Cisco WS-C2950-24 Configuration Manual Download Page 201 | Manualshive

Page: 201 / 360

background image

6-65

Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide

78-6511-05

Chapter 6 Configuring the System

Configuring

To create a default list that is used if no list is specified in the login
authentication line configuration command, use the default keyword followed
by the methods you want used in default situations.

The additional methods of authentication are used only if the previous method
returns an error, not if it fails. To specify that the authentication succeed even if
all methods return an error, specify none as the final method in the command line.

Specifying Authorization for EXEC Access and
Network Services

You can use the aaa authorization global configuration command with the
keyword to set parameters that restrict a user’s network access to Cisco
IOS privilege mode (EXEC access) and to network services such as Serial Line
Internet Protocol (SLIP), Point-to-Point Protocol (PPP) with Network Control
Protocols (NCPs), and AppleTalk Remote Access (ARA).

The aaa authorization exec local command sets the following
authorization parameters:

•

Uses for EXEC access authorization if authentication was done
using .

•

Uses the local database if authentication was not done using .

Note

Authorization is bypassed for authenticated users who login through the CLI
even if authorization has been configured.

«
...
199
200
201
202
203
...
»

Summary of Contents for WS-C2950-24

Page 1: ... CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 526 4100 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide Cisco IOS Release 12 0 5 WC 1 April 2001 Customer Order Number DOC 786511 Text Part Number 78 6511 05 ...

Page 2: ...OF THE USE OR INABILITY TO USE THIS MANUAL EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AccessPath AtmDirector Browse with Me CCDA CCDE CCDP CCIE CCNA CCNP CCSI CD PAC CiscoLink the Cisco NetWorks logo the Cisco Powered Network logo Cisco Systems Networking Academy the Cisco Systems Networking Academy logo Fast Step Follow Me Browsing FormShare FrameShare Gig...

Page 3: ...zation xvii Conventions xviii Related Publications xix Obtaining Documentation xx World Wide Web xx Cisco Documentation CD ROM xx Ordering Documentation xxi Documentation Feedback xxi Obtaining Technical Assistance xxii Cisco com xxii Technical Assistance Center xxii Contacting TAC by Using the Cisco TAC Website xxiii Contacting TAC by Telephone xxiii ...

Page 4: ...o Medium Sized Network Configuration 1 14 Collapsed Backbone and Switch Cluster Configuration 1 16 Large Campus Configuration 1 18 Hotel Network Configuration 1 20 Multidwelling Configuration 1 23 C H A P T E R 2 Getting Started with CMS 2 1 Features 2 2 Cluster Manager and VSM 2 3 Cluster Tree 2 6 Switch Images 2 7 System LED 2 7 Redundant Power System LED 2 8 Port Modes and LEDs 2 9 Menu Bars 2 ...

Page 5: ...aving Configuration Changes 2 37 Using Different Versions of Web Based Switch Management Software 2 38 Where to Go Next 2 38 C H A P T E R 3 Getting Started with the CLI 3 1 Command Usage Basics 3 2 Accessing Command Modes 3 2 Abbreviating Commands 3 4 Using the No and Default Forms of Commands 3 5 Redisplaying a Command 3 5 Getting Help 3 5 Command Line Error Messages 3 7 Accessing the CLI 3 8 Ac...

Page 6: ...ing SNMP to Access MIB Variables 4 7 Default Settings 4 9 C H A P T E R 5 Clustering Switches 5 1 Understanding Switch Clusters 5 2 Command Switch Characteristics 5 2 Standby Command Switch Characteristics 5 3 Candidate and Cluster Member Characteristics 5 3 Planning a Switch Cluster 5 4 Automatic Discovery of Cluster Candidates 5 4 Standby Command Switches 5 5 IP Addresses 5 8 Passwords 5 8 Host ...

Page 7: ...uring the System 6 1 Changing IP Information 6 2 Manually Assigning and Removing Switch IP Information 6 2 Using DHCP Based Autoconfiguration 6 4 Understanding DHCP Based Autoconfiguration 6 4 DHCP Client Request Process 6 5 Configuring the DHCP Server 6 6 Configuring the TFTP Server 6 7 Configuring the Domain Name and the DNS 6 8 Configuring the Relay Device 6 9 Obtaining Configuration Files 6 10...

Page 8: ...n a Cascaded Cluster 6 26 Configuring Redundant Links By Using STP UplinkFast 6 28 Enabling STP UplinkFast 6 30 Configuring Cross Stack UplinkFast 6 31 How CSUF Works 6 31 Events that Cause Fast Convergence 6 33 Limitations 6 35 Connecting the Stack Ports 6 35 Configuring Cross Stack UplinkFast 6 37 Changing the STP Parameters for a VLAN 6 38 Changing the STP Implementation 6 39 Changing the Switc...

Page 9: ... Limitations 6 51 Setting MVR Parameters 6 53 Configuring MVR 6 54 Managing the MAC Address Tables 6 56 MAC Addresses and VLANs 6 56 Changing the Address Aging Time 6 57 Removing Dynamic Address Entries 6 58 Adding Secure Addresses 6 58 Removing Secure Addresses 6 59 Adding Static Addresses 6 59 Removing Static Addresses 6 60 Configuring Static Addresses for EtherChannel Port Groups 6 61 Configuri...

Page 10: ... Disabling a Network Port 7 8 Configuring UniDirectional Link Detection 7 9 Creating EtherChannel Port Groups 7 10 Understanding EtherChannel Port Grouping 7 10 Port Group Restrictions on Static Address Forwarding 7 11 Creating EtherChannel Port Groups 7 12 Configuring Protected Ports 7 13 Enabling Port Security 7 14 Defining the Maximum Secure Address Count 7 15 Enabling Port Security 7 15 Disabl...

Page 11: ...ew 8 2 Management VLANs 8 4 Changing the Management VLAN for a New Switch 8 5 Changing the Management VLAN Through a Telnet Connection 8 6 Assigning VLAN Port Membership Modes 8 7 VLAN Membership Combinations 8 8 Assigning Static Access Ports to a VLAN 8 10 Overlapping VLANs and Multi VLAN Ports 8 11 Using VTP 8 12 The VTP Domain 8 13 VTP Modes and Mode Transitions 8 14 VTP Advertisements 8 15 VTP...

Page 12: ...ration 8 28 Configuring VLANs in the VTP Database 8 32 Adding a VLAN 8 33 Modifying a VLAN 8 34 Deleting a VLAN from the Database 8 34 Assigning Static Access Ports to a VLAN 8 35 How VLAN Trunks Work 8 36 IEEE 802 1Q Configuration Considerations 8 37 Trunks Interacting with Other Features 8 37 Configuring a Trunk Port 8 38 Disabling a Trunk Port 8 40 Defining the Allowed VLANs on a Trunk 8 40 Cha...

Page 13: ...rship 8 57 Configuring Dynamic Ports on VMPS Clients 8 58 Reconfirming VLAN Memberships 8 59 Changing the Reconfirmation Interval 8 59 Changing the Retry Count 8 60 Administering and Monitoring the VMPS 8 60 Troubleshooting Dynamic Port VLAN Membership 8 61 Dynamic Port VLAN Membership Configuration Example 8 61 C H A P T E R 9 Troubleshooting 9 1 Avoiding Configuration Conflicts 9 2 Avoiding Auto...

Page 14: ...9 19 Recovering from a Failed Command Switch Without HSRP 9 22 Recovering from a Lost or Forgotten Password 9 22 Recovering from Corrupted Software 9 25 A P P E N D I X A System Error Messages A 1 How to Read System Error Messages A 2 Error Message Traceback Reports A 4 Error Message and Recovery Procedures A 5 Chassis Message A 5 CMP Messages A 5 Environment Messages A 6 GigaStack Messages A 7 Li...

Page 15: ...formation about configuring and troubleshooting a switch or switch clusters This guide also provides information about configuring the Cisco 575 Long Reach Ethernet LRE customer premises equipment CPE It includes descriptions of the management interface options and the features supported by the switch software Use this guide in conjunction with other documents for the following topics Requirements...

Page 16: ... performed through CMS this guide does not provide the command line interface CLI procedures For the cluster commands refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference CLI command information This guide provides an overview for using the CLI For complete syntax and usage information about the commands that have been specifically created or changed for the Catalyst ...

Page 17: ...work Management Protocol SNMP Chapter 5 Clustering Switches describes switch clusters and the considerations for creating and maintaining them The online help provides the CMS procedures for configuring switch clusters Cluster commands are described in the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference Chapter 6 Configuring the System provides the considerations and CLI proc...

Page 18: ... a required choice within an optional element Interactive examples use these conventions Terminal sessions and system displays are in screen font Information you enter is in boldface screen font Nonprinting characters such as passwords or tabs are in angle brackets Notes cautions and tips use the following conventions and symbols Note Means reader take note Notes contain helpful suggestions or ref...

Page 19: ...and related hardware documents This CD is not the same as the Cisco Documentation CD ROM which contains the documentation for all Cisco products and is shipped with all Cisco products The Catalyst 2900 XL and Catalyst 3500 XL Documentation CD is shipped with the switch and has the following publications This Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide Cisco IOS...

Page 20: ...ent Cisco documentation on the World Wide Web at the following sites http www cisco com http www china cisco com http www europe cisco com Cisco Documentation CD ROM Cisco documentation and additional literature are available in a CD ROM package which ships with your product The Cisco Documentation CD ROM is updated monthly and may be more current than printed documentation The CD ROM package is a...

Page 21: ...00 553 NETS 6387 Documentation Feedback If you are reading Cisco product documentation on the World Wide Web you can send us your comments by completing the online survey When you display the document listing for this platform click Give Us Your Feedback If you are using the product specific CD and you are connected to the Internet click the pencil and paper icon in the toolbar to display the surv...

Page 22: ...s and services to help customers and partners streamline business processes and improve productivity Through Cisco com you can find information about Cisco and our networking solutions services and programs In addition you can resolve technical issues with online technical support download and test software packages and order Cisco learning materials and merchandise Valuable online skill assessmen...

Page 23: ...er for Cisco com go to the following website http www cisco com register If you cannot resolve your technical issue by using the TAC online resources Cisco com registered users can open a case online by using the TAC Case Open tool at the following website http www cisco com tac caseopen Contacting TAC by Telephone If you have a priority level 1 P1 or priority level 2 P2 problem contact TAC by tel...

Page 24: ...Preface Obtaining Technical Assistance xxiv Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 05 ...

Page 25: ...k topologies Features The Catalyst 2900 XL and Catalyst 3500 XL software supports the switches and modules listed in the Release Notes for the Catalyst 2900 Series XL and Catalyst 3500 Series XL Cisco IOS Release 12 0 5 WC 1 This software also supports the Cisco 575 Long Reach Ethernet LRE customer premises equipment CPE Table 1 1 describes the features supported in this release Note Table 4 2 on ...

Page 26: ...ion on page 1 8 Refer to the release notes for the CMS and cluster hardware software and browser requirements Performance Autosensing of speed on the 10 100 ports and autonegotiation of duplex mode on all switch ports for optimizing bandwidth IEEE 802 3x flow control on 100 Mbps and Gigabit ports operating in full duplex mode Fast EtherChannel and Gigabit EtherChannel for enhanced fault tolerance ...

Page 27: ...etwork topology discovery and mapping between the switch and other Cisco devices on the network Network Time Protocol NTP for providing a consistent timestamp to all switches from an external source Directed unicast requests to a Trivial File Transfer Protocol TFTP server for administering software upgrades from a TFTP server Default configuration stored in Flash memory to ensure that the switch c...

Page 28: ...ck Gigabit uplinks STP root guard for preventing switches outside the core of the network from becoming the STP root Note Depending on the model a switch can support up to 64 or 250 instances of STP see Table 8 1 on page 8 3 VLAN Support Depending on the switch model up to 64 or 250 port based VLANs are supported for assigning users to VLANs associated with appropriate network resources traffic pa...

Page 29: ...ity for a choice of security level notification and resulting actions Dynamic address learning for enhanced security MAC based port level security for restricting the use of a switch port to a specific group of source addresses and preventing switch access from unauthorized stations Terminal Access Controller Access Control System Plus TACACS a proprietary feature for managing network security thr...

Page 30: ...rks Configuration and monitoring of connections between Switch LRE ports and the Ethernet ports on remote LRE customer premises equipment CPE devices such as the Cisco 575 LRE CPE CPE Ethernet ports and remote Ethernet devices such as a PC Support for connecting to the Public Switched Telephone Network PSTN through plain old telephone service POTS splitters such as the Cisco LRE 48 POTS Splitter P...

Page 31: ...the following interfaces CMS CMS is a graphical user interface that can be launched from anywhere in your network through a web browser such as Netscape Communicator or Microsoft Internet Explorer CMS is already installed on the switch Using CMS you can fully configure and monitor a standalone switch a specific cluster member or an entire switch cluster You can also display network topologies to g...

Page 32: ...ing CMS and switch clusters can simplify and minimize your configuration and monitoring tasks You can use Cisco switch clustering technology to manage up to 16 interconnected supported Catalyst switches through one IP address as if they were a single entity This can conserve IP addresses if you have a limited number of them CMS is the easiest interface to use and makes switch and switch cluster ma...

Page 33: ...ration Inventory and statistic reporting and link and switch level monitoring and troubleshooting Group software upgrade View a topology of interconnected devices to identify existing switch clusters and eligible switches that can join a cluster You can also use the topology to quickly identify link information between switches Monitor real time status of a switch or multiple switches from the LED...

Page 34: ...lable to your network users Table 1 2 Increasing Network Performance Network Demands Suggested Design Methods Too many users on a single network segment and a growing number of users accessing the Internet Create smaller network segments so that fewer users share the bandwidth and use VLANs and IP subnets to place the network resources in the same logical network as the users who access those reso...

Page 35: ...tected ports to provide security and port isolation Use VLAN trunks Cross Stack UplinkFast and BackboneFast for traffic load balancing on the uplink ports so that the uplink port with a lower relative port cost is selected to carry the VLAN traffic An evolving demand for IP telephony Use QoS to prioritize applications such as IP telephony during congestion and to help control both delay and jitter...

Page 36: ... the Catalyst 3508G XL switch as a switch cluster to manage them through a single IP address High performance workgroup For users who require high speed access to network resources use Gigabit modules to connect the switches directly to a backbone switch in a star configuration Each switch in this configuration provides users a dedicated 1 Gbps connection to network resources in the backbone Compa...

Page 37: ...figurations Catalyst 2900 XL and Catalyst 3500 XL GigaStack cluster 1 Gbps HSRP 54568 Catalyst 3548 XL switch Cost Effective Wiring Closet High Performance Workgroup Redundant Gigabit Backbone Catalyst 3508 XL or 4908G L3 switch Catalyst 2900 XL and Catalyst 3500 XL cluster Catalyst 4908G L3 switch Catalyst 4908G L3 switch Catalyst 2900 XL and Catalyst 3500 XL cluster ...

Page 38: ...e access to the servers The Catalyst 2900 XL and Catalyst 3500 XL switches in this network are connected through a GigaStack GBIC on each switch to form a 1 Gbps network backbone This GigaStack can also be configured as a switch cluster with primary and secondary command switches for redundant cluster management Workstations are connected directly to the 10 100 switch ports for their own 10 or 100...

Page 39: ...view Network Configuration Examples Figure 1 2 Small to Medium Sized Network Configuration 100 Mbps 200 Mbps full duplex Single workstations Gigabit server 54569 Cisco 2600 router Gigabit server 10 100 Mbps 20 200 Mbps full duplex 1 Gbps 2 Gbps full duplex Catalyst 2900 XL and Catalyst 3500 XL GigaStack cluster ...

Page 40: ... for security management Data and multimedia traffic are configured on the same VLAN Voice traffic from the Cisco IP Phones are configured on separate VVIDs You can have up to four VVIDs per wiring closet If data multimedia and voice traffic are assigned to the same VLAN only one VLAN can be configured per wiring closet For any switch port connected to Cisco IP Phones 802 1p Q QoS gives forwarding...

