|
|
Use the set port broadcast command to set the broadcast/multicast suppression for one or more ports. The broadcast threshold limits the backplane traffic received from the module.
set port broadcast mod_num/port_num threshold[%]
mod _num | Number of the module. |
port_num | Number of the port. |
threshold | Number of packets-per-second of broadcast/multicast traffic allowed on the port or the percentage of total available bandwidth that can be used by broadcast/multicast traffic. Valid values are: 0 to 150000 packets per second or 0 to 100 percent. 0 pps or 100% unlimits broadcast traffic. |
% | (Optional) Keyword used if threshold is expressed as a percentage of total available bandwidth that can be used by broadcast/multicast traffic. |
The default value for the threshold is 100 percent.
Catalyst 5000 family switches
Catalyst 2926G series switches
Switch command.
Privileged.
Use the show port capabilities command to determine whether your hardware supports broadcast/multicast suppression.
This example shows how to limit broadcast/multicast traffic on port 2/1 to 15%:
Console> (enable) set port broadcast 2/1 15% Port(s) 2/1 broadcast traffic limited to 15%. Console> (enable)
This example shows how to limit broadcast traffic to 500 packets per second on ports 2/1 through 2/24:
Console> (enable) set port broadcast 2/1-2/24 500 Ports 2/1-2/24 broadcast traffic limited to 500 packets. Console> (enable)
Use the set port channel command to define EtherChannel administrative groups, create EtherChannel port bundles, and specify the frame-distribution method for the switch.
set port channel port_list [admin_group]
port_list | List of ports to which the command applies. |
admin_group | EtherChannel administrative group number. Valid values are 1 through 1024 inclusive. |
mode | Keyword used to specify the EtherChannel mode. |
on | Keyword that forces the port to channel without negotiation. PAgP packets are not exchanged. The port is channeling regardless of how the peer port is configured. If the peer port is in on mode, a channel is formed. In any other mode, the peer port is placed in the errdisable state due to a channel misconfiguration. |
off | Keyword that prevents the port from channeling. PAgP packets are not exchanged. The port is not channeling regardless of how the peer port is configured. No channel is formed. |
desirable | Keyword that places a port into an active negotiating state, in which the port initiates negotiations with other ports by sending PAgP packets. A channel is formed with another port group in either desirable or auto mode. |
auto | Keyword that places a port into a passive negotiating state, in which the port responds to PAgP packets it receives but does not initiate PAgP packet negotiation. A channel is formed only with another port group in desirable mode. |
silent | Keyword used when you are channeling to a "silent partner" (that is, a device that is not generating BPDUs or other traffic). An example of a silent partner is a traffic generator that is not transmitting packets. Use this keyword with the auto or desirable mode. If you do not specify silent or non-silent, silent is assumed. |
non-silent | Keyword used when you are channeling to a device that will transmit BPDUs or other traffic. Use this keyword with the auto or desirable mode. |
The default system configuration is as follows:
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
Make sure that all ports you intend to channel are configured properly. For complete information on EtherChannel configuration restrictions, refer to the Software Configuration Guide for your switch.
Administrative groups specify which ports can form an EtherChannel together. An administrative group can contain a maximum of eight ports. However, administrative group membership is restricted by hardware capabilities. Use the show port capabilities command to determine which ports can form a channel together.
Hardware support for EtherChannel is as follows:
This example shows how to create an EtherChannel on ports 5-6 of module 7:
Console> (enable) set port channel 7/5-6 on Port(s) 7/5-6 are assigned to admin group 56. Port(s) 7/5-6 channel mode set to on. Console> (enable)
This example shows how to remove an EtherChannel on ports 5-6 of module 7:
Console> (enable) set port channel 7/5-6 mode auto Port(s) 7/5-6 channel mode set to auto. Console> (enable) show port channel
set channel cost
set channel vlancost
show channel
show channel group
show port channel
Use the set port disable command to disable a port or a range of ports.
set port disable mod_num/port_num
mod _num | Number of the module. |
port_num | Number of the port. |
The default system configuration has all ports enabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
This command is not supported by the RSM.
This example shows how to disable port 5/10:
Console> (enable) set port disable 5/10 Port 5/10 disabled. Console> (enable)
Use the set port duplex command to configure the duplex type of an Ethernet or Fast Ethernet port or range of ports.
set port duplex mod_num/port_num {full | half}
mod_num | Number of the module. |
port_num | Number of the port. |
full | Keyword to specify full-duplex transmission. |
half | Keyword to specify half-duplex transmission. |
The default configuration for 10-Mbps and 100-Mbps modules has all Ethernet ports set to half duplex.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
You can configure Ethernet and Fast Ethernet interfaces to either full duplex or half duplex.
The set port duplex command is not valid on the 24- and 48-port group switching modules (WS-X5020 and WS-X5223) or the RSM.
