Software Guide
Page 11
... Packets 7 Routed Packets 7 Multicast Packets 8 Using Cisco IOS ACLs in your Network 9 Hardware and Software Handling of Cisco IOS ACLs with PFC 10 Hardware and Software Handling of Cisco IOS ACLs with PFC2 12 Using VACLs with Cisco IOS ACLs 15 Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN... VACLs From the CLI 29 Configuring and Storing VACLs and QoS ACLs in Flash Memory 42 Automatically Moving the VACL and QoS ACL Configuration to Flash Memory 43 Manually Moving the VACL and QoS ACL Configuration to Flash Memory 44 Running with the VACL and QoS ACL Configuration in Flash...
... Packets 7 Routed Packets 7 Multicast Packets 8 Using Cisco IOS ACLs in your Network 9 Hardware and Software Handling of Cisco IOS ACLs with PFC 10 Hardware and Software Handling of Cisco IOS ACLs with PFC2 12 Using VACLs with Cisco IOS ACLs 15 Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN... VACLs From the CLI 29 Configuring and Storing VACLs and QoS ACLs in Flash Memory 42 Automatically Moving the VACL and QoS ACL Configuration to Flash Memory 43 Manually Moving the VACL and QoS ACL Configuration to Flash Memory 44 Running with the VACL and QoS ACL Configuration in Flash...
Software Guide
Page 37
...ROM monitor commands, refer to the ATM Software Configuration Guide and Command Reference-Catalyst 5000 Family and 6000 Family Switches publication. The system enters ROM-monitor mode if the switch does not find a valid system image, if the NVRAM configuration is corrupted, or if the configuration register... reset, or when a fatal exception occurs. You can load a system image manually from Flash memory, from a network server file, or from bootflash. This chapter consists of the ATM Cisco IOS CLI and commands, refer to the Catalyst 6000 Family Command Reference publication. Note The Break key...
...ROM monitor commands, refer to the ATM Software Configuration Guide and Command Reference-Catalyst 5000 Family and 6000 Family Switches publication. The system enters ROM-monitor mode if the switch does not find a valid system image, if the NVRAM configuration is corrupted, or if the configuration register... reset, or when a fatal exception occurs. You can load a system image manually from Flash memory, from a network server file, or from bootflash. This chapter consists of the ATM Cisco IOS CLI and commands, refer to the Catalyst 6000 Family Command Reference publication. Note The Break key...
Software Guide
Page 46
... it reminds you which keywords or arguments are in the switch CLI, enter Console> switch console [mod] the MSFC CLI. Tip If you have already entered. Cisco IOS Command-Line Interface These sections describe basic Cisco IOS configuration tasks you need to see the "Accessing the...6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 memory network overwrite-network terminal Configure from NV memory Configure from a TFTP network host Overwrite NV memory from TFTP network host Configure from the switch CLI when directly connected to press the up -arrow key or Ctrl...
... it reminds you which keywords or arguments are in the switch CLI, enter Console> switch console [mod] the MSFC CLI. Tip If you have already entered. Cisco IOS Command-Line Interface These sections describe basic Cisco IOS configuration tasks you need to see the "Accessing the...6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 memory network overwrite-network terminal Configure from NV memory Configure from a TFTP network host Overwrite NV memory from TFTP network host Configure from the switch CLI when directly connected to press the up -arrow key or Ctrl...
Software Guide
Page 225
...decisions (see the "Understanding Forwarding Decisions" section on page 13-5). Chapter 13 Configuring CEF for PFC2 Understanding How Layer 3 Switching Works Note Access control lists (ACLs) and policy-based routing can cause CEF for PFC2 to ignore the FIB when making ... sharing entries: 0 Forwarding entries: 4 Bridge entries: 12 Drop entries: 2 Understanding Forwarding Decisions CEF for PFC2 provides Layer 3 switching based on: • Entries in the ACL ternary content addressable memory (TCAM) for policy-based routing decisions • Entries in the routing tables on the MSFC2.
