Switch set Commands
This chapter describes the set commands used in the Catalyst 5000 series switch command-line interface (CLI). For a summary of the available switch CLI commands, refer to the "Switch Command Quick Reference" chapter. For more information about using the switch CLI, refer to the "Switch Command-Line Interface" chapter.
Other commands are described elsewhere in this publication:
Switch CLI:
- General commands are described in the "General Switch Commands" chapter
- clear commands are described in the "Switch clear Commands" chapter
- show commands are described in the "Switch show Commands" chapter
ATM module CLI:
- General commands are described in the "General ATM Commands" chapter
- show commands are described in the "ATM show Commands" chapter
set alias
Use the set alias privileged command to define aliases (shorthand versions) of commands.
set alias name command [parameter] [parameter]Syntax Description
| name | Alias being created. |
| command | Command for which the alias is being created. |
| parameter | (Optional) Parameters that apply to the command for which an alias is being created. See the specific command for information about parameters that apply. |
Default
No aliases configured.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The name all cannot be defined as an alias. Reserved words cannot be defined as aliases.
Example
The following example shows how to set arpdel as the alias for the clear arp command:
Console> (enable) set alias arpdel clear arp
Command alias added.
Console> (enable)
Related Commands
set arp
Use the set arp privileged command to add mapping entries to the Address Resolution Protocol (ARP) table and to set the ARP aging time for the table.
set arp ip_addr hw_addrset arp agingtime agingtime
Syntax Description
| ip_addr | IP address or IP alias to map to the specified Media Access Control (MAC) address. |
| hw_addr | MAC address to map to the specified IP address or IP alias. |
| agingtime | Keyword used to set the period of time after which an ARP entry is removed from the ARP table. |
| agingtime | Number of seconds (from 1 to 1000000) that entries will remain in the ARP table before being deleted. Setting this value to 0 disables aging. |
Default
No ARP table entries exist, and ARP aging is set to 1200 seconds.
Command Type
Switch command.
Command Mode
Privileged.
Examples
The following example shows how to map IP address 198.133.219.232 to MAC address 00-00-0c-40-0f-bc:
Console> (enable) set arp 198.133.219.232 00-00-0c-40-0f-bc
ARP entry added.
Console> (enable)
The following example shows how to set the aging time for the ARP table to 1800 seconds:
Console> (enable) set arp agingtime 1800
ARP aging time set to 1800 seconds.
Related Commands
set authentication enable
Use the set authentication enable privileged command to enable authentication using the Terminal Access Controller Access Control System Plus (TACACS+) server to determine if a user has privileged access permission.
set authentication enable {tacacs | local} {enable | disable}Syntax Description
| tacacs | Keyword that specifies the use of the TACACS+ server to determine if the user has privileged access permission. |
| local | Keyword that specifies the use of the local password to determine if the user has privileged access permission. |
| enable | Keyword used to enable TACACS+ authentication for login. |
| disable | Keyword used to disable TACACS+ authentication for login. |
Default
The default setting of this command is local authentication enabled and TACACS+ authentication disabled.
Command Type
Switch command.
Command Mode
Privileged.
Examples
The following example shows how to use the TACACS+ server to determine if a user has privileged access permission:
Console> (enable) set authentication enable tacacs enable
Tacacs Enable authentication set to enable.
Console> (enable)
The following example shows how to use the local password to determine if the user has privileged access permission:
Console> (enable) set authentication enable local enable
Local Enable authentication set to enable.
Console> (enable)
Related Commands
set authentication login
show tacacs
set authentication login
Use the set authentication login privileged command to enable TACACS+ authentication for login.
set authentication login {tacacs | local} {enable | disable}Syntax Description
| tacacs | Keyword that specifies the use of the TACACS+ server password to determine if the user has access permission to the switch. |
| local | Keyword that specifies the use of the local password to determine if the user has access permission to the switch. |
| enable | Keyword that enables TACACS+ authentication for login. |
| disable | Keyword that disables TACACS+ authentication for login. |
Default
The default setting of this command is local authentication enabled and TACACS+ authentication disabled.
Command Type
Switch command.
Command Mode
Privileged.
Examples
The following example shows how to use the TACACS+ server to authenticate access permission to the switch:
Console> (enable) set authentication login tacacs enable
Tacacs Login authentication set to enable.
Console> (enable)
The following example shows how to use the local password to authenticate access permission to the switch:
Console> (enable) set authentication login local enable
Local Login authentication set to enable.
Console> (enable)
Related Commands
set authentication enable
show tacacs
set banner motd
Use the set banner motd privileged command to program a message-of-the-day banner to appear before session login.
set banner motd c [text] cSyntax Description
| c | A delimiting character used to end the message. |
| text | (Optional) The message of the day. |
Command Type
Switch command.
Command Mode
Privileged.
Examples
The following example shows how to set the message of the day using the pound sign (#) as the delimiting character:
Console> (enable)set banner motd #** System upgrade at 6:00am Tuesday.** Please log out before leaving on Monday. #MOTD banner set.
The following example shows how to clear the message of the day:
Console> (enable> set banner motd ##
MOTD banner cleared.
Console> (enable>
Related Command
set bridge apart
Use the set bridge apart privileged command to enable or disable Automated Packet Recognition/Translation (APaRT) on Fiber Distributed Data Interface (FDDI).
set bridge apart {enable | disable}Syntax Description
| enable | Keyword that activates the APaRT on FDDI. |
| disable | Keyword that deactivates APaRT on FDDI. |
Default
The default configuration has APaRT enabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to disable APaRT:
Console> (enable) set bridge apart disable APaRT disabled Console> (enable)
Related Commands
set bridge fddicheck
set bridge help
set bridge fddicheck
Use the set bridge fddicheck privileged command to enable or disable the re-learning of MAC addresses (as FDDI MAC addresses) that were already learned from an Ethernet interface (as Ethernet MAC addresses).
set bridge fddicheck {enable | disable}Syntax Description
| enable | Keyword that permits FDDI to re-learn MAC addresses learned from an Ethernet interface. |
| disable | Keyword that prevents FDDI from re-learning MAC addresses learned from an Ethernet interface. |
Default
The default configuration has FDDICHECK disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
When FDDICHECK is enabled, a MAC address seen on the FDDI ring is not learned (stored in FDDI content-addressable memory [CAM]) as a FDDI MAC addresses if the MAC address was previously learned from an Ethernet interface (as an Ethernet MAC address).
Thus, with FDDICHECK enabled, MAC addresses previously learned from an Ethernet interface, will not be re-learned on the FDDI interface until the CAM is cleared.
This command requires information from the FDDI CAM. Therefore, disabling APaRT also automatically disables FDDICHECK. To enable FDDICHECK, first enable APaRT.
Example
The following example shows how to enable FDDICHECK on the switch:
Console> (enable) set bridge fddicheck enable
FDDICHECK enabled
Console> (enable)
Related Commands
set bridge apart
set bridge help
show bridge
set bridge help
Use the set bridge help privileged command to list the set bridge commands with brief descriptions of their functions.
set bridge helpSyntax Description
This command has no arguments or keywords.
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to list all of the set bridge commands:
Console> (enable) set bridge help Commands: ---------------------------------------------------------------------- set bridge apart Dis/Enable default translation on FDDI set bridge fddicheck Dis/Enable FDDI to learn new addresses set bridge help Show this message set bridge ipx Set default IPX translation Console> (enable)
set bridge ipx 8022toether
Use the set bridge ipx 8022toether privileged command to set the default method for translating Internet Packet Exchange (IPX) packets from FDDI 802.2 to Ethernet. The default translation method specified is used only until the real protocol types are learned.
set bridge ipx 8022toether {8023 | SNAP | EII | 8023RAW}Syntax Description
| 8023 | Keyword that specifies Ethernet 802.3 as the default translation method. |
| SNAP | Keyword that specifies Ethernet Subnetwork Access Protocol (SNAP) as the default translation method. |
| EII | Keyword that specifies Ethernet II as the default translation method. |
| 8023RAW | Keyword that specifies Ethernet 802.3 raw as the default translation method. |
Default
The default translation method for FDDI 802.2 to Ethernet networks is 8023 (Ethernet 802.3).
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the default protocol to SNAP for translating IPX packets between FDDI 802.2 and Ethernet networks:
Console> (enable) set bridge ipx 8022toether snap 8022 to ETHER translation set. Console> (enable)
Related Commands
set bridge ipx 8023rawtofddi
Use the set bridge ipx 8023rawtofddi privileged command to set the default method for translating IPX packets from Ethernet 802.3 to FDDI. The default translation method specified is used only until the real protocol types are learned.
set bridge ipx 8023rawtofddi {8022 | SNAP | FDDIRAW}Syntax Description
| 8022 | Keyword that specifies FDDI 802.2 as the default translation method. |
| SNAP | Keyword that specifies FDDI SNAP as the default translation method. |
| FDDIRAW | Keyword that specifies FDDI RAW as the default translation method. |
Default
The default translation method for Ethernet 802.3 to FDDI networks is SNAP (FDDI SNAP).
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the default translation method to FDDI SNAP for translating IPX packets between Ethernet 802.3 and FDDI networks:
Console> (enable) set bridge ipx 8023rawtofddi snap 8023RAW to FDDI translation set. Console> (enable)
Related Commands
set bridge ipx snaptoether
Use the set bridge ipx snaptoether privileged command to set the default method for translating IPX FDDI SNAP frames to Ethernet frames. The default translation specified is used for all broadcast IPX SNAP frames and for any unlearned Ethernet MAC addresses.
set bridge ipx snaptoether {8023 | SNAP | EII | 8023RAW}Syntax Description
| 8023 | Keyword that specifies Ethernet 802.3 as the default frame type. |
| SNAP | Keyword that specifies Ethernet SNAP as the default frame type. |
| EII | Keyword that specifies Ethernet II as the default frame type. |
| 8023RAW | Keyword that specifies Ethernet 802.3 RAW as the default frame type. |
Default
The default translation method for translating IPX FDDI SNAP frames to Ethernet frames is 8023RAW (Ethernet 802.3 RAW).
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the default method for translating IPX FDDI SNAP frames to Ethernet frames to SNAP:
Console> (enable) set bridge ipx snaptoether snap Bridge snaptoether default IPX translation set. Console> (enable)
Related Commands
set cam
Use the set cam privileged command to add entries into the CAM table and to set the aging time for the CAM table.
set cam {dynamic | static | permanent} {unicast_mac | multicast_mac} mod/ports [vlan]set cam agingtime vlan agingtime
Syntax Description
| dynamic | Keyword that specifies that entries are subject to aging. |
| static | Keyword that specifies that entries are not subject to aging. Static (nonpermanent) entries will remain in the table until the system is reset. |
| permanent | Keyword that specifies that permanent entries are stored in nonvolatile RAM (NVRAM) until they are removed by the clear cam or clear config command. |
| unicast_mac | MAC address of the destination host used for a unicast. |
| multicast_mac | MAC address of the destination host used for a multicast. |
| mod | Number of the module. |
| ports | Numbers of the ports. |
| vlan | (Optional) Number of the virtual LAN (VLAN). The VLAN number is optional unless you are setting CAM entries to dynamic, static, or permanent for a trunk port, or if you are using the agingtime keyword. |
| agingtime | Keyword used to set the period of time after which an entry is removed from the table. |
| agingtime | Number of seconds (0 to 1000000) that dynamic entries remain in the table before being deleted. Setting aging time to 0 disables aging. |
Default
The default configuration has a local MAC address(es), spanning-tree address (01-80-c2-00-00-00), and Cisco Discovery Protocol (CDP) multicast address for destination port 1/3 (the Network Management Processor [NMP]). The default aging time for all configured VLANs is 300 seconds.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
If the given MAC address is a multicast address (the least significant bit of the most significant byte is set to 1) or broadcast address (ff-ff-ff-ff-ff-ff) and multiple ports are specified, the ports must all be in the same VLAN. If the given address is a unicast address and multiple ports are specified, the ports must be in different VLANs.
The set cam command does not support the RSM.
Examples
The following example shows how to set the CAM table aging time to 300 seconds:
Console> (enable) set cam agingtime 1 300
Vlan 1 CAM aging time set to 300 seconds.
Console> (enable) Console
The following example shows how to add a unicast entry to the table for module 2, port 9, and how to add a permanent multicast entry to the table for module 1, port 1, and module 2, ports 1, 3, and 8 through 12:
Console> (enable)set cam static 00-00-0c-a0-03-fa 2/9Static unicast entry added to CAM table. Console> (enable)set cam permanent 01-40-0b-a0-03-fa 1/1,2/1,2/3,2/8-12Permanent multicast entry added to CAM table. Console> (enable)
Related Commands
set cdp
Use the set cdp privileged command to enable or disable the Cisco Discovery Protocol (CDP) information display on specified ports.
set cdp {enable | disable} {mod_num/port_num | all}Syntax Description
| enable | Keyword that enables the CDP information display. |
| disable | Keyword that disables the CDP information display. |
| mod_num | Number of the module. |
| port_num | Number of the port. |
| all | Keyword that specifies all ports. |
Default
The default system configuration has CDP enabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The Asynchronous Transfer Mode (ATM) module does not support CDP.
Examples
The following example shows how to enable the CDP message display for port 1 on module 2:
Console> (enable) set cdp enable 2/1
CDP enabled on port 2/1.
Console> (enable)
The following example shows how to disable the CDP message display for port 1 on module 2:
Console> (enable) set cdp disable 2/1
CDP disabled on port 2/1.
Console> (enable)
Related Commands
set cdp interval
Use the set cdp interval privileged command to set the message interval for CDP.
set cdp interval {mod_num/port_num | all} intervalSyntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| all | Keyword that specifies all ports. |
| interval | Number of seconds (5 to 900) the system waits before sending a message. |
Default
The default has the message interval set to 60 seconds for every port.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the CDP message interval for port 10 on module 2 to 30 seconds:
Console> (enable) set cdp interval 2/10 30
CDP message interval set to 30 seconds for port 2/10.
Console> (enable)
Related Commands
set cgmp
Use the set cgmp privileged command to enable or disable Cisco Group Management Protocol (CGMP) on a device.
set cgmp {enable | disable}Syntax Description
| enable | Keyword used to enable CGMP on a device. |
| disable | Keyword used to disable CGMP on a device. |
Default
By default, CGMP is disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
CGMP filtering requires a network connection from the Catalyst 5000 series switch to an external router running CGMP.
Example
The following example shows how to enable and disable CGMP on a device:
Console> (enable)set cgmp enableCMGP support for IP multicast enabled.Console> (enable)set cgmp disableCMGP support for IP multicast disabled.Console> (enable)
Related Commands
clear multicast router
set multicast router
show multicast group
show multicast router
set enablepass
Use the set enablepass privileged command to change the password for the privileged level of the command-line interface.
set enablepassSyntax Description
This command has no arguments or keywords.
Default
The default configuration has no enable password configured.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The command prompts you for the old password. If the password you enter is valid, you are prompted to enter a new password and to verify the new password. A zero-length password is allowed.
Example
The following example shows how to establish a new password:
Console> (enable)set enablepassEnter old password:<old_password>Enter new password:<new_password>Retype new password:<new_password>Password changed. Console> (enable)
Related Commands
set fddi alarm
Use the set fddi alarm privileged command to specify the LER-alarm value for an FDDI port. The value defines the link error rate (LER) at which the LER threshold is exceeded on a link. The LER-alarm value affects the results of the LER threshold test.
set fddi alarm mod_num/port_num valueSyntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| value | Value for the LER-alarm parameter. This exponential value represents the number of link errors per second (that is, 10-value link errors per second). Valid values are between 7 and 15. |
Default
The default LER-alarm value is 8 milliseconds (10-8 seconds).
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to change the LER-alarm value to 10-11 seconds for port 1 on module 4:
Console> (enable) set fddi alarm 4/1 11
Port 4/1 alarm value set to 11.
Console> (enable)
Related Commands
set fddi cutoff
set fddi help
set fddi tlmin
set fddi tnotify
set fddi treq
set fddi userdata
show fddi
set fddi cutoff
Use the set fddi cutoff privileged command to specify the LER-cutoff value for an FDDI port. The LER-cutoff value determines the LER at which a connection is flagged as faulty. The LER-cutoff value affects the results of the LER threshold test.
set fddi cutoff mod_num/port_num valueSyntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| value | Exponential value for the LER-cutoff parameter (that is, 10-value link errors per second). Valid values are between 7 and 15. |
Default
The default LER-cutoff value is 7 milliseconds (10-7 seconds).
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to change the LER-cutoff value to 10¯10 seconds for port 1 on module 4:
Console> (enable) set fddi cutoff 4/1 10 Port 4/1 cutoff value set to 10. Console> (enable)
Related Commands
set fddi alarm
set fddi help
set fddi tlmin
set fddi tnotify
set fddi treq
set fddi userdata
show fddi
set fddi help
Use the set fddi help privileged command to list the set fddi commands with brief descriptions of their functions.
set fddi helpSyntax Description
This command has no arguments or keywords.
Command Type
Switch command.
Default
This command has no default setting.
Command Mode
Privileged.
Example
The following example shows how to list the set fddi commands:
Console> (enable) set fddi help
Commands:
----------------------------------------------------------------------
set fddi alarm Set port LER-Alarm
set fddi cutoff Set port LER-Cutoff
set fddi help Show this message
set fddi tlmin Set port tl_min
set fddi tnotify Set module SMT T-Notify
set fddi treq Set MAC T-Request
set fddi userdata Set module SMT User Data
Console> (enable)
Related Commands
set fddi alarm
set fddi cutoff
set fddi tlmin
set fddi tnotify
set fddi treq
set fddi userdata
show fddi
set fddi tlmin
Use the set fddi tlmin privileged command to change the TL_MIN value for an FDDI port.
set fddi tlmin mod_num/port_num microsecondsSyntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| microseconds | Number of microseconds for the TL_MIN parameter. |
Default
The default value for TL_MIN is 40 microseconds.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The TL_MIN value specifies the minimum time to transmit a physical sublayer (PHY) line state before advancing to the next physical connection management (PCM) state. This setting affects the station and switch interoperability and might hinder the implementation of FDDI repeaters.
Example
The following example shows how to change the TL_MIN value to 80 microseconds for port 1 on module 4:
Console> (enable) set fddi tlmin 4/1 80 Port 4/1 tlmin set to 80 usec. Console> (enable)
Related Commands
set fddi alarm
set fddi cutoff
set fddi help
set fddi tnotify
set fddi treq
set fddi userdata
show fddi
set fddi tnotify
Use the set fddi tnotify privileged command to change the TNotify timer value for an FDDI module.
set fddi tnotify mod_num timeSyntax Description
| mod_num | Number of the module. |
| time | Number of seconds for the TNotify timer. Valid times are from 2 to 30 seconds. |
Default
The default value for the TNotify timer is 30 seconds.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The TNotify parameter sets the interval (in seconds) between neighbor notification frames. These frames advertise FDDI module MAC addresses to neighboring devices. Usually, the default setting is sufficient.
Example
The following example shows how to change the TNotify timer value to 16 seconds for module 4:
Console> (enable) set fddi tnotify 4 16 Module 4 SMT T-Notify set to 16 sec. Console> (enable)
Related Commands
set fddi alarm
set fddi cutoff
set fddi help
set fddi tlmin
set fddi treq
set fddi userdata
show fddi
set fddi treq
Use the set fddi treq privileged command to change the TRequest value for a FDDI module.
set fddi treq mod_num timeSyntax Description
| mod_num | Number of the module. |
| time | Number of seconds for the TRequest value. Valid times are from 2502 to 165000 microseconds. |
Default
The default value for the TRequest is 165,000 microseconds.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The TRequest parameter specifies the default Token Ring Timer (TRT) value for the FDDI module. This value is used when negotiating the TRT with other stations. The TRT is used to control ring scheduling during normal operation and to detect and recover from serious ring error situations. Whenever the TRT expires, the station uses the TRequest value to negotiate with other stations for the lowest value. The default setting of 165,000 microseconds is sufficient for most networks.
Example
The following example shows how to change the TRequest value to 3500 microseconds for module 4:
Console> (enable) set fddi treq 4 3500
Mac 4/1 T-request set to 3500 usec.
Console> (enable)
Related Commands
set fddi alarm
set fddi cutoff
set fddi help
set fddi tlmin
set fddi tnotify
set fddi userdata
show fddi
set fddi userdata
Use the set fddi userdata privileged command to configure the user-data string in the Station Management (SMT) Management Information Base (MIB) of an FDDI module.
set fddi userdata mod_num [userdata_string]Syntax Description
| mod_num | Number of the module. |
| userdata_string | (Optional) Character string that identifies the node in a meaningful way. |
Default
The default value for the FDDI user data string is "Catalyst 5000."
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The user-data string is useful for identifying the FDDI module or Catalyst 5000 series switch when using a management tool to configure and maintain an internetwork or when accessing the FDDI module remotely. The user-data string might be a term identifying the function of the network node or the users connected to the network node.
Example
The following example shows how to change the user-data string to "Engineering" for module 4:
Console> (enable) set fddi userdata 4 Engineering Module 4 SMT User Data set to Engineering. Console> (enable)
Related Commands
set fddi alarm
set fddi cutoff
set fddi help
set fddi tlmin
set fddi tnotify
set fddi treq
show fddi
set help
Use the set help command to list the set commands with brief descriptions of their functions.
set helpSyntax Description
This command has no arguments or keywords.
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Normal and privileged.
Usage Guideline
In normal mode, the set help command lists the set commands available in normal mode. In privileged mode, the set help command lists the set commands available in privileged mode.
Example
The following example shows how to list the set commands available in privileged mode:
Console> (enable) set help
Set commands:
------------------------------------------------------------------------
set alias Set alias for command
set arp Set ARP table entry
set authentication Set TACACS authentication
set banner Set message of the day banner
set bridge Set bridge, use 'set bridge' for more info
set cam Set CAM table entry
set cdp Set cdp, use 'set cdp help' for more info
set cgmp Set CGMP (enable/disable)
set enablepass Set privilege mode password
set fddi Set FDDI, use 'set fddi' for more info
set help Show this message
set interface Set network interface configuration
set ip Set IP, use 'set ip help' for more info
set length Set number of lines in display (0 to disable 'more')
set logging Set system logging configuration information
set logout Set number of minutes before automatic logout
set module Set module, use 'set module help' for more info
set multicast Set multicast router port
set ntp Set NTP, use 'set ntp help' for more info
set password Set console password
set port Set port, use 'set port help' for more info
set prompt Set prompt
set snmp Set SNMP, use 'set snmp help' for more info
set span Set switch port analyzer
set spantree Set spantree, use 'set spantree help' for more info
set summertime Set summertime
set system Set system, use 'set system help' for more info
set tacacs Set TACACS information
set time Set time
set timezone Set timezone
set trunk Set trunk ports
set vlan Set virtual LAN information
set vmps Set VMPS information
set vtp Set VLAN Trunk Information
Console> (enable)
Related Commands
set interface
Use the set interface privileged command to configure network interfaces.
set interface {sc0 | sl0} {up | down}set interface sc0 [ip_address [netmask [broadcast]]]
set interface sl0 slip_address dest_address
Syntax Description
| sc0 | Keyword that specifies the in-band interface. |
| sl0 | Keyword that specifies the Serial Line Internet Protocol (SLIP) interface. |
| up | Keyword used to bring the interface into operation. |
| down | Keyword used to bring the interface out of operation. |
| ip_address | (Optional) IP address. |
| netmask | (Optional) Subnet mask. |
| broadcast | (Optional) Broadcast mask. |
| slip_address | IP address of the console port. |
| dest_address | IP address of the host to which the console port will be connected. |
Default
The default configuration is sc0 and sl0 with IP address, netmask, and broadcast set as 0.0.0.0. The destination address for sl0 is also 0.0.0.0.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The set interface command can be used to assign network addresses administratively, subnet masks for the Catalyst 5000 interfaces, and destination addresses for SLIP interfaces. It can also be used administratively to bring the interfaces up or down. There are two configurable network interfaces on a Catalyst 5000 series switch: in-band (sc0) and SLIP (sl0). Once you assign an IP address to sc0, the Catalyst 5000 becomes accessible through Ethernet and FDDI interfaces.
Examples
The following example shows how to set interface sc0 and interface sl0 from the console port. It also shows how to administratively bring down interface sc0 using a console terminal:
Console> (enable)set interface sc0 192.200.11.44 255.255.255.0Interface sc0 IP address and netmask set. Console> (enable)set interface sl0 192.200.10.45 192.200.10.103Interface sl0 SLIP and destination address set. Console> (enable)set interface sc0 down.Interface sc0 administratively down. Console> (enable)
The following example shows how to set the IP address for sc0 through a Telnet session:
Console> (enable)set interface sc0 192.200.11.40This command may disconnect active telnet sessions. Do you want to continue (y/n) [n]?yInterface sc0 IP address set.
The following example shows how to take the interface out of operation through a Telnet session:
Console> (enable)set interface sc0 downThis command will inactivate telnet sessions. Do you want to continue (y/n) [n]?yInterface sc0 administratively down.
The following example shows how to identify the VLAN on which to store the IP address:
Console> (enable) set interface sc0 5 Interface sc0 vlan set. Console> (enable) set interface sc0 200 Vlan is not active, user needs to set vlan 200 active Interface sc0 vlan set. Console> (enable)
Related Command
set ip alias
Use the set ip alias privileged command to add aliases of IP addresses.
set ip alias name ip_addrSyntax Description
| name | Name of the alias being defined. |
| ip_addr | IP address of the alias being defined. |
Default
The default configuration has one IP alias (0.0.0.0) configured as the default.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to define an IP alias of "mercury" for IP address 192.122.174.234:
Console> (enable) set ip alias mercury 192.122.174.234
IP alias added.
Console> (enable)
Related Commands
set ip dns
Use the set ip dns privileged command to enable or disable Domain Name System (DNS).
set ip dns {enable | disable}Syntax Description
| enable | Enable DNS. |
| disable | Disable DNS. |
Default
By default, DNS is disabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to enable and disable DNS:
Console> (enable)set ip dns enableDNS is enabled. Console> (enable)set ip dns disableDNS is disabled. Console> (enable)
Related Command
set ip dns domain
Use the set ip dns domain privileged command to set the default DNS domain name.
set ip dns domain nameSyntax Description
| name | Default DNS domain name. |
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
If you specify a specific domain name on the command line, the system will attempt to resolve the host name as entered. If the system cannot resolve the host name as entered, it appends the default DNS domain name as defined with the set ip dns domain command. If you specify a domain name with a trailing dot, the program considers this name an absolute domain name.
Example
The following example shows how to set the default DNS domain name:
Console> (enable) set ip dns domain yow.com
Default DNS domain name set to yow.com.
Console> (enable)
Related Commands
clear ip dns domain
show ip dns
set ip dns server
Use the set ip dns server privileged command to set the IP address of a DNS server.
set ip dns server ip_addr [primary]Syntax Description
| ip_addr | IP address of the DNS server. |
| primary | (Optional) Keyword used to configure a DNS server as the primary server. |
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
You can configure up to three DNS name servers as backup. You can also configure any DNS server as the primary server. The primary server is the first one to be queried. If the primary server fails, the backup servers are queried.
If DNS is disabled, you must use the IP address with all commands that require explicit IP addresses or manually define an alias for that address. The alias has priority over DNS.
Examples
The following examples show how to set the IP address of a DNS server:
Console> (enable)set ip dns server 198.92.30.32198.92.30.32 added to DNS server table as primary server. Console> (enable)set ip dns server 171.69.2.132 primary171.69.2.132 added to DNS server table as primary server. Console> (enable)set ip dns server 161.44.128.70DNS server table is full. 161.44.128.70 not added to DNS server table.
Related Commands
clear ip dns server
show ip dns
set ip fragmentation
Use the set ip fragmentation privileged command to enable or disable the fragmentation of IP packets bridged between FDDI and Ethernet networks. Note that FDDI and Ethernet networks have different maximum transmission units (MTUs).
set ip fragmentation {enable | disable}Syntax Description
| enable | Keyword that permits fragmentation for IP packets bridged between FDDI and Ethernet networks. |
| disable | Keyword that disables fragmentation for IP packets bridged between FDDI and Ethernet networks. |
Default
The default value is IP fragmentation enabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
If IP fragmentation is disabled, packets will be dropped.
Example
The following example shows how to disable IP fragmentation:
Console> (enable) set ip fragmentation disable Bridge IP fragmentation disabled. Console> (enable)
Related Commands
set ip help
Use the set ip help privileged command to list the set ip commands.
set ip helpSyntax Description
This command has no arguments or keywords.
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to list the set ip commands:
Console> (enable) set ip help Set ip commands: ---------------------------------------------------------------------- set ip alias Set alias for IP Address set ip dns Set DNS information set ip fragmentation Set IP fragmentation enable/disable set ip help Show this message set ip permit Set IP Permit List set ip redirect Set ICMP redirect enable/disable set ip route Set IP routing table entry set ip unreachable Set ICMP unreachable messages Console> (enable)
set ip permit
Use the set ip permit privileged command to enable or disable the IP permit list. Use the set ip permit ip_address command to specify an IP address to be added to the IP permit list.
set ip permit {enable | disable}set ip permit ip_address [mask]
Syntax Description
| enable | Keyword used to enable the IP permit list. |
| disable | Keyword used to disable the IP permit list. |
| ip_address | IP address to be added to the IP permit list. An IP alias or host name that can be resolved through DNS can also be used. |
| mask | (Optional) Subnet mask of the specified IP address. |
Default
By default, the IP permit list is disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
You can configure up to 10 entries in the permit list. If the IP permit list is enabled, but the permit list has no entries configured, a caution is displayed on the screen.
Example
The following example shows how to use the set ip permit command:
Console> (enable)set ip permit enableIP permit list enabled. WARNING!! IP permit list has no entries. Console> (enable)set ip permit 172.100.101.102172.100.101.102 added to IP permit list. Console> (enable)set ip permit batboybatboy added to IP permit list. Console> (enable)set ip permit 172.160.161.0 255.255.192.0172.160.128.0 with mask 255.255.192.0 added to IP permit list. Console> (enable)set ip permit disableIP permit list disabled.
Related Commands
clear ip permit
set ip permit
show ip permit
show snmp
set ip redirect
Use the set ip redirect privileged command to enable or disable Internet Control Message Protocol (ICMP) redirect messages on the Catalyst 5000 series switch.
set ip redirect {enable | disable}Syntax Description
| enable | Keyword that permits ICMP redirect messages to be returned to the source host. |
| disable | Keyword that prevents ICMP redirect messages from being returned to the source host. |
Default
The default configuration has ICMP redirect enabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to deactivate ICMP redirect messages:
Console> (enable) set ip redirect disable
ICMP redirect messages disabled.
Console> (enable)
Related Commands
set ip route
Use the set ip route privileged command to add IP addresses or aliases to the IP routing table.
set ip route destination gateway [metric]Syntax Description
| destination | IP address or IP alias of the network or specific host to be added. Use default as the destination to set the new entry as the default route. |
| gateway | IP address or IP alias of the router. |
| metric | (Optional) Value used to indicate whether the destination network is local or remote. Use 0 for local and 1 for remote. |
Default
The default configuration routes the local network through the sc0 interface with metric 0 as soon as sc0 is configured.
Command Type
Switch command.
Command Mode
Privileged.
Examples
The following example shows how to add a route to the IP routing table:
Console> (enable) set ip route 192.122.173.211 192.122.173.1
Route added.
Console> (enable)
The following example shows how to add a default route to the IP routing table:
Console> (enable) set ip route default 192.122.173.1
Route added.
Console> (enable)
Related Commands
clear ip route
show ip route
show snmp
set ip unreachable
Use the set ip unreachable privileged command to enable or disable ICMP unreachable messages on the switch.
set ip unreachable {enable | disable}Syntax Description
| enable | Keyword that allows IP unreachable messages to be returned to the source host. |
| disable | Keyword that prevents IP unreachable messages from being returned to the source host. |
Default
The default has ICMP unreachable messages enabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
When enabled, the switch returns an ICMP unreachable message to the source host whenever it receives an IP datagram that it cannot deliver. When disabled, the switch does not notify the source host when it receives an IP datagram that it cannot deliver.
For example, a switch has the ICMP unreachable message function enabled and IP fragmentation disabled. If an FDDI frame is received and needs to be transmitted to an Ethernet port, the switch will not be able to fragment the packet. The switch will drop the packet and return an IP unreachable message to the Internet source host.