The set port duplex command is not supported on Token Ring ports. Use the set tokenring portmode command instead.
You cannot configure the duplex mode on Gigabit Ethernet ports (they are always in full-duplex mode).
This example shows how to set port 1 on module 2 to full duplex:
Console> (enable) set port duplex 2/1 full Port 2/1 set to full-duplex. Console> (enable)
Use the set port enable command to enable a port or a range of ports.
set port enable mod_num/port_num
mod _num | Number of the module. |
port_num | Number of the port. |
The default system configuration has all ports enabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
This command is not supported on the RSM.
This example shows how to enable port 3 on module 2:
Console> (enable) set port enable 2/3 Port 2/3 enabled. Console> (enable)
Use the set port filter command to configure a MAC address filter or a protocol filter for ports on the Token Ring module.
set port filter mod_num/port_num {mac_addr | protocol_type} {permit | deny}
mod_num | Number of the module. |
port_num | Number of the port on the module. |
mac_addr | MAC address contained in the packets to be filtered. You can enter this address in canonical format (00-11-33-44-55) or noncanonical format (00:11:22:33:44:55). |
protocol_type | Protocol type that you want to filter. For a list of the protocol types that you can filter, see Table 2-5 through Table 2-7. |
permit | Keyword to specify that the filter can permit packets with the specified MAC address or protocol type. |
deny | Keyword to specify that the filter can deny packets with the specified MAC address or protocol type. |
The command has no default setting.
Catalyst 5000 family switches
Switch command.
Privileged.
You can configure up to 16 MAC address filters or 16 protocol (eight SAPs and eight DSAPs) filters per port on the Token Ring module. See Table 2-5 through Table 2-7 for lists of SAPs and Ethertypes that you can use when defining protocol filters.
Table 2-5 and Table 2-6 list the SAPs that you can use to define protocol classes.
| Hexadecimal Value | Description |
|---|---|
X'02' | LLC Sublayer Management |
X'06' | DoD Internet |
X'x6' | National Standards Bodies |
X'0E' | Proway Network Management |
X'4E' | Manufacturing Message Service |
X'7E' | ISO 8208 |
X'8E' | Proway Active Station List Maintenance |
X'FE' | OSI Network Layer Protocols |
X'42' | Bridge Spanning-Tree Protocol |
| Hexadecimal Value | Description |
|---|---|
X'04' | SNA Path Control Individual |
X'F0' | NetBIOS |
X'F4' | LAN Management Individual |
X'F8' | IMPL |
X'FC' | Discovery |
X'DC' | Dynamic Address Resolution |
X'D4' | Resource Management |
Table 2-7 lists the possible Ethertypes that you can use to define protocol filters.
| Hexadecimal Value | Description |
|---|---|
X'0000' through X'05DC' | IEEE 802.3 |
X'0600' | Xerox XNS IDP |
X'0800' | DoD IP |
X'0801' | X.75 Internet |
X'0802' | NBS Internet |
X'0803' | ECMA Internet |
X'0804' | CHAOSnet |
X'0805' | X.25 Level 3 |
X'0806' | ARP (for IP and CHAOS) |
X'6001' | DEC MOP Dump/Load Assistance |
X'6002' | DEC MOP Remote Console |
X'6003' | DEC DECnet Phase IV |
X'6004' | DEC LAT |
X'6005' | DEC DECnet Diagnostics |
X'6010' through X'6014' | 3Com Corporation |
X'7000' through X'7002' | Ungermann-Bass download |
X'7030' | Proteon |
X'7034' | Cabletron |
X'8035' | Reverse ARP |
X'8046' through X'8047' | AT&T |
X'8088' through X'808A' | Xyplex |
X'809B' | Kinetics Ethertalk (Appletalk over Ethernet) |
X'80C0' through X'80C3' | Digital Communications Associates |
X'80D5' | IBM SNA Services over Ethernet |
X'80F2' | Retix |
X'80F3' through X'80F5' | Kinetics |
X'80F7' | Apollo Computer |
X'80FF' through X'8103' | Wellfleet Communications |
X'8137' through X'8138' | Novell |
This example shows how to configure a port filter on port 2 MAC address 00:40:0b:01:bc:65
of module 3:
Console> (enable) set port filter 3/2 00:40:0b:01:bc:65 permit Port 3/2 filter Mac Address 00:40:0b:01:bc:65 set to permit. Console> (enable)
clear port filter
show port filter
Use the set port flowcontrol command to configure the flow-control settings for a specified port.
