Cisco Nexus 7000 Series NX-OS System Management Command Reference

sampler
sampling
save
scheduler
shut
sleep instance
snapshot create
snapshot delete
snapshot section
snmp-server aaa-user cache-timeout
snmp-server community
snmp-server contact
snmp-server context
snmp-server enable traps
snmp-server globalEnforcePriv
snmp-server host
snmp-server host filter-vrf
snmp-server host use-vrf
snmp-server location
snmp-server mib community-map
snmp-server p acketsize
snmp-server protocol enable
snmp-server source-interface
snmp-server tcp-session
snmp-server user
snmp-server user enforcePriv
snmp-trap
source
source
source exception
switchport monitor
switchport monitor exclude header
system cores
system default switchport monitor exclude header
system hap-reset
system heartbeat
system mode maintenance
system mode maintenance always-use-custom-profile
system mode maintenance dont-generate-profile
system mode maintenance non-interactive
system mode maintenance on-reload reset-reason
system mode maintenance shutdown
system mode maintenance snapshot-delay
system mode maintenance timeout
system no hap-reset
system no heartbeat
system no standby manual-boot
system no watchdog
system no watchdog kgdb
system pss shrink
system scale-limit monitor
system standby manual-boot
system startup-config init
system startup-config unlock
system test-preupgrade running-ver
system switchover
system trace
system watchdog
system watchdog kgdb

S Commands

This chapter describes the Cisco NX-OS system management commands that begin with the letter S, excluding the show commands.

sampler

To define a sampler and enter the sampler configuration mode, use the sampler command. To remove the sampler definition, use the no form of this command.

sampler name

no sampler name

Syntax Description

name

Name of the sampler.

Defaults

No samplers are defined.

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

NetFlow sampling means that M out of N packets are sampled. When a packet is sampled and there is a NetFlow cache miss, a NetFlow cache entry is created for this flow. The first packet timestamp is updated and the statistics for the first packet are initialized (for example, the bytes are set to the number of bytes in the packet and the packet count is set to one). If there is a NetFlow cache hit when the packet is sampled, the cache for this flow is updated, which includes adding the number of bytes in the packet to the byte counter and incrementing the packet count by one.

Once you enter the sampler name command, you enter the sampler configuration mode, and the prompt changes to the following:

switch(config-flow-sampler)#

Within the sampler configuration mode, the following keywords and arguments are available to configure the flow monitor:

description description —Provides a description for this sampler; you can add a maximum of 63 characters.
exit —Exits from the current configuration mode.
mode sample-num out-of packets —Configures the sampler mode. The valid values are as follows:

– sample-num —Number of samples per sampling. The range is from 1 to 64.

– out-of —Specifies the samples per packet ratio.

– packets —Number of packets in each sampling. The range is from 1 to 8192.

no —Negates a command or sets its defaults.

This command does not require a license.

Examples

This example shows how to define a sampler and enter the sampler configuration mode:

switch(config)# sampler testsampler

switch(config-flow-sampler)#

This example shows how to configure the sampler mode:

switch(config)# sampler testsampler

switch(config-flow-sampler)# mode 24 out-of 1200

This example shows how to remove a sampler definition:

switch(config)# no sampler testsampler

switch(config-flow)#

Related Commands

Command	Description
flow exporter	Creates a flow exporter.
flow monitor	Creates a flow monitor.
flow record	Creates a flow record.

sampling

To set the sampling range for Switched Port Analyzer (SPAN) packets, use the sampling command. To revert to the default settings, use the no form of this command.

sampling range

no sampling

Syntax Description

range

Sampling range. Every nth packet will be spanned. The range is from 2 to 1023.

Defaults

None

Command Modes

Sampling only applies to local SPAN (config-monitor) and ERSPAN source session (config-monitor-erspan-src) configuration.

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
6.1(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to set the sampling range for the SPAN packets:

switch(config)# monitor session 3 type erspan-source

switch(config-erspan-src)# sampling 100

switch(config-monitor)#

Related Commands

Command	Description
monitor session	Enters the monitor configuration mode.

save

To save the current configuration session to a file, use the save command.

save location

Syntax Description

location

Location of the file. The location can be in bootflash:, slot0:, or volatile: The filename can be any alphanumeric string up to 63 characters.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to save a configuration session to a file in bootflash:

switch# configure session myACLs

switch(config-s)# save bootflash:sessions/myACLs

Related Commands

Command	Description
delete	Deletes a file from a location.

scheduler

To create or schedule a scheduler job, use the scheduler command. To remove a job or scheduled job, use the no form of this command.

scheduler {aaa-authentication [username username] password [0 | 7] password |
job name job-name | logfile size filesize | schedule name schedule-name }

no scheduler {aaa-authentication [username username] password [0 | 7] password |
job name job-name | logfile size filesize | schedule name schedule-name }

Syntax Description

aaa-authentication	Begins an AAA authentication exchange with a remote user.
username username	(Optional) Indicates the remote user is entering a username and specifies the username.
password	Indicates the remote user is entering a password for authentication.
0	Indicates the password is in clear text.
7	Indicates the password is encrypted.
password	Remote user’s password.
job name job-name	Places you into job configuration mode for the specified job name. The maximum length of the name is 31 characters.
logfile	Specifies a logfile configuration.
size filesize	Specifies the size of the logfile. The range is from 16 to 1024 KB.
schedule	Defines a schedule for a job.
name schedule-name	Specifies the name of the schedule. The maximum length of the name is 31 characters.

Defaults

None

Command Modes

Job configuration

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

To use this command, the scheduler must already be enabled.

To enable the scheduler, use the feature scheduler command.

Remote users must authenticate with the device using the scheduler aaa-authentication command before using this command to configure a maintenance job.

Note The commands within a scheduler job must be entered in a single line separated by semicolon (;).

This command does not require a license.

Examples

This example shows how to create a scheduler job that saves the running configuration to a file in bootflash and then copies the file from bootflash to a TFTP server. The filename is created using the current timestamp and switch name.

switch(config)# scheduler job name backup-cfg

switch(config-job)# cli var name timestamp $(TIMESTAMP);copy running-config bootflash:/$(SWITCHNAME)-cfg.$(timestamp);copy bootflash:/$(SWITCHNAME)-cfg.$(timestamp) tftp://1.2.3.4/ vrf management

switch(config-job)# end

switch(config)#

This example shows how to schedule a scheduler job to run daily at 1:00 a.m:

switch(config)# scheduler schedule name daily

switch(config-schedule)# job name backup-cfg

switch(config-schedule)# time daily 1:00

switch(config-schedule)# end

switch(config)#

This example shows how to remove a scheduler job:

switch# config t

switch(config)# no scheduler job name backup-cfg

This example shows how to remove a scheduler job schedule:

switch# config t

switch(config)# no scheduler schedule name daily

This example shows how to specify the password for a remote user:

switch# config t

switch(config)# scheduler aaa-authentication password newpwd

This example shows how to specify a clear text password for a remote user:

switch# config t

switch(config)# scheduler aaa-authentication password 0 newpwd

This example shows how to specify an encrypted password for a remote user:

switch# config t

switch(config)# scheduler aaa-authentication password 7 newpwd2

This example shows how to specify a name and authentication password for a remote user:

switch# config t

switch(config)# scheduler aaa-authentication username admin1 password newpwd3

Related Commands

Command	Description
feature scheduler	Enables the scheduler.
show scheduler	Displays scheduler information.

shut

To shut down an Ethernet Switched Port Analyzer (SPAN) session, use the shut command. To enable a SPAN session, use the no form of this command.

shut

no shut

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Monitor-common configuration (config-monitor)

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to shut down a SPAN session:

switch(config)# monitor session 1

switch(config-monitor)# shut

This example shows how to enable a SPAN session:

switch(config-monitor)# no shut

switch(config-monitor)#

Related Commands

Command	Description
monitor session	Enters the monitor configuration mode.
show monitor session	Displays the virtual SPAN or ERSPAN configuration.

sleep instance

To delay the execution of a command by a specified number of seconds in the maintenance profile, use the sleep instance command. You can delay multiple instances of a command. To remove the delay, use the no form of this command.

sleep instance instance-number seconds

no sleep instance instance-number seconds

Syntax Description

instance-number	Provides a label for the configuration by specifying a particular instance number. The range is from 0 to 2177483647.
seconds	Specifies the number of seconds by which the execution of the command has to be delayed. The range is from 0 to 2177483647.

Defaults

None

Command Modes

maintenance profile configuration (config-mm-profile)

Supported User Roles

network-admin
vdc-admin

network-operator

vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to delay the execution of one command by 20 seconds and another command by 10 seconds:

switch# configure maintenance profile normal-mode

Please configure 'system mode maintenance always-use-custom-profile' if you want to use custom profile always for maintenance mode.

Enter configuration commands, one per line. End with CNTL/Z.

switch(config-mm-profile)# interface ethernet 1/1

switch(config-mm-profile-if-verify)# no shutdown

switch(config-mm-profile-if-verify)# exit

switch(config-mm-profile)# sleep instance 1 20

switch(config-mm-profile)# router bgp 200

switch(config-mm-profile-router)# address-family ipv4 unicast

switch(config-mm-profile-router-af)# redistribute direct route-map my-rmap-deny

switch(config-mm-profile-router-af)# exit

switch(config-mm-profile-router)# exit

switch(config-mm-profile)# sleep instance 1 10

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show run mmode	Displays the currently running maintenance profile configuration on a switch.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.

snapshot create

To create a snapshot, use the snapshot create command.

snapshot create name description

Syntax Description

name	The name variable can be 64 characters in length.
description	The description variable can be 256 characters in length.

