- Configuring the Catalyst
- Catalyst 5000 Configuration Methods
- Using the Catalyst 5000/6000 Command-Line Interface
- Catalyst Password Protection
- Catalyst Configuration File Management
- Catalyst Image File Management
- Redundant Supervisor Modules
- Configuring Other Catalysts
- Review Questions
Using the Catalyst 5000/6000 Command-Line Interface
Because the Catalyst has a different pedigree than the Cisco routers, the CLI differs between the two. For example, changes in a Cisco router are not permanent until you copy the running configuration to NVRAM. The Catalyst, on the other hand, immediately and automatically copies your commands to NVRAM. Individuals who suffer from an inability to remember to save configuration files on a router enjoy this feature. However, automatic configuration saves makes restoring a configuration more challenging, as discussed earlier.
The Catalyst does not have a special configuration mode like the routers. Rather, changes can be made directly from the privileged mode. Many users enjoy this feature because it allows them to make changes (set, clear) and view results (show) from the same command level. This eliminates the effort of bouncing between configuration mode and privileged mode to make changes and observe the results.
TIP
You might occasionally see Cisco refer to the Catalyst 5000/6000 interface as an XDI interface. This is Cisco's internal identification of the interface. Another name is "CatOS."
Command-line recall and editing vastly differed prior to Catalyst code version 4.4. With system codes prior to 4.4, command-line recall and editing consists of using UNIX shell-like commands. To recall a previous command, you need to specify how many commands back in the history file you want. Or, you can recall a command through pattern matching. To edit a command line, you need to use UNIX-like commands that specify a pattern and what to substitute in the pattern's place. Doing command-line editing in this manner is not self intuitive for many users, unless the user is a UNIX guru.
With Catalyst Supervisor engine software release 4.4, Cisco introduced IOS-type command-line recall and editing where up and down arrows on your terminal keypad scroll you through the Catalyst's command history buffer. If you are familiar with command-line recall and editing with a Cisco router, you will be comfortable with the Catalyst CLI. If however, you still have code levels prior to 4.4, regrettably, you must continue to use the UNIX structure.
The manner in which the Catalyst displays help differs from the router displays. The router uses a parameter-by-parameter method of displaying help, whereas the Catalyst displays a complete command syntax.
The following sections describe command-line recall, editing, and help for the Catalyst 5000 series with the XDI/CatOS style interface.
Command-Line Recall
When you enter a command in the Catalyst, it retains the command in a buffer called the history buffer. The history buffer can store up to 20 commands for you to recall and edit. Various devices have methods of recalling commands. The Catalyst uses abbreviated key sequences to recall commands. These sequences resemble what a UNIX c-shell user might use. UNIX users often live with awkward methods of recalling and editing commands. Therefore, their comfort level with the legacy Catalyst editing system is probably fairly high, but might be low for the rest of us.
In UNIX, you often perform commands with a bang included in the command line. A bang is nothing more than an exclamation point (!) on a keyboard, but "exclamation" is too difficult to say when dictating commands. Therefore, bang is used in its place. Table 4-3 summarizes the key sequence for recalling previous commands in the history buffer.
Table 4-3 Command Recall from Catalyst History Buffer
Command Sequence |
Effect |
!! |
Repeats the previous command. |
!-n |
Repeats the command n places before the previous. |
!n |
Repeats command n in the buffer. |
!aaa |
Repeats the command that starts with the matching string aaa. |
!?aaa |
Repeats the command that contains the string aaa anywhere in the command. |
Sometimes you not only want to recall a command, but also edit it. Table 4-4 shows the sequences to recall and edit previous commands.
Table 4-4 Catalyst Command Recall with Substitution
Command Sequence |
Effect |
^aaa^bbb |
Recall previous command and substitute bbb for aaa. |
!!aaa |
Recall previous command and append aaa. |
!n aaa |
Recall command n and append aaa. |
!aaa bbb |
Recall command that starts with aaa and append bbb. |
!?aaa bbb |
Recall the command that contains aaa and append bbb. |
Suppose, for example, that you enter a command set vlan 3 2/1-10,4/12-216/1,5/7.
