The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
To enable debugging of the Auto Smartports macro activity, use the debug macro privileged EXEC command. Use the no form of this command to disable debugging.
debug macro {action | all | api | common | detector | policydir | server | xml}
no debug macro {action | all | api | common | detector | policydir | server | xml}
Debugging is disabled.
Privileged EXEC
The undebug macro command is the same as the no debug macro command.
When you enable debugging on a switch stack, it is enabled only on the stack master. To enable debugging on a stack member, you can start a session from the stack master by using the session switch-number privileged EXEC command. Then enter the debug command at the command-line prompt of the stack member. You also can use the remote command stack-member-number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session.
|
|
---|---|
show debugging |
Displays information about the enabled types of debugging. |
To apply a macro to an interface or to apply and debug a macro on an interface, use the macro interface configuration command.
macro {apply | trace} macro-name [parameter {value}] [parameter {value}]
[parameter {value}]
This command has no default setting.
Interface configuration
You can use the macro apply macro-name interface configuration command to apply and show the macros running on an interface.
You can use the macro trace macro-name interface configuration command to apply and then debug the macro to find any syntax or configuration errors.
If a command fails because of a syntax error or a configuration error when you apply a macro, the macro continues to apply the remaining commands to the interface.
When creating a macro that requires the assignment of unique values, use the parameter value keywords to designate values specific to the interface.
Keyword matching is case sensitive. All matching occurrences of the keyword are replaced with the corresponding value. Any full match of a keyword, even if it is part of a larger string, is considered a match and is replaced by the corresponding value.
Some macros might contain keywords that require a parameter value. You can use the macro apply macro-name ? command to display a list of any required values in the macro. If you apply a macro without entering the keyword values, the commands are invalid and are not applied.
There are Cisco-default Smartports macros embedded in the switch software. You can display these macros and the commands that they contain by using the show parser macro user EXEC command.
Follow these guidelines when you apply a Cisco-default Smartports macro on an interface:
•Display all macros on the switch by using the show parser macro user EXEC command. Display the contents of a specific macro by using the show parser macro name macro-name user EXEC command.
•Keywords that begin with $ mean that a unique parameter value is required. Append the Cisco-default macro with the required values by using the parameter value keywords.
The Cisco-default macros use the $ character to identify required keywords. You can use the $ character to define keywords when you create a macro.
When you apply a macro to an interface, the macro name is automatically added to the interface. You can display the applied commands and macro names by using the show running-config interface interface-id user EXEC command.
A macro applied to an interface range behaves the same way as a macro applied to a single interface. When you use an interface range, the macro is applied sequentially to each interface within the range. If a macro command fails on one interface, it is still applied to the remaining interfaces.
You can delete a macro-applied configuration on an interface by entering the default interface interface-id interface configuration command.
After you use the macro name global configuration command, you can apply it to an interface. This example shows how to apply a user-created macro called duplex to an interface:
Switch(config-if)#
macro apply duplex
To debug a macro, use the macro trace interface configuration command to find any syntax or configuration errors in the macro as it is applied to an interface.
Switch(config-if)# macro trace duplex
Applying command...`duplex auto'
%Error Unknown error.
Applying command...`speed nonegotiate'
This example shows how to display the Cisco-default cisco-desktop macro and how to apply the macro and set the access VLAN ID to 25 on an interface:
Switch# show parser macro cisco-desktop
--------------------------------------------------------------
Macro name : cisco-desktop
Macro type : default
# Basic interface - Enable data VLAN only
# Recommended value for access vlan (AVID) should not be 1
switchport access vlan $AVID
switchport mode access
# Enable port security limiting port to a single
# MAC address -- that of desktop
switchport port-security
switchport port-security maximum 1
# Ensure port-security age is greater than one minute
# and use inactivity timer
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
# Configure port as an edge network port
spanning-tree portfast
spanning-tree bpduguard enable
--------------------------------------------------------------
Switch#
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface gigabitethernet1/0/4
Switch(config-if)# macro apply cisco-desktop $AVID 25
To configure and apply a global macro, use the macro auto privileged EXEC command. Use the no form of this command to return to the default setting.
Using the CLI:
macro auto {apply | config} macro-name
Using the Cisco IOS shell scripting capability:
macro auto apply macro-name
macro auto config macro-name [parameter=value [parameter=value] ...]
No macros are applied to the switch.
Privileged EXEC
|
|
---|---|
12.2(55)SE |
This command was introduced on the Catalyst 3750-X, 3750-E, 3750, 3560-X, 3560-E, 3560, 2975, 2960, and 2918 switches. |
To remove the macro from the switch, enter the no forms of the macro commands.
If you enter the macro auto config macro-name command, you are prompted to enter values for all the macro parameters.
Use the exact text string when entering the macro-name and parameters. The entries are case sensitive.
The user-defined values appear only in the show macro auto or show running-config command output.
To display global macros:
Switch# macro auto apply ?
