D Commands
This chapter describes the Cisco Nexus 1000V commands that begin with the letter D.
deadtime
To configure the duration of time for which a non-reachable RADIUS or TACACS+ server is skipped, use the
deadtime
command. To revert to the default, use the
no
form of this command.
deadtime
minutes
no
deadtime
minutes
Syntax Description
minutes
|
Number of minutes, from 0 to 1440, for the interval.
|
Command Modes
RADlUS server group configuration (
config-radius
)
TACACS+ server group configuration (
config-tacacs+
)
Global configuration (
config
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
Before you can configure it, you must enable TACACS+ using the
tacacs+ enable
command.
The dead-time can be configured either globally and applied to all RADIUS or TACACS+ servers; or per server group.
If the dead-time interval for a RADIUS or TACACS+ server group is greater than zero (0), that value takes precedence over the global dead-time value.
Setting the dead-time interval to 0 disables the timer.
When the dead-time interval is 0 minutes, RADIUS and TACACS+ servers are not marked as dead even if they are not responding.
Examples
This example shows how to set the dead-time interval to 2 minutes for a RADIUS server group:
n1000v(config)# aaa group server radius RadServer n1000v(config-radius)# deadtime 2
This example shows how to set a global dead-time interval to 5 minutes for all TACACS+ servers and server groups:
n1000v(config)# tacacs-server deadtime 5
This example shows how to set the dead-time interval to 5 minutes for a TACACS+ server group:
n1000v(config)# aaa group server tacacs+ TacServer n1000v(config-tacacs+)# deadtime 5
This example shows how to revert to the dead-time interval default:
n1000v(config)# feature tacacs+ n1000v(config)# aaa group server tacacs+ TacServer n1000v(config-tacacs+)# no deadtime 5
Related Commands
|
|
aaa group server
|
Configures AAA server groups.
|
radius-server host
|
Configures a RADIUS server.
|
show radius-server groups
|
Displays RADIUS server group information.
|
show tacacs-server groups
|
Displays TACACS+ server group information.
|
tacacs+ enable
|
Enables TACACS+.
|
tacacs-server host
|
Configures a TACACS+ server.
|
debug logfile
To direct the output of the
debug
commands to a specified file, use the
debug logfile
command. To revert to the default, use the
no
form of this command.
debug logfile
filename
[
size
bytes
]
no debug logfile
filename
[
size
bytes
]
Syntax Description
filename
|
Name of the file for
debug
command output. The filename is alphanumeric, case sensitive, and has a maximum of 64 characters.
|
size
bytes
|
(Optional) Specifies the size of the logfile in bytes. The range is from 4096 to 4194304.
|
Defaults
Default filename: syslogd_debugs
Default file size: 4194304 bytes
Command Modes
Any
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
The logfile is created in the log: file system root directory.
Use the
dir log:
command to display the log files.
Examples
This example shows how to specify a debug logfile:
n1000v# debug logfile debug_log
This example shows how to revert to the default debug logfile:
n1000v# no debug logfile debug_log
Related Commands
|
|
dir
|
Displays the contents of a directory.
|
show debug
|
Displays the debug configuration.
|
show debug logfile
|
Displays the debug logfile contents.
|
debug logging
To enable
debug
command output logging, use the
debug logging
command. To disable debug logging, use the
no
form of this command.
debug logging
no debug logging
Syntax Description
This command has no arguments or keywords.
Command Modes
Any
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to enable the output logging for the
debug
command:
This example shows how to disable the output logging for the
debug
command:
Related Commands
|
|
debug logfile
|
Configures the logfile for the
debug
command output.
|
default ip arp inspection limit
To remove a configured rate limit for dynamic ARP inspection, use the
default ip arp inspection limit
command. This resets the inspection limit to its defaults.
default
ip
arp
inspection
limit
{
rate
[
burst
interval
] |
none
}
Syntax Description
rate
|
Rate Limit.
|
burst
|
(Optional) burst interval.
|
interval
|
(Optional) burst interval.
|
none
|
No limit.
|
Command Modes
Interface configuration (config-if)
network-admin
Command History
|
|
4.2(1) SV1(4)
|
This command was introduced.
|
Examples
This example shows how to remove a configured rate limit for dynamic ARP inspection from vEthernet interface 3, and reset the rate limit to the default:
n1000v(
config
)#
interface vethernet 3
n1000v(config-if)# default ip arp inspection limit rate
Related Commands
|
|
show running-config dhcp
|
Displays the DHCP configuration including DAI.
|
show ip arp inspection
|
Displays the status of DAI.
|
ip arp inspection vlan
|
Configures a VLAN for dynamic ARP inspection.
|
ip
arp
inspection
limit
|
Configures a rate limit for dynamic ARP inspection.
|
default ip arp inspection trust
To remove a trusted vEthernet interface configuration for dynamic ARP inspection, use the
default ip arp inspection trust
command. This returns the interface to the default untrusted state.
default
ip
arp
inspection
trust
Syntax Description
This command has no arguments or keywords.
Command Modes
Interface configuration (config-if)
network-admin
Command History
|
|
4.2(1) SV1(4)
|
This command was introduced.
|
Examples
This example shows how to remove the trusted vEthernet interface configuration for dynamic ARP inspection; and return vEthernet interface 3 to the untrusted state:
n1000v(
config
)#
interface vethernet 3
n1000v(config-if)# default ip arp inspection trust
Related Commands
|
|
show ip arp inspection interface vethernet
interface-number
|
Displays the trust state and ARP packet rate for a specific interface.
|
ip arp inspection vlan
|
Configures a VLAN for dynamic ARP inspection.
|
ip
arp
inspection
trust
|
Configures a trusted vEthernet interface for dynamic ARP inspection.
|
default switchport (port profile)
To remove a particular switchport characteristic from a port profile, use the
default
switchport
command.
default
switchport
{
mode
|
access
vlan
|
trunk
{
native
|
allowed
}
vlan
|
private-vlan
{
host-association
|
mapping
[
trunk
]} |
port-security
}
Syntax Description
mode
|
Removes the port mode characteristic from a port profile, which causes the port mode to revert to global or interface defaults (access mode). This is equivalent to executing the
no switchport mode port-profile
command.