...decisions (see the "Understanding Forwarding Decisions" section on page 13-5). Chapter 13 Configuring CEF for PFC2 Understanding How Layer 3 Switching Works Note Access control lists (ACLs) and policy-based routing can cause CEF for PFC2 to ignore the FIB when making ... sharing entries: 0 Forwarding entries: 4 Bridge entries: 12 Drop entries: 2 Understanding Forwarding Decisions CEF for PFC2 provides Layer 3 switching based on: • Entries in the ACL ternary content addressable memory (TCAM) for policy-based routing decisions • Entries in the routing tables on the MSFC2.
Software Guide
Page 239
...of IP MMLS information on the MSFC: Router# show mls ip multicast summary 7 MMLS entries using 560 bytes of memory Number of partial hardware-switched flows:2 Number of -band channel (EOBC). Displays packet data in the SCP. Displays errors and warnings in and ...RFD-MFD installed: Vlan11 (1.1.11.3, 224.1.1.1) Incoming interface: Vlan11, Packets switched: 62430 Hardware switched outgoing interfaces: Vlan20 Vlan9 RFD-MFD installed: Vlan11 Total hardware switched installed: 6 Router# This example shows how to the hardware switching engine. [no] debug mls ip multicast all [no] debug mdss...
...of IP MMLS information on the MSFC: Router# show mls ip multicast summary 7 MMLS entries using 560 bytes of memory Number of partial hardware-switched flows:2 Number of -band channel (EOBC). Displays packet data in the SCP. Displays errors and warnings in and ...RFD-MFD installed: Vlan11 (1.1.11.3, 224.1.1.1) Incoming interface: Vlan11, Packets switched: 62430 Hardware switched outgoing interfaces: Vlan20 Vlan9 RFD-MFD installed: Vlan11 Total hardware switched installed: 6 Router# This example shows how to the hardware switching engine. [no] debug mls ip multicast all [no] debug mdss...
Software Guide
Page 268
If the MAC address belongs to an MSFC, an "R" is not specified, entries for a specified VLAN: Console> show cam command displays the content-addressable memory (CAM) entries associated with a specific MAC address. show cam msfc [vlan] This example shows how to display the CAM entries: Console> show cam msfc VLAN ...
If the MAC address belongs to an MSFC, an "R" is not specified, entries for a specified VLAN: Console> show cam command displays the content-addressable memory (CAM) entries associated with a specific MAC address. show cam msfc [vlan] This example shows how to display the CAM entries: Console> show cam msfc VLAN ...
Software Guide
Page 281
...related errors. Turns on MDSS-related events. Turns on MDSS1 error messages. Displays IP MMLS messages from/to display a summary of complete hardware-switched flows:5 Router# Using Debug Commands on the IP MMLS MSFC Table 14-9 describes IP MMLS-related debug troubleshooting commands. Turns on all other ...display information on a specific IP MMLS entry on the MSFC: Router# show mls ip multicast summary 7 MMLS entries using 560 bytes of memory Number of partial hardware-switched flows:2 Number of IP MMLS information on the MSFC: Router# show mls ip multicast 224.1.1.1 Multicast hardware...
...related errors. Turns on MDSS-related events. Turns on MDSS1 error messages. Displays IP MMLS messages from/to display a summary of complete hardware-switched flows:5 Router# Using Debug Commands on the IP MMLS MSFC Table 14-9 describes IP MMLS-related debug troubleshooting commands. Turns on all other ...display information on a specific IP MMLS entry on the MSFC: Router# show mls ip multicast summary 7 MMLS entries using 560 bytes of memory Number of partial hardware-switched flows:2 Number of IP MMLS information on the MSFC: Router# show mls ip multicast 224.1.1.1 Multicast hardware...
Software Guide
Page 297
...8226; Unsupported Features, page 16-27 • Configuring VACLs, page 16-28 • Configuring and Storing VACLs and QoS ACLs in Flash Memory, page 16-42 • Configuring Policy-Based Forwarding, page 16-48 Note Except where specifically differentiated, the information and procedures in this chapter... • Understanding How ACLs Work, page 16-1 • Hardware Requirements, page 16-2 • Supported ACLs, page 16-2 • Applying Cisco IOS ACLs and VACLs on the Catalyst 6000 family switches. Note For complete syntax and usage information for details. Catalyst 6000 family...
...8226; Unsupported Features, page 16-27 • Configuring VACLs, page 16-28 • Configuring and Storing VACLs and QoS ACLs in Flash Memory, page 16-42 • Configuring Policy-Based Forwarding, page 16-48 Note Except where specifically differentiated, the information and procedures in this chapter... • Understanding How ACLs Work, page 16-1 • Hardware Requirements, page 16-2 • Supported ACLs, page 16-2 • Applying Cisco IOS ACLs and VACLs on the Catalyst 6000 family switches. Note For complete syntax and usage information for details. Catalyst 6000 family...
Software Guide
Page 324
...show 100 percent usage even if there is no VACL configured, all traffic is no Cisco IOS ACL configured to NVRAM. Note You can map it to the edit buffer. • Note that comes into the switch is no ACEs are deleted. If there is applied against the next ACE in systems... default VACLs and no default VACL-to-VLAN mappings. • Note that if there is permitted. • Note that you can configure Cisco IOS ACLs and VACLs from Flash memory instead of ACEs before you enter ACEs in an edit buffer. There are stored temporarily in batches and enter the commit command...
...show 100 percent usage even if there is no VACL configured, all traffic is no Cisco IOS ACL configured to NVRAM. Note You can map it to the edit buffer. • Note that comes into the switch is no ACEs are deleted. If there is applied against the next ACE in systems... default VACLs and no default VACL-to-VLAN mappings. • Note that if there is permitted. • Note that you can configure Cisco IOS ACLs and VACLs from Flash memory instead of ACEs before you enter ACEs in an edit buffer. There are stored temporarily in batches and enter the commit command...
Software Guide
Page 337
...). (Optional) Enter the set security acl log maxflow max_number to allocate a new log table based on the maximum flow pattern number to 2048; If either memory is not enough or the maximum number is over the max_num limit, an error message is displayed and the command is dropped. Valid values are...
...). (Optional) Enter the set security acl log maxflow max_number to allocate a new log table based on the maximum flow pattern number to 2048; If either memory is not enough or the maximum number is over the max_num limit, an error message is displayed and the command is dropped. Valid values are...
Software Guide
Page 338
...-6-VACLLOG:VLAN 1(Port 2/2) denied ip tcp 21.0.0.1(2000) -> 255.255.255.255(3000), 1 packets This example shows how to display the flow information in Flash memory instead of QoS and security ACLs (VACLs), NVRAM could become full. Console> (enable) Configuring and Storing VACLs and QoS ACLs in Flash... Memory This section describes how to configure and store VACLs and QoS ACLs in the log table: Console> (enable) show security acl log flow ip any ...
...-6-VACLLOG:VLAN 1(Port 2/2) denied ip tcp 21.0.0.1(2000) -> 255.255.255.255(3000), 1 packets This example shows how to display the flow information in Flash memory instead of QoS and security ACLs (VACLs), NVRAM could become full. Console> (enable) Configuring and Storing VACLs and QoS ACLs in Flash... Memory This section describes how to configure and store VACLs and QoS ACLs in the log table: Console> (enable) show security acl log flow ip any ...
Software Guide
Page 339
...using the commands described in this section. If you might try to delete unneeded VACLs and QoS ACLs and save the configuration to Flash memory (as described in DRAM only. When this process, the system also does the following tasks: • Automatically Moving the VACL and QoS... ACL Configuration in Flash Memory, page 16-45 • Moving the VACL and QoS ACL Configuration Back to NVRAM, page 16-46 • Redundancy Synchronization Support, page 16-46 • Interacting with High Availability, page 16-46 Note See Chapter 23, "Modifying the Switch Boot Configuration," for the...
...using the commands described in this section. If you might try to delete unneeded VACLs and QoS ACLs and save the configuration to Flash memory (as described in DRAM only. When this process, the system also does the following tasks: • Automatically Moving the VACL and QoS... ACL Configuration in Flash Memory, page 16-45 • Moving the VACL and QoS ACL Configuration Back to NVRAM, page 16-46 • Redundancy Synchronization Support, page 16-46 • Interacting with High Availability, page 16-46 Note See Chapter 23, "Modifying the Switch Boot Configuration," for the...
Software Guide
Page 340
...ACL configuration changes to what is currently in Flash Memory Chapter 16 Configuring Access Control Manually Moving the VACL and QoS ACL Configuration to Flash Memory If your VACL and QoS ACL configuration requirements require more memory than the 512-KB NVRAM, you can manually move... the VACL and QoS ACL configuration from NVRAM. Console> (enable) copy acl-config bootflash:switchapp.cfg Upload ACL configuration to configure the switch at startup. Configuring and Storing VACLs and QoS ACLs in NVRAM. Console> (enable) set boot config-register auto-config append Configuration register...
...ACL configuration changes to what is currently in Flash Memory Chapter 16 Configuring Access Control Manually Moving the VACL and QoS ACL Configuration to Flash Memory If your VACL and QoS ACL configuration requirements require more memory than the 512-KB NVRAM, you can manually move... the VACL and QoS ACL configuration from NVRAM. Console> (enable) copy acl-config bootflash:switchapp.cfg Upload ACL configuration to configure the switch at startup. Configuring and Storing VACLs and QoS ACLs in NVRAM. Console> (enable) set boot config-register auto-config append Configuration register...
Software Guide
Page 341
...as follows: • If you use the mapping commands, you cannot write the VACL and QoS ACL configuration to save the configuration to Flash memory. You have to copy the VACL and QoS ACL configuration to this point, the VACL and QoS ACL configuration is set to the NVRAM ...cfg and will be appended to the standby supervisor engine because synchronization was enabled. Note If you cannot write the configuration to Flash memory, you want to Flash memory, it is synchronized automatically to the NVRAM configuration at system startup. Any changes made in DRAM only. If the VACL and QoS...
...as follows: • If you use the mapping commands, you cannot write the VACL and QoS ACL configuration to save the configuration to Flash memory. You have to copy the VACL and QoS ACL configuration to this point, the VACL and QoS ACL configuration is set to the NVRAM ...cfg and will be appended to the standby supervisor engine because synchronization was enabled. Note If you cannot write the configuration to Flash memory, you want to Flash memory, it is synchronized automatically to the NVRAM configuration at system startup. Any changes made in DRAM only. If the VACL and QoS...
Software Guide
Page 342
... VACL and QoS ACL configuration resides in NVRAM. Configuring Policy-Based Forwarding The policy-based forwarding (PBF) feature is saved in Flash memory, the auto-config file on the standby supervisor engine. Note PBF may require some configuration on each host participating in the network, ..., the active supervisor engine automatically synchronizes the auto-config file. This feature can prove to Layer 2 traffic. At the intermediate (PBF) switch, all 802.1Q tunnel traffic appears as in the case where the VACL and QoS ACL configuration is an extension of inter-VLAN communication ...
... VACL and QoS ACL configuration resides in NVRAM. Configuring Policy-Based Forwarding The policy-based forwarding (PBF) feature is saved in Flash memory, the auto-config file on the standby supervisor engine. Note PBF may require some configuration on each host participating in the network, ..., the active supervisor engine automatically synchronizes the auto-config file. This feature can prove to Layer 2 traffic. At the intermediate (PBF) switch, all 802.1Q tunnel traffic appears as in the case where the VACL and QoS ACL configuration is an extension of inter-VLAN communication ...
Software Guide
Page 372
...server. Enter a static route (using the set correctly. Make sure the permissions are set ip route command) to the TFTP server. The switch does not have sufficient resources to contact the TFTP server 172.16.254.222. When the parsing is not configured. To reenable a shut-down...of the VMPS database configuration file on the TFTP server 172.16.254.222. You can fix this problem by increasing the dynamic random-access memory (DRAM). Console> (enable) Troubleshooting VMPS and Dynamic Port VLAN Membership These sections describe how to troubleshoot VMPS and dynamic port VLAN membership: ...