Defaults

None.

Command History

Release	Modification
7.2.0	This command was introduced.

Examples

This example shows how to create a snapshot:

switch# snapshot create snap1 For documentation purposes.

Executing show interface... Done

Executing show bgp sessions vrf all... Done

Executing show ip eigrp topology summary... Done

Executing show ipv6 eigrp topology summary... Done

Executing show vpc... Done

Executing show ip ospf vrf all... Done

Feature 'ospfv3' not enabled, skipping...

Executing show isis vrf all... Done

Snapshot 'snap1' created

switch#

Related Commands

Command	Description
show snapshots before-maintenance-mode description	Displays snapshots present on the switch.
snapshot delete	Deletes the snapshot.
show snapshot compare	Compares snapshots and showing the summary and details of each feature.

snapshot delete

To delete a single snapshot or to delete all the snapshots in a system, use the snapshot delete command.

snapshot delete { all | snapshot-name }

Syntax Description

all	Deletes all the snapshots in the system.
snapshot-name	Deletes the specified snapshot.

Defaults

None

Supported User Roles

network-admin
vdc-admin

network-operator

vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to delete all the snapshots in a system:

switch# snapshot delete all

This example shows how to delete a specific snapshot:

switch # snapshot delete snapshot1

Related Commands

Command	Description
show snapshots	Displays snapshots present on the switch.
snapshot create	Generates a snapshot.
snapshot section	Adds or deletes a snapshot section.

snapshot section

To add or delete a snapshot section, use the snapshot section command.

snapshot section { add section “show-command” row-id element-key1 [ element-key2 ] | delete section }

Syntax Description

add	Adds the specified snapshot section to the snapshot.
section	Names the snapshot section that is added to the snapshot to display the show command output.
"show command"	Specifies the show command. The output of this show command is displayed in the new snapshot section created. This show command has to be specified within quotation marks ("show").
row-id	The row-id argument specifies the tag of each row entry of the show command's XML output.
element-key1	Specifies the tag used to distinguish among row entries in the show command snapshot section output.
element-key2	(Optional) Specifies another tag used to distinguish among row entries in the show command snapshot section output.
delete	Deletes the specified snapshot section from the snapshot.

Defaults

None.

Supported User Roles

network-admin
vdc-admin

network-operator

vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to add a snapshot section that displays the output of the show ip route detail vrf all command to the snapshot:

switch# snapshot section add v4route show "show ip route detail vrf all" ROW_prefix ipprefix

This example shows how to delete a snapshot section from the snapshot:

switch# snapshot section delete v4route

Related Commands

Command	Description
show snapshots	Displays snapshots present on the switch.
snapshot create	Generates a snapshot.
snapshot delete	Deletes snapshots.

snmp-server aaa-user cache-timeout

To configure the Simple Network Management Protocol (SNMP) time-out value for synchronized AAA users, use the snmp-server aaa-user cache-timeout command. To revert to the default settings, use the no form of this command.

snmp-server aaa-user cache-timeout seconds

no snmp-server aaa-user cache-timeout seconds

Syntax Description

seconds

Timeout value, in seconds. The range is from 1 to 86400.

Defaults

3600 seconds

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(3)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the AAA user synchronization timeout value:

switch# configure terminal

switch(config)# snmp-server aaa-user cache-timeout 6000

Related Commands

Command	Description
show snmp	Displays information about SNMP.

snmp-server community

To configure the Simple Network Management Protocol (SNMP) community string, use the snmp-server community command. To remove the community string, use the no form of this command.

snmp-server community name [group name | ro | rw]

no snmp-server community name [group name | ro | rw]

Syntax Description

name	SNMP community string. The name can be any alphanumeric string up to 32 characters.
group name	(Optional) Specifies the group name to which the community belongs. The name can be any alphanumeric string up to 32 characters.
ro	(Optional) Sets read-only access for this community.
rw	(Optional) Sets read-write access for this community.

Defaults

The default community access is read-only (ro).

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

Use the snmp-server community command to configure read-only or read-write access to the SNMP agent on the device. You can optionally configure the community for an access group or user role. For more information on user roles, see the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 6.x.

This command does not require a license.

Examples

This example shows how to configure a read-only SNMP community:

switch# configure terminal

switch(config)# snmp-server community test ro

Related Commands

Command	Description
show snmp community	Displays information about SNMP communities.
show snmp group	Displays information about configured user roles.

snmp-server contact

To configure the Simple Network Management Protocol (SNMP) contact information, use the snmp-server contact command. To remove the contact information, use the no form of this command.

snmp-server contact [ contact-info ]

no snmp-server contact [ contact-info ]

Syntax Description

contact-info

(Optional) SNMP contact information (sysContact). The name can be any alphanumeric string up to 255 characters.

Defaults

A zero-length string

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

Use the snmp-server contact command to configure the SNMP sysContact variable.

This command does not require a license.

Examples

This example shows how to configure the SNMP contact:

switch# configure terminal

switch(config)# snmp-server contact Jane Smith@anyplace.com

Related Commands

Command	Description
show snmp	Displays information about SNMP.

snmp-server context

To configure the Simple Network Management Protocol (SNMP) context to logical network entity mapping, use the snmp-server context command. To remove the context, use the no form of this command.

snmp-server context context-name [ instance instance-name ] [ vrf vrf-name ] [ topology topology-name ]

no snmp-server context context-name [ instance instance-name ] [ vrf vrf-name ] [ topology topology-name ]

Syntax Description

context-name	SNMP context. The name can be any alphanumeric string up to 32 characters.
instance instance-name	(Optional) Specifies a protocol instance. The name can be any alphanumeric string up to 32 characters.
vrf vrf-name	(Optional) Specifies the virtual routing and forwarding (VRF) instance. The name can be any alphanumeric string up to 32 characters.
topology topology-name	(Optional) Specifies the topology. The name can be any alphanumeric string up to 32 characters.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(2)	This command was introduced.

Usage Guidelines

Use the snmp-server context command to map between SNMP contexts and logical network entities, such as protocol instances or VRFs.

Do not use the instance, vrf, or topology keywords to delete a context. If you use these keywords, you map the context to a zero-length string.

If you are using SNMPv2c, use the snmp-server mib community-map command to map an SNMPv2c community to an SNMP context and use the snmp-server context command to map this context to a logical network entity.

For more information on context mapping, see the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 6.x.

This command does not require a license.

Examples

This example shows how to map the public1 context to VRF red:

switch# configure terminal

switch(config)# snmp-server context public1 vrf red

Related Commands

Command	Description
show snmp context	Displays information about SNMP contexts.
snmp-server mib community-map	Maps an SNMPv2c community to an SNMP context.

snmp-server enable traps

To enable the Simple Network Management Protocol (SNMP) notifications, use the snmp-server enable traps command. To disable SNMP notifications, use the no form of this command.

snmp-server enable traps [ aaa [ server-state-change ] | bgp [ cbgp2 ] | bridge [ newroot ] [ topologychange ] | callhome [ event-notify ] [ smtp-send-fail ] | cfs [ merge-failure ] [ state-change-notif ] | config [ ccmCLIRunningConfigChanged ] | eigrp | entity [ entity_fan_status_change ] [ entity_mib_change ] [ entity_module_inserted ] [ entity_module_removed ] [ entity_module_status_change ] [ entity_power_out_change ] [ entity_power_status_change ] [ entity_unrecognised_module ] | feature-control [ FeatureOpStatusChange ] | hsrp [ state-change ] | license [ notify-license-expiry ] [ notify-license-expiry-warning ] [ notify-licensefile-missing ] [ notify-no-license-for-feature ] | link [ IETF-extended-linkDown ] [ IETF-extended-linkUp ] [ cisco-extended-linkDown ] [ cisco-extended-linkUp ] [ linkDown ] [ linkUp ] | ospf instance-tag [ lsa | rate-limit rate ] | port-security [ access-secure-mac-violation ] [ trunk-secure-mac-violation ] | rf [ redundancy_framework ] | rmon [ fallingAlarm | hcFallingAlarm | hcRisingAlarm | risingAlarm ] | snmp [ authentication ] | stpx [ inconsistency ] [ loop-consistency ] [ root-inconsistency ] | sysmgr [ cseFailSwCoreNotifyExtended ] | upgrade [UpgradeJobStatusNotify] [ UpgradeOpNotifyOnCompletion ] | zone [ default-zone-behavior-change ] [ merge-failure ] [ merge-success ] [ request-reject1 ] [ unsupp-mem ] | vtp [ notifs | vlancreate | vlandelete ]]