CISCO_SWITCH_AAA_ACCOUNTING Configure aaa accounting parameters
CISCO_SWITCH_AAA_AUTHENTICATION Configure aaa authentication parameters
CISCO_SWITCH_AAA_AUTHORIZATION Configure aaa authorization parameters
CISCO_SWITCH_AUTO_IP_CONFIG Configure the ip parameters
CISCO_SWITCH_AUTO_PCI_CONFIG Configure PCI compliant parameters
CISCO_SWITCH_DOMAIN_NAME_CONFIG Configure domain name
CISCO_SWITCH_ETHERCHANNEL_CONFIG Configure the etherchannel parameters
CISCO_SWITCH_HOSTNAME_CONFIG Configure hostname
CISCO_SWITCH_HTTP_SERVER_CONFIG Configure http server
CISCO_SWITCH_LOGGING_SERVER_CONFIG Configure logging server
CISCO_SWITCH_MGMT_VLAN_CONFIG Configure management vlan parameters
CISCO_SWITCH_NAME_SERVER_CONFIG Configure name server parameters
CISCO_SWITCH_NTP_SERVER_CONFIG Configure NTP server
CISCO_SWITCH_RADIUS_SERVER_CONFIG Configure radius server
CISCO_SWITCH_SETUP_SNMP_TRAPS Configure SNMP trap parameters
CISCO_SWITCH_SETUP_USR_CONFIG Configure the user parameters
CISCO_SWITCH_SNMP_SOURCE_CONFIG Configure snmp source interface
CISCO_SWITCH_TACACS_SERVER_CONFIG Configure tacacs server
CISCO_SWITCH_USER_PASS_CONFIG Configure username and password
Switch# macro auto config ?
CISCO_SWITCH_AAA_ACCOUNTING Configure aaa accounting parameters
CISCO_SWITCH_AAA_AUTHENTICATION Configure aaa authentication parameters
CISCO_SWITCH_AAA_AUTHORIZATION Configure aaa authorization parameters
CISCO_SWITCH_AUTO_IP_CONFIG Configure the ip parameters
CISCO_SWITCH_AUTO_PCI_CONFIG Configure PCI compliant parameters
CISCO_SWITCH_DOMAIN_NAME_CONFIG Configure domain name
CISCO_SWITCH_ETHERCHANNEL_CONFIG Configure the etherchannel parameters
CISCO_SWITCH_HOSTNAME_CONFIG Configure hostname
CISCO_SWITCH_HTTP_SERVER_CONFIG Configure http server
CISCO_SWITCH_LOGGING_SERVER_CONFIG Configure logging server
CISCO_SWITCH_MGMT_VLAN_CONFIG Configure management vlan parameters
CISCO_SWITCH_NAME_SERVER_CONFIG Configure name server parameters
CISCO_SWITCH_NTP_SERVER_CONFIG Configure NTP server
CISCO_SWITCH_RADIUS_SERVER_CONFIG Configure radius server
CISCO_SWITCH_SETUP_SNMP_TRAPS Configure SNMP trap parameters
CISCO_SWITCH_SETUP_USR_CONFIG Configure the user parameters
CISCO_SWITCH_SNMP_SOURCE_CONFIG Configure snmp source interface
CISCO_SWITCH_TACACS_SERVER_CONFIG Configure tacacs server
CISCO_SWITCH_USER_PASS_CONFIG Configure username and password
To display the parameters for a specific macro:
Switch# macro auto config CISCO_SWITCH_AUTO_IP_CONFIG ?
CISCO_SWITCH_DOMAIN_NAME_CONFIG domain name parameters
CISCO_SWITCH_LOGGING_SERVER_CONFIG logging host parameters
CISCO_SWITCH_NAME_SERVER_CONFIG name server parameters
CISCO_SWITCH_NTP_SERVER_CONFIG ntp server parameters
LINE Provide parameters of form [Parameters
name=value]
<cr>
Switch# macro auto config CISCO_SWITCH_AUTO_PCI_CONFIG ?
CISCO_SWITCH_AAA_ACCOUNTING aaa accounting parameters
CISCO_SWITCH_AAA_AUTHENTICATION aaa authentication parameters
CISCO_SWITCH_AAA_AUTHORIZATION aaa authorization parameters
CISCO_SWITCH_HTTP_SERVER_CONFIG http server parameters
CISCO_SWITCH_RADIUS_SERVER_CONFIG radius server parameters
CISCO_SWITCH_TACACS_SERVER_CONFIG tacacs server parameters
LINE Provide parameters of form [Parameters
name=value]
<cr>
Switch# macro auto config CISCO_SWITCH_SETUP_SNMP_TRAPS ?
CISCO_SWITCH_SNMP_SOURCE_CONFIG snmp source parameters
LINE Provide parameters of form [Parameters
name=value]
<cr>
Switch# macro auto config CISCO_SWITCH_SETUP_USR_CONFIG ?
CISCO_AUTO_TIMEZONE_CONFIG timezone parameters
CISCO_SWITCH_HOSTNAME_CONFIG hostname parameter
LINE Provide parameters of form [Parameters
name=value]
<cr>
To set macro parameters and apply the macro using the CLI:
Switch# macro auto config CISCO_SWITCH_ETHERCHANNEL_CONFIG
Enter the port channel id[1-48] for 3K & 2350,[1-6] for 2K: 2
Enter the port channel type, Layer:[2-3(L3 not supported on 2K)]: 2
Enter etherchannel mode for the interface[auto/desirable/on/active/passive]: active
Enter the channel protocol[lacp/none]: lacp
Enter the number of interfaces to join the etherchannel[8-PAGP/MODE:ON,16-LACP]: 7
Enter interface name[GigabitEthernet3/0/3]: gigabitethernet1/0/1
Enter interface name[GigabitEthernet3/0/3]: gigabitethernet1/0/2
Enter interface name[GigabitEthernet3/0/3]: gigabitethernet1/0/3
Enter interface name[GigabitEthernet3/0/3]: gigabitethernet1/0/4
Enter interface name[GigabitEthernet3/0/3]: gigabitethernet1/0/5
Enter interface name[GigabitEthernet3/0/3]: gigabitethernet1/0/6
Enter interface name[GigabitEthernet3/0/3]: gigabitethernet1/0/7
Do you want to apply the parameters? [yes/no]: yes
Enter configuration commands, one per line. End with CNTL/Z.
Enter configuration commands, one per line. End with CNTL/Z.
Enter configuration commands, one per line. End with CNTL/Z.
Enter configuration commands, one per line. End with CNTL/Z.
Enter configuration commands, one per line. End with CNTL/Z.
Enter configuration commands, one per line. End with CNTL/Z.
Enter configuration commands, one per line. End with CNTL/Z.
Switch# macro auto apply CISCO_SWITCH_ETHERCHANNEL_CONFIG
Enter configuration commands, one per line. End with CNTL/Z.
Switch#
You can also use the Cisco IOS shell scripting capability to set the parameters. For examples, see the "Configuring and Applying Global Macros" section in the "Configuring Auto Smartports and Static Smartports Macros" chapter.
To specify when the switch applies an Auto Smartports macro based on the detection method, device type, or trigger (referred to as event trigger control), use the macro auto control interface configuration command. Use the no form of this command to disable trigger-to-macro mapping. The switch then does not ai pply macros based on event triggers.
macro auto control {detection [cdp] [lldp] [mac-address] | device [access-point] [ip-camera] [lightweight-ap] [media-player] [phone] [router] [switch] | trigger [last-resort]}
no macro auto control {detection [cdp] [lldp] [mac-address] | device [access-point] [ip-camera] [lightweight-ap] [media-player] [phone] [router] [switch] | trigger [last-resort]}
The switch uses the device type as the event trigger. If the switch cannot determine the device type, it uses MAC address groups, MAB messages, 802.1x authentication messages, and LLDP messages in random order.
Interface configuration
|
|
---|---|
12.2(55)SE |
This command was introduced on the Catalyst 3750-X, 3750-E, 3750, 3560-X, 3560-E, 3560, 2975, 2960, and 2918 switches. |
If you do not set event triggers, the switch uses the device type as the event trigger. If the switch cannot determine the device type, it uses MAC address groups, MAB messages, 802.1x authentication messages, and LLDP messages in random order.
To verify that a macro is applied to an interface, use the show macro auto interface user EXEC command.
To set LLDP messages and MAC address groups as event triggers:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface gigabitethernet 5/0/2
Switch(config-if)# macro auto control detection lldp mac-address
Switch(config-if)# exit
Switch(config)# end
To set access points, video surveillance cameras, and digital media players as event triggers:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface gigabitethernet 5/0/1
Switch(config-if)# macro auto control device access-point ip-camera media-player
Switch(config-if)# exit
Switch(config)# end
The switch applies a built-in macro only when it detects an access point, video surveillance camera, or digital media player.
To replace macro default parameter values with values that are specific to your switch, use the macro auto device global configuration command. Use the no form of this command to remove the parameter values.
macro auto device {access-point | ip-camera | lightweight-ap | media-player | phone | router | switch} [parameter=value]
no macro auto device {access-point | ip-camera | lightweight-ap | media-player | phone | router | switch} [parameter=value]
Macro default parameter values are defined previously.
Global configuration
Use the macro auto device global configuration command to replace macro default parameter values with values that are specific to your switch. Use the no form of this command to remove the parameter values.
Use the show macro device privileged EXEC command to display the contents of the macros. Use the parameter=value keywords to replace default parameter values within a specific macro.
You can also use the macro auto execute global configuration command to specify default parameter values. This command also requires that you specify an event trigger and a built-in or user-defined macro. If you enable both the macro auto device and the macro auto execute commands, the parameters specified in the command last executed is applied to the switch. Only one command is active on the switch.
To verify that a macro is applied to an interface, use the show macro auto interface user EXEC command.
This example shows how to display the IP phone macro parameter values, enable the IP phone macro, and change the default voice VLAN to 20:
Switch# show macro auto device phone
Device:phone
Default Macro:CISCO_PHONE_AUTO_SMARTPORT
Current Macro:CISCO_PHONE_AUTO_SMARTPORT
Configurable Parameters:ACCESS_VLAN VOICE_VLAN
Defaults Parameters:ACCESS_VLAN=1 VOICE_VLAN=2
Current Parameters:ACCESS_VLAN=1 VOICE_VLAN=2
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# macro auto device phone VOICE_VLAN=20
Switch(config)# end
Switch# show macro auto device phone
Device:phone
Default Macro:CISCO_PHONE_AUTO_SMARTPORT
Current Macro:CISCO_PHONE_AUTO_SMARTPORT
Configurable Parameters:ACCESS_VLAN VOICE_VLAN
Defaults Parameters:ACCESS_VLAN=1 VOICE_VLAN=2
Current Parameters:VOICE_VLAN=20
To replace built-in macro default values and to configure mapping from an event trigger to a built-in or user-defined macro, use the macro auto execute global configuration command.
macro auto execute event trigger {[builtin built-in macro name] | [remote url]} [parameter=value]
macro auto execute event trigger [parameter=value] [{ function contents }]
no macro auto execute event trigger {[builtin built-in macro name] | [remote url]} [parameter=value]
no macro auto execute event trigger [parameter=value] [{ function contents }]
This command has no default setting.
Global configuration
Use the macro auto execute global configuration command to replace the built-in macro default values with values that are specific to your switch.
The switch automatically maps from event triggers to built-in macros. The built-in macros are system-defined macros in the software image. You can also create user-defined macros by using the Cisco IOS shell scripting capability.
You can create new event triggers by using the shell trigger global configuration commands. Use the show shell triggers privileged EXEC command to display the contents of the user-defined triggers and macros.
You can use the macro auto mac-address-group global configuration command to create event triggers for devices that do not support Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP).
You can use the remote macro feature to store macros in a central location for designated network switches to use. You can then maintain and update the macro files for use by multiple switches. Use remote url to configure the remote server location and macro path information. There are no specific file extension requirements for saved macro files.
Auto Smartports macros and antimacros (the antimacro is the portion of the applied macro that removes it at link down) have these guidelines and limitations:
•You can delete or change the built-in macros. However, you can override a built-in macro by creating a user-defined macro with the same name. To restore the original built-in macro, delete the user-defined macro.
•If you enable both the macro auto device and the macro auto execute global configuration commands, the parameters specified in the command last executed are applied to the switch. Only one command is active on the switch.
•To avoid system conflicts when macros are applied, remove all port configurations except for 802.1x authentication.
•Do not configure port security when enabling Auto Smartports on the switch.
•If the macro conflicts with the original configuration, either the macro does not apply some of the original configuration commands, or the antimacro does not remove them. (The antimacro is the portion of the applied macro that removes the macro at a link-down event.)
For example, if 802.1x authentication is enabled, you cannot remove the switchport-mode access configuration. Remove the 802.1x authentication before removing the switchport mode configuration.
•A port cannot be a member of an EtherChannel when you apply Auto Smartports macros.
•The built-in-macro default data VLAN is VLAN 1. The default voice VLAN is VLAN 2. If your switch uses different access, native, or voice VLANs, use the macro auto device or the macro auto execute global configuration commands to configure the values.
•For 802.1x authentication or MAC authentication bypass (MAB), to detect non-Cisco devices, configure the RADIUS server to support the Cisco attribute-value pair auto-smart-port=event trigger.
•The switch supports Auto Smartport macros only on directly connected devices. Multiple device connections, such as hubs, are not supported.
•If authentication is enabled on a port, the switch ignores a MAC address trigger if authentication fails.
•The order of CLI commands within the macro and the corresponding antimacro can be different.
This example shows how to use two built-in macros for connecting Cisco switches and Cisco IP phones to the switch. This example modifies the default voice VLAN, access VLAN, and native VLAN for the trunk interface:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#!!! the next command modifies the access and voice vlans
Switch(config)#!!! for the built in Cisco IP phone auto smartport macro
Switch(config)# macro auto execute CISCO_PHONE_EVENT builtin CISCO_PHONE_AUTO_SMARTPORT ACCESS_VLAN=10 VOICE_VLAN=20
Switch(config)#
Switch(config)#!!! the next command modifies the Native vlan used for inter switch trunks
Switch(config)# macro auto execute CISCO_SWITCH_EVENT builtin CISCO_SWITCH_AUTO_SMARTPORT NATIVE_VLAN=10
Switch(config)#
Switch(config)#!!! the next command enables auto smart ports globally
Switch(config)# macro auto global processing
Switch(config)#
Switch(config)# exit
Switch# !!! here is the running configuration of the interface connected
Switch# !!! to another Cisco Switch after the Macro is applied
Switch#
Switch# show running-config interface gigabitethernet1/0/1
Building configuration...
Current configuration : 284 bytes
!
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 10
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
macro description CISCO_SWITCH_EVENT
end
This example shows how to map a user-defined event trigger called media player to a user-defined macro.
1. Connect the media player to an 802.1x- or MAB-enabled switch port.
2. On the RADIUS server, set the attribute-value pair to auto-smart-port=MP_EVENT.
3. On the switch, create the event trigger MP_EVENT, and enter the user-defined macro commands.
4. The switch recognizes the attribute-value pair=MP_EVENT response from the RADIUS server and applies the macro associated with this event trigger.
Switch(config)# shell trigger MP_EVENT mediaplayer
Switch(config)# macro auto execute MP_EVENT {
if [[ $LINKUP -eq YES ]]; then
conf t
interface $INTERFACE
macro description $TRIGGER
switchport access vlan 1
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security violation restrict
switchport port-security aging time 2
switchport port-security aging type inactivity
spanning-tree portfast
spanning-tree bpduguard enable
exit
fi
if [[ $LINKUP -eq NO ]]; then
conf t
interface $INTERFACE
no macro description $TRIGGER
no switchport access vlan 1
if [[ $AUTH_ENABLED -eq NO ]]; then
no switchport mode access
fi
no switchport port-security
no switchport port-security maximum 1
no switchport port-security violation restrict
no switchport port-security aging time 2
no switchport port-security aging type inactivity
no spanning-tree portfast
no spanning-tree bpduguard enable
exit
fi
To deregister the Cisco IOS shell scripts and to register user-defined scripts, use the macro auto file global configuration command. Use the no form of this command to remove the registration of system-defined scripts from the policy engine.
macro auto file {directory word} | {register word type [system | user]}
no macro auto file {directory word} | {register word type [system | user]}
There is no default.
Global configuration
Use the macro auto file global configuration command to deregister the Cisco IOS shell scripts and to register user-defined scripts.
This example shows how to deregister the system-defined file Mandatory.cdp.sh, copy the user-defined script to flash, register the location of the user-defined file, register the file Mandatory.cdp.sh, and how to verify your entries:
Switch# directory flash:
Directory of flash:/
3 -rwx 3533 Mar 1 1993 00:02:26 +00:00 Mandatory.cdp.sh
Switch(config)# no macro auto file register Mandatory.cdp.sh
Switch(config)# macro auto file directory "flash:"
Switch(config)# macro auto file register Mandatory.cdp.sh type user
Switch(config)# end
Switch# show running config | inc macro
macro auto file directory "flash:/"
macro auto file register Mandatory.cdp.sh type user
For ASP EEM registers the following policy scripts:
Mandatory.cdp.sh Mandatory.link.sh Mandatory.lldp.sh
Mandatory.identity.sh Mandatory.link2.sh Mandatory.mat.sh
To specify when the switch applies an Auto Smartports macro based on the detection method, device type, or trigger (referred to as event trigger control), use the macro auto global control global configuration command. Use the no form of this command to disable trigger-to-macro mapping. The switch then does not apply macros based on event triggers.
macro auto global control {detection [cdp] [lldp] [mac-address] | device [access-point] [ip-camera] [lightweight-ap] [media-player] [phone] [router] [switch] | trigger [last-resort]}
no macro auto global control {detection [cdp] [lldp] [mac-address] | device [access-point] [ip-camera] [lightweight-ap] [media-player] [phone] [router] [switch] | trigger [last-resort]}
The switch uses the device type as the event trigger. If the switch cannot determine the device type, it uses MAC address groups, MAB messages, 802.1x authentication messages, and LLDP messages in random order.
Global configuration
|
|
---|---|
12.2(55)SE |
This command was introduced on the Catalyst 3750-X, 3750-E, 3750, 3560-X, 3560-E, 3560, 2975, 2960, and 2918 switches. |
If you do not set event triggers, the switch uses the device type as the event trigger. If the switch cannot determine the device type, it uses MAC address groups, MAB messages, 802.1x authentication messages, and LLDP messages in random order.
To verify that a macro is applied to a switch, use the show macro auto global user EXEC command.
To set CDP messages, LLDP messages and MAC address groups as event triggers:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# macro auto global control detection cdp lldp mac-address
Switch(config)# end
To set autonomous access points, lightweight access points, and IP phones:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# macro auto global control device access-point lightweight-ap phone
Switch(config)# end
To enable Auto Smartports macros on the switch, use the macro auto global processing global configuration command. Use the no form of this command to disable the macros.
macro auto global processing [fallback cdp]
no macro auto global processing [fallback cdp]
fallback cdp |
(Optional) Use the Cisco Discovery Protocol (CDP) as the fallback mechanism if authentication fails. Starting in Cisco IOS Release 12.2(58)SE, these keywords are no longer supported. |
Auto Smartports is disabled.
Global configuration
Use the macro auto global processing global configuration command to globally enable macros on the switch. To disable macros on a specific port, use the no macro auto processing command in interface mode.
When using 802.1x or MAB authentication, you need to configure the RADIUS server to support the Cisco attribute-value pair auto-smart-port=event trigger. If authentication fails, the macro is not applied. If the 802.1x or MAB authentication fails on the interface, the switch does not use the fallback CDP event trigger.
When CDP-identified devices advertise multiple capabilities, the switch chooses a capability first by switch and then by router.
To verify that a macro is applied to an interface, use the show macro auto interface privileged EXEC command.
This example shows how enable Auto Smartports on the switch and to disable the feature on a specific interface:
Switch(config)# macro auto global processing
Switch(config)# interface interface_id
Switch(config-if)# no macro auto processing
To create an event trigger for devices that do not support Cisco Discovery Protocol (CDP) or Link Layer Discover Protocol (LLDP), use the macro auto mac-address-group global configuration command. Use the no form of this command to delete the group.
macro auto mac-address-group name [mac-address list list] | [oui [list list | range start-value size number]]
no macro auto mac-address-group name [mac-address list list] | [oui [list list | range start-value size number]]
No groups are defined.
Group configuration
Use the macro auto mac-address-group global configuration command to create an event trigger for devices that do not support CDP or LLDP. Use the MAC address group as a trigger to map to a built-in or user-defined macro by using the macro auto execute global configuration command. At link-up the switch detects the device type and applies the specified macro.
The switch supports up to ten MAC address groups. Each group can have up to 32 OUI and 32 MAC configured addresses.
This example shows how to create a MAC-address-group event trigger called address_trigger and how to verify your entries:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# macro auto address-group mac address_trigger
Switch(config-addr-grp-mac)# mac-address list 2222.3333.3334 22.33.44 a.b.c
Switch(config-addr-grp-mac)# oui list 455555 233244
Switch(config-addr-grp-mac)# oui range 333333 size 2
Switch(config-addr-grp-mac)# exit
Switch(config)# end
Switch# show running configuration
!
!macro auto mac-address-group address_trigger
oui list 333334
oui list 333333
oui list 233244
oui list 455555
mac-address list 000A.000B.000C
mac-address list 0022.0033.0044
mac-address list 2222.3333.3334
!
<output truncated>
To configure macros remain active after a link-down event, referred to as macro persistence, use the macro auto sticky global configuration command. Use the no form of this command to disable the macro persistence.
macro auto sticky
no macro auto sticky
This command has no arguments or keywords.
Macro persistence is disabled.
Global configuration
Use the macro auto sticky global configuration command so that macros remain active after a link-down event.
This example shows how to enable macro persistence on an interface:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface gigabitethernet 2/0/1
Switch(config-if)# macro auto port sticky
Switch(config-if)# exit
Switch(config)# end
To enter a description about which macros are applied to an interface, use the macro description interface configuration command. Use the no form of this command to remove the description. This command is mandatory for Auto Smartports to work.
macro description text
no macro description text
description text |
Enters a description about the macros that are applied to the specified interface. |
This command has no default setting.
Interface configuration
Use the description keyword to associate comment text or the macro name with an interface. When multiple macros are applied on a single interface, the description text is from the last applied macro.
You can verify your settings by entering the show parser macro description privileged EXEC command.
This example shows how to add a description to an interface:
Switch(config-if)# macro description duplex settings
To apply a macro to a switch or to apply and debug a macro on a switch, use the macro global global configurationcommand.
macro global {apply | trace} macro-name [parameter {value}] [parameter {value}]
[parameter {value}]
This command has no default setting.
Global configuration
Use the macro global apply macro-name global configuration command to apply the macro to an interface.
Use the macro global trace macro-name global configuration command to apply and then debug the macro to find any syntax or configuration errors.
If a command fails when you apply a macro because of a syntax error or a configuration error, the macro continues to apply the remaining commands to the switch.
When creating a macro that requires the assignment of unique values, use the parameter value keywords to designate values specific to the switch.
Keyword matching is case sensitive. All matching occurrences of the keyword are replaced with the corresponding value. Any full match of a keyword, even if it is part of a larger string, is considered a match and is replaced by the corresponding value.
Some macros might contain keywords that require a parameter value. You can use the macro global apply macro-name ? command to display a list of any required values in the macro. If you apply a macro without entering the keyword values, the commands are invalid and are not applied.
There are Cisco-default Smartports macros embedded in the switch software. You can display these macros and the commands they contain by using the show parser macro user EXEC command.
Follow these guidelines when you apply a Cisco-default Smartports macro on a switch:
•Display all macros on the switch by using the show parser macro user EXEC command. Display the contents of a specific macro by using the show parser macro name macro-name user EXEC command.
•Keywords that begin with $ mean that a unique parameter value is required. Append the Cisco-default macro with the required values by using the parameter value keywords.
The Cisco-default macros use the $ character to help identify required keywords. There is no restriction on using the $ character to define keywords when you create a macro.
When you apply a macro to a switch, the macro name is automatically added to the switch. You can display the applied commands and macro names by using the show running-config user EXEC command.
You can delete a global macro-applied configuration on a switch only by entering the no version of each command in the macro.
After you have created a new macro by using the macro auto execute global configuration command, you can apply it to a switch. This example shows how see the snmp macro, how to apply the macro, set the hostname to test-server, and set the IP precedence value to 7:
Switch# show parser macro name snmp
Macro name : snmp
Macro type : customizable
#enable port security, linkup, and linkdown traps
snmp-server enable traps port-security
snmp-server enable traps linkup
snmp-server enable traps linkdown
#set snmp-server host
snmp-server host ADDRESS
#set SNMP trap notifications precedence
snmp-server ip precedence VALUE
--------------------------------------------------
Switch(config)#
macro global apply snmp ADDRESS test-server VALUE 7
To debug a macro, use the macro global trace global configuration command to find any syntax or configuration errors in the macro when you apply it to a switch. In this example, the ADDRESS parameter value was not entered, the snmp-server host
command failed, and the remainder of the macro is applied to the switch:
Switch(config)# macro global trace snmp VALUE 7
Applying command...`snmp-server enable traps port-security'
Applying command...`snmp-server enable traps linkup'
Applying command...`snmp-server enable traps linkdown'
Applying command...`snmp-server host'
%Error Unknown error.
Applying command...`snmp-server ip precedence 7'
To enter a description about the macros that are applied to a switch, use the macro global description global configuration command. Use the no form of this command to remove the description.
macro global description text
no macro global description text
description text |
Enters a description about the macros that are applied to the switch. |
This command has no default setting.
Global configuration
Use the description keyword to associate comment text or the macro name with a switch. When multiple macros are applied on a switch, the description text is from the last applied macro.
You can verify your settings by entering the show parser macro description privileged EXEC command.
This example shows how to add a description to a switch:
Switch(config)# macro global description udld aggressive mode enabled
To create an event trigger, use the shell trigger global configuration command. Use the no form of this command to delete the trigger.
shell trigger identifier description
no shell trigger identifier description
identifier |
Specifies the event trigger identifier. The identifier should have no spaces or hyphens between words. |
description |
Specifies the event trigger description text. |
System-defined event triggers:
•CISCO_DMP_EVENT
•CISCO_IPVSC_AUTO_EVENT
•CISCO_PHONE_EVENT
•CISCO_SWITCH_EVENT
•CISCO_ROUTER_EVENT
•CISCO_WIRELESS_AP_EVENT
•CISCO_WIRELESS_LIGHTWEIGHT_AP_EVENT
Global configuration
Use this command to create user-defined event triggers for use with the macro auto device and the macro auto execute global configuration commands.
To support dynamic device discovery when using IEEE 802.1x authentication, you need to configure the RADIUS authentication server to support the Cisco attribute-value pair: auto-smart-port=event trigger.
This example shows how to create a user-defined event trigger called RADIUS_MAB_EVENT:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# shell trigger RADIUS_MAB_EVENT MAC_AuthBypass Event
Switch(config)# end
To display Auto Smartports macro information, use the show macro auto user EXEC command.
show macro auto {address-group [address-group-name] | device [access-point] [ip-camera] [lightweight-ap] [media-player] [phone] [router] [switch] | event manager | global [event_trigger] | interface [interface_id]}
User EXEC
Privileged EXEC
Use this command to display the Auto Smartports information for the switch. Use the show macro auto device privileged EXEC command to display the configurable parameters for a device.
This example shows how to use the show macro auto device privileged EXEC command to view the configuration on the switch:
Switch> show macro auto device
Device:lightweight-ap
Default Macro:CISCO_LWAP_AUTO_SMARTPORT
Current Macro:CISCO_LWAP_AUTO_SMARTPORT
Configurable Parameters:ACCESS_VLAN
Defaults Parameters:ACCESS_VLAN=1
Current Parameters:ACCESS_VLAN=1
Device:access-point
Default Macro:CISCO_AP_AUTO_SMARTPORT
Current Macro:CISCO_AP_AUTO_SMARTPORT
Configurable Parameters:NATIVE_VLAN
Defaults Parameters:NATIVE_VLAN=1
Current Parameters:NATIVE_VLAN=1
Device:phone
Default Macro:CISCO_PHONE_AUTO_SMARTPORT
Current Macro:CISCO_PHONE_AUTO_SMARTPORT
Configurable Parameters:ACCESS_VLAN VOICE_VLAN
Defaults Parameters:ACCESS_VLAN=1 VOICE_VLAN=2
Current Parameters:ACCESS_VLAN=1 VOICE_VLAN=2
Device:router
Default Macro:CISCO_ROUTER_AUTO_SMARTPORT
Current Macro:CISCO_ROUTER_AUTO_SMARTPORT
Configurable Parameters:NATIVE_VLAN
Defaults Parameters:NATIVE_VLAN=1
Current Parameters:NATIVE_VLAN=1
Device:switch
Default Macro:CISCO_SWITCH_AUTO_SMARTPORT
Current Macro:CISCO_SWITCH_AUTO_SMARTPORT
Configurable Parameters:NATIVE_VLAN
Defaults Parameters:NATIVE_VLAN=1
Current Parameters:NATIVE_VLAN=1
Device:ip-camera
Default Macro:CISCO_IP_CAMERA_AUTO_SMARTPORT
Current Macro:CISCO_IP_CAMERA_AUTO_SMARTPORT
Configurable Parameters:ACCESS_VLAN
Defaults Parameters:ACCESS_VLAN=1
Current Parameters:ACCESS_VLAN=1
Device:media-player
Default Macro:CISCO_DMP_AUTO_SMARTPORT
Current Macro:CISCO_DMP_AUTO_SMARTPORT
Configurable Parameters:ACCESS_VLAN
Defaults Parameters:ACCESS_VLAN=1
Current Parameters:ACCESS_VLAN=1
This example shows how to use the show macro auto address-group name privileged EXEC command to view the TEST3 address group configuration on the switch:
Switch> show macro auto address-group TEST3
MAC Address Group Configuration:
Group Name OUI MAC ADDRESS
--------------------------------------------------------------
TEST3 2233.33 0022.0022.0022
2233.34
To display the parameters for all configured macros or for one macro on the switch, use the show parser macro user EXEC command.
show parser macro [{brief | description [interface interface-id] | name macro-name}]
User EXEC
Privileged EXEC
This is a partial output example from the show parser macro command. The output for the Cisco-default macros varies depending on the switch platform and the software image running on the switch:
Switch# show parser macro
Total number of macros = 6
--------------------------------------------------------------
Macro name : cisco-global
Macro type : default global
# Enable dynamic port error recovery for link state
# failures
errdisable recovery cause link-flap
errdisable recovery interval 60
<output truncated>
--------------------------------------------------------------
Macro name : cisco-desktop
Macro type : default interface
# macro keywords $AVID
# Basic interface - Enable data VLAN only
# Recommended value for access vlan (AVID) should not be 1
switchport access vlan $AVID
switchport mode access
<output truncated>
--------------------------------------------------------------
Macro name : cisco-phone
Macro type : default interface
# Cisco IP phone + desktop template
# macro keywords $AVID $VVID
# VoIP enabled interface - Enable data VLAN
# and voice VLAN (VVID)
# Recommended value for access vlan (AVID) should not be 1
switchport access vlan $AVID
switchport mode access
<output truncated>
--------------------------------------------------------------
Macro name : cisco-switch
Macro type : default interface
# macro keywords $NVID
# Access Uplink to Distribution
# Do not apply to EtherChannel/Port Group
# Define unique Native VLAN on trunk ports
# Recommended value for native vlan (NVID) should not be 1
switchport trunk native vlan $NVID
<output truncated>
--------------------------------------------------------------
Macro name : cisco-router
Macro type : default interface
# macro keywords $NVID
# Access Uplink to Distribution
# Define unique Native VLAN on trunk ports
# Recommended value for native vlan (NVID) should not be 1
switchport trunk native vlan $NVID
<output truncated>
--------------------------------------------------------------
Macro name : snmp
Macro type : customizable
#enable port security, linkup, and linkdown traps
snmp-server enable traps port-security
snmp-server enable traps linkup
snmp-server enable traps linkdown
#set snmp-server host
snmp-server host ADDRESS
#set SNMP trap notifications precedence
snmp-server ip precedence VALUE
--------------------------------------------------------------
This is an example of output from the show parser macro name command:
Switch# show parser macro name standard-switch10
Macro name : standard-switch10
Macro type : customizable
macro description standard-switch10
# Trust QoS settings on VOIP packets
auto qos voip trust
# Allow port channels to be automatically formed
channel-protocol pagp
This is an example of output from the show parser macro brief command:
Switch# show parser macro brief
default global : cisco-global
default interface: cisco-desktop
default interface: cisco-phone
default interface: cisco-switch
default interface: cisco-router
customizable : snmp
This is an example of output from the show parser macro description command:
Switch# show parser macro description
Global Macro(s): cisco-global
Interface Macro Description(s)
--------------------------------------------------------------
Gi1/0/1 standard-switch10
Gi1/0/2 this is test macro
--------------------------------------------------------------
This is an example of output from the show parser macro description interface command:
Switch# show parser macro description interface gigabitethernet1/0/2
Interface Macro Description
--------------------------------------------------------------
Gi1/0/2 this is test macro
--------------------------------------------------------------
To display shell information, use the show shell user EXEC command.
show shell [environment | functions [brief | shell_function] | triggers]
User EXEC
Privilieged EXEC
Use this command to display the shell information for the switch.
This example shows how to use the show shell triggers privileged EXEC command to view the event triggers in the switch software:
Switch# show shell triggers
User defined triggers
---------------------
Built-in triggers
-----------------
Trigger Id: CISCO_CUSTOM_EVENT
Trigger description: Custom macroevent to apply user defined configuration
Trigger environment: User can define the macro
Trigger mapping function: CISCO_CUSTOM_AUTOSMARTPORT
Trigger Id: CISCO_DMP_EVENT
Trigger description: Digital media-player device event to apply port configuration
Trigger environment: Parameters that can be set in the shell - $ACCESS_VLAN=(1)
The value in the parenthesis is a default value
Trigger mapping function: CISCO_DMP_AUTO_SMARTPORT
Trigger Id: CISCO_IPVSC_EVENT
Trigger description: IP-camera device event to apply port configuration
Trigger environment: Parameters that can be set in the shell - $ACCESS_VLAN=(1)
The value in parenthesis is a default value
Trigger mapping function: CISCO_IP_CAMERA_AUTO_SMARTPORT
Trigger Id: CISCO_LAST_RESORT_EVENT
Trigger description: Last resortevent to apply port configuration
Trigger environment: Parameters that can be set in the shell - $ACCESS_VLAN=(1)
The value in the parenthesis is a default value
Trigger mapping function: CISCO_LAST_RESORT_SMARTPORT
Trigger Id: CISCO_PHONE_EVENT
Trigger description: IP-phone device event to apply port configuration
Trigger environment: Parameters that can be set in the shell - $ACCESS_VLAN=(1)
and $VOICE_VLAN=(2), The value in the parenthesis is a default value
Trigger mapping function: CISCO_PHONE_AUTO_SMARTPORT
Trigger Id: CISCO_ROUTER_EVENT
Trigger description: Router device event to apply port configuration
Trigger environment: Parameters that can be set in the shell - $NATIVE_VLAN=(1)
The value in the parenthesis is a default value
Trigger mapping function: CISCO_ROUTER_AUTO_SMARTPORT
Trigger Id: CISCO_SWITCH_ETHERCHANNEL_CONFIG
Trigger description: etherchannel parameter
Trigger environment: $INTERFACE_LIST=(),$PORT-CHANNEL_ID=(),
$EC_MODE=(),$EC_PROTOCOLTYPE=(),
PORT-CHANNEL_TYPE=()
Trigger mapping function: CISCO_ETHERCHANNEL_AUTOSMARTPORT
Trigger Id: CISCO_SWITCH_EVENT
Trigger description: Switch device event to apply port configuration
Trigger environment: Parameters that can be set in the shell - $NATIVE_VLAN=(1)
The value in the parenthesis is a default value
Trigger mapping function: CISCO_SWITCH_AUTO_SMARTPORT
Trigger Id: CISCO_WIRELESS_AP_EVENT
Trigger description: Autonomous ap device event to apply port configuration
Trigger environment: Parameters that can be set in the shell - $NATIVE_VLAN=(1)
The value in the parenthesis is a default value
Trigger mapping function: CISCO_AP_AUTO_SMARTPORT
Trigger Id: CISCO_WIRELESS_LIGHTWEIGHT_AP_EVENT
Trigger description: Lightweight-ap device event to apply port configuration
Trigger environment: Parameters that can be set in the shell - $ACCESS_VLAN=(1)
The value in the parenthesis is a default value
Trigger mapping function: CISCO_LWAP_AUTO_SMARTPORT
Trigger Id: word
Trigger description: word
Trigger environment:
Trigger mapping function:
This example shows how to use the show shell functions privileged EXEC command to view the built-in macros in the switch software:
Switch# show shell functions
#User defined functions:
#Built-in functions:
function CISCO_AP_AUTO_SMARTPORT () {
if [[ $LINKUP -eq YES ]]; then
conf t
interface $INTERFACE
macro description $TRIGGER
switchport trunk encapsulation dot1q
switchport trunk native vlan $NATIVE_VLAN
switchport trunk allowed vlan ALL
switchport mode trunk
switchport nonegotiate
auto qos voip trust
mls qos trust cos
if [[ $LIMIT -eq 0 ]]; then
default srr-queue bandwidth limit
else
srr-queue bandwidth limit $LIMIT
fi
if [[ $SW_POE -eq YES ]]; then
if [[ $AP125X -eq AP125X ]]; then
macro description AP125X
macro auto port sticky
power inline port maximum 20000
fi
fi
exit
end
fi
if [[ $LINKUP -eq NO ]]; then
conf t
interface $INTERFACE
no macro description
no switchport nonegotiate
no switchport trunk native vlan $NATIVE_VLAN
no switchport trunk allowed vlan ALL
no auto qos voip trust
no mls qos trust cos
default srr-queue bandwidth limit
if [[ $AUTH_ENABLED -eq NO ]]; then
no switchport mode
no switchport trunk encapsulation
fi
if [[ $STICKY -eq YES ]]; then
if [[ $SW_POE -eq YES ]]; then
if [[ $AP125X -eq AP125X ]]; then
no macro auto port sticky
no power inline port maximum
fi
fi
fi
exit
end
fi
}
<output truncated>