Cisco Catalyst 2900 Series XL Скачать руководство пользователя страница 207 | Manualshive

Страница: 207 / 368

background image

7-9

Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide

78-6511-08

Chapter 7 Configuring the Switch Ports

Configuring Protected Ports

Creating EtherChannel Port Groups

Beginning in privileged EXEC mode, follow these steps to create a two-port group:

Configuring Protected Ports

Some applications require that no traffic be forwarded by the Layer 2 protocol between ports on the same
switch. In such an environment, there is no exchange of unicast, broadcast, or multicast traffic between
ports on the switch, and traffic between ports on the same switch is forwarded through a Layer 3 device
such as a router.

To meet this requirement, you can configure Catalyst 2900 XL and Catalyst 3500 XL ports as protected
ports (also referred to as private VLAN edge ports). Protected ports do not forward any traffic to
protected ports on the same switch. This means that all traffic passing between protected ports—unicast,
broadcast, and multicast—must be forwarded through a Layer 3 device. Protected ports can forward any
type of traffic to unprotected ports, and they forward as usual to all ports on other switches.

Note

Sometimes unknown unicast traffic from an unprotected port is flooded to a protected port because a
MAC address has timed out or has not been learned by the switch. Use the port block command to
guarantee that in such a case no unicast and multicast traffic is flooded to the port. See the

“Configuring

Flooding Controls” section on page 7-4

for more information.

Beginning in privileged EXEC mode, follow these steps to define a port as a protected port:

Use the no version of the port protected interface configuration command to disable the protected port
option.

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface

Enter interface configuration mode, and enter the port of the first port to be
added to the group.

Step 3

port group 1 distribution
destination

Assign the port to group 1 with destination-based forwarding.

Step 4

interface interface

Enter the second port to be added to the group.

Step 5

port group 1 distribution
destination

Assign the port to group 1 with destination-based forwarding.

Step 6

end

Return to privileged EXEC mode.

Step 7

show running-config

Verify your entries.

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface

Enter interface configuration mode, and enter the port to be configured.

Step 3

port protected

Enable protected port on the port.

Step 4

end

Return to privileged EXEC mode.

Step 5

show port protected

Verify that the protected port option is enabled.

«
...
205
206
207
208
209
...
»

Содержание Catalyst 2900 Series XL

Страница 1: ...134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 526 4100 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide Cisco IOS Releases 12 0 5 WC4 and 12 0 5 WC5 May 2002 Customer Order Number DOC 786511 Text Part Number 78 6511 08 ...

Страница 2: ...MITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES CCIP the Cisco Powered Network mark the Cisco Systems Verified logo Cisco Unity Follow Me Browsing FormShare Internet Quotient iQ Breakthrough iQ Expertise iQ FastTrack the iQ Logo iQ Net Readiness Scorecard Netwo...

Страница 3: ...l Assistance Center xx Cisco TAC Web Site xxi Cisco TAC Escalation Center xxi C H A P T E R 1 Overview 1 1 Features 1 1 Management Options 1 6 Management Interface Options 1 6 Advantages of Using CMS and Clustering Switches 1 7 Network Configuration Examples 1 8 Design Concepts for Using the Switch 1 8 Small to Medium Sized Network Configuration 1 11 Collapsed Backbone and Switch Cluster Configura...

Страница 4: ...ce and Link Labels 2 16 Colors in the Topology View 2 17 Topology Display Options 2 17 Menus and Toolbar 2 18 Menu Bar 2 18 Toolbar 2 23 Front Panel View Popup Menus 2 24 Device Popup Menu 2 24 Port Popup Menu 2 24 Topology View Popup Menus 2 25 Link Popup Menu 2 25 Device Popup Menus 2 26 Interaction Modes 2 28 Guide Mode 2 28 Expert Mode 2 28 Wizards 2 28 Tool Tips 2 29 Online Help 2 29 CMS Wind...

Страница 5: ...Command 3 5 Getting Help 3 5 Command Line Error Messages 3 6 Accessing the CLI 3 7 Accessing the CLI from a Browser 3 7 Saving Configuration Changes 3 8 Where to Go Next 3 8 C H A P T E R 4 General Switch Administration 4 1 Initial Switch Configuration 4 2 Switch Software Releases 4 2 Console Port Access 4 3 HTTP Access to CMS 4 3 Telnet Access to the CLI 4 4 SNMP Network Management Platforms 4 5 ...

Страница 6: ...ords 5 16 SNMP Community Strings 5 16 TACACS and RADIUS 5 17 Access Modes in CMS 5 17 Management VLAN 5 18 Network Port 5 19 NAT Commands 5 19 LRE Profiles 5 19 Availability of Switch Specific Features in Switch Clusters 5 19 Creating a Switch Cluster 5 19 Enabling a Command Switch 5 20 Adding Member Switches 5 21 Creating a Cluster Standby Group 5 23 Verifying a Switch Cluster 5 25 Using the CLI ...

Страница 7: ...Tables 6 15 MAC Addresses and VLANs 6 15 Changing the Address Aging Time 6 16 Removing Dynamic Address Entries 6 16 MAC Address Notification 6 17 Adding Secure Addresses 6 18 Removing Secure Addresses 6 18 Adding Static Addresses 6 19 Removing Static Addresses 6 19 Configuring Static Addresses for EtherChannel Port Groups 6 20 Configuring CGMP 6 20 Enabling the Fast Leave Feature 6 21 Disabling th...

Страница 8: ...for a VLAN 6 42 Changing the STP Implementation 6 42 Changing the Switch Priority 6 42 Changing the BPDU Message Interval 6 43 Changing the Hello BPDU Interval 6 43 Changing the Forwarding Delay Time 6 43 STP Port States 6 44 Enabling the Port Fast Feature 6 44 Changing the Path Cost 6 45 Changing the Port Priority 6 45 Configuring STP Root Guard 6 46 Configuring BPDU Guard 6 47 Configuring SNMP 6...

Страница 9: ...g the Switch Ports 7 1 Changing the Port Speed and Duplex Mode 7 2 Connecting to Devices That Do Not Autonegotiate 7 2 Half Duplex with Back Pressure 7 2 Full Duplex with Flow Control 7 2 Setting Speed and Duplex Parameters 7 3 Configuring Flow Control on Gigabit Ethernet Ports 7 3 Configuring Flooding Controls 7 4 Enabling Storm Control 7 4 Disabling Storm Control 7 5 Blocking Flooded Traffic on ...

Страница 10: ...Considerations for Using LRE Profiles 7 19 CPE Ethernet Links 7 21 Considerations for Connected Cisco 575 LRE CPEs 7 21 Considerations for Connected Cisco 585 LRE CPEs 7 22 Assigning a Public Profile to All LRE Ports 7 22 Assigning a Private Profile to an LRE Port 7 23 C H A P T E R 8 Configuring VLANs 8 1 Overview 8 2 Management VLANs 8 3 Changing the Management VLAN for a New Switch 8 4 Changing...

Страница 11: ...e VTP Database 8 23 Adding a VLAN 8 24 Modifying a VLAN 8 24 Deleting a VLAN from the Database 8 25 Assigning Static Access Ports to a VLAN 8 25 How VLAN Trunks Work 8 26 IEEE 802 1Q Configuration Considerations 8 26 Trunks Interacting with Other Features 8 27 Configuring a Trunk Port 8 28 Disabling a Trunk Port 8 29 Defining the Allowed VLANs on a Trunk 8 29 Changing the Pruning Eligible List 8 3...

Страница 12: ...guration Conflicts 9 7 Avoiding Autonegotiation Mismatches 9 8 GBIC Security and Identification 9 8 Troubleshooting LRE Port Configuration 9 9 Troubleshooting CMS Sessions 9 11 Determining Why a Switch Is Not Added to a Cluster 9 14 Copying Configuration Files to Troubleshoot Configuration Problems 9 15 Troubleshooting Switch Software Upgrades 9 16 Recovery Procedures 9 18 Recovering from Lost Mem...

Страница 13: ... 17 HW_MEMORY Messages A 18 INTERFACE Messages A 19 IP Messages A 19 LRE CPE Messages A 20 LRE_LINK Messages A 21 MAT Messages A 22 MIRROR Messages A 23 MODULES Messages A 24 PERF5_HALT_MSG Message A 25 PM Messages A 25 PMSM Messages A 28 PORT_SECURITY Messages A 29 PRUNING Messages A 29 RAC Message A 33 REGISTORS Messages A 33 RTD Messages A 34 SNMP Messages A 35 SPANTREE Messages A 35 SPANTREE_F...

Страница 14: ...Contents xiv Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 ...

Страница 15: ...t 2900 XL and Catalyst 3500 XL switches including the Catalyst 2900 LRE XL switches Cisco IOS Release 12 0 5 WC5 is not for the Long Reach Ethernet LRE switches Do not install Release 12 0 5 WC5 on the Catalyst 2900 LRE XL switches Release 12 0 5 WC4 is for the Catalyst 2900 LRE XL switches only Do not install Release 12 0 5 WC4 on non LRE switches This guide provides information about configuring...

Страница 16: ...rovides examples of how the switch can be deployed in a network Chapter 2 Getting Started with CMS describes the Cluster Management Suite CMS web based switch management interface Refer to the release notes for the procedures for configuring your web browser and accessing CMS Refer to the online help for field level descriptions of all CMS windows and procedures for using the CMS windows Chapter 3...

Страница 17: ... a required choice within an optional element Interactive examples use these conventions Terminal sessions and system displays are in screen font Information you enter is in boldface screen font Nonprinting characters such as passwords or tabs are in angle brackets Cautions notes and tips use these conventions and symbols Caution Means reader be careful In this situation you might do something tha...

Страница 18: ...d Catalyst 3500 Series XL Switches is for switches that are not Long Reach Ethernet LRE switches For LRE switches refer to the Release Notes for the Catalyst 2900 LRE XL Switches Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide order number DOC 786511 Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference order number DOC 7812155 Cluster Management Su...

Страница 19: ...red Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace http www cisco com cgi bin order order_root pl Registered Cisco com users can order the Documentation CD ROM through the online Subscription Store http www cisco com go subscription Nonregistered Cisco com users can order documentation through a local account representative by calling Cisco co...

Страница 20: ...se Register for online skill assessment training and certification programs You can self register on Cisco com to obtain customized information and service To access Cisco com go to the following URL http www cisco com Technical Assistance Center The Cisco TAC is available to all customers who need technical assistance with a Cisco product technology or solution Two types of support are available ...

Страница 21: ...o com registered user you can open a case online by using the TAC Case Open tool at the following URL http www cisco com tac caseopen If you have Internet access it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site Cisco TAC Escalation Center The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2 these classifications ...

Страница 22: ...xxii Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Preface Obtaining Technical Assistance ...

Страница 23: ... switches Cisco IOS Release 12 0 5 WC5 is not for the Long Reach Ethernet LRE switches Do not install Release 12 0 5 WC5 on the Catalyst 2900 LRE XL switches Release 12 0 5 WC4 is for the Catalyst 2900 LRE XL switches only Do not install Release 12 0 5 WC4 on non LRE switches The Cisco IOS Release 12 0 5 WC5 software supports the hardware listed in the release notes http www cisco com univercd cc ...

Страница 24: ...age 1 7 Refer to the release notes http www cisco com univercd cc td doc product lan c2900xl index htm for the CMS and cluster hardware software and browser requirements Performance Autosensing of speed on the 10 100 ports and autonegotiation of duplex mode on all switch ports for optimizing bandwidth IEEE 802 3x flow control on the Gigabit ports operating in full duplex mode Fast EtherChannel and...

Страница 25: ...gement access through up to 16 simultaneous Telnet connections for multiple command line interface CLI based sessions over the network In band management access through Simple Network Management Protocol SNMP versions 1 and 2c get and set requests Out of band management access through the switch console port to a directly attached terminal or to a remote terminal through a serial connection and a ...

Страница 26: ...write access to management interfaces CMS and CLI for protection against unauthorized configuration changes Multilevel security for a choice of security level notification and resulting actions Static MAC addressing for ensuring security MAC based port security for restricting the use of a switch port to a specific group of source addresses and preventing switch access from unauthorized stations P...

Страница 27: ...tal Network ISDN and digital telephone networks Configuration and monitoring of connections between Switch LRE ports and the Ethernet ports on remote LRE customer premises equipment CPE devices such as the Cisco 575 LRE CPE and Cisco 585 LRE CPE CPE Ethernet ports and remote Ethernet devices such as a PC Support for connecting to the Public Switched Telephone Network PSTN through plain old telepho...

Страница 28: ...ndalone switch a specific cluster member or an entire switch cluster You can also display network topologies to gather link information and to display switch images to modify switch and port level settings For more information about CMS see Chapter 2 Getting Started with CMS CLI The switch IOS CLI software is enhanced to support desktop switching features You can fully configure and monitor the sw...

Страница 29: ... CMS window without needing to remember CLI commands to accomplish specific tasks Apply actions from CMS to multiple ports and multiple switches at the same time to avoid re entering the same commands for each individual port or switch Here are some examples of globally setting and managing multiple ports and switches Port configuration such as speed and duplex settings Port and console port secur...

Страница 30: ...d the relative priority of the network applications they use Table 1 2 describes what can cause network performance to degrade and describes how you can configure your network to increase the bandwidth available to your network users Table 1 2 Increasing Network Performance Network Demands Suggested Design Methods Too many users on a single network segment and a growing number of users accessing t...

Страница 31: ...high speed access to network resources use Gigabit modules to connect the switches directly to a backbone switch in a star configuration Each switch in this configuration provides users a dedicated 1 Gbps connection to network resources in the backbone Compare this with the switches in a GigaStack configuration where the 1 Gbps connection is shared among the switches Using these Gigabit modules al...

Страница 32: ... VLANs and subnets you can connect the Catalyst 2900 XL and Catalyst 3500 XL switches again in a star configuration to two backbone switches If one of the backbone switches fails the second backbone switch preserves connectivity between the switches and network resources Figure 1 1 Example Configurations Catalyst 2900 XL and Catalyst 3500 XL GigaStack cluster 1 Gbps HSRP 54568 Catalyst 3548 XL swi...

Страница 33: ...e access to the servers The Catalyst 2900 XL and Catalyst 3500 XL switches in this network are connected through a GigaStack GBIC on each switch to form a 1 Gbps network backbone This GigaStack can also be configured as a switch cluster with primary and secondary command switches for redundant cluster management Workstations are connected directly to the 10 100 switch ports for their own 10 or 100...

Страница 34: ...view Network Configuration Examples Figure 1 2 Small to Medium Sized Network Configuration 100 Mbps 200 Mbps full duplex Single workstations Gigabit server 54569 Cisco 2600 router Gigabit server 10 100 Mbps 20 200 Mbps full duplex 1 Gbps 2 Gbps full duplex Catalyst 2900 XL and Catalyst 3500 XL GigaStack cluster ...

Страница 35: ...Voice traffic from the Cisco IP Phones are configured on separate VVIDs For any switch port connected to Cisco IP Phones 802 1p Q QoS gives forwarding priority to voice traffic over data traffic Grouping servers in a centralized location provides benefits such as security and easier maintenance The Gigabit connections to a server farm provide the workgroups full access to the network resources suc...

Страница 36: ...P IP IP IP Catalyst 3550 12G switch 200 Mbps Fast EtherChannel 400 Mbps full duplex Fast EtherChannel Gigabit servers Cisco CallManager 67974 Cisco 2600 router 1 Gbps 2 Gbps full duplex Cisco IP Phones Cisco IP Phones Workstations running Cisco SoftPhone software Catalyst 2900 XL 1900 and 2820 cluster Catalyst 3524 PWR XL GigaStack cluster Catalyst 2900 XL and 3500 XL GigaStack cluster AC power so...