no snmp-server enable traps [ aaa [ server-state-change ] | bgp [ cbgp2 ] | bridge [ newroot ] [ topologychange ] | callhome [ event-notify ] [ smtp-send-fail ] | cfs [ merge-failure ] [ state-change-notif ] | config [ ccmCLIRunningConfigChanged ] | eigrp | entity [ entity_fan_status_change ] [ entity_mib_change ] [ entity_module_inserted ] [ entity_module_removed ] [ entity_module_status_change ] [ entity_power_out_change ] [ entity_power_status_change ] [ entity_unrecognised_module ] | feature-control [ FeatureOpStatusChange ] | hsrp [ state-change ] | license [ notify-license-expiry ] [ notify-license-expiry-warning ] [ notify-licensefile-missing ] [ notify-no-license-for-feature ] | link [ IETF-extended-linkDown ] [ IETF-extended-linkUp ] [ cisco-extended-linkDown ] [ cisco-extended-linkUp ] [ linkDown ] [ linkUp ] | ospf instance-tag [ lsa | rate-limit rate ] | port-security [ access-secure-mac-violation ] [ trunk-secure-mac-violation ] | rf [ redundancy_framework ] | rmon [ fallingAlarm | hcFallingAlarm | hcRisingAlarm | risingAlarm ] | snmp [ authentication ] | stpx [ inconsistency ] [ loop-consistency ] [ root-inconsistency ] | sysmgr [ cseFailSwCoreNotifyExtended ] | upgrade [UpgradeJobStatusNotify] [ UpgradeOpNotifyOnCompletion ] | zone [ default-zone-behavior-change ] [ merge-failure ] [ merge-success ] [ request-reject1 ] [ unsupp-mem ] | vtp [ notifs | vlancreate | vlandelete ]]

Syntax Description

aaa	(Optional) Enables AAA notifications.
server-state- change	(Optional) Enables the server-state-change AAA notification.
bgp	(Optional) Enables CISCO-BGP4-MIB notifications.
cbgp2	(Optional) Enables CISCO-BGP-MIBv2 notifications.
bridge	(Optional) Enables STP bridge MIB notifications.
newroot	(Optional) Enables STP new root bridge notifications.
topologychange	(Optional) Enables STP topology change notifications.
callhome	(Optional) Enables Call Home notifications.
event-notif y	(Optional) Enables Call Home external event notifications.
smtp-send-fail	(Optional) Enables the smtp-send-fail Simple Mail Transfer Protocol (SMTP) message send fail notifications.
cfs	(Optional) Enables Cisco Fabric Services (CFS) notifications.
merge-failure	(Optional) Enables merge failure notifications.
state-change-notif	(Optional) Enables state change notifications.
config	(Optional) Enables configuration change notifications.
ccmCLIRunningConfigChanged	(Optional) Enables CLI running/startup config change notifications.
eigrp	(Optional) Enables EIGRP4-MIB notifications.
entity	(Optional) Enables ENTITY-MIB notifications.
entity_mib_change	(Optional) Enables entity MIB change notifications.
entity_module_ inserted	(Optional) Enables entity module inserted notifications.
entity_module_ removed	(Optional) Enables entity module removed notifications.
entity_module_status_change	(Optional) Enables entity module status change notifications.
entity_power_out_ change	(Optional) Enables entity power out change notifications.
entity_power_status_ change	(Optional) Enables entity power status change notifications.
entity_unrecognised_module	(Optional) Enables entity unrecognized module notifications.
feature-control	(Optional) Enables feature change notifications.
FeatureOpStatusChange	(Optional) Enables feature operation status change notifications.
hsrp	(Optional) Enables CISCO-HSRP-MIB notifications.
state-change	(Optional) Enables the state-change HSRP notifications.
license	(Optional) Enables license notifications.
notify-license-expiry	(Optional) Enables license expiry notifications.
notify-license-expiry-warning	(Optional) Enables license expiry warning notifications.
notify-licensefile- missing	(Optional) Enables license file missing notifications.
notify-no-license-for- feature	(Optional) Enables no license installed for feature notifications.
link	(Optional) Enables IF-MIB link notifications.
IETF-extended-linkDown	(Optional) Enables Internet engineering task force (IETF) extended link state down notifications.
IETF- extended-linkUp	(Optional) Enables IETF extended link state up notifications.
cisco-extended-linkDown	(Optional) Enables Cisco extended link state down notifications.
cisco-extended-linkUp	(Optional) Enables Cisco extended link state up notifications.
linkDown	(Optional) Enables IETF Link state down notifications.
linkUp	(Optional) Enables IETF Link state up notifications
ospf instance-tag	(Optional) Enables Open Shortest Path First (OSPF) notifications.
lsa	(Optional) Enables OSPF LSA notifications.
rate-limit rate	(Optional) Enables rate limits on OSPF notifications. The range is from 2 to 60 seconds. The default is 10 seconds.
port-security	(Optional) Enables port security notifications.
access-secure-mac- violation	(Optional) Enables secure MAC violation notifications.
trunk-secure-mac- violation	(Optional) Enables VLAN secure MAC violation notifications.
rf	(Optional) Enables redundancy framework (RF) SNMP notifications.
redundancy_ framework	(Optional) Enables redundancy_framework (RF) Supervisor switchover MIB notifications.
rmon	(Optional) Enables remote monitoring (RMON) notifications.
fallingAlarm	(Optional) Enables RMON falling alarm notifications.
hcFallingAlarm	(Optional) Enables RMON high capacity falling alarm notifications.
hcRisingAlarm	(Optional) Enables RMON high capacity rising alarm notifications.
risingAlarm	(Optional) Enables RMON rising alarm notifications.
snmp	(Optional) Enables general SNMP notifications.
authentication	(Optional) Enables SNMP authentication notifications.
stpx	(Optional) Enables STPX MIB notifications.
inconsistency	(Optional) Enables SNMP STPX MIB InconsistencyUpdate notifications.
loop-inconsistency	(Optional) Enables SNMP STPX MIBLoop InconsistencyUpdate notifications.
root-inconsistency	(Optional) Enables SNMP STPX MIB RootInconsistencyUpdate notifications.
sysmgr	(Optional) Enables software change notifications.
cseFailSwCoreNotifyExtended	(Optional) Enables software core notifications.
upgrade	(Optional) Enables upgrade notifications.
UpgradeJobStatusNotify	(Optional) Enables upgrade job status notifications.
UpgradeOpNotifyOnCompletion	(Optional) Enables upgrade global status notifications.
zone	(Optional) Enables default zone change notifications.
default-zone-behavior-change	(Optional) Enables default zone behavior change notifications.
merge-failure	(Optional) Enables merge failure notifications.
merge-success	(Optional) Enables merge success notifications.
request-reject1	(Optional) Enables request reject notifications.
unsupp-mem	(Optional) Enables unsupported member notifications.
vtp	(Optional) Enables VLAN Trunking Protocol (VTP) trap notifications.
notifs	(Optional) Enables the following notifications: vtpConfigRevNumberError, vtpConfigDigestError, vtpServerDisabled, vtpVersionOneDeviceDetected, vlanTrunkPortDynamicStatusChange, vtpLocalModeChanged, vtpVersionInUseChanged and vtpPruningStateOperChange.
vlancreate	(Optional) Enables vtpVlanCreated notifications.
vlandelete	(Optional) Enables vtpVlanDeleted notifications.

Defaults

License and SNMP authentication notifications are enabled.

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
6.2(8)	Added the cbgp2 keyword.
5.0(2)	Added the cfs, config, feature-control, rmon, and zone keywords.
4.0(3)	Added the eigrp keyword.
4.0(2)	Added the OSPF rate-limit keyword.
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to enable BGP notifications:

switch# configure terminal

switch(config) snmp-server enable traps bgp

This example shows how to enable VTP notifications:

switch# configure terminal

switch(config) snmp-server enable traps vtp

Related Commands

Command	Description
show snmp trap	Displays the enable or disable state of all SNMP notifications.

snmp-server globalEnforcePriv

To globally enforce privacy for all Simple Network Management Protocol (SNMP) users, use the snmp-server globalEnforcePriv command. To disable global privacy, use the no form of this command.

snmp-server globalEnforcePriv

no snmp-server globalEnforcePriv

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

Use the snmp-server globalEnforcePriv command to enforce privacy on all SNMP users.

This command does not require a license.