Example
The following example shows how to disable ICMP unreachable messages:
Console> (enable) set ip unreachable disable ICMP Unreachable message disabled. Console> (enable)
Related Command
set length
Use the set length command to configure the number of lines in the terminal display screen.
set length number [default]Syntax Description
| number | Number of lines to display on the screen (0 to 512). |
| default | (Optional) Keyword that sets the number of lines in the terminal display screen for the current administration session and all other sessions. This keyword is only available in privileged mode. |
Default
The default value is 24 lines upon starting a session. When the value is changed in a session, it applies only to that session. When you use the clear config command, the number of lines in the terminal display screen is reset to the factory default of 100.
Command Type
Switch command.
Command Mode
Normal and privileged.
Usage Guidelines
Output from a single command that overflows a single display screen is followed by the "--More--" prompt. At the "--More--" prompt, you can press Ctrl-C, q, or Q to interrupt the output and return to the prompt, press the Spacebar to display an additional screen of output, or press Return to display one more line of output.
Setting the screen length to 0 turns off the scrolling feature and causes the entire output to be displayed at once. Unless the default keyword is used, a change to the terminal length value applies only to the current session.
Examples
The following example shows how to set the screen length to 60 lines:
Console> set length 60
Screen length for this session set to 60.
Console>
The following example shows how to set the default screen length to 40 lines:
Console> (enable) set length 40 default
Screen length set to 40.
Console> (enable)
set logging console
Use the set logging console privileged command to enable and disable the sending of system logging messages to the console.
set logging console {enable | disable}Syntax Description
| enable | Keyword used to enable system message logging to the console. |
| disable | Keyword used to disable system message logging to the console. |
Default
By default, system message logging to the console is enabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to enable and disable system message logging to the console:
Console (enable)set logging console enableSystem logging messages will be sent to the console.Console (enable)set logging console disableSystem logging messages will not be sent to the console.
Related Commands
set logging level
set logging session
show logging
show logging buffer
set logging level
Use the set logging level privileged command to set the facility and severity level used when logging system messages.
set logging level facility severity [default]Syntax Description
| facility | Value that specifies the type of system messages to be captured. Facility types are shown in Table 5-1. |
| severity | Value that specifies the severity level of system messages to be captured. Severity level definitions are shown in Table 5-2. |
| default | (Optional) Keyword that causes the specified logging level to be applied to all sessions. If default is not used, the specified logging level applies only to the current session. |
Table 5-1: Facility Types
| Facility Name | Definition |
|---|---|
| cdp | Cisco Discovery Protocol |
| cgmp | Cisco Group Management Protocol |
| disl | Dynamic Inter-Switch Link |
| dvlan | Dynamic VLAN |
| earl | Encoded Address Recognition Logic |
| fddi | Fiber Distributed Data Interface |
| ip | Internet Protocol |
| pruning | VTP pruning |
| snmp | Simple Network Management Protocol |
| spantree | Spanning-Tree Protocol |
| sys | System |
| tac | Terminal Access Controller |
| tcp | Transmission Control Protocol |
| telnet | Terminal emulation protocol |
| tftp | Trusted File Transfer Protocol |
| vmps | VLAN Membership Policy Server |
| vtp | Virtual Terminal Protocol |
Table 5-2: Severity Level Definitions
| Severity Level | Keyword | Description |
|---|---|---|
| 0 | emergencies | System unusable |
| 1 | alerts | Immediate action required |
| 2 | critical | Critical condition |
| 3 | errors | Error conditions |
| 4 | warnings | Warning conditions |
| 5 | notifications | Normal bug significant condition |
| 6 | informational | Informational messages |
| 7 | debugging | Debugging messages |
Default
By default, facility is set to all and level is set to 0.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the default facility and severity level for system message logging:
Console (enable)set logging level snmp 2 defaultSystem logging facility <snmp> set to severity 2(critical).Console (enable)
Related Commands
show logging
show logging buffer
set logging server
Use the set logging server privileged command to enable and disable system message logging to configured syslog servers, and to add a syslog server to the system logging server table.
set logging server {enable | disable}set logging server ip_addr
Syntax Description
| enable | Keyword used to enable system message logging to configured syslog servers. |
| disable | Keyword used to disable system message logging to configured syslog servers. |
| ip_addr | IP address of the syslog server to be added to the configuration. An IP alias or a host name that can be resolved through DNS can also be used. |
Default
By default, no syslog servers are configured to receive system messages.
Command Type
Switch command.
Command Mode
Privileged.
Examples
The following example shows how to enable system message logging to the console:
Console (enable)set logging server enableSystem logging messages will be sent to the configured syslog servers.Console (enable)
The following example shows how to add a syslog server to the system logging server table:
Console (enable)set logging server 171.69.192.205171.69.192.205 added to the System logging server table.Console (enable)
Related Commands
clear logging server
show logging
set logging session
Use the set logging session privileged command to enable or disable the sending of system logging messages to the current login session.
set logging session {enable | disable}Syntax Description
| enable | Keyword used to enable the sending of system logging messages to the current login session. |
| disable | Keyword used to disable the sending of system logging messages to the current login session. |
Default
By default, system message logging to the current login session is enabled.
Command Type
Switch command.
Command Mode
Privileged.
Examples
The following example shows how to prevent system logging messages from being sent to the current login session:
Console> (enable) set logging session disable
System logging messages will not be sent to the current login session.
Console> (enable)
The following example shows how to cause system logging messages to be sent to the current login session:
Console> (enable) set logging session enable
System logging messages will be sent to the current login session.
Console> (enable)
Related Commands
set logging console
set logging level
show logging
show logging buffer
set logout
Use the set logout privileged command to set the number of minutes until the system automatically disconnects an idle session.
set logout timeoutSyntax Description
| timeout | Number of minutes (0 to 10000) until the system automatically disconnects an idle session. Setting the value to 0 disables the automatic disconnection of idle sessions. |
Default
The default value is 20 minutes.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the number of minutes until the system automatically disconnects an idle session:
Console> (enable)set logout 20Sessions will be automatically logged out after 20 minutes of idle time. Console> (enable)set logout 0Sessions will not be automatically logged out. Console> (enable)
set module disable
Use the set module disable privileged command to disable a module.
set module disable mod_numSyntax Description
| mod_num | Number of the module. You can specify a series of modules by entering a comma between each module number (for example 2,3,5). You can specify a range of modules by entering a dash between module numbers (for example, 2-5). |
Default
The default configuration has all modules enabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
Avoid disabling a module when connected via a Telnet session because if your session is established on the module being disabled, the session will hang. The supervisor module cannot be disabled.
Examples
The following example shows how to disable module 3 when connected via the console port:
Console> (enable) set module disable 3
Module 3 disabled.
Console> (enable)
The following example shows how to disable module 2 when connected via a Telnet session:
Console> (enable)set module disable 2This command may disconnect your telnet session. Do you want to continue (y/n) [n]?yModule 2 disabled.
Related Commands
set module enable
Use the set module enable privileged command to enable a module.
set module enable module_numSyntax Description
| module_num | Number of the module to enable. |
Default
The default setting has all modules enabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
If an individual port on a module was previously disabled, enabling the module does not enable the disabled port.
Example
The following example shows how to enable module 2:
Console> (enable) set module enable 2
Module 2 enabled.
Console> (enable)
Related Commands
set module help
Use the set module help privileged command to list the set module commands.
set module helpSyntax Description
This command has no arguments or keywords.
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to list the set module commands:
Console> (enable) set module help
Set module commands:
----------------------------------------------------------------------
set module disable Disable a module
set module enable Enable a module
set module help Show this message
set module name Set module name
Console> (enable)
Related Commands
set module disable
set module enable
set module name
set module name
Use the set module name privileged command to set the name for a module.
set module name module_num [module_name]Syntax Description
| module _num | Number of the module. |
| module_name | (Optional) Name being created for the module. |
Default
The default configuration has no module names configured for any modules.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
If the module name is not specified, any previously specified name is cleared.
Use the set module name command to set the module for the RSM. Additional set module commands are not supported by the RSM.
Example
The following example shows how to set the name for module 1 to Supervisor:
Console> (enable) set module name 1 Supervisor
Module name set.
Console> (enable)
Related Command
set multicast router
Use the set multicast router privileged command to statically configure multicast router ports.
set multicast router mod_num/port_numSyntax Description
| mod _num | Number of the module. |
| port_num | Number of the port on the module. |
Default
By default, no ports are configured as multicast router ports.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
When CGMP is enabled, it automatically identifies the ports to which a CGMP-capable router is attached. The set multicast router command allows you to statically configure multicast router ports.
Example
The following example shows how to configure a multicast router port:
Console> (enable)set multicast router 3/1Port 3/1 added to multicast router port list.Console> (enable)
Related Commands
set cgmp
show multicast group
show multicast router
set ntp broadcastclient
Use the set ntp broadcastclient privileged command to enable or disable Network Time Protocol (NTP) in broadcast client mode.
set ntp broadcastclient {enable | disable}Syntax Description
| enable | Keyword used to enable NTP in broadcast client mode. |
| disable | Keyword used to disable NTP in broadcast client mode. |
Default
Disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The broadcast client mode assumes that a broadcast server, such as a router, is regularly sending time-of-day information to the Catalyst 5000 series switch.
Example
The following example shows how to enable and disable an NTP broadcast client:
Console> (enable) set ntp broadcastclient enable NTP Broadcast Client mode enabled. Console> (enable) set ntp broadcastclient disable NTP Broadcast Client mode disabled.
Related Command
set ntp broadcastdelay
Use the set ntp broadcastdelay privileged command to configure a time-adjustment factor for the receiving of broadcast packets by the Catalyst 5000 series switch.
set ntp broadcastdelay microsecondsSyntax Description
| microseconds | Estimated round-trip time, in microseconds, for NTP broadcasts. Allowable range is from 1 to 999999. |
Default
By default, the NTP broadcast delay is set to 3000.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the NTP broadcast delay to 4000 microseconds:
Console> (enable) set ntp broadcastdelay 4000 NTP broadcast delay set to 4000 microseconds. Console> (enable)
Related Command
set ntp client
Use the set ntp client privileged command to enable or disable the Catalyst 5000 series switch as an NTP client.
set ntp client {enable | disable}Syntax Description
| enable | Keyword used to enable the Catalyst 5000 series switch as an NTP client. |
| disable | Keyword used to disable the Catalyst 5000 series switch as an NTP client. |
Default
By default, NTP client mode is disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
You can configure NTP in either broadcast client mode or client mode. The broadcast client mode assumes that a broadcast server, such as a router, is regularly sending time-of-day information to the Catalyst 5000 series switch. The client mode assumes that the client (the Catalyst 5000 series switch) is regularly sending time-of-day requests to the NTP server.
Example
The following example shows how to enable NTP client mode:
Console> (enable) set ntp client enable NTP client mode enabled. Console> (enable)
Related Command
set ntp server
Use the set ntp server privileged command to configure the IP address of the NTP server.
set ntp server ip_addrSyntax Description
| ip_addr | IP address of the NTP server providing the clock synchronization. |
Default
There is no default setting for this command.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The client mode assumes that the client (the Catalyst 5000 series switch) is regularly sending time-of-day requests to the NTP server. A maximum of ten servers per client is allowed.
Example
The following example shows how to configure an NTP server:
Console> (enable) set ntp server 172.20.22.191 NTP server 172.20.22.191 added. Console> (enable)
Related Commands
set password
Use the set password privileged command to change the login password on the command-line interface.
set passwordSyntax Description
This command has no arguments or keywords.
Default
The default configuration has no password configured.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The command prompts you for the old password. If the password you enter is valid, you are prompted to enter a new password and to verify the new password. A zero-length password is allowed.
Example
The following example shows how to set an initial password:
Console> (enable)set passwordEnter old password:<old_password>Enter new password:<new_password>Retype new password:<new_password>Password changed. Console> (enable)
set port broadcast
Use the set port broadcast privileged command to set the broadcast/multicast suppression for one or more ports.
set port broadcast mod_num/port_num threshold[%]Syntax Description
| mod _num | Number of the module. |
| port_num | Number of the port. |
| threshold | Number of packets-per-second of broadcast/multicast traffic allowed on the port, or the percentage of total available bandwidth that can be used by broadcast/multicast traffic. |
| % | (Optional) Keyword used if threshold is expressed as a percentage of total available bandwidth that can be used by broadcast/multicast traffic. |
Note The following Catalyst 5000 series switching modules support hardware broadcast/multicast suppression: Ethernet Switching module (10BaseT 48 port, Telco), part number WS-X5012; and Group Switching Fast Ethernet Module (100BaseTX 24 Port), part number WS-X5223.
Software broadcast/multicast suppression is supported in all Ethernet line cards that support hardware broadcast/multicast suppression, except the Ethernet Switching module (10BaseT 48 port, Telco, WS-X5012). For more information on the broadcast/multicast suppression feature, see the Catalyst 5000 Series Advanced Software Configuration Guide.
Default
The default system configuration has broadcast/multicast suppression disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
Although bandwidth-based broadcast/multicast suppression applies to all ports on a module, you must still specify a port number according to the syntax rules of the set port broadcast mod_num/port_num threshold [%] command. For example, if you specify port 3 on module 4 (4/3), broadcast/multicast suppression will be applied to every port on module 4. You can specify any port number between 1 and 24.
Only the Ethernet Switching module (10BaseT 48 port, Telco, WS-X5012) supports bandwidth-based broadcast/multicast suppression on a per port basis.
Examples
The following example shows how to limit broadcast traffic to 500 packets per second on ports 2/1-3/24:
Console> (enable)set port broadcast 2/1-3/24 500Ports 2/1-3/24 broadcast traffic limited to 500 packets.
The following example shows how to limit broadcast traffic to 20 percent to all ports on module 4 (see the Usage Guidelines for more information about this example):
Console> (enable)set port broadcast 4/3 20%Port 4/1-24 broadcast traffic limited to 20%.
The following example shows how to allow unlimited broadcast traffic to all ports on module 4 (see the Usage Guidelines for more information about this example):
Console> (enable)set port broadcast 4/3 100%Port 4/1-24 broadcast traffic unlimited.
Related Commands
set port channel
Use the set port channel privileged command to enable or disable Fast EtherChannel on Fast Ethernet module ports.
set port channel port_list {on | off}Syntax Description
| port_list | Module and ports to bundle. |
| on | Keyword that enables Fast EtherChannel for the specified module ports. |
| off | Keyword that disables Fast EtherChannel for the specified module ports. |
Default
The default system configuration has Fast EtherChannel disabled on all module ports.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
Make sure that all ports in the channel are configured with the same port speed, duplex mode, and so forth. For more detailed information on using Fast EtherChannel, refer to the "Configuring Ethernet and Fast Ethernet Switching Modules" chapter in the Catalyst 5000 Series Advanced Software Configuration Guide.
 | Caution After enabling Fast EtherChannel, spanning tree must be disabled on all VLANs assigned to the channel. Fast EtherChannel will not function properly with spanning tree enabled. |
Disabling Fast EtherChannel on module ports will also disable those ports.
Examples
The following example shows how to enable Fast EtherChannel on ports 5-8 of Fast Ethernet module 2:
Console> (enable) set port channel 2/5-8 on
Warning: Configure same speed, duplex, % broadcast limit, vlan and trunk mode for all ports in the channel. Disable spanning tree for the vlans that the channelled ports belong. Use with caution.
Ports 2/5-8 channel mode set to on.
The following example shows how to disable Fast EtherChannel on ports 5-8 of Fast Ethernet module 2:
Console> (enable) set port channel 2/5-8 off
Ports 2/5-8 disabled and channel mode set to off.
Console> (enable)
Related Command
set port
Use the set port privileged command to enable or disable a port or a range of ports.
set port {enable | disable} mod_num/port_numSyntax Description
| enable | Keyword that enables the specified port. |
| disable | Keyword that disables the specified port. |
| mod _num | Number of the module. |
| port_num | Number of the port. |
Default
The default system configuration has all ports enabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to enable and disable ports using the set port command:
Console> (enable)set port enable 2/3Port 2/3 enabled. Console> (enable)set port disable 5/10Port 5/10 disabled. Console> (enable)
Related Command
set port duplex
Use the set port duplex privileged command to configure the duplex type of an Ethernet or Fast Ethernet port or range of ports.
set port duplex mod_num/port_num {full | half}Syntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| full | Keyword that specifies full-duplex transmission. |
| half | Keyword that specifies half-duplex transmission. |
Default
The default configuration for 10-Mbps and 100-Mbps modules has all Ethernet ports set to half duplex. The default configuration for 10/100-Mbps Fast Ethernet modules has all ports set to auto.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
- Ethernet and Fast Ethernet interfaces can be configured to either full duplex or half duplex. When a port is in autosensing mode, both its speed and duplex are determined by autosensing. An error message like the following is therefore generated if you attempt to set the transmission type of autosensing Fast Ethernet ports to half- or full-duplex mode:
Console> (enable) set port duplex 2/1 full
(1 port - failed)
Port 2/1 is in auto-sensing mode.
- The set port duplex command is not valid on the 48-port module.
Example
The following example shows how to set port 1 on module 2 to full duplex:
Console> (enable) set port duplex 2/1 full Port 2/1 set to full-duplex. Console> (enable)
Related Command
set port help
Use the set port help privileged command to list the set port commands.
set port helpSyntax Description
This command has no arguments or keywords.
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to list the set port commands:
Console> (enable) set port help
Set port commands:
----------------------------------------------------------------------
set port broadcast Set port broadcast traffic limit
set port channel Set port channel (on/off)
set port disable Disable a port
set port duplex Set port transmission type (full/half duplex)
set port enable Enable a port
set port help Show this message
set port level Set port priority level (normal/high)
set port membership Set vlan membership assignment to a port
set port multicast Set port multicast router
set port name Set port name
set port security Set port security (enable/disable)
set port speed Set port transmission speed (10/100 Mbps)
set port trap Set port up/down trap (enable/disable)
Console> (enable)
set port level
Use the set port level privileged command to set the priority level of a port or range of ports on the switching bus.
set port level mod_num/port_num {normal | high}Syntax Description
| mod_num | Number of the module. |
| port_num | Number of the port on the module. |
| normal | Keyword that sets the port priority to normal. |
| high | Keyword that sets the port priority to high. |
Default
The default configuration has all ports at normal priority level.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
Packets traveling through a port set at normal priority are served only after packets traveling through a port set at high priority are served.
Example
The following example shows how to set the priority level for port 2 on module 1 to high:
Console> (enable) set port level 1/2 high
Port 1/2 port level set to high.
Console> (enable)
Related Commands
set port
set port duplex
set port help
set port name
set port speed
set port trap
show port
set port membership
Use the set port membership privileged command to dynamically or statically assign membership of a port or range of ports to a VLAN.
set port membership mod_num/port_num {dynamic | static}Syntax Description
| mod_num | Module number. |
| port_num | Port number. |
| dynamic | Keyword used to dynamically assign VLAN membership to a port. |
| static | Keyword used to statically assign VLAN membership to a port. |
Default
Default port membership is static.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
When a port is assigned a VLAN dynamically, the show port command output identifies the VLAN as dynamic and, if the dynamic port is shut down by a VLAN Membership Policy Server (VMPS), its status will be shown as shutdown.
Examples
The following examples show how to assign VLAN membership to one or more ports using the set port membership command:
Console> (enable) set port membership 3/1-3 dynamic Ports 3/1-3 vlan assignment set to dynamic. Spantree port fast start option enabled for ports 3/1-3. Console> (enable) Console> (enable) set port membership 4/2 dynamic Ports 4/1-12 vlan assignment set to dynamic. Spantree port fast start option enabled for port 4/2. Console> (enable)
Related Commands
set port name
Use the set port name privileged command to configure a name for a port.
set port name mod_num/port_num [name_string]Syntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| name_string | (Optional) String that describes the port. |
Default
The default configuration has no port name configured for any port.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
If the name string is not specified, the port name is cleared.
Use the set module port command to set the port for the RSM. Additional set port commands are not supported for the RSM.
Example
The following example shows how to set port 1 on module 4 to Snowy:
Console> (enable) set port name 4/1 Snowy
Port 4/1 name set.
Console> (enable)
Related Commands
set port
set port duplex
set port help
set port level
set port speed
set port trap
show port
set port security
Use the set port security privileged command to configure port security on a port or range of ports on an Ethernet module.
set port security mod_num/port_num {enable | disable} [mac_addr]Syntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| enable | Keyword used to enable port security. |
| disable | Keyword used to disable port security. |
| mac_addr | (Optional) Secure MAC address of the enabled port. |
Default
The default configuration has port security disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
If the MAC address is not given, the command turns on learning mode so that the first MAC address seen on the port becomes the secure MAC address.
Examples
The following example shows how to set port security with a learned MAC address:
Console> (enable)set port security 3/1 enablePort 3/1 port security enabled with the learned mac address.
The following example shows how to set port security with a specific MAC address:
Console> (enable)set port security 3/1 enable 01-02-03-04-05-06Port 3/1 port security enabled with 01-02-03-04-05-06 as the secure mac address.
Related Commands
set port speed
Use the set port speed privileged command to configure the speed of a Fast Ethernet interface.
set port speed mod_num/port_num {10 | 100 | auto}Syntax Description
| mod_num | Number of the module. |
| port _num | Number of the port. |
| 10 | Keyword used to set the port speed to 10 Mbps. |
| 100 | Keyword used to set the port speed to 100 Mbps. |
| auto | Keyword used to enable autosensing mode to determine the port speed. |
Default
The default configuration has all 10/100-Mbps Fast Ethernet switching module ports set to auto.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
Fast Ethernet interfaces on the 10/100-Mbps Fast Ethernet Switching module can be configured to either 10 Mbps or 100 Mbps. They can also be set to autosensing mode, allowing them to sense and distinguish between 10-Mbps and 100-Mbps port transmission speeds and full-duplex or half-duplex port transmission types at a remote port connection. Set at autosensing mode, the interfaces automatically configure themselves to operate at the proper speed and transmission type.
Example
The following example shows how to use the set port speed command:
Console> (enable) set port speed 2/1 auto Port 2/1 speed set to auto-sensing mode. Console> (enable) set port speed 2/2 10 Port 2/2 speed set to 10 Mbps. Console> (enable) set port speed 2/3 100 Port 2/3 speed set to 100 Mbps.
Related Commands
set port
set port duplex
set port help
set port level
set port name
set port trap
show port
set port trap
Use the set port trap privileged command to enable or disable the operation of the standard SNMP link trap (up or down) for a port or range of ports.
set port trap mod_num/port_num {enable | disable}Syntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| enable | Keyword used to activate the SNMP link trap. |
| disable | Keyword used to deactivate the SNMP link trap. |
Default
The default configuration has all port traps disabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to enable the SNMP link trap for module 1, port 2:
Console> (enable) set port trap 1/2 enable
Port 1/2 up/down trap enabled.
Console> (enable)
Related Commands
set port
set port duplex
set port help
set port level
set port name
set port speed
show port
set prompt
Use the set prompt privileged command to change the prompt for the command-line interface.
set prompt prompt_stringSyntax Description
| prompt_string | String to use as the command prompt. |
Default
The default configuration has the prompt set to Console>.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the prompt to "system100>":
Console> (enable) set prompt system100>
system100> (enable)
set snmp community
Use the set snmp community privileged command to set SNMP communities and associated access types.
set snmp community {read-only | read-write | read-write-all} [community_string]Syntax Description
| read-only | Keyword that assigns read-only access to the specified SNMP community. |
| read-write | Keyword that assigns read-write access to the specified SNMP community. |
| read-write-all | Keyword that assigns read-write access to the specified SNMP community. |
| community_string | (Optional) Option used to specify the name of the SNMP community. |
Default
The default configuration has the following communities and access types defined:
- public--read-only
- private--read-write
- secret--read-write-all
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
There are three configurable SNMP communities, one for each access type. If the community string is not specified, the community string configured for that access type is cleared.
Examples
The following example shows how to set read-write access to the SNMP community called yappledapple:
Console> (enable) set snmp community read-write yappledapple
SNMP read-write community string set.
The following example shows how to clear the community string defined for read-only access:
Console> (enable) set snmp community read-only
SNMP read-only community string cleared.
Console> (enable)
Related Command
set snmp help
Use the set snmp help privileged command to list the set snmp commands.
set snmp helpSyntax Description
This command has no arguments or keywords.
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to list the set snmp commands:
Console> (enable) set snmp help
Set snmp commands:
----------------------------------------------------------------------
set snmp community Set SNMP community string
set snmp help Show this message
set snmp rmon Set SNMP RMON
set snmp trap Set SNMP trap information
Console> (enable)
set snmp rmon
Use the set snmp rmon privileged command to enable or disable SNMP remote monitoring (RMON) support.
set snmp rmon {enable | disable}Syntax Description
| enable | Keyword used to activate SNMP remote monitoring support. |
| disable | Keyword used to deactivate SNMP remote monitoring support. |
Default
The default for remote monitoring support is enabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
The following configurations and implementations are supported:
- RMON statistics are collected on a segment basis instead of a repeater port basis for the Catalyst 5000 series group switching Ethernet module (10BaseT 48-port).
- The RMON feature deinstalls all of the domains for all of the interfaces on an Ethernet module that has been removed from the system.
- RMON is only enabled for Ethernet ports.
- Supported RMON groups enabled are Ethernets, history, alarm, and events as specified in RFC 1757.
- Use of this command requires a separate software license.
Example
The following example shows how to enable and disable RMON support:
Console> (enable)set snmp rmon enableSNMP RMON support enabled. Console> (enable)set snmp rmon disableSNMP RMON support disabled.
Related Command
set snmp trap
Use the set snmp trap privileged command to enable or disable the different SNMP traps on the system, or to add an entry into the SNMP authentication trap receiver table.
set snmp trap {enable | disable} [all | module | chassis | bridge | repeater | auth | vtp | ippermit]set snmp trap rcvr_address rcvr_community
Syntax Description
| enable | Keyword used to activate SNMP traps. |
| disable | Keyword used to deactivate SNMP traps. |
| all | Keyword that specifies all types of traps. |
| module | Keyword that specifies the moduleUp and moduleDown traps from the CISCO-STACK-MIB. |
| chassis | Keyword that specifies thechassisAlarmOn and chassisAlarmOff traps from the CISCO-STACK-MIB. |
| bridge | Keyword that specifies the newRoot and topologyChange traps from RFC 1493 (the BRIDGE-MIB). |
| repeater | Keyword that specifies the rptrHealth,rptrGroupChange, and rptrResetEvent traps from RFC 1516 (the SNMP-REPEATER-MIB). |
| auth | Keyword that specifies the authenticationFailure trap from RFC 1157. |
| vtp | Keyword that specifies the VTP from the CISCO-VTP-MIB. |
| ippermit | Keyword that specifies the ip Permit Denied access from the CISCO-STACK-MIB. |
| rcvr_address | IP address or IP alias of the system to receive SNMP traps. |
| rcvr_community | Community string to use when sending authentication traps. |
Default
The default configuration has SNMP traps disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
An IP permit trap is sent when unauthorized access based on the IP permit list is attempted.
Examples
The following example shows how to enable SNMP chassis traps:
Console> (enable) set snmp trap enable chassis
SNMP chassis alarm traps enabled.
Console> (enable)
The following example shows how to add an entry in the SNMP trap receiver table:
Console> (enable) set snmp trap 192.122.173.42 public
SNMP trap receiver added.
Console> (enable)
Related Commands
clear ip permit
clear snmp trap
set ip permit
show ip permit
show snmp
test snmp trap
set span
Use the set span privileged command to enable or disable switched port analyzer (SPAN), and to set up the port analyzer.
set span {enable | disable}set span {src_mod/src_port | src_vlan} dest_mod/dest_port [rx | tx | both]
Syntax Description
| enable | Keyword that enables port monitoring. |
| disable | Keyword that disables port monitoring. |
| src_mod | Monitored module (source). |
| src_port | Monitored port (source). |
| src_vlan | Monitored VLAN (source). |
| dest_mod | Monitoring module (destination). |
| dest_port | Monitoring port (destination). |
| rx | (Optional) Keyword that specifies that information received at the destination is monitored. |
| tx | (Optional) Keyword that specifies that information transmitted from the source is monitored. |
| both | (Optional) Keyword that specifies that information both transmitted from the source and received at the destination is monitored. |
Default
The default configuration has port monitoring disabled, port 1/1 as the monitoring port (destination), VLAN 1 as the monitored VLAN (source), and both transmit and receive packets monitored. If the parameter rx, tx, or both is not specified, the default is both.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
After SPAN is enabled and the defaults established, subsequent commands replace source ports, VLANs, and destination ports.
Use either a dedicated remote monitor probe or a Sniffer analyzer to monitor ports.
You may specify an RSM port as the source port in set span. If you specify an RSM port as the destination port, you will receive the following message:
Route switch port cannot be a Monitor port.
Example
The following example shows how to enable SPAN on the Catalyst 5000 series switch, and how to monitor transmit traffic on port 2/3 through port 2/4:
Console> (enable)set span enablespan enabled. Console> (enable)set span 2/3 2/4 txEnabled monitoring of ports 2/3 transmit traffic by ports 2/4. Console> (enable)
Related Commands
set spantree disable
Use the set spantree disable privileged command to disable the spanning-tree algorithm for a VLAN.
set spantree disable [vlan]Syntax Description
| vlan | (Optional) Number of the VLAN. If the VLAN number is not specified, the default, VLAN 1, is used. |
Default
The default configuration has all spanning trees enabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to disable the spanning-tree algorithm for VLAN 1:
Console> (enable) set spantree disable 1
VLAN 1 bridge spanning tree disabled.
Console> (enable)
Related Commands
set spantree enable
show spantree
set spantree enable
Use the set spantree enable privileged command to enable the spanning-tree algorithm for a VLAN.
set spantree enable [vlan]Syntax Description
| vlan | (Optional) Number of the VLAN. If a VLAN number is not specified, the default, VLAN 1, is used. |
Default
The default configuration has all spanning trees enabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to activate the spanning-tree algorithm for VLAN 1:
Console> (enable) set spantree enable 1
VLAN 1 bridge spanning tree enabled.
Console> (enable)
Related Commands
set spantree disable
show spantree
set spantree fwddelay
Use the set spantree fwddelay privileged command to set the bridge forward delay for a VLAN.
set spantree fwddelay delay [vlan]Syntax Description
| delay | Number of seconds (4 to 30) for the bridge forward delay. |
| vlan | (Optional) Number of the VLAN; if a VLAN number is not specified, VLAN 1 is assumed. |
Default
The default configuration has the bridge forward delay set to 15 seconds for all VLANs.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the bridge forward delay for VLAN 100 to 16 seconds:
Console> (enable) set spantree fwddelay 16 100
Spantree 100 forward delay set to 16 seconds.
Console> (enable)
Related Command
set spantree hello
Use the set spantree hello privileged command to set the bridge hello time for a VLAN.
set spantree hello interval [vlan]Syntax Description
| interval | Number of seconds (1 to 10) the system waits before sending a bridge hello message (a multicast message indicating that the system is active). |
| vlan | (Optional) Number of the VLAN; if a VLAN number is not specified, VLAN 1 is assumed. |
Default
The default configuration has the bridge hello time set to 2 seconds for all VLANs.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the spantree hello time for VLAN 100 to 3 seconds:
Console> (enable) set spantree hello 3 100 Spantree 100 hello time set to 3 seconds. Console> (enable)
Related Command
set spantree help
Use the set spantree help privileged command to list the available set spantree commands.
set spantree helpSyntax Description
This command has no arguments or keywords.
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to list the set spantree commands:
Console> (enable) set spantree help
Set spantree commands:
----------------------------------------------------------------------
set spantree disable Disable spanning tree
set spantree enable Enable spanning tree
set spantree fwddelay Set spantree forward delay
set spantree hello Set spantree hello interval
set spantree help Show this message
set spantree maxage Set spantree max aging time
set spantree portcost Set spantree port cost
set spantree portfast Set spantree port fast start
set spantree portpri Set spantree port priority
set spantree portvlanpri Set spantree port vlan priority
set spantree priority Set spantree priority
Console> (enable)
set spantree maxage
Use the set spantree maxage privileged command to set the bridge maximum aging time for a VLAN.
set spantree maxage agingtime [vlan]Syntax Description
| agingtime | Maximum number of seconds (6 to 40) that the system retains the information received from other bridges through Spanning-Tree Protocol. |
| vlan | (Optional) Number of the VLAN; if a VLAN number is not specified, VLAN 1 is assumed. |
Default
The default configuration is 20 seconds for all VLANs.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the maximum aging time for VLAN 1000 to 25 seconds:
Console> (enable) set spantree maxage 25 1000 Spantree 1000 max aging time set to 25 seconds. Console> (enable)
Related Command
set spantree portcost
Use the set spantree portcost privileged command to set the bridge path cost for a port.
set spantree portcost mod_num/port_num costSyntax Description
| mod_num | Number of the module. |
| port_num | Number of the port on the module. |
| cost | Number from 0 to 65535 that indicates the cost of the path. Zero (0) is a low cost, and 65535 is a high cost. |
Default
The default configuration is as follows:
- 100BaseTX Ethernet port cost = 10
- 10BaseT Ethernet port cost = 100
- FDDI port cost = 10
- ATM port cost = 6
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the port cost for port 1 on module 4 to 10:
Console> (enable) set spantree portcost 4/1 10 Spantree port 4/1 path cost set to 10. Console> (enable)
Related Command
set spantree portfast
Use the set spantree portfast privileged command to allow a port that is connected to a single workstation or PC to start faster when it is connected.
set spantree portfast mod_num/port_num {enable | disable}Syntax Description
| mod_num | Number of the module. |
| port_num | Number of the port on the module. |
| enable | Keyword that enables the spanning-tree port fast-start feature on the port. |
| disable | Keyword that disables the spanning-tree port fast-start feature on the port. |
Default
The default configuration has the port fast-start feature disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
When a port configured with the spantree portfast enable command is connected, the port immediately enters the spanning-tree forwarding state rather than going through the normal spanning-tree states such as listening and learning. Use this command on ports that are connected to a single workstation or PC only; do not use it on ports that are connected to networking devices such as hubs, routers, switches, bridges, or concentrators.
Example
The following example shows how to enable the spanning-tree port fast-start feature on port 2 on module 1:
Console> (enable) set spantree portfast 1/2 enable Warning: Spantree port fast start should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast start port can cause temporary spanning tree loops. Use with caution. Spantree port 1/2 fast start enabled. Console> (enable)
Related Command
set spantree portpri
Use the set spantree portpri privileged command to set the bridge priority for a spanning-tree port.
set spantree portpri mod_num/port_num prioritySyntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| priority | Number that represents the cost of a link in a spanning-tree bridge. The priority level is from 0 to 63, with 0 indicating high priority and 63 indicating low priority. |
Default
The default configuration has all ports with bridge priority set to 32.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The specified bridge priority on an ATM port applies to all emulated LANs on that port.
Example
The following example shows how to set the priority of port 1 on module 4 to 63:
Console> (enable) set spantree portpri 4/1 63 Bridge port 4/1 priority set to 63. Console> (enable)
Related Command
set spantree portvlanpri
Use the set spantree portvlanpri privileged command to set the port priority for a subset of VLANs in the trunk port.
set spantree portvlanpri mod_num/port_num priority [vlans]Syntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| priority | Number that represents the cost of a link in a spanning-tree bridge. The priority level is from 0 to 63, with 0 indicating high priority and 63 indicating low priority. |
| vlans | (Optional) VLANs to use the specified priority level. |
Default
The default configuration has the port VLAN priority set to 0, with no VLANs specified.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
Use this command to add VLANs to a specified port priority level. Subsequent calls to this command do not replace VLANs that are already set at a specified port priority level.
This feature is not supported for the RSM.
Example
The following example shows how to set the port priority for module 1, port 2, on VLANs 21 to 40:
Console> (enable) set spantree portvlanpri 1/2 16 21-40
Port 1/2 vlans 3,6-20,41-1000 using portpri 32
Port 1/2 vlans 1-2,4-5,21-40 using portpri 16
Console> (enable)
Related Commands
clear spantree portvlanpri
show spantree
set spantree priority
Use the set spantree priority privileged command to set the bridge priority for a VLAN.
set spantree priority bridge_priority [vlan]Syntax Description
| bridge_priority | Number representing the priority of the bridge. The priority level is from 0 to 65535, with 0 being high priority and 65535 being low priority. |
| vlan | (Optional) Number of the VLAN. If a VLAN number is not specified, VLAN 1 is used. |
Default
The default configuration has the bridge priority set to 32768.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the bridge priority of VLAN 1 to 4096:
Console> (enable) set spantree priority 4096
VLAN 1 bridge priority set to 4096.
Console> (enable)
Related Command
set summertime
Use the set summertime privileged command to specify whether the system should set the clock ahead one hour during daylight saving time.
set summertime {enable | disable} [zone]Syntax Description
| enable | Keyword used to cause the system to set the clock ahead one hour during daylight saving time. |
| disable | Keyword used to prevent the system from setting the clock ahead one hour during daylight saving time. |
| zone | (Optional) Time zone used by the set summertime command. |
Default
By default, the set summertime command is disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
This command uses regulations that advance the clock one hour at 2:00 a.m. on the first Sunday in April and move back the clock one hour at 2:00 a.m. on the last Sunday in October.
Examples
The following example shows how to cause the system to set the clock ahead one hour during daylight saving time:
Console> (enable) set summertime enable PDT Summertime is enabled and set to "PDT". Console> (enable)
The following example shows how to prevent the system from setting the clock ahead one hour during daylight saving time:
Console> (enable) set summertime disable Summertime disabled. Console> (enable)
Related Command
set system baud
Use the set system baud privileged command to set the console port baud rate.
set system baud rateSyntax Description
| rate | The baud rate. Valid rates are 600, 1200, 2400, 4800, 9600, 19200, and 38400. |
Default
The default value is 9600 baud.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the system baud rate to 19200:
Console> (enable) set system baud 19200
System console port baud rate set to 19200.
Console> (enable)
Related Command
set system contact
Use the set system contact privileged command to identify a contact person for the system.
set system contact [contact_string]Syntax Description
| contact_string | (Optional) Text string that typically contains the name of the person to contact for system administration. If no contact string is specified, the system contact string is cleared. |
Default
The default configuration has no system contact configured.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the system contact string:
Console> (enable) set system contact Susan ext.24
System contact set.
Console> (enable)
Related Command
set system help
Use the set system help privileged command to list the set system commands.
set system helpSyntax Description
This command has no arguments or keywords.
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to list the set system commands:
Console> (enable) set system help
Set system commands:
----------------------------------------------------------------------
set system baud Set system console port baud rate
set system contact Set system contact
set system help Show this message
set system location Set system location
set system modem Set system modem control (enable/disable)
set system name Set system name
Console> (enable)
set system location
Use the set system location privileged command to identify the location of the system.
set system location [location_string]Syntax Description
| location_string | (Optional) Text string that indicates where the system is located. If no location string is specified, the system location is cleared. |
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the system location string:
Console> (enable) set system location Closet 230 4/F System location set. Console> (enable)
Related Command
set system modem
Use the set system modem privileged command to enable or disable modem control lines on the console port.
set system modem {enable | disable}Syntax Description
| enable | Keyword used to activate modem control lines on the console port. |
| disable | Keyword used to deactivate modem control lines on the console port. |
Default
The default configuration has modem control lines disabled.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to disable modem control lines on the console port:
Console> (enable) set system modem disable
Modem control lines disabled on console port.
Console> (enable)
Related Command
set system name
Use the set system name privileged command to configure a name for the system.
set system name [name_string]Syntax Description
| name_string | (Optional) Text string that identifies the system. If no name is specified, the system name is cleared. |
Default
The default configuration has no system name configured.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the system name:
Console> (enable) set system name Information Systems
System name set.
Console> (enable)
Related Command
set tacacs attempts
Use the set tacacs attempts privileged command to configure the maximum number of login attempts allowed to the TACACS+ server.
set tacacs attempts countSyntax Description
| count | Number of login attempts allowed (1 to 10). |
Default
The default value for this command is 3.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to configure the TACACS+ server to allow a maximum of six login attempts:
Console> (enable) set tacacs attempts 6
Tacacs number of attempts set to 6.
Console> (enable)
Related Command
set tacacs directedrequest
Use the set tacacs directedrequest privileged command to enable or disable the TACACS+ directed-request option. When enabled, you can direct a request to any of the configured TACACS+ servers and only the username will be sent to the specified server.
set tacacs directedrequest {enable | disable}Syntax Description
| enable | Keyword used to send the portion of the address before the @ sign (the username) to the host specified after the @ sign. |
| disable | Keyword used to send the entire address string to the default TACACS+ server. |
Default
This default configuration has the TACACS+ directed-request option disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
When tacacs directedrequest is enabled, users must specify a configured TACACS+ server after the @ sign. If the specified host name does not match the IP address of a configured TACACS+ server, the request is rejected. When tacacs directedrequest is disabled, the Catalyst 5000 series switch queries the list of servers beginning with the first server in the list and then sends the entire string, accepting the first response from the server. This command is useful for sites that have developed their own TACACS+ server software to parse the entire address string and make decisions based on the contents of the string.
Example
The following example shows how to enable the tacacs directedrequest option:
Console> (enable) set tacacs directedrequest enable
Tacacs direct request has been enabled.
Console> (enable)
Related Command
set tacacs key
Use the set tacacs key privileged command to set the key used for TACACS+ authentication and encryption.
set tacacs key keySyntax Description
| key | Printable ASCII characters used for authentication and encryption. Key length is limited to 100 characters. |
Default
The default value of key is null.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The key must be the same as the key used on the TACACS+ server. All leading spaces are ignored. Spaces within the key and at the end of the key are included. Double quotation marks are not required, even if there are spaces between words in the key, unless the quotation marks themselves are part of the key. The key can consist of any printable ASCII characters except the tab character.
Example
The following example shows how to set the authentication and encryption key:
Console> (enable) set tacacs key Who Goes There
The tacacs key has been set to Who Goes There.
Console> (enable)
Related Commands
set tacacs server
Use the set tacacs server privileged command to define a TACACS+ server.
set tacacs server ip_addr [primary]Syntax Description
| ip_addr | IP address of the server on which the TACACS+ server resides. |
| primary | (Optional) Keyword used to designate the specified server as the primary TACACS+ server. |
Default
There is no default setting for this command.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
A maximum of three servers can be configured. The primary server, if configured, is contacted first. If no primary server is configured, the first server configured becomes the primary server.
Example
The following example shows how to configure the server on which the TACACS+ server resides and to designate it as the primary server:
Console> (enable) set tacacs server 170.1.2.20 primary
170.1.2.20 added to TACACS server table as primary server.
Console> (enable)
Related Commands
clear tacacs server
show tacacs
set tacacs timeout
Use the set tacacs timeout privileged command to set the response timeout interval for the TACACS+ server daemon. The TACACS+ server must respond to a TACACS+ authentication request before this interval expires or the next configured server will be queried.
set tacacs timeout secondsSyntax Description
| seconds | Timeout response interval in seconds (1 to 255). |
Default
The default value for this command is 5 seconds.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the response timeout interval for the TACACS+ server to 8 seconds:
Console> (enable) set tacacs timeout 8
Tacacs timeout set to 8 seconds.
Console> (enable)
Related Command
set time
Use the set time privileged command to change the time of day on the system clock.
set time [day_of_week] [mm/dd/yy] [hh:mm:ss]Syntax Description
| day_of_week | (Optional) Day of the week. |
| mm/dd/yy | (Optional) Month, day, and year. |
| hh:mm:ss | (Optional) Current time in 24-hour format. |
Default
This command has no default setting.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to set the system clock:
Console> (enable) set time fri 5/9/97 7:50
Fri May 9 1997, 07:50:00
Console> (enable)
Related Command
set timezone
Use the set timezone privileged command to set the time zone for the system.
set timezone [zone_name ] [hours [minutes]]Syntax Description
| zone_name | (Optional) Name of the time zone to be displayed. |
| hours | (Optional) Number of hours offset from Coordinated Universal Time (UTC). |
| minutes | (Optional) Number of minutes offset from UTC. If the specified hours value is a negative number, then the minutes value is assumed to be negative as well. |
Default
By default, the time zone is set to UTC.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
The set timezone command is effective only when NTP is running. If you explicitly set the time and NTP is disengaged, the set timezone command has no effect. If you have enabled NTP and have not entered the set timezone command, the Catalyst 5000 series switch displays UTC by default.
Example
The following example shows how to set the time zone to Pacific Standard Time with an offset of minus 8 hours from UTC:
Console> (enable) set timezone PST -8 Timezone set to "PST", offset from UTC is -8 hours. Console> (enable)
Related Commands
set trunk
Use the set trunk privileged command to configure trunk ports.
set trunk mod_num/port_num [on | off | desirable | auto] [vlan_range]Syntax Description
| mod_num | Number of the module. |
| port_num | Number of the port. |
| on | (Optional) Keyword that puts the port into permanent ISL trunking mode and negotiates to convert the link into a trunk port. The port becomes a trunk port even if the other end of the link does not agree to the change. |
| off | (Optional) Keyword that negotiates to convert the link into a nontrunk port. The port converts to a nontrunk port even if the other end of the link does not agree to the change. This is the default mode for FDDI trunks. This option is not allowed for ATM ports. |
| desirable | (Optional) Keyword that triggers negotiations to switch the state of the link from a nontrunk to a trunk port. This option is not allowed on FDDI and ATM ports. |
| auto | (Optional) Keyword that indicates that the port can become a trunk port if another device on that link desires to be a trunk. This option is not allowed on FDDI and ATM ports. This is the default mode for Fast Ethernet ports. |
| vlan_range | (Optional) VLANs to add to the list of allowed VLANs on the trunk. The VLAN range is 1 to 1000. |
Default
All ports are nontrunk ports by default.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
Trunking capabilities are hardware dependent. The set trunk command adds VLANs and ports to existing trunk groups; it does not replace existing VLANs and ports with new VLANs and ports.
When a Catalyst 5000 series switch port that is configured to auto detects a link bit, and it determines that the other end of the link is a trunk port, the Catalyst 5000 series switch automatically converts the port configured to auto into trunking mode. The trunk port reverts to a nontrunk port when its link goes down.
For trunking to take effect on Fast Ethernet ports, the ports must be in the same domain. However, you can use the on mode to force a port to become a trunk, even if it is in a different domain.
To return a trunk to a normal switched port, use the clear trunk command.
You cannot change the set of VLANs allowed on the RSM port.
Example
The following example shows how to set port 2 on module 1 as a trunk port:
Console> (enable)set trunk 1/2 1-5Port 1/2 allowed vlans modified to 1-1000. Console> (enable)set trunk 1/2 onPort 1/2 mode set to on. Console> (enable)
Related Commands
clear trunk
set vtp
show trunk
show vtp domain
set vlan
Use the set vlan privileged command to group ports into a virtual LAN.
set vlan vlan_num mod/portsset vlan vlan_num [name name] [type {ethernet | fddi | token_ring | fddi_net | tr_net}] [state {active | suspend}] [said said] [mtu mtu] [ring ring_number] [bridge bridge_number] [stp {ieee | ibm}] [parent vlan_num] [translation vlan_num]
Syntax Description
| vlan_num | Number of the VLAN. |
| mod | Number of the module. |
| ports | Number of the port on the module. |
| name name | (Optional) Keyword that defines a text string used as the name of the VLAN (1 to 32 characters). |
| type {ethernet | fddi | token_ring | fddi_net | tr_net} | (Optional) Keyword that identifies the VLAN type. |
| state {active | suspend} | (Optional) Keyword that specifies the state of the VLAN, which is either active or suspended. |
| said said | (Optional) Keyword that specifies the security association identifier. The range for said is 1 to 4294967294. |
| mtu mtu | (Optional) Keyword that specifies the maximum transmission unit (packet size, in bytes) that the VLAN can use. The range for mtu is 1500 to 18190. |
| ring ring_number | (Optional) Keyword that specifies the ring number for Token Ring VLANs. The range for ring_number is 0 to 4095. |
| bridge bridge_number | (Optional) Keyword that specifies the identification number of the bridge. The range for bridge_number is 1 to 15. |
| stp {ieee | ibm} | (Optional) Keyword that specifies which version of the Spanning-Tree Protocol to use, source routing transparent (ieee) or source routing porting (ibm). |
| parent vlan_num | (Optional) Keyword used to set a parent VLAN. The range for vlan_num is 2 to 1005. |
| translation vlan_num | (Optional) Keyword that specifies a translational VLAN used to translate FDDI or Token Ring to Ethernet. The range for vlan_num is 1 to 1005. |
Default
The default configuration has all switched Ethernet ports and Ethernet repeater ports in VLAN 1. The default SAID is 100001 for VLAN 1, 100002 for VLAN 2, 100003 for VLAN 3, and so on. The default type is ethernet. The default mtu is 1500 bytes. The default state is active.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
You cannot set multiple VLANs for ISL ports using this command.
Use the session command to specify an RSM port.
Example
The following example shows how to set VLAN 1000 to include ports 1 and 2 on module 1 and port 1 on module 2:
Console> (enable)set vlan 1000 1/1,1/2,2/1VLAN 1000 created. VLAN 1 modified. VLAN 3 modified. VLAN Mod/Ports ---- ---------------------------- 1000 1/1-2 2/1 Console> (enable)set vlan 3 name catbox type ethernet mtu 1500 said 3VLAN 3 Added Console> (enable)
Related Commands
set vmps server
Use the set vmps server privileged command to configure the IP address of the VMPS server to be queried.
set vmps server ip_addr [primary]Syntax Description
| ip_addr | IP address of the VMPS server. |
| primary | (Optional) Keyword that identifies the specified device as the primary VMPS server. |
Default
If no IP address is specified, VMPS uses the local VMPS configuration.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guidelines
You can specify the IP addresses of up to three VMPS servers. You can define any VMPS server as the primary VMPS server.
If the primary VMPS server is down, all subsequent queries go to a secondary VMPS server. VMPS checks on the primary server's availability once every 5 minutes. When the primary VMPS server comes back online, subsequent VMPS queries are directed back to the primary VMPS server.
In order to use a co-resident VMPS (when VMPS is enabled in a device), configure one of the three VMPS addresses to be the IP address of interface sc0.
Example
The following example shows how to define a VMPS server:
Console> (enable)set vmps server 192.168.10.140 primary192.168.10.140 added to VMPS table as primary domain server. Console> (enable)set vmps server 192.168.69.171192.168.69.171 added to VMPS table as backup domain server. Console> (enable)
Related Commands
set vmps state
Use the set vmps state privileged command to enable or disable VMPS.
set vmps state {enable | disable}Syntax Description
| enable | Keyword used to enable VMPS. |
| disable | Keyword used to disable VMPS. |
Default
By default, VMPS is disabled.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
Before using the set vmps state command, you must use the set vmps tftpserver command to specify the IP address of the server from which the VMPS database is downloaded.
Example
The following example shows how to enable and disable VMPS:
Console> (enable) set vmps state enable Vlan membership Policy Server enabled. Console> (enable)set vmps state disableAll the VMPS configuration information will be lost and the resources released on disable. Do you want to continue (y/n[n]):yVLAN Membership Policy Server disabled. Console> (enable)
Related Commands
set vmps tftpserver
Use the set vmps tftpserver privileged command to specify the IP address of the server from which the VMPS database is downloaded.
set vmps tftpserver ip_addr [filename]Syntax Description
| ip_addr | IP address of the TFTP server from which the VMPS database is downloaded. |
| filename | (Optional) VMPS configuration file name on the TFTP server. |
Default
If filename is not specified, the set vmps tftpserver command uses the default filename vmps-config-database.1.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to specify the server from which the VMPS database is downloaded, and the filename of the configuration file:
Console> (enable) set vmps tftpserver 192.168.69.100 vmps_config.1
IP address of the TFTP server set to 192.168.69.100
VMPS configuration filename set to vmps_config.1
Console> (enable)
Related Commands
set vtp
Use the set vtp privileged command to set the options for VTP.
set vtp [domain name] [mode {client | server | transparent}] [passwd passwd] [pruning {enable | disable}]Syntax Description
| domain name | (Optional) Keyword used to define the name that identifies the VLAN management domain. The name can be 1 to 32 characters in length. |
| mode {client | server | transparent} | (Optional) Keywords that specify the VTP mode of operation. |
| passwd passwd | (Optional) Keyword used to define the VLAN trunk protocol password. The passwd can be 8 to 64 characters in length. |
| pruning {enable | disable} | (Optional) Keywords that enable or disable VTP pruning in the entire management domain. |
Default
The default interval is 5 minutes.
Command Type
Switch command.
Command Mode
Privileged.
Example
The following example shows how to use the set vtp command:
Console> (enable) set vtp domain Engineering mode client
VTP domain Engineering modified
Console> (enable)
Related Command
set vtp pruneeligible
Use the set vtp pruneeligible privileged command to configure pruning eligibility for the device.
set vtp pruneeligible vlan_rangeSyntax Description
| vlan_range | Range of VLAN numbers. |
Default
The pruning function is disabled by default. By default, VLAN 1 is not eligible for pruning.
Command Type
Switch command.
Command Mode
Privileged.
Usage Guideline
When the set vtp pruneeligible command is entered, the system will display a list of all pruning-eligible VLANs. VTP pruning does not take effect on a vlan_range that is not eligible for pruning. You can invoke this command independently of the pruning mode.
Example
After entering the set vtp pruneeligible command for VLANs 120 and 150, you see the following display:
Console> (enable)set vtp pruneeligible 120,150Vlans 120,150 eligible for pruning on this device. VTP domain nada modified. Console> (enable)set vtp pruneeligible 500-575Vlans 120,150,500-575 eligible for pruning on this device. VTP domain nada modified. Console> (enable)
Related Commands
clear vtp pruneeligible
show vtp domain