Cisco Systems 2950 Bedienungsanleitung
- Schauen Sie die Anleitung online durch oderladen Sie diese herunter
- 674 Seiten
- 18.88 mb
Zur Seite of
Ähnliche Gebrauchsanleitungen
-
Switch
Cisco Systems IE3010
100 Seiten 7.95 mb -
Switch
Cisco Systems SGE2000
31 Seiten 24.03 mb -
Switch
Cisco Systems 3030
34 Seiten 0.73 mb -
Switch
Cisco Systems SE2800
22 Seiten 11.15 mb -
Switch
Cisco Systems ASR 9000
140 Seiten 3.44 mb -
Switch
Cisco Systems EG005W
25 Seiten 1.33 mb -
Switch
Cisco Systems MGXTM 8800
4 Seiten 0.19 mb -
Switch
Cisco Systems DS71-MD4
29 Seiten 0.13 mb
Richtige Gebrauchsanleitung
Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Cisco Systems 2950 an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Cisco Systems 2950, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.
Was ist eine Gebrauchsanleitung?
Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Cisco Systems 2950 die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.
Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Cisco Systems 2950. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.
Was sollte also eine ideale Gebrauchsanleitung beinhalten?
Die Gebrauchsanleitung Cisco Systems 2950 sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Cisco Systems 2950
- Den Namen des Produzenten und das Produktionsjahr des Geräts Cisco Systems 2950
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Cisco Systems 2950
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen
Warum lesen wir keine Gebrauchsanleitungen?
Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Cisco Systems 2950 zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Cisco Systems 2950 und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Cisco Systems finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Cisco Systems 2950 zu überspringen, wie es bei der Papierform passiert.
Warum sollte man Gebrauchsanleitungen lesen?
In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Cisco Systems 2950, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.
Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Cisco Systems 2950 widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.
Inhaltsverzeichnis der Gebrauchsanleitungen
-
Seite 1
Americas Headquarters Cisco Systems, In c. 170 West Tasman Drive San Jose, CA 951 34-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553-NETS (638 7) Fax: 408 527-0883 Catal yst 2950 and Catal yst 2955 S witc h S of tw are Conf iguration Guide Cisco IOS Release 12.1(22)EA1 1 and Later Marc h 20 08 Text Part Number: OL -10101-02[...]
-
Seite 2
THE SPECIFICATION S AND INFORMATION RE GARDING THE PRODU CTS IN THIS MANU AL ARE SUBJECT T O CHANGE WITHOUT N OTICE. ALL STATEMENTS , INFORMATION , AND RECOMMEN DATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSI BILITY FOR THEIR APPLICATION OF ANY PR[...]
-
Seite 3
iii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 CONTENTS Preface xxvii Audience xxvii Purpose xxvii Conventi ons xxviii Related Publica tions xxix Obtaining Documentation and Submitting a Serv ice Request xxx CHAPTER 1 Overview 1-1 Features 1-1 Ease of Deployment and Ease of Us e 1-2 Performance 1-3 Manageabil[...]
-
Seite 4
Contents iv Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 CHAPTER 2 Using the Command-Line Interface 2-1 Cisco IOS Command Modes 2-1 Getting Help 2-3 Abbreviating Command s 2-4 Using no and default Forms of Commands 2-4 Understanding CLI Messages 2-5 Using Command History 2-5 Changing the Co mmand History Buffer S[...]
-
Seite 5
Contents v Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring Alarm Profiles 3-9 Creating o r Modifying an Alarm Profi le 3-9 Attaching an Alarm Profile to a Speci fic Port 3-10 Enabling SNMP Traps 3-11 Displaying Catalyst 2955 Switch Alarms Statu s 3-11 CHAPTER 4 Assigning the Switch IP Ad dress and Defa[...]
-
Seite 6
Contents vi Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Event Service 5-3 NameSpace Mapper 5-3 What You Should Know About the CNS IDs and Dev ice Hostnames 5-3 ConfigID 5-4 DeviceID 5-4 Hostname and DeviceID 5-4 Using Hostname, DeviceID, and ConfigID 5-5 Understanding Cisco IOS Agents 5-5 Initial Configuration 5[...]
-
Seite 7
Contents vii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 TACACS+ and RADIUS 6-13 LRE Profiles 6-13 Catalyst 1900 and Catalyst 2820 CLI Considerations 6-14 Using SNMP to Manage Switch Clusters 6-14 CHAPTER 7 Administering the Switch 7-1 Managing the System Time and Date 7-1 Understanding the Sys tem Clock 7-1 U[...]
-
Seite 8
Contents viii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring MAC Address Notification Traps 7-21 Adding and Removing Static Address Entries 7-23 Configuring Unicast MAC Address Filtering 7-24 .Displaying Address Table Entries 7-25 Managing the ARP Table 7-26 CHAPTER 8 Configuring Switch-Based Authentica[...]
-
Seite 9
Contents ix Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring RADIUS 8-19 Default RADIUS Configuration 8-20 Identifying the RADIUS Server Host 8-20 Configuring RADIUS Login Authentication 8-23 Defining AAA Server Groups 8-25 Configuring RADIUS Authorization for Us er Privileged Access and Network Serv ic[...]
-
Seite 10
Contents x Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring IEEE 802.1x Authentication 9-12 Default IEEE 802.1x Authen tication Configuration 9-12 IEEE 802.1x Authentication Con figuration Guidelines 9-13 IEEE 802.1x Authentication 9-14 VLAN Assignment, Guest VLAN, and Restricted VLAN 9-14 Upgrading from [...]
-
Seite 11
Contents xi Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring Media Types for Gigabit Ethernet Interface s on LRE Switches 10-13 Configuring IEEE 802.3x Flow Control on IEEE 80 2.3z Gigabit Ethernet Ports 10-13 Adding a Description fo r an Interface 10-14 Configuring Loopback Detection 10-15 Monitoring a[...]
-
Seite 12
Contents xii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Using Rate Selection to Au tomatically Assign P rofiles 12-14 Precedence 12-15 Profile Locking 12-15 Link Qualification and SNR Margin s 12-16 Configuring LRE Link Persistence 12-19 Configuring LRE Link Monitor 12 -19 Configuring LRE Interleave 12-19 Confi[...]
-
Seite 13
Contents xiii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring Spanning-Tree Feature s 13-10 Default Spanning-Tree Configuration 13-11 Spanning-Tree Configuration Guid elines 13-11 Changing th e Spanning-Tree Mode 13-12 Disabling Spanning Tree 13-13 Configuring the Root Switch 13-14 Configuring a Second[...]
-
Seite 14
Contents xiv Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring the Root Switch 14-14 Configuring a Secondary Root Switch 14-15 Configuring the Port Priority 14-16 Configuring the Path Cost 14-17 Configuring the Switch Priority 14 -18 Configuring the Hello Time 14-19 Configuring the Forwarding-De lay Time 1[...]
-
Seite 15
Contents xv Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Enabling Root Guar d 15-20 Enabling Loop Guard 15-20 Displaying the Spanning-Tree Status 15 -21 CHAPTER 16 Configuring VLANs 16-1 Understanding VLANs 16-1 Supported VLANs 16 -2 VLAN Port Membership Modes 16-3 Configuring Normal-Range VLANs 16-4 Token Ring[...]
-
Seite 16
Contents xvi Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring VMPS 16-23 Understanding VMP S 16-23 Dynamic Port VLAN Membership 16-24 VMPS Database Config uration File 16-24 Default VMPS Client Configuration 16-25 VMPS Configuration Guid elines 16-25 Configuring the VMPS Client 16-26 Entering the IP Addre[...]
-
Seite 17
Contents xvii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Enabling VTP Pruning 17-14 Adding a VTP Client Switch to a VTP Domain 17-14 Monitoring VTP 17-15 CHAPTER 18 Configuring Voice VLAN 18-1 Understanding Voice VLAN 18-1 Configuring Voice VLAN 18-2 Default Voice VLAN Configuration 18-2 Voice VLAN Configurat[...]
-
Seite 18
Contents xviii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring IGMP Snooping 20-6 Default IGMP Snooping Configuration 20-7 Enabling or Disabling IGMP Snooping 20-7 Setting the Sno oping Method 20-8 Configuring a Multicast Router Port 20-9 Configuring a Host Statically to Join a Group 20-9 Enabling IGMP I[...]
-
Seite 19
Contents xix Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring Port Blocking 21 -5 Blocking Flooded Traffic on an Interface 21-5 Resuming Normal Fo rwarding on a Port 21-6 Configuring Port Security 21-6 Understanding Port Security 21-6 Secure MAC Addresses 21-6 Security Violations 21-7 Default Port Secur[...]
-
Seite 20
Contents xx Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 CHAPTER 24 Configuring SPAN and RSPAN 24-1 Understanding SPAN and RSPAN 24-1 SPAN and RSPAN Concepts and Terminolo gy 24-3 SPAN Session 24-3 Traffic Types 24-3 Source Port 24-4 Destination Port 24-4 Reflector Port 24-5 SPAN Traffic 24-5 SPAN and RSPAN Inter[...]
-
Seite 21
Contents xxi Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Disabling and Enabling Message Log ging 26-3 Setting the Mes sage Display Destination De vice 26-4 Synchronizing Log Messa ges 26-5 Enabling and Disabling Timestamps on Log Me ssages 26 -6 Enabling and Disabling Sequence Numbers in Log Messa ges 26-7 Def[...]