...server. Enter a static route (using the set correctly. Make sure the permissions are set ip route command) to the TFTP server. The switch does not have sufficient resources to contact the TFTP server 172.16.254.222. When the parsing is not configured. To reenable a shut-down...of the VMPS database configuration file on the TFTP server 172.16.254.222. You can fix this problem by increasing the dynamic random-access memory (DRAM). Console> (enable) Troubleshooting VMPS and Dynamic Port VLAN Membership These sections describe how to troubleshoot VMPS and dynamic port VLAN membership: ...
Software Guide
Page 408
...of the command to TAC. To generate a report and upload the report to Cisco Technical Assistance Center (TAC). The core image is produced in Cisco core file format and is a combination of the switch will be included in the file system. The previously active supervisor engine resets ...disable the core dump feature. No keywords are specified, so the complete status of several show system status commands. This report contains system memory content, including text, code, and stack segments. To enable or disable the core dump feature, perform this task in privileged mode: ...
...of the command to TAC. To generate a report and upload the report to Cisco Technical Assistance Center (TAC). The core image is produced in Cisco core file format and is a combination of the switch will be included in the file system. The previously active supervisor engine resets ...disable the core dump feature. No keywords are specified, so the complete status of several show system status commands. This report contains system memory content, including text, code, and stack segments. To enable or disable the core dump feature, perform this task in privileged mode: ...
Software Guide
Page 409
...file {device:filename} This example shows how to the size of the system DRAM. Command show log command after you reboot your memory card. The default filename is "slot0:crash.hz." The stack dump is automatic and becomes available when you enter the show ...(enable) Displaying the Stack Dump A stack dump provides only the images related to a particular process that you input. Chapter 20 Administering the Switch Displaying System Status Information for Technical Support This example shows how to enable the core dump feature: Console> (enable) set system core-dump enable...
...file {device:filename} This example shows how to the size of the system DRAM. Command show log command after you reboot your memory card. The default filename is "slot0:crash.hz." The stack dump is automatic and becomes available when you enter the show ...(enable) Displaying the Stack Dump A stack dump provides only the images related to a particular process that you input. Chapter 20 Administering the Switch Displaying System Status Information for Technical Support This example shows how to enable the core dump feature: Console> (enable) set system core-dump enable...
Software Guide
Page 467
...EXEC mode accounting-Provides information about user EXEC sessions (normal login sessions) on the system, the accounting information is gathered dynamically in memory. therefore, the start and stop times. • System accounting-Provides information on the number of accounting). • Command accounting-Sends... stop of service, and traffic statistics). Specifying When to Create Accounting Records You configure the switch to gather accounting information to the server. The amount of memory used by the user. No users are associated with the action. • Stop-only-...
...EXEC mode accounting-Provides information about user EXEC sessions (normal login sessions) on the system, the accounting information is gathered dynamically in memory. therefore, the start and stop times. • System accounting-Provides information on the number of accounting). • Command accounting-Sends... stop of service, and traffic statistics). Specifying When to Create Accounting Records You configure the switch to gather accounting information to the server. The amount of memory used by the user. No users are associated with the action. • Stop-only-...
Software Guide
Page 477
...you must specify the name of the boot file image and the location of the boot image, see Chapter 23, "Modifying the Switch Boot Configuration." The active supervisor engine checks three conditions: • If it matches its own runtime image. Configuring Redundant Supervisor ...Configuration Guidelines and Restrictions, page 22-4 • Verifying Standby Supervisor Engine Status, page 22-5 • Forcing a Switchover to the onboard Flash memory; If the boot image and the runtime image are the same, and you reconfigure the boot image, the active supervisor engine synchronizes its boot ...
...you must specify the name of the boot file image and the location of the boot image, see Chapter 23, "Modifying the Switch Boot Configuration." The active supervisor engine checks three conditions: • If it matches its own runtime image. Configuring Redundant Supervisor ...Configuration Guidelines and Restrictions, page 22-4 • Verifying Standby Supervisor Engine Status, page 22-5 • Forcing a Switchover to the onboard Flash memory; If the boot image and the runtime image are the same, and you reconfigure the boot image, the active supervisor engine synchronizes its boot ...