|
|
Use the set tokenring reduction command to reduce broadcast storms in an externally looped network.
set tokenring reduction {enable | disable}
enable | disable | Keyword to turn broadcast reduction on (enable) or off (disable). |
The default configuration is enabled.
Catalyst 5000 family switches
Switch command.
Privileged.
The following example shows how to enable All-Routes Explorer reduction:
Console> (enable) set tokenring reduction enable
Tokenring reduction enabled
Console> (enable)
The following example shows how to disable All-Routes Explorer reduction:
Console> (enable) set tokenring reduction disable
Tokenring reduction disabled
Console> (enable)
Use the set trunk command to configure trunk ports and to add VLANs to the allowed VLAN list for existing trunks.
set trunk mod_num/port_num [on | off | desirable | auto | nonegotiate] [vlan_range] [isl | dot1q | dot10 | lane | negotiate]
mod_num | Number of the module. |
port_num | Number of the port on the module. |
on | (Optional) Keyword to force the port to become a trunk port and persuade the neighboring port to become a trunk port. The port becomes a trunk port even if the neighbor port does not agree to become a trunk. This is the only possible mode for ATM ports. |
off | (Optional) Keyword to force the port to become a nontrunk port and persuade the neighboring port to become a nontrunk port. The port becomes a nontrunk port even if the neighbor port does not agree to become a nontrunk port. This is the default mode for FDDI trunks. This option is not allowed for ATM ports. |
desirable | (Optional) Keyword to cause the port to negotiate actively with the neighbor port to become a trunk link. This mode is not allowed on FDDI and ATM ports. |
auto | (Optional) Keyword to cause the port to become a trunk port if the neighboring port tries to negotiate a trunk link. This mode is not allowed on FDDI and ATM ports. This is the default mode for Fast Ethernet and Gigabit Ethernet ports. |
nonegotiate | (Optional) Keyword to force the port to become a trunk port but prevent it from sending DTP frames to its neighbor. This mode is only allowed on ISL and IEEE 802.1Q trunks. |
vlan_range | (Optional) VLANs to add to the list of allowed VLANs on the trunk. The VLAN range is 1 to 1005. |
isl | (Optional) Keyword to specify an ISL trunk on an Ethernet port. |
dot1q | (Optional) Keyword to specify an IEEE 802.1Q trunk on an Ethernet port. IEEE 802.1Q trunks are supported in Catalyst 5000 family and 2926G series software release 4.1(1) and later with 802.1Q-capable hardware. Automatic negotiation of 802.1Q trunks is supported in software release 4.2(1) and later. In software release 4.1, you must use the nonegotiate mode with 802.1Q trunks. |
dot10 | (Optional) Keyword to specify an IEEE 802.10 trunk on a FDDI or CDDI port. |
lane | (Optional) Keyword to specify an ATM LANE trunk on an ATM port. |
negotiate | (Optional) Keyword to specify that the port become an ISL (preferred) or 802.1Q trunk, depending on the configuration and capabilities of the neighboring port. |
All ports except ATM LANE ports are nontrunk ports by default. ATM LANE and RSM ports are always configured as trunk ports.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
The Catalyst 2948G switch is a fixed configuration switch. All ports are located on module 2; for this reason, if you enter 1/N for the module/port number, an error message is displayed.
Trunking capabilities are hardware dependent. Refer to the Module Installation Guide for your switch to determine the trunking capabilities of your hardware, or enter the show port capabilities command.
The Catalyst 5000 family, 4000 family, 2926G series, and 2948G switches use the DTP (formerly known as DISL) to negotiate trunk links automatically on Fast Ethernet and Gigabit Ethernet ports. Whether a port will negotiate to become a trunk port depends on both the mode and the trunk type specified for that port. Refer to the Software Configuration Guide for your switch for detailed information on how trunk ports are negotiated.
DTP is a point-to-point protocol. However, some internetworking devices might improperly forward DTP frames. You can avoid this problem by ensuring that trunking is turned off on ports connected to non-Catalyst 5000 family, 4000 family, 2926G series, and 2948G devices if you do not intend to trunk across those links. When enabling trunking on a link to a Cisco router, enter the nonegotiate keyword to cause the port to become a trunk but not generate DTP frames. The nonegotiate keyword is available in Catalyst 5000 family, 4000 family, 2926G series, and 2948G software release 2.4(3) and later.
For trunking to be negotiated on Fast Ethernet and Gigabit Ethernet ports, the ports must be in the same VTP domain. However, you can use the on or nonegotiate mode to force a port to become a trunk, even if it is in a different domain.
To remove VLANs from the allowed list for a trunk, enter the clear trunk mod_num/port_num vlan_range command. When you first configure a port as a trunk, the set trunk command always adds all VLANs to the allowed VLAN list for the trunk, even if you specify a VLAN range (the specified VLAN range is ignored).
To remove VLANs from the allowed list, enter the clear trunk mod_num/port_num vlan_range command. To later add VLANs that were removed, enter the set trunk mod_num/port_num vlan_range command.
If you do not enter a trunk-type keyword, the value is unchanged from the previous configuration.
You cannot change the allowed VLAN range on the RSM port.
The RSM port can be configured only as an IEEE 802.1Q-type trunk.
The dot1q trunk type is the only trunk type supported by the Catalyst 4000 family and 2948G switches.
To return a trunk to its default trunk type and mode, enter the clear trunk mod_num/port_num command.
If you enter the set trunk command on a Token Ring port, you receive a message indicating that the port is "not a trunk-capable port."
This example shows how to set port 2 on module 1 as a trunk port:
Console> (enable) set trunk 1/2 on Port(s) 1/2 trunk mode set to on. Console> (enable)
This example shows how to add VLANs 5 through 50 to the allowed VLAN list for a trunk port (VLANs were previously removed from the allowed list with the clear trunk command):
Console> (enable) set trunk 1/1 5-50 Adding vlans 5-50 to allowed list. Port(s) 1/1 allowed vlans modified to 1,5-50,101-1005. Console> (enable)
This example shows how to set port 5 on module 4 as an 802.1Q trunk port in desirable mode:
Console> (enable) set trunk 4/5 desirable dot1q Port(s) 4/5 trunk mode set to desirable. Port(s) 4/5 trunk type set to dot1q. Console> (enable)
clear trunk
set vtp
show trunk
show vtp statistics
Use the set udld command to enable or disable the UDLD feature on specified ports or globally on all ports.
set udld enable | disable mod/ports...
enable | Keyword to enable the UDLD feature. |
disable | Keyword to disable the UDLD feature. |
mod/ports... | Number of the module and ports. |
The default is UDLD is globally disabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
Whenever a unidirectional connection is detected, UDLD displays a syslog message to notify you and the network management application (via SNMP) that the port on which the misconfiguration has been detected has been disabled.
If you enter the global set udld enable or disable command, UDLD is globally configured. If UDLD is globally disabled, UDLD is automatically disabled on all interfaces, but the per-port enable (or disable) configuration is not changed. If UDLD is globally enabled, whether UDLD is running on an interface or not depends on its per-port configuration.
UDLD is supported on both Ethernet fiber and copper interfaces. UDLD can only be enabled on Ethernet fiber or copper interfaces.
This example shows how to enable the UDLD feature for port 1 on module 2:
Console> (enable) set udld enable 2/1 UDLD enabled on port 2/1. Warning:UniDirectional Link Detection should be enabled on all the ends of the connection in order to work properly. Console> (enable)
This example shows how to disable the UDLD feature for port 1 on module 2:
Console> (enable) set udld disable 2/1 UDLD disabled on port 2/1. Warning:UniDirectional Link Detection should be enabled on all the ends of the connection in order to work properly. Console> (enable)
This example shows how to enable the UDLD feature for all ports on all modules:
Console> (enable) set udld enable UDLD enabled globally Console> (enable)
This example shows how to disable the UDLD message display for all ports on all modules:
Console> (enable) set udld disable UDLD disabled globally Console> (enable)
Use the set vlan command to group ports into a VLAN.