|
access vlan
|
Removes an access VLAN configuration.
|
trunk allowedvlan
|
Removes trunking allowed VLAN characteristics.
|
trunk native vlan
|
Removes trunking native VLAN characteristics.
|
private-vlan host-association
|
Removes PVLAN host-association.
|
private-vlan mapping
|
Removes PVLAN mapping.
|
port-security
|
Removes port-security characteristics.
|
Command Modes
Port profile configuration (
config-port-prof
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
The functionally of this command is equivalent to using the no form of a specific switchport command. For example, the effect of the following commands is the same:
-
default switchport mode
command =
no switchport mode
command
-
default switchport access vlan
command =
no switchport access vlan
command
-
default switchport trunk native vlan
command=
no switchport trunk native vlan
command
Examples
This example shows how to revert port profile ports to switch access ports.
n1000v(config-port-prof)#
default switchport mode
This example shows how to remove the trunking allowed VLAN characteristics of a port profile.
n1000v(config-port-prof)# default switchport trunk allowed vlan
This example shows how to remove the private VLAN host association of a port profile.
n1000v(config-port-prof)# default switchport private-vlan host-association
This example shows how to remove port security characteristics of a port profile.
n1000v(config-port-prof)# default switchport port-security
Related Commands
|
|
show port-profile
|
Displays information about port profile(s).
|
default shutdown (port profile)
To remove a configured administrative state from a port profile, and return its member interfaces to the default state (shutdown), use the
default shutdown
command.
default
shutdown
Syntax Description
This command has no arguments or keywords.
Command Modes
Port profile configuration (
config- port-prof
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to change the member interfaces in the port profile named DataProfile to shutdown:
n1000v#
port-profile DataProfilen1000v(config-port-prof)#
default shutdownn1000v(config-port-prof)#
Related Commands
|
|
show port-profile
|
Displays the configuration for a port profile.
|
|
|
default shutdown (interface)
To remove a configured administrative state from an interface, use the
default shutdown
command.
default
shutdown
Syntax Description
This command has no arguments or keywords.
Command Modes
Interface configuration (
config- if
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
When you use the
default shutdown
command on a port profile member interface, it also allows the port profile configuration to take affect.
Examples
This example shows how to change interface Ethernet 3/2 to shutdown:
n1000v(config)# interface ethernet 3/2 n1000v(config-if)# default shutdown
Related Commands
|
|
show running-config interface
|
Displays the interface configuration.
|
interface ethernet
|
Configures an Ethernet interface.
|
interface vethernet
|
Configures a vEthernet interface.
|
default switchport port-security (VEthernet)
To remove any user configuration for the switchport port-security characteristic from a VEthernet interface, use the
default switchport port-security
command. This has the effect of setting the default (disabled) for port-security for that interface.
default
switchport
port-security
Syntax Description
This command has no arguments or keywords.
Command Modes
Interface configuration (
config-if
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to disable port security n1000von VEthernet 2:
n1000v(config)# interface veth 2 n1000v(config-if)# default switchport port-security
Related Commands
|
|
show running-config port-security
|
Displays the port security configuration.
|
show port-security
|
Displays the port security status.
|
default (table map)
To specify the default action for mapping input field values to output field values in a table map, use the
default
command.
default
{
value
|
copy
}
no default
{
value
|
copy
}
Syntax Description
value
|
Default value to use for the output value in the range from 0 to 63.
|
copy
|
Specifies that the default action is to copy all equal values to an equal output value.
|
Defaults
Copies the input value to the output value.
Command Modes
Table map configuration (config-tmap)
Default table map configuration
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
The
copy
keyword is available only in the table map configuration mode. In the default table map configuration mode, the
copy
keyword is not available because all values must be assigned a mapping.
Examples
This example shows how to remove the default mapping action copy. The resulting default action is ignore:
n1000v(
config)#
table-map my_table1n1000v(config-tmap)# no default copy
Related Commands
|
|
from
|
Specifies input field to output field mappings in table maps.
|
show table-map
|
Displays table maps.
|
delay
To assign an informational throughput delay value to an Ethernet interface, use the
delay
command. To remove delay value, use the
no
form of this command.
delay
value
no
delay
[
value
]
Syntax Description
delay_val
|
Specifies the throughput delay time in tens of microseconds.
Allowable values are between 1 and 16777215.
|
Command Modes
Interface configuration (config-if)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
The actual Ethernet interface throughput delay time does not change when you set this value—the setting is for informational purposes only.
Examples
This example shows how to assign the delay time to an Ethernet slot 3 port 1 interface:
n1000v(config)# interface ethernet 3/1 n1000v(config-if)# delay 10000
This example shows how to remove the delay time configuration:
n1000v(config)# interface ethernet 3/1 n1000v(config-if)#
no delay 10000
Related Commands
|
|
show interface
|
Displays configuration information for an interface.
|
delete
To delete a file, use the
delete
command.
delete
[
filesystem
:
[
//
directory
/
] |
directory
/
]
filename
Syntax Description
filesystem
:
|
(Optional) Name of the file system. Valid values are
bootflash
or
volatile
.
|
//
directory
/
|
(Optional) Name of the directory. The directory name is case sensitive.
|
filename
|
Name of the file. The name is case sensitive.
|
Command Modes
Any
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
Use the
dir
command to locate the file you that want to delete.
Examples
This example shows how to delete a file:
n1000v# delete bootflash:old_config.cfg
Related Commands
|
|
dir
|
Displays the contents of a directory.
|
deny (IPv4)
To create an IPv4 ACL rule that denies traffic matching its conditions, use the
deny
command. To remove a rule, use the
no
form of this command.