-
Seite 22
Contents xxii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Creating Standard and Exte nded IP ACLs 28-7 ACL Numbers 28-7 Creating a Numbered Standard ACL 28-8 Creating a Numbered Extended ACL 28-10 Creating Named Standard and Extend ed ACLs 28-13 Applying Time Ranges to ACLs 28-14 Including Comments About Entries[...]
-
Seite 23
Contents xxiii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Enabling Auto-QoS for VoIP 29-13 Displaying Auto-QoS Information 29-14 Auto-QoS Configuration Example 29-14 Configuring Standard QoS 29-16 Default Standard QoS Configuration 29-17 Configuration Guidelines 29-17 Configuring Classification Us ing Port Tr[...]
-
Seite 24
Contents xxiv Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring Layer 2 EtherChannels 30-9 Configuring EtherChannel Lo ad Balancing 30-11 Configuring the PAgP Learn Method and Priority 30-12 Configuring the LACP Port Priority 30-12 Configuring Hot Standby Ports 30-13 Configuring the LACP System Priority 30[...]
-
Seite 25
Contents xxv Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 APPENDIX A Supported MIBs A-1 MIB List A-1 Using FTP to Access the MIB Files A-3 APPENDIX B Working with the Cisco IOS File System, Configuration Fi les, and Software Images B-1 Working with the Flash File System B-1 Displaying Available File Systems B-2[...]
-
Seite 26
Contents xxvi Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 tar File Format of Images on a Server or .com B-19 Copying Image Files By Using TFTP B-20 Preparing to Download or Upload an Image File By Using TFTP B-20 Downloading an Image File By Using TFTP B-21 Uploading an Image File By Using TFTP B-22 Copying Imag[...]
-
Seite 27
xxvii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Preface Audience This guide is for the netw orking professi onal managi ng the Catalyst 29 50 and 2955 switches, hereafte r referred to as the switches . Before using this guide, y ou should ha ve e xperience working with the Cisco IOS and be famil iar with the[...]
-
Seite 28
xxviii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Preface • CLI command information—This gu ide provides an o vervie w for using the CLI. For complete syntax and usage informat ion about the commands th at hav e been specifically created or changed for the switches, see the command reference for th is relea[...]
-
Seite 29
xxix Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Preface Related Publications These documents pro vide complete information about th e switch and are a v ailable from thi s Cisco.com site: http://www .cisco.com/en/US/ products/ps67 38/tsd_pro ducts_support_series_home.html http://www .cisco.com/en/US/ products[...]
-
Seite 30
xxx Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Preface Obtaining Documentation and Submitting a Service Request For info rmation on obtaining documentatio n, submitting a service request, and g athering additional information, see the mont hly What’ s New in Cisco Pr oduct Documentation , which also li sts al[...]
-
Seite 31
CH A P T E R 1-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 1 Overview This chapter p rovides these topics ab out the Catalyst 2950 and Catalyst 2955 switch software: • Features, page 1-1 • Management Options, page 1-9 • Network Confi guration Examples, p age 1-11 • Where to Go Next, page 1-24 Note In t[...]
-
Seite 32
1-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Features Certain Cisco Long-Reach Ethern et (LRE) custom er premises equipment (CPE) devices are not supported b y certain Catalyst 2950 LRE switches. In Ta b l e 1-2 , Ye s means that the CPE is supported by the switch; No means that the CPE is[...]
-
Seite 33
1-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Features – Accomplishing multiple conf iguration tasks from a single windo w without needing to remember command-line interface (CLI) commands to accomplish specif ic tasks. – Interacti ve guide mode that guides you in co nfiguring complex fe[...]
-
Seite 34
1-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Features • Port blocking on forw arding unknown u nicast and multicast traf fic (av ailable only on the Catalyst LRE sw itches and on the Catalyst 2950G-12-EI, 295 0G-24-EI, 2950G-24-EI-D C, 2950G-48-EI, and 2955 switches) • Per- port broadc[...]
-
Seite 35
1-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Features • Default conf iguration storage in flash memory to ensure that the switch can be connected to a network an d can forward tr af fic with minimal user intervent ion • In-band management access through the em bedded de vice manager thr[...]
-
Seite 36
1-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Features VLAN Support • The switches support 250 po rt-based VLANs for assignin g users to VLANs associated with appropriate network r esources, traf fic patterns, an d bandwidth Note The Catalyst 2950-12, Catalyst 2950- 24, Cataly st 2950SX-2[...]
-
Seite 37
1-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Features • IEEE 802.1x with wake-on-LAN to allo w dormant PC s to be powered on based on the receipt of a specific Ethernet frame • IEEE 802.1x with restricted VLAN to provide limited services to users who are IEEE 802.1x compliant, but do no[...]
-
Seite 38
1-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Features Monitoring • Switch LEDs that sho w port and switch status • Switched Port Analy zer (SP AN) and Rem ote SP AN (RSP AN) fo r traf fic mo nitoring on an y port or VLAN Note RSP AN is av ailable only in the EI. • SP AN support of In[...]
-
Seite 39
1-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Management Option s • Support for conf iguring the interleav e delay feature • Support for DC-inp ut po wer and compliance with the V DSL 997 band plan on Cataly st 2950ST -24 LRE 997 switc hes • Upstream po wer back-off mechanis m for norm[...]
-
Seite 40
1-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Management Option s • SNMP—SNMP provides a means to monitor and control the switch an d switch cluster members. Y ou can manage switch conf iguration settings, perf or mance, and security and collect st atistics by using SNMP mana gement ap[...]
-
Seite 41
1-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Network Configuration Examples This section pro vides network config uration concepts and includes e x amples of using the switch to create dedicated net work se gments and interconnect in g the se gments through [...]
-
Seite 42
1-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Figure 1-1 sho w s conf iguration e x amples of using t he Catalyst switches to create these netw orks: • Cost-effecti ve wiring closet—A cost-effecti ve way to connect many users to th e wiring closet is to [...]
-
Seite 43
1-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples – GigaStack GBIC module for crea ting a 1-Gb ps stack config uration of up to nine su pported switches. The GigaStack GBIC support s one full-duple x link (in a point-to- point conf iguration) or up to nine half[...]
-
Seite 44
1-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Small to Medium-Sized Network Configuration Figure 1-2 sho w s a conf iguration for a netw ork that has up to 250 users. Users in this netw ork require e-mail, file-sharing, database, and Internet access. Y ou op[...]
-
Seite 45
1-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Servers are connected to the GBIC module ports on th e switches, allo wing 1-Gbps throug hput to users when needed. When th e switch and server ports are configured fo r full-duplex o peration, the links provide 2[...]
-
Seite 46
1-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Figur e 1 -3 Collapsed Bac kbone and Switc h Cluster Con figurati on Hotel Network Configuration Figure 1-4 sho ws Catalyst 2950ST -8 LRE and 2950ST -24 LRE switches in a ho tel network en vironment with approxim[...]
-
Seite 47
1-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Note All telephones not di rectly connecte d to the hotel room CPE de vice require microfilters with a 300- ohm termination. Microf ilters improve v o ice call quality when voice and data equi pment are using the [...]
-
Seite 48
1-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Figur e 1 -4 Netw or k Hotel Configur ation Service-Provider Central-Office Configuration Figure 1-5 sho ws the Catalyst 2950ST -24 LRE 997 switches in a service-prov ider central-off ice network en vironment. Th[...]
-
Seite 49
1-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Y ou c an use a PO TS splitter to connect the switc h es to the CPE de vices. The splitter routes data (high-frequency) to a Catalyst 295 0 LRE switch and voice (lo w-freque ncy) traf fic from the telephone line t[...]
-
Seite 50
1-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Figur e 1 -5 Service Pr ovider Cen tral Of fice Configur ation Large Campus Configuration Figure 1-6 sho ws a configu ration for a netw ork of more than 1000 users. Because it can aggregate up to 130 Gigabit conn[...]
-
Seite 51
1-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Figur e 1 -6 Larg e Campus Configuration Multidwelling Network Using Catalyst 2950 Switches A gro wing segment of resi dential and commerci al cu stomers are requiring hi gh- speed access to Ethernet metropolitan-[...]
-
Seite 52
1-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples All ports on the residential Cata lyst 2950 and 29 55 switches (and Catalyst LRE switches if they are included) are conf igured as 802.1Q trunks with p rotected port and STP r oot guard features enabled. The prot[...]
-
Seite 53
1-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Long-Distance, High-Bandwidth Transport Configuration Note T o use the feature described in this section, you must hav e the EI installed on your switch. Figure 1-8 sho ws a conf iguration for transporting 8 Gigab[...]
-
Seite 54
1-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Where to Go Next Where to Go Next Before conf iguring the switch, re view th ese sections for star t-up information: • Chapter 2, “Using t he Command-Line Interface” • Chapter 4, “ A ssigning the Swit ch IP Address and Default Gate wa[...]
-
Seite 55
CH A P T E R 2-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 2 Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) that you can use to configure your Catalyst 2950 and Catalyst 2955. It contains these sect ions: • Cisco IOS Command Modes, page 2-1 • Getting Help[...]
-
Seite 56
2-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Cisco IOS Command Modes Ta b l e 2-1 describes the main command modes, how to acce ss each one, the prompt you see in that mode, and ho w to exit th e mode. The examples in the tabl e use the host name Switc h . Ta b l e [...]
-
Seite 57
2-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 2 Using th e Co mmand-Line Interface Getting Help Getting Help Y o u can enter a question mark (?) at the system prompt to display a list of commands a vailabl e for each command mo de. Y o u can also obta in a list of asso ciated keyw ords and arg uments f[...]
