Software Guide
Page 327
...enable) set security acl ip IPACL2 deny host 172.20.3.2 before ACE number 2 in NVRAM (enter the editbuffer keyword to see the "Showing the Contents of the edit buffer: Console> (enable) show security acl info acl_name [editbuffer] command to see the current ACE listing stored in the VACL. ...progress. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 16-31 ACL IPACL1 is bits 3 through 2 as defined by RFC-791. This example shows how to create an ACE for IPACL2 to redirect IP traffic to port 3/1 from source address 172.20.3.2 and place...
...enable) set security acl ip IPACL2 deny host 172.20.3.2 before ACE number 2 in NVRAM (enter the editbuffer keyword to see the "Showing the Contents of the edit buffer: Console> (enable) show security acl info acl_name [editbuffer] command to see the current ACE listing stored in the VACL. ...progress. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 16-31 ACL IPACL1 is bits 3 through 2 as defined by RFC-791. This example shows how to create an ACE for IPACL2 to redirect IP traffic to port 3/1 from source address 172.20.3.2 and place...
Software Guide
Page 413
...+ encrypts your user password information using the MD5 encryption algorithm and adds a TACACS+ packet header. TACACS+ is disabled by RFC 1492. You can continue through multiple iterations until authentication either passed or failed. • Notifies the client that authentication will continue... instances: • When you configure a key on the switch, it does the following TACACS+ parameters on the switch: • Enable or disable TACACS+ authentication to determine if a user has permission to access the switch • Enable or disable TACACS+ authentication to determine if ...
...+ encrypts your user password information using the MD5 encryption algorithm and adds a TACACS+ packet header. TACACS+ is disabled by RFC 1492. You can continue through multiple iterations until authentication either passed or failed. • Notifies the client that authentication will continue... instances: • When you configure a key on the switch, it does the following TACACS+ parameters on the switch: • Enable or disable TACACS+ authentication to determine if a user has permission to access the switch • Enable or disable TACACS+ authentication to determine if ...
Software Guide
Page 414
...RADIUS uses UDP for a particular service. The key itself is called the key distribution center (KDC). You can specify which method to RFC 2138, "Remote Authentication Dial In User Service (RADIUS)." In Kerberos, this trusted server is never transmitted over the network. You can ... are not sent on the RADIUS servers. The KDC issues tickets to a network device. Understanding How Authentication Works Chapter 21 Configuring Switch Access Using AAA Understanding How RADIUS Authentication Works RADIUS is reenabled automatically. You can be the same as a client, passing user...
...RADIUS uses UDP for a particular service. The key itself is called the key distribution center (KDC). You can specify which method to RFC 2138, "Remote Authentication Dial In User Service (RADIUS)." In Kerberos, this trusted server is never transmitted over the network. You can ... are not sent on the RADIUS servers. The KDC issues tickets to a network device. Understanding How Authentication Works Chapter 21 Configuring Switch Access Using AAA Understanding How RADIUS Authentication Works RADIUS is reenabled automatically. You can be the same as a client, passing user...
Software Guide
Page 607
... chapter, refer to describe how many NTP hops away a machine is from a stratum 1 time server, and so on the Catalyst 6000 family switches. This chapter consists of these sections: • Understanding How NTP Works, page 31-1 • NTP Default Configuration, page 31-2 • Configuring...attached; NTP is configured to communicate with the lowest stratum number that is not synchronized itself. • NTP compares the time reported by the client switch. Configuring NTP 31 C H A P T E R This chapter describes how to configure the Network Time Protocol (NTP) on . NTP uses ...
... chapter, refer to describe how many NTP hops away a machine is from a stratum 1 time server, and so on the Catalyst 6000 family switches. This chapter consists of these sections: • Understanding How NTP Works, page 31-1 • NTP Default Configuration, page 31-2 • Configuring...attached; NTP is configured to communicate with the lowest stratum number that is not synchronized itself. • NTP compares the time reported by the client switch. Configuring NTP 31 C H A P T E R This chapter describes how to configure the Network Time Protocol (NTP) on . NTP uses ...
Software Guide
Page 610
...Broadcast client mode: disabled Broadcast delay: 3000 microseconds Client mode: enabled NTP-Server 172.16.52.65 Console> (enable) Configuring Authentication in RFC 1305. Console> (enable) set ntp key public_key [trusted | untrusted] md5 specify whether the key is documented in Client Mode Authentication can...To configure authentication, perform this task in advance (that can range from the server administrator and configure it on the switch, and verify the configuration: Console> (enable) set ntp authentication enable Verify the NTP configuration. When you enable the authentication feature,...
...Broadcast client mode: disabled Broadcast delay: 3000 microseconds Client mode: enabled NTP-Server 172.16.52.65 Console> (enable) Configuring Authentication in RFC 1305. Console> (enable) set ntp key public_key [trusted | untrusted] md5 specify whether the key is documented in Client Mode Authentication can...To configure authentication, perform this task in advance (that can range from the server administrator and configure it on the switch, and verify the configuration: Console> (enable) set ntp authentication enable Verify the NTP configuration. When you enable the authentication feature,...
Software Guide
Page 641
... object identifiers (OIDs) that can reside on SNMPv1. • Version 2 (SNMPv2c)-The second release of SNMP, described in RFC 2571, RFC 2572, RFC 2573, RFC 2574, and RFC 2575. Refer to manage network performance, find and solve network problems, and plan for more information on the local or remote ...SNMP Agents and SNMP Managers are three versions of SNMP: • Version 1 (SNMPv1)-This is the person on the Catalyst enterprise LAN switches for each view. There are no longer used. Unlike SNMPv1 and SNMPv2c, in each group; Users belonging to exceed 64 characters) for SNMPv1...
... object identifiers (OIDs) that can reside on SNMPv1. • Version 2 (SNMPv2c)-The second release of SNMP, described in RFC 2571, RFC 2572, RFC 2573, RFC 2574, and RFC 2575. Refer to manage network performance, find and solve network problems, and plan for more information on the local or remote ...SNMP Agents and SNMP Managers are three versions of SNMP: • Version 1 (SNMPv1)-This is the person on the Catalyst enterprise LAN switches for each view. There are no longer used. Unlike SNMPv1 and SNMPv2c, in each group; Users belonging to exceed 64 characters) for SNMPv1...
Software Guide
Page 647
... or Inform messages. • Notification receivers-Receive and process Trap or Inform messages. • Proxy forwarders-Forward messages between SNMP entities There are used in RFC 2274.
... or Inform messages. • Notification receivers-Receive and process Trap or Inform messages. • Proxy forwarders-Forward messages between SNMP entities There are used in RFC 2274.
Software Guide
Page 653
each alarm configured uses 1.3 KB of the RMON specification (see the "Supported RMON and RMON2 MIB Objects" section on the Catalyst 6000 family switches. UsrHistory (RMON2 group 18) - each additional bucket uses another 56 bytes) - Alarm (RMON group 3; Configuring RMON 37 C H A P T...RAM per port) - The supervisor engine software provides embedded support for the commands used in RFC 2021: - History (RMON group 2) for Ethernet, Fast Ethernet, Fast EtherChannel, and Gigabit Ethernet switch ports (uses 3 KB of supervisor engine RAM for Ethernet, Fast Ethernet, Fast EtherChannel,...
each alarm configured uses 1.3 KB of the RMON specification (see the "Supported RMON and RMON2 MIB Objects" section on the Catalyst 6000 family switches. UsrHistory (RMON2 group 18) - each additional bucket uses another 56 bytes) - Alarm (RMON group 3; Configuring RMON 37 C H A P T...RAM per port) - The supervisor engine software provides embedded support for the commands used in RFC 2021: - History (RMON group 2) for Ethernet, Fast Ethernet, Fast EtherChannel, and Gigabit Ethernet switch ports (uses 3 KB of supervisor engine RAM for Ethernet, Fast Ethernet, Fast EtherChannel,...
Software Guide
Page 654
... snmp rmon enable show snmp RMON: Enabled Extended RMON: Extended RMON module is not present Traps Enabled: Port,Module,Chassis,Bridge,Repeater,Vtp,Auth,ippermit,Vmps,config,entity,stpx Port Traps Enabled..., visit: http://www.cisco.com/en/US/docs/internetworking/technology/handbook/RMON.html Enabling RMON Note RMON is enabled. You cannot access RMON data through the switch CLI; Console> (enable...on the switch and how to RMON data is available only on a network management system (NMS) that supports RFC 1757 and RFC 2021 (see the "Using CiscoWorks2000" section on the switch. Supported...
... snmp rmon enable show snmp RMON: Enabled Extended RMON: Extended RMON module is not present Traps Enabled: Port,Module,Chassis,Bridge,Repeater,Vtp,Auth,ippermit,Vmps,config,entity,stpx Port Traps Enabled..., visit: http://www.cisco.com/en/US/docs/internetworking/technology/handbook/RMON.html Enabling RMON Note RMON is enabled. You cannot access RMON data through the switch CLI; Console> (enable...on the switch and how to RMON data is available only on a network management system (NMS) that supports RFC 1757 and RFC 2021 (see the "Using CiscoWorks2000" section on the switch. Supported...
Software Guide
Page 655
... packets, octets, broadcasts, errors, etc. ...mib-2(1).rmon(16).history(2).historyControlTable(1) ...mib-2(1).rmon(16).history(2).etherHistoryTable(2) RFC 1757 (RMON-MIB) RFC 1757 (RMON-MIB) Periodically samples and saves statistics group counters for later retrieval. ...mib-2(1).rmon(16).alarm(3) RFC 1757 (RMON-MIB) A threshold that can be set on critical RMON variables for network management...
... packets, octets, broadcasts, errors, etc. ...mib-2(1).rmon(16).history(2).historyControlTable(1) ...mib-2(1).rmon(16).history(2).etherHistoryTable(2) RFC 1757 (RMON-MIB) RFC 1757 (RMON-MIB) Periodically samples and saves statistics group counters for later retrieval. ...mib-2(1).rmon(16).alarm(3) RFC 1757 (RMON-MIB) A threshold that can be set on critical RMON variables for network management...
Software Guide
Page 682
...that IP multicast traffic is forwarded to the router. Subsequent reports for further processing. Switches can manage both the Cisco router and the switch. Note For more information on the Catalyst 6000 family switches by IGMP snooping or GMRP. IGMP snooping manages multicast traffic at Layer 2 on IP... multicast and IGMP, refer to RFC 1112. If a port is already enabled on a switch if GMRP is...
...that IP multicast traffic is forwarded to the router. Subsequent reports for further processing. Switches can manage both the Cisco router and the switch. Note For more information on the Catalyst 6000 family switches by IGMP snooping or GMRP. IGMP snooping manages multicast traffic at Layer 2 on IP... multicast and IGMP, refer to RFC 1112. If a port is already enabled on a switch if GMRP is...
Software Guide
Page 708
... zero for low priority and seven for traffic in the native VLAN. - Layer 2 class of traffic to be marked. • Marking, according to RFC 2475, is extended to include setting Layer 2 CoS values. 41-2 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 Layer 3 ... value, because DSCP values can carry either an IP precedence value or a DSCP value. IP traffic retains the Layer 3 value when it leaves the switch. QoS supports the use of setting a Layer 3 DSCP value in a packet; Understanding How QoS Works Chapter 41 Configuring QoS QoS sets Layer 2 ...
... zero for low priority and seven for traffic in the native VLAN. - Layer 2 class of traffic to be marked. • Marking, according to RFC 2475, is extended to include setting Layer 2 CoS values. 41-2 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 Layer 3 ... value, because DSCP values can carry either an IP precedence value or a DSCP value. IP traffic retains the Layer 3 value when it leaves the switch. QoS supports the use of setting a Layer 3 DSCP value in a packet; Understanding How QoS Works Chapter 41 Configuring QoS QoS sets Layer 2 ...
Software Guide
Page 789
... 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 42-9 If the servers in your ASLB configuration need to follow RFC 1918 for privacy, use the following as follows (the virtual-IP address in this example is 171.1.1.200): Routers 171.1.1.1 Alias 10.1.1.1 ... the virtual-IP address other than server IP network addresses. • Ensure that the routers are on the backup LocalDirector to the switch and specify the server and router configuration using the set lda server and set lda router commands. Backup LocalDirector Configuration (Optional) Connect...
... 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 42-9 If the servers in your ASLB configuration need to follow RFC 1918 for privacy, use the following as follows (the virtual-IP address in this example is 171.1.1.200): Routers 171.1.1.1 Alias 10.1.1.1 ... the virtual-IP address other than server IP network addresses. • Ensure that the routers are on the backup LocalDirector to the switch and specify the server and router configuration using the set lda server and set lda router commands. Backup LocalDirector Configuration (Optional) Connect...