Software Guide
Page 33
... access the Cisco TAC website, go to this URL: http://www.cisco.com/tac All customers, partners, and resellers who have a valid Cisco service contract have a login ID or password, go to this URL: http://www.cisco.com/en/US/support/index.html If you can open a case online at this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml Before calling, please check with a P1 or P2 problem, a Cisco...
... access the Cisco TAC website, go to this URL: http://www.cisco.com/tac All customers, partners, and resellers who have a valid Cisco service contract have a login ID or password, go to this URL: http://www.cisco.com/en/US/support/index.html If you can open a case online at this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml Before calling, please check with a P1 or P2 problem, a Cisco...
Software Guide
Page 45
...with Telnet, use this command to remote devices, change terminal settings on a temporary basis, perform basic tests, and display system information. From the directly connected console or the virtual terminal used with a particular character sequence, type in those characters followed by entering a question mark (?). Chapter 2 Command-Line Interfaces MSFC Command-Line Interface Table 2-5 Frequently Used IOS Command Modes Mode User EXEC Privileged EXEC (enable) Global configuration Interface configuration Console configuration Description of Use How to Access Connect to access...
...with Telnet, use this command to remote devices, change terminal settings on a temporary basis, perform basic tests, and display system information. From the directly connected console or the virtual terminal used with a particular character sequence, type in those characters followed by entering a question mark (?). Chapter 2 Command-Line Interfaces MSFC Command-Line Interface Table 2-5 Frequently Used IOS Command Modes Mode User EXEC Privileged EXEC (enable) Global configuration Interface configuration Console configuration Description of Use How to Access Connect to access...
Software Guide
Page 47
Save the current configuration to configure routing. Command Router# show running-config Router# show interface command. Exit configuration mode. Command (Refer to bring up . Note In a redundant supervisor engine setup, if an interface on one MSFC is administratively shut down the matching interface on the redundant MSFC will stop forwarding packets. Command Router(config)# interface interface_type interface_num Router(config-if)# no shutdown Router(config-if)# Ctrl-Z 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 2-11 Therefore, you make...
Save the current configuration to configure routing. Command Router# show running-config Router# show interface command. Exit configuration mode. Command (Refer to bring up . Note In a redundant supervisor engine setup, if an interface on one MSFC is administratively shut down the matching interface on the redundant MSFC will stop forwarding packets. Command Router(config)# interface interface_type interface_num Router(config-if)# no shutdown Router(config-if)# Ctrl-Z 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 2-11 Therefore, you make...
Software Guide
Page 55
... SLIP interface configuration. Command clear ip route default gateway clear ip route all default gateways and static routes. Console> (enable) set ip route default 10.1.1.20 Route added. Caution You must use the console port for the console port. Use Telnet to access the switch, enter privileged mode, and enter the slip detach command to the switch CLI through the console port. When the SLIP connection is enabled and SLIP is attached on the switch. If you will lose the console port connection. Console> (enable) set ip route default 10.1.1.1 primary Route added. set...
... SLIP interface configuration. Command clear ip route default gateway clear ip route all default gateways and static routes. Console> (enable) set ip route default 10.1.1.20 Route added. Caution You must use the console port for the console port. Use Telnet to access the switch, enter privileged mode, and enter the slip detach command to the switch CLI through the console port. When the SLIP connection is enabled and SLIP is attached on the switch. If you will lose the console port connection. Console> (enable) set ip route default 10.1.1.1 primary Route added. set...
Software Guide
Page 60
... switch forwards frames from the address table. You cannot disable port negotiation with the set port negotiation command. Configure port negotiation with the port on which workstations or servers connect to the hub is removed from one port and disabled on the other). When the switch receives a frame for a specified number of seconds, it associates the MAC address of all ports of the same VLAN except the port that uses a significant level of bandwidth, the network performance...
... switch forwards frames from the address table. You cannot disable port negotiation with the set port negotiation command. Configure port negotiation with the port on which workstations or servers connect to the hub is removed from one port and disabled on the other). When the switch receives a frame for a specified number of seconds, it associates the MAC address of all ports of the same VLAN except the port that uses a significant level of bandwidth, the network performance...