Страница 37: ... Gigabit uplinks to the Catalyst 6500 switch For example you can use switch clusters that have a mix of Catalyst 2900 XL and Catalyst 3500 XL switches The Catalyst 6500 switch provides the workgroups with Gigabit access to core resources Cisco 7000 series router for access to the WAN and the Internet Server farm that includes a call processing server running Cisco CallManager software Cisco CallMa...

Страница 38: ...Configuration Catalyst 6500 switch Cisco access gateway Servers Cisco CallManager Cisco 7200 or 7500 router WAN IP telephony network or PSTN IP IP IP IP 54571 Catalyst 3524 PWR XL GigaStack cluster 1 Gbps 2 Gbps full duplex IP IP IP Cisco IP Phones Cisco IP Phones Workstations running Cisco SoftPhone software Catalyst 2900 XL and 3500 XL GigaStack cluster AC power source ...

Страница 39: ... line from each room connects to a nonhomologated POTS splitter such as the Cisco LRE 48 POTS Splitter The splitter routes data high frequency and voice low frequency traffic from the telephone line to a Catalyst 2900 LRE XL switch and digital private branch exchange PBX The PBX routes voice traffic to the PSTN If a PBX is not on site a homologated POTS splitter is required to connect directly to ...

Страница 40: ...al port security and protected ports to further prevent unwanted broadcasts within the VLANs Figure 1 5 Hotel Network Configuration Cisco 575 LRE CPE PSTN PBX Floor 3 Floor 4 Rooms and users Rooms and users Cisco LRE 48 POTS splitters Cisco 2600 router Servers Catalyst 2900 LRE XL switches Catalyst 2900 XL or Catalyst 3500 XL switch Patch panel 74051 POTS telephones Laptop Cisco 575 LRE CPE Laptop...

Страница 41: ... 3500 XL switches providing customers with either Fast Ethernet or Gigabit Ethernet connections to the MAN Catalyst 2900 LRE XL switches can also be used as residential switches for customers requiring connectivity through existing telephone lines The Catalyst 2900 LRE XL switches can then connect to another residential switch through a 10 100 connection All ports on the residential switches are c...

Страница 42: ...6 Multidwelling Configuration Si 54572 Service Provider POP Mini POP Gigabit MAN Residential location Catalyst 6500 multilayer switches Catalyst 2900 XL and Catalyst 3500 XL switches including Catalyst 2900 LRE XL switches Catalyst 6500 switches Cisco 12000 Gigabit switch routers Si Si Si Si Si Si Si Residential gateway hub Set top box TV PC Set top box TV ...

Страница 43: ...tiplex the different CWDM wavelengths allowing them to travel simultaneously on the same fiber optic cable The CWDM OADM modules on the receiving end separate or demultiplex the different wavelengths Using CWDM technology with the switches translates to farther data transmission and an increased bandwidth capacity up to 8 Gbps on a single fiber optic cable For more information about the CWDM GBIC ...

Страница 44: ...1 22 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Chapter 1 Overview Where to Go To Next ...

Страница 45: ... 30 Accessing CMS page 2 32 Verifying Your Changes page 2 34 Saving Your Changes page 2 34 Using Different Versions of CMS page 2 35 Where to Go Next page 2 35 Note For system requirements and for browser and Java plug in configuration procedures refer to the release notes http www cisco com univercd cc td doc product lan c2900xl index htm For procedures for using CMS refer to the online help Note...

Страница 46: ...nt switch clusters cluster members cluster candidates neighboring devices that are not eligible to join a cluster and link types From this view you can select multiple switches and configure them to run with the same settings You can also display link information in the form of link reports and link graphs This view is available only when CMS is launched from a command switch Menus and toolbar to ...

Страница 47: ... settings Consistent set of GUI components such as tabs buttons drop down lists tables and so on for a consistent approach to setting configuration parameters Figure 2 1 CMS Features Menu bar Toolbar Move the cursor over the icon to display the tool tip For example the button displays the legend of icons and color codes Click Guide or Expert interaction mode to change how some configuration option...

Страница 48: ...ront Panel View from a Standalone Switch Cluster tree Right click a member switch image to display the device pop up menu and select an option to view or change system related settings Right click the command switch image to display the cluster pop up menu and select a cluster related option cluster1 65718 10 1 1 2 3500XL 12 Right click a port to display the port pop up menu and select an option t...

Страница 49: ... the cluster tree icon or the corresponding front panel image The front panel image is then highlighted with a yellow outline To select multiple front panel images press the Ctrl key and left click the cluster tree icons or the front panel images To deselect an icon or image press the Ctrl key and left click the icon or image If the cluster has many switches you might need to scroll down the windo...

Страница 50: ...on on page 2 33 Figure 2 5 shows the port icons as they appear in the front panel images To select a port click the port on the front panel image The port is then highlighted with a yellow outline To select multiple ports you can Press the left mouse button drag the pointer over the group of ports that you want to select and then release the mouse button Press the Ctrl key and click the ports that...

Страница 51: ...itch in the stack Amber RPS is connected but not functioning The RPS could be in standby mode To put the RPS in Active mode press the Standby Active button on the RPS and the LED should turn green If it does not one of these conditions could exist One of the RPS power supplies could be down Contact Cisco Systems The RPS fan could have failed Contact Cisco Systems Blinking amber Internal power supp...

Страница 52: ...omer premises equipment CPE device Default mode on all Catalyst 2900 XL and Catalyst 3500 XL switches except the Catalyst 2900 LRE XL switches LRE Catalyst 2900 LRE XL only Long Reach Ethernet LRE link status of the LRE ports on the Catalyst 2900 LRE XL switches Default mode on these switches only Note When the LRE mode is active the 10 100 switch ports on the Catalyst 2900 LRE XL continue to show...

Страница 53: ...lation or was blocked by Spanning Tree Protocol STP Note After a port is reconfigured the port LED can remain amber for up to 30 seconds as STP checks the switch for possible loops Brown No link and port is administratively shut down FDUP Cyan off Port is operating in half duplex mode Green Port is operating in full duplex mode SPD 10 100 Ports Cyan off Port is operating at 10 Mbps Green Port is o...

Страница 54: ... as excessive collisions CRC errors and alignment and jabber errors are monitored for a link fault indication CPE Ethernet port is not forwarding Port was disabled by management by an address violation or was blocked by STP Note After a port is reconfigured the port LED can remain amber for up to 30 seconds as STP checks the switch for possible loops Brown No link and the CPE Ethernet port is admi...

Страница 55: ... After a port is reconfigured the port LED can remain amber for up to 30 seconds as STP checks the switch for possible loops Brown No link and port is administratively shut down DUPLEX Cyan off Port is operating in half duplex mode Green Port is operating in full duplex mode SPEED 10 100 Ports Cyan off Port is operating at 10 Mbps Green Port is operating at 100 Mbps 1000BASE X Ports Cyan off Port ...

Страница 56: ...N VLAN Configure VLANs The colors show the VLAN membership mode of each port The VLAN membership mode determines the kind of traffic the port carries and the number of VLANs it can belong to For more information about these modes see the Assigning VLAN Port Membership Modes section on page 8 5 Note This feature is not supported on the Catalyst 1900 and Catalyst 2820 switches Table 2 10 VLAN Member...

Страница 57: ...right click a command switch icon and select Collapse Cluster the cluster is collapsed and represented by a single icon The view shows how the cluster is connected to other clusters candidate switches and devices that are not eligible to join the cluster such as routers access points IP phones and so on Figure 2 7 Note The Topology view displays only the switch cluster and network neighborhood of ...

Страница 58: ...and Cluster View Figure 2 7 Collapse Cluster View Right click a link icon to display a link popup menu Cluster members of cluster1 and other devices connected to cluster1 65722 Right click a device icon to display a device popup menu Devices connected to cluster1 that are not eligible to join the cluster Neighboring cluster connected to cluster1 65723 cluster1 ...

Страница 59: ...ird party devices Note Candidate switches are distinguished by the color of their device label Device labels and their colors are described in the Colors in the Topology View section on page 2 17 Note The System Switch Processor SSP card in the Cisco Integrated Communications System ICS 7750 appears as a Layer 2 switch SSP cards are not eligible to join switch clusters Tip Neighboring devices are ...

Страница 60: ...ce and link information by using these labels Cluster and switch names Switch MAC and IP addresses Link type between the devices Link speed and IDs of the interfaces on both ends of the link When using these labels keep these considerations in mind The IP address displays only in the labels for the command switch and member switches The label of a neighboring cluster icon only displays the IP addr...

Страница 61: ...layed with the device and link icons Table 2 11 Device Icon Colors Icon Color Color Meaning Green The device is operating Yellow1 1 Available only on the cluster members The internal fan of the switch is not operating or the switch is receiving power from an RPS Red1 The device is not operating Table 2 12 Single Link Icon Colors Link Color Color Meaning Green Active link Red Down or blocked link T...

Страница 62: ...ect CMS see the Access Modes in CMS section on page 2 33 The option for enabling a command switch is only available from a CMS session launched from a command capable switch Cluster management tasks such as upgrading the software of groups of switches are available only from a CMS session launched from a command switch If you launch CMS from a specific switch the menu bar displays the features sup...

Страница 63: ...ll standby command switches must be Catalyst 2950 switches running Release 12 1 6 EA2 or later When the command switch is running Release 12 0 5 WC2 or earlier the standby command switches can be these switches Catalyst 2900 XL Catalyst 2950 and Catalyst 3500 XL switches We strongly recommend that the command switch and standby command switches are of the same switch platform If you have a Catalys...

Страница 64: ...the device Address Resolution Protocol ARP table and configure the ARP cache timeout setting Save Configuration1 Save the configuration for the cluster or switch to Flash memory Software Upgrade1 Upgrade the software for the cluster or a switch System Reload1 Reboot the switch with the latest installed software Cluster Cluster Manager3 Launch a CMS session from the command switch Create Cluster1 4...

Страница 65: ...onfigure a port to use a voice VLAN for voice traffic separating it from the VLANs for data traffic Reports Inventory Display the device type software version IP address and other information about a switch Port Statistics Display port statistics Bandwidth Graphs Display graphs that plot the total bandwidth in use by the switch Link Graphs Display a graph showing the bandwidth being used for the s...

Страница 66: ...n Help Overview Obtain an overview of the CMS interface What s New Obtain a description of the new CMS features Help For Active Window Display the help for the active open window This is the same as clicking Help from the active window Contents List all of the available online help topics Legend Display the legend that describes the icons labels and links About Display the CMS version number 1 Not...

Страница 67: ... and read write access modes see the Access Modes in CMS section on page 2 33 Ctrl S Save the configuration for the cluster or switch to Flash memory Software Upgrade2 Ctrl U Upgrade the software for the cluster or a switch Port Settings1 Display and configure port parameters on a switch VLAN1 Display VLAN membership assign ports to VLANs and configure ISL and 802 1Q trunks Inventory Display the d...

Страница 68: ... 2 Available only from the command switch 3 Available only from a cluster management session 4 Not available in read only mode For more information about the read only and read write access modes see the Access Modes in CMS section on page 2 33 Delete a cluster Remove from Cluster3 4 Remove a member from the cluster Bandwidth Graphs Display graphs that plot the total bandwidth in use Host Name4 Ch...

Страница 69: ...0 switches Devices that are not eligible to join the cluster If multiple links are configured between two devices when you click the link icon and right click the Multilink Content window appears Figure 2 10 Click the link icon in this window and right click to display the link popup menu specific for that link Figure 2 10 Multilink Decomposer Window Table 2 19 Link Popup Menu Popup Menu Option Ta...

Страница 70: ...device popup menu click an icon and right click Table 2 20 Device Popup Menu of a Cluster Icon Popup Menu Option Task Expand cluster View a cluster specific topology view Properties Display information about the device and port on either end of the link and the state of the link Table 2 21 Device Popup Menu of a Command Switch Icon Popup Menu Option Task Collapse cluster View the neighborhood outs...

Страница 71: ...er member switch but not from the command switch Table 2 24 Device Popup Menu of a Candidate Switch Icon When the Candidate Switch Does Not Have an IP Address Popup Menu Option Task Add to Cluster1 1 Not available in read only mode For more information about the read only and read write access modes see the Access Modes in CMS section on page 2 33 Add a candidate to a cluster Properties Display in...

Страница 72: ...last step Clicking Cancel at any time closes and ends the configuration task without applying any changes If Expert Mode is selected and you want to use guide mode you must click Guide Mode before selecting an option from the menu bar tool bar or popup menu If you change the interaction mode after selecting a configuration option the mode change does not take effect until you select another config...

Страница 73: ...ng tasks from the CMS windows Figure 2 11 Feature help available from the menu bar by selecting Help Contents provides background information and concepts on the features Dialog specific help available from Help on the CMS windows provides procedures for performing tasks Index of help topics Glossary of terms used in the online help You can send us feedback about the information provided in the on...

Страница 74: ...e VLAN window does not include Catalyst 1900 and Catalyst 2820 switches even though they are part of the cluster Similarly the Host Name list on the LRE Profiles window only lists the LRE switches in the cluster Click a tab to display more information Click a row to select it Press Shift and left click another row to select contiguous multiple rows Press Ctrl and left click rows to select non cont...

Страница 75: ...e column Icons Used in Windows Some window have icons for sorting information in tables for showing which cells in a table are editable and for displaying further information from Cisco com Figure 2 13 Figure 2 13 Window Icons Buttons These are the most common buttons that you use to change the information in a CMS window OK Save any changes and close the window If you made no changes the window c...

Страница 76: ...and the CLI exit your browser to end the browser session Note If you have configured the Terminal Access Controller Access Control System Plus TACACS or Remote Authentication Dial In User Service RADIUS feature on the switch you can still access the switch through CMS For information about how inconsistent authentication configurations in switch clusters can affect access through CMS see the TACAC...

Страница 77: ...e access Therefore you do not need to include the privilege level if it is 15 Entering zero denies access to CMS For more information about privilege levels see the Assigning Passwords and Privilege Levels section on page 6 11 Note If your cluster has these member switches running earlier software releases and if you have read only access to these member switches some configuration windows for tho...

Страница 78: ... about the error Saving Your Changes Note The Save Configuration option is not available if your switch access level is read only For more information about the read only access mode see the Access Modes in CMS section on page 2 33 Tip As you make cluster configuration changes except for changes to the Topology view and in the Preferences window make sure that you periodically save the configurati...

Страница 79: ...lar but are not the same as this release For example the Topology view in this release is not the same as the Topology view or Cluster View in those earlier software releases CMS on the Catalyst 1900 and Catalyst 2820 switches is referred to as Switch Manager Cluster management options are not available on these switches This is the earliest version of CMS Refer to the documentation specific to th...

Страница 80: ...2 36 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Chapter 2 Getting Started with CMS Where to Go Next ...

Страница 81: ...ne Error Messages page 3 6 Accessing the CLI page 3 7 Saving Configuration Changes page 3 8 Where to Go Next page 3 8 This switch software release is based on Cisco IOS Release 12 0 It has been enhanced to support a set of features for the Catalyst 2900 XL and Catalyst 3500 XL switches This chapter provides procedures for using only the commands that have been created or changed for these switches...

Страница 82: ... called user EXEC mode Only a limited subset of the commands are available in user EXEC mode For example most of the user EXEC commands are one time commands such as show commands which show the current configuration status and clear commands which clear counters or interfaces The user EXEC commands are not saved when the switch reboots To have access to all commands you must enter privileged EXEC...

Страница 83: ...vileged EXEC mode The password does not appear on the screen and is case sensitive Global configuration Enter the configure command while in privileged EXEC mode switch config To exit to privileged EXEC mode enter exit or end or press Ctrl Z Use this mode to configure parameters that apply to your switch as a whole VLAN database Enter the vlan database command while in privileged EXEC mode switch ...

