|
|
This chapter describes the command-line interface (CLI) you use to configure the Catalyst enterprise LAN switches and modules.
 |
Note For descriptions of all switch and ROM monitor commands, refer to the Command Reference for your switch. For a description of the Catalyst 5000 family ATM module CLI and the commands used to configure the ATM modules, refer to the ATM Software Configuration Guide and Command Reference---Catalyst 5000 Family and 6000 Family Switches publication. For descriptions of the commands used to configure the Route Switch Module (RSM) and Route Switch Feature Card (RSFC), refer to the Cisco IOS software command reference publications. |
This chapter consists of these sections:
The switch CLI is a basic command-line interpreter, similar to the UNIX C shell. Switch commands are not case sensitive. You can abbreviate commands and parameters as long as they contain enough letters to be distinguished from any other currently available commands or parameters.
The Catalyst enterprise LAN switches are multimodule systems. Commands you enter from the CLI might apply to the entire system or to a specific module, port, or VLAN.
You configure the switch using set and clear commands. Enter set commands to change switch parameters. Use clear commands (or, in some cases, set commands) to overwrite or erase configuration parameters. Use show commands to display the current configuration and to monitor the switch.
You can access the CLI through the supervisor engine console port or through a Telnet session.
These sections describe how to access the switch CLI:
To access the switch CLI through the console port, you first must connect a console terminal to the console port through an EIA/TIA-232 (RS-232) cable. Make sure the terminal is connected to the switch and that the terminal is on.
|
Note For complete information on how to connect a terminal to the supervisor engine console port, refer to the hardware documentation for your switch. |
To access the switch CLI through the console port, perform this task:
Step 2 If the switch is not on, power up the switch. The bootup display should appear on the screen (see the "Example Switch Bootup Displays" section). If the switch is already booted, you will see this display:
Cisco Systems, Inc. Console Enter password:
After you successfully connect to the switch through the console port, you can enter normal-mode commands to monitor the switch or enter privileged mode to change the configuration. For more information, see the "Switch CLI Command Modes" section.
Before you can open a Telnet session to the switch, you must first set the IP address (and in some cases the default gateway) for the switch. For information about setting the IP address and default gateway, see "Configuring the Switch IP Address and Default Gateway."
|
Note For more information about using Telnet, see the "Using Telnet" section. |
To access the switch CLI from a remote host using Telnet, perform this task:
Step 2 Using the appropriate application or command on your host system, Telnet to the switch using the IP address or DNS hostname of the switch. (You must configure DNS properly on the switch and on your network name server in order to use DNS hostnames. For more information on DNS, see "Configuring DNS.")
unix_host% telnet Catalyst_1 Trying 172.16.10.10... Connected to Catalyst_1. Escape character is '^]'. Cisco Systems Console Enter password:
After you successfully connect to the switch using Telnet, you can enter normal-mode commands to monitor the switch or enter privileged mode to change the configuration. For more information, see the "Switch CLI Command Modes" section.
The switch CLI supports two modes of operation: normal (also called login or user mode) and privileged (also called enable mode). Both modes are password protected. Use normal-mode commands for system monitoring. Use privileged-mode commands to change the system configuration.
|
Note For complete information on configuring passwords and controlling access to the switch, see "Controlling and Monitoring Access to the Switch Using Authentication, Authorization, and Accounting." |
To enter normal command mode, follow these steps:
Step 2 On a new switch, the normal-mode password is null. If you are connecting to a new switch, press Return at the Enter Password prompt. Otherwise, enter the normal-mode password for the switch. You will see the user level command-line prompt:
Enter Password: <normal_mode_password> Console>
Step 3 To disconnect from the switch CLI, use the exit command.
Console> exit Session Disconnected... Cisco Systems Console Fri Aug 27 1999, 16:14:41 Enter password:
Many commands (for example, commands that modify the configuration) can be entered only in privileged mode. To enter privileged command mode, follow these steps:
Console> enable Enter password: <privileged_mode_password> Console> (enable)
Step 2 To exit privileged mode and return to normal mode, use the disable command.
Console> (enable) disable Console>
Enter help or ? in normal or privileged mode to see the commands available in those modes. Command usage, the help menu, and when appropriate, parameter ranges are provided if you enter a command using the wrong number of arguments or inappropriate arguments.
Additionally, appending ? to a command displays a list of valid keywords and arguments for the command. Insert a space between the last parameter and the question mark (?). For example, eight parameters are used by the set mls command. To see these parameters, enter set mls ? at the privileged prompt. The system displays all valid keywords and arguments as follows:
Console> (enable) set mls ? agingtime Set agingtime for MLS cache entry disable Disable MLS in the switch enable Enable MLS in the switch nde Configure Netflow Data Export flow Set minimum flow mask include Include MLS-RP multicast Set MLS feature for multicast statistics Add protocols to protocol statistics list Console> (enable) set mls
|
Note The system repeats the command you entered without the ?. |
To use the partial-keyword-lookup function, enter ? to display a list of commands that begin with a specific set of characters. Do not insert a space between the last letter of the variable and the question mark (?). For example, enter co? at the privileged prompt to display a list of commands that start with co. The system displays all commands that begin with co as follows:
Console> (enable) co? configure Configure system from network copy Copy files between TFTP/RCP/module/flash devices Console> (enable) co
|
Note The system repeats the command you entered without the ?. |
The switch CLI supports a number of command line editing keystrokes. Table 2-1 lists the keystrokes you can use when entering and editing switch commands.
| Keystroke | Function |
|---|---|
| Ctrl-A | Jumps to the first character of the command line. |
| Ctrl-B or the left arrow key1 | Moves the cursor back one character. |
| Ctrl-C | Escapes and terminates prompts and lengthy tasks. |
| Ctrl-D | Deletes the character at the cursor. |
| Ctrl-E | Jumps to the end of the current command line. |
| Ctrl-F or the right arrow key1 | Moves the cursor forward one character. |
| Ctrl-K | Deletes from the cursor to the end of the command line. |
| Ctrl-L; Ctrl-R | Repeats current command line on a new line. |
| Ctrl-N or the down arrow key1 | Enters next command line in the history buffer. |
| Ctrl-P or the up arrow key1 | Enters previous command line in the history buffer. |
| Ctrl-U; Ctrl-X | Deletes from the cursor to the beginning of the command line. |
| Ctrl-W | Deletes last word typed. |
| Esc B | Moves the cursor backward one word. |
| Esc D | Deletes from the cursor to the end of the word. |
| Esc F | Moves the cursor forward one word. |
| Delete key or Backspace key | Erases mistake when entering a command; reenter command after using this key. |
| 1The arrow keys function only on ANSI-compatible terminals such as VT100s. |
The history buffer stores the last 20 commands you entered during a terminal session. History substitution allows you to repeat these commands using special abbreviated commands, similar to those used on the UNIX command line. Table 2-2 lists the history substitution commands.
| Command | Function |
|---|---|
| Repeating recent commands: | |
!! | Repeat the most recent command. |
!-nn | Repeat the nnth most recent command. |
!n | Repeat command n. |
!aaa | Repeat the command beginning with string aaa. |
!?aaa | Repeat the command containing the string aaa. |
| To modify and repeat the most recent command: | |
^aaa^bbb | Replace the string aaa with the string bbb in the most recent command. |
| To add a string to the end of a previous command and repeat it: | |
!!aaa | Add string aaa to the end of the most recent command. |
!n aaa | Add string aaa to the end of command n. |
!aaa bbb | Add string bbb to the end of the command beginning with string aaa. |
!?aaa bbb | Add string bbb to the end of the command containing the string aaa. |
You can abbreviate commands and keywords to the number of characters that allow a unique abbreviation.
You can abbreviate the show command to sh. After entering the command at the system prompt, press Return to execute the command.
The Tab key allows you to use the command-completion feature. When you enter a unique partial character string and press the Tab key, the system completes the command or keyword on the command line.
For example, if you enter co and press the Tab key, the system completes the command as configure because it is the only command that matches the criteria.
When the output of a command fills more than one terminal screen, a ---More--- prompt is displayed at the bottom of the screen. To view the next line or screen, perform these tasks:
| Task | Keystrokes |
|---|---|
| Press the Return key. |
| Press the Spacebar. |
|
Note The ---More--- prompt is used for any output that has more lines than can be displayed on the terminal screen, including show command output. |
Aliases are not case sensitive; however, unlike regular commands, some aliases cannot be abbreviated. See Table 2-3 for a list of switch CLI aliases that cannot be abbreviated.
| Alias | Command |
|---|---|
? | help |
batch | configure |
di | show |
exit | quit |
logout | quit |
Modules, ports, and VLANs are numbered sequentially, beginning with 1. The supervisor engine module is module 1, residing in slot 1. If your Catalyst 5500 series switch has a redundant supervisor engine, the supervisor engines must be installed in slots 1 and 2.