Page 41: ...connected to the Catalyst 3524 PWR XL switches receive power from an AC power source Figure 1 3 Collapsed Backbone and Switch Cluster Configuration IP IP IP IP Catalyst 4908G L3 switch 200 Mbps Fast EtherChannel 400 Mbps full duplex Fast EtherChannel Gigabit servers Cisco CallManager 54570 Cisco 2600 router 1 Gbps 2 Gbps full duplex Cisco IP Phones Cisco IP Phones Workstations running Cisco SoftPh...

Page 42: ... Gigabit uplinks to the Catalyst 6500 switch For example you can use switch clusters that have a mix of Catalyst 2900 XL and Catalyst 3500 XL switches The Catalyst 6500 switch provides the workgroups with Gigabit access to core resources Cisco 7000 series router for access to the WAN and the Internet Server farm that includes a call processing server running Cisco CallManager software Cisco CallMa...

Page 43: ...Configuration Catalyst 6500 switch Cisco access gateway Servers Cisco CallManager Cisco 7200 or 7500 router WAN IP telephony network or PSTN IP IP IP IP 54571 Catalyst 3524 PWR XL GigaStack cluster 1 Gbps 2 Gbps full duplex IP IP IP Cisco IP Phones Cisco IP Phones Workstations running Cisco SoftPhone software Catalyst 2900 XL and 3500 XL GigaStack cluster AC power source ...

Page 44: ...event nonfiltered telephone rings and nonfiltered telephone transitions such as on hook to off hook from interrupting the Ethernet connection Through a patch panel the telephone line from each room connects to a nonhomologated POTS splitter such as the Cisco LRE 48 POTS Splitter PS 1M LRE 48 The splitter routes data high frequency and voice low frequency traffic from the telephone line to the swit...

Page 45: ...can connect to Accounting billing and provisioning servers A router that provides Internet access to the premises You can manage the switches through CMS as one or more switch clusters You can also manage and monitor the individual CPEs through the Catalyst 2900 LRE XL switches to which they are connected The LRE ports support the same software features as the 10 100 ports For example you can conf...

Page 46: ...N PBX Floor 1 Floor 2 Rooms and users Rooms and users Cisco LRE 48 POTS splitters Cisco 2600 router Servers Catalyst 2900 LRE XL switches Catalyst 2900 XL or Catalyst 3500 XL switch Patch panel Cisco LRE CPE 54573 Set top box Telephones TV PC Telephones Cisco LRE CPE Telephones Required microfilter Required microfilter Required microfilter Required microfilter PC Cisco LRE CPE Set top box TV Telep...

Page 47: ...with either Fast Ethernet or Gigabit Ethernet connections to the MAN Catalyst 2900 LRE XL switches can also be used as residential switches for customers requiring connectivity through existing telephone lines The Catalyst 2900 LRE XL switches can then connect to another residential switch through a 10 100 connection All ports on the residential switches are configured as 802 1Q trunks with the pr...

Page 48: ... Multi Dwelling Configuration Si 54572 Service Provider POP Mini POP Gigabit MAN Residential location Catalyst 6500 multilayer switches Catalyst 2900 XL and Catalyst 3500 XL switches including Catalyst 2900 LRE XL switches Catalyst 6500 switches Cisco 12000 Gigabit switch routers Si Si Si Si Si Si Si Residential gateway hub Set top box TV PC Set top box TV ...

Page 49: ...ng topics Accessing CMS Saving changes on CMS Using different versions of CMS For system requirements and for browser and Java plug in configurations refer to the release notes For field level descriptions of the CMS windows and for procedures for using CMS refer to the online help Note This chapter describes the CMS interface used on the Catalyst 2900 XL and Catalyst 3500 XL switches Refer to the...

Page 50: ...er Builder or Cluster View by selecting Device Launch Switch Manager You cannot display VSM from Cluster Manager For more information about accessing CMS see the Accessing CMS section on page 2 35 Cluster Builder and Cluster View Cluster Builder is the application from which you can create and modify a specific switch cluster When launched it displays a topology network map of the cluster command ...

Page 51: ...A menu bar that except for a few options provides the same options for managing a single switch and clustered switches This menu bar is described in the Menu Bars section on page 2 14 A toolbar that provides buttons for displaying commonly used switch and cluster level configuration windows and for displaying the legends and online help This toolbar is described in the Toolbar section on page 2 17...

Page 52: ...er Left click Mode to change the meaning of the port LEDs LEDs display the current port mode and the status of the switch and connected RPS Press Ctrl and then left click ports to select multiple ports The color of the port reflects port or link status Right click a port to display the port pop up menu and select an option to change port related settings 54513 10 1 126 45 10 1 126 45 ...

Page 53: ... Getting Started with CMS Cluster Manager and VSM Figure 2 2 Cluster Manager Right click a switch to display the device pop up menu and select an option to change system related settings Select a switch from the cluster tree The color of the switch icon reflects switch status Cluster tree 54504 10 1 126 45 ...

Page 54: ...The cluster tree uses a subset of the same icons used in the topology displayed in Cluster View and Cluster Builder Figure 2 3 shows the device icons as they appear in the cluster tree Figure 2 3 Cluster Tree Icons The cluster tree displays the cluster name and the names and the status of cluster members Table 2 1 For example a yellow switch icon in the cluster tree means that particular switch is...

Page 55: ...Settings from VSM or Cluster User Settings from Cluster Manager The following sections provide complete descriptions of the Catalyst 2900 XL and Catalyst 3500 XL LED images System LED RPS LED Port LEDs Summarized descriptions of the LED images are available from the VSM and Cluster Manager menu bar by choosing Help Legend System LED The system LED shows whether the switch is receiving power and fu...

Page 56: ...ppropriate switch documentation for RPS descriptions specific for the switch Table 2 3 Cisco RPS 600 LED on the Catalyst 2900 XL and Catalyst 3500 XL Switches Except the Catalyst 2912 LRE 2924 LRE and 3524 PWR XL Switches Color RPS Status Black off RPS is off or is not installed Green RPS is operational Blinking green RPS and the switch AC power supply are both powered up If the switch power suppl...

Page 57: ...select or change a mode click Mode until the desired mode LED is green Table 2 4 Cisco RPS 300 LED on the Catalyst 2912 LRE 2924 LRE and 3524 PWR XL Switches Color RPS Status Black off RPS is off or is not installed Green RPS is connected and operational Blinking green RPS is backing up another switch in the stack Amber RPS is connected but not functioning The following conditions could exist The ...

Page 58: ...e 10 100 switch ports on the Catalyst 2900 LRE XL continue to show Ethernet link status FDUP or DUPLX Duplex setting on the ports Default setting is auto on all Catalyst 2900 XL and Catalyst 3500 XL switches and on the 10 100 ports on the Catalyst 2900 LRE XL switches Default setting is half duplex on the LRE ports on the Catalyst 2900 LRE XL switches Note On the Catalyst 2900 LRE XL switches this...

Page 59: ...ink present Blinking green Activity on the port Port is transmitting or receiving data Amber Link fault Error frames can affect connectivity and errors such as excessive collisions CRC errors and alignment and jabber errors are monitored for a link fault indication Port is not forwarding Port was disabled by management or by an address violation or was blocked by Spanning Tree Protocol STP Note Af...

Page 60: ...ceiving data Amber Link fault Error frames can affect connectivity and errors such as excessive collisions CRC errors and alignment and jabber errors are monitored for a link fault indication 10 100 switch port or remote CPE Ethernet port is not forwarding Port was disabled by management by an address violation or was blocked by STP Note After a port is reconfigured the port LED can remain amber f...

Page 61: ...t by an address violation or was blocked by STP Note After a port is reconfigured the port LED can remain amber for up to 30 seconds as STP checks the switch for possible loops Brown No link and port is administratively shut down DUPLEX Cyan off Port is operating in half duplex mode Green Port is operating in full duplex mode SPEED 10 100 Ports Cyan off Port is operating at 10 Mbps Green Port is o...

Page 62: ... Figure 2 1 and Figure 2 2 are similar but with the following exceptions Some configuration options such as some system and VLAN options are arranged slightly differently in VSM and Cluster Manager The option for enabling a command switch is available only from VSM The option for designating a standby group of command switches is available only from Cluster Manager The option for rearranging the s...

Page 63: ...hes appear in Cluster Manager User Settings Set the polling interval for Cluster Manager Cluster Builder and the performance graphs Set the application to display by default Cluster Builder Display Cluster Builder System Inventory Display the device type software version IP address and other information about a switch or a cluster of switches IP Management Configure IP information for a switch Sof...

Page 64: ...r SPAN Enable SPAN port monitoring Flooding Control Enable broadcast storm control and block unicast and multicast flooding on a per port basis VLAN VLAN Membership Display VLAN membership assign ports to VLANs and configure Inter Switch Link ISL and 802 1Q trunks Management VLAN VSM specific Change the management VLAN on the switch VTP Management Display and configure the VLAN Trunk Protocol VTP ...

Page 65: ...iption From left to right on the toolbar the following windows can be displayed Cluster Builder On VSM this button is not applicable and is therefore disabled Software Upgrade window SNMP Management window VLAN Membership window Spanning Tree Protocol window Save Configuration window User Settings window Legend that describes the icons labels and links Online help table of contents Figure 2 4 Clus...

Page 66: ...ches and right click Table 2 10 VSM and Cluster Manager Port Pop up Menu Pop up Menu Option Task Port Configuration Display and configure port parameters on a switch VLAN Membership Define the VLAN mode for a port or ports and add ports to VLANs Not available for Catalyst 1900 or Catalyst 2820 switches Flooding Controls Block the normal flooding of unicast and multicast packets and enable the swit...

Page 67: ...ask System Inventory Display the device type software version IP address and other information about a switch or cluster of switches IP Management Configure IP information for a switch Software Upgrade Upgrade the software for a cluster or a switch SNMP Management Enter SNMP community strings and configure end stations as trap managers Console Baud Rate Change the baud rate for one or more switche...

Page 68: ...t flooding on a per port basis VLAN VLAN Membership Display VLAN membership assign ports to VLANs and configure ISL and IEEE 802 1Q trunks VTP Management Display and configure the VLAN Trunk Protocol VTP for interswitch VLAN membership Security Address Management Enter dynamic secure and static addresses into a switch address table and define the forwarding behavior of static addresses Port Securi...

Page 69: ... devices connected to the command switch display as cluster members or candidates The components used in a topology are described in the Topology section on page 2 24 A menu bar that provides the options for creating modifying monitoring and displaying switch clusters This menu bar is further described in the Menu Bar section on page 2 26 A toolbar that provides buttons for displaying commonly use...

Page 70: ...ter Builder 2 22 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 05 Figure 2 5 Cluster View Cluster is collapsed to a double switch icon Connected cluster Status bar shows that Cluster View is displayed 54505 mcluster ...

Page 71: ...ter Builder Right click a line to display the link pop up menu and select an option to display link information Lines indicate the type of connection between two devices such as lightning bolts are Gigastack GBIC connections Status bar shows that Cluster Builder is displayed Device label identifies the switch A switch icon with a crown indicates the command switch 54503 Switch202 ...

Page 72: ...er members Select a command switch icon to configure cluster wide settings Select a switch icon to configure switch wide settings The topology in Cluster View Figure 2 5 and Cluster Builder Figure 2 6 uses the same icons used in the Cluster Manager cluster tree Figure 2 2 It also uses an icon unique to the topology This icon is the unknown device icon Figure 2 7 shows the device icons as they appe...

Page 73: ...e meanings of the link colors When you point your cursor at a link and right click you can display additional link information from the link pop up menu Figure 2 6 Complete descriptions of the icons and icon colors are available from Help Legend Figure 2 8 Cluster View and Cluster Builder Link Icons Table 2 13 Device Label Colors Label Color Color Meaning Green A cluster member either a member swi...

Page 74: ... graphs Goto Cluster Manager Start Cluster Manager Views Toggle Views Toggle between Cluster Builder and Cluster View Toggle Labels Toggle between switch names and IP or MAC addresses and connected port numbers Device Launch Switch Manager Start Switch Manager for a selected switch Bandwidth Graph Display a graph showing the current bandwidth in use by a selected switch Not supported on Catalyst 1...

Page 75: ... Manager Toggle between switch names and IP or MAC addresses and connected port numbers Save the arrangement of the cluster icons as you have arranged them Save the current configuration for all cluster members to Flash memory Set the user settings for Cluster Builder and Cluster View Display the legend that describes the icons labels and links that are used in Cluster Builder and Cluster View Lis...

Page 76: ... Pop Up Menu Table 2 16 describes the menu options available when you right click an icon in Cluster View Move the cursor over the icon to display the tool tip For example the button displays Help Contents 54512 Switch202 Table 2 16 Cluster View Device Menu Menu Option Action Device Web Page Displays the web management page for the device Disqualification Code Describes why the switch is not a clu...

Page 77: ...ent page for the device Add to Cluster Adds the selected candidate or candidates to the cluster Table 2 18 Cluster Builder Member Pop up Menu Menu Option Action Switch Manager Display the VSM Home page for the selected device Bandwidth Graph Display a graph that plots the total bandwidth used by the switch This feature is not available on Catalyst 1900 or Catalyst 2820 switches Host Name Config Ch...

Page 78: ...n refer to the online help Table 2 19 Cluster Builder Link Pop up Menu Menu Option Action Link Graph Display the performance graph for the link One end of the link must be connected to a port on a cluster member that is a Catalyst 2900 XL or Catalyst 3500 XL switch Links between any mix of Catalyst 1900 and Catalyst 2820 switches cannot be graphed Link Report Display information about the link bet...

Page 79: ...mponents of a typical CMS window Figure 2 10 CMS Window Components Cluster members are listed in the device list Click a tab to display more information Modify displays a pop up for the selected row Cancel closes the window without saving the changes Click in a row to select it Help displays help for the current window and the menu of Help topics OK saves the changes you have made and closes the w...

Page 80: ...t Name list For example the VLAN Membership window would not display Catalyst 1900 and Catalyst 2820 switches even though they are part of the cluster Tabs Some CMS windows have multiple tabs that present different kinds of information Tabs are arranged like folder headings across the top of the window Click the tab to display a new screen and click Apply to save information on all tabs but withou...

Page 81: ...s descriptions of all window components fields buttons and so on and procedures on performing tasks from the window Index of help topics You can send us feedback about the information provided in the online help From the menu bar select Help Contents and click Feedback to display a simple online form After completing the form click Submit to send your comments to Cisco We appreciate and value your...

Page 82: ...re Configuration Guide 78 6511 05 Figure 2 11 Help Contents Click Back and Forward to redisplay previously displayed pages Click Feedback to send us your comments about the online help Enter the first letters of the topic and click Find Click a topic under the Contents or Index tab Feature help Dialog specific help 4567 ...

Page 83: ...tions for assigning this information to a command switch and cluster members are described in the IP Addresses section on page 5 8 and Passwords section on page 5 8 Accessing CMS also requires meeting the software requirements including browser and Java plug in configurations described in the release notes Note Copies of the CMS pages you display are saved in your browser memory cache until you ex...

Page 84: ... or Visual Switch Manager If you access CMS from a standalone or cluster member switch VSM appears If you access CMS from a command switch Cluster Builder launches by default You can select Cluster Manager to launch by default by selecting Cluster User Settings You can toggle between Cluster Builder and Cluster View by selecting View Toggle Views You can display VSM for a specific cluster member f...

Page 85: ... is the startup configuration used each time the switch restarts If you do not save your changes to Flash memory they are lost when the switch restarts To save all configuration changes to Flash memory you must select System Save Configuration in the Cluster Manager menu bar or Options Save Configuration in the Cluster Builder or Cluster View menu bar Note Catalyst 1900 and Catalyst 2820 switches ...

Page 86: ...VSM which is referred to as Switch Manager on these switches Other CMS features such as Cluster Manager Cluster Builder and Cluster View are not available on these switches Refer to the appropriate switch documentation for descriptions of the web based management software used on other Catalyst desktop switches such as the Catalyst 2950 Catalyst 1900 and Catalyst 2820 switches Refer to the release...