set port flowcontrol mod_num/port_num {receive | send} {off | on | desired}
mod_num | (Optional) Number of the module. |
port_num | (Optional) Number of the port on the module. |
receive | Keyword to specify the flow-control receive mode for the port. |
send | Keyword to specify the flow-control send mode for the port. |
off | Keyword to turn off flow-control. When used with the receive keyword, the port does not accept flow-control frames from an attached device. When used with the send keyword, the port does not send flow-control frames to the attached device. |
on | Keyword to turn on flow control. When used with the receive keyword, the port accepts flow-control frames from an attached device. When used with the send keyword, the port sends flow-control frames to the attached device. |
desired | Keyword to negotiate the flow-control settings. When used with the receive keyword, the port uses flow control if the attached device uses it, and does not use flow control if the attached device does not use it. When used with the send keyword, the port sends flow-control frames to the attached device if the attached device asks to use flow control. |
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
Gigabit Ethernet ports on these platforms never send flow-control frames to attached devices:
If these ports are configured to send flow-control frames, they do advertise to attached devices that flow control is supported. This action allows these ports to operate with attached devices that might not form a link with a port that does not support flow control.
This example shows how to turn on flow control receive mode:
Console> (enable) set port flowcontrol receive 5/1 on Port 5/1 flow control receive administration status set to on (port will require far end to send flowcontrol) Console> (enable)
This example shows how to turn on flow control receive mode if the other device uses it:
Console> (enable) set port flowcontrol receive 5/1 desired Port 5/1 flow control receive administration status set to desired (port will allow far end to send flowcontrol if far end supports it) Console> (enable)
This example shows how to turn off flow control receive mode:
Console> (enable) set port flowcontrol receive 5/1 off Port 5/1 flow control receive administration status set to off (port will not allow far end to send flowcontrol) Console> (enable)
This example shows how to turn on flow control send mode:
Console> (enable) set port flowcontrol send 5/1 on Port 5/1 flow control send administration status set to on (port will send flowcontrol to far end) Console> (enable)
This example shows how to turn on flow control send mode if the other device requires it:
Console> (enable) set port flowcontrol send 5/1 desired Port 5/1 flow control send administration status set to desired (port will send flowcontrol to far end if far end supports it) Console> (enable)
This example shows how to turn off flow control send mode:
Console> (enable) set port flowcontrol send 5/1 off Port 5/1 flow control send administration status set to off (port will not send flowcontrol to far end) Console> (enable)
Use the set port gmrp command to enable or disable GMRP on the specified ports in all VLANs.
set port gmrp mod/ports... {enable | disable}
mod/ports... | Module number and port number list. |
enable | Keyword to enable GMRP on a specified port. |
disable | Keyword to disable GMRP on a specified port. |
The default is GMRP is disabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
You can modify the per-port GMRP configuration, but you must enable GMRP globally using the set gmrp enable command before the per-port GMRP configuration takes effect.
This example shows how to enable GMRP on module 3, port 1:
Console> (enable) set port gmrp enable 3/1 GMRP enabled on port(s) 3/1. GMRP feature is currently disabled on the switch. Console> (enable)
This example shows how to disable GMRP on module 3, ports 1 through 5:
Console> (enable) set port gmrp disable 3/1-5 GMRP disabled on port(s) 3/1-5. Console> (enable)
Use the set port gvrp command to enable or disable GVRP on the specified ports in all VLANs.
set port gvrp mod/ports... {enable | disable}
mod/ports... | Module number and port number list. |
enable | Keyword to enable GVRP on the specified ports. |
disable | Keyword to disable GVRP on the specified ports. |
The default is GVRP is disabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
GVRP can only be enabled on IEEE 802.1Q trunks.
When VTP pruning is enabled, VTP pruning runs on all GVRP-disabled trunks.
To run GVRP on a trunk, GVRP needs to be enabled both globally on the switch and enabled individually on the trunk.
You can configure GVRP on a port even when GVRP is globally disabled. However, the port will not become a GVRP participant until GVRP is also globally enabled.
This example shows how to enable GVRP on module 3, port 2:
Console> (enable) set port gvrp 3/2 enable GVRP enabled on 3/2. Console> (enable)
This example shows how to disable GVRP on module 3, port 2:
Console> (enable) set port gvrp 3/2 disable GVRP disabled on 3/2. Console> (enable)
This example shows what happens if you try to enable GVRP on a port that is not an 802.1Q trunk:
Console> (enable) set port gvrp 4/1 enable Failed to set port 4/1 to GVRP enable. Port not allow GVRP. Console> (enable)
This example shows what happens if you try to enable GVRP on a specific port when GVRP has not first been enabled using the set gvrp command:
Console> (enable) set port gvrp 5/1 enable GVRP enabled on 5/1. GVRP feature is currently disabled on the switch. Console> (enable)
show gvrp configuration
set gvrp
clear gvrp statistics
Use the set port host command to optimize the port configuration for a host connection.
set port host mod/ports...
mod/ports... | Module number and port number list. |
This command has no default setting.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
The set port host command sets channel mode to off, enables spanning-tree portfast, and sets trunk mode to off. Only an end station can accept this configuration.
Enable spanning-tree portfast start only on ports connected to a single host. Connecting hubs, concentrators, switches, and bridges to a fast start port can cause temporary spanning tree loops.
Enable the set port host command to decrease the time it takes to start up packet forwarding.
This example shows how to optimize the port configuration for end station/host connections on ports 2/1 and 3/1:
Console> (enable) set port host 2/1,3/1 Warning: Span tree port fast start should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast start port can cause temporary spanning tree loops. Use with caution. Spantree ports 2/1,3/1 fast start enabled. Port(s) 2/1,3/1 trunk mode set to off. Port(s) 2/1 channel mode set to off. Console> (enable)
Use the set port level command to set the priority level of a port or range of ports on the switching bus.
set port level mod_num/port_num {normal | high}
mod_num | Number of the module. |
port_num | Number of the port on the module. |
normal | Keyword to set the port priority to normal. |
high | Keyword to set the port priority to high. |
The default configuration has all ports at normal priority level.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
Packets traveling through a port set at normal priority are served only after packets traveling through a port set at high priority are served.
This example shows how to set the priority level for port 2 on module 1 to high:
Console> (enable) set port level 1/2 high Port 1/2 port level set to high. Console> (enable)
This example shows how to set the priority level for port 2 on module 1 to normal:
Console> (enable) set port level 1/2 normal Port 1/2 level set to normal. Console> (enable)
set port disable
set port enable
set port name
set port speed
show port
Use the set port membership command to configure ports for dynamic or static VLAN membership.
set port membership mod_num/port_num {dynamic | static}
mod_num | Module number. |
port_num | Port number. |
dynamic | Keyword to configure the port for dynamic VLAN membership. |
static | Keyword to configure the port for static VLAN membership. |
Default port membership is static.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
This command is not supported on the following:
Ports configured for dynamic VLAN membership obtain their VLAN assignment through VMPS. Ports configured for static VLAN membership obtain their VLAN assignment through the set vlan command.
When a port is assigned a VLAN dynamically, the show port command output identifies the VLAN as dynamic. If the dynamic port is shut down by a VMPS, its status is shown as shutdown.
These examples show how to configure a port for dynamic VLAN membership:
Console> (enable) set port membership 3/1-3 dynamic Ports 3/1-3 vlan assignment set to dynamic. Spantree port fast start option enabled for ports 3/1-3. Console> (enable)
Use the set port name command to configure a name for a port.
set port name mod_num/port_num [port_name]
mod_num | Number of the module. |
port_num | Number of the port. |
port_name | (Optional) Name of the port. |
The default configuration has no port name configured for any port.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
If you do not specify the name string, the port name is cleared.
This example shows how to set port 1 on module 4 to Snowy:
Console> (enable) set port name 4/1 Snowy Port 4/1 name set. Console> (enable)
Use the set port negotiation command to enable or disable the link negotiation protocol on the specified port.
set port negotiation mod_num/port_num [enable | disable]
mod_num | Number of the module. |
port_num | Number of the port. |
enable | (Optional) Keyword to enable the link negotiation protocol. |
disable | (Optional) Keyword to disable the link negotiation protocol. |
The default is link negotiation protocol enabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
This command is supported on Gigabit Ethernet and some Fast Ethernet ports. If the port does not support the command, the following message appears (where N/N is the module and port number):
Feature not supported on Port N/N.
The ports on both ends of a link must have the same setting. The link will not come up if the ports at each end of the link are set inconsistently (link negotiation is enabled on one port and disabled on the other port).
This example shows how to disable link negotiation protocol on port 1, module 4:
Console> (enable) set port negotiation 4/1 disable Link negotiation protocol disabled on port 4/1. Console> (enable)
Use the set port protocol command to set the protocol filtering group membership of ports.
set port protocol mod_num/port_num {ip | ipx | group} {on | off | auto}
mod_num | Number of the module. |
port_num | Number of the port. |
ip | Keyword to specify the IP protocol filtering group. |
ipx | Keyword to specify the IPX protocol filtering group. |
group | Keyword to specify the Group protocol filtering group. |
on | Keyword to indicate the port will receive all the flood traffic for that protocol. |
off | Keyword to indicate the port will not receive any flood traffic for that protocol. |
auto | Keyword to indicate the port will receive the flood traffic for that protocol only after transmitting packets of that specific protocol. |
By default, ports are configured to on for the IP protocol group and auto for the IPX and Group protocol groups.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
Protocol filtering is supported only on nontrunking Ethernet, Fast Ethernet, and Gigabit Ethernet ports. Trunking ports are always members of all the protocol groups.
You must enable protocol filtering globally on the switch using the set protocolfilter command.
If the configuration for one of the protocol groups is set to auto, the port initially does not receive any flood packets for that protocol. If the connected device transmits packets of that protocol, the port is added to the protocol group and flood traffic for that protocol is transmitted on that port.
Ports configured as auto are removed from the protocol group if the connected device does not transmit packets of that protocol within 60 minutes. They are also removed from the protocol group on detection of a link down.
On the Catalyst 5000 family and 2926G series switches, packets are classified into the following protocol groups:
On the Catalyst 4000 family and 2948G switches, packets are classified into the following protocol groups:
This example shows how to disable IPX protocol membership of port 1 on module 2:
Console> (enable) set port protocol 2/1 ipx off IPX protocol disabled on port 2/1. Console> (enable)
This example shows how to enable automatic IP membership of port 1 on module 5:
Console> (enable) set port protocol 5/1 ip auto IP protocol set to auto mode on module 5/1. Console> (enable)
set protocolfilter
show port protocol
Use the set port qos command to set the CoS value for all unclassified frames on the specified ports.
set port qos mod/ports... cos cos_value
mod/ports... | Number of the module and the ports. |
cos | Keyword used to specify CoS values. |
cos_value | CoS value; valid values are 0 through 7. |
The default CoS on all ports is 0.
Catalyst 5000 family switches
Switch command.
Privileged.
You can use the set port qos command on Supervisor Engines III and III F with NFFC II, or Supervisor Engines II G and III G.
This example shows how to set the default CoS value on a port:
Console> (enable)set port qos 2/1 cos 3Port 2/1 qos cos set to 3Console> (enable)
clear port qos cos
show qos info
Use the set port security command to configure port security on a port or range of ports.
set port security mod/ports... maximum num_of_mac
mod | Number of the module. |
ports... | Number of the ports. |
maximum num_of_mac | Maximum number of MAC addresses to secure on the port. |
enable | Keyword to enable port security. |
disable | Keyword to disable port security. |
mac_addr | Secure MAC address of the enabled port. |
age time | Duration for which addresses on the port will be secured. |
shutdown time | Duration for which a port will remain disabled in case of a security violation. |
violation | Action to be taken in the event of a security violation. |
shutdown | Keyword to shut down the port in the event of a security violation. |
restrict | Keyword to restrict packets from unsecure hosts. |
The default port security configuration is as follows:
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
If you enter the set port security enable command but do not specify a MAC address, the first MAC address seen on the port becomes the secure MAC address.
You can specify the number of MAC addresses to secure on a port. You can add MAC addresses to this list of secure addresses. The maximum number 1024.
The set port security violation command allows you to specify whether you want the port to shut down or to restrict access only to insecure MAC addresses. The shutdown time allows you to specify the duration of shutdown in the event of a security violation.
This example shows how to set port security with a learned MAC address:
Console> (enable)set port security 3/1 enablePort 3/1 port security enabled with the learned mac address.Console> (enable)
This example shows how to set port security with a specific MAC address:
Console> (enable)set port security 3/1 enable 01-02-03-04-05-06Port 3/1 port security enabled with 01-02-03-04-05-06 as the secure mac address.Console> (enable)
This example sets the shutdown time to 600 minutes on port 7/7:
Console> (enable) set port security 7/7 shutdown 600
Secure address shutdown time set to 600 minutes for port 7/7.
Console> (enable)
This example sets the port to drop all packets that are coming in on the port from insecure hosts:
Console> (enable) set port security 7/7 violation restrict Port security violation on port 7/7 will cause insecure packets to be dropped. Console> (enable)
show port security
clear port security
Use the set port speed command to configure the transmission speed of a port.
set port speed mod_num/port_num {10 | 100 | auto}
mod_num | Number of the module. |
port_num | Number of the port on the module. |
10 | 100 | Keywords to specify 10-Mbps or 100-Mbps transmission rate on 10/100 Fast Ethernet ports. |
4 | 16 | Keywords to specify 4-Mbps or 16-Mbps transmission rate on Token Ring ports. |
auto | Keyword to specify autosense transmission speed on the port. |
The default configuration has all module ports set to auto.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
You can configure Ethernet interfaces on the 10/100-Mbps Ethernet switching modules to either 10 Mbps or 100 Mbps, or to autosensing mode, allowing them to sense and distinguish between 10-Mbps and 100-Mbps port transmission speeds and full-duplex or half-duplex port transmission types at a remote port connection. If you set the interfaces to autosensing mode, they configure themselves automatically to operate at the proper speed and transmission type.
You can configure Token Ring interfaces on the Token Ring module to either 4 Mbps or 16 Mbps, or to autospeed detection mode, allowing them to sense and distinguish between 4-Mbps and 16-Mbps port transmission speed. If you set the interfaces to autospeed detection mode, they automatically configure themselves to operate at the proper speed.
If you change the transmission speed of a port that is open to 4 or 16 Mbps, the port will close and reopen at the new transmission speed. If a port closes and reopens on an existing ring using a transmission speed different from that which the ring is operating, the ring will beacon.
If you set the port speed to auto, duplex mode is automatically set to auto.
If the ports on the Token Ring module are configured to detect the speed of the ring automatically, the first port inserted on the ring does not set the speed because it is unable to detect the speed.
This example shows how to configure port 1 on module 2 to auto:
Console> (enable) set port speed 2/1 auto Port 2/1 speed set to auto-sensing mode. Console> (enable)
This example shows how to configure port 2 on module 2 port speed to 10 Mbps:
Console> (enable) set port speed 2/2 10 Port 2/2 speed set to 10 Mbps. Console> (enable)
This example shows how to configure port 4 on module 3 port speed to 16 Mbps:
Console> (enable) set port speed 3/4 16 Port(s) 3/4 speed set to 16Mbps. Console> (enable)
Use the set port trap command to enable or disable the operation of the standard SNMP link trap (up or down) for a port or range of ports.
set port trap mod_num/port_num {enable | disable}
mod_num | Number of the module. |
port_num | Number of the port. |
enable | Keyword to activate the SNMP link trap. |
disable | Keyword to deactivate the SNMP link trap. |
The default configuration has all port traps disabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
This example shows how to enable the SNMP link trap for module 1, port 2:
Console> (enable) set port trap 1/2 enable Port 1/2 up/down trap enabled. Console> (enable)
set port disable
set port duplex
set port enable
set port name
set port speed
show port
Use the set prompt command to change the prompt for the CLI.
set prompt prompt_string
prompt_string | String to use as the command prompt. |
The default configuration has the prompt set to Console>.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
If you use the set system name command to assign a name to the switch, the switch name is used as the prompt string. However, if you specify a different prompt string using the set prompt command, that string is used for the prompt.
This example shows how to set the prompt to system100>:
Console> (enable) set prompt system100> system100> (enable)
Use the set protocolfilter command to activate or deactivate protocol filtering.
set protocolfilter {enable | disable}
enable | Keyword to activate protocol filtering. |
disable | Keyword to deactivate protocol filtering. |
The default configuration has protocol filtering disabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
Use the set port protocol command to configure protocol filtering group membership on switch ports.
This example shows how to activate protocol filtering:
Console> (enable) set protocolfilter enable Protocol filtering enabled on this switch. Console> (enable)
This example shows how to deactivate protocol filtering:
Console> (enable) set protocolfilter disable Protocol filtering disabled on this switch. Console> (enable)
set port protocol
show protocolfilter
Use the set qos command to enable and disable QoS on the switch.
set qos {enable | disable}
enable | Keyword to enable QoS on the switch. |
disable | Keyword to disable QoS on the switch. |
The default is QoS is disabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2948G switch
Switch command.
Privileged.
Do not enable and disable QoS in quick succession (within 2 seconds of each other).
This example shows how to enable QoS:
Console> (enable)set qos enableQoS is enabled.Console> (enable)
This example shows how to disable QoS:
Console> (enable)set qos disableQoS is disabled.Console> (enable)
Use the set qos defaultcos command to define the default CoS value for the entire switch.
set qos defaultcos cos_value
cos_value | CoS value to use as the default CoS for the switch. |
The default CoS value for the entire switch is 0.
Catalyst 4000 family switches
Catalyst 2948G switch
Switch command.
Privileged.
This example shows how to set the switch default CoS to 7:
Console> (enable) set qos defaultcos 7 qos defaultcos set to 7 Console> (enable)
This example shows how to set the switch default CoS to 4:
Console> (enable) set qos defaultcos 4 qos defaultcos set to 4 Console> (enable)
Use the set qos ip-filter command to create access control entries (ACEs) with Layer 3 values or with both Layer 3 and 4 values.
set qos ip-filter cos {src_ip_addr_spec} {dest_ip_addr_spec} [before ACE# | modify ACE#]
cos | CoS to assign to packets matching this filter; valid values are from 0 to 7. |
src_ip_addr_ spec | Source IP address. See "Usage Guidelines" for the format. |
dest_ip_addr_ spec | Destination IP address. See "Usage Guidelines" for the format. |
before ACE# | (Optional) Keyword and variable to insert an ACE in front of the specified ACE. |
modify ACE# | (Optional) Keyword and variable to replace an ACE with the new ACE. |
protocol | Type of protocol that the ACE matches; valid values are TCP, UDP, or any. |
src_port | Number of the source port. |
dest_port | Number of the destination port. |
This command has no default setting.
Catalyst 5000 family switches
Switch command.
Privileged.
This command is supported only on Catalyst 5000 family switches with Supervisor Engine II G or III G, or Supervisor Engine III or III F with the NFFC II.
If you do not specify the before ACE# argument, the new entry is placed after the last. The ACE number of any entry is its current position in the list. These can be viewed by the show qos ip command.
If you do not enter the protocol variable, the set qos ip-filter command specifies an ACE that is independent of the Layer 4 protocol and port. If you enter the protocol variable, the command specifies an ACE that matches specific Layer 4 protocols and ports.
The dest_ip_addr_spec and src_ip_addr_spec variables are entered in the following format:
{any | {host ip_addr} | {ip_addr wildcard_mask}}where:
Layer 4 ports can only be specified for unicast addresses. If the destination address specifies a multicast address, and you enter the set qos ip-filter cos {dest_ip_addr} {src_ip_addr mask} proto dst_port src_port] [before ACE#] command, an error is displayed. If the destination address includes multicast addresses and the same command is used, a message displays that the command only applies to unicast addresses.
If you enter a 0 for the src_port variable, it means any source port matches.
If you enter a 0 for the dest_port variable, it means any destination port matches.
This example shows how to create ACEs and an ACE within the list and verify the configuration using the show qos ip-filter command:
Console>(enable)set qos ip-filter 7 100.100.1.1 0.0.0.255 200.200.1.1 0.0.0.255qos ip-filter is set successfully.Console>(enable)
Console> (enable)show qos ipThere are 1 IP filter(s).ACE# Dest IP and Mask Src IP and Mask---- -------------------------------- --------------------------------1 100.100.1.1 0.0.0.255 200.200.1.1 0.0.0.255Protocol Dst Port Src Port CoS-------- -------- -------- ---both 0 0 7Console> (enable)
Console> (enable)set qos ip-filter 4 120.100.1.1 0.0.0.255 210.210.1.1 0.0.0.255 tcp 23 47qos ip-filter is set successfully.Console>(enable)
Console> (enable)show qos ipThere are 2 IP filter(s).ACE# Dest IP and Mask Src IP and Mask---- -------------------------------- --------------------------------1 100.100.1.1 0.0.0.255 200.200.1.1 0.0.0.255Protocol Dst Port Src Port CoS-------- -------- -------- ---both 0 0 72 120.100.1.1 0.0.0.255 210.210.1.1 0.0.0.255Protocol Dst Port Src Port CoS-------- -------- -------- ---tcp 23 47 4Console>(enable)Console> (enable)set qos ip-filter 1 20.20.20.1 0.255.255.255 30.30.1.1 0.255.255.255 before 7qos ip-filter is set successfully.Console>(enable)Console> (enable)show qos ipThere are 3 IP filter(s).ACE# Dest IP and Mask Src IP and Mask---- -------------------------------- --------------------------------1 20.20.20.1 0.255.255.255 30.30.1.1 0.255.255.255Protocol Dst Port Src Port CoS-------- -------- -------- ---both 0 0 12 100.100.1.1 0.0.0.255 200.200.1.1 0.0.0.255Protocol Dst Port Src Port CoS-------- -------- -------- ---both 0 0 73 120.100.1.1 0.0.0.255 210.210.1.1 0.0.0.255Protocol Dst Port Src Port CoS-------- -------- -------- ---tcp 23 47 4Console> (enable)
show qos ip
clear qos ip-filter
Use the set qos mac-cos command to map a CoS value to a MAC address and VLAN pair.
set qos mac-cos dest_mac vlan cos
dest_mac | MAC address of the destination host. |
vlan | Number of the VLAN; valid values are 1 to 1001. |
cos | CoS value; valid values are 0 to 7, with the higher numbers representing higher priority. |
This command has no default setting.
Catalyst 5000 family switches
Switch command.
Privileged.
This command is supported only on Catalyst 5000 family switches with Supervisor Engine II G or III G, or Supervisor Engine III or III F with the NFFC II.
The set qos mac-cos command creates a permanent CAM entry that remains in the CAM table until the active supervisor is reset.
The port associated with the MAC address is learned when the first packet with this source MAC address is received. These entries are not aged out.
If you enter the show cam command, entries made with the set qos mac-cos command are displayed as dynamic. Entries made using the set qos mac-cos command do not age out.
This example shows how to map a CoS value to a MAC address and VLAN:
Console> (enable)set qos mac-cos 0f-ab-12-12-00-13 2 3CoS 3 is assigned to 0f-ab-12-12-00-13 vlan 2.Console> (enable)
clear qos mac-cos
show qos mac-cos
Use the set qos map command to associate CoS values to a transmit queue and drop threshold.
set qos map port_type q# threshold# cos coslist
port_type | The port_type is hardware-dependent. Use the show port capabilities command to determine the port_type for your hardware. The port type is defined by the number of transmit queues and the number of drop thresholds supported on the port. For example, the 1q4t port type supports one transmit queue and four drop thresholds. |
q# | Transmit queue number. |
threshold# | Drop threshold number. The higher the threshold number, the lower the chance traffic will be dropped. |
cos | Keyword used to specify CoS values. |
coslist | List of CoS values between 0 to 7. The higher the number the higher the priority. |
CoS value-to-drop threshold mapping | Catalyst 5000 family switches:
Catalyst 4000 family and 2948G switches:
|
CoS value-to-transmit queue mapping | Catalyst 5000 family switches:
Catalyst 4000 family and 2948G switches:
|
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2948G switch
Switch command.
