|
|
Use the set snmp community command to set SNMP communities and associated access types.
set snmp community {read-only | read-write | read-write-all} [community_string]
read-only | Keyword to assign read-only access to the specified SNMP community. |
read-write | Keyword to assign read-write access to the specified SNMP community. |
read-write-all | Keyword to assign read-write access to the specified SNMP community. |
community_string | (Optional) Name of the SNMP community. |
The default is the following communities and access types are defined:
Switch command.
Privileged.
There are three configurable SNMP communities, one for each access type. If you do not specify the community string, the community string configured for that access type is cleared.
This example shows how to set read-write access to the SNMP community called yappledapple:
Console> (enable) set snmp community read-write yappledapple SNMP read-write community string set. Console> (enable)
This example shows how to clear the community string defined for read-only access:
Console> (enable) set snmp community read-only SNMP read-only community string cleared. Console> (enable)
Use the set snmp rmon command to enable or disable SNMP RMON support.
set snmp rmon {enable | disable}
enable | Keyword to activate SNMP RMON support. |
disable | Keyword to deactivate SNMP RMON support. |
The default is RMON support is disabled.
Switch command.
Privileged.
RMON statistics are collected on a segment basis.
The RMON feature deinstalls all of the domains for all of the interfaces on an Ethernet module that has been removed from the system.
When RMON is enabled, the supported RMON groups for Ethernet ports are Statistics, History, Alarms, and Events as specified in RFC 1757.
Use of this command requires a separate software license.
This example shows how to enable RMON support:
Console> (enable) set snmp rmon enable SNMP RMON support enabled. Console> (enable)
This example shows how to disable RMON support:
Console> (enable) set snmp rmon disable SNMP RMON support disabled. Console> (enable)
Use the set snmp trap command to enable or disable the different SNMP traps on the system or to add an entry into the SNMP authentication trap receiver table.
set snmp trap {enable | disable} [all | module | chassis | bridge | repeater | auth | vtp | ippermit | vmps | config | entity | stpx]
enable | Keyword to activate SNMP traps. |
disable | Keyword to deactivate SNMP traps. |
all | (Optional) Keyword to specify all trap types. |
module | (Optional) Keyword to specify the moduleUp and moduleDown traps from the CISCO-STACK-MIB. |
chassis | (Optional) Keyword to specify the chassisAlarmOn and chassisAlarmOff traps from the CISCO-STACK-MIB. |
bridge | (Optional) Keyword to specify the newRoot and topologyChange traps from RFC 1493 (the BRIDGE-MIB). |
repeater | (Optional) Keyword to specify the rptrHealth, rptrGroupChange, and rptrResetEvent traps from RFC 1516 (the SNMP-REPEATER-MIB). |
auth | (Optional) Keyword to specify the authenticationFailure trap from RFC 1157. |
vtp | (Optional) Keyword to specify the VTP from the CISCO-VTP-MIB. |
ippermit | (Optional) Keyword to specify the IP Permit Denied access from the CISCO-STACK-MIB. |
vmps | (Optional) Keyword to specify the vmVmpsChange trap from the CISCO-VLAN-MEMBERSHIP-MIB. |
config | (Optional) Keyword to specify the sysConfigChange trap from the CISCO-STACK-MIB. |
entity | (Optional) Keyword to specify the entityMIB trap from the ENTITY-MIB. |
stpx | (Optional) Keyword to specify the STPX trap. |
rcvr_addr | IP address or IP alias of the system to receive SNMP traps. |
rcvr_community | Community string to use when sending authentication traps. |
The default is SNMP traps are disabled.
Switch command.
Privileged.
An IP permit trap is sent when unauthorized access based on the IP permit list is attempted.
Use the show snmp command to verify the appropriate traps were configured.
This example shows how to enable SNMP chassis traps:
Console> (enable) set snmp trap enable chassis SNMP chassis alarm traps enabled. Console> (enable)
This example shows how to enable all traps:
Console> (enable) set snmp trap enable All SNMP traps enabled. Console> (enable)
This example shows how to disable SNMP chassis traps:
Console> (enable) set snmp trap disable chassis SNMP chassis alarm traps disabled. Console> (enable)
This example shows how to add an entry in the SNMP trap receiver table:
Console> (enable) set snmp trap 192.122.173.42 public SNMP trap receiver added. Console> (enable)
clear ip permit
set ip permit
show ip permit
show port counters
show snmp
test snmp trap
Use the set span command to configure and display SPAN.
set span enable | disable [dest_mod/dest_port | all]
enable | Keyword to enable SPAN. |
disable | Keyword to disable SPAN. |
dest_mod | (Optional) Monitoring module (SPAN destination). |
dest_port | (Optional) Monitoring port (SPAN destination). |
all | (Optional) Keyword to disable all SPAN sessions. |
src_mod | Monitored module (SPAN source). |
src_ports | Monitored port(s) (SPAN source). |
src_vlans | Monitored VLAN(s) (SPAN source). |
sc0 | Keyword used to specify the inband port is a valid source. |
rx | (Optional) Keyword to specify that information received at the source is monitored. |
tx | (Optional) Keyword to specify that information transmitted from the source is monitored. |
both | (Optional) Keyword to specify that information both transmitted from the source and received at the source is monitored. |
inpkts enable | (Optional) Keywords to enable the receiving of normal inbound traffic on the SPAN destination port. |
inpkts disable | (Optional) Keywords to disable the receiving of normal inbound traffic on the SPAN destination port. |
multicast enable | (Optional) Keywords to enable monitoring multicast traffic. |
multicast disable | (Optional) Keywords to disable monitoring multicast traffic. |
create | (Optional) Keyword to create a new SPAN session instead of overwriting the previous SPAN session. |
The default is SPAN is disabled.
Switch command.
Privileged.
After SPAN is enabled, if no parameters were ever set, system defaults are used. If nondefault parameters are stored in NVRAM, these defaults are used.
Use a network analyzer to monitor ports.
If you specify multiple SPAN source ports, the ports can belong to different VLANs.
A maximum of two rx or both span sessions and four tx span sessions can exist simultaneously.
Use the inpkts keyword with the enable option to allow the SPAN destination port to receive normal incoming traffic in addition to the traffic mirrored from the SPAN source. Use the disable option to prevent the SPAN destination port from receiving normal incoming traffic.
When you enable the inpkts option, a warning message notifies you that the destination port does not join STP and may cause loops if this option is enabled.
When you configure multiple SPAN sessions, the destination module number/port number is required to index the particular SPAN session. When you enter the set span command without the create keyword, but with multiple SPAN sessions, if the destination port is found in the existing spans, the particular SPAN session will be overwritten; otherwise, the set command is rejected.
This example shows how to configure one egress V-SPAN to monitor VLAN 1- and VLAN 2-transmitted traffic through port 1/2:
Console> (enable) set span 1,2 1/2 tx Console> (enable)
This example shows how to configure the second SPAN session to monitor VLAN 2-transmitted traffic through destination port 2/1:
Console> (enable) set span 2 2/1 tx create Console> (enable)
This example shows what happens if you try to enter the set span disable or set span disable all command and a span session is not defined:
Console> (enable) set span disable No span session configured. Console> (enable)
This example shows what happens if you try to enter the set span disable command (without the destination module number/port number defined) and there are multiple span session defined:
Console> (enable) set span disable Multiple active span sessions. Please specify span destination to disable. Console> (enable)
Use the set spantree backbonefast command to enable or disable the spanning-tree Backbone Fast Convergence feature.
set spantree backbonefast {enable | disable}
enable | Keyword to enable Backbone Fast Convergence. |
disable | Keyword to disable Backbone Fast Convergence. |
The default is Backbone Fast Convergence is disabled.
Switch command.
Privileged.
For Backbone Fast Convergence to work, you must enable it on all switches in the network.
This example shows how to enable Backbone Fast Convergence:
Console> (enable) set spantree backbonefast enable Backbonefast enabled for all VLANs. Console> (enable)
Use the set spantree disable command to disable the spanning-tree algorithm for all VLANs.
set spantree disableThis command has no arguments or keywords.
The default is the spanning-tree algorithm for all VLANs is enabled.
Switch command.
Privileged.
You cannot disable spanning tree on a per-VLAN basis.
This example shows how to disable the spanning-tree algorithm for all VLANs:
Console> (enable) set spantree disable VSpanning tree is disabled. Console> (enable)
set spantree enable
show spantree
Use the set spantree enable command to enable the spanning-tree algorithm for all VLANs.
set spantree enableThis command has no arguments or keywords.
The default is the spanning-tree algorithm for all VLANs is enabled.
Switch command.
Privileged.
You cannot enable spanning tree on a per-VLAN basis.
This example shows how to activate the spanning-tree algorithm for all VLANs:
Console> (enable) set spantree enable Spanning tree is enabled. Console> (enable)
set spantree disable
show spantree
Use the set spantree fwddelay command to set the bridge forward delay for a VLAN.
set spantree fwddelay delay [vlan]
delay | Number of seconds (4 to 30) for the bridge forward delay. |
vlan | (Optional) Number of the VLAN; if a VLAN number is not specified, VLAN 1 is assumed. |
The default is the bridge forward delay is set to 15 seconds for all VLANs.
Switch command.
Privileged.
This example shows how to set the bridge forward delay for VLAN 100 to 16 seconds:
Console> (enable) set spantree fwddelay 16 100 Spantree 100 forward delay set to 16 seconds. Console> (enable)
Use the set spantree hello command to set the bridge hello time for a VLAN.
set spantree hello interval [vlan]
interval | Number of seconds (1 to 10) the system waits before sending a bridge hello message (a multicast message indicating that the system is active). |
vlan | (Optional) Number of the VLAN; if a VLAN number is not specified, VLAN 1 is assumed. |
The default is the bridge hello time is set to 2 seconds for all VLANs.
Switch command.
Privileged.
This example shows how to set the spantree hello time for VLAN 100 to 3 seconds:
Console> (enable) set spantree hello 3 100 Spantree 100 hello time set to 3 seconds. Console> (enable)
Use the set spantree maxage command to set the bridge maximum aging time for a VLAN.
set spantree maxage agingtime [vlan]
agingtime | Maximum number of seconds (6 to 40) that the system retains the information received from other bridges through Spanning-Tree Protocol. |
vlan | (Optional) Number of the VLAN; if a VLAN number is not specified, VLAN 1 is assumed. |
The default configuration is 20 seconds for all VLANs.
Switch command.
Privileged.
This example shows how to set the maximum aging time for VLAN 1000 to 25 seconds:
Console> (enable) set spantree maxage 25 1000 Spantree 1000 max aging time set to 25 seconds. Console> (enable)
Use the set spantree portcost command to set the path cost for a port.
set spantree portcost mod_num/port_num cost
mod_num | Number of the module. |
port_num | Number of the port on the module. |
cost | Number from 0 to 65535 that indicates the cost of the path; zero (0) is low cost and 65535 is high cost. |
The default is portcost is 4.
Switch command.
Privileged.
The Spanning-Tree Protocol uses port path costs to determine which port to select as a forwarding port. You should assign lower numbers to ports attached to faster media (such as full duplex) and higher numbers to ports attached to slower media. The possible range is 0 to 65535.
The following example shows how to set the port cost for port 12 on module 2 to 19:
Console> (enable) set spantree portcost 2/12 19 Spantree port 2/12 path cost set to 19. Console> (enable)
Use the set spantree portfast command to allow a port that is connected to a single workstation or PC to start faster when it is connected.
set spantree portfast mod_num/port_num {enable | disable}
mod_num | Number of the module. |
port_num | Number of the port on the module. |
enable | Keyword to enable the spanning-tree port fast-start feature on the port. |
disable | Keyword to disable the spanning-tree port fast-start feature on the port. |
The default is the port fast-start feature is disabled.
Switch command.
Privileged.
When a port configured with the spantree portfast enable command is connected, the port immediately enters the spanning-tree forwarding state rather than going through the normal spanning-tree states such as listening and learning. Use this command on ports that are connected to a single workstation or PC only; do not use it on ports that are connected to networking devices such as hubs, routers, switches, bridges, or concentrators.
This example shows how to enable the spanning-tree port fast-start feature on port 2 on module 1:
Console> (enable) set spantree portfast 1/2 enable Warning: Spantree port fast start should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast start port can cause temporary spanning tree loops. Use with caution. Spantree port 1/2 fast start enabled. Console> (enable)
Use the set spantree portpri command to set the bridge priority for a spanning-tree port.
set spantree portpri mod_num/port_num [priority]
mod_num | Number of the module. |
port_num | Number of the port on the module. |
trcrf | Keyword to specify the number of the TrCRF for which you are setting the bridge priority. |
priority | (Optional) Number that represents the cost of a link in a spanning-tree bridge. The priority level is from 0 (high) to 63 (low). |
The default is all ports with bridge priority are set to 32.
Switch command.
Privileged.
This example shows how to set the priority of port 1 on module 4 to 63:
Console> (enable) set spantree portpri 4/1 63 Bridge port 4/1 priority set to 63. Console> (enable)
Use the set spantree portvlancost command to assign a lower path cost to a set of VLANs on a port.
set spantree portvlancost mod_num/port_num [cost cost] [vlan_list]
mod_num | Number of the module. |
port_num | Number of the port. |
cost cost | (Optional) Keyword to indicate the path cost. The portvlancost applies only to trunk ports. |
vlan_list | (Optional) If you do not list a VLAN explicitly, the VLANs listed in prior invocations of this command are affected. If no cost is listed explicitly, and previous cost values are specified in prior invocations, then the portvlancost is set to 1 less than the current port cost for a port. However, this may not assure load balancing in all cases. |
The default is portvlancost is 3.
Switch command.
Privileged.
The value specified is used as the path cost of the port for the specified set of VLANs. The rest of the VLANs have a path cost equal to the port path cost, set via the set spantree portcost command (if not set, the value is the default path cost of the port).
These examples show various ways to use the set spantree portvlancost command:
Console> (enable) set spantree portvlancost 2/10 cost 25 1-20 Cannot set portvlancost to a higher value than the port cost, 10, for port 2/10. Console> (enable) Console> (enable) set spantree portvlancost 2/10 1-20 Port 2/10 VLANs 1-20 have a path cost of 9. Console> (enable) Console> (enable) set spantree portvlancost 2/10 cost 4 1-20 Port 2/10 VLANs 1-20 have path cost 4. Port 2/10 VLANs 21-1000 have path cost 10. Console> (enable) Console> (enable) set spantree portvlancost 2/10 cost 6 21 Port 2/10 VLANs 1-21 have path cost 6. Port 2/10 VLANs 22-1000 have path cost 10. Console> (enable)
These examples show how to use the set spantree portvlancost command without explicitly specifying cost:
Console> (enable) set spantree portvlancost 1/2 Port 1/2 VLANs 1-1005 have path cost 3100. Console> (enable) Console> (enable) set spantree portvlancost 1/2 21 Port 1/2 VLANs 1-20,22-1005 have path cost 3100. Port 1/2 VLANs 21 have path cost 3099. Console> (enable)
Use the set spantree portvlanpri command to set the port priority for a subset of VLANs in the trunk port.
set spantree portvlanpri mod_num/port_num priority [vlans]
mod_num | Number of the module. |
port_num | Number of the port. |
priority | Number that represents the cost of a link in a spanning-tree bridge. The priority level is from 0 to 63, with 0 indicating high priority and 63 indicating low priority. |
vlans | (Optional) VLANs that use the specified priority level. |
The default is the port VLAN priority is set to 0, with no VLANs specified.
Switch command.
Privileged.
Use this command to add VLANs to a specified port priority level. Subsequent calls to this command do not replace VLANs that are already set at a specified port priority level.
The set spantree portvlanpri command applies only to trunk ports.
This example shows how to set the port priority for module 1, port 2, on VLANs 21 to 40:
Console> (enable) set spantree portvlanpri 1/2 16 21-40 Port 1/2 vlans 3,6-20,41-1000 using portpri 32 Port 1/2 vlans 1-2,4-5,21-40 using portpri 16 Console> (enable)
clear spantree portvlancost
show spantree
Use the set spantree priority command to set the bridge priority for a VLAN.
set spantree priority bridge_priority [vlan]
bridge_priority | Number representing the priority of the bridge. The priority level is from 0 to 65535, with 0 indicating high priority and 65535 indicating low priority. |
vlan | (Optional) Number of the VLAN. If you do not specify a VLAN number, VLAN 1 is used. |
The default is the bridge priority is set to 32768.
Switch command.
Privileged.
This example shows how to set the bridge priority of VLAN 1 to 4096:
Console> (enable) set spantree priority 4096 VLAN 1 bridge priority set to 4096. Console> (enable)
Use the set spantree root command to set the primary or secondary root for specific VLANs or for all VLANs of the switch.
set spantree root [secondary] [vlan_list] [dia network_diameter] [hello hello_time]
secondary | (Optional) Keyword to designate this switch as a secondary root, should the primary root fail. |
vlan_list | (Optional) Number of the VLAN. If you do not specify a VLAN number, VLAN 1 is used. |
dia network_diameter | (Optional) Keyword to specify the maximum number of bridges between any two points of attachment of end stations. Valid values are 1 through 7. |
hello hello_time | (Optional) Keyword to specify in seconds, the duration between the generation of configuration messages by the root switch. |
If the secondary keyword is not specified, the default is to make the switch the primary root.
The default value of the network diameter is 7.
If not specified, the current value of hello_time from the NVRAM is used.
This command is run on backbone or distribution switches.
You can run the secondary root many times to create backup switches in case of a root failure.
The secondary command reduces the bridge priority value to 16384.
This command increases path costs to a value greater than 3000.
Switch command.
Privileged.
This example shows how to use the set spantree root command:
Console>(enable) set spantree root 1-10 dia 4 VLANs 1-10 bridge priority set to 8192 VLANs 1-10 bridge max aging time set to 14 seconds. VLANs 1-10 bridge hello time set to 2 seconds. VLANs 1-10 bridge forward delay set to 9 seconds. Switch is now the root switch for active VLANs 1-6. Console> (enable)
This example shows that setting the bridge priority to 8192 was not sufficient to make this switch the root. So, the priority was further reduced to 7192 (100 less than the current root switch) to make this switch the root switch. However, reducing it to this value did not make it the root switch for active VLANs 16 and 17.
Console>(enable) set spantree root 11-20. VLANs 11-20 bridge priority set to 7192 VLANs 11-10 bridge max aging time set to 20 seconds. VLANs 1-10 bridge hello time set to 2 seconds. VLANs 1-10 bridge forward delay set to 13 seconds. Switch is now the root switch for active VLANs 11-15,18-20. Switch could not become root switch for active VLAN 16-17. Console> (enable) Console>(enable) set spantree root secondary 22,24 dia 5 hello 1 VLANs 22,24 bridge priority set to 16384. VLANs 22,24 bridge max aging time set to 10 seconds. VLANs 22,24 bridge hello time set to 1 second. VLANs 22,24 bridge forward delay set to 7 seconds. Console> (enable)
Use the set spantree uplinkfast command to enable fast switchover to alternate ports when the root port fails. This command applies to a switch, not to a WAN.
set spantree uplinkfast {enable | disable} [rate station_update_rate] [all-protocols off | on]
enable | Keyword to enable fast switchover. |
disable | Keyword to disable fast switchover. |
rate | (Optional) Keyword to specify the number of multicast packets transmitted per 100 ms when an alternate port is chosen after the root port goes down. |
station_update_rate | (Optional) Number of multicast packets transmitted per 100 ms when an alternate port is chosen after the root port goes down. |
all-protocols | (Optional) Keyword to specify whether or not to generate multicast packets for all protocols (IP, IPX, AppleTalk, and Layer 2 packets). |
off | (Optional) Keyword to turn off the all-protocols feature. |
on | (Optional) Keyword to turn on the all-protocols feature. |
The default station_update_rate is 15 packets per 100 ms.
Switch command.
Privileged.
The set spantree uplinkfast enable command has the following results:
If you run set spantree uplinkfast enable on a switch that has this feature already enabled, only the station update rate is updated. The rest of the parameters are not modified.
If you run set spantree uplinkfast disable on a switch, the UplinkFast feature is disabled but the switch priority and port cost values are not reset to the factory defaults. To reset the values to the factory defaults, enter the clear spantree uplinkfast command.
The default station_update_rate value is 15 packets per 100 ms, which is equivalent to a 1 percent load on a 10-Mbps Ethernet. If this value is specified as 0, the generation of these packets is turned off.
You do not have to turn on the all-protocols feature on Catalyst 6000 and 6500 series switches which have both the UplinkFast and protocol filtering features enabled. The all-protocols feature should be used only on Catalyst 6000 and 6500 series switches that have UplinkFast but do not have protocol filtering; upstream switches in the network use protocol filtering. Since the switch with UplinkFast does not have protocol filtering, you must enter the all-protocols option to inform the UplinkFast task whether or not to generate multicast packets for all protocols.
This example shows how to enable spantree UplinkFast and specify the number of multicast packets transmitted to 40 packets per 100 ms:
Console>(enable) set spantree uplinkfast enable rate 40 VLANs 1-1000 bridge priority set to 49152. The port cost and portvlancost of all ports increased to above 3000. Station update rate set to 40 packets/100ms. uplinkfast turned on for bridge. Console> (enable)
This example shows how to disable the spantree UplinkFast feature:
console> (enable) set spantree uplinkfast disable Uplinkfast disabled for switch. Use clear spantree uplinkfast to return stp parameters to default. console>(enable) clear spantree uplink This command will cause all portcosts, portvlancosts, and the bridge priority on all vlans to be set to default. Do you want to continue (y/n) [n]? y VLANs 1-1005 bridge priority set to 32768. The port cost of all bridge ports set to default value. The portvlancost of all bridge ports set to default value. uplinkfast disabled for bridge. Console> (enable)
This example shows how to turn on the all-protocols feature:
Console> (enable) set spantree uplinkfast enable all-protocols on uplinkfast update packets enabled for all protocols. uplinkfast already enabled for bridge. Console> (enable)
This example shows how to turn off the all-protocols feature:
Console> (enable) set spantree uplinkfast enable all-protocols off uplinkfast all-protocols field set to off. uplinkfast already enabled for bridge. Console> (enable)
|
|