M Commands
This chapter describes the Cisco Nexus 1000V commands that begin with the letter M.
mac access-list
To create a MAC ACL, use the
mac access-list
command. To remove the MAC ACL, use the
no
form of this command.
mac
access-list
name
no
mac
access-list
name
Syntax Description
name
|
List name. The range of valid values is 1 to 64.
|
Defaults
The MAC ACL does not exist.
Command Modes
Global configuration (config)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to create a MAC ACL:
n1000v#
configure terminaln1000v(config)#
mac access-list aL1
Related Commands
|
|
show access-list
|
Displays access list information.
|
mac address-table aging-time
To configure the aging time for entries in the Layer 2 table, use the
mac address-table aging-time
command. To return to the default settings, use the
no
form of this command.
mac address-table aging-time
seconds
[
vlan
vlan-id
]
no mac address-table aging-time
[
vlan
vlan-id
]
Syntax Description
seconds
|
Aging time for MAC table entries for Layer 2. The range is from 120 to 918000 seconds. The default is 1800 seconds. Entering 0 disables the aging time.
|
vlan
vlan-id
|
(Optional) Specifies the VLAN to apply the changed aging time.
|
Command Modes
Global configuration (config)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
Enter
0
seconds to disable the aging process.
The age value may be rounded off to the nearest multiple of 5 seconds. If the system rounds the value to a different value from that specified by the user (from the rounding process), the system returns an informational message.
When you use this command in the global configuration mode, the age values of all VLANs for which a configuration has not been specified are modified and those VLANs with specifically modified aging times are not modified. When you use the
no
form of this command without the VLAN parameter, only those VLANs that have not been specifically configured for the aging time reset to the default value. Those VLANs with specifically modified aging times are not modified.
When you use this command and specify a VLAN, the aging time for only the specified VLAN is modified. When you use the
no
form of this command and specify a VLAN, the aging time for the VLAN is returned to the current
global
configuration for the aging time, which may or may not be the default value of 300 seconds depending if the global configuration of the device for aging time has been changed.
Aging time is counted from the last time that the switch detected the MAC address.
Examples
This example shows how to change the length of time an entry remains in the MAC address table to 500 seconds for the entire device:
n1000v(config)#
mac address-table aging-time 500
Related Commands
|
|
show mac address-table
|
Displays information about the MAC address table.
|
clear mac address-table aging-time
|
Displays information about the MAC address aging time.
|
mac address-table static
To add a static entry to the Layer 2 MAC address table, use the
mac address-table static
command. To delete the static entry, use the
no
form of this command.
mac
address-table
static
mac-address
vlan
vlan-id
{
interface
{
interface-name
}
+
|
drop
} [
auto-learn
]
no
mac
address-table
static
mac-address
vlan
vlan-id
Syntax Description
mac-address
|
Specifies a static MAC address to add to the table in one of the following formats.
-
X.X.X
-
XX-XX-XX-XX-XX-XX
-
XX:XX:XX:XX:XX:XX
-
XXXX.XXXX.XXXX
|
vlan
vlan-id
|
Specifies a VLAN (from 1 to 4094) for the static MAC address.
|
interface
interface-name
|
(Optional) Specifies one of the following interfaces for the static MAC address
:
-
ethernet slot/port
-
veth number
|
drop
|
Indicates that all traffic destined for the specified MAC address and VLAN should be dropped.
|
auto-learn
|
(Optional) Allow moving this MAC address.
|
Command Modes
Global configuration (config)
network-admin
Command History
|
|
4.2(1)SV1(4)
|
This command was modified to remove the port channel option.
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
You cannot apply the
mac address-table static
mac-address
vlan
vlan-id
drop
command to a multicast MAC address.
The output interface specified cannot be a VLAN interface or a Switched Virtual Interface (SVI).
Use the
no
form to remove entries that are profiled by the combination of specified entry information.
Examples
This example shows how to add a static entry to the MAC address table:
n1000v(config)#
mac address-table static 0050.3e8d.6400 vlan 3 interface ethernet 2/1
Related Commands
|
|
show mac address-table
|
Displays information about the MAC address table.
|
mac auto-static-learn
To toggle the auto-mac-learning state on vEthernet interface, use the
mac auto-static-learn
command. To disable the auto-mac-learning state, use the
no
form of this command.
mac
auto-static-learn
[no]
mac
auto-static-learn
Syntax Description
This command has no arguments or keywords.
Defaults
By default, the auto-mac-learning state is enabled.
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-profile)
network-admin
Command History
|
|
4.2(1)SV1(5.1)
|
This command was introduced.
|
Usage Guidelines
-
This command is needed on the VEthernets that are used for Microsoft Netwrok Load Balancing setups in unicast mode.
-
This configuration is not supported on PVLAN ports.
-
This configuration is not supported on the ports configured with UUFB (Unknown Unicast Flood Blocking).
-
This configuration is not supported on the ports configured with the command
switchport port-security mac-address sticky.
Examples
This example shows how to configure the auto-mac-learning state on vEth1:
n1000v# configure terminal n1000v(config)# int veth 1 n1000v(config-if)# [no] mac auto-static-learn
Related Commands
|
|
mac address-table static
|
Adds a static MAC address in the Layer 2 MAC address table and saves it in the running configuration.
|
mac port access-group
To enable access control for port groups, use the
mac port access-group
command. To disable access control for port groups, use the
no
form of this command.
mac
port
access-group
name
{
in
|
out
}
no
mac
port
access-group
name
{
in
|
out
}
Syntax Description
name
|
Group name. The range of valid values is 1 to 64.
|
in
|
Specifies inbound traffic.
|
out
|
Specifies outbound traffic.
|
Defaults
Access control for packets is not specified.
Command Modes
Port profile configuration (config-port-prof)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to enable access control for port groups:
n1000v# configure terminal n1000v(config)# port-profile 1 n1000v(config-port-prof)# mac port access-group groupOne in n1000v(config-port-prof)#
Related Commands
|
|
show mac
|
Displays MAC information.
|
match (ACL)
To define ACL matching criteria, use the
match
command. To remove matching criteria, use the
no
form of this command.
match
{{
access-group
name
name
} | {[
not
]
cos
cos-list
} | {[
not
]
dscp
{
dscp-list
|
dscp-enum
}
+
} | {[
not
]
precedence
{
precedence-list
|
prec-enum
}
+
} | {[
not
]
discard-class
discard-class-list
} | {[
not
]
qos-group
qos-group-list
} | {[
not
]
class-map
cmap-name
} | {[
not
]
packet
length
len-list
} | {[
not
]
ip
rtp
port-list
}}
no
match
{{
access-group
name
acl-name
} | {[
not
]
cos
cos-list
} | {[
not
]
dscp
{
dscp-list
|
dscp-enum
}
+
} | {[
not
]
precedence
{
precedence-list
|
prec-enum
}
+
} | {[
not
]
discard-class
discard-class-list
} | {[
not
]
qos-group
qos-group-list
} | {[
not
]
class-map
cmap-name
} | {[
not
]
packet
length
len-list
} | {[
not
]
ip
rtp
port-list
}}
Syntax Description
access-group
|
Specifies the access group.
|
name
|
Specifies the ACL name.
|
name
|
ACL name. The range of valid values is 1 to 64.
|
not
|
(Optional) Negates the match result.
|
cos
|
IEEE 802.1Q CoS (Class of Service).
|
cos-list
|
List of CoS values. The range of valid values is 0 to 7.
|
dscp
|
DSCP in IP(v4) and IPv6 packets.
|
dscp-list
|
List of DSCP values.
|
dscp-enum
|
.
|
precedence
|
Precedence in IP(v4) and IPv6 packets.
|
precedence-list
|
List of precedence values.
|
prec-enum
|
.
|
discard-class
discard-class-list
|
Discard class + List of discard-class values.
|
qos-group
qos-group-list
|
Qos-group + List of qos-group values.
|
class-map
cmap-name
|
Class map + Match class-map name.
|
packet
|
Packet.
|
length
|
Length of IP datagram.
|
len-list
|
list of IP packet length.
|
ip
|
IP.
|
rtp
|
Real Time Protocol.
|
port-list
|
UDP port list that are using RTP.
|
Command Modes
Class map configuration (config-cmap-qos
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to configure a class-map match criteria:
n1000v(config)# class-map cl_map1 n1000v(config-cmap-qos)# match access-group name ac_gr1
This example shows how to remove the class-map match criteria:
n1000v(config)# class-map cl_map1 n1000v(config-cmap-qos)# no match access-group name ac_gr1
Related Commands
|
|
show class map
|
Displays class map information.
|
match ip (NetFlow)
To define IP matching criteria for a NetFlow flow record, use the
match ip
command. To remove the matching criteria, use the
no
form of this command.
match
ip
{
protocol
|
tos
}
no
match
ip
{
protocol
|
tos
}
Syntax Description
protocol
|
Protocol.
|
tos
|
Type of service.
|
Command Modes
Flow record configuration (config-flow-record)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to configure IP matching criteria for a NetFlow flow record and then display the result:
n1000v(config)# flow record RecordTest n1000v(config-flow-record)# match ip protocol n1000v(config-flow-record)# show flow record doc-n1000v(config-flow-record)#
This example shows how to remove the IP matching criteria for a NetFlow flow record a and then display the result:
n1000v(config)# flow record RecordTest n1000v(config-flow-record)# no match ip protocol n1000v(config-flow-record)# show flow record doc-n1000v(config-flow-record)#
Related Commands
|
|
show flow record
[name]
|
Displays a NetFlow flow record configuration.
|
match ipv4
|
Defines IPv4 matching criteria for a NetFlow flow record.
|
match transport
|
Defines transport matching criteria for a NetFlow flow record.
|
match ipv4 (NetFlow)
To define IPv4 matching criteria for a NetFlow flow record, use the
match ipv4
command. To remove the matching criteria, use the
no
form of this command.
match
ipv4
{
source
|
destination
}
address
no
match
ipv4
{
source
|
destination
}
address
Syntax Description
source
|
Source Address.
|
destination
|
Destination Address.
|
address
|
Address.
|
Command Modes
Flow record configuration (config-flow-record)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to configure IPv4 matching criteria for a NetFlow flow record and then display the result:
n1000v(config)# flow record RecordTest n1000v(config-flow-record)# match ipv4 destination address n1000v(config-flow-record)# show flow record match ipv4 destination address n1000v(config-flow-record)#
This example shows how to remove the IPv4 matching criteria for a NetFlow flow record a and then display the result:
n1000v(config)# flow record RecordTest n1000v(config-flow-record)# no match ipv4 destination address n1000v(config-flow-record)# show flow record doc-n1000v(config-flow-record)#
Related Commands
|
|
show flow record
[name]
|
Displays a NetFlow flow record configuration.
|
match ip
|
Defines IP matching criteria for a NetFlow flow record.
|
match transport
|
Defines transport matching criteria for a NetFlow flow record.
|
match protocol
To configure match criteria based on protocol, use the
match protocol
command.
match protocol
proto
no match protocol
proto
Syntax Description
proto
|
Acceptable protocol values:
-
n1k_control
-
n1k_mgmt
-
n1k_packet
-
vmw_ft
-
vmw_iscsi
-
vmw_mgmt
-
vmw_nfs
-
vmw_vmotion
|
Command Default
No match protocol is set by default.
Command Modes
Class map configuration (config-cmap-que)
network admin
Command History
|
|
4.2(1)SV1(4)
|
This command was introduced.
|
Usage Guidelines
The match protocol command configures a match criteria based on the specified protocol.
Examples
This example show how to set the protocol to a value of vmw_motion.
n1000v(config-cmap-que)# match protocol vmw_motion
match transport (NetFlow)
To define transport matching criteria for a NetFlow flow record, use the
match transport
command. To remove the matching criteria, use the
no
form of this command.
match
transport
{
destination-port
|
source-port
}
no
match
transport
{
destination-port
|
source-port
}
Syntax Description
destination-port
|
Transport destination port.
|
source-port
|
Transport source port.
|
Command Modes
Flow Record configuration (config-flow-record)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to configure transport matching criteria for a NetFlow flow record and then display the result:
n1000v(config)# flow record RecordTest n1000v(config-flow-record)# match transport destination-port n1000v(config-flow-record)# show flow record match ipv4 destination-port n1000v(config-flow-record)#
This example shows how to remove the transport matching criteria for a NetFlow flow record a and then display the result:
n1000v(config)# flow record RecordTest n1000v(config-flow-record)# no match transport destination-port n1000v(config-flow-record)# show flow record doc-n1000v(config-flow-record)#
Related Commands
|
|
show flow record
[name]
|
Displays a NetFlow flow record configuration.
|
match ip
|
Defines IP matching criteria for a NetFlow flow record.
|
match ipv4
|
Defines IPv4 matching criteria for a NetFlow flow record.
|
max-ports
To specify the maximum number of ports for a port profile, use the
max-ports
command. To remove the maximum ports configuration, use the
no
form of this command.
max-ports
number
no
max-ports
number
Syntax Description
number
|
Specifies the maximum number of ports (1 to 1024) for a port profile.
|
Command Modes
Port profile configuration (config-port-prof)
network-admin
Command History
|
|
4.2(1)SV1(4)
|
This command was changed from vmware max-ports to max-ports.
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to set the maximum number of ports in the testprofile port profile:
n1000v#
configure terminaln1000v(config)# port-profile testprofile n1000v(config-port-prof)# max-ports 100 n1000v(config-port-prof)#
This example shows how to remove the maximum ports configuration from the testprofile port profile:
n1000v#
configure terminaln1000v(config)# port-profile testprofile n1000v(config-port-prof)# no max-ports 100 n1000v(config-port-prof)#
Related Commands
|
|
show port-profile name
|
Displays configuration information about a particular port-profile.
|
port-profile
|
Creates a port profile.
|
media
To specify the media type of a VLAN as Ethernet, use the
media
command. To remove the type, use the
no
form of this command.
media ethernet
no
media
Syntax Description
ethernet
|
Specifies Ethernet media type.
|
Command Modes
VLAN configuration (config-vlan)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to configure media type:
n1000v#
configure terminaln1000v(
config)#
media ethernet
Related Commands
|
|
show vlan
|
Displays VLAN information.
|
mkdir
To create a new directory, use the
mkdir
command.
mkdir {bootflash: | debug: | volatile:}
Syntax Description
bootflash:
|
Specifies bootflash as the directory name.
|
debug:
|
Specifies debug as the directory name.
|
volatile:
|
Specifies volatile as the directory name.
|
Command Modes
Any
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to create the bootflash: directory:
Related Commands
|
|
cd
|
Changes the current working directory.
|
dir
|
Displays the directory contents.
|
pwd
|
Displays the name of the current working directory.
|
module vem
To enter commands on the VEM remotely from the Cisco Nexus 1000V, use the
module vem
command.
module vem
module-number execute line [line]
Syntax Description
module-number
|
Specifies the module number. The range is 3 to 66.
|
execute
|
Specifies the command to execute on the VEM.
|
line
|
(Optional) The syntax of the command to be sent to the VEM.
|
Command Modes
EXEC
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to display the VEM port profile configuration remotely from the Cisco Nexus 1000V:
n1000v#
module vem 3 execute vemcmd show port-profile
This example shows how to display the VEM VSD configuration remotely from the Cisco Nexus 1000V:
n1000v# module vem 3 execute vemcmd show vsd ID Def_Act ILTL OLTL NMLTL State Member LTLs 1 DROP 48 49 4 ENA 54,52,55,53 vsim-cp# module vem 3 execute vemcmd show vsd ports LTL IfIndex VSD_ID VSD_PORT_TYPE
Related Commands
|
|
show module vem
|
Displays Virtual Ethernet Module information.
|
monitor session
To enter the monitor configuration mode for configuring an Ethernet switch port analyzer (SPAN) session for analyzing traffic between ports, use the monitor session command.
To disable monitoring a SPAN session(s), use the no form of this command.
monitor session {
session-number
[
shut
|
type erspan-source
]
|
all shut
}
no monitor session {
session-number
[
shut
|
type erspan-source
]
|
all shut
}
Syntax Description
session-number
|
Specifies the session number for monitoring a switched port. SPAN sessions are numbered from 1 to 64.
|
shut
|
(Optional) Shuts the selected session.
|
type
|
(Optional) Specifies a session type.
|
erspan-source
|
(Optional) Creates an erspan source session
|
all
|
Specify all sessions for monitoring a switched port.
|
Command Modes
Global configuration (config)
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Examples
This example shows how to enter the monitor configuration mode for configuring SPAN session number 2 for analyzing traffic between ports:
n1000v(config)#
monitor session 2
This example shows how to remove the configuration for SPAN session 2 for analyzing traffic between ports:
n1000v(config)#
no
monitor session 2
Related Commands
|
|
show monitor
|
Displays Ethernet SPAN information.
|
move
To move a file from one directory to another, use the
move
command.
move
[
filesystem
:
[
//
module
/
][
directory
/
] |
directory
/]
source-filename
{{
filesystem
:[
//
module
/][
directory
/
] |
directory
/
}[
destination-filename
] |
target-filename
}
Syntax Description
filesystem
:
|
(Optional) Name of a file system. The name is case sensitive.
|
//
module
/
|
(Optional) Identifier for a supervisor module. Valid values are
sup-active
,
sup-local
,
sup-remote
, or
sup-standby
. The identifiers are case sensitive.
|
directory
/
|
(Optional) Name of a directory. The name is case sensitive.
|
source-filename
|
Name of the file to move. The name is case sensitive.
|
destination-filename
|
(Optional) Name of the destination file. The name is alphanumeric, case sensitive, and has a maximum of 64 characters.
|
Defaults
The default name for the destination file is the same as the source filename.
Command Modes
Any
network-admin
Command History
|
|
4.0(4)SV1(1)
|
This command was introduced.
|
Usage Guidelines
You can make a copy of a file by using the
copy
command.
Tip You can rename a file by moving it within the same directory.
Examples
This example shows how to move a file to another directory:
n1000v# move file1 my_files:file2
This example shows how to move a file to another file system:
n1000v# move file1 slot0:
This example shows how to move a file to another supervisor module:
n1000v# move file1 bootflash://sup-remote/file1.bak
Related Commands
|
|
cd
|
Changes the current working directory.
|
copy
|
Makes a copy of a file.
|
dir
|
Displays the directory contents.
|
pwd
|
Displays the name of the current working directory.
|
mtu (Interface)
To set the maximum size of a transmission unit (MTU) for an interface, use the
mtu
command. To remove the configuration from the interface, use the
no
form of this command.
mtu
size
no
mtu
size
Syntax Description
size
|
Specifies the maximum allowable MTU. The range is 1500 to 9000 bytes.
|
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
network-admin
Command History
|
|
4.2(1) SV1(4)
|
This command was added to port profile configuration.
|
4.0(4) SV1(1)
|
This command was introduced.
|
Usage Guidelines
The mtu value must be less than that configured for
system jumbomtu
.
When configuring port profiles, MTU is only applied in Ethernet type port profiles that are system uplink port profiles.
When you configure the MTU in a system port profile, it causes any interface inheriting the port profile to flap. If the system port profile includes the control VLAN, then the module, itself, flaps.
Examples
This example shows how to set the size of the port channel interface MTU to 2000:
n1000v#
configure terminaln1000v(
config)#
interface port-channel 2n1000v(
config-if)#
mtu 2000
This example shows how to set the size of the MTU to 2000 in a port profile:
n1000v#
configure terminaln1000v(
config)#
port-profile AccessProfn1000v(config-port-prof)# mtu 2000
Related Commands
|
|
show port-profile
|
Displays port profile information.
|
port-profile
|
Creates a port profile and enters port profile configuration mode.
|
show interface ethernet
|
Displays Ethernet interface information.
|
show interface port-channel
|
Displays port-channel interface information.
|
show running-config
|
Displays the current operating configuration, which includes the system jumbo MTU size.
|
interface
|
Creates an interface and enters interface configuration mode.
|
mtu (ERSPAN)
To set the maximum size of a transmission unit for ERSPANed packets in a monitor session, use the
mtu
command.
mtu
mtu_value
Syntax Description
mtu_value
|
Specifies the maximum allowable MTU (50 - 1500 bytes) for ERSPANed packets in a monitor session. Packets larger than the allowable size are truncated.
|
Command Modes
ERSPAN configuration (config-erspan-src)
network-admin
Command History
|
|
4.0(4) SV1(1)
|
This command was introduced.
|
Usage Guidelines
ERSPANed packets larger than the specified allowable size for the monitor session are truncated.
Examples
This example shows how to configure an MTU of 1000 bytes for ERSPANed packets
in monitor session 2:
n1000v#
configure terminaln1000v(
config)#
monitor session 2 type erspan-sourcen1000v(
config-erspan-source)#
mtu 1000
Related Commands
|
|
show monitor session
|
Displays the ERSPAN session configuration.
|
monitor session
|
Creates an ERSPAN monitor session.
|