Privileged.
On the Catalyst 5000 family switches, this command is supported only with Supervisor Engine II G or III G, or Supervisor Engine III or III F with the NFFC II.
This example shows how to assign the CoS values 1 and 2 to the first transmit queue and the first drop threshold for that queue on a 1q4t port (Catalyst 5000 family switches):
Console> (enable) set qos map 1q4t 1 1 cos 1-2
Qos tx priority queue and threshold mapped to cos successfully.
Console> (enable)
This example shows how to assign the CoS values 4 through 7 to the first transmit queue and the second drop threshold for that queue on a 1q4t port (Catalyst 5000 family switches):
Console> (enable) set qos map 1q4t 1 2 cos 4-7
Qos tx priority queue and threshold mapped to cos successfully.
Console> (enable)
This example shows how to map CoS values 4 through 7 to the second transmit queue and the first drop threshold for that queue on a 2q1t port (Catalyst 4000 family and 2926G switches):
Console> (enable) set qos map 2q1t 2 1 cos 4-7 Qos tx priority queue and threshold mapped to cos successfully. Console> (enable)
Use the set qos router-mac command to specify router MAC addresses for ACE-based classification.
set qos router-mac mac_address vlan
mac_address | MAC address contained in the packets to be filtered. You can enter this address in canonical format (00-11-33-44-55) or noncanonical format (00:11:22:33:44:55). |
vlan | Number of the VLAN; valid values are 1 to 1005. |
This command has no default setting.
Catalyst 5000 family switches
Switch command.
Privileged.
This command is supported only on Catalyst 5000 family switches with Supervisor Engine II G or III G, or Supervisor Engine III or III F with the NFFC II.
This command is not supported by the MLS-RP.
Use this command to specify the MAC address of a router for which to perform ACE-based classification. For IPv4 traffic destined for a router, QoS can classify packets that match an Access-Control Entry (ACE) by setting the IP precedence bits (in the IP TOS header) and CoS value in the frame header.
If you are using MLS, QoS can perform ACE-based classification only for traffic that is switched using MLS. ACE-based classification is performed at the switch egress port as the flow is being multilayer switched. QoS cannot perform ACE-based classification on traffic that the MLS-RP routes off the switch. QoS learns the address of the MLS-RP automatically when MLS is configured on the switch.
This example shows how to set the router MAC address on a specific VLAN:
Console> (enable) set qos router-mac 00-40-0b-30-03-48 2Router MAC/Vlan is set for QoS.Console> (enable)
clear qos router-mac
show qos mac-cos
Use the set qos wred-threshold command to specify the transmit queue drop thresholds on all ports in the switch.
set qos wred-threshold port_type [rx | tx] queue {q# thr1 thr2 thr3 thr4}
port_type | Only valid value for port_type is 1q4t. |
rx | (Optional) Keyword to specify input queuing. This keyword is not supported. |
tx | (Optional) Keyword to specify output queuing. |
queue | Keyword to specify the queue value. |
q# | Number of queue. The only valid value is 1. |
thr# | Value of threshold; valid values are 1 to 100 percent. |
The defaults are output queuing and the threshold values are 30%, 50%, 80%, and 100%.
Catalyst 5000 family switches
Switch command.
Privileged.
This command is supported only on Catalyst 5000 family switches with Supervisor Engine II G or III G, or Supervisor Engine III or III F with the NFFC II.
The number preceding the t letter in the port_type (1q4t) determines the number of threshold values the hardware supports. For example, with 1q4t, the number of thresholds specified is four.
The number preceding the q letter in the port_type determines the number of the queues that the hardware supports. For example, with 1q4t, the number of queues specified is one.
The transmit drop threshold percentages specified select a buffer usage level where each threshold applies. The percentages to buffer usage level are as follows:
Due to the granularity of programming the hardware, the values set in hardware will be close approximations of the values provided.
This example shows how to configure the transmit queue drop thresholds.
Console> (enable) set qos wred-threshold 1q4t tx queue 1 30 50 80 100
Transmit drop thresholds for queue 1 set at 30% 50% 80% 100%
Console> (enable)
Posted: Wed Feb 9 16:12:29 PST 2000
Copyright 1989 - 2000©Cisco Systems Inc.