Cat 5000 series switch Key Commands Shows and Debugs Set int sc0 up Set int sc0 <vlan> 10.1.1.1 255.255.255.0 10.1.1.255 Set ip route 0.0.0.0 146.84.131.254 Set trunk 5/4 on 1-1005 isl Set vmps tftpserver A.B.C.D Set vmps state enable Set port membership 5/7 dynamic|static Set port broadcast 5/7 50% Set vtp domain Tivoli-indy Set vtp mode transparent|server|client Set vtp pruning enable|disable Show spantree (check for root bridge and bridge ID) Show cam dynamic Show system Show module Show vlan Show spantree 5/7 Show trunk 5/7 Show port security 3/4 Show port broadcast Clear port broadcast 3/4 <- removes restrictions Show ip permit Additional Commands Port security. Can't do on a trunk port! Set port security 3/4 enable [0c3a.0043.ab32] The specified mac address is optional. Otherwise the switch will use the first mac it encounters. This clears any static cam entries for that port. You can add a mac address to the port: Set port security 2/4 00c8.5643.ab45 To verify: show port 2/4 Set the max number of macs on port: Set port security 2/4 maximum 3 Specify the age (how long it will be secure) Set port security 3/4 age [10-1440 minutes, 0 disab] Clear port security 3/4 [mac|all] To set security violation action: Set port security 3/4 violation [shutdown|restrict Restrict: drops all packets from insecure host But remains active. To set the shutdown time: set port security 3/4 shutdown [10-1440 min, 0 disa] Broadcast suppression (within 1 sec interval) Set port broadcast 3/4 75% <- bandwidth based Set port broadcast 3/4 500 < packet based, 500 p/sec Broadcast-based will filter all broadcasts for remainder of the 1 sec interval. Packet-based will filter ALL packets (including unicasts) beyond threshold for remainder of the 1 sec interval. IP Permit list (restricts inbound telnet) Set ip permit enable Set ip permit 10.1.0.0 255.255.0.0 Set ip permit 20.1.1.1 255.255.255.255 <- adds Set snmp trap enable ippermit Clear ip permit {ip + mask|all] Set ip permit disable UDLD (must be enabled on both sides) Set udld enable 3/4 set udld disable 3/4 Show udld port 3/4 Spot The Issue Notes Use “session” to get to the ATM lane card or RSM Trunking on a 4000: Use interface Ethernet 0.1 Encapsulation isl <vlan #> Ip address A.B.C.D 255.255.255.0 Int e 0.2 Encapsulation isl XX Ip address 10.1.1.1 255.255.255.0 • If the scenario calls for “vlan A”, make sure you use “set vlan 50 name VLAN_A” • Check if the modules are up in the troubleshooting phase. Check for ports enabled too. • Check the “set vlan” command for additional stuff like: type, state, mtu, said, bridge, • Do a visual on the switch and look for green lights across the board. • When doing a “set trunk 2/9 on 1,4 isl” instead of 1-1005, you HAVE to do a “clear trunk 2/9”. • When doing a “set logging level all 3 default” Make sure the “default” keyword is there, otherwise that whole command is removed on reload or end console session. . Cat 5000 series switch Key Commands Shows and Debugs Set int sc0 up Set int sc0. enable [0c3a.0043.ab32] The specified mac address is optional. Otherwise the switch will use the first mac it encounters. This clears any static cam entries