set vlan vlan_num mod_num/port_list
vlan_num | Number identifying the VLAN. |
mod_num | Number of the module. This parameter is not valid when defining or configuring TrBRFs. |
port_list | Numbers of the port on the module belonging to the VLAN. This parameter does not apply to TrBRFs. |
name name | (Optional) Keyword to define a text string used as the name of the VLAN (1 to 32 characters). |
type {ethernet | fddi | fddinet | trcrf | trbrf} | (Optional) Keywords to identify the VLAN type. |
state {active | suspend} | (Optional) Keyword to specify whether the state of the VLAN is active or suspended. VLANs in suspended state do not pass packets; the default is active. |
said said | (Optional) Keyword to specify the security association identifier. Possible values are 1 to 4294967294. This parameter does not apply to TrCRFs or TrBRFs. |
mtu mtu | (Optional) Keyword to specify the maximum transmission unit (packet size, in bytes) that the VLAN can use. Possible values are 576 to 18190. |
ring hex_ring_number | (Optional) Keyword to specify the logical ring number for Token Ring VLANs. Possible values are hexadecimal numbers 0x1 to 0xFFF. For Token Ring VLANs, this parameter is valid and required only when defining a TrCRF. |
decring decimal_ring_number | (Optional) Keyword to specify the logical ring number for Token Ring VLANs. Possible values are decimal numbers 1 to 4095. For Token Ring VLANs, this parameter is valid and required only when defining a TrCRF. |
bridge bridge_num | (Optional) Keyword to specify the identification number of the bridge. Possible values are hexadecimal numbers 0x1 to 0xF. For Token Ring VLANs, the default is 0F. This parameter is not valid for TrCRFs. |
parent vlan_num | (Optional) Keyword to set a parent VLAN. The range for vlan_num is 2 to 1005. This parameter identifies the TrBRF to which a TrCRF belongs and is required when defining a TrCRF. |
mode {srt | srb} | (Optional) TrCRF bridging mode. Valid values for this parameter are srt and srb. |
stp {ieee | ibm | auto} | (Optional) Keyword to specify the version of the Spanning-Tree Protocol for a TrBRF to use, source routing transparent (ieee), source route bridging (ibm), automatic source selection (auto). |
translation vlan_num | (Optional) Keyword to specify a translational VLAN used to translate FDDI to Ethernet. Possible values are 1 to 1005. This parameter is not valid for defining or configuring Token Ring VLANs. |
backupcrf {off | on} | (Optional) Keyword to specify whether the TrCRF is a backup path for traffic. |
aremaxhop hop_count | (Optional) Keyword to specify the maximum number of hops for All-Routes Explorer frames. Possible values are 1 to 14. This parameter is only valid when defining or configuring TrCRFs. |
stemaxhop hop_count | (Optional) Keyword to specify the maximum number of hops for Spanning-Tree Explorer frames. Possible values are 1 to 14. This parameter is only valid when defining or configuring TrCRFs. |
The default configuration has all switched Ethernet ports and Ethernet repeater ports in VLAN 1. The default SAID is 100001 for VLAN 1, 100002 for VLAN 2, 100003 for VLAN 3, and so on. The default type is Ethernet. The default MTU is 1500 bytes. The default state is active.
The default TrBRF is 1005, the default TrCRF is 1003, and the default MTU for TrBRFs and TrCRFs is 4472. The default state is active. The default aremaxhop is 7; the default stemaxhop is 7.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
You cannot use the set vlan command until the Catalyst 5000 family, 4000 family, and 2926G series switches are either in VTP transparent mode (set vtp mode) or until a VTP domain name has been set (set vtp).
Valid MTU values for Token Ring VLAN are 1500 or 4472. While you can enter any value for the MTU value, the value you enter defaults to the next lowest valid value.
You cannot set multiple VLANs for ISL ports using this command. The VLAN name can be from 1 to 32 characters in length. If adding a new VLAN, the VLAN number must be within the range 2 to 1001. When modifying a VLAN, the valid range for the VLAN number is 2 to 1005.
On a new Token Ring VLAN, if you do not specify the parent parameter for a TrCRF, the default TrBRF (1005) is used.
The Catalyst 4000 family and 2948G switches are Ethernet-only devices.
The Catalyst 2948G switch is a fixed configuration switch. All ports are located on module 2; for this reason, if you enter 1/N for the module/port number, an error message is displayed.
This example shows how to set VLAN 850 to include ports 4 through 7 on module 3. Ports 4 through 7 were originally assigned to TrCRF 1003, therefore, the message reflects the modification of VLAN 1003:
Console> (enable) set vlan 850 3/4-7 VLAN 850 modified. VLAN 1003 modified. VLAN Mod/Ports ---- ----------------------- 850 3/4-7 Console> (enable)
Use the set vlan mapping command to map 802.1Q VLANs to ISL VLANs.
set vlan mapping dot1q 1q_vlan_num isl isl_vlan_num
dot1q | Keyword to specify the 802.1Q VLAN. |
1q_vlan_num | Number identifying the 802.1Q VLAN; valid values are 1001 to 4095. |
isl | Keyword to specify the ISL VLAN. |
isl_vlan_num | Number identifying the ISL VLAN; valid values are 1 to 1000. |
The default is no 802.1Q-to-ISL mappings are defined.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
IEEE 802.1Q VLAN trunks support VLANs 1 through 4095. ISL VLAN trunks support VLANs 1 through 1000. The switch automatically maps 802.1Q VLANs 1000 and lower to ISL VLANs with the same number.
Catalyst 4000 family and 2948G switches only support 802.1Q trunks. You can map up to seven VLAN indexes greater than 1000 to ISL VLANs.
The native VLAN of the 802.1Q trunk cannot be used in the mapping.
Use this feature to map 802.1Q VLANs above 1000 to ISL VLANs. Note that if you map a 802.1Q VLAN over 1000 to an ISL VLAN, the corresponding 802.1Q VLAN will be blocked. For example, if you map 802.1Q VLAN 2000 to ISL VLAN 200, then 802.1Q VLAN 200 will be blocked.
You can map up to seven VLANs. Only one 802.1Q VLAN can be mapped to an ISL VLAN. For example, if 802.1Q VLAN 800 has been automatically mapped to ISL VLAN 800, do not manually map any other 802.1Q VLANs to ISL VLAN 800.
You cannot overwrite existing 802.1Q VLAN mapping. If the 802.1Q VLAN number is in the mapping table, the command is aborted. You must first clear that mapping.
If vlan_num does not exist, then either of the following occurs:
If the table is full, the command is aborted with an error message indicating the table is full.
This example shows how to map VLAN 1022 to ISL VLAN 850:
Console> (enable) set vlan mapping dot1q 1022 isl 850 Vlan 850 configuration successful Vlan mapping successful Console> (enable)
This example shows the display if you enter a VLAN that does not exist:
Console> (enable) set vlan mapping dot1q 1017 isl 999 Vlan mapping successful Warning: vlan 999 non-existent Vlan 999 configuration successful Console> (enable)
This example shows the display if you enter an existing mapping:
Console> (enable) set vlan mapping dot1q 1033 isl 722 722 exists in the mapping table. Please clear the mapping first. Console> (enable)
This example shows the display if the mapping table is full:
Console> (enable) set vlan mapping dot1q 1099 isl 917 Vlan Mapping Table Full. Console> (enable)
Use the set vmps downloadmethod command to specify whether to use TFTP or rcp to download the VMPS database.
set vmps downloadmethod {rcp | tftp} [username]
rcp | Keyword to specify rcp as the method for downloading the VMPS database. |
tftp | Keyword to specify TFTP as the method for downloading the VMPS database. |
username | (Optional) Specifies a username for downloading with rcp. |
If no method is specified, TFTP will be used.
Catalyst 5000 family switches
Catalyst 2926G series switches
Switch command.
Privileged.
The username option is not allowed if TFTP is specified as the download method.
This example shows how to specify the method for downloading the VMPS database:
Console> (enable) set vmps downloadmeth rcp jdoe vmps downloadmethod : RCP rcp vmps username : jdoe Console> (enable)
set rcp username
show vmps
download vmps
Use the set vmps downloadserver command to specify the IP address of the TFTP or rcp server from which the VMPS database is downloaded.
set vmps downloadserver ip_addr [filename]
ip_addr | IP address of the TFTP or rcp server from which the VMPS database is downloaded. |
filename | (Optional) VMPS configuration filename on the TFTP or rcp server. |
If filename is not specified, the set vmps downloadserver command uses the default filename vmps-config-database.1.
Catalyst 5000 family switches
Catalyst 2926G series switches
Switch command.
Privileged.
This example shows how to specify the server from which the VMPS database is downloaded and the configuration filename:
Console> (enable) set vmps downloadserver 192.168.69.100 vmps_config.1 IP address of the server set to 192.168.69.100 VMPS configuration filename set to vmps_config.1 Console> (enable)
set vmps state
show vmps
download vmps
Use the set vmps server command to configure the IP address of the VMPS server to be queried.
set vmps server ip_addr [primary]
ip_addr | IP address of the VMPS server. |
primary | (Optional) Keyword to identify the specified device as the primary VMPS server. |
If no IP address is specified, VMPS uses the local VMPS configuration.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
You can specify the IP addresses of up to three VMPS servers. You can define any VMPS server as the primary VMPS server.
If the primary VMPS server is down, all subsequent queries go to a secondary VMPS server. VMPS checks on the primary server's availability once every five minutes. When the primary VMPS server comes back online, subsequent VMPS queries are directed back to the primary VMPS server.
To use a co-resident VMPS (when VMPS is enabled in a device), configure one of the three VMPS addresses as the IP address of interface sc0.
This example shows how to define a VMPS server:
Console> (enable) set vmps server 192.168.10.140 primary 192.168.10.140 added to VMPS table as primary domain server. Console> (enable) set vmps server 192.168.69.171 192.168.69.171 added to VMPS table as backup domain server. Console> (enable)
Use the set vmps state command to enable or disable VMPS.
set vmps state {enable | disable}
enable | Keyword to enable VMPS. |
disable | Keyword to disable VMPS. |
By default, VMPS is disabled.
Catalyst 5000 family switches
Catalyst 2926G series switches
Switch command.
Privileged.
Before using the set vmps state command, you must use the set vmps tftpserver command to specify the IP address of the server from which the VMPS database is downloaded.
This example shows how to enable VMPS:
Console> (enable) set vmps state enable Vlan membership Policy Server enabled. Console> (enable)
This example shows how to disable VMPS:
Console> (enable) set vmps state disable All the VMPS configuration information will be lost and the resources released on disable. Do you want to continue (y/n[n]):y VLAN Membership Policy Server disabled. Console> (enable)
Use the set vtp command to set the options for VTP.
set vtp [domain domain_name] [mode {client | server | transparent}] [passwd passwd]
domain domain_name | (Optional) Keywords to define the name that identifies the VLAN management domain. The domain_name can be 1 to 32 characters in length. |
mode | (Optional) Keywords to specify the VTP mode. |
client | Keyword to specify VTP client mode. |
server | Keyword to specify VTP server mode. |
transparent | Keyword to specify VTP transparent mode. |
passwd passwd | (Optional) Keyword to define the VLAN trunk protocol password. The VTP password can be 8 to 64 characters in length. |
pruning enable | disable | (Optional) Keywords to enable or disable VTP pruning for the entire management domain. |
v2 | (Optional) Keyword to set version 2 mode. |
enable | Keyword to enable v2. |
disable | Keyword to disable v2. |
The defaults are as follows: server mode, no password, pruning disabled, and v2 disabled.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
All switches in a VTP domain must run the same version of VTP. VTP version 1 and VTP
version 2 do not operate on switches in the same VTP domain. VTP version 2 is supported in software release 3.1(1) and later and is disabled by default.
If all switches in a domain are VTP version 2-capable, you only need to enable VTP version 2 on one switch (using the set vtp v2 enable command); the version number is then propagated to the other version 2-capable switches in the VTP domain.
If the VTP password has already been defined, entering passwd 0 (zero) clears the VTP password.
VTP supports three different modes: server, client, and transparent. If you make a change to the VTP or VLAN configuration on a switch in server mode, that change is propagated to all of the switches in the same VTP domain.
If the receiving switch is in server mode and its revision number is higher than the sending switch, the configuration is not changed. If the revision number is lower the configuration is duplicated.
If the receiving switch is in client mode, the client switch changes its configuration to duplicate the configuration of the server. If you have switches in client mode, make sure to make all VTP or VLAN configuration changes on a switch in server mode.
If the receiving switch is in transparent mode, the configuration is not changed. Switches in transparent mode do not participate in VTP. If you make VTP or VLAN configuration changes on a switch in transparent mode, the changes are not propagated to the other switches in the network.
If you assign a VTP password, no VTP or VLAN configuration changes can be made without first entering the password.
The pruning keyword is used to enable or disable VTP pruning for the VTP domain. VTP pruning causes information about each pruning-eligible VLAN to be removed from VTP updates if there are no stations belonging to that VLAN out a particular switch port. Use the set vtp pruneeligible and clear vtp pruneeligible commands to specify which VLANs should or should not be pruned when pruning is enabled for the domain.
To disable VTP, enter the set vtp mode transparent command. This disables VTP from the domain but does not remove the domain from the switch. Use the clear config all command to remove the domain from the switch.
 | Caution Be careful when you use the clear config all command. This command clears the entire switch configuration, not just the VTP domain. |
This example shows how to use the set vtp command:
Console> (enable) set vtp domain Engineering mode client VTP domain Engineering modified Console> (enable)
show vtp domain
set vlan
clear vlan
show vlan
set vtp pruneeligible
clear vtp pruneeligible
Use the set vtp pruneeligible command to specify which VLANs in the VTP domain are eligible for pruning.
set vtp pruneeligible vlans
vlans | Range of VLAN numbers; valid values are 2 to 1000. |
By default, VLANs 2 through 1000 are eligible for pruning.
Catalyst 5000 family switches
Catalyst 4000 family switches
Catalyst 2926G series switches
Catalyst 2948G switch
Switch command.
Privileged.
VTP pruning causes information about each pruning-eligible VLAN to be removed from VTP updates if there are no stations belonging to that VLAN out a particular switch port. Use the set vtp command to enable VTP pruning.
By default, VLANs 2 through 1000 are pruning eligible. You do not need to use the set vtp pruneeligible command unless you have previously used the clear vtp pruneeligible command to make some VLANs pruning ineligible.
If VLANs have been made pruning ineligible, use the set vtp pruneeligible command to make them pruning eligible again.
This example shows how to configure pruning eligibility for VLANs 120 and 150:
Console> (enable) set vtp pruneeligible 120,150 Vlans 120,150 eligible for pruning on this device. VTP domain nada modified. Console> (enable)
In this example, VLANs 200-500 were made pruning ineligible using the clear vtp pruneeligible command. This example shows how to make VLANs 220 through 320 pruning eligible again:
Console> (enable) clear vtp pruneeligible 200-500 Vlans 1,200-500,1001-1005 will not be pruned on this device. VTP domain Company modified. Console> (enable) Console> (enable) set vtp pruneeligible 220-320 Vlans 2-199,220-320,501-1000 eligible for pruning on this device. VTP domain Company modified. Console> (enable)
show vtp domain
set vlan
clear vtp pruneeligible
Posted: Thu Dec 2 03:01:49 PST 1999
Copyright 1989-1999©Cisco Systems Inc.