Software Guide
Page 24
...SNMP) on the switch. Configuring Unicast Flood Blocking Describes how to generate switch TopN reports on the switch. Using Switch TopN Reports Describes how to configure unicast flood blocking on the switch. Configuring RMON Describes how to configure protocol filtering on the switch. xxiv Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Configuring Protocol Filtering Describes how to configure Remote Monitoring (RMON) on Ethernet, Fast Ethernet, and Gigabit Ethernet ports. Configuring VLAN...
...SNMP) on the switch. Configuring Unicast Flood Blocking Describes how to generate switch TopN reports on the switch. Using Switch TopN Reports Describes how to configure unicast flood blocking on the switch. Configuring RMON Describes how to configure protocol filtering on the switch. xxiv Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Configuring Protocol Filtering Describes how to configure Remote Monitoring (RMON) on Ethernet, Fast Ethernet, and Gigabit Ethernet ports. Configuring VLAN...
Software Guide
Page 36
...). Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-2 78-15486-01 Make sure that the terminal is connected to change the configuration. If the switch is on , power up the switch. Use show commands to display the current configuration and to a specific module, port, or VLAN. Accessing the Switch CLI Chapter 2 Using the Command-Line Interface The Catalyst enterprise LAN switches are multi-module systems. Commands you enter from the CLI might apply to the entire system or to monitor the switch. Use clear commands (or...
...). Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-2 78-15486-01 Make sure that the terminal is connected to change the configuration. If the switch is on , power up the switch. Use show commands to display the current configuration and to a specific module, port, or VLAN. Accessing the Switch CLI Chapter 2 Using the Command-Line Interface The Catalyst enterprise LAN switches are multi-module systems. Commands you enter from the CLI might apply to the entire system or to monitor the switch. Use clear commands (or...
Software Guide
Page 37
... example shows how to use the telnet command to connect to the switch using Telnet, you must configure DNS properly on the switch and on your network name server in some cases, the default gateway) for system monitoring. Switch CLI Command Modes The switch CLI supports two modes of the switch. (You must first set the IP address (and in order to use normal-mode commands to monitor the switch or enter privileged mode to change the system configuration. Chapter 2 Using the Command-Line Interface Accessing the Switch CLI Accessing the CLI Through Telnet...
... example shows how to use the telnet command to connect to the switch using Telnet, you must configure DNS properly on the switch and on your network name server in some cases, the default gateway) for system monitoring. Switch CLI Command Modes The switch CLI supports two modes of the switch. (You must first set the IP address (and in order to use normal-mode commands to monitor the switch or enter privileged mode to change the system configuration. Chapter 2 Using the Command-Line Interface Accessing the Switch CLI Accessing the CLI Through Telnet...
Software Guide
Page 38
... ? Otherwise, enter the privileged-mode password for the switch. On a new switch, the normal-mode password is null. alias dns fragmentation http Set alias for more information, see the user-level command-line prompt. If you enter a command using Telnet (for IP Address Set DNS information Set IP fragmentation enable/disable Set IP HTTP server information Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-4 78-15486-01 Enter Password: Console> To disconnect from the switch CLI, enter the exit...
... ? Otherwise, enter the privileged-mode password for the switch. On a new switch, the normal-mode password is null. alias dns fragmentation http Set alias for more information, see the user-level command-line prompt. If you enter a command using Telnet (for IP Address Set DNS information Set IP fragmentation enable/disable Set IP HTTP server information Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 2-4 78-15486-01 Enter Password: Console> To disconnect from the switch CLI, enter the exit...
Software Guide
Page 52
... the switch CLI through the me1 interface: Console> (enable) show interface sl0: flags=50 slip 0.0.0.0 dest 0.0.0.0 sc0: flags=63 vlan 5 inet 172.20.52.38 netmask 255.255.255.240 broadcast 172.20.52.47 me1: flags=63 inet 10.1.1.100 netmask 255.255.255.0 broadcast 10.1.1.255 Console> (enable) set ip route default 172.20.52.33 Route added. Console> (enable) show interface slip attach Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release...
... the switch CLI through the me1 interface: Console> (enable) show interface sl0: flags=50 slip 0.0.0.0 dest 0.0.0.0 sc0: flags=63 vlan 5 inet 172.20.52.38 netmask 255.255.255.240 broadcast 172.20.52.47 me1: flags=63 inet 10.1.1.100 netmask 255.255.255.0 broadcast 10.1.1.255 Console> (enable) set ip route default 172.20.52.33 Route added. Console> (enable) show interface slip attach Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release...