Examples

This example shows how to globally enforce privacy for all SNMP contacts:

switch# configure terminal

switch(config)# snmp-server globalEnforcePriv

Related Commands

Command	Description
show snmp	Displays information about SNMP.

snmp-server host

To specify the server host to receive Simple Network Management Protocol (SNMP) notifications, use the snmp-server ho st command. To remove the SNMP server configuration, use the no form of this command.

snmp-server host host-name { snmp-name | filter-vrf {vrf-name | default | management}} | informs { snmp-name | version {1 snmp-name | 2c snmp-name | 3 {auth snmp-name | noauth snmp-name | priv snmp-name}}} | source-interface {ethernet number | loopback number | mgmt number | port-channel number | vlan number} | traps { snmp-name | version {1 snmp-name | 2c snmp-name | 3 {auth snmp-name | noauth snmp-name | priv snmp-name}} | use-vrf {vrf-name | default | management} | version {1 snmp-name | 2c snmp-name | 3 {auth snmp-name | noauth snmp-name | priv snmp-name}} udp-port port

no snmp-server host host-name { snmp-name | filter-vrf {vrf-name | default | management}} | informs { snmp-name | version {1 snmp-name | 2c snmp-name | 3 {auth snmp-name | noauth snmp-name | priv snmp-name}}} | source-interface {ethernet number | loopback number | mgmt number | port-channel number | vlan number} | traps { snmp-name | version {1 snmp-name | 2c snmp-name | 3 {auth snmp-name | noauth snmp-name | priv snmp-name}} | use-vrf {vrf-name | default | management} | version {1 snmp-name | 2c snmp-name | 3 {auth snmp-name | noauth snmp-name | priv snmp-name}} udp-port port

Syntax Description

host-name	IP4 or IPv6 address or name of the host.
snmp-name	SNMP community string or SNMPv3 username. The maximum number of alphanumeric characters is 32.
filter-vrf	Specifies the virtual routing and forwarding (VRF) instance whose notifications are to be filtered.
vrf-name	Name of the VRF. The maximum number of alphanumeric characters is 32.
default	Specifies the default VRF.
management	Specifies the management VRF.
informs	Sends SNMP information to this host.
version	Specifies the SNMP version used to send notifications.
1	Specifies SNMPv1.
2c	Specifies SNMPv2c.
3	Specifies SNMPv3.
auth	Specifies the SNMPv3 authNoPriv security level.
noauth	Specifies the SNMPv3 noAuthNoPriv security level.
priv	Specifies the SNMPv3 authPriv security level.
source-interface	Specifies the source interface used to send SNMP notifications to this host.
ethernet number	Specifies the Ethernet IEEE 802.3z slot number and port number in this format: 1/1. The range for the slot number is from 1 to 18, and the range for the port number is from 1 to 128.
loopback number	Specifies the virtual interface number. The range is from 0 to 1023.
mgmt number	Specifies the management interface number. The value is 0.
port-channel number	Specifies the port-channel number and the subinterface number in this format: 1.1. The range for the port-channel number is from 1 to 4096, and the range for the subinterface number is from 1 to 4093.
vlan number	Specifies the VLAN interface number. The range is from 1 to 4094.
traps	Sends SNMP traps to this host.
use-vrf	Specifies the name of the VRF on which notifications are to be sent.
udp-port port	Specifies the User Datagram Protocol (UDP) port number of the notification host. The range is from 0 to 65535.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.2(1)	This command was introduced.

Usage Guidelines

The source-interface configuration overrides the global source-interface configuration.

This command does not require a license.

Examples

This example shows how to configure an SNMP server host:

switch(config)# snmp-server host 192.0.2.1 traps snmp1 udp-port 1

This example shows how to remove an SNMP server host:

switch(config)# no snmp-server host 192.0.2.1 traps snmp1 udp-port 1

switch(config)#

Related Commands

Command	Description
snmp-server community	Configures the SNMP community string.
snmp-server contact	Configures the SNMP contact information.

snmp-server host filter-vrf

To configure a Simple Network Management Protocol (SNMP) host receiver to gather notifications that occur on a specific virtual routing and forwarding (VRF) instance, use the snmp-server host filter-vrf command. To remove the VRF filter, use the no form of this command.

snmp-server host host-address filter-vrf vrf-name [ udp-port port ]

no snmp-server host host-address filter-vrf vrf-name [ udp-port port ]

Syntax Description

host-address	Name or IP address of the host (the targeted recipient).
vrf-name	Name of the VRF. The name can be any alphanumeric string up to 63 characters.
udp-port port	(Optional) Specifies the port UDP port of the host to use. The range is from 0 to 65535. The default is 162.

Defaults

None

Command Modes

Global configuration mode

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the host receiver to receive notifications from the red VRF.

switch# config terminal

switch(config)# snmp-server host 10.1.1.1 filter-vrf red

Related Commands

Command	Description
show snmp	Displays SNMP information.
snmp-server host	Configures an SNMP host receiver.
snmp-server host use-vrf	Configures Cisco NX-OS to send notifications on the specified VRF to communicate with an SNMP host receiver.

snmp-server host use-vrf

To configure the device to communicate with a Simple Network Management Protocol (SNMP) host receiver on a specific virtual routing and forwarding (VRF) instance, use the snmp-server host use-vrf command. To return to the default, use the no form of this command.

snmp-server host host-address use-vrf vrf-name [ udp-port port ]

no snmp-server host host-address use-vrf vrf-name [ udp-port port ]

Syntax Description

host-address	Name or IP address of the host (the targeted recipient).
vrf-name	Name of the VRF. The name can be any alphanumeric string up to 63 characters.
udp-port port	(Optional) Specifies the port UDP port of the host to use. The range is from 0 to 65535. The default is 162.

Defaults

None

Command Modes

Global configuration mode

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure Cisco NX-OS to communicate with the host receiver on the blue VRF.

switch# config terminal

switch(config)# snmp-server host 10.1.1.1 use-vrf blue

Related Commands

Command	Description
show snmp	Displays SNMP information.
snmp-server host	Configures an SNMP host receiver.
snmp-server host filter-vrf	Sends only notifications on the specified VRF to the host receiver.

snmp-server location

To configure the device location used by the Simple Network Management Protocol (SNMP), use the snmp-server location command. To remove the location, use the no form of this command.

snmp-server location [ location ]

no snmp-server location [ location ]

Syntax Description

location

(Optional) System location. The location can be any alphanumeric string up to 255 characters.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to set the SNMP location:

switch# config terminal

switch(config)# snmp-server location SanJose

Related Commands

Command	Description
show snmp	Displays information about SNMP.

snmp-server mib community-map

To configure the Simple Network Management Protocol (SNMP) version 2c community to context mapping, use the snmp-server mib community-map command. To remove the community to context mapping, use the no form of this command.

snmp-server mib community-map community-string context context-name

no snmp-server mib community-map community-string context context-name

Syntax Description

community-string	SNMP community string. The string can be any alphanumeric string up to 32 characters.
context context-name	Specifies the SNMP context. The name can be any alphanumeric string up to 32 characters.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(2)	This command was introduced.

Usage Guidelines

Use the snmp-server mib community-map command to map between SNMPv2c communities and SNMP contexts. Use the snmp-server context command to map this context to a logical network entity.

For more information on context mapping, see the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 6.x.

This command does not require a license.

Examples

This example shows how to map the public community to the public1 context:

switch# configure terminal

switch(config)# snmp-server mib community-map public context public1

Related Commands

Command	Description
show snmp community	Displays information about SNMP communities.
show snmp context	Displays information about SNMP contexts.
snmp-server context	Maps an SNMP context to a logical network entity.

snmp-server packetsize

To establish control over the largest Simple Network Management Protocol (SNMP) packet size permitted when the SNMP server is receiving a request or generating a reply, use the snmp-server packetsize command. To restore the default, use the no form of this command.

snmp-server packetsize byte-count

no snmp-server packetsize byte-count

Syntax Description

byte-count

Range is 484 to 17382.

Command Default

Packet size is not configured.

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
6.2(10)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

The following example establishes a packet filtering of a maximum size of 1024 bytes:

switch(config)# snmp-server packetsize 1024

snmp-server protocol enable

To enable the Simple Network Management Protocol (SNMP), use the snmp-server protocol enable command. To disable SNMP, use the no form of this command.

snmp-server protocol enable

no snmp-server protocol enable

Syntax Description

This command has no arguments or keywords.

Defaults

Enabled

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(3)	This command was introduced.

Usage Guidelines

Use the no snmp protocol enable command to disable SNMP and close any TCP or UDP ports associated with the protocol.

This command does not require a license.

Examples

This example shows how to disable SNMP:

switch# configure terminal

switch(config)# no snmp-server protocol enable

snmp-server source-interface

To configure a Simple Network Management Protocol (SNMP) source interface through which notifications are sent, use the snmp-server source-interface command. To remove the SNMP source interface configuration, use the no form of this command.

snmp-server source-interface { traps | informs } { ethernet number | loopback number | mgmt number | port-channel number | vlan number }

no snmp-server source-interface { traps | informs } { ethernet number | loopback number | mgmt number | port-channel number | vlan number }

Syntax Description

traps	Sends SNMP traps through the source interface.
informs	Sends SNMP information through the source interface.
ethernet number	Specifies the Ethernet IEEE 802.3z slot number and port number in this format: 1/1. The range for the slot number is from 1 to 18, and the range for the port number is from 1 to 128.
loopback number	Specifies the virtual interface number. The range is from 0 to 1023.
mgmt number	Specifies the management interface number.
port-channel number	Specifies the port-channel number and the subinterface number in this format: 1.1. The range for the port-channel number is from 1 to 4096, and the range for the subinterface number is from 1 to 4093.
vlan number	Specifies the VLAN interface number. The range is from 1 to 4094.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.2(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure an SNMP source interface:

switch(config)# snmp-server source-interface traps ethernet 1/1

This example shows how to remove the SNMP source interface:

switch(config)# no snmp-server source-interface traps ethernet 1/1

switch(config)#

Related Commands

Command	Description
snmp-server community	Configures the SNMP community string.
snmp-server host	Configures a host receiver for SNMP notifications.

snmp-server tcp-session

To enable one-time authentication for Simple Network Management Protocol (SNMP) over a TCP session, use the snmp-server tcp-session command. To disable one-time authentication for SNMP over a TCP session, use the no form of this command.

snmp-server tcp-session [ auth ]

no snmp-server tcp-session [ auth ]

Syntax Description

auth

(Optional) Enables one-time authentication for SNMP over a TCP session.