Страница 84: ...al configuration mode This example shows what the interface command displays on a Catalyst 2900 LRE XL switch lreswitch config interface FastEthernet FastEthernet IEEE 802 3 LongReachEthernet Ethernet over VDSL Multilink Multilink group interface Port channel Ethernet Channel of interfaces VLAN Switch VLAN Virtual Interface Virtual TokenRing Virtual TokenRing Note The multilink port channel and vi...

Страница 85: ...les set to certain default values In these cases the default command enables the command and sets variables to their default values Redisplaying a Command To redisplay a command you previously entered press the up arrow key You can continue to press the up arrow key for more commands Getting Help Entering a question mark at the system prompt displays a list of commands for each command mode When u...

Страница 86: ...command List the associated keywords for a command For example Switch show command keyword List the associated arguments for a keyword For example Switch config cdp holdtime 10 255 Length of time in sec that receiver must keep this packet Table 3 3 Common CLI Error Messages Error Message Meaning How to Get Help Ambiguous command show con You did not enter enough characters for your switch to recog...

Страница 87: ...ion or dial up modem For information about connecting to the console port refer to the switch hardware installation guide Using any Telnet TCP IP package from a remote management station The switch must have network connectivity with the Telnet client and the switch must have an enable secret password configured For information about configuring the switch for Telnet access see the SNMP Network Ma...

Страница 88: ...er the change becomes part of the running configuration The change does not automatically become part of the config txt file in Flash memory which is the startup configuration used each time the switch restarts If you do not save your changes to Flash memory they are lost when the switch restarts To save all configuration changes to Flash memory you must enter the write memory command in privilege...

Страница 89: ...itch refer to the release notes http www cisco com univercd cc td doc product lan c2900xl index htm for the latest information about Software and hardware requirements and compatibility Browser and Java plug in configurations Setup program Switch upgrades This switch software release is based on Cisco IOS Release 12 0 It has been enhanced to support a set of features for the Catalyst 2900 XL and C...

Страница 90: ...u have assigned IP information to the switch you can run the switch on its default settings Table 4 2 or configure any settings to meet your network requirements For more information about IP information see the Changing IP Information section on page 6 2 For more information about passwords see the Accessing CMS section on page 2 32 and Assigning Passwords and Privilege Levels section on page 6 1...

Страница 91: ...settings to Flash memory For information about saving changes from CMS see the Saving Your Changes section on page 2 34 For information about saving changes from the CLI see the Saving Configuration Changes section on page 3 8 HTTP Access to CMS CMS uses Hypertext Transfer Protocol HTTP which is an in band form of communication with the switch through any one of its Ethernet ports and that allows ...

Страница 92: ... default data characteristics of the switch console port are 9600 8 1 no parity When the command line appears go to Step 2 Step 2 enable Enter privileged EXEC mode Step 3 config terminal Enter global configuration mode Step 4 line vty 0 15 Enter the interface configuration mode for the Telnet interface There are 16 possible sessions on a command capable switch The 0 and 15 mean that you are config...

Страница 93: ... 4 6 For more information about SNMP see the Configuring SNMP section on page 6 48 In a cluster configuration the command switch manages communication between the SNMP management station and all switches in the cluster For information about managing cluster switches through SNMP see the Using SNMP to Manage Switch Clusters section on page 5 27 When configuring your switch by using SNMP note that c...

Страница 94: ...of certain events to the SNMP manager which receives and processes the traps Traps are messages alerting the SNMP manager to a condition on the network such as improper user authentication restarts link status up or down and so forth In addition the SNMP agent responds to MIB related queries sent by the SNMP manager in get request get next request and set request format The SNMP manager uses infor...

Страница 95: ...d For the cluster commands refer to the switch command reference Device Manager not within a cluster session from a command capable switch Cluster Create Cluster Creating a cluster1 None Creating a Switch Cluster section on page 5 19 No CLI procedure provided For the cluster commands refer to the switch command reference Device Manager not within a cluster session from a command capable switch Clu...

Страница 96: ...overy Protocol CDP Enabled Configuring CDP section on page 6 13 Documentation set for Cisco IOS Release 12 0 on Cisco com Cluster Hop Count Address Resolution Protocol ARP Enabled Managing the ARP Table section on page 6 32 Documentation set for Cisco IOS Release 12 0 on Cisco com Administration ARP System Time Management None Setting the System Date and Time section on page 6 12 Documentation set...

Страница 97: ... port Duplex mode Changing the Port Speed and Duplex Mode section on page 7 2 Port Port Settings Auto on the 10 100 100BASE FX and Gigabit ports Half duplex on the CPE Ethernet ports Note This option is configurable on the Cisco 575 LRE CPE It is not configurable on the Cisco 585 LRE CPE Speed on switch 10 100 and CPE Ethernet ports Auto Changing the Port Speed and Duplex Mode section on page 7 2 ...

Страница 98: ...y Command Switches Spanning Tree Protocol Enabled Configuring STP section on page 6 33 Device STP Unidirectional link detection UDLD Disabled Configuring UniDirectional Link Detection section on page 7 7 UDLD error detection Enabled Configuring UniDirectional Link Detection section on page 7 7 UDLD error recovery Disabled Configuring UniDirectional Link Detection section on page 7 7 Port grouping ...

Страница 99: ...r Cisco IOS Release 12 0 on Cisco com Administration SNMP Port security Disabled Enabling Port Security section on page 7 10 Port Port Security Protected port Disabled Configuring Protected Ports section on page 7 9 Port Protected Port Port security aging Disabled Configuring Port Security Aging section on page 7 11 Bridge Protocol Data Unit BPDU Guard Disabled Configuring BPDU Guard section on pa...

Страница 100: ...4 12 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Chapter 4 General Switch Administration Default Settings ...

Страница 101: ...usters and the clustering options For complete procedures on using CMS to configure switch clusters refer to the online help For the CLI cluster commands refer to the switch command reference Refer to the release notes http www cisco com univercd cc td doc product lan c2900xl index htm for the list of Catalyst switches eligible for switch clustering including which ones can be command switches and...

Страница 102: ...embers are connected to the command switch according to the connectivity guidelines described in the Automatic Discovery of Cluster Candidates and Members section on page 5 5 Command switch redundancy if a command switch fails One or more switches can be designated as standby command switches to avoid loss of contact with cluster members A cluster standby group is a group of standby command switch...

Страница 103: ...nd switch If your switch cluster has Catalyst 2900 XL Catalyst 2950 and Catalyst 3500 XL switches the Catalyst 2950 should be the command switch If your switch cluster has Catalyst 1900 Catalyst 2820 Catalyst 2900 XL and Catalyst 3500 XL switches either the Catalyst 2900 XL or Catalyst 3500 XL should be the command switch Standby Command Switch Characteristics A Catalyst 2900 XL or Catalyst 3500 X...

Страница 104: ...have a Catalyst 2950 command switch the standby command switches should be Catalyst 2950 switches If you have a Catalyst 2900 XL or Catalyst 3500 XL command switch the standby command switches should be Catalyst 2900 XL and Catalyst 3500 XL switches Candidate Switch and Member Switch Characteristics Candidate switches are cluster capable switches that have not yet been added to a cluster Member sw...

Страница 105: ...l index htm for the list of Catalyst switches eligible for switch clustering including which ones can be command switches and which ones can only be member switches and for the required software versions and browser and Java plug in configurations Automatic Discovery of Cluster Candidates and Members The command switch uses Cisco Discovery Protocol CDP to discover member switches candidate switche...

Страница 106: ...searches for candidate and member switches by selecting Cluster Hop Count When new candidate switches are added to the network the command switch discovers them and adds them to the list of candidate switches In Figure 5 1 the command switch has ports assigned to management VLAN 16 The CDP hop count is three The command switch discovers switches 11 12 13 and 14 because they are within three hops f...

Страница 107: ...r enabled device connected beyond the noncluster capable Cisco device Figure 5 2 shows that the command switch discovers the Catalyst 3500 XL switch which is connected to a third party hub However the command switch does not discover the Catalyst 2950 switch that is connected to a Catalyst 5000 switch Refer to the release notes http www cisco com univercd cc td doc product lan c2900xl index htm fo...

Страница 108: ...rent management VLANs See the Discovery through Different Management VLANs section on page 5 9 The command switch in Figure 5 3 has ports assigned to management VLAN 9 It discovers all but these switches Switches 7 and 10 because their management VLAN VLAN 4 is different from the command switch management VLAN VLAN 9 Switch 9 because automatic discovery does not extend beyond a noncandidate device...

Страница 109: ...t VLAN on these switches see the Discovery through the Same Management VLAN section on page 5 8 The Catalyst 2950 command switch running Release 12 1 9 EA1 or later in Figure 5 4 and the Catalyst 3550 command switch in Figure 5 5 have ports assigned to VLANs 9 16 and 62 The management VLAN on the Catalyst 2950 command switch is VLAN 9 Each command switch discovers the switches in the different man...

Страница 110: ...yst 1900 Catalyst 2820 Catalyst 2900 XL Catalyst 2950 and Catalyst 3500 XL switches VLAN 62 VLAN trunk 4 62 VLAN 62 VLAN 16 VLAN 9 VLAN 16 VLAN 9 Catalyst 3550 standby command switch Catalyst 3550 command switch VLAN 9 Switch 7 management VLAN 4 Switch 9 management VLAN 62 VLAN 4 54983 Switch 3 management VLAN 16 Switch 4 management VLAN 16 Switch 10 management VLAN 4 Switch 8 management VLAN 9 Sw...

Страница 111: ...ins a cluster its default management VLAN changes to the VLAN of the immediately upstream neighbor The new switch also configures its access port to belong to the VLAN of the immediately upstream neighbor The command switch in Figure 5 6 belongs to management VLAN 16 When the new Catalyst 2900 LRE XL and Catalyst 2950 switches join the cluster their management VLAN and access ports change from VLA...

Страница 112: ...up Disabling HSRP disables the cluster standby group The switches in the cluster standby group are ranked according to HSRP priorities The switch with the highest priority in the group is the active command switch AC The switch with the next highest priority is the standby command switch SC The other switches in the cluster standby group are the passive command switches PC If the active command sw...

Страница 113: ...standby command switch again For more information about IP address in switch clusters see the IP Addresses section on page 5 15 Other Considerations for Cluster Standby Groups These requirements also apply Standby command switches must meet these requirements When the command switch is a Catalyst 3550 switch all standby command switches must be Catalyst 3550 switches When the command switch is a C...

Страница 114: ...r through the management VLAN Catalyst 1900 Catalyst 2820 Catalyst 2900 XL Catalyst 2950 and Catalyst 3500 XL member switches must be connected to the cluster standby group through their management VLANs For more information about VLANs in switch clusters see these sections Discovery through the Same Management VLAN section on page 5 8 Discovery through Different Management VLANs section on page 5...

Страница 115: ... must again add these member switches to the cluster When the previously active command switch resumes its active role it receives a copy of the latest cluster configuration from the active command switch including members that were added while it was down The active command switch sends a copy of the cluster configuration to the cluster standby group IP Addresses You must assign IP information to...

Страница 116: ... it when it leaves the cluster If no command switch password is configured the member switch inherits a null password Member switches only inherit the command switch password If you change the member switch password to be different from the command switch password and save the change the switch is not manageable by the command switch until you change the member switch password to match the command...

Страница 117: ... 15 are supported Privilege level 15 provides you with read write access to CMS Privilege levels 1 to 14 provide you with read only access to CMS Any options in the CMS windows menu bar toolbar and popup menus that change the switch or cluster configuration are not shown in read only mode Privilege level 0 denies access to CMS For more information about CMS access modes see the Access Modes in CMS...

Страница 118: ...In this case you will need to manage the switch as a standalone switch You can globally change the management VLAN for the cluster as long as each member switch has either a trunk connection or a connection to the new command switch management VLAN From the command switch use the cluster management vlan global configuration command to change the cluster management VLAN to a different management VL...

Страница 119: ...ch Specific Features in Switch Clusters The menu bar on the command switch displays all options available from the switch cluster Therefore features specific to a member switch are available from the command switch menu bar For example Device LRE Profile appears in the command switch menu bar when at least one Catalyst 2900 LRE XL switch is in the cluster Creating a Switch Cluster Using CMS to cre...

Страница 120: ...uld be the command switch If your switch cluster has Catalyst 1900 Catalyst 2820 Catalyst 2900 XL and Catalyst 3500 XL switches either the Catalyst 2900 XL or Catalyst 3500 XL should be the command switch You can enable a command switch name the cluster and assign an IP address and a password to the command switch when you run the setup program during initial switch setup For information about usi...

Страница 121: ...are cyan and member switches are green To add more than one candidate switch press Ctrl and left click the candidates that you want to add Instead of using CMS to add members to the cluster you can use the cluster member global configuration command from the command switch Use the password option in this command if the candidate switch has a password You can select 1 or more switches as long as th...

Страница 122: ...ogy View to Add Member Switches Enter the password of the candidate switch If no password exists for the switch leave this field blank Select a switch and click Add Press Ctrl and left click to select more than one switch 2900 LRE 24 1 65724 Thin line means a connection to a candidate switch Right click a candidate switch to display the pop up menu and select Add to Cluster to add the switch to th...

Страница 123: ...2 0 5 WC2 or earlier the standby command switches can be these switches Catalyst 2900 XL Catalyst 2950 and Catalyst 3500 XL switches These abbreviations are appended to the switch host names in the Standby Command Group list to show their eligibility or status in the cluster standby group AC Active command switch SC Standby command switch PC Member of the cluster standby group but not the standby ...

Страница 124: ...g a Switch Cluster Figure 5 11 Standby Command Configuration Window 3550C cisco WS C3550 C 24 HC NMS 3550 12T 149 cisco WS C3550 1 3550 150 cisco WS C3550 12T SC Active command switch Standby command switch Must be a valid IP address in the same subnet as the active command switch Once entered this information cannot be changed 65726 ...

Страница 125: ...to display an inventory of the switches in the cluster Figure 5 12 The summary includes information such as switch model numbers serial numbers software versions IP information and location You can also display port and switch statistics from Reports Port Statistics and Port Port Settings Runtime Status Instead of using CMS to verify the cluster you can use the show cluster members user EXEC comma...

Страница 126: ...h CLI at the same privilege level as on the command switch The IOS commands then operate as usual For instructions on configuring the switch for a Telnet session see the Telnet Access to the CLI section on page 4 4 Catalyst 1900 and Catalyst 2820 CLI Considerations If your switch cluster has Catalyst 1900 and Catalyst 2820 switches running standard edition software the Telnet session accesses the ...

Страница 127: ...switch The command switch uses this community string to control the forwarding of gets sets and get next messages between the SNMP management station and the member switches Note When a cluster standby group is configured the command switch can change without your knowledge Use the first read write and read only community strings to communicate with the command switch if there is a cluster standby...

Страница 128: ...5 28 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Chapter 5 Clustering Switches Using SNMP to Manage Switch Clusters ...

Страница 129: ...guring STP page 6 33 Configuring SNMP page 6 48 Configuring TACACS page 6 51 Controlling Switch Access with RADIUS page 6 55 For information about configuring these settings from Cluster Management Suite CMS refer to the online help This switch software release is based on Cisco IOS Release 12 0 It has been enhanced to support a set of features for the Catalyst 2900 XL and Catalyst 3500 XL switche...

Страница 130: ...hese topics Manually Assigning and Removing Switch IP Information section on page 6 2 Using DHCP Based Autoconfiguration section on page 6 3 Manually Assigning and Removing Switch IP Information You can manually assign an IP address mask and default gateway to the switch The mask identifies the bits that denote the network number in the IP address When you use the mask to subnet a network the mask...

Страница 131: ...orking devices This protocol consists of two components one for delivering configuration parameters from a DHCP server to a device and one for allocating network addresses to devices DHCP is built on a client server model where designated DHCP servers allocate network addresses and deliver configuration parameters to dynamically configured devices With DHCP based autoconfiguration your switch DHCP...