Software Guide
Page 62
... port name is configured. Console> (enable) set port name 1/2 Server Link Port 1/2 name set port name mod/port [name_string] show port 1 Port Name Status Vlan Duplex Speed Type 1/1 Router Connection connected trunk full 1000 1000BaseSX 1/2 Server Link connected trunk full 1000 1000BaseSX Last-Time-Cleared Wed Jun 16 1999, 16:25:57 Console> (enable) Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 4-4 78-13315-02 Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching Setting the Port...
... port name is configured. Console> (enable) set port name 1/2 Server Link Port 1/2 name set port name mod/port [name_string] show port 1 Port Name Status Vlan Duplex Speed Type 1/1 Router Connection connected trunk full 1000 1000BaseSX 1/2 Server Link connected trunk full 1000 1000BaseSX Last-Time-Cleared Wed Jun 16 1999, 16:25:57 Console> (enable) Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 4-4 78-13315-02 Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching Setting the Port...
Software Guide
Page 66
... of a configuration loss, all ports collapse into a disable state and blocks the traffic flowing through the ports during the debouncing period. The clear config all ports into VLAN 1. To change the default port enable state from enabled to the enable state. Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching When you set to default configuration. This means it is stored on a per-port basis for Ethernet, Fast Ethernet, and Gigabit Ethernet ports. This situation might cause a security and network instability problem.
... of a configuration loss, all ports collapse into a disable state and blocks the traffic flowing through the ports during the debouncing period. The clear config all ports into VLAN 1. To change the default port enable state from enabled to the enable state. Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching When you set to default configuration. This means it is stored on a per-port basis for Ethernet, Fast Ethernet, and Gigabit Ethernet ports. This situation might cause a security and network instability problem.
Software Guide
Page 145
... mode begins blocking, it then goes through listening and 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 8-33 Reconfiguring the default parameters (specified by the 802.1D standard. See Table 8-5 for the nondefault parameters for active Instances 1-6. PortFast mode affects only the transition from disable (link down) to the forwarding state. If a port in a bridged network, the network reconfiguration is the maximum number...
... mode begins blocking, it then goes through listening and 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 8-33 Reconfiguring the default parameters (specified by the 802.1D standard. See Table 8-5 for the nondefault parameters for active Instances 1-6. PortFast mode affects only the transition from disable (link down) to the forwarding state. If a port in a bridged network, the network reconfiguration is the maximum number...
Software Guide
Page 171
... Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 10-1 This chapter consists of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. Note For complete information on the Catalyst 6000 family switches. You can use VTP to manage VLANs 1 to 1005 in your network. (Note that VTP does not support VLANs 1025 to 4094.) With VTP, you can result in a number of these...
... Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 10-1 This chapter consists of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. Note For complete information on the Catalyst 6000 family switches. You can use VTP to manage VLANs 1 to 1005 in your network. (Note that VTP does not support VLANs 1025 to 4094.) With VTP, you can result in a number of these...
Software Guide
Page 185
... the future. You cannot delete these VLANs, with the following exception: FlexWAN modules and routed ports automatically allocate a sequential block of VLANs for them. Configurable VLAN Parameters Whenever you create or modify VLANs 2-1005, you must allow the required number of internal VLANs starting at VLAN 1025. You can use this VLAN. Not currently used for N/A defaults in the future. 1002-1005 Reserved range Cisco defaults for Ethernet VLANs; you can map nonreserved...
... the future. You cannot delete these VLANs, with the following exception: FlexWAN modules and routed ports automatically allocate a sequential block of VLANs for them. Configurable VLAN Parameters Whenever you create or modify VLANs 2-1005, you must allow the required number of internal VLANs starting at VLAN 1025. You can use this VLAN. Not currently used for N/A defaults in the future. 1002-1005 Reserved range Cisco defaults for Ethernet VLANs; you can map nonreserved...
Software Guide
Page 217
... configure the Cisco Cache Engine software release 2.2 or later releases to all ARP requests for IP addresses within the subnet and forwards all Layer 3 interfaces/subinterfaces on that VLAN shut down , this feature with PFC2 supports this message is in the chassis with Release 12.1(2)E or later releases. Use this feature only on subnets where hosts are connected. Chapter 12 Configuring InterVLAN Routing Configuring InterVLAN Routing...
