses from the excluded list.

29-4 DHCP Commands

DHCP Server Commands

Example
This example excludes IP addresses between 172.20.28.1 and 172.20.28.200
matrix-x(router-config)# ip dhcp excluded-address 172.20.28.1 172.20.28.200

ip dhcp ping packets

This command sets the number of packets a DHCP server sends to an IP address before assigning
the address to a requesting client.

Syntax
ip dhcp ping packets number

no ip dhcp ping packets

Parameters
number Specifies the number of ping packets to be sent, ranging from 0 ‐ 10.

Defaults
2 packets

Mode
Router Global Configuration.

Usage
Use this command to set the number of ping packets the DHCP server will send to an IP address
before it assigns that address to a requesting client. The no form of this command resets the
number of packets sent to the default value of 2.

Example
This example sets the number of DHCP ping attempts to 6:
matrix-x(router-config)# ip dhcp ping packets 6

ip dhcp ping timeout

This command specifies the amount of time the DHCP server will wait for a ping reply from an IP
address before timing out.

Syntax
ip dhcp ping timeout milliseconds

no ip dhcp ping timeout

Parameters
milliseconds Specifies the ping timeout, ranging from 100 to 10000 milliseconds.

Matrix X Router Command Line Interface Reference Guide 29-5

DHCP Server Commands

Defaults
500 milliseconds

Mode
Router Global Configuration.

Usage
The no form of this command resets the ping timeout to the default value of 500.

Example
This example sets the DHCP ping timeout to 900 milliseconds:
matrix-x(router-config)# ip dhcp ping timeout 900
DHCP Server has been restarted.
matrix-x(router-config)#

ip dhcp pool
This command assigns a name to a DHCP server pool of addresses, and enables DHCP address
pool configuration mode.

Syntax
ip dhcp pool name

no ip dhcp pool name

Parameters
name Specifies a DHCP address pool name.

Mode
Router Global Configuration.

Usage
Use this command to configure an IP address pool from which assignments to clients can be
made. Up to 100 pools may be configured.
After you enter this command, the CLI mode changes to DHCP address pool configuration mode.
The no form of this command deletes a DHCP address pool.

Example
This example assigns the name pool_1 as a DHCP address pool, and enables DHCP address pool
configuration mode for that address pool:
matrix-x(router-config)# ip dhcp pool pool_1
matrix-x(router-config-dhcp)#

29-6 DHCP Commands

DHCP Server Commands

Address Pool Configuration Mode Commands

The commands can be executed after entering DHCP address pool configuration mode.

For information about... Refer to page...

network 29-7

default-router 29-8

dns-server 29-9

domain-name 29-9

netbios-name-server 29-10

netbios-node-type 29-11

lease 29-12

host 29-13

hardware-address 29-14

client-identifier 29-15

client-name 29-16

bootfile 29-17

next-server 29-18

option 29-19

network
This command configures the subnet number and mask for an automatic DHCP address pool.

Syntax
network network-number [mask | /prefix-length]

no network

Parameters
network‐number Specifies an IP subnet for the address pool.
mask (Optional) Specifies the subnet mask in dotted quad notation.
/prefix‐length (Optional) Specifies the subnet mask as an integer.

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Matrix X Router Command Line Interface Reference Guide 29-7

DHCP Server Commands

Usage
Use this command to define the subnet for an automatic address pool. An optional subnet mask
can be entered in either dotted quad notation or as an integer. (If a mask is not specified, the class
A, B, or C natural mask is used.) Once you have entered this command, the manual address pool
commands can not be used while configuring the current address pool.
When an automatic IP address pool is defined, storage is allocated in RAM for all possible leases
that may be assigned from the pool. In order to conserve memory resources, it is recommended
that the hostid portion of the subnet mask (configured with the network command) be as small as
is practicable. Alternatively, addresses may be excluded from assignment with the ip dhcp
excluded‐address command.
Note that subnets defined in multiple automatic address pools may not overlap.
The no form of this command removes the subnet from use by the pool.

Example
This example configures IP subnet 172.20.28.0/24 for the pool currently being configured and
identifies this pool as an automatic pool. Alternatively, the mask could have been specified as
255.255.255.0.
matrix-x(router-config)# ip dhcp pool pool_1
matrix-x(router-config-dhcp)# network 172.20.28.0/24
matrix-x(router-config-dhcp)#

default-router
This command specifies a default router list to be assigned to DHCP clients.

Syntax
default-router address [address2...address8]

no default-router

Parameters
address Specifies the IP address of a default router.
address2...address8 (Optional) Specifies, in order of preference, up to 7 additional default router
IP addresses.

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
Up to 8 default routers can be configured with this command. The no form deletes the default
router list.

29-8 DHCP Commands

DHCP Server Commands

Example
This example assigns a default router at 14.12.1.99 to the address pool currently being configured:
matrix-x(router-config-dhcp)# default-router 14.12.1.99

dns-server
This command specifies one or more DNS servers to be assigned to DHCP clients.

Syntax
dns-server address [address2...address8]

no dns-server

Parameters
address Specifies the IP address of a DNS server.
address2 ... address8 (Optional) Specifies, in order of preference, up to 7 additional DNS server IP
addresses.

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
Up to 8 DNS servers can be configured. The no form deletes the DNS server list.

Example
This example assigns DNS server 11.12.1.99 to the address pool being configured:
matrix-x(router-config-dhcp)# dns-server 11.12.1.99

domain-name
This command specifies a domain name to be assigned to DHCP clients.

Syntax
domain-name domain

no domain-name

Parameters
domain Specifies a domain name string.

Matrix X Router Command Line Interface Reference Guide 29-9

DHCP Server Commands

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
The no form deletes the domain name.

Example
This example assigns the mycompany.com domain name to the address pool being configured:
matrix-x(router-config-dhcp)# domain-name mycompany.com

netbios-name-server
This command assigns one or more NetBIOS WINS servers to DHCP clients.

Syntax
netbios-name-server address [address2...address8]

no netbios-name-server

Parameters
address Specifies the IP address of a NetBIOS WINS server.
address2 ... address8 (Optional) Specifies, in order of preference, up to 7 additional NetBIOS
WINS server IP addressees.

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
Up to 8 addresses can be configured. The no form deletes the NetBIOS WINS server list.

Example
This example assigns a NetBIOS WINS server at 13.12.1.90 to the address pool being configured:
matrix-x(router-config-dhcp)#netbios-name-server 13.12.1.90

29-10 DHCP Commands

DHCP Server Commands

netbios-node-type
This command specifies a NetBIOS node (server) type to be assigned to DHCP clients.

Syntax
netbios-node-type type

no netbios-node-type

Parameters
type Specifies the NetBIOS node type. Valid values and their corresponding types are:
• h‐node — hybrid (WINS, then broadcast) (recommended)
• b‐node — broadcast (no WINS)
• p‐node — peer (WINS only)
• m‐node — mixed (broadcast, then WINS)

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
The no form of this command deletes the NetBIOS node type.

Example
This example specifies hybrid as the NetBIOS node type for the address pool:
matrix-x(router-config-dhcp)# netbios-node-type h-node

Matrix X Router Command Line Interface Reference Guide 29-11

DHCP Server Commands

lease
This command specifies the duration of the lease for an IP address assigned by a DHCP server to a
client.

Syntax
lease {days [hours [minutes]] | infinite}

no lease

Parameters
days Specifies the number of days an address lease will remain valid.
hours (Optional) When a days value has been assigned, specifies the number of
hours an address lease will remain valid.
minutes (Optional) When a days value and an hours value have been assigned,
specifies the number of minutes an address lease will remain valid.
infinite Specifies that the duration of the lease will be unlimited.

Defaults
1 day.

Mode
Router DHCP Address Pool Configuration.

Usage
The no form resets the lease duration to the default value of 1 day (24 hours). To configure a lease
time less than one day, enter 0 for days, then the number of hours and minutes.

Example
This example sets a twelve‐hour lease to the address pool currently being configured.
matrix-x(router-config-dhcp)# lease 0 12

29-12 DHCP Commands

DHCP Server Commands

host
This command specifies an IP address and network mask for manual DHCP binding.

Syntax
host address [mask | /prefix-length]

no host

Parameters
address Specifies the IP address for manual binding.
mask | /prefix‐length (Optional) Specifies a network mask or prefix for the IP address.

Defaults
If a mask or prefix is not specified, the class A, B, or C natural mask will be used.

Mode
Router DHCP Address Pool Configuration.

Usage
Use this command to specify that the address pool being configured is for manual binding. In
addition to configuring the IP address and optional mask for manual binding, this command
enables the use of the other manual binding address pool commands — hardware‐
address,client‐identifier, and client‐name — and disables the use of the network command,
which is used only for configuring automatic address pools.
The no form removes the client IP address.

Example
This example sets 15.12.1.99 255.255.248.0 as the IP address and subnet mask for manual binding
to a client in the address pool currently being configured:
matrix-x(router-config-dhcp)# host 15.12.1.99 255.255.248.0

Matrix X Router Command Line Interface Reference Guide 29-13

DHCP Server Commands

hardware-address
This command specifies the MAC address of the DHCP client when creating an address pool for
manual binding.

Syntax
hardware-address hardware-address

no hardware-address

Parameters
hardware‐address Specifies the MAC address of the client’s hardware platform.

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
Use this command to specify the hardware address of the DHCP client. This command can only be
used when creating a manual binding address pool, after the host command has been entered.
Either a hardware address or a client identifier (see the client‐identifier command) must be
specified in a manual pool, but not both.
The no form of this command removes the hardware address from the manual pool being
configured.

Example
This example specifies 0001.f401.2710 as an Ethernet MAC address for the manual address pool
being configured:
matrix-x(router-config-dhcp)# host 15.12.1.99 255.255.248.0
matrix-x(router-config-dhcp)# hardware-address 0001.f401.2710

29-14 DHCP Commands

DHCP Server Commands

client-identifier
When creating an address pool for manual binding, this command associates a client identifier
with a DHCP client.

Syntax
client-identifier id-string

no client-identifier

Parameters
id‐string Specifies the client’s identifier.

Defaults
None.

Mode
Router DHCP address pool configuration.

Usage
This command can only be used when creating a manual binding address pool, after the host
command has been entered. Either a hardware address (see the hardware‐address command) or a
client identifier must be specified in a manual pool, but not both.
The client identifier option is used to specify the distinct identification of a DHCP client in dotted‐
hexadecimal notation. DHCP servers use this value to index their database of address bindings.
This value is expected to be unique for all clients in an administrative domain.
Microsoft DHCP clients require client identifiers instead of hardware addresses. The client
identifier is formed by concatenating the media type and the MAC address. For example, the
Microsoft client identifier for Ethernet address 0001.f401.2710 is 0100.01f4.0127.10, where 01
represents the Ethernet media type. For a list of media type codes, refer to the ʺAddress Resolution
Protocol Parametersʺ section of RFC 1700, Assigned Numbers.
The no form of this command deletes a client identifier from the pool being configured.

Example
This example assigns an Ethernet address 0001.f401.2710 as the client identifier for a manual pool:
matrix-x(router-config-dhcp)# host 15.12.1.99 255.255.248.0
matrix-x(router-config-dhcp)# client-identifier 0100.01f4.0127.10

Matrix X Router Command Line Interface Reference Guide 29-15

DHCP Server Commands

client-name
This command assigns a name to a DHCP client when creating an address pool for manual
binding.

Syntax
client-name name

no client-name

Parameters
name Specifies a name for a DHCP client.
Note: The client name should not include the domain name.

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
This command can only be used when creating a manual binding address pool, after the host
command has been entered.
The no form of this command deletes a client name from the pool being configured.

Example
The following example assigns soho1 as a client name.
matrix-x(router-config-dhcp)# host 15.12.1.99 255.255.248.0
matrix-x(router-config-dhcp)# client-name soho1

29-16 DHCP Commands

DHCP Server Commands

bootfile
This command specifies the default boot image for a DHCP client.

Syntax
bootfile filename

no bootfile

Parameters
filename Specifies the boot image file name.

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
Use this command to specify a default boot image for the DHCP clients who will be configured
using the address pool being configured.
The no form of this command deletes the boot image association.

Example
The following example specifies dhcpboot as the boot image file in the address pool being
configured.
matrix-x(router-config-dhcp)# bootfile dhcpboot

Matrix X Router Command Line Interface Reference Guide 29-17

DHCP Server Commands

next-server
This command specifies the file server from which the default boot image is to be loaded.

Syntax
next-server ip-address

no next-server

Parameters
ip‐address Specifies the IP address of the file server from which the default boot image is
to be loaded.

Defaults
None.

Mode
Router DHCP Address Pool Configuration.

Usage
The next server is the server the client will contact to load the boot file. A next server is usually
specified in a manual DHCP binding configuration in order to provide an IP address to a BOOTP
client and allow the client to receive the TFTP server address when downloading a boot file image.
The no form of this command removes the next server from the address pool being configured.

Example
This example specifies 10.20.42.13 as the client’s boot server:
matrix-x(router-config-dhcp)# next-server 10.20.42.13

29-18 DHCP Commands

DHCP Server Commands

option
This command configures DHCP options, described in RFC 2132.

Syntax
option code [instance number] {ascii string | hex string | ip address [address2
... address8]}

no option code [instance number]

Parameters
code Specifies a DHCP option code as defined by RFC 2132.
instance number (Optional) Assigns an instance number to this option. Range: 0 to 255.
ascii string | hex Specifies a code parameter as defined by RFC 2132. An ASCII character
string | ip address string containing a space must be enclosed in quotations.

Defaults
If instance is not specified, none (0) will be applied.

Mode
Router DHCP Address Pool Configuration.

Usage
These configuration parameters and other control information are carried in tagged data items
that are stored in the options field of the DHCP message to network hosts. For a current list of
DHCP options, refer to RFC 2132.
The no form of this command deletes a DHCP option from the pool being configured.

Examples
This example configures DHCP option 19, which specifies whether the client should configure its
IP layer for packet forwarding. In this case, IP forwarding is enabled with the 01 value:
matrix-x(router-config-dhcp)# option 19 hex 01
This example configures DHCP option 72, which assigns one or more Web servers for DHCP
clients. In this case, two Web server addresses are configured:
matrix-x(router-config-dhcp)# option 72 ip 168.24.3.252 168.24.3.253

Matrix X Router Command Line Interface Reference Guide 29-19

DHCP Server Commands

Show and Clear Commands

The commands to display and clear DHCP bindings and statistics are:

For information about... Refer to page...

show ip dhcp binding 29-20

clear ip dhcp binding 29-21

show ip dhcp server statistics 29-21

clear ip dhcp server statistics 29-23

show ip dhcp binding

This command displays information about one or all DHCP address bindings.

Syntax
show ip dhcp binding [ip-address]

Parameters
ip‐address (Optional) Displays bindings for a specific client IP address.

Defaults
If ip‐address is not specified, information about all active address bindings will be shown.

Mode
Router Privileged EXEC.

Example
This example displays the DHCP binding address parameters, including MAC addresses, lease
expiration dates, and type of address assignments:
matrix-x(router-exec)# show ip dhcp binding

IP address Hardware address Lease expiration Type

172.28.1.249 00a0.c976.6d38 APR 09 2004 03:33PM Automatic
172.28.1.254 00a0.ccd1.12f8 Infinite Manual

29-20 DHCP Commands

DHCP Server Commands

clear ip dhcp binding

This command deletes one or all automatic DHCP address bindings.

Syntax
clear ip dhcp binding {address | *}

Parameters
address | * Specifies an automatic address binding to be deleted, or that all (*)
automatic bindings will be deleted.

Defaults
None.

Mode
Router Privileged EXEC.

Example
This example deletes the address binding 18.12.22.99 from the DHCP server bindings database:
matrix-x(router-exec)# clear ip dhcp binding 18.12.22.99

show ip dhcp server statistics

This command displays DHCP server statistics.

Syntax
show ip dhcp server statistics

Parameters
None.

Defaults
None.

Mode
Router Privileged EXEC.

Example
This example displays DHCP server statistics:
matrix-x(router-exec)# show ip dhcp server statistics

Memory usage 614874

Address pools 3
Database agents 0
Automatic bindings 1

Matrix X Router Command Line Interface Reference Guide 29-21

DHCP Server Commands

Manual bindings 1
Expired bindings 1
Malformed messages 0

Message Received
BOOTREQUEST 0
DHCPDISCOVER 0
DHCPREQUEST 646
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 0

Message Sent
BOOTREPLY 0
DHCPOFFER 0
DHCPACK 646
DHCPNAK 0

The following table provides an explanation of the command output.

Output What It Displays...

Memory usage Bytes of RAM allocated by the DHCP server.

Address pools Number of configured address pools in the DHCP database.

Database agents Number of agents configured in the DHCP database. (Not currently supported –
always zero.)

Automatic bindings Number of IP addresses that have been automatically mapped to the clients by the
DHCP server.

Manual bindings Number of IP addresses that have been manually mapped to clients by the DHCP
server.

Expired bindings Number of expired leases.

Malformed Number of truncated or corrupted messages received by the DHCP server.

messages

Message Message type received/sent by the DHCP server.

Received Number of messages received by the DHCP server.

Sent Number of messages sent by the DHCP server.

29-22 DHCP Commands

DHCP Server Commands

clear ip dhcp server statistics

This command resets all DHCP server counters.

Syntax
clear ip dhcp server statistics

Parameters
None.

Defaults
None.

Mode
Router Privileged EXEC.

Example
This example resets all DHCP server counters:
matrix-x(router-exec)# clear ip dhcp server statistics

Matrix X Router Command Line Interface Reference Guide 29-23

DHCP Server Commands

29-24 DHCP Commands

30
DVMRP Commands

Overview
This chapter describes the Distance Vector Multicast Routing Protocol (DVMRP) router
commands.
DVMRP routes multicast traffic using a technique that can be described as broadcast and prune.
When a router receives IP multicast packets, it forwards the packets out on all possible paths
except the one that leads back to the source. Other routers send prune messages back up the
distribution tree to stop subsequent packets from traveling where there are no relevant multicast
group members to receive the packets. In this way, unwanted data traffic is pruned back to the
minimum tree required to reach all current receivers for that source.

For information about... Refer to page...

Global Commands 30-1

Interface Commands 30-9

Querying Commands 30-15

Global Commands
The global DVMRP commands are listed below. These commands are configured in global
configuration mode and set global DVMRP parameters.

For information about... Refer to page...

ip dvmrp default-metric 30-2

ip dvmrp distance 30-3

ip dvmrp prune-lifetime 30-4

ip dvmrp trace file 30-5

Example
The following example configures the prune lifetime at 7000 seconds:
matrix-x(router-config)# ip dvmrp prune-lifetime 7000

30-4 DVMRP Commands

Global Commands

ip dvmrp trace file

This command specifies the file to receive tracing information, the size of the file, whether to
overwrite existing files, and the maximum number of files allowed.

Syntax
ip dvmrp trace file file_name [max-size file_size] [max-files num_files]
[no-timestamp] [overwrite]

no ip dvmrp trace file file_name [max-size file_size] [max-files num_files]

[no-timestamp] [overwrite]

Parameters
file_name Specifies the name of the file to receive the tracing information. The file
name is not specified in quotes.
max‐size file_size[M | (Optional) Specifies the maximum file size in bytes, ranging from 10240
m | K | k] to 4193280 bytes. Notice that there is no space between the file_size
parameter and the unit type.
If no maximum file size is specified, the default is unlimited. The size of a
trace file is limited by the file system on which the trace file resides.
max‐files num_files (Optional) Maximum number of files allowed in the directory, ranging
from 2 to 2,147,483,648.
If no maximum number of files is specified, the default is 2,147,483,648.
no‐timestamp (Optional) Specifies that a timestamp should not be prepended to all
trace lines.
overwrite (Optional) Specifies to begin tracing by appending or truncating an
existing file.

Default
• DVMRP tracing is disabled
• max‐size file_size: Unlimited. The size of a trace file is limited by the file system on which the
trace file resides.
• max‐files num_files: 2,147,483,648 files
• no‐timestamp: Prepend a timestamp to all lines written to a trace file
• overwrite: Append to an existing file

Mode
Router Global Configuration.

Matrix X Router Command Line Interface Reference Guide 30-5

Global Commands

Usage
The trace file command is associated with each protocol, so that information pertaining to a single
protocol can be written to its own file. For DVMRP, the ip dvmrp trace file command specifies a
file for tracing of all DVMRP events. The specific events that are traced are controlled by the ip
dvmrp trace flag command.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
The no form of this command disables this tracing.
Command options are governed by the following rules:
• The max‐size option sets a maximum on the size of the trace file. The size can be specified in
bytes. When the maximum file size is reached, the file is closed and renamed to fname.0, then
fname.1, and so on, until the maximum number of files specified by the max‐files option is
reached. The default is unlimited. The size of a trace file is limited by the file system on which
the trace file resides.
• The max‐files option specifies the maximum number of files allowed in the specified
directory. The range of this parameter is 2 to 2,147,483,648. The default is 2,147,483,648 files.
• The no‐timestamp option disables the pre‐pending of a timestamp to all lines written to the
trace file. The default is to prepend a timestamp to all lines written to a trace file.
• The overwrite option specifies whether to start tracing by truncating or appending to an
existing file.
These options are not cumulative across multiple commands. Consider the following example:
matrix-x(router-config)# ip dvmrp trace file dvmrp.log no-timestamp
matrix-x(router-config)# ip dvmrp trace file dvmrp.log max-files 10

The option given in the second command completely replaces that given in the first. In order to
specify both no‐timestamp and max‐files 10, they must be entered on the same line as follows.
matrix-x(router-config)# ip dvmrp trace file dvmrp.log max-files 10 no-timestamp

Example
In the following example, DVMRP tracing is written to the file dvmrp.log. The maximum size of the
file is configured to be 1024 bytes, and the maximum number of files permitted is 4. When the file
reaches 1 megabyte in size (the maximum size in this configuration), the file is renamed to
dvmrp.log.0, and dvmrp.log is re‐created. When the next dvmrp.log file reaches 1 megabyte in
size, dvmrp.log.0 is renamed dvmrp.log.1, dvmrp.log is renamed dvmrp.log.0, and dvmrp.log is
re‐created. This continues until four log files exist (the maximum allowed in this configuration).
No timestamp will display at the beginning of the trace lines.
matrix-x(router-config)# ip dvmrp trace file dvmrp.log max-size 1024 max-files 4
no-timestamp

30-6 DVMRP Commands

Global Commands

ip dvmrp trace flag

This command specifies DVMRP‐specific tracing options as well as options that are common
across all protocols.

Syntax
ip dvmrp trace flag {route | normal | state | policy |task | timer | all} |
{packets | probe |report | prune | graft [send |receive | send-receive] [detail]}

no ip dvmrp trace flag {route | normal | state | policy | task | timer | all}|
{packets | probe | report | prune | graft [send | receive | send-receive] [detail]}

route Trace routing table changes for routes installed by this protocol or peer
normal Trace normal protocol occurrences. Abnormal protocol occurrences are
always traced
state Trace state machine transition in the protocol
policy Trace the application of protocol and user‐specified policy to routes being
imported or exported
task Trace system interface and processing associated with this protocol
timer Trace timer usage by this protocol
all Turns on all trace flags

The following DVMRP‐specific flags can be associated with the send, receive, or send‐receive
action items:

packets Trace all DVMRP packet types

probe Trace DVMRP probe packets
report Trace DVMRP report packets
prune Trace DVMRP prune packets
graft trace DVMRP graft packets

The following optional action items can be associated with DVMRP‐specific flags:

[send | receive (Optional) Limit tracing to packets sent, received, or both.

| send‐receive]
[detail] (Optional) Specify to use a more verbose format when displaying information
about the contents of packets instead of one or two line.

Default
The default is for no flags to be explicitly configured.

Matrix X Router Command Line Interface Reference Guide 30-7

Global Commands

Mode
Router Global Configuration.

Usage
Use the ip dvmrp trace flag command to specify tracing flags for DVMRP tracing. Each flag must
reside on its own configuration line. For example, you cannot specify to trace both probe and
prune packets in the same command.

Example
In the following example, trace flags specify that both the sent and received prune and graft
messages are traced in detail. This tracing information will be written to the file /var/trace/
dvmrp.log.
matrix-x(router-config)# ip dvmrp trace file dvmrp max-size 1024k
matrix-x(router-config)# ip dvmrp trace flag graft send-receive detail
matrix-x(router-config)# ip dvmrp trace flag prune send-receive detail

30-8 DVMRP Commands

Interface Commands

Interface Commands
The interface DVMRP commands are listed below. These commands are configured in interface
configuration mode and apply to specific interfaces.

For information about... Refer to page...

ip dvmrp 30-9

ip dvmrp disable 30-10

ip dvmrp metric-offset 30-11

ip dvmrp nodvmrpout 30-12

ip dvmrp noretransmit 30-13

ip dvmrp unicast-routing 30-14

ip dvmrp
This command enables or disables the DVMRP protocol on an interface.

Syntax
ip dvmrp

no ip dvmrp

Parameters
None.

Default
By default, DVMRP is not enabled on an interface.

Mode
Router Interface Configuration.

Usage
Use the ip dvmrp command to enable the DVMRP protocol on the referenced interface. This
command turns on both DVMRP tree‐building operations and DVMRP routing. Use the
no ip dvmrp command to turn off both DVMRP tree building and routing.

Example
The following example enables DVMRP on interfaces ge.4.1 and ge.4.2.
matrix-x(router-exec)# config
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip dvmrp
matrix-x(router-config-if-ge.4.1)# exit
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip dvmrp

Matrix X Router Command Line Interface Reference Guide 30-9

Interface Commands

ip dvmrp disable
This command disables processing of DVMRP messages on an interface.

Syntax
ip dvmrp disable

no ip dvmrp disable

Parameters
None.

Default
When DVMRP is enabled on an interface (with the ip dvmrp command), processing of DVMRP
messages is enabled by default.

Mode
Router Interface Configuration.

Usage
Use the ip dvmrp disable command to specify that DVMRP messages received on the current
interface must be ignored. The negative form of this command, no ip dvmrp disable, re‐enables
processing of DVMRP messages on an interface.

Example
The following example disables DVMRP processing on interface ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip dvmrp disable

30-10 DVMRP Commands

Interface Commands

ip dvmrp metric-offset
This command specifies the default value for the interface metric.

Syntax
ip dvmrp metric-offset in metric

no ip dvmrp metric-offset in [metric]

Parameters
in Specifies that this metric applies to the incoming interface.
metric An integer value ranging from 1 to 32, inclusive.

Default
1

Mode
Router Interface Configuration.

Usage
Use the ip dvmrp metric‐offset command to set the metric to add to all routes learned from
neighbors reached through this interface. The negative form of this command, no ip dvmrp
metric‐offset, will remove the configured value and re‐set this parameter to its default value.
You can set the metric value at the router level with the ip dvmrp default‐metric command. This
command, however, will override the router level metric for the interface being configured.
Note that specifying a value for metric in the no form has no effect on the configuration. So, it is
displayed above as optional.

Examples
In the following example, a metric of 5 is added to the route metric for each route learned from
neighbors reached through interface ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip dvmrp metric-offset in 5

In the following example, a metric of 8 is added to the route metric for each route learned from
neighbors reached through interface ge.4.2:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip dvmrp metric-offset in 8

Matrix X Router Command Line Interface Reference Guide 30-11

Interface Commands

ip dvmrp nodvmrpout
This command instructs DVMRP to only listen on an interface.

Syntax
ip dvmrp nodvmrpout

no ip dvmrp nodvmrpout

Parameters
None.

Default
By default, DVMRP acts as a speaker.

Mode
Router Interface Configuration.

Usage
Use the ip dvmrp nodvmrpout command to disable DVMRP as a speaker on an interface,
although it will continue to listen and accept routes. That is, the interface will not send any
DVMRP protocol packets.

Example
The following example causes interface ge.4.1 to listen and accept routes, but not to send any
DVMRP protocol packets:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip dvmrp nodvmrpout

30-12 DVMRP Commands

Interface Commands

ip dvmrp noretransmit
This command specifies to refrain from re‐sending DVMRP prune packets.

Syntax
ip dvmrp noretransmit

no ip dvmrp noretransmit

Parameters
None.

Default
The exponential backoff mechanism is performed by default.

Mode
Router Interface Configuration.

Usage
Use the ip dvmrp noretransmit command to configure the Matrix X to not perform the
exponential backoff prune retransmission. After the transmission of the first prune, no additional
prunes will be transmitted on reception of data until the prune lifetime has expired.

Example
The following example configures interface ge.4.2 to not perform the exponential prune backoff
mechanism:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip dvmrp noretransmit

Matrix X Router Command Line Interface Reference Guide 30-13

Interface Commands

ip dvmrp unicast-routing
This command configures the interfaces to perform only DVMRP route exchange.

Syntax
ip dvmrp unicast-routing

no ip dvmrp unicast-routing

Parameters
None.

Default
Multicast delivery tree‐building operations are performed by default.

Mode
Router Interface Configuration.

Usage
Use the ip dvmrp unicast‐routing command to configure the specified interfaces to perform only
DVMRP route exchange. This is different from the ip dvmrp command, which enables both tree‐
building operations and routing. When ip dvmrp unicast‐routing is configured, the DVMRP
multicast delivery tree‐building operations will not be performed on the interface. The negative
form of this command, no ip dvmrp unicast‐routing, effectively disables DVMRP, as DVMRP
tree‐building operations require DVMRP routing functionality.

Examples
The following example turns on DVMRP routing:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip dvmrp unicast-routing

The following example illustrates how to turn on only DVMRP routing (no tree building) on an
interface on which both tree‐building and routing have previously been enabled with the ip
dvmrp command. First the no ip dvmrp command is used to disable tree‐building and routing,
then the ip dvmrp unicast‐routing command is used to enable just routing:
matrix-x(router-config) interface ge.4.2
matrix-x(router-config-if-ge.4.2)# no ip dvmrp
matrix-x(router-config-if-ge.4.2)# ip dvmrp unicast-routing

30-14 DVMRP Commands

Querying Commands

Querying Commands
The commands used to display DVMRP information are listed below. They can be executed in
execution, global configuration, or interface configuration modes.

For information about... Refer to page...

show ip dvmrp interfaces 30-15

show ip dvmrp neighbors 30-16

show ip dvmrp route 30-17

show ip dvmrp interfaces

This command displays information about the interfaces on which DVMRP is enabled.

Syntax
show ip dvmrp interfaces

Parameters
None.

Defaults
None.

Mode
Router Privileged EXEC.
Router Global Configuration.
Router Interface Configuration.

Usage
Use the show ip dvmrp interfaces query to display information about all interfaces on which
DVMRP is running.

Example
The following example returns information about all interfaces on which DVMRP is enabled. The
fields in the output are described in the following table.
matrix-x(router-config)# show ip dvmrp interfaces
ge.4.2, 192.168.10.1, vif 1, with 3 DVMRP neighbors
5 bad DVMRP packets received, 2 bad DVMRP routes
received eth2, 192.168.100.1, vif 2, with 1 DVMRP neighbor
0 bad DVMRP packets received, 0 bad DVMRP routes received
The following table describes the fields that appear in the DVMRP Interfaces Query.

Matrix X Router Command Line Interface Reference Guide 30-15

Querying Commands

Field Description

ge.4.2 The physical interface name

192.168.10.1 The IPv4 address used on the interface by the DVMRP protocol

vif The Vif number used to represent this interface to the kernel

DVMRP neighbors The number of DVMRP neighbors reachable on the interface

packets The number of bad DVMRP packets received on the interface

routes The number of bad DVMRP routes received on the interface

show ip dvmrp neighbors

This command displays information about this router’s DVMRP neighbors.

Syntax
show ip dvmrp neighbors

Parameters
None.

Defaults
None.

Mode
Router Privileged EXEC.
Router Global Configuration.
Router Interface Configuration.

Usage
Use the show ip dvmrp neighbors query to display information about all of this router’s DVMRP
neighbors.

Example
The following example shows information returned for all DVMRP neighbors.
matrix-x(router-config)# show ip dvmrp neighbors
192.168.10.1 uptime 01:10:55, expires 00:00:25 via ge.4.1, [version 3.255]
[flags: GPM]
192.168.10.2 uptime 01:10:52, expires 00:00:21 via ge.4.1, [version 3.255]
[flags: GPM]
192.168.100.1 uptime 02:01:25, expires 00:00:19 via ge.4.2, [version 3.255]
[flags: GPM]
The following table describes the fields that appear in the DVMRP Neighbors Query.

30-16 DVMRP Commands

Querying Commands

Field Description

192.168.10.1 The DVMRP neighbor address

uptime Interval the neighbor has been known, expressed in hours:minutes:seconds.

expires Interval until the neighbor is removed unless refreshed, expressed in

hours:minutes:seconds.

via The interface through which the neighbor can be reached

version The DVMRP version of the neighbor router

flags The capabilities of the neighbor router

G: Neighbor supports GenID
P: Neighbor supports prune mechanism
M: Neighbors supports mtrace
V: Verified
N: Netmask supported
S: SNMP supported

show ip dvmrp route

This command displays information about the routes in the DVMRP routing table.

Syntax
show ip dvmrp route [ipv4-address | interface-name]

Parameters
ipv4-address Optionally specifies a valid IPv4 address in dotted‐quad notation.
interface-name Optionally specify a physical interface name

Defaults
None.

Mode
Router Privileged EXEC.
Router Global Configuration.
Router Interface Configuration.

Usage
Use the show ip dvmrp route query to display information about the routes in the shown. When
an IPv4 address is given, then data about the best match route is shown . When a physical
interface name is given, then data about only those reached through that interface are shown.

Examples
The following example returns information about all DVMRP routes:
matrix-x(router-config)# show ip dvmrp route

Matrix X Router Command Line Interface Reference Guide 30-17

Querying Commands

10.5.0.0/16 [70/10] uptime 00:5:45, expires 00:01:10

via 192.168.20.1, ge.4.2
192.168.10.0/25 [70/5] uptime 01:23:55, expires 00:02:24
via 172.0.0.10, ge.4.1

The following example returns information for the best match routes to 192.168.10.1:
matrix-x(router-config)# show ip dvmrp route 192.168.10.1
DVMRP Routing Table - 1 Entry
192.168.10.0/25 [70/5] uptime 01:23:55, expires 00:02:24
via 172.0.0.10, ge.4.1

The following example returns information about destinations reached through interface ge.4.1:
matrix-x(router-config)# show ip dvmrp route ge.4.1
DVMRP Routing Table - 1 Entry
192.168.10.0/25 [70/5] uptime 01:23:55, expires 00:02:24
via 172.0.0.10, ge.4.1
192.168.10.1/25 [70/5] uptime 01:23:55, expires 00:02:24
via 172.0.0.20, ge.4.1
The following table describes the fields that appear in the DVMRP Route to Source Query.

Field Description

192.168.10.0/25 The source network

[70/5] Preference/metric of a route

uptime Interval the route has been in the routing table, expressed in hours:minutes:seconds

expires Interval until the route is removed, unless refreshed, expressed in

hours:minutes:seconds

via The nexthop router to source network

ge.4.1 The interface toward the source network

30-18 DVMRP Commands

31
Multicast Commands

The multicast commands are used to set interface‐specific options such as time‐to‐live (TTL)
thresholds and administratively scoped boundaries.

Commands
For information about... Refer to page...

clear ip mroute 31-2

ip multicast boundary 31-3

ip multicast ttl-threshold 31-4

show ip mroute 31-5

show ip multicast boundary 31-6

show ip multicast ttl-threshold 31-6

Matrix X Router Configuration Guide 31-1

Commands clear ip mroute

clear ip mroute
This command deletes entries from the IP Multicast Routing Table.

Syntax
clear ip mroute {group [source]}

Parameters
group Specifies the IP address of the multicast group, entered in dotted notation.
source (Optional) If a multicast group has been specified, this parameter can be used to
specify the IP address of a multicast source that is transmitting to the group. A
source does not need to be a member of the group.

Defaults
None.

Mode
Router privileged execution.

Usage
Use this command to delete entries from the IP Multicast Routing Table. You can delete entries for
a specific multicast group, or entries for sources transmitting to a specific multicast group.

Example
The following example deletes from the multicast routing table all sources on the 10.4.0.0 subnet
that are transmitting to multicast group 229.10.10.10:
matrix-x(router-exec)# clear ip mroute 229.10.10.10 10.4.0.0

31-2 Multicast Commands

ip multicast boundary Commands

ip multicast boundary
This command specifies an administratively scoped boundary for a single multicast group on the
associated interfaces.

Syntax
ip multicast boundary <group-address> <mask-length>
no ip multicast boundary <group-address> <mask-length>

Parameters
group‐address Specify a valid IPv4 address to denote the group address.
mask-length The length of the mask associated with the group prefix, specified as an
integer.

Defaults
This command is not explicitly configured by default.

Mode
Router interface configuration.

Usage
Use this command to configure administratively scoped group boundaries on the indicated
interface(s). This command is only available on routed interfaces.

Example
The following example configures an administratively scoped boundary for multicast group
229.1.2.3 and then displays all configured multicast boundaries using the show ip multicast
boundary command.
matrix-x(router-config-if-ge.1.10)# ip multicast boundary 229.1.2.3/32
matrix-x(router-config-if-ge.1.10)# exit
matrix-x(router-config)# exit
matrix-x(router-exec)# show ip multicast boundary
Multicast Boundaries
224.5.5.0/24
vlan.1.1
225.7.8.9/32
vlan.1.2
229.1.2.3/32
ge.1.10

Matrix X Router Configuration Guide 31-3

Commands ip multicast ttl-threshold

ip multicast ttl-threshold
This command specifies the minimum time‐to‐live that a multicast data packet can have and still
be forwarded over the associated interface

Syntax
ip multicast ttl-threshold ttl
no ip multicast ttl-threshold [ ttl ]

Parameters
ttl An integer from 0 to 255, inclusive.

Defaults
0

Mode
Router interface configuration.

Usage
The ip multicast ttl‐threshold command specifies the minimum time‐to‐live plus 1 that a
multicast data packet can have and still be forwarded over the associated interface. A value of 0
indicates that no multicast data packets should be forwarded over the associated interface(s). This
command is only available on routed interfaces.

Example
The following example configures a threshold of 20 on interface ge.4.1.
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip multicast ttl-threshold 20

31-4 Multicast Commands

show ip mroute Commands

show ip mroute
This command displays the contents of the Multicast Routing Table

Syntax
show ip mroute

Parameters
None.

Mode
All modes.

Usage
The output of the show ip mroute query displays the content of the Multicast routing table.

Example
The following example shows a response to the show ip mroute query.
matrix-x(router-exec)# show ip mroute
Multicast Routing Table
(172.1.1.11, 224.2.2.2), uptime: 00:00:29
Incoming interface: register
Outgoing interface list:
ge.2.4
The following table describes the fields that appear in the Multicast MRT Query.

Field Description

(171.1.1.11, 224.2.2.2) The entries in the IP multicast routing table.

Uptime The length of time that the (*,G) or (S,G) entry has
been created in hours:minutes:seconds.

Incoming interface The expected interface for a multicast packet from

the source.

Outgoing interface list The interfaces through which packets will be

forwarded.

Matrix X Router Configuration Guide 31-5

Commands show ip multicast boundary

show ip multicast boundary

This command displays all boundaries within all interfaces.

Syntax
show ip multicast boundary

Parameters
None.

Mode
Global Router Configuration.
Router Interface Configuration for routed interfces.

Usage
Use the show ip multicast boundary query to obtain summarized information for all boundaries
within all interfaces.

Example
The following example shows a response to the show ip multicast boundary query.
matrix-x(router-exec)# show ip multicast boundary
Multicast Boundaries
224.5.5.0/24
vlan.1.1
225.7.8.9/32
vlan.1.2
229.1.2.3/32
ge.1.10

show ip multicast ttl-threshold

This command displays information about the multicast TTL threshold.

Syntax
show ip multicast ttl-threshold

Parameters
None.

Mode
Router privileged execution.

Usage
The output of the show ip multicast ttl‐threshold query displays information about the multicast
TTL threshold.

31-6 Multicast Commands

show ip multicast ttl-threshold Commands

Example
The following example shows the ttl‐threshold value for each interface.
matrix-x(router-exec)# show ip multicast ttl-threshold
ifname if-index vif ttl-threshold
lo 1 0 1
vlan.1.101 1000101 2 1
vlan.1.101 1000101 2 1
vlan.1.102 1000102 3 1
vlan.1.401 1000401 5 1
vlan.1.402 1000402 6 1
vlan.1.403 1000403 7 1
vlan.1.404 1000404 8 1
vlan.1.405 1000405 9 1
vlan.1.405 1000405 9 1
vlan.1.3000 1003000 4 1
loopback1 3000001 1 1

Matrix X Router Configuration Guide 31-7

Commands show ip multicast ttl-threshold

31-8 Multicast Commands

32
IGMP Commands

Overview
This chapter describes both the switch‐level and router‐level sets of IGMP commands.
IGMP can be configured independently at the switch level (Layer 2) and at the router level
(Layer 3). At Layer 2, IGMP can be enabled for VLANs regardless of whether it is enabled on
routed interfaces. However, if IGMP is enabled on a routed interface, and the routed interface is a
routed VLAN, then IGMP must also be enabled at the switch level.
If IGMP is enabled for both routing and switching on a routed VLAN, certain parameters must
match at Layer 2 and Layer 3 for the proper operation of IGMP. These parameters include:
• IGMP version
• Query interval
• Robustness variable
• Max query response time
• Last member query interval
Also, when IGMP is enabled at both layers, IGMP query functionality should be left to the router,
so IGMP querier should be disabled at Layer 2.

Note: In router mode, enabling a multicast routing protocol does not automatically enable IGMP.
IGMP must be specifically enabled on each routed interface that requires the functionality.

For information about... Refer to page...

Switch-Level IGMP Commands 32-2

Router-Level IGMP Commands 32-12

Matrix X Router Command Line Interface Reference Guide 32-1

Switch-Level IGMP Commands

Purpose
Use these switch‐level commands to display IGMP status, to enable or disable IGMP snooping on
the device, to configure IGMP parameters, including query interval and response time settings,
and to create and configure static IGMP entries.

Commands
The commands used to display, enable, disable, and configure IGMP at the switch level are listed
below
.

For information about... Refer to page...

show igmp enable 32-3

set igmp enable 32-3

set igmp disable 32-4

show igmp query 32-4

set igmp query-enable 32-5

set igmp query-disable 32-6

show igmp config 32-6

set igmp config 32-7

set igmp delete 32-8

show igmp groups 32-9

show igmp static 32-9

set igmp add-static 32-10

set igmp remove-static 32-11

32-2 IGMP Commands

Switch-Level IGMP Commands

show igmp enable

This command displays the status of IGMP on one or more VLAN(s).

Syntax
show igmp enable vlan-list

Parameters
vlan‐list Specifies the VLAN(s) for which to display IGMP status.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays the IGMP status for VLAN 104:
matrix-x(switch-su)-> show igmp enable 104
IGMP Default State for vlan 104 is Disabled

set igmp enable

This command enables IGMP on one or more VLANs.

Syntax
set igmp enable vlan-list

Switch-Level IGMP Commands

Field Description

IGMP Querier IP address Represents the current querier on the VLAN.

QuerierUpTime The time this querier has been the elected querier.
D = days
H = hours
M = minutes

set igmp query-enable

This command enables IGMP querying on one or more VLANs.

Syntax
set igmp query-enable vlan-list address ip-address

Parameters
vlan‐list Specifies the VLAN(s) on which to enable IGMP querying.
ip‐address Specifies the IP address used if the switch sources an IGMP query on
VLAN list. The IP address should be a valid IP address represented by
the VLAN and must not be 0.0.0.0.

Defaults
IGMP querying is disabled by default.

Mode
Switch command, read‐write.

Example
The following example enables IGMP querying on VLAN 104 using IP address 10.0.0.1:
matrix-x(switch-su)-> set igmp query-enable 104 address 10.0.0.1

Matrix X Router Command Line Interface Reference Guide 32-5

Switch-Level IGMP Commands

set igmp query-disable

This command disables IGMP querying on one or more VLANs.

Syntax
set igmp query-disable vlan-list

Parameters
vlan‐list Specifies the VLAN(s) on which to disable IGMP querying.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example disables IGMP querying on VLAN 104:
matrix-x(switch-su)-> set igmp query-disable 104

show igmp config

This command displays IGMP configuration information for one or more VLANs.

Syntax
show igmp config vlan-list

Parameters
vlan‐list Specifies the VLAN(s) for which to display IGMP configuration data.

Defaults
None.

Mode
Switch command, read‐only.

Example
The following example displays IGMP configuration information for VLAN 104:
matrix-x(switch-su)-> show igmp config 104
IGMP config for vlan 104
VlanQueryInterval - 125
VlanStatus - Active
Vlan IGMP Version - 2
VlanQuerier - 10.0.0.1 vvv

32-6 IGMP Commands

Switch-Level IGMP Commands

VlanQueryMaxResponseTime - 100
VlanRobustness - 2
VlanLastMemberQueryIntvl - 10
The following table shows a detailed explanation of command output. For details on setting these
parameters, refer to the set igmp config command.

Output What It Displays...

VlanQueryInterval Frequency (in seconds) of host-query frame transmissions.

VlanStatus Whether or not VLAN configuration is Active or Not in Service.

Vlan IGMP Version Whether or not IGMP version is 1 or 2.

VlanQuerier This is the IP address set using the set igmp query-enable command. If
no querier was set for vlan-list, 0.0.0.0. is displayed.

VlanQueryMaxResponseTime Maximum query response time (in tenths of a second).

VlanRobustness Robustness value

VlanLastMemberQueryIntvl Last member query interval. This is the maximum response time
inserted into group-specific queries which are sent in response to
Leave Group messages. It is also the interval between group-specific
query messages.

set igmp config

This command configures IGMP settings on one or more VLANs.

Syntax
set igmp config vlan-list {[query-interval query-interval] [igmp-version
igmp-version] [max-resp-time max-resp-time] [robustness robustness] [last-mem-int
last-mem-int]}

Parameters
vlan‐list Specifies the VLAN(s) on which to configure IGMP.
query‐interval (Optional) Specifies the frequency of host‐query frame transmissions,
query‐interval ranging from 1 to 65535 seconds. This value works together with max‐
resp‐time to remove ports from an IGMP group.
igmp‐version (Optional) Specifies the IGMP version. Valid values are:
igmp‐version
1 ‐ IGMP V1
2 ‐ IGMP V2
max‐resp‐time (Optional) Specifies the maximum query response time, ranging from 1
max‐resp‐time to 255 seconds. This value works together with query‐interval to remove
ports from an IGMP group.
robustness robustness (Optional) Specifies the robustness value, ranging from 2 to 255. This
can be increased to tune for expected packet loss on a subnet.

Matrix X Router Command Line Interface Reference Guide 32-7

Switch-Level IGMP Commands

last‐mem‐int (Optional) Specifies the Last Member Query Interval, ranging from 1 to
last‐mem‐int 255. This is the maximum response time inserted into group‐specific
queries which are sent in response to Leave Group messages. It is also
the interval between group‐specific query messages.

