Software Guide
Page 28
... Card 2 (CEF for PFC2). Configuring Layer 3 Protocol Filtering Describes how to check connectivity using the VLAN Management Policy Server (VMPS). Configuring CEF for PFC2 Describes how to configure Network Time Protocol (NTP). Configuring Switch Access Using AAA Describes how to configure authentication, authorization, and accounting (AAA) to monitor and control access to install and configure redundant supervisor engines and MSFCs in the Catalyst 6000 family switches. Working with System Software Images Describes how to set the system name, create a login...
... Card 2 (CEF for PFC2). Configuring Layer 3 Protocol Filtering Describes how to check connectivity using the VLAN Management Policy Server (VMPS). Configuring CEF for PFC2 Describes how to configure Network Time Protocol (NTP). Configuring Switch Access Using AAA Describes how to configure authentication, authorization, and accounting (AAA) to monitor and control access to install and configure redundant supervisor engines and MSFCs in the Catalyst 6000 family switches. Working with System Software Images Describes how to set the system name, create a login...
Software Guide
Page 33
... issues by using the Cisco TAC website, you can describe the situation in your country, go to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml Before calling, please check with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case. If you have complete access to which your product serial number. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 33 Network functionality...
... issues by using the Cisco TAC website, you can describe the situation in your country, go to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml Before calling, please check with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case. If you have complete access to which your product serial number. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 33 Network functionality...
Software Guide
Page 45
.... Chapter 2 Command-Line Interfaces MSFC Command-Line Interface Table 2-5 Frequently Used IOS Command Modes Mode User EXEC Privileged EXEC (enable) Global configuration Interface configuration Console configuration Description of Use How to Access Connect to config t. Prompt Router> Router# Router(config)# Router(config-if)# Router(config-line)# The Cisco IOS command interpreter, called word help is called the EXEC, interprets and executes the commands you can get a list of available commands by the question mark (?). For example, you type exit, the switch backs out one...
.... Chapter 2 Command-Line Interfaces MSFC Command-Line Interface Table 2-5 Frequently Used IOS Command Modes Mode User EXEC Privileged EXEC (enable) Global configuration Interface configuration Console configuration Description of Use How to Access Connect to config t. Prompt Router> Router# Router(config)# Router(config-if)# Router(config-line)# The Cisco IOS command interpreter, called word help is called the EXEC, interprets and executes the commands you can get a list of available commands by the question mark (?). For example, you type exit, the switch backs out one...
Software Guide
Page 47
... VLAN interface on the redundant MSFC. Note In a redundant supervisor engine setup, if an interface on one MSFC is administratively shut down the matching interface on the redundant MSFC will stop forwarding packets. Command Router# show running-config Router# show interface command. To bring up an MSFC interface that is shut down . View the configuration in privileged mode: Step 1 Step 2 Step 3 Task Specify the interface to configure routing. Exit configuration mode. Save the current configuration to the appropriate configuration...
... VLAN interface on the redundant MSFC. Note In a redundant supervisor engine setup, if an interface on one MSFC is administratively shut down the matching interface on the redundant MSFC will stop forwarding packets. Command Router# show running-config Router# show interface command. To bring up an MSFC interface that is shut down . View the configuration in privileged mode: Step 1 Step 2 Step 3 Task Specify the interface to configure routing. Exit configuration mode. Save the current configuration to the appropriate configuration...
Software Guide
Page 55
... attach command, you are connected to the switch CLI through the console port. sc0 sc0 sc0 sc0 sl0 Configuring the SLIP (sl0) Interface on the Console Port To remove default gateway entries, perform one of the attached host. Clear all This example shows how to configure three default gateways on the console port, perform this task: Step 1 Step 2 Step 3 Step 4 Step 5 Task Command Access the switch from a remote host with Telnet. Chapter 3 Configuring the Switch IP Address and Default Gateway Configuring the SLIP (sl0) Interface on the Console Port Use...
... attach command, you are connected to the switch CLI through the console port. sc0 sc0 sc0 sc0 sl0 Configuring the SLIP (sl0) Interface on the Console Port To remove default gateway entries, perform one of the attached host. Clear all This example shows how to configure three default gateways on the console port, perform this task: Step 1 Step 2 Step 3 Step 4 Step 5 Task Command Access the switch from a remote host with Telnet. Chapter 3 Configuring the Switch IP Address and Default Gateway Configuring the SLIP (sl0) Interface on the Console Port Use...
Software Guide
Page 62
... Speed Type 1/1 Router Connection connected trunk full 1000 1000BaseSX 1/2 Server Link connected trunk full 1000 1000BaseSX Last-Time-Cleared Wed Jun 16 1999, 16:25:57 Console> (enable) Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 4-4 78-13315-02 Verify the port name is configured. Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching Setting the Port Configuration These sections describe how to facilitate switch administration. To set . Console> (enable) show port [mod[/port]] This example...
... Speed Type 1/1 Router Connection connected trunk full 1000 1000BaseSX 1/2 Server Link connected trunk full 1000 1000BaseSX Last-Time-Cleared Wed Jun 16 1999, 16:25:57 Console> (enable) Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 4-4 78-13315-02 Verify the port name is configured. Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching Setting the Port Configuration These sections describe how to facilitate switch administration. To set . Console> (enable) show port [mod[/port]] This example...
Software Guide
Page 66
..., and Gigabit Ethernet ports. This situation might cause a security and network instability problem. Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching When you set the port debounce timer, the switch delays notifying the main processor of a link change that can decrease traffic loss due to a network outage. Console> (enable) This example shows how to display the port enable state: Console> (enable) show config command shows the current default port status configuration. Catalyst 6000 Family Software Configuration Guide...
..., and Gigabit Ethernet ports. This situation might cause a security and network instability problem. Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching When you set the port debounce timer, the switch delays notifying the main processor of a link change that can decrease traffic loss due to a network outage. Console> (enable) This example shows how to display the port enable state: Console> (enable) show config command shows the current default port status configuration. Catalyst 6000 Family Software Configuration Guide...
Software Guide
Page 145
... forward delay set to Improve Convergence By lowering the values for the Hello Time, Forward Delay Timer, and Maximum Age Timer parameters on page 8-35. Reconfiguring the default parameters (specified by the 802.1D standard. If a port in a bridged network, the network reconfiguration is possible only if your network has LAN links of bridges between any two end stations. Console> (enable) Configuring a Root Switch to...
... forward delay set to Improve Convergence By lowering the values for the Hello Time, Forward Delay Timer, and Maximum Age Timer parameters on page 8-35. Reconfiguring the default parameters (specified by the 802.1D standard. If a port in a bridged network, the network reconfiguration is possible only if your network has LAN links of bridges between any two end stations. Console> (enable) Configuring a Root Switch to...
Software Guide
Page 171
... 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 10-1 VTP minimizes misconfigurations and configuration inconsistencies that can result in this chapter, refer to all the other switches in the network. Configuring VTP 10 C H A P T E R This chapter describes how to 1005 in your network. (Note that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. Note...
... 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 10-1 VTP minimizes misconfigurations and configuration inconsistencies that can result in this chapter, refer to all the other switches in the network. Configuring VTP 10 C H A P T E R This chapter describes how to 1005 in your network. (Note that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. Note...
Software Guide
Page 217
... Address Resolution Protocol (ARP) allows the MSFC to respond to ARP requests for IP addresses within the subnet and forwards all traffic between hosts in the subnet. Supervisor Engine 2 with PFC2 supports this feature: • WCCP Layer 2 redirection feature sets the IP flow mask to full-flow mode. • You can configure a directly connected Cache Engine to enable local proxy ARP on an interface. You can configure the Cisco Cache Engine software...
... Address Resolution Protocol (ARP) allows the MSFC to respond to ARP requests for IP addresses within the subnet and forwards all traffic between hosts in the subnet. Supervisor Engine 2 with PFC2 supports this feature: • WCCP Layer 2 redirection feature sets the IP flow mask to full-flow mode. • You can configure a directly connected Cache Engine to enable local proxy ARP on an interface. You can configure the Cisco Cache Engine software...
Software Guide
Page 366
... allowed on the port, the VLAN name is no domain requests Default Configuration Disabled Null None vmps-config-database.1 Null Open Allow 18-2 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 You can also make an explicit entry in the same VLAN. If there is returned to specific MAC addresses for security reasons by specifying a --NONE-- If VMPS is shut down on the VMPS secure mode setting...
... allowed on the port, the VLAN name is no domain requests Default Configuration Disabled Null None vmps-config-database.1 Null Open Allow 18-2 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 You can also make an explicit entry in the same VLAN. If there is returned to specific MAC addresses for security reasons by specifying a --NONE-- If VMPS is shut down on the VMPS secure mode setting...
Software Guide
Page 380
... Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 To apply configuration commands to see summary information on all of the ports on the switch ports using the show port command with no arguments. For more information, see the "Checking Module Status" section on that module only. Checking Port Status Chapter 19 Checking Port Status and Connectivity Console> (enable) show module Mod Slot Ports Module-Type Model Status 11 2 1000BaseX Supervisor WS-X6K-SUP1-2GE ok 2 2 24 100BaseFX MM Ethernet WS-X6224...
... Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 To apply configuration commands to see summary information on all of the ports on the switch ports using the show port command with no arguments. For more information, see the "Checking Module Status" section on that module only. Checking Port Status Chapter 19 Checking Port Status and Connectivity Console> (enable) show module Mod Slot Ports Module-Type Model Status 11 2 1000BaseX Supervisor WS-X6K-SUP1-2GE ok 2 2 24 100BaseFX MM Ethernet WS-X6224...
Software Guide
Page 404
... power requirements for your configuration. Table 20-2 Module Power Requirements Module Supervisor Engine 1: WS-X6K-SUP1A-2GE WS-X6K-SUP1-2GE Supervisor Engine 1 with PFC: WS-X6K-SUP1A-PFC Supervisor Engine 1 with PFC and MSFC: WS-X6K-SUP1A-MSFC Supervisor Engine 1 with PFC and MSFC2: WS-X6K-S1A-MSFC2 Supervisor Engine 2 with PFC2: WS-X6K-S2-PFC2 Supervisor Engine 2 with PFC2 and MSFC2: WS-X6K-S2-MSFC2 MSFC2 (spare): WS-F6K-MSFC2= Multilayer Switching Module: WS-X6302-MSM 24-Port 10BASE-FL: WS-X6024-10FL-MT Switch Fabric Modules: WS-C6500-SFM WS-X6500-SFM2 24-Port 100FX: WS...
... power requirements for your configuration. Table 20-2 Module Power Requirements Module Supervisor Engine 1: WS-X6K-SUP1A-2GE WS-X6K-SUP1-2GE Supervisor Engine 1 with PFC: WS-X6K-SUP1A-PFC Supervisor Engine 1 with PFC and MSFC: WS-X6K-SUP1A-MSFC Supervisor Engine 1 with PFC and MSFC2: WS-X6K-S1A-MSFC2 Supervisor Engine 2 with PFC2: WS-X6K-S2-PFC2 Supervisor Engine 2 with PFC2 and MSFC2: WS-X6K-S2-MSFC2 MSFC2 (spare): WS-F6K-MSFC2= Multilayer Switching Module: WS-X6302-MSM 24-Port 10BASE-FL: WS-X6024-10FL-MT Switch Fabric Modules: WS-C6500-SFM WS-X6500-SFM2 24-Port 100FX: WS...
Software Guide
Page 414
... RADIUS Authentication Works RADIUS is a client-server authentication and authorization access protocol used by default. You can configure a RADIUS key on the response it must be used in clear text. You can specify which method to a network device. When local authentication is disabled by the NAS to authenticate users attempting to connect to use first using the primary keyword. A ticket is used to both services and users. You can enable RADIUS...
... RADIUS Authentication Works RADIUS is a client-server authentication and authorization access protocol used by default. You can configure a RADIUS key on the response it must be used in clear text. You can specify which method to a network device. When local authentication is disabled by the NAS to authenticate users attempting to connect to use first using the primary keyword. A ticket is used to both services and users. You can enable RADIUS...
Software Guide
Page 424
... example shows how to enable local login, how to enable authentication for both console and Telnet connections by default. You must reset the password after installing software release 5.4 to the user mode CLI. Enter the console or telnet keyword if you want to modify the default configuration or you want to enable local authentication only for console port or Telnet connection attempts. Console> (enable) set authentication enable local enable local enable authentication set to enable for console and telnet session. Passwords are enabled for both console and Telnet connections...
... example shows how to enable local login, how to enable authentication for both console and Telnet connections by default. You must reset the password after installing software release 5.4 to the user mode CLI. Enter the console or telnet keyword if you want to modify the default configuration or you want to enable local authentication only for console port or Telnet connection attempts. Console> (enable) set authentication enable local enable local enable authentication set to enable for console and telnet session. Passwords are enabled for both console and Telnet connections...
Software Guide
Page 446
... forwarding, configure the switch to forward user TGTs when they connect to other network services: Console> (enable) set kerberos clients mandatory Kerberos clients set to None Kerberos config key: Kerberos SRVTAB Entries Srvtab Entry 1:host/aspen-niners.cisco.edu@CISCO.EDU 0 933974942 1 1 8 00?91:107:423=:;9 kerberos> (enable) This example shows how to configure the switch so that after authenticating to a host, the output will show kerberos Kerberos Local Realm:CISCO.COM Kerberos server...
... forwarding, configure the switch to forward user TGTs when they connect to other network services: Console> (enable) set kerberos clients mandatory Kerberos clients set to None Kerberos config key: Kerberos SRVTAB Entries Srvtab Entry 1:host/aspen-niners.cisco.edu@CISCO.EDU 0 933974942 1 1 8 00?91:107:423=:;9 kerberos> (enable) This example shows how to configure the switch so that after authenticating to a host, the output will show kerberos Kerberos Local Realm:CISCO.COM Kerberos server...
Software Guide
Page 479
... standby supervisor engine using the show module and show test commands: Console> (enable) show test [mod] This example shows how to 00-10-7b-bb-2e-ff Mod Sub-Type Sub-Model Sub-Serial Sub-Hw 2 L2 Switching Engine WS-F6020 SAD02350211 0.101 Console> (enable) 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 22-5 show module 2 Mod Slot Ports Module-Type Model Status 22 2 1000BaseX Supervisor WS-X6K-SUP1-2GE ok Mod Module-Name Serial-Num 2 SAD02330231 Mod MAC-Address(es...
... standby supervisor engine using the show module and show test commands: Console> (enable) show test [mod] This example shows how to 00-10-7b-bb-2e-ff Mod Sub-Type Sub-Model Sub-Serial Sub-Hw 2 L2 Switching Engine WS-F6020 SAD02350211 0.101 Console> (enable) 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 22-5 show module 2 Mod Slot Ports Module-Type Model Status 22 2 1000BaseX Supervisor WS-X6K-SUP1-2GE ok Mod Module-Name Serial-Num 2 SAD02330231 Mod MAC-Address(es...
Software Guide
Page 521
... switch console command to gain access to the supervisor engine prompt. Setting the MSFC Configuration Register For manual-mode MSFC redundancy, set to 0x0, then MSFC manual mode requires that the console port on the MSFC in ROM-monitor mode (MSFC-16), perform the following: Router(config)#config-register 0x0 Router(config)# Note We recommend that boot system commands in the show module command display issued from the supervisor engine. The switch console command is set the configuration registers as follows: Step 1 Step 2 From Cisco...
... switch console command to gain access to the supervisor engine prompt. Setting the MSFC Configuration Register For manual-mode MSFC redundancy, set to 0x0, then MSFC manual mode requires that the console port on the MSFC in ROM-monitor mode (MSFC-16), perform the following: Router(config)#config-register 0x0 Router(config)# Note We recommend that boot system commands in the show module command display issued from the supervisor engine. The switch console command is set the configuration registers as follows: Step 1 Step 2 From Cisco...
Software Guide
Page 665
... be different in different source switches, but is disabled on the RSPAN VLAN. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 38-9 Supervisor Engine 1, PFC, and Multilayer Switch Feature Card (MSFC): WS-X6K-SUP1A-MSFC - Chapter 38 Configuring SPAN and RSPAN Configuring RSPAN RSPAN Hardware Requirements RSPAN supervisor engine requirements are as follows: • For source switches-Catalyst 6000 family switch with any ports in the end-to...
... be different in different source switches, but is disabled on the RSPAN VLAN. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 38-9 Supervisor Engine 1, PFC, and Multilayer Switch Feature Card (MSFC): WS-X6K-SUP1A-MSFC - Chapter 38 Configuring SPAN and RSPAN Configuring RSPAN RSPAN Hardware Requirements RSPAN supervisor engine requirements are as follows: • For source switches-Catalyst 6000 family switch with any ports in the end-to...
Software Guide
Page 869
... 24 servers, clearing 29 servers, specifying 24 timeout, setting 27 RADIUS authorization disabling 55 enabling 55 RARP in-band (SC0) interface and 3 rate limiting for IGMP 8 rcp downloading configuration files 7 downloading supervisor engine images 10 downloading switching module images 10 uploading configuration files 8 receive queues See QoS receive queues redundancy overview 18 redundant synchronizing boot images 16 synchronizing runtime image with bootstring 14 redundant supervisor engine See supervisor engine, redundant 78-13315-02 Catalyst 6000 Family Software Configuration Guide...
... 24 servers, clearing 29 servers, specifying 24 timeout, setting 27 RADIUS authorization disabling 55 enabling 55 RARP in-band (SC0) interface and 3 rate limiting for IGMP 8 rcp downloading configuration files 7 downloading supervisor engine images 10 downloading switching module images 10 uploading configuration files 8 receive queues See QoS receive queues redundancy overview 18 redundant synchronizing boot images 16 synchronizing runtime image with bootstring 14 redundant supervisor engine See supervisor engine, redundant 78-13315-02 Catalyst 6000 Family Software Configuration Guide...