General Syntax
[
sequence-number
]
deny
protocol
source
destination
[
dscp
dscp
|
precedence
precedence
]
no deny
protocol
source
destination
[
dscp
dscp
|
precedence
precedence
]
no
sequence-number
Internet Control Message Protocol
[
sequence-number
]
deny icmp
source
destination
[
icmp-message
]
[
dscp
dscp
|
precedence
precedence
]
Internet Group Management Protocol
[
sequence-number
]
deny igmp
source
destination
[
igmp-message
]
[
dscp
dscp
|
precedence
precedence
]
Internet Protocol v4
[
sequence-number
]
deny ip
source
destination
[
dscp
dscp
|
precedence
precedence
]
Transmission Control Protocol
[
sequence-number
]
deny tcp
source
[
operator
port
[
port
]
|
portgroup
portgroup
]
destination
[
operator
port
[
port
]
|
portgroup
portgroup
]
[
dscp
dscp
|
precedence
precedence
]
[
fragments
]
[
log
]
[
time-range
time-range-name
]
[
flags
]
[
established
]
User Datagram Protocol
[
sequence-number
]
deny udp
source
operator
port
[
port
]
destination
[
operator
port
[
port
]
[
dscp
dscp
|
precedence
precedence
]
Syntax Description
sequence-number
|
(Optional) Sequence number of the
deny
command, which causes the device to insert the command in that numbered position in the access list. Sequence numbers maintain the order of rules within an ACL.
A sequence number can be any integer between 1 and 4294967295.
By default, the first rule in an ACL has a sequence number of 10.
If you do not specify a sequence number, the device adds the rule to the end of the ACL and assigns a sequence number that is 10 greater than the sequence number of the preceding rule.
Use the
resequence
command to reassign sequence numbers to rules.
|
protocol
|
Name or number of the protocol of packets that the rule matches. Valid numbers are from 0 to 255. Valid protocol names are the following keywords:
-
icmp
—Specifies that the rule applies to ICMP traffic only. When you use this keyword, the
icmp-message
argument is available, in addition to the keywords that are available for all valid values of the
protocol
argument.
-
igmp
—Specifies that the rule applies to IGMP traffic only. When you use this keyword, the
igmp-type
argument is available, in addition to the keywords that are available for all valid values of the
protocol
argument.
-
ip
—Specifies that the rule applies to all IPv4 traffic. When you use this keyword, only the other keywords and arguments that apply to all IPv4 protocols are available. They include the following:
–
dscp
–
precedence
-
tcp
—Specifies that the rule applies to TCP traffic only. When you use this keyword, the
flags
and
operator
arguments are available, in addition to the keywords that are available for all valid values of the
protocol
argument.
-
udp
—Specifies that the rule applies to UDP traffic only. When you use this keyword, the
operator
argument is available, in addition to the keywords that are available for all valid values of the
protocol
argument.
|
source
|
Source IPv4 addresses that the rule matches. For details about the methods that you can use to specify this argument, see “Source and Destination” in the “Usage Guidelines” section.
|
destination
|
Destination IPv4 addresses that the rule matches. For details about the methods that you can use to specify this argument, see “Source and Destination” in the “Usage Guidelines” section.
|
dscp
dscp
|
(Optional) Specifies that the rule matches only those packets with the specified 6-bit differentiated services value in the DSCP field of the IP header. The
dscp
argument can be one of the following numbers or keywords:
-
0–63—The decimal equivalent of the 6 bits of the DSCP field. For example, if you specify 10, the rule matches only those packets that have the following bits in the DSCP field: 001010.
-
af11
—Assured Forwarding (AF) class 1, low drop probability (001010)
-
af12
—AF class 1, medium drop probability (001100)
-
af13
—AF class 1, high drop probability (001110)
-
af21
—AF class 2, low drop probability (010010)
-
af22
—AF class 2, medium drop probability (010100)
-
af23
—AF class 2, high drop probability (010110)
-
af31
—AF class 3, low drop probability (011010)
-
af32
—AF class 3, medium drop probability (011100)
-
af33
—AF class 3, high drop probability (011110)
-
af41
—AF class 4, low drop probability (100010)
-
af42
—AF class 4, medium drop probability (100100)
-
af43
—AF class 4, high drop probability (100110)
-
cs1
—Class-selector (CS) 1, precedence 1 (001000)
-
cs2
—CS2, precedence 2 (010000)
-
cs3
—CS3, precedence 3 (011000)
-
cs4
—CS4, precedence 4 (100000)
-
cs5
—CS5, precedence 5 (101000)
-
cs6
—CS6, precedence 6 (110000)
-
cs7
—CS7, precedence 7 (111000)
-
default
—Default DSCP value (000000)
-
ef
—Expedited Forwarding (101110)
|
precedence
precedence
|
(Optional) Specifies that the rule matches only packets that have an IP Precedence field with the value specified by the
precedence
argument. The
precedence
argument can be a number or a keyword, as follows:
-
0–7—Decimal equivalent of the 3 bits of the IP Precedence field. For example, if you specify 3, the rule matches only packets that have the following bits in the DSCP field: 011.
-
critical
—Precedence 5 (101)
-
flash
—Precedence 3 (011)
-
flash-override
—Precedence 4 (100)
-
immediate
—Precedence 2 (010)
-
internet
—Precedence 6 (110)
-
network
—Precedence 7 (111)
-
priority
—Precedence 1 (001)
-
routine
—Precedence 0 (000)
|
icmp-message
|
(ICMP only: Optional) ICMP message type that the rule matches. This argument can be an integer from 0 to 255 or one of the keywords listed under “ICMP Message Types” in the “Usage Guidelines” section.
|
igmp-message
|
(IGMP only: Optional) IGMP message type that the rule matches. The
igmp-message
argument can be the IGMP message number, which is an integer from 0 to 15. It can also be one of the following keywords:
-
dvmrp
—Distance Vector Multicast Routing Protocol
-
host-query
—Host query
-
host-report
—Host report
-
pim
—Protocol Independent Multicast
-
trace
—Multicast trace
|
operator
port
[
port
]
|
(Optional; TCP and UDP only) Rule matches only packets that are from a source port or sent to a destination port that satisfies the conditions of the
operator
and
port
arguments. Whether these arguments apply to a source port or a destination port depends upon whether you specify them after the
source
argument or after the
destination
argument.
