Catalyst 4500 Series Command Reference, 7.5
alias through copy
Download this chapter
alias through copyalias through copy
Download the complete book
Book-length PDF: Catalyst 4500 Series Software Command Reference Guide, Release 7.5 Book-length PDF: Catalyst 4500 Series Software Command Reference Guide, Release 7.5 (PDF - 6 MB)
give_us_feedback

Table Of Contents

Catalyst 4000 Family, Catalyst 2948G, and Catalyst 2980G Switch and ROM Monitor Commands

alias

boot

cd

clear alias

clear arp

clear banner motd

clear boot—ROM monitor

clear boot—switch

clear cam

clear cgmp statistics

clear config pvlan

clear config—ROM monitor

clear config—switch

clear counters

clear crypto key rsa

clear dot1x config

clear dot1x guest-vlan

clear gmrp statistics

clear gvrp statistics

clear igmp filter

clear ip alias

clear ip dns domain

clear ip dns server

clear ip permit

clear ip route—ROM monitor

clear ip route—switch

clear kerberos clients mandatory

clear kerberos credentials forward

clear kerberos creds

clear kerberos realm

clear kerberos server

clear kerberos srvtab entry

clear key config-key

clear lacp-channel statistics

clear localusers

clear log

clear log command

clear logging buffer

clear logging level

clear logging server

clear multicast router

clear ntp key

clear ntp server

clear ntp timezone

clear port host

clear port security

clear pvlan mapping

clear qos config

clear qos defaultcos

clear qos map

clear radius key

clear radius server

clear rcp

clear snmp access

clear snmp access-list

clear snmp community

clear snmp community-ext

clear snmp group

clear snmp notify

clear snmp targetaddr

clear snmp targetparams

clear snmp trap

clear snmp user

clear snmp view

clear spantree detected-protocols

clear spantree mst

clear spantree portcost

clear spantree portinstancecost

clear spantree portinstancepri

clear spantree portvlancost

clear spantree portpri

clear spantree portvlanpri

clear spantree redetected-protocols

clear spantree root

clear spantree statistics

clear spantree uplinkfast

clear tacacs key

clear tacacs server

clear timezone

clear top

clear trunk

clear vlan

clear vlan mapping

clear vmps rcp

clear vmps server

clear vmps statistics

clear vtp pruning

clear vtp statistics

configure

confreg

copy


Catalyst 4000 Family, Catalyst 2948G, and Catalyst 2980G Switch and ROM Monitor Commands

This chapter contains an alphabetical listing of all switch and ROM monitor commands available on the Catalyst 4000 family, Catalyst 2948G, and Catalyst 2980G switches.

alias

To set and display aliases, use the alias command.

alias [name=value]

Syntax Description

name=

(Optional) Alias name.

value

(Optional) Value of the alias.


Defaults

This command has no default settings.

Command Types

ROM monitor command

Command Modes

Normal

Usage Guidelines

If value contains blank spaces or other special (shell) characters, you must enclose the entry in quotation marks. If value has a space as its last character, the next command line word is checked for an alias (Normally, only the first word on a command line is checked).

Without an argument, this command prints a list of all alias names and their values.

An equal sign (=) is required between the name and value of the alias.

Examples

This example shows how to display a list of available alias commands and how to create an alias for the set command: 

rommon 1 > alias

r=repeat

h=history

?=help

b=boot

i=reset

rommon 2 > alias s=set

rommon 3 > alias

r=repeat

h=history

?=help

b=boot

i=reset

s=set

rommon 4 > s 

PS1=rommon ! > 

BOOT=bootflash:RTSYNC_llue_11,1;slot0:f1,1;

=========================================================================

Related Commands

unalias

boot

To invoke an external process, use the boot command.

boot [-x] [-v] [device] [imagename]

Syntax Description

-x

(Optional) Loads an image but does not run it.

-v

(Optional) Toggles verbose mode.

device

(Optional) ID of the device.

imagename

(Optional) Name of the image.


Defaults

This command has no default settings.

Command Types

ROM monitor command

Command Modes

Normal

Usage Guidelines

With no arguments, boot will boot the first image in Flash memory. Specify an image by typing its name. Specify the device by typing the device ID.

You must specify a device name.

Examples

This example shows how to use the boot command: 

rommon 1 > boot -x bootflash:cat5000-sup3.6-1-0-59.bin

CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC

Uncompressing file:  
##########################################################################################
##########################################################################################
################################################################################

rommon 2 >

cd

To set the default Flash device for the system, use the cd command.

cd [[m/]device:]]

Syntax Description

m/

(Optional) Module number of the supervisor engine containing the Flash device.

device:

(Optional) Flash device name; valid devices include bootflash:, slot0:, and slot1:.


Defaults

device is bootflash

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

A colon (:) is required after the specified device.

For those commands for which device is an option, the device set by cd is used if a Flash device is not specified.

This command is supported on the Supervisor Engine III only.

Examples

This example shows how to set the system default Flash device to bootflash: 

Console> (enable) cd bootflash:

Console> (enable)

Related Commands

pwd

clear alias

To delete the abbreviated versions of commands, use the clear alias command.

clear alias {name | all}

Syntax Description

name

Alternate identifier of the command.

all

Every alternate identifier that has been created.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete the arpdel alias: 

Console> (enable) clear alias arpdel

Command alias deleted.

Console> (enable)

This example shows how to delete all aliases: 

Console> (enable) clear alias all

Command alias table cleared. (1)

Console> (enable)

(1) indicates the number of entries deleted.

Related Commands

set alias
show alias

clear arp

To delete a specific entry or all entries from the ARP table, use the clear arp command.

clear arp [all | dynamic | permanent | static]

clear arp ip_addr

Syntax Description

all

(Optional) Deletes all ARP entries.

dynamic

(Optional) Deletes all dynamic ARP entries.

permanent

(Optional) Deletes all permanent ARP entries.

static

(Optional) Deletes all static ARP entries.

ip_addr

Specific IP address that you want to delete from the ARP table.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete a specific IP address from the ARP table: 

Console> (enable) clear arp 198.133.219.209

ARP entry deleted.

Console> (enable)

This example shows how to delete all entries from the ARP table: 

Console> (enable) clear arp all

ARP table cleared. (1)

Console> (enable)

(1) indicates the number of entries deleted.


This example shows how to delete all ARP entries of a specific type: 

Console> (enable) clear arp dynamic

Unknown host

Dynamic ARP entries cleared. (3) 

Console> (enable)

Related Commands

set arp
show alias

clear banner motd

To delete the message-of-the-day banner, use the clear banner motd command.

clear banner motd

Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

You can use the clear banner motd command to delete the message-of-the-day banner or use the set banner motd text command to replace the message-of-the-day banner.

Examples

This example shows how to delete the message-of-the-day banner: 

Console> (enable) clear banner motd

MOTD banner cleared

Console> (enable)

Related Commands

set banner motd

clear boot—ROM monitor

To clear the contents of the BOOT environment variable and the autoboot state machine, use the clear boot command.

clear boot

Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Types

ROM monitor command

Command Modes

Normal

Examples

This example shows how to clear the contents of the BOOT environment variable: 

rommon 1 > clear boot

rommon 2 >

Related Commands

boot
show boot—ROM monitor

clear boot—switch

To clear the contents of the BOOT environment variable and the configuration register setting, use the clear boot command.

clear boot system all [mod]

clear boot system flash device:[filename] [mod]

clear boot auto-config [mod]

Syntax Description

all

Clears the whole BOOT environment variable.

mod

(Optional) Module number of the supervisor engine on which to clear the BOOT environment variable.

flash

Deletes the contents of the Flash file system.

device:

Device name; valid devices include bootflash, slot0, and slot1.

filename

(Optional) Filename for the system image on the Flash device.

auto-config

Deletes the contents of the auto-config file.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

If you want to rearrange the booting order, you can use the prepend keyword with the set boot system flash command or you can clear the entire BOOT environment variable using the clear boot system command and then redefine the list.

This command is supported on the Supervisor Engine III only.

Examples

This example shows how to clear the contents of the Flash device: 

Console> (enable) clear boot system all

BOOT variable = 

Console> (enable)

This example shows how to delete the auto-config file: 

Console> (enable) clear boot auto-config

CONFIG_FILE variable =

Console> (enable)

Related Commands

show boot—switch

clear cam

To delete a specific entry or all entries from the CAM table, and to clear the CAM notification log or counters, use the clear cam command.

clear cam {mac_addr | dynamic | static | permanent} [vlan]

clear cam notification {all | counters | history}

Syntax Description

mac_addr

One or more MAC addresses to clear from the CAM table.

dynamic

Clears the dynamic CAM entries from the CAM table.

static

Clears the static CAM entries from the CAM table.

permanent

Clears the permanent CAM entries from the CAM table.

vlan

(Optional) Number of the VLAN associated with the CAM entries.

all

Clears the CAM notification counters and history log.

counters

Clears the CAM notification counters.

history

Clears the CAM notification history log.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

When you use the clear cam command, the EARL CAM table entries are cleared, or the CAM notification counters or history are cleared.

Examples

This example shows how to delete MAC address 00-40-0b-a0-03-fa from the CAM table: 

Console> (enable) clear cam 00-40-0b-a0-03-fa

CAM table entry cleared.

Console> (enable)

This example shows how to clear dynamic entries from the CAM table: 

Console> (enable) clear cam dynamic

Dynamic CAM entries cleared.

Console> (enable)

This example shows how to clear all CAM notification counters: 

Console> (enable) clear cam notification all

MAC address notification counters and history log cleared.

Console> (enable)

This example shows how to clear CAM notification counters: 

Console> (enable) clear cam notification counters

MAC address notification counters cleared.

Console> (enable)

This example shows how to clear the CAM notification history log: 

Console> (enable) clear cam notification history

MAC address notification history log cleared.

Console> (enable)

Related Commands

set cam agingtime
set cam notification
set snmp trap
show cam

clear cgmp statistics

To delete CGMP statistical information, use the clear cgmp statistics command.

clear cgmp statistics

Syntax DescriptionDescription

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete CGMP statistical information: 

Console> (enable) clear cgmp statistics

CGMP statistics cleared.

Console> (enable)

Related Commands

set cgmp
show cgmp leave
show cgmp statistics

clear config pvlan

To delete all private VLAN configurations in the system, including port mappings, use the clear config pvlan command.

clear config pvlan

Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete all private VLAN configurations in the system: 

Console> (enable) clear config pvlan

This command will clear all private VLAN configurations.

Do you want to continue (y/n) [n]? y

VLAN 15 deleted 
VLAN 16 deleted 
VLAN 17 deleted 
VLAN 18 deleted

Private VLAN configuration cleared. 
Console> (enable)

Related Commands

clear vlan
clear pvlan mapping
configure
set pvlan
set pvlan mapping
set vlan
show config
show pvlan
show pvlan mapping
show vlan

clear config—ROM monitor

To delete information about the system or module configuration stored in NVRAM, use the clear config command.

clear config all

Syntax Description

all

Deletes all information about modules and system configuration, including the IP address.


Defaults

This command has no default settings.

Command Types

ROM monitor command

Command Modes

Normal

Usage Guidelines

When you delete the configuration using the clear config all command, the default switch configuration is restored. The information that is deleted includes manually configured IP addresses and IP addresses learned through DHCP or RARP.

When you delete the configuration, the IP address and subnet mask on the me1 and sc0 interfaces are set to 0.0.0.0. The me1 interface is brought down, and the sc0 interface is brought up.

Note Before using the clear config all command, save a backup of the configuration.

Examples

This example shows how to delete all the configuration information: 

rommon 1 > set boot config-register ignore-config enable

rommon 2 > boot -x bootflash:cat4000.6-1-1.bin

CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCCCCCC#############################

Starting Off-line Diagnostics

    [ output of Off-line Diagnostics ]

Exiting Off-line Diagnostics

IP address for Catalyst not configured

DHCP/BOOTP will commence after the ports are online

Ports are coming online ...

Cisco Systems, Inc. Console

Enter password:

2000 Jun 24 06:29:21 %SYS-4-NVLOG:initBootNvram:ignore-config enabled:clear config all

Console>

Related Commands

configure
show config

clear config—switch

To delete the system or module configuration information stored in NVRAM, use the clear config command.

clear config {mod | rmon | all | snmp | acl nvram}

Syntax Description

mod

Number of the module.

rmon

Deletes all RMON configurations, including the historyControlTable, the alarmTable, the eventTable, and the ringStation ControlTable.

all

Deletes all module and system configuration information, including the IP address.

snmp

Deletes all SNMP configurations.

acl nvram

Deletes all ACL configurations.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

When you delete the configuration using the clear config all command, the default switch configuration is restored. The information that is deleted includes manually configured IP addresses and IP addresses learned through DHCP or RARP.

When you delete the configuration, the IP address and subnet mask on the sc0 interface are set to 0.0.0.0.

Note Before using the clear config all command, save a backup of the configuration.

Examples

This example shows how to delete the configuration information in NVRAM on module 2: 

Console> (enable) clear config 2

This command will clear module 2 configuration.

Do you want to continue (y/n) [n]? y

..............................

Module 2 configuration cleared.

Console> (enable)

This example shows how to delete the configuration information stored in NVRAM on module 1 (supervisor engine): 

Console> (enable) clear config 1

This command will clear module 1 configuration.

Do you want to continue (y/n) [n]? y

......

Module 1 configuration cleared.

host%

Console> (enable)

This example shows how to delete all the configuration information: 

Console> (enable) clear config all

This command will clear all configuration in NVRAM.

This command will cause ifIndex to be reassigned on the next system startup.

Do you want to continue (y/n) [n]? y

Releasing IP address...Done

......

.................

.....................................................


System configuration cleared.

Console> (enable)

This example shows how to delete all the SNMP configuration information: 

Console> (enable) clear config snmp

This command will clear SNMP configuration in NVRAM.

Do you want to continue (y/n) [n]? y

...........................................

Connection closed by foreign host

host%

This example shows how to delete all ACL configuration information from NVRAM: 

Console> (enable) clear config acl nvram

ACL configuration has been deleted from NVRAM.

Warning:Use the copy commands to save the ACL configuration to a file

and the 'set boot config-register auto-config' commands to configure the

auto-config feature.

Console> (enable)

Related Commands

configure
show config

clear counters

To clear MAC and port counters, use the clear counters command.

clear counters

Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

This command also clears ATM module counters.

Examples

This example shows how to reset MAC and port counters to zero: 

Console> (enable) clear counters

MAC and Port counters cleared.

Console> (enable)

Related Commands

show port

clear crypto key rsa

To delete all RSA public-key pairs, use the clear crypto key rsa command.

clear crypto key rsa

Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete RSA key pairs: 

Console> (enable) clear crypto key rsa 

Do you really want to clear RSA keys (y/n) [n]? y

RSA keys has been cleared.

Console> (enable)

Related Commands

set crypto key rsa
show crypto key

clear dot1x config

To disable dot1x on all ports and return the values to the factory default settings, use the clear dot1x config command.

clear dot1x config

Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to disable dot1x and return the values to the factory default settings: 

Console> (enable) clear dot1x config

This command will disable Dot1x and take values back to factory default.


Do you want to continue (y/n) [n]? y

Dot1x config cleared.

Console> (enable)

Related Commands

set dot1x
set port dot1x
show dot1x
show port dot1x

clear dot1x guest-vlan

To remove any active 802.1x auto ports from the guest VLAN, use the clear dot1x guest-vlan command.

clear dot1x guest-vlan

Syntax Description

This command has no keywords or arguments.

Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to clear the guest VLAN: 

Console> (enable) clear dot1x guest-vlan

This command will deactivate all the ports on dot1x guest-vlan

Do you wnat to continue (y/n) [n]? y

Dot1x guest-vlan cleared

Console> (enable)

Related Commands

set dot1x
set port dot1x
show dot1x
show port dot1x

clear gmrp statistics

To delete all of the GMRP statistics information from a specified VLAN or from all VLANs, use the clear gmrp statistics command.

clear gmrp statistics {vlan | all}

Syntax Description

vlan

Number of the VLAN.

all

Deletes all GMRP statistics information from all VLANs.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete GMRP statistical information from all VLANs: 

Console> (enable) clear gmrp statistics all

GMRP statistics cleared.

Console> (enable)

This example shows how to delete GMRP statistical information from VLAN 1: 

Console> (enable) clear gmrp statistics 1

GMRP statistics cleared from VLAN 1.

Console> (enable)

Related Commands

show gmrp statistics

clear gvrp statistics

To delete all of the GVRP statistics information, use the clear gvrp statistics command.

clear gvrp statistics {mod/port | all}

Syntax Description

mod/port

Number of the module and port.

all

Deletes the GVRP statistics information for all ports.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete GVRP statistical information: 

Console> (enable) clear gvrp statistics all

GVRP statistics cleared for all ports.

Console> (enable)

This example shows how to delete GVRP statistical information for module 2, port 1: 

Console> (enable) clear gvrp statistics 2/1

GVRP statistics cleared on port 2/1.

Console> (enable)

Related Commands

set gvrp
show gvrp statistics

clear igmp filter

To delete all IGMP multicast filter profiles, use the clear igmp filter all command.

clear igmp filter all

To delete an IP address from an IGMP multicast filter profile or to delete the filter profile, use the clear igmp filter profile command.

clear igmp filter profile profile_id {ip_addr [- ip_addr]| all}

To delete the association between IGMP multicast filter profiles and associated ports, use the clear igmp filter map command.

clear igmp filter map {port_list | all}

Syntax Description

profile_id

Arbitrary number assigned to a profile.

ip_addr

Address of the IP. Can be 1 or a range.

port_list

Module/port value or range of values.

all

Deletes the association between all IGMP multicast filter profiles and associated ports.


Defaults

The default settings are as follows:

IGMP multicast filter feature deletes all IGMP multicast filters.

Profile ID value must be established using the clear igmp filter profile command.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

The administrator of the switch can view the configuration of this feature using the CLI and SNMP interfaces.

When you delete an IGMP filter the filter is deleted and all the associations between the filter and associated ports are deleted.

When you clear an association between IGMP filters the association is deleted, not the filter.

Examples

This example shows how to delete all IGMP multicast filters. 

Console> (enable) clear igmp filter all

Successfully remove all the profile(s)

Console> (enable)

This example shows how to delete an IP address (226.1.1.1) from an IGMP multicast filter profile (1) or to delete the filter profile: 

Console> (enable) clear igmp filter profile 1 226.1.1.1

Console> (enable)

This example shows how to delete the association of IGMP multicast filter profiles with a port or list of ports. 

Console> (enable) clear igmp filter map all

Console> (enable)

Related Commands

set igmp filter
show igmp filter

clear ip alias

To delete IP aliases that are set using the set ip alias command, use the clear ip alias command.

clear ip alias {name | all}

Syntax Description

name

IP address alias to delete.

all

Deletes all previously set IP address aliases.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete a previously defined IP alias named babar: 

Console> (enable) clear ip alias babar

IP alias deleted.

Console> (enable)

Related Commands

set ip alias
show ip alias

clear ip dns domain

To delete the default DNS domain name, use the clear ip dns domain command.

clear ip dns domain

Syntax Description

This command has no arguments or keywords.

Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete the default DNS domain name: 

Console> (enable) clear ip dns domain

Default DNS domain name cleared.

Console> (enable)

Related Commands

set ip dns domain
show ip dns

clear ip dns server

To delete a DNS server from the DNS server listing, use the clear ip dns server command.

clear ip dns server {ip_addr | all}

Syntax Description

ip_addr

IP address of the DNS server that you want to delete. An IP alias or host name that can be resolved through DNS can also be used.

all

Deletes all IP addresses in the DNS server listing.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete the DNS server at IP address 192.168.255.255 from the DNS server listing: 

Console> (enable) clear ip dns server 192.168.255.255

192.168.255.255 cleared from DNS table.

Console> (enable)

Related Commands

set ip dns server
show ip dns

clear ip permit

To delete a specified IP address and mask or all IP addresses and masks from the permit list, use the clear ip permit command.

clear ip permit {ip_addr} [mask] [telnet | ssh | snmp | all]

To delete all entries in the IP permit list, use the clear ip permit all command.

clear ip permit all

Syntax Description

ip_addr

IP address to be deleted. An IP alias or host name that can be resolved through DNS can also be used.

mask

(Optional) Subnet mask of the specified IP address.

telnet

(Optional) Deletes an IP address from the Telnet IP permit list.

ssh

(Optional) Deletes an IP address from the SSH permit list.

snmp

(Optional) Deletes an IP address from the SNMP IP permit list.

all

(Optional) Deletes an IP address from the SNMP and Telnet IP permit lists.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

The clear ip permit all command deletes the permit list but does not change the state of the IP permit feature. A warning is displayed if all IP addresses are deleted from the permit list, and the feature is enabled. If a mask other than the default (255.255.255.255) has been configured, you must provide both the address and mask to delete a specific entry.

If the telnet, ssh, snmp, or all keywords are not specified, the IP address is deleted from both the SNMP and Telnet permit lists.

Examples

These examples show how to delete specified IP addresses: 

Console> (enable) clear ip permit 172.100.101.102

172.100.101.102 cleared from IP permit list.

Console> (enable)


Console> (enable) clear ip permit 172.160.161.0 255.255.192.0 snmp

172.160.128.0 with mask 255.255.192.0 cleared from snmp permit list.

Console> (enable)


Console> (enable) clear ip permit 172.100.101.102 telnet

172.100.101.102 cleared from telnet permit list.

Console> (enable)


Console> (enable) clear ip permit 172.100.101.102 ssh 

172.100.101.102 cleared from secure shell permit list. 

Console> (enable) 


Console> (enable) clear ip permit all

IP permit list cleared.

WARNING

IP permit list is still enabled.

Console> (enable)

Related Commands

set ip permit
show ip permit
show port counters

clear ip route—ROM monitor

To delete IP routes that are set using the set ip command, use the clear ip route command.

clear ip route all

Syntax Description

all

Deletes all previously set IP address routes.


Defaults

This command has no default settings.

Command Types

ROM monitor command

Command Modes

Normal

Examples

This example shows how to delete previously defined IP routes: 

rommon 1 > clear ip route all

rommon 2 >

Related Commands

set ip route—ROM monitor
show ip route—ROM monitor

clear ip route—switch

To delete IP routing table entries, use the clear ip route command.

clear ip route all

clear ip route destination gateway

Syntax Description

all

Deletes all IP routing table entries.

destination

IP address of the host or network. An IP alias or a host name that can be resolved through DNS can also be used.

gateway

IP address or alias of the gateway router.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete the route table entries using the clear ip route command: 

Console> (enable) clear ip route 172.16.2.2 elvis

Route deleted.

Console> (enable)

Related Commands

set ip route—switch
show ip route—switch

clear kerberos clients mandatory

To disable mandatory Kerberos authentication for services on the network, use the clear kerberos clients mandatory command.

clear kerberos clients mandatory

Syntax Description

This command has no arguments or keywords.

Defaults

Kerberos clients are not set to mandatory.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

A user authenticated to a Kerberized switch has a ticket granting ticket (TGT) and can use it to authenticate to a host on the network. However, if forwarding is not enabled and a user tries to list credentials after authenticating to a host, the output will show no Kerberos credentials present.

You can optionally configure the switch to forward users' TGTs with them as they authenticate from the switch to Kerberized remote hosts on the network when using Kerberized Telnet.

As an added layer of security, you can optionally configure the switch so that after users authenticate to it, they can authenticate to other services on the network only with Kerberos clients. If you do not make Kerberos authentication mandatory and Kerberos authentication fails, the application attempts to authenticate users using the default method of authentication for that network service. For example, Telnet prompts for a password.

Examples

This example shows how to delete mandatory Kerberos authentication: 

Console> (enable) clear kerberos clients mandatory 

Kerberos clients mandatory cleared

Console> (enable)

Related Commands

set kerberos clients mandatory
set kerberos credentials forward

clear kerberos credentials forward

To disable credentials forwarding, use the clear kerberos credentials forward command.

clear kerberos credentials forward

Syntax Description

This command has no arguments or keywords.

Defaults

Kerberos credentials forwarding is disabled.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

A user authenticated to a Kerberized switch has a ticket granting ticket (TGT) and can use it to authenticate to a host on the network. However, if forwarding is not enabled and a user tries to list credentials after authenticating to a host, the output will show no Kerberos credentials present.

You can optionally configure the switch to forward users' TGTs with them as they authenticate from the switch to Kerberized remote hosts on the network when using Kerberized Telnet.

Examples

This example shows how to disable Kerberos credentials forwarding: 

Console> (enable) clear kerberos credentials forward 

Kerberos credentials forwarding disabled

Console> (enable)

Related Commands

set kerberos clients mandatory
set kerberos credentials forward

clear kerberos creds

To delete all the Kerberos credentials, use the clear kerberos creds command.

clear kerberos creds

Syntax Description

This command has no arguments or keywords.

Defaults

Kerberos credentials forwarding is disabled.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

A user authenticated to a Kerberized switch has a ticket granting ticket (TGT) and can use it to authenticate to a host on the network. This command deletes all Kerberos credentials.

Examples

This example shows how to delete all Kerberos credentials: 

Console> (enable) clear kerberos creds

Console> (enable)

Related Commands

set kerberos credentials forward

clear kerberos realm

To delete an entry that is mapping the name of a Kerberos realm to a DNS domain name or a host name, use the clear kerberos realm command.

clear kerberos realm {dns-domain | host} kerberos-realm

Syntax Description

dns-domain

DNS domain name to map to a Kerberos realm.

host

IP address or name to map to a Kerberos realm.

kerberos-realm

IP address or name of a Kerberos realm.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

The name of the Kerberos realm can sometimes be mapped to a DNS domain name or a host name. This mapping can be done with the set kerberos realm command.

Examples

This example shows how to delete an entry mapping a Kerberos realm to a domain name: 

Console> (enable) clear kerberos realm CISCO CISCO.COM

Kerberos DnsDomain-Realm entry CISCO - CISCO.COM deleted

Console> (enable)

Related Commands

set kerberos local-realm
set kerberos realm

clear kerberos server

To delete a specified key distribution center (KDC) entry, use the clear kerberos server command.

clear kerberos server kerberos-realm {hostname | ip-address} [port_num]

Syntax Description

kerberos-realm

Name of a Kerberos realm.

hostname

Name of host running the KDC.

ip-address

IP address of host running the KDC.

port_num

Number of the port on the module.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Usage Guidelines

You can specify to the switch which KDC to use in a Kerberos realm. This command deletes a server entry from the table.

Examples

This example shows how to delete a KDC server entered on the switch: 

Console> (enable) clear kerberos server CISCO.COM 187.0.2.1 750

Kerberos Realm-Server-Port entry CISCO.COM-187.0.2.1-750  deleted

Console> (enable)

Related Commands

set kerberos server

clear kerberos srvtab entry

To delete the SRVTAB file that is entered directly into the switch from the command line, use the clear kerberos srvtab entry command.

clear kerberos srvtab entry kerberos-principal principal-type

Syntax Description

kerberos-principal

Service on the switch.

principal-type

Version of the Kerberos SRVTAB.


Defaults

This command has no default settings.

Command Types

Switch command

Command Modes

Privileged

Examples

This example shows how to delete a SRVTAB file entered directly into the switch: 

kerberos> (enable) clear kerberos srvtab entry host/niners.cisco.com@CISCO.COM 0

kerberos> (enable)

Related Commands

set kerberos srvtab entry
set kerberos srvtab remote

clear key config-key