Page 87: ...s Command line error messages Accessing the CLI Saving configuration changes This switch software release is based on Cisco IOS Release 12 0 5 It has been enhanced to support a set of features for the Catalyst 2900 XL and Catalyst 3500 XL switches This guide provides procedures for using only the commands that have been created or changed for these switches The Catalyst 2900 Series XL and Catalyst...

Page 88: ... configuration Interface configuration Line configuration When you start a session on the switch you begin in user mode often called user EXEC mode which has only a limited subset of the commands To access all commands and modes you must first enter privileged EXEC mode Normally a password is required to enter privileged EXEC mode From privileged mode you can enter any EXEC command or enter global...

Page 89: ...ame switch Table 3 1 Command Modes Summary Modes Access Method Prompt Exit Method About This Mode1 User EXEC Begin a session with your switch switch Enter logout or quit Use this mode to Change terminal settings Perform basic tests Display system information Privileged EXEC Enter the enable command while in user EXEC mode switch Enter disable to exit Use this mode to verify commands you have enter...

Page 90: ...ole Interface configuration Enter the interface command with a specific interface while in global configuration mode switch config if To exit to global configuration mode enter exit To exist to privileged EXEC mode enter Ctrl Z or end Use this mode to configure parameters for the Ethernet interfaces Line configuration Specify a line with the line vty or line console command while in global configu...

Page 91: ... have a default form The default form of a command returns the command setting to its default Redisplaying a Command To redisplay a command you previously entered press the up arrow key You can continue to press the up arrow key for more commands Getting Help Entering a question mark at the system prompt displays a list of commands for each command mode You can also get a list of any command s ass...

Page 92: ... 802 3 Null Null interface VLAN Switch VLAN Virtual Interface When using context sensitive help the space or lack of a space before the question mark is significant To obtain a list of commands that begin with a particular character sequence enter those characters followed immediately by the question mark Do not include a space This form of help is called word help because it completes a word for ...

Page 93: ...recognize the command Reenter the command followed by a space and a question mark The possible keywords that you can enter with the command appear Incomplete command You did not enter all of the keywords or values required by this command Reenter the command followed by a space and a question mark The possible keywords that you can enter with the command appear Invalid input detected at marker You...

Page 94: ...HyperTerminal tip or minicom on the management station Step 2 If necessary reconfigure the terminal emulation software to match the switch console port settings default settings are 9600 baud no parity 8 data bits and 1 stop bit Step 3 Establish a connection with the switch by either Connecting the switch console port to a management station or dial up modem For information about connecting to the...

Page 95: ...s page appears click Telnet to start a Telnet session You can also access the CLI by clicking Web Console HTML access to the command line interface from the Cisco Systems Access page For information about the Cisco Systems Access page see the Accessing CMS section on page 2 35 and the release notes Step 4 Enter the switch password The User EXEC prompt appears on the management station Note Copies ...

Page 96: ...y command in privileged EXEC mode Note The write memory command does not apply to the Catalyst 1900 and Catalyst 2820 switches which automatically save configuration changes to Flash memory as they occur Tips As you make cluster configuration changes make sure you periodically save the configuration The configuration is saved on the command and member switches Where to Go Next The rest of this gui...

Page 97: ...Protocol HTTP access Telnet access Simple Network Management Protocol SNMP network management platforms Default settings of key software features Refer to the release notes for information about starting up the switch Software and hardware requirements and compatibility Browser and Java plug in configurations Setup program Also refer to the release notes about switch upgrades For information about...

Page 98: ...on about running the setup program and assigning basic information to the switch refer to the release notes Switch Software Releases The switch software is regularly updated with new features and bug fixes and you might want to upgrade your Catalyst 2900 XL and Catalyst 3500 XL with the latest software release New software releases are posted on Cisco com on the World Wide Web and are available th...

Page 99: ...guide Be sure that the switch console port settings match the settings of the terminal or PC These are the default settings of the switch console port Baud rate default is 9600 Data bits default is 8 Note If the data bits option is set to 8 set the parity option to None Stop bits default is 1 Parity settings default is None Make sure that you save any changes you make to the switch console port se...

Page 100: ...nsole port The default data characteristics of the switch console port are 9600 8 1 no parity When the command line appears go to Step 2 Step 2 enable Enter privileged EXEC mode Step 3 config terminal Enter global configuration mode Step 4 line vty 0 15 Enter the interface configuration mode for the Telnet interface There are 16 possible sessions on a command capable switch The 0 and 15 mean that ...

Page 101: ...able or otherwise misconfigure the port through which your management station is communicating with the switch You might want to write down the port number to which you are connected Changes to the switch IP information should be done with care Refer to the following topics in the release notes for information about accessing CMS System requirements Running the setup program which includes assigni...

Page 102: ...RMON groups which this IOS software release supports You can configure these groups by using an SNMP application or by using the CLI The four supported groups are alarms events history and statistics This section describes how to access MIB objects to configure and manage your switch It provides the following information Using File Transfer Protocol FTP to access the MIB files Using SNMP to access...

Page 103: ...xl for a list of Catalyst 3500 XL MIBs Step 6 Use the get MIB_filename command to obtain a copy of the MIB file You can also access this server from your browser by entering the following URL in the Location field of your Netscape browser the Address field in Internet Explorer ftp ftp cisco com Use the mouse to navigate to the folders listed above Using SNMP to Access MIB Variables The switch MIB ...

Page 104: ...nager to a condition on the network such as improper user authentication restarts link status up or down and so forth In addition the SNMP agent responds to MIB related queries sent by the SNMP manager in get request get next request and set request format The SNMP manager uses information in the MIB to perform the operations described in Table 4 1 Figure 4 1 SNMP Network Table 4 1 SNMP Operations...

Page 105: ...ere you can configure them from the command line interface CLI and Cluster Management Suite CMS Table 4 2 Default Settings and Where To Change Them Feature Default Setting Concepts and CLI Procedures CMS Option Cluster Management Enabling a command switch None Designating and Enabling a Command Switch section on page 5 14 No CLI procedure provided VSM Cluster Cluster Command Configuration Creating...

Page 106: ... 2 Documentation set for Cisco IOS Release 12 0 on Cisco com Cluster Manager System IP Management Dynamic Host ConfigurationProtocol DHCP DHCP client is enabled Using DHCP Based Autoconfiguration section on page 6 4 Documentation set for Cisco IOS Release 12 0 on Cisco com Management VLAN VLAN 1 Management VLANs section on page 8 4 Cluster Manager Cluster Management VLAN Domain name None Configuri...

Page 107: ...n set for Cisco IOS Release 12 0 on Cisco com Cluster Manager Security Address Management Dynamic address management Enabled Managing the MAC Address Tables section on page 6 56 Documentation set for Cisco IOS Release 12 0 on Cisco com Cluster Manager Security Address Management Voice configuration Configuring Voice Ports section on page 7 17 VLAN membership Static access ports in VLAN 1 Assigning...

Page 108: ...lex Mode section on page 7 2 Cluster Manager Port Port Configuration Gigabit Ethernet flow control Any on all Gigabit ports Disabled on LRE ports in half duplex mode enabled on LRE ports in full duplex mode Note This option is configurable only on the Gigabit ports Cluster Manager Port Port Configuration Configuring Flow Control on Gigabit Ethernet Ports section on page 7 3 LRE link speed and LRE ...

Page 109: ...co Group Management Protocol CGMP Multicast VLAN Registration MVR Disabled Configuring MVR section on page 6 49 Network Port Disabled Enabling a Network Port section on page 7 7 Network Redundancy Hot Standby Router Protocol Disabled Designating and Enabling Standby Command Switches section on page 5 17 Spanning Tree Protocol Enabled Configuring STP section on page 6 24 Cluster Manager Device Span...

Page 110: ...7 16 Cluster Manager Port Switch Port Analyzer SPAN Console buffer and file logging Disabled Documentation set for Cisco IOS Release 12 0 on Cisco com Remote monitoring RMON Disabled SNMP Network Management Platforms section on page 4 6 Documentation set for Cisco IOS Release 12 0 on Cisco com Security Password None Passwords section on page 5 8 and Changing the Password section on page 6 15 Addre...

Page 111: ...for Cisco IOS Release 12 0 on Cisco com Cluster Manager System SNMP Configuration Port security Disabled Enabling Port Security section on page 7 14 Cluster Manager Security Port Security Terminal Access Controller Access Control System Plus TACACS Disabled Configuring TACACS section on page 6 61 Protected port Disabled Configuring Protected Ports section on page 7 13 Table 4 2 Default Settings an...

Page 112: ...Chapter 4 General Switch Administration Default Settings 4 16 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 05 ...

Page 113: ...he Cluster Management Suite CMS web based interface than through the CLI Therefore information in this chapter focuses on using CMS See Chapter 2 Getting Started with CMS for additional information about switch clusters and the clustering options For complete procedures on using CMS to configure switch clusters refer to the online help For the cluster commands refer to the Catalyst 2900 Series XL ...

Page 114: ...losing contact with cluster members if the command switch fails The following sections list the requirements for the following cluster members Command switch Standby command switches Candidate and member switches Note Refer to the release notes for the list of Catalyst switches enabled for switch clustering including which ones can be command switches and which ones can only be member switches and...

Page 115: ...lso recommend that each standby command switch is cabled so that connectivity to cluster members is maintained Candidate and Cluster Member Characteristics Candidate switches are cluster capable switches that have not yet been added to a cluster Member switches are switches that have actually been added to a switch cluster A candidate or member switch can have its own IP address but it is not requ...

Page 116: ...ter You can configure the command switch to discover switches up to seven cluster enabled devices away The default is three hops To set the number of hops the command switch searches for candidate and member switches or to disable the automatic display of suggested candidates select Cluster User Settings Note Do not disable CDP CDP must be enabled for the switch to discover and display the switch ...

Page 117: ... belong to clusters supported by standby command switches but they cannot belong to a standby group The standby group of command switches are ranked according to a set of user defined priorities Switches are ranked first by the number of links they have and second by the switch speed If switches have the same number of links and speed they are listed alphabetically The member switch with the highe...

Page 118: ...ntact with the member switches if the cluster command switch fails Spanning Tree Protocol STP prevents the loops in such a configuration from reducing performance Figure 5 2 Redundant Cabling to Support HSRP Catalyst 2900 and 3500 XL member switches Command switch Standby command switch Cluster Management Suite 1900 2820 member switches HTTP 33950 Member 4 Member 2 172 20 128 221 172 20 128 222 Vi...

Page 119: ... informed of new cluster members but not the configuration of any given switch If the primary command switch fails the standby command switch assumes ownership of the virtual IP address and MAC address and begins acting as the command switch The remaining switches in the standby group compare their assigned priorities to determine the new standby command switch When the primary command switch beco...

Page 120: ...ft Internet Explorer as described in the release notes You can assign IP information by using the setup program refer to the release notes or by manually assigning it see the Changing IP Information section on page 6 2 Passwords If you plan to create switch clusters you should assign an enable secret password to the command switch You can assign a privilege level 1 to 15 to the password where leve...

Page 121: ...s and privilege levels are altered Keep in mind the following caveats if your cluster has Catalyst 1900 and Catalyst 2820 member switches Password length If the command switch enable password is longer than eight characters the member switch enable password is truncated to eight characters If the command switch enable password is between one and eight characters inclusive the member switch enable ...

Page 122: ...d switch was removed from the cluster and was then was added to a new cluster its old host name such as eng cluster 5 is overwritten with the host name of the command switch in the new cluster SNMP Community Strings The Cluster Management software appends the member switch number esN where N is the switch number to the first configured RO and RW community strings on the command switch and propagat...

Page 123: ...ement VLAN which by default is VLAN 1 To manage switches in a cluster the port connections among the command member and candidate switches must be connected through ports that belong to the management VLAN Any VLAN can serve as the management VLAN as long as there are links between the command switch and the member switches for both the old and the new management VLAN When you change the managemen...

Page 124: ...dd a new switch to an existing cluster and the cluster is using a management VLAN other than the default VLAN 1 the command switch automatically senses that the new switch has a different management VLAN and has not been configured The command switch issues commands to change the management VLAN on the new switch to match the one in use by the cluster This automatic change of the VLAN only occurs ...

Page 125: ...lusters When a switch has features specific to it and the switch is part of a switch cluster the CMS menu bars display the configuration options of those features For example Device LRE Profile appears in the Cluster Manager menu bar when at least one Catalyst 2900 LRE XL switch is in the cluster However these options are only available when the appropriate switch is selected from the Host Name dr...

Page 126: ...ding qualified candidates This window lists the cluster candidates discovered by the switch The Suggested Candidate window lists each candidate switch with its device type MAC address and the switch through which it is connected to the cluster By default the suggested candidates are highlighted in the Suggested Candidates window but you can select 1 or more switches as long as the number of switch...

Page 127: ... to a cluster if the cluster has no more than 16 members otherwise you must remove a member before adding a new one The Add to Cluster option is disabled when the number of cluster members reaches 16 To add several switches to a cluster press Ctrl and left click the candidates you want to add If any of the candidates cannot be added Cluster Builder displays a message that states which candidates w...

Page 128: ...ed password when it leaves the cluster For more information about setting passwords see the Passwords section on page 5 8 If the candidate is in a different management VLAN than the command switch a message states that this candidate is unreachable and you will not be able to add it to the cluster For more information about management VLAN considerations see the Management VLAN section on page 5 1...

Page 129: ...mber of links they have and second by the switch speed If the switches have the same number of links and speed they are listed alphabetically In the Selected list the active command switch has the highest priority and is always at the top of the list The standby switch with the next highest priority becomes the standby command switch The standby command switch is listed after the active command sw...

Page 130: ...es of the switches and the group number must be unique within the IP subnet It can be from 0 to 255 and the default is 0 The Standby Command Configuration window uses the default values for the preempt and name commands that you have set by using the CLI If you use this window to create the HSRP group all switches in the group have the preempt command enabled and the name for the group is clustern...

Page 131: ...Statistics and Port Port Configuration Runtime Status For information about troubleshooting switch clusters see Chapter 9 Troubleshooting Displaying an Inventory of the Clustered Switches To display an inventory of the switch cluster display VSM or Cluster Manager and select System Inventory to display the Inventory window Figure 5 6 To display this information for a single switch select the switc...

Page 132: ...erconnected from Cluster Builder It shows how the switches are connected and the type of connection between each device To display a legend describing the icons links and colors used in Cluster Builder select Help Legend To display port connection information such as port numbers for each end of the link select Views Toggle Labels Software versions for cluster members IP addresses of cluster membe...

Page 133: ...ommand on the command switch For Catalyst 2900 XL and Catalyst 3500 XL switches the Telnet session accesses the member switch CLI at the same privilege level as on the command switch The IOS commands then operate as usual For instructions on configuring the Catalyst 2900 XL or Catalyst 3500 XL switch for a Telnet session see the Accessing the CLI section on page 3 8 For Catalyst 1900 and Catalyst ...

Page 134: ...tion The Cluster Management software appends the member switch number esN where N is the switch number to the first configured RW and RO community strings on the command switch and propagates them to the member switch The command switch uses this community string to control the forwarding of gets sets and get next messages between the SNMP management station and the member switches Note When a sta...

Page 135: ... XL Software Configuration Guide 78 6511 05 Chapter 5 Clustering Switches Using SNMP to Manage Switch Clusters Figure 5 7 SNMP Management for a Cluster Trap T r a p T r a p Command switch Trap 1 Trap 2 Trap 3 Member 1 Member 2 Member 3 33020 SNMP Manager ...

Page 136: ...Chapter 5 Clustering Switches Using SNMP to Manage Switch Clusters 5 24 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 05 ...

Page 137: ...nd usage information for the commands used in this chapter refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference This chapter does not repeat the concepts and CLI procedures provided in the standard Cisco IOS Release 12 0 documentation For switch features that use standard Cisco IOS Release 12 0 commands refer to the Cisco IOS Release 12 0 documentation on Cisco com fo...