The
port
argument can be the name or the number of a TCP or UDP port. Valid numbers are integers from 0 to 65535. For listings of valid port names, see “TCP Port Names” and “UDP Port Names” in the “Usage Guidelines” section.
A second
port
argument is required only when the
operator
argument is a range.
The
operator
argument must be one of the following keywords:
-
eq
—Matches only if the port in the packet is equal to the
port
argument.
-
gt
—Matches only if the port in the packet is greater than and not equal to the
port
argument.
-
lt
—Matches only if the port in the packet is less than and not equal to the
port
argument.
-
neq
—Matches only if the port in the packet is not equal to the
port
argument.
-
range
—Requires two
port
arguments and matches only if the port in the packet is equal to or greater than the first
port
argument and equal to or less than the second
port
argument.
|
flags
|
(TCP only; Optional) TCP control bit flags that the rule matches. The value of the
flags
argument must be one or more of the following keywords:
|
Defaults
A newly created IPv4 ACL contains no rules.
If you do not specify a sequence number, the device assigns the rule a sequence number that is 10 greater than the last rule in the ACL.
Command Modes
IPv4 ACL configuration (config-acl)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
When the device applies an IPv4 ACL to a packet, it evaluates the packet with every rule in the ACL. The device enforces the first rule that has conditions that are satisfied by the packet. When the conditions of more than one rule are satisfied, the device enforces the rule with the lowest sequence number.
Source and Destination
You can specify the
source
and
destination
arguments in one of several ways. In each rule, the method that you use to specify one of these arguments does not affect how you specify the other argument. When you configure a rule, use the following methods to specify the
source
and
destination
arguments:
-
Address and network wildcard—You can use an IPv4 address followed by a network wildcard to specify a host or a network as a source or destination. The syntax is as follows:
IPv4-address network-wildcard
The following example shows how to specify the
source
argument with the IPv4 address and network wildcard for the 192.168.67.0 subnet:
n1000v(config-acl)# deny tcp 192.168.67.0 0.0.0.255 any
-
Address and variable-length subnet mask—You can use an IPv4 address followed by a variable-length subnet mask (VLSM) to specify a host or a network as a source or destination. The syntax is as follows:
The following example shows how to specify the
source
argument with the IPv4 address and VLSM for the 192.168.67.0 subnet:
n1000v(config-acl)# deny udp 192.168.67.0/24 any
-
Host address—You can use the
host
keyword and an IPv4 address to specify a host as a source or destination. The syntax is as follows:
This syntax is equivalent to
IPv4-address
/32 and
IPv4-address
0.0.0.0.
The following example shows how to specify the
source
argument with the
host
keyword and the 192.168.67.132 IPv4 address:
n1000v(config-acl)# deny icmp host 192.168.67.132 any
-
Any address—You can use the
any
keyword to specify that a source or destination is any IPv4 address. For examples of the use of the
any
keyword, see the examples in this section. Each example shows how to specify a source or destination by using the
any
keyword.
ICMP Message Types
The
icmp-message
argument can be the ICMP message number, which is an integer from 0 to 255. It can also be one of the following keywords:
-
administratively-prohibited
—Administratively prohibited
-
alternate-address
—Alternate address
-
conversion-error
—Datagram conversion
-
dod-host-prohibited
—Host prohibited
-
dod-net-prohibited
—Net prohibited
-
echo
—Echo (ping)
-
echo-reply
—Echo reply
-
general-parameter-problem
—Parameter problem
-
host-isolated
—Host isolated
-
host-precedence-unreachable
—Host unreachable for precedence
-
host-redirect
—Host redirect
-
host-tos-redirect
—Host redirect for ToS
-
host-tos-unreachable
—Host unreachable for ToS
-
host-unknown
—Host unknown
-
host-unreachable
—Host unreachable
-
information-reply
—Information replies
-
information-request
—Information requests
-
mask-reply
—Mask replies
-
mask-request
—Mask requests
-
mobile-redirect
—Mobile host redirect
-
net-redirect
—Network redirect
-
net-tos-redirect
—Net redirect for ToS
-
net-tos-unreachable
—Network unreachable for ToS
-
net-unreachable
—Net unreachable
-
network-unknown
—Network unknown
-
no-room-for-option
—Parameter required but no room
-
option-missing
—Parameter required but not present
-
packet-too-big
—Fragmentation needed and DF set
-
parameter-problem
—All parameter problems
-
port-unreachable
—Port unreachable
-
precedence-unreachable
—Precedence cutoff
-
protocol-unreachable
—Protocol unreachable
-
reassembly-timeout
—Reassembly timeout
-
redirect
—All redirects
-
router-advertisement
—Router discovery advertisements
-
router-solicitation
—Router discovery solicitations
-
source-quench
—Source quenches
-
source-route-failed
—Source route failed
-
time-exceeded
—All time-exceeded messages
-
timestamp-reply
—Time-stamp replies
-
timestamp-request
—Time-stamp requests
-
traceroute
—Traceroute
-
ttl-exceeded
—TTL exceeded
-
unreachable
—All unreachables
TCP Port Names
When you specify the
protocol
argument as
tcp
, the
port
argument can be a TCP port number, which is an integer from 0 to 65535. It can also be one of the following keywords:
bgp
—Border Gateway Protocol (179)
chargen
—Character generator (19)
cmd
—Remote commands (rcmd, 514)
daytime
—Daytime (13)
discard
—Discard (9)
domain
—Domain Name Service (53)
drip
—Dynamic Routing Information Protocol (3949)
echo
—Echo (7)
exec
—EXEC (rsh, 512)
finger
—Finger (79)
ftp
—File Transfer Protocol (21)
ftp-data
—FTP data connections (2)
gopher
—Gopher (7)
hostname
—NIC hostname server (11)
ident
—Ident Protocol (113)
irc
—Internet Relay Chat (194)
klogin
—Kerberos login (543)
kshell
—Kerberos shell (544)
login
—Login (rlogin, 513)
lpd
—Printer service (515)
nntp
—Network News Transport Protocol (119)
pim-auto-rp
—PIM Auto-RP (496)
pop2
—Post Office Protocol v2 (19)
pop3
—Post Office Protocol v3 (11)
smtp
—Simple Mail Transport Protocol (25)
sunrpc
—Sun Remote Procedure Call (111)
tacacs
—TAC Access Control System (49)
talk
—Talk (517)
telnet
—Telnet (23)
time
—Time (37)
uucp
—UNIX-to-UNIX Copy Program (54)
whois
—WHOIS/NICNAME (43)
www
—World Wide Web (HTTP, 8)
UDP Port Names
When you specify the
protocol
argument as
udp
, the
port
argument can be a UDP port number, which is an integer from 0 to 65535. It can also be one of the following keywords:
biff
—Biff (mail notification, comsat, 512)
bootpc
—Bootstrap Protocol (BOOTP) client (68)
bootps
—Bootstrap Protocol (BOOTP) server (67)
discard
—Discard (9)
dnsix
—DNSIX security protocol auditing (195)
domain
—Domain Name Service (DNS, 53)
echo
—Echo (7)
isakmp
—Internet Security Association and Key Management Protocol (5)
mobile-ip
—Mobile IP registration (434)
nameserver
—IEN116 name service (obsolete, 42)
netbios-dgm
—NetBIOS datagram service (138)
netbios-ns
—NetBIOS name service (137)
netbios-ss
—NetBIOS session service (139)
non500-isakmp
—Internet Security Association and Key Management Protocol (45)
ntp
—Network Time Protocol (123)
pim-auto-rp
—PIM Auto-RP (496)
rip
—Routing Information Protocol (router, in.routed, 52)
snmp
—Simple Network Management Protocol (161)
snmptrap
—SNMP Traps (162)
sunrpc
—Sun Remote Procedure Call (111)
syslog
—System Logger (514)
tacacs
—TAC Access Control System (49)
talk
—Talk (517)
tftp
—Trivial File Transfer Protocol (69)
time
—Time (37)
who
—Who service (rwho, 513)
xdmcp
—X Display Manager Control Protocol (177)
Examples
This example shows how to configure an IPv4 ACL named acl-lab-01 with rules that deny all TCP and UDP traffic from the 10.23.0.0 and 192.168.37.0 networks to the 10.176.0.0 network and a final rule that permits all other IPv4 traffic:
n1000v(config)# ip access-list acl-lab-01 n1000v(config-acl)# deny tcp 10.23.0.0/16 10.176.0.0/16 n1000v(config-acl)# deny udp 10.23.0.0/16 10.176.0.0/16 n1000v(config-acl)# deny tcp 192.168.37.0/16 10.176.0.0/16 n1000v(config-acl)# deny udp 192.168.37.0/16 10.176.0.0/16 n1000v(config-acl)# permit ip any any
Related Commands
|
|
ip access-list
|
Configures an IPv4 ACL.
|
permit (IPv4)
|
Configures a permit rule in an IPv4 ACL.
|
remark
|
Configures a remark in an IPv4 ACL.
|
show ip access-list
|
Displays all IPv4 ACLs or one IPv4 ACL.
|
statistics per-entry
|
Enables collection of statistics for each entry in an ACL.
|
deny (MAC)
To create a MAC access control list (ACL)+ rule that denies traffic matching its conditions, use the
deny
command. To remove a rule, use the
no
form of this command.
[
sequence-number
]
deny
source
destination
[
protocol
] [
cos
cos-value
] [
vlan
vlan-id
]
no deny
source
destination
[
protocol
] [
cos
cos-value
] [
vlan
vlan-id
]
no
sequence-number
Syntax Description
sequence-number
|
(Optional) Sequence number of the
deny
command, which causes the device to insert the command in that numbered position in the access list. Sequence numbers maintain the order of rules within an ACL.
A sequence number can be any integer between 1 and 4294967295.
By default, the first rule in an ACL has a sequence number of 10.
If you do not specify a sequence number, the device adds the rule to the end of the ACL and assigns a sequence number that is 10 greater than the sequence number of the preceding rule.
Use the
resequence
command to reassign sequence numbers to rules.
|
source
|
Source MAC addresses that the rule matches. For details about the methods that you can use to specify this argument, see “Source and Destination” in the “Usage Guidelines” section.
|
destination
|
Destination MAC addresses that the rule matches. For details about the methods that you can use to specify this argument, see “Source and Destination” in the “Usage Guidelines” section.
|
protocol
|
(Optional) Protocol number that the rule matches. Valid protocol numbers are 0x0 to 0xffff. For listings of valid protocol names, see “MAC Protocols” in the “Usage Guidelines” section.
|
cos
cos-value
|
(Optional) Specifies that the rule matches only packets with an IEEE 802.1Q header that contains the Class of Service (CoS) value given in the
cos-value
argument. The
cos-value
argument can be an integer from 0 to 7.
|
vlan
vlan-id
|
(Optional) Specifies that the rule matches only packets with an IEEE 802.1Q header that contains the VLAN ID given. The
vlan-id
argument can be an integer from 1 to 4094.
|
Defaults
A newly created MAC ACL contains no rules.
If you do not specify a sequence number, the device assigns the rule a sequence number that is 10 greater than the last rule in the ACL.
Command Modes
MAC ACL configuration (
config-mac-acl
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
When the device applies a MAC ACL to a packet, it evaluates the packet with every rule in the ACL. The device enforces the first rule that has conditions that are satisfied by the packet. When the conditions of more than one rule are satisfied, the device enforces the rule with the lowest sequence number.
Source and Destination
You can specify the
source
and
destination
arguments in one of two ways. In each rule, the method that you use to specify one of these arguments does not affect how you specify the other argument. When you configure a rule, use the following methods to specify the
source
and
destination
arguments:
-
Address and mask—You can use a MAC address followed by a mask to specify a single address or a group of addresses. The syntax is as follows:
The following example specifies the
source
argument with the MAC address 00c0.4f03.0a72:
n1000v(config-acl)# deny 00c0.4f03.0a72 0000.0000.0000 any
The following example specifies the
destination
argument with a MAC address for all hosts with a MAC vendor code of 00603e:
n1000v(config-acl)# deny any 0060.3e00.0000 0000.0000.0000
-
Any address—You can use the
any
keyword to specify that a source or destination is any MAC address. For examples of the use of the
any
keyword, see the examples in this section. Each of the examples shows how to specify a source or destination by using the
any
keyword.
