Legal Notices
About This Guide
- Using This Guide
- Related Publications
- Conventions
- Commonly Used Acronyms
- Getting Help
- Providing Feedback to Us
CLI Properties Commands
- set prompt
- set cli completion
- loop
- show banner
- set banner
- clear banner
- history
- show history
- set history
- show version
- show width
- show length
- set width
- set length
- show logout
- set logout
- cls (clear screen)
- configure
- exit | quit
Line Editor Commands
- show line-editor
- set line-editor
Setting User Accounts and Passwords
- Commands
- show system login
- set system login
- clear system login
- show security boot-access
- set security boot-access
- clear security boot-access
- show security fips mode
- set security fips mode
- clear security fips mode
- show security profile
- set security profile
- clear security profile
- set password
- show system password
- set system password
- clear system password
- show system lockout
- set system lockout
- clear system lockout
Setting the Authentication Login Method
- show authentication login
- set authentication login
- clear authentication login
Setting WebView
- show webview
- set webview
- set webview port
Internet Protocol Security (IPsec) Commands
- IPsec Commands
- IKE Proposal Commands
- IKE Policy Commands
- IKE Map Commands
  - crypto ike-map
  - dst
  - dst-port
  - encapsulation
  - lifetime
  - policy
  - proposal
  - protocol udp
  - request
  - src
  - src-port
- Show Commands
Public-Key Infrastructure (PKI) Commands
- show pki certificate
- show config pki
- set pki certificate
- clear pki certificate
- show pki oscp
- set pki ocsp
- set pki ocsp signature-ca-list
- clear pki ocsp signature-ca-list
- set pki ocsp nonce
- set pki ocsp responder
- clear pki ocsp responder
- show pki authorization
- set pki authorization username
- set pki authorization username attribute
- clear pki authorization
Management Authentication Notification MIB Commands
- show mgmt-auth-notify
- set mgmt-auth-notify
- clear mgmt-auth-notify
System Properties Commands
- show chassis compatibility-mode (S-Series)
- set chassis compatibility-mode (S-Series)
- clear chassis compatibility-mode (S-Series)
- set ip interface
- clear ip interface
- set ip address
- clear ip address
- show system
- show system hardware
- show system utilization
- set system utilization threshold
- clear system utilization
- show time
- set time
- show summertime
- set summertime
- set summertime date
- set summertime recurring
- clear summertime
- set system name
- set system location
- set system contact
- show mtu
- set mtu
- clear mtu
- show reset
- reset
- reset nemcpu
- reset at
- reset in
- clear config
- show support
- show physical alias
- set physical alias
- clear physical alias
- show physical assetid
- set physical assetid
- clear physical assetid
MAC Address Commands
- show port mac
- show mac
- show mac agetime
- set mac
- clear mac
- show newaddrtrap
- set newaddrtrap
- show movedaddrtrap
- set movedaddrtrap
Telnet Commands
- show telnet
- set telnet
- telnet
Secure Shell (SSH) Commands
- show ssh state
- set ssh
- set ssh ciphers
- clear ssh ciphers
- set ssh client alive-interval
- set ssh client alive-count
- clear ssh client
- set ssh hostkey
- set ssh macs
- clear ssh macs
- set ssh reinitialize
- set ssh server allowed-auth
- show ssh authkey
- set ssh server authkey
- clear ssh server authkey
- set ssh server pki trusted-ca-list
- set ssh server pki authorized-cert-list
- ssh
Domain Name Server (DNS) Commands
- set ip dns
- set ip dns domain
- clear ip dns domain
- set ip dns server
- clear ip dns server
- set ip dns zone
- clear ip dns zone
- set ip dns port-number
- clear ip dns port-number
- set ip dns timeout
- clear ip dns timeout
- set ip dns query-retries
- clear ip dns query-retries
- clear ip dns all
- clear ip dns status
- show ip dns
Node Alias Commands
- show nodealias
- show nodealias mac
- show nodealias protocol
- show nodealias config
- set nodealias
- set nodealias maxentries
- clear nodealias
- clear nodealias config
SNTP Commands
- show sntp
- set sntp authentication mode
- set sntp authentication key
- set sntp authentication trust
- clear sntp authentication
- set sntp client
- clear sntp client
- set sntp server
- clear sntp server
- set sntp broadcastdelay
- clear sntp broadcast delay
- set sntp poll-interval
- clear sntp poll-interval
- set sntp poll-retry
- clear sntp poll-retry
- set sntp poll-timeout
- clear sntp poll-timeout
- show timezone
- set timezone
- clear timezone
DHCP Commands
- ip dhcp server
- ipv6 dhcp server
- ipv6 dhcp relay source-interface (S-, K-Series)
- ipv6 dhcp relay destination (S-, K-Series)
- show ip local pool
- ip local pool
- exclude (S-, K-Series)
- ip dhcp ping packets
- ip dhcp ping timeout
- ip dhcp pool
- ipv6 dhcp pool
- ip dhcp relay information option vpn (S-, K-Series)
- ip dhcp send-all-options
- domain-name
- dns-server
- nis-domain-name
- nis-server
- nisp-domain-name
- nisp-server
- sip-domain-name
- sip-server