Software Guide
Page 53
... and destination address set. Console> (enable) show module 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 3-9 network. Enter privileged mode on Console port. Escape character is necessary only if using the manual allocation method.) show interface sl0: flags=51 slip 10.1.1.1 dest 10.1.1.2 sc0: flags=63 vlan 522 inet 172.20.52.38 netmask 255.255.255.240 broadcast 172.20.52.7 me1: flags=62 inet 10.1.1.100 netmask...
... and destination address set. Console> (enable) show module 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 3-9 network. Enter privileged mode on Console port. Escape character is necessary only if using the manual allocation method.) show interface sl0: flags=51 slip 10.1.1.1 dest 10.1.1.2 sc0: flags=63 vlan 522 inet 172.20.52.38 netmask 255.255.255.240 broadcast 172.20.52.7 me1: flags=62 inet 10.1.1.100 netmask...
Software Guide
Page 78
... quality of service (QoS) configurations. • An EtherChannel will not form with different VLAN costs or VLAN configurations cannot form a channel. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-4 78-15486-01 Configuring ports in an EtherChannel in different trunk modes can adversely affect switch performance. • Ports with ports where the port security feature is preserved even if it to the auto or desirable mode with the set the EtherChannel mode for EtherChannel...
... quality of service (QoS) configurations. • An EtherChannel will not form with different VLAN costs or VLAN configurations cannot form a channel. Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 6-4 78-15486-01 Configuring ports in an EtherChannel in different trunk modes can adversely affect switch performance. • Ports with ports where the port security feature is preserved even if it to the auto or desirable mode with the set the EtherChannel mode for EtherChannel...
Software Guide
Page 260
...Configure ports on the VMPS client before setting dynamic ports. If you must configure VMPS on the switch to dynamic mode. show port Port Name Status Vlan Level Duplex Speed 1/1 connect trunk normal full 100 1/2 connect trunk normal half 100 2/1 connect dyn normal full 155 3/1 connect dyn-5 normal half 10 Type 100 BASE-TX 100 BASE-TX OC3 MMF ATM 10 BASE-T 12-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Console> (enable) set vmps server ip_addr Verify the VMPS server specification. Configuring...
...Configure ports on the VMPS client before setting dynamic ports. If you must configure VMPS on the switch to dynamic mode. show port Port Name Status Vlan Level Duplex Speed 1/1 connect trunk normal full 100 1/2 connect trunk normal half 100 2/1 connect dyn normal full 155 3/1 connect dyn-5 normal half 10 Type 100 BASE-TX 100 BASE-TX OC3 MMF ATM 10 BASE-T 12-8 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Console> (enable) set vmps server ip_addr Verify the VMPS server specification. Configuring...
Software Guide
Page 285
... forwarded only to ports that IP multicast traffic is described in IEEE 802.1p. A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can use CGMP, IGMP snooping, or GMRP to dynamically configure switch ports so that are associated with IP multicast hosts. This chapter consists of IP multicast traffic. Understanding Multicasting and Multicast Services Operation CGMP, IGMP snooping, and GMRP manage multicast traffic in this chapter, refer to the Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. CGMP and IGMP software...
... forwarded only to ports that IP multicast traffic is described in IEEE 802.1p. A CGMP/IGMP-capable IP multicast router sees all IGMP packets and can use CGMP, IGMP snooping, or GMRP to dynamically configure switch ports so that are associated with IP multicast hosts. This chapter consists of IP multicast traffic. Understanding Multicasting and Multicast Services Operation CGMP, IGMP snooping, and GMRP manage multicast traffic in this chapter, refer to the Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. CGMP and IGMP software...
Software Guide
Page 300
...CAM table. Console> (enable) set cam {static | permanent} multicast_mac CAM table. Configured Console> (enable) Configuring Multicast Groups To configure a multicast group manually, perform this task in privileged mode: Step 1 Step 2 Task Command Add one or more multicast MAC addresses to the set cam static 01-33-44-55-66-77 2/6-12 Static multicast entry added to CAM table. show multicast group CGMP enabled IGMP disabled 15-16 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Console> (enable) set cam static...
...CAM table. Console> (enable) set cam {static | permanent} multicast_mac CAM table. Configured Console> (enable) Configuring Multicast Groups To configure a multicast group manually, perform this task in privileged mode: Step 1 Step 2 Task Command Add one or more multicast MAC addresses to the set cam static 01-33-44-55-66-77 2/6-12 Static multicast entry added to CAM table. show multicast group CGMP enabled IGMP disabled 15-16 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 Console> (enable) set cam static...