Page 138: ... Location field Netscape Communicator or Address field Internet Explorer To restart your CLI session through Telnet follow the steps described in the Accessing the CLI section on page 3 8 Note If you enabled the DHCP feature the switch assumes you are using an external server for IP address allocation While this feature is enabled any values you manually enter from the CMS or from the ip address c...

Page 139: ...interface vlan 1 Enter interface configuration mode and enter the VLAN to which the IP information is assigned VLAN 1 is the default management VLAN but you can configure any VLAN from IDs 1 to 1001 Step 3 ip address ip_address subnet_mask Enter the IP address and subnet mask Step 4 exit Return to global configuration mode Step 5 ip default gateway ip_address Enter the IP address of the default ro...

Page 140: ...components one for delivering configuration parameters from a DHCP server to a device and one for allocating network addresses to devices DHCP is built on a client server model where designated DHCP servers allocate network addresses and deliver configuration parameters to dynamically configured devices With DHCP based autoconfiguration your switch DHCP client can be automatically configured at st...

Page 141: ...ts a DHCPDISCOVER message to locate a DHCP server The DHCP server offers configuration parameters such as an IP address subnet mask gateway IP address DNS IP address a lease for the IP address and so forth to the client in a DHCPOFFER unicast message In a DHCPREQUEST broadcast message the client returns a request for the offered configuration information to the DHCP server The request is broadcast...

Page 142: ...er it receives The offer from the DHCP server is not a guarantee that the IP address will be allocated to the client however the server usually reserves the address until the client has had a chance to formally request the address If the switch accepts replies from a BOOTP server and configures itself the switch will broadcast instead of unicast TFTP requests to obtain the switch configuration fil...

Page 143: ...file DHCP is not used and the switch obtains the default configuration file by broadcasting TFTP requests The DHCP server can be on the same or a different LAN as the switch If it is on a different LAN the switch must be able to access it through a relay device The DHCP server can be running on a UNIX or Linux operating system however the Windows NT operating system is not supported in this releas...

Page 144: ...s a cache of host name to address mappings for use by the EXEC mode connect telnet and ping commands and related Telnet support operations This cache speeds the process of converting names to addresses IP defines a hierarchical naming scheme that allows a device to be identified by its location or domain Domain names are pieced together with periods as the delimiting characters For example Cisco S...

Page 145: ...ferent LAN the switch must be able to access it through a relay device or router For more information see the Configuring the Relay Device section on page 6 9 For CLI procedures refer to the Cisco IOS Release 12 0 documentation on Cisco com for additional information and CLI procedures Configuring the Relay Device You need to use a relay device if the DHCP DNS or TFTP servers are on a different LA...

Page 146: ... reply one file read method The switch receives its IP address subnet mask and configuration filename from the DHCP server It also receives a DNS server IP address and a TFTP server name The switch sends a DNS request to the DNS server specifying the TFTP server name to obtain the TFTP server address Then the switch sends a unicast message to the TFTP server to retrieve the named configuration fil...

Page 147: ...ble with the information in the file and obtains its host name If the host name is not found in the file the switch uses the host name in the DHCP reply If the host name is not specified in the DHCP reply the switch uses the default Switch as its host name After obtaining its host name from the default configuration file or the DHCP reply the switch reads the configuration file that has the same n...

Page 148: ...e network for retrieving IP information using DHCP based autoconfiguration Figure 6 3 DHCP Based Autoconfiguration Network Example Table 6 1 shows the configuration of the reserved leases on the DHCP server Switch 1 00e0 9f1e 2001 Cisco router 47571 Switch 2 00e0 9f1e 2002 Switch 3 00e0 9f1e 2003 DHCP server DNS server TFTP server maritsu 10 0 0 1 10 0 0 10 10 0 0 2 10 0 0 3 Switch 4 00e0 9f1e 200...

Page 149: ...tpserver work prompt ls network confg switch1 confg switch2 confg switch3 confg switch4 confg prompt cat network confg ip host switch1 10 0 0 21 ip host switch2 10 0 0 22 ip host switch3 10 0 0 23 ip host switch4 10 0 0 24 Table 6 1 DHCP Server Configuration Switch 1 Switch 2 Switch 3 Switch 4 Binding key hardware address 00e0 9f1e 2001 00e0 9f1e 2002 00e0 9f1e 2003 00e0 9f1e 2004 IP address 10 0 ...

Page 150: ...IP address 10 0 0 21 from the DHCP server If no configuration filename is given in the DHCP server reply Switch 1 reads the network confg file from the base directory of the TFTP server It adds the contents of the network confg file to its host table It reads its host table by indexing its IP address 10 0 0 21 to its host name switch1 It reads the configuration file that corresponds to its host na...

Page 151: ...orized use Catalyst 2900 XL and Catalyst 3500 XL switches have two commands for setting passwords enable secret password a very secure encrypted password enable password password a less secure unencrypted password You must enter one of these passwords to gain access to privileged EXEC mode We recommend that you use the enable secret password Note When set the enable secret password takes precedenc...

Page 152: ...ticated through the TACACS server The Telnet password must be an enable secret password For information about managing passwords in switch clusters see the Passwords section on page 5 8 Both types of passwords can contain from 1 to 25 uppercase and lowercase alphanumeric characters and both can start with a number Spaces are also valid password characters for example two words is a valid password ...

Page 153: ...switch is east of Greenwich You can also enter negative and positive numbers for minutes Configuring Daylight Saving Time You can configure the switch to change to daylight saving time on a particular day every year on a day that you enter or not at all For CLI procedures refer to the Cisco IOS Release 12 0 documentation on Cisco com for additional information and CLI procedures Configuring the Ne...

Page 154: ...broadcast server such as a router broadcasting time information on the network You can also enter a value to account for any round trip delay between the client and the NTP broadcast server Configuring SNMP If your switch is part of a cluster the clustering software can change Simple Network Management Protocol SNMP parameters such as host names when the cluster is created If you are configuring a...

Page 155: ...nagement station that receives and processes traps When you configure a trap manager the community strings for each member switch must be unique If a member switch has an assigned IP address the management station accesses the switch by using that IP address By default no trap manager is defined and no traps are issued Table 6 2 describes the Catalyst 2900 XL and Catalyst 3500 XL switch traps You ...

Page 156: ...nagers Table 6 3 Catalyst 1900 and Catalyst 2820 Switch Traps Trap Type Description Address violation Generates a trap when the address violation threshold is exceeded Authentication Generates a trap when an SNMP request is not accompanied by a valid community string BSC Generates a trap when the broadcast threshold is exceeded Link up down Generates a link down trap when a port is suspended or di...

Page 157: ...rap manager and a community string Command Purpose Step 1 config terminal Enter global configuration mode Step 2 snmp server host 172 2 128 263 traps1 snmp vlan membership Enter the trap manager IP address the community string and the traps to generate Step 3 end Return to privileged EXEC mode Step 4 show running config Verify that the information was entered correctly by displaying the running co...

Page 158: ... Devices that do not run clustering software display as edge devices and CDP cannot discover any device connected to them Note Creating and maintaining switch clusters is based on the regular exchange of CDP messages Disabling CDP can interrupt cluster discovery For more information about the role that CDP plays in clustering see the Automatic Discovery of Cluster Candidates section on page 5 4 Co...

Page 159: ...series CDP device that does not support clustering Undisclosed device displays as edge device Cluster command switch 3 hops from command switch Up to 7 hops from command switch 33019 Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 cluster discovery hop count number Enter the number of hops that you want CDP to search for cluster candidates and cluster members Step ...

Page 160: ...924C XL support only 64 VLANs For more information about VLANs see Chapter 8 Configuring VLANs Each VLAN is a separate STP instance If you have already used up all available STP instances on a switch adding another VLAN anywhere in the VLAN Trunk Protocol VTP domain creates a VLAN that is not running STP on that switch For example if 250 VLANs are defined in the VTP domain you can enable STP on th...

Page 161: ...n many cases and makes it more labor intensive to add another VLAN to the network Using STP to Support Redundant Connectivity You can create a redundant backbone with STP by connecting two of the switch ports to another device or to two different devices STP automatically disables one port but enables it if the other port is lost If one link is high speed and the other low speed the low speed link...

Page 162: ...ation of STP on one VLAN can cause the dynamic addresses learned on that VLAN to be subject to accelerated aging Dynamic addresses on other VLANs can be unaffected and remain subject to the aging interval entered for the switch Configuring STP and UplinkFast in a Cascaded Cluster STP uses default values that can be reduced when configuring Catalyst 2900 XL and Catalyst 3500 XL switches in cascaded...

Page 163: ...Settings in Seconds STP Parameter STP Default IEEE Acceptable for Option 1 Acceptable for Option 2 Acceptable for Option 3 Hello Time 2 1 1 1 Max Age 20 6 10 6 Forwarding delay 15 4 7 4 Catalyst 2900 and 3500 XL switches 33021 Catalyst 2900 and 3500 XL switches Catalyst 5000 series 6000 backbone Option 1 standalone cascaded cluster Option 2 cascaded cluster connected to a Layer 2 backbone Option 3...

Page 164: ... new root port other ports flood the network with multicast packets one for each address that was learned on the port You can limit these bursts of multicast traffic by reducing the max update rate parameter The default for this parameter is 150 packets per second However if you enter zero station learning frames are not generated so the STP topology converges more slowly after a loss of connectiv...

Page 165: ...Guide 78 6511 05 Chapter 6 Configuring the System Configuring STP Figure 6 6 Switches in a Hierarchical Network 3500 XL 3500 XL 2900 XL 2900 XL 2900 XL 2900 XL 2900 XL 2900 XL 2900 XL Active link Blocked link Root bridge Backbone switches Distribution switches Access switches 22037 ...

Page 166: ... is increased by 3000 This change reduces the chance that the switch will become the root switch When UplinkFast is disabled the bridge priorities of all VLANs and path costs of all ports are set to default values Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 spanning tree uplinkfast max update rate pkts per second Enable UplinkFast on the switch The range is fro...

Page 167: ...ts that Cause Fast Convergence section on page 6 33 How CSUF Works CSUF ensures that one link in the stack is elected as the path to the root As shown in Figure 6 7 Switches A B and C are cascaded through the Gigastack GBIC to form a multidrop backbone which communicates control and data traffic across the switches at the access layer The switches in the stack use their stack ports to communicate ...

Page 168: ...scovery hello packets When certain link loss or STP events occur described in the Events that Cause Fast Convergence section on page 6 33 the Fast Uplink Transition Protocol uses the neighbor list to send fast transition requests on the stack port to stack members Switch A Spanning tree root Backbone Multidrop backbone GigaStack GBIC connections Stack port 47572 Switch B Stack port Fwd Link A Root...

Page 169: ...d from all stack switches the Fast Uplink Transition Protocol on the sending switch immediately transitions its alternate stack root port to the forwarding state If acknowledgements from all stack switches are not obtained by the sending switch the normal STP transitions blocking listening learning forwarding take place and the spanning tree topology converges at its normal rate 2 forward delay ti...

Page 170: ...under these conditions The stack root switch is powered down or the software failed The stack root switch which was powered down or failed is powered up A new switch which might become the stack root is added to the stack A switch other than the stack root is powered down or failed A link fails between stack ports on the multidrop backbone Note The fast transition of CSUF depends on the amount of ...

Page 171: ...pported Each stack switch can be connected to the STP backbone through one uplink Up to 64 VLANs are supported Connecting the Stack Ports A fast transition occurs across the stack of switches if the multidrop backbone connections are a continuous link from one GigaStack GBIC to another as shown in Figure 6 8 In addition follow these guidelines Do not connect alternate stack root ports to stack por...

Page 172: ...yst 3500 XL 7 8 3 5 6 4 2 1 SPEED SYSTEM RPS STATUS MODE UTIL DUPLX 2 Catalyst 3500 XL 1 MODE 1x 2x 3x 4x 5x 6x 7x 8x 9x 10x 11x 12x 13x 14x 15x 16x 17x 18x 19x 20x 21x 22x 23x 24x Catalyst 2900 1 2 1 2 1 2 1 2 Catalyst 3508G XL Catalyst 2924M XL Catalyst 3512 XL Catalyst 3524 XL MODE 1x 2x 3x 4x 5x 6x 7x 8x 9x 10x 11x 12x 13x 14x 15x 16x 17x 18x 19x 20x 21x 22x 23x 24x Catalyst 2900 1 2 SPEED SYS...

Page 173: ...nal For max update rate pkts per second specify the number of packets per second at which update packets are sent The range is 0 to 65535 the default is 150 packets per second Step 1 interface interface id Enter interface configuration mode and specify the GBIC interface on which to enable CSUF Step 2 spanning tree stack port Enable CSUF on only one stack port GBIC interface The stack port connect...

Page 174: ...with the lowest value has the highest priority and is selected as the root Max age Number of seconds 6 to 200 a switch waits without receiving STP configuration messages before attempting a reconfiguration This parameter takes effect when a switch is operating as the root switch Switches not acting as the root use the root switch Max age parameter Hello Time Number of seconds 1 to 10 between the t...

Page 175: ... to which the STP command applies Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 spanning tree vlan stp list protocol ieee ibm Specify the STP implementation to be used for a spanning tree instance Step 3 end Return to privileged EXEC mode Step 4 show spanning tree Verify your entry Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 s...

Page 176: ...configure terminal Enter global configuration mode Step 2 spanning tree vlan stp list max age seconds Specify the interval between messages the spanning tree receives from the root switch The maximum age is the number of seconds a switch waits without receiving STP configuration messages before attempting a reconfiguration Enter a number from 6 to 200 Step 3 end Return to privileged EXEC mode Step...

Page 177: ...g frames but is learning addresses Forwarding Port is forwarding frames and learning addresses Disabled Port has been removed from STP operation Down Port has no physical link Broken One end of the link is configured as an access port and the other end is configured as an 802 1Q trunk port or both ends of the link are configured as 802 1Q trunk ports but have different native VLAN IDs Command Purp...

Page 178: ...ort more quickly to an STP forwarding state Path Cost A lower path cost represents higher speed transmission This can affect which port remains enabled in the event of a loop Enter a number from 1 to 65535 The default is 100 for 10 Mbps 19 for 100 Mbps 14 for 155 Mbps ATM 4 for 1 Gbps 2 for 10 Gbps and 1 for interfaces with speeds greater than 10 Gbps Priority Number used to set the priority for a...

Page 179: ...al configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to be configured Step 3 spanning tree vlan stp list cost cost Configure the path cost for the specified spanning tree instance Enter a number from 1 to 65535 Step 4 end Return to privileged EXEC mode Step 5 show running config Verify your entry Command Purpose Step 1 configure terminal Enter glob...

Page 180: ...rk to be selected as the root port root guard then places the interface into the root inconsistent blocked state to prevent the customer switch from becoming the root switch or being in the path to the root If a switch outside the network becomes the root switch the interface is blocked root inconsistent state and STP selects a new root switch The customer switch does not become the root switch an...

Page 181: ...g media or MAC addresses and the VLAN ID Taking an IP address as input ARP determines the associated MAC address Once a MAC address is determined the IP MAC address association is stored in an ARP cache for rapid retrieval Then the IP datagram is encapsulated in a link layer frame and sent over the network Encapsulation of IP datagrams and ARP requests and replies on IEEE 802 networks other than E...

Page 182: ...d by connected routers through the further exchange of CGMP messages CGMP groups are maintained on a per VLAN basis a multicast IP address packet can be forwarded to one list of ports in one VLAN and to a different list of ports in another VLAN When a CGMP group is added it is added on a per VLAN per group basis When a CGMP group is removed it is only removed in a given VLAN Note The same multicas...

Page 183: ...sage to routers connected to the VLAN to delete the entire group The Fast Leave feature functions only if CGMP is enabled The client must be running IGMP version 2 for the Fast Leave feature to function properly Beginning in privileged EXEC mode follow these steps to enable the CGMP Fast Leave feature Disabling the CGMP Fast Leave Feature Beginning in privileged EXEC mode follow these steps to dis...