Defaults

One-time authentication for SNMP over a TCP session is enabled.

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to enable one-time authentication for SNMP over a TCP session.

switch# config t

switch(config)# snmp-server tcp-session auth

Related Commands

Command	Description
show snmp	Displays information about SNMP.

snmp-server user

To configure the Simple Network Management Protocol (SNMP) user information, use the snmp-server user command. To disable the configuration or to revert to factory defaults, use the no form of this command.

snmp-server user username [ group-name ] [ auth { md5 | sha } password [ priv [ aes-128] password ] [localizedkey] [engineID id ]

no snmp-server user username [ group-name ] [ auth { md5 | sha } password [ priv [ aes-128] password ] [localizedkey] [engineID id ]

Syntax Description

username	Name of the user. The name can be any case-sensitive, alphanumeric string up to 32 characters.
group-name	(Optional) Name of the group. The name can be any case-sensitive, alphanumeric string up to 32 characters.
auth	(Optional) Sets authentication parameters for the user.
md5	Uses the MD5 algorithm for authentication.
sha	Uses the SHA algorithm for authentication.
password	User password. The password can be any case-sensitive, alphanumeric string up to 64 characters. If you configure the localizedkey keyword, the password can be any case-sensitive, alphanumeric string up to 130 characters
priv	(Optional) Sets encryption parameters for the user.
aes-128	(Optional) Sets the 128-byte AES algorithm for privacy.
localizedkey	(Optional) Sets passwords in the localized key format. If you configure this keyword, the password can be any case-sensitive, alphanumeric string up to 130 characters.
engineID id	(Optional) Configures the SNMP Engine ID for a notification target user. The engineID format is a 12-digit colon-separated decimal number.

Defaults

None

Command Modes

Global configuration mode

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

Use the snmp-server use r command to configure user authentication and privacy settings for SNMP. If you use the localizedkey keyword, you cannot port the SNMP user configuration across devices because the user password contains information on the engine ID of the device. If you copy a configuration file into the device, the passwords may not be set correctly if the configuration file was generated at a different device. We recommend that you explicitly configure passwords after copying the configuration into the device.

SNMP Version 3 is the most secure model, because it allows packet encryption with the priv keyword.

To assign multiple roles to a user, configure multiple snmp-server user username group-name commands. The group-name argument is defined by the role name command.

If you are configuring an SNMP notification target user, use the engineID keyword to configure the SNMP engine ID for this user.

To delete the user or the role associated with that user, use the no form of this command.

Note You cannot delete the last role for a user.

This command does not require a license.

Examples

This example shows how to set the user authentication information for user jane:

switch# config terminal

switch(config)# snmp-server user jane network-admin auth sha abcd1234

This example shows how to multiple roles for user sam:

switch# config terminal

switch(config)# snmp-server user sam network-admin

switch(config)# snmp-server user sam testrole

This example shows how to set user authentication and privacy information for user Juan:

switch# config terminal

switch(config)# snmp-server user Juan network-admin auth sha abcd1234 priv abcdefgh

This example shows how to set user authentication and SNMP engine ID for a notification target user:

switch# config terminal

switch(config)# snmp-server user notifUser network-admin auth sha abcd1234 engineID 00:12:00:00:09:03:00:05:48:00:74:30

Related Commands

Command	Description
role name	Configures role profiles used as SNMP group names.
show snmp	Displays SNMP information.
snmp-server host	Configures SNMP server host information.

snmp-server user enforcePriv

To enforce privacy for a Simple Network Management Protocol (SNMP) user, use the snmp-server user enforcePriv command. To revert to factory defaults, use the no form of this command.

snmp-server user username enforcePriv

no snmp-server user username enforcePriv

Syntax Description

username

Name of the user. The name can be any case-sensitive, alphanumeric string up to 32 characters.

Defaults

None

Command Modes

Global configuration mode

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to enforce privacy for the user joe:

switch# config terminal

switch(config)# snmp-server user joe enforcePriv

Related Commands

Command	Description
role name	Configures role profiles used as SNMP group names.
show snmp	Displays SNMP information.
snmp-server user	Configures SNMP user information.

snmp-trap

To generate a Simple Network Management Protocol (SNMP) trap when an Embedded Event Manager (EEM) applet is triggered, use the snmp-trap command.

snmp-trap [ intdata1 integer-data1 ] [ intdata2 integer-data2 ] [ strdata string-data ] event-type ev_type policy-name name

Syntax Description

intdata1 integer-data1	(Optional) Specifies an integer to be sent in the SNMP trap message to the SNMP agent.
intdata2 integer-data2	(Optional) Specifies a second integer to be sent in the SNMP trap message to the SNMP agent.
strdata string-data	(Optional) Specifies a string to be sent in the SNMP trap message to the SNMP agent. If the string contains embedded blanks, enclose it in double quotation marks.
event-type	Specifies the event type.
ev_type	Event type.
policy-name	Specifies the policy name.
name	Policy name.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to generate an SNMP trap when an EEM applet is triggered:

switch(config)# event manager applet snmp-applet

switch(config-applet)# action 1 snmp-trap strdata "EEM detected server failure”

switch(config-applet)#

Related Commands

Command	Description
syslog	Configures a syslog message to generate when an Embedded Event Manager (EEM) applet is triggered.

source

To configure the NetFlow exporter interface to use to reach the NetFlow collector for the configured destination, use the source command. To remove the source, use the no form of this command.

source if-type if-number

no source [ if-type if-number ]

Syntax Description

if-type	Interface type. For more information, use the question mark (?) online help function.
if-number	Interface or subinterface number. For more information about the numbering syntax for your networking device, use the question mark (?) online help function.

Defaults

None

Command Modes

NetFlow exporter configuration (config-flow-exporter)

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the NetFlow exporter source interface:

switch(config)# flow exporter Netflow-Exporter-1

switch(config-flow-exporter)# source Ethernet3/11

switch(config-flow-exporter)#

This example shows how to remove the Netflow exporter source interface configuration:

switch(config-flow-exporter)# no source Ethernet3/11

switch(config-flow-exporter)#

Related Commands

Command	Description
show flow exporter	Displays information about NetFlow exporters.

source

To configure sources and the traffic direction in which to copy packets, use the source command. To remove sources, use the no form of this command.

source { exception {all | fabricpath | layer3 | other} | interface { all | ethernet { slot-number / port-number | range }| port-channel { port-channel-number | range } | sup-eth inband-interface-number } | vlan { number | range } [ both | rx | tx]}

no source { exception {all | fabricpath | layer3 | other} | interface { all | ethernet { slot-number / port-number | range }| port-channel { port-channel-number | range } | sup-eth inband-interface-number } | vlan { number | range } [ both | rx | tx]}

Syntax Description

exception	Specifies exception sources. You can specify all, fabricpath, layer3 and other sources as exception sources.
interface	Specifies interfaces. Use the all keyword to enable the monitor session to monitor all VLANs and ports in the VDC such as physical ports, Port Channels, FEX ports and FEX Port Channels. The all keyword is supported only in extended SPAN and extended ERSPAN sessions.
ethernet	Specifies ethernet interfaces.
slot-number	Specifies the slot-number. The range is from 1 to 253.
port-number	Specifies the port-number. The range is from 1 to 254.
range	Specifies the range.
port-channel	Specifies port-channel interfaces.
port-channel-number	Specifies the port-channel number. The range is from 1 to 4096.
sup-eth	Specifies the ethernet inband interface.
inband-interface-number	Specifies the ethernet inband interface number. You can only specify the value as 0.
vlan	Specifies a VLAN.
number	Specifies the VLAN number. The range is from 1 to 3967.
rx	Specifies traffic direction as ingress.
tx	Specifies traffic direction as egress.
both	Specifies traffic direction as both ingress and egress.

Defaults

None

Command Modes

Monitor configuration (config- monitor)

Supported User Roles

network-admin
vdc-admin

network-operator

vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	You can use the all keyword to enable the monitor session to monitor all VLANs and ports in the VDC such as physical ports, Port Channels, FEX ports and FEX Port Channels.
4.0(1)	This command was introduced.

Usage Guidelines

You can configure one or more sources, as either a series of comma-separated entries, or a range of numbers. You can specify up to 128 interfaces.

This command does not require a license.

Examples

This example shows how to configure sources and the traffic direction in which to copy packets:

switch(config)# monitor session 1

switch(config-monitor)# source vlan 3, 6-10 tx

switch(config)# monitor session 2

switch(config-monitor)# source interface sup-eth 0 both

switch(config)# monitor session 2

switch(config-monitor)# source interface ethernet 2/1-3, ethernet 3/1 rx

This example shows how to remove a source configuration:

switch(config-monitor)# no source vlan 3, 6-10 tx

This example shows how to enable the monitor session to monitor all VDC ports:

switch(config)# monitor session 2

switch(config-monitor)# source interface all rx

Related Commands

Command	Description
show monitor session	Displays the virtual SPAN or ERSPAN configuration.
copy running-config startup-config	Copies the running configuration to the startup configuration.

source exception

To configure the source as an exception Ethernet Switched Port Analyzer (SPAN) or Encapsulated Remote Switched Port Analyzer (ERSPAN) session, use the source exception command. To remove the source as an exception SPAN or ERSPAN session, use the no form of this command.

source exception {layer3 | fabricpath | other | all}

no source exception {layer3 | fabricpath | other | all}

Syntax Description

layer3	Specifies the Layer 3 exception type for F2 Series and M Series modules.
fabricpath	Specifies the FabricPath exception type for F Series modules.
other	Specifies exceptions for M Series modules that are dropped through redirect registers programmed with a drop destination interface.
all	Includes all Layer 3, FabricPath, and other exceptions.