Defaults
• Query interval: 125 seconds
• IGMP version: 2
• Maximum query response time: 100 seconds
• Robustness: 2
• Last member query interval: 10

Mode
Switch command, read‐write.

Usage
At least one optional parameter must be specified.

Example
The following example sets the IGMP query interval time to 250 seconds on VLAN 1:
matrix-x(switch-su)-> set igmp config 1 query-interval 250

set igmp delete

This command removes IGMP configuration settings for one or more VLANs.

Syntax
set igmp delete vlan-list

Parameters
vlan‐list Specifies the VLAN(s) on which configuration settings will be cleared.

Defaults
None.

Mode
Switch command, read‐write.

Example
The following example removes IGMP configuration settings for VLAN 104:
matrix-x(switch-su)-> set igmp delete 104

32-8 IGMP Commands

Switch-Level IGMP Commands

show igmp groups

This command displays information about IGMP groups known to one or more VLANs.

Syntax
show igmp groups vlan-list

Parameters
vlan‐list Specifies the VLAN(s) for which to display IGMP group information.

Defaults
None.

Mode
Switch command, read‐only.

Example
In the following example, the device knows to forward all multicast traffic for IP group address
224.0.0.2 (VLAN 105) to Gigabit Ethernet port 2 in slot 5, and Gigabit Ethernet port 10 in slot 7:
matrix-x(switch-su)-> show igmp groups 105
-----------------------------------------------------------
Vlan Id = 105 Multicast Group Address = 224.0.0.2 Type = IGMP
IGMP Port List = ge.5.2 ge.7.10

show igmp static

This command displays static IGMP ports for one or more VLANs or IGMP groups.

Syntax
show igmp static vlan-list [group group]

Parameters
vlan‐list Specifies the VLAN(s) for which to display static IGMP information.
group group (Optional) Displays information for a specific IGMP group (IP address).

Defaults
If not specified, static IGMP information will be displayed for all groups.

Mode
Switch command, read‐only.

Matrix X Router Command Line Interface Reference Guide 32-9

Switch-Level IGMP Commands

Example
This example displays static IGMP data for VLAN 105 similar to the show igmp groups display:
matrix-x(switch-su)-> show igmp static 105
-----------------------------------------------------------
Vlan Id = 105 Multicast Group Address = 224.0.0.2 Type = IGMP
IGMP Port List = ge.5.2 ge.7.10

set igmp add-static

This command creates a new static IGMP entry, or adds one or more ports to an existing entry.

Syntax
set igmp add-static group vlan-list [modify] [port-string]

Parameters
group Specifies a group IP address for the entry.
vlan‐list Specifies the VLAN(s) on which to configure the entry.
modify port‐string (Optional) Adds specified port(s) to an existing entry.

Defaults
None.

Mode
Switch command, read‐write.
Example
The following example adds port ge.1.3 to the IGMP group at 224.0.2 (VLAN 105):
matrix-x(switch-su)-> set igmp add-static 224.0.0.2 105 modify ge.1.3

32-10 IGMP Commands

Switch-Level IGMP Commands

set igmp remove-static

This command deletes a static IGMP entry, or removes one or more ports from an existing entry.

Syntax
set igmp remove-static group vlan-list [modify] [port-string]

Parameters
group Specifies a group IP address for the entry. The first number in an IGMP
multicast group address must be in the range of 224 to 255.
vlan‐list Specifies the VLAN(s) on which to configure the entry.
modify port‐string (Optional) Removes specified port(s) from an existing entry.

Defaults
None

Mode
Switch command, read‐write.

Example
The following example removes port ge.1.3 from the IGMP group at 224.0.0.2 (VLAN 105):
matrix-x(switch-su)-> set igmp remove-static 224.0.0.2 105 modify ge.1.3

Matrix X Router Command Line Interface Reference Guide 32-11

Router-Level IGMP Commands

Purpose
Use these router commands to display IGMP status, to enable or disable IGMP multicast routing
on interfaces, to configure IGMP parameters, including query intervals and response time settings
at the router mode global and interface level, and to create and configure static IGMP entries.

Commands
The router IGMP commands are listed below:

For information about... Refer to page...

clear ip igmp group 32-13

ip igmp 32-14

ip igmp ignore-v1-messages 32-15

ip igmp ignore-v2-messages 32-16

ip igmp last-member-query-count 32-17

ip igmp last-member-query-interval 32-18

ip igmp query-interval 32-19

ip igmp query-max-response-time 32-20

ip igmp require-router-alert 32-21

ip igmp robustness 32-22

ip igmp send-router-alert 32-23

ip igmp startup-query-count 32-24

ip igmp startup-query-interval 32-25

ip igmp static-group 32-27

ip igmp trace file 32-28

ip igmp static-group 32-30

ip igmp version 32-31

show ip igmp groups 32-32

show ip igmp interface 32-35

show ip igmp interface-summary 32-39

show ip igmp static-groups 32-40

The above configuration is meaningless and will result in an error message because the current
version on this interface is not IGMPv3.

Matrix X Router Command Line Interface Reference Guide 32-15

Router-Level IGMP Commands

ip igmp ignore-v2-messages
This command specifies whether to process IGMPv2 messages on the associated interface(s).

Syntax
ip igmp ignore-v2-messages

no ip igmp ignore-v2-messages

Parameters
None.

Defaults
If this command is not entered, IGMPv2 messages are processed.

Mode
Router Interface Configuration.

Usage
Use this command to disable processing of all IGMPv2 messages on the associated interface. Note
that this breaks interoperability with older IGMPv2 speakers on the network and should be done
when it is important to maintain small group leave latencies.
This configuration is meaningful only when the current version on the interface is IGMPv3. A
warning will be given if you attempt to issue the ip igmp ignore‐v2‐messages and the current
version is IGMPv1 or IGMPv2.
Use the no form of this command to reset the interface so that IGMPv2 messages are not ignored.

Examples
In the following example, ip igmp ignore‐v2‐messages is used to disable processing of IGMPv2
messages on interface ge.4.2.
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip igmp ignore-v2-messages

In the following example, the ip igmp ignore‐v2‐messages command is attempted while the
current IGMP version is IGMPv2.
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip igmp version 2
matrix-x(router-config-if-ge.4.2)# ip igmp ignore-v2-messages

The above configuration is meaningless and will result in an error message because the current
version on this interface is not IGMPv3.

32-16 IGMP Commands

Router-Level IGMP Commands

ip igmp last-member-query-count
This command specifies the number of queries sent out on startup, separated by the Last Member
Query Interval.

Syntax
ip igmp last-member-query-count value

no ip igmp last-member-query-count

Parameters
value An integer between 1 and 65535, inclusive.

Defaults
2, if no robustness or global last‐member‐query‐count values have been configured. Refer to the
default behavior details described below in the Usage section.

Mode
Router Global Configuration.
Router Interface Configuration.

Usage
Use this command to configure the value of the Last Member Query Count as specified in RFC
3376. The Last Member Query Count specifies the number of queries sent out on startup,
separated by the Last Member Query Interval.
The last‐member‐query‐count command and its no form can be issued in both Global
Configuration and Interface Configuration modes. If this command is used in Global
Configuration mode, then it configures the default Last Member Query Count for all interfaces
over which IGMP is running. If it is used in Interface Configuration mode, then it configures the
Last Member Query Count for the associated interfaces.
Use the no form of the command to return to the default last‐member‐query‐count value.

Default Behavior
If an interface‐scoped last‐member‐query‐count is configured, then that configured value is used
on the interface. If an interface‐scoped last‐member‐query‐count is not configured, then the value
used on the interface is the value specified in an interface‐scoped robustness. If an interface‐
scoped robustness is not configured, then the value used on the interface is the value specified in
the globally scoped last‐member‐query‐count. If no globally scoped last‐member‐query‐count is
configured, then the value used on the interface is the value of the globally scoped robustness.
Finally, if no globally scoped robustness is configured, then the value used on the interface is 2.

Matrix X Router Command Line Interface Reference Guide 32-17

Router-Level IGMP Commands

Examples
The following example configures the Last Member Query Count to be 4:
matrix-x(router-config)# ip igmp last-member-query-count 4

In the following example, the globally scoped Robustness is configured to be 4. The globally
scoped Last Member Query count is configured to be 5. Neither the interface‐scoped Robustness
nor the interface‐scoped Last Member Query Count is configured for interface ge.4.2. The
no ip igmp startup‐query‐count for ge.4.2 implies that the globally scoped Last Member Query
Count value of 5 will be used on that interface.
matrix-x(router-config)# ip igmp robustness 4
matrix-x(router-config)# ip igmp last-member-query-count 5
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# no ip igmp startup-query-count

ip igmp last-member-query-interval
This command specifies the maximum amount of time that hosts are allowed to respond to
Group‐Specific query messages.

Syntax
ip igmp last-member-query-interval milliseconds

no ip igmp last-member-query-interval

Parameters
milliseconds Specifies a number of milliseconds for the interval. This value can be
either 0 or an integer from 1000 to 31744000, inclusive.
Note: Values ranging from 1 to 999 are not permitted.

Defaults
1000 milliseconds.

Mode
Router Global Configuration.
Router Interface Configuration.

Usage
Use this command to configure the length of the Last Member Query Interval, which is the
interval determining the maximum amount of time that hosts are given to respond to Group‐
Specific or Group‐and‐Source‐Specific queries. This interval value is encoded in the Max Resp
Code field of Group‐Specific or Group‐and‐Source‐Specific Query messages and can be either 0 or
an integer from 1000 to 31744000, inclusive. Note that the value range 1 to 999 is not permitted.
The Last Member Query Interval configuration command and its no form can be issued in both
Global Configuration and Interface Configuration modes. If this interval is configured in Global
Configuration mode, then it is the default Last Member Query Interval for all interfaces over

32-18 IGMP Commands

Router-Level IGMP Commands

which IGMP is running. If this interval is configured in Interface Configuration mode, then it is
the Last Member Query Interval for the associated interfaces.
Use the no form of this command to return to the default value of the Last Member Query
Interval.

Note: If IGMP is enabled for both routing and switching on a routed VLAN interface, this parameter
must also be configured for the same value at Layer 2 (with the set igmp config command).

Examples
The following example configures the default Last Member Query Interval to be 2000 milliseconds
(20 seconds):
matrix-x(router-config)# ip igmp last-member-query-interval 2000

The following example configures the default Last Member Query Interval to be 3000
milliseconds. This value is then overridden on interface ge.4.2, where it is configured to be 2000
milliseconds. The no ip igmp last‐member‐query‐interval for interface ge.4.3 implies that the
configured default value of 3000 will be used on that interface.
matrix-x(router-config)# ip igmp last-member-query-interval 3000
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip igmp last-member-query-interval 2000
matrix-x(router-config-if-ge.4.2)# exit
matrix-x(router-config)# interface ge.4.3
matrix-x(router-config-if-ge.4.3)# no ip igmp last-member-query-interval

ip igmp query-interval
This command specifies the value of the query interval in seconds.

Syntax
ip igmp query-interval seconds

no ip igmp query-interval

Parameters
seconds Specifies a number in seconds between 1 and 3174, inclusive.
Note: This value cannot be less than the Query Response Interval.

Defaults
125 seconds.

Mode
Router Global Configuration.
Router Interface Configuration.

Matrix X Router Command Line Interface Reference Guide 32-19

Router-Level IGMP Commands

Usage
Use this command to specify the value of the Query Interval in seconds. The Query Interval is the
interval between General Queries sent by the Querier. It is encoded in the Query Interval Code
(QQIC) field of General Queries. The Query Interval cannot be less than the Query Response
Interval (configured using ip igmp query‐max‐response‐time). The maximum value of the Query
Interval is 3174 seconds.
This command and its no form can be issued in both Global Configuration Mode and Interface
Configuration Mode. If it is configured in Global Configuration Mode, it configures the default
Query Interval for all interfaces over which IGMP is running. If it is configured in Interface
Configuration Mode, then it configures the Query Interval for the associated interfaces.
Use the no form of the configuration to return to the default value of 125 seconds.

Note: If IGMP is enabled for both routing and switching on a routed VLAN interface, this parameter
must also be configured for the same value at Layer 2 (with the set igmp config command).

Examples
The following example configures the default Query Interval for all interfaces to be 200 seconds:
matrix-x(router-config)# ip igmp query-interval 200

The following example configures the default Query Interval to be 200 seconds and the Query
Interval for interface ge.4.2 to be 210 seconds. The no igmp query‐interval command for ge.4.3
implies that the configured default value of 200 seconds will be used on that interface.
matrix-x(router-config)# ip igmp query-interval 200
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip igmp query-interval 210
matrix-x(router-config-if-ge.4.2)# exit
matrix-x(router-config)# interface ge.4.3
matrix-x(router-config-if-ge.4.3)# no ip igmp query-interval

ip igmp query-max-response-time
This command configures the maximum amount of time allowed before a host sends a report
message.

Syntax
ip igmp query-max-response-time time-seconds

no ip igmp query-max-response-time

Parameters
seconds Specifies the time as a number between 0 and 3174 seconds, inclusive.
Note: This value must be less than or equal to the Query Interval.

Defaults
10 seconds.

32-20 IGMP Commands

Router-Level IGMP Commands

Mode
Router Global Configuration.
Router Interface Configuration.

Usage
Use this command to configure the length of the Query Response Interval, the maximum amount
of time allowed before a Host sends a Report message in response to a received General Query.
This interval is encoded in the Max Resp Code field of General Query messages. The interval can
have a value from 0 to 3174 seconds. This value must be less than or equal to the Query Interval.
The ip igmp query‐max‐response‐time command and its no form can be issued in both Global
Configuration Mode and Interface Configuration Mode. When issued in Global Configuration
Mode, it configures the default Query Response Interval for all interfaces over which IGMP is
running. If it is configured in Interface Configuration Mode, it configures the Query Response
Interval for the associated interfaces.
Use the no form of the configuration to return to the default value of 10 seconds.

Note: If IGMP is enabled for both routing and switching on a routed VLAN interface, this parameter
must also be configured for the same value at Layer 2 (with the set igmp config command).

Examples
The following example configures the default Query Response Interval to be 100 seconds:
matrix-x(router-config)# ip igmp query-max-response-time 100

The following example configures the default Query Response Interval to be 11 seconds and the
Query Response Interval for interface ge.4.2 to be 12 seconds. The no ip igmp query‐max‐
response‐time command for ge.4.5 implies that the configured default value of 11 seconds will be
used on that interface.
matrix-x(router-config)# ip igmp query-max-response-time 11
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip igmp query-max-response-time 12
matrix-x(router-config-if-ge.4.2)# exit
matrix-x(router-config)# interface ge.4.5
matrix-x(router-config-if-ge.4.5)# no ip igmp query-max-response-time

ip igmp require-router-alert
This command specifies whether to ignore messages that do not contain the Router Alert option,
thereby improving protocol security.

Syntax
ip igmp require-router-alert

no ip igmp require-router-alert

Parameters
None.

Matrix X Router Command Line Interface Reference Guide 32-21

Router-Level IGMP Commands

Defaults
The default condition is to ignore messages that do not contain the Router Alert option.

Mode
Router Global Configuration.
Router Interface Configuration.

Usage
Use this command to specify whether to ignore messages that do not contain the Router Alert
option, thereby improving protocol security. If this command is configured, then the following
messages are ignored if they do not contain the Router Alert option:
• State‐Change Report
• Current‐State Report
• Leave Message in IGMP version 2 mode
• Report Message in IGMP version 2 mode
This command and its no form configuration can be issued in both Global Configuration and
Interface Configuration modes. If this is configured in Global Configuration mode, then it
configures the default for all interfaces over which IGMP is running. If it is configured in Interface
Configuration mode, then it configures the parameter for the associated interfaces.
Use the no form configuration to return to the default value.

Example
The following example turns require‐router‐alert off for interface ge.4.2 and on for all other
interfaces:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# no ip igmp require-router-alert
matrix-x(router-config-if-ge.4.2)# exit
matrix-x(router-config)# ip igmp require-router-alert

ip igmp robustness
This command allows for tuning of the IGMP protocol or interface to accommodate a lossy subnet.

Syntax
ip igmp robustness value

no ip igmp robustness

Parameters
value An integer between 2 and 7, inclusive.

Defaults
2

32-22 IGMP Commands

Router-Level IGMP Commands

Mode
Router Global Configuration.
Router Interface Configuration.

Usage
Use this command to tune IGMP for the expected loss on a network. IGMP is robust to
(Robustness ‐ 1) packet losses, and this value is advertised in the Querier’s Robustness Variable
(QRV) field of a Query.
You can issue this command and its no form in both Global Configuration and Interface
Configuration modes. If this command is configured in Global Configuration mode, it configures
the default Robustness for all interfaces over which IGMP is running. If it is configured in
Interface Configuration mode, it configures the Robustness for the associated interfaces.
Use the no form of this configuration to return to the default value of Robustness.

Note: If IGMP is enabled for both routing and switching on a routed VLAN interface, this parameter
must also be configured for the same value at Layer 2 (with the set igmp config command).

Examples
The following example configures the default Robustness to be 3.
matrix-x(router-config)# ip igmp robustness 3

The following example configures the default Robustness to be 3 and the Robustness for interface
ge.4.2 to be 4. The no ip igmp robustness for interface ge.4.5 implies that the configured default
value of 3 will be used on that interface.
matrix-x(router-config)# ip igmp robustness 3
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip igmp robustness 4
matrix-x(router-config-if-ge.4.2)# exit
matrix-x(router-config)# interface ge.4.5
matrix-x(router-config-if-ge.4.5)# no ip igmp robustness

ip igmp send-router-alert
This command specifies whether sent IGMP packets will include the Router Alert option in the IP
packet header.

Syntax
ip igmp send-router-alert

no ip igmp send-router-alert

Parameters
None.

Matrix X Router Command Line Interface Reference Guide 32-23

Router-Level IGMP Commands

Defaults
By default, the router alert option is not included in IP packet headers.

Mode
Router Global Configuration.
Router Interface Configuration.

Usage
Use this command to specify that sent packets should include the router alert option in the IP
packet header.

Examples
The following example turns the send‐router‐alert option on for all of IGMP, then explicitly turns
it off for interface ge.4.2:
matrix-x(router-config)# ip igmp send-router-alert
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# no ip igmp send-router-alert

ip igmp startup-query-count
This command specifies the number of queries sent out on startup, separated by the Startup
Query Interval.

Syntax
ip igmp startup-query-count value

no ip igmp startup-query-count

Parameters
value An integer between 1 and 65535, inclusive.

Defaults
2, if no startup query count or robustness variables have been configured. See description of
default behavior in the Usage section below.

Mode
Router Global Configuration.
Router Interface Configuration.

Usage
Use this command to specify the value of the Startup Query Count as specified in RFC 236 and
RFC 3376. It configures the number of queries sent out on startup, separated by the Startup Query
Interval. The number of queries can range between 1 and 65535, inclusive.

32-24 IGMP Commands

Router-Level IGMP Commands

This command and its no form can be issued in both Global Configuration and Interface
Configuration modes. If this command is issued in Global Configuration mode, then it configures
the default Startup Query Count for all interfaces over which IGMP is running. If it is issued in
Interface Configuration mode, then it configures the Startup Query Count for the associated
interfaces.
Use the no form of this configuration to return to the default value of Startup Query Count.

Default Behavior
If an interface‐scoped startup‐query‐count is configured, then the configured value is used on the
interface. If an interface‐scoped startup‐query‐count is not configured, then the value used on the
interface is the value specified in an interface‐scoped robustness. If an interface‐scoped
robustness is not configured, then the value used on the interface is the value specified in the
globally scoped startup‐query‐count. If no globally scoped startup‐query‐count is configured,
then the value used on the interface is the value of the globally scoped robustness. Finally, if no
globally scoped robustness is configured, then the value used on the interface is 2.

Examples
The following example configures the globally scoped Startup Query Count to be 4:
matrix-x(router-config)# ip igmp startup-query-count 4

In the following example, the globally scoped Robustness value is configured to be 4. The
no ip igmp startup‐query‐count for interface ge.4.2 implies that the globally scoped Robustness
value of 4 will be used on that interface.
matrix-x(router-config)# ip igmp robustness 4
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# no ip igmp startup-query-count

ip igmp startup-query-interval
This command specifies the time between successive General Query messages on startup.

Syntax
ip igmp startup-query-interval deciseconds

no ip igmp startup-query-interval

Parameters
deciseconds A number in tenths of a second between 10 and 317440.

Mode
Router Global Configuration.

Usage
This command specifies the file to receive tracing information for all IGMP events. The specific
events that are traced are controlled by the trace flag command. The trace file command is also
associated with each protocol, so that data pertaining to a single protocol can be written to its own
file.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
The no form of this command disables tracing after it has been enabled.
Command options are governed by the following rules:
• The max‐size option specifies a maximum size of the trace file which can be specified in bytes.
When the maximum file size is reached, the file is closed and renamed to fname.0, then fname.1,
and so on, until the maximum number of files specified by the max‐files option is reached.
• The max‐files option specifies the maximum number of files allowed in the specified
directory with a default of 2,147,483,648 files.
• The no‐timestamp option disables the pre‐pending of a timestamp to all lines written to the
trace file.
• The overwrite option specifies whether to start tracing by truncating or appending to an
existing file.
These options are not cumulative across multiple commands. Consider the following example:
matrix-x(router-config)# ip igmp trace file igmp.log no-timestamp
matrix-x(router-config)# ip igmp trace file igmp.log max-files 10

The option given in the second command completely replaces that given in the first. In order to
specify both no‐timestamp and max‐files 10, they must be entered on the same line as follows:
matrix-x(router-config)# ip igmp trace file igmp.log max-files 10 no-timestamp

Example
In the following example, IGMP tracing is written to the file igmp.log. The maximum size of the file
is configured to be 1024 bytes.
matrix-x(router-config)# ip igmp trace file igmp max-size 1024

Matrix X Router Command Line Interface Reference Guide 32-29

Router-Level IGMP Commands

ip igmp trace flag

This command specifies IGMP‐specific tracing options as well as options that are common across
all protocols.

Syntax
ip igmp trace flag {route | normal | state | policy | task | timer | all} | {query
| report | leave | packets [send | receive | send-receive] [detail]}

no ip igmp trace flag {route | normal | state | policy | task | timer | all} |
{query | report | leave | packets [send | receive | send-receive] [detail]}

Parameters
The following tracing flags are common to all protocols. They cannot be associated with a send,
receive, or send‐receive action item. Similarly, you cannot specify to show detailed data when
tracing these flags:
route Trace routing table changes for routes installed by this protocol or peer.
normal Trace normal protocol occurrences. Note: Abnormal protocol occurrences are
always traced.
state Trace state machine transition in the protocol.
policy Trace the application of protocol and user‐specified policy to routes being
imported or exported.
task Trace system interface and processing associated with this protocol.
timer Trace timer usage by this protocol.
all Turns on all trace flags.
The following IGMP‐specific flags can be associated with send, receive, or send‐receive action:
leave Trace all IGMPv3 Leave messages
query Trace IGMPv3 Membership Query messages
report Trace IGMPv3 Membership Report messages
packets Trace all IGMPv3 packets
These optional action items specify whether to limit the tracing to packets as follows:
send Optionally specify to limit tracing for packets sent.
receive Optionally specify to limit tracing for packets received.
send‐receive Optionally specify to limit tracing for packets sent and received.
detail Optionally specify to use a more verbose format when displaying information
about the contents of packets instead of one or two lines.

Defaults
The default is for no flags to be explicitly configured.

Mode
Router Global Configuration.

32-30 IGMP Commands

Router-Level IGMP Commands

Usage
Use the ip igmp trace flag command to specify tracing flags for IGMP tracing. Each flag must
reside on its own configuration line. For example, you cannot specify to trace both query and
leave packets in the same command.

Example
In the following example, trace flags specify that both the sent and received query and report
messages are traced in detail. This tracing information will be written to the file /var/trace/igmp.log.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
matrix-x(router-config)# ip igmp trace file igmp max-size 1024k
matrix-x(router-config)# ip igmp trace flag query send-receive detail
matrix-x(router-config)# ip igmp trace flag report send-receive detail

ip igmp version
This command specifies the version of IGMP to run.

Syntax
ip igmp version [ 1 | 2 | 3 ]

no ip igmp version

Parameters
1|2|3 Specifies whether to run version 1, version 2, or version 3 of IGMP.

Defaults
Version 3.

Mode
Router Interface Configuration.

Usage
Use the ip igmp version configuration to specify the version of IGMP that you want to run on the
interface.

Note: If IGMP is enabled for both routing and switching on a routed VLAN interface, this parameter
must also be configured for the same value at Layer 2 (with the set igmp config command).

Example
The following example configures IGMP version 2 to run on interface ge.4.2:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip igmp version 2

Matrix X Router Command Line Interface Reference Guide 32-31

Router-Level IGMP Commands

show ip igmp groups

This command displays IGMP information regarding multicast group membership.

Syntax
show ip igmp groups [group-name] [group-address] [interface {ipv4_addr |
port-string}] [detail]

Parameters
group name (Optional) The name of the multicast group, as defined in DNS host table.
group‐address (Optional) The IPv4 address of the multicast group in dotted‐quad format.
interface ipv4_addr (Optional) The interface keyword along with either an IPv4 address
| port‐string (logical interface) or a port‐string (physical interface).
detail (Optional) Displays IGMPv3 style group information and source
information. Otherwise, IGMPv2 style group information is given.

Defaults
If no group is specified, information about all groups is displayed.
If detail is not specified, IGMPv2 style group information is displayed.

Mode
Router Privileged EXEC.

Usage
Use show ip igmp groups to obtain IGMP information regarding multicast group membership.
Queries can be submitted in multiple forms, as shown in the examples that follow. If a query is
issued without specifying a group, then group membership information for all groups that are
connected to this router will be returned. Alternatively, a query can be issued with the name of the
multicast group, the IPv4 address of the multicast group, and/or the interface specified, with or
without the detail option. If detail is specified, the response will contain IGMPv3 specific
information, including the group mode and other source information.

Examples
The following example queries information pertaining to IGMP or all groups on all interfaces:
matrix-x(router-exec)# show ip igmp groups
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter
224.1.1.1 ge.4.2 00:00:32 00:01:32 10.2.25.159
224.1.1.1 ge.4.5 00:00:33 00:01:33 10.2.12.31
224.1.1.2 ge.4.5 00:00:32 00:01:32 10.2.12.31
224.1.1.3 ge.4.2 00:00:31 00:01:31 10.2.25.159

The following example is a query for group information pertaining to IGMP for multicast group
224.1.1.1:
matrix-x(router-exec)# show ip igmp groups 224.1.1.1
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter

32-32 IGMP Commands

Router-Level IGMP Commands

224.1.1.1 fxp1 00:01:30 00:02:30 10.2.25.159

224.1.1.1 fxp0 00:01:31 00:02:31 10.2.12.31

The following query requests group information pertaining to IGMP for interface ge.4.2.
matrix-x(router-exec)# show ip igmp groups interface ge.4.2
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter
224.1.1.1 ge.4.2 00:02:20 00:03:20 10.2.12.31
224.1.1.2 ge.4.2 00:02:19 00:03:19 10.2.12.31

The following query is a request for group information pertaining to group 224.1.1.1 on interface
ge.4.2.
matrix-x(router-exec)# show ip igmp groups 224.1.1.1 interface ge.4.2
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter
224.1.1.1 ge.4.2 00:02:57 00:03:57 10.2.12.31

The following example is a query for group information pertaining to IGMP in detail for all
groups on all interfaces.
matrix-x(router-exec)# show ip igmp groups detail
IGMP connected Group Membership
Interface: ge.4.2 (192.168.11.1)
Group: 224.1.1.1
Uptime: 00:00:34
Expires: 00:00:40
Last reporter: 192.168.11.2
Last-member-query-counter: 1
Last-member-query-timer-expiry: off
Group mode: EXCLUDE
Version1-host-present-timer-expiry: 00:00:20
Version2-host-present-timer-expiry: off
Source list is empty
Interface: ge.4.3 (192.168.12.1)
Group: 224.2.2.2
Uptime: 00:00:34
Expires: 00:00:40
Last reporter: 192.168.12.2
Last-member-query-timer-expiry: off
Group mode: EXCLUDE
Version1-host-present-timer-expiry: 00:00:20
Version2-host-present-timer-expiry: off
Source list is empty
Interface: ge.4.4 (192.168.13.1)
Group: 224.3.3.3
Uptime: 00:00:34
Expires: 00:00:40
Last reporter: 192.168.13.2
Last-member-query-counter: 0
Last-member-query-timer-expiry: off
Group mode: INCLUDE
Version1-host-present-timer-expiry: 00:00:20
Version2-host-present-timer-expiry: off
Source list:
Source: 10.1.1.1

Matrix X Router Command Line Interface Reference Guide 32-33

Router-Level IGMP Commands

Uptime: 00:00:34
Expires: 00:00:40
Last reporter: 192.168.13.2
Last-member-query-counter: 0
Last-member-query-timer-expiry: off
Source: 10.11.11.11
Uptime: 00:00:34
Expires: 00:00:40
Last reporter: 192.168.13.2
Last-member-query-counter: 1
Last-member-query-timer-expiry: 00:00:05

In the following example, group information pertaining to group 224.1.1.1 on interface eth3, in
detail, is requested.
matrix-x(router-exec)# show ip igmp groups 224.1.1.1 interface eth3 detail
IGMP connected Group Membership
Interface: Ethernet0?1 (192.168.13.)
Group: 224.1.1.1
Uptime: 00:00:34
Expires: 00:00:40
Last reporter: 192.168.13.2
Last-member-query-counter: 0
Last-member-query-timer-expiry: off
Group mode: INCLUDE
Version1-host-present-timer-expiry: 00:00:20
Version2-host-present-timer-expiry: off
Source list
Source: 10.3.3.3
Uptime: 00:00:34
Expires: 00:00:40
Last reporter: 192.168.13.2
Last-member-query-counter: 0
last-member-query-timer-expiry: off
Source: 10.33.33.33
Uptime: 00:00:34
Expires: 00:00:40
Last reporter: 192.168.13.2
Last-member-query-counter: 1
Last-member-query-timer-expiry: 00:00:02

In the following example, group information in details pertaining to group 224.1.1.1 on interface
eth3 is requested. The response indicates that IGMP is not running on the router.
matrix-x(router-exec)# show ip igmp groups 224.1.1.1 interface eth3 detail
IGMP is not running.
The following table describes the fields that appear in the IGMP Group Information Query.

Field Description

Group The IPv4 address of the multicast group

Interface The interface through which the group has been joined

Uptime The length of time, in hours, minutes, and seconds, that this
multicast group has been learned

32-34 IGMP Commands

Router-Level IGMP Commands

Field Description

Expires The length of time, in hours, minutes, and seconds, until the entry
is to be removed from the group table

Last Reporter The last host that reported being a member of the multicast group

Last-member-query-counter The remaining number of group-specific or group-and-source

specific queries to be sent over the interface for the group or
source
Last-member-query-timer-expiry The length of time in hours, minutes, and seconds until the next
group-specific or group-and-source specific query is to be sent

Group mode The router filter mode for the group

Version1-host-present-timer-expiry The length of time in hours, minutes, and seconds until the Version
1 Host Present Timer will expire

Version2-host-present-timer-expiry The length of time in hours, minutes, and seconds until the Version
2 Host Present Timer will expire

Source The IPv4 address of the source

show ip igmp interface

This command displays multicast‐related information about a specific interface or all interfaces.

Syntax
show ip igmp interface [port-string | ipv4_address]

Parameters
port‐string (Optional) Display data about the specified physical interface.
ipv4_address (Optional) Display data about the specified logical interface address.

Defaults
None.

Mode
Router Privileged EXEC.

Usage
The show ip igmp interface query displays multicast‐related information about a specific
interface or all interfaces.
This query has two forms. If the query is issued without arguments, then information on about all
interfaces over which IGMP is running is returned. Alternatively, the query can be issued with a
specific interface. If this is the case, then the reply will contain information pertaining only to that
referenced interface.
Note that if interfaces are added to the set of interfaces over which IGMP is running after this
query has been issued but before the query is finished, it is not guaranteed that the new interfaces

Matrix X Router Command Line Interface Reference Guide 32-35

Router-Level IGMP Commands

will be reported. Similarly, if IGMP is de‐configured on an interface after the query has been
issued but before the query is finished, then the interface may or may not be reported.

Examples
The following example displays interface information for all interfaces on which IGMP is running:
matrix-x(router-exec)# show ip igmp interface
ge.4.2 is up
Internet address: 10.129.10.26/9
IGMP on this interface: disabled
Multicast routing on this interface: disabled
Multicast TTL threshold: 0
Multicast groups joined: 0
ge.4.3 is up
Internet address: 192.168.11.1/24
IGMP on this interface: enabled
Current IGMP router version: 2
IGMP query interval: 60 seconds
IGMP max query response time: 10 seconds
Last member query response interval: 1000 ms
IGMP activity: 1 joins, 0 leaves
Multicast routing on this interface: enabled
Multicast TTL threshold: 0
Multicast designated router (DR): 192.168.11.1 (this
system)
IGMP Querier: 192.168.11.1 (this system)
Robustness: 2
Require-router-alert: no
Last-member-query-interval: 30 deciseconds
Startup-query-interval: 300 deciseconds
Startup-query-count: 2
General-query-timer-expiry: 00:00:20 (hours:minutes:
seconds)
Startup-query-timer-expiry: off
Other-querier-present-timer-expiry: off
Multicast groups joined (number of users):
224.0.0.2(1)
224.1.1.1(1)
ge.4.4 is up
Internet address: 192.168.12.1/24
IGMP on this interface: enabled
Current IGMP router version: 3
IGMP query interval: 125 seconds
IGMP max query response time: 10 seconds
Last member query response interval: 1000 ms
IGMP activity: 1 joins, 0 leaves
Multicast routing on this interface: enabled
Multicast TTL threshold: 0
Multicast designated router (DR): 1922.168.12.1 (this
system)
IGMP Querier: 129.168.12.1 (this system)
Robustness: 2
Require-router-alert: no
Last-member-query-interval: 30 deciseconds
Startup-query-interval: 300 deciseconds
Startup-query-count: 2
General-query-timer-expiry: 00:00:20 (hours:minutes:

32-36 IGMP Commands

Router-Level IGMP Commands

seconds)
Startup-query-timer-expiry: off
Other-querier-present-timer-expiry: off
Multicast groups joined (number of users):
224.0.0.2(1)
224.2.2.2(1)

In the following example, a query is issued for interface ge.4.3 only. The reply indicates that IGMP
is running on this interface, and it has two groups joined.
matrix-x(router-exec)# show ip igmp interface ge.4.3
ge.4.3 is up
Internet address: 192.168.11.1/24
IGMP on this interface: enabled
Current IGMP router version: 2
IGMP query interval: 60 seconds
IGMP max query response time: 10 seconds
Last member query response interval 1000 ms
IGMP activity: 1 joins, 0 leaves
Multicast routing on this interface: enabled
Multicast TTL threshold: 0
Multicast designated router (DR): 192.168.11.1 (this
system)
IGMP Querier: 192.168.11.1
Robustness: 2
Require-router-alert: no
Last-member-query-interval: 30 deciseconds
Startup-query-interval: 300 deciseconds
Startup-query-count: 2
General-query-timer-expiry: 00:00:20 (hours:minutes:
seconds)
Startup-query-timer-expiry: off
Other-querier-present-timer-expiry: off
Multicast groups joined (number of users)
224.0.0.2(1)
224.1.1.1(1)

In the following example, a query is issued for interface ge.4.4 only. The reply indicates that IGMP
is not running on the router:
matrix-x(router-exec)# show ip igmp interface ge.4.4
IGMP is not running
The following table describes the fields that appear in the IGMP Interface Information Query.

Field Description

Ethernet0/1 is up, line protocol is up Interface type, number, and status

Internet address The IPv4 address of the interface

IGMP is enabled on interface Shows whether IGMP is enabled on an interface

Current IGMP router version IGMP router version

IGMP query interval Query interval in seconds

IGMP robustness Robustness value

IGMP max query response interval Query Response Interval in seconds

Matrix X Router Command Line Interface Reference Guide 32-37

Router-Level IGMP Commands

Field Description

Last member query response interval Last Member Query Response Interval in milliseconds

IGMP activity: joins, leaves Activity statistics showing the number of joins and leaves

Multicast routing on this interface Indicates whether multicast routing is enabled

Multicast TTL threshold The packet time-to-live threshold

Multicast designated router (DR) IPv4 address of the Designated Router

IGMP Querier IPv4 address of the Querier

Robustness Robustness value

Require-router-alert Indicates whether the require-router-alert option is on

Last-member-query-interval Last Member Query interval in deciseconds

Startup-query-interval Startup Query Interval in deciseconds

Startup-query-count Number of General Queries to send during startup

General-query-timer-expiry The length of time, in hours, minutes, and seconds, until

another General Query is sent

Startup-query-timer-expiry The length of time, in hours, minutes, and seconds, until

another General Query is sent during startup

Other-querier-present-timer-expiry The length of time, in hours, minutes, and seconds, until the
Other Querier Present Timer expires

Multicast groups joined (number of users) Group address and number of hosts that joined the group

32-38 IGMP Commands

Router-Level IGMP Commands

show ip igmp interface-summary

This command displays simple summary information pertaining to IGMP interfaces.

Syntax
show ip igmp interface-summary

Parameters
None.

Mode
Router Privileged EXEC.

Usage
Use the show ip igmp interface‐summary command to display the number of interfaces on which
IGMP is running.

Examples
The following example issues an interface summary query. The response indicates that IGMP is
running on five interfaces.
matrix-x(router-exec)# show ip igmp interface-summary
Number of active interfaces: 5

The following example issues an interface summary query on a router on which IGMP is not
running:
matrix-x(router-exec)# show ip igmp interface-summary
IGMP is not running

Matrix X Router Command Line Interface Reference Guide 32-39

Router-Level IGMP Commands

show ip igmp static-groups

This command displays IGMP information regarding multicast static‐group state.

Syntax
show ip igmp static-groups

Parameters
None.

Mode
Router Privileged EXEC.

Usage
Use the show ip igmp static‐groups query to display information about all configured IGMP
multicast static groups.

Example
The following example displays information pertaining to IGMP for all groups on all interfaces:
matrix-x(router-exec)# show ip igmp static-groups
IGMP CONNECTED Static-Group Membership
Group Address Interface Expires Last Reporter
224.1.1.1 ge.4.2 never 0.0.0.0
224.1.1.1 ge.4.3 never 0.0.0.0
224.1.1.2 ge.4.3 never 0.0.0.0
224.1.1.3 ge.4.2 never 0.0.0.0

32-40 IGMP Commands

33
IS-IS Commands

Overview
This chapter describes the Intermediate System to Intermediate System (IS‐IS) set of commands..
The design of an IS‐IS network is based on its initial development as an Open System
Interconnection (OSI) standard. An IS‐IS routing domain contains end systems and intermediate
systems. The two types of systems differ in their ability to handle packets, which IS‐IS refers to as
protocol data units (PDUs). Both end systems and intermediate systems receive and send packets,
however only intermediate systems can forward packets that they did not originate.
IS‐IS groups routers into areas. Routing within an area is called Level 1 routing.
IS‐IS routing makes use of two‐level hierarchical routing, A routing domain is partitioned into
areas. Level 1 routers know the topology in their area, including all routers and end systems in
their area. However, Level 1 routers do not know the identity of routers or destinations outside of
their area. Level 1 routers forward all traffic for destinations outside of their area to a Level 2
router within their area.
Similarly, level 2 routers know the level 2 topology, and know which addresses are reachable via
each Level 2 router. However, Level 2 routers do not need to know the topology within any Level
1 area, except to the extent that a level 2 router may also be a Level 1 router within a single area.
Only Level 2 routers can exchange data packets or routing information directly with external
routers located outside of the routing domains.
Network address connection points are called Network Service Access Points (NSAP). End
systems may have multiple NSAPs. The Matrix X Router implementation of IS‐IS NSAP
addressing uses a format that identifies just the Area and System ID. Use the net command to
configure both Area and System ID using hexadecimal digits. Area = 13 Octets, System ID = 6
Octets.

For information about... Refer to page...

Overview 33-1

Global Configuration Mode IS-IS Command 33-2

Router Mode IS-IS Commands 33-3

IS-IS Interface Commands 33-34

IS-IS Query Commands 33-53

Matrix X Router Command Line Interface Reference Guide 33-1

Global Configuration Mode IS-IS Command

router isis
This command enables IS‐IS on a router.

Syntax
router isis [instance-id]

no router isis [instance-id]

Parameters
instance‐id (Optional) Specifies an instance for which to enter IS‐IS configuration
mode. Valid values are integers between 1 and 4294967294, inclusive.
If no instance id is entered, instance 1 is assumed. Up to 4 concurrent
instances can be configured.

Defaults
• IS‐IS is not enabled by default.
• Default value for instance‐id is 1.

Mode
Global Router Configuration.

Usage
The router isis command to enables IS‐IS on a router. This is the first step in configuring IS‐IS on a
router for a particular instance. If no instance‐id is given, then the value defaults to 1, and
configuration can begin for IS‐IS instance 1.
The negative form of this command, no router isis, turns IS‐IS off for a given instance. If you do
not specify an instance‐id in the negative form then IS‐IS will be turned off for all instances.

Examples
The following example configures instance 123 of IS‐IS and enters configuration scope for that
instance.
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)#

The following example disables IS‐IS on instance 1.

matrix-x(config-router-isis)# no router isis 1
matrix-x(router-config)#

33-2 IS-IS Commands

Router Mode IS-IS Commands

Purpose
These router‐level commands are used to configure IS‐IS instance parameters at the router mode
level, as compared to the physical interface level.

Commands
The following table lists the router mode IS‐IS commands.

For information about... Refer to page...

address-family 33-4

area 33-5

area-md5-key 33-6

area-password 33-8

domain-md5-key 33-9

domain-password 33-11

domain-wide 33-12

enable 33-13

external-preference 33-14

internal-preference 33-15

is-hostname 33-16

is-type 33-17

lsp-buffer-size 33-18

lsp-lifetime 33-19

metric-style 33-20

net 33-21

psnp-interval 33-22

redistribute 33-23

require-snp-authentication 33-24

set-overload-bit 33-25

summary-filter 33-26

summary-originate 33-27

system-id 33-28

trace file 33-29

Matrix X Router Command Line Interface Reference Guide 33-3

Router Mode IS-IS Commands

For information about... Refer to page...

trace flag 33-31

use-multicast-rib 33-33

address-family
This command configures the address families that IS‐IS will route.

Syntax
address-family ipv4

no address-family ipv4

Parameters
ipv4 Enables the IPv4 address family.

Defaults
If the address‐family command is not used, IPv4 is the default address family.

Mode
IS‐IS Router Configuration.

Usage
The address‐family command configures the address families that ISIS will route.
The negative form of this command, no address‐family, restores the default behavior.

Example
The following example enables IPv4 routing.
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# address-family ipv4

33-4 IS-IS Commands

Router Mode IS-IS Commands

area
This command configures an instance of IS‐IS to run in an area.

Syntax
area {d.d.d.d | hh.hhhh.hhhh.hhhh.hhhh.hhhh.hhhh}

no area {d.d.d.d | hh.hhhh.hhhh.hhhh.hhhh.hhhh.hhhh}

Parameters
d.d.d.d Specifies the area as four octets, as in dotted‐quad (IPv4‐like) format. The value
of d is a decimal integer between 0 and 255.
hh.hhhh.hhh Specifies the area in hexadecimal digits, where the value of h is a hex digit
h.hhhh.hhhh between 0 and F. This more general form is variable in length.
.hhhh.hhhh
Each pair of hexadecimal digits is a single octet, and thus an even number of hex
digits must be given. The maximum size is 13 octets (26 hex digits).

Defaults
If area is not specified, the default area address of 00.0000.0000.0000.0000.0000.0000 is assumed.

Mode
IS‐IS Router Configuration.

Usage
The area command configures an instance of IS‐IS to run in an area. Two formats for area IDs are
allowed. One is standard dotted‐quad format, the same as that used in OSPF. The second is a hex
string from one to thirteen hex digits in length. IS‐IS area IDs are thirteen octets in length, and
dotted quad is only four octets in length. Therefore, the hex string format is required to set the
extra nine octets.
Up to three areas can be specified on an IS‐IS instance, and multiple areas can be configured with
one command line.
The negative form of this command deletes the specified area from the list of areas configured on
the router. If the last area is deleted, then the default area is configured.
Note that the net command can be used to set the area and system ID at the same time. However,
because only one system ID is allowed, each time the net command is used, it will change the
system ID of the IS‐IS instance to the new value. It is recommended that the area and systemid
commands be used in place of the net command.

Example
The following example configures areas 1.2.3.4 and 0xab0645f745 in IS‐IS instance 1:
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)# area 1.2.3.4
matrix-x(config-router-isis)# area ab.0645.f745
matrix-x(config-router-isis)# exit
matrix-x(router-config)#

Matrix X Router Command Line Interface Reference Guide 33-5

Router Mode IS-IS Commands

Related Commands
net

area-md5-key
This command configures MD5 authentication on all level‐1 non‐hello packets for an IS‐IS
instance.

Syntax
area-md5-key key [start-accept yyyy-mm-dd.hh.mm] [start-generate yyyy-mm-
dd.hh.mm] [stop-accept yyyy-mm-dd.hh.mm] [stop-generate yyyy-mm-dd.hh.mm]

no area-md5-key key [start-accept yyyy-mm-dd.hh.mm] [start-generate yyyy-mm-

dd.hh.mm] [stop-accept yyyy-mm-dd.hh.mm] [stop-generate yyyy-mm-dd.hh.mm]

Parameters
key A character string of a maximum 64 characters.
start-accept yyyy- (Optional) Specify the start time for accepting MD5 authentication.
mm-dd.hh.mm
start-generate (Optional) Specify the start time for generating MD5 authentication.
yyyy-mm-dd.hh.mm
stop-accept yyyy- (Optional) Specify the stop time for accepting MD5 authentication.
mm-dd.hh.mm
stop-generate (Optional) Specify the stop time for generating MD5 authentication.
yyyy-mm-dd.hh.mm

Note: When configured, the stop and start parameters must be entered alphabetically. For
example, if you first specify a stop-accept time, then alphabetically the only parameter and time
you can additionally specify is stop-generate. Similarly, if you first specify a start-accept time, and
then configure a stop-generate time, then alphabetically there can be no other parameters
configured.

Defaults
If area‐md5‐key is not specified, it is the same as if the user had specified no area md5‐key.

Mode
IS‐IS Router Configuration.

33-6 IS-IS Commands

Router Mode IS-IS Commands

The area‐md5‐key command configures MD5 authentication on all level‐1, non‐hello packets for
an ISIS instance. This command can be given multiple times, each one configuring a different MD5
key. key is required, and each key must be unique.
The negative form of the command, no area‐md5‐key, deletes the given key from the list of keys.
If the last key is deleted, it will disable all level‐1 non‐hello authentication in this instance.
MD5 keys and passwords can coexist nicely. The incoming packet will be authenticated using the
authentication type contained in the packet.

Examples
The following example configures the MD5 key DFG on the instance 1:
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)# area-md5-key DFG

The following example deletes the MD5 key DFG from instance 1. If this is the last key, then the
result will be no authentication for level‐1 non‐hello packets on this interface.
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)# no area-md5-key DFG

The following example configures MD5 authentication for instance 2. The md5 authentication is
configured with a start‐accept time set to January 02, 2004 at 21:00 hours, a start‐generate time set
to January 02, 2004 at 21:30 hours, a stop‐accept time set to January 02, 2004 at 22:00 hours, and a
stop‐generate time set to January 02, 2004 at 21:45 hours.
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# area-md5-key xyz start-accept 2004-01-02.21.00
start-generate 2004-01-02.21.30 stop-accept 2004-01-02.22.00 stop-generate
2004-01-02.21.45
matrix-x(config-router-isis)# exit
matrix-x(router-config)#

Related Commands
area‐password
domain‐md5‐key
domain‐password
isis md5‐key
isis password

Matrix X Router Command Line Interface Reference Guide 33-7

Router Mode IS-IS Commands

area-password
This command configures simple authentication for all non‐hello packets.

Syntax
area-password password

no area-password password

Parameters
password A character string of a maximum 64 characters.

Defaults
If this command is not entered, level‐1 non‐hello password authentication is turned off.

Mode
IS‐IS Router Configuration.

Usage
This command sets the simple level‐1 password for all non‐hello packets. A password must be
given, as a blank password is invalid. The negative form of this command, no area‐password,
turns off level‐1 non‐hello password authentication.
Note that MD5 keys and passwords can coexist nicely. The incoming packet will be authenticated
using the authentication type contained in the packet.

Examples
The following example sets the simple authentication password on all level‐1 non‐hello packets to
be xyz:
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# area-password xyz

The following example turns off authentication on all level‐1 non‐hello packets.
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# no area-password

Related Commands
area‐md5‐key
domain‐md5‐key
domain‐password
isis md5‐key
isis password

33-8 IS-IS Commands

Related Commands
summary‐filter

33-12 IS-IS Commands

Router Mode IS-IS Commands

enable
This command enables an IS‐IS instance.

Syntax
enable

no enable

Parameters
None.

Defaults
An instance is enabled by default.

Mode
IS‐IS Router Configuration.

Usage
The enable command enables the state for the IS‐IS instance. The negative form of this command,
no enable, disables the instance.

Example
The following example disables the IS‐IS instance 3:
matrix-x(router-config)#router isis 3
matrix-x(config-router-isis)# no enable

Matrix X Router Command Line Interface Reference Guide 33-13

Router Mode IS-IS Commands

external-preference
This command configures the preference on IS‐IS external routes for an instance.

Syntax
external-preference pref

no external-preference [pref]

Parameters
pref An integer from 1 to 254 inclusive.
This parameter is optional with the no form of the command, because specifying a
preference value in the no form has no effect on the configuration.

Defaults
If no external preference is specified, the default preference is 151.

Mode
IS‐IS Router Configuration.

Usage
The external‐preference command configures the preference on IS‐IS external routes for this
instance, relative to other instances and routing protocols. A lower preference value wins. An IS‐IS
route is external when it is exported into an IS‐IS instance using narrow‐metrics, via a route‐map
that has external reachability set. Wide‐metrics are always of type internal.
The negative form of this command, no external‐preference, resets the external preference to the
default value. Specifying a value for pref in the no form has no effect on the configuration. Thus, it
is displayed above as optional.

Example
The following example configures an external preference of 40 for instance 3:
matrix-x(router-config)# router isis 3
matrix-x(config-router-isis)# external-preference 40

Related Commands
internal‐preference

33-14 IS-IS Commands

Router Mode IS-IS Commands

internal-preference
This command configures the preference on IS‐IS internal routes for an instance.

Syntax
internal-preference pref

no internal-preference [pref]

Defaults
If no internal preference is specified, the default preference value is 11.

Mode
IS‐IS Router Configuration.

Usage
The internal‐preference command configures the preference on IS‐IS internal routes for this
instance, relative to other instances and routing protocols. A lower preference value wins. An IS‐IS
route is internal when it is exported into an IS‐IS instance using narrow‐metrics via a route‐map
that has internal reachability set, when it is exported into IS‐IS using wide‐metrics, or when it is
generated internal to IS‐IS.
The negative form of this command, no internal‐preference, resets the internal preference to the
default value. Specifying a value for pref in the no form has no effect on the configuration. Thus, it
is displayed above as optional.

Example
The following example configures an internal preference of 45 for instance 2:
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# internal-preference 45

Related Commands
external‐preference

Matrix X Router Command Line Interface Reference Guide 33-15

Router Mode IS-IS Commands

is-hostname
This command configures the RFC 2763 Dynamic Hostname for an IS‐IS instance.

Syntax
is-hostname name

no is-hostname name

Syntax
lsp-lifetime seconds

no lsp-lifetime [seconds]

Parameters
seconds Specifies the maximum age of an LSP, ranging from 1 to9000 seconds.
This parameter is optional with the no form of the command, because specifying a
lifetime value in the no form has no effect on the configuration.

Defaults
If this command is not used, the default lifetime is 1200 seconds.

Mode
IS‐IS Router Configuration.

Usage
The negative form of this command, no lsp‐lifetime, removes the configured seconds value.
Specifying a value for seconds in the no form has no effect on the configuration. Thus, it is
displayed above as optional.

Example
The following example configures the maximum LSP age to be 2400 seconds:
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)#lsp-lifetime 2400

Matrix X Router Command Line Interface Reference Guide 33-19

Router Mode IS-IS Commands

metric-style
This command specifies whether the router should originate extended (wide) metrics in the Link
State Packets (LSPs) and/or whether the router should originate metrics in the normal IS
Neighbors Type Length Value (TLV).

Syntax
metric-style {[narrow] | wide | transition}

no metric-style [narrow | wide | transition]

Parameters
narrow Enables transmission and processing of normal IS‐IS metrics.
This is the default style; therefore, specifying it is optional.
wide Enables transmission and processing of extended metrics.
transition Enables both wide and narrow metrics.

Defaults
If this command is not used, the default metric style is narrow.

Mode
IS‐IS Router Configuration.

Usage
The metric‐style command configures the type of metrics that an instance will use for IPv4
reachability. The two types of metrics are narrow (RFC 1195) and wide (RFC‐3784). Transition
metrics will send and receive both types of metrics. If the narrow or transition style is configured
with this command, then a metric value greater than 63 (configured with the isis metric
command) will disable the circuit.
Care should be taken that all ISs that receive an LSP from this instance accept the same type of
metrics. For example, if narrow is specified for an instance, then all other ISs must use either
narrow or transition.
The negative form of this command, no metric‐style, turns off the configured metric style and
returns to the default value. Note that specifying a metric style in the no form has no effect on the
configuration. Thus it is displayed in the syntax as optional.

Example
The following example configures instance 2 to use only wide metrics:
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# metric-style wide

33-20 IS-IS Commands

Router Mode IS-IS Commands

net
This command provides an alternate method for configuring the area and system ID of an IS.

Syntax
net HH.HHHH.HHHH.HHHH.HHHH.HHHH.HHHH.HHHH.HHHH.HHHH

no net HH.HHHH.HHHH.HHHH.HHHH.HHHH.HHHH.HHHH.HHHH.HHHH

Parameters
HH.HHHH.HHHH.HHHH. The Network Entity Title (NET). This is a combination of one to thirteen
HHHH.HHHH.HHHH.HHH octets of area followed by six octets of a system ID.
H.HHHH.HHHH

Defaults
The default area is 0. The default system ID is the configured router ID, or if no configured router
ID exists, the lowest loopback interface IP address. If no loopback interfaces are configured, then
the lowest interface IP address is used. If no interfaces are configured, then 127.0.0.1 is used as the
router ID. See the section, “router id,” on page 23‐2 for more information.

Mode
IS‐IS Router Configuration.

Usage
The net command provides an alternative method of configuring the area and system ID of an IS.
The Network Entity Title (NET) is a combination of from one to thirteen octets for the area
followed by six octets for the system ID. An IS is allowed to have up to three areas but only one
system ID. This command can be given up to three times, with the system ID portion of the NET
overriding the previous system ID settings.

Note: It is recommended that you use the system-id and area commands in place of the net
command whenever possible.

The negative form of this command, no net, deletes the given NET from the list of NETs assigned
to an instance. Note that the NET must be specified in the no form. If all NETs are deleted, then the
default area and system ID is used.

Examples
The following example sets the given NET for instance 1. The values correspond to area 1, system
ID 10.131.10.26. This then adds area 1 to the list of areas, and sets the system ID to 10.131.10.26.
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)# net 00.0000.0000.0001.0000.0a83.0a1a

This example removes the NET configured in Example 1 from the list of NETs on instance 1:
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)# no net 00.0000.0000.0001.0000.0a83.0a1a

Matrix X Router Command Line Interface Reference Guide 33-21

Router Mode IS-IS Commands

Related Commands
area
system‐id

psnp-interval
This command configures the rate of Partial Sequence Number (PSN) transmission.

Syntax
psnp-interval time-seconds

no psnp-interval [time-seconds]

Parameters
time‐seconds An integer from 1 to 300 specifying the rate in seconds.

Defaults
2 seconds.

Mode
IS‐IS Router Configuration.

Usage
On point‐to‐point links, PSN packets are used to acknowledge receipt of Link State Packets (LSPs.)
If an LSP is received, but a PSN acknowledgement is not sent, the LSP will be retransmitted by the
sending router. We recommend that the value of PSN interval be set to smaller than the value of
the isis retransmit‐interval parameter.
On broadcast links, non‐Designated Intermediate System (DIS) circuits use PSN packets to request
newer LSPs that have been advertised by the DIS in CSN packets. Refer to the isis csnp‐interval
parameter for more description of CSN packets.
On both point‐to‐point interfaces and broadcast interfaces, the PSN interval is used to delay the
send of PSNs in order to batch up more LSPs in a single PSN. This reduces Network traffic.
The negative form of this command, no psnp‐interval, removes the configured time‐seconds value
and returns this to its default value of 2 seconds. Specifying a value for time‐seconds in the no form
has no effect on the configuration.

Example
The following example configures the PSN interval for instance 2 to be 5 seconds. The retransmit
interval on interface ge.4.3 is then configured to be 10 seconds for the same instance. Note that this
configuration assumes that interface ge.4.3 is a point‐to‐point interface.
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# psnp-interval 5
matrix-x(config-router-isis)# exit
matrix-x(router-config)# interface ge.4.3
matrix-x(config-router-if-gw.4.3)# isis retransmit-interval 10 2

33-22 IS-IS Commands

Router Mode IS-IS Commands

Related Commands
isis csnp‐interval
isis retransmit‐interval

redistribute
This command onfigures basic export from a specified protocol into an IS‐IS instance.

Syntax
redistribute protocol [route-map rmname]

no redistribute protocol [route-map rmname]

Parameters
protocol Specifies the source protocol from which the routes will be exported
into an IS‐IS instance. Valid values include aggregate, bgp, direct, isis,
kernel, ospf, ospf‐ase, ospf3, rip, ripng, and static.
route‐map rmname (Optional) Specifies the name of a route map.

Defaults
The default is not to redistribute into IS‐IS. If redistribute is specified, then the default level is 2
and the metric type is internal. Use a route map to change the level or metric type from the
defaults.

Mode
IS‐IS Router Configuration.

Usage
The redistribute command configures basic export from the given protocol into an IS‐IS instance
using the given route map.
The protocol parameter indicates the protocol from which the routes will be redistributed into an
IS‐IS instance.
The metric type that routes from other protocols receive when they are exported into IS‐IS can be
set with a route map. IS‐IS has two distinct metric types, internal and external. Routes with
internal metrics are preferred over routes with external metrics at the same level. Interface metrics
advertised by the IS are considered internal. If the exported route will have a metric compatible
with the interface metrics, it should be exported with metric type internal. If the metric is not
compatible with interface metrics, it should be exported with metric type external.
In any case, routes originating in level 1 are always preferred over level 2, and routes originating
in level 2 are always preferred over routes being summarized back into level 1. Note that the same
route originated in IS‐IS (that is, an interface route) and exported into IS‐IS with internal metric
will be directly compared. The exported version could be preferred to the originated version if the
cost is less.

Matrix X Router Command Line Interface Reference Guide 33-23

Router Mode IS-IS Commands

The level into which routes from other protocols are injected can also be set with a route map.
Exporting routes into level 1 is not strictly standard. However, most implementations of IS‐IS
support it.
The negative form of this command, no redistribute, removes the specified export.

Example
This example exports static routes into IS‐IS instance 1:
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)# redistribute static

require-snp-authentication
This command sets the IS‐IS instance to require Sequence Number packets (SNP) authentication.

Syntax
require-snp-authentication

Parameters
ipv4 Specify the IPv4 address family.
ip_address A valid IPv4 address in dotted‐quad format.
masklength An integer from 0 to 32, inclusive for IPv4 addresses.
cost | restrict Specify the cost at which those summary routes are advertised or use
restrict to specify that neither the route nor the range will be advertised
into level 2.

Defaults
The default is to pass all level 1 routes up to level 2 for a level‐1‐2 router.

Mode
IS‐IS Router Configuration.

Usage
The summary‐originate command configures ranges of summary for routes passed up from level
1 to level 2. This command only has an effect if the current instance is level‐1‐2, and the specified
address family is enabled.
If a level 1 route matches the given range, it will not be advertised into level 2, but rather the range
will be advertised with the given cost. If restrict is given instead of the cost, then neither the route
nor the range will be advertised into level 2.
The negative form of this command, no summary‐originate, deletes the given range from the set
of ranges associated with the instance.

Examples
The following example adds a range for 10/8 to IS‐IS instance 1. Any level 1 routes that match this
range will cause a route of 10/8 with a metric of 1 to be advertised into level 2.
matrix-x(router-config)# router isis 1
matrix-x(config-router-isis)#address-family ipv4
matrix-x(config-router-isis)# summary-originate ipv4 10.0.0.0 8 1
The following example deletes the restrict range 192.168/16 from instance 2. (This assumes that the
restricted range had previously been configured.) Individual routes in this range will now be
passed up to level 2.
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# address-family ipv4
matrix-x(config-router-isis)# no summary-originate ipv4 192.168.0.0 16 restrict

Matrix X Router Command Line Interface Reference Guide 33-27

Router Mode IS-IS Commands

system-id
This command configures the router’s system ID.

Syntax
system-id {d.d.d.d | HHHH.HHHH.HHHH}

no system-id

Parameters
d.d.d.d A decimal number from 0 to 255, in dotted‐quad format.
HHHH.HHHH.HHHH A string of 3 to 12 hexadecimal digits (from 0 to F).

Defaults
The default system ID for an IS‐IS instance is the configured router ID, or if no configured router
ID exists, the lowest loopback interface IP address. If no loopback interfaces are configured, then
the lowest interface IP address is used. If no interfaces are configured, then 127.0.0.1 is used as the
router ID. See the section, “router id,” on page 23‐2 for more information.

Mode
IS‐IS Router Configuration.

Usage
The system‐id command configures the system ID for the current instance. Two formats for the
system ID are allowed. One is standard dotted‐quad format, the same as is used in OSPF. The
second is a hex string from 3 to 12 hex digits (1‐6 octets) in length.
ISIS system IDs are 6 octets in length, and dotted quad is only 4 octets in length, so the hex string
format is required to set the extra 2 octets. The net command can be used to set the area ID and
system ID at the same time. It is recommended that area and system‐id commands be used in
place of the net command.
The negative form of this command, no system‐id, will return the system ID to its default value of
the router ID on the system.

Example
The following example configures the system ID for IS‐IS instance 3 to be 1.2.3.4 (0000.0403.0201):
matrix-x(router-config)# router isis 3
matrix-x(config-router-isis)# system-id 1.2.3.4

Related Commands
area
net

33-28 IS-IS Commands

Router Mode IS-IS Commands

trace file
This command specifies the file to receive tracing information, the size of the file, whether to
overwrite existing files, and the maximum number of files allowed.

Syntax
trace file file_name {max-size file_size [M | m | K | k]} {max-files num_files}
[no-timestamp] [overwrite]

no trace file file_name {max-size file_size [M | m | K | k]} {max-files num_files}

[no-timestamp] [overwrite]

Parameters
file_name The name of the file to receive the tracing information. Note that the file
name is not specified in quotes.
max‐size file_size (Optional) Maximum file size in bytes (by default) or megabytes or
[M|m|K|k] kilobytes, ranging from 10K to 4,095,000,000 bytes. Notice that there is no
space between the file_size parameter and the unit type.
M and m both specify megabytes. K and k both specify kilobytes. If no
unit type is entered, bytes is assumed.
If no maximum file size is specified, the default is “unlimited.” The size
of a trace file is limited by the file system on which the trace file resides.
max‐files num_files (Optional) Maximum number of files allowed in the directory, ranging
from 2 to 4,294,967,294.
If no maximum number of files is specified, the default is 4,294,967,294.
no‐timestamp (Optional) A timestamp should not be prepended to all trace lines. The
default is to prepend a timestamp to all lines written to a trace file.
overwrite (Optional) Begin tracing by overwriting, or truncating, an existing file.
The default is to append to an existing file.

Defaults
Tracing is disabled by default. If this command is entered, the following defaults apply:
• max‐size file_size: Unlimited. The size of a trace file is limited by the file system on which the
trace file resides.
• max‐files num_files: 4,294,967,294 files
• no‐timestamp: Prepend a timestamp to all lines written to a trace file
• overwrite: Append to an existing file

Mode
IS‐IS Router Configuration.

Matrix X Router Command Line Interface Reference Guide 33-29

Router Mode IS-IS Commands

Usage
This command specifies the file to receive tracing information for all IS‐IS events. The specific
events that are traced are controlled by the trace flag command. The trace file command is also
associated with each protocol, so that data pertaining to a single protocol can be written to its own
file.
The no form of this command disables tracing.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
Command options are governed by the following rules:
• The max‐size option specifies a maximum size of the trace file which can be specified in
megabytes by giving ‘M’ or ‘m’ (without a leading space), or it can be specified in kilobytes by
giving ʹKʹ or ʹkʹ. If you specify no units, the size is assumed to be in bytes. When the maximum
file size is reached, the file is closed and renamed to fname.0, then fname.1, and so on, until the
maximum number of files specified by the max‐files option is reached.
• The max‐files option specifies the maximum number of files allowed in the specified
directory with a default of 4,294,967,294 files.
• The no‐timestamp option disables the pre‐pending of a timestamp to all lines written to the
trace file.
• The overwrite option specifies whether to start tracing by truncating or appending to an
existing file.
These options are not cumulative across multiple commands. Consider the following example:
matrix-x(router-isis)# trace file isis no-timestamp
matrix-x(router-isis)# trace file isis max-files 10

The option given in the second command completely replaces that given in the first. In order to
specify both no‐timestamp and max‐files 10, they must be entered on the same line as follows:
matrix-x(router-isis)# trace file isis max-files 10 no-timestamp

Example
In the following example, IS‐IS tracing is written to the file /var/trace/isis.log. The maximum size of
the file is configured to be 1024 KB, and the maximum number of files permitted is 3. When the file
reaches 1 megabyte in size (the maximum size in this configuration), the file is renamed to
isis.log.0, and isis.log is re‐created. This continues until four log files exist (the maximum allowed
in this configuration). No timestamp will display at the beginning of the trace lines.
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# trace file isis.log max-size 1024k max-files 4
no-timestamp

33-30 IS-IS Commands

IS-IS Interface Commands

Purpose
These router commands are used to configure IS‐IS instance parameters at the physical interface
level, as compared to the router mode level.

Commands
The following table lists the interface configuration mode IS‐IS commands.

For information about... Refer to page...

ip router isis 33-35

isis circuit-type 33-36

isis csnp-interval 33-37

isis dis-hello-interval 33-38

isis hello-interval 33-39

isis hello-multiplier 33-40

isis lsp-interval 33-41

isis max-burst 33-42

isis md5-key 33-43

isis mesh-group 33-45

isis metric 33-46

isis passive 33-47

isis password 33-48

isis periodic-csn 33-49

isis priority 33-50

isis restart-hello-interval 33-51

isis retransmit-interval 33-52

33-34 IS-IS Commands

IS-IS Interface Commands

ip router isis
This command enables an IS‐IS instance on an interface.

Syntax
ip router isis instance-id

no ip router isis instance-id

Parameters
instance‐id An integer between 1 and 4294967294.
When enabling an instance on an interface, this parameter is optional. The value
defaults to 1 if instance‐id is not entered.
When disabling an instance on an interface, this parameter must be entered.

Defaults
IS‐IS is not explicitly configured on an interface by default.

Mode
Router Interface Configuration.

Usage
The ip router isis command enables the given IS‐IS instance on an interface. If no instance‐id is
given, then the value defaults to 1.
The negative form of this command disables the given IS‐IS instance on the interface.

Example
The following example configures preference values for IS‐IS instance 2. It then configures that
instance on interface ge.4.2.
matrix-x(router-config)# router isis 2
matrix-x(config-router-isis)# external-preference 40
matrix-x(config-router-isis)# internal-preference 45
matrix-x(config-router-isis)# exit
matrix-x(router-config)# interface ge.4.2
matrix-x(config-config-if-ge.4.2)# ip router isis 2

Matrix X Router Command Line Interface Reference Guide 33-35

IS-IS Interface Commands

isis circuit-type
This command sets the level that a given IS‐IS instance will run on an interface.

Syntax
isis circuit-type {level-1 | level-1-2 | level-2} [instance-id]

no isis circuit-type {level-1 | level-1-2 | level-2} [instance-id]

Parameters
level‐1 IS‐IS will run at level 1.
level‐1‐2 IS‐IS will run at level 1 and at level 2. This is the default value.
level‐2 IS‐IS will run at level 2.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Defaults
If this command is not specified, an IS‐IS instance on an interface will run at level 1 and level 2.

Mode
Router Interface Configuration.

Usage
The isis circuit‐type command configures the level that a given ISIS instance will run on an
interface. The negative form of this command sets the instance to run on the default level.
Note that the instance will not run on the interface unless ip router isis has been configured on
that interface.

Examples
The following example configures IS‐IS to run at level 1 for instance 3 on interface ge.4.2.
matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# ip router isis 3
matrix-x(config-router-if-ge.4.2)# isis circuit-type level-1 3

The following example returns the circuit type in Example 1 to its default value. Note: The
optional instance ID is not specified. This assumes that no other IS‐IS instances have circuit‐type
configurations on interface ge.4.2.
matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# no isis circuit-type

33-36 IS-IS Commands

IS-IS Interface Commands

isis csnp-interval
This command sets the Complete Sequence Number (CSN) packet interval for a given instance at
a specified level.

Syntax
isis csnp-interval time-seconds {level-1 | level-1-2 | level-2} [instance-id]

no isis csnp-interval [time-seconds] {level-1 | level-1-2 | level-2} [instance-id]

Parameters
time‐seconds An integer between 1 and 300 that specifies the interval in seconds.
level‐1 (Optional) IS‐IS will run at level 1.
level‐1‐2 (Optional) IS‐IS will run at level 1 and at level 2.
level‐2 (Optional) IS‐IS will run at level 2.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer between 1
and 4294967294. This value defaults to 1 if it is not specified.

Defaults
If this command is not specified for a particular instance, IS‐IS will run at level 1 and level 2 and
the CSN packet interval is 10 seconds.

Mode
Router Interface Configuration.

Usage
The isis csnp‐interval configures the Complete Sequence Number (CSN) packet interval for the
given instance at the given level.
The Designated Intermediate System (DIS) on a broadcast link periodically multicasts CSN
packets to the link. The CSN packets summarize the current link state packet (LSP) database as it
appears on the DIS. This allows the other routers on the link to request updates or to know that
they should send updates. This method keeps all the routers on the link synchronized (for
example, having the same database).
The DIS will multicast as many CSN packets as are required to completely describe its LSP
database at intervals specified by this parameter. Setting the time lower can decrease convergence
time at the expense of more link usage. Setting the time higher will decrease link usage at the
expense of convergence time.
The negative form of this command, no isis csnp‐interval, resets the interval to the default of 10
seconds.

Example
This example configures a CSN interval of 20 seconds on interface ge.4.2 for level‐1 of instance 4:
matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# isis csnp-interval 20 level-1 4

Matrix X Router Command Line Interface Reference Guide 33-37

IS-IS Interface Commands

isis dis-hello-interval
This command sets the hello interval used by a given instance when it is the Designated
Intermediate System (DIS) on the interface.

Syntax
isis dis-hello-interval time-seconds {level-1 | level-1-2 | level-2} [instance-id]

no isis dis-hello-interval [time-seconds] {level-1 | level-1-2 | level-2}

[instance-id]

Parameters
time‐seconds An integer between 1 and 300 that specifies the interval in seconds.
level‐1 (Optional) IS‐IS will run at level 1.
level‐1‐2 (Optional) IS‐IS will run at level 1 and at level 2.
level‐2 (Optional) IS‐IS will run at level 2.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Defaults
If this command is not specified for a particular instance, IS‐IS will run at level 1 and level 2 and
the DIS hello interval is 3 seconds.

Mode
Router Interface Configuration.

Usage
When a router is elected DIS for a link, it is important that it remain adjacent with other routers on
the interface and quickly become adjacent with other routers on the interface. The router switches
to a different hello interval than in the non‐DIS case. It, therefore, will typically use a lower hello
interval. This parameter allows you to set the new interval length to use when becoming DIS.
The negative form of this command, no isis dis‐hello‐interval, removes the configured time‐
seconds value for the specified interface, and returns it to the default value. Specifying a value for
time‐seconds in the no form has no effect on the configuration. Thus, it is displayed above as
optional.

Example
The following example configures the DIS hello interval for instance 3 to be 1 second:
matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# isis dis-hello-interval 1 3

33-38 IS-IS Commands

IS-IS Interface Commands

isis hello-interval
This command specifies how frequently an IS‐IS instance sends Hello packets on an interface.

Syntax
isis hello-interval time-seconds {level-1 | level-1-2 | level-2} [instance-id]

no isis hello-interval [time-seconds] {level-1 | level-1-2 | level-2}

[instance-id]

Parameters
time‐seconds An integer between 1 and 300 that specifies the interval in seconds.
level‐1 (Optional) IS‐IS will run at level 1.
level‐1‐2 (Optional) IS‐IS will run at level 1 and at level 2.
level‐2 (Optional) IS‐IS will run at level 2.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Defaults
If this command is not specified for a particular instance, IS‐IS will run at level 1 and level 2 and
the hello interval is 10 seconds.

Mode
Router Interface Configuration.

Usage
The isis hello‐interval command configures the rate at which hello packets are sent out on a non‐
designated intermediate system (non‐DIS) interface, for the default level. IS‐IS uses hello packets
to learn about other routers on the link. The value specified for this parameter configures the
number of seconds between subsequent multicast hellos, announcing both itself and all the other
routers it knows on the link. When the router receives a HELLO, it adds the sending router to its
known list of routers on the link. Through this exchange, both routers learn of each other and
acknowledge this fact. Until this exchange and acknowledgement happens, packets will not be
forwarded between the routers.
Each hello packet also contains a hold time. The hold time informs the receiving router how long
to wait without seeing another hello from the sending router before considering the sending
router down. The announced hold time is derived by multiplying this parameter with the value
specified in the isis hello‐multiplier command. Setting this parameter smaller will decrease the
amount of time before a router’s presence (or lack thereof) is noticed, but will increase the link
usage. Setting this parameter larger will decrease the link usage, but will increase the amount of
time required to notice the router is up or down.
The negative form of this command, no isis hello‐interval, removes the configured Hello interval
and returns this to its default of 10 seconds. Specifying a value for time‐seconds in the no form has
no effect on the configuration. Thus, it is displayed above as optional.

IS-IS Interface Commands

Notes:
• Specifying a value for number in the no form has no effect on the configuration. Thus, it is
displayed above as optional.
• If an instance-id is not specified, an ID of 1 is assumed.

Example
The following example configures a maximum burst value of 10 for interface ge.4.3, instance 3
matrix-x(router-config)# interface ge.4.3
matrix-x(config-router-if-ge.4.3)# isis max-burst 10 3

isis md5-key
This command configures MD5 Hello authentication at the given level, for the given instance on
the specified interface.

Syntax
isis md5-key key [start-accept yyy-mm-dd.hh.mm] [start-generate yyy-mm-dd.hh.mm]
[stop-accept yyy-mm-dd.hh.mm] [stop-generate yyy-mm-dd.hh.mm] [level-1 | level-1-
2 | level-2] [instance-id]

no isis md5-key key [start-accept yyy-mm-dd.hh.mm] [start-generate yyy-mm-

dd.hh.mm] [stop-accept yyy-mm-dd.hh.mm] [stop-generate yyy-mm-dd.hh.mm] [level-1
| level-1-2 | level-2] [instance-id]

Parameters
key A character string of maximum 64 characters.
start‐accept (Optional) Specify the start time for accepting MD5 authentication.
yyyy‐mm‐dd.hh.mm
start‐generate yyyy‐ (Optional) Specify the start time for generating MD5 authentication.
mm‐dd.hh.mm
stop‐accept (Optional) Specify the stop time for accepting MD5 authentication.
yyyy‐mm‐dd.hh.mm
stop‐generate yyyy‐ (Optional) Specify the stop time for generating MD5 authentication.
mm‐dd.hh.mm
level‐1 (Optional) Specifies that MD5 authentication being configured will
apply to level 1 circuits.
level‐1‐2 (Optional) Specifies that MD5 authentication being configured will
apply to level 1 and level 2 circuits. This is the default value.
level‐2 (Optional) Specifies that MD5 authentication being configured will
apply to level 2circuits.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Matrix X Router Command Line Interface Reference Guide 33-43

IS-IS Interface Commands

Defaults
This command is not configured by default.

Mode
Router Interface Configuration.

Usage
When you want to keep certain routers from exchanging IS‐IS packets,use the simple form of
authentication. The interfaces that the packets are to be sent on still need to be trusted, because the
key will be placed in the packets and can be seen by anyone with access to the network.
When you do not trust other users of your network, use MD5 authentication. The system works by
using shared secret keys. Becausethe keys are used to sign the packets with an MD5 checksum,
they cannot be forged or tampered with. Because the keys are not included in the packet, snooping
the key is not possible. Users of the network can still snoop the contents of packets, however,
because the packets are not encrypted.
The isis md5‐key command configures MD5 Hello authentication at the given level for the given
instance on this interface. Note that isis md5‐key conflicts with isis password, and the most recent
one will override the other. This command can be given multiple times with different keys. All
valid keys will be accepted, and the first valid key will be used in transmission.
The negative form of this command, no isis md5‐key, deletes the given key from the list of keys. If
all keys are deleted, then hello authentication for the given instance‐id is disabled. Note that, even
though specifying a level is optional for the negative form, it must be there in order for instance‐id
to be specified. It will be ignored, as key and instance‐id are the only important arguments for the
negative form.
MD5 keys and passwords can coexist nicely. The incoming packet will be authenticated using the
authentication type contained in the packet

Examples
The following example add the MD5‐key abc to the list of level 1 Hello authentication keys or
instance 3 on interface ge.4.3:
matrix-x(router-config)# interface ge.4.3
matrix-x(config-router-if-ge.4.3)# isis md5-key abc level-1 3

The following example configures md5 authentication for interface ge.4.5. MD5 authentication is
configured with a start‐generate time set to January 02, 2004 at 21:30 hours and a stop‐accept time
set to January 02, 2004 at 22:00 hours.
matrix-x(router-config)# interface ge.4.5
matrix-x(config-router-if-ge.4.5)#isis md5-key xyz start-generate 2004-01-
02.21.30 stop-accept 2004-01-02.22.00

33-44 IS-IS Commands

IS-IS Interface Commands

Related Commands
area‐md5‐key
area‐password
domain‐md5‐key
domain‐password
isis password

isis mesh-group
This command configures RFC 2973 mesh groups for IS‐IS.

Syntax
isis mesh-group {number | blocked} [instance-id]

no isis mesh-group {number | blocked} [instance-id]

Parameters
number An integer from 1 to 4,294,967,294 that specifies the number of a mesh group.
blocked Specifies that the instance is blocked on the interface.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer between 1
and 4294967294. Note that this value defaults to 1 if it is not specified.

Defaults
This command is not explicitly configured by default.

Mode
Router Interface Configuration.

Usage
The isis mesh‐group command implements an extension to the IS‐IS protocol described in RFC
2973 which allows an IS to track a mesh group number that prevents redundant flooding when a
full mesh of circuits are used among a group of ISs. This command has two forms. If a group
number is given, then this configures the given instance to be in the given group on the interface. If
blocked is specified, then the given instance is blocked on this interface.
The negative form of this command, no mesh‐group, removes the given instance from any mesh
group or blocked status on the interface.

Note: This command applies only to point-to-point interfaces.

Matrix X Router Command Line Interface Reference Guide 33-45

IS-IS Interface Commands

Examples
The following example configures instance 3 on interface ge.4.3 to be part of mesh group 1:
matrix-x(router-config)# interface ge.4.3
matrix-x(config-router-if-ge.4.3)# isis mesh-group 1 3

The following example configures instance 2 on interface ge.4.2 to be blocked:

matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# isis mesh-group blocked 2

isis metric
This command sets the routing metric at the given level for the given instance on the specified
interface.

Syntax
isis metric cost {level-1 | level-1-2 | level-2} [instance-id]

no isis metric cost {level-1 | level-1-2 | level-2} [instance-id]

Parameters
cost An integer from 1 to 16777215.
level‐1 (Optional) The level for the metric is level 1.
level‐1‐2 (Optional) The level for the metric is level 1 and at level 2.
level‐2 (Optional) The level for the metric is level 2.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer between 1
and 4294967294. This value defaults to 1 if it is not specified.

Defaults
If this command is not specified for an instance, the default cost is 10 and the level for the metric is
level 1 and level 2.

Mode
Router Interface Configuration.

Usage
The isis metric command configures the routing metric for the given instance at the given level
on the interface. The value entered for cost is advertised throughout the IS‐IS routing domain as
the cost to send a packet out the interface and is used to calculate the shortest path between
routers.
The negative form of this command, no isis metric, removes the configured cost value and returns
this to its default value of 10.

33-46 IS-IS Commands

IS-IS Interface Commands

Note: Narrow and transition metrics only allow a cost up to 63, while wide metrics allow a cost up to
16777215. If the cost is higher than narrow metrics will allow, then the circuit will be disabled, and
an error message will be printed to the trace file and system log to alert the administrator of the
misconfiguration.

Example
This example configures the routing metric for instance 2 at level 1 to be 5 on interface ge.4.3:
matrix-x(router-config)# interface ge.4.3
matrix-x(config-router-if-ge.4.3)# isis metric 5 level-1 2

isis passive
This command configures the interface as passive in the given instance.

Syntax
isis passive [instance-id]

no isis passive [instance-id]

Parameters
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Defaults
The interface is active by default.

Mode
Router Interface Configuration.

Usage
The isis passive command specifies whether the interface actively participates in IS‐IS on the
given link. If this command is configured, then the link will be advertised in the router’s link state
packet (LSP) and thus enable routing to that link through the router. However, the router will not
actually run IS‐IS on the link. This has the effect of allowing traffic destined to the link’s networks
to use this router but not allow traffic destined for other networks to use this router and link to
reach those networks.
The negative form of this command, no isis passive, marks the interface as active.

Example
The following example sets interface ge.4.3 to be passive for instance 3:
matrix-x(router-config)# interface ge.4.3
matrix-x(config-router-if-ge.4.3)# isis passive 3

Matrix X Router Command Line Interface Reference Guide 33-47

IS-IS Interface Commands

isis password
This command configures the simple password for all hello packets for the given instance at the
given level on an interface.

Syntax
isis password password [level-1 | level-1-2 | level-2] [instance-id]

no isis password password [level-1 | level-1-2 | level-2] [instance-id]

Parameters
password A character string of a maximum 64 characters.
level‐1 (Optional) The level for the password is level 1.
level‐1‐2 (Optional) The level for the password is level 1 and at level 2. This is the
default value.
level‐2 (Optional) The level for the password is level 2.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer between 1
and 4294967294. This value defaults to 1 if it is not specified.

Defaults
Hello authentication is not configured by default.

Mode
Router Interface Configuration.

Usage
This sets the simple password for all hello packets for the given instance at the given level on this
interface. A password must be given, as a blank password is invalid. If a level is not given, then a
default is set that will be used if a level is not set. If level‐1‐2 is given, then the given value will be
used at both levels.
The negative form of this command, no isis password, turns off hello authentication.

Note: MD5 keys and passwords can coexist nicely. The incoming packet will be authenticated
using the authentication type contained in the packet.

Examples
The following example configures simple password abc for hello packets for instance 3 at level 1
on interface ge.4.2:
matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# isis password abc level-1 3
The following example configures simple password xyz for hello packets for instance 1 (the
default instance) at level‐1‐2 (the default level) on interface ge.4.2:
matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# isis password xyz

33-48 IS-IS Commands

IS-IS Interface Commands

Related Commands
area‐md5‐key
area‐password
domain‐md5‐key
domain‐password
isis md5‐key

isis periodic-csn
This command Forces Complete Sequence Number (CSN) packets to be sent on an interface at
regular intervals.

Syntax
isis periodic-csn [instance-id]

no isis periodic-csn [instance-id]

Parameters
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Defaults
If this command is not specified for an instance, this feature is turned on.

Mode
Router Interface Configuration.

Usage
In typical configurations, it is not necessary or desirable to send CSNs at regular intervals on
point‐to‐point links. These packets are normally transmitted only upon initial establishment of the
adjacency. The isis periodic‐csn command forces CSN packets to be sent on an interface at regular
intervals, as if this instance was the DIS on a broadcast link.

Note: This command is effective only on broadcast links.

The negative form of this command, no isis periodic‐csn, resets the periodic CSN to its default
value.

Example
The following example turns on the periodic CSN feature for instance 3 on interface ge.4.5:
matrix-x(router-config)# interface ge.4.5
matrix-x(config-router-if-ge.4.5)# isis periodic-csn 3

Matrix X Router Command Line Interface Reference Guide 33-49

IS-IS Interface Commands

isis priority
This command sets the Designated Intermediate System (DIS) priority for the given instance at the
given level on an interface.

Syntax
isis priority number {level-1 | level-1-2 | level 2} [instance-id]

no isis priority number {level-1 | level-1-2 | level 2} [instance-id]

Parameters
number An integer from 0 to 127 that specifies the DIS priority.
level‐1 (Optional) The level for the priority is level 1.
level‐1‐2 (Optional) The level for the priority is level 1 and at level 2. This is the
default value.
level‐2 (Optional) The level for the priority is level 2.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Defaults
If this command is not specified for an instance, the default prioriy is 64 and the default level for
the priority is level 1 and level 2.

Mode
Router Interface Configuration.

Usage
The isis priority command configures the DIS priority for the given instance at the given level on
this interface. In IS‐IS, the router with the highest priority is always elected DIS, with MAC
address breaking the tie. A router with a priority of 0 can still be elected DIS. The maximum
priority is 127.
The negative form of this command, no isis priority, resets the priority to its default value of 64.

Example
The following example configures a DIS priority of 0 for instance 3 at level 1 on interface ge.4.3.
This is the lowest possible priority value:
matrix-x(router-config)# interface ge.4.3
matrix-x(config-router-if-ge.4.3)# isis priority 0 level-1 3

33-50 IS-IS Commands

IS-IS Interface Commands

isis restart-hello-interval
This command configures the interval for sending hellos when performing a restart.

Syntax
isis restart-hello-interval time-seconds {level-1 | level-1-2 | level-2}
[instance-id]

no isis restart-hello-interval time-seconds {level-1 | level-1-2 | level-2}

[instance-id]

Parameters
time‐seconds An integer from 1 to 300, specifying the number of seconds in the
interval. Default is 3 seconds.
level‐1 (Optional) The level for the interval is level 1.
level‐1‐2 (Optional) The level for the interval is level 1 and at level 2. This is the
default value.
level‐2 (Optional) The level for the interval is level 2.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Defaults
If this command is not specified for an instance, the interval is 3 seconds and the level is level 1
and level 2.

Mode
Router Interface Configuration.

Usage
When a router is performing a restart, it is advisable to send Hellos more often than normal to
speed up the adjacency information. Draft‐ietf‐isisrestart describes a method for an IS to restart its
routing without causing flapping in the domain while attempting to restart a different Hello
interval. The isis restart‐hello‐interval command specifies the time, in seconds, before IS‐IS will
begin sending hello messages again for the default level. This can be used to speed up
convergence.
The negative form of this command, no isis restart‐hellointerval, removes the configured values
and returns it to its default value of 3 seconds.

Example
The following example configures the restart hello interval for interface ge.4.2 to be 1 second for
instance 3 at level 2:
matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# isis restart-hello-interval 1 level-2 3

Matrix X Router Command Line Interface Reference Guide 33-51

IS-IS Interface Commands

isis retransmit-interval
This command configures the amount of time to wait between successive transmissions of the
same Link State Packet (LSP) on a point‐to‐point link.

Syntax
isis retransmit-interval time-seconds [instance-id]

no isis retransmit-interval time-seconds [instance-id]

Parameters
time‐seconds An integer from 1 to 300, specifying the number of seconds in the
interval. Default is 5 seconds.
instance‐id (Optional) Specifies an IS‐IS instance for the interface. An integer
between 1 and 4294967294. This value defaults to 1 if it is not specified.

Defaults
5 seconds.

Mode
Router Interface Configuration.

Usage
The isis retransmit‐interval command sets the amount of time to wait between successive
transmissions of the same LSP on a point‐to‐point link. Setting this value higher will avoid
unnecessary retransmission, but will slow convergence (synchronization) time between routers.
Setting this value lower will cause convergence time to decrease, but may cause unnecessary
retransmission (for example, the other router has received the LSP initially but not had a chance to
acknowledge the fact).
The negative form of this command, no isis retransmit‐interval, removes the configured value
and returns it to its default value.

Example
The following example configures the retransmit interval for interface ge.4.3 to be 10 seconds for
instance 3:
matrix-x(router-config)# interface ge.4.3
matrix-x(config-router-if-ge.4.3)# isis retransmit-interval 10 3

33-52 IS-IS Commands

IS-IS Query Commands

Purpose
These router commands are used to display information about IS‐IS configuration.

Commands
The following table lists the IS‐IS query commands.

For information about... Refer to page...

show isis circuit 33-53

show isis database 33-55

show isis summary 33-57

show isis circuit

This command returns summary or detail information about all the circuits on a single IS‐IS
instance or on all IS‐IS instances

Syntax
show isis circuit [instance-id] [detail] [port-string]

Parameters
instance‐id (Optional) Specifies the instance ID for which you want general IS‐IS data
returned.An integer between 1 and 4294967294. If this parameter is not
entered, information for all instances is displayed.
port‐string (Optional) Specifies the circuit interface name to display.
detail (Optional) Display more detailed information.

Defaults
If no parameters are entered with this command, general information is displayed for all IS‐IS
instances.

Mode
Privileged EXEC.

Usage
If detail is not specified, then a summary of circuit status is provided. Otherwise, detailed
information is provided.

Example
The following example displays the output using the detail parameter.

Matrix X Router Command Line Interface Reference Guide 33-53

IS-IS Query Commands

matrix-x(router-exec)# show isis circuit 1 detail

ISIS Instance: 1
Circuit ge.4.1:
Index: 4001 SNPA: 2:0:2f:1:0:0
MTU: 1497 Type: broadcast
Level 1:
Metric: 10, Number of adjacencies: 0
LAN-ID: 0000.ac2f.0165.b0, Priority: 64
DIS: none, DIS Priority: none
Level 2:
Metric: 10, Number of adjacencies: 0
LAN-ID: 0000.ac2f.0165.b0, Priority: 64
DIS: none, DIS Priority: none
Circuit ge.4.2:
Index: 4002 SNPA: 2:0:2f:1:0:0
MTU: 1497 Type: broadcast
Level 1:
Metric: 10, Number of adjacencies: 0
LAN-ID: 0000.ac2f.0165.b1, Priority: 64
DIS: none, DIS Priority: none
Level 2:
Metric: 10, Number of adjacencies: 0
LAN-ID: 0000.ac2f.0165.b1, Priority: 64
DIS: none, DIS Priority: none
The following table describes the output fields.

Output Field Description

Instance The instance ID for the instance in question.

Circuit name This is the name of the physical interface associated with this circuit.

Index This is the circuit index. It is used for determining pseudo node numbers.

SNPA SubNetwork Point of Attachment. This is the physical MAC address of the circuit.

Levels This is the configured levels of the circuit. Possible values are 1, 2, or 1 and 2.

Metrics These are the level 1 and level 2 metrics. If only one level is configured, then a dash is
used in place of its metric.
MTU This is the MTU of the circuit. It is the MTU of the physical interface associated with
this circuit, with a small fudge factor thrown in.

Level Header indicating the following information is about a specific level. There can be up to
two of these sections per interface, if the interface is configured level 1 and 2.

Metric This is the metric for this circuit at this level.

LAN ID If this is a broadcast capable circuit, then this is the LSID of the pseudo node
associated with this network. It consists of 6 octets of System ID of the DIS, plus 1
octet of Circuit Index for the associated circuit on the DIS.

Link ID If this is a non-broadcast circuit, then this is the ID of this link. It is an integer and is
usually the same as the Index.

DIS Priority If this is a broadcast capable circuit, then this is the configured DIS priority of this
instance on this circuit at this level.

Number This is the number of adjacencies on this circuit that are in INIT or higher.
Adjacencies

33-54 IS-IS Commands

IS-IS Query Commands

Output Field Description

Adjacencies This is a list of all the adjacencies on this circuit at this level.

SystemID This is the System ID of the neighbor on this adjacency.

SNPA This is the SubNetwork Point of Attachment for this neighbor. It is the physical MAC
address of the neighbor on this circuit.

State This is the state of the circuit in the Circuit State Machine. Possible values are
initializing, up, failed, and down.

System Type This is the type of IS of this neighbor. Possible values are unknown, ES, IS, Level 1 IS,
and Level 2 IS. The only values which will show up in practice are Level 1 IS and Level
2 IS.
DIS Priority This is the DIS election priority of this neighbor, if this is a Broadcast capable circuit.

Area Addresses This is a list of all the area addresses claimed by this neighbor. There may be up to
three area addresses.
Hold Time This is the hold time advertised by this neighbor in seconds. If an IIH packet is not
received within Hold Time seconds from this neighbor, it will be timed out.

NLPIDs This is the list of supported protocols for this neighbor.

Int Addresses This is the list of interface addresses claimed by this neighbor on this circuit at this
level.

show isis database

This command displays the contents of the ISIS Link State Database (LSDB) for all instances.

Syntax
show isis database [instance-id] [1 | 2]

Parameters
instance‐id (Optional) Specifies the instance ID for which you want LSDB IS‐IS
information returned. If this parameter is not entered, information for
all instances is displayed.
1 (Optional) View information for level 1.
2 (Optional) View information for level 2.

Defaults
If no parameters are entered with this command, information for all IS‐IS instances is displayed,
for all levels.

Mode
Privileged EXEC.

Matrix X Router Command Line Interface Reference Guide 33-55

IS-IS Query Commands

Usage
The show isis database query displays the contents of the ISIS Link State LSDB for all instances.
This query can optionally be given with arguments. You can specify to view information for a
specific IS‐IS instance or for all IS‐IS instances. You can also specify whether to view information
for level‐1, for level‐2, or both.

Example
This example shows a database summary for an IS running two instances of ISIS at Level 1 and 2
matrix-x(router-exec)# show isis database

Instance 2
IS-IS Level 1 Link State Database
LSPID Seq Num Cksum Life IS Flags
0000.0000.670d.0000 4 0x5adc 1054 L2 <Att>
0000.0000.680b.0000 4 0xf74d 1045 L2 <Att>
0000.0000.680b.0500 1 0x908d 1041 L2 <>

IS-IS Level 2 Link State Database

LSPID Seq Num Cksum Life IS Flags
0000.0000.670d.0000 4 0x5be2 1054 L2 <DBOverload>
0000.0000.680b.0000 4 0x7fce 1041 L2 <DBOverload>
0000.0000.680b.0500 1 0x8da7 1041 L2 <DBOverload>

Instance 2
IS-IS Level 1 Link State Database
LSPID Seq Num Cksum Life IS Flags
0000.0000.680b.0000 3 0x7dcc 972 L2 <Att>
0000.0000.680b.0400 1 0x58c9 967 L2 <>
0000.0000.670d.0000 3 0x9aa2 971 L2 <Att>

IS-IS Level 2 Link State Database

LSPID Seq Num Cksum Life IS Flags
0000.0000.680b.0000 4 0xe76b 972 L2 <>
0000.0000.680b.0400 1 0x55e3 967 L2 <>
0000.0000.670d.0000 4 0xf84c 971 L2 <>

The following table explains the output fields.

Output Description

LSPID Link State Packet ID. This is the ID of the LSP being described. It consists of 6 octets of
system ID of the originating IS, followed by one octet of pseudo node ID, followed by one
octet of fragment number.

Seq Num This is the sequence number of the LSP. Sequence numbers start at 1 and are
incremented every time the LSP is regenerated.

Cksum This is the checksum of the entire packet.

Life This is the remaining lifetime of the LSP in seconds.

IS Type The type of IS that originated the LSP. Possible values are L1 or L2.

33-56 IS-IS Commands

IS-IS Query Commands

Output Description

Flags These are the LSP flags. Possible values are:

Att — The IS originating this LSP is a Level 2 IS that can reach at least one other Level 2
IS in another area.
P — The IS originating this LSP supports Partition Repair. GateD and other
implementations do not support this feature.
DBOverload — The IS originating this LSP is Overloaded.

show isis summary

This command displays general IS‐IS information about a single IS‐IS instance or all IS‐IS
instances.

Syntax
show isis summary [instance-id]

Parameters
instance‐id (Optional) Specifies the instance ID for which you want summary IS‐IS data
returned. If this parameter is not entered, data for all instances is displayed.

Defaults
If no instance is specified, information for all instances is displayed.

Mode
Privileged EXEC.

Usage
The show isis summary query displays an overview of the ISIS instances running on the router.
All this information is available via show running.

Example
This example shows overview information for all ISIS instances on a router running two level 1
and 2 instances:
matrix-x(router-exec)# show isis summary
Instance 2
SystemID 0000.0000.680b Level: 1 and 2 Operational Status: on
Internal Preference: 11 External Preference: 151
Area Addresses: 00.0000.01
NLPIDs: IPv4
Instance 1
SystemID 0000.0000.670b Level: 1 and 2 Operational Status: on
Internal Preference: 11 External Preference: 151
Area Addresses: 00.0000.01
NLPIDs: IPv4

The following table describes the output fields.

Matrix X Router Command Line Interface Reference Guide 33-57

IS-IS Query Commands

Output Description

Instance The instance ID for the instance in question

SystemID The System ID for this instance.

Level The configured Level for this instance. Possible values are 1, 2, or 1 and 2.

Operational Status Whether or not this instance is running. Possible values are on and off.

Internal Preference The preference for Normal Internal, Wide, or Extended Internal ISIS routes
installed by this instance verses other routing protocols running on the router.
Lower is better.

External Preference The preference for Normal External or Extended External ISIS routes installed by
this instance verses other routing protocols running on the router. Lower is better.

Area Addresses The set of area addresses configured on the instance.

NLPIDs The set of supported protocols configured on this instance.

33-58 IS-IS Commands

34
Routing Kernel Commands

Overview
This chapter describes the routing kernel commands.
Although the routing kernel interface is not technically a routing protocol, it has many
characteristics of one, and the Matrix X Router handles it similarly. The routes the Matrix X Router
chooses to install in the routing kernel forwarding table are those that will actually be used by the
routing kernel to forward packets.
The add, delete, and change operations that the Matrix X Router must use to update the typical
routing kernel forwarding table take a non‐trivial amount of time. The time used does not present
a problem for older routing protocols (such as RIP), which are not particularly time critical and do
not easily handle large numbers of routes anyway. The newer routing protocols (such as OSPF
and BGP) have stricter timing requirements and are often used to process many more routes. The
speed of the routing kernel interface becomes critical when these protocols are used.
To prevent the Matrix X Router from locking up for significant periods of time while installing
large numbers of routes (up to a minute or more has been observed on real networks), the
processing of these routes is done in batches. The size of these batches can be controlled by the
tuning parameters described in this chapter, but normally the default parameters will provide the
proper functionality.
During normal shutdown processing, the Matrix X Router deletes all the routes it has installed in
the routing kernel forwarding table, except for those static routes marked with flag‐retain.
Optionally, the Matrix X Router can leave all routes in the routing kernel forwarding table by not
deleting any routes using no‐flush‐at‐exit. This option is useful on systems with large numbers of
routes because it eliminates the need to re‐install the routes when the Matrix X Router restarts,
which can greatly reduce the time it takes to recover from a restart.

Commands

For information about... Refer to page...

router background priority 34-3

router flash limit 34-4

router flash type 34-5

router no_change 34-6

router no_flush_at_exit 34-7

router no_install 34-8

Matrix X Router Command Line Interface Reference Guide 34-1

Commands

For information about... Refer to page...

router remnant_holdtime 34-9

router routes 34-10

router trace file 34-11

router trace flag 34-13

show router summary 34-15

router background limit

This commands specifies the type of routes that will be processed during a flash update.

Syntax
router background limit number

no router background limit

Parameters
number Specifies a number of routes that can be processed during one batch.
The valid value range is 0 to 4,294,267,295, inclusive.

Defaults
If router background is not specified, the default is 120.

Mode
Router Global Configuration.

Usage
Because only interface routes are normally installed during a flash update, the remaining routes
are processed in batches in the background, that is, when no routing protocol traffic is being
received. Use the router background limit command to specify how these batches are processed.
The negative of this command, no router background limit, reverts back to the default of
maximum of 120 routes of lower priority.

Example
In the following example, the number of background route updates is limited to 40 routes.
matrix-x(router-config)# router background limit 40

34-2 Routing Kernel Commands

Commands

router background priority

This command specifies the priority of the processing of batches of operating system updates in
relationship to the flash update processing.

Syntax
router background priority {lower | higher | flash}

no router background priority

Parameters
lower Flash updates are processed first.
higher Operating system updates are processed first.
flash Operating system updates are processed at the same priority as flash
updates.

Defaults
If router background priority is not specified, the default is priority lower.

Mode
Router Global Configuration.

Usage
Because only interface routes are normally installed during a flash update, the remaining routes
are processed in batches in the background, when no routing protocol traffic is being received.
The router background priority command (along with the router background limit command)
specifies how these batches are processed.
Use the router background priority command to specify the priority of the processing of batches
of operating system updates in relationship to the flash update processing. The negative form of
this command, no router background priority, removes the configured priority value, and returns
this to its default value of lower.

Example
The following example sets the background priority to flash, thereby giving operational system
updates the same priority as flash updates:
matrix-x(router-config)# router background priority flash

Matrix X Router Command Line Interface Reference Guide 34-3

Commands

router flash limit

This command specifies the number of routes processed during a flash update.

Syntax
router flash limit {number | none}

no router flash limit

Parameters
number | none Specifies the maximum number of routes that can be processed during a
flash update or specify that an unlimited number are processed. The valid
value range for number is from 0 to 4,294,967,294, inclusive.

Defaults
If the router flash limit is not specified, the default is 20.

Mode
Router Global Configuration.

Usage
A flash update results from protocol activity. The router flash limit command controls the
number of routes installed during a flash update, suspending the current protocol module until
the flash completes. Typically, only up to twenty interface routes are normally installed during a
flash update. The remaining routes are processed in batches in the background, when no routing
protocol traffic is being processed.
The negative of this command, no router flash, reverts back to the default of maximum of 20
routes of type interface.

Example
In the following example, the router is configured to flash up to 40 routes at a time:
matrix-x(router-config)# router flash limit 40

34-4 Routing Kernel Commands

Commands

router flash type

router trace file

This command specifies file options when tracing in the routing kernel interface.

Syntax
router trace file file_name {max-size file_size {M | m | K | k} || max-files
num_files || no-timestamp || overwrite}

no router trace file file_name {max-size file_size {M | m | K | k} || max-files

num_files || no-timestamp || overwrite}

Parameters
file_name Specifies the name of the file to receive the tracing information. Note that
the file name is not specified in quotes.
max‐size file_size Specifies the maximum file size in bytes (by default) or megabytes or
{M | m | K | k} kilobytes. The acceptable value range is 10K to 4,294,967,295 bytes. Notice
that there is no space between the file_size parameter and the unit
type.
max‐files num_files Specifies the maximum number of files allowed in the directory. The
acceptable value range is 2 to 4,294,967,295, with a default value of
4,294,967,295 files.
no‐timestamp Specifies that a timestamp should not be prepended to all trace lines.
overwrite Specifies to begin tracing by appending or truncating an existing file.

Defaults
Router tracing is turned off by default.

Mode
Router Global Configuration.

Usage
The trace file command is associated with each protocol, so that information pertaining to a single
protocol can be written to its own file. The router trace file command specifies a file for tracing of
all routing kernel events. The negative form of this command disables this tracing. The specific
events that are traced are controlled by the router trace flag command.
The max‐size option sets a maximum on the size of the trace file. The size can be specified in
megabytes by giving ʹMʹ or ʹmʹ (without a leading space), or it can be specified in kilobytes by
giving ʹKʹ or ʹkʹ. If no units are given, the size is assumed to be in bytes. The range of this
parameter is 10K to 4,294,967,295 bytes (about 4294M). When the maximum file size is reached,
the file is closed and renamed to fname.0, then fname.1, and so on, until the maximum number of
files specified by the max‐files option is reached. The default is unlimited. The size of a trace file is
limited by the file system on which the trace file resides.
The max‐files option specifies the maximum number of files allowed in the specified directory.
The range of this parameter is 2 to 4,294,967,295. The default is 4,294,967,295 files.
The no‐timestamp option disables the pre‐pending of a timestamp to all lines written to the trace
file. The default is to prepend a timestamp to all lines written to a trace file.

Matrix X Router Command Line Interface Reference Guide 34-11

Commands

The overwrite option specifies whether to start tracing by truncating or appending to an existing
file:
These options are not cumulative across multiple commands. Consider the following example:
matrix-x(router-config)# router trace file kernel.log no-timestamp
matrix-x(router-config)# router trace file kernel.log max-files 10

The option given in the second command completely replaces that given in the first. In order to
specify both no‐timestamp and max‐files 10, they must be entered on the same line as follows.
matrix-x(router-config)# router trace file kernel.log max-files 10 no-timestamp

Example
In the following example, router tracing is written to the file /var/trace/kernel.log. The maximum
size of the file is configured to be 1024 KB, and the maximum number of files permitted is 3. When
the file reaches 1 megabyte in size (the maximum size in this configuration), the file is renamed to
kernel.log.0, and kernel.log is re‐created. When the next kernel.log file reaches 1 megabyte in size,
kernel.log.0 is renamed kernel.log.1, kernel.log is renamed kernel.log.0, and kernel.log is re‐
created. This continues until four log files exist (the maximum allowed in this configuration).
When the maximum number of log files is reached, kernel.log.0 is deleted, kernel.log.1 is renamed
to kernel.log.0, and kernel.log.2 is renamed kernel.log.1. No timestamp will display at the
beginning of the trace lines.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
matrix-x(router-config)# router trace file kernel.log max-size 1024k max-files 4
no-timestamp

34-12 Routing Kernel Commands

Commands

router trace flag

This command specifies routing kernel‐specific tracing options as well as options that are
common across all protocols

Syntax
router trace flag {[route | normal | state | policy | task | timer | all]} |
{[symbol | remnants | interface-list | request | info]} | {[packets | redirect |
other | routes | interface} {send | receive | send-receive] [detail]}

no router trace flag {[route | normal | state | policy | task | timer | all]} |
{[symbol | remnants | interface-list | request | info ]}| {[packets | redirect |
other | routes | interface} {send | receive | send-receive ] [detail]}

Parameters
Flags common to all protocols:

{ route | These tracing flags are common to all protocols. They cannot be associated with a
normal | send, receive, or send‐receive action item. Similarly, you cannot specify to show
state | detailed information when tracing these flags. These flags are defined as follows:
policy |
• route - trace routing table changes for routes installed by this protocol or peer
task |
timer | • normal - trace normal protocol occurrences. Note: Abnormal protocol
all } occurrences are always traced.
• state - trace state machine transition in the protocol
• policy - trace the application of protocol and user‐specified policy to routes
being imported or exported
• task - trace system interface and processing associated with this protocol
• timer - trace timer usage by this protocol
• all - turns on all trace flags

Matrix X Router Command Line Interface Reference Guide 34-13

Commands

Routing kernel‐specific flags that do not allow send, receive, send‐receive, or detail actions:

[ symbol These routing kernel‐specific flags cannot be associated with the send, receive, or
| send‐receive action items. These flags are defined as follows:
remnants
• symbol - Specifies to trace symbols, which are read from the routing kernel.
|
The only useful way to specify this level of tracing is via the Matrix X Router -t
interface‐
option, because the symbols are read from the routing kernel before parsing the
list |
configuration file.
request |
info ] • remnants - Specifies to trace remnants, or routes read from the routing kernel
when the Matrix X Router starts.
• interface‐list - Specifies to trace the interface list. interface‐list is useful when
specified with the Matrix X Router ‐t option because the first interface list scan is
performed before any configuration information is processed.
• request - Specifies to trace requests that specify to add, delete, or change
routes in the routing kernel forwarding table.
• info - Specifies to trace info messages, which are messages received from the
routing socket, such as TCP lossage, routing lookup failure, and route resolution
requests. the Matrix X Router does not currently process these messages, but
logs the information if requested.

Routing kernel‐specific flags that allow associated actions:

[ packets These routing kernel‐specific flags can be associated with the send, receive, or send‐
| redirect receive action items. These flags are defined as follows:
| other |
• packets - Specifies to trace all routing kernel packet types
routes |
interface • redirect - Specifies to trace redirect messages, which are received from the
] routing kernel
• other - Specifies to trace other messages that are received from the routing
kernel, including those mentioned in the info type above. This option is
currently not being used and is reserved for future use.
• routes - Specifies to trace routes that are exchanged with the routing kernel,
including add, delete, or change messages and add, delete, or change messages
received from other processes
• interface - Specifies to trace interface status messages that are received from
the routing kernel. These are supported only on systems with networking code
derived from BSD 4.4.
[ send | Optionally specify whether to limit the tracing to packets sent, received, or both.
receive |
send‐
receive ]
[detail] Optionally specify to use a more verbose format when displaying information about
the contents of packets instead of one or two lines.
The default is for no flags to be explicitly configured.

Mode
Router Global Configuration.

34-14 Routing Kernel Commands

Commands

Usage
Use the router trace flag command to specify tracing flags for routing kernel tracing. Each flag
must reside on its own configuration line. For example, you cannot specify to trace both symbol
and remnant packets in the same command.

Example
In the following example, trace flags specify that both the sent and received redirect and interface
messages are traced in detail. This tracing information will be written to the file /var/trace/
kernel.log.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
matrix-x(router-config)# router trace file kernel max-size 1024k
matrix-x(router-config)# router trace flag redirect send-receive detail
matrix-x(router-config)# router trace flag interface send-receive detail

show router summary

This command displays information about routing kernel settings and support.

Syntax
show router summary

Parameters
None.

Defaults
None.

Mode
Router Global Configuration.

Usage
The show router summary query displays information about routing kernel settings and support.
These fields have the following meanings.
no‐change - If this setting is set to ʺonʺ for systems supporting the routing socket, then change
operations will not be performed. Only deletes and adds will be performed. This is useful on early
versions of the routing socket code where the change operation was broken. This option can be
toggled with the router no_change command.
no‐flush‐at‐exit - During normal shutdown processing, the Matrix X Router deletes from the
routing kernel forwarding table all routes that the routing kernel does not flag as ʺretainʺ. Setting
this option to ʺonʺ prevents route deletions at shutdown. During a Matrix X Router shutdown/
restart sequence, it may be desirable to keep in the routing kernel forwarding table the routes that
existed at the time of the Matrix X Router shutdown. This allows the router to continue
forwarding packets while Matrix X Router is being restarted.

Matrix X Router Command Line Interface Reference Guide 34-15

Commands

After a restart, the protocol modules are given a short amount of time (currently three minutes) to
determine their routes. After three minutes, all residual routes not re‐established by the protocol
modules are flushed.
There are four conditions under which the Matrix X Router does not flush a route:
• Interface routes
• Static routes with retain specified
• Routes specified with noflushexit
• Routes with static bit set
The no‐flush‐at‐exit option is convenient on systems with thousands of routes. Upon startup, the
Matrix X Router will notice the routes that are in the routing kernelʹs forwarding table and not add
them back.
This option can be toggled with the router no_flush_at_exit command.
• reject support indicates whether the operating system supports reject routes.
• blackhole support indicates whether the operating system supports blackhole routes.
• variable length subnet support indicates whether the operating system supports data
forwarding using variable length subnet masks.
• host route support indicates whether the operating system supports hosts routes.
• multipath support indicates whether the operating system supports multipath routing.
• IPv4 forwarding enabled indicates whether IPv4 forwarding is turned on in the operating
system.
• UDP checksums enabled indicates whether UDP checksums are turned on in the operating
system.

Example
The following example displays a response for the show router summary query:
matrix-x(router-config)# show router summary
no-change: on no-flush-at-exit: off
reject support: yes blackhole support: yes
variable length subnet support: no
host route support: yes
multipath support: yes IPv4 forwarding enabled: yes

34-16 Routing Kernel Commands

35
Protocol Independent Multicast
Commands

Overview
The Matrix X Router supports Protocol Independent Multicast Sparse Mode (PIM‐SM).
PIM is described as protocol independent because it depends on existing unicast routes to
calculate the reverse path forwarding, in contrast to DVMRP which passes this set of routes within
the protocol.

Note: PIM uses routes in the multicast Routing Information Base (RIB) to perform its RPF check. By
default none of the IGPs (IS-IS, OSPF, RIP) place routes into the multicast RIB. They must be
configured to do so. Check the relevant protocol's configuration section in order to obtain the correct
syntax.

There are two versions of the PIM‐SM protocol. PIM‐SM version 1 is documented in RFC 2117.
PIM‐SM version 2 was constructed to address some of the shortcomings of PIM‐SM version 1. The
Matrix X Router implements only version 2, which is an RFC but is not considered complete
enough to implement (RFC 2362). In going from draft‐ietf‐pim‐sm‐v2‐new‐01 to draft‐ietf‐pim‐
sm‐v2‐new‐02, the BSR (bootstrap router) functionality was removed and placed in its own
internet draft. The Matrix X Router implements the PIM‐SM protocol as described in draft‐ietf‐
pim‐sm‐v2‐new‐02, but the BSR functionality as described in draft‐ietf‐pim‐sm‐v2‐new‐01.
The commands in this chapter are divided into the following groups:

For information about... Refer to page...

PIM General Commands 35-2

PIM Sparse Mode Commands 35-21

Matrix X Router Command Line Interface Reference Guide 35-1

PIM General Commands

These commands set and display general PIM parameters, not specifically related to PIM‐SM.

For information about... Refer to page...

ip pim assert-holdtime 35-3

ip pim dr-priority 35-4

ip pim enable 35-5

ip pim hello-holdtime 35-6

ip pim hello-interval 35-6

ip pim jp-holdtime 35-7

ip pim jp-interval 35-8

ip pim lan-delay 35-9

ip pim mrt-interval 35-10

ip pim mrt-stale-multiplier 35-11

ip pim override-interval 35-12

ip pim triggered-hello-delay 35-13

show ip pim control-counters 35-14

show ip pim interface 35-15

show ip pim neighbor 35-16

ip pim trace file 35-17

ip pim trace flag 35-19

35-2 Protocol Independent Multicast Commands

PIM General Commands

ip pim assert-holdtime
This command specifies the number of seconds that Assert state should be maintained in the
absence of a refreshing Assert message

Syntax
ip pim assert-holdtime time-seconds

no ip pim assert-holdtime

Parameters
time‐seconds Specifies a time, in seconds, between 1 and 1,073,741,823, inclusive.

Defaults
180 seconds

Defaults
105 seconds

Mode
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
PIM Hello messages contain a holdtime specifying how long neighbors must wait for Hello
messages before expiring the senderʹs neighbor state. The ip pim hello‐holdtime command
specifies the holdtime, in seconds, to advertise in Hello messages.
Use the negative form of this command, no ip pim hello‐holdtime, to remove the configured
setting and return this value to the default of 105 seconds.

Example
The following example configures the global hello holdtime to be 100 seconds and the holdtime
for interface ge.4.1 to be 140 seconds.
matrix-x(router-config)# ip pim hello-holdtime 100
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip pim hello-interval

ip pim hello-interval
This command specifies the frequency with which Hello messages are sent.

Syntax
ip pim hello-interval time-seconds
no ip pim hello-interval

Parameters

time‐seconds Specifies a time, in seconds, between 1 and 65535, inclusive.

35-6 Protocol Independent Multicast Commands

PIM General Commands

Defaults
30 seconds

Mode
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
PIM routers periodically multicast Hello messages on each network to which they are connected
to alert other routers to the presence of the sender. Use the ip pim hello‐interval command to
specify the time, in seconds, between successive Hello messages.
Use the negative form of this command, no ip pim hello‐interval, to remove the configured
setting and return this value to the default of 30 seconds.

Example
The following example configures the global hello‐interval to be 100 seconds. This value is
overridden to be 140 seconds on interface ge.4.1.
matrix-x(router-config)# ip pim hello-interval 100
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip pim hello-interval 140

ip pim jp-holdtime
This command specifies the holdtime that is advertised on PIM Join/Prune messages.

Syntax
ip pim jp-holdtime time-seconds

no ip pim jp-holdtime

Parameters

time‐seconds Specifies a time in seconds between 1 and 65535, inclusive.

Defaults
210 seconds

Mode
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the ip pim jp‐holdtime command to specify the holdtime that is advertised in PIM Join/Prune
messages. Receivers must wait at least this long after receiving a Join/Prune message before

Matrix X Router Command Line Interface Reference Guide 35-7

PIM General Commands

deleting the Join/Prune state associated with the advertiser. The recommended value is 3.5 *
jp‐interval.
Use the negative form of this command, no ip pim jp‐holdtime, to remove the configured value
and return this to its default value of 210 seconds.

35-10 Protocol Independent Multicast Commands

PIM General Commands

ip pim mrt-stale-multiplier
This command together with the ip pim mrt‐interval command, specifies the minimum number
of seconds that a source can be silent before its corresponding (S,G) entry can be timed out.

Syntax
ip pim mrt-stale-multiplier multiplier

no ip pim mrt-stale-multiplier

Parameters

multiplier An unsigned integer between 1 and 100, inclusive.

Defaults
14

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
When a source stops sending to a group, the corresponding (S,G) entry is said to have become
ʺstaleʺ and becomes a candidate for deletion from the PIM multicast forwarding table (MRT). The
PIM‐SM protocol defines a Keep‐Alive Timer (KAT) for each (S,G) entry, which is reset by the
arrival of data from source S addressed to group G. If the KAT ever expires, and if other
conditions are met, then the entry can be deleted. Use the ip pim mrt‐stale‐multiplier command,
together with the ip pim mrt‐interval command, to specify the minimum number of seconds that
a source must be silent before the entry is considered stale. The value, multiplier, specified in the
ip pim mrt‐stale‐multiplier command indicates that a source must be silent for
m ultiplier * ip pim mrt‐interval in order to be declared stale.
Use the negative form of this command, no ip pim mrt‐stale‐multiplier, to remove the configured
multiplier value and returs this to its default value of 14 intervals.

Example
The following example configures the MRT stale multiplier value to be 10 seconds.
matrix-x(router-config)# ip pim mrt-stale-multiplier 10
matrix-x(router-config)#

Matrix X Router Command Line Interface Reference Guide 35-11

PIM General Commands

ip pim override-interval
This command specifies the value to advertise as the Override Interval in the Lan Prune Delay
option of PIM Hello messages.

Syntax
ip pim override-interval time-milliseconds

no ip pim override-interval

Parameters
time‐milliseconds An integer between 1 and 65535, specifying a number of milliseconds.

Defaults
2500 milliseconds

Mode
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the ip pim override‐interval command to configure the value to advertise as the Override
Interval value in the Lan Prune Delay option in PIM Hello messages. This value is used to tune the
value of the J/P Override interval. It is configured in units of milliseconds.
Use the negative form of this command, no ip pim override‐interval, to remove the configured
time‐milliseconds value and return this to its default value of 2500 milliseconds.

Example
The following example configures the Lan Delay for interface ge.4.1 to be 2900 milliseconds.
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip pim override-interval 2900
matrix-x(router-config-if-ge.4.1)# exit

35-12 Protocol Independent Multicast Commands

PIM General Commands

ip pim triggered-hello-delay
This command specifies the number of seconds to delay between triggered Hello messages.

Syntax
ip pim triggered-hello-delay time-seconds

no ip pim triggered-hello-delay

Parameters

time‐seconds An integer from 1 to 65535, inclusive.

Defaults
5 seconds

Mode
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the ip pim triggered‐hello‐delay command to configure the maximum delay for a triggered
Hello message. Use the negative form of this command, no ip pim triggered‐hello‐delay, to
remove the configured time‐seconds value and return this to its default value of 5 seconds.

Example
The following example configures the Triggered Hello delay to be 10 seconds on interface ge.4.1.
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip pim triggered-hello-delay 10
matrix-x(router-config-if-ge.4.1)# exit
matrix-x(router-config)#

Matrix X Router Command Line Interface Reference Guide 35-13

PIM General Commands

show ip pim control-counters

This command displays counts for both sent and received PIM control packets.

Syntax
show ip pim control-counters

Parameters
None.

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the show ip pim control‐counters command to display counts for both sent and received PIM
control packets on all interfaces.

Example
The following is a request to return information about all PIM packets.
matrix-x(router-config)# show ip pim control-counters
PIM Control Counters
Received Sent Invalid
Assert 0 0 0
Bootstrap Router 0 165 0
CRP Advertisement 152 0 0
Graft 0 0 0
Graft Ack 0 0 0
Hello 444 955 0
J/P 0 0 0
Join 0 0 0
Prune 0 0 0
Register 0 0 0
Register Stop 0 0 0
State Refresh 0 0 0

35-14 Protocol Independent Multicast Commands

PIM General Commands

show ip pim interface

This command displays information about the interfaces on which PIM is running.

Syntax
show ip pim interface [ipv4_addr | name] [detail]

Parameters

ipv4_addr | name (Optional) Specifies either an IPv4 address or a physical interface name.
detail (Optional) Displays IGMPv3 style group information and source
information.

Defaults
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the show ip pim interface command to obtain information about a specific interface or all
interfaces on which PIM is running.
This query has two forms. If the query is issued without arguments, then information about all
interfaces over which PIM is running is returned. Alternatively, the query can be issued with a
specific interface. If this is the case, then the reply will contain information pertaining only to that
referenced interface.
Note that if interfaces are added to the set of interfaces over which PIM is running after this query
has been issued but before the query is finished, it is not guaranteed that the new interfaces will be
reported. Similarly, if PIM is de‐configured on an interface after the query has been issued but
before the query is finished, then the interface may or may not be reported.

Examples
The following example displays interface information for all interfaces on which PIM is running.
matrix-x(router-config)# show ip pim interface
Address Interface Mode Neighbor Hello DR DR Address
Count Intvl Pri
13.1.1.1 ge.1.1 sparse 1 30 5 13.1.1.1
11.1.1.1 ge.1.2 sparse 0 30 1 11.1.1.10
15.1.1.1 ge.6.1 sparse 0 30 1 15.1.1.30

The following example displays detailed interface information for interface ge.1.1
matrix-x(router-config)# show ip pim interface ge.1.1 detail
Interface address is 13.1.1.1
Vif number is 1

Matrix X Router Command Line Interface Reference Guide 35-15

PIM General Commands

PIM: enabled
PIM version: 2, mode: sparse
PIM DR: 13.1.1.1 (this system)
PIM DR Priority: 5
PIM neighbor count: 1
PIM Hello Interval: 30 seconds
PIM Hello Priority: 5
PIM Hello Lan Delay: 500 milliseconds
PIM Hello Override Interval: 2500 milliseconds
PIM Hello Lan Prune Delay in use
PIM Hello Generation ID: 0xa2ab68fb
PIM Hello Generation ID is not required
PIM Triggered Hello Delay: 5 seconds
PIM Join-Prune Interval: 60 seconds
PIM State-Refresh processing: disabled
PIM State-Refresh Interval: unknown seconds
PIM Graft Retry Interval: unknown seconds
PIM domain border: disabled

show ip pim neighbor

This command displays information about a router’s PIM neighbors.

Syntax
show ip pim neighbor [name]

Parameters

name (Optional) Specifies an interface name.

Defaults
None

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the show ip pim neighbor query to display information about a router’s PIM neighbors on all
interfaces or on a specific interface.
If the detail keyword is provided, a ʹFlagsʹ column will display in the output, along with a key to
explain what the flags means. In NGC 2.5, only the ʹTʹ flag is defined. Its presence means that the
most recently received Hello message from the neighbor contained the LAN Prune Delay option
with the T‐bit set. This flag only applies to PIM‐SM, PIM‐SSM, and Sparse‐SSM modes. It will
never appear for PIM‐DM neighbors.

35-16 Protocol Independent Multicast Commands

PIM General Commands

Example
The following example displays information about this router’s PIM neighbors on interface ge.4.1.
matrix-x(router-exec)# show ip pim neighbor ge.4.1
PIM Neighbor Table
Neighbor Address Interface Uptime Expires Mode
13.1.1.2 ge.4.1 04:48:13 00:01:32 sparse

ip pim trace file

This command specifies the file to receive tracing information, the size of the file, whether to
overwrite existing files, and the maximum number of files allowed.

Syntax
ip pim trace file file_name [max-size file_size] [max-files num_files]
[no-timestamp] [overwrite]

no ip pim trace file file_name [max-size file_size] [max-files num_files]

[no-timestamp] [overwrite]

Parameters

file_name Specifies the name of the file to receive the tracing

information. Note that the file name is not specified in quotes.
max‐size file_size (Optional) Maximum file size in bytes, ranging from 10240 to
4193280 bytes.
If no maximum file size is specified, the default is
“unlimited.” The size of a trace file is limited by the file
system on which the trace file resides
max‐files num_files (Optional) Maximum number of files allowed in the
directory, ranging from 2 to 2,147,483,648.
If no maximum number of files is specified, the default is
2,147,483,648.
no‐timestamp (Optional) A timestamp should not be prepended to all trace
lines. The default is to prepend a timestamp to all lines
written to a trace file.
overwrite (Optional) Begin tracing by overwriting, or truncating, an
existing file. The default is to append to an existing file.

Defaults
Tracing is disabled by default. If this command is entered, the following defaults apply:
• max‐size file_size: Unlimited. The size of a trace file is limited by the file system on which the
trace file resides.
• max‐files num_files: 2,147,483,648 files
• no‐timestamp: Prepend a timestamp to all lines written to a trace file
• overwrite: Append to an existing file

Matrix X Router Command Line Interface Reference Guide 35-17

PIM General Commands

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
The trace file command is associated with each protocol, so that information pertaining to a single
protocol can be written to its own file. The ip pim trace file command specifies a file for tracing of
all PIM events. The negative form of this command disables this tracing. The specific events that
are traced are controlled by the ip pim trace flag command.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
Command options are governed by the following rules:
• The max‐size option sets a maximum on the size of the trace file. When the maximum file size
is reached, the file is closed and renamed to fname.0, then fname.1, and so on, until the
maximum number of files specified by the max‐files option is reached. The size of a trace file
is limited by the file system on which the trace file resides.
• The max‐files option specifies the maximum number of files allowed in the specified
directory.
• The no‐timestamp option disables the pre‐pending of a timestamp to all lines written to the
trace file. The default is to prepend a timestamp to all lines written to a trace file.
• The overwrite option specifies whether to start tracing by truncating or appending to an
existing file.
These options are not cumulative across multiple commands. Consider the following example:
matrix-x(router-config)# ip pim trace file pim.log no-timestamp
matrix-x(router-config)# ip pim trace file pim.log max-files 10

Example
In the following example, PIM tracing is written to the file pim.log in the /var/trace directory. The
maximum size of the file is configured to be 1024 bytes, and the maximum number of files
permitted is 4. When the file reaches 1 megabyte in size (the maximum size in this configuration),
the file is renamed to pim.log.0, and pim.log is re‐created. When the next pim.log file reaches 1
megabyte in size, pim.log.0 is renamed pim.log.1, pim.log is renamed pim.log.0, and pim.log is re‐
created. This continues until four log files exist (the maximum allowed in this configuration). No
timestamp will display at the beginning of the trace lines.
matrix-x(router-config)# ip pim trace file pim.log max-size 1024 max-files 4
no-timestamp

35-18 Protocol Independent Multicast Commands

PIM General Commands

ip pim trace flag

This command specifies PIM‐specific tracing options as well as options that are common across all
protocols.

Syntax
ip pim trace flag {route | normal | state | policy | task | timer | all | debug}
| {packets | assert | bsr | hello | register | jp [send | receive | send-receive]
[detail] }

no ip pim trace flag {route | normal | state | policy | task | timer | all | debug}
| {packets | assert | bsr | hello | register | jp [send | receive | send-receive]
[detail] }

Parameters
The tracing flags common to all protocols are listed and defined in the following table. They
cannot be associated with a send, receive, or send‐receive action item. Similarly, you cannot
specify to show detailed information when tracing these flags.

route Trace routing table changes for routes installed by this protocol or peer.
normal Trace normal protocol occurrences.
Note: Abnormal protocol occurrences are always traced.
state Trace state machine transition in the protocol.
policy Trace the application of protocol and user‐specified policy to routes
being imported or exported.
task Trace system interface and processing associated with this protocol.
timer Trace timer usage by this protocol.
all Turns on all trace flags.

This PIM‐specific flag does not allow associated action items:

debug Extra trace information of use mainly to developers. This PIM‐specific

flag cannot be associated with the send, receive, or send‐receive action
items.

The PIM‐specific flags that can be associated with the send, receive, or send‐receive action items
are listed in the following table:

packets Specifies to trace all types of PIM packets.

assert Specifies to trace PIM Assert packets.
hello Specifies to trace PIM Hello packets.
bsr Specifies to trace BSR packets.
jp Specifies to trace Join/Prune message packets.
register Specifies to trace all Register message packets.

Matrix X Router Command Line Interface Reference Guide 35-19

PIM General Commands

These optional action items specify whether to limit the tracing to packets as follows:

send Optionally specify to limit tracing for packets sent.

receive Optionally specify to limit tracing for packets received.
send‐receive Optionally specify to limit tracing for packets sent and received.
detail Optionally specify to use a more verbose format when displaying
information about the contents of packets instead of one or two lines.

Defaults
The default is for no flags to be explicitly configured.

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
Use the ip pim trace flag command to specify tracing flags for PIM‐SM, PIM‐SSM, or PIM Sparse‐
SSM tracing. Each flag must reside on its own configuration line. For example, you cannot specify
to trace both jp and bsr packets in the same command.

Example
In the following example, trace flags specify that both the sent and received register and jp
messages are traced in detail. This tracing information will be written to the file /var/tmp/pim.log.
matrix-x(router-config)# ip pim trace file /var/tmp/pim.log max-size 1024k
matrix-x(router-config)# ip pim trace flag register send-receive detail
matrix-x(router-config)# ip pim trace flag jp send-receive detail

35-20 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

These commands are specifically related to PIM‐SM.

For information about... Refer to page...

ip pim bsr-admin-scope 35-22

ip pim bsr-border 35-22

ip pim bsr-candidate 35-23

ip pim bsr-candidate global 35-24

ip pim bsr-candidate group 35-25

ip pim bsr-candidate interval 35-25

ip pim bsr-candidate priority 35-26

ip pim bsr-holdtime 35-27

ip pim dr-switch-immediate 35-28

ip pim mrt-spt-multiplier 35-29

ip pim probe-interval 35-29

ip pim register-suppression-timeout 35-30

ip pim rp-address 35-31

ip pim rp-candidate 35-32

ip pim rp-candidate advertisement-interval 35-33

ip pim rp-candidate group 35-34

ip pim rp-candidate holdtime 35-35

ip pim rp-candidate priority 35-36

ip pim rp-switch-immediate 35-37

ip pim sparse-mode 35-38

ip pim threshold 35-39

ip pim threshold-dr 35-40

ip pim threshold-rp 35-41

ip pim whole-packet-checksum 35-42

show ip pim bsr-router 35-43

show ip pim cbsr 35-43

show ip pim rp 35-44

show ip pim rp-candidate 35-45

show ip pim rp-hash 35-45

show ip pim sparse-mode join-prune xmit 35-46

show ip pim sparse-mode mrt 35-47

Matrix X Router Command Line Interface Reference Guide 35-21

PIM Sparse Mode Commands

ip pim bsr-admin-scope
This command configures additional rules when using the BSR RP set distribution mechanism.

Syntax
ip pim bsr-admin-scope

no ip pim bsr-admin-scope

Parameters
None.

Defaults
By default, the Matrix X uses the single‐BSR‐per‐domain BSR rules to distribute RP set
information.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
This command specifies that the Admin Scope BSR rules, as defined in the IETF document draft‐
ietf‐pim‐sm‐bsr‐02, are to be used to distribute RP set information. By default, the Matrix X uses
the single‐BSR‐per‐domain BSR rules to distribute RP set information.
Note that it is a misconfiguration to combine these two styles of BSR in the same PIM‐SM domain.
If a BSR mechanism is desired for distributing RP set information, then all routers must be
configured with ip pim bsr‐admin‐scope. If not, then none of them may be configured with ip
pim bsr‐admin‐scope. Furthermore, when reconfiguring a router from using the Admin Scope
BSR rules to using the single‐BSR‐per‐domain BSR rules, or vice versa, all BSR state on the router
is reset, which can result in a disruption of multicast traffic.

Example
The following example specifies to use Admin Scope BSR rules when using the BSR RP set
distribution mechanism.
matrix-x(router-config)# ip pim bsr-admin-scope

ip pim bsr-border
This command configures a PIM boundary on the associated interface.

Syntax
ip pim bsr-border
no ip pim bsr-border

Parameters
None.

35-22 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

Defaults
No PIM boundary configured.

Mode
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
The ip pim bsr‐border command configures a PIM boundary on the associated interface. A PIM
boundary prevents the transmission and receipt of Bootstrap Router (BSR) messages. This option
is useful when joining two administratively separate multicast domains via Multicast Source
Discover Protocol (MSDP).
The negative form of this command, no ip pim bsr‐border, removes any existing PIM border
configured on the interface.

Example
The following example configures the PIM sparse mode protocol on interface ge.4.1. A PIM border
is also configured on this interface.
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip pim sparse-mode
matrix-x(router-config-if-ge.4.1)# ip pim bsr-border
matrix-x(router-config-if-ge.4.1)# exit
matrix-x(router-config)#

ip pim bsr-candidate
This command configures a candidate bootstrap router on a specified interface.

Syntax
ip pim bsr-candidate interface
no ip pim bsr-candidate

Parameters

interface A physical interface name or a valid IPv4 address for the BSR message
origination.

Defaults
A router does not act as a CBSR by default.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
The ip pim bsr‐candidate configures the router to be a Candidate Bootstrap Router (CBSR) on the
specified interface. Only one interface can be configured as a CBSR. If any of the BSR Candidate

Matrix X Router Command Line Interface Reference Guide 35-23

PIM Sparse Mode Commands

commands are given, then candidate BSR mechanism is enabled. If an interface is not specified,
then the first PIM‐SM enabled interface is selected.
The negative form of this command, no ip pim bsr‐candidate, removes the configured interface.

Example
The following example configures the router to be a CBSR on interface ge.4.1.
matrix-x(router-config)# ip pim bsr-candidate ge.4.1
matrix-x(router-config)#

ip pim bsr-candidate global

This command configures the router be a CBSR in the global scope range.

Syntax
ip pim bsr-candidate global [priority level]

no ip pim bsr-candidate global [priority level]

Parameters

priority level (Optional) Specify a priority to be associated with the router volunteering
to be a Candidate Bootstrap Router (CBSR) on the given interface. The value
for level can be an integer from 0 to 255, inclusive.

Defaults
The older ASBSR implementation is used.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
The ip pim bsr‐candidate global command configures a router to be a CSBR in global scope range
for the new ASBSR implementation syntax (for group ranges not within 239/8). You can specify an
optional priority to be associated with this router. If this command is not specified, then PIM
reverts to the older ASBSR implementation mechanism.

Example
The following example configures the router to be a CBSR in global scope, with a priority of 1, on
interface ge.4.1.
matrix-x(router-config)# ip pim bsr-candidate ge.4.1
matrix-x(router-config)# ip pim bsr-candidate global priority 1
matrix-x(router-config)#

35-24 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

ip pim bsr-candidate group

This command specifies a set of multicast groups and optional priorities for which the router will
volunteer to be a Candidate Bootstrap Router (CBSR).

Syntax
ip pim bsr-candidate group prefix [priority level]
no ip pim bsr-candidate group prefix [priority level]

Parameters

prefix A valid IPv4 prefix specified as a.b.c.d/e

priority level (Optional) Specifies a priority to be associated with the groups for which a
router is volunteering to be a Candidate Bootstrap Router (CBSR) on the given
interface. The value of level can be an integer from 0 to 255, inclusive.

Defaults
A router does not act as a CBSR for a group by default.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use the ip pim bsr‐candidate group command to configure the administratively scoped BSR
mechanism. The admin scope prefix is 239/8. The group range, therefore, can only be within 239/8.
In addition, you can optionally specify a priority to associate with the group being configured.

Example
The following example configures the router to be a CBSR in the multicast group 239.0.0.0/8. The
priority is configured to be 10.
matrix-x(router-config)# ip pim bsr-candidate group 239.0.0.0/8 priority 10

ip pim bsr-candidate interval

This command specifies the interval between originating bootstrap messages.

Syntax
ip pim bsr-candidate interval time-seconds

no ip pim bsr-candidate interval

Parameters

time‐seconds An integer between 1 and 536,870,906, inclusive, specifying a number of

seconds.

Matrix X Router Command Line Interface Reference Guide 35-25

PIM Sparse Mode Commands

Defaults
60 seconds

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
If a router is acting as the elected BSR for a PIM‐SM domain, then the ip pim bsr‐candidate
interval command specifies the number of seconds the router should wait between successive
bootstrap message transmissions. The negative form of this command, no ip pim bsr‐candidate
interval, removes the configured time‐seconds value and returns this to its default value of 60
seconds.

Example
In the following example, a router is configured to act as a BSR on interface 239.0.0.4. The interval
at which the router should wait between bootstrap message transmissions is then configured to be
30 seconds.
matrix-x(router-config)# ip pim bsr-candidate 239.0.0.4
matrix-x(router-config)# ip pim bsr-candidate interval 30

ip pim bsr-candidate priority

This command specifies the priority to use when configuring a router to be a Candidate Bootstrap
Router (CBSR) on an interface or group.

Syntax
ip pim bsr-candidate priority level

no ip pim bsr-candidate priority

Parameters

level An integer from 0 to 255, inclusive.

Defaults
0 priority

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use the ip pim bsr‐candidate priority command to specify a priority to be associated with the
interface or groups for which a router is volunteering to be a CBSR. When more than one router
attached to a network attempts to become the CBSR, the one with the highest priority wins.

35-26 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

Note: This is different from the Candidate Rendezvous Point priority.

The negative form of this command, no ip pim bsr‐candidate priority, removes the configured
level and returns this to its default value of 0.

Example
In the following example, a router is configured to act as a BSR on interface 239.0.0.4. The priority
is then configured to be 5.
matrix-x(router-config)# ip pim bsr-candidate 239.0.0.4
matrix-x(router-config)# ip pim bsr-candidate priority 5

ip pim bsr-holdtime
This command specifies the time after which the elected Bootstrap Router (BSR) will be assumed
unreachable when bootstrap messages are not received from it.

Syntax
ip pim bsr-holdtime time-seconds
no ip pim bsr-holdtime

Parameters

time‐seconds Specifies the time, in seconds, between 12 and 1,073,741,823, inclusive.

Defaults
130 seconds.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
Use the ip pim bsr‐holdtime command to configure the length of time that must pass without a
BSR message from the elected BSR before a PIM‐SM router considers the elected BSR to be dead.
The negative form of this command, no ip pim bsr‐holdtime, removes the configured time‐seconds
value and returns this to its default value of 130 seconds.

Example
The following example configures the BSR holdtime to be 50 seconds.
matrix-x(router-config)# ip pim bsr-holdtime 50

Matrix X Router Command Line Interface Reference Guide 35-27

PIM Sparse Mode Commands

ip pim dr-switch-immediate
This command causes a Designated Router (DR) to initiate a switch to the Shortest Path Tree (SPT)
for (S,G) upon receipt of the first data packet from source S.

Syntax
ip pim dr-switch-immediate
no ip pim dr-switch-immediate

Parameters
None.

Defaults
Switch when the traffic rate exceeds a threshold.

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
The ip pim dr‐switch‐immediate command configures a Designated Router (DR) to initiate a
switch to the shortest path tree upon receipt of the first data packet received from source S
addressed to group G.
The negative form of this command sets the value to the default, which is to switch when the
traffic rate exceeds a threshold.
If this option is set, then any other options related to the default method of switching will have no
effect. Once this option has been configured, the only way to return to the default mode is to
deconfigure it using the no form.

Example
In the following example, if the router is a DR, then the first time that the router receives a Register
message encapsulating data from source S addressed to group G, it will initiate a switch to the SP
tree rooted at S.
matrix-x(router-config)# ip pim dr-switch-immediate

Related Commands
ip pim rp‐switch‐immediate
ip pim threshold
ip pim threshold‐dr
ip pim threshold‐rp

35-28 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

ip pim mrt-spt-multiplier
This command, together with the mrt‐interval command, specifies the interval at which the data
rate threshold for all S,G entries will be checked for a possible switch to the shortest path tree.

Syntax
ip pim mrt-spt-multiplier number

no ip pim mrt-spt-multiplier

Parameters

number An integer between 1 and 100, inclusive.

Defaults
4

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
The mrt‐spt‐multiplier value, multiplied by the mrt‐interval value, specifies the interval at which
the data rate threshold for all (S,G) entries will be checked for a possible switch to the shortest
path tree (SPT). If either the rp‐switch‐immediate or dr‐switch‐immediate option is configured,
then configuring this value will have no effect.
The negative form of this command, no ip pim mrt‐spt‐multiplier, resets the MRT SPT Multiplier
to its default of 4.

Example
The following example configures the MRT SPT Multiplier value to be 20.
matrix-x(router-config)# ip pim mrt-spt-multiplier 20

ip pim probe-interval
This command specifies the number of seconds prior to the RegisterStop timer expiry to send a
null Register message to the Rendezvous Point (RP).

Syntax
ip pim probe-interval time-seconds

no ip pim probe-interval

Parameters

time‐seconds Specifies the time, in seconds, between 0 and ip pim register‐suppression‐

timeout, inclusive.

Matrix X Router Command Line Interface Reference Guide 35-29

PIM Sparse Mode Commands

Defaults
5 seconds.

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
When PIM null Register messages are used, ip pim probe‐interval specifies the number of
seconds prior to the RegisterStop timer expiry to send a null Register message to the Rendezvous
Point (RP). If a PIM RegisterStop message is received from the RP before the RegisterStop timer
expires, the RegisterStop timer is reset, and the sending of encapsulating Register messages is
delayed.
The negative form of this command, no ip pim probe‐interval, returns this to its default value of 5
seconds.

Example
The following example configures the probe interval to be 6 seconds.
matrix-x(router-config)# ip pim probe-interval 6

ip pim register-suppression-timeout
This command specifies the time, in seconds, between receiving a PIM RegisterStop message and
allowing Register messages encapsulating multicast data to again be sent.

Syntax
ip pim register-suppression-timeout time-seconds

no ip pim register-suppression-timeout

Parameters

time‐second Specifies the time, in seconds, between 1 and 3600, inclusive .

Defaults
60 seconds.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
When a router receives a RegisterStop message from a Rendezvous Point (RP) for an (S,G) pair, it
must stop sending multicast data encapsulated in Register messages for some period of time. Such
a router is said to be ʺregister‐suppressedʺ for the (S,G) pair. The ip pim register‐suppression‐
timeout command specifies the number of seconds for which the router remains register‐
suppressed. A lower value means that the RP receives more frequent bursts of encapsulated
multicast data, while a higher value means a longer join latency for new receivers. (Note that if

35-30 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

null Registers are sent every ip pim probe‐interval seconds before the timeout, then Register
bursts are prevented, and register‐suppression‐timeout can then be lowered to decrease join
latency.)
The negative form of this command, no ip pim register‐suppression‐timeout, returns this to its
default value of 60 seconds.

Example
The following example configures the PIM sparse mode protocol on interface ge.4.1. The Register
Suppression Timeout is configured to be 70 seconds.
matrix-x(router-config)# ip pim register-suppression-timeout 70
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip pim sparse-mode

ip pim rp-address
This command configures the router to be a Static Rendezvous Point (static RP).

Syntax
ip pim rp-address address group prefix

no ip pim rp-address address group prefix

Parameters

address A valid IPv4 address.

group prefix A valid IPv4 multicast group range.

Defaults
A static RP address is not configured by default.

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
The Matrix X provides two mutually exclusive methods for RP set distribution: statically
configured RPs and Bootstrap Router (BSR). The ip pim rp‐address command lets you statically
configure an RP set. Multiple ip pim rp‐address commands can be used to add elements to the set.

Note: When PIM is enabled (whether implicitly by configuring PIM commands or explicitly by
configuring ip pim enable, you must define a Static Rendezvous Point (static RP).

Example
In the following example, RP 192.168.10.4 is configured to serve multicast group 224.40.2.1, while
192.168.10.10 is configured to serve all other multicast groups. RP 192.168.10.4 is then de‐
configured, causing 192.168.10.10 to serve all groups.
matrix-x(router-config)# ip pim rp-address 192.168.10.4 group 224.40.2.1/32

Matrix X Router Command Line Interface Reference Guide 35-31

PIM Sparse Mode Commands

matrix-x(router-config)# ip pim rp-address 192.168.10.10 group 224.0.0.0/4

matrix-x(router-config)# no ip pim rp-address 192.168.10.4 group 224.40.2.1/32
matrix-x(router-config)#

ip pim rp-candidate
This command configures the router to be a Candidate Rendezvous Point (CRP) on a specified
interface.

Syntax
ip pim rp-candidate interface

no ip pim rp-candidate

Parameters

interface A physical interface name or a valid IPv4 address.

Defaults
A router does not act as a CRP on an interface by default.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
The ip pim rp‐candidate command configures a router to be a Candidate Rendezvous Point
(CRP). Only one interface can be configured as the CRP. A router is chosen as the RP for a
multicast group from the set of CRPs via a well‐known hash function. A CRPʹs suitability for a
given multicast group may be biased with a priority. When choosing an RP for a group from the
set of CRPs, the hash function is computed for each member of the set of CRPs with the lowest
priority for the group. The CRP yielding the highest hash value is selected as the RP for the group.
The negative form of this command, no ip pim rp‐candidate, removes the configured interface.

Example
The following example configures the router to be a CRP on interface ge.4.1.
matrix-x(router-config)# ip pim rp-candidate ge.4.1
matrix-x(router-config)#

35-32 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

ip pim rp-candidate advertisement-interval

This command sets the interval at which a Candidate Rendezvous Point (CRP) will send CRP
Advertisement (Adv) messages to the Bootstrap Router (BSR).

Syntax
ip pim rp-candidate advertisement-interval time-seconds

no ip pim rp-candidate advertisement-interval

Parameters

time‐seconds An integer between 1 and 65535, inclusive, specifying a number of seconds

Defaults
60 seconds.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
When using the BSR mechanism to distribute RP set information throughout a PIM‐SM domain,
CRPs must periodically send C‐RP‐Adv messages to the BSR. The ip pim rp‐candidate
advertisement‐interval command is used to specify the time, in seconds, between successive C‐
RP‐Adv messages.
The negative form of this command, no ip pim rp‐candidate advertisement‐interval, removes the
configured time‐seconds value and returns this to its default value of 60 seconds.

Example
In the following example, a router is configured to act as a CRP on interface ge.4.1. The interval at
which the router will send C‐RP‐Adv messages to the BSR is then configured to be 30 seconds.
matrix-x(router-config)# ip pim rp-candidate ge.4.1
matrix-x(router-config)# ip pim rp-candidate advertisement-interval 30
matrix-x(router-config)#

Matrix X Router Command Line Interface Reference Guide 35-33

PIM Sparse Mode Commands

ip pim rp-candidate group

This command specifies a set of multicast groups and optional priorities for which the router will
volunteer to be a Candidate Rendezvous Point (CRP).

Syntax
ip pim rp-candidate group prefix/len [priority level]

no ip pim rp-candidate group prefix/len [priority level]

Parameters

prefix/len A valid IPv4 prefix and mask length within 224.0.0.0/4.

priority level (Optional) Specifies a priority to be associated with the groups for which a
router is volunteering to be a Candidate Bootstrap Router (CBSR) on the
given interface. The value of level can be an integer from 0 to 255, inclusive.

Defaults
A router does not act as a CRP for a group by default.

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
Use the ip pim rp‐candidate group command to configure a set of multicast groups and optional
priorities for which the router will volunteer to be a CRP. To configure a CRP to volunteer for
multiple group ranges, issue the command multiple times, giving different ranges. In addition,
you can optionally specify a priority to associate with the group being configured.

Examples
The following example configures the router to be a CRP in the multicast group 224.0.1.0/24. The
priority is configured to be 10.
matrix-x(router-config)# ip pim rp-candidate group 224.0.1.0/24 priority 10

The following example configures the router to be a CRP in the multicast group 224.1.0.1/32.
matrix-x(router-config)# ip pim rp-candidate group 224.1.0.1/32

35-34 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

ip pim rp-candidate holdtime

This command specifies the holdtime, in seconds, advertised in Candidate Rendezvous Point
Advertisement (C‐RP‐Adv) messages.

Syntax
ip pim rp-candidate holdtime time-seconds

no ip pim rp-candidate holdtime

Parameters

time‐seconds Specifies the time, in seconds, between 1 and 65535, inclusive

Defaults
150 seconds.

Mode
Router global configuration: matrix‐x(router‐config)#

Usage
For CRPs, ip pim rp‐candidate holdtime specifies the holdtime advertised in C‐RP‐Adv messages
and is used by the Bootstrap Router (BSR) to time out RPs. The negative form of this command, no
ip pim rp‐candidate holdtime, removes the configured time‐seconds value and returns this to its
default value of 150 seconds.

Example
In the following example, a router is configured to act as a CRP on interface 192.168.3.20. The
holdtime is then configured to be 100 seconds.
matrix-x(router-config)# ip pim rp-candidate 192.168.3.20
matrix-x(router-config)# ip pim rp-candidate holdtime 100
matrix-x(router-config)#

Matrix X Router Command Line Interface Reference Guide 35-35

PIM Sparse Mode Commands

ip pim rp-candidate priority

This command specifies the priority to use when configuring a router to be a Candidate
Rendezvous Point (CRP) on an interface or group.

Syntax
ip pim rp-candidate priority level

no ip pim rp-candidate priority

Parameters

level An integer from 0 to 255, inclusive.

Defaults
0 priority

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
When using the BSR method of RP set distribution, CRPs will periodically send C‐RP‐Adv
messages to the BSR. These messages specify a set of groups for which the CRP is volunteering to
be an RP. In addition, a priority is associated with each set of groups and is used to decide which
CRP will actually serve as the RP for a given group. When more than one router attached to a
network attempts to become the CRP, the one with the lowest priority wins. (Note that this is
different from the BSR priority.)
The negative form of this command, no ip pim rp‐candidate priority, removes the configured
level and returns this to its default value of 0.

Example
In the following example, a router is configured to act as a CRP on interface 192.168.3.20. The
priority is then configured to be 5.
matrix-x(router-config)# ip pim rp-candidate 192.168.3.20
matrix-x(router-config)# ip pim rp-candidate priority 5
matrix-x(router-config)#

35-36 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

ip pim rp-switch-immediate
This command causes a Rendezvous Point (RP) to initiate a switch to the Shortest Path (SP) tree for
(S,G) upon receipt of the first Register message encapsulating data from source S.

Syntax
ip pim rp-switch-immediate

no ip pim rp-switch-immediate

Parameters
None.

Defaults
The default is to switch when the traffic rate exceeds a threshold.

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
The PIM‐SM protocol allows an RP or a Designated Router (DR) to switch from receiving data
from a source S sent to a group G via the RP tree, to receiving data from the SP tree. Two methods
are available within the Matrix X for deciding when an SP tree switch should be initiated. One of
these methods is to initiate a switch to the SP tree for an (S,G) pair upon receipt of the first Register
message containing data from source S addressed to group G.
If the ip pim rp‐switch‐immediate command is not configured, then an active RP will initiate a
switch to the SP tree when the traffic rate exceeds a threshold.
If this option is set, then any other options related to the default method of switching will have no
effect. Once this option is configured, the only way to return to the default mode is to deconfigure
it using the no form.

Example
In the following example, if this router is an RP for G, then the first time that the router receives a
Register message encapsulating data from source S addressed to group G, it will initiate a switch
to the SP tree rooted at S.
matrix-x(router-config)# ip pim rp-switch-immediate

Related Commands
ip pim dr-switch-immediate

Matrix X Router Command Line Interface Reference Guide 35-37

PIM Sparse Mode Commands

ip pim sparse-mode
This command enables PIM sparse mode on an interface.

Syntax
ip pim sparse-mode

no ip pim sparse-mode

Mode
Router global configuration: matrix‐x(router‐config)#.

Usage
Previous versions of the PIM‐SM specification had the checksum of Register messages calculated
over the entire message, including encapsulated data. The latest version of the specification states
that the checksum should be calculated only over the Register message header, not any
encapsulated data. This is the Matrix X default checksum method. Use the ip pim whole‐packet‐
checksum command to specify that checksums in Register messages should be calculated
according to the old method.

Example
The following example configures the PIM sparse mode protocol on interface ge.4.1. When
encapsulating data from local sources in Register messages and sending them to the Rendezvous
Point on interface ge.4.1, the message checksum will be calculated over the entire encapsulated
packet, rather than just over the Register message header.
matrix-x(router-config)# ip pim whole-packet-checksum
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip pim sparse-mode

35-42 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

show ip pim bsr-router

This command displays the bootstrap router (BSR).

Syntax
show ip pim bsr-router

Parameters
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the show ip pim bsr‐router query to view information about the router’s BSR status.

Example
The following example returns information as a result of the BSR query.
matrix-x(router-config)# show ip pim bsr-router
PIMv2 Bootstrap information
This system is the Bootstrap Router (BSR)
BSR address: 13.1.1.1
Uptime: 03:17:17, BSR Priority: 0, Hash mask length: 30
Next bootstrap message in 00:00:44

show ip pim cbsr

This command shows this router’s candidate bootstrap router (CBSR) information.

Syntax
show ip pim cbsr

Parameters
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the show ip pim cbsr query to obtain information about the router’s CBSR status.

Matrix X Router Command Line Interface Reference Guide 35-43

PIM Sparse Mode Commands

Example
The following example displays PIM CBSR information.
matrix-x(router-config)# show ip pim cbsr
PIMv2 Candidate Bootstrap information
CBSR address: 13.1.1.1
CBSR Priority: 0, Hash mask length: 30
CBSR State: elected

show ip pim rp
This command displays rendezvous point (RP) set information.

Syntax
show ip pim rp

Parameters
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the show ip pim rp query to obtain information about the RP set that is currently in use.

Example
The following example returns information about the RP set currently in use.
matrix-x(router-config)# show ip pim rp
The PIM RP Set
Group: 224.1.1.1/32
RP: 13.1.1.2
Uptime: 02:30:20, Expires: 00:02:11, Priority: 0

35-44 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

show ip pim rp-candidate

This command displays this router’s candidate rendezvous point (CRP) information.

Syntax
show ip pim rp-candidate

Parameters
None.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the show ip pim rp‐candidate query to obtain information about the router’s CRP status.

Example
The following example returns information about this router’s CRP status.
matrix-x(router-config)# show ip pim rp-candidate
Candidate RP information
Candidate RP Address: 13.1.1.2
CRP Holdtime: 150 seconds
Group 224.1.1.1/32 Priority 0

show ip pim rp-hash

This command displays the rendezvous point (RP) to which a group hashes.

Syntax
show ip pim rp-hash ipv4_address

Parameters

ipv4_address Specify a valid IPv4 multicast group address specified in dotted‐quad

format.

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
Use the show ip pim rp‐hash query to view the RP to which a specified multicast group hashes.

Matrix X Router Command Line Interface Reference Guide 35-45

PIM Sparse Mode Commands

Example
The following example displays the RP to which address 224.2.2.8 hashes.
matrix-x(router-exec)# show ip pim rp-hash 224.2.2.8
RP 10.1.2.3

show ip pim sparse-mode join-prune xmit

This command displays sparse mode join/prune transmission information.

Syntax
show ip pim sparse-mode join-prune xmit

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Parameters
None.

Usage
Use the show ip pim sparse‐mode join‐prune xmit query to view information about sparse mode
join/prune transmissions.

Example
The following example returns sparse mode join/prune transmission information.
matrix-x(router-exec)# show ip pim sparse-mode join-prune xmit
Neighbor address: 10.1.2.3
Via interface: ge.4.2
Next message in 335 seconds
Group: 224.3.2.1
Join: 10.24.16.0/4 RPT

35-46 Protocol Independent Multicast Commands

PIM Sparse Mode Commands

show ip pim sparse-mode mrt

This command displays detailed information about S,G entries.

Syntax
show ip pim sparse-mode mrt [ group group-prefix | source source-prefix ]

Parameters

group group‐prefix (Optional) Specify a group prefix in the format a.b.c.d/e

source source‐prefix (Optional) Specify a source prefix in the format a.b.c.d/e

Mode
Router privileged execution: matrix‐x(router‐exec)#
Router global configuration: matrix‐x(router‐config)#
Router interface configuration: matrix‐x(router‐config‐if‐xx)#

Usage
The show ip pim sparse‐mode mrt query displays detailed information about PIM‐SM S,G entries
in the Multicast Routing Table. The query shows all S,G entries by default, or you can specify a
single group and/or source.

Example
The following example shows a request for all MRT information.
matrix-x(router-exec)# show ip pim sparse-mode mrt
PIM Sparse Mode Multicast Routing Table
Flags: E - Entry forwarding on the RPT,
J - Joining to the SPT,
N - No flags set, R - RPT bit is set,
S - SPT bit is set, W - Wildcard entry,
X - External component interest
224.1.1.1
192.168.10.1 uptime 01:02:09, flags: S
Incoming interface: ge.4.2, index 2, vif 1
Outgoing interface list:
ge.4.3, index 3, vif 2
ge.4.4, index 4, vif 3

192.168.121.1 uptime 12:12:12, flags: S

Incoming interface: ge.4.3, index 3, vif 2
Outgoing interface list:
ge.4.2, index 2, vif 1

226.2.2.2
* uptime 02:03:24, flags: N
Incoming interface: null
Outgoing interface list:
ge.4.3, index3, vif 2

10.1.1.1 uptime 00:10:13, flags S

Matrix X Router Command Line Interface Reference Guide 35-47

PIM Sparse Mode Commands

Incoming interface: ge.4.4, index 4, vif 3

Outgoing interface list:
ge.4.3, index 3, vif 2

35-48 Protocol Independent Multicast Commands

36
OSPF Commands

This chapter describes Open Shortest Path First (OSPF) router commands.

For information about... Refer to page...

Global Configuration Mode OSPF Command 36-2

Global Commands 36-3

Area Commands 36-32

Default Commands 36-51

Interface Commands 36-57

Querying Commands 36-73

Overview
OSPF is a shortest path first or link‐state protocol. The Matrix X Router supports OSPF Version 2.0,
as defined in RFC 2328. OSPF is an interior gateway protocol that distributes routing information
between routers in a single autonomous system (AS). OSPF chooses the least‐cost path as the best
path. OSPF is suitable for complex networks with a large number of routers because it provides
equal‐cost multi‐path routing where packets to a single destination can be sent by more than one
interface simultaneously.
In a link‐state protocol, each router maintains a database that describes the entire AS topology,
which it builds out of the collected link state advertisements of all routers. Each participating
router distributes its local state (that is, the router’s usable interfaces and reachable neighbors)
throughout the AS by flooding. Each multi‐access network that has at least two attached routers
has a designated router and a backup designated router. The designated router floods a link state
advertisement for the multi‐access network and has other special responsibilities. The designated
router concept reduces the number of adjacencies required on a multi‐access network.

Matrix X Router Command Line Interface Reference Guide 36-1

Global Configuration Mode OSPF Command

There is one global configuration mode OSPF command, router ospf.

router ospf
This command acquires configuration mode for an instance in OSPF.

Syntax
router ospf instance_id

no router ospf instance_id

Parameters

instance_id An integer from 1 to 4294967294 identifying the OSPF instance.

Up to 4 concurrent OSPF instances can be configured.

Mode
Global Router Configuration.

Usage
Use the router ospf command to enter OSPF Router Configuration mode for an OSPF instance.
Once in OSPF Router Configuration mode, begin adding or reconfiguring an OSPF instance.

Example
This example shows how to acquire OSPF Router Configuration mode for OSPF instance 1 from
the switch mode.
matrix-x(switch-su)->router
matrix-x(router-exec)# config
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)#

36-2 OSPF Commands

Global Commands

Global Commands
The global OSPF commands are listed below.

For information about... Refer to page...

advertise-subnet 36-4

authentication 36-5

compatible rfc1583 36-7

dead-interval 36-8

distance 36-9

enable 36-10

hello-interval 36-11

igp-shortcut 36-12

inherit-metric 36-13

multicast-rib 36-14

network 36-15

nssa-inherit-metric 36-16

nssa-stability-interval 36-17

poll-interval 36-18

priority 36-19

redistribute 36-20

redistribute-nssa 36-22

require-vbit 36-23

retransmit-interval 36-24

router id 36-25

timers spf 36-26

trace file 36-27

trace flag 36-29

transmit-delay 36-31

Matrix X Router Command Line Interface Reference Guide 36-3

Global Commands

advertise-subnet
This command determines whether OSPF will, when advertising point‐to‐point interfaces,
advertise the network number and netmask instead of a host route to the remote IP network.

Syntax
advertise-subnet

no advertise-subnet

Parameters
None.

Defaults
Disabled.

Mode
OSPF Router Configuration.

Usage
This command determines whether OSPF will, when advertising point‐to‐point interfaces,
advertise the network number and netmask instead of a host route to the remote IP network.
Because the netmask is sometimes set improperly on point‐to‐point interfaces, this option is
disabled by default. This command can be overridden at the area and interface levels.

Example
The following example turns the global advertise‐subnet on, then turns it off for area 1.2.3.4:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# advertise-subnet
matrix-x(config-router-ospf)# no area 1.2.3.4 advertise-subnet

Related Commands
area advertise-subnet

ip ospf advertise-subnet

36-4 OSPF Commands

Global Commands

authentication
This command specifies the type of OSPF authentication employed.

Syntax
authentication {simple key | md5 id_number md5_key [start-generate date_time]
[stop-generate date_time] [start-accept date_time] [stop-accept date_time]}

no authentication {simple key | md5 id_number}

Parameters

simple key Specifies simple (clear password) authentication. The value for key
is specified as a one‐ to eight‐character string.
md5 id_number md5_key Specifies the authentication used for specifying MD5
cryptographic authentication.
The value for id_number is an integer ranging from 1 to 255.
The value for md5_key is a character string, ranging from 1 to 16
characters.
start‐generate date_time (Optional) Specifies the start and stop times for generating MD5
authentication. The date_time values must be in the format
stop‐generate date_time
YYYY‐MM‐DD.HH.MM.
Both parameters are optional and you may enter them in any
order when specifying multiple commands.
start‐accept date_time (Optional) Specifies the start and stop times for accepting MD5
authentication. The date_time values must be in the format
stop‐accept date_time
YYYY‐MM‐DD.HH.MM.
Both parameters are optional and you may enter them in any
order when specifying multiple commands.

Defaults
The default is for no authentication to be explicitly configured.

Mode
OSPF Router Configuration.

Matrix X Router Command Line Interface Reference Guide 36-5

Global Commands

When you want to keep certain routers from exchanging OSPF packets, use the simple form of
authentication. The interfaces that the packets are to be sent on still need to be trusted, because the
key will be placed in the packets and can be seen by anyone with access to the network.
When you do not trust other users of your network, use MD5 authentication. The system works by
using shared secret keys. Because the keys are used to sign the packets with an MD5 checksum,
they cannot be forged or tampered with. Because the keys are not included in the packet, snooping
the key is not possible. Users of the network can still snoop the contents of packets, however,
because the packets are not encrypted.
The Matrix X MD5 authentication is compliant with RFC 2328 which uses the MD5 algorithm and
an authentication key of up to 16 characters. RFC 2328 allows multiple MD5 keys per interface.
Each key has two associated time ranges.
In order to turn off authentication, you must include the authentication type in the no form of the
command. For example, if MD5 authentication was configured, then simply specifying no
authentication will not work. In addition, you must specify the simple key when turning off
simple authentication, and you must specify the MD5 id_number when turning off MD5
authentication.

Examples
The following example configures simple authentication in OSPF instance 1.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# authentication simple abc
The following example configures MD5 authentication for OSPF instance 2. The ID for this MD5
configuration is 1, and the key is configured as bar.
matrix-x(router-config)# router ospf 2
matrix-x(config-router-ospf)# authentication md5 1 bar
The following example turns off the MD5 authentication that was configured in the previous
example. Note that specifying the MD5 key is not required, but specifying the MD5 ID is.
matrix-x(router-config)# router ospf 2
matrix-x(config-router-ospf)# no authentication md5 1
The following example configures md5 authentication for OSPF instance 3. MD5 authentication is
configured with a start‐generate time set to November 2, 2004 at 9:30 p.m., a stop‐generate time set
to November 2, 2004 at 9:45 p.m., a start‐accept time set to December 2, 2004 at 9 p.m. and a stop‐
accept time set to December 31, 2004 at 2 p.m.:
matrix-x(router-config)# router ospf 3
matrix-x(config-router-ospf)# authentication md5 2 md5 start-generate 2004-11-
02.21.30 stop-generate 2004-11-02.21.45 start-accept 2004-12-02.21.00 stop-accept
2004-12-31.22.00

Related Commands
area authentication

ip ospf authentication

36-6 OSPF Commands

Global Commands

compatible rfc1583
This command specifies this Matrix X Router to run in RFC 1583 mode instead of RFC 2328 mode.

Syntax
compatible rfc1583

no compatible rfc1583

Parameters
None.

Defaults
Enabled.

Mode
OSPF Router Configuration.

Usage
Do not specify this command if all the routers using an OSPF implementation in your domain are
based on RFC 2328 or later. This option should be specified the same way on all routers in the
domain. If any router does not have this option, you should always enable this. When disabled,
the preference rules for best route election are changed to eliminate certain kinds of possible
routing loops.
Use the no form of this command removes the requirement to run in RFC 1583 mode and reverts
to RFC 2328.

Example
The following example disables RFC 1583 mode for instance 1 of OSPF:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# no compatible rfc1583

Matrix X Router Command Line Interface Reference Guide 36-7

Global Commands

dead-interval
This command specifies the interval that can elapse without receiving a router’s hello packets
before the router’s neighbors will declare it down.

Syntax
dead-interval time-seconds

no dead-interval time-seconds

Parameters

time‐seconds Interval ranging from 1 to 65535 seconds.

Defaults
40 seconds.

Mode
OSPF Router Configuration.

Usage
Use this command to specify the interval that can elapse without receiving a router’s hello packets
before the router’s neighbors will declare it down. This value can be overridden at the area and
interface levels. Generally, this value should equal four times the HELLO interval. Do not set this
value to be less than the HELLO interval or convergence will fail.
Use the no form of this command removes the configured value and returns to its default value of
40 seconds. Specifying a value for time‐seconds in the no form has no effect on configuration.

Example
The following example configures a global dead‐interval value of 30. This value is then
overridden in area 1.2.3.4 to be 25.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# dead-interval 30
matrix-x(config-router-ospf)# area 1.2.3.4 dead-interval 25

Related Commands
area dead-interval

ip ospf dead-interval

36-8 OSPF Commands

Global Commands

distance
This command specifies how active routes that are learned from OSPF internal reachability will be
selected, compared to other protocols.

Syntax
distance int_value

no distance [int_value]

Parameters

int_value The preference for internal routes, ranging from 1 and 255 inclusive.

Defaults
10.

Mode
OSPF Router Configuration.

Usage
Use the distance command to specify how active routes that are learned from the OSPF internal
reachability (compared to other protocols) will be selected. When a route has been learned from
more than one protocol, the active route will be selected from the protocol with the lowest
distance. Each protocol has a default distance in this selection.
Use the negative form of this command, no distance, to remove the configured value and return it
to its default value of 10.

Example
The following example configures the default distance for internal routes to be 100.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# distance ospf 100

Matrix X Router Command Line Interface Reference Guide 36-9

Global Commands

enable
This command enables an OSPF instance.

Syntax
enable

no enable

Mode
OSPF Router Configuration.

Defaults
Enabled.

Usage
The no form of this command disables the instance. If an enabled instance is disabled, then it is
stopped, and all running state is deleted but all configuration state is preserved. If a disabled instance
is enabled, it will start running again with its preserved configuration state.

Example
The following example disables OSPF instance 3:
matrix-x(router-config)# router ospf 3
matrix-x(config-router-ospf)# no enable

36-10 OSPF Commands

Global Commands

hello-interval
This command specifies the interval between hello packets that a peer router sends on an
interface.

Syntax
hello-interval time-seconds

no hello-interval [time-seconds]

Parameters

time-seconds The interval between hello packet transmissions a peer router sends on
an interface, ranging from 1 to 65535 seconds.

Defaults
10 seconds.

Mode
OSPF Router Configuration.

Usage
Use this command to specify the interval between hello packets that a peer router sends on an
interface. Although specified here at the global level, it can be overridden in the area and interface
levels.
Use the no form of this command to remove the configured value and return it to the default.
Specifying a time‐seconds value in the no form has no effect on the configuration.

Example
The following example configures a global hello interval of 15 seconds which is then overridden in
the area statement where it is set to 5 seconds.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# hello-interval 15
matrix-x(config-router-ospf)# area 1.2.3.4 hello-interval 5

Related Commands
area hello-interval

ip ospf hello-interval

Matrix X Router Command Line Interface Reference Guide 36-11

Global Commands

igp-shortcut
This command enables the IGP shortcut feature for OSPF.

Syntax
igp-shortcut

no igp-shortcut

Mode
OSPF Router Configuration.

Defaults
Disabled.

Usage
This command enables the IGP shortcut feature for OSPF. When configured, OSPF will consider
MPLS tunnels as uni‐directional, directly connected, point‐to‐point links.
The no form of this command disables this feature.

Examples
The following command enables the IGP Shortcut feature for OSPF instance 1:
matrix-x(router-config)# router ospf 1
matrix-x(router-ospf)# igp-shortcut
The following command disables the IGP Shortcut feature for OSPF instance 1:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# no igp-shortcut

36-12 OSPF Commands

Global Commands

inherit-metric
This command configures an OSPF ASE (Autonomous System External) route to inherit the metric
of the external route when no metric is specified on the export policy.

Syntax
inherit-metric

no inherit-metric

Parameters
None.

Defaults
Disabled.

Mode
OSPF Router Configuration.

Usage
Use this command to configure an OSPF ASE route to inherit the metric of the external route when
no metric is specified on the export policy. This feature maintains compatibility with all current
export functions. A metric specified on the export policy takes precedence.

Note: The metric specified in the defaults section (default-metric) is used if this command is not
specified.

Example
The following example configures ASE routes exported into OSPF to inherit the metric of the
external route:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# inherit-metric

Matrix X Router Command Line Interface Reference Guide 36-13

Global Commands

multicast-rib
This command specifies the Routing Information Base (RIB) in which OSPF internal routes are
installed.

Syntax
multicast-rib

no multicast-rib

Parameters
None.

Defaults
Disabled.

Mode
OSPF Router Configuration.

Usage
Use this command to specify the RIB in which OSPF internal routes are installed. The unicast RIB
is required and is the default. In code bases supporting extended RIBs, OSPF routes can be
installed in the multicast RIB.
This command has no effect on self‐originated ASE (Autonomous System External) or NSSA
routes because they are exported from another protocol.
Use the no form of this command to change the parameter to its default.

Example
The following example configures OSPF routes to be installed in the unicast and multicast RIBs:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# multicast-rib

36-14 OSPF Commands

Global Commands

network
This command defines the interfaces on which OSPF will run and the area ID for those interfaces.

Syntax
network ip_address wildcard-mask area area_id

no network ip_address wildcard-mask area area_id

Parameters

ip_address A valid IP address.

wildcard‐mask IP‐address‐type mask that includes don’t care bits.
area area_id An ID for an area specified as an IP address in dotted‐quad format. A value
of 0.0.0.0 means the area is a backbone. If you want to associate areas with IP
subnets, you can specify a subnet address for this value.

Defaults
This command is not explicitly configured by default.

Mode
OSPF Router Configuration.

Usage
Use the network area command to specify interfaces on which OSPF runs and to define the area
ID for those interfaces. Use the negative form of this command, no network area, to disable OSPF
routing for any specified interfaces.

Examples
The following example defines network 192.168.10.5 0.0.0.255 in area 1.2.3.4:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# network 192.168.10.5 0.0.0.255 area 1.2.3.4
The following example disables OSPF routing on interface 102.168.10.10 in area 1.2.3.4:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# no network 192.168.10.10 0.0.0.0 area 1.2.3.4

Matrix X Router Command Line Interface Reference Guide 36-15

Global Commands

nssa-inherit-metric
This command allows an OSPF NSSA route to inherit the metric of the external route when no
metric is specified on the export policy. This feature maintains compatibility with all current
export functions. A metric specified on the export policy will take precedence.

Syntax
nssa-inherit-metric

no nssa-inherit-metric

Parameters
None.

Defaults
Disabled.

Mode
OSPF Router Configuration.

Example
The following example sets NSSA routes exported into OSPF to inherit the metric of the external
route:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# nssa-inherit-metric

36-16 OSPF Commands

Global Commands

nssa-stability-interval
This command sets the interval that an NSSA translator will continue to translate after losing the
translator election.

Syntax
nssa-stability-interval time-seconds

no nssa-stability-interval [time-seconds]

Parameters

time-seconds A period ranging from 1 to 65535 seconds.

Defaults
40 seconds.

Mode
Global Configuration.

Usage
An NSSA ABR can translate Type 7 LSAs into Type 5 LSAs. A translator election is run to
determine which one ABR for a given NSSA will translate.
When an ABR was a translator and loses this election, it will cease translating after the specified
seconds value. This allows newly translated Type 5 LSAs from the new translator to be flooded
throughout the domain before the currently translated Type 5 LSAs from this translator are
flushed and Type 5 LSAs resulting from direct translation are allowed to age out.

Example
The following example sets the nssa‐stability‐interval to 10 seconds:
matrix-x(router-config)# nssa-stability-interval 10

Matrix X Router Command Line Interface Reference Guide 36-17

Global Commands

poll-interval
This command specifies the interval between OSPF packets that the router sends before adjacency
is established with a neighbor.

Syntax
poll-interval time-seconds

no poll-interval [time-seconds]

Parameters

time-seconds A period ranging from 1 to 65535 seconds.

Defaults
120 seconds.

Mode
OSPF Router Configuration.

Usage
Use this command to reduce network overhead in cases where a router may have a neighbor on a
given interface at the expense of initial convergence time. The value configured here at the global
level can be overridden at the area and interface levels.
Use the no form of this command to reset the specified value to the default. Specifying a value for
time‐seconds in the no form has no effect on the configuration.

Example
The following example configures a global poll interval of 100 seconds. This value is overridden in
interface ge.4.2, where it is configured to be 110 seconds.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# poll-interval 100
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.4.2
matrix-x(config-router-if-ge.4.2)# ip ospf poll-interval 110

Related Commands
area poll-interval

ip ospf poll-interval

36-18 OSPF Commands

Global Commands

priority
This command specifies the priority for becoming the Designated Router (DR).

Syntax
priority level

no priority [level]

Parameters

level A priority number, ranging from 0 to 255, for becoming a DR.

Defaults
1.

Mode
OSPF Router Configuration.

Usage
Use this command to specify the priority for becoming the DR. When more than one router
attached to a network tries to become the DR, the one with the highest priority wins. If competing
routes have the same priority, the one with the highest router ID becomes the DR. The router
placing second in the election becomes the backup DR. A router with a router priority set to 0 is
ineligible to become the DR.
The value specified here at the global level can be overridden at the area and interface levels (area
priority and ip ospf priority commands).
Use the no form of this command to reset the specified value to the default. Specifying a value for
level in the no form has no effect on the configuration.

Example
The following example sets a global priority of 10 which is then overridden in area 1.2.3.4, where it
is set to 15:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# priority 10
matrix-x(config-router-ospf))# area 1.2.3.4 priority 15

Related Commands
area priority

ip ospf priority

Matrix X Router Command Line Interface Reference Guide 36-19

Global Commands

redistribute
This command specifies routes to import into OSPF.

Syntax
redistribute protocol [route-map name] {0-9}

no redistribute protocol [route-map name]

Parameters

protocol Protocol name for routes you want to redistribute to the current
protocol being configured. Valid choices are: aggregate, bgp, direct,
kernel, isis, ospf, ospf‐ase, rip, and static.
route‐map name (Optional) Name of a route map to apply to these routes.
{0-9} Although this command can be given multiple times, it can only be
given once to each of the nine configurable protocols. For example, if a
redistribute command is given for a protocol and route map, and then
given again for the same protocol with a different route map, the
second configuration overrides the first.

Defaults
The default is to redistribute OSPF and the direct routes associated with the interfaces on which
OSPF is running.

Note: This is an implicit default and is erased with the first redistribute configuration.

Mode
OSPF Router Configuration.

Usage
Use this command to specify routes to export to OSPF. This command causes routes from the
specified protocol to be considered for redistribution into the current protocol. Additionally, if a
route map is specified, then routes from the specified protocol matching the named route map will
be considered for redistribution into the current protocol.
If the referenced route map has not yet been configured, then an empty route map is created with
the specified name.

Note: Configuring away from the default removes the implicitly configured default. To export those
routes you must go back and specify to redistribute OSPF and direct routes after the first
redistribute configuration.

36-20 OSPF Commands

Global Commands

Examples
In the following example OSPF instance 2 is configured to redistribute all BGP and RIP routes:
matrix-x(router-config)# router ospf 2
matrix-x(config-router-ospf)# redistribute bgp
x-series(config-router-ospf)# redistribute rip
The following example configures a community set, set1, that permits AS:num 101:102. It then
configures an extended community set extset1, that permits Route Target AS:num 201:202.
matrix-x(router-config)# ip community-set set1 permit 101:102
matrix-x(router-config)# ip extcommunity-set ext-set1 permit rt 201:202
The two are then added to a community list, called commlist1:
matrix-x(router-config)# ip community-list commlist1 permit set1
matrix-x(router-config)# ip community-list commlist1 permit ext-set1
The community list is then applied to a route map called matchcommlist1. If the route map matches
BGP Community list commlist1, then the metric for routes is set to 20:
matrix-x(router-config)# route-map match-commlist1
matrix-x(config-route-map)# match community commlist1
matrix-x(config-route-map)# set metric 20
Finally, route map match‐commlist1 is applied to BGP routes and exported into instance 1 of OSPF:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# redistribute bgp route-map match- commlist1
In the following example, route map abc is configured with the following match criteria:
If a route matches interface ge.1.1 and a pre‐configured BGP Community labeled bgpcomm1, then
communities specified in community com‐set‐1 will be added to the route, communities specified
in community labeled com‐set‐2 will be deleted from the route, and the route metric set to 50.
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match interface ge.1.1
matrix-x(config-route-map)# match community-set bgpcomm1
matrix-x(config-route-map)# set community-set com-set-1 additive
matrix-x(config-route-map)# set community-set com-set-2 delete
matrix-x(config-route-map)# set metric 50
This route map is then applied to static routes and exported into OSPF instance 2:
matrix-x(router-config)# router ospf 2
matrix-x(config-router-ospf)# redistribute static route-map abc

Matrix X Router Command Line Interface Reference Guide 36-21

Global Commands

redistribute-nssa
This command specifies routes to export to OSPF NSSA in an OSPF instance.

Syntax
redistribute-nssa protocol [route-map name] {0-9}

no redistribute-nssa protocol [route-map name]

Parameters

protocol Protocol name for routes you want to redistribute to the current
protocol being configured. Valid choices are: aggregate, bgp, direct,
isis, kernel, ospf, ospf‐ase, rip, and static.
route‐map name (Optional) Name of a route map to apply to these routes.
{0‐9} Although this command can be given multiple times, it can only be
given once to each of the nine configurable protocols. For example, if a
redistribute command is given for a protocol and route map, and then
given again for the same protocol with a different route map, the
second configuration overrides the first.

Defaults
OSPF does not redistribute any routes into NSSA.

Mode
OSPF Router Configuration.

Usage
This command specifies routes to export to OSPF NSSA in an OSPF instance. It causes routes from
the specified protocol to be considered for redistribution into OSPF‐NSSA. Also, if a route map is
specified, then routes from the specified protocol matching the named route map will be
considered for redistribution into OSPF‐NSSA.
If the referenced route map has not yet been configured, then an empty route map is created with
the specified name.

Examples
In the following example, route map abc is configured to match all IPv4 prefixes (configured in
prefix list pl1), to set the exported metric to 1, and to set the NSSA Propagate (P) bit:
matrix-x(router-config)# ip prefix-list pl1 seq 1 permit 0.0.0.0/0 le 32
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match ip address prefix-list pl1
matrix-x(config-route-map)# set metric 1
matrix-x(config-route-map)# set propagate
This route map is then applied to static routes and exported into OSPF NSSA:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# redistribute-nssa static route-map abc

36-22 OSPF Commands

Global Commands

require-vbit
This command instructs the spf code to require that the vbit be set in the router LSAs of routers
that are the end points of virtual links.

Syntax
require-vbit

no require-vbit

Parameters
None.

Defaults
Disabled.

Mode
OSPF Router Configuration.

Usage
When this command is not specified, the vbit can be clear, and the virtual link will still be
considered. This command is a work around for issues in some OSPF implementations.

Example
The following example turns require‐vbit on:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# require-vbit

Matrix X Router Command Line Interface Reference Guide 36-23

Global Commands

retransmit-interval
This command sets the interval between Link State Advertisement (LSA) retransmissions for
adjacencies.

Syntax
retransmit-interval time-seconds

no retransmit-interval

Parameters

time-seconds A period ranging from 1 to 65535 seconds.

Defaults
5 seconds.

Mode
OSPF Router Configuration.

Usage
This command sets the interval between LSA retransmissions for adjacencies. If a Link State
Protocol (LSP) is not acknowledged within the interval specified with this command, it is re‐sent.
This command is specified at the global level and can be overridden in the area and interface
levels with the area retransmit‐interval and ip ospf retransmit‐interval commands.
The no form of this command resets the specified value to the default of 5 seconds.

Example
The following example configures the global retransmit interval to be 10 seconds. This value is
then overridden in area 1.2.3.4, where it is configured to be 15 seconds.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# retransmit-interval 10
matrix-x(config-router-ospf)# area 1.2.3.4 retransmit-interval 15

Related Commands
area retransmit-interval

ip ospf retransmit-interval

36-24 OSPF Commands

Global Commands

router id
This command sets the OSPF 32‐bit router ID for the specified instance. The Router ID set by this
command is the lowest loopback interface IP address on the Matris X router. If no loopback
interfaces are configured, then the lowest interface IP address is chosen. Finally, if no interface IP
addresses are configured, the IP address 127.0.0.1 is chosen. Once a Router ID has been selected, it
will change only as the result of entering the no router id command or a system reboot.

Syntax
router id rid_value

no router id rid_value

Parameters

rid_value A 32‐bit address in dotted‐quad notation.

Defaults
The globally specified Router ID. If a globally specified Router ID does not exist, then the highest
IP address will be used.

Mode
OSPF Router Configuration.

Usage
If the Router ID is not specified, then the instance uses the global default router ID.
The no form of this command resets the configured router ID to its default value specified by the
globally defined Router ID.

Example
The following example configures the OSPF router ID to be 4.3.2.1.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# router id 4.3.2.1

Matrix X Router Command Line Interface Reference Guide 36-25

Global Commands

timers spf
This command specifies the minimum period between when OSPF receives a topology change
and when it starts the Sender Policy Framework (SPF) computation.

Syntax
timers spf time-seconds

no timers spf

Parameters
time-seconds The minimum interval in seconds between SPF calculations, ranging from 1 to
65535.

Defaults
5 seconds.

Mode
OSPF Router Configuration.

Usage
The no form of this command resets the specified value to its default.

Example
The following example configures the SPF timer interval to 15 seconds:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# timers spf 15

36-26 OSPF Commands

Global Commands

trace file
This command specifies the file to receive tracing information, the size of the file, whether to
overwrite existing files, and the maximum number of files allowed.

Syntax
trace file file_name [max-size file_size[M | m | K | k]] [max-files num_files]
[no-timestamp] [noverwrite]

no trace file file_name [max-size file_size[M | m | K | k]] [max-files num_files]

[no-timestamp] [overwrite]

Parameters

file_name The name of the file to receive the tracing information. Note that the file
name is not specified in quotes.
max‐size (Optional) Maximum file size in bytes (by default) or megabytes or
file_size[M|m|K|k] kilobytes, ranging from 10K to 4,095,000,000 bytes. Notice that there is no
space between the file_size parameter and the unit type.
M and m both specify megabytes. K and k both specify kilobytes. If no
unit type is entered, bytes is assumed.
If no maximum file size is specified, the default is “unlimited.” The size
of a trace file is limited by the file system on which the trace file resides.
max‐files num_files (Optional) Maximum number of files allowed in the directory, ranging
from 2 to 4,294,967,295.
If no maximum number of files is specified, the default is 4,294,967,295
no-timestamp (Optional) A timestamp should not be prepended to all trace lines. The
default is to prepend a timestamp to all lines written to a trace file.
overwrite (Optional) Begin tracing by overwriting, or truncating, an existing file.
The default is to append to an existing file.

Defaults
• Disabled.
• max-size file_size: Unlimited. The size of a trace file is limited by the file system on which
the trace file resides.
• max-files num_files: 4,294,967,295 files.

• no-timestamp: Prepend a timestamp to all lines written to a trace file.

• overwrite: Append to an existing file.

Global Commands

transmit-delay
This command specifies the time in seconds required to transmit a link state update.

Syntax
transmit-delay time-seconds

no transmit-delay

Parameters
time‐seconds An interval ranging from 1 to 65535 seconds.

Defaults
1 second.

Mode
OSPF Router Configuration.

Usage
This command sets the estimated time in seconds required to transmit a link state update. It takes
into account transmission and propagation delays and must be greater than 0. The transmit delay
is specified here at the global level. It can be overridden at the area and interface levels (area
transmit‐delay and ip ospf transmit‐delay) as well as within a virtual link (area virtual‐link).
The no form of this command resets the specified value to the default.

Example
The following example configures a global transmit delay of 5 seconds. This value is then
overridden in area 1.2.3.4 to be 3 seconds.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# transmit-delay 5
matrix-x(config-router-ospf)# area 1.2.3.4 transmit-delay 3

Matrix X Router Command Line Interface Reference Guide 36-31

Area Commands

Area Commands
The area commands are listed below.

For information about... Refer to page...

area advertise-subnet 36-33

area authentication 36-34

area dead-interval 36-36

area hello-interval 36-37

area nssa 36-38

area nssa-range 36-39

area nssa-translate-always 36-40

area poll-interval 36-41

area priority 36-42

area range 36-43

area retransmit-interval 36-44

area stub 36-45

area stubhost 36-46

area stubnetwork 36-47

area transmit-delay 36-48

area virtual-link 36-49

36-32 OSPF Commands

Area Commands

area advertise-subnet
This command specifies whether OSPF will, when advertising point‐to‐point interfaces, advertise
the network number and netmask instead of a host route to the remote IP.

Syntax
area area_id advertise-subnet

no area area_id advertise-subnet

Parameters
area_id An ID for an area specified as an IP address in dotted‐quad format. A value of
0.0.0.0 means that the area is a backbone.

Defaults
Disabled.

Mode
OSPF Router Configuration.

Usage
Use this command to specify whether OSPF will, when advertising point‐to‐point interfaces,
advertise the network number and netmask instead of a host route to the remote IP. Because the
netmask is sometimes set improperly on point‐to‐point interfaces, this option is disabled by
default.
Configuring this command in an area overrides a global advertise‐subnet command. Similarly,
this command can be overridden in an interface command.

Examples
The following example turns advertise‐subnet on for area 1.2.3.4 and off for interface ge.1.1 in the
same area:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 advertise-subnet
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# no ip ospf advertise-subnet

Related Commands
advertise-subnet

ip ospf advertise-subnet

Matrix X Router Command Line Interface Reference Guide 36-33

Area Commands

area authentication
This command specifies the type of OSPF authentication used and any key values.

Syntax
area area-id authentication {simple key]} | {md5 id_number md5_key [start-generate
date_time] [stop-generate date_time] [start-accept date_time] [stop-accept
date_time]}

no area area-id authentication {simple key | md5 id_number}

Parameters
area‐id An ID for OSPF area to be authenticated, expressed as an IP
address in dotted‐quad format. A value of 0.0.0.0 means the area
is a backbone.
simple key Specifies simple (clear password} authentication. The value for
key is specified as a one‐ to eight‐character string.
md5 id_number md5_key Specifies the authentication used for specifying MD5
cryptographic authentication. The value for id_number is an
number from 1 to 255. The value for md5_key is a one‐ to sixteen‐
character string.
start‐generate date_time (Optional) The start and stop values must be in the format:
YYYY‐MM‐DD.HH.MM. Each start and stop value is optional,
stop‐generate date_time
and order is not important when specifying multiple
start‐accept date_time commands.
stop‐accept date_time

Defaults
No authentication.

Mode
OSPF Router Configuration.

0.0.0.0 means the area is a backbone.
metric (Optional) The default OSPF metric, ranging from 1 to 65535. If area nssa is
configured, then this value defaults to 1.
metric‐type (Optional) Specify 1 or 2 as the default metric type. Routes exported from the
routing table into OSPF default to becoming Type 1 ASEs. If area nssa is
configured, then this value defaults to 1.

Mode
OSPF Router Configuration.

Defaults
Non‐stub, non‐NSSA. If area nssa is set, the default metric is 1 and the default metric type is 1.

Usage
Use this command to configure an area as a NSSA. External routes that are not imported into an
NSSA can be represented by means of a default route. It is used when an OSPF inter‐network is
connected to multiple non‐OSPF routing domains.
Using the no form of this command changes the NSSA back to a plain area.
If the router is an ABR and has the highest router ID of all the ABRs in the area, and no other ABR
in the area is configured to translate always, it will translate Type 7 LSAs with the P‐bit (set by the
propagate flag in an export command) to Type 5 LSAs. When an ABR that was translating loses a
translator election, it will cease translating, and after a number of seconds (determined by nssa‐
stability‐ interval), it will flush any Type 5 LSAs resulting from aggregation. Any Type 5 LSAs
resulting from direct translation of Type 7 LSAs will be allowed to age out.
An ABR will always originate a default route into any attached NSSAs. The metric of this default
route can be specified in the command and defaults to 1. If there are any filters for the NSSA, the
default will be Type 3 LSA.

Note: NSSA and Stub are mutually exclusive.

Example
The following example changes the default metric type to 2:
matrix-x(router-config)# router ospf 1

36-38 OSPF Commands

Area Commands

matrix-x(config-router-ospf)# area 1.2.3.4 nssa 10 2

Matrix X Router Command Line Interface Reference Guide 36-41

Area Commands

area priority
This command specifies the priority for becoming the Designated Router (DR).

Syntax
area area_id priority level

no area area_id priority

Parameters

area_id An ID for an area specified as an IP address in dotted‐quad format. A value

of 0.0.0.0 means the area is a backbone.
level A priority number, ranging from 0 to 255, for becoming a DR. A priority of 0
indicates that the router is ineligible to become the DR.

Mode
OSPF Router Configuration.

Defaults
1.

Usage
Use this command to specify the priority for becoming the DR. The priority specified at the area
level can be overridden at the interface level. When more than one router attached to a network
attempts to become the DR, the one with the highest priority wins. If the competing routers have
the same priority, the one with the highest router ID becomes the DR. The router coming in
second in the election becomes the backup DR. A router with a priority set to 0 is ineligible to
become the DR.

Note: This command applies only to broadcast or NBMA media.

Use the no form of this command to reset the configured value to its default.

Example
The following example configures an area priority of 10. It also sets the priority for interface ge.1.1
to be 5:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 priority 10
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf priority 5

Related Commands
priority

ip ospf priority

36-42 OSPF Commands

Area Commands

area range
This command configures the scope of an area on an Area Border Router (ABR).

Syntax
area area_id range ip_address mask [no-advertise]

no area area_id range ip_address mask [no-advertise]

Parameters

area_id The area ID, specified as an IP address in dotted‐quad format. A value of

Defaults
1 second.

Usage
Use this command to set the estimated interval required to transmit a link state update. This value
takes into account transmission and propagation delays and must be greater than 0.
This value overrides the global transmit‐delay value and can be overridden at the interface level.
Use the no form of this command to remove the configured value and return the delay to the
default value of 1 second.

Example
The following example configures the transmit‐delay for area 1.2.3.4 to 10 seconds. This value is
then overridden on interface ge.1.1, where it is configured at 5 seconds.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 transmit-delay 10
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf transmit-delay 5

Related Commands
transmit-delay

ip ospf transmit-delay

36-48 OSPF Commands

Area Commands

area virtual-link
This command configures a virtual link on the backbone.

Syntax
area transit_area virtual-link router id [authentication {simple key | md5 id
md5key [start-generate date_time] [stop-generate date_time] [start-accept
date_time] [stop-accept date_time]}] [hello-interval time-seconds] [retransmit-
interval time-seconds] [transmit-delay time-seconds] [dead-interval time-seconds]

no area transit_area virtual-link neighbor-id [authentication {simple key | md5

id md5key}]

Parameters
transit_area An ID, in dotted‐quad format, that sets the area through which the
virtual link should exist. This value cannot be 0.0.0.0.
router id The ID of one end of the virtual link.
authentication (Optional) Sets an authentication type to include on this virtual
link.
simple key |
simple key sets simple (clear password) authentication. The key is
md5 id md5key
as a 1‐8 character string
md5 id md5_key sets the authentication used for specifying MD5
cryptography.The value for id is an integer ranging from 1 to 255.
The value for md5_key is a 1 to 16 character string.
start‐generate date_time (Optional) Specifies start and stop dates for MD5 cryptographic
authentication. Start and stop values must be in the format: YYYY‐
stop‐generate date_time
MM‐DD.HH.MM. Each start and stop value is optional, and order
start‐accept date_time is not important when specifying multiple commands.
stop‐accept date_time
hello‐interval (Optional) Sets the interval between hello packets that the software
time‐seconds sends on an interface, ranging from 1 to 65535 seconds. This value
must be an unsigned integer and must be the same for all routers
and access servers attached to a common network.
retransmit‐interval (Optional) Sets the interval between link state advertisement (LSA)
time‐seconds retransmissions for adjacencies belonging on the interface, ranging
from 1 to 65535 seconds. This value must be an integer and must be
greater than the expected round‐trip delay.
transmit‐delay (Optional) Sets the interval required to send a link state update
time‐seconds packet on the port, ranging from 1 to 65535 seconds. This value
must be an integer greater than 0. LSAs in the update packet have
their age incremented by this amount before transmission.
dead‐interval (Optional) Sets the interval that Hello packets are sent before a
time‐seconds neighbor declares the router down, ranging from 1 to 65535
seconds. The default value is four times the hello‐interval, or 40
seconds. If this value is configured less than the hello‐interval,
convergence will not occur. This value must be the same for all
routers and access servers attached to a common network.

Matrix X Router Command Line Interface Reference Guide 36-49

Area Commands

Mode
OSPF Router Configuration.

Defaults
• No virtual links are explicitly configured.
• Hello‐interval: 10 seconds
• Retransmit‐interval: 5 seconds
• Transmit‐delay: 1 second
• Dead‐interval: 40 seconds

Usage
Virtual links are used to establish or increase connectivity of the backbone area. The transit_area
sets the area through which the virtual link should exist. The neighbor‐id represents one end of the
virtual link. In addition, all standard interface parameters can optionally be specified on a virtual
link.
Use the no form of this command to remove the configured virtual link. The transit_area and
neighbor‐id parameters are the minimum required in the negative form of this command to remove
the entire virtual link.

Example
The following example configures a virtual link in transit area 1.1.1.1 with a neighbor ID of 1.2.2.1,
a hello interval of 20 seconds, and a retransmit interval of 20 seconds:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.1.1.1 virtual-link 1.2.2.1 hello-interval 20
retransmit-interval 20

36-50 OSPF Commands

Default Commands

Default Commands
The commands to configure default OSPF parameters are listed below.

For information about... Refer to page...

default-metric 36-51

default-nssa-metric 36-52

default-nssa-type 36-53

default-preference 36-54

default-tag 36-55

Interface Commands

Interface Commands
It is suggested that users of OSPF should configure interface parameters using a physical interface
name, such as ge.4.2. Using a physical interface name provides the clearest, least ambiguous way
of configuring these parameters. Using a logical address, such as 192.168.10.1, can lead to
undesirable results.
The commands to configure OSPF parameters at the interface level are listed below.

For information about... Refer to page...

ip ospf advertise-subnet 36-58

ip ospf allow-all 36-59

ip ospf authentication 36-60

ip ospf cost 36-62

ip ospf dead-interval 36-63

ip ospf enable 36-64

ip ospf hello-interval 36-64

ip ospf neighbor 36-65

ip ospf network 36-66

ip ospf no-multicast 36-67

ip ospf passive-interface 36-68

ip ospf poll-interval 36-69

ip ospf priority 36-70

ip ospf retransmit-interval 36-71

ip ospf transmit-delay 36-72

Matrix X Router Command Line Interface Reference Guide 36-57

Interface Commands

ip ospf advertise-subnet
This command specifies whether OSPF will, when advertising point‐to‐point interfaces, advertises
the network number and netmask of the point‐to‐point interface instead of a host route to the
remote IP.

Syntax
ip ospf advertise-subnet

no ip ospf advertise-subnet

Parameters
None.

Defaults
Disabled.

Mode
Router Interface Configuration.

Usage
Because the netmask is sometimes set improperly on point‐to‐point interfaces, this option is
disabled by default.

Examples
The following example turns advertise‐subnet on for interface ge.1.1:
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf advertise-subnet

36-58 OSPF Commands

Interface Commands

ip ospf allow-all
This command permits packets from all routers.

Syntax
ip ospf allow-all

no ip ospf allow-all

Parameters
None.

Defaults
Disabled.

Mode
Router Interface Configuration.

Usage
Use this command to allow packets from all routers, including those not specified in the ip ospf
neighbor command.

Example
The following example specifies that interface ge.1.1 will allow packets from all routers:
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf allow-all

Matrix X Router Command Line Interface Reference Guide 36-59

Interface Commands

ip ospf authentication
This command specifies the type of authentication and key values for an interface.

Syntax
ip ospf authentication {simple key | md5 id_number md5_key [start-generate
date_time] [stop-generate date_time] [start-accept date_time] [stop-accept
date_time]}

no ip ospf authentication {simple key | md5 id_number}

Parameters

simple key Specifies simple (clear password) authentication. The value for
key is specified as a one‐ to eight‐character string.
md5 id_number md5_key Specifies the authentication used for specifying MD5
cryptographic authentication. The value for id_number ranges
from 1 to 255. The value for md5_key is a 1‐ to 16‐character string.
start‐generate date_time (Optional) Specify start and stop dates for MD5 authentication.
Start and stop values must be in the format: YYYY‐MM‐
stop‐generate date_time
DD.HH.MM. Each start and stop value is optional, and their
start‐accept date_time order is not important when specifying multiple commands.
stop‐accept date_time

Defaults
Authentication is not explicitly configured.

Mode
Router Interface Configuration.

Usage
Authentication can help guarantee that routing information is imported only from trusted routers.
A variety of authentication schemes can be used, but a single scheme must be configured for each
network. The use of different schemes enables some interfaces to use much stricter authentication
than others. The two authentication schemes available are simple and MD5.
The command specifies the type of authentication and key values used on an interface. This is
used by OSPF authentication to generate and verify the authentication field in the OSPF header. If
configured, the area authentication (specified with the area authentication command) is the
default unless it is configured here at the interface level.
When you want to keep certain routers from exchanging OSPF packets, use the simple form of
authentication. The interfaces that the packets are to be sent on still need to be trusted, because the
key will be placed in the packets and can be seen by anyone with access to the network.
When you do not trust other users of your network, use MD5 authentication. The system works by
using shared secret keys. Because the keys are used to sign the packets with an MD5 checksum,
they cannot be forged or tampered with. Because the keys are not included in the packet, snooping
the key is not possible. Users of the network can still snoop the contents of packets, however,
because the packets are not encrypted.

36-60 OSPF Commands

Interface Commands

The Matrix X MD5 authentication is compliant with the specification in OSPF RFC 2328. This
specification uses the MD5 algorithm and an authentication key of up to 16 characters. RFC 2328
allows multiple MD5 keys per interface. Each key has two associated time ranges.
In order to turn off authentication, you must include the authentication type in the no form of the
command. For example, if MD5 authentication was configured, then simply specifying no ip ospf
authentication will not work. In addition, you must specify the simple key when turning off
simple authentication, and you must specify the MD5 id_number when turning off MD5
authentication.

Examples
The following example configures the area authentication to be the simple keyword abc. This
authentication is then overridden for interface ge.1.1 to be bar.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 authentication simple abc
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip authentication simple bar
The following example configures MD5 authentication for interface ge.1.1. The ID for this MD5
configuration is 1, and the key is configured as bar.
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf authentication md5 1 bar
The following example turns off the MD5 authentication that was in the earlier example. Note that
specifying the MD5 key is not required, but specifying the MD5 ID is.
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# no ip ospf authentication md5 1
The following example configures MD5 authentication for interface ge.1.1. MD5 is configured
with a start‐generate time set to January 2, 2005 at 21:30 hours, a stop‐generate time set to January
2, 2005 at 21:45 hours, a start‐accept time set to January 2, 2005 at 21:00 hours, and a stop‐accept
time set to January 2, 2005 at 22:00 hours.
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf authentication md5 2 md5 start-
generate 2005-01-02.21.30 stop-generate 2005-01-02.21.45 start-accept 2005-01-
02.21.00 stop-accept 2005-01-02.22.00

Related Commands
authentication

area authentication

Matrix X Router Command Line Interface Reference Guide 36-61

Interface Commands

ip ospf cost
This command specifies the cost for a route to transit an interface.

Syntax
ip ospf cost cost_value

no ip ospf cost

Parameters

cost_value The cost associated with this interface, ranging from 1 to 65535.

Mode
Router Interface Configuration.

Defaults
10.

Usage
Use this command to specify the cost for a route to transit the interface. Essentially, this is the cost
for the Matrix X Router to reach another device from this interface. The command can be explicitly
overridden in export policy.
Use the no form of this command to remove the configured cost and return it to its default of 1.

Example
The following example configures the cost for interface ge.1.1 to be 15:
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf cost 15

36-62 OSPF Commands

Interface Commands

ip ospf dead-interval
This command specifies the interval that may elapse on this interface without receiving a router’s
hello packets before the router’s neighbors will declare it down.

Syntax
ip ospf dead-interval time-seconds

no ip ospf dead-interval

Parameters

time‐seconds Interval ranging from 1 to 65535 seconds.

Defaults
If ip ospf dead‐interval is not specified, the interval defaults to the value specified in area dead‐
interval, then to the value specified by the global dead‐interval command. If neither of these is
specified, the value is 40 seconds

Mode
Router Interface Configuration.

Usage
Use this command to specify the interval that may elapse on this interface without receiving a
router’s hello packets before the router’s neighbors will declare it down. The command specified
here at the interface level overrides a dead‐interval configured at the area and global levels.
A general rule for configuring this value is that it should be equal to four times the HELLO
interval. (See the ip ospf hello‐interval command.) Do not set this value to less than the HELLO
interval because convergence will not occur.
Use the no form of this command to reset the configured value to its default.

Examples
The following example configures a dead‐interval of 80 seconds in area 1.2.3.4, and a dead‐
interval of 60 seconds on interface ge.1.1:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 dead-interval 80
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf dead-interval 60

Related Commands
dead-interval

area dead-interval

Matrix X Router Command Line Interface Reference Guide 36-63

Interface Commands

ip ospf enable
This command enables OSPF on an interface.

Syntax
ip ospf enable

no ip ospf enable

Parameters
None.

Defaults
Enabled.

Mode
Router Interface Configuration.

Example
The following example disables interface ge.1.1:
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# no ip ospf enable

ip ospf hello-interval
This command specifies the interval between hello packets that the router sends on the interface.

Syntax
ip ospf hello-interval time-seconds

no ip ospf hello-interval

Parameters

time‐seconds Interval ranging from 1 to 65535 seconds.

Defaults
If ip ospf hello‐interval is not specified, it defaults to the value specified in area hello‐interval,
then to the value specified with the global hello‐interval command. If neither the area nor global
hello interval is specified, the default is 10 seconds.

Mode
Router Interface Configuration.

36-64 OSPF Commands

Interface Commands

Usage
Use this command to specify the interval between hello packets that the router sends on the
interface. The command overrides the interval configured in the equivalent global and area
commands. (See the hello‐interval and area hello‐interval commands.)
A general rule for configuring this value is that it should be equal to one‐fourth the dead interval.
(See the ip ospf dead‐interval command.) This value should never be less than the dead interval
value.
Use the no form of this command to reset the configured time‐seconds value to the default.

Example
The following example configures a hello interval of 20 seconds in area 1.2.3.4, and a hello interval
of 15 seconds on interface ge.1.1:
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 hello-interval 20
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf hello-interval 15

Related Commands
hello-interval

area hello-interval

ip ospf neighbor
This command specifies neighboring routers, and specifies whether those routers are eligible to
become the Designated Router (DR).

Syntax
ip ospf neighbor ip_address [eligible]

no ip ospf neighbor ip_address

Parameters

ip_address A valid IPv4 address specified in dotted‐quad notation.

eligible (Optional) Specifies whether the indicated address is eligible to become the DR.

Mode
Router Interface Configuration.

Defaults
OSPF neighbors are not explicitly configured by default.

Matrix X Router Command Line Interface Reference Guide 36-65

Interface Commands

Usage
By definition it is impossible to send broadcast or multicast packets to discover OSPF neighbors
on a non‐broadcast medium, so all neighbors must be configured. The host address list includes
one or more neighbors. The eligible option is used to indicate an address’s eligibility to become a
DR. Refer to RFC‐2328 for more information.
Use the no form of this command to remove the configured neighbors.

Example
The following example specifies that host 10.1.1.1 is eligible to become a DR:
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf neighbor 10.1.1.1 eligible

ip ospf network
This command specifies a either a non broadcast interface on an Non‐Broadcast Multiple Access
(NBMA) medium or a point‐to‐multipoint interface.

Syntax
ip ospf network {point-to-multipoint | nonbroadcast}

no ip ospf network {point-to-multipoint | nonbroadcast}

Syntax
ip ospf poll-interval time-seconds

no ip ospf poll-interval

Parameters

time‐seconds Integer ranging from 1 to 65535 seconds.

Defaults
120 seconds.

Mode
Router Interface Configuration.

Usage
Use this command to specify the interval between OSPF packets that the router sends before
adjacency is established with a neighbor. This command reduces network overhead in cases
where a router may have a neighbor on a given interface at the expense of initial convergence
time.
Use the no form of this command to reset the configured value to its default value.

Examples
The following configures the poll‐interval for interface ge.1.1 to be 100 seconds:
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf poll-interval 100

Related Commands
poll-interval

area poll-interval

Matrix X Router Command Line Interface Reference Guide 36-69

Interface Commands

ip ospf priority
This command specifies the priority for becoming the Designated Router (DR).

Syntax
ip ospf priority level

no ip ospf priority

Parameters

level Priority number ranging from 0 to 255, for becoming a DR. A value of 0
indicates that the router is ineligible to become a DR.

Defaults
If the ip ospf priority command is not specified, then this value defaults to the configured area or
global value, respectively. If neither of those values is configured, then this value defaults to 1.

Mode
Router Interface Configuration.

Usage
Use this command to specify the priority for becoming the DR. This priority overrides any value
configured at the global or area levels. (See the priority and area priority commands.) When more
than one router attached to a network attempts to become the DR, the one with the highest
priority wins. If the competing routers have the same priority, the one with the highest router ID
becomes the DR. The router coming in second in the election becomes the backup DR. A router
with a priority set to 0 is ineligible to become the DR.

Note: This command applies only to broadcast or NBMA media.

Use the no form of this command to remove the configured priority.

Examples
The following example configures an area priority of 10 and the priority for interface ge.1.1 to be 5.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 priority 10
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf priority 5

Related Commands
priority

area priority

36-70 OSPF Commands

Interface Commands

ip ospf retransmit-interval
This command specifies the interval between Link State Advertisement (LSA) retransmissions for
adjacencies.

Syntax
ip ospf retransmit-interval time-seconds

no ip ospf retransmit-interval

Parameters

time‐seconds Interval ranging from 1 to 65535 seconds.

Defaults
If the ip ospf priority command is not specified, then this value defaults to the configured
area or global value, respectively. If neither of these values is configured, then this value defaults
to 5 seconds.

Mode
Router Interface Configuration.

Usage
Use this command to specify the interval between LSA retransmissions for adjacencies. If a Link
State Protocol (LSP) is not acknowledged within the number of seconds specified here, it is re‐sent.
This command overrides any configured in the global or area levels. (See the retransmit‐interval
and area retransmit‐interval commands.)
Use the no form of this command to remove the configured retransmit value.

Example
The following example configures the retransmit interval for area 1.2.3.4 to be 10 seconds. This
value is then overridden in interface ge.1.1, where it is configured to be 7 seconds.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 retransmit-interval 10
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf retransmit-interval 7

Related Commands
retransmit-interval

area retransmit-interval

Matrix X Router Command Line Interface Reference Guide 36-71

Interface Commands

ip ospf transmit-delay
This command specifies the interval required to transmit a link state update.

Syntax
ip ospf transmit-delay time-seconds

no ip ospf transmit-delay

Parameters

time‐seconds Interval ranging from 1 to 65535 seconds.

Defaults
If this command is not specified, then the transmit delay value defaults to the configured area or
global value, respectively. If neither of those is configured, then this value defaults to 1 second.

Mode
Router Interface Configuration.
Usage
Use this command to specify the interval required to transmit a link state update. The command
takes into account transmission and propagation delays and must be greater than 0. It also
overrides any given value at the global or area levels (the transmit‐delay and area transmit‐delay
commands).
Use the no form of this command to remove the configured time‐seconds value.
Example
The following example configures the transmit‐delay for area 1.2.3.4 to be 10 seconds. This value
is then overridden on interface ge.1.1, where it is configured to be 5 seconds.
matrix-x(router-config)# router ospf 1
matrix-x(config-router-ospf)# area 1.2.3.4 transmit-delay 10
matrix-x(config-router-ospf)# exit
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip ospf transmit-delay 5

Related Commands
transmit-delay

area transmit-delay

36-72 OSPF Commands

Querying Commands

Querying Commands
The commands to display OSPF information are listed below.

For information about... Refer to page...

show ip ospf 36-73

show ip ospf border-routers 36-74

show ip ospf database 36-75

show ip ospf flood-list 36-76

show ip ospf interface 36-77

show ip ospf neighbor 36-78

show ip ospf request-list 36-79

show ip ospf retransmission-list 36-80

show ip ospf summary-address 36-81

show ip ospf virtual-links 36-82

show ip ospf
This command displays information about a single OSPF instance or all OSPF instances.

Syntax
show ip ospf [instance_id]

Parameters

instance_id (Optional) Specifies to return information for a specific instance,

ranging from 1 to 4294967294. If no instance ID is entered, the
command displays information about all OSPF instances.

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Usage
This query has two forms. If the query is issued without an instance ID, then information about all
OSPF instances displays. If the query is issued with a specific instance ID, the output will contain
data pertaining only to that referenced instance.

Example
The following example is a request for information relating to OSPF instance 2:

Matrix X Router Command Line Interface Reference Guide 36-73

Querying Commands

matrix-x(router-config)# show ip ospf 2

-----------------------
Routing Process "ospf 1" with ID 1.1.1.1
Supports opaque LSA
It is an autonomous system boundary router and is an area border router
Hold time between two SPFs is 5
Minimum LSA interval 5. Minimum LSA arrival 1
Number of external LSA 0.
Checksum sum 0
Number of opaque AS LSA 0,
Checksum sum 0
Number of areas in this router is 2.
1 normal
0 stub
1 nssa
Area 0.0.0.0
Number of interface in this area is 1
It is a normal area
Number of LSA 4
Checksum sum 0
Number of opaque LSA 0
Checksum sum 0
Area ranges are
Area 10.10.10.10
Number of interface in this area is 1
It is a nssa area
Number of LSA 3
Checksum sum 0
Number of opaque LSA 0
Checksum sum 0
Area range is 192.10.0.0/24

show ip ospf border-routers

This command displays the Autonomous System (AS) and Area Border Routers (ABRs) for all
OSPF instances.

Syntax
show ip ospf border-routers

Parameters
None.

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Example
The following example is a request for border router data:

36-74 OSPF Commands

Querying Commands

matrix-x(router-config)# show ip ospf border-routers

OSPF Routing Table
Route 192.168.10.1 area 0.0.0.1 ABR

show ip ospf database

This command displays information contained within the OSPF Link State Database(s).

Syntax
show ip ospf database [instance_id [area_id]]

show ip ospf database external [instance_id]

show ip ospf database type-11-opaque [instance_id]

Parameters

instance_id (Optional) Indicates to return information for a specific instance,

ranging from 1 to 4294967294.
area_id (Optional) If an instance ID is specified for a database, you can also
optionally specify an area to be associated with this query.
external Search the external database.
type‐11‐opaque Search the type‐11‐opaque database.

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Usage
This query can be narrowed to search a specific database, based on the instance ID, the area ID,
whether to search the external database or the type‐11‐opaque database.

Example
The following example displays a request for all OSPF database data:
matrix-x(router-config)# show ip ospf database
OSPF Router Instance 1

Router Link States (Area 0.0.0.1)

Link ID ADV RTR Seq No Age Checksum Link ct

192.168.10.0 192.168.1.8 0x80000003 0 0xBEEF 1
192.168.11.0 192.168.2.4 0x80000003 0 0xBEED 2

Matrix X Router Command Line Interface Reference Guide 36-75

Querying Commands

show ip ospf flood-list

This command displays a list of OSPF Link State Advertisements (LSAs) waiting to be flooded
over an interface.

Syntax
show ip ospf flood-list [interface-type] [interface-number]

Parameters

interface‐type Optionally enter a specific interface type over which LSAs are flooded.
interface‐number Optionally enter the interface number of which the LSAs are flooded.

Mode
Privileged EXEC: matrix‐x(router‐exec)#

Example
The following example is a request for flood list information on Ethernet interface number 1:
matrix-x(router)# show ip ospf flood-list ethernet 1

Interface ge.1.1, Queue length 5

Link state flooding due in 10 msec

Type LS ID ADV RTR Seq No Age Checksum

5 192.168.10.0 192.168.10.5 0x80000003 0 0xBEEF
5 192.168.11.0 192.168.10.5 0x80000003 0 0xBEEF
5 192.168.12.0 192.168.10.5 0x80000003 0 0xBEEF

36-76 OSPF Commands

Querying Commands

show ip ospf interface

This command displays information about a single or all interfaces running OSPF.

Syntax
show ip ospf interface [ipv4-address | interface-name]

Parameters

ipv4‐address | Optionally specify either a valid IPv4 address in dotted‐quad notation

interface‐name or a physical interface name.

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Usage
This query has two forms. If the query is issued without arguments, then information on about all
interfaces over which OSPF is running displays. Or, the query can be issued with a specific
interface, in which case the reply will contain data pertaining only to that referenced interface.
Note that if interfaces are added to the set of interfaces over which OSPF is running after this
query has been issued but before the query is finished, it is not guaranteed that the new interfaces
will be reported. Similarly, if OSPF is de‐configured on an interface after the query has been
issued but before the query is finished, then the interface may or may not be reported.

Example
The following example returns OSPF information for interface ge.1.1:
matrix-x(router-config)# show ip ospf interface ge.1.1

OSPF Router Instance 1

ge.4.1 is up, line protocol is up

Internet Address 192.168.10.1/24, Area 0.0.0.1
Router ID 192.168.10.5, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, state WAITING, Priority 1
Designated Router is 192.168.10.5 (this router)
No Backup Designated router for this network
Timer intervals configured, Hello 20, Dead, 120, Wait 30, Retransmit 5
Hello due in 0:00:05
Neighbor Count is 0, Adjacent neighbor count is 0

Matrix X Router Command Line Interface Reference Guide 36-77

Querying Commands

show ip ospf neighbor

This command displays information about a single or all OSPF neighbors.

Syntax
show ip ospf neighbor [neighbor]

Parameters

neighbor Optionally specify either a valid IPv4 address in dotted‐quad notation or a

physical interface name for the OSPF neighbor on which to query information.

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Example
The following example returns OSPF information for neighbor ID 2.2.2.2:
matrix-x(router-config)# show ip ospf neighbor 2.2.2.2
Routing Process "ospf 1":
Neighbor 0.0.103.12, interface address 192.0.0.2
In area 0.0.0.2 interface "ge.1.1"
Neighbor priority is 1, state is "Full", 7 state changes
DR is 192.0.0.2 BDR is 192.0.0.1
Options is 0x2
Dead timer is due in 4 seconds

36-78 OSPF Commands

Querying Commands

show ip ospf request-list

This command displays a list of all LSAs requested by a router.

Syntax
show ip ospf request-list [neighbor | interface | interface_neighbor]

Parameters

neighbor (Optional) Specifies to display a list of all LSAs requested by the router
from this neighbor.
interface (Optional) Specifies to display a list of all LSAs requested by the router
form this interface.
interface_neighbor (Optional) Specifies to display a list of all LSAs requested from this
neighbor on this interface

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Example
The following example displays a list of LSAs requested by the router for interface ge.1.1:
matrix-x(router-config)# show ip ospf request-list ge.1.1
OSPF Instance 1
Neighbor 192.168.10.5, interface ge.1.1 address 192.168.10.1

Type LS ID ADV RTR Seq No Age Checksum

1 192.168.10.9 192.168.10.9 0x80000001 35 0xBEEF

Matrix X Router Command Line Interface Reference Guide 36-79

Querying Commands

show ip ospf retransmission-list

This command displays a list of all LSAs waiting to be re‐sent.

Syntax
show ip ospf retransmission-list [neighbor | interface | interface_neighbor]

Parameters

neighbor (Optional) Specifies to display a list of all LSAs requested by the router
from this neighbor.
interface (Optional) Specifies to display a list of all LSAs requested by the router
from this interface.
interface_neighbor (Optional) Specifies to display a list of all LSAs requested from this
neighbor on this interface

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Example
The following example displays retransmission list information for interface ge.1.1:
matrix-x(router-config)# show ip ospf retransmission-list ge.1.1

OSPF Instance 1
Neighbor 192.168.10.5, interface ge.1.1 address 192.168.10.1
LSA retransmission due in 3000 msec, Queue length is 3

Type LS ID ADV RTR Seq No Age Checksum

1 192.168.10.9 192.168.10.9 0x80000001 35 0xBEEF

36-80 OSPF Commands

Querying Commands

show ip ospf summary-address

This command displays information about summary address redistribution.

Syntax
show ip ospf summary-address [instance_id]

Parameters

instance_id (Optional) Specifies the OSPF instance for which to display information.
If no instance_id is specified, information for all instances is displayed.
An integer from 1 to 4294967294.

Defaults
If instance_id is not specified, information for all instances is displayed.

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Usage
Use this command to obtain summary address redistribution information about configured OSPF
area ranges.

Example
The following example returns summary address information for OSPF instance 1:
matrix-x(router-config)# show ip ospf summary-address 1
OSPF Instance 1
192.168/20 Cost 0

Matrix X Router Command Line Interface Reference Guide 36-81

Querying Commands

show ip ospf virtual-links

This command displays information about configured OSPF virtual links for a single instance or
for all OSPF instances.

Syntax
show ip ospf virtual-links

Mode
Router privileged execution matrix-x(router-exec)#
Router global configuration: matrix-x(router-config)#
Router interface configuration: matrix-x(router-config-if-xx.x.x)#

Example
The following example queries virtual link information.
matrix-x(router-config)# show ip ospf virtual-links

Virtual Link to router 192.168.101.2 is up

Transit area 0.0.0.1 via interface ge.1.1
Link Cost is 5
Adjacency State is FULL
Timer intervals configured, Hello 20, Dead 120, Wait 30
Retransmit 5
Hello due in 0:00:05

36-82 OSPF Commands

37
RIP Commands

This chapter describes the Routing Information Protocol (RIP) commands.

For information about... Refer to page...

Global Configuration Mode Command 37-1

RIP Configuration Commands 37-3

RIP Interface Commands 37-30

Query Commands 37-39

Overview
The Matrix X Router supports RIP Versions 1 and 2. RIP is a distance‐vector routing protocol for
use in small networks. RIP is described in RFC 2453. A router running RIP broadcasts updates at
set intervals. Each update contains paired values where each pair consists of an IP network
address and an integer distance to that network. RIP uses a hop count metric to measure the
distance to a destination.
The Matrix X Router implements plain text and MD5 authentication methods for RIP Version 2.

Global Configuration Mode Command

There is one RIP command accessed from global configuration mode.

router rip
This command acquires Router Configuration mode for RIP.

Syntax
router rip

no router rip

Parameters
None.

Matrix X Router Command Line Interface Reference Guide 37-1

Global Configuration Mode Command

Defaults
None.

Mode
Router Global Configuration.

Usage
Use this command to enter Router RIP configuration mode. Once you are in Router RIP
configuration mode, you can begin configuring RIP.
You must specify this command in order to configure RIP.

Example
The following example shows how to enter RIP configuration mode.
matrix-x(switch-su)->router
msatrix-x(router-exec)#configure
matrix-x(router-config)# router rip
matrix-x(router-config-rip)#

37-2 RIP Commands

RIP Configuration Commands

The following commands are configured in RIP configuration mode.

For information about... Refer to page...

auto-summarization 37-4

default-metric 37-5

distribute-list 37-6

ecmp 37-8

enable 37-9

flash-update-time 37-10

ignore-host-routes 37-11

ignore-must-be-zero 37-12

network 37-14

preference 37-15

query-authentication 37-16

redistribute 37-18

send-updates 37-20

source-gateways 37-21

split-horizon 37-22

term-updates 37-23

timers basic 37-24

trace file 37-25

trace flag 37-27

trusted-gateways 37-28

Matrix X Router Command Line Interface Reference Guide 37-3

RIP Configuration Commands

auto-summarization
This command aggregates RIP routes based on their natural subnet masks. It operates with RIP
v1, summarizing sub‐prefixes to the classful network boundary when crossing classful network
boundaries.

Syntax
auto-summarization

no auto-summarization

Defaults
Disabled

Mode
Router RIP Configuration.

Usage
If you have disconnected subnets, enable automatic route summarization to advertise those
subnets. When route summarization is enabled, the Matrix X transmits subnet and host routing
information across classful network boundaries. The negative form of this command, no auto‐
summarization, disables automatic summarization.
Note that redistribution of aggregate routes is enabled automatically when auto‐summarization is
enabled.

Example
The following example summarizes four routes:
matrix-x(router-config)# interface ge.1.1
matrix-x(router-config-if-ge.1.1)# ip address 140.1.1.1 255.255.255.0
matrix-x(router-config-if-ge.1.1)# no shutdown
matrix-x(router-config-if-ge.1.1)# ip rip enable
matrix-x(router-config-if-ge.1.1)# ip rip version 1
matrix-x(router-config-if-ge.1.1)# exit
matrix-x(router-config)# interface ge.1.16
matrix-x(router-config-if-ge.1.16)# ip address 130.1.22.1 255.255.255.0
matrix-x(router-config-if-ge.1.16)# no shutdown
matrix-x(router-config-if-ge.1.16)# ip rip enable
matrix-x(router-config-if-ge.1.16)# ip rip version 1
matrix-x(router-config-if-ge.1.16)# exit
matrix-x(router-config)#interface ge.1.17
matrix-x(router-config-if-ge.1.17)# ip address 150.1.1.1 255.255.255.0
matrix-x(router-config-if-ge.1.17)# no shutdown
matrix-x(router-config-if-ge.1.17)# ip rip enable
matrix-x(router-config-if-ge.1.17)# ip rip version 1
matrix-x(router-config-if-ge.1.17)# exit
matrix-x(router-config)#interface ge.1.32
matrix-x(router-config-if-ge.1.32)# ip address 120.1.11.1 255.255.255.0
matrix-x(router-config-if-ge.1.32)# no shutdown
matrix-x(router-config-if-ge.1.32)# ip rip enable
matrix-x(router-config-if-ge.1.32)# ip rip version 1
matrix-x(router-config-if-ge.1.32)# exit

37-4 RIP Commands

RIP Configuration Commands

matrix-x(router-config)#router rip
matrix-x(router-config-rip)#auto-summarization
matrix-x(router-config-rip)#network 120.1.11.0 0.0.0.255
matrix-x(router-config-rip)#network 130.1.22.0 0.0.0.255
matrix-x(router-config-rip)#network 140.1.1.0 0.0.0.255
matrix-x(router-config-rip)#network 150.1.1.0 0.0.0.255

default-metric
This command configures the default metric for advertising RIP routes learned from other
protocols.

Syntax
default-metric metric_value

no default-metric [metric_value]

Parameters
metric_value An integer from 0 to 16, inclusive, assigned to exported reachability

Defaults
1

Mode
Router RIP Configuration.

Usage
Use this command to set the default metric value for advertising RIP routes learned from other
protocols.
The negative form of this command, no default‐metric, removes the configured value and returns
the metric to its default value of 1. Specifying a value for metric_value in the no form has no effect
on the configuration. Thus, it is displayed above as optional.

Example
The following example configures the RIP default metric value to be 2:
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# default-metric 2

Matrix X Router Command Line Interface Reference Guide 37-5

RIP Configuration Commands

distribute-list
This command configures policy for RIP to apply to incoming or outgoing updates.

Syntax
distribute-list access_list_name {in [interface-name] [route-map rm_name]} | {out
[interface-name] [protocol]}

no distribute-list access_list_name {in [interface-name] [route-map rm_name]} |

{out [interface-name] [protocol]}

Parameters
access_list_name The name of an access list
in Specifies that the policy applies to incoming updates.
interface‐name (Optional) Specifies a physical interface name to which this policy will
apply. Otherwise, it applies to all interfaces.
route‐map name (Optional) The name of a route map to apply to incoming routes.
out Specifies that the policy applies to exported updates
protocol (Optional) Specifies a redistributed protocol to filter. Valid values include:
• aggregate
• bgp
• direct
• isis
• kernel
• ospf
• ospf‐ase
• static

Defaults
The default is for RIP to import everything.

Mode
Router RIP Configuration.

Usage
This command provides a policy filtering mechanism for RIP routes. If the distribute list
configured with this command is specified with the in keyword, then the filter will apply to all
imported routes (that is to say, routes learned from RIP neighbors).
If the distribute list configured in this command is specified with the out keyword, then the filter
applies to exported routes (that is to say, routes announced to RIP neighbors).
To delete a configured distribute list, use the negative form of the command.

Note: All arguments of the original command must be supplied in order for the entry to be deleted.

37-6 RIP Commands

RIP Configuration Commands

Inbound Distribute-Lists
The distribute‐list in command configures a RIP import policy (in other words, a policy for RIP to
apply to incoming updates). You can specify both an interface‐name and a Route Map in the
policy. Note that order is not important when specifying both.
If an inbound distribute‐list is configured, then each route received from other RIP neighbors will
be evaluated against this inbound list. If the route matches the criteria specified by the inbound
list, then the route is imported. If the route does not match the inbound list criteria, then the route
is rejected. A route matches the inbound list criteria if it is permitted when evaluated against the
referenced access list. Furthermore, if the inbound distribute‐list references a route map, then the
route must also match when evaluated against the route map.
If the distribute‐list in command references a route map that has not yet been defined, then an
empty route map is created with the specified name.
If two inbound distribute lists are configured, one that does not reference an interface and one that
does, then the most specific inbound distribute list is used when evaluating a route received from
other RIP neighbors. If the route was received over an interface not named in any inbound
distribute list, then the inbound distribute list that does not reference an interface is used.
Otherwise, the inbound distribute list that references the interface over which the route was
received is used.
At most, one distribute‐list in command can be specified without an interface. Subsequent
distribute‐list in commands that do not reference an interface will overwrite any such previous
command. Similarly, at most one distribute‐list in command can be specified for each interface,
and subsequent commands that reference an interface will overwrite any such previous
command.

Outbound Distribute-Lists
The distribute‐list out command is used to configure export policy for RIP routes. Outbound
distribute lists look similar to inbound distribute lists, except that they allow you to optionally
specify an interface and a protocol, or more correctly, a route source. This allows you to filter
exported routes based on whether they were learned from BGP, OSPF, OSPF‐ASE or were
aggregate, static, or kernel routes. If an interface is specified, then the export policy described by
the distribute‐list out command only applies to the referenced interface. At most one distribute‐
list out command can be specified for each interface for each protocol. Furthermore, at most one
distribute‐list out command that does not reference a protocol can be specified. If an outbound
distribute list is configured without referencing a protocol, then when a route is being considered
for export to RIP neighbors, it must be permitted by the access list referenced in the distribute list.
If instead an outbound distribute list is configured that references a protocol, and if the route
being considered for export originated from the referenced protocol, then the route must be
permitted by the access list referenced in the distribute list. If more of both types of lists are
present, then the route need only be permitted by the access list referenced by one of the outbound
distribute lists.
It should be noted that an outbound distribute list has no effect in the absence of a redistribute
command. Outbound distribute lists can be thought of as a way to further refine the export policy
expressed with a redistribute command.
The negative form of this command, no distribute‐list, removes the configured list. You must
specify either in or out in the negative form. For outbound distribute lists, specifying a protocol is
optional. If the protocol is not specified, then all distribute lists referencing the specified access list
will be deleted.

Matrix X Router Command Line Interface Reference Guide 37-7

RIP Configuration Commands

Examples
In the following example, incoming updates received on interface ge.4.1 are matched against a
standard IP access‐list named abc.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# distribute-list abc in ge.4.1

In the following example, incoming updates received on interface ge.4.1 are matched against a
standard IP access‐list named alist1. A route map named rm1 is also applied to the incoming
updates.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# distribute-list alist1 in route-map rm1 ge.4.1

In the following example, incoming updates from all interfaces are matched against a standard IP
access‐list named alist1. A route map named rm1 is also applied to incoming updates.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# distribute-list alist1 in route-map rm1

In the following example, the distribute‐list entry originally configured in the previous example is
deconfigured.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# no distribute-list alist1 in route-map rm1

ecmp
This command configures the Equal‐Cost Multi‐Path feature.

Syntax
ecmp

no ecmp

Parameters
None.

Defaults
Equal‐Cost Multi‐Path is disabled.

Mode
Router RIP Configuration.

Usage
Use the negative form of this command, no ecmp, to disable the ECMP feature.

Note: RIP's ecmp flag setting does not affect existing routes. If the route is updated later, the route will
be installed with an adjusted number of gateways according to the ecmp flag setting and the compiled
RT_N_MULTIPATH setting. Use no router rip then router rip to clear out old RIP routes, then enter
RIP configuration.

37-8 RIP Commands

RIP Configuration Commands

Example
The following example turns on the ECMP feature.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# ecmp

enable
This command enables RIP on the router.

Syntax
enable

no enable

Parameters
None.

Defaults
By default, RIP is enabled on the router.

Mode
Router RIP Configuration.

Usage
The enable command enables the state RIP. The negative form of this command, no enable,
disables RIP on the router.

Examples
The following example disables RIP on the router.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# no enable

Matrix X Router Command Line Interface Reference Guide 37-9

RIP Configuration Commands

flash-update-time
This command sets the number of seconds between flash updates.

Syntax
flash-update-time time-seconds

no flash-update-time [time-seconds]

Parameters
time‐seconds An integer between 0 and 5, specifying a number of seconds

Defaults
The default Flash Update time value is a random number between 0 and 5.

Mode
Router RIP Configuration.

Usage
The flash‐update‐time command configures the Flash Update time. By default, the flash‐update‐
timer is set to a random value with a range of (0, 5) inclusive. The negative form of this command,
no flash‐update‐time, removes the configured time‐seconds value and returns the value to a
random number between 0 and 5. Specifying a value for time‐seconds in the no form has no effect
on the configuration. Thus, it is displayed above as optional.

Example
The following example configures the flash‐update‐timer to be 3 seconds.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# flash-update-time 3

37-10 RIP Commands

RIP Configuration Commands

ignore-host-routes
This command configures the router to reject host routes learned in RIP response messages.

Syntax
ignore-host-routes

no ignore-host-routes

Parameters
None.

Defaults
By default, host routes are accepted.

Mode
Router RIP Configuration.

Usage
This command causes the Matrix‐X to reject host routes (with a netmask of 255.255.255.255)
learned in RIP response messages.
The negative form of this command, no ignore‐host‐routes, returns to the default setting of
accepting host routes learned in RIP response messages.

Example
The following example configures the router to not recognize host routes.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# ignore-host-routes

Matrix X Router Command Line Interface Reference Guide 37-11

RIP Configuration Commands

ignore-must-be-zero
This command configures the handling of zero‐filled reserved fields in RIP 1.

Syntax
ignore-must-be-zero

no ignore-must-be-zero

Parameters
None.

Defaults
The default is checking zero‐filled reserved fields for RIP version 1.

Mode
Router RIP Configuration.

Usage
The RIP version 1 specification also mandates that version 1 packets, where the reserved fields are
not filled with all zeros, should be discarded. However, some implementations of RIP do not
follow the specification and carry non‐zero information in these fields. The ignore‐must‐be‐zero
command allows RIP to interoperate with those implementations.
The user should be certain that the non‐compliant router is intentionally generating malformed
packets (rather than malfunctioning) before enabling interoperability. Otherwise, correct routing
could be compromised.
The negative form of this command, no ignore‐must‐be‐zero, returns this command to the default
of checking zero‐filled reserved fields for RIP version 1.

Example
The following example configures the RIP router to ignore messages whose reserved fields are not
zeroed:
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# ignore-must-be-zero

37-12 RIP Commands

RIP Configuration Commands

multicast-rib
This command adds RIP routes to or removes RIP routes from the multicast RIB.

Syntax
multicast-rib
no multicast-rib

Matrix X Router Command Line Interface Reference Guide 37-17

RIP Configuration Commands

redistribute
This command specifies routes to export to the current protocol.

Syntax
redistribute protocol [route-map name]

no redistribute protocol [route-map name]

Parameters
protocol The protocol name whose routes you want to redistribute to the current
protocol being configured. Valid protocols are:
• aggregate
• bgp
• direct
• isis
• kernel
• ospf
• ospf‐ase
• rip
• static
route‐map name (Optional) The name of a route map to apply to these routes.

Defaults
The default is to export direct routes and RIP routes. Note that this is an implicit default that is
wiped away with the first redistribute configuration.

Mode
Router RIP Configuration.

Usage
Use the redistribute command to specify routes to export into the current protocol (BGP, OSPF‐
ASE, RIP, or VRE).
This command causes routes from the specified protocol to be considered for redistribution into
the current protocol. Additionally, if a route map is specified, then routes from the specified
protocol that match the named route map will be considered for redistribution into the current
protocol.
If the referenced route map has not yet been configured, then an empty route map is created with
the specified name.
Although this command can be given multiple times, it can only be given once for each of the nine
configurable protocols. In other words, if a redistribute command is given for a protocol and
route map, and then given again for the same protocol with a different route map, the second
configuration overrides the first.
Redistribution of aggregate routes is enabled automatically when auto‐summarization is enabled.

37-18 RIP Commands

RIP Configuration Commands

Note: Configuring this away from its default removes the implicitly configured default. You will have
to go back and specify to redistribute RIP and/or direct routes after the first redistribute
configuration in order to export those routes.

Examples
In the following example RIP is configured to redistribute all BGP routes.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# redistribute bgp

The following example configures a community set, set1, that permits AS:num 101:102. It then
configures an extended community set extset1, that permits Route Target AS:num 201:202.
matrix-x(router-config)# ip community-set set1 permit 101:102
matrix-x(router-config)# ip extcommunity-set ext-set1 permit rt 201:202

The two are then added to a community list, called commlist1.

matrix-x(router-config)# ip community-list commlist1 permit set1
matrix-x(router-config)# ip community-list commlist1 permit ext-set1

The community list is then applied to a route map called matchcommlist1. If the route map matches
BGP Community list commlist1, then the metric for routes will be set to 20.
matrix-x(router-config)# route-map match-commlist1
matrix-x(config-route-map)# match community commlist1
matrix-x(config-route-map)# set metric 20

RIP Configuration Commands

the split horizon mechanism is disabled. This means that RIP will announce a route to all possible
interfaces, including the interface from which the route was learned.
Finally, if poison‐reverse is specified, then split horizon with poisoned reverse is enabled. This
means that RIP will announce a route to all possible interfaces, including the one from which the
route was learned, but with the infinity metric.
The negative form of this command, no split‐horizon, removes the configured split horizon type
and returns to the default type.

Examples
In the following example, RIP is configured without split horizon.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# split-horizon off
In the following example, RIP is configured with split horizon with poisoned reverse.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# split-horizon poison-reverse
In the following example, RIP is configured to return to the default behavior of split horizon.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# no split-horizon

term-updates
This command sets the number of updates sent by RIP during termination.

Syntax
term-updates number

no term-updates [number]

Parameters
number An integer between 1 and 255, inclusive.

Defaults
4

Mode
Router RIP Configuration.

Usage
The term‐updates command configures the number of updates sent by RIP during termination.
The negative form of this command, no term‐updates, removes the configured number value and
returns to the default value of 4. Specifying a value for number in the no form has no effect on the
configuration. Thus, it is displayed above as optional.

Matrix X Router Command Line Interface Reference Guide 37-23

RIP Configuration Commands

Example
The following example configures a term update number of 6:
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# term-updates 6

timers basic
This command sets the Update Interval, Expiration Time, and Holddown Time for routes received
or sent via RIP.

Syntax
timers basic update-seconds expiration-seconds holddown-seconds

no timers basic [update-seconds expiration-seconds holddown-seconds]

Parameters
update‐seconds The update interval in seconds, specified as an integer from 5 to
2,147,483,647, inclusive.
expiration‐seconds The route expiration time in seconds, specified as an integer from 5 to
2,147,483,647, inclusive.
holddown‐seconds The holddown time in seconds, specified as an integer from 5 to
2,147,483,647, inclusive.

Defaults
• Update interval is 30
• Expiration interval is 180
• Holddown interval is 120

Mode
Router RIP Configuration.

Usage
The timers basic command sets the Update Interval, the Expiration Time, and the Holddown
Time in seconds for routes received and/or sent via RIP.
The negative form of this command, no timers basic, returns this value to its default, but only
after the current timer setting expires. At that time, you will start seeing updates at the regular
intervals.
Specifying values for update‐seconds, expiration‐seconds, and holddown‐seconds in the no form has no
effect on the configuration. Thus, they are displayed above as optional.
The expiration time is initialized when a route is established and any time an update message is
received for the route. If the specified number of seconds elapses from the last time the expiration
time was initialized, then the route is considered to have expired, and the deletion process begins
for that route.
The update time is used for unsolicited route responses.

37-24 RIP Commands

RIP Configuration Commands

The holddown interval is initialized upon expiration of the timeout, the route is no longer valid.
However, it is retained in the routing table for a short time so that neighbors can be notified that
the route has been dropped. Upon expiration of the holddown interval, the route is finally
removed from the routing table.

Note: When configuring timers basic, you must specify an update-seconds value, an expiration-
seconds value, and a holddown-seconds value, in that order, even if you want one or two of these to
remain the default value.

Examples
The following example configures the Update Interval at 25 seconds, the Expiration Time at 150
seconds, and the Holddown Timer at 300.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# timers basic 25 150 300

The following example configures the Expiration Time to be 200 seconds. The Update Interval will
have the default value of 30 seconds and the Holddown Timer will also have its default value.
Note that you must specify the Update Interval and Holddown Timer values even though you are
configuring the default:
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# timers basic 30 200 120

The following example removes any configured timer values and returns the timers basic
command to its default values:
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# no timers basic

trace file
This command specifies the file to receive tracing information, the size of the file, whether to
overwrite existing files, and the maximum number of files allowed.

Syntax
trace file file_name [max-size file_size [M | m | K | k]] [max-files num_files]
[no-timestamp] [overwrite]

no trace file file_name [max-size file_size [M | m | K | k]] [max-files num_files]

[no-timestamp] [overwrite]

Parameters

file_name The name of the file to receive the tracing information. Note that the file
name is not specified in quotes.

Matrix X Router Command Line Interface Reference Guide 37-25

RIP Configuration Commands

max‐size (Optional) Maximum file size in bytes (by default) or megabytes or

file_size[M|m|K|k] kilobytes, ranging from 10K to 4,095,000,000 bytes. Notice that there is no
space between the file_size parameter and the unit type.
M and m both specify megabytes. K and k both specify kilobytes. If no
unit type is entered, bytes is assumed.
If no maximum file size is specified, the default is unlimited. The size of a
trace file is limited by the file system on which the trace file resides.
max‐files num_files (Optional) Maximum number of files allowed in the directory, ranging
from 2 to 4,294,967,295.
If no maximum number of files is specified, the default is 4,294,967,295
no‐timestamp (Optional) A timestamp should not be prepended to all trace lines. The
default is to prepend a timestamp to all lines written to a trace file.
overwrite (Optional) Begin tracing by overwriting, or truncating, an existing file.
The default is to append to an existing file.

Defaults
RIP tracing is turned off by default.

Mode
Router RIP Configuration.

Usage
The trace file command is associated with each protocol, so that information pertaining to a single
protocol can be written to its own file. For RIP, the trace file command in RIP configuration mode
specifies a file for tracing of all RIP events. The negative form of this command disables this
tracing. The specific events that are traced are controlled by the trace flag command.
Command options are governed by the following rules:
• The max‐size option specifies a maximum size of the trace file which can be specified in
megabytes by giving ‘M’ or ‘m’ (without a leading space), or it can be specified in kilobytes by
giving ʹKʹ or ʹkʹ. If you specify no units, the size is assumed to be in bytes. When the maximum
file size is reached, the file is closed and renamed to fname.0, then fname.1, and so on, until the
maximum number of files specified by the max‐files option is reached.
• The max‐files option specifies the maximum number of files allowed in the specified
directory with a default of 4,294,967,295 files.
• The no‐timestamp option disables the pre‐pending of a timestamp to all lines written to the
trace file.
• The overwrite option specifies whether to start tracing by truncating or appending to an
existing file.
These options are not cumulative across multiple commands. Consider the following example:
matrix-x(router-config-rip)# trace file rip.log no-timestamp
matrix-x(router-config-rip)# trace file rip.log maxfiles 10

The option given in the second command completely replaces that given in the first. In order to
specify both no‐timestamp and max‐files 10, they must be entered on the same line as follows:

37-26 RIP Commands

RIP Configuration Commands

matrix-x(router-config-rip)# trace file rip.log maxfiles 10 no-timestamp

Example
In the following example, RIP tracing is written to the file /var/trace/rip.log. The maximum size of
the file is configured to be 1024 KB, and the maximum number of files permitted is 3. When the file
reaches 1 megabyte in size (the maximum size in this configuration), the file is renamed to
rip.log.0, and rip.log is re‐created. This continues until four log files exist (the maximum allowed
in this configuration). No timestamp will display at the beginning of the trace lines.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# trace file rip.log max-size 1024k max-files 4 no-
timestamp

trace flag
This command specifies RIP‐specific tracing options as well as options that are common across all
protocols.

Syntax
trace flag {route | normal | state | policy | task | timer | all} | {packets |
request | response |other send | receive | send-receive] [detail]}

no trace flag {route | normal | state | policy | task | timer | all} | {packets |
request | response |other [send | receive | send-receive] [detail]}

Parameters

These tracing flags are common to all protocols. They cannot be associated with a send, receive,
or send‐receive action item. Similarly, you cannot specify to show detailed information when
tracing these flags.
route Trace routing table changes for routes installed by this protocol or peer
normal Trace normal protocol occurrences. Note: Abnormal protocol occurrences
are always traced.
state Trace state machine transition in the protocol
policy Trace the application of protocol and user‐specified policy to routes being
imported or exported
task Trace system interface and processing associated with this protocol
timer Trace timer usage by this protocol
all Turns on all trace flags
These RIP‐specific flags can be associated with the send, receive, or send‐receive action items.
packets Trace all RIP packet types
request Trace RIP information request packets, which include request, poll, and
poll entry packets
response Trace RIP response packets (for example, those that actually contain
routing updates)
other Trace any other type of RIP packet

Matrix X Router Command Line Interface Reference Guide 37-27

RIP Configuration Commands

These optional action items specify whether to limit the tracing to packets.
send Optionally specify to limit tracing for packets sent.
receive Optionally specify to limit tracing for packets received.
send‐receive Optionally specify to limit tracing for packets sent and received.
detail Optionally specify to use a more verbose format when displaying
information about the contents of packets instead of one or two lines.

Defaults
The default is for no flags to be explicitly configured.

Mode
Router RIP Configuration.

Usage
Use the trace flag command to specify tracing flags for RIP tracing. Each flag must reside on its
own configuration line. For example, you cannot specify to trace both task and policy packets in
the same command.

Example
In the following example, trace flags specify that both the sent and received request and response
messages are traced in detail. This tracing information will be written to the file /var/trace/rip.log.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# trace file rip max-size 1024k
matrix-x(router-config-rip)# trace flag request send-receive detail
matrix-x(router-config-rip)# trace flag response send-receive detail

trusted-gateways
This command configures the routers from which RIP will accept routes.

Syntax
trusted-gateways ipv4-address

no trusted-gateways [ipv4-address]

Parameters
ipv4-address A valid IPv4 address in dotted‐quad notation

Defaults
All routers are trusted by default.

Mode
Router RIP Configuration.

37-28 RIP Commands

RIP Configuration Commands

Usage
The trusted‐gateways command configures routers from which RIP will accept routes. Update
messages from routes not specified in this command will be discarded. This allows for additional
security beyond that provided by ip rip authentication. Specifically, it provides a complete list of
IP addresses from which the configured router will accept RIP updates. Only those RIP packets
originating from the listed hosts will be accepted.
This command can be repeated an unlimited number of times to created an unlimited number of
trusted gateways.
Use the negative form of this command, no trusted‐gateways, with an IPv4 address to remove a
single address from the list of trusted gateways. To delete the entire list, use the negative form of
the command with no IPv4 address.

Examples
The following example configures RIP to accept updates sent from routes with only host
addresses of 2 on the 192.168.10, .12, and .13 networks:
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# trusted-gateways 192.168.10.2
matrix-x(router-config-rip)# trusted-gateways 192.168.11.2
matrix-x(router-config-rip)# trusted-gateways 192.168.12.2

In the following example, the trusted‐gateway 192.168.11.1 from the previous example is deleted:
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# no trusted-gateways 192.168.11.1

In the following example, the rest of the entire trusted‐gateways list from the first example is
deleted. As a result, RIP will trust all routers.
matrix-x(router-config)# router rip
matrix-x(router-config-rip)# no trusted-gateways

Matrix X Router Command Line Interface Reference Guide 37-29

RIP Interface Commands

The following RIP commands are executed in interface configuration mode.

For information about...ip rip authentication Refer to page...

ip rip authentication 37-30

ip rip enable 37-32

ip rip metric-in 37-32

ip rip metric-out 37-33

ip rip no-receive 37-34

ip rip no-send 37-35

ip rip secondary-authentication 37-36

ip rip version 37-37

ip rip authentication
This command specifies the type of authentication and key values on the specified interface.

Syntax
ip rip authentication {simple key | md5 id_number md5_key [start-generate
date_time] [stop-generate date_time] [start-accept date_time] [stop-accept
date_time]}

no ip rip authentication

Parameters

37-30 RIP Commands

RIP Interface Commands

start‐accept date_time (Optional) Specifies the start and stop times for accepting MD5
authentication. The date_time values must be in the format
stop‐accept date_time
YYYY‐MM‐DD.HH.MM.
Both parameters are optional and you may enter them in any
order when specifying multiple commands.

Defaults
The default is for no authentication to be explicitly configured.

Mode
Router Interface Configuration.

Usage
The ip rip authentication command is used both to verify and to generate the authentication field
in the RIP header for all packets sent and received on the specified interface.
This applies only to version 2 packets and RIPv1‐compatible RIPv2 packets, because RIPv1 does
not support authentication. One exception to the above is the case of query packets. In the case of
querying a router through an interface that is speaking RIPv1, the query packet will still be
authenticated, but no authentication will be used on the outgoing packet.
If a packet is received with authentication that does not match, then it is ignored.
On a trusted network, simple authentication can be used to create two logical networks because
sets of routers with shared passwords will talk to each other, but not communicate with those
using a different password. On an untrusted network, however, this technique should not be used
because simple passwords are sent in clear text. MD5 should be used instead. However, even
MD5 does not encrypt the entire packet, only the authentication field of the header.
Specifying an authentication without explicitly configure RIP to version 2 will cause a parse error.
For somewhat more serious authentication, use trusted gateways or a combination of trusted
gateways and authentication.

Examples
The following example configures a simple key authentication for interface ge.4.2:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip rip authentication simple abc

The following example configures md5 authentication with two keys on interface ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip rip authentication md5 1 abc start-accept
2003-12-01.10.20 start-generate 2003-12-01.10.20
matrix-x(router-config-if-ge.4.1)# ip rip authentication md5 2 abc start-accept
2003-12-11.10.20 stop-accept 2003-12-21.10.20

Matrix X Router Command Line Interface Reference Guide 37-31

RIP Interface Commands

ip rip enable
This command enables RIP on an interface.

Syntax
ip rip enable

no ip rip enable

Parameters
None.

Defaults
RIP is not enabled by default on an interface.

Mode
Router Interface Configuration.

Usage
The ip rip enable command explicitly enables RIP on an interface. The no ip rip enable command
explicitly disables RIP on an interface.

Example
The following example disables RIP on interface ge.4.3:
matrix-x(router-config)# interface ge.4.3
matrix-x(router-config-if-ge.4.3)# no ip rip enable

ip rip metric-in
This command sets an additional metric on incoming RIP routers for an interface.

Syntax
ip rip metric-in <1-16>

no ip rip metric-in <1-16>

Parameters
1-16 A metric applied to inbound routes.

Usage
The ip rip metric‐in command sets an additional metric on incoming RIP routes for an interface.
It is often the case that a router should prefer routes received on one set of interfaces over those
received on another. For example, given two point‐to‐point links, one can be more expensive than
the other and should, therefore, be less preferred. The ip rip metric‐in command is used for
exactly this purpose — to make routes learned from certain interfaces less preferable.

37-32 RIP Commands

RIP Interface Commands

ip rip metric‐in is the default manner by which RIP increments hop count. That is to say, RIP
works by adding a hop every time a route is received and before it is sent back out to other
interfaces. This implementation adds the hop when the route is received (for example, before
decisions regarding whether the route should be used are made). By default, a metric of 1 plus the
kernel interface metric is added as the hop count. Normally, this interface metric is zero, but some
operating systems allow it to be specified on interface configuration. If ip rip metric‐in is explicitly
given, it is added as an absolute value (for example, without the interface metric).
The negative form of this command, no ip rip metric‐in, returns the default value to 1.

Defaults
1

Mode
Router Interface Configuration.

Example
The following example configures a router to add a metric of 2 to the incoming RIP routes on
interface ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip rip metric-in 2

ip rip metric-out
This command sets an additional metric on outing RIP routes for an interface.

Syntax
ip rip metric-out value

no ip rip metric-out [value]

Parameters
value An integer between 0 and 16, inclusive.

Defaults
0

Mode
Router Interface Configuration.

Usage
The ip rip metric‐out command configures an additional metric on outgoing RIP routes for an
interface.
Normally, this RIP implementation adds to the hop count only on incoming routes. There are
times, however, when the user wants to cause other routers not to prefer routes from a given
origin. For example, if the router is a backup router, it might be desirable for its routes to always

Matrix X Router Command Line Interface Reference Guide 37-33

RIP Interface Commands

be less preferred. ip rip metric‐out accomplishes this by adding to the RIP metric on top of any
metric specified by ip rip metric‐in before RIP updates are sent out the specified interface.
Use the negative form of this command, no ip rip metric‐out, to remove a configured value and
return this to its default value of 0. Specifying a value in the no form has no effect on the
configuration. Thus, it is displayed above as optional.

Example
The following example configures a router to add a cost of 2 to outgoing RIP routes for interface
ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip rip metric-out 2

ip rip no-receive
This command specifies whether RIP will listen to or discard RIP updates.

Syntax
ip rip no-receive

no ip rip no-receive

Parameters
None.

Usage
The ip rip no‐receive command specifies whether RIP will listen to RIP updates received on a
given interface. Although it would almost certainly be a mis‐configuration, it is important to note
that RIP can send RIP updates on a superset of those interfaces on which it receives updates. This
can be a valid configuration if, for example, the user receives RIP updates from an ISP, then
redistributes those onto the LAN, and does not want to send the LAN topology back to the ISP.

Defaults
By default, RIP listens to updates received on a given interface.

Mode
Router Interface Configuration.

Example
The following example configures no‐receive on interface ge.4.1. As a result, updates received on
interface ge.4.1 will be discarded:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip rip no-receive

37-34 RIP Commands

RIP Interface Commands

ip rip no-send
This command specifies whether RIP will send RIP updates.

Syntax
ip rip no-send

no ip rip no-send

Parameters
None.

Defaults
RIP, by default, sends updates on interfaces on which RIP is running.

Mode
Router Interface Configuration.

Usage
RIP, by default, sends updates on interfaces on which RIP is running. The ip rip no‐send
command specifies that RIP will not send updates.

Example
The following example configures the no‐send option on interface ge.4.2. As a result, no updates
will be send over that interface:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip rip no-send

Matrix X Router Command Line Interface Reference Guide 37-35

RIP Interface Commands

ip rip secondary-authentication
This command sets the authentication used on an interface if the primary authentication fails.

Syntax
ip rip secondary-authentication {simple key | md5 id_number md5_key
[start-generate date_time] [stop-generate date_time] [start-accept date_time]
[stop-accept date_time]}

no ip rip secondary-authentication

Parameters

Usage
The ip rip secondary‐authentication is identical in function to the primary authentication
configured using the ip rip authentication command but is only used if the primary
authentication fails.
This type of authentication can be used while a network is in transition to verify that old
passwords are still accepted. Use the negative form of this command, no ip rip
secondary‐authentication, to remove the configured authentication.

Defaults
The default is for no authentication to be explicitly configured.

37-36 RIP Commands

RIP Interface Commands

Mode
Router Interface Configuration.

Examples
The following example configures a simple key authentication for interface ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip rip secondary-authentication simple abc

The following example configures md5 authentication with two keys on interface ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip rip secondary-authentication md5 1 abc
start-accept 2003/12/01 10:20 start-generate 2003/12/01 10:20
matrix-x(router-config-if-ge.4.1)# ip rip secondary-authentication md5 2 abc
start-accept 2003/12/11 10:20 stop-accept 2003/12/21 10:20

ip rip version
This command specifies the version of RIP to be run on an interface.

Syntax
ip rip version {1 | 2 [ broadcast | multicast]}

no ip rip version

Parameters
1 Specify to run RIP version 1 on the interface
2 [broadcast | Specify to run RIP version 2 on the interface. Also, optionally specify
multicast] whether updates will be sent to a multicast group or will be broadcast to
the network

Usage
The ip rip version command specifies the version of RIP to be run. This command is used to
override the default version of RIP that will be run on a given interface. Normally, RIPv1 will be
run on all interfaces. If version 2 is specified, then the default behavior depends on the capabilities
of the interface. If the interface is multicast capable, then RIP updates will be multicast to RIP2‐
ROUTERS.MCAST.NET (the reserved multicast address, 224.0.0.9). If the interface is not multicast
capable, then RIP version 1 compatible version 2 will be broadcast.
The optional broadcast and multicast parameters are effective only if RIP version 2 is configured.
Specifying broadcast or multicast allows the above default behavior to be overridden. This is
normally used to specify that only version‐1‐compatible packets should be sent for
interoperability purposes, even though a given interface is multicast capable. An exception is the
case in which version 2 multicast is specified on an interface that is not multicast capable (for
example, a point‐to‐point link). In this case, if a source‐gateway is also specified, then the full
RIPv2 packets will be directly unicast to the source gateway on the specified interface.

Matrix X Router Command Line Interface Reference Guide 37-37

RIP Interface Commands

Defaults
Version 1 is the default, with the exception that if version 2 is being configured on multicast‐
capable interfaces without specifying multicast or broadcast, version 2 multicast is the default.

Mode
Router Interface Configuration.

Examples
The following example configures version 2 broadcast on interface ge.4.1:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip rip version 2 broadcast

In the following example, the version setting in the previous example is set back to using the
default behavior for interface ge.4.1. Version 1 packets will then be broadcast to the network.
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# no ip rip version

The following example configures version 2 on multicast‐capable interface ge.4.2. Updates will be
sent out to multicast group 224.0.0.9:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip rip version 2

37-38 RIP Commands

Query Commands

Query Commands
The following command can be executed in privileged execution mode, global configuration
mode, or interface configuration mode.

For information about... Refer to page...

show ip rip database 37-39

show ip rip gateway-summary 37-40

show ip rip database

This command displays information about a specific route or all routes in the Routing Information
Base.

Syntax
show ip rip database [ipv4-address mask] | [tag value)]

Parameters
ipv4‐address mask (Optional) Enter a specific IPv4 address and subnet mask argument about
which routing information should be displayed.
tag value (Optional) Specify a tag and value used to mark a specific route. The tag
value can be an integer from 0 to 4,294,967,295, inclusive.

Defaults
None.

Mode
Router Privileged EXEC.
Router Global Configuration.
Router Interface Configuration.

Usage
The show ip rip database query displays information about routes in the Routing Information
Base.
This query has three forms. If the query is issued without arguments, then information about all
RIP routes is returned. Alternatively, the query can be issued with a specific IPv4 address and
mask. In this case, the reply will contain information pertaining only to the referenced address.
Finally, a query can be submitted with a tag value. In this case, all RIP routes that match the tag
will be displayed.

Matrix X Router Command Line Interface Reference Guide 37-39

Query Commands

Examples
The following example displays all rip routes:
matrix-x(router-exec)# show ip rip database
192.168.11.0/24 directly connected, ge.4.1 192.168.13.0/24
[1] via 192.168.14.2, 00:00:25, ge.4.1
[2] via 192.168.15.2, 00:00:20, ge.4.2 182.168.13.0/24
[1] via 182.168.14.2, 00:00:25, ge.4.4

In the following example, a query is submitted for RIP route information for a specific network:
matrix-x(router-exec)# show ip rip database 192.168.13.0 255.255.255.0
192.168.13.0/24
[1] via 192.168.14.2, 00:00:25, ge.4.1
[2] via 192.168.15.2, 00:00:20, ge.4.2

In the following example, a query is submitted for information about RIP routes that match a
given tag, 1000. The return shows one route that matches the tag:
matrix-x(router-exec)# show ip rip database tag 1000
192.168.13.0/24
[1] via 192.168.14.2, 00:00:25, ge.4.4

Field Descriptions
The following table describes the fields that appear in the RIP Database Query (using fields in the
first example).

Output What It Displays...

192.168.11.0/24 Destination IPv4 address and mask length

directly connected Displays if the network is directly connected

[1] via 192.168.14.2 The first gateway

[2] via 192.168.15.2 The second gateway

00:00:25 Last heard time in hours:minutes:seconds

ge.4.1 The interface from which a nexthop can be reached

show ip rip gateway-summary

This command displays information about all the gateways of RIP routes.

Syntax
show ip rip gateway-summary

Parameters
None.

37-40 RIP Commands

Query Commands

Defaults
None.

Mode
Router Privileged EXEC.
Router Global Configuration.
Router Interface Configuration.

Usage
The show ip rip gateway‐summary query displays information about all the gateways of RIP
routes.
The output displays the IPv4 address, the last heard time of the gateway, and the characteristic
flags that apply to the gateway.

Examples
The following example returns information requested with the RIP Gateway Summary query:
matrix-x(router-exec)# show ip rip gateway-summary

Gateway Last-Heard Bad-Packets Bad-Routes Flags

10.2.12.33 00:00:15 SRC, TRSTED,
ACCPTED,
RJCTED,
Q_RJCTED,
AUTHFAIL

Field Descriptions
The following table describes the fields that appear in the RIP Gateway Summary Query.

Output What It Displays...

10.2.12.33 IPv4 address of the gateway

00:00:15 Last heard time in hours:minutes:seconds

Bad-Packets The number of bad packets received

Bad-Routes The number of bad routes received

SRC Flag indicating source gateway

TRSTED Flag indicating trusted gateway

ACCPTD Flag indicating packet accepted from this gateway

RJCTED Flag indicating packet rejected for this gateway

Q_RJCTD Flag indicating query rejected for this gateway

AUTHFAIL Flag indicating authentication failed for this gateway

Matrix X Router Command Line Interface Reference Guide 37-41

Query Commands

37-42 RIP Commands

38
Router Discovery Commands

This chapter describes the Router Discovery commands.

Overview
The Router Discovery Protocol is an IETF standard protocol (RFC 1256) used to inform hosts of the
existence of routers. It is intended to be used instead of having hosts wiretap routing protocols,
such as RIP. It is used in place of, or in addition to, statically‐configured default routes in hosts.
RFC 1256 can be found at: http://ietf.org/rfc/rfc1256.txt.
The protocol is split into two portions: the server portion, which runs on routers, and the client
portion, which runs on hosts. The Matrix X Router currently supports only the server
configuration.
The router discovery server runs on routers and announces their existence to hosts by periodically
multicasting or broadcasting a router advertisement to each interface on which it is enabled. These
router advertisements contain a list of all the routersʹ addresses on a given interface and the
preference of each address for use as the default router on that interface.
Initially, these router advertisements occur every few seconds, then fall back to every few
minutes. In addition, a host can send a router solicitation to which the router will respond with a
unicast router advertisement (unless a multicast or broadcast advertisement is due momentarily).
Each router advertisement contains an advertisement ʺlifetimeʺ, indicating for how long the
advertised addresses are valid. This lifetime is configured such that another router advertisement
will be sent before the lifetime has expired. A lifetime of zero is used to indicate that one or more
addresses are no longer valid.
On systems supporting IP multicasting, the router advertisements are, by default, sent to the all‐
hosts multicast address, 224.0.0.1. However, an advertisement method of broadcast can be
specified. When router advertisements are being sent to the all‐hosts multicast address, or an
interface is configured for the limited‐broadcast address, 255.255.255.255, all IP addresses
configured on the physical interface are included in the router advertisement. When the router
advertisements are being sent to a net or subnet broadcast, only the address associated with that
net or subnet is included.
A host listens for router advertisements via the all‐hosts multicast address (224.0.0.1) if IP
multicasting is available and enabled, or on the interfaceʹs broadcast address. When starting up, or
when reconfigured, a host can send a few router solicitations to the all‐routers multicast address,
224.0.0.2, or the interfaceʹs broadcast address.
When a router advertisement with non‐zero lifetime is received, the host installs a default route to
each of the advertised addresses. If the preference is ineligible, or the address is not on an attached
interface, the route is marked unusable but is retained. If the preference is usable, the metric is set
as a function of the preference such that the route with the best preference is used.

Matrix X Router Command Line Interface Reference Guide 38-1

Commands

If more than one address with the same preference is received, the one with the lowest IP address
will be used. These default routes are not exportable to other protocols.
When a router advertisement with a zero lifetime is received, the host deletes all routes with next‐
hop addresses learned from that router. In addition, any routes learned from ICMP redirects
pointing to these addresses will be deleted. The same will happen when a router advertisement is
not received to refresh these routes before the lifetime expires.

Commands
This section describes the Router Discovery commands

For information about... Refer to page...

ip router-discovery address-policy 38-2

ip router-discovery enable 38-3

ip router-discovery trace file 38-4

ip router-discovery trace flag 38-6

router-discovery lifetime 38-7

router-discovery maximum-interval 38-8

router-discovery minimum-interval 38-9

ip router-discovery address-policy
This command specifies policy‐related parameters when configuring logical interface addresses in
router discovery.

Syntax
ip router-discovery address-policy ipv4_address [(method (broadcast | ignore |
multicast)) | (preference pref) | ineligible]

no ip router-discovery address-policy ipv4_address

Parameters

ipv4_address A valid IPv4 address in dotted‐quad notation

method | Optionally specifies whether the associated IPv4 address should be included
broadcast | in router advertisements and whether the router advertisements should be
ignore | unicast or multicast. If ignore is specified, then the associated IPv4 address
multicast will not be included in router advertisements.
Note: If an interface does not support multicast, but multicast is specified for that
interface, then that interface will not be advertised.
preference pref Configures the preferability of the address as a default router address.
Otherwise, you can specify a value for pref between 1 and 255. The default
preference value is 55.

38-2 Router Discovery Commands

Commands

ineligible Optionally specifies that the router should be advertised with the worst
possible preference, making it ineligible to become the default router.

Defaults
• This command is not explicitly configured by default.
• Preference: 55

Mode
Router Global Configuration.

Usage
Use the ip router‐discovery address‐policy command to specify the logical interface or interfaces
that should be advertised in router advertisements. This command can be given multiple times,
creating multiple interfaces to be advertised in router advertisements.

Examples
This example sets logical interface 223.1.5.8 to broadcast with a preference of 10:
matrix-x(router-config)# ip router-discovery address-policy 223.1.5.8 method
broadcast preference 10
The following example sets logical interface 224.5.5.5 to multicast. The interface is then configured
such that it is ineligible to become the default router.
matrix-x(router-config)# ip router-discovery address-policy 224.5.5.5 method
multicast ineligible

ip router-discovery enable
This command enables the router discovery server.

Syntax
ip router-discovery enable

no ip router-discovery enable

Parameters
None.

Defaults
The default is disabled.

Mode
Router Global Configuration.

Matrix X Router Command Line Interface Reference Guide 38-3

Commands

Usage
This command enables router discovery on the server. Though you can specify router discovery
commands before specifying ip router‐discovery enable, this command must be entered to turn
on the router discovery function.
The negative form of this command, no ip router‐discovery, disables router discovery on the
server and removes all router discovery configuration.

Examples
The following example enables router discovery on the server:
matrix-x(router-config)# ip router-discovery enable

The following example turns router discovery off on the server:

matrix-x(router-config)# no ip router-discovery enable

ip router-discovery trace file

This command specifies the file to receive tracing information, the size of the file, whether to
overwrite existing files, and the maximum number of files allowed.

Syntax
ip router-discovery trace file file_name [max-size file_size [M | m | K | k] ||
max-files num_files || no-timestamp || overwrite]

no ip router-discovery trace file file_name [max-size file_size [M | m | K | k]

|| max-files num_files || no-timestamp || overwrite]

Parameters

file_name Specifies the name of the file to receive the tracing information. Note that
the file name is not specified in quotes.
max‐size file_size Specifies the maximum file size in bytes (by default) or megabytes or
[M | m | K | k] kilobytes. The acceptable value range is 10K to 4,294,967,295 bytes. Notice
that there is no space between the file_size parameter and the unit type.
max‐files Specifies the maximum number of files allowed in the directory, ranging
num_files from 2 to 4,294,967,295.
no‐timestamp Specifies that a timestamp should not be prepended to all trace lines.
overwrite Specifies to begin tracing by appending or truncating an existing file.

Defaults
• Disabled
• Max‐files: 4,294,967,295

Mode
Router Global Configuration.

38-4 Router Discovery Commands

Commands

Usage
The trace file command is associated with each protocol, so that information pertaining to a single
protocol can be written to its own file. For Router Discovery, the ip router‐discovery trace file
command specifies a file for tracing of all Router Discovery events. The negative form of this
command disables this tracing. The specific events that are traced are controlled by the ip router‐
discovery trace flag command.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
The max‐size option sets a maximum on the size of the trace file. The size can be specified in
megabytes by giving ʹMʹ or ʹmʹ (without a leading space), or it can be specified in kilobytes by
giving ʹKʹ or ʹkʹ. If no units are given, the size is assumed to be in bytes. The range of this
parameter is 10K to 2^32‐1 bytes (about 4294M). When the maximum file size is reached, the file is
closed and renamed to fname.0, then fname.1, and so on, until the maximum number of files
specified by the max‐files option is reached. The default is unlimited. The size of a trace file is
limited by the file system on which the trace file resides.
• The max‐files option specifies the maximum number of files allowed in the specified
directory. The range of this parameter is 2 to 4,294,967,295. The default is 4,294,967,295 files.
• The no‐timestamp option disables the pre‐pending of a timestamp to all lines written to the
trace file. The default is to prepend a timestamp to all lines written to a trace file.
• The overwrite option specifies whether to start tracing by truncating or appending to an
existing file.
These options are not cumulative across multiple commands. Consider the following example:
matrix-x(router-config)# ip router-discovery trace file rdisc no-timestamp
matrix-x(router-config)# ip router-discovery trace file rdisc max-files 10
The option given in the second command completely replaces that given in the first. In order to
specify both no‐timestamp and max‐files 10, they must be entered on the same line as follows.
matrix-x(router-config)# ip router-discovery trace file rdisc max-files 10 no-
timestamp

Example
In the following example, Router Discovery tracing is written to the file “rdisc” in the /var/trace/
directory. The maximum size of the file is configured to be 1024 KB, and the maximum number of
files permitted is 3. When the file reaches 1 megabyte in size (the maximum size in this
configuration), the file is renamed to rdisc.log.0, and rdisc.log is re‐created. This continues until four
log files exist (the maximum allowed in this configuration). No timestamp will display at the
beginning of the trace lines.
matrix-x(router-config)# ip router-discovery trace file rdisc max-size 1024k max-
files 4 no-timestamp

Matrix X Router Command Line Interface Reference Guide 38-5

Mode
Interface Configuration.

Usage
The router‐discovery maximum‐interval command specifies the maximum time allowed between
sending unsolicited router advertisements from the interface. This must be no less than 4 seconds
and no more than 30 minutes (1800 seconds).
The negative form of this command, no router‐discovery maximum‐interval, removes the
configured time‐seconds value and returns this to its default value of 600 seconds.

Example
The following example runs the router discovery server on interface ge.4.2, sending
advertisements no more often than once every 6 minutes:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# router-discovery maximum-interval 360

Related Commands
router‐discovery lifetime
router‐discovery minimum‐interval

38-8 Router Discovery Commands

Commands

router-discovery minimum-interval
This command specifies the minimum time allowed between sending unsolicited router
advertisements from the interface.

Syntax
router-discovery minimum-interval time-seconds

no router-discovery minimum-interval

Parameters

time‐seconds Sets the interval, in seconds, with a value between 3 and router‐discovery
maximum‐interval (which has a maximum value of 1800), inclusive.

Defaults
If router‐discovery minimum‐interval is not specified, it will default to 3/4 the value of the
Maximum Advertisement Interval. Therefore, if neither value is configured, the default is 450.

Mode
Interface Configuration.

Usage
The router‐discovery minimum‐interval command specifies the minimum time allowed between
sending unsolicited router advertisements from the interface. This must be no less than 3 seconds
and no more than the router‐discovery maximum‐interval value. If this value is set to greater than
the Maximum Advertisement Interval, the Matrix X Router will reconfigure the value of the
Minimum Advertisement Interval to be equal to the value of the Maximum Advertisement
Interval log the change.
The negative form of this command, no router‐discovery minimum‐interval, removes the
configured time‐seconds value and returns this to its default value.

Example
This example runs the router discovery server on interface ge.4.2 sending advertisements no less
often than once every minute:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# router-discovery minimum-interval 60

Related Commands
router‐discovery lifetime
router‐discovery maximum‐interval

Matrix X Router Command Line Interface Reference Guide 38-9

Commands

38-10 Router Discovery Commands

39
Route Flap Damping Commands

This chapter describes the route flap damping commands.

Overview
Weighted route dampening treats routes that are being announced and withdrawn (flapping) at a
rapid rate as unreachable. If a route flaps at a low rate, it should not be suppressed at all, or
suppressed for only a brief period of time. With weighted route dampening, the suppression of a
route or routes occurs in a manner that adapts to the frequency and duration that a particular
route appears to be flapping. The more a route flaps during a period of time, the longer it will be
suppressed. The adaptive characteristics of weighted route dampening are controlled by a few
tags.
BGP flap damping is defined in RFC 2439, BGP Route Flap Damping.

Note: Route flap damping only applies to BGP.

Commands

For information about... Refer to page...

dampen-flap 39-2

keep-history 39-3

max-flap 39-4

reach-decay 39-5

reach-tick 39-6

reuse-below 39-7

suppress-above 39-8

unreach-decay 39-9

Matrix X Router Command Line Interface Reference Guide 39-1

Commands

dampen-flap
Use this command to enter the Dampen Flap Configuration mode.

Syntax
dampen-flap name

no dampen-flap name

Parameters

name A string of characters uniquely identifying a dampen‐flap

configuration.

Defaults
This command is not explicitly configured by default.

Mode
Global Configuration.

Usage
The dampen‐flap command enters the Dampen Flap Configuration mode, where route‐flap‐
damping parameters are specified. The negative form of this command, no dampen‐flap, removes
the configured damping.

Example
The following example configures route flap damping with an ID of rfd1.
matrix-x(router-config)# dampen-flap rfd1
matrix-x(config-dampen-flap)#

39-2 Route Flap Damping Commands

Commands

keep-history
Use this command to specify the time in seconds for which any history of a routeʹs instability is
maintained.

Syntax
keep-history time-seconds

no keep-history

Parameters
time‐seconds Specifies a time in seconds from 1 to 604800, inclusive.

Defaults
If time‐seconds is not specified, the default is 1800.

Mode
Dampen Flap Configuration.

Usage
The keep‐history command specifies time in seconds for which any history of a route’s instability
is maintained. The negative form of this command, no keep‐history, removes the configured
value and returns this to its default value of 1800 seconds.

Example
The following example configures the keep‐history value to be 2000 seconds.
matrix-x(router-config)# dampen-flap rfd1
matrix-x(config-dampen-flap)# keep-history 2000

Matrix X Router Command Line Interface Reference Guide 39-3

Commands

max-flap
This command specifies the maximum value of a route’s instability history.

Syntax
max-flap float

no max-flap

Parameters
float An integer or floating point number between 2.1 and 604800, inclusive.

Defaults
If float is not specified, the default is 16.0.

Mode
Dampen Flap Configuration.

Usage
Use the max‐flap command to specify the maximum value of a route’s instability history. The
instability metric is incremented by 1 each time a route becomes unreachable. The max‐flap value,
which must be greater than the suppress‐above value, determines the longest time that a route can
be suppressed.
The negative form of this command, no max‐flap, removes the configured value and returns this
to its default value of 16.0.

Example
The following example configures the maximum value of the route’s instability history to be 18.
matrix-x(router-config)# dampen-flap rfd1
matrix-x(config-dampen-flap)# max-flap 18

Related Commands
suppress‐above

39-4 Route Flap Damping Commands

Commands

reach-decay
This command specifies the time in seconds after which a reachable route’s instability history
decays to half of its current value.

Syntax
reach-decay time-seconds

no reach-decay

Parameters
time‐seconds Specifies a time in seconds from 1 to 604800, inclusive.

Defaults
If time‐seconds is not specified, the default is 300.

Mode
Dampen Flap Configuration.

Usage
Use the reach‐decay command to specify a time in seconds, after which a reachable route’s
instability history decays to half of its current value. The negative form of this command, no
reach‐decay, removes the configured value and returns this to its default value of 300 seconds.

Example
The following example configures the reach‐decay value to be 600 seconds.
matrix-x(router-config)# dampen-flap rfd1
matrix-x(config-dampen-flap)# reach-decay 600

Commands

unreach-decay
Use this command to specify the time in seconds after which an unreachable route’s instability
history decays to half its current value.

Syntax
unreach-decay time-seconds

no unreach-decay

Parameters
time‐seconds Specifies a time in seconds from 1 to 604800, inclusive.

Defaults
If time‐seconds is not specified, the default is 900.

Mode
Dampen Flap Configuration.

Usage
Use the unreach‐decay command to specify a time in seconds, after which a unreachable route’s
instability history decays to half of its current value. The negative form of this command, no
unreach‐decay, removes the configured value and returns this to its default value of 900 seconds.

Example
The following example configures the unreach‐decay value to be 600 seconds.
matrix-x(router-config)# dampen-flap rfd1
matrix-x(config-dampen-flap)# unreach-decay 600

Matrix X Router Command Line Interface Reference Guide 39-9

Commands

39-10 Route Flap Damping Commands

40
Route Map Commands

This chapter describes the route map commands.

Route maps can be used to filter learned routes or to redistribute routes between protocols. Route
map commands specify match and set criteria associated with the route map.

Commands

For information about... Refer to page...

match aggregate-contributors 40-3

match as 40-4

match as-path 40-5

match as-path-list 40-6

match community 40-7

match community-set 40-8

match distance 40-9

match extended-community-set 40-10

match instance 40-11

match interface 40-12

match ip address access-list 40-13

match ip address prefix-list 40-14

match ip address prefix-tree 40-15

match ip gateway 40-16

match ip next-hop 40-17

match level 40-19

match localpref 40-20

match med 40-21

match metric 40-22

match metric-type 40-23

match protocol 40-24

Matrix X Router Command Line Interface Reference Guide 40-1

Commands

For information about... Refer to page...

match ribs 40-25

match tag 40-26

route-map 40-27

set as-path prepend 40-28

set community-set 40-29

set dampen-flap 40-30

set ip next-hop 40-31

set level 40-32

set local-preference 40-33

set med 40-34

set metric 40-35

set metric-type 40-36

set origin 40-37

set preference 40-38

set propagate 40-39

set ribs 40-40

set tag 40-41

Commands

match ip route-source prefix-tree

This command specifies the name of a prefix tree to be matched.

Syntax
match ip route-source prefix-tree name [invert]

Parameters
<0-4294967295> A route metric in the specified range.
invert Optionally specifies to reverse the result of a match.

Defaults
This command is not explicitly configured by default.

Mode
Route Map Configuration.

Usage
Use the match metric command to specify a route’s metric value to be matched.

Example
In the following example, if the route has a metric value of 4, then the preference will be set to 50.
matrix-x(router-config)# route-map xyz
matrix-x(config-route-map)# match metric 4
matrix-x(config-route-map)# set preference 50

40-22 Route Map Commands

Commands

match metric-type
This command compares the metric types for OSPF and IS‐IS.

Syntax
match metric-type [external | internal | type-1 | type-2] [invert]

no match metric-type [external | internal | type-1 | type-2] [invert]

Parameters
external Specifies to match the IS‐IS external metric.
internal Specifies to match the IS‐IS internal metric.
type-1 Specifies to match the OSPF external type 1 metric.
type-2 Specifies to match the OSPF external type 2 metric.
invert Optionally specifies to reverse the result of a match.

Defaults
If match metric-type is not specified, it is the same as if the user had specified the following
for IS‐IS:
match metric-type internal
for OSPF:
match metric-type type-2

Mode
Route Map Configuration.

Usage
Use the match metric‐type command when comparing metric types for OSPF and IS‐IS. The
meanings are specific to each protocol.

Note: You cannot include more than one parameter for a single match metric‐type command.

Example
In the following example, if the metric‐type for ISIS routes is internal, then when this route map is
imported into a protocol, the metric type for IS‐IS routes will be external.
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match metric-type internal
matrix-x(config-route-map)# set metric-type external

Matrix X Router Command Line Interface Reference Guide 40-23

Commands

match protocol
This command specifies a protocol to be matched.

Syntax
match protocol proto [invert]

match protocol proto [invert]

Parameters

proto Specifies a protocol to be matched. Valid values include the following:

aggregate – Aggregate routes
all – All protocols
bgp – BGP routes
direct – Directly connected routes
isis – ISIS routes
kernel – Kernel routes
ospf – OSPF routes
ospf-ase – OSPF ASE routes
rip – RIP routes
static – Static routes
invert Optionally specifies to reverse the result of a match.

Defaults
This command is not explicitly configured by default.

Usage
Use the match protocol command to specify routes from a specific protocol to be matched.

Mode
Route Map Configuration.

Example
In the following example, if the route is a BGP route, then the preference will be set to 50.
matrix-x(router-config)# route-map xyz
matrix-x(config-route-map)# match protocol bgp
matrix-x(config-route-map)# set preference 50

40-24 Route Map Commands

Commands

match ribs
This command specifies Routing Information Bases (RIBs) to be matched.

Syntax
match ribs [unicast | multicast] [invert]

no match ribs [unicast | multicast] [invert]

Parameters
unicast Specifies unicast RIB.
multicast Specifies multicast RIB.
invert Optionally specifies to reverse the result of a match.

Defaults
If ribs is not specified, the default is match unicast multicast.

Mode
Route Map Configuration.

Usage
Use the match ribs command to limit the match to a set of either unicast and/or multicast RIBs. By
default, a route map applies to all RIBs to which any contributing route applies. For example, a
route map applies to the Unicast RIB if and only if any contributing route applies to the Unicast
RIB.

Note: If this command is not specified, then no action is taken if the routes match.

Example
The following example causes routes in the unicast RIB to be exported into both the unicast and
multicast RIBs.
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match ribs unicast
matrix-x(config-route-map)# set ribs multicast
matrix-x(config-route-map)# set ribs unicast

Matrix X Router Command Line Interface Reference Guide 40-25

Commands

match tag
This command specifies the tag value with which routes are announced in OSPFASE, RIP, or
RIPng.