Страница 132: ...HCP server confirms that the IP address has been allocated to the client by returning a DHCPACK unicast message to the client With this message the client and server are bound and the client uses configuration information received from the server The amount of information the switch receives depends on how you configure the DHCP server For more information see the Configuring the DHCP Server secti...

Страница 133: ... config global configuration command is specified in the configuration file the switch receives the configuration file through TFTP requests If the service config global configuration command and the IP address are both present in the configuration file DHCP is not used and the switch obtains the default configuration file by broadcasting TFTP requests The DHCP server can be on the same or a diffe...

Страница 134: ...names IP has defined the concept of a Domain Name Server DNS which holds a cache or database of names mapped to IP addresses To map domain names to IP addresses you must first identify the host names and then specify a name server and enable the DNS the Internet s global naming scheme that uniquely identifies network devices You can specify a default domain name that the software uses to complete ...

Страница 135: ... is a Cisco router you enable IP routing ip routing global configuration command and configure it with helper addresses by using the ip helper address interface configuration command For example in Figure 6 2 you configure the router interfaces as follows On interface 10 0 0 2 router config if ip helper address 20 0 0 2 router config if ip helper address 20 0 0 3 router config if ip helper address...

Страница 136: ...so receives a DNS server IP address and a TFTP server name The switch sends a DNS request to the DNS server specifying the TFTP server name to obtain the TFTP server address The switch sends a unicast message to the TFTP server to retrieve the network confg or cisconet cfg default configuration file If the network confg file cannot be read the switch reads the cisconet cfg file The default configu...

Страница 137: ...002 Switch 3 00e0 9f1e 2003 DHCP server DNS server TFTP server maritsu 10 0 0 1 10 0 0 10 10 0 0 2 10 0 0 3 Switch 4 00e0 9f1e 2004 Table 6 1 DHCP Server Configuration Switch 1 Switch 2 Switch 3 Switch 4 Binding key hardware address 00e0 9f1e 2001 00e0 9f1e 2002 00e0 9f1e 2003 00e0 9f1e 2004 IP address 10 0 0 21 10 0 0 22 10 0 0 23 10 0 0 24 Subnet mask 255 255 255 0 255 255 255 0 255 255 255 0 25...

Страница 138: ...cat network confg ip host switch1 10 0 0 21 ip host switch2 10 0 0 22 ip host switch3 10 0 0 23 ip host switch4 10 0 0 24 DHCP Client Configuration No configuration file is present on Switch 1 through Switch 4 Configuration Explanation In Figure 6 3 Switch 1 reads its configuration file as follows It obtains its IP address 10 0 0 21 from the DHCP server If no configuration filename is given in the...

Страница 139: ...CLI so that all your HTTP connections are authenticated through the TACACS server The Telnet password must be an enable secret password CMS provides two levels of access to the configuration options read write access and read only access Privilege levels 0 to 15 are supported Privilege level 15 provides you with read write access to CMS Privilege levels 1 to 14 provide you with read only access to...

Страница 140: ...ng the time for an American time zone enter the three letter abbreviation for the time zone such as PST for Pacific standard time If you are identifying the time zone by referring to Greenwich mean time enter UTC universal coordinated time You then must enter a negative or positive number as an offset to indicate the number of time zones between the switch and Greenwich England Enter a negative nu...

Страница 141: ...tched by the servers to authenticate it Configuring the Switch for NTP Broadcast Client Mode You can configure the switch to receive NTP broadcast messages if there is an NTP broadcast server such as a router broadcasting time information on the network You can also enter a value to account for any round trip delay between the client and the NTP broadcast server Configuring CDP Use the CLI or CMS ...

Страница 142: ...te switches connected to it even if they are running CMS Figure 6 4 Discovering Cluster Candidates through CDP Beginning in privileged EXEC mode follow these steps to configure the number of hops that CDP uses to discover candidate switches and cluster members Catalyst 5000 series CDP device that does not support clustering Undisclosed device displays as edge device Cluster command switch 3 hops f...

Страница 143: ...s an example list of addresses as they would appear in the dynamic secure or static address table Table 6 2 shows the maximum number of MAC addresses supported on the Catalyst 2900 XL and Catalyst 3500 XL switches Figure 6 5 Contents of the Address Table MAC Addresses and VLANs All addresses are associated with a VLAN An address can exist in more than one VLAN and have different destinations in ea...

Страница 144: ...stablishing connectivity when a workstation is moved to a new port Beginning in privileged EXEC mode follow these steps to configure the dynamic address table aging time Removing Dynamic Address Entries Beginning in privileged EXEC mode follow these steps to remove a dynamic address entry You can remove all dynamic entries by using the clear mac address table dynamic command in privileged EXEC mod...

Страница 145: ...ress notification feature use the no mac address table notification global configuration command Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 SNMP server enable traps mac notification Enable SNMP notification of MAC address additions and deletions Step 3 mac address table notification Enable the MAC address notification feature Step 4 mac address table notificat...

Страница 146: ... unicast address that is forwarded to only one port per VLAN If you enter an address that is already assigned to another port the switch reassigns the secure address to the new port You can enter a secure port address even when the port does not yet belong to a VLAN When the port is later assigned to a VLAN packets destined for that address are forwarded to the port Beginning in privileged EXEC mo...

Страница 147: ...If the in port list and out port list parameters are all access ports in a single VLAN you can omit the VLAN ID In this case the switch recognizes the VLAN as that associated with the in port VLAN Otherwise you must supply the VLAN ID Beginning in privileged EXEC mode follow these steps to add a static address Removing Static Addresses Beginning in privileged EXEC mode follow these steps to remove...

Страница 148: ...o become part of a CGMP group and issue leave messages to leave the group The membership of these groups is managed by the switch and by connected routers through the further exchange of CGMP messages CGMP groups are maintained on a per VLAN basis a multicast IP address packet can be forwarded to one list of ports in one VLAN and to a different list of ports in another VLAN When a CGMP group is ad...

Страница 149: ... connected to the VLAN to delete the entire group The Fast Leave feature functions only if CGMP is enabled The client must be running IGMP version 2 for the Fast Leave feature to function properly Beginning in privileged EXEC mode follow these steps to enable the CGMP Fast Leave feature Disabling the CGMP Fast Leave Feature Beginning in privileged EXEC mode follow these steps to disable the CGMP F...

Страница 150: ...time Removing Multicast Groups You can reduce the forwarding of IP multicast packets by removing groups from the Current Multicast Groups table Each entry in the table consists of the VLAN IGMP multicast address and ports You can use the CLI to clear all CGMP groups all CGMP groups in a VLAN or all routers their ports and their expiration times Beginning in privileged EXEC mode follow these steps ...

Страница 151: ...rding of IP multicast traffic For example IGMP filtering does not apply if CGMP or MVR is used to allow for the forwarding of IP multicast traffic IGMP filters can be used in the video service deployment in Ethernet to the home ETTH The IGMP filters specify which multicast addresses are allowed to be received by the switch Configuring IGMP Profiles To configure an IGMP profile use the ip igmp prof...

Страница 152: ...9 0 Switch config igmp profile end Switch show ip igmp profile 22 IGMP Profile 22 range 229 9 9 0 229 9 9 0 Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 ip igmp profile profile number Enter IGMP profile configuration mode and assign a number to the profile you are configuring The range is from 1 to 4294967294 Step 3 permit deny Optional Set the action to permit ...

Страница 153: ...uration Switch config t Switch config interface fastethernet 0 12 Switch config if ip igmp filter 22 Switch config if end Switch show running config interface fastethernet 0 12 Building configuration Current configuration 124 bytes interface FastEthernet0 12 no ip address shutdown snmp trap link status ip igmp filter 22 end Command Purpose Step 1 configure terminal Enter global configuration mode ...

Страница 154: ...ce fastethernet 0 12 Switch config if ip igmp max groups 20 Switch config if end Switch show running config interface fastethernet 0 12 Building configuration Current configuration 124 bytes interface FastEthernet0 12 no ip address shutdown snmp trap link status ip igmp max groups 25 ip igmp filter 22 end Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface in...

Страница 155: ...e the subscriber as a receiver of the multicast stream This forwarding behavior selectively allows traffic to cross between the two VLANs Because MVR does not support IGMP dynamic joins the user or administrator must configure static multicast addresses on the router Note MVR is supported through the CLI and SNMP Using MVR in a Multicast Television Application In a multicast television application...

Страница 156: ...d from the multicast VLAN to the subscriber port in a different VLAN selectively allowing traffic to cross between two VLANs IGMP reports are sent to the same MAC addresses as the multicast data The S1 CPU must capture all IGMP join and leave messages from subscriber ports Because the Catalyst 2900 and Catalyst 3500 hardware cannot distinguish IP multicast data packets from IP multicast packets ca...

Страница 157: ... hosts forwarded by the switch to forward multicast traffic to the switch The receiver VLAN is the VLAN to which the first configured receiver port belongs If the first receiver port is a dynamic port with an unassigned VLAN it becomes an inactive receiver port and does not take part in MVR unless it is assigned to the receiver VLAN The receiver VLAN is reset whenever there are no remaining receiv...

Страница 158: ...efore removing the port from multicast group membership The value is in units of tenths of a second The default is 5 tenths or one half second Step 3 mvr vlan vlan id Optional Specify the VLAN in which multicast data will be received all source ports must belong to this VLAN The default is VLAN 1 Step 4 interface interface Enter interface configuration mode and enter the type and number of the por...

Страница 159: ...usly configured MAC address the command fails Step 4 interface interface Enter interface configuration mode and enter the type and number of the port to configure for example fastethernet 0 1 Step 5 mvr type value Configure the port as either an MVR receiver port or an MVR source port Configure a port as a receiver port if it is a subscriber port and should only receive multicast data It does not ...

Страница 160: ...VLAN ID Taking an IP address as input ARP determines the associated MAC address Once a MAC address is determined the IP MAC address association is stored in an ARP cache for rapid retrieval Then the IP datagram is encapsulated in a link layer frame and sent over the network Encapsulation of IP datagrams and ARP requests and replies on IEEE 802 networks other than Ethernet is specified by the Subne...

Страница 161: ...e with STP disabled You can disable STP on one of the VLANs where it is running and then enable it on the VLAN where you want it to run Use the no spanning tree vlan vlan id global configuration command to disable STP on a specific VLAN and use the spanning tree vlan vlan id global configuration command to enable STP on the desired VLAN For more information about VLANs see Chapter 8 Configuring VL...

Страница 162: ...excessive traffic and indefinite packet duplication can severely reduce network performance Beginning in privileged EXEC mode follow these steps to disable STP Accelerating Aging to Retain Connectivity The default for aging dynamic addresses is 5 minutes However a reconfiguration of the spanning tree can cause many station locations to change Because these stations could be unreachable for 5 minut...

Страница 163: ...that are acceptable for these configurations Figure 6 7 Gigabit Ethernet Clusters Enabling UplinkFast on all cluster switches can further reduce the time it takes cluster switches to begin forwarding after a new root switch is selected Table 6 3 Default and Acceptable STP Parameter Settings in Seconds STP Parameter STP Default IEEE Acceptable for Option 1 Acceptable for Option 2 Acceptable for Opt...

Страница 164: ...res itself The root port transitions to the forwarding state immediately without going through the listening and learning states as it would with normal STP procedures When STP reconfigures the new root port other ports flood the network with multicast packets one for each address that was learned on the port You can limit these bursts of multicast traffic by reducing the max update rate parameter...

Страница 165: ...econds For more information see the Events that Cause Fast Convergence section on page 6 39 How CSUF Works CSUF ensures that one link in the stack is elected as the path to the root As shown in Figure 6 9 Switches A B and C are cascaded through the Gigastack GBIC to form a multidrop backbone which communicates control and data traffic across the switches at the access layer The switches in the sta...

Страница 166: ...his STP instance by comparing STP root cost and bridge ID If the sending switch is the best choice as the stack root the switch in the stack returns an acknowledgement otherwise it does not respond to the sending switch drops the packet and prevents the sending switch from receiving acknowledgements from all stack switches When acknowledgements are received from all stack switches the Fast Uplink ...

Страница 167: ...s Normal STP convergence 30 to 40 seconds occurs under these conditions The stack root switch is powered down or the software failed The stack root switch which was powered down or failed is powered up A new switch which might become the stack root is added to the stack A switch other than the stack root is powered down or failed A link fails between stack ports on the multidrop backbone Note The ...

Страница 168: ...t 2924M XL Catalyst 3508G XL 1 1X 2X 11X 12X 13X 14X 15X 16X 2 3 4 5 6 7 8 9 10 11 12 1 1X 2X 11X 12X 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 SPEED SYSTEM RPS STATUS MODE UTIL DUPLX 2 Catalyst 3500 XL 1 SPEED SYSTEM RPS STATUS MODE UTIL DUPLX Catalyst 3500 XL 7 8 3 5 6 4 2 1 SPEED SYSTEM RPS STATUS MODE UTIL DUPLX 2 Catalyst 3500 XL 1 MODE 1x 2x 3x 4x 5x 6x 7x 8x 9x 10x 11x 12...

Страница 169: ...nal For max update rate pkts per second specify the number of packets per second at which update packets are sent The range is 0 to 65535 the default is 150 packets per second Step 1 interface interface id Enter interface configuration mode and specify the GBIC interface on which to enable CSUF Step 2 spanning tree stack port Enable CSUF on only one stack port GBIC interface The stack port connect...

Страница 170: ...TP configuration messages before attempting a reconfiguration This parameter takes effect when a switch is operating as the root switch Switches not acting as the root use the root switch Max age parameter Hello Time Number of seconds 1 to 10 between the transmission of hello messages which mean that the switch is active Switches not acting as a root switch use the root switch Hello time value For...

Страница 171: ...ves from the root switch The maximum age is the number of seconds a switch waits without receiving STP configuration messages before attempting a reconfiguration Enter a number from 6 to 200 Step 3 end Return to privileged EXEC mode Step 4 show spanning tree Verify your entry Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 spanning tree vlan stp list hello time sec...

Страница 172: ...t enabled only goes through the normal cycle of STP status changes when the switch is restarted Caution Enabling this feature on a port connected to a switch or hub could prevent STP from detecting and disabling loops in your network and this could cause broadcast storms and address learning problems You can modify these Port Fast parameters Port Fast Enable to bring the port more quickly to an ST...

Страница 173: ...al configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to be configured Step 3 spanning tree vlan stp list cost cost Configure the path cost for the specified spanning tree instance Enter a number from 1 to 65535 Step 4 end Return to privileged EXEC mode Step 5 show running config Verify your entry Command Purpose Step 1 configure terminal Enter glob...

Страница 174: ...s a new root switch The customer switch does not become the root switch and is not in the path to the root Caution Misuse of this feature can cause a loss of connectivity Figure 6 11 STP in a Service Provider Network Root guard enabled on a port applies to all the VLANs that the port belongs to Each VLAN has its own instance of STP Beginning in privileged EXEC mode follow these steps to set root g...

Страница 175: ...uard feature works on Port Fast enabled interfaces Configure Port Fast only on interfaces that connect to end stations otherwise an accidental topology loop could cause a data packet loop and disrupt switch and network operation Beginning in privileged EXEC mode follow these steps to enable the BPDU guard feature on the switch Use the no spanning tree portfast bpduguard global configuration comman...

Страница 176: ...address access control list and password SNMPv2C includes a bulk retrieval mechanism and more detailed error message reporting to management stations The bulk retrieval mechanism retrieves tables and large quantities of information minimizing the number of round trips required The SNMPv2C improved error handling includes expanded error codes that distinguish different kinds of error conditions the...

Страница 177: ... By default no trap manager is defined and no traps are issued Table 6 4 describes SNMP traps that you can configure on the Catalyst 2900 XL and Catalyst 3500 XL You can enable any or all of these traps and configure a trap manager on these switches to receive them Table 6 4 Catalyst 2900 XL and Catalyst 3500 XL SNMP Traps c2900 C3500 Generate the switch specific traps These traps are in the priva...