Defaults

None

Command Modes

config-monitor mode (for a SPAN session)

config-erspan-src mode (for an ERSPAN session)

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
6.2(2)	This command was introduced.

Usage Guidelines

M1 and M2 Series modules support exception SPAN only in the nonadministration virtual device context (VDC), and at least one interface of the module must be present for the VDC.

This command does not require a license.

Examples

This example shows how to configure the source as an exception SPAN session:

switch(config)# monitor session 1

switch(config-monitor)# source exception all

This example shows how to configure the source as an exception ERSPAN session:

switch(config)# monitor session 3 type erspan-source

switch(config-erspan-src)# source exception all

Related Commands

Command	Description
monitor session	Enters the monitor configuration mode.
show monitor session	Displays the virtual SPAN or ERSPAN configuration.

switchport monitor

To configure the switchport interface as a Switched Port Analyzer (SPAN) destination, use the switchport monitor command. To disable the configuration, use the no form of this command.

switchport monitor [ingress [learning]]

no switchport monitor [ingress [learning]]

Syntax Description

ingress	(Optional) Allows the SPAN destination port to inject packets that disrupt a certain TCP packet stream, for example, in networks with an intrusion detection system (IDS).
learning	(Optional) Allows the SPAN destination port to inject packets, and allows the learning of MAC addresses, for example, the IDS MAC address.

Defaults

None

Command Modes

Interface configuration mode

Command History

Release	Modification
4.1(2)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the Ethernet interface 7/2 as a SPAN destination:

switch# config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)# interface eth 7/2

switch(config-if)# switchport monitor

switch(config-if)#

This example shows how to configure the Ethernet interface 7/2 as a SPAN destination and allow it to inject packets and learn MAC addresses:

switch# config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)# interface eth 7/2

switch(config-if)# switchport monitor ingress learning

switch(config-if)#

This example shows how to disable the SPAN destination on Ethernet interface 7/2:

switch# config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)# interface eth 7/2

switch(config-if)# no switchport monitor

switch(config-if)#

Related Commands

Command	Description
monitor session	Enters the monitor configuration mode for configuring a SPAN session.
show monitor session	Displays the SPAN or ERSPAN session configuration.

switchport monitor exclude header

To remove the FabricPath and VLAN tag headers for the specified SPAN destination ports in the VDC, use the switchport monitor exclude header command. To disable the configuration, use the no form of this command.

switchport monitor exclude header

no switchport monitor exclude header

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Interface configuration mode

Command History

Release	Modification
6.2(10)	This command was introduced.

Usage Guidelines

This command does not require a license.

When you enter both the global and port-level configurations for this feature, the port-level overrides the global configuration.

Examples

This example shows how to configure the Ethernet interface 7/2 to remove the FabricPath and VLAN tag headers to SPAN destination ports:

switch# config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)# interface eth 7/2

switch(config-if)# switchport monitor exclude header

switch(config-if)#

Related Commands

Command	Description
show running-config	Displays the configuration for removing the FabricPath and VLAN tag headers from specified SPAN destination ports.

system cores

To configure the destination for the system core, use the system cores command. To revert to the default, use the no form of this command.

system cores { slot0: [ path ] | tftp:/ server // [ path / ]} filename

no system cores

Syntax Description

slot0:	Specifies the slot0: external file system.
path /	(Optional) Directory path to the file. The directory names in the path are case sensitive.
tftp:	Specifies a TFTP server.
/ server //	Name or IPv4 address of the TFTP server. The server name is case sensitive.
filename	Name for the core file. The name is alphanumeric, case sensitive, and has a maximum of 32 characters.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure a core file:

switch# configure terminal

switch(config)# system cores slot0:core_file

This example shows how to disable system core logging:

switch# configure terminal

switch(config)# no system cores

Related Commands

Command	Description
clear system cores	Clears the core file.
show system cores	Displays the core filename.

system default switchport monitor exclude header

To remove the FabricPath and VLAN tag headers for all SPAN destination ports in the VDC, use the system default switchport monitor exclude header command. To disable the configuration, use the no form of this command.

system default switchport monitor exclude header

no system default switchport monitor exclude header

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration mode

Command History

Release	Modification
6.2(10)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure all SPAN destination ports to remove the FabricPath and VLAN tag headers:

switch# config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)# system default switchport monitor exclude header

switch(config)#

Related Commands

Command	Description
show running-config	Displays the configuration for removing the FabricPath and VLAN tag headers from all SPAN destination ports.

system hap-reset

To enable the Supervisor Reset high availability (HA) policy, use the system hap-reset command.

system hap-reset

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to enable the Supervisor Reset HA policy:

switch(config)# system hap-reset

switch(config)#

Related Commands

Command	Description
show system standby manual-boot	Displays the status of the system standby manual boot option.

system heartbeat

To enable heartbeat checks (default) and revert to the factory default, use the system heartbeat command.

system heartbeat

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to enable the heartbeat checks (default) and revert to the factory default:

switch(config)# system heartbeat

switch(config)#

Related Commands

Command	Description
system no hap-reset	Disables the heartbeat checks (default) and reverts to the factory default.

system mode maintenance

To put the switch in maintenance mode, use the system mode maintenance command. To exit the maintenance mode and return to normal mode, use the no form of the command.

system mode maintenance

no system mode maintenance

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration (config)

Supported User Roles

network-admin

vdc-admin
network-operator
vdc-operator

Command History

Release	Modification
8.0(1)	This command has been enhanced to execute a normal mode profile and activate a timer ensuring that sufficient time is provided for the switch to complete any hardware programming that may be going on before the after_maintenance snapshot is taken.
7.3(0)D1(1)	This command was modified. The default mode for Graceful Insertion and Removal (GIR) is “isolate”.
7.2(0)D1(1)	This command was introduced. The default mode for GIR is “shutdown”.

Usage Guidelines

In Cisco NX-OS Release 7.2(0)D1(1), the default mode for Graceful Insertion and Removal (GIR) is "shutdown". The switch will use the shutdown command to bring down the protocols and shut down the physical ports.

Starting with Cisco NX-OS Release 7.3(0)D1(1),the default mode for GIR is ïsolate". The switch will use the isolate command to isolate the protocols from the network. The switch will then be isolated from the network but is not shut down.

Starting with Cisco NX-OS release 8.0(1), the [no] system mode maintenance command has been enhanced to execute a normal mode profile and activate a timer ensuring that sufficient time is provided for the switch to complete any hardware programming that may be going on before the after_maintenance snapshot is taken. Once the timer expires, the after_maintenance snapshot is taken in the background and a new warning syslog message, MODE_SNAPSHOT_DONE, is sent after the snapshot is complete. The default delay timer value is 120 seconds. The output of the [no] system

mode maintenance command displays the delay timer value, in seconds, after which the

after_maintenance snapshot is generated:

The after_maintenance snapshot will be generated in <delay> seconds. After that time, please use 'show snapshots compare before_maintenance after_maintenance' to check the health of the system.

Starting with Cisco NX-OS Release 8.0(1), a visible CLI indicator has been added to show that the system is in maintenance mode. For example, switch(config)# will appear as switch(maint-mode)(config)#.

This command does not require a license

Examples

This example shows how to put the switch in maintenance mode:

switch# configure terminal

switch(config)# system mode maintenance

Following configuration will be applied:

router bgp 100

isolate

router ospf 100

isolate

router isis 100

isolate

Do you want to continue (y/n)? [no] y

Generating a snapshot before going into maintenance mode

Starting to apply commands...

Applying : router bgp 100

Applying : isolate

Applying : router ospf 100

Applying : isolate

Applying : router isis 100

Applying : isolate

Maintenance mode operation successful.

This example shows how to put a switch, running the Cisco NX-OS Release 8.0(1), in maintenance mode:

switch# configure terminal

switch(config)# system mode maintenance

Following configuration will be applied:

router bgp 100

isolate

router ospf 100

isolate

router isis 100

isolate

Do you want to continue (yes/no)? [no] y

Generating before_maintenance snapshot before going into maintenance mode

Starting to apply commands...

Applying : router bgp 100

Applying : isolate

Applying : router ospf 100

Applying : isolate

Applying : router isis 100

Applying : isolate

Maintenance mode operation successful.

switch(maint-mode)(config)# 2016 Dec 5 06:19:13 switch %$ VDC-1 %$ %

MMODE-2-MODE_CHANGED: System changed to "maintenance" mode.

This example shows how to exit the maintenance mode and return to normal mode:

switch# configure terminal

switch(config)# no system mode maintenance

Following configuration will be applied:

router isis 100

no isolate

router ospf 100

no isolate

router bgp 100

no isolate

Do you want to continue (y/n)? [no] y

Starting to apply commands...