Software Guide
Page 301
... shows how to configure IP multicast group profiles consisting of one of IP multicast addresses. The administrator associates these tasks in privileged mode: Task Disable a multicast group entry from the CAM table. These actions apply to IGMP packets, are configured on a per-switch-port basis, and are available to disable a manually configured multicast router port entry: Console> (enable) clear multicast router 2/12 Port 2/12 cleared from multicast router port list. Chapter 15 Configuring Multicast Services Filtering IGMP Traffic VLAN ---1 1 1 1 Dest MAC/Route Des 01-00-11-22...
... shows how to configure IP multicast group profiles consisting of one of IP multicast addresses. The administrator associates these tasks in privileged mode: Task Disable a multicast group entry from the CAM table. These actions apply to IGMP packets, are configured on a per-switch-port basis, and are available to disable a manually configured multicast router port entry: Console> (enable) clear multicast router 2/12 Port 2/12 cleared from multicast router port list. Chapter 15 Configuring Multicast Services Filtering IGMP Traffic VLAN ---1 1 1 1 Dest MAC/Route Des 01-00-11-22...
Software Guide
Page 378
...] ...] Verify the SNMP configuration. show snmp access-list These examples show snmp ifalias [ifIndex] 24-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 To specify and display an interface alias, perform this task in privileged mode: Step 1 Step 2 Task Specify an interface alias. Command set snmp access-list 2 172.20.60.7 mask 255.255.255.0 Access number 2 has been updated with 172.20.60.8 Console> (enable) Specifying and Displaying an Interface Alias You...
...] ...] Verify the SNMP configuration. show snmp access-list These examples show snmp ifalias [ifIndex] 24-10 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 78-15486-01 To specify and display an interface alias, perform this task in privileged mode: Step 1 Step 2 Task Specify an interface alias. Command set snmp access-list 2 172.20.60.7 mask 255.255.255.0 Access number 2 has been updated with 172.20.60.8 Console> (enable) Specifying and Displaying an Interface Alias You...
Software Guide
Page 382
... Configuring SNMP Configuring SNMPv3 from an NMS To configure SNMP from a Network Management System (NMS), refer to your NMS documentation (also see the "Using CiscoWorks2000" section on the SNMP commands that are supported by the Catalyst enterprise LAN switches, refer to the Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. For detailed information on page 24-17). set snmp group [-hex] {groupname} user [-hex] {username} {security-model v1 | v2 | v3} [volatile | nonvolatile] Configure the community table for notifications. set snmp...
... Configuring SNMP Configuring SNMPv3 from an NMS To configure SNMP from a Network Management System (NMS), refer to your NMS documentation (also see the "Using CiscoWorks2000" section on the SNMP commands that are supported by the Catalyst enterprise LAN switches, refer to the Catalyst 4500 Series, Catalyst 2948G, and Catalyst 2980G Switches Command Reference. For detailed information on page 24-17). set snmp group [-hex] {groupname} user [-hex] {username} {security-model v1 | v2 | v3} [volatile | nonvolatile] Configure the community table for notifications. set snmp...
Software Guide
Page 393
... traffic from the RSPAN source session with which it is removed from the source list for VSPAN sessions. • A VSPAN session is disabled if the Admin source VLANs list is empty. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 26-3 Any device that is used as a reflector port loses connectivity until the RSPAN source session is disabled. Spanning tree is automatically disabled on the WS-4232-L3 module...
... traffic from the RSPAN source session with which it is removed from the source list for VSPAN sessions. • A VSPAN session is disabled if the Admin source VLANs list is empty. 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 26-3 Any device that is used as a reflector port loses connectivity until the RSPAN source session is disabled. Spanning tree is automatically disabled on the WS-4232-L3 module...
Software Guide
Page 423
... power supply is installed, your switch continues to combined mode, the total available power is set the power budget to redundant mode. • The two power supplies must be the same type. • If you set to operate in combined mode. • When using combined mode in power supply bay (PS2). If you use power supplies with different types or wattages, the switch uses only one power supply is P + (P * ratio). • See Table 28-1 on the Catalyst 4500 Series Switches...
... power supply is installed, your switch continues to combined mode, the total available power is set the power budget to redundant mode. • The two power supplies must be the same type. • If you set to operate in combined mode. • When using combined mode in power supply bay (PS2). If you use power supplies with different types or wattages, the switch uses only one power supply is P + (P * ratio). • See Table 28-1 on the Catalyst 4500 Series Switches...