... configure the Cisco Cache Engine software release 2.2 or later releases to all ARP requests for IP addresses within the subnet and forwards all Layer 3 interfaces/subinterfaces on that VLAN shut down , this feature with PFC2 supports this message is in the chassis with Release 12.1(2)E or later releases. Use this feature only on subnets where hosts are connected. Chapter 12 Configuring InterVLAN Routing Configuring InterVLAN Routing...
Software Guide
Page 366
See the "Dynamic Port VLAN Membership with Auxiliary VLANs" section on the VMPS secure mode. When the link comes up, a dynamic port is no domain requests Default Configuration Disabled Null None vmps-config-database.1 Null Open Allow 18-2 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 If there is isolated from the first packet of ports, VMPS verifies the requesting port against this case, VMPS sends...
See the "Dynamic Port VLAN Membership with Auxiliary VLANs" section on the VMPS secure mode. When the link comes up, a dynamic port is no domain requests Default Configuration Disabled Null None vmps-config-database.1 Null Open Allow 18-2 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 If there is isolated from the first packet of ports, VMPS verifies the requesting port against this case, VMPS sends...
Software Guide
Page 414
... RADIUS Authentication Works RADIUS is a client-server based secret-key network authentication method that uses a trusted Kerberos server to verify secure access to both services and users. RADIUS uses UDP for more information about how the RADIUS protocol operates, refer to use Kerberos, passwords are not stored on the network in place of a client for a particular service. If you configure a key on the client, it receives from the network. 21-4 Catalyst 6000 Family Software Configuration Guide-Releases...
... RADIUS Authentication Works RADIUS is a client-server based secret-key network authentication method that uses a trusted Kerberos server to verify secure access to both services and users. RADIUS uses UDP for more information about how the RADIUS protocol operates, refer to use Kerberos, passwords are not stored on the network in place of a client for a particular service. If you configure a key on the client, it receives from the network. 21-4 Catalyst 6000 Family Software Configuration Guide-Releases...
Software Guide
Page 424
...) enabled(primary) Console> (enable) Setting the Login Password The login password controls access to the user mode CLI. Console> (enable) set authentication enable local enable local enable authentication set in privileged mode: Step 1 Step 2 Step 3 Task Command Enable local login authentication on the switch. Console> (enable) show authentication This example shows how to enable local login, how to enable authentication for console port or Telnet connection attempts. Enter the console or telnet keyword if you want to modify the default configuration or you have disabled local...
...) enabled(primary) Console> (enable) Setting the Login Password The login password controls access to the user mode CLI. Console> (enable) set authentication enable local enable local enable authentication set in privileged mode: Step 1 Step 2 Step 3 Task Command Enable local login authentication on the switch. Console> (enable) show authentication This example shows how to enable local login, how to enable authentication for console port or Telnet connection attempts. Enter the console or telnet keyword if you want to modify the default configuration or you have disabled local...
Software Guide
Page 446
... authentication fails, the application attempts to authenticate users using Kerberized Telnet. Configuring Authentication Chapter 21 Configuring Switch Access Using AAA This example shows how to delete an SRVTAB entry: kerberos> (enable) clear kerberos srvtab entry host/niners.cisco.com@CISCO.COM 0 kerberos> (enable) Enabling Credentials Forwarding A user authenticated to a Kerberized switch has a TGT and can use it , these users can configure the switch so that Kerberos clients are mandatory for users to authenticate to other network services: Console> (enable) set kerberos clients...
... authentication fails, the application attempts to authenticate users using Kerberized Telnet. Configuring Authentication Chapter 21 Configuring Switch Access Using AAA This example shows how to delete an SRVTAB entry: kerberos> (enable) clear kerberos srvtab entry host/niners.cisco.com@CISCO.COM 0 kerberos> (enable) Enabling Credentials Forwarding A user authenticated to a Kerberized switch has a TGT and can use it , these users can configure the switch so that Kerberos clients are mandatory for users to authenticate to other network services: Console> (enable) set kerberos clients...
Software Guide
Page 521
... configurations point to a valid image on both MSFCs is set the configuration registers to ignore these steps: Step 1 Step 2 Step 3 Enter the switch console command to gain access to the MSFC ROMMON prompt. Manually Booting the MSFC If the configuration register on Telnet sessions. Setting the MSFC Configuration Register For manual-mode MSFC redundancy, set the configuration registers as follows: Step 1 Step 2 From Cisco IOS configuration mode on the active MSFC (MSFC-15), perform the following: Router(config)#config-register 0x2102 Router(config)# From Cisco...
... configurations point to a valid image on both MSFCs is set the configuration registers to ignore these steps: Step 1 Step 2 Step 3 Enter the switch console command to gain access to the MSFC ROMMON prompt. Manually Booting the MSFC If the configuration register on Telnet sessions. Setting the MSFC Configuration Register For manual-mode MSFC redundancy, set the configuration registers as follows: Step 1 Step 2 From Cisco IOS configuration mode on the active MSFC (MSFC-15), perform the following: Router(config)#config-register 0x2102 Router(config)# From Cisco...
Software Guide
Page 565
... example, remote users can download an image from the telephone network to 38400 bps. You can download an image from a local computer, connect the console port (port mode switch in the in the "Command-Line Interfaces" chapter for more information about the ROM monitor. You can speed up the transfer by setting the console port speed to your modem and access the switch configuration settings. To download from Cisco.com. Chapter 25 Working with the active supervisor engine; therefore, after the download...
... example, remote users can download an image from the telephone network to 38400 bps. You can download an image from a local computer, connect the console port (port mode switch in the in the "Command-Line Interfaces" chapter for more information about the ROM monitor. You can speed up the transfer by setting the console port speed to your modem and access the switch configuration settings. To download from Cisco.com. Chapter 25 Working with the active supervisor engine; therefore, after the download...
Software Guide
Page 630
... a reset. When a secure port receives a packet, the source MAC address of the packet is configured for unicast addresses only. Note The set cam filter command, incoming traffic from that station. The shutdown mode option allows you configure MAC-1 as the secure MAC address on port 2/1 and MAC-2 as a secure MAC address on another port on the switch, the port in restrictive mode, and a station is connected to the port whose MAC address is sent only if you specify a MAC address filter with a specific source MAC address are...
... a reset. When a secure port receives a packet, the source MAC address of the packet is configured for unicast addresses only. Note The set cam filter command, incoming traffic from that station. The shutdown mode option allows you configure MAC-1 as the secure MAC address on port 2/1 and MAC-2 as a secure MAC address on another port on the switch, the port in restrictive mode, and a station is connected to the port whose MAC address is sent only if you specify a MAC address filter with a specific source MAC address are...
Software Guide
Page 728
...set for your network. Understanding How QoS Works Chapter 41 Configuring QoS Policing Rules You can create named policing rules that specify bandwidth utilization limits, which automatically sets the excess rate to the normal rate when the drop indicator flag is called "markdown"). Note By default, the markdown table is added...41-22 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 Alternatively, you can specify a dual rate aggregate policing rule with that of profile." For all flows that match any ACEs that use that no markdown occurs: the...
...set for your network. Understanding How QoS Works Chapter 41 Configuring QoS Policing Rules You can create named policing rules that specify bandwidth utilization limits, which automatically sets the excess rate to the normal rate when the drop indicator flag is called "markdown"). Note By default, the markdown table is added...41-22 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 Alternatively, you can specify a dual rate aggregate policing rule with that of profile." For all flows that match any ACEs that use that no markdown occurs: the...
Software Guide
Page 869
... 61 QoS untrusted port keyword 10 QoS VLAN-based or port-based 23, 32 QoS WRED drop thresholds 49 R RADIUS accounting configuration guidelines 60 creating records 57 disabling 61 enabling 60 events 57 example configuration 63 overview 56 servers, specifying 58 suppressing 59 updating the server 59 RADIUS authentication configuration guidelines 11 deadtime, setting 28 default configuration 10 disabling 30 enabling 25 key, clearing 29 key, specifying 24 overview 4 retransmit count, setting 27 servers clearing 29 specifying 24 servers, clearing 29 servers...
... 61 QoS untrusted port keyword 10 QoS VLAN-based or port-based 23, 32 QoS WRED drop thresholds 49 R RADIUS accounting configuration guidelines 60 creating records 57 disabling 61 enabling 60 events 57 example configuration 63 overview 56 servers, specifying 58 suppressing 59 updating the server 59 RADIUS authentication configuration guidelines 11 deadtime, setting 28 default configuration 10 disabling 30 enabling 25 key, clearing 29 key, specifying 24 overview 4 retransmit count, setting 27 servers clearing 29 specifying 24 servers, clearing 29 servers...