Страница 178: ...hreshold is exceeded Authentication Generates a trap when an SNMP request is not accompanied by a valid community string BSC Generates a trap when the broadcast threshold is exceeded Link up down Generates a link down trap when a port is suspended or disabled for any of these reasons Secure address violation address mismatch or duplication Network connection error loss of linkbeat or jabber error ...

Страница 179: ...the server exchange messages to authenticate each user before allowing access to the management console TACACS consists of three services authentication authorization and accounting Authentication determines who the user is and whether or not the user is allowed access to the switch Authorization is the action of determining what the user is allowed to do on the system Accounting is the action of ...

Страница 180: ... server waits for a TACACS server host to reply The default is 5 seconds Step 4 tacacs server attempts count Set the number of login attempts that can be made on the line Step 5 tacacs server key key Define a set of encryption keys for all of TACACS and communication between the access server and the TACACS daemon Repeat the command for each encryption key Step 6 exit Return to privileged EXEC mod...

Страница 181: ...ation succeed even if all methods return an error specify none as the final method in the command line Specifying TACACS Authorization for EXEC Access and Network Services You can use the aaa authorization global configuration command with the tacacs keyword to set parameters that restrict a user s network access to Cisco IOS privilege mode EXEC access and to network services such as Serial Line I...

Страница 182: ...onfigure terminal Enter global configuration mode Step 2 aaa accounting exec start stop tacacs Enable TACACS accounting to send a start record accounting notice at the beginning of an EXEC process and a stop record at the end Step 3 aaa accounting network start stop tacacs Enable TACACS accounting for all network related service requests including SLIP PPP and PPP NCPs Step 4 exit Return to privil...

Страница 183: ...nd switches and send authentication requests to a central RADIUS server which contains all user authentication and network service access information The RADIUS host is normally a multiuser system running RADIUS server software from Cisco Cisco Secure Access Control Server version 3 0 Livingston Merit Microsoft or another software provider For more information refer to the RADIUS server documentat...

Страница 184: ...s Interface NASI or X 25 PAD connections Switch to switch or router to router situations RADIUS does not provide two way authentication RADIUS can be used to authenticate access from one device to a non Cisco device if the non Cisco device requires authentication Networks using a variety of services RADIUS generally binds a user to one service model RADIUS Operation When a user attempts to log in ...

Страница 185: ...me lookup thus ensuring a backup system if the initial method fails The software uses the first method listed to authenticate to authorize or to keep accounts on users If that method does not respond the software selects the next method in the list This process continues until there is successful communication with a listed method or the method list is exhausted You should have access to and shoul...

Страница 186: ...r accounting services The RADIUS host entries are tried in the order that they are configured A RADIUS server and the switch use a shared secret text string to encrypt passwords and exchange responses To configure RADIUS to use the AAA security commands you must specify the host running the RADIUS server daemon and a secret text key string that it shares with the switch The timeout retransmission ...

Страница 187: ...specify the number of times a RADIUS request is resent to a server if that server is not responding or responding slowly The range is 1 to 1000 If no retransmit value is set with the radius server host command the setting of the radius server retransmit global configuration command is used Optional For key string specify the authentication and encryption key used between the switch and the RADIUS ...

Страница 188: ...ion methods and then apply that list to various interfaces The method list defines the types of authentication to be performed and the sequence in which they are performed it must be applied to a specific interface before any of the defined authentication methods are performed The only exception is the default method list which is named default The default method list is automatically applied to a...

Страница 189: ...iguration command group radius Use RADIUS authentication You must configure the RADIUS server before you can use this authentication method For more information see the Identifying the RADIUS Server Host section on page 6 58 line Use the line password for authentication You must define a line password before you can use this authentication method Use the password password line configuration comman...

Страница 190: ...roup is used with a global server host list which lists the IP addresses of the selected server hosts Server groups also can include multiple host entries for the same server if each entry has a unique identifier the combination of the IP address and UDP port number allowing different ports to be individually defined as RADIUS hosts providing a specific AAA service If you configure two different h...

Страница 191: ...the authentication and encryption key used between the switch and the RADIUS daemon running on the RADIUS server Note The key is a text string that must match the encryption key used on the RADIUS server Always configure the key as the last item in the radius server host command Leading spaces are ignored but spaces within and at the end of the key are used If you use spaces in your key do not enc...

Страница 192: ...on is enabled the switch uses information retrieved from the user s profile which is in the local user database or on the security server to configure the user s session The user is granted access to a requested service only if the information in the user profile allows it You can use the aaa authorization global configuration command with the radius keyword to set parameters that restrict a user ...

Страница 193: ...nication settings between the switch and all RADIUS servers Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 aaa accounting network default list name start stop group radius Enable RADIUS accounting for all network related service requests Step 3 aaa accounting exec default list name start stop group radius Enable RADIUS accounting to send a start record accounting ...

Страница 194: ... for mandatory attributes and for optional attributes This allows the full set of features available for TACACS authorization to also be used for RADIUS For example the following AV pair activates Cisco s multiple named ip address pools feature during IP authorization during PPP IPCP address assignment cisco avpair ip addr pool first The following example shows how to provide a user logging in fro...

Страница 195: ...er to configure RADIUS whether vendor proprietary or IETF draft compliant you must specify the host running the RADIUS server daemon and the secret text string it shares with the switch You specify the RADIUS host and secret text string by using the radius server global configuration commands Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 radius server vsa send ac...

Страница 196: ... show running config privileged EXEC command Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 radius server host hostname ip address non standard Specify the IP address or host name of the remote RADIUS server host and identify that it is using a vendor proprietary implementation of RADIUS Step 3 radius server key string Specify the shared secret text string used be...

Страница 197: ...xec default local Configure user AAA authorization to determine if the user is allowed to run an EXEC shell by checking the local database Step 5 aaa authorization network default local Configure user AAA authorization for all network related service requests Step 6 username name privilege level password encryption type password Enter the local database and establish a username based authenticatio...

Страница 198: ...6 70 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Chapter 6 Configuring the System Controlling Switch Access with RADIUS ...

Страница 199: ...tomer premises equipment CPE devices connected to the switch LRE ports Note Certain port features can conflict with one another Review the Avoiding Configuration Conflicts section on page 9 7 before you change the port settings For information about configuring these settings from Cluster Management Suite CMS refer to the online help This switch software release is based on Cisco IOS Release 12 0 ...

Страница 200: ... LED is amber while STP reconfigures Connecting to Devices That Do Not Autonegotiate To connect to a remote 100BASE T device that does not autonegotiate set the duplex setting to Full or Half and set the speed setting to Auto Autonegotiation for the speed setting selects the correct speed even if the attached device does not autonegotiate but the duplex setting must be explicitly set To connect to...

Страница 201: ...orts Beginning in privileged EXEC mode follow these steps to configure flow control on a Gigabit Ethernet port Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to be configured Step 3 speed 10 100 auto Enter the speed parameter for the port You cannot enter the speed on Gigabit Ethernet or ATM...

Страница 202: ...wn the port when the rising threshold is reached The rising threshold is the number of packets that a switch port can receive before forwarding is blocked The falling threshold is the number of packets below which the switch resumes normal forwarding In general the higher the threshold the less effective the protection against broadcast storms The maximum half duplex transmission on a 100BASE T li...

Страница 203: ...rmal forwarding on a port Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to configure Step 3 no port storm control broadcast Disable port storm control Step 4 end Return to privileged EXEC mode Step 5 show port storm control interface Verify your entries Command Purpose Step 1 configure term...

Страница 204: ...e Assigning Passwords and Privilege Levels section on page 6 11 Caution A network port cannot link cluster members Beginning in privileged EXEC mode follow these steps to define a network port Disabling a Network Port Beginning in privileged EXEC mode follow these steps to disable a network port Step 5 end Return to privileged EXEC mode Step 6 show port block multicast unicast interface Verify you...

Страница 205: ... enables the port after a specified time so that the port can try the operation again The port would continue the error disable and recovery cycle until the UDLD error condition no longer exists Note The errdisable commands are not available on the Catalyst 2900 LRE XL switches Creating EtherChannel Port Groups Fast EtherChannel FEC and Gigabit EtherChannel port groups act as single logical ports ...

Страница 206: ... switch uses all available bandwidth to the router The router is configured for destination based forwarding because the large number of stations ensures that the traffic is evenly distributed through the port group ports on the router Figure 7 1 Source Based Forwarding The switch treats the port group as a single logical port therefore when you create a port group the switch uses the configuratio...

Страница 207: ... protected port because a MAC address has timed out or has not been learned by the switch Use the port block command to guarantee that in such a case no unicast and multicast traffic is flooded to the port See the Configuring Flooding Controls section on page 7 4 for more information Beginning in privileged EXEC mode follow these steps to define a port as a protected port Use the no version of the...

Страница 208: ...is set to 1 the attached device is guaranteed the full bandwidth of the port Added security Unknown devices cannot connect to the port These options validate port security or indicate security violations For the restrictions that apply to secure ports see the Avoiding Configuration Conflicts section on page 9 7 Defining the Maximum Secure Address Count A secure port can have from 1 to 132 associat...

Страница 209: ...rity max mac count 1 Secure the port and set the address table to one address Step 4 port security action shutdown Set the port to shutdown when a security violation occurs Step 5 end Return to privileged EXEC mode Step 6 show port security Verify the entry Command Purpose Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configura...

Страница 210: ...nation of ports can be monitored For the restrictions that apply to SPAN ports see the Avoiding Configuration Conflicts section on page 9 7 Enabling SPAN Beginning in privileged EXEC mode follow these steps to enable SPAN Disabling SPAN Beginning in privileged EXEC mode follow these steps to disable SPAN Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface int...

Страница 211: ...point itself is also a configurable device and you can configure it to forward traffic with an 802 1p priority You can use the CLI to configure the Catalyst 3524 PWR XL to honor or ignore a traffic priority assigned by a Cisco IP Phone or access point For example the Cisco 7960 IP Phone contains an integrated three port 10 100 switch The ports are dedicated connections to these devices Port 1 conn...

Страница 212: ...R XL CLI to override the priority of frames arriving on the phone port from connected devices You can also set the phone port to accept trust the priority of frames arriving on the port Beginning in privileged EXEC mode follow these steps to override the CoS priority setting received from the nonvoice port on the Cisco IP Phone Use the no switchport priority extend command to return the port to it...

Страница 213: ...ed to an AC power source and supply their own power to the voice circuit For information about configuring a switch port to forward IP voice traffic to and from connected Cisco IP Phones see the Configuring Voice Ports to Carry Voice and Data Traffic on Different VLANs section on page 7 15 Beginning in privileged EXEC mode follow these steps to disable the inline power detection mechanism on a swi...

Страница 214: ...ps not 100 Mbps This section discusses these topics LRE Links and LRE Profiles section on page 7 16 CPE Ethernet Links section on page 7 21 Assigning a Public Profile to All LRE Ports section on page 7 22 Assigning a Private Profile to an LRE Port section on page 7 23 For LRE troubleshooting information see the Troubleshooting LRE Port Configuration section on page 9 9 Additional LRE details are p...

Страница 215: ...n 997 Both plans are draft standards Contact Cisco Systems for the latest information about standards ratification or for updates to the public profiles Private You can use a private profile if the LRE switch is not used with equipment connected to a PSTN The switch supports a variety of private profiles that offer different link speeds and maximum distances In general the higher the link speed th...

Страница 216: ... Where the wiring between the LRE switch and CPE leaves the building or the armored conduits certified for inside wiring standards it must be protected against lightning and shorts to high voltage power This protection might be provided by fuses or overvoltage protectors that comply with local regulations for outside wiring protection Consult an expert in local telecommunications regulations for t...

Страница 217: ...public profile is configured on the switch and you want the switch LRE ports to use private profiles you must first disable the public profile by using the no lre profile global global configuration command When you assign a different profile to a switch LRE port the port immediately resets and uses the newly assigned profile Before you add an LRE switch to a cluster make sure that you assign it t...

Страница 218: ...t nonfiltered telephone rings and nonfiltered telephone transitions such as on hook to off hook from interrupting the LRE connection We recommend using the ANSI and ETSI asymmetric public profiles for North America and other countries respectively when LRE signaling needs to coexist with ADSL signaling We also recommend using a public profile when the PBX is not on site and the POTS splitter direc...

Страница 219: ...atically enabled in full duplex mode You can connect Cisco 575 LRE CPEs and Cisco 585 LRE CPEs to the same LRE switch You can hot swap the CPEs without powering down the switch or disrupting the other switch ports Use the show controllers ethernet controller privileged EXEC command to display the internal switch statistics the statistics collected by the LRE switch interface and the statistics col...

Страница 220: ...c Profile to All LRE Ports Public profiles are set on a switch wide global basis The public profile you select should be compatible with the PSTN to which the LRE switch is connected Public profiles have priority over private profiles If you assign a public profile to the switch the switch ignores the private profile settings and uses the public profile settings on all LRE ports To disable the pub...

Страница 221: ...ps to assign a private profile to an LRE port Use the show controllers lre privileged EXEC commands to display the LRE link statistics and profile information on the LRE ports For information about these commands refer to the switch command reference Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface LRE interface Enter interface configuration mode and enter...

Страница 222: ...7 24 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Chapter 7 Configuring the Switch Ports Configuring the LRE Ports ...

Страница 223: ...nother Review the Avoiding Configuration Conflicts section on page 9 7 before you change the port settings For information about configuring these settings from Cluster Management Suite CMS refer to the online help This switch software release is based on Cisco IOS Release 12 0 It has been enhanced to support a set of features for the Catalyst 2900 XL and Catalyst 3500 XL switches This chapter pro...

Страница 224: ...ogical network it contains its own bridge Management Information Base MIB information and can support its own implementation of the Spanning Tree Protocol STP For information about managing VLAN STP instances see the Supported STP Instances section on page 6 33 Table 8 1 lists the number of supported VLANs and STP instances on the switches Figure 8 1 VLANs as Logically Defined Networks Table 8 1 M...

Страница 225: ...VLAN has these characteristics It is created from CMS or through the CLI on static access multi VLAN and dynamic access and trunk ports You cannot create or remove the management VLAN through Simple Network Management Protocol SNMP Only one management VLAN can be administratively active at a time With the exception of VLAN 1 the management VLAN can be deleted When created the management VLAN is ad...

Страница 226: ... the new switch can exchange CDP messages with the command switch and be proposed as a cluster candidate Note For the command switch to change the management VLAN on a new switch there must have been no changes to the new switch configuration and there must be no config text file Because the switch is new and unconfigured its management VLAN is changed to the cluster management VLAN when it is fir...

Страница 227: ...gured on the switch VLAN traffic on the multi VLAN port is not encapsulated Trunk ISL ATM or IEEE 802 1Q A trunk is a member of all VLANs in the VLAN database by default but membership can be limited by configuring the allowed VLAN list You can also modify the pruning eligible list to block flooded traffic to VLANs on trunk ports that are included in the list VLAN Trunking Protocol VTP maintains V...

Страница 228: ...tion on page 8 16 Add modify or remove VLANs in the database as described in the Configuring VLANs in the VTP Database section on page 8 23 Assigning Static Access Ports to a VLAN section on page 8 25 Configuring a Trunk Port section on page 8 28 You can configure at least one trunk port on the switch and make sure that this trunk port is connected to the trunk port of a second switch Some restric...

Страница 229: ...ort performs normal switching functions in all its assigned VLANs For example when a multi VLAN port receives an unknown Media Access Control MAC address all the VLANs to which the port belongs learn the address Multi VLAN ports also respond to the STP messages generated by the different instances of STP in each VLAN For the restrictions that apply to multi VLAN ports see the Avoiding Configuratio...

Страница 230: ...router VLAN 77 Ports in static access mode Port in multi VLAN mode Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and enter the port to be added to the VLAN Step 3 switchport mode multi Enter the VLAN membership mode for multi VLAN ports Step 4 switchport multi vlan vlan list Assign the port to more than one V...

