Software Guide
Page 28
... configure access control lists (ACLs). Working with Configuration Files Describes how to create, download, and upload switch configuration files. Configuring System Message Logging Describes how to configure VLANs on Ethernet, Fast Ethernet, and Gigabit Ethernet ports. Configuring VLANs Describes how to configure system message logging (syslog). Configuring NDE Describes how to configure Cisco Discovery Protocol (CDP). Checking Port Status and Connectivity Describes how to display information about modules and switch ports and how to download and upload system software...
... configure access control lists (ACLs). Working with Configuration Files Describes how to create, download, and upload switch configuration files. Configuring System Message Logging Describes how to configure VLANs on Ethernet, Fast Ethernet, and Gigabit Ethernet ports. Configuring VLANs Describes how to configure system message logging (syslog). Configuring NDE Describes how to configure Cisco Discovery Protocol (CDP). Checking Port Status and Connectivity Describes how to display information about modules and switch ports and how to download and upload system software...
Software Guide
Page 29
... Configuring the Switch Fabric Modules Chapter 44 Configuring a VoIP Network Description Describes how to configure accelerated server load balancing (ASLB). Describes how to configure secure port filtering. Describes how to configure Remote Monitoring (RMON). Describes how to configure the Switch Fabric Module. Related Documentation The following publications are available for the Catalyst 6000 family switches: • Catalyst 6000 Family Module Installation Guide • Catalyst 6000 Family Command Reference • ATM Software Configuration and Command Reference-Catalyst...
... Configuring the Switch Fabric Modules Chapter 44 Configuring a VoIP Network Description Describes how to configure accelerated server load balancing (ASLB). Describes how to configure secure port filtering. Describes how to configure Remote Monitoring (RMON). Describes how to configure the Switch Fabric Module. Related Documentation The following publications are available for the Catalyst 6000 family switches: • Catalyst 6000 Family Module Installation Guide • Catalyst 6000 Family Command Reference • ATM Software Configuration and Command Reference-Catalyst...
Software Guide
Page 33
... files. To obtain a directory of toll-free Cisco TAC telephone numbers for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). These classifications are a Cisco.com registered user, and you cannot resolve your network operations center to online tools, knowledge bases, and software. Network functionality is noticeably impaired, but do not have complete access to resolve P3 and P4 issues yourself, saving both cost and time...
... files. To obtain a directory of toll-free Cisco TAC telephone numbers for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). These classifications are a Cisco.com registered user, and you cannot resolve your network operations center to online tools, knowledge bases, and software. Network functionality is noticeably impaired, but do not have complete access to resolve P3 and P4 issues yourself, saving both cost and time...
Software Guide
Page 55
... interface Enable SLIP for the console port. Use Telnet to access the switch, enter privileged mode, and enter the slip detach command to the switch CLI through the console port. Console> (enable) set interface sl0 slip_addr dest_addr Verify the SLIP interface configuration. Console> (enable) set ip route default 10.1.1.10 Route added. enable Set the console port SLIP address and the destination address of these tasks in privileged mode: Task Clear an individual default gateway entry. slip attach 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases...
... interface Enable SLIP for the console port. Use Telnet to access the switch, enter privileged mode, and enter the slip detach command to the switch CLI through the console port. Console> (enable) set interface sl0 slip_addr dest_addr Verify the SLIP interface configuration. Console> (enable) set ip route default 10.1.1.10 Route added. enable Set the console port SLIP address and the destination address of these tasks in privileged mode: Task Clear an individual default gateway entry. slip attach 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases...
Software Guide
Page 57
... Automatic IP Configuration" section on the network. RARP server on page 3-2. The switch broadcasts DHCP and RARP requests only when the switch boots up. This example shows the switch broadcasting a DHCP request, receiving a DHCP offer, and configuring the IP address and other options (such as backup server. reset system When the switch reboots, confirm that there is a DHCP, BOOTP, or - This address is displayed under the MAC-Address(es) heading. (With DHCP, this...
... Automatic IP Configuration" section on the network. RARP server on page 3-2. The switch broadcasts DHCP and RARP requests only when the switch boots up. This example shows the switch broadcasting a DHCP request, receiving a DHCP offer, and configuring the IP address and other options (such as backup server. reset system When the switch reboots, confirm that there is a DHCP, BOOTP, or - This address is displayed under the MAC-Address(es) heading. (With DHCP, this...
