|
|
This chapter describes how to configure network management features on the Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches.
This chapter consists of these sections:
These sections describe how to use the Simple Network Management Protocol (SNMP):
The components of SNMP network management fall into three categories:
SNMP network management uses these SNMP agent functions:
The Catalyst 5000, 4000, 2948G, 2926G, and 2926 series switches are managed devices that support SNMP network management with the following features:
Table 10-1 describes the SNMP default configuration.
| Feature | Default Setting |
|---|---|
SNMP community strings |
|
SNMP trap receiver | None configured |
SNMP traps | None enabled |
To configure SNMP from a NMS, refer to the NMS documentation (see the "Using CiscoWorks2000" section).
The switch supports up to 20 trap receivers through the RMON2 trap destination table. Configure the RMON2 trap destination table from the NMS.
To configure SNMP from the command-line interface (CLI), perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Define the SNMP community strings for each access type. | set snmp community read-only community_string |
Step 2 Assign a trap receiver and community. You can specify up to ten trap receivers. | set snmp trap rcvr_address rcvr_community |
Step 3 Specify the SNMP traps to send to the trap receiver. | set snmp trap enable [all | module | chassis | bridge | repeater | auth | vtp | ippermit | vmps | config | entity | stpx] |
Step 4 Verify the SNMP configuration. | show snmp |
This example shows how to define community strings, assign a trap receiver, and specify which traps to send to the trap receiver:
Console> (enable) set snmp community read-only Everyone SNMP read-only community string set to 'Everyone'. Console> (enable) set snmp community read-write Administrators SNMP read-write community string set to 'Administrators'. Console> (enable) set snmp community read-write-all Root SNMP read-write-all community string set to 'Root'. Console> (enable) set snmp trap 172.16.10.10 read-write SNMP trap receiver added. Console> (enable) set snmp trap 172.16.10.20 read-write-all SNMP trap receiver added. Console> (enable) set snmp trap enable all All SNMP traps enabled. Console> (enable) show snmp RMON: Disabled Extended RMON: Extended RMON module is not present Traps Enabled: Port,Module,Chassis,Bridge,Repeater,Vtp,Auth,ippermit,Vmps,config,entity,stpx Port Traps Enabled: 1/1-2,4/1-48,5/1 Community-Access Community-String ---------------- -------------------- read-only Everyone read-write Administrators read-write-all Root Trap-Rec-Address Trap-Rec-Community ---------------------------------------- -------------------- 172.16.10.10 read-write 172.16.10.20 read-write-all Console> (enable)
CiscoWorks2000 is a family of Web-based and management platform-independent products for managing Cisco enterprise networks and devices. CiscoWorks2000 includes Resource Manager Essentials and CWSI Campus, which allow you to deploy, configure, monitor, manage, and troubleshoot a switched internetwork. For more information, see the following publications:
These sections describe how to use RMON:
RMON is an Internet Engineering Task Force (IETF) standard monitoring specification that allows various network agents and console systems to exchange network monitoring data. The supervisor engine software provides embedded support for these components of the RMON specification (see the "Supported RMON and RMON2 MIB Objects" section for details):
The embedded RMON agent allows the switch to monitor network traffic from all ports simultaneously at the data-link layer of the OSI model without requiring a dedicated monitoring probe or network analyzer.
To enable RMON, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Enable RMON on the switch. | set snmp rmon enable |
Step 2 Verify that RMON is enabled. | show snmp |
This example shows how to enable RMON on the switch and how to verify that RMON is enabled:
Console> (enable) set snmp rmon enable SNMP RMON support enabled. Console> (enable) show snmp RMON: Enabled Extended RMON: Extended RMON module is not present Traps Enabled: Port,Module,Chassis,Bridge,Repeater,Vtp,Auth,ippermit,Vmps,config,entity,stpx Port Traps Enabled: 1/1-2,4/1-48,5/1 Community-Access Community-String ---------------- -------------------- read-only Everyone read-write Administrators read-write-all Root Trap-Rec-Address Trap-Rec-Community ---------------------------------------- -------------------- 172.16.10.10 read-write 172.16.10.20 read-write-all Console> (enable)
Access to RMON data is available only on an NMS that supports RFC 1757 and RFC 1513 (see the "Using CiscoWorks2000" section). You cannot access RMON data through the switch CLI; however, CLI show commands provide similar information (refer to the Command Reference for your switch).
