Tài liệu Cat 5000 series switch pptx
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (96.24 KB, 1 trang )
Cat 5000 series switch
Key Commands Shows and Debugs
Set int sc0 up
Set int sc0 <vlan> 10.1.1.1 255.255.255.0 10.1.1.255
Set ip route 0.0.0.0 146.84.131.254
Set trunk 5/4 on 1-1005 isl
Set vmps tftpserver A.B.C.D
Set vmps state enable
Set port membership 5/7 dynamic|static
Set port broadcast 5/7 50%
Set vtp domain Tivoli-indy
Set vtp mode transparent|server|client
Set vtp pruning enable|disable
Show spantree (check for root bridge and bridge ID)
Show cam dynamic
Show system
Show module
Show vlan
Show spantree 5/7
Show trunk 5/7
Show port security 3/4
Show port broadcast
Clear port broadcast 3/4 <- removes restrictions
Show ip permit
Additional Commands
Port security. Can't do on a trunk port!
Set port security 3/4 enable [0c3a.0043.ab32]
The specified mac address is optional. Otherwise the
switch will use the first mac it encounters. This
clears any static cam entries for that port.
You can add a mac address to the port:
Set port security 2/4 00c8.5643.ab45
To verify: show port 2/4
Set the max number of macs on port:
Set port security 2/4 maximum 3
Specify the age (how long it will be secure)
Set port security 3/4 age [10-1440 minutes, 0 disab]
Clear port security 3/4 [mac|all]
To set security violation action:
Set port security 3/4 violation [shutdown|restrict
Restrict: drops all packets from insecure host
But remains active.
To set the shutdown time:
set port security 3/4 shutdown [10-1440 min, 0 disa]
Broadcast suppression (within 1 sec interval)
Set port broadcast 3/4 75% <- bandwidth based
Set port broadcast 3/4 500 < packet based, 500 p/sec
Broadcast-based will filter all broadcasts for
remainder of the 1 sec interval. Packet-based will
filter ALL packets (including unicasts) beyond
threshold for remainder of the 1 sec interval.
IP Permit list (restricts inbound telnet)
Set ip permit enable
Set ip permit 10.1.0.0 255.255.0.0
Set ip permit 20.1.1.1 255.255.255.255 <- adds
Set snmp trap enable ippermit
Clear ip permit {ip + mask|all]
Set ip permit disable
UDLD (must be enabled on both sides)
Set udld enable 3/4 set udld disable 3/4
Show udld port 3/4
Spot The Issue Notes
Use “session” to get to the ATM lane card or RSM
Trunking on a 4000:
Use interface Ethernet 0.1
Encapsulation isl <vlan #>
Ip address A.B.C.D 255.255.255.0
Int e 0.2
Encapsulation isl XX
Ip address 10.1.1.1 255.255.255.0
• If the scenario calls for “vlan A”, make sure
you use “set vlan 50 name VLAN_A”
• Check if the modules are up in the
troubleshooting phase. Check for ports
enabled too.
• Check the “set vlan” command for additional
stuff like: type, state, mtu, said, bridge,
• Do a visual on the switch and look for green
lights across the board.
• When doing a “set trunk 2/9 on 1,4 isl”
instead of 1-1005, you HAVE to do a “clear
trunk 2/9”.
• When doing a “set logging level all 3
default” Make sure the “default” keyword is
there, otherwise that whole command is
removed on reload or end console session.