To designate a specific module, use the module number. In most systems, the module number and the slot number are the same. However, in some cases the slot number and the module number are different. For example, the Route Switch Feature Card (RSFC) on the supervisor engine is physically in slot 1 or slot 2 but is logically identified as module 15 or module 16.
On the fixed-configuration switches, there are two logical modules. On the Catalyst 4912G, the Catalyst 2948G, and the Catalyst 2980G switches, there are two modules but only one slot. When you enter configuration commands on these switches, you must refer to the module number, not the slot number. For example, all of the user-configurable ports on these switches are logically on module 2.
On modules that have user-configurable ports, the left-most port is always port 1. To designate a specific port on a specific module, the command syntax is mod_num/port_num. For example, 3/1 specifies module 3, port 1. On the Catalyst 4912G, the Catalyst 2948G, and the Catalyst 2980G switches, the left-most switch port is numbered 2/1 instead of 1/1 because logically the ports are located on module 2.
With many commands, you can enter lists of ports. To specify a range of ports, use a comma-separated list (do not insert spaces) to specify individual ports or a hyphen (-) between the port numbers to specify a range of ports. Hyphens take precedence over commas.
Table 2-4 shows examples of how to designate ports and port ranges.
| Example | Function |
|---|---|
| Specifies port 1 on module 2 |
| Specifies ports 4, 5, 6, 7, and 8 on module 3 |
| Specifies ports 2 and 4 on module 5 and port 10 on module 6 |
3/1-2,4/8 | Specifies ports 1 and 2 on module 3 and port 8 on module 4 |
VLANs are identified using the VLAN ID, a single number associated with the VLAN. To specify a list of VLANs, use a comma-separated list (do not insert spaces) to specify individual VLANs or a hyphen (-) between the VLAN numbers to specify a range of VLANs.
Table 2-5 shows examples of how to designate VLANs and VLAN ranges.
| Example | Function |
|---|---|
| Specifies VLAN 10 |
| Specifies VLANs 5, 10, and 15 |
10-50,500 | Specifies VLANs 10 through 50, inclusive, and VLAN 500 |
Some commands require you to specify a Media Access Control (MAC) address, which must be designated in a standard format. The MAC address format must be six hexadecimal numbers separated by hyphens, as shown in the following example:
00-00-0c-24-d2-fe
Some commands require an IP address, IP hostname, or IP alias. The IP address format is 32 bits, written in dotted decimal format, as shown in the following example:
172.16.10.1
If DNS is configured properly on the switch, you can use IP hostnames instead of IP addresses. For information on configuring DNS, see "Configuring DNS."
In addition, you can configure IP aliases on the switch that you can use in place of IP addresses. IP aliases can be used for most commands that use an IP address, except for commands that define the IP address or IP alias. For information on using IP aliases, see the "Creating and Using IP Aliases" section.
The ROM monitor is a ROM-based program that executes when the switch is powered on, reset, or when a fatal exception occurs. The system enters ROM monitor mode if the nonvolatile RAM (NVRAM) configuration is corrupted, if the switch does not find a valid system image or if the configuration register is set to enter ROM monitor mode. From the ROM monitor mode, you can load a system image manually from Flash memory.
|
Note The ROM monitor CLI is present on the Catalyst 4000 family switches, the 2926G series switches, the 2948G switch, the 2980G switch, and on the Catalyst 5000 family Supervisor Engine III and III F. |
On the Catalyst 5000 family and 2926G series switches, you can enter ROM monitor mode by restarting the switch and pressing the Break key during the first 60 seconds of startup. On the Catalyst 4000 family, the Catalyst 2948G switch, and the Catalyst 2980G switch, you can enter ROM monitor mode by pressing Control-C within the first five seconds of startup.
|
Note The Break key is always enabled for 60 seconds after rebooting the system, regardless of whether the Break key is configured to be off by configuration register settings. |
To access the ROM monitor on the Catalyst 5000 family and Catalyst 2926G series switches through a terminal server, you can escape to the Telnet prompt and enter the send break command for your terminal emulation program to break into ROM monitor mode. To access the ROM monitor on the Catalyst 4000 family, the Catalyst 2948G switch, and the Catalyst 2980G switch through a terminal server, you can escape to the Telnet prompt and press Control-C to break into ROM monitor mode.
Once you are in ROM monitor mode, the prompt changes to rommon>. Use the ? command to see the available ROM monitor commands.
|
Note For complete descriptions of all ROM monitor commands, refer to the Command Reference for your switch. |
These sections show example bootup displays for various supervisor engine and switch types:
This example shows the bootup display of a Catalyst 5000 family switch with a Supervisor Engine III (the display on the Catalyst 5000 family Supervisor Engine III F and the Catalyst 2926G series switches will be similar):
System Bootstrap, Version 3.1(2) Copyright (c) 1994-1997 by cisco Systems, Inc. Presto processor with 32768 Kbytes of main memory Autoboot executing command: "boot bootflash:cat5000-sup3.5-2-1.bin" CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC Uncompressing file: ########################################################### ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################################################################################ ################### System Power On Diagnostics NVRAM Size ....................512 KB ID Prom Test ..................Passed DPRAM Size ....................16KB DPRAM Data 0x55 Test ..........Passed DPRAM Data 0xaa Test ..........Passed DPRAM Address Test ............Passed Clearing DPRAM ................Done System DRAM Memory Size .......32MB DRAM Data 0x55 Test ...........Passed DRAM Data 0xaa Test ...........Passed DRAM Address Test ............Passed Clearing DRAM .................Done EARLII ........................Present EARLII RAM Test ...............Passed EARL Serial Prom Test .........Passed Level2 Cache ..................Present Level2 Cache test..............Passed Boot image: bootflash:cat5000-sup3.5-2-1.bin Downloading epld sram device please wait ... Programming successful for Altera 10K50 SRAM EPLD Running System Diagnostics from this Supervisor (Module 1) This may take up to 2 minutes....please wait Cisco Systems Console Enter password: 1999 Aug 12 15:51:03 %MLS-5-NDEDISABLED:Netflow Data Export disabled 1999 Aug 12 15:51:04 %SYS-5-MOD_OK:Module 1 is online 1999 Aug 12 15:51:17 %SYS-5-MOD_OK:Module 4 is online 1999 Aug 12 15:51:19 %SYS-5-MOD_OK:Module 3 is online 1999 Aug 12 15:51:21 %SYS-5-MOD_OK:Module 8 is online Sending RARP request with address 00:e0:4f:ac:b3:ff Sending DHCP packet with address: 00:e0:4f:ac:b3:ff Sending RARP request with address 00:e0:4f:ac:b3:ff Sending DHCP packet with address: 00:e0:4f:ac:b3:ff Sending RARP request with address 00:e0:4f:ac:b3:ff Sending DHCP packet with address: 00:e0:4f:ac:b3:ff Sending RARP request with address 00:e0:4f:ac:b3:ff Sending DHCP packet with address: 00:e0:4f:ac:b3:ff Sending RARP request with address 00:e0:4f:ac:b3:ff
|
Note The system only initiates DHCP/BOOTP and Reverse Address Resolution Protocol (RARP) requests at startup when the sc0 interface IP address is set to 0.0.0.0. For more information, see the "Using DHCP or RARP to Obtain an IP Address Configuration" section. |
This example shows the bootup display of a Catalyst 5000 family switch with a Supervisor Engine III G (the display on the Catalyst 5000 family Supervisor Engine II or II G will be similar):
ATE0 ATS0=1 ROM Power Up Diagnostics of Apr 20 1999 Init NVRAM Log LED Test ................... done ROM Checksum ............... passed Dual Port RAM r/w Test ..... passed ID PROM .................... passed System DRAM Size(mb) ....... 