Table Of Contents

set spantree priority

set spantree root

set spantree rootguard

set spantree uplinkfast

set summertime

set switchacceleration

set system baud

set system contact

set system location

set system modem

set system name

set tacacs directedrequest

set tacacs key

set tacacs server

set tacacs timeout

set test diaglevel

set time

set timezone

set trace

set traffic monitor

set trunk

set udld

set udld aggressive-mode

set udld interval

set vlan

set vlan mapping

set vmps server

set vtp

set vtp pruning

2

set spantree priority

Use the set spantree priority command to set the bridge priority for a VLAN.

set spantree priority bridge_priority [vlan]

Syntax Description

bridge_priority	Number representing the priority of the bridge; see the "Usage Guidelines" section for valid values.
vlan	(Optional) Number of the VLAN. If you do not specify a VLAN number, VLAN 1 is used; valid values are 1 to 1005.

Defaults

The default configuration has the bridge priority set to 32768.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

If the MAC reduction feature is enabled, valid bridge_priority values are 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and 61440, with 0 indicating high priority and 61440, low priority. Any other value will be rejected.

If the MAC reduction feature is disabled, valid bridge_priority values are from 0 to 65535.

Examples

This example shows how to set the bridge priority of VLAN 1 to 4096:

Console> (enable) set spantree priority 4096 64 

Spantree 64 bridge ID priority set 4160 (bridge priority: 4096 + sys ID ext: 64). 

Console> (enable) 

Related Commands

show spantree

set spantree root

Use the set spantree root command to set the primary or secondary root for specific VLANs of the switch or for all VLANs of the switch.

set spantree root [secondary] [vlan_list] [dia network_diameter]
[hello hello_time]

Syntax Description

secondary	(Optional) Keyword that specifies to designate this switch as a secondary root, if the primary root fails.
vlan_list	(Optional) Number of the VLAN. If you do not specify a VLAN number, VLAN 1 is used; valid values are 1 to 1005.
dia network_diameter	(Optional) Keyword that specifies the maximum number of bridges between any two points of attachment of end stations. Valid values of network_diameter are 2 through 7.
hello hello_time	(Optional) Keyword that specifies in seconds, the duration between generation of configuration messages by the root switch; valid values of hello_time are 1 to 10.

Defaults

If the secondary keyword is not specified, the default is to make the switch the primary root.

The default value of the network_diameter is 7.

If not specified, the current value of hello_time from the NVRAM is used.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

This command runs on backbone or distribution switches.

You can run the secondary root many times to create backup switches in case of a root failure.

The secondary command reduces the bridge priority value to 16384.

This command increases path costs to a value greater than 3000.

Examples

This example shows how to use the set spantree root command:

Console>(enable) set spantree root 1-10 dia 4

VLANs 1-10 bridge priority set to 8192

VLANs 1-10 bridge max aging time set to 14 seconds.

VLANs 1-10 bridge hello time set to 2 seconds.

VLANs 1-10 bridge forward delay set to 9 seconds.

Switch is now the root switch for active VLANs 1-6.

Console> (enable) 

This example shows that setting the bridge priority to 8192 was not sufficient to make this switch the root. The priority was further reduced to 7192 (100 less than the current root switch) to make this switch the root switch. However, reducing the priority to this value did not make it the root switch for active VLANs 16 and 17.

Console>(enable) set spantree root 11-20.

VLANs 11-20 bridge priority set to 7192

VLANs 11-10 bridge max aging time set to 20 seconds.

VLANs 1-10 bridge hello time set to 2 seconds.

VLANs 1-10 bridge forward delay set to 13 seconds.

Switch is now the root switch for active VLANs 11-15,18-20.

Switch could not become root switch for active VLAN 16-17.

Console> (enable) 

Console>(enable) set spantree root secondary 22,24 dia 5 hello 1

VLANs 22,24 bridge priority set to 16384.

VLANs 22,24 bridge max aging time set to 10 seconds.

VLANs 22,24 bridge hello time set to 1 second.

VLANs 22,24 bridge forward delay set to 7 seconds.

Console> (enable) 

Related Commands

show spantree
clear spantree root

set spantree rootguard

Use the set spantree rootguard command to enable the root guard feature.

set spantree rootguard enable | disable mod/port

Syntax Description

enable	Keyword that enables the root guard feature.
disable	Keyword that disables the root guard feature.
mod/port	Number of the module and the port on the module.

Defaults

The default is disabled.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

he command works on a per-port basis.

If a port in the list is in the root-inconsistent state, then the port automatically goes into the listening state when you disable root guard. The port will also go into listening state after reaching its maxage when root guard is enabled and the port is in the root inconsistent state but the switch on the other side stops sending BPDVs.

Examples

This example shows how to enable the root guard feature:

Console> (enable) set spantree rootguard enable 3/1

Rootguard on port 3/1 is enabled.

Console> (enable) 2000 Apr 25 07:45:46 %SPANTREE-2-ROOTGUARDBLOCK:Port 3/1 tried

 to become non-designated in VLAN 1. Moved to root-inconsistent state

Console> (enable)

This example shows how to disable the root guard feature:

Console> (enable) set spantree rootguard disable 3/1

Rootguard on port 3/1 is disabled.

Console> (enable)

Related Commands

show spantree rootguard

set spantree uplinkfast

Use the set spantree uplinkfast command to enable fast switchover to alternate ports when the root port fails. This command applies to a switch, not to a WAN.

set spantree uplinkfast enable [rate station_update_rate] [all-protocols {off | on}]

set spantree uplinkfast disable

Syntax Description

enable	Keyword that enables a fast switchover.
rate station_update_rate	(Optional) Keyword that specifies the number of multicast packets transmitted per 100 ms when an alternate port is chosen after the root port goes down.
all-protocols	(Optional) Keyword that specifies whether the switch generates dummy multicast packets for all protocol groups (IP, IPX, and Group) in a network with switches using protocol filtering.
off	(Optional) Keyword that specifies to prevent the switch from generating multicasts for all protocol groups.
on	(Optional) Keyword that specifies to cause the switch to generate multicasts for all protocol groups.
disable	Keyword that disables fast switchover.

Defaults

The default station_update_rate is 15 packets per 100 ms.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

The set spantree uplinkfast enable command has the following results:

•Changes the bridge priority to 49152 for all VLANs (allowed VLANs).

•Increases the path cost and port VLAN cost of all ports to a value greater than 3000.

•On detecting the failure of a root port, an instant cutover occurs to an alternate port selected by Spanning Tree Protocol.

If you run set spantree uplinkfast enable on a switch that has this feature already enabled, only the station update rate is updated. The rest of the parameters are not modified.

If you run set spantree uplinkfast disable on a switch, the UplinkFast feature is disabled but the switch priority and port cost values are not reset to the factory defaults. To reset the values to the factory defaults, enter the clear spantree uplinkfast command.

The default station_update_rate value is 15 packets per 100 ms, which is equivalent to a 1 percent load on a 10-Mbps Ethernet port. If you specify this value as 0, the switch does not generate station-update-rate packets.

Use the all-protocols on keywords on switches that have UplinkFast enabled but do not have protocol filtering enabled, and that are connected to upstream switches in the network that have protocol filtering enabled. The all-protocols on keywords cause the switch to generate multicasts for each protocol-filtering group.

On switches with both UplinkFast and protocol filtering enabled, or if no other switches have protocol filtering enabled, you do not need to use the all-protocols on keywords.

Examples

This example shows how to enable the spantree UplinkFast feature and specify the number of multicast packets transmitted to 40 packets per 100 ms:

Console>(enable) set spantree uplinkfast enable rate 40

VLANs 1-1005 bridge priority set to 49152.

The port cost and portvlancost of all ports increased to above 3000.

Station update rate set to 40 packets/100ms.

uplinkfast turned on for bridge.

Console> (enable) 

This example shows how to disable the spantree UplinkFast feature:

console> (enable) set spantree uplinkfast disable

Uplinkfast disabled for switch. 

Use clear spantree uplinkfast to return stp parameters to default.

console>(enable) clear spantree uplink

This command will cause all portcosts, portvlancosts, and the 

bridge priority on all vlans to be set to default.

Do you want to continue (y/n) [n]? y

VLANs 1-1005 bridge priority set to 32768.

The port cost of all bridge ports set to default value.

The portvlancost of all bridge ports set to default value.

uplinkfast disabled for bridge.

Console> (enable) 

This example shows how to enable the all-protocols feature:

Console> (enable) set spantree uplinkfast enable all-protocols on

uplinkfast update packets enabled for all protocols.

uplinkfast already enabled for bridge.

This example shows how to disable the all-protocols feature:

Console> (enable) set spantree uplinkfast disable all-protocols off

uplinkfast all-protocols field set to off.

uplinkfast already enabled for bridge.

Console> (enable)

Related Commands

show spantree
clear spantree uplinkfast

set summertime

Use the set summertime command to specify whether the system should set the clock ahead one hour during daylight saving time.

set summertime {enable | disable} [zone]

set summertime recurring {week} {day} {month} {hh:mm} {week} {day} {month} {hh:mm}
[offset]

set summertime date {month} {date} {year} {hh:mm}{month} {date} {year} {hh:mm} [offset]

Syntax Description

enable	Keyword that causes the system to set the clock ahead one hour during daylight saving time.
disable	Keyword that prevents the system from setting the clock ahead one hour during daylight saving time.
zone	(Optional) Time zone used by the set summertime command.
week	Week of the month (first, second, third, fourth, last, 1...5).
day	Day of the week (Sunday, Monday, Tuesday, etc.).
month	Month of the year (January, February, March, etc.).
hh:mm	Time in both hours and minutes.
offset	(Optional) Amount of offset in minutes (1-1440 minutes).
date	Day of the month (1-31).
year	Number of the year (1993-2035).

Defaults

By default, the set summertime command is disabled. When the command is enabled, the default for offset is 60 minutes, following U.S. standards.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

When you enter the clear config command, the dates and times are set back to the default.

Unless otherwise configured, this command advances the clock one hour at 2:00 a.m. on the first Sunday in April and moves back the clock one hour at 2:00 a.m. on the last Sunday in October.

Examples

This example shows how to cause the system to set the clock ahead one hour during daylight saving time:

Console> (enable) set summertime enable PDT

Summertime is enabled and set to "PDT".

Console> (enable)

This example shows how to prevent the system from setting the clock ahead one hour during daylight saving time:

Console> (enable) set summertime disable

Summertime disabled.

Console> (enable)

This example shows how to set daylight saving time to zonename "AUS," repeat every year, starting from the third Monday of February at noon and ending at the second Saturday of August at
3:00 p.m. with an offset of 30 minutes:

Console> (enable) set summertime recurring 3 Mon Feb 03:00 4 Thursday oct 08:00 500

Command authorization none.

Summertime is enabled and set to '' 

   start: Mon Feb 21 2000, 03:00:00

   end:   Fri Oct 20 2000. 08:00:00

   offset: 1..1440 minutes (default 60)	

   Recurring: yes, starting at 03:00:00am of third Monday of February and ending on 
08:00am of fourth Thursday of October.

Console> (enable)

This example shows how to set the daylight saving time to start on January 29, 1999 at 2:00 a.m. and end on August 19, 2004 at 3:00 p.m. with an offset of 30 minutes:

Console> (enable) set summertime date jan 29 1999 02:00 aug 19 2004 15:00 30 

Summertime is disabled and set to ''

Start : Fri Jan 29 1999, 02:00:00

End   : Thu Aug 19 2004, 15:00:00

Offset: 30 minutes

Recurring: no

Console> (enable) 

Related Commands

show summertime

set switchacceleration

Use the set switchacceleration command to increase the switching bandwidth of the switch.

set switchacceleration {enable | disable} mod_num

Syntax Description

enable	Keyword that activates switch acceleration.
disable	Keyword that deactivates switch acceleration.
mod_num	Number of the module.

Defaults

The default is switch acceleration is disabled.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

The set switchacceleration command is valid only on Catalyst 4000 family switches with Supervior Engine II. To enable switch acceleration on the switch, you must disable both the ports on it. Switch acceleration on the switch can be disabled without any conditions.

Examples

This example shows how to enable switch acceleration on port 1 of module 1 on the switch:

Console> (enable) set port disable 1/1-2

Port(s) 1/1-2 disabled.

Console> (enable)

Console> (enable) set switchacceleration enable 1

Enabling or Disabling switch acceleration may impact performance for 1-2 seconds.

Do you want to continue (y/n) [n]? y

Switch Acceleration on module 1 enabled.

Console> (enable)

This example shows how to disable switch acceleration on port 1 of module 1 on the switch:

Console> (enable) set switchacceleration disable 1

Enabling or Disabling switch acceleration may impact performance for 1-2 seconds.

Do you want to continue (y/n) [n]? y

Switch Acceleration on module 1 disabled.

Console> (enable)

Related Commands

show switchacceleration

set system baud

Use the set system baud command to set the console port baud rate.

set system baud rate

Syntax Description

rate	Baud rate. Valid rates are 600, 1200, 2400, 4800, 9600, 19200, and 38400.

Defaults

The default value is 9600 baud.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to set the system baud rate to 19200:

Console> (enable) set system baud 19200

System console port baud rate set to 19200.

Console> (enable) 

Related Commands

show system

set system contact

Use the set system contact command to identify a contact person for the system.

set system contact [contact_string]

Syntax Description

contact_string

(Optional) Text string that contains the name of the person to contact for system administration. If no contact string is specified, the system contact string is cleared.

Defaults

The default configuration has no system contact configured.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to set the system contact string:

Console> (enable) set system contact Xena ext.24

System contact set.

Console> (enable) 

Related Commands

show system

set system location

Use the set system location command to identify the location of the system.

set system location [location_string]

Syntax Description

location_string

(Optional) Text string that indicates where the system is located. If no location string is specified, the system location is cleared.

Defaults

This command has no default setting.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to set the system location string:

Console> (enable) set system location Closet 230 4/F

System location set.

Console> (enable)

Related Commands

show system

set system modem

Use the set system modem command to enable or disable modem control lines on the console port.

set system modem {enable | disable}

Syntax Description

enable	Keyword that specifies to activate modem control lines on the console port.
disable	Keyword that specifies to deactivate modem control lines on the console port.

Defaults

The default configuration has modem control lines disabled.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to enable modem control lines on the console port:

Console> (enable) set system modem enable

Modem control lines enabled on console port.

Console> (enable) 

This example shows how to disable modem control lines on the console port:

Console> (enable) set system modem disable

Modem control lines disabled on console port.

Console> (enable) 

Related Commands

show system

set system name

Use the set system name command to configure a name for the system.

set system name [name_string]

Syntax Description

name_string

(Optional) Text string that identifies the system.

Defaults

The default configuration has no system name configured.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

In Catalyst 4000 family software release 4.4 and later, if you use the set system name command to assign a name to the switch, the switch name is used as the prompt string. However, if you specify a different prompt string using the set prompt command, that string is used for the prompt. If no name is specified, the system name is cleared.

The system name can be 255 characters long, and the prompt can be 20 characters long. The system name is truncated appropriately when used as a prompt; a greater-than symbol (>) is appended to the truncated system name. If the system name was found from a DNS lookup, it is truncated to remove the domain name. If the prompt is obtained using the system name, it is updated whenever the system name changes. You can overwrite this prompt any time by setting the prompt manually. Any change in the prompt is reflected in all current open sessions.

Examples

This example shows how to set the system name to Information Systems:

Console> (enable) set system name Information Systems

System name set.

Console> (enable) 

Related Commands

show system
set prompt

set tacacs directedrequest

Use the set tacacs directedrequest command to enable or disable the TACACS+ directed-request option. When enabled, you can direct a request to any of the configured TACACS+ servers and only the username is sent to the specified server.

set tacacs directedrequest {enable | disable}

Syntax Description

enable	Keyword that specifies to send the portion of the address before the @ sign (the username) to the host specified after the @ sign.
disable	Keyword that specifies to send the entire address string to the default TACACS+ server.

Defaults

This default configuration has the TACACS+ directed-request option disabled.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

When tacacs directedrequest is enabled, you must specify a configured TACACS+ server after the @ sign. If the specified host name does not match the IP address of a configured TACACS+ server, the request is rejected. When tacacs directedrequest is disabled, the 4000 family, 2948G, and 2980G switch queries the list of servers beginning with the first server in the list and then sends the entire string, accepting the first response from the server. This command is useful for sites that have developed their own TACACS+ server software to parse the entire address string and make decisions based on the contents of the string.

Examples

This example shows how to enable the TACACS+ directed-request option:

Console> (enable) set tacacs directedrequest enable

Tacacs direct request has been enabled.

Console> (enable) 

This example shows how to disable the TACACS+ directed-request option:

Console> (enable) set tacacs directedrequest disable

Tacacs direct request has been disabled.

Console> (enable) 

Related Commands

show tacacs

set tacacs key

Use the set tacacs key command to set the key for TACACS+ authentication and encryption.

set tacacs key key

Syntax Description

key	Printable ASCII characters used for authentication and encryption. Key length is limited to 100 characters.

Defaults

The default value of key is null.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

The key must be the same as the key used on the TACACS+ server. All leading spaces are ignored. Spaces within the key and at the end of the key are included. Double quotation marks are not required, even if there are spaces between words in the key, unless the quotation marks themselves are part of the key. The key can consist of any printable ASCII characters except the tab character.

Examples

This example shows how to set the authentication and encryption key:

Console> (enable) set tacacs key Who Goes There

The tacacs key has been set to Who Goes There.

Console> (enable) 

Related Commands

clear tacacs key
show tacacs

set tacacs server

Use the set tacacs server command to define a TACACS+ server.

set tacacs server ip_addr [primary]

Syntax Description

ip_addr	IP address of the server on which the TACACS+ server resides.
primary	(Optional) Keyword that specifies to designate the specified server as the primary TACACS+ server.

Defaults

There is no default setting for this command.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

You can configure a maximum of three servers. The primary server, if configured, is contacted first. If no primary server is configured, the first server configured becomes the primary server.

Examples

This example shows how to configure the server on which the TACACS+ server resides and to designate it as the primary server:

Console> (enable) set tacacs server 170.1.2.20 primary

170.1.2.20 added to TACACS server table as primary server.

Console> (enable) 

Related Commands

clear tacacs key
show tacacs

set tacacs timeout

Use the set tacacs timeout command to set the response timeout interval for the TACACS+ server daemon. The TACACS+ server must respond to a TACACS+ authentication request before this interval expires or the next configured server is queried.

set tacacs timeout seconds

Syntax Description

seconds

Timeout response interval in seconds (1 to 255).

Defaults

The default value for this command is 5 seconds.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to set the response timeout interval for the TACACS+ server to 8 seconds:

Console> (enable) set tacacs timeout 8

Tacacs timeout set to 8 seconds.

Console> (enable)

Related Commands

show tacacs

set test diaglevel

Use the set test diaglevel command to set the diagnostic level.

set test diaglevel complete | minimal | bypass

Syntax Description

complete	Keyword that specifies complete diagnostics.
minimal	Keyword that specifies minimal diagnostics.
bypass	Keyword that specifies bypass diagnostics.

Defaults

The default is complete diagnostics.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

The minimal keyword is not supported at this time. Setting the diagnostic level to minimal will be ignored.

Setting the diagnostic level to bypass will skip POST and online diagnostic testing. If you skip diagnostic testing, the show test mod_num command reports that the module has passed all tests.

---

Caution Be careful when setting the diagnostic level to bypass. Bypassing diagnostic tests allows hardware failures to go undetected and could cause other problems.

---

Examples

This example shows how to set the diagnostic level to complete:

Console> (enable) set test diaglevel complete

Diagnostic level set to complete.

Console> (enable)

This example shows how to set the diagnostic level to minimal:

Console> (enable) set test diaglevel minimal

Diagnostic level set to minimal.

Console> (enable)

This example shows how to set the diagnostic level to bypass:

Console> (enable) set test diaglevel bypass

Diagnostic level set to bypass.

Console> (enable)

Related Commands

show test

set time

Use the set time command to change the time of day on the system clock.

set time [day_of_week] [mm/dd/yyyy] [hh:mm:ss]

Syntax Description

day_of_week	(Optional) Day of the week.
mm/dd/yyyy	(Optional) Month, day, and year.
hh:mm:ss	(Optional) Current time in 24-hour format.

Defaults

This command has no default setting.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to set the system clock to Sunday, March 21, 2000, 7:50 a.m:

Console> (enable) set time sun 3/21/2000 7:50

Sun Mar 21 2000, 07:50:00

Console> (enable)

Related Commands

show time

set timezone

Use the set timezone command to set the time zone for the system.

set timezone [zone_name] [hours [minutes]]

Syntax Description

zone_name	(Optional) Name of the time zone to be displayed.
hours	(Optional) Number of hours offset from UTC; valid values are -12 to 12.
minutes	(Optional) Number of minutes offset from UTC. If the specified hours value is a negative number, then the minutes value is assumed to be negative as well; valid values are 0 to 59.

Defaults

By default, the time zone is set to UTC.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

The set timezone command is effective only when NTP is running. If you set the time explicitly and NTP is disengaged, the set timezone command has no effect. If you have enabled NTP and have not entered the set timezone command, the Catalyst 4000 family switch displays UTC by default.

Examples

This example shows how to set the time zone to Pacific Standard Time with an offset of minus 8 hours from UTC:

Console> (enable) set timezone PST -8

Timezone set to "PST", offset from UTC is -8 hours.

Console> (enable)

Related Commands

clear timezone
show timezone

set trace

Use the set trace command to obtain the debug information for the switch web interface.

set trace {category} [level]

set trace monitor {enable | disable}

Syntax Description

category	Trace category.
level	(Optional) Trace level; see the "Usage Guidelines" for valid values.
monitor	Keyword that specifies monitoring for debug information for the switch web interface.
enable	Keyword that enables the trace monitor.
disable	Keyword that disables the trace monitor.

Defaults

The default trace level is 1.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

Valid values for the trace level are from 0 to 15. Trace levels 0 to 255 are for inband only. To disable the trace level, set the value to 0.

Examples

This example shows how to obtain switch web interface debug information:

Console> (enable) set trace vmps

VMPS tracing set to 1.

Warning!! Turning on trace may affect the operation of the system.

Use with caution.

Console> (enable) 

This example shows how to enable trace monitoring:

Console> (enable) set trace monitor enable

Trace monitor is enabled for this session.

Console> (enable)

This example shows how to disable trace monitoring:

Console> (enable) set trace monitor disable

Trace monitor is disabled for this session.

Console> (enable)

Related Commands

show trace

set traffic monitor

Use the set traffic monitor command to configure the threshold at which a high traffic log will be generated.

set traffic monitor threshold

Syntax Description

threshold

0 to 100 percent.

Defaults

Threshold is set to 100%. No high traffic log is created.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

If backplane traffic exceeds the threshold configured by the set traffic monitor command, a high traffic log is created. If the threshold is set to 100%, no high-traffic system warning is generated.

Examples

This example shows how to set the high traffic threshold to 80%:

Console> (enable) set traffic monitor 80

Traffic monitoring threshold set to 80%.

Console> (enable) 

Related Commands

show traffic

set trunk

Use the set trunk command to configure trunk ports and to add VLANs to the allowed VLAN list for existing trunks.

set trunk mod_num/port_num [on | off | desirable | auto | nonegotiate] [vlan_range] [isl | dot1q
dot10 | lane | negotiate]

Syntax Description

mod_num	Number of the module.
port_num	Number of the port on the module.
on	(Optional) Keyword that specifies to force the port to become a trunk port and persuade the neighboring port to become a trunk port. The port becomes a trunk port even if the neighbor port does not agree to become a trunk. This is the only possible mode for ATM ports.
off	(Optional) Keyword that specifies to force a port to become a nontrunk port and persuade the neighboring port to become a nontrunk port. The port becomes a nontrunk port even if the neighbor port does not agree to become a nontrunk port. This is the default mode for FDDI trunks. This option is not allowed for ATM ports.
desirable	(Optional) Keyword that specifies a port negotiate actively with the neighbor port to become a trunk link. This mode is not allowed on FDDI and ATM ports.
auto	(Optional) Keyword that specifies to cause the port to become a trunk port if the neighboring port tries to negotiate a trunk link. This mode is not allowed on FDDI and ATM ports. This is the default mode for Fast Ethernet and Gigabit Ethernet ports.
nonegotiate	(Optional) Keyword that specifies to force the port to become a trunk port but prevent it from sending DTP frames to its neighbor. This mode is only allowed on ISL and IEEE 802.1Q trunks.
vlan_range	(Optional) VLANs to add to the list of allowed VLANs on the trunk. The VLAN range is 1 to 1005.
isl	(Optional) Keyword that specifies an ISL trunk on an Ethernet port.
dot1q	(Optional) Keyword that specifies an IEEE 802.1Q trunk on an Ethernet port. IEEE 802.1Q trunks are supported in Catalyst 5000 family and 2926G series software release 4.1(1) and later with 802.1Q-capable hardware. Automatic negotiation of 802.1Q trunks is supported in software release 4.2(1) and later. In software release 4.1, you must use the nonegotiate mode with 802.1Q trunks.
dot10	(Optional) Keyword that specifies an IEEE 802.10 trunk on a FDDI or CDDI port.
lane	(Optional) Keyword that specifies an ATM LANE trunk on an ATM port.
negotiate	(Optional) Keyword that specifies that the port become an ISL (preferred) or 802.1Q trunk, depending on the configuration and capabilities of the neighboring port.

Defaults

All ports except ATM LANE ports are nontrunk ports by default. ATM LANE and RSM ports are always configured as trunk ports.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

Trunking capabilities are hardware dependent. Refer to the Module Installation Guide for your switch to determine the trunking capabilities of your hardware, or enter the show port capabilities command.

The Catalyst 4000 family switches use the DTP (formerly known as DISL) to negotiate trunk links automatically on Fast Ethernet and Gigabit Ethernet ports. Whether a port will negotiate to become a trunk port depends on both the mode and the trunk type specified for that port. Refer to the Software Configuration Guide-Catalyst 4000 Family, 2948G, and 2980G Switches for detailed information on how trunk ports are negotiated.

DTP is a point-to-point protocol. However, some internetworking devices might improperly forward DTP frames. You can avoid this problem by ensuring that trunking is turned off on ports connected to non-Catalyst 4000 family devices if you do not intend to trunk across those links. When enabling trunking on a link to a Cisco router, enter the nonegotiate keyword to cause the port to become a trunk but not generate DTP frames. The nonegotiate keyword is available in Catalyst 4000 family software release 2.4(3) and later.

For trunking to be negotiated on Fast Ethernet and Gigabit Ethernet ports, the ports must be in the same VTP domain. However, you can use the on or nonegotiate mode to force a port to become a trunk, even if it is in a different domain.

To remove VLANs from the allowed list for a trunk, enter the clear trunk mod_num/port_num vlan_range command. When you first configure a port as a trunk, the set trunk command always adds all VLANs to the allowed VLAN list for the trunk, even if you specify a VLAN range (the specified VLAN range is ignored).

To remove VLANs from the allowed list, enter the clear trunk mod_num/port_num vlan_range command. To later add VLANs that were removed, enter the set trunk mod_num/port_num vlan_range command.

If you do not enter a trunk-type keyword, the value is unchanged from the previous configuration.

The dot1q trunk type is the only trunk type supported by the Catalyst 4000 family switches.

To return a trunk to its default trunk type and mode, enter the clear trunk mod_num/port_num command.

If you enter the set trunk command on a Token Ring port, you receive a message indicating that the port is "not a trunk-capable port."

When you are running the set trunk command on an Access Gateway module you have limited usage of the command.

Examples

This example shows how to set port 2 on module 1 as a trunk port:

Console> (enable) set trunk 1/2 on

Port(s) 1/2 trunk mode set to on.

Console> (enable)

This example shows how to set port 2 on module 1 as a nontrunk port:

Console> (enable) set trunk 1/2 off

Port(s)  1/2 trunk mode set to off.

Console> (enable) 

This example shows how to set port 2 on module 1 as a preferred trunk port:

Console> (enable) set trunk 1/2 desirable 

Port(s)  1/2 trunk mode set to desirable.

Console> (enable) 2000 Jan 11 09:16:29 %DTP-5-TRUNKPORTON:Port 1/2 has become ik

This example shows how to add VLANs 5 through 50 to the allowed VLAN list for a trunk port (VLANs were previously removed from the allowed list with the clear trunk command):

Console> (enable) set trunk 1/1 5-50

Adding vlans 5-50 to allowed list.

Port(s) 1/1 allowed vlans modified to 1,5-50,101-1005.

Console> (enable)

This example shows how to set port 5 on module 4 as an 802.1Q trunk port in desirable mode:

Console> (enable) set trunk 4/5 desirable dot1q

Port(s) 4/5 trunk mode set to desirable.

Port(s) 4/5 trunk type set to dot1q.

Console> (enable)

This example shows how to set port 1 on module 1 as an ISL trunk port:

Console> (enable) set trunk 1/1 isl      

Port(s)  1/1 trunk type set to isl.

Console> (enable) 

Related Commands

clear trunk
set vtp
show trunk
show vtp statistics

set udld

Use the set udld command to enable or disable the UDLD feature on specified ports or globally on all ports.

set udld enable | disable mod/ports...

Syntax Description

enable	Keyword that specifies to enable the UDLD feature.
disable	Keyword that specifies to disable the UDLD feature.
mod/ports...	Number of the module and ports.

Defaults

The default is UDLD is globally disabled.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

Whenever a unidirectional connection is detected, UDLD displays a syslog message to notify you and the network management application (via SNMP) that the port on which the misconfiguration has been detected has been disabled.

If you enter the global set udld enable or disable command, UDLD is globally configured. If UDLD is globally disabled, UDLD is automatically disabled on all interfaces, but the per-port enable (or disable) configuration is not changed. If UDLD is globally enabled, whether UDLD is running on an interface or not depends on its per-port configuration.

UDLD is supported on both Ethernet fiber and copper interfaces. UDLD can only be enabled on Ethernet fiber or copper interfaces.

Examples

This example shows how to enable the UDLD feature for port 1 on module 2:

Console> (enable) set udld enable 2/1

UDLD enabled on port 2/1.

Warning:UniDirectional Link Detection should be enabled on all the ends of the connection 
in order to work properly.

Console> (enable)

This example shows how to disable the UDLD feature for port 1 on module 2:

Console> (enable) set udld disable 2/1

UDLD disabled on port 2/1.

Warning:UniDirectional Link Detection should be enabled on all the ends of the connection 
in order to work properly.

Console> (enable)

This example shows how to enable the UDLD feature for all ports on all modules:

Console> (enable) set udld enable

UDLD enabled globally

Console> (enable) 

This example shows how to disable the UDLD message display for all ports on all modules:

Console> (enable) set udld disable

UDLD disabled globally

Console> (enable) 

Related Commands

show udld

set udld aggressive-mode

Use the set udld aggressive-mode command to enable UDLD aggressive mode on specified ports or globally on all ports.

set udld aggressive-mode enable | disable mod/port

Syntax Description

enable	Keyword that enables UDLD aggressive mode.
disable	Keyword that disables UDLD aggressive mode.
mod/port	Number of the module and ports.

Defaults

The default is aggressive mode is disabled.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

After all the neighbors of a port have aged out either in the advertisement or in the detection phase, aggressive mode allows UDLD to restart the linkup sequence to resynchronize with any potentially out-of-sync neighbors, and shut down the port if the link is still undetermined after the fast train of messages.

You also can enable aggressive mode to shut down an active port that does not support FEFI or autonegotiation and becomes connected to its neighbor by a single fiber strand or copper wire after being part of a bidirectional link. This prevents possible spanning tree loops if the port belongs to a channel.

Examples

This example shows how to enable aggressive mode:

Console> (enable) set udld aggressive-mode enable 2/1

Aggressive UDLD enabled on port 2/1.

Warning: UniDirectional Link Detection should be enabled on all the ends of the 
connection in order to work properly.

Console> (enable)

This example shows how to disable aggressive mode:

Console> (enable) set udld aggressive-mode disable 2/1

Aggressive UDLD disabled on port 2/1.

Warning: UniDirectional Link Detection should be enabled on all the ends of the 
connection in order to work properly.

Console> (enable) 

Related Commands

show udld

set udld interval

Use the set udld interval command to set the UDLD message interval timer.

set udld interval interval

Syntax Description

interval

Message interval in seconds; valid values are from 7 to 90 seconds.

Defaults

The default is 60 seconds.

Command Types

Switch command.

Command Modes

Privileged.

Examples

This example shows how to set the message interval timer:

Console> (enable) set udld interval 90

UDLD message interval set to 90 seconds

Console> (enable)

Related Commands

show udld

set vlan

Use the set vlan command to group ports into a VLAN.

set vlan {vlan} {mod/port}

set vlan {vlan} [name {name}] [type {type}] [state {state}] [said {said}] [mtu {mtu}]
[ring {hex_ring_number}] [decring {decimal_ring_number}] [bridge {bridge}]
[parent {vlan_num}] [mode {bridge_mode}] [stp {stp_type}] [translation vlan_num]
[backupcrf {off | on}] [aremaxhop hop_count] [stemaxhop hop_count]

Syntax Description

vlan	Number identifying the VLAN.
mod/port	Number of the module and port. This parameter is not valid when defining or configuring TrBRFs.
name name	(Optional) Keyword that specifies to define a text string used as the name of the VLAN (1 to 32 characters).
type type	(Optional) Keywords that identify the VLAN type 802.1Q.
state state	(Optional) Keyword that specifies whether the state of the VLAN is active or suspended. VLANs in suspended state do not pass packets; the default is active.
said said	(Optional) Keyword that specifies the security association identifier. Possible values are 1 to 4294967294. This parameter does not apply to TrCRFs or TrBRFs.
mtu mtu	(Optional) Keyword that specifies the maximum transmission unit (packet size, in bytes) that the VLAN can use. Possible values are 576 to 18190.
ring hex_ring_number	(Optional) Keyword that specifies the logical ring number for Token Ring VLANs. Possible values are hexadecimal numbers 0x1 to 0xFFF. For Token Ring VLANs, this parameter is valid and required only when defining a TrCRF.
decring decimal_ring_number	(Optional) Keyword that specifies the logical ring number for Token Ring VLANs. Possible values are decimal numbers 1 to 4095. For Token Ring VLANs, this parameter is valid and required only when defining a TrCRF.
bridge bridge	(Optional) Keyword that specifies the identification number of the bridge. Possible values are hexadecimal numbers 0x1 to 0xF. For Token Ring VLANs, the default is 0F. This parameter is not valid for TrCRFs.
parent vlan_num	(Optional) Keyword that specifies to set a parent VLAN. The range for vlan_num is 2 to 1005. This parameter identifies the TrBRF to which a TrCRF belongs and is required when defining a TrCRF.
mode bridge_mode	(Optional) Keyword and variable to specify the bridge mode; valid values are srt and srb.
stp stp_type	(Optional) Keyword that specifies the version of the Spanningtree Protocol for a TrBRF to use, source routing transparent (ieee), source route bridging (ibm), automatic source selection (auto).
translation vlan_num	(Optional) Keyword that specifies a translational VLAN used to translate FDDI to Ethernet. Possible values are 1 to 1005. This parameter is not valid for defining or configuring Token Ring VLANs.
backupcrf off | on	(Optional) Keyword that specifies whether the TrCRF is a backup path for traffic.
aremaxhop hop_count	(Optional) Keyword that specifies the maximum number of hops for All-Routes Explorer frames. Possible values are 1 to 14. This parameter is only valid when defining or configuring TrCRFs.
stemaxhop hop_count	(Optional) Keyword that specifies the maximum number of hops for Spanningtree Explorer frames. Possible values are 1 to 14. This parameter is only valid when defining or configuring TrCRFs.

Defaults

The default values are as follows:

•Switched Ethernet ports and Ethernet repeater ports are in VLAN 1.

•said is 100001 for VLAN 1, 100002 for VLAN 2, 100003 for VLAN 3, and so forth.

•type is Ethernet.

•mtu is 1500 bytes.

•state is active.

•hopcount is 7.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

You cannot use the set vlan command until the Catalyst 4000 family switches are either in VTP transparent mode (set vtp mode) or until a VTP domain name has been set (set vtp).

Valid MTU values for Token Ring VLAN are 1500 or 4472. You can enter any value for the MTU value, however, the value you enter defaults to the next lowest valid value.

You cannot set multiple VLANs for ISL ports using this command. The VLAN name can be from 1 to 32 characters in length. If adding a new VLAN, the VLAN number must be within the range 2 to 1001. When modifying a VLAN, the valid range for the VLAN number is 2 to 1005.

On a new Token Ring VLAN, if you do not specify the parent parameter for a TrCRF, the default TrBRF (1005) is used.

You must configure a private VLAN on the supervisor engine.

Valid values for pvlan-type are:

•primary specifies the VLAN as the primary VLAN in a private VLAN.

•isolated specifies the VLAN as the isolated VLAN in a private VLAN.

•community specifies the VLAN as the community VLAN in a private VLAN.

•none specifies that the VLAN is a normal Ethernet VLAN, not a private VLAN.

Only regular VLANs with no access ports assigned to them can be used in private VLANs. Do not use the set vlan command to add ports to a private VLAN; use the set vlan command to add ports to a private VLAN.

VLANs 1001, 1002, 1003, 1004, and 1005 cannot be used in private VLANs.

VLANs in a suspended state do not pass packets.

Examples

This example shows how to set VLAN 850 to include ports 4 through 7 on module 3. Because ports 4 through 7 were originally assigned to TrCRF 1003, the message reflects the modification of VLAN 1003:

Console> (enable) set vlan 850 3/4-7

VLAN 850 modified.

VLAN 1003 modified.

VLAN  Mod/Ports

---- -----------------------

850   3/4-7

Console> (enable) 

Related Commands

clear config—switch
clear vlan
set vlan
set vlan mapping
show vlan

set vlan mapping

Use the set vlan mapping command to map 802.1Q VLANs to ISL VLANs.

set vlan mapping dot1q 1q_vlan_num isl isl_vlan_num

Syntax Description

dot1q	Keyword that specifies the 802.1Q VLAN.
1q_vlan_num	Number identifying the 802.1Q VLAN; valid values are 1001 to 4095.
isl	Keyword that specifies the ISL VLAN.
isl_vlan_num	Number identifying the ISL VLAN; valid values are 1 to 1000.

Defaults

The default is no 802.1Q-to-ISL mappings are defined.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

IEEE 802.1Q VLAN trunks support VLANs 1 through 4095. ISL VLAN trunks support VLANs 1 through 1000. The switch automatically maps 802.1Q VLANs 1000 and lower to ISL VLANs with the same number.

Catalyst 4000 family switches only support 802.1Q trunks. You can map up to seven VLAN indexes greater than 1000 to ISL VLANs.

The native VLAN of the 802.1Q trunk cannot be used in the mapping.

Use this feature to map 802.1Q VLANs above 1000 to ISL VLANs. Note that if you map a 802.1Q VLAN over 1000 to an ISL VLAN, the corresponding 802.1Q VLAN will be blocked. For example, if you map 802.1Q VLAN 2000 to ISL VLAN 200, then 802.1Q VLAN 200 will be blocked.

You can map up to seven VLANs. Only one 802.1Q VLAN can be mapped to an ISL VLAN. For example, if 802.1Q VLAN 800 has been automatically mapped to ISL VLAN 800, do not manually map any other 802.1Q VLANs to ISL VLAN 800.

You cannot overwrite existing 802.1Q VLAN mapping. If the 802.1Q VLAN number is in the mapping table, the command is aborted. You must first clear that mapping.

If vlan_num does not exist, then either of the following occurs:

•If the switch is in server or transparent mode, the VLAN is created with all default values.

•If the switch is in client mode, then the command proceeds without creating the VLAN. A warning will be given indicating that the VLAN does not exist.

If the table is full, the command is aborted with an error message indicating the table is full.

Examples

This example shows how to map VLAN 1022 to ISL VLAN 850:

Console> (enable) set vlan mapping dot1q 1022 isl 850

Vlan 850 configuration successful

Vlan mapping successful

Console> (enable)

This example shows the display if you enter a VLAN that does not exist:

Console> (enable) set vlan mapping dot1q 1017 isl 999

Vlan mapping successful

Warning: vlan 999 non-existent

Vlan 999 configuration successful

Console> (enable)

This example shows the display if you enter an existing mapping:

Console> (enable) set vlan mapping dot1q 1033 isl 722

722 exists in the mapping table. Please clear the mapping first.

Console> (enable)

This example shows the display if the mapping table is full:

Console> (enable) set vlan mapping dot1q 1099 isl 917

Vlan Mapping Table Full.

Console> (enable) 

Related Commands

show vlan
clear vlan mapping

set vmps server

Use the set vmps server command to configure the IP address of the VMPS server to be queried.

set vmps server ip_addr [primary]

Syntax Description

ip_addr	IP address of the VMPS server.
primary	(Optional) Keyword that specifies to identify the specified device as the primary VMPS server.

Defaults

If no IP address is specified, VMPS uses the local VMPS configuration.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

You can specify the IP addresses of up to three VMPS servers. You can define any VMPS server as the primary VMPS server.

If the primary VMPS server is down, all subsequent queries go to a secondary VMPS server. VMPS checks on the primary server's availability once every five minutes. When the primary VMPS server comes back online, subsequent VMPS queries are directed back to the primary VMPS server.

To use a co-resident VMPS (when VMPS is enabled in a device), configure one of the three VMPS addresses as the IP address of interface sc0.

Examples

This example shows how to define a VMPS server:

Console> (enable) set vmps server 192.168.10.140 primary

192.168.10.140 added to VMPS table as primary domain server.

Console> (enable) set vmps server 192.168.69.171

192.168.69.171 added to VMPS table as backup domain server.

Console> (enable)

Related Commands

show vmps

set vtp

Use the set vtp command to set the options for VTP.

set vtp [domain domain_name] [mode {client | server | transparent}] [passwd passwd]
[pruning {enable | disable}] [v2 {enable | disable}]

Syntax Description

domain domain_name	(Optional) Keywords that specifies to define the name that identifies the VLAN management domain. The domain_name can be 1 to 32 characters in length.
mode	(Optional) Keyword that specifies the VTP mode.
client	(Optional) Keyword that specifies VTP client mode.
server	(Optional) Keyword that specifies VTP server mode.
transparent	(Optional) Keyword that specifies VTP transparent mode.
passwd passwd	(Optional) Keyword that specifies to define the VLAN trunk protocol password. The VTP password can be 8 to 64 characters in length.
pruning enable | disable	(Optional) Keywords that specify to enable or disable VTP pruning for the entire management domain.
v2	(Optional) Keyword that specifies to set version 2 mode.
enable	(Optional) Keyword that specifies to enable v2.
disable	(Optional) Keyword that specifies to disable v2.

Defaults

The defaults are as follows: server mode, no password, pruning disabled, and v2 disabled.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

All switches in a VTP domain must run the same version of VTP. VTP version 1 and VTP
version 2 do not operate on switches in the same VTP domain. VTP version 2 is supported in software release 3.1(1) and later and is disabled by default.

If all switches in a domain are VTP version 2-capable, you only need to enable VTP version 2 on one switch (using the set vtp v2 enable command); the version number is then propagated to the other version 2-capable switches in the VTP domain.

If the VTP password has already been defined, entering passwd 0 (zero) clears the VTP password.

VTP supports three different modes: server, client, and transparent. If you make a change to the VTP or VLAN configuration on a switch in server mode, that change is propagated to all of the switches in the same VTP domain.

If the receiving switch is in server mode and its revision number is higher than the sending switch, the configuration is not changed. If the revision number is lower the configuration is duplicated.

If the receiving switch is in client mode, the client switch changes its configuration to duplicate the configuration of the server. If you have switches in client mode, make sure to make all VTP or VLAN configuration changes on a switch in server mode.

If the receiving switch is in transparent mode, the configuration is not changed. Switches in transparent mode do not participate in VTP. If you make VTP or VLAN configuration changes on a switch in transparent mode, the changes are not propagated to the other switches in the network.

If you assign a VTP password, no VTP or VLAN configuration changes can be made without first entering the password.

The pruning keyword is used to enable or disable VTP pruning for the VTP domain. VTP pruning causes information about each pruning-eligible VLAN to be removed from VTP updates if there are no stations belonging to that VLAN out a particular switch port. Use the set vtp pruning and clear vtp pruning commands to specify which VLANs should or should not be pruned when pruning is enabled for the domain.

To disable VTP, enter the set vtp mode transparent command. This disables VTP from the domain but does not remove the domain from the switch. Use the clear config—switch all command to remove the domain from the switch.

---

Caution Be careful when you use the clear config—switch all command. This command clears the entire switch configuration, not just the VTP domain.

---

Examples

This example shows how to set the domain Engineering to client:

Console> (enable) set vtp domain Engineering mode client

VTP domain Engineering modified

Console> (enable)

This example shows how to set the domain Engineering to server:

Console> (enable) set vtp domain Engineering mode server

VTP domain Engineering modified

Console> (enable)

This example shows how to enable pruning:

Console> (enable) set vtp pruning enable

This command will enable the pruning function in the entire management domain.

All devices in the management domain should be pruning-capable before enabling.

Do you want to continue (y/n) [n]? y

VTP domain Lab_Network modified

Console> (enable) 

This example shows how to disable pruning:

Console> (enable) set vtp pruning disable

This command will disable the pruning function in the entire management domain.

Do you want to continue (y/n) [n]? y

VTP domain Lab_Network modified

Console> (enable) 

Related Commands

show vtp domain
set vlan
clear vlan
show vlan
set vtp pruning
clear vtp pruning

set vtp pruning

Use the set vtp pruning command to specify which VLANs in the VTP domain are eligible for pruning.

set vtp pruning vlans

Syntax Description

vlans

Range of VLAN numbers; valid values are 2 to 1000.

Defaults

By default, VLANs 2 through 1000 are eligible for pruning.

Command Types

Switch command.

Command Modes

Privileged.

Usage Guidelines

VTP pruning causes information about each pruning-eligible VLAN to be removed from VTP updates if there are no stations belonging to that VLAN out a particular switch port. Use the set vtp command to enable VTP pruning.

By default, VLANs 2 through 1000 are pruning eligible. You do not need to use the set vtp pruning command unless you have previously used the clear vtp pruning command to make some VLANs pruning ineligible.

If VLANs have been made pruning ineligible, use the set vtp pruning command to make them pruning eligible again.

Examples

This example shows how to configure pruning eligibility for VLANs 120 and 150:

Console> (enable) set vtp pruning 120,150

Vlans 120,150 eligible for pruning on this device.

VTP domain nada modified.

Console> (enable)

In this example, VLANs 200-500 were made pruning ineligible using the clear vtp pruning command. This example shows how to make VLANs 220 through 320 pruning eligible again:

Console> (enable) clear vtp pruning 200-500

Vlans 1,200-500,1001-1005 will not be pruned on this device.

VTP domain Company modified.

Console> (enable)

Console> (enable) set vtp pruning 220-320

Vlans 2-199,220-320,501-1000 eligible for pruning on this device.

VTP domain Company modified.

Console> (enable)

Related Commands

show vtp domain
set vlan
clear vtp pruning