MAC Protocols
The
protocol
argument can be the MAC protocol number or a keyword. The protocol number is a four-byte hexadecimal number prefixed with 0x. Valid protocol numbers are from 0x0 to 0xffff. Valid keywords are the following:
-
aarp
—Appletalk ARP (0x80f3)
-
appletalk
—Appletalk (0x809b)
-
decnet-iv
—DECnet Phase IV (0x6003)
-
diagnostic
—DEC Diagnostic Protocol (0x6005)
-
etype-6000
—EtherType 0x6000 (0x6000)
-
etype-8042
—EtherType 0x8042 (0x8042)
-
ip
—Internet Protocol v4 (0x0800)
-
lat
—DEC LAT (0x6004)
-
lavc-sca
—DEC LAVC, SCA (0x6007)
-
mop-console
—DEC MOP Remote console (0x6002)
-
mop-dump
—DEC MOP dump (0x6001)
-
vines-echo
—VINES Echo (0x0baf)
Examples
This example shows how to configure a MAC ACL named mac-ip-filter with rules that permit any non-IPv4 traffic between two groups of MAC addresses:
n1000v(config)# mac access-list mac-ip-filter n1000v(config-mac-acl)# deny 00c0.4f00.0000 0000.00ff.ffff 0060.3e00.0000 0000.00ff.ffff ip n1000v(config-mac-acl)# permit any any
Related Commands
|
|
mac access-list
|
Configures a MAC ACL.
|
permit (MAC)
|
Configures a deny rule in a MAC ACL.
|
remark
|
Configures a remark in an ACL.
|
show mac access-list
|
Displays all MAC ACLs or one MAC ACL.
|
statistics per-entry
|
Enables collection of statistics for each entry in an ACL.
|
description (interface)
To do add a description for the interface and save it in the running configuration, use the
description
command. To remove the interface description, use the
no
form of this command.
description
text
no
description
Syntax Description
text
|
Describes the interface. The maximum number of characters is 80.
|
Command Modes
Interface configuration (config-if)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to add the description for the interface and save it in the running configuration.:
n1000v(
config-if)#
description Ethernet port 3 on module 1
This example shows how to remove the interface description.
n1000v(
config-if)#
no description Ethernet port 3 on module 1
Related Commands
|
|
interface vethernet
|
Creates a virtual Ethernet interface.
|
interface port-channel
|
Creates a port-channel interface.
|
interface ethernet
|
Creates an Ethernet interface.
|
interface mgmt
|
Configure the management interface.
|
show interface
|
Displays the interface status, including the description.
|
description (NetFlow)
To add a description to a flow record, flow monitor, or flow exporter, use the
description
command. To remove the description, use the
no
form of this command.
description
line
no
description
Syntax Description
line
|
Description of up to 63 characters.
|
Command Modes
NetFlow flow record (config-flow-record)
NetFlow flow exporter (config-flow-exporter)
Netflow flow monitor (config-flow-monitor)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to add a description to a flow record:
n1000v(config)# flow record RecordTest n1000v(config-flow-record)# description Ipv4flow
This example shows how to add a description to a flow exporter:
n1000v(config)# flow exporter ExportTest n1000v(config-flow-exporter)# description ExportHamilton
This example shows how to add a description to a flow monitor:
n1000v(config)# flow monitor MonitorTest n1000v(config-flow-monitor)# description Ipv4Monitor
Related Commands
|
|
flow exporter
|
Creates a Flexible NetFlow flow exporter.
|
flow record
|
Creates a Flexible NetFlow flow record.
|
flow monitor
|
Creates a Flexible NetFlow flow monitor.
|
show flow exporter
|
Displays information about the NetFlow flow exporter.
|
show flow record
|
Displays information about NetFlow flow records.
|
show flow monitor
|
Displays information about the NetFlow flow monitor.
|
description(Network Segmentation Policy)
To add a description to the network segmentation policy, use the
description
command. To remove the description, use the
no
form of this command.
description
description
no
description
[
description
]
Syntax Description
description
|
The description of the network segmentation policy. The description can be up to 80 ASCII characters.
|
Command Modes
Network Segment Policy configuration (config-network-segment-policy)
network-admin
Command History
|
|
4.2(1)SV1(5.1)
|
This command was introduced.
|
Examples
This example shows how to add a description to the network segmentation policy:
n1000v# configure terminal n1000v(config)# network-segment policy abc-policy-vxlan n1000v(config-network-segment-policy)# description network segmentation policy for ABC for VXLAN networks n1000v(config-network-segment-policy)
Related Commands
|
|
network-segment policy
|
Creates a network segmentation policy.
|
show run network-segment policy
|
Displays the network segmentation policy configuration.
|
description (Port Profile Role)
To add a description to a port profile role, use the
description
command. To remove the description, use the
no
form of this command.
description
string
no
description
Syntax Description
string
|
Describes the role in up to 32 characters.
|
Command Modes
Port profile role configuration (config-port-profile-role)
network-admin
Command History
|
|
4.2(1)SV1(4)
|
This command was introduced.
|
Examples
This example shows how to add a description to a role:
n1000v(config)# port-profile-role adminRole n1000v(
config-port-profile-role)#
description adminOnly
This example shows how to remove the role description:
n1000v(config)# port-profile-role adminRole n1000v(
config-role)#
no description
Related Commands
|
|
show port-profile-role
|
Displays the port profile role configuration, including role names, descriptions, assigned users, and assigned groups.
|
show port-profile-role users
|
Displays available users and groups.
|
show port-profile
|
Displays the port profile configuration, including roles assigned to them.
|
port-profile-role
|
Creates a port profile role.
|
user
|
Assigns a user to a port profile role.
|
group
|
Assigns a group to a port profile role.
|
assign port-profile-role
|
Assigns a port profile role to a specific port profile.