32 DRAM Data Bus Test ......... passed DRAM Address Test .......... passed DRAM Byte/Word Access Test .. passed BOOTROM Version 5.1(1), Dated Apr 20 1999 11:09:48 BOOT date: 08/12/99 BOOT time: 14:45:29 uncompressing nmp image This will take a minute... NMP image is successfully uncompressed in DRAM Running System Diagnostics from this Supervisor (Module 1) This may take up to 2 minutes....please wait IP address for Catalyst not configured DHCP/BOOTP will commence after the ports are online Ports are coming online ... Cisco Systems Console Enter password: 1999 Aug 12 14:46:36 %MLS-5-MLSENABLED:IP Multilayer switching is enabled 1999 Aug 12 14:46:36 %MLS-5-NDEDISABLED:Netflow Data Export disabled 1999 Aug 12 14:46:36 %SYS-5-MOD_OK:Module 1 is online 1999 Aug 12 14:46:48 %SYS-5-MOD_OK:Module 6 is online 1999 Aug 12 14:47:01 %SYS-5-MOD_OK:Module 9 is online 1999 Aug 12 14:47:11 %SYS-5-MOD_OK:Module 3 is online 1999 Aug 12 14:47:13 %SYS-5-MOD_OK:Module 7 is online Sending RARP request with address 00:e0:1e:9b:31:ff Sending DHCP packet with address: 00:e0:1e:9b:31:ff Sending RARP request with address 00:e0:1e:9b:31:ff Sending DHCP packet with address: 00:e0:1e:9b:31:ff Sending RARP request with address 00:e0:1e:9b:31:ff Sending DHCP packet with address: 00:e0:1e:9b:31:ff Sending RARP request with address 00:e0:1e:9b:31:ff Sending DHCP packet with address: 00:e0:1e:9b:31:ff Sending RARP request with address 00:e0:1e:9b:31:ff
|
Note The system only initiates DHCP/BOOTP and Reverse Address Resolution Protocol (RARP) requests at startup when the sc0 interface IP address is set to 0.0.0.0. For more information, see the "Using DHCP or RARP to Obtain an IP Address Configuration" section. |
This example shows the bootup display of a Catalyst 4003 switch (the display on the Catalyst 4912G, the Catalyst 2948G, and the Catalyst 2980G switches will be similar):
WS-X4012 bootrom version 4.5(1), built on 1999.03.29 21:04:04 H/W Revisions: Meteor: 4 Comet: 8 Board: 2 Supervisor MAC addresses: 00:d0:58:70:a1:00 through 00:d0:58:70:a4:ff (1024 addr esses) Installed memory: 32 MB Testing LEDs.... done! The system will autoboot in 5 seconds. Type control-C to prevent autobooting. rommon 1 > The system will now begin autobooting. Autobooting image: "bootflash:cat4000.5-1-1a.bin" CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC CCCCCCCCCCCCCC############################ Starting Off-line Diagnostics Mapping in TempFs Board type is WS-X4012 DiagBootMode value is "post" Loading diagnostics... Power-on-self-test for Module 1: WS-X4012 Status: (. = Pass, F = Fail) processor: . cpu sdram: . temperature sensor: . enet console port: . nvram: . switch sram: . switch registers: . switch port 0: . switch port 1: . switch port 2: . switch port 3: . switch port 4: . switch port 5: . switch port 6: . switch port 7: . switch port 8: . switch port 9: . switch port 10: . switch port 11: . switch bandwidth: . Module 1 Passed Power-on-self-test for Module 2: WS-X4148 Port status: (. = Pass, F = Fail) 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: . 10: . 11: . 12: . 13: . 14: . 15: . 16: . 17: . 18: . 19: . 20: . 21: . 22: . 23: . 24: . 25: . 26: . 27: . 28: . 29: . 30: . 31: . 32: . 33: . 34: . 35: . 36: . 37: . 38: . 39: . 40: . 41: . 42: . 43: . 44: . 45: . 46: . 47: . 48: . Module 2 Passed Power-on-self-test for Module 3: WS-X4306 Port status: (. = Pass, F = Fail, ? = no GBIC) 1: . 2: . 3: . 4: ? 5: ? 6: ? Module 3 Passed Exiting Off-line Diagnostics IP address for Catalyst not configured BOOTP will commence after the ports are online Ports are coming online ... Cisco Systems, Inc. Console Enter password: 1999 Aug 12 14:34:05 %SYS-5-MOD_OK:Module 1 is online 1999 Aug 12 14:34:08 %SYS-5-MOD_OK:Module 3 is online 1999 Aug 12 14:34:11 %SYS-5-MOD_OK:Module 2 is online Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff Sending RARP request with address 00:d0:58:70:a4:ff Sending BOOTP request with address: 00:d0:58:70:a4:ff No bootp or rarp response received
|
Note The system only initiates DHCP/BOOTP and Reverse Address Resolution Protocol (RARP) requests at startup when the sc0 interface IP address is set to 0.0.0.0. For more information, see the "Using DHCP or RARP to Obtain an IP Address Configuration" section. |
Posted: Wed Mar 22 12:12:04 PST 2000
Copyright 1989 - 2000©Cisco Systems Inc.