These sections describe how to use the Switched Port Analyzer (SPAN):
SPAN selects network traffic for analysis by a Catalyst 5000 series Network Analysis Module, a SwitchProbe device, or other RMON probe. SPAN mirrors traffic from one or more source ports (Ethernet, Fast Ethernet, Token Ring, or Fiber Distributed Data Interface [FDDI]) on the same virtual LAN (VLAN) to a destination port for analysis (see Figure 10-1).
In Figure 10-1, all traffic on Ethernet port 5 (the source port) is mirrored to Ethernet port 10. A network analyzer on Ethernet port 10 receives all network traffic from Ethernet port 5 without being physically attached to it.
Follow these guidelines when configuring SPAN:
To configure SPAN from the NMS, refer to the NMS documentation (see the "Using CiscoWorks2000" section).
Specify the source ports, the destination port, the direction of the traffic through the source ports that you want to mirror to the destination port, and whether or not the destination port can receive packets.
To configure a SPAN port, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Configure SPAN source and destination ports. | set span {src_mod/src_ports | src_vlan} dest_mod/dest_port [inpkts {enable | disable}] [rx | tx | both] |
Step 2 Verify the SPAN configuration. | show span |
 | Caution If the SPAN destination port is connected to another device and reception of incoming packets is enabled (using the inpkts enable keywords), the SPAN destination port receives traffic for whatever VLAN the SPAN destination port belongs to. However, the SPAN destination port does not participate in spanning tree for that VLAN. Therefore, take care to avoid creating network loops with the SPAN destination port. The inpkts keyword is available in supervisor engine software release 4.2 and later. In earlier releases, incoming packets are always received on the SPAN destination port. To avoid creating spanning-tree loops, assign the SPAN destination port to an unused VLAN. |
This example shows how to configure SPAN so that both transmit and receive traffic from port 1/1 (the SPAN source) is mirrored on port 2/1 (the SPAN destination):
Console> (enable) set span 1/1 2/1 Enabled monitoring of Port 1/1 transmit/receive traffic by Port 2/1 Console> (enable) show span Status : enabled Admin Source : Port 1/1 Oper Source : Port 1/1 Destination : Port 2/1 Direction : transmit/receive Incoming Packets: disabled Console> (enable)
This example shows how to set VLAN 522 as the SPAN source and port 2/1 as the SPAN destination:
Console> (enable) set span 522 2/1 Enabled monitoring of VLAN 522 transmit/receive traffic by Port 2/1 Console> (enable) show span Status : enabled Admin Source : VLAN 522 Oper Source : Port 3/1-2 Destination : Port 2/1 Direction : transmit/receive Incoming Packets: disabled Console> (enable)
This example shows how to set VLAN 522 as the SPAN source and port 3/12 as the SPAN destination. Only transmit traffic is monitored. Normal incoming packets on the SPAN destination port are allowed.
Console> (enable) set span 522 2/12 tx inpkts enable SPAN destination port incoming packets enabled. Enabled monitoring of VLAN 522 transmit traffic by Port 2/12 Console> (enable) show span Status : enabled Admin Source : VLAN 522 Oper Source : Port 2/1-2 Destination : Port 2/12 Direction : transmit Incoming Packets: enabled Console> (enable)
To disable SPAN, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable SPAN on the switch. | set span disable |
This example shows how to disable SPAN on the switch:
Console> (enable) set span disable Disabled monitoring of VLAN 522 transmit traffic by Port 2/1 Console> (enable)
These sections describe how to use the Catalyst 5000 series Network Analysis Module:
For Ethernet VLANs, the Network Analysis Module extends the RMON support provided by the supervisor engine module software with the following (see the "Supported RMON and RMON2 MIB Objects" section for details):
The Network Analysis Module can analyze Ethernet VLAN traffic from either or both:
The Network Analysis Module is managed and controlled from an SNMP management application, such as CiscoWorks2000 (see the "Using CiscoWorks2000" section).
Table 10-2 describes the Network Analysis Module default configuration.
| Feature | Default Setting |
|---|---|
SPAN (supervisor engine feature) | Disabled |
NetFlow Data Export (NFFC/NFFC II feature) | Disabled |
Extended RMON | Enabled |
Extended RMON Netflow (NetFlow Monitor option) | Disabled |
Extended RMON Vlanmode (VLAN Monitor option) | Disabled |
Extended RMON Vlanagent (VLAN Agent option) | Disabled |
To configure the Network Analysis Module from the NMS, refer to the NMS documentation (see the "Using CiscoWorks2000" section). RMON domain configuration can be done only via SNMP from the NMS.
These sections describe how to use the CLI to configure the Network Analysis Module:
The Network Analysis Module can analyze Ethernet VLAN traffic from Ethernet or Fast Ethernet SPAN source ports, or you can specify an Ethernet VLAN as the SPAN source. To use the Network Analysis Module VLAN Monitor option, set a trunk port as the SPAN source port (for more information, see the "Enabling the VLAN Monitor Option" section)
To enable the NetFlow Monitor option:
Step 1 Purchase a NetFlow Monitor option license from your Cisco sales representative, which will have a registration key and URL on it.
Step 2 Get the Media Access Control (MAC) address of your Network Analysis Module. Enter this command:
Console> show module mod_num
This example shows how to display the MAC address:
Console> show module 4 Mod Module-Name Ports Module-Type Model Serial-Num Status --- ------------------- ----- --------------------- --------- --------- ------- 4 1 Network Analysis/RMON WS-X5380 008175475 ok Mod MAC-Address(es) Hw Fw Sw --- -------------------------------------- ------ ---------- ----------------- 4 00-e0-14-10-18-00 0.100 4.1.1 4.3(1)
Step 3 Access the URL specified on the NetFlow Monitor option license.
Step 4 Enter the registration key and the MAC address of the Network Analysis Module to generate the password for your Network Analyzer Module.
Step 5 Enter this command in privileged mode to enable the NetFlow Monitor option:
Console> set snmp extendedrmon netflow enable password
This example shows how to enable the NetFlow Monitor option and how to verify that it is enabled:
Console> (enable) set snmp extendedrmon netflow enable password Snmp extended RMON netflow enabled Console> (enable) show snmp RMON: Disabled Extended RMON: Enabled Extended RMON Netflow: Enabled Extended RMON Vlanmode: Disabled Extended RMON Vlanagent: Disabled <...output truncated...> Console> (enable)
Step 6 Enter this command in privileged mode to enable NDE:
Console> set mls nde enable
When the SPAN source is a trunk port and the VLAN Monitor option is enabled, the Network Analysis Module aggregates statistics by VLAN, rather than by source MAC address.
To enable the VLAN Monitor option, perform this task in privileged mode:
| Task | Command |
|---|---|
Enable VLAN Monitor. | set snmp extendedrmon vlanmode enable |
This example shows how to enable the VLAN Monitor option and how to verify that it is enabled:
Console> (enable) set snmp extendedrmon vlanmode enable Snmp extended RMON vlanmode enabled Console> (enable) show snmp RMON: Disabled Extended RMON: Enabled Extended RMON Netflow: Disabled Extended RMON Vlanmode: Enabled Extended RMON Vlanagent: Disabled <...output truncated...> Console> (enable)
When the VLAN Agents option is enabled, the Network Analysis Module aggregates statistics by VLAN as well as by port.
To enable the VLAN Agents option, perform this task in privileged mode:
| Task | Command |
|---|---|
Enable VLAN Agents. | set snmp extendedrmon vlanagent enable |
This example shows how to enable the VLAN Agents option and how to verify that it is enabled:
Console> (enable) set snmp extendedrmon vlanagent enable Snmp extended RMON vlanagent enabled Console> (enable) show snmp RMON: Disabled Extended RMON: Enabled Extended RMON Netflow: Disabled Extended RMON Vlanmode: Disabled Extended RMON Vlanagent: Enabled <...output truncated...> Console> (enable)
The Network Analysis Module also supports these commands, which are described in the Command Reference for your switch:
...
RMON-Mcast RMON-Bcast RMON-Ucast RMON-DropEvent
-------------------- -------------------- -------------------- -----------------
0 0 0 0
...RMON-Mcast RMON-Bcast RMON-Ucast RMON-DropEvent -------------------- -------------------- -------------------- ----------------- 0 0 0 0
The following table lists the RMON and RMON2 MIB objects supported by the supervisor engine module software and the Network Analysis Module software.
| Module | Object Identifier (OID) and Description | Source |
|---|---|---|
Supervisor | ...mib-2(1).rmon(16).statistics(1).etherStatsTable(1) | RFC 1757 (RMON-MIB) |
Counters for packets, octets, broadcasts, errors, etc. | ||
Supervisor | ...mib-2(1).rmon(16).history(2).historyControlTable(1) | RFC 1757 (RMON-MIB) |
Periodically samples and saves statistics group counters for later retrieval. | ||
Supervisor | ...mib-2(1).rmon(16).alarm(3) | RFC 1757 (RMON-MIB) |
A threshold that can be set on critical RMON variables for network management. | ||
Network | ...mib-2(1).rmon(16).hosts(4) | RFC 1757 (RMON-MIB) |
Maintains statistics on each host device on the segment or port. | ||
Network | ...mib-2(1).rmon(16).hostTopN(5) | RFC 1757 (RMON-MIB) |
A user-defined subset report of the Hosts group, sorted by a statistical counter. | ||
Network | ...mib-2(1).rmon(16).matrix(6) | RFC 1757 (RMON-MIB) |
Maintains conversation statistics between hosts on network. | ||
Network | ...mib-2(1).rmon(16).filter(7) | RFC 1757 (RMON-MIB) |
A filter engine that generates a packet stream from frames that match a specified pattern. | ||
Network | ...mib-2(1).rmon(16).capture(8) | RFC 1757 (RMON-MIB) |
Manages buffers for packets captured by the Filter group for uploading to the management console. | ||
Supervisor | ...mib-2(1).rmon(16).event(9) | RFC 1757 (RMON-MIB) |
Generates SNMP traps when an Alarms group threshold is exceeded and logs the events. | ||
Supervisor | ...mib-2(1).rmon(16).tokenRing(10).ringStationControlTable(1) | RFC 1513 (TOKEN-RING-RMON MIB) |
Aggregates detailed Token-Ring statistics. | ||
Network | ...mib-2(1).rmon(16).protocolDir(11) | RFC 2021 (RMON2-MIB) |
A table of protocols for which the Network Analysis Module monitors and maintains statistics. | ||
Network | ...mib-2(1).rmon(16).protocolDist(12) | RFC 2021 (RMON2-MIB) |
A table of statistics for each protocol in protocolDir(11). | ||
Network | ...mib-2(1).rmon(16).addressMap(13) | RFC 2021 (RMON2-MIB) |
List of MAC-to-network-layer address bindings. | ||
Network | ...mib-2(1).rmon(16).nlHost(14) | RFC 2021 (RMON2-MIB) |
Statistics for each network layer address. | ||
Network | ...mib-2(1).rmon(16).nlMatrix(15) | RFC 2021 (RMON2-MIB) |
Traffic statistics for pairs of network layer addresses. | ||
Network | ...mib-2(1).rmon(16).alHost(16) | RFC 2021 (RMON2-MIB) |
Statistics by application layer protocol for each network address. | ||
Network | ...mib-2(1).rmon(16).alMatrix(17) | RFC 2021 (RMON2-MIB) |
Traffic statistics by application layer protocol for pairs of network layer addresses. | ||
Network | ...mib-2(1).rmon(16).usrHistory(18) | RFC 2021 (RMON2-MIB) |
Extends history beyond RMON1 link-layer statistics to include any RMON, RMON2, MIB-I, or MIB-II statistic. | ||
Supervisor | ...mib-2(1).rmon(16).probeConfig(19) | RFC 2021 (RMON2-MIB) |
Displays a list of agent capabilities and configurations. | ||
These sections describe how to use the Cisco Discovery Protocol (CDP):
CDP is a media- and protocol-independent protocol that runs on all Cisco-manufactured equipment including routers, bridges, access and communication servers, and switches. Using CDP, you can view information about all the Cisco devices directly attached to the switch.
In addition, network management applications can retrieve the device type and SNMP-agent address of neighboring Cisco devices. This enables applications to send SNMP queries to neighboring devices. CDP allows network management applications to discover Cisco devices that are neighbors of already known devices, in particular, neighbors running lower-layer, transparent protocols.
CDP runs on all media that support Subnetwork Access Protocol (SNAP), including LAN and Frame Relay. CDP runs over the data link layer only.
Cisco devices never forward CDP packets. When new CDP information is received, Cisco devices discard old information.
To configure CDP, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Enable CDP on the desired ports. Use the all keyword to enable CDP on all ports. | set cdp enable {mod_num/port_num | all} |
Step 2 (Optional) Set the message interval for CDP. The allowed range is 5-900 seconds. The default is 60 seconds. | set cdp interval {mod_num/port_num | all} interval |
Step 3 Verify the CDP configuration. | show cdp port [mod_num[/port_num]] |
Step 4 View information about CDP neighbors. | show cdp neighbors [mod_num[/port_num]] [detail] |
This example shows how to configure CDP on all ports and verify the configuration:
Console> (enable) set cdp enable all
CDP enabled for all ports.
Console> (enable) set cdp interval all 100
CDP message interval set to 100 seconds for all ports.
Console> (enable) show cdp port
Port CDP Status Message-Interval
-------- ---------- ----------------
1/1 enabled 100
1/2 enabled 100
5/1 enabled 100
Console> (enable) show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Port Device-ID Port-ID Platform Capability
-------- ----------------------- ----------------- ------------------ ----------
1/1 002267633 3/3 WS-C5000 T S
Console> (enable) show cdp neighbors detail
Device-ID: 002267633
Device Addresses:
IP Address: 172.20.52.2
Holdtime: 122 sec
Capabilities: TRANSPARENT_BRIDGE SWITCH
Version:
WS-C5000 Software, Version McpSW: 3.2(1) NmpSW: 3.2(1b)
Copyright (c) 1995-1998 by Cisco Systems
Platform: WS-C5000
Port-ID (Port on Device): 3/3
Port (Our Port): 1/1
Console> (enable)
These sections describe how to use system message logging:
By default, the switch logs normal but significant system messages to its internal buffer and sends these messages to the system console. You can specify which system messages should be saved based on the type of facility (see Table 10-4) and the severity level (see Table 10-5). Messages are time-stamped to enhance real-time debugging and management.
You can access logged system messages using the switch CLI or by saving them to a properly-configured syslog server. The switch software saves syslog messages in an internal buffer that can store up to 1024 messages. Thus, you can monitor system messages remotely by accessing the switch through Telnet or the console port, or by viewing the logs on a syslog server.
Table 10-4 describes the facility types supported by the system message logs.
| Facility Name | Definition |
|---|---|
cdp | Cisco Discovery Protocol |
dtp | Dynamic Trunking Protocol |
drip | Dual Ring Protocol |
dvlan | Dynamic VLAN |
earl | Enhanced Address Recognition Logic |
fddi | Fiber Distributed Data Interface |
filesys | Flash file system |
ip | IP permit list |
kernel | Kernel |
mgmt | Management messages |
mcast | Multicast messages |
pagp | Port Aggregation Protocol |
protfilt | Protocol filtering |
pruning | VTP pruning |
rmon | Remote Monitoring |
snmp | Simple Network Management Protocol |
spantree | Spanning-Tree Protocol |
sys | System |
tac | TACACS+ |
tcp | Transmission Control Protocol |
telnet | Terminal emulation protocol in the TCP/IP protocol stack |
tftp | Trivial File Transfer Protocol |
vmps | VLAN Membership Policy Server |
vtp | VLAN Trunking Protocol |
security | Port security |
Table 10-5 describes the severity levels supported by the system message logs.
| Severity Level | Keyword | Description |
|---|---|---|
0 | emergencies | System unusable |
1 | alerts | Immediate action required |
2 | critical | Critical condition |
3 | errors | Error conditions |
4 | warnings | Warning conditions |
5 | notifications | Normal but significant condition |
6 | informational | Informational messages |
7 | debugging | Debugging messages |
System log messages begin with a percent sign (%) and can contain up to 80 characters. Messages are displayed in the following format:
mm/dd/yyy:hh/mm/ss:facility-severity-MNEMONIC:description
Table 10-6 describes the elements of syslog messages.
| Element | Description |
mm/dd/yyy:hh/mm/ss | Date and time of the error or event. This information appears only if configured using the set logging timestamp enable command. |
facility | Indicates the facility to which the message refers (for example, SNMP, SYS, etc.). |
severity | Single-digit code from 0 to 7 that indicates the severity of the message. |
MNEMONIC | Text string that uniquely describes the error message. |
description | Text string containing detailed information about the event being reported. |
This example shows typical switch system messages:
%SYS-5-MOD_OK:Module 1 is online %SYS-5-MOD_OK:Module 2 is online %SYS-5-MOD_OK:Module 3 is online %DTP-5-TRUNKPORTON:Port 2/1 has become dot1q trunk %PAGP-5-PORTTOSTP:Port 2/1 joined bridge port 2/1
Table 10-7 describes the default system message logging configuration.
| Configuration Parameter | Default Setting |
|---|---|
System message logging to the console | Enabled |
System message logging to Telnet sessions | Enabled |
Logging server | Disabled |
Syslog server IP address | None configured |
Server facility | LOCAL7 |
Server severity | Warnings (4) |
Logging buffer | 500 |
Logging history size | 1 |
Timestamp option | Disabled |
Facility/severity level for system messages | sys/5 |
To change the default system message logging facility and severity settings, perform one of these tasks in privileged mode:
| Task | Command |
|---|---|
| set logging level facility severity |
| set logging console disable |
Before you can send system log messages to a UNIX syslog server, you must configure the syslog daemon on the UNIX server. Log in as root, and perform these steps:
Step 1 Add a line such as the following to the file /etc/syslog.conf:
user.debug /var/log/myfile.log
The switch sends messages according to specified facility types and severity levels. The user keyword specifies the UNIX logging facility used. The messages from the switch are generated by user processes. The debug keyword specifies the severity level of the condition being logged. You can set UNIX systems to receive all messages from the switch.
Step 2 Create the log file by entering these commands at the UNIX shell prompt:
$ touch /var/log/myfile.log $ chmod 666 /var/log/myfile.log
Step 3 Make sure the syslog daemon reads the new changes by entering this command:
$ kill -HUP \Qcat /etc/syslog.pid
To configure the switch to log messages to a syslog server, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Add a syslog server to the configuration1. | set logging server ip_addr |
Step 2 Enable system message logging to configured syslog servers. | set logging server enable |
Step 3 Set the facility and severity level for syslog server messages. | set logging level facility severity default |
| 1You can configure a maximum of three syslog servers at any time. |
To remove a syslog server from the configuration, perform this task in privileged mode:
| Task | Command |
|---|---|
Delete a syslog server from the configuration. | clear logging server ip_addr |
To disable logging to the syslog server, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable system message logging to configured syslog servers. | set logging server disable |
By default, system messages are sent to Telnet sessions based on the default facility and severity values.
To configure the logging settings for Telnet sessions, perform one of these tasks in privileged mode:
| Task | Command |
|---|---|
| set logging level facility severity |
| set logging session disable or set logging console disable |
| set logging session enable or set logging console enable |
To display the current configuration for system messages, perform this task in privileged mode:
| Task | Command |
|---|---|
Display the current system message log configuration. | show logging |
To display the first N system messages in the internal buffer of the Catalyst 5000 series switch, perform this task in privileged mode:
| Task | Command |
|---|---|
Display the first N messages in the buffer. | show logging buffer N |
To display the last N system messages in the internal buffer of the Catalyst 5000 series switch, perform this task in privileged mode:
| Task | Command |
|---|---|
Display the last N messages in the buffer. | show logging buffer -N |
To verify the system message logging configuration, enter the show logging command. If you are verifying the system message logging configuration for the console and the syslog server is disabled, the first two lines of output appear as follows:
Console> (enable) show logging Logging console:enabledLogging server:disabled
If you are verifying the system message log configuration for a Telnet login session, an additional line showing the current logging session is displayed as follows:
Console> (enable) show logging Logging console: enabled Logging server: disabled Current Logging Session: enabled
This section provides examples for entering the system message log commands to perform the following tasks:
Console> (enable) set logging server enable System logging messages will be sent to the configured syslog servers.
Console> (enable) set logging server 171.69.192.205 171.69.192.205 added to the System logging server table.
Console> (enable) set logging session enable System logging messages will be sent to the current login session.
Console> (enable) set logging level all 1 default System logging facility <all> set to severity 1(alerts).
Console> (enable) show logging Logging console: enabled Logging server: disabled Current Logging Session: enabled Facility Server/Default Severity Current Session Severity ------------- ----------------------- ------------------------ cdp 1 1 mcast 1 1 dtp 1 1 dvlan 1 1 earl 1 1 fddi 1 1 ip 1 1 pruning 1 1 snmp 1 1 spantree 1 1 sys 1 1 tac 1 1 tcp 1 1 telnet 1 1 tftp 1 1 vtp 1 1 vmps 1 1 kernel 1 1 filesys 1 1 drip 1 1 pagp 1 1 mgmt 1 1 mls 1 1 protfilt 1 1 security 1 1 0(emergencies) 1(alerts) 2(critical) 3(errors) 4(warnings) 5(notifications) 6(information) 7(debugging) Console> (enable)
Console> (enable) set logging level snmp 3 System logging facility <snmp> set to severity 3(errors).
Console> (enable) show logging Logging console: enabled Logging server: disabled Current Logging Session: enabled Facility Server/Default Severity Current Session Severity ------------- ----------------------- ------------------------ cdp 1 1 mcast 1 1 dtp 1 1 dvlan 1 1 earl 1 1 fddi 1 1 ip 1 1 pruning 1 1 snmp 1 3 spantree 1 1 sys 1 1 tac 1 1 tcp 1 1 telnet 1 1 tftp 1 1 vtp 1 1 vmps 1 1 kernel 1 1 filesys 1 1 drip 1 1 pagp 1 1 mgmt 1 1 mls 1 1 protfilt 1 1 security 1 1 0(emergencies) 1(alerts) 2(critical) 3(errors) 4(warnings) 5(notifications) 6(information) 7(debugging) Console> (enable)
Console> (enable) show logging buffer 4 07/30/1998,12:59:24:SYS-5:Module 1 is online 07/30/1998,12:59:32:SYS-5:Module 9 is online 07/30/1998,12:59:35:SYS-5:Module 5 is online 07/30/1998,12:59:49:SYS-5:Module 2 is online Console> (enable)
Console> (enable) show logging buffer -4 07/30/1998,15:44:19:PAGP-5:Port 1/1 joined bridge port 1/1. 07/30/1998,15:46:52:DTP-5:Port 1/1 has become isl trunk 07/30/1998,15:46:52:PAGP-5:Port 1/1 left bridge port 1/1. 07/30/1998,15:47:03:PAGP-5:Port 1/1 joined bridge port 1/1. Console> (enable)
These sections describe how to use Switch TopN Reports utility:
The Switch TopN Reports utility allows you to collect and analyze data for each physical port on a switch.
The Switch TopN Reports utility collects the following data for each physical port:
When the Switch TopN Reports utility starts, it gathers data from the appropriate hardware counters, and then goes into sleep mode for a user-specified period. When the sleep time ends, the utility gathers the current data from the same hardware counters, compares the current data from the earlier data, and stores the difference. The data for each port is sorted using a user-specified metric chosen from the values shown in Table 10-8.
| Metric Value | Definition |
|---|---|
util | Utilization |
bytes | Input/output bytes |
pkts | Input/output packets |
bcst | Input/output broadcast packets |
mcst | Input/output multicast packets |
errors | Input errors |
overflow | Buffer overflows |
If you enter the show top command without specifying the background option, processing begins but the system prompt does not reappear on the screen and you cannot enter other commands while the report is being generated.
You can terminate the Switch TopN process before it finishes by pressing Ctrl-C from the same console or Telnet session, or by opening a separate console or Telnet session and entering the clear top [report_num] command. After the Switch TopN Reports utility finishes processing the data, it displays the output on the screen immediately. The output is not saved.
If you enter the show top command and specify the background option, processing begins and the system prompt reappears immediately. When processing completes, Switch TopN reports do not display immediately on the screen, but are saved for later viewing.
The system notifies you when the Switch TopN reports are complete by sending a syslog message to the screen. Enter the show top report [report_num] command to view the completed Switch TopN reports. The system displays only those reports that are completed. For reports that are not completed, the system displays a short description of the Switch TopN process information.
You can terminate a Switch TopN process invoked with the background option only by entering the clear top [report_num] command. Pressing Ctrl-C does not terminate the process. Completed Switch TopN reports remain available for viewing until you remove them using the clear top {all | report_num} command.
To start a Switch TopN Report in the background and view the results, perform this task in privileged mode:
| Task | Command |
|---|---|
Step 1 Start the Switch TopN Reports utility in the background. | show top [N] [metric] [interval interval] [port_type] background |
Step 2 View the generated report when it is complete. | show top report [report_num] |
If you specify the report_num with the show top report command, the associated Switch TopN report is displayed. Each process is associated with a unique report number.
If you do not specify the report_num variable, all active Switch TopN processes and all available Switch TopN reports for the switch are displayed. All Switch TopN processes (both with and without the background option) are shown in the list.
This example shows how to start the Switch TopN Reports utility with the background option:
Console> (enable) show top 5 pkts background
Console> (enable) 06/16/1998,17:21:08:MGMT-5:TopN report 4 started by Console//.
Console> (enable) 06/16/1998,17:21:39:MGMT-5:TopN report 4 available.
Console> (enable) show top report 4
Start Time: 06/16/1998,17:21:08
End Time: 06/16/1998,17:21:39
PortType: all
Metric: pkts (Tx + Rx)
Port Band- Uti Bytes Pkts Bcst Mcst Error Over
width % (Tx + Rx) (Tx + Rx) (Tx + Rx) (Tx + Rx) (Rx) flow
----- ----- --- -------------------- ---------- ---------- ---------- ----- ----
1/1 100 0 7950 81 0 81 0 0
2/1 100 0 2244 29 0 23 0 0
1/2 100 0 1548 12 0 12 0 0
2/10 100 0 0 0 0 0 0 0
2/9 100 0 0 0 0 0 0 0
Console> (enable)
To start a Switch TopN Report in the foreground and view the results immediately, perform this task in privileged mode:
| Task | Command |
|---|---|
Start the Switch TopN Reports utility in the foreground. | show top [N] [metric] [interval interval] [port_type] |
This example shows how to start the Switch TopN Reports utility in the foreground:
Console> (enable) show top 5 pkts
Start Time: 06/16/1998,17:26:38
End Time: 06/16/1998,17:27:09
PortType: all
Metric: pkts (Tx + Rx)
Port Band- Uti Bytes Pkts Bcst Mcst Error Over
width % (Tx + Rx) (Tx + Rx) (Tx + Rx) (Tx + Rx) (Rx) flow
----- ----- --- -------------------- ---------- ---------- ---------- ----- ----
2/1 100 0 10838 94 2 26 0 0
1/1 100 0 7504 79 0 79 0 0
1/2 100 0 2622 21 0 21 0 0
2/10 100 0 0 0 0 0 0 0
2/9 100 0 0 0 0 0 0 0
Console> (enable)
To display stored and pending Switch TopN reports, perform this task in privileged mode:
| Task | Command |
|---|---|
Display a Switch TopN report. To display all stored and pending reports, do not specify a report_num. | show top report [report_num] |
This example shows how to display a specific report and how to display all stored and pending reports:
Console> (enable) show top report 5
Start Time: 06/16/1998,17:29:40
End Time: 06/16/1998,17:30:11
PortType: all
Metric: overflow
Port Band- Uti Bytes Pkts Bcst Mcst Error Over
width % (Tx + Rx) (Tx + Rx) (Tx + Rx) (Tx + Rx) (Rx) flow
----- ----- --- -------------------- ---------- ---------- ---------- ----- ----
1/1 100 0 7880 83 0 83 0 0
2/12 100 0 0 0 0 0 0 0
2/11 100 0 0 0 0 0 0 0
2/10 100 0 0 0 0 0 0 0
2/9 100 0 0 0 0 0 0 0
Console> (enable) show top report
Rpt Start time Int N Metric Status Owner (type/machine/user)
--- ------------------- --- --- ---------- -------- -------------------------
1 06/16/1998,17:05:00 30 20 Util done telnet/172.16.52.3/
2 06/16/1998,17:05:59 30 5 Util done telnet/172.16.52.3/
3 06/16/1998,17:08:06 30 5 Pkts done telnet/172.16.52.3/
4 06/16/1998,17:21:08 30 5 Pkts done Console//
5 06/16/1998,17:29:40 30 5 Overflow pending Console//
Console> (enable)
To remove stored Switch TopN reports, perform this task in privileged mode:
| Task | Command |
|---|---|
Remove Switch TopN reports. Use the all keyword to remove all completed Switch TopN reports. | clear top {all | report_num} |
This example shows how to remove a specific Switch TopN and how to remove all stored reports:
Console> (enable) clear top 4 Console> (enable) 06/16/1998,17:36:45:MGMT-5:TopN report 4 killed by Console//. Console> (enable) clear top all 06/16/1998,17:36:52:MGMT-5:TopN report 1 killed by Console//. 06/16/1998,17:36:52:MGMT-5:TopN report 2 killed by Console//. Console> (enable) 06/16/1998,17:36:52:MGMT-5:TopN report 3 killed by Console//. 06/16/1998,17:36:52:MGMT-5:TopN report 5 killed by Console//. Console> (enable)
|
|