- segment distribution mac
- segment id
- segment mode unicast-only
- segment transport-mode native
- segment transport-mode
- send
- send-community extended
- server
- service ha-cluster clusterNo switchover
- service instance
- service mod
- service-policy
- service-port
- session-limit
- set
- setup
- shutdown (VLAN)
- shutdown (interface)
- shutdown (port profile)
- sleep
- snmp-server aaa-user cache-timeout
- snmp-server community
- snmp-server contact
- snmp-server globalEnforcePriv
- snmp-server host
- snmp-server location
- snmp-server protocol enable
- snmp-server tcp-session
- snmp-server user
- snmp trap link-status
- source-interface
- source mgmt (NetFlow)
- spanning-tree port type edge bpduguard default
- speed
- ssh
- ssh key
- state (VLAN)
- state (Port Profile)
- statistics per-entry
- storm-control enable
- sub-group
- sub-group-id
- svs connection
- svs-domain
- svs license transfer src-vem
- svs license volatile
- svs mode
- svs switch edition
- svs upgrade complete
- svs upgrade start
- svs veth auto-config-purge
- svs veth auto-delete
- svs veth auto-setup
- switchname
- switchport access bridge-domain
- switchport access vlan
- switchport mode
- switchport port-security
- switchport private-vlan host-association
- switchport private-vlan mapping
- switchport private-vlan mapping trunk
- switchport private-vlan trunk allowed vlan
- switchport trunk allowed vlan
- switchport trunk native vlan
- system inter-sup-heartbeat time
- system jumbomtu
- system redundancy role
- system storage-loss
- system switchover
- system update vem feature level
- system vlan
S Commands
This chapter describes the Cisco Nexus 1000V commands that begin with S.
segment distribution mac
To configure MAC distribution mode globally and per bridge domain.
Syntax Description
Defaults
Command Modes
Bridge Domain configuration (config-bd)
Command History
|
|
Usage Guidelines
This command specifes the mac distribution mode globally and per bridge-domain
Examples
This example shows how to configure the mac distribution mode globally:
n1000v(config)# segment mode unicast-only
n1000v(config)# segment distribution mac
This example shows how to configure the mac distribution mode per bridge-domain:
Related Commands
|
|
---|---|
Configures the segment mode unicast-only globally and per bridge-domain. |
segment id
To specify a segment ID to a VXLAN, use the segment id command. To remove the segment ID, use the no form of this command.
Syntax Description
The segment id of the VXLAN. The valid values are 4096 to 16777215. (Values 1 - 4095 are reserved for VLANs) |
Defaults
Command Modes
Bridge Domain configuration (config-bd)
Command History
|
|
Usage Guidelines
Only one Bridge Domain can use a particular segment id value.
Examples
This example shows how to specify a segment ID to a VXLAN:
n1000v(config)# bridge-domain tenant-red
n1000v(config-bd)# segment id 20480
Related Commands
|
|
---|---|
segment mode unicast-only
To configure unicast mode globally and per bridge domain with no MAC distribution enabled.
Syntax Description
Defaults
Command Modes
Bridge Domain configuration (config-bd)
Command History
|
|
Usage Guidelines
This command configures the segment mode as unicast-only mode globally and per bridge-domain.
Examples
This example shows how to configure the segment mode unicast-only globally:
n1000v(config)# segment mode unicast-only
This example shows how to configure the segment mode unicast-only per bridge-domain:
Related Commands
|
|
---|---|
Configure MAC distribution mode globally and per bridge-domain. |
|
segment transport-mode native
To set the transport-mode to native (VDP) at the global configuration level on the Cisco Nexus 1000V, use the segment transport-mode native command.
segment transport- mode native
Syntax Description
Configures the segment transport mode to native (VDP) to enable network-based overlays. |
Defaults
Command Modes
Command History
|
|
Usage Guidelines
The default segment transport-mode is set to VXLAN. Use this command to set it to native (VDP) at the global configuration level, to employ network based overlays.
Examples
This example shows the output where the segment transport-mode is set to native globally.:
Related Commands
|
|
---|---|
Specifies the segmentation transport-mode for a bridge-domain configuration. |
|
segment transport-mode
To configure the transport-mode to native (VDP) or VXLAN for a bridge-domain on the Cisco Nexus 1000V, use the segment transport-mode native command.
segment transport- mode {native | VXLAN}
Syntax Description
Sets the transport-mode to VDP to employ the network based overlays. |
|
Defaults
The segment transport mode (VXLAN or native) set globally by executing the segment transport-mode native command.
Command Modes
bridge-domain configuration (bd-config)
Command History
|
|
Usage Guidelines
Examples
This example shows running configuration for a bridge-domain with the segment transport-mode set to native(VDP) :
Related Commands
|
|
---|---|
Specifies the segmentation transport-mode to native globally. |
|
send
To send a message to an open session, use the send command.
send { message | session device message }
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Examples
This example shows how to send a message to an open session:
Related Commands
|
|
---|---|
send-community extended
To send extended community attribute to the neighbor, use the send-community extended command.
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Examples
This example shows how to send extended community attribute to the neighbor:
Related Commands
|
|
---|---|
server
To configure the RADIUS server as a member of the RADIUS server group, use the server command. To remove a server, use the no form of this command.
server { ipv4-address | server-name }
no server { ipv4-address | server-name }
Syntax Description
Defaults
Command Modes
Radius configuration (config-radius)
Command History
|
|
Examples
This example shows how to configure the RADIUS server as a member of the RADIUS server group:
This example shows how to remove the server configuration:
n1000v(
config)#
no server 10.10.1.1
Related Commands
service ha-cluster clusterNo switchover
Triggers a switchover from an Active service module to a Standby service module paired in HA.
service ha-cluster clusterNo switchover
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Use this command to initiate a switchover between service modules in HA.
Examples
This example shows how to configure a switchover of an active service module on a HA cluster:
n1000v(config)# service ha-cluster 1 switchover
Note Command is applicable for service modules configured in HA.
Related Commands
service instance
Defines a place holder for mappings. The range is from 1 to 4096.
no service instance (1 - 4096)
Syntax Description
Defaults
Command Modes
Port-profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure a service instance:
This example shows how to remove the service instance:
n1000v(config-port-prof)# no service instance 10
Note Port profiles containing the service instance keyword cannot be used for a non-VXLAN gateway module.
Related Commands
|
|
---|---|
Defines a place holder for mappings. The range is from 1 to 4096. |
|
Defines a place holder for remove mappings. The range is from 1 to 4096. |
service mod
Configure the service module in high availability (HA) pair.
[no] service mod role standalone
[no] service modNo1 role primary ha-cluster clusterNo
[no] service modNo2 role secondary ha-cluster clusterNo
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Roles can be pre-configured to module numbers in the VSM. When a VXLAN gateway is attached to the
VSM on that module, it inherits the Role and Status of that VSM.
Examples
This example shows how to configure service mod role standalone :
n1000v(config)# service 4 role standalone
This example shows how to configure service modNo1 role primary ha-cluster clusterNo:
n1000v(config)# service 4 role primary ha-cluster 1
This example shows how to configure service modNo2 role secondary ha-cluster clusterNo:
n1000v(config)# service 5 role secondary ha-cluster 1
This example shows how to remove the HA related configuration:
Related Commands
service <mod> update port-profile type ethernet name <Service module uplink port-profile>
To change the currently assigned port-profile name of the service module/VXLAN gateway uplink.
service <mod> update port-profile type ethernet name <Service module uplink port-profile>
Note Starting with Release 5.2(1)SV3(1.15), Cisco Nexus 1000V for VMware vSphere does not support the VXLAN gateway feature.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Port-profile name of the service module/VXLAN gateway uplink are changed by using this command.
Examples
This example shows how to change the currently assigned port-profile name of the service module/VXLAN gateway uplink.
Related Commands
service <mod> update port-profile type vethernet name <Service module VTEP port-profile>
To change the currently assigned port-profile name of the service module/VXLAN gateway VTEP.
service <mod> update port-profile type vethernet name <Service module VTEP port-profile>
Note Starting with Release 5.2(1)SV3(1.15), Cisco Nexus 1000V for VMware vSphere does not support the VXLAN gateway feature.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Port-profile name of the service module/VXLAN gateway VTEP are changed by using this command.
Examples
This example shows how to change the currently assigned port-profile name of the service module/VXLAN gateway VTEP.
Related Commands
service-policy
To configure a service policy for an interface, use the service-policy command. To remove the service policy configuration, use the no form of this command.
service-policy { input name [ no-stats ] | output name [ no-stats ] | type qos { input name [ no-stats ] | output name [ no-stats ]}}
no service-policy { input name [ no-stats ] | output name [ no-stats ] | type qos { input name [ no-stats ] | output name [ no-stats ]}}
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Examples
This example shows how to add an input QoS service policy called sp10 to vEthernet interface 10 with no statistics:
This example shows how to remove the input QoS service policy called sp10 with no statistics from
vEthernet interface 10:
Related Commands
|
|
---|---|
service-port
To configure an inside or outside interface in a virtual service domain (VSD) port profile, use the service-port command. To remove the configuration, use the no form of this command.
service-port { inside | outside } [ default-action { drop | forward }]
Syntax Description
Defaults
Command Modes
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
If a port profile without a service port is configured on an SVM, it will flood the network with packets.
When configuring a port profile on an SVM, first bring the SVM down, This prevents a port-profile that is mistakenly configured without a service port from flooding the network with packets. The SVM can be returned to service after the configuration is complete and verified.
Examples
This example shows how to configure an inside interface on a VSD port profile that drops packets if the service port is down:
n1000v# config t
n1000v(
config)# port-profile svm_vsd1_in
n1000v(
config-port-prof)# service-port inside default-action drop
n1000v(
config-port-prof)#
This example shows how to remove a service port configuration:
n1000v# config t
n1000v(
config)# port-profile svm_vsd1_in
n1000v(
config-port-prof)# no service-port
n1000v(
config-port-prof)#
Related Commands
|
|
---|---|
Displays a list of the VSDs currently configured in the VSM, including VSD names and port profiles. |
session-limit
To limit the number of VSH sessions, use the session-limit command. To remove the limit, use the no form of this command.
Syntax Description
Number of VSH sessions. The range of valid values is 1 to 64 |
Defaults
Command Modes
Line configuration (config-line)
Command History
|
|
Examples
This example shows how to limit the number of VSH sessions:
n1000v#
configure terminal
This example shows how to remove the limit:
n1000v#
configure terminal
set
To set QoS class attributes, use the set command. To remove class attributes, use the no form of this command.
set {{ cos cos-val } | { dscp [ tunnel ] { dscp-val | dscp-enum }} | { precedence [ tunnel ] { prec-val | prec-enum }} | { discard-class dis-class-val } | { qos-group qos-grp-val } | {{{ cos cos } | { dscp dscp } | { precedence precedence } | { discard-class discard-class }} table table-map-name } | { cos1 {{ dscp table cos-dscp-map } | { precedence table cos-precedence-map } | { discard-class table cos-discard-class-map }}} | { dscp1 {{ cos table dscp-cos-map } | { prec3 table dscp-precedence-map } | { dis-class3 table dscp-discard-class-map }}} | { prec1 {{ cos3 table precedence-cos-map } | { dscp3 table precedence-dscp-map } | { dis-class3 table precedence-discard-class-map }}} | { dis-class1 {{ cos3 table discard-class-cos-map } | { dscp3 table discard-class-dscp-map } | { prec3 table discard-class-precedence-map }}}}
no set {{ cos cos-val } | { dscp [ tunnel ] { dscp-val | dscp-enum }} | { precedence [ tunnel ] { prec-val | prec-enum }} | { discard-class dis-class-val } | { qos-group qos-grp-val } | {{{ cos cos } | { dscp dscp } | { precedence precedence } | { discard-class discard-class }} table table-map-name } | { cos1 {{ dscp table cos-dscp-map } | { precedence table cos-precedence-map } | { discard-class table cos-discard-class-map }}} | { dscp1 {{ cos table dscp-cos-map } | { prec3 table dscp-precedence-map } | { dis-class3 table dscp-discard-class-map }}} | { prec1 {{ cos3 table precedence-cos-map } | { dscp3 table precedence-dscp-map } | { dis-class3 table precedence-discard-class-map }}} | { dis-class1 {{ cos3 table discard-class-cos-map } | { dscp3 table discard-class-dscp-map } | { prec3 table discard-class-precedence-map }}}}
Syntax Description
Specifies DSCP (Differentiated Services Code Point) in IPv4 and IPv6 packets. |
|
Table defining mapping from input to output + Table-map name. |
|
Defaults
Command Modes
Policy map class configuration (config-pmap-c-qos)
Command History
|
|
Examples
This example shows how to set class attributes:
n1000v#
configure terminal
n1000v(config)#
policy-map pm1
This example shows how to remove class attributes:
Related Commands
|
|
---|---|
setup
To use the Basic System Configuration Dialog for creating or modifying a configuration file, use the setup command.
Syntax Description
This command has no arguments or keywords, but the Basic System Configuration Dialog prompts you for complete setup information (see the example below).
Defaults
Command Modes
Command History
|
|
---|---|
Usage Guidelines
The Basic System Configuration Dialog assumes the factory defaults. Keep this in mind when using it to modify an existing configuration.
All changes made to your configuration are summarized for you at the completion of the setup sequence with an option to save the changes or not.
You can exit the setup sequence at any point by pressing Ctrl-C.
Examples
This example shows how to use the setup command to create or modify a basic system configuration:
Related Commands
|
|
---|---|
shutdown (VLAN)
To shutdown switching on a VLAN, use the shutdown command. To turn on switching, use the no form of this command.
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Usage Guidelines
You cannot shut down the default VLAN, VLAN1, or VLANs 1006 to 4094.
Examples
This example shows how to shutdown switching on VLAN 10:
n1000v#
configure terminal
This example shows how to turn on switching on VLAN 10:
n1000v#
configure terminal
Related Commands
|
|
---|---|
shutdown (interface)
To disable an interface, use the shutdown command. To enable an interface, use the no form of this command.
Syntax Description
(Optional) Administratively enables or disables an interface. |
Defaults
Command Modes
Interface configuration (config-if)
Command History
|
|
Usage Guidelines
This command shuts down the interface. No traffic passes and the interface displays as administratively down.
Examples
This example shows how to administratively disable Ethernet interface 3/1:
This example shows how to administratively enable Ethernet interface 3/1:
Related Commands
|
|
---|---|
shutdown (port profile)
To disable all ports in a port profile, use the shutdown command. To enable ports in a port profile, use the no form of this command.
Syntax Description
(Optional) Administratively enables or disables all ports in the profile. |
Defaults
Command Modes
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
This command administratively disables all ports in the profile. No traffic passes and the ports display as administratively down.
Examples
This example shows how to administratively enable all ports in the TrunkProf port profile:
This example shows how to administratively disable all ports in the TrunkProf port profile:
Related Commands
|
|
---|---|
sleep
To set a sleep time, use the sleep command.
Syntax Description
Sleep time, in seconds. The range of valid values is 0 to 2147483647. |
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Usage Guidelines
Examples
This example shows how to set a sleep time:
n1000v#
sleep 100
n1000v#
This example shows how to disable sleep:
n1000v#
sleep 0
n1000v#
snmp-server aaa-user cache-timeout
To configure how long the AAA-synchronized user configuration stays in the local cache, use the snmp-server aaa-user cache-timeout command. To revert back to the default value of 3600 seconds, use the no form of this command.
snmp-server user aaa-user cache-timeout seconds
no snmp-server user aaa-user cache-timeout seconds
Syntax Description
Length of the time for the user configuration to remain in the local cache. The range is 1 to 86400 seconds. |
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to configure the AAA-synchronized user configuration to stay in the local cache for 1200 seconds:
n1000v(
config)# snmp-server aaa-user cache-timeout 1200
This example shows how to revert back to the default value of 3600 seconds:
Related Commands
|
|
---|---|
Enables a one-time authentication for SNMP over a TCP session. |
|
Configures an SNMP user with authentication and privacy parameters. |
snmp-server community
To create an SNMP community string, use the snmp-server community command. To remove the community, use the no form of this command.
snmp-server community string [ group group-name ] [ ro | rw ]
no snmp-server community string [ group group-name ] [ ro | rw ]
Syntax Description
(Optional) Specifies a group to which this community belongs. |
|
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure read-only access for the SNMP community called public:
n1000v(
config)# snmp-server community public ro
This example shows how to remove the SNMP community called public:
Related Commands
snmp-server contact
To configure the sysContact, which is the SNMP contact name, use the snmp-server contact command.
To remove or modify the sysContact, use the no form of this command.
no snmp-server contact [ name ]
Syntax Description
(Optional) SNMP contact name (sysContact), which can contain a maximum of 32 characters. |
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure the sysContact to be Admin:
n1000v(
config)# snmp-server contact Admin
This example shows how to remove the sysContact:
Related Commands
snmp-server globalEnforcePriv
To enforce SNMP message encryption for all users, use the snmp-server globalEnforcePriv command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enforce SNMP message encryption for all users:
n1000v(config)#
snmp-server mib globalEnforcePriv
Related Commands
snmp-server host
To configure a host receiver for SNMPv1 or SNMPv2c traps, use the snmp-server host command. To remove the host, use the no form of this command.
snmp-server host ip-address { traps | informs}{ version { 1 | 2c | 3 }} [ auth | noauth | priv ] community [ udp_port number ]
no snmp-server host ip-address { traps | informs} { version { 1 | 2c | 3 }} [ auth | noauth | priv ] community [ udp_port number ]
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to configure the host receiver, 192.0.2.1, for SNMPv1 traps:
This example shows how to remove the configuration:
Related Commands
snmp-server location
To configure the sysLocation, which is the SNMP location name, use the snmp-server location command.
To remove the sysLocation, use the no form of this command.
no snmp-server location [ name ]
Syntax Description
(Optional) SNMP location name (sysLocation), which can contain a maximum of 32 characters. |
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to configure the sysLocation to be Lab-7:
n1000v(
config)# snmp-server location Lab-7
This example shows how to remove the sysLocation:
Related Commands
snmp-server protocol enable
To enable SNMP protocol operations, use the snmp-server protocol enable command. To disable SNMP protocol operations, use the no form of this command.
no snmp-server protocol enable
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable SNMP protocol operations:
n1000v(config)#
snmp-server protocol enable
This example shows how to disable SNMP protocol operations:
n1000v(config)#
no snmp-server protocol enable
Related Commands
snmp-server tcp-session
To enable authentication for SNMP over TCP, use the snmp-server tcp-session command. To disable authentication for SNMP over TCP, use the no form of this command.
snmp-server tcp-session [ auth ]
Syntax Description
(Optional) Enables one-time authentication for SNMP over the entire TCP session (rather than on a per-command basis). |
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable one-time authentication for SNMP over TCP:
n1000v(config)#
snmp-server tcp-session auth
This example shows how to disable one-time authentication for SNMP over TCP:
n1000v(config)#
no snmp-server tcp-session
Related Commands
|
|
---|---|
Configures how long the AAA-synchronized user configuration stays in the local cache. |
|
Configures an SNMP user with authentication and privacy parameters. |
snmp-server user
To define a user who can access the SNMP engine, use the snmp-server user command. To deny a user access to the SNMP engine, use the no form of this command.
snmp-server user name [ auth { md5 | sha } passphrase-1 [ priv [ aes-128 ] passphrase-2 ] [ engineID id ] [ localizedkey ]]
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to provide one-time SNMP authorization for the user, Admin, using the HMAC SHA algorithm for authentication:
n1000v(
config)# snmp-server user Admin auth sha abcd1234 priv abcdefgh
This example shows how to deny a user access to the SNMP engine:
Related Commands
|
|
---|---|
Configures how long the AAA-synchronized user configuration stays in the local cache. |
|
Enables a one-time authentication for SNMP over a TCP session. |
snmp trap link-status
To enable SNMP link-state traps for the interface, use the snmp trap link-status command. To disable SNMP link-state traps for the interface, use the no form of this command.
Syntax Description
Defaults
Command Modes
CLI interface configuration (config-if)
Command History
|
|
Usage Guidelines
Examples
This example shows how to enable SNMP link-state traps for the interface:
This example shows how to disable SNMP link-state traps for the interface:
Related Commands
|
|
---|---|
Creates a virtual Ethernet interface and enters interface configuration mode. |
|
Enables a one-time authentication for SNMP over a TCP session. |
source-interface
To specify a source interface for reaching a RADIUS or TACACS+ server group, use the source-interface command. To remove the source interface, use the no form of this command.
source-interface interface-type interface-id
Syntax Description
Defaults
Command Modes
RADIUS server group configuration (config-radius)
TACACS+ server group configuration (config-tacacs+)
Command History
|
|
Usage Guidelines
Examples
This example shows how to specify source interface mgmt0 to reach the RADIUS server for the RadServer RADIUS server group:
n1000v #
configure terminal
n1000v(config)# aaa group server radius RadServer
n1000v(
config-radius)#
source-interface mgmt0
n1000v(
config-radius)#
This example shows how to remove the source interface from the configuration:
n1000v #
configure terminal
n1000v(config)# aaa group server radius RadServer
n1000v(
config-radius)#
no source-interface
n1000v(
config-radius)#
Related Commands
|
|
---|---|
source mgmt (NetFlow)
To add an interface to a flow exporter designating it as the source for NetFlow flow records, use the source command. To remove the source interface from the flow exporter, use the no form of this command.
Syntax Description
Defaults
Command Modes
NetFlow flow exporter configuration ( config-flow-exporter)
Command History
|
|
Usage Guidelines
The mgmt0 interface is the only interface that can be added to the flow exporter.
Examples
This example shows how to add source management interface 0 to the ExportTest flow exporter:
n1000v#
config t
This example shows how to remove source management interface 0 from the ExportTest flow exporter:
n1000v#
config t
Related Commands
|
|
---|---|
spanning-tree bpduguard <enable | disable>
To configure BPDU guard for VETH or Port-profile, use the spanning-tree bpduguard <enable | disable> command.
spanning-tree bpduguard <enable | disable>
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure BPDU guard for VETH or Port-profile:
Related Commands
|
|
---|---|
Displays the interface status, which includes the speed and duplex mode parameters. |
spanning-tree port type edge bpduguard default
To enable bpduguard globally, use the spanning-tree port type edge bpduguard default command.
spanning-tree port type edge bpduguard default
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to enable bpduguard globally:
Related Commands
|
|
---|---|
Displays the interface status, which includes the speed and duplex mode parameters. |
speed
To set the speed for an interface, use the speed command. To automatically set both the speed and duplex parameters to auto, use the no form of this command.
speed { speed_val | auto [ 10 100 [ 1000 ]]}
no speed [{ speed_val | auto [ 10 100 [ 1000 ]]}]
Syntax Description
Sets the interface to autonegotiate the speed with the connecting port. |
|
Defaults
Command Modes
Interface configuration (config-if)
Command History
|
|
Usage Guidelines
If you configure an Ethernet port speed to a value other than auto (for example, 10, 100, or 1000 Mbps), you must configure the connecting port to match. Do not configure the connecting port to negotiate the speed.
Examples
This example shows how to set the speed of Ethernet port 1 on the module in slot 3 to 1000 Mbps:
This example shows how to automatically set the speed to auto:
Related Commands
|
|
---|---|
Displays the interface status, which includes the speed and duplex mode parameters. |
ssh
To create a Secure Shell (SSH) session, use the ssh command.
ssh [ username @ ]{ ipv4-address | hostname } [ vrf vrf-name ]
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to start an SSH session:
Related Commands
|
|
---|---|
ssh key
To generate the key pair for the switch, which is used if SSH server is enabled, use the ssh key command. To remove the SSH server key, use the no form of this command.
ssh key { dsa [ force ] | rsa [ length [ force ]]}
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
The NX-OS software supports SSH version 2.
If you want to remove or replace an SSH server key, you must first disable the SSH server using the no feature ssh command.
Examples
This example shows how to create an SSH server key using DSA:
This example shows how to create an SSH server key using RSA with the default key length:
This example shows how to create an SSH server key using RSA with a specified key length:
This example shows how to replace an SSH server key using DSA with the force option:
This example shows how to remove the DSA SSH server key:
This example shows how to remove all SSH server keys:
Related Commands
|
|
---|---|
state (VLAN)
To set the operational state of a VLAN, use the state command. To disable state configuration, use the no form of this command.
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Examples
This example shows how to set the operational state of a VLAN:
n1000v#
configure terminal
This example shows how to disable state configuration:
n1000v#
configure terminal
Related Commands
|
|
---|---|
state (Port Profile)
To set the operational state of a port profile, use the state command.
Syntax Description
Defaults
Command Modes
Port profile configuration (config-port-prof)
Command History
|
|
Examples
This example shows how to enable or disable the operational state of a port profile:
n1000v#
configure terminal
Related Commands
|
|
---|---|
statistics per-entry
To collect statistics for each ACL entry, use the statistics per-entry command. To remove statistics, use the no form of this command.
Syntax Description
Defaults
Command Modes
ACL configuration (config-acl)
Command History
|
|
Examples
This example shows how to collect statistics for each ACL entry:
This example shows how to remove statistics:
Related Commands
|
|
---|---|
storm-control enable
To enable the storm-control feature, use the storm-control enable command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable storm-control feature:
Related Commands
|
|
---|---|
Displays the storm control statistics for the respective module. |
sub-group
To configure interface port channel subgroup assignment, use the sub-group command. To remove this configuration, use the no form of this command.
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Command History
|
|
Usage Guidelines
Use this command to identify the port channel as being in vPC-HM, which requires traffic to be managed separately for each upstream switch connected to the member ports. If the upstream switches have CDP enabled, the Cisco Nexus 1000V can use this information to automatically assign subgroups. If the upstream switches do not have CDP enabled, then you must configure subgroups manually.
This command overrides any subgroup configuration specified in the port-profile inherited by the port channel interface.
Examples
This example shows how to configure a subgroup type for a port channel interface:
This example shows how to remove the configuration:
Related Commands
|
|
---|---|
sub-group-id
To configure subgroup IDs for Ethernet member ports of vPC-HM, use the sub-group-id command. To remove the subgroup IDs, use the no form of this command.
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Command History
|
|
Examples
This example shows how to configure an Ethernet member port on subgroup 5:
This example shows how to remove the configuration:
Related Commands
|
|
---|---|
svs connection
To enable an SVS connection, use the svs connection command. To disable an SVS connection, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to enable an SVS connection:
n1000v#
configure terminal
This example shows how to disable an SVS connection:
n1000v#
configure terminal
Related Commands
|
|
---|---|
svs-domain
To configure an SVS domain and enter SVS domain configuration mode, use the svs-domain command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enter SVS domain configuration mode to configure an SVS domain:
n1000v#
configure terminal
Related Commands
|
|
---|---|
svs license transfer src-vem
To transfer licenses from a specified source VEM to another VEM, or to transfer an unused license to the VSM license pool, use the svs license transfer src-vem command.
svs license transfer src-vem module number [ dst-vem module number | license_pool ]
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
- Licenses cannot be transferred to a VEM unless there are sufficient licenses in the pool for all CPUs on that VEM.
- When licenses are successfully transferred from one VEM to another, then the following happens:
– The virtual Ethernet interfaces on the source VEM are removed from service.
– The virtual Ethernet interfaces on the destination VEM are brought into service.
- When licenses are successfully transferred from a VEM to the VSM license pool, then the following happens:
– The virtual Ethernet interfaces on the source VEM are removed from service.
Examples
This example shows how to transfer a license from VEM 3 to VEM 5, and then display the license configuration:
This example shows how to transfer a license from VEM 3 to the VSM license pool, and then display the license configuration:
n1000v(config)# svs license transfer src-vem 3 license_pool
Related Commands
svs license volatile
To enable volatile licenses so that, whenever a VEM is taken out of service, its licenses are returned to the VSM pool of available licenses, use the svs license volatile command. To disable volatile licenses, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Volatile licenses are removed from a VEM during a loss in connectivity and are not returned to the VEM when connectivity resumes. Cisco recommends that the volatile license feature remain disabled and that you, instead, transfer unused licenses using the svs license transfer src-vem command.
Examples
This example shows how to enable the volatile license feature for a VSM:
n1000v(config)# svs license volatile
This example shows how to disable the volatile license feature for a VSM:
(
config)#
no svs license volatile
Related Commands
|
|
---|---|
Designates the level of severity at which license messages should be logged. |
|
Transfers licenses from a source VEM to another VEM, or to the VSM pool of available licenses. |
svs mode
To configure a transport mode for control and packet traffic in the virtual supervisor module (VSM) domain, use the svs mode command.
svs mode { L2 | L3 interface { mgmt0 | control0 }}
Syntax Description
Specifies Layer 3 as the transport mode for the VSM domain and configures the Layer 3 transport interface. |
|
Defaults
Command Modes
SVS domain configuration (config-svs-domain)
Command History
|
|
Usage Guidelines
If you use mgmt0 as the Layer 3 control interface, then in the VSM VM, Ethernet adapters 1 and 3 are not used.
If you use control0 as the Layer 3 control interface, then in the VSM VM, Ethernet adapter 3 is not used.
Examples
This example shows how to configure mgmt0 as the Layer 3 transport interface for the VSM domain:
n1000v(config-svs-domain)# svs mode l3 interface mgmt0
Related Commands
|
|
---|---|
svs switch edition
To configure the Cisco Nexus 1000V switch edition, use the svs switch edition command.
svs switch edition [essential | advanced]
Syntax Description
Configures the Cisco Nexus 1000V switch in the essential edition. |
|
Configures the Cisco Nexus 1000V switch in the advanced edition. |
Command Modes
Command History
|
|
Usage Guidelines
When the Release 4.2.1SV2(1.1) software is installed, the Essential edition is the default edition. When the switch is configured in the Essential edition, all the features (other than the advancd feafures) are available for free. No licenses are required to operate the Essential edition. The switch edition configuration is global and not per module. In Essential edition, all the modules are automatically licensed. A new command is provided to move the switch from the Essential edition to the Advanced edition and vice versa. The licenses are required only when switch edition is configured as the Advanced edition.
Examples
This example shows how to complete the VSM upgrade, notify hosts to switch to the upgraded datapath, and then display the upgrade status:
Related Commands
|
|
---|---|
svs upgrade complete
To complete a VSM software upgrade, and notify hosts to switch to the upgraded datapath, use the svs upgrade complete command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to complete the VSM upgrade, notify hosts to switch to the upgraded datapath, and then display the upgrade status:
Related Commands
|
|
---|---|
Starts a manual VSM upgrade and saves upgrade information at the standby. |
svs upgrade start
To start a manual VSM upgrade and save upgrade information at the standby, use the svs upgrade start command. To stop a manual upgrade, use the no form of this command.
svs upgrade start mgmt0 { ip ipaddress | ipv6 ipv6address } + [control0 ip ipaddr]
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Before starting a manual VSM upgrade:
- Stop all configuration of the system, and do not change the configuration for the duration of the upgrade.
- Save all changes in the running configuration to the startup configuration to be preserved through the upgrade.
- Save a copy of your running configuration in external storage.
- Make sure all VSM ports, uplinks, vmknics, and vsifs used for control, packet, management, and storage are configured with system profiles.
- Make sure there is network connectivity between VC, VSM pair, and hosts or modules.
- Make sure all hosts or modules are upgraded to the concurrent VEM software version.
- If you are upgrading VSMs on a Cisco Nexus 1010, make sure the secondary VSM2 is active and the primary VSM1 is standby.
- If upgrading VSMs on a Cisco Nexus 1010, the Cisco Nexus 1010s must be in an HA configuration.
To preserve access to VSM2 during software upgrade, this process requires you to assign an alternate management IP address to VSM2.
Examples
This example shows how to start a manual VSM upgrade and assign a temporary IP address.
Related Commands
|
|
---|---|
Completes a VSM software upgrade, and notifies hosts to switch to the upgraded datapath. |
|
Displays information about all available VSMs and VEMs in the system. |
|
svs veth auto-config-purge
To enable the VSM to remove all manual configuration on a vEthernet interface when the system administrator changes a port profile on the interface, use the svs veth auto-config-purge command. To remove this control, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to enable the VSM to remove all manual configuration on a vEthernet interface when the system administrator changes a port profile on the interface :
n1000v(config)# svs veth auto-config-purge
This example shows how to remove the xxx configuration:
n1000v(config)# no svs veth auto-config-purge
Related Commands
svs veth auto-delete
To e nable the VSM to automatically delete DVPorts no longer used by a vNIC or hypervisor port, use the svs veth auto-delete command. To disable this control, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to enable the VSM to automatically delete DVPorts no longer used by a vNIC or hypervisor port :
n1000v(config)# svs veth auto-delete
This example shows how to disable the automatic deletion of DVPorts that are no longer used by a vNIC or hypervisor port :
n1000v(config)# no svs veth auto-delete
Related Commands
svs veth auto-setup
To enable the VSM to automatically create a vEthernet interface when a new port is activated on a host, use the svs veth auto-setup command. To remove this control, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure xxx:
n1000v(
config)#
xxx
This example shows how to remove the xxx configuration:
n1000v(
config)#
no xxx
Related Commands
switchname
To configure the hostname for the device, use the switchname command. To revert to the default, use the no form of this command.
Syntax Description
Name for the device. The name is alphanumeric, case sensitive, can contain special characters, and can have a maximum of 32 characters. |
Defaults
Command Modes
Command History
|
|
---|---|
Usage Guidelines
The Cisco NX-OS software uses the hostname in command-line interface (CLI) prompts and in default configuration filenames.
The switchname command performs the same function as the hostname command.
Examples
This example shows how to configure the device hostname:
This example shows how to revert to the default device hostname:
Related Commands
|
|
---|---|
switchport access bridge-domain
To assign a VXLAN bridge domain to a port profile, use the switchport access bridge-domain command. To remove the VXLAN bridge domain, use the no form of this command.
switchport access bridge-domain bd-name
no switchport access bridge-domain
Syntax Description
Defaults
Command Modes
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
Examples
This example shows how to assign a VXLAN bridge domain to a port profile:
n1000v(config-port-prof)# switchport mode access
Related Commands
|
|
---|---|
Displays the running configuration of the specified port profile. |
|
switchport access vlan
To set the access mode of an interface, use the switchport access vlan command. To remove access mode configuration, use the no form of this command.
Syntax Description
VLAN identification number. The range of valid values is 1 to 3967. |
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Examples
This example shows how to set the access mode of an interface:
n1000v#
configure terminal
This example shows how to remove access mode configuration:
n1000v#
configure terminal
Related Commands
|
|
---|---|
switchport mode
To set the port mode of an interface, use the switchport mode command. To remove the port mode configuration, use the no form of this command.
switchport mode {access | private-vlan {host | promiscuous} | trunk}
no switchport mode {access | private-vlan {host | promiscuous} | trunk}
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Examples
This example shows how to set the port mode of an interface:
n1000v#
configure terminal
This example shows how to remove mode configuration:
n1000v#
configure terminal
Related Commands
|
|
---|---|
switchport port-security
To set the port security characteristics of an interface, use the switchport port-security command. To remove the port security configuration, use the no form of this command.
switchport port-security [aging {time time | type {absolute | inactivity}} | mac-address { address [vlan id ] |sticky} | maximum number [vlan id ] | violation {protect | restrict | shutdown}]
no switchport port-security [aging {time time | type {absolute | inactivity}} | mac-address { address [vlan id ] |sticky} | maximum number [vlan id ] | violation {protect | restrict | shutdown}]}
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Examples
This example shows how to set the port security aging inactivity timer:
n1000v#
configure terminal
This example shows how to remove the port security aging inactivity timer:
n1000v#
configure terminal
Related Commands
|
|
---|---|
switchport private-vlan host-association
To define a private VLAN association for an isolated or community port, use the switchport private-vlan host-association command. To remove the private VLAN association from the port, use the no form of this command.
switchport private-vlan host-association { primary-vlan-id } { secondary-vlan-id }
no switchport private-vlan host-association
Syntax Description
Number of the primary VLAN of the private VLAN relationship. |
|
Number of the secondary VLAN of the private VLAN relationship. |
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
There is no run-time effect on the port unless it is in private VLAN-host mode. If the port is in private VLAN-host mode but neither of the VLANs exist, the command is allowed but the port is made inactive. The port also may be inactive when the association between the private VLANs is suspended.
Examples
This example shows how to configure a host private VLAN port with a primary VLAN (VLAN 18) and a secondary VLAN (VLAN 20):
n1000v(config-if)#
switchport private-vlan host-association 18 20
n1000v(config-if)#
This example shows how to remove the private VLAN association from the port:
n1000v(config-if)#
no switchport private-vlan host-association
n1000v(config-if)#
Related Commands
|
|
---|---|
switchport private-vlan mapping
To define the private VLAN association for a promiscuous port, use the switchport private-vlan mapping command. To clear all mapping from the primary VLAN, use the no form of this command.
switchport private-vlan mapping { primary-vlan-id } {[ add ] secondary-vlan-list | remove secondary-vlan-list }
no switchport private-vlan mapping
Syntax Description
Number of the primary VLAN of the private VLAN relationship. |
|
Number of the secondary VLAN of the private VLAN relationship. |
|
Clears the association between the secondary VLANs and the primary VLAN. |
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
There is no run-time effect on the port unless it is in private VLAN-promiscuous mode. If the port is in private VLAN-promiscuous mode but the primary VLAN does not exist, the command is allowed but the port is made inactive.
Examples
This example shows how to configure the associate primary VLAN 18 to secondary isolated VLAN 20 on a private VLAN promiscuous port:
n1000v(config-if)#
switchport private-vlan mapping 18 20
n1000v(config-if)#
This example shows how to add a VLAN to the association on the promiscuous port:
n1000v(config-if)#
switchport private-vlan mapping 18 add 21
n1000v(config-if)#
This example shows how to remove the all private VLAN association from the port:
n1000v(config-if)#
no switchport private-vlan mapping
Related Commands
|
|
---|---|
Displays information on all interfaces configured as switchports. |
|
Displays the information about the private VLAN mapping for VLAN interfaces, or SVIs. |
switchport private-vlan mapping trunk
To designate the primary private VLAN, use the switchport private-vlan trunk mapping trunk command. To remove the primary private VLAN, use the no form of this command.
switchport private-vlan trunk native vlan id
no switchport private-vlan trunk native vlan
Syntax Description
VLAN identification number. The range of valid values is 1 to 3967. |
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
When you use this command, you must either add a secondary VLAN, or remove a VLAN.
Examples
This example shows how to designate the primary private VLAN:
n1000v#
configure terminal
This example shows how to remove the primary private VLAN:
n1000v#
configure terminal
Related Commands
|
|
---|---|
switchport private-vlan trunk allowed vlan
To set the allowed VLANs when the interface is in private-vlan promiscuous trunking mode, use the switchport private-vlan trunk allowed command. To clear all VLANs from the private-vlan promiscuous trunking mode, use the no form of this command.
switchport private-vlan trunk allowed vlan { vlan-ids | add vlan-ids | all | except vlan-ids | none | remove vlan-ids }
no switchport private-vlan trunk allowed vlan vlan-ids
Syntax Description
VLAN IDs of the allowed VLANs when interface is in trunking mode. |
|
Allows all the VLANs on the interface except the specified ones. |
|
Removes VLAN IDs from existing allowed VLANs on the interface. |
Defaults
Command Modes
Port profile configuration (config-port-prof)
Interface configuration (config-if)
Command History
|
|
---|---|
Usage Guidelines
This command is used to allow only the normal VLANs on the promiscuous trunk port.
Examples
This example shows how to set the allowed VLANs when the interface is in private VLAN trunking mode:
Related Commands
|
|
---|---|
switchport trunk allowed vlan
To set the list of allowed VLANs on the trunking interface, use the switchport trunk allowed vlan command. To allow all VLANs on the trunking interface, use the no form of this command.
switchport trunk allowed vlan { vlan-list | all | none | [ add | except | remove { vlan-list }]}
no switchport trunk allowed vlan
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
You must enter the switchport command without any keywords to configure the LAN interface as a Layer 2 interface before you can enter the switchport trunk allowed vlan command. This action is required only if you have not entered the switchport command for the interface.
If you remove VLAN 1 from a trunk, the trunk interface continues to send and receive management traffic in VLAN 1.
Examples
This example shows how to add a series of consecutive VLANs to the list of allowed VLANs on a trunking port:
n1000v(config-if)#
switchport trunk allowed vlan add 40-50
n1000v(config-if)#
Related Commands
|
|
---|---|
Displays the administrative and operational status of a switching (nonrouting) port. |
switchport trunk native vlan
To configure trunking parameters on an interface, use the switchport trunk native vlan command. To remove the configuration, use the no form of this command.
switchport trunk native vlan id
no switchport trunk native vlan
Syntax Description
VLAN identification number. The range of valid values is 1 to 3967. |
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Examples
This example shows how to configure trunking parameters on an interface:
Related Commands
|
|
---|---|
system inter-sup-heartbeat time
To configure the inter-supervisor heartbeat time, use system inter-sup-heartbeat time command.
system inter-sup-heartbeat time <7-30>
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to configure the inter-supervisor heartbeat time:
Related Commands
system jumbomtu
To configure a system-wide jumbo frame size, specifying the maximum frame size that Ethernet ports can process, use the system jumbomtu command.
Syntax Description
Size, in bytes, of the Layer 2 Ethernet interface jumbo maximum transmission unit (MTU). Frames larger than this are dropped. The setting must be an even number between 1500 and 9000 bytes. |
Defaults
Command Modes
Command History
|
|
Usage Guidelines
- For transmissions to occur between two ports, you must configure the same MTU size for both ports.
- A port drops any frames that exceed its MTU size.
- If you do not configure a system jumbo MTU size, it defaults to 1500 bytes.
- For a Layer 2 port, you can configure an MTU size as the system default of 1500 bytes or the system default jumbo MTU size of 9000 bytes.
- If you change the system jumbo MTU size, Layer 2 ports automatically use the system default MTU size of 1500 bytes unless you specifically configure the MTU size differently per port.
Examples
This example shows how to configure a system-wide maximum frame size of 8000 bytes:
Related Commands
system redundancy role
To configure a redundancy role for the VSM, use the system redundancy role command. To revert to the default setting, use the no form of the command.
system redundancy role {primary | secondary | standalone}
no system redundancy role {primary | secondary | standalone}
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to configure no redundant VSM:
Related Commands
|
|
---|---|
system storage-loss
To detect and configure storage connectivity losses, use the system storage-loss command. To disable storage loss checking, use the no form of the command.
system storage-loss { log | reboot } [ time <interval> ]
no system storage-loss { log | reboot } [ time <interval> ]
Syntax Description
The time interval at which the VSM checks for storage connectivity status. The default time interval is 30 seconds. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to enable storage loss detection to be performed every 50 seconds.
This example shows how to disable the storage loss checking:
Related Commands
|
|
---|---|
system switchover
To switch over to the standby supervisor, use the system switchover command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to switch over to the standby supervisor:
Related Commands
|
|
---|---|
system update vem feature level
To change the software version supported on VEMs, use the system update vem feature level command.
system update vem feature level [ version_number ]
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to change the software version supported:
n1000v#
system update vem feature level
Related Commands
|
|
---|---|
system vlan
To add the system VLAN to a port profile, use the system vlan command. To remove the system VLAN from a port profile, use the no form of this command.
Syntax Description
List of VLAN IDs, separated by commas. The allowable range is 1–3967 and 4048–4093. |
Defaults
Command Modes
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
A system VLAN is used to configure and bring up physical or vEthernet ports before the Virtual Supervisor Module (VSM) has established communication with the Virtual Ethernet Module (VEM).
Examples
This example shows how to add system VLANs 260 and 261 to the port profile:
This example shows how to remove all system VLANs from the port profile:
Related Commands
|
|
---|---|
Displays the status of all VLANs and the ports that are configured on them. |
|