Software Guide
Page 64
... port. Command set port flowcontrol 3/1 send on the Catalyst 6000 family switches use flow control to inhibit the transmission of time. other devices. The port does not send flow-control frames to flow-control requests. Supported only on Port 3/1 will send flowcontrol to send flow control Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 4-6 78-13315-02 To configure flow control, perform this task in privileged mode: Task Step 1 Set the flow-control parameters. Console> (enable) Configuring IEEE 802.3X Flow Control Gigabit Ethernet ports on Port...
... port. Command set port flowcontrol 3/1 send on the Catalyst 6000 family switches use flow control to inhibit the transmission of time. other devices. The port does not send flow-control frames to flow-control requests. Supported only on Port 3/1 will send flowcontrol to send flow control Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 4-6 78-13315-02 To configure flow control, perform this task in privileged mode: Task Step 1 Set the flow-control parameters. Console> (enable) Configuring IEEE 802.3X Flow Control Gigabit Ethernet ports on Port...
Software Guide
Page 171
... the Catalyst 6000 Family Command Reference publication. This chapter consists of these sections: • Understanding How VTP Works, page 10-1 • Default VTP Configuration, page 10-5 • VTP Configuration Guidelines, page 10-5 • Configuring VTP, page 10-6 Understanding How VTP Works VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of problems, such as duplicate VLAN names, incorrect VLAN-type specifications...
... the Catalyst 6000 Family Command Reference publication. This chapter consists of these sections: • Understanding How VTP Works, page 10-1 • Default VTP Configuration, page 10-5 • VTP Configuration Guidelines, page 10-5 • Configuring VTP, page 10-6 Understanding How VTP Works VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of problems, such as duplicate VLAN names, incorrect VLAN-type specifications...
Software Guide
Page 197
... Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 11-15 Note A two-way community VLAN can only connect an MSFC router. Chapter 11 Configuring VLANs Configuring Private VLANs In an Ethernet-switched environment, you can assign an individual VLAN and associated IP subnet to end points outside the VLAN itself. By incorporating these results: - For example, you can connect a nontrunk promiscuous port to the "server port" of a LocalDirector to remap a number...
... Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 11-15 Note A two-way community VLAN can only connect an MSFC router. Chapter 11 Configuring VLANs Configuring Private VLANs In an Ethernet-switched environment, you can assign an individual VLAN and associated IP subnet to end points outside the VLAN itself. By incorporating these results: - For example, you can connect a nontrunk promiscuous port to the "server port" of a LocalDirector to remap a number...
Software Guide
Page 412
.... Understanding How Local Authentication Works Local authentication uses locally configured login and enable passwords to zero (0) disables the login limit checking. However, when local authentication is disabled, if you might use local authentication for console connections and RADIUS authentication for Telnet connections. For example, you disable all other authentication methods, local authentication is reenabled automatically. If the user fails to successfully log in during the lockout time. The switch attempts local authentication only...
.... Understanding How Local Authentication Works Local authentication uses locally configured login and enable passwords to zero (0) disables the login limit checking. However, when local authentication is disabled, if you might use local authentication for console connections and RADIUS authentication for Telnet connections. For example, you disable all other authentication methods, local authentication is reenabled automatically. If the user fails to successfully log in during the lockout time. The switch attempts local authentication only...
Software Guide
Page 413
... enhanced version of a user or an entity. Chapter 21 Configuring Switch Access Using AAA Understanding How Authentication Works Understanding How TACACS+ Authentication Works TACACS+ controls access to network devices by exchanging Network Access Server (NAS) information between the TACACS+ server and the TACACS+ daemon on a network device. You can configure a TACACS+ key on the client and server. This header information identifies the packet type being sent (for server daemon response • Enable or disable...
... enhanced version of a user or an entity. Chapter 21 Configuring Switch Access Using AAA Understanding How Authentication Works Understanding How TACACS+ Authentication Works TACACS+ controls access to network devices by exchanging Network Access Server (NAS) information between the TACACS+ server and the TACACS+ daemon on a network device. You can configure a TACACS+ key on the client and server. This header information identifies the packet type being sent (for server daemon response • Enable or disable...
Software Guide
Page 414
... verify secure access to control enable access • Specify the IP addresses and UDP ports of the standard user password pair authentication mechanism if a service trusts the Kerberos server that issued the ticket. These tickets have a limited life span and can configure the following RADIUS parameters on the client, it receives from the network. 21-4 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 RADIUS uses UDP for...
... verify secure access to control enable access • Specify the IP addresses and UDP ports of the standard user password pair authentication mechanism if a service trusts the Kerberos server that issued the ticket. These tickets have a limited life span and can configure the following RADIUS parameters on the client, it receives from the network. 21-4 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 78-13315-02 RADIUS uses UDP for...
Software Guide
Page 425
... mode: Task Command Set the login password for access. You must reset the password after installing software release 5.4 to activate case sensitivity. Enter your old password (press Return on a switch with no password configured), enter your new password, and reenter your new password. set password This example shows how to set the login password on the switch: Console> (enable) set enablepass Enter old password: Enter new password: Retype new password: Password changed . Chapter 21 Configuring Switch Access Using AAA Configuring Authentication To set the login password...
... mode: Task Command Set the login password for access. You must reset the password after installing software release 5.4 to activate case sensitivity. Enter your old password (press Return on a switch with no password configured), enter your new password, and reenter your new password. set password This example shows how to set the login password on the switch: Console> (enable) set enablepass Enter old password: Enter new password: Retype new password: Password changed . Chapter 21 Configuring Switch Access Using AAA Configuring Authentication To set the login password...
Software Guide
Page 446
... Local Realm:CISCO.COM Kerberos server entries: Realm:CISCO.COM, Server:187.0.2.1, Port:750 Realm:CISCO.COM, Server:187.20.2.1, Port:750 Kerberos DomainRealm entries: Domain:cisco.com, Realm:CISCO.COM Kerberos Clients NOT Mandatory Kerberos Credentials Forwarding Enabled Kerberos Pre Authentication Method set to authenticate users using Kerberized Telnet. To enable credentials forwarding, configure the switch to forward user TGTs when they connect to other network services: Console> (enable) set kerberos clients mandatory Kerberos clients set to None Kerberos config key: Kerberos SRVTAB...
... Local Realm:CISCO.COM Kerberos server entries: Realm:CISCO.COM, Server:187.0.2.1, Port:750 Realm:CISCO.COM, Server:187.20.2.1, Port:750 Kerberos DomainRealm entries: Domain:cisco.com, Realm:CISCO.COM Kerberos Clients NOT Mandatory Kerberos Credentials Forwarding Enabled Kerberos Pre Authentication Method set to authenticate users using Kerberized Telnet. To enable credentials forwarding, configure the switch to forward user TGTs when they connect to other network services: Console> (enable) set kerberos clients mandatory Kerberos clients set to None Kerberos config key: Kerberos SRVTAB...
Software Guide
Page 650
... command-line interface (CLI), perform this task in privileged mode: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10 Step 11 Task Command Set the SNMP-Server EngineID set snmp engineid engineid name for the system default part, which maps community strings of previous versions of SNMP to SNMPv3. set snmp access [-hex] {groupname} {security-model v3} {noauthentication | authentication | privacy} [read -write-all} [community_string] Configure the community table for set snmp...
... command-line interface (CLI), perform this task in privileged mode: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10 Step 11 Task Command Set the SNMP-Server EngineID set snmp engineid engineid name for the system default part, which maps community strings of previous versions of SNMP to SNMPv3. set snmp access [-hex] {groupname} {security-model v3} {noauthentication | authentication | privacy} [read -write-all} [community_string] Configure the community table for set snmp...
Software Guide
Page 666
... can apply an output access control list (ACL) to RSPAN traffic to the destination switch through an uplink port that is connected to selectively filter specific flows. Tip You can distribute the source ports and the destination port across your network for use as CDP, DTP, and VTP. • To optimize bandwidth utilization in the connecting links, you can configure quality of service (QoS) parameters for example) and it is also...
... can apply an output access control list (ACL) to RSPAN traffic to the destination switch through an uplink port that is connected to selectively filter specific flows. Tip You can distribute the source ports and the destination port across your network for use as CDP, DTP, and VTP. • To optimize bandwidth utilization in the connecting links, you can configure quality of service (QoS) parameters for example) and it is also...
Software Guide
Page 681
... Router-Port Group Management Protocol (RGMP) on the Catalyst 6000 family switches: • Multicasting and Multicast Services Overview, page 40-2 • Understanding How IGMP Snooping Works, page 40-2 • Understanding How GMRP Works, page 40-4 • Understanding How RGMP Works, page 40-5 • Suppressing Multicast Traffic, page 40-5 • Nonreverse Path Forwarding Multicast Fast Drop, page 40-5 • Enabling Installation of Directly Connected Subnets, page 40-6 78-13315-02 Catalyst 6000 Family Software Configuration Guide...
... Router-Port Group Management Protocol (RGMP) on the Catalyst 6000 family switches: • Multicasting and Multicast Services Overview, page 40-2 • Understanding How IGMP Snooping Works, page 40-2 • Understanding How GMRP Works, page 40-4 • Understanding How RGMP Works, page 40-5 • Suppressing Multicast Traffic, page 40-5 • Nonreverse Path Forwarding Multicast Fast Drop, page 40-5 • Enabling Installation of Directly Connected Subnets, page 40-6 78-13315-02 Catalyst 6000 Family Software Configuration Guide...
Software Guide
Page 686
... service (QoS) does not support IGMP traffic when IGMP snooping is enabled globally by default. Note Quality of directly connected subnets is enabled. These sections describe how to view such FIB entries. According to the multicast protocol specification, the router needs to see the non-RPF packets for the group from being learned in the routing table, the (*,G) flows should remain completely hardware-switched flows. (subnet/mask, 224/4) entries installed in hardware. Router(config) # mls ip multicast connected...
... service (QoS) does not support IGMP traffic when IGMP snooping is enabled globally by default. Note Quality of directly connected subnets is enabled. These sections describe how to view such FIB entries. According to the multicast protocol specification, the router needs to see the non-RPF packets for the group from being learned in the routing table, the (*,G) flows should remain completely hardware-switched flows. (subnet/mask, 224/4) entries installed in hardware. Router(config) # mls ip multicast connected...
Software Guide
Page 701
...12 Port 2/12 cleared from multicast router port list. Command clear multicast router mod/port clear multicast router all manually configured multicast router ports. Console> (enable) 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 40-21 Step 1 Step 2 Task Command Add one of these tasks in privileged mode: Note With software release 6.3(2) and later releases, the maximum number of Entries = 4 Console> (enable) Clearing Multicast Router Ports To clear manually configured multicast router ports, perform one or more multicast MAC addresses to the set...
...12 Port 2/12 cleared from multicast router port list. Command clear multicast router mod/port clear multicast router all manually configured multicast router ports. Console> (enable) 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 40-21 Step 1 Step 2 Task Command Add one of these tasks in privileged mode: Note With software release 6.3(2) and later releases, the maximum number of Entries = 4 Console> (enable) Clearing Multicast Router Ports To clear manually configured multicast router ports, perform one or more multicast MAC addresses to the set...
Software Guide
Page 808
...Catalyst 6500 series switch, the traffic is sent over the switch fabric channel, delivering the best possible switching rate. Table 43-1 shows the switch modes used only when no nonfabric-enabled modules installed) Between fabric-enabled modules Truncated (when nonfabric-enabled modules are also installed) Between fabric-enabled and nonfabric-enabled modules Flow-through Between non-fabric-enabled modules Flow-through Configuring and Monitoring the Switch Fabric Module The Switch Fabric Module does not require any user configuration but supports a number of these modes: • Flow...
...Catalyst 6500 series switch, the traffic is sent over the switch fabric channel, delivering the best possible switching rate. Table 43-1 shows the switch modes used only when no nonfabric-enabled modules installed) Between fabric-enabled modules Truncated (when nonfabric-enabled modules are also installed) Between fabric-enabled and nonfabric-enabled modules Flow-through Between non-fabric-enabled modules Flow-through Configuring and Monitoring the Switch Fabric Module The Switch Fabric Module does not require any user configuration but supports a number of these modes: • Flow...
Software Guide
Page 838
....204 cisco.com Port 7/3 dhcp disabled. Command show port voice interface 5 Port DHCP MAC-Address IP-Address Subnet-Mask 5/1-24 disable 00-10-7b-00-13-ea 10.6.15.158 255.255.255.0 Port Call-Manager(s) DHCP-Server TFTP-Server Gateway 5/1-24 10.6.15.155 - 10.6.15.155 - Console> (enable) set port voice interface 7/4-6 dhcp enable vlan 3 Vlan 3 configuration successful Ports 7/4-6 DHCP enabled. Port DNS-Server(s) Domain 5/1-24 12.2.2.1* cisco.cisco.com 7.7.7.7 (*): Primary Console> (enable) 44-22 Catalyst 6000 Family Software Configuration Guide-Releases...
....204 cisco.com Port 7/3 dhcp disabled. Command show port voice interface 5 Port DHCP MAC-Address IP-Address Subnet-Mask 5/1-24 disable 00-10-7b-00-13-ea 10.6.15.158 255.255.255.0 Port Call-Manager(s) DHCP-Server TFTP-Server Gateway 5/1-24 10.6.15.155 - 10.6.15.155 - Console> (enable) set port voice interface 7/4-6 dhcp enable vlan 3 Vlan 3 configuration successful Ports 7/4-6 DHCP enabled. Port DNS-Server(s) Domain 5/1-24 12.2.2.1* cisco.cisco.com 7.7.7.7 (*): Primary Console> (enable) 44-22 Catalyst 6000 Family Software Configuration Guide-Releases...