Syntax
match tag <0-4294967295> [invert]

no match tag <0-4294967295> [invert]

Parameters
<0-4294967295> A route tag in the specified range.
invert Optionally specifies to reverse the result of a match.

Defaults
0

Mode
Route Map Configuration.

Usage
Use the match tag command specifies a tag value with which routes are announced in OSPFASE,
RIP, or RIPng. The negative form of this command, no match tag, removes the configured tag
value and returns this to its default value of 0.
Notes:
• Specifying a value for tag value in the no form has no effect on the configuration and is displayed
above as optional.
• This command will be ignored for any protocol that is not OSPFASE, RIP, or RIPng.

Example
In the following example, if routes are announced with a tag value of 4, then when this route map
is imported into a protocol, the preference for that protocol will be configured as 50.
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match tag 4
matrix-x(config-route-map)# set preference 50

40-26 Route Map Commands

Commands

route-map
This command enters route‐map configuration mode for a specified route map.

Syntax
route-map name [permit | deny] <0-2147483647>

no route-map name [permit | deny] <0-2147483647>

Parameters
name A string of characters that identifies this route map.
permit | deny Accepts or rejects routes matching this route map. If neither is specified,
this option defaults to permit.
<0-2147483647> A sequence number in the specified range indicating the position a new
route map will have in a list of previously configured route maps.

Defaults
Route maps are not configured by default. When one is configured, however, the default behavior
is to permit the route map.

Mode
Global Configuration.

Usage
The route‐map command specifies the name of a route map and optionally whether to permit or
deny routes matching the route map. A sequence number can also be specified. Specifying this
command enters you in Route Map Configuration mode, where further commands can be
specified.

Example
The following configuration enters Route Map Configuration mode for route map abc.
matrix-x(router-exec)#config
matrix-x(router-config)# route-map abc

Matrix X Router Command Line Interface Reference Guide 40-27

Commands

set as-path prepend

This command specifies a series of AS numbers to be prepended to a route’s AS_PATH before
announcement.

Syntax
set as-path prepend <0-65535>

no set as-path prepend <0-65535>

Parameters
<0-65535> An AS number or list of AS numbers in the specified range.

Defaults
The set as‐path prepend command is not explicitly configured by default.

Mode
Route Map Configuration.

Usage
Use the set as‐path prepend command to specify a series of AS numbers to be prepended to a
route’s AS_PATH before announcement. These AS numbers are included in a lending sequence of
the type appropriate for the peer they are being sent to.

Note: This command applies only to BGP. It will be ignored for all other protocols.

Example
In the following example, if a route matches AS Path list ʺalist1ʺ, then the numbers 655 will be
prepended to a route’s AS_PATH before announcement, and the origin advertised to BGP will be
ʺincompleteʺ.
matrix-x(router-config)# route-map xyz
matrix-x(config-route-map)# match as-path-list alist1
matrix-x(config-route-map)# set as-path prepend 655
matrix-x(config-route-map)# set origin incomplete

40-28 Route Map Commands

Commands

set community-set
This command specifies a community set that will be added to, removed from, or will overwrite a
route.

Syntax
set community-set name [extended] [delete | additive | overwrite]

no set community-set name [extended] [delete | additive | overwrite]

Parameters
name The name of a community set.
extended Specifies that the referenced community set is of the extended type.
delete Removes a set of communities or extended communities from a route.
additive Adds a set of communities or extended communities to a route. Because
this is the default action, specifying this is optional.
overwrite Specifies that the community set overwrites any communities received
with the route.

Defaults
Community sets are not explicitly added to this route map by default. If one is configured,
however, the default action is additive.

Mode
Route Map Configuration.

Usage
Use the set community‐set command to specify a community set in a route map and whether that
community set should be added to a route, deleted from a route, or overwritten. The negative
form of this command, no set community‐set, removes the configured list from the actions to take
in this route map.
Notes:
• This command applies only to BGP.
• Specifying an argument for the community set name in the no form of this command has no effect
on the configuration. Thus, delete, additive, and overwrite are displayed above as optional.

Example
In the following example, if the route being evaluated against route map ʺabcʺ matches interface
ʺge.4.11ʺ and the AS path list labeled ʺlist1ʺ, then the following set actions will be executed:
• Communities specified in community set ʺcom‐set‐1ʺ will be added to the matching route.
• Communities specified in community set ʺcom‐set‐2ʺ will be deleted from the matching route.
• The metric for routes will be set to 50.
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match interface ge.4.11
matrix-x(config-route-map)# match as-path-list list1

Matrix X Router Command Line Interface Reference Guide 40-29

Commands

matrix-x(config-route-map)# set community-set com-set-1 additive

matrix-x(config-route-map)# set community-set com-set-2 delete
matrix-x(config-route-map)# set metric 50

set dampen-flap
This command specifies the name of a route flap dampening configuration to be matched.

Syntax
set dampen-flap name

Parameters
None.

Defaults
If set propagate is not specified, the default is no set propagate.

Mode
Route Map Configuration.

Usage
Use the set propagate command to specify whether type‐7 routes get translated into type‐5 routes
on the backbone. If the flag is not set on a route, then it is not translated.

Note: This command applies only to OSPF. It will be ignored for all other protocols.

Example
In the following example, if the route being evaluated against route map ʺabcʺ matches the BGP
Community List ʺcommlist1ʺ and the AS path list labeled ʺaspathlist1ʺ, then exported routes will
be propagated.
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match community commlist1
matrix-x(config-route-map)# match as-path-list aspathlist1
matrix-x(config-route-map)# set propagate

Matrix X Router Command Line Interface Reference Guide 40-39

Commands

set ribs
This command specifies the RIBs into which a route will be imported or from which a route will be
exported.

Syntax
set ribs [unicast | multicast]

no set ribs [unicast | multicast]

Parameters
unicast Specifies unicast RIB.
multicast Specifies multicast RIB.

Defaults
By default, a route map applies to all RIBs.

Mode
Route Map Configuration.

Usage
Use the set ribs command to specify the RIBs into which a route will be imported or from which a
route will be exported.

Example
The following example causes routes in the unicast RIB to be exported into both the unicast and
multicast RIBs.
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match ribs unicast
matrix-x(config-route-map)# set ribs unicast
matrix-x(config-route-map)# set ribs multicast

40-40 Route Map Commands

Commands

set tag
This commansd specifies the tag value with which routes will be announced into OSPFASE, RIP,
or RIPng.

Syntax
set tag <0-4294967295>

no set tag <0-4294967295>

Parameters
<0-4294967295> A 32‐bit route tag in the specified range entered using a decimal (base 10)
number.

Defaults
If set tag is not specified, the default is set tag 0.

Mode
Route Map Configuration.

Usage
Use the set tag command to propagate tag data from an exterior gateway protocol (such as BGP)
through OSPFASE, RIP, or RIPng. The negative form of this command, no match tag, removes the
configured tag_value and returns this to its default value of 0.
Notes:
• Specifying a tag value in the no form has no effect on the configuration and is displayed above as
optional.
• This command will be ignored for any protocol that is not OSPFASE, RIP, or RIPng.

Example
In the following example, if routes are received with a tag value of 4, then when a matching route
is imported into a protocol, the preference for that route will be configured as 50, and the new tag
value will be 5.
matrix-x(router-config)# route-map abc
matrix-x(config-route-map)# match tag 4
matrix-x(config-route-map)# set preference 50
matrix-x(config-route-map)# set tag 5

Matrix X Router Command Line Interface Reference Guide 40-41

Commands

40-42 Route Map Commands

41
Router Aggregation Commands

Overview
Route aggregation is a method of generating a more general summary route, given the presence of
a more specific route. It is used, for example, at an autonomous system border to generate a route
to a network to be advertised via BGP, given the presence of one or more subnets of that network
learned via RIP. No aggregation is performed unless explicitly requested in an aggregate
command.
Route aggregation is also used by regional and national networks to reduce the amount of routing
information passed. With careful allocation of network addresses to clients, regional networks can
announce one route to regional networks instead of hundreds.
Aggregate routes are not actually used for packet forwarding by the originator of the aggregate
route, only by the receiver (if it wishes). A router is supposed to respond with an ICMP network
unreachable message if the router receives a packet that does not match one of the component
routes that led to the generation of an aggregate route. This message is to prevent packets for
unknown component routes from following a default route into another network, where they
would be forwarded back to the border router, and around and around again and again, until
their TTL expired. Sending an unreachable message for a missing piece of an aggregate is only
possible on systems with support for reject routes.
A difference between route aggregation and generation is the generation of a route based on the
existence of certain conditions. This is sometimes known as the “route of last resort.” This route
inherits the next hops and AS path from the contributor specified with the lowest (most favorable)
preference. The most common usage for this is to generate a default based on the presence of a
route from a peer on a neighboring backbone.

Commands
For information about... Refer to page...

aggregate-address 41-2

router aggregate 41-6

Matrix X Router Configuration Guide 41-1

Commands aggregate-address

aggregate-address
This command allows the aggregation of specific routes into one.

Syntax
aggregate-address { address [mask | masklen] | prefix } protocol {aggregate | all
| bgp | direct | isis | kernel | ospf | rip | static} [match-map map_name] [rib
{unicast | multicast | unicast-multicast}] [preference pref] [generate]
[noinstall] [blackhole] [bgp] [brief]

no aggregate-address { address [mask | masklen] | prefix } protocol {aggregate |

all | bgp | direct | isis | kernel | ospf | rip | static} [match-map map_name]
[rib {unicast | multicast | unicast-multicast}] [preference pref] [generate]
[noinstall] [blackhole] [bgp] [brief]

Parameters
address [mask | masklen] The IPv4 address to be aggregated or generated. Specify either an
address or a prefix. The address can be accompanied by an address
mask or masklen. The address mask is specified in dotted‐quad
format for IPv4 addresses. The masklen specifies the number of
contiguous bits at the beginning of a mask.
prefix Specifies a valid IPv4 prefix.
protocol Specify the protocol whose rules this aggregate will use to determine
whether to include each route.
For IPv4 routes, valid values include the following: aggregate, all,
bgp, direct, isis, kernel, ospf, rip, and static.
match‐map map_name (Optional) Specify a route map that will be used to generate this route.
rib [ unicast | multicast (Optional) Specifies whether the aggregate is restricted to the unicast
| unicast‐multicast ] RIB, the multicast RIB, or both. The default is to restrict the aggregate
to both the unicast and multicast RIB.
brief (Optional) Specifies that the AS path should be truncated to the
longest common leading AS path. This option is only useful if the
configured protocol is BGP.
bgp (Optional) Specifies that this aggregate will use BGP rules to
determine whether to include each route. This is a valid option only if
the configured protocol is BGP
preference pref (Optional) Specifies the aggregation preference value to be assigned
to the contributor route. This can be an integer between 1 and 255,
inclusive.
Note: If two different aggregate commands are specified for the same prefix,
then the preference specified most recently will be used, and that preference
value will display in the show running-config query for each configured
aggregate route.
noinstall (Optional) Specifies whether to install the generate address if any
contributor route is active. The default behavior is to install the route.
generate (Optional) Generates a default route. Route generation is a method of
generating a more general route, given the presence of a specific
route. generate differs from aggregate only in terms of the route
installed in the kernel.

41-2 Router Aggregation Commands

aggregate-address Commands

blackhole (Optional) Specifies whether to blackhole the route, thus enabling the
router to refuse to route various prefixes.

Defaults
No aggregate/generate routes are configured by default.

Mode
Aggregate Router Configuration Mode.

Usage
Route aggregation is a method of generating a more general summary route, given the presence of
a more specific route. generate differs from aggregate only in terms of the route installed in the
kernel.
Using the generate keyword in the no form restores the default for the generate route but has no
effect on the aggregate route. To restore the default for the aggregate route, use the no form of the
command without the generate keyword. This will have a cascading effect on restoring the
default generated route.

Examples

Example 1
In the following example, an aggregate route to 10/8 is generated based on routes formed via BGP
that match route map “rm1”.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol bgp
match-map rm1
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 2
The following example removes the configuration in Example 1 and restores the defaults.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# no aggregate-address 10.0.0.0 255.0.0.0 protocol bgp
match-map rm1
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 3
In the following example, a generate route to 10/8 is created based on routes formed via BGP that
match route map “rm1”.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol bgp
match-map rm1 generate
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Matrix X Router Configuration Guide 41-3

Commands aggregate-address

Example 4
The following example removes the configuration in Example 3 and restores the defaults.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# no aggregate-address 10.0.0.0 255.0.0.0 protocol bgp
match-map rm1 generate
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 5
The following example creates an aggregate route that includes all OSPF routes matching route
map “rm1” and that are more specific than 10/8. It also restricts it to the unicast RIB.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol ospf
match-map rm1 rib unicast
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 6
The following example creates a generate route from all OSPF routes that match route map “rm1”
and that are more specific than 10/8. It restricts the generate route to the unicast RIB. The routes,
however, will not be installed if the contributor route is not active.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol ospf
match-map rm1 rib unicast generate noinstall
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 7
The following example restores the defaults in Example 6.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# no aggregate-address 10.0.0.0 255.0.0.0 protocol ospf
rib unicast match-map rm1 generate
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 8
The following example creates an aggregate route that includes all ISIS routes matching route map
“rm1” and that are more specific than 10/8. In addition, it sets the preference for these routes to 10.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol isis
match-map rm1 preference 10
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 9
The following example creates a generated route from all ISIS routes matching route map “rm1”
and that are more specific than 10/8. In addition, it sets the preference for these routes to 10. The
routes, however, will not be installed if the contributor route is not active.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol isis
match-map rm1 preference 10 generate noinstall
matrix-x(config-aggregate)# exit

41-4 Router Aggregation Commands

aggregate-address Commands

matrix-x(router-config)#

Example 10
The following example creates an aggregate route that includes all RIP routes matching route map
“rm1” and that are more specific than 10/8. It also sets the preference for the aggregate route to 10.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol rip
match-map rm1 preference 10
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 11
The following example creates a generate route from all RIP routes matching route map “rm1”
and that are more specific than 10/8. It also sets the preference for these routes to 10. The routes,
however, will not be installed if the contributor route is not active.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol rip
match-map rm1 preference 10 generate noinstall
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 12
The following example creates an aggregate route that includes all static routes matching route
map “rm1” and that are more specific than 10/8. IT also sets the preference for the aggregate route
to 10.
matrix-x(router-config)# router-aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol static
match-map rm1 preference 10
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Example 13
The following example creates a generate route from all static routes that match route map “rm1”
and that are more specific than 10/8. It also sets the preference for these routes to 10.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)# aggregate-address 10.0.0.0 255.0.0.0 protocol static
match-map rm1 preference 10 generate
matrix-x(config-aggregate)# exit
matrix-x(router-config)#

Matrix X Router Configuration Guide 41-5

Commands router aggregate

router aggregate
This command enters the user into Aggregate Router Configuration mode.

Syntax
router aggregate

Parameters
None.

Defaults
This command is not explicitly configured by default.

Mode
Router global configuration.

Usage
Use the router aggregate command to enter Aggregate Router Configuration mode. This mode
allows the aggregation of specific routes into a single route.

Example
The following example shows how to enter Aggregate Router Configuration mode.
matrix-x(router-config)# router aggregate
matrix-x(config-aggregate)#

41-6 Router Aggregation Commands

42
VRRP Commands

This chapter describes the Virtual Router Redundancy Protocol (VRRP) commands.

Overview
VRRP eliminates the single point of failure inherent in a static default routed environment by
transferring the responsibility from one router to another if the original router goes down.
VRRP‐enabled routers decide who will become master and who will become backup in the event
the master fails. This provides a means for higher reliability without requiring dynamic routing or
router discovery on every end‐host.
In some instances, a heavy load on a VRRP master may delay VRRP packet transmission and
cause the backup router to assume the role of master.
The X Router supports up to 7 instances of VRRP per interface. An instance is defined as one
virtual router running on one interface.

For information about... Refer to page...

Global Configuration Commands 42-2

Interface Configuration Commands 42-6

Querying Command 42-15

Matrix X Router Command Line Interface Reference Guide 42-1

Global Configuration Commands

The VRRP commands that apply at the router level are:

For information about... Refer to page...

router vrrp 42-2

trace file 42-3

trace flag 42-4

router vrrp
This command configures VRRP on a router and enters the user into VRRP Router Configuration
mode.

Syntax
router vrrp

no router vrrp

Parameters
None.

Defaults
VRRP is not configured on a router by default.

Mode
Global Router Configuration.

Usage
Use this command as the first step to configuring tracing options. The router vrrp command
configures VRRP on the router and enters the user into VRRP Router Configuration mode, where
tracing options are configured. The negative form of this command, no router vrrp, disables VRRP
on a router.

Example
The following example enables VRRP on a router:
matrix-x(router-exec)# config
matrix-x(router-config)# router vrrp
matrix-x(router-config-vrrp)#

42-2 VRRP Commands

Global Configuration Commands

trace file
This command specifies the file to receive tracing information, the size of the file, whether to
overwrite existing files, and the maximum number of files allowed.

Syntax
trace file file_name [max-size file_size[M | m | K | k] | max-files num_files |
no-timestamp | overwrite]

no trace file file_name [max-size file_size[M | m | K | k] | max-files num_files

| no-timestamp | overwrite]

Parameters
file_name Specifies the name of the file to receive the tracing information. Note
that the file name is not specified in quotes.
max‐size file_size[M | Specifies the maximum file size in bytes (by default) or megabytes or
m | K | k] kilobytes. The acceptable value range is 10K to 4,294,967,295 bytes.
Notice that there is no space between the file_size parameter and the unit
type.
max‐files num_files Specifies the maximum number of files allowed in the directory. The
acceptable value range is 2 to 4,294,967,295, with a default value of
4,294,967,295 files.
no‐timestamp Specifies that a timestamp should not be prepended to all trace lines.
overwrite Specifies to begin tracing by appending or truncating an existing file.

Defaults
VRRP tracing is turned off by default.

Mode
VRRP Router Configuration: matrix‐x(router‐config‐vrrp)#

Usage
The trace file command is associated with each protocol, so that information pertaining to a single
protocol can be written to its own file. The trace file command in VRRP Router Configuration
mode specifies a file for tracing of all VRRP events. The negative form of this command disables
this tracing. The specific events that are traced are controlled by the trace flag command.
On the Matrix X Router, trace files are stored in the /var/trace directory. When entering a trace file
name, specify only the file name, not the complete path. Trace files are not persistent across system
reboots.
The max‐size option sets a maximum on the size of the trace file. The size can be specified in
megabytes by giving ʹMʹ or ʹmʹ (without a leading space), or it can be specified in kilobytes by
giving ʹKʹ or ʹkʹ. If no units are given, the size is assumed to be in bytes. When the maximum file
size is reached, the file is closed and renamed to fname.0, then fname.1, and so on, until the
maximum number of files specified by the max‐files option is reached. The default is unlimited.
The size of a trace file is limited by the file system on which the trace file resides.

Matrix X Router Command Line Interface Reference Guide 42-3

Global Configuration Commands

The max‐files option specifies the maximum number of files allowed in the specified directory.
The range of this parameter is 2 to 4,294,967,295. The default is 4,294,967,295 files.
The no‐timestamp option disables the pre‐pending of a timestamp to all lines written to the trace
file. The default is to prepend a timestamp to all lines written to a trace file.
The overwrite option specifies whether to start tracing by truncating or appending to an existing
file.

Example
In the following example, VRRP tracing is written to the file ʺvrrp.logʺ located in the /var/trace
directory on the X Router. The maximum size of the file is configured to be 1024 KB, and the
maximum number of files permitted is 3. When the file reaches 1 megabyte in size (the maximum
size in this configuration), the file is renamed to vrrp.log.0, and vrrp.log is re‐created. This
continues until four log files exist (the maximum allowed in this configuration). No timestamp
will display at the beginning of the trace lines.
matrix-x(router-config)# router vrrp
matrix-x(router-config-vrrp)# trace file vrrp.log max-size 1024k max-files 4
no-timestamp
matrix-x(router-config-vrrp)# exit
matrix-x(router-config)#

trace flag
This command configures VRRP‐specific tracing options as well as options that are common
across all protocols.

Syntax
trace flag all | {state | debug} | { packets | advertisement [send | receive |
send-receive] [detail] }

no trace flag all | {state | debug} | { packets | advertisement [send | receive |

send-receive] [detail] }

Parameters
The following tracing flag is common to all protocols. It cannot be associated with a send,
receive, or send‐receive action item. Similarly, you cannot specify showing detailed data when
tracing all.
all Turns on all trace flags.
The following VRRP‐specific flags cannot be associated with the send, receive, or send‐receive
action items:
state Trace state changes in VRRP.
debug Trace VRRP at the debugging level of detail.
The following VRRP‐specific flags can be associated with the send, receive, or send‐receive action
items:
packets Trace all types of VRRP packets.
advertisements Trace advertisements.
These optional action items specify whether to limit the tracing to packets as follows:

42-4 VRRP Commands

Global Configuration Commands

send Optionally specify to limit tracing for packets sent.

receive Optionally specify to limit tracing for packets received.
send‐receive Optionally specify to limit tracing for packets sent and received.
detail Optionally specify to use a more verbose format when displaying information
about the contents of packets instead of one or two lines.

Defaults
The default is for no flags to be explicitly configured.

Mode
VRRP Router Configuration: matrix‐x(router‐config‐vrrp)#

Usage
Use the trace flag command to specify tracing flags for VRRP. Each flag must reside on its own
configuration line. For example, you cannot specify to trace both packets and advertisements in
the same command.

Example
In the following example, trace flags specify that both the sent and received packets and
advertisement messages are traced in detail. This tracing information will be written to the file
vrrp.log.
matrix-x(router-config)# router vrrp
matrix-x(router-config-vrrp)# trace file vrrp.log max-size 1024k
matrix-x(router-config-vrrp)# trace flag packets send-receive detail
matrix-x(router-config-vrrp)# trace flag advertisement send-receive detail
matrix-x(router-config-vrrp)# exit
matrix-x(router-config)#

Matrix X Router Command Line Interface Reference Guide 42-5

Interface Configuration Commands

The VRRP commands to configure a virtual router on an interface are:

For information about... Refer to page...

ip vrrp 42-6

advertisement-interval 42-7

master-icmp-reply 42-8

preempt 42-9

primary-address 42-11

priority 42-10

shutdown 42-10

track 42-12

virtual address 42-14

ip vrrp
This command enters into VRRP Version 2 configuration mode.

Syntax
ip vrrp vrrp-id

no ip vrrp vrrp-id

Parameters
vrrp-id Specifies the ID of the virtual router instance, ranging from 1 to 7.

Defaults
By default, VRRPv2 is not configured on an interface.

Mode
Router interface configuration.
Router VRRPv2 configuration mode

Usage
The ip vrrp command enters the VRRPv2 configuration mode for an interface that has been
assigned an IP address. This command will return an error message if you attempt to enter
VRRPv2 configuration mode on an interface that does not have an assigned IP address.
Within this mode, a single virtual router can be configured. The negative form of the command
deletes the entire virtual router with the specified ID.
VRRP is automatically enabled once a VRRP instance is created with this command.
On the Matrix X Router, the ID of the virtual router instance can be an integer from 1 to 7.

42-6 VRRP Commands

Interface Configuration Commands

Example
The following example acquires interface configuration mode for the Gigabit Ethernet port 1 in
slot 4, then configures a virtual router with an ID of 1, which causes the CLI session to acquire
VRRPv2 configuration mode.
matrix-x(router-config)#interface ge.4.1
matrix-x(router-config-if-ge.4.1)#ip vrrp 1
matrix-x(router-config-if-ip-vrrp-ge.4.1)#

advertisement-interval
This command configures the time (in seconds) between VRRP advertisement transmissions.

Syntax
advertisement-interval time-seconds

no advertisement-interval

Parameters
time‐seconds Specifies the advertisement interval, ranging from 1 to 255 seconds.

Defaults
1 second

Mode
Router VRRPv2 configuration.

Usage
The advertisement‐interval command sets the time (in seconds) between VRRP advertisement
transmissions. Only the Master virtual router actually sends anything, but all participants in this
virtual router must have the same advertise‐interval configured. The negative form of this
command resets the interval to its default value.

Example
The following example configures the advertisement interval to be 3 seconds:
matrix-x(router-config)# interface ge.4.1
matrix-x(router-config-if-ge.4.1)# ip vrrp 1
matrix-x(router-config-if-vrrp-ge.4.1)# advertisement-interval 3

Matrix X Router Command Line Interface Reference Guide 42-7

Interface Configuration Commands

master-icmp-reply
This command enables ICMP replies for non‐owner masters.

Syntax
master-icmp-reply
no master-icmp-reply

Parameters
None.

Defaults
ICMP replies from non‐owner VRRP master routers is disabled.

Mode
Router VRRPv2 configuration.

Usage
By default, if you try to ping a VRRP master router which is not the owner of the IP address, the
router does not reply to ICMP requests. Only the IP address owner does.
Use the no form of this command to disable ICMP replies from non‐owner masters.

Example
The following example enables ICMP replies:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip vrrp 2
matrix-x(router-config-if-ip-vrrp-ge.4.2)# master-icmp-reply

42-8 VRRP Commands

Interface Configuration Commands

preempt
This command configures the router to preempt the current master if it has a higher priority on
the enclosing virtual router.

Syntax
preempt

no preempt

Parameters
None.

Defaults
Enabled.

Mode
Router VRRPv2 configuration.

Usage
This command configures the router to preempt the current master if it has a higher priority on
the enclosing virtual router. The negative form of the command turns off this preemption. Note
that, regardless of this flag, the actual owner of the virtual addresses will always preempt.

Example
The following example disables preemption:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip vrrp 2
matrix-x(router-config-if-ip-vrrp-ge.4.2)# no preempt

Matrix X Router Command Line Interface Reference Guide 42-9

Interface Configuration Commands

priority
This command sets the election priority for this virtual router.

Syntax
priority value

no priority value

Parameters
value Specifies the election priority. Value can be an integer from 1 to 254.

Defaults
Default priority value is 100.

Mode
Router VRRPv2 configuration.

Usage
This command sets the virtual router election priority for this virtual router. The priority can be
from 1 to 254, inclusive. The highest numerical priority router will act as the Master virtual router
until it goes down. If a router comes up with higher priority than the current Master, then whether
or not it takes over Master duties depends on whether or not preempt is set. This value will be
ignored if the virtual addresses for this virtual router are configured on the enclosing interface. If
that is the case, then the priority of 255 is always used. The negative form of this command resets
the priority to its default value.

Example
In the following example, the priority is set to 254, the priority most likely to win the election
unless a router owns the virtual addresses:
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)#ip vrrp 3
matrix-x(router-config-if-ip-vrrp-ge.4.2)# priority 254

42-10 VRRP Commands

Interface Configuration Commands

primary-address
This command configures the address with which VRRP packets are sent for a virtual router
instance.

Syntax
primary-address ipv4-addr

no primary-address ipv4-addr

Parameters
ipv4‐addr Specifies a valid IPv4 logical interface specified in dotted‐quad format.

Defaults
The numerically highest IPv4 address is used by default.

Mode
Router VRRPv2 configuration.

Usage
The primary‐address command configures the address with which VRRP packets are sent for this
virtual router instance. The negative form of the command deletes the configured primary
address, returning it to its default.
The parameter ipv4‐addr is an IPv4 host address in dotted quad notation, which has previously
been assigned to the interface being configured for VRRPv2.
In order to successfully execute this command, the address must be configured on the physical
interface on which VRRPv2 is currently being configured.

Example
The following example configures 10.20.10.20 as the primary address.
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)# ip address 10.20.10.20/16
matrix-x(router-config-if-ge.4.2)# ip vrrp 3
matrix-x(router-config-if-ip-vrrp-ge.4.2)# primary-address 10.20.10.20
matrix-x(router-config-if-ip-vrrp-ge.4.2)# exit
matrix-x(router-config-if-ge.4.2)#

Matrix X Router Command Line Interface Reference Guide 42-11

Interface Configuration Commands

shutdown
This command disables the enclosing Virtual Router.

Syntax
shutdown

no shutdown

Parameters
None

Defaults
By default, the enclosing virtual router is disabled.

Mode
Router VRRPv2 configuration.

Usage
The shutdown command disables the enclosing Virtual Router. This will cause it to resign, if itʹs
currently Master, and move the Virtual Router to the INIT state. A Virtual Router must be
disabled before any configuration can be changed. Once the Virtual Router is properly configured,
the negative form of this command will start it running again.

Example
The following example enables the virtual router.
matrix-x(router-config)# interface ge.4.2
matrix-x(router-config-if-ge.4.2)#ip vrrp 1
matrix-x(router-config-if-vrrp-ge-4.2)# no shutdown

42-12 VRRP Commands

Interface Configuration Commands

track
This command causes the router to monitor the status of the given interface and react
appropriately.

Syntax
track interface-name

no track [interface-name]

Parameters
interface‐name A physical interface name

Defaults
By default, tracking is disabled.

Mode
Router VRRPv2 configuration.

Usage
The track command causes the router to monitor the status of the given interface and react
appropriately. If the tracked interface goes down, and the router is the current master for the
virtual router in whose context this command is being entered, then this router will resign as
master. If the tracked interface comes up, and the router has higher priority than the current
master, and if preempt is set, then the router will preempt the current master and become master.
Only one interface can be tracked at a time, and specifying a new track command will replace the
currently tracked interface with the new one.
The negative form of the command disables the tracking of the given interface (or the currently
tracked interface if no interface is specified).

Note: It is required that all VRRP instances using a tracked interface must use only non-owning
virtual addresses. Non-owning addresses do not match an interface address. If a tracked interface
becomes operationally “down,” an owning VRRP instance may respond to ARP requests using the
real MAC address of the router. This may cause clients to send packets to the backup router which
is not able to reach the desired destinations due to the tracked interface being down.

Examples
In this example, interface ge.4.1 is tracked.
matrix-x(router-config)# interface ge.5.2
matrix-x(router-config-if-ge.5.2)# ip vrrp 1
matrix-x(router-config-if-vrrp-ge.5.2)# track ge.4.1
In this example, all interface tracking is disabled on the enclosing virtual router.
matrix-x(router-config)# interface ge.5.2
matrix-x(router-config-if-ge.5.2)# ip vrrp 1
matrix-x(router-config-if-vrrp-ge.5.2)# no track

Matrix X Router Command Line Interface Reference Guide 42-13

Interface Configuration Commands

virtual address
This command adds a given IPv4 address to the list of virtual addresses configured on a virtual
router.

Syntax
virtual address ipv4_address

no virtual address ipv4_address

Parameters
ipv4_address A valid IPv4 logical interface specified in dotted‐quad format

Defaults
Virtual addresses are not configured on a virtual router by default.

Mode
Router VRRPv2 configuration.

Usage
The virtual‐address command adds the given address to the list of virtual addresses configured
on a virtual router. The negative form of the command removes the specified address from those
configured on a virtual router.
Any number of addresses can be configured on a virtual router, but all addresses on a virtual
router must be configured the same on all participants, and they must all be unique among all
addresses configured on any virtual router on the enclosing LAN segment.
If no virtual address is configured on a virtual router, that virtual router will be inactive until one
is configured. The ipv4_address given in this command must be a host address in dotted‐quad
format.
Up to 255 addresses can be configured on a virtual router.

Example
The following example adds 10.20.10.1 and 10.20.10.2 to the list of virtual addresses on this virtual
router.
matrix-x(router-config)# interface ge.5.2
matrix-x(router-config-if-ge.5.2)# ip vrrp 1
matrix-x(router-config-if-vrrp-ge.5.2)# virtual address 10.20.10.1
matrix-x(router-config-if-vrrp-ge.5.2)# virtual address 10.20.10.2

42-14 VRRP Commands

Querying Command

show ip vrrp
This command displays information about virtual routers that are configured on a router.

Syntax
show ip vrrp [interface interface-name [verbose]] [vrid]

Parameters
interface (Optional) The name of the interface on which the desired virtual router
interface‐name is configured.
verbose (Optional) Display VRRP statistics.
vrid (Optional) The ID of the virtual router for which information is desired.
On the Matrix X Router, the virtual router ID value can be an integer
between 1 and 7.

Mode
Router Privileged Exec: matrix‐x(router‐exec)#

Usage
Use the show ip vrrp query to obtain information about the virtual routers configured on a router.
This command can be issued in three ways:
1. A query lacking an interface‐name and vrid returns information about all virtual routers
configured on the router.
2. If an interface‐name only is specified, then the query returns information about all virtual
routers configured on that interface. If the detail parameter is specified, VRRP statistics for
that interface are also displayed.
3. If a virtual router ID (vrid) is specified, then the query returns information about a single
virtual router.

Examples
In this example, a query is issued for all virtual routers configured on physical interface ge.3.3.
The results show that one virtual router is configured.
matrix‐x(router‐exec)# show ip vrrp interface ge.3.3
Interface: ge.3.3
VRID: 3
Version: VRRPv2
Primary Address: 172.16.1.1
Priority: 1, Advertisement Interval: 1 sec, Preempt: on
State: Backup, Master: 172.16.1.2
Virtual addresses: 172.16.1.2

Matrix X Router Command Line Interface Reference Guide 42-15

Querying Command

Field Descriptions
The following table describes the fields that appear in the VRRP Query.

Field Description

Interface The name of the physical interface on which the virtual routers whose settings
follow are defined

VRID The virtual router ID

Version The version of VRRP running on this virtual router

Primary Address The address used to send VRRP messages

Priority The virtual router election priority for this virtual router

Advertisement Interval The time in seconds between VRRP advertisements

Preempt Indicates whether or not this router will preempt the current Master of this virtual
router if it has a higher priority

State The current state in the VRRP state machine

Master The primary address of the current master

Virtual Addresses The configured virtual addresses for this virtual router

This example displays the VRRP statistics for interface ge.1.32.

matrix-x(router-exec)# show ip vrrp interface ge.1.32 verbose
Interface: ge.1.32
VRID: 1
Version: VRRP2
Primary Address: 1.1.1.2
Priority: 100, Advertisement Interval: 1 sec, Preempt: on
State: Master, Master: 1.1.1.2

Time of last state transition Thu Feb 22 14:39:44 2007

Number of transitions to master state 1

VRRP valid advertisments received 4
VRRP packets sent with zero priority 0
VRRP packets recv with zero priority 0
VRRP packets recv with IP-address list mismatch 0
VRRP packets recv with auth-type mismatch 0
VRRP packets recv with checksum error 0
VRRP packets recv with invalid version 0
VRRP packets recv with invalid VR-Id 0
VRRP packets recv with invalid adv-interval 0
VRRP packets recv with invalid TTL 0
VRRP packets recv with invalid type field 0
VRRP packets recv with invalid auth-type 0
VRRP packets recv with invalid auth-key 0

Virtual addresses:
1.1.1.3
1.1.1.4
1.1.1.5

42-16 VRRP Commands

Chi Square Problem With Solution
82% (34)
Chi Square Problem With Solution
2 pages
Electrical System Nissan cwb45 PDF
100% (3)
Electrical System Nissan cwb45 PDF
195 pages
Arduino meets MATLAB: Interfacing, Programs and Simulink
From Everand
Arduino meets MATLAB: Interfacing, Programs and Simulink
Anita Gehlot
No ratings yet
ExtremeXOS Operations and Configuration Lab Guide
100% (2)
ExtremeXOS Operations and Configuration Lab Guide
254 pages
The Introduction of Western Education
88% (8)
The Introduction of Western Education
10 pages
A Sample Cell Phone Repair Business Plan Template
100% (2)
A Sample Cell Phone Repair Business Plan Template
18 pages
Handbook of Mobile Application Development: A Guide to Selecting the Right Engineering and Quality Features
From Everand
Handbook of Mobile Application Development: A Guide to Selecting the Right Engineering and Quality Features
Mohamed Sarrab
No ratings yet
Introduction to Sensors in IoT and Cloud Computing Applications
From Everand
Introduction to Sensors in IoT and Cloud Computing Applications
Ambika Nagaraj
No ratings yet
Cross-Industry Blockchain Technology: Opportunities and Challenges in Industry 4.0
From Everand
Cross-Industry Blockchain Technology: Opportunities and Challenges in Industry 4.0
Rajesh Singh
No ratings yet
Trends in Future Informatics and Emerging Technologies
From Everand
Trends in Future Informatics and Emerging Technologies
Deepak Kumar
No ratings yet
Introduction to Machine Learning with Python
From Everand
Introduction to Machine Learning with Python
Deepti Chopra
No ratings yet
Practical Digital Forensics: A Guide for Windows and Linux Users
From Everand
Practical Digital Forensics: A Guide for Windows and Linux Users
Akashdeep Bhardwaj
No ratings yet
Anatomy, Modeling and Biomaterial Fabrication for Dental and Maxillofacial Applications
From Everand
Anatomy, Modeling and Biomaterial Fabrication for Dental and Maxillofacial Applications
Andy Choi
No ratings yet
Cyber Forensics and Investigation on Smart Devices: Volume 1
From Everand
Cyber Forensics and Investigation on Smart Devices: Volume 1
Akashdeep Bhardwaj
No ratings yet
Polarity Index In Proteins - A Bioinformatics Tool
From Everand
Polarity Index In Proteins - A Bioinformatics Tool
Carlos Polanco
No ratings yet
Frontiers in Medicinal Chemistry: Volume 9
From Everand
Frontiers in Medicinal Chemistry: Volume 9
PublishDrive
No ratings yet
CLI Reference Guide XSR-1805
No ratings yet
CLI Reference Guide XSR-1805
684 pages
Advances in Time Series Forecasting: Volume 2
From Everand
Advances in Time Series Forecasting: Volume 2
PublishDrive
No ratings yet
Amazon Web Services: The Definitive Guide for Beginners and Advanced Users
From Everand
Amazon Web Services: The Definitive Guide for Beginners and Advanced Users
Parul Dubey
No ratings yet
EnterasysA4H124-48 CLIcommands
No ratings yet
EnterasysA4H124-48 CLIcommands
486 pages
Soft Robotics
From Everand
Soft Robotics
PublishDrive
No ratings yet
Craniofacial Disorders – Orofacial Features and Peculiarities in Dental Treatment
From Everand
Craniofacial Disorders – Orofacial Features and Peculiarities in Dental Treatment
PublishDrive
2/5 (1)
COVID 19 – Monitoring with IoT Devices
From Everand
COVID 19 – Monitoring with IoT Devices
Ambika Nagaraj
No ratings yet
The Role of AI in Enhancing IoT-Cloud Applications
From Everand
The Role of AI in Enhancing IoT-Cloud Applications
Ambika Nagaraj
No ratings yet
Artificial Intelligence and Multimedia Data Engineering: Volume 1
From Everand
Artificial Intelligence and Multimedia Data Engineering: Volume 1
Suman Kumar Swarnkar
No ratings yet
IoT-enabled Sensor Networks: Architecture, Methodologies, Security, and Futuristic Applications
From Everand
IoT-enabled Sensor Networks: Architecture, Methodologies, Security, and Futuristic Applications
Samayveer Singh
No ratings yet
Comprehensive Maxillofacial Osteomyelitis
From Everand
Comprehensive Maxillofacial Osteomyelitis
Deepak Gupta
No ratings yet
Deep Learning for Healthcare Services
From Everand
Deep Learning for Healthcare Services
Parma Nand
No ratings yet
Computational Intelligence for Sustainable Transportation and Mobility: Volume 1
From Everand
Computational Intelligence for Sustainable Transportation and Mobility: Volume 1
PublishDrive
No ratings yet
Medical Imaging Technologies and Methods for Health Care
From Everand
Medical Imaging Technologies and Methods for Health Care
Fuk-Hay Tang
No ratings yet
Evaluation of Cellular Processes by in vitro Assays
From Everand
Evaluation of Cellular Processes by in vitro Assays
Taseen Gul
No ratings yet
BIM Development and Trends in Developing Countries: Case Studies
From Everand
BIM Development and Trends in Developing Countries: Case Studies
John Rogers Heap-Yih Chong
No ratings yet
Frontiers in Clinical Drug Research - HIV: Volume 4
From Everand
Frontiers in Clinical Drug Research - HIV: Volume 4
Atta-ur-Rahman
No ratings yet
Smart Antennas: Recent Trends in Design and Applications
From Everand
Smart Antennas: Recent Trends in Design and Applications
PublishDrive
No ratings yet
Digital Innovation Adoption: Architectural Recommendations and Security Solutions
From Everand
Digital Innovation Adoption: Architectural Recommendations and Security Solutions
Muhammad Ehsan Rana
No ratings yet
An Introduction to Legal, Regulatory and Intellectual Property Rights Issues in Biotechnology
From Everand
An Introduction to Legal, Regulatory and Intellectual Property Rights Issues in Biotechnology
Alessandro Stasi
No ratings yet
Genes in Health and Disease
From Everand
Genes in Health and Disease
PublishDrive
No ratings yet
Modern Intelligent Instruments - Theory and Application
From Everand
Modern Intelligent Instruments - Theory and Application
Changjian Deng
No ratings yet
Heterocyclic Anti-Inflammatory Agents: A Guide for Medicinal Chemists
From Everand
Heterocyclic Anti-Inflammatory Agents: A Guide for Medicinal Chemists
Anjaneyulu Bendi
No ratings yet
Juniper Simulator With Designer For JNCIA
No ratings yet
Juniper Simulator With Designer For JNCIA
60 pages
Juniper Demo Lab Manual
No ratings yet
Juniper Demo Lab Manual
60 pages
Enterasys B5 Manual
100% (1)
Enterasys B5 Manual
714 pages
Juniper Lab Manual PDF
100% (1)
Juniper Lab Manual PDF
101 pages
Juniper Lab Manual
100% (2)
Juniper Lab Manual
101 pages
Junos Guide To Configuring Interfaces
No ratings yet
Junos Guide To Configuring Interfaces
1,918 pages
Extreme Ware 7.0 Command Ref
No ratings yet
Extreme Ware 7.0 Command Ref
1,598 pages
EXOS User Guide 15.7
No ratings yet
EXOS User Guide 15.7
1,745 pages
EXT-XOSS&Rv23-SG-v1.1 (Extended)
No ratings yet
EXT-XOSS&Rv23-SG-v1.1 (Extended)
359 pages
ExtremeXOS Feature License Requirements
No ratings yet
ExtremeXOS Feature License Requirements
22 pages
Mgtextre
No ratings yet
Mgtextre
171 pages
D-Series Firmware RN 6.03.14.0004
No ratings yet
D-Series Firmware RN 6.03.14.0004
23 pages
Ext Xoss&r SG 22
No ratings yet
Ext Xoss&r SG 22
463 pages
Extreme Networks
No ratings yet
Extreme Networks
69 pages
Wireless GSG
No ratings yet
Wireless GSG
74 pages
Control Module
No ratings yet
Control Module
600 pages
ExtremeWireless WiNG AP7662i - AP7662 Access Point Installation Guide
No ratings yet
ExtremeWireless WiNG AP7662i - AP7662 Access Point Installation Guide
41 pages
Extreme Ware Command Ref 75
No ratings yet
Extreme Ware Command Ref 75
2,546 pages
200 Series CLI Guide
No ratings yet
200 Series CLI Guide
718 pages
ENA 12.6-ILT-Mod 02-Switch Management-Rev02-111230 PDF
100% (1)
ENA 12.6-ILT-Mod 02-Switch Management-Rev02-111230 PDF
65 pages
Extrime SW EXOSCommandRef11 - 6 PDF
No ratings yet
Extrime SW EXOSCommandRef11 - 6 PDF
2,276 pages
Extreme Ware Software User Guide Version 6.1.x
No ratings yet
Extreme Ware Software User Guide Version 6.1.x
432 pages
Timetra Port Mib
No ratings yet
Timetra Port Mib
161 pages
EXOS Command Reference 22 5
No ratings yet
EXOS Command Reference 22 5
3,296 pages
Network Interfaces Ethernet PDF
100% (1)
Network Interfaces Ethernet PDF
2,064 pages
2oth Century Artists
No ratings yet
2oth Century Artists
12 pages
Omni FC
No ratings yet
Omni FC
11 pages
(DID) Activity Template RACI Chart - Phase 2 - Template - Phase 2
100% (1)
(DID) Activity Template RACI Chart - Phase 2 - Template - Phase 2
2 pages
BUBBLE HE Table Tagged
No ratings yet
BUBBLE HE Table Tagged
2 pages
Wireshark Tutorial PDF
No ratings yet
Wireshark Tutorial PDF
7 pages
Behavior Modification Principles and Procedures 5th Edition Miltenberger Test Bank - Download PDF
100% (5)
Behavior Modification Principles and Procedures 5th Edition Miltenberger Test Bank - Download PDF
39 pages
Surgery Observation Paper
No ratings yet
Surgery Observation Paper
3 pages
Bridge PDF
No ratings yet
Bridge PDF
57 pages
Eligible Multifamily Housing and Community Facilities Underwriter List
No ratings yet
Eligible Multifamily Housing and Community Facilities Underwriter List
6 pages
Unit 6 Study Sheet Gr.2
No ratings yet
Unit 6 Study Sheet Gr.2
10 pages
The Hive Hostels
No ratings yet
The Hive Hostels
5 pages
Prudential Bank of San Mateo
No ratings yet
Prudential Bank of San Mateo
1 page
Lesson Plan Format Filipino
No ratings yet
Lesson Plan Format Filipino
4 pages
Curriculim Vitae: Education Qualification:-Passport Details
No ratings yet
Curriculim Vitae: Education Qualification:-Passport Details
8 pages
Submitted To: Submitted By: Group-3 2018-Arch-9/Isha Fatehullah 2018-ARCH-32/AZKA IHSAN
No ratings yet
Submitted To: Submitted By: Group-3 2018-Arch-9/Isha Fatehullah 2018-ARCH-32/AZKA IHSAN
66 pages
Art History-19 Century Birth of "Isms": - Neoclassisim - Romanticism - Realism - Impressionism - Post-Impressionism
No ratings yet
Art History-19 Century Birth of "Isms": - Neoclassisim - Romanticism - Realism - Impressionism - Post-Impressionism
40 pages
What Is (Was) Alchemy (Inglés) Autor A. Tramer, R. Voltz and F. Lahmani
No ratings yet
What Is (Was) Alchemy (Inglés) Autor A. Tramer, R. Voltz and F. Lahmani
14 pages
Satish's Profile
No ratings yet
Satish's Profile
3 pages
Ma Auditor Independence Letter Sample Commission 201x
No ratings yet
Ma Auditor Independence Letter Sample Commission 201x
2 pages
Rebecca Comay - Benjamin's Endgame
No ratings yet
Rebecca Comay - Benjamin's Endgame
21 pages
Substructure
No ratings yet
Substructure
82 pages
Arthur Schopenhauer Quotes
No ratings yet
Arthur Schopenhauer Quotes
4 pages
A1968 - Completing Risk Assessment Template Guideline
No ratings yet
A1968 - Completing Risk Assessment Template Guideline
22 pages
Decagon Bacon Aw Study
No ratings yet
Decagon Bacon Aw Study
2 pages
Final Research Report - SE - 2018 - 036 - Rajamiththiran
No ratings yet
Final Research Report - SE - 2018 - 036 - Rajamiththiran
74 pages
Present Continuous Laboratory Activities
No ratings yet
Present Continuous Laboratory Activities
3 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.