Page 184: ...he router hold time Removing Multicast Groups You can reduce the forwarding of IP multicast packets by removing groups from the Current Multicast Groups table Each entry in the table consists of the VLAN IGMP multicast address and ports You can use the CLI to clear all CGMP groups all CGMP groups in a VLAN or all routers their ports and their expiration times Beginning in privileged EXEC mode foll...

Page 185: ... associated MAC addresses in the switch forwarding table intercepts the IGMP messages and modifies the forwarding table to include or remove the subscriber as a receiver of the multicast stream This forwarding behavior selectively allows traffic to cross between the two VLANs Because MVR does not support IGMP dynamic joins the user or administrator must configure static multicast addresses on the ...

Page 186: ...minates the receiver port as a forwarding destination for this group Figure 6 10 Multicast VLAN Registration Example SP1 Multicast data Multicast data Customer premises SP SP RP Receiver Port SP Source Port Note All source ports belong to the multicast VLAN Hub TV data Set top box Set top box TV TV PC SP SP SP SP IGMP join Cisco router Multicast server Catalyst 2900 3500 XL switch Catalyst 2900 35...

Page 187: ...capture all IGMP join and leave messages from subscriber ports Because the Catalyst 2900 and Catalyst 3500 hardware cannot distinguish IP multicast data packets from IP multicast packets carrying IGMP protocol data all packets from subscriber ports destined for the configured multicast MAC addresses are forwarded to the switch CPU which distinguishes IGMP packets from regular multicast traffic Con...

Page 188: ...o remaining receiver ports on the switch active or inactive which means that the receiver VLAN might change every time the first receiver port is configured MVR implementation has the following limitations MVR is supported on only modular Catalyst 2900 XL switches Unknown multicast packets unknown unicast packets and broadcast packets are leaked from the multicast VLAN to the receiver ports MVR do...

Page 189: ...efore removing the port from multicast group membership The value is in units of tenths of a second The default is 5 tenths or one half second Step 3 mvr vlan vlan id Optional Specify the VLAN in which multicast data will be received all source ports must belong to this VLAN The default is VLAN 1 Step 4 interface interface Enter interface configuration mode and enter the type and number of the por...

Page 190: ...el Note Each IP address translates to a multicast 48 bit MAC address If an IP address being configured translates aliases to a previously configured MAC address the command fails Step 4 interface interface Enter interface configuration mode and enter the type and number of the port to configure for example fastethernet 0 1 Step 5 mvr type value Configure the port as either an MVR receiver port or ...

Page 191: ...mediate Leave feature of MVR on the port Note This command applies only to receiver ports and should only be enabled on receiver ports to which a single receiver device is connected Step 7 end Exit configuration mode Step 8 show mvr show mvr interface show mvr members Verify the configuration Step 9 copy running config startup config Save your configuration changes to NVRAM Command Purpose ...

Page 192: ... does not age and that is not lost when the switch resets The address tables list the destination MAC address and the VLAN ID module and port number associated with the address Figure 6 11 shows an example list of addresses as they would appear in the dynamic secure or static address table Figure 6 11 Contents of the Address Table MAC Addresses and VLANs All addresses are associated with a VLAN An...

Page 193: ... destination it floods the packet to all ports in the same VLAN as the receiving port This unnecessary flooding can impact performance Setting too long an aging time can cause the address table to be filled with unused addresses it can cause delays in establishing connectivity when a workstation is moved to a new port Beginning in privileged EXEC mode follow these steps to configure the dynamic ad...

Page 194: ...witch reassigns the secure address to the new port You can enter a secure port address even when the port does not yet belong to a VLAN When the port is later assigned to a VLAN packets destined for that address are forwarded to the port Beginning in privileged EXEC mode follow these steps to add a secure address Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 no m...

Page 195: ...other port for transmission Because all ports are associated with at least one VLAN the switch acquires the VLAN ID for the address from the ports that you select on the forwarding map A static address in one VLAN must be a static address in other VLANs A packet with a static address that arrives on a VLAN where it has not been statically entered is flooded to all ports and not learned Static addr...

Page 196: ...sses by using the clear mac address table static command in privileged EXEC mode Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 mac address table static hw addr in port out port list vlan vlan id Enter the MAC address the input port the ports to which it can be forwarded and the VLAN ID of those ports Step 3 end Return to privileged EXEC mode Step 4 show mac addre...

Page 197: ...omplete syntax and usage information for the commands described in this chapter refer to the Cisco IOS Release 12 0 Security Command Reference You can only configure this feature by using the CLI you cannot configure it through the Cluster Management Suite In large enterprise networks the task of administering passwords on each device can be simplified by centralizing user authentication on a serv...

Page 198: ...rough the CLI Note Although the TACACS configuration is performed through the CLI the TACACS server authenticates HTTP connections that have been configured with a privilege level of 15 Configuring the TACACS Server Host Use the tacacs server host command to specify the names of the IP host or hosts maintaining an AAA TACACS server On TACACS servers you can configure the following additional optio...

Page 199: ...cacs server key commands Step 5 Step 2 tacacs server retransmit retries Enter the number of times the server searches the list of TACACS servers before stopping The default is two Step 3 tacacs server timeout seconds Set the interval that the server waits for a TACACS server host to reply The default is 5 seconds Step 4 tacacs server attempts count Set the number of login attempts that can be made...

Page 200: ...entication You must enter username information into the database Use the username password global configuration command tacacs Uses TACACS authentication You must configure the TACACS server before you can use this authentication method For more information see the Configuring the TACACS Server Host section on page 6 62 Command Purpose Step 1 configure terminal Enter global configuration mode Step...

Page 201: ...nd line Specifying TACACS Authorization for EXEC Access and Network Services You can use the aaa authorization global configuration command with the tacacs keyword to set parameters that restrict a user s network access to Cisco IOS privilege mode EXEC access and to network services such as Serial Line Internet Protocol SLIP Point to Point Protocol PPP with Network Control Protocols NCPs and Apple...

Page 202: ...Enter global configuration mode Step 2 aaa authorization network tacacs Configure the switch for user TACACS authorization for all network related service requests including SLIP PPP NCPs and ARA protocols Step 3 aaa authorization exec tacacs Configure the switch for user TACACS authorization to determine if the user is allowed EXEC access The exec keyword might return user profile information suc...

Page 203: ...e steps to configure the switch for local AAA Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 aaa new model Enable AAA Step 3 aaa authentication login default local Set the login authorization to default to local Step 4 aaa authorization exec local Configure user AAA authorization for all network related service requests including SLIP PPP NCPs and ARA protocols St...

Page 204: ...Chapter 6 Configuring the System Configuring TACACS 6 68 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 05 ...

Page 205: ...t 2900 Series XL and Catalyst 3500 Series XL Command Reference Note Certain port features can conflict with one another Review the Avoiding Configuration Conflicts section on page 9 2 before you change the port settings This chapter does not repeat the concepts and CLI procedures provided in the standard Cisco IOS Release 12 0 documentation For switch features that use standard Cisco IOS Release 1...

Page 206: ...ngs of an attached device lose connectivity and do not generate statistics Asynchronous Transfer Mode ATM ports are always set to full duplex and do not autonegotiate duplex or speed settings GigaStack to GigaStack stack connections operate in half duplex mode and GigaStack to GigaStack point to point connections operate in full duplex mode If STP is enabled the switch can take up to 30 seconds to...

Page 207: ...peed parameter for the port You cannot enter the speed on Gigabit Ethernet or ATM ports Step 4 duplex full half auto Enter the duplex parameter for the port Step 5 end Return to privileged EXEC mode Step 6 show running config Verify your entries Step 7 copy running config startup config Optional Save your entry in the configuration file This retains the configuration when the switch restarts Comma...

Page 208: ...ackets can cause the network to slow down or to time out Storm control is configured for the switch as a whole but operates on a per port basis By default storm control is disabled Storm control uses high and low thresholds to block and then restore the forwarding of broadcast unicast or multicast packets You can also set the switch to shut down the port when the rising threshold is reached The ri...

Page 209: ...figuration mode and enter the port to configure Step 3 port storm control broadcast threshold rising rising number falling falling number Enter the rising and falling thresholds for broadcast packets Make sure the rising threshold is greater than the falling threshold Step 4 port storm control trap Generate an SNMP trap when the traffic on the port crosses the rising or falling threshold Step 5 en...

Page 210: ...ily flooded traffic does not cross VLAN boundaries but multi VLAN ports flood traffic to all VLANs they belong to Beginning in privileged EXEC mode follow these steps to disable the flooding of multicast and unicast packets to a port Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to configur...

Page 211: ... addresses on those ports are not aged If you move a network port to a VLAN without a network port it becomes the network port for the new VLAN You cannot change the settings for unicast and multicast flooding on a network port You can assign only one network port per VLAN For the restrictions that apply to a network port see the Changing the Password section on page 6 15 Caution A network port ca...

Page 212: ...Enter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to be configured Step 3 port network Define the port as the network port Step 4 end Return to privileged EXEC mode Step 5 show running config Verify your entry Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configurat...

Page 213: ... UDLD on the entire switch or on an individual port Use the udld reset command to reset all ports that have been shut down by UDLD Beginning in privileged EXEC mode follow these steps to configure UDLD on a switch Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 udld enable Enable UDLD on all switch ports Use the udld interface configuration command to enable UDLD o...

Page 214: ...nt types of port groups source based forwarding port groups and destination based forwarding port groups Source based forwarding port groups distribute packets forwarded to the group based on the source address of incoming packets You can configure up to eight ports in a source based forwarding port group Source based forwarding is enabled by default Destination based port groups distribute packet...

Page 215: ...hod it changes the forwarding for all ports in the group After the group is created changing STP or VLAN membership parameters for one port in the group automatically changes the parameters for all ports Each port group has one port that carries all unknown multicast broadcast and STP packets Port Group Restrictions on Static Address Forwarding The following restrictions apply to entering static a...

Page 216: ...nter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port of the first port to be added to the group Step 3 port group 1 distribution destination Assign the port to group 1 with destination based forwarding Step 4 interface interface Enter the second port to be added to the group Step 5 port group 1 distribution destination Assign the port to g...

Page 217: ...through a Layer 3 device Protected ports can forward any type of traffic to nonprotected ports and they forward as usual to all ports on other switches Note Sometimes unknown unicast traffic from a nonprotected port is flooded to a protected port because a MAC address has timed out or has not been learned by the switch Use the port block command to guarantee that in such a case no unicast and mult...

Page 218: ...not found in the table An incoming packet has a source address assigned as a secure address on another port Limiting the number of devices that can connect to a secure port has the following advantages Dedicated bandwidth If the size of the address table is set to 1 the attached device is guaranteed the full bandwidth of the port Added security Unknown devices cannot connect to the port The follow...

Page 219: ...s to disable port security Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode for the port you want to secure Step 3 port security max mac count 1 Secure the port and set the address table to one address Step 4 port security action shutdown Set the port to shutdown when a security violation occurs Step 5 end Retur...

Page 220: ... 2 Beginning in privileged EXEC mode follow these steps to enable SPAN Disabling SPAN Beginning in privileged EXEC mode follow these steps to disable SPAN Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port that acts as the monitor port Step 3 port monitor interface Enable port monitoring on the ...

Page 221: ...ing to transmit network traffic from the switch in a predictable manner The Cisco 7960 IP Phone itself is also a configurable device and you can configure it to forward traffic with an 802 1p priority You can use the CLI to configure the Catalyst 3524 PWR XL to honor or ignore a traffic priority assigned by a Cisco 7960 IP Phone The Cisco 7960 IP Phone contains an integrated three port 10 100 swit...

Page 222: ...P Phone All traffic is transmitted according to the default COS priority of the port This is the default Voice traffic is given a higher priority by the phone and all traffic is in the same VLAN Voice and data traffic are carried on separate VLANs and voice traffic always has a CoS priority of 5 Beginning in privileged EXEC mode follow these steps to configure a port to instruct the phone to give ...

Page 223: ... of frames arriving on the port Beginning in privileged EXEC mode follow these steps to override the CoS priority setting received from the non voice port on the Cisco 7960 IP Phone Use the no switchport priority extend command to return the port to its default setting Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration...

Page 224: ...d devices to switch ports that belong to VLAN 2 Beginning in privileged EXEC mode follow these steps to configure a port to receive voice and data from a Cisco IP Phone in different VLANs Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to be configured Step 3 switchport priority default 0 Ass...

Page 225: ...the switch supplies the power If there is power on the circuit the switch does not supply it You can configure the switch to never supply power to the Cisco 7960 IP Phone and to disable the detection mechanism See the Configuring Voice Ports section on page 7 17 for the CLI commands that you use to supply inline power to a Cisco 7960 IP Phone Beginning in privileged EXEC mode follow these steps to...

Page 226: ...28 ft 100 m The actual link rate between an LRE port and a remote Ethernet device in either direction depends on the active profile for the LRE port and the Ethernet link speed For example if a PC Ethernet port is configured to 100 Mbps and the LRE port is configured with an upstream link rate of 5 69 Mbps the actual upload rate provided to the PC user is 5 69 Mbps not 100 Mbps Conversely if the P...

Page 227: ...witch are enabled with the LRE 10 private profile in effect Public We strongly recommend using a public profile if the switch is used with equipment connected to a Public Switched Telephone Network PSTN When the switch is configured with a public profile all LRE ports use the same configuration to prevent the switch from causing interference with the other lines on the PSTN The standards for spect...

Page 228: ...e profiles If you assign a public profile to the switch the switch ignores the private profile settings and uses the public profile settings on all LRE ports If you assign a different public profile the change immediately takes effect If a public profile is configured on the switch and you want the LRE ports to use private profiles you must first disable the public profile by using CMS or by using...

Page 229: ...ection between the Ethernet port on the Cisco 575 LRE CPE and an Ethernet device such as a PC or a television set top box You can set the CPE Ethernet port to operate at 10 or 100 Mbps and at half or full duplex mode depending on the capability of the remote Ethernet device Autonegotiation for port speed and duplex mode is supported The default speed for the CPE Ethernet port is auto the default d...

Page 230: ...e lre shutdown interface configuration command to disable the LRE chipset transmitter on any LRE ports that are not connected to a CPE This prevents access to the LRE port and prevents the power emitted from the port from affecting other ports Use the show controllers ethernet controller privileged EXEC command to display the internal switch statistics the statistics collected by the switch LRE ch...

Page 231: ... switch use the no lre profile global global configuration command Changes to the public profile settings are immediately put in effect and the public mode automatically becomes the active mode Beginning in privileged EXEC mode follow these steps to assign a public profile to the LRE ports Use the show controllers lre commands to display the LRE link statistics and profile information on the LRE p...

Page 232: ... follow these steps to assign a private profile to an LRE port Use the show controllers lre commands to display the LRE link statistics and profile information on the LRE ports For information about these commands refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface LRE interfac...

Page 233: ...eries XL and Catalyst 3500 Series XL Command Reference Note Certain port features can conflict with one another Review the Avoiding Configuration Conflicts section on page 9 2 before you change the port settings This chapter does not repeat the concepts and CLI procedures provided in the standard Cisco IOS Release 12 0 documentation For switch features that use standard Cisco IOS Release 12 0 comm...

Page 234: ... destined for stations that do not belong to the VLAN must be forwarded through a router or bridge as shown in Figure 8 1 VLANs are identified with a number of 1 to 1001 Because a VLAN is considered a separate logical network it contains its own bridge Management Information Base MIB information and can support its own implementation of the Spanning Tree Protocol STP For information about managing...

Page 235: ...ll of the GigaStack GBIC interfaces as trunk ports by using the switchport mode trunk interface configuration command and to use the same encapsulation method by using the switchport encapsulation isl dot1q interface configuration command For more information on these commands refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference Trunking is not supported on all switch...