|
feature port-profile-role
|
Enables support for the restriction of port profile roles.
|
port-profile
|
Creates a port profile.
|
description (QoS)
To add a description to a QoS class map, policy map, or table map use the
description
command. To remove the description, use the
no
form of this command.
description
text
no description
text
Syntax Description
text
|
Description, of up to 200 characters, for the class map or policy map.
|
Command Modes
QoS class map configuration (
config-cmap-qo
s)
QoS table map configuration (
config-tmap-qo
s)
QoS policy map configuration (
config-pmap-qos
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to add a description to a policy map:
n1000v(
config)#
policy-map my_policy1n1000v(config-pmap)# description this policy applies to input packets
Related Commands
|
|
class-map
|
Creates or modifies a class map.
|
policy-map
|
Creates or modifies a policy map.
|
table-map
|
Creates or modifies a QoS table map.
|
description (role)
To add a description for a role, use the
description
command. To remove a description of a role, use the
no
form of this command.
description
string
no
description
Syntax Description
string
|
Describes the role. The string can include spaces.
|
Command Modes
Role configuration (
config-role
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to add a description to a role:
n1000v(
config-role)#
description admin
This example shows how to remove the role description:
n1000v(
config-role)#
no description admin
Related Commands
|
|
username
|
Creates a user account including the assignment of a role.
|
show role
|
Displays a role configuration.
|
description (SPAN)
To add a description to a SPAN session, use the
description
command. To remove the description, use the
no
form of this command.
description
string
no
description
Syntax Description
string
|
Specifies a description of up to 32 alphanumeric characters.
|
Defaults
Blank (no description)
Command Modes
SPAN monitor configuration (config-monitor)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to add a description to a SPAN session:
n1000v(config)#
monitor session 8 n1000v(config-monitor)#
description span_session_8a
This example shows how to remove a description from a SPAN session:
n1000v(config)#
monitor session 8 n1000v(
config)#
no description span_session_8a
Related Commands
|
|
show monitor session
|
Displays session information.
|
destination (NetFlow)
To add a destination IP address or VRF to a NetFlow flow exporter, use the
destination
command. To remove the IP address or VRF, use the
no
form of this command.
destination
{
ipaddr
|
ipv6addr
} [
use-vrf
vrf_name
]
no
destination
Syntax Description
ipaddr
|
Destination IP address for collector.
|
ipv6addr
|
Destination IPv6 address for collector.
|
use-vrf
vrf_name
|
(Optional) Optional VRF label.
|
Command Modes
NetFlow flow exporter configuration (config-flow-exporter)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to add a destination IP address to a Netflow flow exporter:
n1000v(config)# flow exporter ExportTest n1000v(config-flow-exporter)# destination 192.0.2.1
This example shows how to remove the IP address from a flow exporter:
n1000v(config)# flow exporter ExportTest n1000v(config-flow-exporter)# no destination 192.0.2.1
Related Commands
|
|
flow exporter
|
Creates a Flexible NetFlow flow exporter.
|
flow record
|
Creates a Flexible NetFlow flow record.
|
flow monitor
|
Creates a Flexible NetFlow flow monitor.
|
show flow exporter
|
Displays information about the NetFlow flow exporter.
|
show flow record
|
Displays information about NetFlow flow records.
|
show flow monitor
|
Displays information about the NetFlow flow monitor.
|
destination interface (SPAN)
To configures the port(s) in a SPAN session to act as destination(s) for copied source packets, use the
destination interface
command. To remove the destination interface, use the
no
form of this command.
destination
interface
type
number(s)_or_range
no
destination
interface
type
number(s)_or_range
Syntax Description
ethernet
slot/port_or_range
|
Designates the SPAN destination(s) Ethernet interface(s).
|
port-channel
number(s)_or_range
|
Designates the SPAN destination(s) port channel(s).
|
vethernet
number(s)_or_range
|
Designates the SPAN destination(s) virtual Ethernet interface(s).
|
Command Modes
SPAN monitor configuration (
config-monitor
)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
SPAN destination ports must already be configured as either access or trunk ports.
SPAN sessions are created in the shut state by default.
When you create a SPAN session that already exists, any additional configuration is added to that session. To make sure the session is cleared of any previous configuration, you can delete the session first using the command,
no monitor session
.
Examples
This example shows how to configure ethernet interfaces 2/5 and 3/7 in a SPAN session to act as destination(s) for copied source packets:
n1000v(config)#
monitor session 8 n1000v(config-monitor)#
destination interface ethernet 2/5, ethernet 3/7
This example shows how to remove the SPAN configuration from destination interface ethernet 2/5:
n1000v(config)#
monitor session 8 n1000v(config-monitor)#
no
destination interface ethernet 2/5
Related Commands
|
|
show interface
|
Displays the interface trunking configuration for the specified destination interface.
|
show monitor
|
Displays Ethernet SPAN information.
|
monitor session
|
Starts the specified SPAN monitor session(s).
|
dir
To display the contents of a directory or file, use the
dir
command.
dir
[
bootflash: | debug: | log: | volatile:]
Syntax Description
bootflash:
|
(Optional) Directory or filename.
|
debug:
|
(Optional) Directory or filename on expansion flash.
|
log:
|
(Optional) Directory or filename on log flash.
|
volatile:
|
(Optional) Directory or filename on volatile flash.
|
Command Modes
Any
network-admin
network-operator
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
Use the
pwd
command to identify the directory you are currently working in.
Use the
cd
command to change the directory you are currently working in.
Examples
This example shows how to display the contents of the bootflash: directory
Related Commands
|
|
cd
|
Changes the current working directory.
|
pwd
|
Displays the current working directory.
|
disable-loop-detection
To disable the loop detection mechanism to support a redundant routing protocol, use the
disable-loop-detection
command. To enable the loop detection mechanism, use the
no
form of this command.
disable-loop-detection
{carp|hsrp| vrrp| custom-rp
{[
src-mac-range
mac_range_start
mac_range_end
] [
dest-ip
dest_ip
] [
ip-proto
proto_no
] [
port
port_no
]}
}
no
disable-loop-detection
{carp|hsrp| vrrp|custom-rp
{[
src-mac-range
mac_range_start
mac_range_end
] [
dest-ip
dest_ip
] [
ip-proto
proto_no
] [
port
port_no
]}
}
Syntax Description
carp
|
Disables loop detection mechanism for Common Address Redundancy Protocol.
|
hsrp
|
Disables loop detection mechanism for Hot Standby Router Protocol.
|
vrrp
|
Disables loop detection mechanism for Virtual Router Redundancy Protocol.
|
custom-rp
|
Disables loop detection mechanism for user defined redundant routing protocol.
|
src-mac-range
|
(Optional) Source MAC address range for the user defined protocol.
|
mac_range_start
|
(Optional) Start MAC address.
|
mac_range_end
|
(Optional) End MAC address.
|
dest-ip
dest_ip
|
(Optional) Destination IP address for the user defined protocol.
|
ip-proto
proto_no
|
(Optional) IP protocol number for the user defined protocol.
|
port
port_no
|
(Optional) UDP or TCP destination port number for the user defined protocol.
|
Defaults
By default, the loop detection mechanism is enabled.
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
network-admin
Command History
|
|
4.2(1)SV1(5.1)
|
This command was introduced.
|
Usage Guidelines
-
If you configure a vEthernet Interface and a port profile to run multiple protocols on the same virtual machine, then the configuration on the vEthernet Interface overrides the configuration on the port profile.
-
Disable IGMP Snooping on both Cisco Nexus 1000 and upstream switches between the servers to support most redundant routing protocols.
-
Disable loop detection configuration is not supported on PVLAN ports.
-
Disable loop detection configuration is not supported on the port security ports.
Examples
This example shows how to disable loop detection for redundant routing protocols:
n1000v(config)# int veth5 n1000v(config-if)# disable-loop-detection carp n1000v(config-if)# disable-loop-detection vrrp n1000v(config-if)# disable-loop-detection hsrp n1000v(config-if)# disable-loop-detection custom-rp dest-ip 224.0.0.12 port 2234 n1000v# show running-config interface vethernet 5 !Command: show running-config interface Vethernet5 !Time: Fri Nov 4 02:21:24 2011 inherit port-profile vm59 description Fedora117, Network Adapter 2 disable-loop-detection carp disable-loop-detection custom-rp dest-ip 224.0.0.12 port 2234 disable-loop-detection hsrp disable-loop-detection vrrp vmware dvport 32 dvswitch uuid "ea 5c 3b 50 cd 00 9f 55-41 a3 2d 61 84 9e 0e c4" vmware vm mac 0050.56B3.00B2
Related Commands
|
|
show running-config interface
|
Displays the interface configuration.
|
domain id
To assign a domain-id, use the
domain id
command. To remove a domain-id, use the
no
form of this command.
domain
id
number
no
domain
id
Syntax Description
number
|
Specifies the domain-id number. The allowable domain IDs are 1 to 4095.
|
Command Modes
Domain configuration (config-svs-domain)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
During installation of the Cisco Nexus 1000V the setup utility prompts you to configure a domain, including the domain ID and control and packet VLANs.
Examples
This example shows how to assign a domain id:
n1000v(config)#
sve-domainn1000v(
config-svs-domain)#
domain-id number 32n1000v(
config-svs-domain)#
This example shows how to remove the domain-id:
n1000v(config)#
sve-domainn1000v(
config-svs-domain)#
no domain-id number 32n1000v(
config-svs-domain)#
Related Commands
|
|
show svs domain
|
Displays domain configuration.
|
dscp (NetFlow)
To add a differentiated services codepoint (DSCP) to a NetFlow flow exporter, use the
dscp
command. To remove the DSCP, use the
no
form of this command.
dscp
value
no
dscp
Syntax Description
value
|
Specifies a DSCP between 0 and 63.
|
Command Modes
NetFlow flow exporter configuration (config-flow-exporter)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to configure DSCP for a NetFlow flow exporter:
n1000v(config)# flow exporter ExportTest n1000v(config-flow-exporter)# dscp 2 n1000v(config-flow-exporter)#
This example shows how to remove DSCP from the NetFlow flow exporter:
n1000v(config)# flow exporter ExportTest n1000v(config-flow-exporter)# no dscp 2 n1000v(config-flow-exporter)#
Related Commands
|
|
flow exporter
|
Creates a Flexible NetFlow flow exporter.
|
flow record
|
Creates a Flexible NetFlow flow record.
|
flow monitor
|
Creates a Flexible NetFlow flow monitor.
|
show flow exporter
|
Displays information about the NetFlow flow exporter.
|
show flow record
|
Displays information about NetFlow flow records.
|
show flow monitor
|
Displays information about the NetFlow flow monitor.
|
duplex
To set the duplex mode for an interface as full, half, or autonegotiate, use the
duplex
command. To revert back to the default setting, use the
no
form of this command.
duplex
{
full
|
half
|
auto
}
no
duplex
[
full
|
half
|
auto
]
Syntax Description
full
|
Specifies full-duplex mode for the interface.
|
half
|
Specifies half-duplex mode for the interface.
|
auto
|
Sets the duplex mode on the interface to autonegotiate with the connecting port.
|
Command Modes
Interface configuration (config-if)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
When you use the no version of this command, an argument (such as full, half, or auto) is optional. To return to the default duplex setting, you can use either of the following commands (if, for example, the setting had been changed to full):
n1000v(config-if)# no duplex n1000v(config-if)# no duplex full
Examples
This example shows how to set the Ethernet port 1 on the module in slot 3 to full-duplex mode:
n1000v(config)# interface ethernet 2/1 n1000v(config-if)# duplex full
This example shows how to revert to the default duplex setting for the Ethernet port 1 on the module in slot 3:
n1000v(config)# interface ethernet 2/1 n1000v(config-if)# no duplex
Related Commands
|
|
interface
|
Specifies the interface that you are configuring.
|
speed
|
Sets the speed for the port channel interface.
|
show interface
|
Displays the interface status, which includes the speed and duplex mode parameters.
|