|
|
Use the set enablepass command to change the password for the privileged level of the CLI.
set enablepassThis command has no arguments or keywords.
The default configuration has no enable password configured.
Switch command.
Privileged.
The command prompts you for the old password. If the password you enter is valid, you are prompted to enter a new password and to verify the new password. A zero-length password is allowed.
This example shows how to establish a new password:
Console> (enable) set enablepass Enter old password: <old_password> Enter new password: <new_password> Retype new password: <new_password> Password changed. Console> (enable)
Use the set garp timer command to adjust the values of the join, leave, and leaveall timers.
set garp timer {timer_type} {timer_value}
timer_type | Type of timer; valid values are join, leave, and leaveall. |
timer_value | Timer values in milliseconds. |
The join timer default is 200 ms; the leave timer default is 600 ms; and the leaveall timer default is 10000 ms.
Switch command.
Privileged.
You must maintain the following relationship for the various timer values:
This example shows how to set the join timer value to 100 ms for all the ports on all the VLANs:
Console> (enable) set garp timer join 100 GMRP/GARP Join timer value is set to 100 milliseconds. Console> (enable)
This example shows how to set the leave timer value to 300 ms for all the ports on all the VLANs:
Console> (enable) set garp timer leave 300 GMRP/GARP Leave timer value is set to 300 milliseconds. Console> (enable)
This example shows how to set the leaveall timer value to 20000 ms for all the ports on all the VLANs:
Console> (enable) set garp timer leaveall 20000 GMRP/GARP LeaveAll timer value is set to 20000 milliseconds. Console> (enable)
Use the set igmp command to enable or disable IGMP snooping on the switch.
set igmp {enable | disable}
enable | Keyword to enable IGMP snooping on the switch. |
disable | Keyword to disable IGMP snooping on the switch. |
The default is IGMP snooping is disabled.
Switch command.
Privileged.
This example shows how to enable IGMP snooping on the switch:
Console> (enable) set igmp enable IGMP Snooping is enabled. Console> (enable)
This example shows how to disable IGMP snooping on the switch:
Console> (enable) set igmp disable IGMP Snooping is disabled. Console> (enable)
clear igmp statistics
clear multicast router
set multicast router
show igmp statistics
show multicast router
show multicast group
Use the set interface command to configure the in-band and SLIP interfaces on the switch.
set interface {sc0 | sl0} {up | down}
sc0 | Keyword to specify the in-band interface. |
sl0 | Keyword to specify the SLIP interface. |
up | Keyword to bring the interface into operation. |
down | Keyword to bring the interface out of operation. |
vlan | (Optional) Number of the VLAN to be assigned to the interface. |
ip_addr | (Optional) IP address. |
netmask | (Optional) Subnet mask. |
broadcast | (Optional) Broadcast address. |
slip_addr | IP address of the console port. |
dest_addr | IP address of the host to which the console port will be connected. |
The default configuration is the in-band interface (sc0) in VLAN 1 with the IP address, subnet mask, and broadcast address set to 0.0.0.0. The default configuration for the SLIP interface (sl0) is that the IP address and broadcast address are set to 0.0.0.0.0.
Switch command.
Privileged.
There are two configurable network interfaces on a Catalyst 6000 series or 6500 series switch: in-band (sc0) and SLIP (sl0). Configuring the sc0 interface with an IP address and subnet mask allows you to access the switch CLI via Telnet from a remote host. The sc0 interface should be assigned to an active VLAN configured on the switch (the default is VLAN 1). Make sure the IP address you assign is in the same subnet as other stations in that VLAN.
Configuring the sl0 interface with an IP address and destination address allows you to make a point-to-point connection to a host through the console port. Use the slip attach command to activate SLIP on the console port (you will not be able to access the CLI via a terminal connected to the console port until you use the slip detach command to deactivate SLIP on the console port).
When you specify the netmask, this indicates the number of bits allocated to subnetting in the hostid section of the given Class A, B, or C address. For example, if you enter an IP address for the sc0 interface as 172.22.20.7, the hostid bits for this Class B address is 16. Any number of bits in the hostid bits can be allocated to the subnet field. If you do not enter the netmask, the number of bits is assumed to be the natural net mask. You can specify the netmask in dotted format (for example, 204.20.22.7/255.255.255.0) or in length, as in the number of bits in the netmask (for example, 204.20.22.7/24); range for length is 0 to 31 bits. The Catalyst 6000 and 6500 series switches will accept CIDR type of netmask values.
This example shows how to use set interface sc0 and set interface sl0 from the console port. It also shows how to bring down interface sc0 using a terminal connected to the console port:
Console> (enable) set interface sc0 192.20.11.44/255.255.255.0 Interface sc0 IP address and netmask set. Console> (enable) set interface sl0 192.200.10.45 192.200.10.103 Interface sl0 SLIP and destination address set. Console> (enable) set interface sc0 down. Interface sc0 administratively down. Console> (enable)
This example shows how to set the IP address for sc0 through a Telnet session. Note that the default netmask for that IP address class is used (for example, a Class C address uses 255.255.255.0, and a Class B uses 255.255.0.0):
Console> (enable) set interface sc0 192.200.11.40 This command may disconnect active telnet sessions. Do you want to continue (y/n) [n]? y Interface sc0 IP address set.
This example shows how to take the interface out of operation through a Telnet session:
Console> (enable) set interface sc0 down This command will inactivate telnet sessions. Do you want to continue (y/n) [n]? y Interface sc0 administratively down.
This example shows how to assign the sc0 interface to a particular VLAN:
Console> (enable) set interface sc0 5 Interface sc0 vlan set. Console> (enable)
This example shows what happens when you assign the sc0 interface to a nonactive VLAN:
Console> (enable) set interface sc0 200 Vlan is not active, user needs to set vlan 200 active Interface sc0 vlan set. Console> (enable)
Use the set ip alias command to add aliases of IP addresses.
set ip alias name ip_addr
name | Name of the alias being defined. |
ip_addr | IP address of the alias being defined. |
The default configuration is one IP alias (0.0.0.0) configured as the default.
Switch command.
Privileged.
This example shows how to define an IP alias of mercury for IP address 192.122.174.234:
Console> (enable) set ip alias mercury 192.122.174.234 IP alias added. Console> (enable)
Use the set ip dns command to enable or disable DNS.
set ip dns {enable | disable}
enable | Keyword to enable DNS. |
disable | Keyword to disable DNS. |
The default is DNS is disabled.
Switch command.
Privileged.
This example shows how to enable DNS:
Console> (enable) set ip dns enable DNS is enabled. Console> (enable)
This example shows how to disable DNS:
Console> (enable) set ip dns disable DNS is disabled. Console> (enable)
Use the set ip dns domain command to set the default DNS domain name.
set ip dns domain name
name | Default DNS domain name. |
This command has no default setting.
Switch command.
Privileged.
If you specify a domain name on the command line, the system attempts to resolve the host name as entered. If the system cannot resolve the host name as entered, it appends the default DNS domain name as defined with the set ip dns domain command. If you specify a domain name with a trailing dot, the program considers this an absolute domain name.
This example shows how to set the default DNS domain name:
Console> (enable) set ip dns domain yow.com Default DNS domain name set to yow.com. Console> (enable)
clear ip dns domain
show ip dns
Use the set ip dns server command to set the IP address of a DNS server.
set ip dns server ip_addr [primary]
ip_addr | IP address of the DNS server. |
primary | (Optional) Keyword to configure a DNS server as the primary server. |
This command has no default setting.
Switch command.
Privileged.
You can configure up to three DNS name servers as backup. You can also configure any DNS server as the primary server. The primary server is queried first. If the primary server fails, the backup servers are queried.
If DNS is disabled, you must use the IP address with all commands that require explicit IP addresses or manually define an alias for that address. The alias has priority over DNS.
These examples show how to set the IP address of a DNS server:
Console> (enable) set ip dns server 198.92.30.32 198.92.30.32 added to DNS server table as primary server. Console> (enable) set ip dns server 171.69.2.132 primary 171.69.2.132 added to DNS server table as primary server. Console> (enable) set ip dns server 171.69.2.143 primary 171.69.2.143 added to DNS server table as primary server.
This example shows what happens if you enter more than three DNS name servers as backup:
Console> (enable) set ip dns server 161.44.128.70 DNS server table is full. 161.44.128.70 not added to DNS server table.
clear ip dns server
show ip dns
Use the set ip fragmentation command to enable or disable the fragmentation of IP packets bridged between FDDI and Ethernet networks. Note that FDDI and Ethernet networks have different MTUs.
set ip fragmentation {enable | disable}
enable | Keyword to permit fragmentation for IP packets bridged between FDDI and Ethernet networks. |
disable | Keyword to disable fragmentation for IP packets bridged between FDDI and Ethernet networks. |
The default value is IP fragmentation enabled.
Switch command.
Privileged.
If IP fragmentation is disabled, packets are dropped.
This example shows how to disable IP fragmentation:
Console> (enable) set ip fragmentation disable Bridge IP fragmentation disabled. Console> (enable)
Use the set ip permit command to enable or disable the IP permit list. Use the set ip permit ip_addr command to specify an IP address to be added to the IP permit list.
set ip permit {enable | disable}
enable | Keyword to enable the IP permit list. |
disable | Keyword to disable the IP permit list. |
ip_addr | IP address to be added to the IP permit list. An IP alias or host name that can be resolved through DNS can also be used. |
mask | (Optional) Netmask of the specified IP address. |
The default is IP permit list is disabled.
Switch command.
Privileged.
You can configure up to ten entries in the permit list. If the IP permit list is enabled, but the permit list has no entries configured, a caution displays on the screen.
Make sure you enter the entire disable keyword when entering the set ip permit disable command. If you abbreviate the keyword, the abbreviation is interpreted as a host name to add to the IP permit list.
This example shows how to enable the IP permit list:
Console> (enable) set ip permit enable IP permit list enabled. WARNING!! IP permit list has no entries. Console> (enable)
This example shows how to add an IP address to the IP permit list:
Console> (enable) set ip permit 172.100.101.102 172.100.101.102 added to IP permit list. Console> (enable)
This example shows how to add an IP address using an IP alias or host name to the IP permit list:
Console> (enable) set ip permit batboy batboy added to IP permit list. Console> (enable)
This example shows how to add a netmask of the IP address to the IP permit list:
Console> (enable) set ip permit 172.160.161.0 255.255.192.0 172.160.128.0 with mask 255.255.192.0 added to IP permit list. Console> (enable)
This example shows how to disable the IP permit list:
Console> (enable) set ip permit disable IP permit list disabled. Console> (enable)
clear ip permit
set ip permit
show ip permit
Use the set ip redirect command to enable or disable ICMP redirect messages on the Catalyst 6000 and 6500 series switches.
set ip redirect {enable | disable}
enable | Keyword to permit ICMP redirect messages to be returned to the source host. |
disable | Keyword to prevent ICMP redirect messages from being returned to the source host. |
The default configuration is ICMP redirect is enabled.
Switch command.
Privileged.
This example shows how to deactivate ICMP redirect messages:
Console> (enable) set ip redirect disable ICMP redirect messages disabled. Console> (enable)
Use the set ip route command to add IP addresses or aliases to the IP routing table.
set ip route {destination}[/netmask] {gateway} [metric] [primary]
destination | IP address, IP alias of the network, or specific host to be added. Use default as the destination to set the new entry as the default route. |
/netmask | (Optional) Number of bits in net mask or dot format (for example, 172.20.22.7/24 or 172.20.22.7/255.255.255.0). |
gateway | IP address or IP alias of the router. |
metric | (Optional) Value used to indicate the number of hops between the switch and the gateway. |
primary | (Optional) Keyword used with the Multiple Default IP Gateways feature to specify the default IP gateway with the highest priority. |
The default configuration routes the local network through the sc0 interface with metric 0 as soon as sc0 is configured.
Switch command.
Privileged.
You can configure up to three default gateways. The primary is the highest priority. If a primary is not designated, priority is based on the order of input. If two primary definitions are entered, the second definition becomes the primary and the first definition is now the secondary default IP gateway.
The primary keyword may only be specified for a default route.
When you enter the destination or gateway, enter it in dot notation, for example, a.b.c.d.
When you specify the netmask, this indicates the number of bits allocated to subnetting in the hostid section of the given Class A, B or C address. For example, if you enter an IP address for the sc0 interface as 172.22.20.7, the hostid bits for this Class B address is 16. Any number of bits in the hostid bits can be allocated to the netmask field. If you do not enter the netmask, the number of bits is assumed to be the natural netmask.
When you enter the netmask, enter it as the number of bits or dot format, for example, destination/24 or destination/255.255.255.0. If you enter the netmask in dot format, you must have contiguous 1s.
These examples show how to add three default routes to the IP routing table, checking after each addition using the show ip route command:
Console> (enable) set ip route default 192.122.173.42 1 primary Route added. Console> (enable) Console> (enable) show ip route Fragmentation Redirect Unreachable ------------- -------- ----------- enabled enabled enabled Destination Gateway Flags Use Interface --------------- --------------- ------ ---------- --------- default 192.122.173.42 UG 59444 sc0 192.22.74.0 192.22.74.223 U 5 sc0 Console> (enable) Console> (enable) set ip route default 192.122.173.43 1 Route added. Console> (enable) Console> (enable) show ip route Fragmentation Redirect Unreachable ------------- -------- ----------- enabled enabled enabled Destination Gateway Flags Use Interface --------------- --------------- ------ ---------- --------- default 192.122.173.43 UG 59444 sc0 default 192.122.173.42 UG 59444 sc0 192.22.74.0 192.22.74.223 U 5 sc0 Console> (enable) Console> (enable) set ip route default 192.122.173.44 1 Route added. Console> (enable) Console> (enable) show ip route Fragmentation Redirect Unreachable ------------- -------- ----------- enabled enabled enabled Destination Gateway Flags Use Interface --------------- --------------- ------ ---------- --------- default 192.122.173.44 UG 59444 sc0 default 192.122.173.43 UG 59444 sc0 default 192.122.173.42 UG 59444 sc0 192.22.74.0 192.22.74.223 U 5 sc0 Console> (enable)
Use the set ip unreachable command to enable or disable ICMP unreachable messages on the switch.
set ip unreachable {enable | disable}
enable | Keyword to allow IP unreachable messages to be returned to the source host. |
disable | Keyword to prevent IP unreachable messages from being returned to the source host. |
The default is ICMP unreachable messages is enabled.
Switch command.
Privileged.
When you enable ICMP unreachable messages, the switch returns an ICMP unreachable message to the source host whenever it receives an IP datagram that it cannot deliver. When you disable ICMP unreachable messages, the switch does not notify the source host when it receives an IP datagram that it cannot deliver.
For example, a switch has the ICMP unreachable message function enabled and IP fragmentation disabled. If an FDDI frame is received and needs to transmit to an Ethernet port, the switch cannot fragment the packet. The switch drops the packet and returns an IP unreachable message to the Internet source host.
This example shows how to disable ICMP unreachable messages:
Console> (enable) set ip unreachable disable ICMP Unreachable message disabled. Console> (enable)
Use the set length command to configure the number of lines in the terminal display screen.
set length number [default]
number | Number of lines to display on the screen (0 to 512). |
default | (Optional) Keyword to set the number of lines in the terminal display screen for the current administration session and all other sessions. This keyword is only available in privileged mode. |
The default value is 24 lines upon starting a session. When the value is changed in a session, it applies only to that session. When you use the clear config command, the number of lines in the terminal display screen is reset to the factory default of 100.
Switch command.
Privileged.
Output from a single command that overflows a single display screen is followed by the --More-- prompt. At the --More-- prompt, you can press Ctrl-C, q, or Q to interrupt the output and return to the prompt, press the Spacebar to display an additional screen of output, or press Return to display one more line of output.
Setting the screen length to 0 turns off the scrolling feature and causes the entire output to display at once. Unless the default keyword is used, a change to the terminal length value applies only to the current session.
This example shows how to set the screen length to 60 lines:
Console> (enable) set length 60 Screen length for this session set to 60. Console> (enable)
This example shows how to set the default screen length to 40 lines:
Console> (enable) set length 40 default Screen length set to 40. Console> (enable)
Use the set logging console command to enable and disable the sending of system logging messages to the console.
set logging console {enable | disable}
enable | Keyword to enable system message logging to the console. |
disable | Keyword to disable system message logging to the console. |
The default is system message logging to the console is enabled.
Switch command.
Privileged.
This example shows how to enable system message logging to the console:
Console> (enable) set logging console enable
System logging messages will be sent to the console.
Console> (enable)
This example shows how to disable system message logging to the console:
Console> (enable) set logging console disable
System logging messages will not be sent to the console.
set logging level
set logging session
show logging
show logging buffer
Use the set logging level command to set the facility and severity level used when logging system messages.
set logging level facility severity [default]
facility | Value that specifies the type of system messages to capture. Facility types are shown in Table 2-6. |
severity | Value that specifies the severity level of system messages to capture. Severity level definitions are shown in Table 2-7. |
default | (Optional) Keyword to cause the specified logging level to apply to all sessions. If default is not used, the specified logging level applies only to the current session. |
| Facility Name | Definition |
|---|---|
cdp | Cisco Discovery Protocol |
mcast | Multicast |
dtp | Dynamic Trunk Protocol |
earl | Enhanced Address Recognition Logic |
ip | Internet Protocol |
pruning | VTP pruning |
snmp | Simple Network Management Protocol |
spantree | Spanning-Tree Protocol |
sys | System |
tac | Terminal Access Controller |
tcp | Transmission Control Protocol |
telnet | Terminal Emulation Protocol |
tftp | Trivial File Transfer Protocol |
vtp | Virtual Terminal Protocol |
kernel | Kernel |
filesys | File System |
pagp | Port Aggregation Protocol |
mgmt | Management |
mls | Multilayer Switching |
protfilt | Protocol Filter |
security | Security |
udld | User Datagram Protocol |
gvrp | GARP VLAN Registration Protocol |
| Severity Level | Keyword | Description |
|---|---|---|
0 | emergencies | System unusable |
1 | alerts | Immediate action required |
2 | critical | Critical condition |
3 | errors | Error conditions |
4 | warnings | Warning conditions |
5 | notifications | Normal bug significant condition |
6 | informational | Informational messages |
7 | debugging | Debugging messages |
The default is facility is set to all and level is set to 0.
Switch command.
Privileged.
This example shows how to set the default facility and severity level for system message logging:
Console> (enable) set logging level snmp 2 default
System logging facility <snmp> set to severity 2(critical).
Console> (enable)
show logging
show logging buffer
Use the set logging server command to enable and disable system message logging to configured syslog servers and to add a syslog server to the system logging server table.
set logging server {enable | disable}
enable | Keyword to enable system message logging to configured syslog servers. |
disable | Keyword to disable system message logging to configured syslog servers. |
ip_addr | IP address of the syslog server to be added to the configuration. An IP alias or a host name that can be resolved through DNS can also be used. |
facility | Value that specifies the type of system messages to capture. Facility types are shown in Table 2-6. |
severity | Value that specifies the severity level of system messages to capture. Severity level definitions are shown in Table 2-7. |
The default is no syslog servers are configured to receive system messages.
Switch command.
Privileged.
This example shows how to enable system message logging to the server:
Console> (enable) set logging server enable
System logging messages will be sent to the configured syslog servers.
Console> (enable)
This example shows how to disable system message logging to the server:
Console> (enable) set logging server disable
System logging messages will not be sent to the configured syslog servers.
Console> (enable)
This example shows how to add a server to the system logging server table:
Console> (enable) set logging server 171.69.192.205
171.69.192.205 added to the System logging server table.
Console> (enable)
This example shows how to set the facility and severity level for system message logging to the server designated snmp:
Console> (enable) set logging server snmp 2
System logging facility 171.69.192.205 set to severity 2(critical).
Console> (enable)
clear logging server
show logging
|
|