- sntp-server
- unicast-server
- information-refresh
- netbios-name-server
- netbios-node-type
- default-router
- bootfile
- next-server
- option
- lease
- host
- client-class
- client-identifier
- client-name
- hardware-address
- show ip dhcp binding
- clear ip dhcp binding
- show ip dhcp server statistics
- clear ip dhcp server statistics
License Commands
- set license
- show license
- clear license
Power over Ethernet (PoE) Commands
- show inlinepower
- set inlinepower mode
- clear inlinepower mode
- set inlinepower available
- clear inlinepower available
- set inlinepower powertrap
- clear inlinepower powertrap
- set inlinepower assigned
- clear inlinepower assigned
- set inlinepower threshold
- clear inlinepower threshold
- set inlinepower management
- clear inlinepower management
- set inlinepower psetrap
- clear inlinepower psetrap
- show port inlinepower
- set port inlinepower
- clear port inlinepower
Configuration and Image File Management Commands
- General Configuration and Image File Management Commands
- Restore Point Commands
Virtual Switch Bonding Commands
- show bonding
- set bonding chassis
- clear bonding chassis
- set bonding enable
- set bonding disable
- set bonding lfr
- clear bonding lfr
- set bonding port enable
- set bonding port disable
- set bonding mac
- clear bonding mac
- clear bonding mac
Virtual Switch Bonding Commands
- show bonding
- set bonding chassis
- clear bonding chassis
- set bonding enable
- set bonding disable
- set bonding lfr
- clear bonding lfr
- set bonding port enable
- set bonding port disable
- set bonding mac
- clear bonding mac
- clear bonding mac
Network Diagnostics
- ping
- traceroute
- nslookup
Discovery Protocol Commands
- Displaying Neighbors
  - show neighbors
- Neighbor Warning Detection
- Extreme Networks Discovery Protocol
- Cisco Discovery Protocol
- Link Layer Discovery Protocol and LLDP-MED
Data Center Bridging Commands
- Priority Flow Control (PFC) (S-, 7100-Series)
- Application Priority
- Congestion Notification
Tracked Object Manager Commands
- State Probe Commands
- probe
- acv close
- acv reply
- acv request
- acv search-depth
- description
- dns-query type
- dns-verify match
- faildetect
- inservice
- l5-type
- open
- passdetect
- receive
- show probe
- show probe session
- show probe default
- Timing Probe Commands
- probe icmp timing
- probe udp timing
- description
- dns-query type
- inservice
- interval
- l5-type
- packet-options
- receive
- Tracked Object Commands
- track
- delay
- description
- inservice
- port
- threshold count
- show track
Bidirectional Forwarding Detection Commands
- show probe
- probe bfd
- bfd
- bfd probe
- control
- demand-mode
- description
- echo-mode
- echo
- inservice
- slow-timer
Link-State Application Commands
- set link-state track
- clear link-state track
- show link-state
IP SLA Commands
- sla entry
- collections
- destination
- distribution
- history
- monitor
- sla schedule
- entry
- stop-all
- show sla
- show sla entry detail
- show sla entry distribution
- show sla entry history
- show sla entry summary
- show sla scheduler
- show limits application sla-entry-data
Port Configuration Commands
- show console
- set console
- clear console
- show forcelinkdown
- set forcelinkdown
- clear forcelinkdown
- show port
- set port
- show port advertise
- set port advertise
- clear port advertise
- show port alias
- set port alias
- show port buffer mode (7100-Series)
- set port buffer mode (7100-Series)
- clear port buffer mode (7100-Series)
- show port counters
- show port duplex
- set port duplex
- show port energy-eff-eth (S-, 7100-Series)
- set port energy-efficient-eth (S-, 7100-Series)
- show port flowcontrol
- set port flowcontrol
- show port ingress-filter
- set port ingress-filter
- show port jumbo
- set port jumbo
- clear port jumbo
- set port jumbo mtu
- clear port jumbo mtu
- show port mdix
- set port mdix
- clear port mdix
- show port negotiation
- set port negotiation
- show port oam
- set port oam status
- set port oam mode
- set port oam loopback-rx (S-, K-Series)
- set port oam remote-loopback (S-, 7100-Series)
- set port oam notify-retry
- clear port oam
- set port oam link-monitor
- clear port oam link-monitor
- show oam uld-config
- set port oam uld mode
- set port oam uld action
- set port oam uld fast-timer
- clear port oam uld
- show port operstatuscause
- clear port operstatuscause
- show port speed
- set port speed
- show port status
- show port transceiver
Transmit Queue Monitoring Commands
- show txqmonitor settings
- show txqmonitor port
- set txqmonitor state
- clear txqmonitor state
- set txqmonitor sampleinterval
- clear txqmonitor sampleinterval
- set txqmonitor downtime
- clear txqmonitor downtime
- set txqmonitor ignorepausetime
- clear txqmonitor ignorepausetime
- set txqmonitor minrate
- clear txqmonitor minrate
- set txqmonitor threshold
- clear txqmonitor threshold
- set txqmonitor trapstatus
- clear txqmonitor trapstatus
- clear txqmonitor operstatus