This command string assigns a set of ports to VLAN 3. However, you realize after entering the command that you really mean for them to be in VLAN 4 rather VLAN 3. You could retype the whole command a second time and move the ports to VLAN 4, or you could simply type ^3^4. This forces the Catalyst not only to use the previous command, but to change the number 3 to a number 4, which in this case, corrects the VLAN assignment.
One frustration when mentally recalling commands can be that you have a hard time remembering what command you entered, seven lines previously. This can become particularly challenging because the Catalyst history buffer can store up to 20 commands. Use the history command to see your history buffer. Example 4-2 shows output from a history command. Notice that the commands are numbered allowing you to reference a specific entry for command recall. For example, the output recalls command 2 from the history buffer. This caused the Catalyst to recall the history command. Note also that new commands add to the bottom of the list. Newer commands have higher numbers.
Example 4-2 Catalyst History Buffer Example
Console> history |
1 help |
2 history |
Console> !2 |
history |
1 help |
2 history |
3 history |
Console> |
Using Help
In a Cisco router, you access help by entering ? on a command line. The router then prompts you with all possible choices for the next parameter. If you type in the next parameter and type ? again, the router displays the next set of command-line choices. In fact, the router displays help on a parameter-by-parameter basis. Additionally, when the router displays help options, it also ends by displaying the portion of the command that you entered so far. This enables you to continue to append commands to the line without needing to reenter the previous portion of the command.
The Catalyst help system functions differently from the router, though. You access help in the same manner as you do in a router, but the results differ. For example, where a router prompts you for the next parameter, the Catalyst displays the entire usage options for the command, if your command string is unique so that the Catalyst knows what command you want. Example 4-3 shows the help result for a partial command string. However, the string does not uniquely identify what parameter should be modified, so it lists all set system commands.
Example 4-3 Catalyst Help Example
Console> (enable) set system ? |
Set system commands: |
---------------------------------------------------------------------- |
set system baud Set system console port baud rate |
set system contact Set system contact |
set system help Show this message |
set system location Set system location |
set system modem Set system modem control (enable/disable) |
set system name Set system name |
On the other hand, if you have enough of the command on the line that the Catalyst recognizes what command you intend to implement, it displays the options for that command. This time, in Example 4-4, the string identifies a specific command and the Catalyst displays help appropriate for that command. The user wants to modify the console interface in some way, but is unsure of the syntax to enter the command.
Example 4-4 Another Catalyst Help Example
Console> (enable) set interface ? |
Usage: set interface <sc0|sl0> <up|down> |
set interface sc0 [vlan] [ip_addr [netmask [broadcast]]] |
set interface sl0 <slip_addr> <dest_addr> |
Console> (enable) |
Notice that when the console displays help, it returns the command line with a blank line. The command string you entered so far is not displayed for you as it is on a router. You can now elect to use command recall. Suppose you want to disable the logical interface, sc0. So you want to enter the command set int sc0 down. Being a clever network administrator, you elect to use command recall and complete the command. What happens if you type !! sc0 down ? You see the command usage screen again, without the console changing state to down (see Example 4-5). This happens because the command recall executes the previous statement that was set int ? with the help question mark and your appended parameters. When you add the additional parameters, the Catalyst interprets the string as set int ? sc0 down , sees the question mark, and displays help.
Example 4-5 Command Recall after Help
CAT1> (enable) set int ? |
Usage: set interface <sc0|sl0> <up|down> |
set interface sc0 [vlan] [ip_addr [netmask [broadcast]]] |
set interface sl0 <slip_addr> <dest_addr> |
CAT1> (enable) !! sc0 down |
set int ? sc0 down |
Usage: set interface <sc0|sl0> <up|down> |
set interface sc0 [vlan] [ip_addr [netmask [broadcast]]] |
set interface sl0 <slip_addr> <dest_addr> |
CAT1> (enable) |
If you have system code 4.4 or later, you can use the up/down arrow to perform command recall after help, but the recall includes the question mark. The advantage here, though, over the !! recall is that you can edit out the question mark on the recalled command line using router editing commands. Therefore, you can perform command recall, remove the question mark, and enter the rest of the command. The Catalyst then correctly interprets the command, assuming that you subsequently enter correct and meaningful parameters.
A Catalyst invokes help when you enter a question mark on the command line. It also provides help if you enter a partial command terminated with <ENTER>. For example, the command in Example 4-4 displays the same screen if the user enters set interface <ENTER>. The Catalyst uniquely recognizes set int, but also observes that the command is not complete enough to execute. Therefore, the Catalyst displays the command usage screen. If you intend to modify the sc0 VLAN membership to VLAN 5 and change the IP address in the same line, you can enter the command set int sc0 5 144.254.100.1 255.255.255.0. Suppose that as you enter the command you enter the VLAN number, but forget the rest of the command line. You might be tempted to hit <ENTER> to get a command usage screen. But you do not see the usage screen. Instead, the Catalyst sees the current command line and says, "There is enough on this line to execute, so I will." You just successfully changed the sc0 VLAN membership without changing the IP address. If you do this through a Telnet session in a production network, you probably just completely removed Telnet access to the Catalyst. It is now time to walk, drive, or fly to the Catalyst to restore connectivity. (Or call someone who can do it for you and confess your mistake!)
TIP
In many cases, you can get usage help with a partial command and <ENTER>. However, it is best to use the question mark to ensure that you do not prematurely execute a command that might prove to be catastrophic to your network and career.
Supervisor Module Configuration
Modifying and viewing Catalyst 5000/6000 configuration files consists of using set, clear, and show commands. Because the Catalyst does not use a separate configuration mode to make changes, you can make changes and view system configurations all from the same prompt level. You must make all changes from the privilege mode, which requires an enable password.
Important show Statements
To view configurations, use the show command. Example 4-6 annotates a simple Supervisor module configuration file displayed through the show config command. Some configuration lines are editorially deleted because they are redundant and needlessly consume printed space. The remaining portion of the file enables you to see the general organization of the configuration file.
Example 4-6 Annotated Supervisor Configuration File
Console> (enable) show config |
... |
......... |
......... |
........ |
........ |
.. |
begin |
set password $1$FMFQ$HfZR5DUszVHIRhrz4h6V70 |
set enablepass $1$FMFQ$HfZR5DUszVHIRhrz4h6V70 |
set prompt Console> |
set length 24 default |
set logout 20 |
set banner motd ^C^C |
! |
#system |
set system baud 9600 |
set system modem disable |
set system name |
set system location |
set system contact |
! |
#snmp |
set snmp community read-only public |
set snmp community read-write private |
set snmp community read-write-all secret |
!Other SNMP commands deleted |
#IP |
!This sets up the console or slip interfaces. |
set interface sc0 1 144.254.100.97 255.255.255.0 144.254.100.255 |
! |
set interface sl0 0.0.0.0 0.0.0.0 |
set arp agingtime 1200 |
set ip redirect enable |
set ip unreachable enable |
set ip fragmentation enable |
set ip alias default 0.0.0.0 |
! |
#Command alias |
! |
#vmps |
set vmps server retry 3 |
set vmps server reconfirminterval 60 |
set vmps tftpserver 0.0.0.0 vmps-config-database.1 |
set vmps state disable |
! |
#dns |
set ip dns disable |
! |
#tacacs+ |
!This section configures the TACACS+ authentication parameters |
! |
#bridge |
!This section defines FDDI module behavior |
! |
#vtp |
!This section characterizes the virtual trunk protocol and vlan parameters |
! |
#spantree |
#uplinkfast groups |
set spantree uplinkfast disable |
#vlan 1 |
set spantree enable 1 |
set spantree fwddelay 15 1 |
set spantree hello 2 1 |
set spantree maxage 20 1 |
set spantree priority 32768 1 |
!Other VLAN Spanning Tree information deleted. This section describes Spanning |
!Tree for each VLAN. |
! |
#cgmp |
!This group of commands controls the Catalyst multicast behavior |
