Software Guide
Page 28
... switch. Configuring CDP Describes how to configure Multilayer Switching (MLS). Configuring InterVLAN Routing Describes how to check connectivity using the VLAN Management Policy Server (VMPS). Configuring MLS Describes how to configure Cisco Discovery Protocol (CDP). Working with the Flash file system. Administering the Switch Describes how to configure GARP VLAN Registration Protocol (GVRP) on the switch. Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 28 78-13315-02 Configuring Access Control Describes how to configure the spanning tree...
... switch. Configuring CDP Describes how to configure Multilayer Switching (MLS). Configuring InterVLAN Routing Describes how to check connectivity using the VLAN Management Policy Server (VMPS). Configuring MLS Describes how to configure Cisco Discovery Protocol (CDP). Working with the Flash file system. Administering the Switch Describes how to configure GARP VLAN Registration Protocol (GVRP) on the switch. Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 28 78-13315-02 Configuring Access Control Describes how to configure the spanning tree...
Software Guide
Page 29
... Using Switch TopN Reports Chapter 40 Configuring Multicast Services Chapter 41 Configuring QoS Chapter 42 Configuring ASLB Chapter 43 Configuring the Switch Fabric Modules Chapter 44 Configuring a VoIP Network Description Describes how to configure a Voice-over-IP (VoIP) network. Describes how to configure secure port filtering. Related Documentation The following publications are available for the Catalyst 6000 family switches: • Catalyst 6000 Family Module Installation Guide • Catalyst 6000 Family Command Reference • ATM Software Configuration and Command Reference...
... Using Switch TopN Reports Chapter 40 Configuring Multicast Services Chapter 41 Configuring QoS Chapter 42 Configuring ASLB Chapter 43 Configuring the Switch Fabric Modules Chapter 44 Configuring a VoIP Network Description Describes how to configure a Voice-over-IP (VoIP) network. Describes how to configure secure port filtering. Related Documentation The following publications are available for the Catalyst 6000 family switches: • Catalyst 6000 Family Module Installation Guide • Catalyst 6000 Family Command Reference • ATM Software Configuration and Command Reference...
Software Guide
Page 33
... impact to resolve P3 and P4 issues yourself, saving both cost and time. These classifications are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can describe the situation in your product serial number. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 33 Network functionality is degraded. If you have available your...
... impact to resolve P3 and P4 issues yourself, saving both cost and time. These classifications are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can describe the situation in your product serial number. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 33 Network functionality is degraded. If you have available your...
Software Guide
Page 55
... the Console Port To remove default gateway entries, perform one of the attached host. To enable and attach SLIP on the switch. Command clear ip route default gateway clear ip route all default gateways and static routes. set ip route default 10.1.1.1 primary Route added. Console> (enable) show interface Enable SLIP for point-to the switch CLI through the console port. slip attach 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 3-7 Caution You must use the console port for the SLIP connection. Clear all This example shows...
... the Console Port To remove default gateway entries, perform one of the attached host. To enable and attach SLIP on the switch. Command clear ip route default gateway clear ip route all default gateways and static routes. set ip route default 10.1.1.1 primary Route added. Console> (enable) show interface Enable SLIP for point-to the switch CLI through the console port. slip attach 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 3-7 Caution You must use the console port for the SLIP connection. Clear all This example shows...
Software Guide
Page 57
... DHCP, - This address is displayed under the MAC-Address(es) heading. (With DHCP, this step is necessary only if using the manual allocation method.) show module Add an entry for each switch in the MAC address range for module 1 (the supervisor engine). The switch broadcasts DHCP and RARP requests only when the switch boots up. reset system When the switch reboots, confirm that the sc0 show ip route default gateway address) are set interface sc0 0.0.0.0 Reset the switch. NTP server...
... DHCP, - This address is displayed under the MAC-Address(es) heading. (With DHCP, this step is necessary only if using the manual allocation method.) show module Add an entry for each switch in the MAC address range for module 1 (the supervisor engine). The switch broadcasts DHCP and RARP requests only when the switch boots up. reset system When the switch reboots, confirm that the sc0 show ip route default gateway address) are set interface sc0 0.0.0.0 Reset the switch. NTP server...
Software Guide
Page 64
Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching This example shows how to set the duplex mode to half duplex on ports. other devices. The port does not send flow-control frames to the neighboring port. Enter the set port flow control command to configure flow control on port 2/1: Console> (enable) set port duplex 2/1 half Port 2/1 set to half-duplex. All Ethernet ports (1000 Mbps, 100 Mbps, and 10 Mbps) can receive and act upon "pause" packets from other Ethernet ports use flow control to respond to delay ...
Setting the Port Configuration Chapter 4 Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching This example shows how to set the duplex mode to half duplex on ports. other devices. The port does not send flow-control frames to the neighboring port. Enter the set port flow control command to configure flow control on port 2/1: Console> (enable) set port duplex 2/1 half Port 2/1 set to half-duplex. All Ethernet ports (1000 Mbps, 100 Mbps, and 10 Mbps) can receive and act upon "pause" packets from other Ethernet ports use flow control to respond to delay ...
Software Guide
Page 171
... changes automatically communicated to all the other switches in the network. You can use VTP to manage VLANs 1 to 1005 in a number of VLANs on the Catalyst 6000 family switches. VTP minimizes misconfigurations and configuration inconsistencies that VTP does not support VLANs 1025 to the Catalyst 6000 Family Command Reference publication. These sections describe how VTP works: • Understanding the VTP Domain, page 10-2 • Understanding VTP Modes...
... changes automatically communicated to all the other switches in the network. You can use VTP to manage VLANs 1 to 1005 in a number of VLANs on the Catalyst 6000 family switches. VTP minimizes misconfigurations and configuration inconsistencies that VTP does not support VLANs 1025 to the Catalyst 6000 Family Command Reference publication. These sections describe how VTP works: • Understanding the VTP Domain, page 10-2 • Understanding VTP Modes...
Software Guide
Page 197
... guidelines to configure private VLANs: Note In this limitation. Access ports become host ports. - Chapter 11 Configuring VLANs Configuring Private VLANs In an Ethernet-switched environment, you can do the following: • Designate the server ports as isolated to prevent any interserver communication at Layer 2. • Designate the ports to which the default gateway(s), backup server, or LocalDirector are set VTP to transparent mode. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and...
... guidelines to configure private VLANs: Note In this limitation. Access ports become host ports. - Chapter 11 Configuring VLANs Configuring Private VLANs In an Ethernet-switched environment, you can do the following: • Designate the server ports as isolated to prevent any interserver communication at Layer 2. • Designate the ports to which the default gateway(s), backup server, or LocalDirector are set VTP to transparent mode. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and...
Software Guide
Page 199
...; In networks with the ranges employed by any change the isolated or community VLANs. - If you disable MISTP, any nonroot bridge. • BPDU guard mode is system wide and is enabled on others not using MAC address reduction, STP parameters do not necessarily propagate to ensure that the primary, isolated, and community VLANs' spanning tree topologies match. • If you enable MAC address reduction on a Catalyst 6000 series switch...
...; In networks with the ranges employed by any change the isolated or community VLANs. - If you disable MISTP, any nonroot bridge. • BPDU guard mode is system wide and is enabled on others not using MAC address reduction, STP parameters do not necessarily propagate to ensure that the primary, isolated, and community VLANs' spanning tree topologies match. • If you enable MAC address reduction on a Catalyst 6000 series switch...
Software Guide
Page 412
... console does not allow the user to log in during the lockout time. For example, you disable all other authentication methods fail. 21-2 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 If a user is locked out with one or more of the other authentication methods. By default, local authentication is 30 to the switch. However, you enable local authentication with a Telnet session, the connection...
... console does not allow the user to log in during the lockout time. For example, you disable all other authentication methods fail. 21-2 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 If a user is locked out with one or more of the other authentication methods. By default, local authentication is 30 to the switch. However, you enable local authentication with a Telnet session, the connection...
Software Guide
Page 413
...+ servers. A TACACS+ server can continue through multiple iterations until authentication either passed or failed. • Notifies the client that authentication will continue and that requires privileged access When you request privileged or restricted services, TACACS+ encrypts your user password information using the MD5 encryption algorithm and adds a TACACS+ packet header. Chapter 21 Configuring Switch Access Using AAA Understanding How Authentication Works Understanding How TACACS+ Authentication Works TACACS+ controls access...
...+ servers. A TACACS+ server can continue through multiple iterations until authentication either passed or failed. • Notifies the client that authentication will continue and that requires privileged access When you request privileged or restricted services, TACACS+ encrypts your user password information using the MD5 encryption algorithm and adds a TACACS+ packet header. Chapter 21 Configuring Switch Access Using AAA Understanding How Authentication Works Understanding How TACACS+ Authentication Works TACACS+ controls access...
Software Guide
Page 414
... users attempting to connect to control enable access • Specify the IP addresses and UDP ports of the RADIUS servers • Specify the RADIUS key used in clear text. When local authentication is used by default. You can configure the following RADIUS parameters on the network in place of a client for a particular service. Note For more RADIUS servers. You can configure a RADIUS key on any machine, other authentication methods at the same time. You can enable RADIUS...
... users attempting to connect to control enable access • Specify the IP addresses and UDP ports of the RADIUS servers • Specify the RADIUS key used in clear text. When local authentication is used by default. You can configure the following RADIUS parameters on the network in place of a client for a particular service. Note For more RADIUS servers. You can configure a RADIUS key on any machine, other authentication methods at the same time. You can enable RADIUS...
Software Guide
Page 425
... this task in privileged mode: Task Command Set the password for access. To set enablepass Enter old password: Enter new password: Retype new password: Password changed . If you disable local authentication and RADIUS or TACACS+ is not configured correctly, or if the RADIUS or TACACS+ server is configured and operating correctly before disabling local login or enable authentication. Console> (enable) Setting the Enable Password The login password controls access to the switch. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 21...
... this task in privileged mode: Task Command Set the password for access. To set enablepass Enter old password: Enter new password: Retype new password: Password changed . If you disable local authentication and RADIUS or TACACS+ is not configured correctly, or if the RADIUS or TACACS+ server is configured and operating correctly before disabling local login or enable authentication. Console> (enable) Setting the Enable Password The login password controls access to the switch. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 21...
Software Guide
Page 446
... Method set to mandatory Console> (enable) 21-36 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 As an additional layer of authentication for that Kerberos clients are mandatory for a password. To configure clients to forward user credentials as they authenticate from the switch to Kerberized remote hosts on the network. Command set kerberos credentials forward set kerberos clients mandatory This example shows how to configure clients to forward user credentials...
... Method set to mandatory Console> (enable) 21-36 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 As an additional layer of authentication for that Kerberos clients are mandatory for a password. To configure clients to forward user credentials as they authenticate from the switch to Kerberized remote hosts on the network. Command set kerberos credentials forward set kerberos clients mandatory This example shows how to configure clients to forward user credentials...
Software Guide
Page 650
... show snmp This example shows how to set a MIB view to interfacesMibView with a certain security model in the target address table. set snmp view [-hex] {viewname} {subtree} [mask] [included | excluded] [volatile | nonvolatile] Set the access rights for set to interfacesMibView: Console> (enable) set snmp view interfacesMibView 1.3.6.1.2.1.2 included Snmp view name was set snmp notify [-hex] {notifyname} tag [-hex] {notifytag} notifications. [trap | inform] [volatile | nonvolatile] Set the snmpTargetAddrEntry in different security levels. set snmp user [-hex] {username} [remote...
... show snmp This example shows how to set a MIB view to interfacesMibView with a certain security model in the target address table. set snmp view [-hex] {viewname} {subtree} [mask] [included | excluded] [volatile | nonvolatile] Set the access rights for set to interfacesMibView: Console> (enable) set snmp view interfacesMibView 1.3.6.1.2.1.2 included Snmp view name was set snmp notify [-hex] {notifyname} tag [-hex] {notifytag} notifications. [trap | inform] [volatile | nonvolatile] Set the snmpTargetAddrEntry in different security levels. set snmp user [-hex] {username} [remote...
Software Guide
Page 666
... output access control list (ACL) to RSPAN traffic to remote switches in each of the participating source, intermediate, or destination switches. 38-10 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 Tip You can distribute the source ports and the destination port across your network for example) and it is connected to the destination switch through an uplink port that is forwarded to selectively filter specific flows. The RSPAN VLAN is configured...
... output access control list (ACL) to RSPAN traffic to remote switches in each of the participating source, intermediate, or destination switches. 38-10 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 Tip You can distribute the source ports and the destination port across your network for example) and it is connected to the destination switch through an uplink port that is forwarded to selectively filter specific flows. The RSPAN VLAN is configured...
Software Guide
Page 681
... Path Forwarding Multicast Fast Drop, page 40-5 • Enabling Installation of these sections: • Understanding How Multicasting Works, page 40-1 • Configuring IGMP Snooping, page 40-6 • Configuring GMRP, page 40-12 • Configuring Multicast Router Ports and Group Entries, page 40-20 • Configuring RGMP, page 40-22 • Displaying Multicast Protocol Status, page 40-25 Understanding How Multicasting Works These sections describe how multicasting works on the Catalyst 6000 family switches. 40 C H A P T E R Configuring Multicast Services...
... Path Forwarding Multicast Fast Drop, page 40-5 • Enabling Installation of these sections: • Understanding How Multicasting Works, page 40-1 • Configuring IGMP Snooping, page 40-6 • Configuring GMRP, page 40-12 • Configuring Multicast Router Ports and Group Entries, page 40-20 • Configuring RGMP, page 40-22 • Displaying Multicast Protocol Status, page 40-25 Understanding How Multicasting Works These sections describe how multicasting works on the Catalyst 6000 family switches. 40 C H A P T E R Configuring Multicast Services...
Software Guide
Page 686
...; Displaying IGMP Snooping Statistics, page 40-11 40-6 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 Router(config) # mls ip multicast connected This example shows how to install directly connected subnets: Router(config)# mls ip multicast connected Router(config)# Configuring IGMP Snooping IGMP snooping allows switches to examine IGMP packets and make forwarding decisions based on the switch by default. To support the PIM assert mechanism, the PFC leaks a percentage of service (QoS) does not support IGMP traffic when IGMP snooping is enabled. To...
...; Displaying IGMP Snooping Statistics, page 40-11 40-6 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 Router(config) # mls ip multicast connected This example shows how to install directly connected subnets: Router(config)# mls ip multicast connected Router(config)# Configuring IGMP Snooping IGMP snooping allows switches to examine IGMP packets and make forwarding decisions based on the switch by default. To support the PIM assert mechanism, the PFC leaks a percentage of service (QoS) does not support IGMP traffic when IGMP snooping is enabled. To...
Software Guide
Page 701
... one or more multicast MAC addresses to clear a manually configured multicast router port entry: Console> (enable) clear multicast router 2/12 Port 2/12 cleared from multicast router port list. Command clear multicast router mod/port clear multicast router all manually configured multicast router ports. Console> (enable) 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 40-21 Step 1 Step 2 Task Command Add one of Layer 2 multicast entries is 15488. Console> (enable) show multicast group [mac_addr] [vlan_id] This example shows how to...
... one or more multicast MAC addresses to clear a manually configured multicast router port entry: Console> (enable) clear multicast router 2/12 Port 2/12 cleared from multicast router port list. Command clear multicast router mod/port clear multicast router all manually configured multicast router ports. Console> (enable) 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 40-21 Step 1 Step 2 Task Command Add one of Layer 2 multicast entries is 15488. Console> (enable) show multicast group [mac_addr] [vlan_id] This example shows how to...
Software Guide
Page 808
... series switch, the traffic is forwarded to or from modules in one of the frame) is sent over the switch fabric channel, delivering the best possible switching rate. This mode is used only when no nonfabric-enabled modules installed) Between fabric-enabled modules Truncated (when nonfabric-enabled modules are also installed) Between fabric-enabled and nonfabric-enabled modules Flow-through Between non-fabric-enabled modules Flow-through Configuring and Monitoring the Switch Fabric Module The Switch Fabric Module does not require any user configuration but supports a number...
... series switch, the traffic is forwarded to or from modules in one of the frame) is sent over the switch fabric channel, delivering the best possible switching rate. This mode is used only when no nonfabric-enabled modules installed) Between fabric-enabled modules Truncated (when nonfabric-enabled modules are also installed) Between fabric-enabled and nonfabric-enabled modules Flow-through Between non-fabric-enabled modules Flow-through Configuring and Monitoring the Switch Fabric Module The Switch Fabric Module does not require any user configuration but supports a number...