Applying : router isis 100

Applying : no isolate

Applying : router ospf 100

Applying : no isolate

Applying : router bgp 100

Applying : no isolate

Maintenance mode operation successful.

Generating Current Snapshot

Please use 'show snapshots compare before_maintenance after_maintenance' to check the health of the system

This example shows how to exit the maintenance mode and return to normal mode on a switch running the Cisco NX-OS Release 8.0(1):

switch# configure terminal

switch(config)# no system mode maintenance

Following configuration will be applied:

router isis 100

no isolate

router ospf 100

no isolate

router bgp 100

no isolate

Do you want to continue (y/n)? [no] y

Starting to apply commands...

Applying : router isis 100

Applying : no isolate

Applying : router ospf 100

Applying : no isolate

Applying : router bgp 100

Applying : no isolate

Maintenance mode operation successful.

The after_maintenance snapshot will be generated in 120 seconds

After that time, please use 'show snapshots compare before_maintenance after_maintenance' to check the health of the system

switch(config)# 2016 Dec 5 06:20:23 switch %$ VDC-1 %$ %MMODE-2-MODE_CHANGED: System changed to"normal" mode.

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.
system mode maintenance always-use- custom-profile	Applies the existing custom maintenance mode profile and prevents creation of auto-generated maintenance mode profile.
system mode maintenance on-reload reset-reason	Boots the switch into maintenance mode automatically in the event of a specified system crash.
system mode maintenance shutdown	Shuts down all protocols and interfaces except the management interface (by using the shutdown command and not the default isolate command).
system mode maintenance timeout	Configures the maintenance window timer to keep the switch in maintenance mode for a specified number of minutes.

system mode maintenance always-use-custom-profile

To apply the existing custom maintenance-mode profile and prevent creation of auto-generated maintenance-mode profile, use the system mode maintenance always-use-custom-profile command.

system mode maintenance always-use-custom-profile

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	This command was introduced.

Usage Guidelines

The always-use-custom-profile option forces the dont-generate-profile option to be used even if it has not been specified using the system mode maintenance command. You cannot use the "shutdown" option when the always-use-custom-profile option is being used.

This command does not require a license.

Examples

This example shows how to always apply the existing custom maintenance mode profile and prevent creation of auto-generated maintenance mode profile:

switch(config)# system mode maintenance always-use-custom-profile

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show run mmode	Displays the currently running maintenance profile configuration on a switch.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.
system mode maintenance on-reload reset-reason	Boots the switch into maintenance mode automatically in the event of a specified system crash.
system mode maintenance shutdown	Shuts down all protocols and interfaces except the management interface (by using the shutdown command and not the default isolate command).
system mode maintenance timeout	Configures the maintenance window timer to keep the switch in maintenance mode for a specified number of minutes.

system mode maintenance dont-generate-profile

To prevent the dynamic searching of enabled protocols and put the switch in maintenance mode by executing commands configured in a custom maintenance mode profile, use the system mode maintenance dont-generate-profile command. To exit maintenance mode and return to normal mode, use the no form of this command.

system mode maintenance dont-generate-profile

no system mode maintenance dont-generate-profile

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration (config)

Supported User Roles

network-admin

vdc-admin
network-operator
vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to prevent the dynamic searching of enabled protocols and put the switch in maintenance mode by executing commands configured in a custom maintenance mode profile:

switch(config)# system mode maintenance dont-generate-profile

Following configuration will be applied:

router bgp 100

isolate

sleep instance 1 10

interface Ethernet1/1

shutdown

Do you want to continue (y/n)? [no] y

Generating a snapshot before going into maintenance mode

Starting to apply commands...

Applying : router bgp 100

Applying : isolate

Applying : sleep instance 1 10

Applying : interface Ethernet1/1

Applying : shutdown

Maintenance mode operation successful.

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show run mmode	Displays the currently running maintenance profile configuration on a switch.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.
system mode maintenance on-reload reset-reason	Boots the switch into maintenance mode automatically in the event of a specified system crash.
system mode maintenance shutdown	Shuts down all protocols and interfaces except the management interface (by using the shutdown command and not the default isolate command).
system mode maintenance timeout	Configures the maintenance window timer to keep the switch in maintenance mode for a specified number of minutes.

system mode maintenance non-interactive

To put the switch in maintenance mode without presenting any switch prompts, use the system mode maintenance non-interactive command. To return to normal mode from maintenance mode without presenting any switch prompts, use the no form of this command.

system mode maintenance non-interactive

no system mode maintenance non-interactive

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration (config)

Supported User Roles

network-admin
vdc-admin
network-operator
vdc-operator

Command History

Release	Modification
8.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to put the switch in maintenance mode without presenting any switch prompts:

switch(config)# system mode maintenance non-interactive

System mode switch to maintenance mode started. Will continue in background.

switch(config)# 2016 Dec 5 08:46:42 switch %$ VDC-1 %$ %MMODE-2-

MODE_CHANGED: System changed to "maintenance" mode.

switch(maint-mode)(config)#..

This example shows how to put the switch in normal mode from maintenance mode without presenting any switch prompts:

switch(config)# no system mode maintenance non-interactive

System mode switch to normal mode started. Will continue in background.

switch(maint-mode)(config)# 2016 Dec 5 08:48:01 switch %$ VDC-1 %$ %

MMODE-2-MODE_CHANGED: System changed to "normal" mode.

switch(config)#

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show run mmode	Displays the currently running maintenance profile configuration on a switch.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.

system mode maintenance on-reload reset-reason

To boot the switch into maintenance-mode automatically in the event of a specified system crash, use the system mode maintenance on-reload reset-reason command. To prevent the switch from being brought up in maintenance mode in the event of a system crash, use the no form of this command.

system mode maintenance on-reload reset-reason reason

no system mode maintenance on-reload reset-reason reason

Syntax Description

reason

Specifies the reset reason. The reset reasons are as follows:

HW_ERROR—Hardware error
SVC_FAILURE—Critical service failure
KERN_FAILURE—Kernel panic
WDOG_TIMEOUT—Watchdog timeout
FATAL_ERROR—Fatal error
MANUAL_RELOAD---Manual reload
MAINTENANCE—Reloads the switch in maintenance mode if the switch was already in maintenance mode before reload.
MATCH_ANY—Any of the above reasons
ANY_OTHER—Any reload reason not specified above

Defaults

None

Command Modes

Global configuration (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	This command was introduced.

Usage Guidelines

We recommend configuring the reset reason and saving it to the startup configuration. This enables the switch to go into the maintenance mode after a switch reloads due to any reason.

This command does not require a license.

Examples

This example shows how to automatically boot the switch into maintenance mode if a fatal error or a hardware error occurs

switch(config)# system mode maintenance on-reload reset-reason fatal_error

switch(config)# system mode maintenance on-reload reset-reason hw_error

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show run mmode	Displays the currently running maintenance profile configuration on a switch.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.
system mode maintenance shutdown	Shuts down all protocols and interfaces except the management interface (by using the shutdown command and not the default isolate command).
system mode maintenance timeout	Configures the maintenance window timer to keep the switch in maintenance mode for a specified number of minutes.

system mode maintenance shutdown

To shut down all protocols and interfaces except the management interface (by using the shutdown command and not the default isolate command), use the system mode maintenance shutdown command.

system mode maintenance shutdown

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to shut down all protocol and interfaces on the switch except the management interface:

switch# configure terminal

switch(config)# system mode maintenance shutdown

Following configuration will be applied:

router bgp 100

shutdown

router ospf 100

shutdown

router isis 100

shutdown

system interface shutdown

Do you want to continue (y/n)? [no] y

Generating a snapshot before going into maintenance mode

Starting to apply commands...

Applying : router bgp 100

Applying : shutdown

Applying : router ospf 100

Applying : shutdown

Applying : router isis 100

Applying : shutdown

Applying : system interface shutdown

Maintenance mode operation successful.

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show run mmode	Displays the currently running maintenance profile configuration on a switch.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.
system mode maintenance on-reload reset-reason	Boots the switch into maintenance mode automatically in the event of a specified system crash.
system mode maintenance timeout	Configures the maintenance window timer to keep the switch in maintenance mode for a specified number of minutes.

system mode maintenance snapshot-delay

To change the snapshot-delay timer value, use the system mode maintenance snapshot-delay command. To remove the configured timer value, use the no form of this command.

system mode maintenance snapshot-delay delay-in-seconds

no system mode maintenance snapshot-delay delay-in-seconds

Syntax Description

delay-in-seconds

Snapshot-delay timer value, in seconds. The range is from 0 to 65535.

Defaults

The default snapshot-delay timer value is 120 seconds.

Command Modes

Global configuration (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
8.0(1)	This command was introduced.

Usage Guidelines

The [no] system mode maintenance command has been enhanced from the previous release to execute a normal mode profile and activate a timer ensuring that sufficient time is provided for the switch to complete any hardware programming that may be going on before the after_maintenance snapshot is taken. Once the timer expires, the after_maintenance snapshot is taken in the background and a new warning syslog message, MODE_SNAPSHOT_DONE, is sent after the snapshot is complete.

Use the system mode maintenance snapshot-delay delay-in-seconds command to change the snapshot-delay timer value.

This command does not require a license.

Examples

This example shows how to change the snapshot-delay timer value:

switch(config)# system mode maintenance snapshot-delay 5000

The after_maintenance snapshot delay has been set to 5000 seconds.

This example shows how to remove the configured snapshot-delay timer value:

switch(config)# no system mode maintenance snapshot-delay 5000

Using default after_maintenance snapshot delay of 120 seconds.

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show run mmode	Displays the currently running maintenance profile configuration on a switch.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.

system mode maintenance timeout

To configure the maintenance window timer to keep the switch in maintenance mode for a specified number of minutes, use the system mode maintenance timeout command. To remove the configured timer, use the no form of this command.

system mode maintenance timeout value

no system mode maintenance timeout value

Syntax Description

value

Specifies the number of minutes for which the switch will be in maintenance mode. Range is from 5 to 65535 minutes.

Defaults

None

Command Modes

Global configuration (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
7.3(0)D1(1)	This command was introduced.

Usage Guidelines

We recommend setting the timeout value to at least 30 minutes. Once the configured time elapses, the switch returns to normal mode automatically.

This command does not require a license.

Examples

This example shows how to keep the switch in maintenance mode for a specific number of minutes:

switch# configure terminal

switch(config)# system mode maintenance timeout 30

Related Commands

Command	Description
configure maintenance profile	Enters a maintenance profile configuration session to create a custom maintenance mode profile or a custom normal mode profile.
show run mmode	Displays the currently running maintenance profile configuration on a switch.
show system mode	Displays the current system mode and the current state of the maintenance mode timer when the switch is in maintenance mode.
system mode maintenance on-reload reset-reason	Boots the switch into maintenance mode automatically in the event of a specified system crash.

system no hap-reset

To disable the Supervisor Reset high availability (HA) policy, use the system no hap-reset command.

system no hap-reset

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to disable the Supervisor Reset HA policy:

switch(config)# system no hap-reset

switch(config)#

Related Commands

Command	Description
system hap-reset	Enables the Supervisor Reset HA policy.

system no heartbeat

To disable the heartbeat checking (default) and revert to the factory default, use the system no heartbeat command.

system no heartbeat

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to disable the heartbeat checks (default) and revert to the factory default:

switch(config)# system no heartbeat

switch(config)#

Related Commands

Command	Description
system heartbeat	Enables the heartbeat checks (default) and reverts to the factory default.

system no standby manual-boot

To disable the system standby manual boot option, use the system no standby manual-boot command.

system no standby manual-boot

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to disable the system standby manual boot option:

switch(config)# system no standby manual-boot

system standby manual-boot option disabled

switch(config)#

Related Commands

Command	Description
show system standby manual-boot	Displays the status of the system standby manual boot option.

system no watchdog

To disable the watchdog feature, use the system no watchdog command.

system no watchdog

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to disable the watchdog feature:

switch(config)# system no watchdog

switch(config)#

Related Commands

Command	Description
system no watchdog kgdb	Prevents the system from entering the Linux KGDB debugger on a watchdog failure.

system no watchdog kgdb

To prevent the system from entering the Linux KGDB debugger on a watchdog failure, use the system no watchdog kgdb command.

system no watchdog kgdb

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to prevent the system from entering the Linux KGDB debugger on a watchdog failure:

switch(config)# system no watchdog kgdb

switch(config)#

Related Commands

Command	Description
system no watchdog	Disables the watchdog feature.

system pss shrink

To shrink Persistent Storage Service (PSS) files on the system, use the system pss shrink command.

system pss shrink

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to shrink PSS files on the system:

switch(config)# system pss shrink

pss shrink completed

switch(config)

Related Commands

Command	Description
show system pss shrink status	Displays the last PSS shrink status.

system scale-limit monitor

To enable scale limit monitoring on a switch, use the system scale-limit monitor command. To disable scale limit monitoring, use the no form of this command

system scale-limit monitor time-in-minutes

no system scale-limit monitor

Syntax Description

time-in-minutes

Specifies the interval (in minutes) at which the scale limits are monitored. The range is from 5 minutes to 43200 minutes (30 days).

Defaults

Scale-limit monitoring is disabled.

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin
network-operator
vdc-operator

Command History

Release	Modification
7.2(1)D1(1)	This command was introduced.

Usage Guidelines

You can use the system scale-limit monitor command to monitor the following 16 scale parameters:

FEX server interfaces
F1 HW entries
Virtual Port Channels (vPCs)
Fabric Extenders (FEXs)
Edge ports
Port channels
Intermediate System-to-Intermediate System (IS-IS) adjacencies
Bidirectional Forwarding Detection (BFD) sessions
L2-mroutes
M2 HW entries
Core ports
M1 HW entries
FabricPath Switch IDs
VLANs
FabricPath Topologies
F2/F2e HW entries

This command does not require a license.

Examples

This example shows how to enable scale limit monitoring on a switch:

switch(config)# system scale-limit monitor 40

Related Commands

Command	Description
show system internal scale-parameters	Displays the scale parameters.

system standby manual-boot

To display the standby manual-boot status, use the system standby manual-boot command.

system standby manual-boot

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to display the standby manual-boot status:

switch(config)# system standby manual-boot

system standby manual-boot option enabled

switch(config)#

Related Commands

Command	Description
system startup-config init	Initializes the startup configuration.

system startup-config init

To initialize the startup configuration, use the system startup-config init command.

system startup-config init

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to initialize the startup configuration:

switch(config)# system startup-config init

WARNING: This command is going to re-initialize the contents of the startup-conf

iguration.

Do you want to continue? (y/n) [y]

Related Commands

Command	Description
system startup-config unlock	Releases the system startup-configuration lock.

system startup-config unlock

To release a system startup-configuration lock, use the system startup-config unlock command.

system startup-config unlock luck-id

Syntax Description

luck-id

Startup-configuration lock ID. The range is from 0 to 65536.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to release a system startup-configuration lock:

switch(config)# system startup-config unlock

switch(config)#

Related Commands

Command	Description
system startup-config init	Initializes the startup configuration.

system test-preupgrade running-ver

To test the running software version before an upgrade, use the system test-preupgrade running-ver command.

system test-preupgrade running-ver version-number target-ver target-number swid id impact impact-number

Syntax Description

version-number	Software version number currently running on the system.
target-ver	Specifies the target version of the software.
target-number	Target version.
swid	Specifies the software ID of the image running on a module: system or kickstart.
id	Software ID.
impact	Specifies the impact: 0 for hitless and 1 for hitful.
impact-number	Impact number.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to test the running software version before an upgrade:

switch(config)# system test-preupgrade running-ver 4.2<0.202> target-ver Update

swid 4.2.1 impact 0

System will be upgraded according to following table:

Module Swid Impact Running-Version New-Version Upg-Required

------ ---------- ---------- -------------------- -------------------- ------------

6 4.2.1 hitless 4.2<0.202> Update

9 4.2.1 hitless 4.2<0.202> Update

11 4.2.1 hitless 4.2<0.202> Update

Final upgrade impact table:

Module Impact

------ ----------

6 hitless

9 hitless

11 hitless

Message from services:

switch(config)#

Related Commands

Command	Description
system startup-config unlock	Releases a system startup-configuration lock.
system startup-config init	Initializes the startup configuration.

system switchover

To switch over to the standby supervisor, use the system switchover command.

system switchover

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to switch over to the standby supervisor:

switch# system switchover

switch#

Related Commands

Command	Description
show system redundancy	Displays the system redundancy status.

system trace

To configure a system trace level, use the system trace command. To remove the system trace level configuration, use the no form of this command.

system trace bit-mask

no system trace [ bit-mask ]

Syntax Description

bit-mask

Bit mask to use to change the trace level of the system.

Defaults

None

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
vdc-admin

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure a system trace level:

switch(config)# system trace

switch(config)#

This example shows how to remove the system trace level configuration:

switch(config)# system no trace

switch(config)#

Related Commands

Command	Description
show cores	Displays the system core files.

system watchdog

To enable watchdog checks, use the system watchdog command.

system watchdog

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to enable watchdog checks:

switch(config)# system watchdog

switch(config)#

Related Commands

Command	Description
system no watchdog	Disables the watchdog feature.
system no watchdog kgdb	Prevents the system from entering the Linux KGDB debugger on a watchdog failure.

system watchdog kgdb

To configure the system to enter the Linux KGDB debugger on a watchdog failure, use the system watchdog kgdb command.

system watchdog kgdb

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release	Modification
4.0(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the system to enter the Linux KGDB debugger on a watchdog failure:

switch(config)# system watchdog kgdb

switch(config)#

Related Commands

Command	Description
system watchdog	Enables the watchdog feature.
system no watchdog	Disables the watchdog feature.

Bias-Free Language

Results

Chapter: S Commands

S Commands

sampler

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

sampling

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

save

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

scheduler

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

shut

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

sleep instance

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

snapshot create

Syntax Description

Defaults

Command History

Examples

Related Commands

snapshot delete

Syntax Description

Defaults

Command History

Usage Guidelines

Examples

Related Commands

snapshot section

Syntax Description

Defaults

Command History

Usage Guidelines

Examples

Related Commands

snmp-server aaa-user cache-timeout

Syntax Description

Defaults

Command Modes

Command History

Usage Guidelines

Examples