Link Trap and Link Flap Detection Commands
- show port trap
- set port trap
- show linkflap
- set linkflap globalstate
- set linkflap portstate
- set linkflap interval
- set linkflap action
- clear linkflap action
- set linkflap threshold
- set linkflap downtime
- clear linkflap down
- clear linkflap
Port Priority Configuration
- Configuring Port Priority
- Configuring Priority to Transmit Queue Mapping
Broadcast Suppression Commands
- show port broadcast
- set port broadcast
- clear port broadcast
Port Mirroring Commands
- Physical Port Mirroring
- Policy Mirror Destinations (S-, K-Series)
LACP Commands
- show lacp
- set lacp
- clear lacp state
- set lacp asyspri
- set lacp aadminkey
- clear lacp
- set lacp static
- clear lacp static
- show lacp singleportlag
- set singleportlag
- clear singleportlag
- show port lacp
- set port lacp
- clear port lacp
- show lacp flowRegeneration (S-, K-Series)
- set lacp flowRegeneration (S-, K-Series)
- clear lacp flowRegeneration (S-, K-Series)
- show lacp outportAlgorithm
- set lacp outportAlgorithm
- clear lacp outportAlgorithm
SNMP User, Group, and Community Commands
- Configuring SNMP Users, Groups, and Communities
- Configuring SNMP Access Rights
SNMP MIB View Commands
- show snmp view
- show snmp context
- set snmp view
- clear snmp view
SNMP Parameter and Review Commands
- Configuring SNMP Target Parameters
- Configuring SNMP Target Addresses
- Configuring SNMP Notification Parameters
- Configuring SNMP MIB Walk Behavior
- Reviewing SNMP Statistics
  - show snmp engineid
  - show snmp counters
Spanning Tree Bridge Commands
- show spantree stats
- show spantree version
- set spantree version
- clear spantree version
- show spantree stpmode
- set spantree stpmode
- clear spantree stpmode
- show spantree maxconfigurablestps
- set spantree maxconfigurablestps
- clear spantree maxconfigurablestps
- show spantree mstilist
- set spantree msti
- clear spantree msti
- show spantree mstmap
- set spantree mstmap
- clear spantree mstmap
- show spantree vlanlist
- show spantree mstcfgid
- set spantree mstcfgid
- clear spantree mstcfgid
- show spantree bridgeprioritymode
- set spantree bridgeprioritymode
- clear spantree bridgeprioritymode
- show spantree priority
- set spantree priority
- clear spantree priority
- show spantree bridgehellomode
- set spantree bridgehellomode
- clear spantree bridgehellomode
- show spantree hello
- set spantree hello
- clear spantree hello
- show spantree maxage
- set spantree maxage
- clear spantree maxage
- show spantree fwddelay
- set spantree fwddelay
- clear spantree fwddelay
- show spantree autoedge
- set spantree autoedge
- clear spantree autoedge
- show spantree legacypathcost
- set spantree legacypathcost
- clear spantree legacypathcost
- show spantree tctrapsuppress
- set spantree tctrapsuppress
- clear spantree tctrapsuppress
- show spantree txholdcount
- set spantree txholdcount
- clear spantree txholdcount
- show spantree maxhops
- set spantree maxhops
- clear spantree maxhops
- show spantree spanguard
- set spantree spanguard
- clear spantree spanguard
- show spantree spanguardtimeout
- set spantree spanguardtimeout
- clear spantree spanguardtimeout
- show spantree spanguardlock
- clear / set spantree spanguardlock
- show spantree spanguardtrapenable
- set spantree spanguardtrapenable
- clear spantree spanguardtrap enable
- show spantree backuproot
- set spantree backuproot
- clear spantree backuproot
- show spantree backuproottrapendable
- set spantree backuproottrapenable
- clear spantree backuproottrapenable
- show spantree newroottrapendable
- set spantree newroottrapenable
- clear spantree newroottrapenable
- clear spantree default
- show spantree debug
- clear spantree debug
- show spantree spanguard-autounlock
- set spantree spanguard-autounlock
- clear spantree spanguard-autounlock
Spanning Tree Port Commands
- show spantree portenable
- set spantree portenable
- clear spantree portenable
- show spantree portadmin
- set spantree portadmin
- clear spantree portadmin
- set spantree protomigration
- show spantree portstate
- show spantree blockedports
- show spantree portpri
- set spantree portpri
- clear spantree portpri
- set spantree porthello
- clear spantree porthello
- show spantree portcost
- show spantree adminpathcost
- set spantree adminpathcost
- clear spantree adminpathcost
- show spantree adminedge
- set spantree adminedge
- clear spantree adminedge
- show spantree operedge
- show spantree adminpoint
- show spantree operpoint
- set spantree adminpoint
- clear spantree adminpoint
- show spantree restrictedtcn
- set spantree restrictedtcn
- clear spantree restrictedtcn
- show spantree restrictedrole
- set spantree restrictedrole
- clear spantree restrictedrole
Spanning Tree Loop Protect Commands
- set spantree lp
- show spantree lp
- clear spantree lp
- show spantree lplock
- clear spantree lplock
- set spantree lpcapablepartner
- show spantree lpcapablepartner
- clear spantree lpcapablepartner
- set spantree lpthreshold
- show spantree lpthreshold
- clear spantree lpthreshold
- set spantree lpwindow
- show spantree lpwindow
- clear spantree lpwindow
- set spantree lptrapenable
- show spantree lptrapenable
- clear spantree lptrapenable
- set spantree disputedbpduthreshold
- show spantree disputedbpduthreshold
- clear spantree disputedbpduthreshold
- show spantree nonforwardingreason
Shortest Path Bridging (SPB) Commands
- show spb
- set spb status
- show spb basevid
- show spb dynamic-ect-alg
- set spb basevid
- clear spb basevid
- set spb net
- clear spb net
- show spb port
- set spb port status
- clear spb port
- set spb spvid
- clear spb spvid
- set spb system
- clear spb system
- show spb neighbors
- set spantree version spt
- clear spantree version
Routing as a Service (RaaS) Commands
- show raas
- raas
- vrrp fabric-route-mode helper-router
802.1Q VLAN Commands
- Reviewing Existing VLANs
  - show vlan
- Creating and Naming Static VLANs
- Assigning Port VLAN IDs (PVIDs) and Ingress Filtering
- Configuring the VLAN Egress List
- Provider Bridging Commands
  - set bridge mode
  - show bridge mode
GVRP Commands
- show gvrp
- show garp timer
- set gvrp
- clear gvrp
- show gvrp vlan restricted
- set gvrp vlan restricted
- clear gvrp vlan restricted
- set garp timer
- clear garp timer
MVRP Commands
- show mrp timer
- set mrp timer
- clear mrp timer
- show mvrp
- show mvrp counters (Currently Cloaked)
- set mvrp
- clear mvrp
- show mvrp vlan restricted
- set mvrp vlan restricted
- clear mvrp vlan restricted
Policy Profile Commands
- Policy Profile Commands
- Classification Rule Commands
System Logging Commands
- show logging all
- show logging server
- set logging server
- clear logging server
- show logging default
- set logging default
- clear logging default
- show logging application
- set logging application
- clear logging application
- show logging local
- set logging local
- clear logging local
- set logging here
- clear logging here
- show logging buffer
Policy Class of Service (CoS) Commands
- show cos state
- set cos state
- show cos port-type
- show cos unit
- show cos port-config
- set cos port-config irl
- clear cos port-config irl
- set cos port-config txq
- clear cos port-config txq
- set cos port-config flood-ctrl
- clear cos port-config flood-ctrl
- show cos port-resource
- set cos port-resource irl
- clear cos port-resource irl
- set cos port-resource txq
- clear cos port-resource txq
- set cos port-resource flood-ctrl
- clear cos port-resource flood-ctrl
- show cos reference
- set cos reference irl
- clear cos reference irl
- set cos reference txq (S-, K-Series)
- clear cos reference txq (S-, K-Series)
- show cos settings
- set cos settings
- clear cos settings
- show cos violation (S-, K-Series)
- clear cos violation (S-, K-Series)
- clear cos all-entries
Network Monitoring Commands
- show netstat
- show users
- tell
- disconnect
SMON Commands
- show smon priority
- set smon priority
- clear smon priority
- show smon vlan
- set smon vlan
- clear smon vlan
RMON Commands
- show rmon stats
- set rmon stats
- clear rmon stats
- show rmon history
- set rmon history
- clear rmon history
- show rmon alarm
- set rmon alarm properties
- set rmon alarm status
- clear rmon alarm
- show rmon event
- set rmon event properties
- set rmon event status
- clear rmon event
- show rmon host
- set rmon host properties (S-, K-Series)
- set rmon host status (S-, K-Series)
- clear rmon host (S-, K-Series)
- show rmon topN (S-, K-Series)
- set rmon topN properties (S-, K-Series)
- set rmon topN status (S-, K-Series)
- clear rmon topN (S-, K-Series)
- show rmon matrix (S-, K-Series)
- set rmon matrix properties (S-, K-Series)
- set rmon matrix status (S-, K-Series)
- clear rmon matrix (S-, K-Series)
- show rmon channel (S-, K-Series)
- set rmon channel (S-, K-Series)
- clear rmon channel (S-, K-Series)
- show rmon filter (S-, K-Series)
- set rmon filter (S-, K-Series)
- clear rmon filter (S-, K-Series)
- show rmon capture
- set rmon capture
- clear rmon capture
NetFlow Commands
- show netflow
- set netflow cache
- clear netflow cache
- set netflow export-data
- clear netflow export-data
- set netflow export-destination
- clear netflow export-destination
- set netflow export-interval
- clear netflow export-interval
- set netflow export-rate
- clear netflow export-data
- set netflow port
- clear netflow port
- set netflow export-version
- clear netflow export-version
- set netflow template
- clear netflow template
Connectivity Fault Management (CFM) Commands
- Global Configuration Commands
- Default Maintenance Domain (MD) Configuration Commands
- Maintenance Domain Configuration Commands
  - enable
  - ma
  - name
- Maintenance Association Configuration Commands
  - ccm-interval
  - ma-comp
  - mep
  - mep-list
  - name
- Maintenance Association Component Configuration Commands
  - vid
- Maintenance End-Point Configuration Commands
- CFM Clear Commands
- CFM Show Commands
Virtual Routing and Forwarding (VRF) Commands
- set router vrf create
- clear router vrf
- ipv6 route
Global Configuration Address Family Commands
- address-family
- topology
Router Commands
- show router
- show limits
- set limits
- clear limits
- set limits resource-profile (7100-Series)
- clear limits resource-profile (7100-Series)
- show limits resource-profile (7100-Series)
- set router vrf create
- clear router vrf
- router
- show running-config
Routing Interface Commands
- show interface
- interface
- ip forwarding
- ip ecm-forwarding-algo (S-, K-Series)
- show ip interface
- ip address
- ip checkspoof
- ip icmp unreachable (S-, K-Series)
- ip icmp redirects (S-, K-Series)
- ip icmp echo-reply (S-, K-Series)
- secondary-vlan
- no shutdown
IPv6 Interface Commands
- show ipv6 interface
- ipv6 address
- ipv6 checkspoof (S-, K-Series)
- ipv6 forwarding (S-, K-Series)
- ipv6 icmp unreachable (S-, K-Series)
- ipv6 icmp redirects
- ipv6 icmp echo-reply (S-, K-Series)
- ipv6 nd dad attempts
- ipv6 nd managed-config-flag (S-, K-Series)
- ipv6 nd ns-interval (S-, K-Series)
- ipv6 nd other-config-flag (S-, K-Series)
- ipv6 nd prefix (S-, K-Series)
- ipv6 nd ra hoplimit suppress (S-, K-Series)
- ipv6 nd ra interval (S-, K-Series)
- ipv6 nd ra lifetime (S-, K-Series)
- ipv6 nd ra mtu (S-, K-Series)
- ipv6 nd ra suppress (S-, K-Series)
- ipv6 nd reachable-time
IP Traffic Routes Commands
- show ip route
- show ipv6 route
- ip route
- ipv6 route
- set ip route
- clear ip route
- ip icmp
- ipv6 neighbor
- ipv6 nd delay-time (S-, K-Series)
- ipv6 nd reachable-time (S-, K-Series)
- ipv6 nd retransmit-time (S-, K-Series)
- ipv6 nd stale-time (S-, K-Series)
- show ipv6 neighbors
- show ipv6 general-prefix
- ipv6 general-prefix
Tunnel Configuration Commands
- Reviewing Existing Tunnels
- Configuring Tunnels
- Removing Tunnel Options
L3 VPN Commands
- VRF L3 VPN Commands
- BGP L3 VPN Commands
ARP Table Commands
- show arp
- set arp
- clear arp
- arp (S-, K-Series)
- arp timeout (S-, K-Series)
- arp retransmit-time (S-, K-Series)
- arp stale-entry-timeout (S-, K-Series)
- arp-nd-proxy-all (S-, K-Series)
- ip gratuitous-arp
- ip gratuitous-arp-learning
- ip proxy-arp
- ip mac-address
- ip multicast-arp-learning
- clear arp-cache
Broadcast Configuration Commands
- ip directed-broadcast
- ip forward-protocol
- ip dhcp relay information option
- ip dhcp relay information option vpn
- ip dhcp relay information option server-override
- ip dhcp relay information option remote-id
- ip dhcp relay information option circuit-id
- ip dhcp relay information option link-selection
- ip dhcp relay source-interface
- ip helper-address
IP Debug
- debug ip bgp (S-Series)
- debug ip ospf
- debug packet restart
- debug packet show-statistics
- debug packet clear-statistics
- debug packet filter
- debug packet control
- show debugging
- debug ip vrrp
- debug ip vrrp show
IGMP Commands
- Enabling / Disabling IGMP
- Configuring IGMP
Multicast Listener Discovery (MLD) Commands
- set mld enable
- show mld enable
- set mld disable
- set mld delete
- set mld config
- show mld config
- show mld counters
- clear mld counters
- set mld query-enable
- set mld query-disable
- show mld query
- set mld flow-full-action
- show mld flow-full-action
- show igmp groups (S-, K-Series)
- set mld input-filter
- show mld input-filter
- clear mld input-filter
- set mld static
- clear mld static
- set mld protocols
- clear mld protocols
- show mld protocols
- set mld portFastLeave
- clear mld portFastLeave
- show mld portFastLeave
- show mld number-flows
- show mld vlan
- show mld groups
- show mld static
- show mld reporters
- show mld flows
- set mld unknown-input-action
- show mld unknown-input-action
IPv4 PIM Commands
- ip mroute
- ip pim sparse-mode
- ip pim dense-mode
- ip pim ssm
- ip pim anycast-rp
- ip pim asm-join-filter
- ip pim ssm-join-filter
- ip pim bsr-candidate
- ip pim bsr-border
- ip pim dr-priority
- ip pim graceful-restart
- ip pim multipath
- ip pim neighbor-filter
- ip pim rp-address
- ip pim rp-candidate
- ip pim state-refresh origination-interval
- ip pim static-rp-override
- show ip mroute
- show ip mcache
- show ip pim
- show ip pim anycast-rp
- show ip pim bsr
- show ip pim interface
- show ip pim mrt
- show ip pim mrt type
- show ip pim neighbor
- show ip pim rp
- show ip pim rp-hash
- show ip pim statistics
- clear ip mroute
- clear ip pim statistics
IPv6 PIM Commands
- ipv6 mroute
- ipv6 pim sparse mode
- ipv6 pim dense-mode
- ipv6 pim ssm
- ipv6 pim static-rp-override
- ipv6 pim state-refresh origination-interval
- ipv6 pim asm-join-filter
- ipv6 pim ssm-join-filter
- ipv6 pim bsr candidate bsr
- ipv6 pim bsr candidate rp
- ipv6 pim dr-priority
- ipv6 pim rp-address
- ipv6 pim anycast-rp
- ipv6 pim graceful-restart
- ipv6 pim multipath
- ipv6 pim neighbor-filter
- clear ipv6 mroute
- clear ipv6 pim statistics
- show ipv6 mcache
- show ipv6 mroute
- show ipv6 pim
- show ipv6 pim anycast-rp
- show ipv6 pim bsr
- show ipv6 pim interface
- show ipv6 pim mrt
- show ipv6 pim mrt type
- show ipv6 pim neighbor
- show ipv6 pim rp
- show ipv6 pim rp-hash
- show ipv6 pim statistics
MSDP Commands
- show ip msdp peer
- ip msdp peer
- clear ip msdp peer
- ip msdp shutdown
- ip msdp originator-id
- show ip msdp sa-cache
- clear ip msdp sa-cache
- ip msdp sa-filter in
- ip msdp sa-filter out
- ip msdp mesh-group
- show ip msdp summary
- clear ip msdp peer statistics
DVMRP Commands
- ip dvmrp
- ip dvmrp metric
- show ip dvmrp route
- show ip dvmrp
- show ip dvmrp interface
- show ip dvmrp neighbor
Network Address Translation (NAT) Commands
- ip nat pool
- ipv6 nat pool
- ip nat inside
- ipv6 nat inside
- ip nat outside
- ipv6 nat outside
- ip nat inside source list
- ipv6 nat inside source list
- ip nat inside source static (NAT)
- ipv6 nat inside source static (NAT)
- ip nat inside source static (NAPT)
- ip nat ftp-control-port
- ip nat translation max-entries
- ipv6 nat translation max-entries
- ip nat translation (timeouts)
- ipv6 nat translation (timeouts)
- ip nat translation protocol
- ipv6 nat translation protocol
- ip nat log translations
- ipv6 nat log translations
- ip nat inspect dns
- ipv6 nat inspect dns
- show ip nat bindings
- show ipv6 nat bindings
- clear ip nat bindings
- clear ipv6 nat bindings
- show ip nat info
- show ipv6 nat info
- show ip nat lists
- show ipv6 nat lists
- show ip nat pools
- show ipv6 nat pools
- show ip nat statics
- show ipv6 nat statics
- show ip nat statistics
- show ipv6 nat statistics
- clear ip nat statistics
- clear ipv6 nat statistics
LSNAT Commands
- show ip slb serverfarms
- show ipv6 slb serverfarms
- description
- inservice
- this
- ip slb binding finrst-timeout
- ipv6 slb binding finrst-timeout
- ip slb binding finrst-timeout disabled
- ipv6 slb binding finrst-timeout disabled
- ip slb tftpctrlport
- ipv6 slb tftpctrlport
- ip slb serverfarm
- ipv6 slb serverfarm
- real
- predictor
- faildetect probe
- faildetect type
- faildetect reset
- show ip slb reals
- show ipv6 slb reals
- maxconns
- weight
- show ip slb vservers
- show ipv6 slb vservers
- ip slb vserver
- ipv6 slb vserver
- binding match source-port
- serverfarm (Virtual Server)
- virtual
- virtual-range
- udp-one-shot
- vrrp vlan
- client
- source nat pool
- idle timeout
- sticky type
- sticky timeout
- ip slb real-server access client
- ipv6 slb real-server access client
- ip slb real-server access tcp-reset
- ipv6 slb real-server access tcp-reset
- ip slb real-server access unrestricted
- ipv6 slb real-server access unrestricted
- show ip slb statistics
- show ipv6 slb statistics
- show ip slb info
- show ipv6 slb info
- show ip slb sticky
- show ipv6 slb sticky
- show ip slb statistics-sticky
- show ipv6 slb statistics-sticky
- show ip slb bindings
- show ipv6 slb bindings
- clear ip slb
- clear ipv6 slb
- clear ip slb statistics
- clear ipv6 slb statistics
Transparent Web Cache Balancing (TWCB) Commands
- ip twcb wcserverfarm
- ipv6 twcb wcserverfarm
- description
- predictor
- cache
- weight
- faildetect probe
- faildetect app-port
- faildetect type
- faildetect reset
- maxconns
- inservice
- this
- ip twcb webcache
- ipv6 twcb webcache
- destination ip
- idle timeout
- serverfarm
- source nat pool
- bypass-list
- host redirect
- ip twcb redirect out
- ipv6 twcb redirect out
- show ip twcb wcserverfarms
- show ipv6 twcb wcserverfarms
- show ip twcb webcaches
- show ipv6 twcb webcaches
- show ip twcb info
- show ipv6 twcb info
- show ip twcb caches
- show ipv6 twcb caches
- show ip twcb bindings
- show ipv6 twcb bindings
- show ip twcb statistics
- show ipv6 twcb statistics
- clear ip twcb
- clear ipv6 twcb
RIP Commands
- router rip
- network
- distance
- ip rip offset
- timers
- key chain
- key
- key-string
- accept-lifetime
- send-lifetime
- ip rip authentication keychain
- ip rip authentication mode
- no auto-summary
- passive-interface
- distribute-list
- redistribute
- show ip protocols
Border Gateway Protocol Commands
- BGP Configuration Commands
- Route Flap Damping Commands
- Querying and Clearing Commands
OSPFv2 Commands
- router ospf
- address-family ipv4
- network
- router-id
- neighbor
- passive-interface
- redistribute
- distribute-list route-map in
- rfc1583compatible
- log-adjacency
- spf lsa-thresholds
- spf pause-frequency
- timers spf
- bfd all-intfs-on
- distance ospf
- enable-pe-ce
- domain-tag
- domain-id
- area range
- area stub
- area default cost
- area nssa
- area nssa-range
- area sham-link
- area sham-link authentication-key
- area sham-link dead-interval
- area sham-link hello-interval
- area sham-link keychain
- area sham-link message-digest-key
- area sham-link retransmit-interval
- area sham-link transmit-delay
- area sham-link cost
- area virtual-link
- auto-cost reference-bandwidth
- enable-vxlan-extensions
- no enable-vxlan-extensions
- graceful-restart enable
- graceful-restart restart-interval
- ip ospf cost
- ip ospf cost track
- ip ospf network
- ip ospf priority
- ip ospf poll-interval
- ip ospf retransmit-interval
- ip ospf transmit-delay
- ip ospf ignore-mtu
- ip ospf hello-interval
- ip ospf dead-interval
- ip ospf authentication-key
- ip ospf message-digest-key md5
- ip ospf helper-disable
- ip ospf network
- show ip ospf
- show ip ospf database
- show ip ospf border-routers
- show ip ospf interface
- show ip ospf neighbor
- show ip ospf sham-link
- show ip ospf virtual-links
- show ip protocols
- clear ip ospf process
- debug ip ospf
OSPFv3 Commands
- Router OSPFv3 Configuration Commands
- OSPFv3 Interface Commands
- OSPFv3 Show Commands
Intermediate System To Intermediate System (IS-IS) Commands
- IS-IS Configuration Overview
- Configuration Commands
- Interface Commands
- Show Commands
VRRP Commands
- vrrp create
- vrrp address
- vrrp primary-address
- vrrp priority
- vrrp accept-mode
- vrrp advertise-interval
- vrrp authentication
- vrrp critical-ip
- vrrp enable
- vrrp interface-up-delay
- vrrp fabric-route-mode
- vrrp host-mobility (S-, K-Series)
- vrrp host-mobility-acl (S-, K-Series)
- host-mobility timeout (S-, K-Series) (Deprecated in 8.32)
- vrrp preempt
- vrrp preempt-delay
- show ip vrrp
MAC Locking Commands
- show maclock
- set maclock enable
- set maclock disable
- set maclock disable-port
- clear maclock disable-port
- set maclock
- set maclock firstarrival
- clear maclock firstarrival
- set maclock agefirstarrival
- clear maclock agefirstarrival
- set maclock clearonlinkchange
- clear maclock clearonlinkchange
- set maclock move
- set maclock static
- clear maclock static
- set maclock trap
- clear maclock trap
- set maclock syslog
- clear maclock syslog
- clear maclock
TACACS+ Commands
- show tacacs
- set tacacs
- show tacacs server
- set tacacs server
- clear tacacs server
- show tacacs session
- set tacacs session
- clear tacacs session authorization
- show tacacs command
- set tacacs command
- show tacacs singleconnect
- set tacacs singleconnect
Host DoS Commands
- show hostdos
- hostdos
- clear hostdos-counters
Flow Setup Throttling (FST) Commands
- show flowlimit
- set flowlimit
- set flowlimit limit
- clear flowlimit limit
- set flowlimit action
- clear flowlimit action
- show flowlimit class
- set flowlimit port
- set flowlimit port class
- set flowlimit port status
- clear flowlimit port class
- set flowlimit shutdown
- set flowlimit notification
- clear flowlimit notification interval
- clear flowlimit stats
Access Control List Commands
- Named Access Control Lists
- Access Control List Entry Configuration Commands
  - permit
  - deny
  - log
  - delete
  - insert before
  - replace
  - move before
  - remark
- Displaying and Applying Access Control List Commands
IPv6 Access Control List Commands
- Named Access Control Lists
- Access Control List Entry Configuration Commands
  - permit
  - deny
  - log
  - delete
  - insert before
  - name
  - replace
  - move before
  - remark
- Displaying and Applying Access Control List Commands
Layer 2 Access Control List Commands
- Named Layer 2 Access Control Lists
- Access Control List Entry Configuration Commands
  - permit
  - deny
  - log
  - log-verbose
  - delete
  - insert before
  - replace
  - move before
  - remark
- Displaying and Applying Access Control List Commands
VRF Access Control List Commands
- vrf-access
- ip access-group from-vrf
- ip access-group from-any-vrf
- ip access-group to-vrf
- ip access-group to-any-vrf
- ipv6 access-group from-vrf
- ipv6 access-group from-any-vrf
- ipv6 access-group to-vrf
- ipv6 access-group to-any-vrf
Route-Map Manager Commands
- General Route-Map Commands
- Policy-Based Route-Map Commands
- Redistribution Route-Map Commands
- Filter-Based Route-Map Commands
- BGP Route-Map Commands (S-, 7100-Series)
RADIUS Commands
- show radius
- set radius
- set radius mgmt attribute
- set radius retries
- set radius timeout
- set radius server
- set radius realm
- clear radius
- show radius accounting
- set radius accounting
- clear radius accounting
RFC 3580 Commands
- show vlanauthorization
- set vlanauthorization
- clear vlanauthorization
- set vlanauthorization port
Quarantine Agent Authentication Commands
- show quarantine-agent
- set quarantine-agent
- set quarantine-agent port
- clear quarantine-agent
- set quarantine accounting
- set quarantine-agent port authallocated
- set quarantine-agent port idle-timeout
- set quarantine-agent port session-timeout
802.1X Authentication Commands
- show dot1x
- show dot1x auth-config
- set dot1x
- set dot1x auth-config
- clear dot1x auth-config
802.1X MACsec Commands
- show macsec
- show macsec all
- show macsec kay
- show macsec kay-stats
- show macsec logon
- show macsec mka-participant
- show macsec nid
- show macsec port
- show macsec secy
- set macsec init
- set macsec kay mka-life-time
- set macsec nid
- set macsec port mka
- set macsec pre-shared-key
- set macsec secy
- clear macsec kay mka-life-time
- clear macsec nid
- clear macsec port mka
- clear macsec pre-shared-key
- clear macsec secy
Port Web Authentication (PWA) Commands
- show pwa
- set pwa
- set pwa hostname
- clear pwa hostname
- show pwa banner
- set pwa banner
- clear pwa banner
- set pwa displaylogo
- set pwa redirecttime (S-, K-Series)
- clear pwa redirecttime (S-, K-Series)
- set pwa ipaddress
- clear pwa ipaddress
- set pwa protocol
- clear pwa protocol
- set pwa enhancedmode (S-, K-Series)
- set pwa guestname (S-, K-Series)
- clear pwa guestname (S-, K-Series)
- set pwa guestpassword (S-, K-Series)
- set pwa gueststatus (S-, K-Series)
- set pwa initialize
- set pwa quietperiod
- clear pwa quietperiod
- set pwa maxrequest
- clear pwa maxrequest
- set pwa portcontrol
- show pwa session
- show pwa summary
MAC Authentication Commands
- show macauthentication
- show macauthentication session
- set macauthentication
- set macauthentication password
- clear macauthentication password
- set macauthentication significant-bits
- clear macauthentication significant-bits
- set macauthentication port
- set macauthentication authallocated
- clear macauthentication authallocated
- set macauthentication portinitialize
- set macauthentication macinitialize
- set macauthentication reauthentication
- set macauthentication portreauthenticate
- set macauthentication macreauthenticate
- set macauthentication reauthperiod
- clear macauthentication reauthperiod
- set macauthentication quietperiod
- clear macauthentication quietperiod
Convergence End Points (CEP) Phone Detection Commands
- show cep connections
- show cep detection
- show cep policy
- show cep port
- set cep
- set cep accounting
- set cep port
- set cep policy
- set cep detection-id
- set cep detection-id type
- set cep detection-id address
- set cep detection-id protocol
- set cep detection-id porthigh | portlow
- set cep initialize
- clear cep
RADIUS Snooping Commands
- set radius-snooping
- set radius-snooping accounting
- set radius-snooping timeout
- set radius-snooping port
- set radius-snooping flow
- set radius-snooping initialize
- clear radius-snooping all
- clear radius-snooping flow
- clear radius-snooping port
- show radius-snooping
- show radius-snooping port
- show radius-snooping flow
- show radius-snooping session
Auto-Tracking Authentication Commands
- show auto-tracking
- set auto-tracking
- set auto-tracking accounting
- set auto-tracking port
- clear auto-tracking
- set auto-tracking port authallocated
- set auto-tracking port idle-timeout
- set auto-tracking port radius-timeout-profile
- set auto-tracking port radius-reject-profile
- set auto-tracking port session-timeout
Anti-Spoofing Commands
- show antispoof
- set antispoof
- clear antispoof
- set antispoof notifications
- clear antispoof notifications
- set antispoof notifications interval
- clear antispoof notifications interval
- set antispoof duplicateIP
- clear antispoof duplicateIP
- show antispoof class
- set antispoof class
- set antispoof class threshold-index
- clear antispoof class
- set antispoof dhcp-snooping
- set antispoof dhcp-snooping mac-verification
- set antispoof dhcp-snooping port-mode
- clear antispoof dhcp-snooping
- set antispoof arp-inspection
- clear antispoof arp-inspection
- set antispoof ip-inspection
- clear antispoof ip-inspection
- show antispoof port
- set antispoof port-class
- clear antispoof port-class
- show antispoof binding
- clear antispoof binding
- show antispoof counters
- clear antispoof counters
MultiAuth Commands
- set multiauth mode
- clear multiauth mode
- show multiauth
- show multiauth counters
- set multiauth precedence
- clear multiauth precedence
- show multiauth port
- set multiauth port
- clear multiauth port
- show multiauth station
- clear multiauth station
- show multiauth session
- show multiauth idle-timeout
- set multiauth idle-timeout
- clear multiauth idle-timeout
- show multiauth session-timeout
- set multiauth session-timeout
- clear multiauth session-timeout
- clear multiauth session
- set multiauth sessions-unique-per-port
- clear multiauth sessions-unique-per-port
- set multiauth trap
- clear multiauth trap
- show multiauth trap
OpenFlow Commands
- clear openflow controller
- clear tls
- set openflow
- set openflow controller
- set tls
- show openflow
- show openflow controller
- show tls
Glossary
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X

Access Control List Entry Configuration Commands

This section details ACL commands used to configure deny or permit ACL entries, log, delete, insert, replace or move an ACL entry, or create an ACL comment entry. The commands used to configure named ACL entries are:

Note

When applying an ACL to a non-host context on a 7100-Series device, the following restrictions apply:

Ranges are not allowed for UDP and TCP rules; the equal (eq) option is supported
The msg option is not supported for ICMP rules

Note

The resources available for the configuration of ACL rules on the 7100-Series is based upon the system resource allocation profile configured using set limits resource-profile (7100-Series). See the release notes that come with your firmware for ACL resource limit details.

Published May 2016prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback