Filter
Top Products
2-776
Catalyst 6500 Series Switch Command Reference—Release 8.4
OL-6244-01
Chapter 2 Catalyst 6500 Series Switch and ROM Monitor Commands
set vlan
If you specify a range of VLANs, you cannot use the VLAN name.
If you enter the mistp-instance none command, the specified VLANs are unmapped from any instance
they are mapped to.
The set vlan vlan_num mistp-instance mistp_instance command is available in PVST+ mode.
You cannot set multiple VLANs for ISL ports using this command. The VLAN name can be from 1 to
32 characters in length. If you are adding a new VLAN or modifying an existing VLAN, the VLAN
number must be within the range of 1 to 4094.
If you use the rspan keyword for remote SPAN VLANs, you should not configure an access port (except
the remote SPAN destination ports) on these VLANs. Learning is disabled for remote SPAN VLANs.
If you use the rspan keyword for remote SPAN VLANs, only the name name and the state
{active | suspend} variables are supported.
The stemaxhop hopcount parameter is valid only when defining or configuring TrCRFs.
The bridge bridge_num, mode bridge_mode, stp stp_type, and translation vlan_num keywords and
values are supported only when the Catalyst 6500 series switch is used as a VTP server for Catalyst 5000
family switches in the Token Ring and FDDI networks.
You must configure a private VLAN on the supervisor engine.
Valid values for pvlan-type are as follows:
• primary specifies the VLAN as the primary VLAN in a private VLAN.
• isolated specifies the VLAN as the isolated VLAN in a private VLAN.
• community specifies the VLAN as the community VLAN in a private VLAN.
• twoway-community specifies the VLAN as a bidirectional community VLAN that carries the
traffic among community ports and to and from community ports to and from the MSFC.
• none specifies that the VLAN is a normal Ethernet VLAN, not a private VLAN.
Only regular VLANs with no access ports assigned to them can be used in private VLANs. Do not use
the set vlan command to add ports to a private VLAN; use the set pvlan command to add ports to a
private VLAN.
VLANs 1001, 1002, 1003, 1004, and 1005 cannot be used in private VLANs.
VLANs in a suspended state do not pass packets.
To secure a range of VLANs on a Firewall Services Module, these conditions must be satisfied:
1. Port membership must be defined for the VLANs, and the VLANs must be in active state.
2. The VLANs do not have a Layer 3 interface in active state on the MSFC.
3. The VLANs are not reserved VLANs.
VLANs that do not satisfy condition number 2 in the list above are discarded from the range of VLANs
that you attempt to secure on the Firewall Services Module. VLANs that meet condition number 2 and
condition number 3 but do not meet condition number 1 are stored in the supervisor engine database;
these VLANs are sent to the Firewall Services Module as soon as they meet condition number 1.
Starting in software release 8.4(1), the WS-X6380-NAM management port (port 2) does not have to be
in the same VLAN as the sc0 interface on the switch. The set vlan vlan mod/port command can be used
to put the NAM management port in any VLAN other than VLAN 1. If the set vlan command is not
used to specify a VLAN for the NAM management port, then the NAM management port by default will
be set to the same VLAN as the sc0 interface on the switch.