Page 236: ...wn Before changing the management VLAN on your switch network make sure you follow these guidelines The new management VLAN should not have an Hot Standby Router Protocol HSRP standby group configured on it You must be able to move your network management station to a switch port assigned to the same VLAN as the new management VLAN Connectivity through the network must exist from the network manag...

Page 237: ... switch can be added to a cluster it must be connected to a port that belongs to the cluster management VLAN If the cluster is configured with a management VLAN other than the default the command switch changes the management VLAN for new switches when they are connected to the cluster In this way the new switch can exchange CDP messages with the command switch and be proposed as a cluster candida...

Page 238: ...nning in privileged EXEC mode on the command switch follow these steps to configure the management VLAN interface through a Telnet connection Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 cluster management vlan vlanid Change the management VLAN for the cluster This ends your Telnet session Move the port through which you are connected to the switch to a port in ...

Page 239: ...02 1Q A trunk is a member of all VLANs in the VLAN database by default but membership can be limited by configuring the allowed VLAN list You can also modify the pruning eligible list to block flooded traffic to VLANs on trunk ports that are included in the list VLAN Trunk Protocol VTP maintains VLAN configuration consistency by managing the addition deletion and renaming of VLANs on a network wid...

Page 240: ...uration Procedure Comments Static access ports No Assigning Static Access Ports to a VLAN section on page 8 10 If you do not want to use VTP to globally propagate the VLAN configuration information you can assign a static access port to a VLAN and set the VTP mode to transparent to disable VTP Static access and multi VLAN ports No Overlapping VLANs and Multi VLAN Ports section on page 8 11 Assigni...

Page 241: ... 37 You can change the VTP version on the switch and enable VTP pruning You can define the allowed VLAN list change the pruning eligible list and configure the native VLAN for untagged traffic on the trunk port Dynamic access and trunk ports Yes Configuring Dynamic VLAN Membership section on page 8 57 Configuring Dynamic Ports on VMPS Clients section on page 8 58 Configuring a Trunk Port section o...

Page 242: ...C mode follow these steps to assign ports for multi VLAN membership Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to be added to the VLAN Step 3 switchport mode multi Enter the VLAN membership mode for multi VLAN ports Step 4 switchport multi vlan vlan list Assign the port to more than one ...

Page 243: ... all its assigned VLANs For example when a multi VLAN port receives an unknown Media Access Control MAC address all the VLANs to which the port belongs learn the address Multi VLAN ports also respond to the STP messages generated by the different instances of STP in each VLAN For the restrictions that apply to multi VLAN ports see the Avoiding Configuration Conflicts section on page 9 2 Figure 8 2...

Page 244: ...ion changes centrally on a single switch such as a Catalyst 2900 XL or Catalyst 3500 XL switch and have those changes automatically communicated to all the other switches in the network Without VTP you cannot send information about VLANs to other switches Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and ente...

Page 245: ... default VTP mode is server mode but VLAN information is not propagated over the network until a domain name is specified or learned If the switch receives a VTP advertisement over a trunk link it inherits the domain name and configuration revision number The switch then ignores advertisements with a different domain name or an earlier configuration revision number When you make a change to the VL...

Page 246: ...ed over trunk links In VTP server mode VLAN configurations are saved in nonvolatile RAM VTP server is the default mode VTP client In this mode a VTP client behaves like a VTP server but you cannot create change or delete VLANs on a VTP client In VTP client mode VLAN configurations are saved in nonvolatile RAM VTP transparent In this mode VTP transparent switches do not participate in VTP A VTP tra...

Page 247: ...ges to transparent mode The VTP Configuration Guidelines section on page 8 18 provides tips and caveats for configuring VTP VTP Advertisements Each switch in the VTP domain sends periodic global configuration advertisements from each trunk port to a reserved multicast address Neighboring switches receive these advertisements and update their VTP and VLAN configurations as necessary Note Because tr...

Page 248: ...tes configuration changes to its other trunks even for TLVs it is not able to parse The unrecognized TLV is saved in nonvolatile RAM when the switch is operating in VTP server mode Version Dependent Transparent Mode In VTP version 1 a VTP transparent switch inspects VTP messages for the domain name and version and forwards a message only if the version and domain name match Because only one domain...

Page 249: ...ly VLANs included in the pruning eligible list can be pruned By default VLANs 2 through 1001 are pruning eligible on Catalyst 2900 XL and Catalyst 3500 XL trunk ports If the VLANs are configured as pruning ineligible the flooding continues VTP pruning is also supported with VTP version 1 and version 2 Figure 8 3 shows a switched network with VTP pruning enabled The broadcast traffic from Switch 1 ...

Page 250: ...onfiguration of that domain Therefore make sure you configure at least one switch in the VTP domain for VTP server mode Passwords You can configure a password for the VTP domain but it is not required All domain switches must share the same password Switches without a password or with the wrong password reject VTP advertisements Caution The domain does not function properly if you do not assign th...

Page 251: ...TP Version Follow these guidelines when deciding which VTP version to implement All switches in a VTP domain must run the same VTP version A VTP version 2 capable switch can operate in the same VTP domain as a switch running VTP version 1 if version 2 is disabled on the version 2 capable switch Version 2 is disabled by default Do not enable VTP version 2 on a switch unless all of the switches in t...

Page 252: ...re configuring VTP on a cluster member switch to a VLAN first log in to the member switch by using the privileged EXEC rcommand command For more information on how to use this command refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference Note The Cisco IOS end and Ctrl Z commands are not supported in VLAN database mode After you configure VTP you must configure a trunk...

Page 253: ...ve domain name The name can be from 1 to 32 characters All switches operating in VTP server or client mode under the same administrative responsibility must be configured with the same domain name Step 3 vtp password password value Optional Set a password for the VTP domain The password can be from 8 to 64 characters If you configure a VTP password the VTP domain does not function properly if you ...

Page 254: ...nt mode Command Purpose Step 1 vlan database Enter VLAN database mode Step 2 vtp client Configure the switch for VTP client mode The default setting is VTP server Step 3 vtp domain domain name Configure a VTP administrative domain name The name can be from 1 to 32 characters All switches operating in VTP server or client mode under the same administrative responsibility must be configured with the...

Page 255: ...tches However a VTP transparent switch does forward received VTP advertisements on all of its trunk links Beginning in privileged EXEC mode follow these steps to configure the switch for VTP transparent mode Command Purpose Step 1 vlan database Enter VLAN database mode Step 2 vtp transparent Configure the switch for VTP transparent mode The default setting is VTP server This step disables VTP on t...

Page 256: ...h in the VTP domain supports version 2 Note In a Token Ring environment you must enable VTP version 2 for Token Ring VLAN switching to function properly For more information on VTP version configuration guidelines see the VTP Version section on page 8 19 Beginning in privileged EXEC mode follow these steps to enable VTP version 2 Command Purpose Step 1 vlan database Enter VLAN configuration mode S...

Page 257: ...P version 1 and version 2 If you enable pruning on the VTP server it is enabled for the entire VTP domain Only VLANs included in the pruning eligible list can be pruned By default VLANs 2 through 1001 are pruning eligible on Catalyst 2900 XL and Catalyst 3500 XL trunk ports For information see the Changing the Pruning Eligible List section on page 8 42 Command Purpose Step 1 vlan database Enter VL...

Page 258: ...EC mode follow these steps to monitor VTP activity Command Purpose Step 1 vlan database Enter VLAN configuration mode Step 2 vtp pruning Enable pruning in the VTP administrative domain By default pruning is disabled You only need to enable pruning on one switch in VTP server mode Step 3 exit Update the VLAN database propagate it throughout the administrative domain and return to privileged EXEC mo...

Page 259: ...for FDDI and TrCRF VLANs Parent VLAN number for TrCRF VLANs STP type for TrCRF VLANs VLAN number to use when translating from one VLAN type to another The Default VLAN Configuration section on page 8 28 lists the default values and possible ranges for each VLAN media type Token Ring VLANs Although the Catalyst 2900 XL and Catalyst 3500 XL switches do not support Token Ring connections a remote dev...

Page 260: ...t be in VTP server mode or VTP transparent mode For information on configuring VTP see the Configuring VTP section on page 8 20 Switches running this IOS release do not support Token Ring or FDDI media The switch does not forward FDDI FDDI Net TrCRF or TrBRF traffic but it does propagate the VLAN configuration through VTP Default VLAN Configuration Table 8 6 through Table 8 10 shows the default co...

Page 261: ...SAID 100000 VLAN ID 1 4294967294 MTU size 1500 1500 18190 Translational bridge 1 0 0 1005 Translational bridge 2 0 0 1005 VLAN state active active suspend Table 8 7 FDDI VLAN Defaults and Ranges Parameter Default Range VLAN ID 1002 1 1005 VLAN name VLANxxxx where xxxx is the VLAN ID No range 802 10 SAID 100000 VLAN ID 1 4294967294 MTU size 1500 1500 18190 Ring number None 1 4095 Parent VLAN 0 0 10...

Page 262: ...8190 Bridge number 0 0 15 STP type ieee auto ibm ieee Translational bridge 1 0 0 1005 Translational bridge 2 0 0 1005 VLAN state active active suspend Table 8 9 Token Ring TrBRF VLAN Defaults and Ranges Parameter Default Range VLAN ID 1005 1 1005 VLAN name VLANxxxx where xxxx is the VLAN ID No range 802 10 SAID 100000 VLAN ID 1 4294967294 MTU size VTPv1 1500 VTPv2 4472 1500 18190 Bridge number VTP...

Page 263: ...name VLANxxxx where xxxx is the VLAN ID No range 802 10 SAID 100000 VLAN ID 1 4294967294 Ring Number VTPv1 default 0 VTPv2 user specified 1 4095 Parent VLAN VTPv1 default 0 VTPv2 user specified 0 1005 MTU size VTPv1 default 1500 VTPv2 default 4472 1500 18190 Translational bridge 1 0 0 1005 Translational bridge 2 0 0 1005 VLAN state active active suspend Bridge mode srb srb srt ARE max hops 7 0 13 ...

Page 264: ...tion You can cause inconsistency in the VLAN database if you attempt to manually delete the vlan dat file If you want to modify the VLAN configuration or VTP use the VLAN database commands described in the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference You use the interface configuration command mode to define the port membership mode and add and remove ports from VLANs The ...

Page 265: ... VLAN media type the VLAN is an Ethernet VLAN Beginning in privileged EXEC mode follow these steps to add an Ethernet VLAN Command Purpose Step 1 vlan database Enter VLAN database mode Step 2 vlan vlan id name vlan name Add an Ethernet VLAN by assigning a number to it If no name is entered for the VLAN the default is to append the vlan id to the word VLAN For example VLAN0004 could be a default VL...

Page 266: ... mode the VLAN is deleted only on that specific switch You cannot delete the default VLANs for the different media types Ethernet VLAN 1 and FDDI or Token Ring VLANs 1002 to 1005 Caution When you delete a VLAN any ports assigned to that VLAN become inactive They remain associated with the VLAN and thus inactive until you assign them to a new VLAN Command Purpose Step 1 vlan database Enter VLAN con...

Page 267: ...these steps to assign a port to a VLAN in the VTP database Command Purpose Step 1 vlan database Enter VLAN configuration mode Step 2 no vlan vlan id Remove the VLAN by using the VLAN ID Step 3 exit Update the VLAN database propagate it throughout the administrative domain and return to privileged EXEC mode Step 4 show vlan brief Verify the VLAN removal Command Purpose Step 1 configure terminal Ent...

Page 268: ...entire network 100BASE T and Gigabit Ethernet trunks use Cisco Inter Switch Link ISL the default protocol or industry standard IEEE 802 1Q to carry traffic for multiple VLANs over a single link Figure 8 4 shows a network of switches that are connected by ISL trunks Figure 8 4 Catalyst 2900 XL and Catalyst 3500 XL Switches in an ISL Trunking Environment Catalyst 5000 series switch Catalyst 2900 XL ...

Page 269: ...ery VLAN in the network can potentially cause STP loops We recommend that you leave STP enabled on the native VLAN of an 802 1Q trunk or disable STP on every VLAN in the network Make sure your network is loop free before disabling STP Trunks Interacting with Other Features ISL IEEE 802 1Q and ATM trunking interacts with other switch features as described in Table 8 11 Table 8 11 Trunks Interacting...

Page 270: ... used to block the forwarding of unknown unicast and multicast packets to VLANs on a trunk However if the trunk port is acting as a network port unknown unicast packets cannot be blocked Port grouping ISL and 802 1Q trunks can be grouped into EtherChannel port groups but all trunks in the group must have the same configuration ATM ports are always trunk ports but cannot be part of an EtherChannel ...

Page 271: ... switch port does not generate DTP frames Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface_id Enter the interface configuration mode and the port to be configured for trunking Step 3 switchport mode trunk Configure the port as a VLAN trunk Step 4 switchport trunk encapsulation isl dot1q Configure the port to support ISL or 802 1Q encapsulation Yo...

Page 272: ... to remove specific VLANs from the allowed list A trunk port can become a member of a VLAN if the VLAN is enabled if VTP knows of the VLAN and if the VLAN is in the allowed list for the port When VTP detects a newly enabled VLAN and the VLAN is in the allowed list for a trunk port the trunk port automatically becomes a member of the enabled VLAN When VTP detects a new VLAN and the VLAN is not in t...

Page 273: ...nd the port to be added to the VLAN Step 3 switchport mode trunk Configure VLAN membership mode for trunks Step 4 switchport trunk allowed vlan remove vlan list Define the VLANs that are not allowed to transmit and receive on the port The vlan list parameter is a range of VLAN IDs Separate nonconsecutive VLAN IDs with a comma and no spaces use a hyphen to designate a range of IDs Valid IDs are fro...

Page 274: ...e steps to remove VLANs from the pruning eligible list on a trunk port Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface id Enter interface configuration mode and select the trunk port for which VLANs should be pruned Step 3 switchport trunk pruning vlan remove vlan id Enter the VLANs to be removed from the pruning eligible list Separate nonconsec...

Page 275: ...es see the IEEE 802 1Q Configuration Considerations section on page 8 37 Beginning in privileged EXEC mode follow these steps to configure the native VLAN on an 802 1Q trunk If a packet has a VLAN ID the same as the outgoing port native VLAN ID the packet is transmitted untagged otherwise the switch transmits the packet with a tag Command Purpose Step 1 configure terminal Enter global configuratio...

Page 276: ...s refer to the Catalyst 6000 documentation There are differences in the 802 1p implementation and they should be understood to ensure compatibility Port Priority Frames received from users in the administratively defined VLANs are classified or tagged for transmission to other devices Based on rules you define a unique identifier the tag is inserted in each frame header before it is forwarded The ...

Page 277: ...ort information Frames in the normal priority queue are forwarded only after frames in the high priority queue are forwarded Table 8 12 shows the two categories of switch transmit queues Table 8 12 Transmit Queue Information Transmit Queue Category1 1 Catalyst 2900 XL switches with 4 MB of DRAM and the WS X2914 XL and the WS X2922 XL modules only have one transmit queue and do not support QoS Tran...

Page 278: ... port priorities both load sharing links must be connected to the same switch For load sharing using STP path costs each load sharing link can be connected to the same switch or to two different switches For more information about STP see the Configuring STP section on page 6 24 Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter the interface...

Page 279: ...or receives all traffic for the VLAN Figure 8 5 shows two trunks connecting supported switches In this example the switches are configured as follows VLANs 8 through 10 are assigned a port priority of 10 on trunk 1 VLANs 3 through 6 retain the default port priority of 128 on trunk 1 VLANs 3 through 6 are assigned a port priority of 10 on trunk 2 VLANs 8 through 10 retain the default port priority ...

Page 280: ...erating Mode and the VTP Domain Name fields Step 6 show vlan Verify that the VLANs exist in the database on Switch 1 Step 7 configure terminal Enter global configuration mode Step 8 interface fa0 1 Enter interface configuration mode and define Fa0 1 as the interface to be configured as a trunk Step 9 switchport mode trunk Configure the port as a trunk port The trunk defaults to ISL trunking Step 1...