Страница 231: ...in You make global VLAN configuration changes for the domain by using the CLI Cluster Management software or SNMP By default a Catalyst 2900 XL or Catalyst 3500 XL switch is in the no management domain state until it receives an advertisement for a domain over a trunk link a link that carries the traffic of multiple VLANs or until you configure a domain name The default VTP mode is server mode but...

Страница 232: ...mode you can create modify and delete VLANs and specify other configuration parameters such as VTP version for the entire VTP domain VTP servers advertise their VLAN configurations to other switches in the same VTP domain and synchronize their VLAN configurations with other switches based on advertisements received over trunk links In VTP server mode VLAN configurations are saved in nonvolatile RA...

Страница 233: ...ersion 1 Token Ring support VTP version 2 supports Token Ring LAN switching and VLANs Token Ring Bridge Relay Function TRBRF and Token Ring Concentrator Relay Function TRCRF For more information about Token Ring VLANs see the VLANs in the VTP Database section on page 8 20 Unrecognized Type Length Value TLV support A VTP server or client propagates configuration changes to its other trunks even for...

Страница 234: ...ly VLANs included in the pruning eligible list can be pruned By default VLANs 2 through 1001 are pruning eligible on Catalyst 2900 XL and Catalyst 3500 XL trunk ports If the VLANs are configured as pruning ineligible the flooding continues VTP pruning is also supported with VTP version 1 and version 2 Figure 8 3 shows a switched network with VTP pruning enabled The broadcast traffic from Switch 1 ...

Страница 235: ...omain always use the VLAN configuration of the switch with the highest VTP configuration revision number If you add a switch that has a revision number higher than the revision number in the VTP domain it can erase all VLAN information from the VTP server and VTP domain Beginning in user EXEC mode follow these steps to verify and reset the VTP configuration revision number on a switch before addin...

Страница 236: ...configure it with the correct password After the configuration the switch accepts the next VTP advertisement that uses the same password and domain name in the advertisement If you are adding a new switch to an existing network that has VTP capability the new switch learns the domain name only after the applicable password has been configured on the switch Upgrading from Previous Software Releases...

Страница 237: ...you enable version 2 on a switch all of the version 2 capable switches in the domain enable version 2 If there is a version 1 only switch it will not exchange VTP information with switches with version 2 enabled If there are Token Ring networks in your environment TRBRF and TRCRF you must enable VTP version 2 for Token Ring VLAN switching to function properly To run Token Ring and Token Ring Net d...

Страница 238: ...N Trunks Work section on page 8 26 Configuring VTP Server Mode When a switch is in VTP server mode you can change the VLAN configuration and have it propagated throughout the network Beginning in privileged EXEC mode follow these steps to configure the switch for VTP server mode Command Purpose Step 1 vlan database Enter VLAN database mode Step 2 vtp domain domain name Configure a VTP administrati...

Страница 239: ...nt mode Command Purpose Step 1 vlan database Enter VLAN database mode Step 2 vtp client Configure the switch for VTP client mode The default setting is VTP server Step 3 vtp domain domain name Configure a VTP administrative domain name The name can be from 1 to 32 characters All switches operating in VTP server or client mode under the same administrative responsibility must be configured with the...

Страница 240: ...enable VTP version 2 unless every switch in the VTP domain supports version 2 Note In a Token Ring environment you must enable VTP version 2 for Token Ring VLAN switching to function properly For more information on VTP version configuration guidelines see the VTP Version section on page 8 15 Beginning in privileged EXEC mode follow these steps to enable VTP version 2 Command Purpose Step 1 vlan d...

Страница 241: ... XL trunk ports For information see the Changing the Pruning Eligible List section on page 8 30 Beginning in privileged EXEC mode follow these steps to enable VTP pruning Command Purpose Step 1 vlan database Enter VLAN configuration mode Step 2 no vtp v2 mode Disable VTP version 2 Step 3 exit Update the VLAN database propagate it throughout the administrative domain and return to privileged EXEC m...

Страница 242: ...tifier SAID Bridge identification number for TRBRF VLANs Ring number for FDDI and TRCRF VLANs Parent VLAN number for TRCRF VLANs STP type for TRCRF VLANs VLAN number to use when translating from one VLAN type to another The Default VLAN Configuration section on page 8 21 lists the default values and possible ranges for each VLAN media type Token Ring VLANs Although the Catalyst 2900 XL and Catalys...

Страница 243: ...VLAN configuration through VTP Default VLAN Configuration Table 8 6 through Table 8 10 shows the default configuration for the different VLAN media types Note Catalyst 2900 XL and Catalyst 3500 XL switches support Ethernet interfaces exclusively Because FDDI and Token Ring VLANs are not locally supported you configure FDDI and Token Ring media specific characteristics only for VTP global advertise...

Страница 244: ... 8 9 Token Ring TRBRF VLAN Defaults and Ranges Parameter Default Range VLAN ID 1005 1 1005 VLAN name VLANxxxx where xxxx is the VLAN ID No range 802 10 SAID 100000 VLAN ID 1 4294967294 MTU size VTPv1 1500 VTPv2 4472 1500 18190 Bridge number VTPv1 0 VTPv2 user specified 0 15 STP type ibm auto ibm ieee Translational bridge 1 0 0 1005 Translational bridge 2 0 0 1005 VLAN state active active suspend T...

Страница 245: ...fy the VLAN configuration or VTP use the VLAN database commands described in the switch command reference You use the interface configuration command mode to define the port membership mode and add and remove ports from VLANs The results of these commands are written to the running configuration file and you can display the file by entering the privileged EXEC show running config command Note VLAN...

Страница 246: ...hernet VLAN Command Purpose Step 1 vlan database Enter VLAN database mode Step 2 vlan vlan id name vlan name Add an Ethernet VLAN by assigning a number to it If no name is entered for the VLAN the default is to append the vlan id to the word VLAN For example VLAN0004 could be a default VLAN name If you do not specify the VLAN media type the VLAN is an Ethernet VLAN Step 3 exit Update the VLAN data...

Страница 247: ...ssigning a port on a cluster member switch to a VLAN first log in to the member switch by using the privileged EXEC rcommand command For more information on how to use this command refer to the switch command reference Beginning in privileged EXEC mode follow these steps to assign a port to a VLAN in the VTP database Command Purpose Step 1 vlan database Enter VLAN configuration mode Step 2 no vlan...

Страница 248: ... ISL Trunking Environment IEEE 802 1Q Configuration Considerations IEEE 802 1Q trunks impose these limitations on the trunking strategy for a network Make sure the native VLAN for an 802 1Q trunk is the same on both ends of the trunk link If the native VLAN on one end of the trunk is different from the native VLAN on the other end spanning tree loops might result Disabling STP on the native VLAN o...

Страница 249: ...g unicast and multicast packets on a trunk The port block interface configuration command can be used to block the forwarding of unknown unicast and multicast packets to VLANs on a trunk However if the trunk port is acting as a network port unknown unicast packets cannot be blocked Port grouping ISL and 802 1Q trunks can be grouped into EtherChannel port groups but all trunks in the group must hav...

Страница 250: ...support trunk negotiation through the Dynamic Trunking Protocol DTP formerly known as Dynamic ISL DISL If you are connecting a trunk port to a Catalyst 5000 switch or other DTP device use the non negotiate option on the DTP capable device so that the switch port does not generate DTP frames Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface_id Ente...

Страница 251: ...or a trunk port the trunk port does not become a member of the new VLAN Beginning in privileged EXEC mode follow these steps to modify the allowed list of a ISL or 802 1Q trunk Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface_id Enter the interface configuration mode and the port to be added to the VLAN Step 3 no switchport mode Return the port t...

Страница 252: ... follow these steps to configure the native VLAN on an 802 1Q trunk If a packet has a VLAN ID that is the same as the outgoing port native VLAN ID the packet is sent untagged otherwise the switch sends the packet with a tag Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface id Enter interface configuration mode and select the trunk port for which V...

Страница 253: ...ithout identification or a tag are called native or untagged frames For ISL or IEEE 802 1Q frames with tag information the priority value from the header frame is used For native frames the default priority of the input port is used Port Scheduling Each port on the switch has a single receive queue buffer the ingress port for incoming traffic When an untagged frame arrives it is assigned the value...

Страница 254: ...t the priorities on a parallel trunk port so that the port carries all the traffic for a given VLAN The trunk port with the higher priority lower values for a VLAN is forwarding traffic for that VLAN The trunk port with the lower priority higher values for the same VLAN remains in a blocking state for that VLAN One trunk port sends or receives all traffic for the VLAN Figure 8 5 shows two trunks c...

Страница 255: ...m 1 to 32 characters Step 3 vtp server Configure Switch 1 as the VTP server Step 4 exit Return to privileged EXEC mode Step 5 show vtp status Verify the VTP configuration on both Switch 1 and Switch 2 In the display check the VTP Operating Mode and the VTP Domain Name fields Step 6 show vlan Verify that the VLANs exist in the database on Switch 1 Step 7 configure terminal Enter global configuratio...

Страница 256: ...Ns 8 through 10 are assigned a path cost of 30 on trunk port 2 VLANs 2 through 4 retain the default 100BASE T path cost on trunk port 2 of 19 Figure 8 6 Load Sharing Trunks with Traffic Distributed by Path Cost Step 16 interface fa0 1 Enter interface configuration mode and define the interface to set the STP port priority Step 17 spanning tree vlan 8 9 10 port priority 10 Assign the port priority ...

Страница 257: ...ify your entries In the display make sure that interface Fa0 1 and Fa0 2 are configured as trunk ports Step 7 show vlan When the trunk links come up Switch 1 receives the VTP information from the other switches Verify that Switch 1 has learned the VLAN configuration Step 8 configure terminal Enter global configuration mode Step 9 interface fa0 1 Enter interface configuration mode and define Fa0 1 ...

Страница 258: ...address to or from the port The switch continues to monitor the packets directed to the port and sends a query to the VMPS when it identifies a new address If the switch receives a port shutdown response from the VMPS it disables the port The port must be manually reenabled by using the CLI Cluster Management software or SNMP You can also use an explicit entry in the configuration table to deny ac...

Страница 259: ...tch is a cluster member the command switch adds the name of the switch before the Fa For example es3 Fa02 refers to fixed 10 100 port 2 on member switch 3 These naming conventions must be used in the VMPS database configuration file when it is configured to support a cluster You can configure a fallback VLAN name If you connect a device with a MAC address that is not in the database the VMPS sends...

Страница 260: ...e the VMPS before you configure ports as dynamic The communication between a cluster of switches and VMPS is managed by the command switch and includes port naming conventions that are different from standard port names For the cluster based port naming conventions see the VMPS Database Configuration File section on page 8 37 When you configure a port as dynamic the spanning tree Port Fast feature...

Страница 261: ...nning in privileged EXEC mode follow these steps to enter the IP address of the VMPS Table 8 13 Default VMPS Client and Dynamic Port Configuration Feature Default Configuration VMPS domain server None VMPS reconfirm interval 60 minutes VMPS server retry count 3 Dynamic ports None configured Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 vmps server ipaddress prima...

Страница 262: ...more information see the Configuring a Trunk Port section on page 8 28 Reconfirming VLAN Memberships Beginning in privileged EXEC mode follow these steps to confirm the dynamic port VLAN membership assignments that the switch has received from the VMPS Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 interface interface Enter interface configuration mode and the swi...

Страница 263: ...s to change the reconfirmation interval Changing the Retry Count Beginning in privileged EXEC mode follow these steps to change the number of times that the switch attempts to contact the VMPS before querying the next server Command Purpose Step 1 configure terminal Enter global configuration mode Step 2 vmps reconfirm minutes Enter the number of minutes between reconfirmations of the dynamic VLAN...

Страница 264: ...lyst 5000 series Switch 1 is the primary VMPS server The Catalyst 5000 series Switch 3 and Switch 10 are secondary VMPS servers End stations are connected to these clients Catalyst 2900 XL Switch 2 Catalyst 3500 XL Switch 9 The database configuration file is called Bldg G db and is stored on the TFTP server with the IP address 172 20 22 7 VMPS VQP Version The version of VQP used to communicate wit...

Страница 265: ... Secondary VMPS Server 3 172 20 26 150 172 20 26 151 Trunk port Catalyst 5000 series 172 20 26 152 Ethernet segment Trunk link 172 20 26 153 172 20 26 154 172 20 26 155 172 20 26 156 172 20 26 157 172 20 26 158 172 20 26 159 Client Client End station 2 End station 1 TFTP server Dynamic access port Dynamic access port Switch 10 Switch 9 Switch 8 Switch 7 Switch 6 Switch 5 Switch 3 Switch 2 Switch 1...

Страница 266: ...8 44 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Chapter 8 Configuring VLANs How the VMPS Works ...

Страница 267: ... GBIC Security and Identification page 9 8 Troubleshooting LRE Port Configuration page 9 9 Troubleshooting CMS Sessions page 9 11 Determining Why a Switch Is Not Added to a Cluster page 9 14 Copying Configuration Files to Troubleshoot Configuration Problems page 9 15 Troubleshooting Switch Software Upgrades page 9 16 Recovery Procedures page 9 18 For additional troubleshooting information See Appe...

Страница 268: ... bad packets discarded packets and no destination packets Transmit Bandwidth Usage The percentage of the bandwidth usage for transmission based on the transmit rate and actual speed Receive Bandwidth Usage The percentage of the bandwidth usage for reception based on the receive rate and actual speed Transmit Packet Rate The transmit rate of well formed packets It includes unicast multicast and bro...

Страница 269: ...ns It includes packets of all destination address types Late Collision Packets The total number of packets discarded because of late collisions detected during transmission It includes all transmit packets that had a collision after the transmission of the packet s 64th byte The preamble and SFD are not included in the frame s byte count Receive Unicast Packets The total number of well formed unic...

Страница 270: ... frames with errors and frames with unicast or broadcast destination address types or oversize frames and undersize frames Alignment Errors The total number of packets received with alignment errors It includes all the packets received with both an FCS error and a nonintegral number of bytes FCS Errors The total number of packets received with FCS errors It excludes undersized packets with FCS err...

Страница 271: ...hem Downstream Reed Solomon Errors The number of detected and corrected data errors being received on the CPE RJ 11 wall port Table 9 4 CPE Ethernet Link Statistics Counter Description Tx Octets The count of octets sent from an LRE CPE Ethernet port Tx Drop Pkts The count of packets dropped during transmission out an LRE CPE Ethernet port Tx Broadcast Pkts The count of packets with a broadcast des...

Страница 272: ...eived packets that had a unicast destination Rx Broadcast Pkts The count of received packets that had a broadcast destination Rx Multicast Pkts The count of received packets that had a multicast destination Rx Good Octets The count of received octets that had no errors Rx Fragments The count of received fragments Fragments are pieces of a packet Rx Excess Size Discards The count of packets that we...

Страница 273: ... issues a warning message that you are configuring a setting that is incompatible with another setting and the switch does not save the change Table 9 5 Conflicting Features ATM Port1 1 Catalyst 2900 XL switches only Port Group Port Security SPAN Port Multi VLAN Port Network Port Connect to Cluster Protecte d Port ATM Port N A No No No No No Yes No Port Group No No No Yes Yes2 2 Cannot be in a des...

Страница 274: ... adjust itself even if the connected port does not autonegotiate To connect to a remote Gigabit Ethernet device that does not autonegotiate disable autonegotiation on the local device and set the duplex and flow control parameters to be compatible with the remote device GBIC Security and Identification Cisco approved Gigabit Interface Converter GBIC modules have a serial EEPROM that contains the m...

Страница 275: ...wer surges is causing interference with the LRE link Change to a profile that has the interleaver feature enabled such as the LRE 5 LRE 10 LRE 15 LRE 10 1 LRE 10 3 or LRE 10 5 profile Change to a profile with a lower data rate for example use LRE 5 instead of LRE 15 to increase the noise margin The LRE link length and quality are close to the limit of operation Change to a lower profile for exampl...

Страница 276: ... have the LL feature enabled and the interleaver feature turned off The LL feature does not delay data transmission but it makes data more susceptible to interruptions on the LRE link All other profiles public and private have the interleaver feature enabled and the LL feature disabled The interleaver feature provides maximum protection against small interruptions on the LRE link but delays data t...

Страница 277: ...ar as unavailable devices and cannot be configured from CMS For more information about CMS access modes see the Access Modes in CMS section on page 2 33 Note If you have configured the Terminal Access Controller Access Control System Plus TACACS or feature on the switch you can still access the switch through CMS For information about how inconsistent authentication configurations in switch cluste...

Страница 278: ...N as the management VLAN For more information about management VLANs see the Management VLANs section on page 8 3 The Applet notinited message appears at the bottom of the browser window You might not have enough disk space Each time you start CMS the Java plug in saves a copy of all the jar files to the disk Delete the jar files from the location where the browser keeps the temporary files on you...

Страница 279: ...tes 8 Deselect Require server verification 9 Add the switches you want to manage by entering their URLs in the Add this web site to the zone field Click Add to add each switch A URL is the switch IP address preceded by http For example you might enter http 172 20 153 36 10 After you have finished entering the URLs for your switches click OK 11 While still in the Security tab of the Internet Option...

Страница 280: ... Topology view displays the cluster as a double switch icon and shows connections to devices outside the cluster Figure 9 1 Right click the device yellow label and select Disqualification Code For a list of devices that are cluster enabled refer to the release notes http www cisco com univercd cc td doc product lan c2900xl index htm Figure 9 1 Cluster View Right click a device with a yellow label ...

Страница 281: ...18 C2900XL h mz 112 8 SA 4 drwx 3776 Mar 01 1993 01 23 24 html 66 rwx 130 Jan 01 1970 00 01 19 env_vars 68 rwx 1296 Mar 01 1993 06 55 51 config text 1728000 bytes total 456704 bytes free The file system uses a URL based file specification This example uses the TFTP protocol to copy the file config text from the host arno to the switch Flash memory switch copy tftp arno 2900 config text flash confi...

Страница 282: ...y In most of the cases when setting the boot parameters during or after the upgrade the word flash is mistyped or completely missed Go to Setting BOOT Parameters at ROMMON Switch Prompt to verify and set the BOOT parameters correctly If setting the BOOT parameters to the correct filename does not resolve the issue perform an X Modem upgrade as the file present on the Flash memory could be corrupte...

Страница 283: ...he BOOT parameters are not correct and the switch is still set to boot from the old image or the upgrade did not go through properly Verify the BOOT parameters and correct them if needed If the BOOT parameters are correct download the IOS image file using TFTP If the switch still boots with the old image download the IOS image file using X Modem Switch not booting automatically needs a manual boot...

Страница 284: ...ion on page 7 10 Recovering from a Command Switch Failure You can prepare for a command switch failure by assigning an IP address to a member switch that is command capable making a note of the command switch password and cabling your cluster to provide redundant connectivity between all member switches and the replacement command switch Hot Standby Router Protocol HSRP is the preferred method for...

Страница 285: ...From privileged EXEC mode enter global configuration mode Switch config terminal Enter configuration commands one per line End with CNTL Z Step 7 From global configuration mode remove previous command switch information from the switch Switch config no cluster commander address Step 8 Return to privileged EXEC mode Switch config exit Switch Step 9 Use the setup program to configure the switch IP i...

Страница 286: ...ke to configure a Telnet password yes y Note The password can be from 1 to 25 alphanumeric characters is case sensitive allows spaces but ignores leading spaces Step 18 Enter the Telnet password and press Return Enter Telnet password telnet_password Step 19 Enter Y to configure the switch as the cluster command switch Enter N to configure it as a member switch or as a standalone switch Note If you...

Страница 287: ...ch Follow these steps when you are replacing a failed command switch with a switch that is command capable but not part of the cluster Step 1 Insert the new switch in place of the failed command switch and duplicate its connections to the cluster members Step 2 Start a CLI session on the new command switch You can access the CLI by using the console port or if an IP address has been assigned to th...

Страница 288: ...password of the failed command switch and press Return Note The password can be from 1 to 25 alphanumeric characters can start with a number is case sensitive allows spaces but ignores leading spaces Enter enable secret secret_password Step 13 Enter Y to enter a Telnet password Would you like to configure a Telnet password yes y Note The password can be from 1 to 25 alphanumeric characters is case...

Страница 289: ... address that you entered in Step 7 Step 20 Click Cluster Management Suite to display CMS It prompts you to add the candidate switches The password of the failed command switch is still valid for the cluster Enter it when candidate switches are proposed for cluster membership and click OK Recovering from a Failed Command Switch Without Replacing the Command Switch If a command switch fails and the...

Страница 290: ...t the software appear as do instructions The system has been interrupted prior to initializing the flash file system The following commands will initialize the flash file system and finish loading the operating system software flash_init load_helper boot Step 5 Initialize the Flash file system switch flash_init Step 6 If you had set the console port speed to anything other than 9600 it has been re...

Страница 291: ... configuration file into memory switch copy flash config text system running config Source filename config text Destination filename running config Press Return in response to the confirmation prompts The configuration file is now reloaded Follow the next steps to change the password Step 14 Enter global configuration mode switch config terminal Step 15 Change the password switch config enable sec...

Страница 292: ...ODEM protocol and this procedure is largely dependent on the emulation software you are using Step 1 Connect a PC with terminal emulation software supporting the XMODEM Protocol to the switch console port Step 2 Set the line speed on the emulation software to 9600 baud Step 3 Unplug the switch power cord Step 4 Reconnect the power cord to the switch The software image does not load The switch star...

Страница 293: ... in the Cisco IOS Release 12 0 documentation on Cisco com Note From CMS Reports System Messages you can display the system messages of the Catalyst 2900 XL and Catalyst 3500 XL switches when they are in a cluster where the command switch is a Catalyst 2950 switch running Release 12 1 6 EA2 or later or a Catalyst 3550 switch running Release 12 1 8 EA1 or later The System Messages option is not avai...

Страница 294: ...it Ethernet controller FRANK Messages page A 10 GBIC_1000BASET Cisco GigaStack Gigabit Interface Converter GBIC_1000BASET Messages page A 15 GBIC_SECURITY GBIC module security GBIC_SECURITY Messages page A 16 GIGASTACK GigaStack GBIC GigaStack Messages page A 17 HW_MEMORY Hardware memory HW_MEMORY Messages page A 18 INTERFACE Interface API INTERFACE Messages page A 19 IP Internet Protocol IP Messa...

Страница 295: ...ages SPANTREE Spanning Tree Protocol SPANTREE Messages page A 35 SPANTREE_FAST STP fast convergence SPANTREE_FAST Messages page A 38 STORM_CONTROL Storm control STORM_CONTROL Message Messages page A 39 SW_VLAN VLAN Manager SW_VLAN Messages page A 39 SYS Operating system SYS Messages page A 41 TAC Terminal Access Controller Access Control System Protocol TAC Messages page A 44 TTYDRIVER Terminal dr...

Страница 296: ...ing the error It is shown as SLOT followed by a number For example SLOT5 Error Message Traceback Reports Some messages describe internal errors and contain traceback information This information is very important and should be included when you report a problem to your technical support representative The following sample message includes traceback information Process Exec level 0 pid 17 Traceback...

Страница 297: ... console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representative and provide the representative with the gathered information Error Message AAAA 3 DLRF...

Страница 298: ...ss has been enabled but somehow could not run Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco tec...

Страница 299: ...e show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representative and provide the representative with the gathered information Error Message CAPITOLA_MOD 3 NULLPTR n chars Did not expect NUL...

Страница 300: ...es This section contains the Cluster Membership Protocol error messages Error Message CMP 5 ADD The Device is added to the cluster Cluster Name chars CMDR IP Address inet Explanation The message means that the device is added to the cluster chars is the cluster name and inet is the Internet address of the command switch Recommended Action No action is required Error Message CMP 5 MEMBER_CONFIG_UPD...

Страница 301: ...RONMENT 2 FAN_FAULT System Fault FAN FAULT is detected Explanation This message means that an internal fan fault is detected This message is available only on the Catalyst 3524 PWR XL switch Recommended Action Either check the switch itself or use the show env privileged EXEC command to check if a fan on the switch has failed The Catalyst 3524 PWR XL switch can operate normally with one failed fan...

Страница 302: ...et for the extra allocation value has failed Recommended Action This error prevents a crucial workaround for the controller from executing This brings down the switch and causes it to reload Error Message FRANK 1 DIST_FIFO_POLL_HANDLE chars Failed to allocate molecule handle Explanation A molecule chain is sent by the CPU to the controller driver to read the values of all the distribution FIFO reg...

Страница 303: ...epresentative with the gathered information Error Message FRANK 1 UNKNOWN_FRAME_NOTIFY_FORMAT Frame Update Notify hex and Queue Type is dec for Queue dec n Explanation An unknown frame notify format was found The queue type and queue number are displayed Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather...

Страница 304: ... chars Initialization failed hex n Explanation The controller initialization has failed and the failure error code is printed Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from th...

Страница 305: ...n Explanation The configuration for the controller module could not be found Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech suppor...

Страница 306: ...error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representative and provide the representative with the gathered information Error Message FRANK 3 UNKNOWN_VLAN_EVENT Unknown vlan event n Explanation A VLAN event that is not recognized by the driver was triggered Recommended Action Copy the er...

Страница 307: ...d in a slot Recommended Action No action is required Error Message FRANK 6 MODULE_REMOVED Module in slot dec was removed Explanation The module has been removed from the slot Recommended Action No action is required GBIC_1000BASET Messages This section contains the 1000BASE T Cisco Gigabit Interface Converter GBIC error messages Error Message GBIC_1000BASET 6 GBIC_1000BASET_DEFAULT_CONFIG 1000 Bas...

Страница 308: ...ther GBIC interface Explanation This message means that the GBIC was identified as a Cisco GBIC but its serial number matches that of another interface on the system chars is the interface in which the GBIC is installed Recommended Action Cisco GBICs are assigned unique serial numbers Verify that the GBIC was obtained from Cisco or a supported vendor Error Message GBIC_SECURITY 4 GBIC_INTERR Inter...

Страница 309: ...s section contains the Cisco GigaStack Gigabit Interface Converter GBIC error messages Error Message GIGASTACK 1 NO_LOOP_DETECT The link neighbor of link dec of Gigastack GBIC in chars did not respond to the loop detection request If loop topology is deployed make sure all switches in the stack are running the latest software Explanation No acknowledgement for GigaStack loop detection request is r...

Страница 310: ...Link 2 of the Gigastack GBIC in chars is re enabled Explanation A loop formed by GigaStack modules is broken because of link loss Link 2 of the master loop breaker is re enabled to replace the broken link Recommended Action No action is required Error Message GIGASTACK 6 LOOP_DETECTED Gigastack GBIC in chars is selected as Master Loop Breaker nLink 2 of the Gigastack GBIC is disabled to break the ...

Страница 311: ...essage INTERFACE_API 1 NOMORESWIDB No more SWIDB can be allocated maximum allowed dec Explanation No more Interfaces can be created because the maximum number of SWIDB allowed for this platform has been reached Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to dete...

Страница 312: ...um application firmware version needed chars Explanation Each CPE requires a currently supported application firmware version for it to function correctly This CPE has a application firmware version that predates the earliest supported version Recommended Action Upgrade the application firmware on the CPE to a version that supports the current requirements Error Message LRE_CPE 3 WRONGBOOTVER CPE ...

Страница 313: ...t Also make sure that the CPE has the correct LRE firmware and if applicable that the CPE class identifier is correctly set Error Message LRE_CPE SSNCHANGED CPE unit on interface chars changed Explanation The CPE system serial number changed This usually means that the CPE unit on this interface was replaced Recommended Action No action is required LRE_LINK Messages This section contains the Long ...

Страница 314: ...itch or CPE is faulty contact Cisco Systems MAT Messages This section contains the MAC address table error messages Error Message MAT 1 BADFRAME A bad packet is received on switch port chars Explanation A packet with either a switch error a network error or a wrong port number is received by the address learning process Recommended Action If problems persist copy the error message exactly as it ap...

Страница 315: ...table Explanation The address table can only handle a certain number of MAC addresses Recommended Action Reduce the number of MAC addresses in the address table Error Message MAT 2 SECURITYREJECT Security violation occurred on module dec port dec caused by MAC address enet Explanation A packet with an unexpected source address is received on a secure port Recommended Action Remove the station with...

Страница 316: ...will be reset and restarted Explanation A port problem is detected on the module The module is reset and is restarted Recommended Action If the module continues to reset and restart copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot dete...

Страница 317: ... Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representative and provide the representat...

Страница 318: ...ge of dec to dec Explanation An invalid request was detected by the bitlist subsystem Recommended Action No action is required Error Message PM 4 BIT_OUTOFRANGE bit dec is not in the expected range of dec to dec Explanation An invalid request was detected by the Port Manager Recommended Action No action is required Error Message PM 4 BAD_CARD_COOKIE An invalid card cookie was detected Explanation ...

Страница 319: ...rotective measure that puts the interface in error disabled state when it detects a misconfiguration or misbehavior The switch attempts a recovery after the recovery interval expires default is 5 minutes Recommended Action Correct the UDLD problem and restart the interface by using the no shutdown interface configuration command Alternatively you can enable port by using the errdisable recovery gl...

Страница 320: ...to stop state machine chars chars but it is not idle Explanation The Port Manager subsystem attempted to stop a state machine that has events pending Recommended Action No action is required Error Message PMSM 4 STOPPED Event chars ignored because the state machine is stopped chars chars Explanation The Port Manager subsystem attempted to post an event to a state machine that has already been stop...

Страница 321: ...rror messages Error Message PRUNING 1 INVTLV rx summary in domain chars with invalid TLV value hex Explanation No explanation is available at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the n...

Страница 322: ...n No explanation is available at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco techni...

Страница 323: ...ailable at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representa...

Страница 324: ...led Explanation No explanation is available at this time Recommended Action No action is required Error Message PRUNING 5 JOINNONAME No domain name in rx Join trunk hex Explanation No explanation is available at this time Recommended Action No action is required Error Message PRUNING 5 JOINNOTRUNK Trunk hex not found for rx Join Explanation No explanation is available at this time Recommended Acti...

Страница 325: ...ster Explanation Failed to read a register Recommended Action If this is happening with all features on the switch this is a hardware failure Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the e...

Страница 326: ...ote that the show cdp neighbors command is useful in determining the next switch Repeat this procedure until the port is found that is receiving what it is transmitting and remove that port from the network Error Message RTD 1 LINK_FLAP chars link down up dec times per min Explanation An excessive number of link down up events has been noticed on this interface chars is the interface and dec is th...

Страница 327: ...t contact your Cisco technical support representative and provide the representative with the gathered information Error Message SPANTREE 2 BLOCK_PVID_LOCAL Blocking chars on vlan dec Inconsistent local vlan Explanation No explanation is available at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to ...

Страница 328: ...information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representative and provide the representative with the gathered information Error Message SPANTREE 2 RECV_1Q_NON_TRUNK Received 802 1Q BPDU on non trunk chars on vlan dec Explanation No explanation is ...

Страница 329: ...of the error from the error message text or from the show tech support output contact your Cisco technical support representative and provide the representative with the gathered information Error Message SPANTREE 2 ROOTGUARD_CONFIG_CHANGE Rootguard chars on port chars VLAN dec Explanation No explanation is available at this time Recommended Action Copy the error message exactly as it appears on t...

Страница 330: ...py the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representative and provide the representative with t...

Страница 331: ...es Error Message SW_VLAN 3 VTP_PROTOCOL_ERROR VTP protocol code internal error chars Explanation VLAN Trunking Protocol VTP protocol code encountered an unexpected error when processing a configuration request packet or timer expiration Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might p...

Страница 332: ...ACTIVE_VALUE Encountered incorrect VLAN timer active value chars Explanation Due to a software error a VLAN timer was detected as active when it should have been inactive or inactive when it should have been active Recommended Action No action is required Error Message SW_VLAN 4 IFS_FAILURE VLAN manager encountered file operation error call chars failure code errno dec bytes transfered dec Explana...

Страница 333: ...s but will create files using the new format in the future Recommended Action No action is required Error Message SW_VLAN 6 VTP_MODE_CHANGE VLAN manager changing device mode from chars to chars Explanation Some switch devices must automatically change VTP device modes upon receipt of a VLAN configuration database containing more than a set number of VLANs depending on the device This message means...

Страница 334: ...om the show tech support output contact your Cisco technical support representative and provide the representative with the gathered information Error Message SYS 2 CHUNKEXPANDFAIL Could not expand chunk pool for chars No memory available Explanation There is not enough processor memory left to increase this chunk pool Recommended Action Copy the error message exactly as it appears on the console ...

Страница 335: ...error occurred Recommended Action If this messages recurs copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical ...

Страница 336: ...e no logging console guaranteed command or turning off link state messages for some interfaces Error Message SYS 6 READ_BOOTFILE_FAIL chars chars Explanation A configured boot system command failed Recommended Action If a system image was eventually loaded no action is required If the system image did not load as configured copy the error message exactly as it appears on the console or in the syst...

Страница 337: ...not expecting This might occur when a TACACS server sends duplicate responses or when it responds to a request that has already timed out It also might be due to an internal software problem Recommended Action No action is required Error Message TAC 6 SENDTMO Send type dec to IP_address timed out Explanation A background TACACS notification enabled with the tacacs notify command was not acknowledg...

Страница 338: ...lable at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representati...

Страница 339: ...s available at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support command to gather data that might provide information to determine the nature of the error If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support repres...

Страница 340: ...rror If you cannot determine the nature of the error from the error message text or from the show tech support output contact your Cisco technical support representative and provide the representative with the gathered information Error Message VQPCLIENT 3 VLANNAME Invalid VLAN chars in response Explanation No explanation is available at this time Recommended Action Copy the error message exactly ...

Страница 341: ...QP client Explanation No explanation is available at this time Recommended Action No action is required VTP Message This section contains the Virtual Terminal Protocol error message Error Message VTP 3 ERROR chars Explanation No explanation is available at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log Enter the show tech support comma...

Страница 342: ...A 50 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 Appendix A System Messages Error Message and Recovery Procedures ...

Страница 343: ...d A 3 hex variable field A 4 inet variable field A 4 AC command switch 5 12 5 23 accessing clusters switch 5 15 CMS 2 32 modes 2 33 command modes 3 2 command switches 5 13 console port 4 3 HTTP port 4 3 member switches 5 15 8 25 MIBs files 4 5 objects 4 5 variables 4 6 switch clusters 5 15 Telnet access 4 4 access levels CMS 2 33 access points inline power 7 15 access ports dynamic 8 5 8 40 in swi...

Страница 344: ...ms group in RMON 4 5 allowed VLAN list 8 29 American National Standards Institute See ANSI ANSI 1 5 Plan 998 7 17 AppleTalk Remote Access See ARA Apply button 2 31 ARA 6 53 ARP table address resolution 6 32 managing 6 32 asymmetric digital subscriber line See ADSL ATM ports duplex mode and speed 7 2 trunks and other features 8 27 VLAN membership 2 12 8 5 ATM trunk mode 2 12 attributes RADIUS vendo...

Страница 345: ...e also command switch cluster standby group and member switch cascaded configuration UplinkFast 6 35 Catalyst 3524 PWR XL 7 13 caution symbol definition of xvii CC command switch 5 23 CDP automatic discovery in switch clusters 5 5 configuring 6 13 6 14 system messages A 7 CGMP controlling management packets with 6 20 removing router ports 6 22 See also Fast Leave change notification CMS 2 34 chass...

Страница 346: ...omatic discovery 5 5 automatic recovery 5 12 CLI 5 26 host names 5 16 IP addresses 5 15 LRE profiles 5 19 management VLAN 5 18 NAT commands 5 19 network port 5 19 passwords 5 16 RADIUS 5 17 SNMP 5 16 5 27 switch specific features 5 19 TACACS 5 17 redundancy 5 23 troubleshooting 5 25 9 14 verifying 5 25 See also candidate switch command switch cluster standby group member switch and standby command...

Страница 347: ...nd management 4 5 command switch with HSRP disabled CC 5 23 configuration conflicts 9 18 defined 5 2 enabling 5 20 passive PC 5 12 5 23 password privilege levels 5 26 priority 5 12 recovery from command switch failure 5 12 from failure 9 18 9 23 from failure without HSRP 9 23 from lost member connectivity 9 18 redundant 5 12 5 23 replacing with another switch 9 21 with cluster member 9 19 requirem...

Страница 348: ...3 6 14 community strings 6 49 Cross stack UplinkFast 6 37 date and time 6 12 daylight saving time 6 12 DNS 6 6 duplex mode 7 2 7 3 7 21 dynamic ports on VMPS clients 8 40 dynamic VLAN membership 8 39 flooding controls 7 4 flow control 7 3 hello time 6 43 hops 6 14 IGMP filtering 6 23 inline power 7 15 IP information 6 2 IP phones 7 13 7 14 load sharing 8 33 login authentication 6 52 management VLA...

Страница 349: ...verview 6 37 Current Multicast Groups table 6 22 customer premises equipment See CPE CWDM GBIC modules 1 21 troubleshooting 9 8 wavelength colors on CMS 2 6 D database VTP 8 20 8 23 date setting 6 12 daylight saving time 6 12 default configurations RADIUS 6 57 VLANs 8 21 VMPS 8 39 VTP 8 15 defaults switch list of 4 7 resetting to 3 5 deleting VLAN from database 8 25 destination based forwarding 7 ...

Страница 350: ... 8 9 DTP 8 28 duplex mode configuration guidelines 7 2 configuring 7 2 7 3 7 21 CPE Ethernet link 7 21 full duplex with flow control 7 2 half duplex with back pressure 7 2 settings ATM port 7 2 duplex mode LED 2 8 dynamic access mode 2 12 dynamic access ports described 8 5 limit on number of hosts 8 42 VLAN membership combinations 8 6 dynamic addresses See addresses Dynamic Host Configuration Prot...

Страница 351: ...See ETSI events group in RMON 4 5 examples network configuration 1 8 Expand Cluster view 2 14 expert mode 2 28 extended discovery 6 14 F facility codes described A 2 table A 2 fan fault indication 2 5 Fast EtherChannel port groups creating 7 7 Fast Ethernet trunks 8 26 Fast Leave defined 6 20 disabling 6 21 enabling 6 21 FDDI Net VLAN defaults and ranges 8 22 FDDI VLAN defaults and ranges 8 21 fea...

Страница 352: ...igabit Interface Converter See GBIC modules GigaStack system messages A 17 global configuration mode 3 3 graphs bandwidth 2 8 guide mode 1 7 2 28 H hardware memory system messages See HW_MEMORY system messages HC candidate switch 5 23 hello BPDU interval 6 43 hello time changing 6 43 defined 6 42 help CLI 3 5 Help button CMS 2 31 Help Contents 2 29 history group in RMON 4 5 hold time modifying 6 2...

Страница 353: ... LED 2 8 Integrated Services Digital Network See ISDN interaction modes CMS 2 28 interface API system messages A 19 interface configuration mode 3 3 specifying ports in 3 4 interfaces supported 1 6 Internet Group Management Protocol See IGMP filtering Internet Protocol system messages See IP Inter Switch Link See ISL inventory cluster 5 25 IOS command line interface Cisco See CLI IOS Release 12 0 ...

Страница 354: ... 52 login authentication with RADIUS 6 60 Long Reach Ethernet See LRE technology LRE 10 1 private profile 7 17 LRE 10 3 private profile 7 17 LRE 10 5 private profile 7 18 LRE 10LL private profile 7 18 LRE 10 private profile 7 17 LRE 15LL private profile 7 18 LRE 15 private profile 7 17 LRE 5LL private profile 7 18 LRE 5 private profile 7 17 LRE CPE system messages A 20 LRE environment 7 18 trouble...

Страница 355: ...re 6 18 aging time 6 16 discovering 6 15 6 32 maximum number supported 6 15 notification and history of activity 6 17 MAC address notification 6 17 mac notification traps 6 49 MAC address tables managing 6 15 management options benefits clustering 1 7 CMS 1 7 CLI 3 1 CMS 2 1 overview 1 6 management VLAN changing 5 18 8 3 8 4 configuring 8 4 considerations in switch clusters 5 8 5 9 5 18 discovery ...

Страница 356: ...ckets 7 5 See also flooding controls multicast traffic and protected ports 7 9 Multicast VLAN Registration See MVR Multilink Decomposer window 2 25 multilink icon 2 25 multi VLAN mode 2 12 multi VLAN ports assigning to VLANs 8 7 8 8 described 8 7 VLAN membership combinations 8 6 MVR 6 27 configuring 6 31 guidelines 6 29 limitations 6 29 overview 6 27 parameters 6 30 N NAT commands cluster consider...

Страница 357: ... help 2 29 operating system messages See SYS system messages optical add drop multiplexer OADM modules See CWDM modules overheating indication switch 2 5 P packets controlling management CGMP 6 20 See also traffic parallel links 8 32 passwords changing 6 11 community strings 6 49 in clusters 5 16 5 21 in CMS 2 32 recovery of 9 23 9 24 setting 6 11 TACACS server 6 51 VTP domain 8 14 patch panel 1 1...

Страница 358: ...ex mode 7 2 7 21 dynamic configuring 8 40 See also dynamic port VLAN membership dynamic access 2 12 hosts on 8 42 mode 8 5 and VLAN combinations 8 6 dynamic VLAN membership reconfirming 8 40 features conflicting 9 7 flooded traffic 7 5 forwarding resuming 7 5 Gigabit Ethernet configuring flow control on 7 3 settings 7 2 ISL trunk 2 12 LRE 7 16 monitoring 8 27 multi VLAN 2 12 8 5 8 7 8 8 network 8 ...

Страница 359: ... ports privileged EXEC mode 3 3 privilege levels access modes read only 2 33 read write 2 33 CMS 2 33 command switch 5 26 mapping on member switches 5 26 setting 6 11 specifying 6 12 profiles LRE considerations 7 19 switch clusters 5 19 default 7 17 assigning 7 23 described 7 16 private 7 17 assigning 7 23 LRE 10 7 17 LRE 10 1 7 17 LRE 10 3 7 17 LRE 10 5 7 18 LRE 10LL 7 18 LRE 15 7 17 LRE 15LL 7 1...

Страница 360: ...read only access mode 2 33 read write access mode 2 33 reconfirmation interval changing 8 41 reconfirming dynamic VLAN membership 8 40 recovery procedures 9 18 redisplaying commands 3 5 redundancy STP 6 34 path cost 8 34 port priority 8 32 UplinkFast 6 36 redundant clusters See cluster standby group redundant power system See RPS Refresh button 2 31 registors system messages A 33 relay device conf...

Страница 361: ...fault changing 4 7 duplex mode 7 2 7 3 7 21 Gigabit Ethernet port 7 2 speed 7 3 7 21 STP 6 35 STP default 6 35 set top box television 1 17 setup program xv 4 2 See also release notes severity levels described A 3 table A 3 show cluster members command 5 26 show controllers ethernet controller command 7 21 show controllers lre commands 7 20 7 22 7 23 show controllers lre profile mapping 7 23 show c...

Страница 362: ... 13 See also cluster standby group and HSRP standby group cluster See cluster standby group and HSRP static access mode 2 12 static access ports assigning to VLAN 8 7 8 25 described 8 7 VLAN membership combinations 8 6 static addresses adding 6 19 configuring for EtherChannel port groups 6 20 described 6 15 6 19 removing 6 19 See also static address static address forwarding 6 19 static address fo...

Страница 363: ...ages See SPANTREE system messages SunNet Manager 1 6 switch clustering technology 5 1 See clusters switch switch commands xvi See switch command reference switching mode store and forward 7 4 Switch Manager 2 2 2 35 See also Device Manager Switch Port Analyzer See SPAN switchport command 8 28 switch ports configuring 7 1 switch software releases 4 2 switch statistics 9 2 switch upgrades See upgrad...

Страница 364: ...essages technical assistance See TAC Telnet access 4 4 accessing management interfaces 3 7 from a browser 3 7 terminal driver system messages See TTYDRIVER system messages TFTP server configuring 6 5 time daylight saving 6 12 setting 6 12 zones 6 12 tip symbol definition of xvii TLV support 8 11 Token Ring VLANs overview 8 20 TRBRF 8 11 8 22 TRCRF 8 11 8 22 toolbar 2 23 tool tips 2 29 Topology vie...

Страница 365: ...29 trunks allowed VLAN list 8 29 ATM 8 27 blocking unknown packets on 8 27 configuration conflicts 8 27 configuring 8 28 disabling 8 29 Gigabit Ethernet 8 26 IEEE 802 1Q 8 26 interacting with other features 8 27 ISL 8 26 load sharing using STP path costs 8 34 STP port priorities 8 32 native VLAN for untagged traffic 8 30 overview 8 26 parallel 8 34 pruning eligible list 8 30 VLAN overview 8 26 VLA...

Страница 366: ...s 2 12 8 5 port group parameters 7 8 See also dynamic VLAN membership vlan membership traps 6 49 VLAN Query Protocol See VQP VLANs 802 1Q considerations 8 26 adding to database 8 24 aging dynamic addresses 6 34 allowed on trunk 8 29 changing 8 24 configuration guidelines 8 21 configuring 8 1 8 23 default configuration 8 21 deleting from database 8 25 described 8 2 illustrated 8 2 ISL 8 26 MAC addr...

Страница 367: ...idelines 8 13 configuring 8 16 consistency checks 8 11 database 8 20 8 23 default configuration 8 15 described 8 9 disabling 8 18 domain names 8 13 domains 8 9 modes client 8 10 configurations affecting mode changes 8 10 configuring 8 17 server 8 10 8 16 transitions 8 10 transparent 8 7 8 10 8 18 monitoring 8 20 pruning enabling 8 19 overview 8 12 pruning eligible list changing 8 30 statistics 8 2...

Страница 368: ...Index IN 26 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78 6511 08 ...

Отзывы:

Нет отзывов

Похожие инструкции для Catalyst 2900 Series XL

ShareCenter DNS-320L

Бренд: D-Link Страницы: 4

Бренд: Panasonic Страницы: 44

Patton SmartNode 2300 Series

Бренд: Patton electronics Страницы: 2

Бренд: Paradyne Страницы: 12

Бренд: Zhone Страницы: 7

Бренд: Zhone Страницы: 1

Бренд: Profile Страницы: 6

DHI-NVR2104-P-4KS2

Бренд: Dahua Страницы: 23

InnoMedia MTA 3328-2R

Бренд: VoiceLine Страницы: 18

301300U - Ethernet Disk NAS Server

Бренд: LaCie Страницы: 62

Бренд: IMC Networks Страницы: 36

802.11a/b/g SDIO WiFi Module SDM3100

Бренд: Abocom Страницы: 14

Бренд: DPS Страницы: 57

IP Board IPT10000C

Бренд: Dialogic Страницы: 2

Бренд: ZyXEL Communications Страницы: 348

MP5S Plus Writer

Бренд: SONIX Страницы: 23

Wisenet PRN-6400DB4

Бренд: Hanwha Techwin Страницы: 125

IKS-6728 Series

Бренд: Moxa Technologies Страницы: 8

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды