|
|
Use the set password command to change the login password on the CLI.
set passwordThis command has no arguments or keywords.
The default configuration has no password configured.
Switch command.
Privileged.
The command prompts you for the old password. If the password you enter is valid, you are prompted to enter a new password and to verify the new password. A zero-length password is allowed by pressing Return.
This example shows how to set an initial password:
Console> (enable) set password Enter old password: <old_password> Enter new password: <new_password> Retype new password: <new_password> Password changed. Console> (enable)
Use the set port broadcast command to set the broadcast/multicast suppression for one or more ports. The broadcast threshold limits the backplane traffic received from the module.
set port broadcast mod_num/port_num threshold[%]
mod _num | Number of the module. |
port_num | Number of the port. |
threshold | Number of packets-per-second of broadcast/multicast traffic allowed on the port or the percentage of total available bandwidth that can be used by broadcast/multicast traffic. |
% | (Optional) Keyword used if threshold is expressed as a percentage of total available bandwidth that can be used by broadcast/multicast traffic. |
The default value for the threshold is 100 percent.
Switch command.
Privileged.
Although bandwidth-based broadcast/multicast suppression applies to all ports on a module, you must still specify a port number according to the syntax rules of the set port broadcast mod_num/port_num threshold [%] command. For example, if you specify port 3 on module 4 (4/3), broadcast/multicast suppression is applied to every port on module 4. You can specify any port number between 1 and 24.
Only the Ethernet switching module (10BaseT 48 port, Telco, WS-X5012) supports bandwidth-based broadcast/multicast suppression on a per-port basis.
This command is not supported by the RSM.
On a Token Ring module, uplink ports connect to different switching buses, so the software/firmware knows which SAMBA to set. This is different from other modules with SAMBA, where set applies to all ports, and the SAMBA of switching bus A (to which SAGE inband link is connected) cannot be set for broadcast suppression.
The packets-per-second option is not supported by the 1000BaseX switching module.
This example shows how to limit broadcast traffic to 500 packets per second on ports 2/1 through 3/24:
Console> (enable) set port broadcast 2/1-3/24 500
Ports 2/1-3/24 broadcast traffic limited to 500 packets.
Console> (enable)
This example shows how to limit broadcast traffic to 20 percent to all ports on module 4 (see "Usage Guidelines" for more information):
Console> (enable)set port broadcast 4/3 20%Port 4/1-24 broadcast traffic limited to 20%.Console> (enable)
This example shows how to allow unlimited broadcast traffic to all ports on module 4 (see "Usage Guidelines" for more information):
Console> (enable)set port broadcast 4/3 100%Port 4/1-24 broadcast traffic unlimited.Console> (enable)
Use the set port channel command to enable or disable Fast EtherChannel on Fast Ethernet module ports.
set port channel [port_list] {on | off | desirable | auto}
port_list | [Optional] Module and ports to bundle. Enter the port_list in the following format: mod_num/port/num. |
on | Keyword to enable and force Fast EtherChannel for the specified module ports. |
off | Keyword to disable Fast EtherChannel for the specified module ports. |
desirable | Keyword to set Fast EtherChannel mode to desirable for the specified module ports. |
auto | Keyword to set Fast EtherChannel mode to auto for the specified module ports. |
The default system configuration has Fast EtherChannel set to auto on all module ports.
Switch command.
Privileged.
Make sure that all ports in the channel are configured with the same port speed, duplex mode, and so forth. For more information on Fast EtherChannel, refer to the "Configuring Ethernet and Fast Ethernet Switching Modules" chapter in the Catalyst 5000 Series Software Configuration Guide.
Disable the port security feature on the channeled ports (see the set port security command). If you enable port security for a channeled port, the port shuts down when it receives packets with source addresses that do not match the secure address of the port.
This command is not supported by the RSM.
This command is not supported by the three-port Gigabit Ethernet switching module (WS-X5403).
On the 1000Base-X switching module (WS-X5410), only ports 1 through 4 and 5 through 8 can be channeled. Port 9 cannot be channeled to other ports.
This example shows how to enable Fast EtherChannel on ports 5-8 of Fast Ethernet module 2:
Console> (enable) set port channel 2/5-8 on Ports 2/5-8 channel mode set to on. Console> (enable)
This example shows how to disable Fast EtherChannel on ports 5-8 of Fast Ethernet module 2:
Console> (enable) set port channel 2/5-8 off Ports 2/5-8 disabled and channel mode set to off. Console> (enable)
Use the set port disable command to disable a port or a range of ports.
set port disable mod_num/port_num
mod _num | Number of the module. |
port_num | Number of the port. |
The default system configuration has all ports enabled.
Switch command.
Privileged.
This command is not supported by the RSM.
This example shows how to disable a port using the set port disable command:
Console> (enable) set port disable 5/10 Port 5/10 disabled. Console> (enable)
Use the set port duplex command to configure the duplex type of an Ethernet or Fast Ethernet port or range of ports.
set port duplex mod_num/port_num {full | half | auto}
mod_num | Number of the module. |
port_num | Number of the port. |
full | Keyword to specify full-duplex transmission. |
half | Keyword to specify half-duplex transmission. |
auto | Keyword to specify auto transmission. |
The default configuration for 10-Mbps and 100-Mbps modules has all Ethernet ports set to half duplex. The default configuration for 10/100-Mbps Fast Ethernet modules has all ports set to auto.
Switch command.
Privileged.
You can configure Ethernet and Fast Ethernet interfaces to either full duplex or half duplex. When a port is in autosensing mode, both its speed and duplex are determined by autosensing. An error message like the following is generated if you attempt to set the transmission type of autosensing Fast Ethernet ports to half- or full-duplex mode:
Console> (enable) set port duplex 2/1 full (1 port - failed)
Port 2/1 is in auto-sensing mode. Console> (enable)
The set port duplex command is not valid on the 48-port module or the RSM.
The set port duplex command is not valid when issued against a Token Ring port. Use the set tokenring portmode command instead. If you enter a set port duplex command, you are directed to use the proper command.
The three-port Gigabit Ethernet switching module (WS-X5403) can only be configured as full duplex.
This example shows how to set port 1 on module 2 to full duplex:
Console> (enable) set port duplex 2/1 full Port 2/1 set to full-duplex. Console> (enable)
This example shows what the set port duplex command displays if entered against a Token Ring port:
Console> (enable) set port duplex 3/1 full Port 3/1 is Token Ring, use `set tokenring portmode' command instead Console> (enable)
Use the set port enable command to enable a port or a range of ports.
set port enable mod_num/port_num
mod _num | Number of the module. |
port_num | Number of the port. |
The default system configuration has all ports enabled.
Switch command.
Privileged.
This command is not supported on the RSM.
This example shows how to enable port 3 on module 2:
Console> (enable) set port enable 2/3 Port 2/3 enabled. Console> (enable)
Use the set port filter command to configure a MAC address filter or a protocol filter for ports on the Token Ring module.
set port filter mod_num/port_num {mac_addr | protocol_type} {permit | deny}
mod_num | Number of the module. |
port_num | Number of the port on the module. |
mac_addr | MAC address contained in the packets to be filtered. You can enter this address in canonical format (00-11-33-44-55) or noncanonical format (00:11:22:33:44:55). |
protocol_type | Protocol type that you want to filter. For a list of the protocol types that you can filter, see Table 2-7 through Table 2-9. |
permit | Keyword to specify that the filter can permit packets with the specified MAC address or protocol type. |
deny | Keyword to specify that the filter can deny packets with the specified MAC address or protocol type. |
The command has no default setting.
Switch command.
Privileged.
You can configure up to 16 MAC address filters or 16 protocol (eight SAPs and eight DSAPs) filters per port on the Token Ring module. Refer to Table 2-7 through Table 2-9 for lists of SAPs and Ethertypes that you can use when defining protocol filters.
Table 2-7 and Table 2-8 list the SAPs that you can use to define protocol classes.
| Hexadecimal Value | Description |
|---|---|
X'02' | LLC Sublayer Management |
X'06' | DoD Internet |
X'x6' | National Standards Bodies |
X'0E' | Proway Network Management |
X'4E' | Manufacturing Message Service |
X'7E' | ISO 8208 |
X'8E' | Proway Active Station List Maintenance |
X'FE' | OSI Network Layer Protocols |
X'42' | Bridge Spanning-Tree Protocol |
| Hexadecimal Value | Description |
|---|---|
X'04' | SNA Path Control Individual |
X'F0' | NetBIOS |
X'F4' | LAN Management Individual |
X'F8' | IMPL |
X'FC' | Discovery |
X'DC' | Dynamic Address Resolution |
X'D4' | Resource Management |
Table 2-9 lists the possible Ethertypes that you can use to define protocol filters.
| Hexadecimal Value | Description |
|---|---|
X'0000' through X'05DC' | IEEE 802.3 |
X'0600' | Xerox XNS IDP |
X'0800' | DoD IP |
X'0801' | X.75 Internet |
X'0802' | NBS Internet |
X'0803' | ECMA Internet |
X'0804' | CHAOSnet |
X'0805' | X.25 Level 3 |
X'0806' | ARP (for IP and CHAOS) |
X'6001' | DEC MOP Dump/Load Assistance |
X'6002' | DEC MOP Remote Console |
X'6003' | DEC DECnet Phase IV |
X'6004' | DEC LAT |
X'6005' | DEC DECnet Diagnostics |
X'6010' through X'6014' | 3Com Corporation |
X'7000' through X'7002' | Ungermann-Bass download |
X'7030' | Proteon |
X'7034' | Cabletron |
X'8035' | Reverse ARP |
X'8046' through X'8047' | AT&T |
X'8088' through X'808A' | Xyplex |
X'809B' | Kinetics Ethertalk (Appletalk over Ethernet) |
X'80C0' through X'80C3' | Digital Communications Associates |
X'80D5' | IBM SNA Services over Ethernet |
X'80F2' | Retix |
X'80F3' through X'80F5' | Kinetics |
X'80F7' | Apollo Computer |
X'80FF' through X'8103' | Wellfleet Communications |
X'8137' through X'8138' | Novell |
This example shows how to configure a port filter on port 2 MAC address 00:40:0b:01:bc:65 of module 3:
Console> (enable) set port filter 3/2 00:40:0b:01:bc:65 permit Port 3/2 filter Mac Address 00:40:0b:01:bc:65 set to permit. Console> (enable)
clear port filter
show port filter
Use the set port flowcontrol command to set the receive flow-control value for a particular Gigabit EtherChannel switching module port.
set port flowcontrol {receive | send} [mod_num/port_num] {off | on | desired}
receive | Keyword to indicate whether the port can receive administrative status from a remote device. |
send | Keyword to indicate whether the local port can send administrative status to a remote device. |
mod_num | (Optional) Number of the module. |
port_num | (Optional) Number of the port on the module. |
off | Keyword, when used with receive, to turn off an attached device's ability to send flow-control packets to a local port. When used with send, turns off the local port's ability to send administrative status to a remote device. |
on | Keyword, when used with receive, to require that a local port receive administrative status from a remote device. When used with send, the local port sends administrative status to a remote device. |
desired | Keyword, when used with receive, to allow a local port to operate with an attached device that is required to send flow-control packets, or with an attached device that is not required to but may send flow-control packets. When used with send, the local port sends administrative status to a remote device if the remote device supports it. |
Default for receive is off. Default for send is desired.
Switch command.
Privileged.
This command is not supported for the RSM.
This command is supported on Gigabit EtherChannel switching modules only.
These examples show how to use the set port flowcontrol command set:
Console> (enable) set port flowcontrol receive 5/1 on Port 5/1 flow control receive administration status set to on (port will require far end to send flowcontrol) Console> (enable) Console> (enable) set port flowcontrol receive 5/1 desired Port 5/1 flow control receive administration status set to desired (port will allow far end to send flowcontrol if far end supports it) Console> (enable) Console> (enable) set port flowcontrol receive 5/1 off Port 5/1 flow control receive administration status set to off (port will not allow far end to send flowcontrol) Console> (enable) Console> (enable) set port flowcontrol send 5/1 on Port 5/1 flow control send administration status set to on (port will send flowcontrol to far end) Console> (enable) Console> (enable) set port flowcontrol send 5/1 desired Port 5/1 flow control send administration status set to desired (port will send flowcontrol to far end if far end supports it) Console> (enable) Console> (enable) set port flowcontrol send 5/1 off Port 5/1 flow control send administration status set to off (port will not send flowcontrol to far end) Console> (enable)
Use the set port level command to set the priority level of a port or range of ports on the switching bus.
set port level mod_num/port_num {normal | high}
mod_num | Number of the module. |
port_num | Number of the port on the module. |
normal | Keyword to set the port priority to normal. |
high | Keyword to set the port priority to high. |
The default configuration has all ports at normal priority level.
Switch command.
Privileged.
Packets traveling through a port set at normal priority are served only after packets traveling through a port set at high priority are served.
This command is not supported for the RSM.
This example shows how to set the priority level for port 2 on module 1 to high:
Console> (enable) set port level 1/2 high Port 1/2 port level set to high. Console> (enable)
set port disable
set port duplex
set port enable
set port name
set port speed
set port trap
show port
Use the set port membership command to dynamically or statically assign membership of a port or range of ports to a VLAN.
set port membership mod_num/port_num {dynamic | static}
mod_num | Module number. |
port_num | Port number. |
dynamic | Keyword to dynamically assign VLAN membership to a port. |
static | Keyword to statically assign VLAN membership to a port. |
Default port membership is static.
Switch command.
Privileged.
When a port is assigned a VLAN dynamically, the show port command output identifies the VLAN as dynamic and, if the dynamic port is shut down by a VMPS, its status is shown as shutdown.
This command is not supported on the RSM.
This command is not supported by the three-port Gigabit Ethernet switching module (WS-X5403).
Token Ring does not currently support dynamic VLAN membership---all Token Ring ports are static. If you issue a set port membership dynamic command against a Token Ring port, the following message is generated:
Feature not supported for Module x.
These examples show how to assign VLAN membership to one or more ports using the set port membership command:
Console> (enable) set port membership 3/1-3 dynamic Ports 3/1-3 vlan assignment set to dynamic. Spantree port fast start option enabled for ports 3/1-3. Console> (enable) Console> (enable) set port membership 4/2 dynamic Ports 4/1-12 vlan assignment set to dynamic. Spantree port fast start option enabled for port 4/2. Console> (enable)
Use the set port name command to configure a name for a port.
set port name mod_num/port_num [name_string]
mod_num | Number of the module. |
port_num | Number of the port. |
name_string | (Optional) String that describes the port. |
The default configuration has no port name configured for any port.
Switch command.
Privileged.
If you do not specify the name string, the port name is cleared.
This command is not supported for the RSM.
This example shows how to set port 1 on module 4 to Snowy:
Console> (enable) set port name 4/1 Snowy Port 4/1 name set. Console> (enable)
set port disable
set port duplex
set port enable
set port speed
set port trap
show port
Use the set port negotiation command to enable or disable the link negotiation protocol on the specified port.
set port negotiation mod_num/port_num {enable | disable}
mod_num | Number of the module. |
port_num | Number of the port. |
enable | Keyword to enable the link negotiation protocol. |
disable | Keyword to disable the link negotiation protocol. |
The default is link negotiation protocol enabled.
Switch command.
Privileged.
This command only applies to ports on the Gigabit Ethernet switching module (WS-X5403).
This example shows how to disable link negotiation protocol on port 1, module 4:
Console> (enable) set port negotiation 4/1 disable Link negotiation protocol disabled on port 4/1. Console> (enable)
Use the set port protocol command to enable or disable protocol membership of ports.
set port protocol mod_num/port_num {ip | ipx | group} {on | off | auto}
mod_num | Number of the module. |
port_num | Number of the port. |
ip | Keyword to specify IP protocol. |
ipx | Keyword to specify Internetwork Packet Exchange protocol. |
group | Keyword to specify Appletalk, Decnet, and Vines protocols. |
on | Keyword to indicate the port will receive all the flood traffic for that protocol. |
off | Keyword to indicate the port will not receive any flood traffic for that protocol. |
auto | Keyword to indicate the port will be added to the protocol group only after receiving packets of the specific protocol. |
By default, ports are configured to on for the IP protocol groups and auto for IPX and Group.
Switch command.
Privileged.
Protocol filtering is supported only on nontrunking Ethernet, Fast Ethernet, and Gigabit Ethernet ports. Trunking ports are always members of all the protocol groups.
If the port configuration is set to auto, the port initially does not receive any flood packets for that protocol. When the corresponding protocol packets are received on that port, the supervisor engine detects this and adds the port to the protocol group.
Ports configured as auto are removed from the protocol group if no packets are received for that protocol within a certain period of time. This aging time is set to 60 minutes. They are also removed from the protocol group on detection of a link down.
Protocol filtering is only supported on MLS-based Catalyst 5000 series switches.
This example shows how to disable IPX protocol membership of port 1 on module 2:
Console> (enable) set port protocol 2/1 ipx off IPX protocol disabled on port 2/1. Console> (enable)
This example shows how to enable automatic IP membership of port 1 on module 5:
Console> (enable) set port protocol 5/1 ip auto IP protocol set to auto mode on module 5/1. Console> (enable)
Use the set port security command to configure port security on a port or range of ports on an Ethernet module.
set port security mod_num/port_num {enable | disable} [mac_addr]
mod_num | Number of the module. |
port_num | Number of the port. |
enable | Keyword to enable port security. |
disable | Keyword to disable port security. |
mac_addr | (Optional) Secure MAC address of the enabled port. |
The default configuration has port security disabled.
Switch command.
Privileged.
If the MAC address is not given, the command turns on learning mode so that the first MAC address seen on the port becomes the secure MAC address.
If you issue this command against a Token Ring port, the following message is generated:
Feature not supported for Module x.
This command is not supported by the three-port Gigabit Ethernet switching module (WS-X5403).
This example shows how to set port security with a learned MAC address:
Console> (enable)set port security 3/1 enablePort 3/1 port security enabled with the learned mac address.Console> (enable)
This example shows how to set port security with a specific MAC address:
Console> (enable)set port security 3/1 enable 01-02-03-04-05-06Port 3/1 port security enabled with 01-02-03-04-05-06 as the secure mac address.Console> (enable)
Use the set port speed command to configure the speed of a port interface. You can configure the speed of a Fast Ethernet interface.
set port speed mod_num/port_num {4 | 10 | 16 | 100 | auto}
mod_num | Number of the module. |
port_num | Number of the port on the module. |
4 | 10 | 16 | 100 | auto | Keyword to set a port speed to 4, 10, 16, 100 Mbps, or autospeed detection mode. |
The default configuration has all module ports set to auto.
Switch command.
Privileged.
You can configure Fast Ethernet interfaces on the 10/100-Mbps Fast Ethernet switching module to either 10 Mbps or 100 Mbps, or to autosensing mode, allowing them to sense and distinguish between 10-Mbps and 100-Mbps port transmission speeds and full-duplex or half-duplex port transmission types at a remote port connection. If you set the interfaces to autosensing mode, they configure themselves automatically to operate at the proper speed and transmission type.
You can configure Token Ring interfaces on the Token Ring module to either 4 Mbps or 16 Mbps, or to autospeed detection mode, allowing them to sense and distinguish between 4-Mbps and 16-Mbps port transmission speed. If you set the interfaces to autospeed detection mode, they automatically configure themselves to operate at the proper speed.
If you change the transmission speed of a port that is open to 4 or 16 Mbps, the port will close and reopen at the new transmission speed. If a port closes and reopens on an existing ring using a transmission speed different from that which the ring is operating, the ring will beacon.
If the ports on the Token Ring module are configured to sense the speed of the ring automatically, the first port inserted on the ring does not set the speed, because it is unable to detect the speed.
This command is not supported by the three-port Gigabit Ethernet switching module (WS-X5403).
This example shows how to configure port 1 on module 2 to auto:
Console> (enable) set port speed 2/1 auto Port 2/1 speed set to auto-sensing mode. Console> (enable)
This example shows how to configure port 2 on module 2 port speed to 10 Mbps:
Console> (enable) set port speed 2/2 10 Port 2/2 speed set to 10 Mbps. Console> (enable)
This example shows how to configure port 4 on module 3 port speed to 16 Mbps:
Console> (enable) set port speed 3/4 16 Port(s) 3/4 speed set to 16Mbps. Console> (enable)
set port disable
set port enable
set port name
set port trap
show port
Use the set port trap command to enable or disable the operation of the standard SNMP link trap (up or down) for a port or range of ports.
set port trap mod_num/port_num {enable | disable}
mod_num | Number of the module. |
port_num | Number of the port. |
enable | Keyword to activate the SNMP link trap. |
disable | Keyword to deactivate the SNMP link trap. |
The default configuration has all port traps disabled.
Switch command.
Privileged.
This example shows how to enable the SNMP link trap for module 1, port 2:
Console> (enable) set port trap 1/2 enable Port 1/2 up/down trap enabled. Console> (enable)
set port disable
set port duplex
set port enable
set port name
set port speed
show port
Use the set prompt command to change the prompt for the CLI.
set prompt prompt_string
prompt_string | String to use as the command prompt. |
The default configuration has the prompt set to Console>.
Switch command.
Privileged.
In Catalyst 5000 series software release 4.1(1) and later, if you use the set system name command to assign a name to the switch, the switch name is used as the prompt string. However, if you specify a different prompt string using the set prompt command, that string is used for the prompt.
This example shows how to set the prompt to system100>:
Console> (enable) set prompt system100> system100> (enable)
Use the set protocolfilter command to activate or deactivate protocol filtering.
set protocolfilter {enable | disable}
enable | Keyword to activate protocol filtering. |
disable | Keyword to deactivate protocol filtering. |
The default configuration has protocol filtering disabled.
Switch command.
Privileged.
This example shows how to activate protocol filtering:
Console> (enable) set protocolfilter enable Protocol filtering enabled on this switch. Console> (enable)
This example shows how to deactivate protocol filtering:
Console> (enable) set protocolfilter disable Protocol filtering disabled on this switch. Console> (enable)
|
|