! |
#syslog |
set logging console enable |
set logging server disable |
!Other logging commands deleted. This characterizes what events are logged. |
! |
#ntp |
!This sets up network time protocol |
! |
#set boot command |
set boot config-register 0x102 |
set boot system flash bootflash:cat5000-sup3.3-1-1.bin |
!Any special boot instructions are placed here. |
! |
#permit list |
!The access list is found here |
set ip permit disable |
! |
#drip |
!This is Token Ring stuff to take care of duplicate ring numbers. |
! |
!On a per module basis, the Catalyst displays any module specific |
!configurations. |
#module 1 : 2-port 10/100BaseTX Supervisor |
set module name 1 |
set vlan 1 1/1-2 |
set port channel 1/1-2 off |
set port channel 1/1-2 auto |
set port enable 1/1-2 |
set port level 1/1-2 normal |
set port speed 1/1-2 auto |
set port trap 1/1-2 disable |
set port name 1/1-2 |
set port security 1/1-2 disable |
set port broadcast 1/1-2 100% |
set port membership 1/1-2 static |
set cdp enable 1/1-2 |
set cdp interval 1/1-2 60 |
set trunk 1/1 auto 1-1005 |
set trunk 1/2 auto 1-1005 |
set spantree portfast 1/1-2 disable |
set spantree portcost 1/1 100 |
set spantree portcost 1/2 100 |
set spantree portpri 1/1-2 32 |
set spantree portvlanpri 1/1 0 |
set spantree portvlanpri 1/2 0 |
set spantree portvlancost 1/1 cost 99 |
set spantree portvlancost 1/2 cost 99 |
! |
#module 2 empty |
! |
#module 3 : 24-port 10BaseT Ethernet |
set module name 3 |
set module enable 3 |
set vlan 1 3/1-24 |
set port enable 3/1-24 |
set port level 3/1-24 normal |
set port duplex 3/1-24 half |
set port trap 3/1-24 disable |
set port name 3/1-24 |
set port security 3/1-24 disable |
set port broadcast 3/1-24 0 |
set port membership 3/1-24 static |
set cdp enable 3/1-24 |
set cdp interval 3/1-24 60 |
set spantree portfast 3/1-24 disable |
set spantree portcost 3/1-24 100 |
set spantree portpri 3/1-24 32 |
! |
#module 5 : 1-port Route Switch |
!Note that the only things in this configuration are Spanning Tree and bridge |
!related. There are no routing configs here. |
set module name 5 |
set port level 5/1 normal |
set port trap 5/1 disable |
set port name 5/1 |
set cdp enable 5/1 |
set cdp interval 5/1 60 |
set trunk 5/1 on 1-1005 |
set spantree portcost 5/1 5 |
set spantree portpri 5/1 32 |
set spantree portvlanpri 5/1 0 |
set spantree portvlancost 5/1 cost 4 |
! |
#switch port analyzer |
!If you set up the ability to monitor switched traffic, the |
!the configs will show up here |
set span disable |
! |
#cam |
!set bridge table aging to five minutes |
set cam agingtime 1,1003,1005 300 |
end |
Console> (enable) |
Note in Example 4-6 that the file collates in logical sections. First, the Catalyst writes any globally applicable configuration items such as passwords, SNMP parameters, system variables, and so forth. Then, it displays configurations for each Catalyst module installed. Note that the module configuration files refer to Spanning Tree and VLAN assignments. Further, it does not display any details about other functions within the module. For example, an RSM is installed in module 5 of this Catalyst. Although this is a router module, it attaches to a virtual bridge port internally. The Catalyst displays the bridge attachment parameters, but not the Route Switch Module (RSM) or ATM LANE configuration lines. To see the these module specific configurations, you need to access them with the session module_number and view its own configuration file.
Other show commands display item specific details. For example, to look at the current console configuration, you can use the show interface (sh int) command as demonstrated in Example 4-7.
Example 4-7 show interface Display
Console> (enable) show interface |
sl0: flags=51<UP,POINTOPOINT,RUNNING> |
slip 0.0.0.0 dest 128.73.35.160 |
sc0: flags=63<UP,BROADCAST,RUNNING> |
vlan 1 inet 144.254.100.97 netmask 255.255.255.0 broadcast 144.254.100.255 |
Console> (enable) |
Another useful show command displays the modules loaded in your Catalyst (see Example 4-8).
Example 4-8 show module Output
Console> (enable) show module |
Mod Module-Name Ports Module-Type Model Serial-Num Status |
--- ------------------- ----- --------------------- --------- --------- ------- |
1 2 10/100BaseTX Supervis WS-X5530 008700085 ok |
3 24 10BaseT Ethernet WS-X5013 008678074 ok |
4 2 MM OC-3 Dual-Phy ATM WS-X5158 008444947 ok |
5 1 Route Switch WS-X5302 007600273 ok |
13 ASP |
|
Mod MAC-Address(es) Hw Fw Sw |
--- ---------------------------------------- ------ ------- ---------------- |
1 00-90-92-bf-70-00 thru 00-90-92-bf-73-ff 1.5 3.1(2) 3.1(1) |
3 00-10-7b-4e-8d-d0 thru 00-10-7b-4e-8d-e7 1.1 2.3(1) 3.1(1) |
4 00-10-7b-42-b0-59 2.1 1.3 3.2(6) |
5 00-e0-1e-91-da-e0 thru 00-e0-1e-91-da-e1 5.0 20.7 11.2(12a.P1)P1 |
Mod Sub-Type Sub-Model Sub-Serial Sub-Hw |
--- -------- --------- ---------- ------ |
1 EARL 1+ WS-F5520 0008700721 1.1 |
1 uplink WS-U5531 0007617579 1.1 |
Console> (enable) |
The output in Example 4-8 displays details about the model number and description of the modules in each slot. The second block of the output tells you what MAC addresses are associated with each module. Notice that the Supervisor module reserves 1024 MAC addresses. Many of these addresses support Spanning Tree operations, but other processes are involved too. Module 3, the 24-port Ethernet module, reserves 24 MAC addresses, one for each port. These also support Spanning Tree in that they are the values used for the port ID in the Spanning Tree convergence algorithm. The third block of the display offers details regarding the Supervisor module.
Other key show statements are demonstrated throughout the rest of the book.
Modifying Catalyst Configurations
To modify a Catalyst parameter, you use either the set or clear commands. The set command changes a parameter to a value that you specify, whereas the clear command returns some parameters to their default setting.
To change system parameters, you use the set system command as demonstrated in Example 4-9.
Example 4-9 set system Example
Console> (enable) set system ? |
Set system commands: |
---------------------------------------------------------------------- |
set system baud Set system console port baud rate |
set system contact Set system contact |
set system help Show this message |
set system location Set system location |
set system modem Set system modem control (enable/disable) |
set system name Set system name |
Console> (enable) set sys location whoneedsmarketing |
System location set. |
Console> (enable) show system |
PS1-Status PS2-Status Fan-Status Temp-Alarm Sys-Status Uptime d,h:m:s Logout |
---------- ---------- ---------- ---------- ---------- -------------- --------- |
ok faulty ok off faulty 0,00:31:09 20 min |
|
PS1-Type PS2-Type Modem Baud Traffic Peak Peak-Time |
---------- ---------- ------- ----- ------- ---- ------------------------- |
WS-C5508 WS-C5508 disable 9600 0% 0% Thu Aug 13 1998, 16:18:10 |
|
System Name System Location System Contact |
------------------------ ------------------------ ------------------------ |
whoneedsmarketing |
Console> (enable) |
Clearly, there are several system variables that you can modify. Example 4-9 modifies the system location object.
Some commands provide a warning if your action might cause connectivity problems for you or the users. For example, in Example 4-10, the user intends to change the IP address of the console interface. If the user is making the change remotelythat is, the user is logged in to the Catalyst through a Telnet sessionthe user loses connectivity and needs to re-establish the Telnet session.
Example 4-10 set interface Example
Console> (enable) set interface sc0 1 144.254.100.97 255.255.255.0 |
This command may disconnect your Telnet session. |
Do you want to continue (y/n) [n]? y |
Interface sc0 vlan set, IP address and netmask set. |
Console> (enable) |
Use a clear command to restore a parameter to a default value. Suppose you have a VLAN 4 configured on the Catalyst and want to remove it. You use the command clear vlan 4. This eliminates references to VLAN 4 in the Catalyst. However, some things associated with VLAN 4 are not eliminated. For example, if you have ports assigned to VLAN 4 and you clear vlan 4, the ports assigned to VLAN 4 move into a disabled state. They do not move to VLAN 1. You need to manually reassign the ports to VLAN 1. The clear config command demonstrated in Example 4-1 returns the whole Catalyst to its default out-of-the-box configuration. The Catalyst warns you about potential connectivity issues with this command before executing it.