Software Guide
Page 446
... example, you to the switch. The following sections describe how the different authentication methods work if TACACS+ is 30 to individual usernames. If the user fails to zero (0) disables this function. setting the lockout time to authorize the password, the system delays any subsequent access from the CLI and SNMP with the set authentication login attempt command. (You would use the set authentication enable lockout command to set login limits for accessing enable mode.) The configurable...
... example, you to the switch. The following sections describe how the different authentication methods work if TACACS+ is 30 to individual usernames. If the user fails to zero (0) disables this function. setting the lockout time to authorize the password, the system delays any subsequent access from the CLI and SNMP with the set authentication login attempt command. (You would use the set authentication enable lockout command to set login limits for accessing enable mode.) The configurable...
Software Guide
Page 457
... password. To set in privileged mode: Task Command Set the login password for privileged mode. Enter your old password (press set enablepass Enter old password: Enter new password: Retype new password: Password changed . This example shows how to 30 characters, and use any printable ASCII characters, including a space. Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-13 Passwords are case sensitive, contain up to set the login password on the switch: Console> (enable) set password...
... password. To set in privileged mode: Task Command Set the login password for privileged mode. Enter your old password (press set enablepass Enter old password: Enter new password: Retype new password: Password changed . This example shows how to 30 characters, and use any printable ASCII characters, including a space. Console> (enable) 78-15486-01 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-13 Passwords are case sensitive, contain up to set the login password on the switch: Console> (enable) set password...
Software Guide
Page 459
...4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-15 Enter and confirm your old password, press Return. Creating a Local User Account Local user accounts and passwords must contain at least one alphabetic character. Enter privileged mode using the enable command. To create a local user account on the switch. Enter the set password or set localuser user username password pwd privilege privilege_level show localusers Local User Authentication: disabled Username Privilege Level --------- Console> (enable) show localusers This example...
...4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software Configuration Guide-Release 8.1 30-15 Enter and confirm your old password, press Return. Creating a Local User Account Local user accounts and passwords must contain at least one alphabetic character. Enter privileged mode using the enable command. To create a local user account on the switch. Enter the set password or set localuser user username password pwd privilege privilege_level show localusers Local User Authentication: disabled Username Privilege Level --------- Console> (enable) show localusers This example...
Software Guide
Page 480
... Forwarding To disable the credentials forwarding configuration, perform this task in privileged mode: Task Command Disable the credentials forwarding configuration. Configuring Authentication Chapter 30 Configuring Switch Access Using AAA As an additional layer of authentication for that network service. For example, Telnet prompts for a password. To configure clients to forward user credentials as they connect to other services on the network with Kerberized clients. clear kerberos credentials forward 30-36 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software...
... Forwarding To disable the credentials forwarding configuration, perform this task in privileged mode: Task Command Disable the credentials forwarding configuration. Configuring Authentication Chapter 30 Configuring Switch Access Using AAA As an additional layer of authentication for that network service. For example, Telnet prompts for a password. To configure clients to forward user credentials as they connect to other services on the network with Kerberized clients. clear kerberos credentials forward 30-36 Catalyst 4500 Series, Catalyst 2948G, Catalyst 2980G Switches Software...
Software Guide
Page 527
... example shows a complete TFTP download procedure of a supervisor engine software image: Console> (enable) show version command to the switch through Telnet, your Telnet session disconnects. cat4000.6-1-1.bin Flash device [bootflash]? Do you are connected to check the version of the code on page 3. When the switch reboots, enter the show version 1 Mod Port Model Serial # Versions 1 0 WS-X4012 JAB03130104 Hw : 1.5 Gsp: 6.1(1.4) Nmp: 6.1(0.104) Console> (enable) copy tftp flash IP address or name of remote host []? 172.20.52.3 Name of file...
... example shows a complete TFTP download procedure of a supervisor engine software image: Console> (enable) show version command to the switch through Telnet, your Telnet session disconnects. cat4000.6-1-1.bin Flash device [bootflash]? Do you are connected to check the version of the code on page 3. When the switch reboots, enter the show version 1 Mod Port Model Serial # Versions 1 0 WS-X4012 JAB03130104 Hw : 1.5 Gsp: 6.1(1.4) Nmp: 6.1(0.104) Console> (enable) copy tftp flash IP address or name of remote host []? 172.20.52.3 Name of file...