Page 281: ... spanning tree vlan 8 9 10 port priority 10 Assign the port priority of 10 for VLANs 8 9 and 10 Step 18 end Return to global configuration mode Step 19 interface fa0 2 Enter interface configuration mode and define the interface to set the STP port priority Step 20 spanning tree vlan 3 4 5 6 port priority 10 Assign the port priority of 10 for VLANs 3 4 5 and 6 Step 21 exit Return to privileged EXEC...

Page 282: ... maintained in the event of a lost link In Figure 8 6 trunk ports 1 and 2 are 100BASE T ports The path costs for the VLANs are assigned as follows VLANs 2 through 4 are assigned a path cost of 30 on trunk port 1 VLANs 8 through 10 retain the default 100BASE T path cost on trunk port 1 of 19 VLANs 8 through 10 are assigned a path cost of 30 on trunk port 2 VLANs 2 through 4 retain the default 100BA...

Page 283: ...ify your entries In the display make sure that interface Fa0 1 and Fa0 2 are configured as trunk ports Step 7 show vlan When the trunk links come up Switch 1 receives the VTP information from the other switches Verify that Switch 1 has learned the VLAN configuration Step 8 configure terminal Enter global configuration mode Step 9 interface fa0 1 Enter interface configuration mode and define Fa0 1 ...

Page 284: ...LAN name to the client in response If the VLAN is not allowed on the port and the VMPS is not in secure mode the VMPS sends an access denied response If the VLAN is not allowed on the port and the VMPS is in secure mode the VMPS sends a port shutdown response If the VLAN in the database does not match the current VLAN on the port and active hosts exist on the port the VMPS sends an access denied o...

Page 285: ...the VMPS If the client switch was previously configured it includes its domain name in the query packet to the VMPS to obtain its VLAN number The VMPS verifies that the domain name in the packet matches its own domain name before accepting the request and responds to the client with the assigned VLAN number for the client If there is no match the VMPS either denies the request or shuts down the po...

Page 286: ... command switch adds the name of the switch before the Fa For example es3 Fa02 refers to fixed 10 100 port 2 on member switch 3 These naming conventions must be used in the VMPS database configuration file when it is configured to support a cluster You can configure a fallback VLAN name If you connect a device with a MAC address that is not in the database the VMPS sends the fallback VLAN name to ...

Page 287: ...ts vmps port group WiringCloset1 device 192 168 1 1 port Fa1 3 device 172 16 1 1 port Fa1 4 vmps port group Executive Row device 192 168 2 2 port es5 Fa0 1 device 192 168 2 2 port es5 Fa0 2 device 192 168 2 3 all ports VLAN groups vmps vlan group group name vlan name vlan name vmps vlan group Engineering vlan name hardware vlan name software VLAN port Policies vmps port policies vlan name vlan_nam...

Page 288: ... a port as dynamic the spanning tree Port Fast feature is automatically enabled for that port The Port Fast mode accelerates the process of bringing the port into the forwarding state You can disable Port Fast mode on a dynamic port Secure ports cannot be dynamic ports You must disable port security on the port before it becomes dynamic Trunk ports cannot be dynamic ports but it is possible to ent...

Page 289: ...nning in privileged EXEC mode follow these steps to enter the IP address of the VMPS Table 8 13 Default VMPS Client and Dynamic Port Configuration Feature Default Configuration VMPS domain server None VMPS reconfirm interval 60 minutes VMPS server retry count 3 Dynamic ports None configured Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 vmps server ipaddress prima...

Page 290: ...rivileged EXEC mode follow these steps to configure a dynamic port on the VMPS client switches The switch port that is connected to the VMPS server should be configured as a trunk For more information see the Configuring a Trunk Port section on page 8 38 Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and the s...

Page 291: ...and switch In addition you must first log into the member switch by using the privileged EXEC rcommand command For more information about this command refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference Beginning in privileged EXEC mode follow these steps to change the reconfirmation interval Command Purpose Step 1 vmps reconfirm Reconfirm dynamic port VLAN membershi...

Page 292: ...e Step 4 show vmps Verify your entry In the display check the Server Retry Count field VMPS VQP Version The version of VQP used to communicate with the VMPS The switch queries the VMPS using version 1 of VQP Reconfirm Interval The number of minutes the switch waits before reconfirming the VLAN to MAC address assignments Server Retry Count The number of times VQP resends a query to the VMPS If no r...

Page 293: ...a shut down dynamic port enter the interface configuration no shutdown command Dynamic Port VLAN Membership Configuration Example Figure 8 7 shows a network with a VMPS server switch and VMPS client switches with dynamic ports In this example these assumptions apply The VMPS server and the VMPS client are separate switches The Catalyst 5000 series Switch 1 is the primary VMPS server The Catalyst 5...

Page 294: ... Secondary VMPS Server 3 172 20 26 150 172 20 26 151 Trunk port Catalyst 5000 series 172 20 26 152 Ethernet segment Trunk link 172 20 26 153 172 20 26 154 172 20 26 155 172 20 26 156 172 20 26 157 172 20 26 158 172 20 26 159 Client Client End station 2 End station 1 TFTP server Dynamic access port Dynamic access port Switch 10 Switch 9 Switch 8 Switch 7 Switch 6 Switch 5 Switch 3 Switch 2 Switch 1...

Page 295: ...ding configuration conflicts Avoiding autonegotiation mismatches Copying configuration files to troubleshooting configuration problems Troubleshooting the Long Reach Ethernet port configuration Troubleshooting Cluster Management Suite CMS sessions Troubleshooting switch upgrades Recovering from corrupted software Recovering from a lost or forgotten password For additional troubleshooting informati...

Page 296: ... issues a warning message that you are configuring a setting that is incompatible with another setting and the switch does not save the change Table 9 1 Conflicting Features ATM Port1 1 Catalyst 2900 XL switches only Port Group Port Security SPAN Port Multi VLAN Port Network Port Connect to Cluster Protected Port ATM Port N A No No No No No Yes No Port Group No No No Yes Yes2 2 Cannot be in a dest...

Page 297: ...t is set to autonegotiate and the connected port is set to full duplex with no autonegotiation To maximize switch performance and ensure a link follow one of these guidelines when changing the settings for duplex and speed Let both ports autonegotiate both speed and duplex Manually set the speed and duplex parameters for the ports on both ends of the connection Note If a remote Fast Ethernet devic...

Page 298: ...he limit of operation Change to a profile using a lower QAM rate Reduce the effect of stubs or bridge taps by terminating them with 300 Ohm microfilters High Reed Solomon error count without CRC errors Interleaver is helping Reed Solomon error correction to function correctly in a noisy environment This situation means that the system is on the verge of generating CRC errors Ensure that the interl...

Page 299: ...nstalled This notification does not occur if your PC is directly connected to the switch and has no internet connection If the plug in is installed but the Java applet does not initialize do the following Select Start Programs Java Plug in Control Panel In the Proxies tab verify that Use browser settings is checked and that no proxies are enabled Make sure that the HTTP port number is 80 CMS only ...

Page 300: ...t automatically reflect the latest configuration changes Make sure you click the browser Refresh button for every configuration change Link graphs do not display information in an Internet Explorer 5 0 browser For switches running software earlier than Cisco IOS Release 12 0 5 WC 1 Your browser security settings could be incorrect If your browser security settings are correct the lower right corne...

Page 301: ...or your switches click OK 11 While still in the Security tab of the Internet Options window click Custom Level 12 In the Security Settings window select Java Java permissions If you do not see Java Java permissions you need to reinstall the browser When you reinstall this browser make sure to select the Install Minimal or Customize Your Browser check box Then from the Component Options window in t...

Page 302: ...ou can learn why by selecting Views Toggle View from the menu bar in Cluster Builder Cluster View displays the cluster as a double switch icon and shows connections to devices outside the cluster Figure 9 1 Right click the device yellow label and select Disqualification Code Figure 9 1 Cluster View Right click a device with a yellow label to display the device pop up menu and select Disqualificati...

Page 303: ...lacement switch and avoid having to reconfigure the switch Step 1 Enter the privileged EXEC dir flash command to display the contents of Flash memory switch dir flash Directory of flash 2 rwx 843947 Mar 01 1993 00 02 18 C2900XL h mz 112 8 SA 4 drwx 3776 Mar 01 1993 01 23 24 html 66 rwx 130 Jan 01 1970 00 01 19 env_vars 68 rwx 1296 Mar 01 1993 06 55 51 config text 1728000 bytes total 456704 bytes f...

Page 304: ...ng Address Range error message and boot up is failing This error message appears when a 4 MB Catalyst 2900 XL switch is upgraded to an image that is not supported on this hardware The switch in this case tries to load the image but because this switch is not capable of loading this image the bootup process fails This also happens in cases when a 4 MB Catalyst 2900 XL switch is upgraded to an IOS 1...

Page 305: ...stem is unable to load a software image in Flash memory the system will load the boot helper and bring up a switch prompt 1 Enter the dir flash command to verify if there is any bootable image on the Flash The file with bin extension is the bootable image on the Flash If you see a bootable image on the Flash continue to Step 2 If you do not see any bootable image in the Flash download the IOS Imag...

Page 306: ...ither the BOOT parameters are not correct and the switch is still set to boot from the old image or the upgrade did not go through properly Verify the BOOT parameters and correct them if needed If the BOOT parameters are correct download the IOS Image File using TFTP If the switch still boots with the old image download the IOS Image File using X Modem Switch not booting automatically needs a manu...

Page 307: ...with member switches If you are unable to maintain management contact with a member and the member switch is forwarding packets normally check for the following port configuration conflicts Member switches cannot connect to the command switch through a port that is defined as a network port For information on the network port feature see the Enabling a Network Port section on page 7 7 Member switc...

Page 308: ...e member switches is lost and a new command switch must be installed However connectivity between switches that are still connected is not affected and the member switches forward packets as usual You can manage the members as standalone switches through the console port or if they have IP addresses through the other management interfaces You can prepare for a command switch failure by assigning a...

Page 309: ...command line interface CLI session on the new command switch You can access the CLI by using the console port or if an IP address has been assigned to the switch by using Telnet For details about using the console port refer to the switch installation guide Step 4 At the switch prompt change to privileged EXEC mode Switch enable Switch Step 5 Enter the password of the failed command switch Step 6 ...

Page 310: ...n dialog yes no Step 10 Enter Y at the first prompt Continue with configuration dialog yes no y Step 11 Enter the switch IP address and press Return Enter IP address ip_address Step 12 Enter the subnet mask and press Return Enter IP netmask ip_netmask Step 13 Enter Y at the next prompt to specify a default gateway router Would you like to enter a default gateway address yes y Step 14 Enter the IP ...

Page 311: ...ces but ignores leading spaces Step 18 Enter the Telnet password and press Return Enter Telnet password telnet_password Step 19 Enter Y to configure the switch as the cluster command switch Enter N to configure it as a member switch or as a standalone switch Note If you enter N the switch appears as a candidate switch in Cluster Builder In this case the message in Step 20 is not displayed Would yo...

Page 312: ...rect enter Y at the prompt and press Return If the information is not correct enter N at the prompt press Return and begin again at Step 1 Use this configuration yes no y Step 23 Start your browser and enter the switch IP address that you entered in Step 11 Step 24 Display the VSM Home page for the switch and select Enabled from the Command Switch drop down list Step 25 Click Cluster Management an...

Page 313: ...the switch prompt change to privileged EXEC mode Switch enable Switch Step 4 Enter the password of the failed command switch Step 5 Use the setup program to configure the switch IP information This program prompts you for an IP address subnet mask default gateway and password From privileged EXEC mode enter setup and press Return Switch setup System Configuration Dialog At any point you may enter ...

Page 314: ...e The password can be from 1 to 25 alphanumeric characters can start with a number is case sensitive allows spaces but ignores leading spaces Enter enable secret secret_password Step 13 Enter Y to enter a Telnet password Would you like to configure a Telnet password yes y Note The password can be from 1 to 25 alphanumeric characters is case sensitive allows spaces but ignores leading spaces Step 1...

Page 315: ...pS cXtAlkyR3 6Cn8 line vty 0 15 password telnet_password snmp community private rw snmp community public ro cluster enable cls_name end Step 18 Verify that the information is correct If the information is correct enter Y at the prompt and press Return If the information is not correct enter N at the prompt press Return and begin again at Step 1 Use this configuration yes no y Step 19 Start your br...

Page 316: ...ring from a Command Switch Failure section on page 9 14 Recovering from a Lost or Forgotten Password Follow the steps in this procedure if you have forgotten or lost the switch password Step 1 Connect a terminal or PC with terminal emulation software to the console port For more information refer to the switch installation guide Note You can configure your switch for Telnet by following the proced...

Page 317: ... to match that of the switch console port Step 7 Load any helper files switch load_helper Step 8 Display the contents of Flash memory switch dir flash The switch file system is displayed Directory of flash 2 rwx 843947 Mar 01 1993 00 02 18 C2900XL h mz 112 8 SA 4 drwx 3776 Mar 01 1993 01 23 24 html 66 rwx 130 Jan 01 1970 00 01 19 env_vars 68 rwx 1296 Mar 01 1993 06 55 51 config text 1728000 bytes ...

Page 318: ...on file into memory switch copy flash config text system running config Source filename config text Destination filename running config Press Return in response to the confirmation prompts The configuration file is now reloaded and you can use the following normal commands to change the password Step 14 Enter global configuration mode switch config terminal Step 15 Change the password switch confi...

Page 319: ...e XMODEM protocol and this procedure is largely dependent on the emulation software you are using Step 1 Connect a PC with terminal emulation software supporting the XMODEM Protocol to the switch console port Step 2 Set the line speed on the emulation software to 9600 baud Step 3 Unplug the switch power cord Step 4 Reconnect the power cord to the switch The software image does not load The switch ...

Page 320: ...Chapter 9 Troubleshooting Recovery Procedures 9 26 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 05 ...

Page 321: ...nsole and optionally to a logging server on another system during operation Not all system error messages indicate problems with your system Some messages are purely informational while others can help diagnose problems with communications lines internal hardware or the system software This appendix contains the following sections How to Read System Error Messages page A 2 Error Message Traceback ...

Page 322: ...C Message text FACILITY is a code consisting of two or more uppercase letters that indicate the facility to which the message refers A facility can be a hardware device a protocol or a module of the system software Table A 1 lists the system facility codes Table A 1 Facility Codes Code Facility CHASSIS Chassis CMP Cluster Membership Protocol ENVIRONMENT Environment GIGASTACK GigaStack GBIC LINK Li...

Page 323: ...tions in the system memory address space Because the information in these variable fields changes from message to message it is represented here by short strings enclosed in square brackets A decimal number for example is represented as dec Table A 3 lists the variable fields in messages Table A 2 Message Severity Levels Severity Level Description 0 emergency System is unusable 1 alert Immediate a...

Page 324: ...TY MNEMONIC Message text CARD is a code that describes the type of card reporting the error MSG is a mnemonic that means that this is a message It is always shown as MSG SLOT means that the slot number of the card reporting the error It is shown as SLOT followed by a number For example SLOT5 Error Message Traceback Reports Some messages describe internal errors and contain traceback information Th...

Page 325: ...e Chassis error message CHASSIS 5 BLADE_EXTRACT Explanation The message means that the hot swap switch has been pressed Action Extract the module CMP Messages This section contains the Cluster Membership Protocol CMP error messages CMP 5 ADD The Device is added to the cluster Cluster Name chars CMDR IP Address inet Explanation The message means that the device is added to the cluster chars is the ...

Page 326: ... is available only on the Catalyst 3524 PWR XL switch Action Either check the switch itself or use the show env privileged EXEC command to check if a fan on the switch has failed The Catalyst 3524 PWR XL switch can operate normally with one failed fan Replace the switch at your convenience ENVIRONMENT 2 OVER_TEMP Explanation This message means that an overtemperature condition is detected This mes...

Page 327: ...igaStack GBIC is selected as the Master Loop Breaker Link 2 of this GigaStack GBIC is disabled to break the loop Action No action is required GIGASTACK 6 NO_LOOP_DETECT Explanation This message means that no acknowledgement for GigaStack loop detection request is received from one of the links on a GigaStack GBIC Either the neighboring switch does not support the GigaStack Loop breaking algorithm ...

Page 328: ...een the LRE port and the CPE device has been lost and that no Ethernet traffic is being transferred This could be the result of reconfiguring the port reconfiguring a profile in use by this port a physical disconnection or reconnection of the LRE connector on the switch or by someone disconnecting the CPE LRE cable or cycling its power It might also be caused by any substantial interruption of the...

Page 329: ... profile on the port to one that has a lower rate or has a longer reach There might be too many impairments on the connection between the switch and the CPE for the ports to sustain the profile rate If you suspect the switch or CPE is faulty contact Cisco Systems Module Message This section contains the Module error message MODULES 3 MAC_TBL_SIZE Explanation This messages means that dynamic module...

Page 330: ...to the MAC address Use debug ethernet controller addr to see the alternate path port on which the address is being learned Go to the switch attached to that port Note that the show cdp neighbors command is useful in determining the next switch Repeat this procedure until the port is found that is receiving what it is transmitting and remove that port from the network RTD 1 LINK_FLAP chars link dow...

Page 331: ... Storm Control Messages This section contains the Storm Control error message STORM_CONTROL 2 SHUTDOWN Explanation This messages means that excessive traffic has been detected on a port that has been configured to be shut down if a storm event is detected Action Once the source of the packet storm has been fixed re enable the port by using port configuration commands ...

Page 332: ...Appendix A System Error Messages Error Message and Recovery Procedures A 12 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 05 ...

Page 333: ...har variable field A 3 chars variable field A 3 dec variable field A 3 hex variable field A 3 inet variable field A 3 accessing CMS 2 35 command modes 3 3 console port access 4 3 HTTP access 4 5 member switches 8 35 MIB files 4 7 MIB objects 4 6 4 7 MIBs files 4 7 objects 4 6 variables 4 7 Telnet access 4 4 accounting in TACACS 6 61 adding secure addresses 6 58 static addresses 6 59 switches to cl...

Page 334: ... 58 removing 6 59 static addresses adding 6 59 removing 6 60 administrative information displaying 5 19 ADSL 1 6 advertisements VTP 8 15 aging accelerating 6 26 aging time changing address 6 57 alarms group in RMON 4 6 allowed VLAN list 8 40 American National Standards Institute see ANSI ANSI 1 6 Plan 998 7 23 AppleTalk Remote Access ARA 6 65 Apply button 2 33 ARP table address resolution 6 45 man...

Page 335: ...5 3 suggested 5 14 why not added 9 8 cascaded configuration UplinkFast 6 26 Catalyst 3524 PWR XL 7 17 cautions xviii caveats password and privilege level 5 9 CDP 1 3 configuring 6 22 discovering candidates with 5 4 CGMP 1 2 controlling management packets with 6 46 removing router ports 6 48 see also Fast Leave chassis system error messages A 5 Cisco com xxii Cisco 575 LRE CPE 1 6 7 22 Cisco Access...

Page 336: ...7 see CMS 2 1 Cluster Manager cluster tree 2 6 device pop up menu 2 19 front panel image 2 5 2 7 menu bar 2 14 overview 2 2 2 3 pop up menus 2 18 2 19 port pop up menu 2 18 toolbar 2 17 toolbar icons 2 17 cluster member characteristics 5 3 Cluster Membership Protocol see CMP system error messages A 5 clusters switch see also candidates command switch member switches standby groups accessing 5 13 a...

Page 337: ...erview 2 2 2 21 toolbar 2 27 toolbar icons 2 27 topology 2 24 device icon colors 2 24 device icons 2 24 device labels 2 25 link icons 2 25 CMP system error messages A 5 CMS accessing 2 35 device labels 2 25 features 2 2 link icons 2 25 overview privilege level 6 16 requirements 2 35 saving configuration changes 2 37 topology 2 24 device icon colors 2 24 device icons 2 24 troubleshooting CMS sessio...

Page 338: ...efined 5 2 enabling 5 14 privilege levels 5 21 recovery from failure 5 7 9 14 9 22 from failure without HSRP 9 22 from lost member connectivity 9 13 redundant standby 5 17 replacing with another switch 9 19 with cluster member 9 15 requirements 5 2 standby 5 5 5 17 see also candidates member switches command variables listing 3 6 community strings configuring 5 10 6 19 SNMP 5 10 5 22 switch cluste...

Page 339: ...8 44 AAA 6 67 aging time 6 57 broadcast messages 6 18 broadcast storm control 7 4 CDP 6 22 clusters 5 13 community strings 5 10 6 19 Cross stack UplinkFast 6 31 date and time 6 17 daylight saving time 6 17 DNS 6 8 duplex 7 2 7 3 dynamic ports on VMPS clients 8 58 dynamic VLAN membership 8 57 flooding controls 7 4 flow control 7 3 hello time 6 40 hops 6 23 inline power 7 21 IP information 6 2 IP Ph...

Page 340: ...iii text xviii copy running config startup config command 9 10 CoS configuring 8 44 priority 7 19 CPE 1 6 1 20 7 22 Cross stack UplinkFast see CSUF CSUF 6 31 configuring 6 37 connecting stack ports 6 35 fast convergence causes 6 33 limitations 6 35 overview 6 31 Current Multicast Groups table 6 48 customer premises equipment see CPE D database VTP 8 27 8 32 date setting 6 17 daylight saving time 6...

Page 341: ...ng on a port 8 40 trunk port 8 40 VTP 8 23 VTP version 2 8 25 DISL 8 39 disqualification code 9 8 DNS configuring 6 8 described 6 8 enabling 6 8 documentation CD ROM Catalyst 2900 XL and Catalyst 3500 XL xix Cisco xx documentation IOS Release 12 0 xvi 3 1 documentation related xix domain name configuring 6 8 described 6 8 specifying 6 8 8 18 Domain Name System server see DNS domains for VLAN manag...

Page 342: ...rm control 7 4 CGMP Fast Leave 6 47 command switch 5 14 DNS 6 8 Fast Leave 6 47 network port 7 7 NTP authentication 6 18 Port Fast 6 42 port security 7 14 7 15 SNMP 6 18 SPAN 7 16 STP Port Fast 6 42 UplinkFast 6 30 VTP pruning 8 25 VTP version 2 8 24 encapsulation 8 44 environment system error messages A 6 error messages 3 7 EtherChannel port groups 7 10 configuring static address for 6 61 creatin...

Page 343: ...ee FTP accessing MIB files Flash memory files in 9 9 9 10 flooded traffic reducing 7 6 flooding controls configuring 7 4 flow control configuring 7 3 forwarding controlling SNMP 5 22 delay 6 38 6 41 port groups 7 10 restrictions 7 11 resuming 7 7 source based illustrated 7 11 see also broadcast storm control forwarding static address 6 59 front panel images 2 7 Cluster Manager 2 5 VSM 2 4 FTP acce...

Page 344: ... on dynamic ports 8 61 Hot Standby Router Protocol see HSRP HP OpenView 1 8 HSRP 5 5 HTTP access 4 5 I IEEE 802 1p 7 17 IEEE 802 1Q configuration considerations 8 37 interaction with other features 8 37 native VLAN for untagged traffic 8 43 overview 8 36 IEEE 802 1Q trunks 8 37 ingress port scheduling 8 45 inline power configuring 7 21 inline power LED 2 13 inline power port mode LED 2 10 Integrat...

Page 345: ... ISDN 1 6 ISL 1 4 interaction with other features 8 37 overview 8 36 J Java plug in configuration 2 1 2 35 4 1 5 1 L LEDs duplex mode 2 10 front panel images 2 7 LINE PWR mode 2 10 LRE mode 2 10 port 2 9 2 11 2 12 2 13 redundant power system 2 8 RPS 2 8 RPS 300 2 9 RPS 600 2 8 speed mode 2 10 STAT mode 2 10 System 2 7 legend 2 17 Cluster Builder and Cluster View 2 27 VSM and Cluster Manager 2 16 l...

Page 346: ...2 Ethernet link CDP enabled 7 26 description 7 22 7 25 duplex mode 7 25 flow control 7 25 speed 7 25 statistics 7 26 LRE link description 7 22 statistics 7 25 preventing loss of data 7 25 profiles 7 22 switch clusters 5 13 lre profile command 7 28 lre profile global command 7 27 lre shutdown command 7 26 LRE technology 1 6 7 22 M MAC addresses adding secure 6 58 aging time 6 57 discovering 6 45 6 ...

Page 347: ...evels description A 3 table A 3 MIBs accessing files 4 7 objects 4 6 variables 4 7 microfilters phone 1 20 mini point of presence see POP mismatches autonegotiation 9 3 mnemonic code A 3 Mode button 2 9 model numbers displaying 5 19 modes command 3 3 VLAN port membership 8 7 VTP see VTP modes Modify button 2 33 modules displaying 5 19 module system error messages A 9 monitoring ports 7 16 traffic ...

Page 348: ...ffective wiring closet 1 12 high performance workgroup 1 12 network performance 1 10 network services 1 11 redundant Gigabit backbone 1 12 hotel network 1 20 large campus 1 18 multidwelling configuration 1 23 small to medium sized network 1 14 Network Management System see NMS network ports disabling 7 8 enabling 7 7 switch clusters 5 12 and trunks 8 37 Network Time Protocol see NTP NMS 4 7 no com...

Page 349: ...management VLAN 5 11 NAT commands 5 12 network port 5 12 passwords 5 8 SNMP community strings 5 10 standby command switches 5 5 switch specific features 5 13 polling interval Cluster Builder 2 26 switch image 2 15 poll results graphing 4 8 POP 1 23 pop up menus Cluster Builder link 2 30 Cluster Builder member 2 29 Cluster Manager device 2 19 Cluster Manager port 2 18 port block command 7 13 8 38 p...

Page 350: ...9 dynamic VLAN membership reconfirming 8 59 features conflicting 9 2 flooded traffic 7 6 forwarding resuming 7 7 Gigabit Ethernet configuring flow control on 7 3 settings 7 2 LRE 7 22 monitoring 8 37 multi VLAN 8 7 8 10 8 11 8 12 network 8 37 priority 6 43 8 44 8 47 protected 7 13 secure 7 15 8 37 security described 7 14 disabling 7 15 enabling 7 15 speed setting and checking 7 2 static access 8 7...

Page 351: ... mapping on member switches 5 9 5 21 setting 6 15 specifying 6 15 profiles LRE 7 22 considerations 7 24 default 7 24 assigning 7 28 private 7 23 assigning 7 28 LRE 10 7 24 LRE 15 7 24 LRE 5 7 24 public 7 23 assigning a public profile 7 27 PUBLIC ANSI 7 24 PUBLIC ETSI 7 24 properties displaying switch 5 19 protected ports 1 2 7 13 pruning enabling on a port 8 42 enabling on the switch 8 25 overview...

Page 352: ...address entries 6 58 IP information 6 2 multicast groups 6 48 secure addresses 6 59 static addresses 6 59 6 60 retry count changing 8 60 RMON supported groups 4 6 root guard 6 44 6 45 router hold time modifying 6 48 RPS LED 2 8 RPS 300 2 9 RPS 600 2 8 RTD error messages A 10 Runtime Diagnostic see RTD error messages S Save Configuration window 2 17 secure address count 7 15 secure addresses adding...

Page 353: ...t Protocol see SNMP SLIP 6 65 SNMP accessing MIB variables with 4 7 community strings configuring 6 19 switch clusters 5 10 configuring for single switches 6 18 enabling and disabling 6 18 management using 4 6 managing clusters with 5 22 network management platforms 4 6 RMON groups 4 6 trap managers configuring 6 19 trap types 6 19 6 20 SNMP Configuration window 2 17 software recovery procedures 9...

Page 354: ...g restrictions 7 11 statistics VTP 8 26 statistics group in RMON 4 6 STAT mode LED 2 10 storm control system error messages A 11 STP behavior unpredictable 8 11 BPDU message interval 6 40 configuring 6 24 6 26 considerations for using STP instances 6 24 disabling 6 25 forwarding delay timer 6 41 hello BPDU interval 6 40 implementation type 6 39 load sharing overview 8 46 using path costs 8 50 usin...

Page 355: ...standby command switches 5 5 switch specific features 5 13 standby command switch characteristics 5 3 troubleshooting 9 8 verifying 5 19 switch images 2 7 LEDs 2 7 polling interval 2 15 Switch Port Analyzer see SPAN switchport command 8 39 switch ports configuring 7 1 switch software releases 4 2 switch specific features in switch clusters 5 13 switch upgrades troubleshooting 9 10 system date and ...

Page 356: ...ting 6 17 zones 6 17 TLV support 8 16 Token Ring VLANs overview 8 27 TrBRF 8 16 8 30 TrCRF 8 16 8 31 toolbar Cluster Builder 2 27 Cluster Manager 2 17 Cluster View 2 27 VSM 2 17 topology CMS 2 24 traceback reports A 4 traffic blocking flooded 7 6 forwarding and protected ports 7 13 monitoring 7 16 reducing flooded 7 4 7 7 transmit queue 8 45 transparent mode VTP 8 14 8 23 trap managers adding 6 19...

Page 357: ...nicast and multicast packets unknown see flooding controls unicast traffic and protected ports 7 13 UniDirectional Link Detection see UDLD Unrecognized Type Length Value see TLV support 8 16 upgrading software 4 1 VLAN considerations 8 19 UplinkFast configuring 6 26 enabling 6 30 redundant links 6 28 URLs Cisco xx user EXEC mode 3 3 User Settings window 2 17 V variable fields definition A 3 table ...

Page 358: ... database 8 34 described 8 2 illustrated 8 2 ISL 8 36 MAC addresses 6 56 modifying 8 34 multi VLAN ports 8 10 8 12 native configuring 8 43 number supported 8 3 overlapping 8 11 overview 8 2 static access ports 8 10 8 34 8 35 STP parameters changing 6 38 supported VLANs 8 3 Token Ring 8 27 trunking 8 3 trunks configured with other features 8 37 see also trunks VTP database and 8 27 VTP modes 8 14 s...

Page 359: ... 16 toolbar 2 17 toolbar icons 2 17 VTP advertisements 8 15 configuration guidelines 8 18 configuring 8 20 consistency checks 8 16 database 8 27 8 32 default configuration 8 20 described 8 12 disabling 8 23 domain names 8 18 domains 8 13 modes client 8 14 configurations affecting mode changes 8 15 configuring 8 22 server 8 14 8 21 transitions 8 14 transparent 8 10 8 14 8 23 monitoring 8 26 pruning...

Page 360: ... and Catalyst 3500 Series XL Software Configuration Guide 78 6511 05 VVID 1 5 7 18 configuring 7 20 W warnings xviii window components CMS 2 31 buttons 2 33 host name list 2 32 lists 2 32 online help 2 33 tabs 2 32 X Xmodem protocol 9 25 ...

Reviews:

No comments

Related manuals for WS-C2950-24

Brand: D-Link Pages: 4

Brand: D-Link Pages: 2

Brand: D-Link Pages: 9

Brand: D-Link Pages: 8

Brand: D-Link Pages: 3

Brand: D-Link Pages: 28

Brand: D-Link Pages: 2

DSL-2540B - ADSL2/2+ Modem With EN Router

Brand: D-Link Pages: 12

Brand: D-Link Pages: 62

SmartSwitch Router

Brand: Cabletron Systems Pages: 338

Proventia A1204

Brand: Internet Security Systems Pages: 42

Brand: Lucent Technologies Pages: 20

Brand: UHP Pages: 15

Brand: Ubiquiti Pages: 21

Brand: Lantech Pages: 40

ADSL2+ Wireless MIMO Router

Brand: Ace Pages: 64

Brand: ADTRAN Pages: 161

Brand: Paradyne Pages: 108

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands