Catalyst 6500 Series Switch Content Switching Module Command Reference, 4.2
A through I Commands
Download this chapter
A through I CommandsA through I Commands
Download the complete book
Book-level PDF: Catalyst 6500 Series Switch Content Switching Module Command Reference Software Release 4.2Book-level PDF: Catalyst 6500 Series Switch Content Switching Module Command Reference Software Release 4.2 (PDF - 2 MB)
 Feedback

Table Of Contents

Content Switching Module Commands

arp

capp udp

options (CAPP UDP submode)

port (CAPP UDP submode)

secure (CAPP UDP submode)

clear module csm

dfp

agent (DFP submode)

manager (DFP submode)

exit

ft group

failover (fault tolerant submode)

heartbeat-time (fault tolerant submode)

preempt (fault tolerant submode)

track (fault tolerant submode)

priority (fault tolerant submode)

hw-module csm standby config-sync

ip slb mode


Content Switching Module Commands

This chapter contains an alphabetical listing of the commands necessary to configure the CSM. These commands are unique to server load-balancing (SLB) and Layer 3 switching.

arp

To configure a static ARP entry, use the arp command. To remove the static ARP entry from the configuration, use the no form of this command.

arp ip_address mac-address vlan id

no arp ip_address

Syntax Description

ip_address

IP address that you want associate with the ARP entry.

mac-address

MAC address of the host.

vlan id

Identifies the VLAN.


Defaults

This command has no default settings.

Command Modes

CSM configuration submode

Command History

Release
Modification

3.2(1)

This command was introduced.


Examples

This example shows how to configure a static ARP entry:

Router(config-module-csm)# arp 1.1.1.1 0123.4567.89ab vlan 3

capp udp

To enter the Content Application Peering Protocol (CAPP) User Datagram Protocol (UDP) configuration submode, and then enable the CAPP, use the capp udp command. To remove the CAPP UDP configuration, use the no form of this command.

capp udp

no capp udp

Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Modes

CSM configuration submode

Command History

Release
Modification

2.2(1)

This command was introduced.


Usage Guidelines

The CSM implements only the agent side of the CAPP, not the content router functionality. This feature provides Global Server Load Balancing (GSLB) when you use the CSM with a Cisco Global Site Selector (GSS), which provides the content router function.

When you enter the CAPP UDP submode, the following commands are available:

default—Sets a command to its default.

exit—Saves changes and exits from the subcommand mode; see the "agent (DFP submode)" command section.

no—Negates a command or sets the specified command to its defaults.

options—Sets optional parameters for a specified IP address. See the "options (CAPP UDP submode)" command section.

portConfigures the CAPP port. Range is from 1 to 65535. Default is 5002. See the "port (CAPP UDP submode)" command section.

secureEnables encryption. See the "secure (CAPP UDP submode)" command section.

Note When you use the CSM as a CAPP agent, the CSM does not support multiple vservers with the same domain name. You must give a unique domain name to each vserver on the CSM, using the "domain (virtual server submode)" command. In the GSS, the domain names are configured as tag names in the keepalive type kalap command.

Examples

This example shows how to initiate CAPP UDP agent configuration mode and set the CAPP port: 

Cat6k-2(config-module-csm)# capp udp

Cat6k-2(config-slb-capp-udp)# port 5002

Related Commands

port (CAPP UDP submode)

options (CAPP UDP submode)

To assign session options to an IP address, use the options command in the CAPP UDP submode. To remove the options for the specified address from the configuration, use the no form of this command.

options ip_address encryption MD5 secret

no options ip_address

Syntax Description

ip_address

IP address that you want associate with this group of options.

encryption MD5

Specifies MD5 authentication.

secret

The string used in encryption and decryption of the MD5 hashing method. Enter an unquoted text string with a maximum of 31 characters.


Defaults

This command has no default settings.

Command Modes

CSM CAPP UDP submode

Command History

Release
Modification

2.2(1)

This command was introduced.


Usage Guidelines

The CSM applies encryption to packets sent to this destination address or when the CSM receives datagrams with a matching source IP address.

You can set the IP address to 0.0.0.0 to apply encryption to all incoming and outbound datagrams that are not specifically configured. The 0.0.0.0 IP address allows you to set a global security configuration that can be applied to an arbitrary number of peers.

Examples

This example shows the application of a specific option set to 10.6.3.21 and a global option set to all other IP addresses. The CSM encrypts datagrams received from 10.6.3.21 and transmitted to 10.6.3.21 with encryption code mySecret. All other datagrams, received or transmitted, are assigned to the default encryption secret anotherSecret. 

Cat6k-2(config-slb-capp-udp)# options 10.6.3.21 encryption MD5 mySecret

Cat6k-2(config-slb-capp-udp)# options 0.0.0.0 encryption MD5 anotherSecret

Related Commands

capp udp

port (CAPP UDP submode)

To set the port number for CAPP UDP connections, use the port command in the CAPP UDP submode. To remove the port from the configuration, use the no form of this command.

port port_num

no port

Syntax Description

port_num

Specifies the UDP port number. Enter a value of 1 to 65535.


Defaults

The no form of this command sets the port to 5002.

Command Modes

CSM CAPP UDP submode

Command History

Release
Modification

2.2(1)

This command was introduced.


Examples

This example shows how to set the port for CAPP connections: 

Cat6k-2(config-slb-capp-udp)# port 50

Related Commands

capp udp

secure (CAPP UDP submode)

To enable or disable the encryption requirement for inbound CAPP datagrams, use the secure command in the CAPP UDP submode. This command prevents unauthorized messages from entering the CSM. To remove the encryption requirement from the configuration, use the no form of this command.

secure

no secure

Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Modes

CSM CAPP UDP submode

Command History

Release
Modification

2.2(1)

This command was introduced.


Usage Guidelines

Use the capp udp secure command with the capp udp options command to specify which secure messages are accepted. If you use this command without the capp udp options command, the CSM drops all incoming data.

Examples

This example shows how to allow only incoming traffic from 10.6.3.21 encrypted with the encryption code mySecret: 

Cat6k-2(config-slb-capp-udp)# secure

Cat6k-2(config-slb-capp-udp)# options 10.6.3.21 encryption md5 mySecret

Related Commands

capp udp

clear module csm

To force the active CSM to become the standby module, use the clear module csm command.

clear module csm {slot | all} {arp-cache [ip-address] | connections [real ip-address | vserver name] | counters | ft active | linecard-configuration | sticky {1-255 | all}}

Syntax Description

slot

Specifies the CSM location in the switch. Range is from 1 to 9.

all

Applies to all online CSM modules.

arp-cache [ip-address]

Clears the SLB ARP cache or (optionally) the specified IP address.

connections

Clears all SLB connections or (optionally) only those specified.

real ip-address

(Optional) Clears SLB connections for the real servers.

vserver name

(Optional) Clears SLB connections for a virtual server.

counters

Clears SLB statistics.

ft active

Clears the CSM fault tolerance state to force a failover.

linecard-configuration

Clears the configuration database stored in the SLB module.

sticky 1-255

Clears the specified sticky entries from the sticky database.

sticky all

Clears all sticky entries from the sticky database.


Defaults

This command has no defaults.

Command Modes

Privileged

Command History

Release
Modification

3.2(1)

This command was introduced.


Usage Guidelines

When a connection is closed, a reset (RST) is sent to both the client and the server. Counters reset all the CSM statistics information, except for the show mod csm X tech-support counters, which are reset any time that you run the show command. The linecard-configuration option forces a soft-reset of the CSM, which erases all existing connections and run-time information. The CSM then reloads its configuration from Cisco IOS software. This process takes about 3 seconds.

The show mod csm X ft active command is used to force the active CSM to the failover state. The fault tolerance preempt must not be enabled.

Note The show mod csm X ft active command sets an artificial priority of 254 on the CSM module until the module is RESET or reloaded. Before using this command, make sure that the other CSM has a priority higher than 254.

dfp

To enter the Dynamic Feedback Protocol (DFP) submode, and then configure DFP, use the dfp command. To remove the DFP configuration, use the no form of this command.

dfp [password password [timeout]]

no dfp [password password]

Syntax Description

password

(Optional) Specifies a password for MD5 authentication.

password

(Optional) Password value for MD5 authentication. This password must be the same on all DFP manager devices. The password can contain 1-64 characters. Valid characters are: a-z, A-Z, 0-9, @, #, $.

timeout

(Optional) Delay period, in seconds, during which both the old password and the new password are accepted; the range is from 0 to 65535.


Defaults

Timeout value is 180 seconds.

Command Modes

Module CSM configuration submode

Command History

Release
Modification

1.1(1)

This command was introduced.


Usage Guidelines

The timeout option allows you to change the password without stopping messages between the DFP agent and its manager.

During a timeout, the agent sends packets with the old password (or null, if there is no old password), and receives packets with either the old or new password. After a timeout expires, the agent sends and receives packets with only the new password; received packets that use the old password are discarded.

If you are changing the password for an entire load-balanced environment, set a longer timeout. The extended timeout allows enough time for you to update the password on all agents and servers before the timeout expires. The embedded timeout also prevents mismatches between agents and servers that have the new password and agents and servers that have the old password.

Examples

This example shows how to initiate DFP agent configuration mode, configure DFP, set the password to flounder, and configure a 60-second timeout: 

Cat6k-2(config-module-csm)# dfp password flounder 60

Cat6k-2(config-slb-dfp)#

Related Commands

show module csm dfp

agent (DFP submode)

To configure the DFP agent to which the CSM is going to communicate, use the agent command in the SLB DFP submode. To remove the agent configuration, use the no form of this command.

agent ip-address port [keepalive-timeout [retry-count [retry-interval]]]

no agent ip-address port

Syntax Description

ip-address

IP address of the DFP agent.

port

Port number of the DFP agent.

keepalive-timeout

(Optional) Time period in seconds between keepalive messages; the range is from 1 to 65535.

retry-count

(Optional) Number of consecutive connection attempts or invalid DFP reports received before tearing down the connections and marking the agent as failed; the range is from 0 to 65535.

retry-interval

(Optional) Interval between retries; the range is from 1 to 65535.


Defaults

Keepalive timeout is 0 (no keepalive message).

Retry count is 0 seconds (0 seconds allows infinite retries).

Retry interval is 180 seconds.

Command Modes

SLB DFP configuration submode

Command History

Release
Modification

1.1(1)

This command was introduced.


Examples

This example shows how to initiate the DFP agent, configure a 350-second timeout, and configure the number of retries to 270: 

Cat6k-2(config-slb-dfp)# agent 111.101.90.10 2 350 270

Related Commands

dfp
manager (DFP submode)
show module csm dfp

manager (DFP submode)

To set the port where an external DFP can connect to the CSM, use the manager command in SLB DFP submode. To remove the manager configuration, use the no form of this command.

manager port

no manager

Syntax Description

port

Port number.


Defaults

This command has no default settings.

Command Modes

SLB DFP configuration submode

Command History

Release
Modification

1.1(1)

This command was introduced.


Usage Guidelines

This command enables the CSM to listen to DFP connections from an external DFP manager.

Examples

This example shows how to set the DFP manager port: 

Cat6k-2(config-slb-dfp)# manager 4

Related Commands

agent (DFP submode)
dfp
show module csm dfp

exit

To log out of the system or to leave a subcommand mode, use the exit command.

exit

Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Modes

Command mode

Command History

Release
Modification

1.1(1)

This command was introduced.


Usage Guidelines

To leave a subcommand mode, use the exit command. The exit command saves any changes before leaving the submode.

Examples

This example shows how to log out of the CSM: 

Cat6k-2(config-module-csm)# exit

Cat6k-2(config)#

ft group

To enter the fault tolerant submode, and then configure fault tolerance on the CSM, use the ft group command. To remove the fault-tolerant configuration, use the no form of this command.

ft group group-id vlan vlan number

no ft group

Syntax Description

group-id

ID of the fault-tolerant group. Both CSMs must have the same group ID. Range is from 1 to 254.

vlan vlan number

Specifies the VLAN over which heartbeat messages are sent by VLAN number. Both CSMs must have the same VLAN ID. The range is from 2 to 4095.


Defaults

This command has no default settings.

Command Modes

Module CSM configuration submode

Command History

Release
Modification

1.1(1)

This command was introduced.


Usage Guidelines

A fault-tolerant group is comprised of two Catalyst 6500 series switches each containing a CSM configured for fault-tolerant operation. Each fault-tolerant group appears to network devices as a single device. A network may have more than one fault-tolerant group.

When you enter the fault tolerance group submode, the following commands are available:

default—Sets a command to its default.

exit—Saves changes and exits from the subcommand mode. See the "agent (DFP submode)" command section.

failover—Saves changes and exits from the subcommand mode. See the "failover (fault tolerant submode)" command section.

heartbeat-time—Saves changes and exits from the subcommand mode. See the "heartbeat-time (fault tolerant submode)" command section.

no—Negates a command or sets the specified command to its defaults.

preempt—Sets optional parameters for a specified IP address. See the "preempt (fault tolerant submode)" command section.

priorityConfigures the CAPP port. Range is from 1 to 65535; default is 5002. See the "priority (fault tolerant submode)" command section.

Examples

This example shows how to configure a fault-tolerant group named 123 on VLAN 5 and set the failover time to 3 seconds: 

Cat6k-2(config-module-csm)# ft group 123 vlan 5

Cat6k-2(config-slb-ft)# failover 3

Related Commands

failover (fault tolerant submode)
heartbeat-time (fault tolerant submode)
preempt (fault tolerant submode)
priority (fault tolerant submode)
show module csm ft

failover (fault tolerant submode)

To set the time for a standby CSM to wait before becoming an active CSM, use the failover command in the SLB fault-tolerant configuration submode. To remove the failover configuration, use the no form of this command.

failover failover-time

no failover

Syntax Description

failover-time

Amount of time the CSM must wait after the last heartbeat message is received before assuming the other CSM is not operating; the range is from 1 to 65535.


Defaults

Failover time is 3 seconds.

Command Modes

SLB fault-tolerant configuration submode

Command History

Release
Modification

1.1(1)

This command was introduced.


Examples

This example shows how to set a failover period of 6 seconds: 

Cat6k-2(config-slb-ft)# failover 6

Related Commands

ft group
show module csm ft

heartbeat-time (fault tolerant submode)

To set the time interval between heartbeat messages that are transmitted by the CSM, use the heartbeat-time command in the SLB fault-tolerant configuration submode. To restore the default heartbeat interval, use the no form of this command.

heartbeat-time heartbeat-time

no heartbeat-time

Syntax Description

heartbeat-time

Time interval between heartbeat transmissions in seconds; the range is from 1 to 65535.


Defaults

Heartbeat-time is 1 second.

Command Modes

SLB fault-tolerant configuration submode

Command History

Release
Modification

1.1(1)

This command was introduced.


Examples

This example shows how to set the heartbeat time to 2 seconds: 

Cat6k-2(config-slb-ft)# heartbeat-time 2

Related Commands

ft group
show module csm ft

preempt (fault tolerant submode)

To allow a higher priority CSM to take control of a fault-tolerant group when it comes online, use the preempt command in the SLB fault-tolerant configuration submode. To restore the preempt default value, use the no form of this command.

preempt

no preempt

Syntax Description

This command has no arguments or keywords.

Defaults

The default value is that preempt is disabled.

Command Modes

Privileged

Command History

Release
Modification

1.1(1)

This command was introduced.


Usage Guidelines

When you enable preempt, the higher priority CSM preempts the other CSM in the fault-tolerant group when the higher priority CSM comes online. When you enable no preempt, the current primary CSM remains the primary CSM when the next CSM comes online.

Note You must set both members of the fault-tolerant CSM pair to preempt for this feature to work.

Examples

This example shows how to set the fault-tolerance mode to preempt: 

Cat6k-2(config-slb-ft)# preempt

Related Commands

ft group
priority (fault tolerant submode)
show module csm ft

track (fault tolerant submode)

To set the fault-tolerant tracking for the gateway, HSRP group, or interface of the CSM, use the track command in the SLB fault-tolerant configuration submode.

track {gateway ip_addr | group group_number | interface {async | ctunnel | dialer | fastethernet | gigabitethernet} | mode {all | any}}

Syntax Description

gateway ip_addr

Configures a gateway or host for tracking.

group group_number

Configures an HSRP group for tracking.

interface {async | ctunnel | dialer | fastethernet | gigabitethernet}

Configures an interface for tracking.

mode {all | any}

Configures tracking mode for all devices or any device.


Defaults

This command has no default settings.

The default setting for mode is any.

Command Modes

SLB fault-tolerant configuration submode

Command History

Release
Modification

4.2(1)

This command was introduced.


Usage Guidelines

The CSM with the largest priority value is the primary CSM in the fault-tolerant pair when the modules are both operating.

Although the CLI accepts more arguments than are shown in the track interface command description, the CSM supports only physical interfaces for the tracking feature.

Examples

This example shows how to set tracking mode for all devices: 

Cat6k-2(config-slb-ft)# track mode all

Related Commands

ft group
preempt (fault tolerant submode)
show module csm ft

priority (fault tolerant submode)

To set the priority of the CSM, use the priority command in the SLB fault-tolerant configuration submode. To restore the priority default value, use the no form of this command.

priority value [alt value]

no priority

Syntax Description

value

Priority of a CSM; the range is from 1 to 254.

alt

Configures the alternate priority value for the standby CSM.


Defaults

Value is 10.

Command Modes

SLB fault-tolerant configuration submode

Command History

Release
Modification

1.1(1)

This command was introduced.

4.2(1)

Adds the alt keyword to specify an alternate value that is sent to the standby CSM.


Usage Guidelines

The CSM with the largest priority value is the primary CSM in the fault-tolerant pair when the modules are both operating.

Examples

This example shows how to set the priority value to 12: 

Cat6k-2(config-slb-ft)# priority 12

Related Commands

ft group
preempt (fault tolerant submode)
show module csm ft

hw-module csm standby config-sync

To synchronize the configuration between the active CSM and standby CSM, enter the hw-module csm standby config-sync command on the active CSM:

hw-module csm slot standby config-sync

Syntax Description

slot

Specifies the slot of the active CSM.


Defaults

Route processor mode

Command Modes

Global configuration

Command History

Release
Modification

4.2(1)

This command was introduced.


Usage Guidelines

You can synchronize the configurations between the active and standby CSMs in a single chassis or in separate chassis.

Enter the hw-module csm standby config-sync command after you have configured both the active and standby CSMs for synchronization.

Enter this command every time you want to synchronize the configuration

Synchronization happens over the fault-tolerant VLAN. Since traffic over the fault-tolerant VLAN uses broadcast packets, we recommend that you remove all devices, other than those necessary for communication between the active and standby CSMs, from the fault-tolerant VLAN.

If you do not enter the alt standby_ip_address command on the active CSM before you synchronize the configuration, the VLAN IP addresses on the backup CSM will be removed.

Note This command requires Cisco IOS release 12.2(18)SXD or later in the MSFC.

Examples

This example shows how to synchronize the configuration between the active and standby CSMs: 

Router# hw-module csm 5 standby config-sync

%CSM_SLB-6-REDUNDANCY_INFO:Module 5 FT info:Active:Bulk sync started

%CSM_SLB-6-REDUNDANCY_INFO:Module 5 FT info:Active:Manual bulk sync completed

Related Commands

ft group
priority (fault tolerant submode)
ip address (VLAN submode)

ip slb mode

To operate as a CSM load-balancing device instead of a Cisco IOS server load balancing (SLB) device, use the ip slb mode command to configure the switch. To remove the mode configuration, use the no form of this command.

ip slb mode {csm | rp}

no ip slb mode

Syntax Description

csm

Keyword to select the CSM load-balancing mode that allows you to configure a single CSM only and prohibits the use of Cisco IOS SLB on the Catalyst 6500 series switch.

rp

Keyword to select the route processor Cisco IOS SLB mode and enable module CSM commands for configuring multiple CSMs.


Defaults

Route processor mode

Command Modes

Global configuration

Command History

Release
Modification

1.1(1)

This command was introduced.

2.1(1)

This command now enables module csm commands for the rp mode.


Usage Guidelines

We recommend that you use the rp mode for all configurations. The rp mode allows you to configure both the switch and the CSM or other modules without changing modes.

Note You need to reboot the switch to change the mode.

This command allows you to change from the Cisco IOS SLB mode to the CSM load-balancing mode.

Note Specifying the no ip slb mode command is the same as specifying the rp mode.

Note In csm mode, all ip slb commands apply to a CSM module; Cisco IOS SLB is not available. In rp mode (the default), ip slb commands apply to Cisco IOS SLB. The module csm commands are available to configure multiple CSMs.

Examples

This example shows how to configure the CSM load-balancing mode: 

Cat6k-2(config)# ip slb mode csm

Related Commands

module csm
show ip slb mode