-
Seite 58
2-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Abbreviating Command s Abbreviating Commands Y ou have to en ter only enough characters for the swit ch to recognize the co mmand as unique. This example sho ws how to enter the show conf iguration privileged EXEC command[...]
-
Seite 59
2-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 2 Using th e Co mmand-Line Interface Understanding CLI Messages Understanding CLI Messages Ta b l e 2-3 lists some error messages that you mi ght encounter while u sing the CLI to conf igure your switch. Using Command History The software pro vides a histor[...]
-
Seite 60
2-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Using Ed iting Features Recalling Commands T o recall commands from the history b uffer , perform one of the actions listed in Ta b l e 2-4 : Disabling the Command History Feature The command history feature is automatica[...]
-
Seite 61
2-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 2 Using th e Co mmand-Line Interface Using Editing Feature s T o globally disable enhanced editin g mode, en ter this command in line con figur ation mode: Switch(config-line)# no editing Editing Commands through Keystrokes Ta b l e 2-5 sho ws the ke ystrok[...]
-
Seite 62
2-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Using Ed iting Features Editing Command Lines that Wrap Y ou can use a wraparound feature for commands that extend b eyond a single line on the screen. When the cursor reaches the right margin, the command line shifts ten[...]
-
Seite 63
2-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 2 Using th e Co mmand-Line Interface Searching and Filtering Outpu t of show and more Commands Use line wrapping w ith the command history feat ur e to recall and modify pre vious complex comman d entries. For inf ormation about recalling pre vious command [...]
-
Seite 64
2-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Accessing the CLI[...]
-
Seite 65
CH A P T E R 3-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 3 Configuring Catalyst 2955 Switch Alarms This section descri bes ho w to conf igure the di f ferent alarms for the Cata lyst 2955 switch . Note The alarms described in this chapte r are not av aila ble on the Catalyst 2950 sw itch. For complete syntax[...]
-
Seite 66
3-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Understanding Ca talyst 2955 Switch Alarms Global Status Monitoring Alarms The Catalyst 2955 switch contains facilities for processing alarms related to temperat ure and power supply conditions. These are referred t[...]
-
Seite 67
3-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Understanding Catalyst 2955 Switch Alarms Port Status Monitoring Alarms The Catalyst 2955 switch can al so monitor the status of the Ethernet ports and generate alarm messages based on the alarms listed in Ta b l e[...]
-
Seite 68
3-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms • SNMP T raps SNMP is an applicat ion-layer protocol that pr ovides a message format for communication between managers and agents. The SNMP system consists of an SNMP manag[...]
-
Seite 69
3-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms Configuring the Power Supply Alarm This section describes ho w to conf igure the po wer supply alarm on your switch. It contains this configuration information: • Setting t[...]
-
Seite 70
3-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms T o disable sending the alarm to a relay , to syslog, or to an SNMP server , use the no alarm facility power -supply relay , no alarm facility power -supply notif ies , or no [...]
-
Seite 71
3-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms Associating the Temperatur e Alarms to a Relay By default, the pr imary temperature alarm is a ssociated to the major rela y . Y ou can use the alarm facility temperature com[...]
-
Seite 72
3-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms Setting the FCS Error Threshold The switch generates an FCS bit error rate alarm w h en the actual FCS bit erro r rate is close to the configured FCS bit error rate. Use the f[...]
-
Seite 73
3-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms Use the no alarm facility fcs-hyst eresis command to set the FCS error hysteresis threshold t o its default va lu e . Note The show running conf ig command displays any FCS e[...]
-
Seite 74
3-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms This example creates or modifies the alarm profile fastE for the fastEthernetPo rt with link-do wn ( alarmList ID 3) and an FCS error rate of 30 percent ( alarmList ID 4) ala[...]
-
Seite 75
3-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Displaying Catalyst 2955 Switch Alarms Status This example detaches an alarm profile named fastE from a port. Switch(config)# interface FastEthernet 0/2 Switch(config-if)# no alarm profile fastE Enabling SNMP Trap[...]
-
Seite 76
3-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Displaying Catalyst 2955 Switch Alarms Status[...]
-
Seite 77
CH A P T E R 4-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 4 Assigning the Switch IP Address and Default Gateway This chapter describes how to creat e the initial switch conf iguration (for example, assign the switch IP address and default ga te way informatio n) for the Catalyst 2950 or Catalyst 2 955 switch [...]
-
Seite 78
4-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information The boot loader provides access to the flash fi le syst em before the operating system is lo aded. Normally , the boot loader is used only to load, uncompress, and launch th[...]
-
Seite 79
4-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information CLI-based setup program also allo ws you to configur e your switch as a comman d or member switch of a cluster or as a standalone switch. For more info rmation about the Exp[...]
-
Seite 80
4-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Note The DHCP server feature i s only av ailable on Catalyst 2955 switches. During DHCP-based autoconf iguration, your switch (DHCP client) is a utomaticall y configured at [...]
-
Seite 81
4-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information In a DHCPREQUEST broadcast message, the client returns a for mal request for the of fered configuration information to the DHCP serv er . The formal request is broadcast so [...]
-
Seite 82
4-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information If you want the switch to recei ve IP address informat ion, yo u must configure the DHCP server with these lease options: • IP address of the client (required) • Subnet [...]
-
Seite 83
4-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Configuring the DNS The DHCP server uses the DNS server to resolve the TFTP serv e r name to an IP address. Y ou must configure the TFTP serv er name-t o-IP address map on t[...]
-
Seite 84
4-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Obtaining Configuration Files Depending on the a vailability o f the IP address a nd the conf iguration filename in the DHCP reserved lease, the switch obtains its confi gur[...]
-
Seite 85
4-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Example Configuration Figure 4-3 shows a sample network for retrieving IP info rmation by using DHCP-based autoconfiguration . Figur e 4-3 DHCP -Base d A utoconfiguration Ne[...]
-
Seite 86
4-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information switchb-confg switchc-confg switchd-confg prompt> cat network-confg ip host switch1 10.0.0.21 ip host switch2 10.0.0.22 ip host switch3 10.0.0.23 ip host switch4 10.0.0.[...]
-
Seite 87
4-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Note The configur ation f ile that is downloaded from TFTP is mer ged with the switch es exist ing config uration in the running conf iguration and is not sa ved in the NVR[...]
-
Seite 88
4-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Checking and Saving the Ru nning Configuration Note Y ou should only conf igure and ena ble the Layer 3 inte rface. Do not assign an IP address or DHCP-based autoconf iguration with a sa ved conf igura[...]
-
Seite 89
4-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Modifying the Startup Configuration T o store the conf iguration or changes you ha ve made to your startup conf iguration in flash memory , enter the copy running-config start up-confi g privile ged EX[...]
-
Seite 90
4-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Modifying the Star tup Configuration Specifying the Filename to Read and Write the System Configuration By default, the Cisco IO S software uses the f ile config .text to read and write a non volatile [...]
-
Seite 91
4-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Modifying the Startup Configuration T o disable manual booting, use the no boot manual global conf iguration command. Booting a Specific Software Image By default, th e switch attempts to automatically[...]
-
Seite 92
4-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Modifying the Star tup Configuration Controlling Environment Variables Y o u enter the boot loader mo de only through a switch console connection c onf igured for 9600 bp s. Unplug the switch po wer co[...]
-
Seite 93
4-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Scheduling a Re load of the Software Image Ta b l e 4-5 describes the function of th e most common en vironment v a riables. Scheduling a Reload of the Software Image Y o u can schedule a reload of the[...]
-
Seite 94
4-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Scheduling a Reload of the Software Image Note A scheduled reload must take pl ace within approxima tely 24 days. Configuring a Scheduled Reload T o config ure your switch to reload the softw are image[...]
-
Seite 95
4-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Scheduling a Re load of the Software Image Displaying Scheduled Reload Information T o display information abou t a pre viously scheduled reload or to d etermine if a reload has been scheduled on the s[...]
-
Seite 96
4-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Scheduling a Reload of the Software Image[...]
-
Seite 97
CH A P T E R 5-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 5 Configuring Cisco IOS CNS Agents This chapter describes ho w to config ure the Cisco IOS CNS agents on the Cat alyst 2950 or Catalyst 295 5 switch.T o use the feature described in this chapter , you must ha ve the en hanced software image (EI) instal[...]
-
Seite 98
5-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Understanding Cisc o Configuration Engine Software Figur e 5-1 Configuration En gine Arc hitect ural Overview These sections contain this conceptual information: • Config uration Service, page 5-2 • Event Service, pag[...]
-
Seite 99
5-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Understanding Cisco Co nfiguration Engine Softw are The Configuration Service uses the CNS Event Service to send and recei ve conf iguration change e vents and to send success and fail ure notificatio ns. The configuration[...]
-
Seite 100
5-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Understanding Cisc o Configuration Engine Software W ithin the scope o f a single ins tance of the conf igur ation serv er , no two conf ig ured switches can share the same v alue for Conf igID. W ithin the scope of a si [...]
-
Seite 101
5-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Understanding Cisco IOS Age nts Using Hostname, DeviceID, and ConfigID In standalone mode, when a hostname value is se t for a switch, the conf iguration server uses the hostname as the DeviceID when an e vent is sent on h[...]
-
Seite 102
5-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Understanding Cisco IOS Agents Figur e 5-2 Initial Config uration Overview Incremental (Partial) Configuration After the networ k is running, ne w services can be added by using the Cisco IOS agent. Incremental (partial) [...]
-
Seite 103
5-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents Configuring Cisco IOS Agents The Cisco IOS agents embedded in the switch Cisco IOS software allo w the switch to be connected and automatically configured as described in the “Enabling Automa[...]
-
Seite 104
5-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Configuring Cisco IOS Agents Enabling the CNS Event Agent Note Y ou must enable the CNS e vent ag ent on the switch before you en able the CNS configuration agent. Beginni ng in pri vileged EXEC mod e, follo w these steps[...]
-
Seite 105
5-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents Enabling the Cisco IOS CNS Agent After enabling the CNS ev ent agent, start the Cisco IOS CNS agent on the switch. Y ou can enable the Cisco IOS agent with these commands: • The cns config in[...]
-
Seite 106
5-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Configuring Cisco IOS Agents Step 7 cns id inte rface num { dns-re verse | ipaddress | mac-addr ess } [ eve nt ] or cns id { hardwar e-serial | hostname | string string } [ event ] Set the unique Ev entID or ConfigID use[...]
-
Seite 107
5-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents T o disable the CNS Cisco IOS age nt, use the no cns conf ig initial { ip-address | hostname } global confi guration command. This ex ample sho ws how to conf igure an initial conf iguration o[...]
-
Seite 108
5-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Displaying CNS Configuration Displaying CNS Configuration Y ou can use the pri vileged EXEC co mmands in Ta b l e 5-2 to display CNS conf iguration in formation. Ta b l e 5-2 Displaying CNS Configur ation Command Purpose[...]
-
Seite 109
CH A P T E R 6-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 6 Clustering Switches This chapter provides the concepts and pr oce dures to create and manage Catalyst 2950 and 2955 switch clusters. Y ou c an create and manage switch clusters by usi ng Cisco N etwork Ass istant (her eafter kno wn as Network Assista[...]
-
Seite 110
6-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Understanding Switch Clusters In a switch cluster , 1 switch must be the cluster command swi tch an d up to 15 other switches can be cluster member sw itches . The total number of switches in a cluster cannot exceed 16 switch es. The [...]
-
Seite 111
6-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Understanding Sw itch Clusters • It has an IP address. • It has Cisco Disco very Protocol (CDP ) version 2 enab led (the default). • It is not a command or cluster member swit ch of another cluster . • A Catalyst 2955 command s[...]
-
Seite 112
6-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter Note Non-LRE Catalyst 2950 command swit ches running Ci sco IOS Release 12.1(9)EA1 or later can connect to standb y command switches in the management VLAN. • It is redundantly connected t o the cluster so[...]
-
Seite 113
6-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster • IP Addresses, page 6-12 • Hostnames, page 6-12 • Passwords, pag e 6-12 • SNMP Community Strings, page 6- 13 • T A CA CS+ and RADIUS, pa ge 6-13 • LRE Prof iles, page 6-13 • Catalyst 19 00 and [...]
-
Seite 114
6-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter Figur e 6-1 Discovery Through CDP Hops Discovery Through Non-CDP-Capable and Noncluster-Capable Devices If a cluster command switch is connected to a non-CDP-capab le thir d-party hub (such as a non-Cisco hu[...]
-
Seite 115
6-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster Discovery Through Different VLANs If the cluster command switch is a Catalyst 2940, Catalyst 2950, Catal yst 2955, or Catalyst 3550 switch, the cluster can hav e cluster me mber switches in di fferent VLANs. [...]
-
Seite 116
6-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter • Switch 9 because automatic d iscovery does not exte nd bey ond a noncandidate de vice, which is switch 7 Figur e 6-4 Discovery Through Dif f erent Management VLANs with a Lay er 3 Clust er Command Swi tc[...]
-
Seite 117
6-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster Figur e 6-5 Discov ery of Newly Installed Switc hes HSRP and Standby Cluster Command Switches The switch uses Hot Standb y Router Protocol (HSRP) so that you can conf igure a group of standb y cluster command[...]
-
Seite 118
6-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter • Other Considerations for Cl uster Standby G roups, page 6-10 • Automatic Reco very of Clu ster Config uration, page 6-11 Virtual IP Addresses Y ou need to assign a unique virtual IP ad dress and group[...]
-
Seite 119
6-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster Figur e 6-6 VLAN Connectivity between Standby -Group Members and Clust er Members Automatic Recovery of Cluster Configuration The activ e cluster command switch continually forw ards cluster-conf iguration i[...]
-
Seite 120
6-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter IP Addresses Y ou must assign IP information to a cluster command switch. Y ou can a ssign more than one IP address to the cluster command swit ch, and you can access the cluster th rough any of th e comman[...]
-
Seite 121
6-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster For password considerations specific to the Catalyst 1900 and Catalyst 2820 switches, refer to the installation and con figur ation guides for tho se switches. SNMP Community Strings A cluster member switch [...]
-
Seite 122
6-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Using SNMP to Man age Switch Clusters The T elnet session a ccesses the member-switch CLI at the same privile g e le vel as on the command switch. The CLI commands then operate as u sual.For instru ctions on conf iguring the switch f[...]
-
Seite 123
6-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Using SNMP to Mana ge Switch Clusters If a member switch has its o wn IP ad dress and community strin gs, they can be used in addition to the access provided by the command switch. For more in formation about SNMP and community string[...]
-
Seite 124
6-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Using SNMP to Man age Switch Clusters[...]
-
Seite 125
CH A P T E R 7-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 7 Administering the Switch This chapter describes ho w to perform one-t ime operations t o administer your Cat alyst 2950 or Catalyst 2955. This chapter consists of these sections: • Managing the System T ime and Date, page 7-1 • Config uring a Sys[...]
-
Seite 126
7-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date The system clock can provide time to these services: • User show commands • Logging and deb ugging messages The system clock keep s track of time internally based on Uni versal T ime Coordina[...]
-
Seite 127
7-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date Figur e 7 -1 T ypical NTP Netw ork Con figuration If the network is isolated from the Internet, Cisco’ s implementation of NTP allo ws a device to act as though it is synchro nized through NTP ,[...]
-
Seite 128
7-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date • Config uring NTP Broadcast Ser vice, page 7-6 • Config uring NTP Access Restrictions, page 7-8 • Config uring the Source IP Add ress for NTP Pack ets, page 7-10 • Displaying the NTP Con[...]
-
Seite 129
7-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date T o disable NTP authentica tion, use the no ntp authenticate global conf iguration co mmand. T o remove an authentication key , u se th e no ntp authentication-key number global conf iguration com[...]
-
Seite 130
7-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date Beginni ng in pri vileged EXEC mode, follo w these steps to form an NTP association with another de vice: Y ou need to configu re only one end of an association; the oth er de vice can automatica[...]
-
Seite 131
7-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date The switch can send or receiv e NTP broadcast packets on an interface-by -interfa ce basis if there is an NTP broadcast server , such as a router, broadcasting time i nformation on the netw ork. T[...]
-
Seite 132
7-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date T o disable an interface from rece i v ing NTP broadcast packets, use the no ntp br oadcast client interface confi guration command. T o change the estimated roun d-trip delay to the d efault, us[...]
-
Seite 133
7-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date The access group keyw ords are scanned in this orde r, from least restricti ve to most restr ictiv e: 1. peer —Allows time req uests and NTP control queries and allo ws the switch to synchronize[...]
-
Seite 134
7-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date T o re-enable receipt of NTP pack ets on an interface, use the no ntp disable interf ace configuration command. Configuring the Source IP Address for NTP Packets When the switch sends an NTP pac[...]
-
Seite 135
7-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date Configuring Time and Date Manually If no other source of time is av ai lable, you can manu ally conf igure the time and date after the system is restarted. The time remains accurate until the nex[...]
-
Seite 136
7-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date • .—T ime is authoritativ e, bu t NTP is not synchronized. Configuring the Time Zone Beginning in priv ileged EXEC mode, foll ow these steps to manually config ure the time zone: The minutes[...]
-
Seite 137
7-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date The first part of the clock summer -time global conf iguration command specifi es when summer time begins, and the second part specif ies when it ends. All times are relativ e to the local t ime [...]
-
Seite 138
7-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Configuring a System Nam e and Prompt The first part of the clock summer -time global conf iguration command specifi es when summer time begins, and t he second part specif ies when it ends. All times are relati ve to the local [...]
-
Seite 139
7-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Configuring a System Name and Prompt • Config uring a System Name, page 7-15 • Understanding DNS, page 7- 15 Default System Name and Prompt Configuration The default switch system name and prom pt is Switch . Configuring a Sy[...]
-
Seite 140
7-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Configuring a System Nam e and Prompt Default DNS Configuration Ta b l e 7-2 show s the default DNS co nfigu ration. Setting Up DNS Beginning in pri vileged EXEC mod e, follo w th ese steps to set up your switch to use the DNS: [...]
-
Seite 141
7-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Creating a Banner If you use the switch IP address as its hostname, th e IP address is used and no DNS query occurs. If you confi gure a hostname that contains no periods (.), a period follo wed by the def ault domain name is app[...]
-
Seite 142
7-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Creating a Banner T o delete the MO TD banner , use the no banner motd global conf iguration command. This examp le shows ho w to confi gure a MO TD banner for the swi tch by using t he pound sign (#) symbol as the begi nning an[...]
-
Seite 143
7-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the MAC Address Table T o delete the login banner , use the no banner login global conf iguration command. This example sho ws how to conf igure a login banner for the switch b y using the dollar sign ($) symbol as the b[...]
-
Seite 144
7-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the MAC Address Table • Adding and Remo ving Static Address Entries, page 7-23 • Config uring Unicast MA C Address Filtering, page 7-2 4 • .Displaying Address T able Entries, page 7- 25 Building the Address Table [...]
-
Seite 145
7-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the MAC Address Table Changing the Address Aging Time Dynamic addresses are source MAC addresses that the sw itch learns and then ages when they are not in use. The aging time parameter def i nes ho w long the switch ret[...]
-
Seite 146
7-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the MAC Address Table Beginning in priv ileged EXEC mode, foll ow th ese steps to conf igure the switch to send MA C address notif ication traps to an NMS host: Command Purpose Step 1 configure terminal Enter global con[...]
-
Seite 147
7-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the MAC Address Table T o disable the switch from sending MA C address notif ication traps, use the no snmp-serv er enable traps mac-notif ication global conf iguration command. T o disa ble the MA C address notification[...]
-
Seite 148
7-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the MAC Address Table Beginning in pri vileged EXEC mod e, follow these steps to add a static address: T o remove static entries from the address table, use the no mac address-tab le static mac-addr vlan vlan-id [ inter[...]
-
Seite 149
7-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the MAC Address Table • If you add a unicast MA C address as a static address an d configure unicast MA C address filtering, the switch either ad ds the MA C address as a static address or drops packets with that MA C [...]
-
Seite 150
7-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the ARP Table Managing the ARP Table T o communicate with a de vice (ov er Ethernet, for ex ample), the softw are first must determi ne the 48-bit MA C or the local data link address of that de vice. Th e process of det[...]
-
Seite 151
CH A P T E R 8-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 8 Configuring Switch-Based Authentication This chapter describe s ho w to configure switch-based authentica tio n on the Catalyst 2950 or Catalyst 2955. This chapter consists of these sections: • Pre venting Unauthorized A ccess to Y our Switch, page[...]
-
Seite 152
8-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Protecting Acce ss to Privileged EXEC Comma nds Protecting Access to Privileged EXEC Commands A simple wa y of provid ing terminal access control in yo ur network is t o use passwords and assign privile g e le vel[...]
-
Seite 153
8-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Protecting Ac cess to Privileged EXE C Commands Setting or Changing a Static Enable Password The enable password controls acces s to the pri vileged EX EC mode. Begin ning in pri vileged EXEC mode, follo w these st[...]
-
Seite 154
8-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Protecting Acce ss to Privileged EXEC Comma nds Protecting Enable and Enable Secret Passwords with Encryption T o provide an additional layer of security , particularly for passwords th at cross the netw ork or th[...]
-
Seite 155
8-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Protecting Ac cess to Privileged EXE C Commands Use the level keyw ord to def ine a password for a specif ic pri vilege le vel. After you specify the le vel and set a password, gi ve the password only to users who [...]
-
Seite 156
8-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Protecting Acce ss to Privileged EXEC Comma nds Beginning in priv ileged EXEC mode, foll ow th ese steps to disable password r ecov ery: T o re-enable password recov ery , use the service password-recovery global [...]
-
Seite 157
8-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Protecting Ac cess to Privileged EXE C Commands T o remove the passw ord, use the no password global conf iguration command . This example sho ws how to set the T elnet password to let45me67in89 : Switch(config)# l[...]
-
Seite 158
8-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Protecting Acce ss to Privileged EXEC Comma nds T o disable userna me authenticatio n for a specific user , use the no username name global configuration command. T o disable password checkin g and allo w connecti[...]
-
Seite 159
8-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Protecting Ac cess to Privileged EXE C Commands When you set a command to a privilege le vel, all commands whose syntax is a subset of that command are also set to that le vel. For e xample, if you set the show ip [...]
-
Seite 160
8-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with TACACS+ Logging into and Exiting a Privilege Level Beginni ng in pri vileged EXEC mode, follo w these steps to log in to a s pec if ie d pri vil eg e le v el and t o ex it to a spec[...]
-
Seite 161
8-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Swit ch Access w ith TACACS+ Figur e 8-1 T ypical T ACACS+ Netw ork Configur ation T A CA CS+, administered through the AAA secu ri ty services, can provide these services: • Authentication—Pro vid[...]
-
Seite 162
8-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with TACACS+ TACACS+ Operation When a user attempts a simple ASCII log in by authenticati ng to a switch by using T ACA CS+, this process occurs: 1. When the connection is established, t[...]
-
Seite 163
8-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Swit ch Access w ith TACACS+ • Config uring T A CA CS+ Authorization for Pri vileged EXEC A ccess and Network Services, page 8-16 • Starting T A CA CS+ Accounting, page 8- 16 Default TACACS+ Config[...]
-
Seite 164
8-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with TACACS+ T o remove the specified T ACA CS+ server name or address, use the no tacacs -server host hostname global conf iguration command. T o remov e a server gr oup from the conf i[...]
-
Seite 165
8-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Swit ch Access w ith TACACS+ T o disable AAA, use the no aaa new-model global conf iguration command. T o disable AAA authenticati on, use the no aaa authentication logi n { default | list-name } metho[...]
-
Seite 166
8-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with TACACS+ Configuring TACACS+ Authorization for Pr ivileged EXEC Access and Network Services AAA authorization limit s the servi ces a vailable to a user. When AA A authorizati on is [...]
-
Seite 167
8-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS Beginning in priv ileged EXEC mode, follow these steps to enable T A CACS+ accoun ting for each pri vilege le vel and for net work services: T o disable accounting, use t he n[...]
-
Seite 168
8-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS The RADIUS host is normally a mu ltiuser system running RADIUS server software from Cisco (Cisco Secure Access Control Server v ersion 3.0), Liv ingston, Merit, Microsof t, o[...]
-
Seite 169
8-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS Figur e 8-2 T ransitioni ng fr om R ADIUS t o T ACA CS+ Services RADIUS Operation When a user attempts to log in and auth enticate to a switch that is access controlled by a R[...]
-
Seite 170
8-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS A method list def ines the sequence and methods to be used to authenticate, to au thorize, or to keep accounts on a user. Y ou can use method lists to designate on e or more [...]
-
Seite 171
8-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS If two dif ferent host entries on the sam e RADIUS server are conf igured for the same service—for example, accounting— the second host e ntry configured acts as a f ail-o[...]
-
Seite 172
8-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS Beginning in priv ileged EXEC mode, foll ow these steps to conf igure per-serv er RADIUS server communication. This procedure is req uired. T o remove the specified RADIUS se[...]
-
Seite 173
8-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS This exampl e sho ws how to conf igure host1 as the RADIUS server an d to use the defaul t ports for both authentication an d accounting: Switch(config)# radius-server host ho[...]
-
Seite 174
8-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS Step 3 aaa authentication login { default | list-name } method1 [ method2... ] Create a login authen tication method list. • T o create a default list that is used when a n[...]
-
Seite 175
8-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o disable AAA, use the no aaa new-model global conf iguration command. T o disable AAA authenticati on, use the no aaa authentication logi n { default | list-name } method1 [...]
-
Seite 176
8-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS Beginning in pri vileged EXEC mode, fol lo w these st eps to define the AAA serv er group and associate a particular RADIUS server with it: Command Purpose Step 1 configur e [...]
-
Seite 177
8-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o remove the specified RADIUS server , use the no radius-server host hostname | ip-addr ess global confi guration command. T o remov e a server group from t he configurati o[...]
-
Seite 178
8-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS T o disable authorization, use the no aaa authorization { network | exec } method1 global configuration command. Starting RADIUS Accounting The AAA accounting feature tracks [...]
-
Seite 179
8-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o return to the default setting f or the retransmit, timeout, and deadtime, use the no forms of these commands. Configuring the Switch to Use V endor-Specific RADI US Attrib[...]
-
Seite 180
8-30 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS This example sho ws how to specify an author ized VLAN in the RADIUS serv er database: cisco-avpair= ”tunnel-type(#64)=VLAN(13)” cisco-avpair= ”tunnel-medium-type(#65)=[...]
-
Seite 181
8-31 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o delete the vendor -proprietary RADIUS host, use the no radius-server host { hostname | ip-addr ess } non-standard global conf iguration command. T o disable the key , use [...]
-
Seite 182
8-32 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Configuring the Switch for Lo cal Authentication and Authorizatio n Configuring the Switch for Local Authentication and Authorization Y ou c an configure AAA to operate wi thout a server b y setting the switch to[...]
-
Seite 183
8-33 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Configuring th e Switch for Se cure Shell Configuring the Switch for Secure Shell This section describes how to configure the Secure Sh ell (SSH) feature. SSH is a cryptographic security feature that is subject to[...]
-
Seite 184
8-34 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Configuring the Switch for Secure Shell • T A CACS+ (for more information, see the “Control ling Switch Access with T ACA CS+” section on page 8-10 ) • RADIUS (for more information, see the “Controlling[...]
-
Seite 185
8-35 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Configuring th e Switch for Se cure Shell Cryptographic Software Image Guidelines These guidelines apply on ly to non-LR E Catalyst 2950 an d 2940 switches: The SSH feature uses a large amount of switch me mory , [...]
-
Seite 186
8-36 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Configuring the Switch for Secure Shell T o delete the RSA ke y pair , use the crypto key zeroize rsa global conf iguration command. After the RSA key pair is deleted, the SSH server is aut omatically disabled. C[...]
-
Seite 187
8-37 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Configuring th e Switch for Se cure Shell Displaying the SSH Configuration and Status T o display the SSH server conf iguration and status, use one or more of the pri vileged EXEC commands in Ta b l e 8-2 : For mo[...]
-
Seite 188
8-38 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Configuring the Switch for Secure Shell[...]
-
Seite 189
CH A P T E R 9-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 9 Configuring IEEE 802.1x Port-Based Authentication This chapter describes ho w to configure IEEE 802.1x port-based authen tication on the Catalyst 2950 or Catalyst 2955 switch. IEEE 802.1x authentication prev ents unauthorized de vices (c lients) from[...]
-
Seite 190
9-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication • Using IEEE 802.1x Auth entication with VLAN A ssignment, page 9-7 • Using IEEE 802.1x Auth entication with Guest VLAN, page 9-8 • Using IEEE 802[...]
-
Seite 191
9-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication information wit h the authentication serv er , and rela ying a response to the client. The switch includes the RADIUS client, which is responsib le for [...]
-
Seite 192
9-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication Figur e 9-2 Messag e Exc hang e Ports in Authorized and Unauthorized States During IEEE 802.1x authentication, depending on the switch port state, the s[...]
-
Seite 193
9-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication • auto —enables IEEE 802.1x authenti cation and causes the port t o begin in t he unauthorized state, allowing only EAPOL frames to be sent and rece[...]
-
Seite 194
9-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication IEEE 802.1x Accounting The IEEE 802.1x standard defines ho w users are au thorized and authenticated for network access but does not keep track of netwo[...]
-
Seite 195
9-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication For mo re i nf or m at io n ab ou t A V pa i rs , s e e R F C 3 58 0 , “IEEE 802.1X Remote Authen tication Dial In User Service (RADIUS) Usage Guideli[...]
-
Seite 196
9-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication • Enable IEEE 802.1x authen tication (the VLAN assignment feature is automatically enabled when you conf igure IEEE 802.1x authenti cation on an acces[...]
-
Seite 197
9-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication Using IEEE 802.1x Authentication with Restricted VLAN Y ou can configure a restricted VLAN for each IEEE 802.1x port on a sw itch to pro vide limited se[...]
-
Seite 198
9-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication Using IEEE 802.1x Authentication with Voice VLAN Ports A voice VLAN port is a special access por t associated with two VLAN identifi ers: • VVID to c[...]
-
Seite 199
9-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication • When an IEEE 802.1x client logs off, the port changes to an unauthenticated state, and all dynamic entries in the secure host table ar e cleared, i[...]
-
Seite 200
9-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication • Set the action to be tak en when the switch tries to re-authenticate the cli ent by using the T ermination-Action RADIUS attribut e (Attribut e[29]). If the v al[...]
-
Seite 201
9-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication IEEE 802.1x Authentication Configuration Guidelines These section has configuration guidelines for these features: • IEEE 802.1x Authentication, page 9-14 • VLAN[...]
-
Seite 202
9-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication IEEE 802.1x Authentication These are the IEEE 802.1x authenti cation configuration guidelines: • When IEEE 802.1x authen tication is enabled, ports are auth entica[...]
-
Seite 203
9-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication client times out and tr ies to get a host IP address from the DHCP serv er . Decrease the settings for the IEEE 802.1x authentication process ( dot1x timeout quiet-p[...]
-
Seite 204
9-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Step 6 The switch sends an interim accountin g update to the ac counting server that is based on the result o f re-authentication. Step 7 The user disconnects from t[...]
-
Seite 205
9-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication T o disable AAA, use the no aaa new-model global configuration command. T o disable IEEE 802.1x AAA authentication, use the no aaa authentication dot1x { default | l[...]
-
Seite 206
9-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication T o delete the specified RADIUS server , use the no radius-server host { hostname | ip -addr ess } global confi guration command. This example sho ws how to specify [...]
-
Seite 207
9-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Enabling Periodic Re-Authentication Y ou can enable periodic IEEE 802.1x client re-authe ntication and specify how often it occurs. If you do not specify a time peri[...]
-
Seite 208
9-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Changing the Quiet Period When the switch cannot auth enticate the client, the switch remains idle for a set period of time, and then tries again. The id le time is [...]
-
Seite 209
9-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication T o return to the default retransmission time, use the no dot1x timeout tx-period interface conf iguration command. This exampl e show s how to set 60 as the number [...]
-
Seite 210
9-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Configuring IEEE 802.1x Accounting Enabling AAA system accounting with IEEE 802.1x accounting allo ws system reload e vents to be sent to the accounting RADI US serv[...]
-
Seite 211
9-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Configuring a Guest VLAN When you configure a guest VLAN, clients that are not IEEE 802.1x- capable are put into the guest VLAN when the server does not recei ve a r[...]
-
Seite 212
9-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Y ou can enable optional guest VLAN beha vior by using the dot1x guest-vlan suppli cant global configuration command. When enabled, the switch do es not maintain the[...]
-
Seite 213
9-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Beginni ng in pri vileged EXEC mode, foll ow t hese steps to conf igure a restricted VLAN. This procedure is optio nal. T o disable and remo ve the restrict ed VLAN,[...]
-
Seite 214
9-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication T o return to the default v alue, use the no dot1x auth-fail max-attempts interface conf iguration command. This example sho ws how to set 2 as the number of au then[...]
-
Seite 215
9-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Configuring NAC Layer 2 IEEE 802.1x Validation In Cisco IOS Release 12.1 (22)EA6 or later , you can configure N A C Layer 2 IEEE 802.1x validation, which is also ref[...]
-
Seite 216
9-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Displaying IEEE 802.1x Statistics and Status Resetting the IEEE 802.1x Configuration to the Default Values Beginning in pri vileged EXEC mode, follow these steps to reset the IEEE 802.1x configuration to [...]
-
Seite 217
CH A P T E R 10-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 10 Configuring Interface Characteristics This chapter describes the ty pes of interfaces on a Catalyst 29 50 or Catalyst 2955and ho w to conf igure them. The chapter has these sections: • Understanding Interf ace T ypes, page 10-1 • Using the Inte[...]
-
Seite 218
10-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Understanding Interface Types These sections describes these types of interfaces: • Access Ports, page 10-2 • T runk Ports, page 10-2 • Port-Based VLANs, page 10-3 • EtherChannel Port Groups, page 10 -3 •[...]
-
Seite 219
10-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Understanding Interface Types A trunk port can onl y become a member of a VLAN if VTP kno ws of the VLAN and the VLAN is in the enabled state. If VTP learns of a new , enabled VL AN and the VLAN is in the allo wed [...]
-
Seite 220
10-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Using the Interface Command When you conf igure an EtherChannel, you create a port -channel logical in terfa ce and assign an interface to the EtherChannel. For Layer 2 interfaces, the logi cal interface is dynamic[...]
-
Seite 221
10-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Using the Inte rface Command Y ou can identify physical interfaces b y physically checking the interf ace location on the switch. Y ou can also use the Cisco IOS show pri vileged EXEC co mmands to display informati[...]
-
Seite 222
10-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Using the Interface Command Beg i nn in g i n pr ivi leg e d E XE C mo de , f o ll ow t he se st e ps to conf igure a range of interfaces with the same parameters: When using the interface range global conf igurati[...]
-
Seite 223
10-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Using the Inte rface Command This example sho ws how to use a comma to add dif feren t interface type strings to t he range to enable all Fast Ethernet interfaces in t he range 0/1 to 0/3 and Gig abit Ethernet inte[...]
-
Seite 224
10-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Configuring Ethernet Inte rfaces – port-channel port-chann el-number - port-c hannel-number , where port-c hannel-nu mber is from 1 to 6. • Y o u must add a space between the interface numbers and the hyphen wh[...]
-
Seite 225
10-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Configuring Ethernet Interfaces • Config uring Media T ypes for Gigabit Ethe rnet I nterfaces on LRE Switches, page 10-13 • Configuring I EEE 802.3x Flow Control on IEEE 802.3z Gi gabit Ethernet Ports, page 10 [...]
-
Seite 226
10-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Configuring Ethernet Inte rfaces Configuring Interface Speed and Duplex Mode The 10/100 Ethernet int erfaces on a non-LRE switch operate in 10 or 100 Mbps and in ei ther full- or half-duple x mode. The 10/100/1000[...]
-
Seite 227
10-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Configuring Ethernet Interfaces • When connecting an interface to a 100B ASE-T device that does not autonegotiate, set the speed to a nonautonegot iation v alue (for example, none gotiate), and set the duple x m[...]
-
Seite 228
10-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Configuring Ethernet Inte rfaces Setting the Interface Speed and Duplex Parameters on a Non-LRE Switch Port Be gi nn in g i n pr ivi le ge d E X EC mo de , fo ll ow t he s e s te p s t o set the speed and duplex m[...]
-
Seite 229
10-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Configuring Ethernet Interfaces Use the no local speed and no local duplex interface conf iguration commands to return the interf ace to the default speed and duplex setti ngs. T o return all interface set tings t[...]
-
Seite 230
10-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Configuring Ethernet Inte rfaces • rec ei ve on (or desired ) and send off : The port cannot send pause fra mes b ut can operate with an attached device that is required to or can send pause frames; the port can[...]
-
Seite 231
10-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Monitoring and Ma intaining the Interfaces Use the no description interface co nfigu ration command to delete the descriptio n. This exampl e show s how to add a description on a port and to verify the description[...]
-
Seite 232
10-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Monitoring an d Ma intaining the Interfaces Monitoring Interface and Controller Status Commands entered at the pri vileged EXEC prompt di splay info rmation about the interf ace, including the version of th e soft[...]
-
Seite 233
10-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Monitoring and Ma intaining the Interfaces T o clear the interface counters shown by the show interfaces privile ged EXEC command, use the clear counters pri vileged EXEC command. Th e clear counters command clear[...]
-
Seite 234
10-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Monitoring an d Ma intaining the Interfaces When the shutdown interf ace conf iguration command i s entered on an LRE interface, t he LRE link is shut do wn. T o shut down the 10/100 Ethernet ports on CPE de vice,[...]
-
Seite 235
CH A P T E R 11-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 11 Configuring Smartports Macros This chapter describes ho w to configure an d apply Smartports macros on t he Catalyst 2950 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see the command reference for[...]
-
Seite 236
11-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 11 Configur ing Smartport s Macros Configuring Smartports Macros Cisco also provides a collection of pretested, Ci sco-recommended baseline conf iguration templates for Catalyst switches. Th e online reference guide templates pr ovide t he CLI commands tha[...]
-
Seite 237
11-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 11 Configuring Smartports Macros Configuring Smartports Macros Smartports Macro Configuration Guidelines Follo w these guidelines when conf iguring macros on your switch: • When creating a macro, do not use the exit or end commands or change the command [...]
-
Seite 238
11-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 11 Configur ing Smartport s Macros Configuring Smartports Macros Creating Smartports Macros Beginning in priv ileged EXEC mode, foll ow these steps to create a Smartports macro: The no form of the macr o name global con figur ation command only deletes the[...]
-
Seite 239
11-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 11 Configuring Smartports Macros Configuring Smartports Macros Applying Smartports Macros Beginning in priv ileged EXEC mode, follow these steps to apply a Smartports macro: Y ou can delete a global macr o-applied conf iguration on a swi tch only b y enter[...]
-
Seite 240
11-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 11 Configur ing Smartport s Macros Configuring Smartports Macros This e xample sho ws how to ap ply the user -created macro cal led snmp , to set the host name address to test-server and t o set the IP precedence v alue to 7 : Switch(config)# macro global [...]
-
Seite 241
11-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 11 Configuring Smartports Macros Configuring Smartports Macros Y ou can delete a global macr o-applied conf iguration on a swi tch only b y entering the no version of each command that is in th e macro. Y ou can delete a macr o-applied configurat ion on an[...]
-
Seite 242
11-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 11 Configur ing Smartport s Macros Displaying Smartports Ma cros Displaying Smartports Macros T o display the Smartports macros, use one or more of the privileged EXEC commands in Ta b l e 11-2 . Ta b l e 11 - 2 C o m m a n d s f o r D i s p l a ying Smart[...]
-
Seite 243
CH A P T E R 12-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 12 Configuring LRE This chapter describe s ho w to configure the Lo ng-Reach Ethernet (LRE) features on your Catalyst 29 50 LRE switch. This chapter consists of these section s: • Understanding LR E Features, page 12-1 • Config uring LRE Ports, pa[...]
-
Seite 244
12-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Understanding LRE Features • LRE link—This is the co nnection between the switch LRE port and the RJ-11 w all port on an LRE CPE de vice such as the Cisco 575 LRE CPE or the Cisc o 585 LRE CPE. This connection can be through categor[...]
-
Seite 245
12-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Understanding LRE Features Note Use the rates and distances in Ta b l e 12-1 and Ta b l e 12-2 only as guidelines. Fact ors such as the type of cable that you use, ho w it is bundled, an d the inte rference and noise on the LR E link can[...]
-
Seite 246
12-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Understanding LRE Features Y o ur data rates will always be less than th e gross data rate listed in tables. A small percentage of the link rate is used b y the Catalyst 2950 LRE swi tch for supervisory func tions with the CPE de vice c[...]
-
Seite 247
12-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Understanding LRE Features LRE Sequences The LRE switches are shipped with predefined sequences. Sequences are sets of profiles and are used with the rate selection feature. Th e rate selection feature enables th e switch to automat ical[...]
-
Seite 248
12-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Understanding LRE Features Beginni ng with the f irst prof ile in a sequence, t he switch attempts to app ly each prof ile within that sequence to the LRE interf ace. The switch co nt inues these attempts until it con verg es ( con ver [...]
-
Seite 249
12-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Understanding LRE Features CPE toggle cannot be disabled on a Ci sco 575 LRE or Cisco 57 6 LRE 997 CPE link b ut can be disabled on a Cisco 585 LRE CPE. For more information, see the “Conf iguring CPE T oggle” section on page 12-21 .[...]
-
Seite 250
12-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports • Event—The switch logs only LRE e vents. • Extended— The switch logs LRE e ven ts and all the LRE paramet ers. • Normal—The switch logs LRE e vents and the typical LRE parameters. Y o u can use the log[...]
-
Seite 251
12-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports • Rate selectio n is enabled on al l interfaces, but a se quence with which to start rat e selection is not defined. • LRE link persi stence is enabled . The default is 3 second s. • LRE link mo nitoring is en[...]
-
Seite 252
12-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports – Older installations o ver 30 years old often use hea vy gauge wire (2 2 or 20 A WG) with no signif icant twist. In man y cases, the cabling is set into the f abric of the building. The cables might be tightly [...]
-
Seite 253
12-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports Guidelines for Configuring Cisco 575 LRE CPEs and 576 LRE 997 CPEs Y ou can configure the CPE Ethernet port to oper ate at 10 or 100 Mbps and at half- or full-dupl ex mode, depending on the capabi lity of the remot[...]
-
Seite 254
12-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports The loopback interf ace conf iguration command is not supported on the LRE ports. Ext ernal loopback on the LRE ports is also not sup ported. Connecting a CPE Ethern et port to anoth er Ethernet port on the same C[...]
-
Seite 255
12-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports T o delete the prof ile from a sequence, use the no prof ile pr of ile-name interface conf iguration command. T o display the LRE link st atistics and pr of ile information on the LRE ports, use the show controller[...]
-
Seite 256
12-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports T o remove a sequence from a port, use the no sequence sequence- name interface conf iguration command. T o display the LRE link statistics and se quence information on the LRE ports, use the show controllers lre [...]
-
Seite 257
12-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports Precedence The rate selection feature can be applied at bot h th e port le vel and at the swi tch lev el. Profiles and sequences hav e a system-defined prio rity lev el that work with rate selection to determine th[...]
-
Seite 258
12-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports Link Qualification and SNR Margins When rate selection is running, the SNR is u sed as an indicator of lin k qualit y . The switch does not provid e any internal mech anism to ensure link quali ty . There can be d[...]
-
Seite 259
12-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports Ta b l e 12-7 SNR Requirements f or Upstr eam Rates for the Catalyst 2950S T -8 LRE and the Catalyst 2950ST -24 LRE Swi tch es Profile Gross Data Rate QAM Theoretical Minimum SNR Low Noise SNR Medium Noise SNR High[...]
-
Seite 260
12-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports The margin ran ge for link qualif ication is from 1 to 10 dB. The recommended valu e in a lo w-noise en vironment is 2 dB. The recommended v alue for medium noise en vironment is 4 dB. The recommend ed v alue in a[...]
-
Seite 261
12-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports Configuring LRE Link Persistence If the LRE link shuts do wn and is automatically re-enabled quickly , the switch config uration might change. For example, the dynamic MA C addresses ar e remo ved from th e MA C ad[...]
-
Seite 262
12-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports A lo wer v alue of the interlea ve block size means less tole rance to noise and causes a lo wer latency of frame transmis sion. For e xample, lowe r val ues of the interleave block size can be us ed for v oice ap[...]
-
Seite 263
12-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports • Make sure that all t he CPEs in the prod uction network are runnin g the same LRE binary version . Use the show controllers lr e cpe version priv ileged EXEC com mand to display t he binary v ersion on all CPE [...]
-
Seite 264
12-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports T o re-enable CPE toggle on the Cisco 585 LRE CPE link, use the cpe toggle [ port port -id ] interface confi guration command. Configuring Syslog Export If the syslog export feature is enabled, the swit ch sends t[...]
-
Seite 265
12-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Upgrading LRE Switch Firmware T o turn of f the logging of e vents, use the no logging lr e { eve nt | extended | normal } interface confi guration command. Upgrading LRE Switch Firmware The Catalyst 29 50 LRE switch can store and prope[...]
-
Seite 266
12-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Upgrading LRE Switch Firmware Note Y ou must remo ve global conf igurations that might af fect t he controll er and de vices connected to it. Note If you enter the lre upgrade default family global config uration command and the upgrad[...]
-
Seite 267
12-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Upgrading LRE Switch Firmware Y ou can use the upgrade controller conf iguration command to ov erride the system def ault selection of an LRE binary that will b e applied on either end of a particular LRE link. Con troller conf iguratio[...]
-
Seite 268
12-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Upgrading LRE Switch Firmware ! controller LongReachEthernet 1 ! controller LongReachEthernet 2 ! controller LongReachEthernet 3 ! controller LongReachEthernet 4 ! controller LongReachEthernet 5 ! controller LongReachEthernet 6 ! ! <[...]
-
Seite 269
12-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Displaying LRE St atus Displaying LRE Status T o display the LRE informat ion, use one or more of th e pri vileged EXEC command s in Ta b l e 12-10 . For detailed i nformation about the f ields in the command outputs, see the co mmand r[...]
-
Seite 270
12-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Displaying LRE Status[...]
-
Seite 271
CH A P T E R 13-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 13 Configuring STP This chapter describe s ho w to configure the Spanning T ree Pro tocol (STP) on port-based VL ANs on your Catalyst 2950 or Catal yst 2955 switch. The switch can use either the per-VLAN spanning-tree pl us (PVST+) protocol based on t[...]
-
Seite 272
13-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Understandin g Spanning-T ree Features • Spanning-T ree Interoperability and Backw ard Compatibility , page 13-10 • STP and IEEE 802.1Q Trunks, page 13-10 For conf iguration information, see the “Configuring Span ning-T ree Featur[...]
-
Seite 273
13-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Understanding Spa nning-Tree Features When the switches in a network are powered up, each functions as the root switch. Each switch sends a confi guration BPDU through al l of its ports. The BPDUs co mmunicate and compute the sp anning-t[...]
-
Seite 274
13-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Understandin g Spanning-T ree Features In Cisco IOS Release 12.1(9)EA1 a nd later , Catalyst 2950 and Catalyst 2955 switches support the IEEE 802.1t spanning -tree extensions. Some of the bits pr e viously used for the switch priorit y [...]
-
Seite 275
13-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Understanding Spa nning-Tree Features • From forwarding to dis abled Figure 13-1 illustrates how an interf ace mo ves through the states. Figur e 13-1 Spanning-T ree Interf ace States When you power up the switch, span ning tree is ena[...]
-
Seite 276
13-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Understandin g Spanning-T ree Features • Receiv es BPDUs Listening State The listening state is the first state a Layer 2 interf ace enters after the blocking state. The interface enters this state when the spanning tree determines th[...]
-
Seite 277
13-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Understanding Spa nning-Tree Features How a Switch or Port Becomes the Root Switch or Root Port If all switches in a network are enabled with defaul t spanning-tree settings, the swi tch with the lo west MA C address becomes the root swi[...]
-
Seite 278
13-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Understandin g Spanning-T ree Features Figur e 13-3 Spanning T ree and Re dundant Connectivity Y ou can also create redundant links b etween sw itches by using Et herChannel groups. For more informatio n, see Chapter 30, “Config uring[...]
-
Seite 279
13-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Understanding Spa nning-Tree Features Spanning-Tree Modes and Protocols The switch support s these spanning-tre e modes and protocol s: PVST+—This spanning-tree mode is based on the IEEE 802.1D st andard and Cisco proprietary extension[...]
-
Seite 280
13-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es Spanning-Tree Interoperabi lity and Backward Compatibility Ta b l e 13-2 lists the interoperability an d compatibility among t he supported spanning-tree modes in a network. In a mixed MSTP an d PVS[...]
-
Seite 281
13-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features • Config uring the Root Swit ch, page 13-14 (optio nal) • Config uring a Secondary Root Swi tch, page 13-16 (optional) • Config uring the Port Priority , page 13-17 (optional) • Config uring t[...]
-
Seite 282
13-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es If 64 instances of spanning tree are alread y in use, you can disable spanning tree on one of t he VLANs and then enable it on the VLAN wh ere you want it to run . Use the no spanning-tr ee vlan vla[...]
-
Seite 283
13-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features T o return to the defau lt setting, use the no spanning-t ree mode global co nfigu ration command. T o return the port to its def ault setting, use the no spanning-tree link-type interface conf igurat[...]
-
Seite 284
13-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es Beginning in pri vileged EXEC mode, follo w these steps to disable spannin g tree on a per -VLAN basis. This procedure is optional. T o re-enable spanning tree, use the spanning-tree vlan vlan-id gl[...]
-
Seite 285
13-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features • For Catalyst 2950 swi tches without the ex tended system ID (softw are earlier than Cisco IOS Release 12.1(9)EA1), if al l network de vices in VLAN 100 ha ve th e default prio rity of 32768, enter[...]
-
Seite 286
13-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es T o return the switch to its default setting, use the no spanning-tr ee vlan vlan-id roo t global confi guration command. Configuring a Secondary Root Switch When you conf igure a Catalyst 2950 or C[...]
-
Seite 287
13-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features T o return the switch to its default setting, use the no spanning-tr ee vlan vlan-id roo t global confi guration command. Configuring the Port Priority If a loop occurs, spanning tree us es the port p[...]
-
Seite 288
13-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es Note The show spanning-tr ee interface interfac e-id pri vilege d EXEC command displays informati on only if the port is in a link-up operativ e s tate. Otherwise, you can use the show running-confi[...]
-
Seite 289
13-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features Note The show spanning-tr ee interface interfac e-id pri vilege d EXEC command displays informati on only for ports that are in a link-up operati ve state. Otherwise, you can use the show running-conf[...]
-
Seite 290
13-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es T o return the switch to its default setting, use the no spanning-tr ee vlan vlan-id priority global confi guration command. Configuring Spanning-Tree Timers Ta b l e 13-4 describes the timers that [...]
-
Seite 291
13-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features Configuring the Forwardi ng-Delay Time for a VLAN Beginni ng in pri vileged EXEC mod e, follo w these steps to conf igure the forwarding-delay time for a VLAN. This procedure is optional. T o return t[...]
-
Seite 292
13-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es Configuring Spanni ng Tree for Use in a Cascaded Stack Spanning tree uses def ault va lues that can be reduced when configuring your switch in cascaded configurations. If a root switch is part of a [...]
-
Seite 293
13-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Displaying the Spanning -Tree Status Displaying the Spanning-Tree Status T o display the spanning-tree status, use o ne or more of the pri vileged EXEC commands in Ta b l e 13-6 : Y o u can clear spanning-tre e counters by using the cle[...]
-
Seite 294
13-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Displaying the Sp anning-Tree Status[...]
-
Seite 295
CH A P T E R 14-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 14 Configuring MSTP This chapter describe s ho w to configure the Cisco im plementation of the IEE E 802.1s Multiple STP (MSTP) on your Catalyst 2950 or Catalyst 29 55 switch. Note The multiple spanning-tree (MST) implementation is a prestandard imple[...]
-
Seite 296
14-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng MSTP Understanding MSTP MSTP , which uses RSTP for rapid co n verge nce, en ables VLANs to be grou ped into a spanning-tree instance, with each instance h aving a spann ing-tree topology inde pendent of other spanning-t [...]
-
Seite 297
14-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Understanding M STP All MST instances within the same re gion share the same protocol timers, bu t each MST instance has its o wn topology parameters, such as root switch ID, root path cost, and so fort h. By default, all VLANs are assi[...]
-
Seite 298
14-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng MSTP Figur e 14-1 MST Regions, IST Masters, and the CS T Root Figure 14-1 does not sho w additional MST instances for each reg ion. Note that the topology of MST instances can be dif ferent from that of the IST for the s[...]
-
Seite 299
14-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Understanding M STP recei ved remaining hop count b y one an d propagates this v alue as the rem aining hop count i n the BPDUs it generates. Wh en the count reaches zero, the switch discards the BPDU and ag es the information held for [...]
-
Seite 300
14-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng RSTP Understanding RSTP The RSTP takes adv antage of point-to-poi nt wiring and pro vides rapid con vergence of the spanning tree. Reconfi guration of the sp anning tree can occu r in less than 1 second (in contrast to 5[...]
-
Seite 301
14-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Understanding RST P T o be consistent with Cisco STP implementations, th is guide def ines the port state as bloc king instead of discar ding . Designated ports sta rt in the l istening state. Rapid Convergence The RSTP provides for rap[...]
-
Seite 302
14-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng RSTP Figur e 14-2 Proposal and Agr eement Hand shaking for Rapid Conv ergence Synchronization of Port Roles When the switch receiv es a proposal message on one of its ports and that port is selected as the ne w root port[...]
-
Seite 303
14-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Understanding RST P Figur e 14-3 Seq uence of Events Dur ing Rapid Conv erg ence Bridge Protocol Data Unit Format and Processing The RSTP BPDU format is the same as the IEEE 8 02.1D BPD U format except that the pr otocol version is set [...]
-
Seite 304
14-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng RSTP The RSTP does not ha ve a separate topology change notificat ion (TCN) BPDU. It uses the topolog y change (TC) flag to sho w the to pology changes. Howe ver , for in teroperability with IEEE 802.1D switches, the RS[...]
-
Seite 305
14-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features • Protocol migration—F or backward compatibilit y with IEEE 802.1D switches, RSTP selecti vely sends IEEE 802.1D conf iguration BPDUs and TCN BPDUs on a per -port basis. When a port is initialized, the mig[...]
-
Seite 306
14-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features For info rmation about the supported number of spanning-tree instan ces, see the “Support ed Spanning-Tree Instances” section on page 13-9 . MSTP Configuration Guidelines These are the configurati on guid[...]
-
Seite 307
14-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features Specifying the MST Region Configuration and Enabling MSTP For tw o or more switches to be in the same MST re gion, the y must hav e the same VLAN-to-instance mapping, the same conf iguration re vision number ,[...]
-
Seite 308
14-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features T o return to the default MST region conf iguration, use the no spanning-tree mst conf iguration global confi guration command. T o return to the def ault VLAN-to-instance map, use the no instance instance-id[...]
-
Seite 309
14-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features Use the diameter keyw ord, which is a vai lable only for MST instance 0, to specify the Layer 2 n etwork diameter (that is, th e maximum number of switch h ops between any tw o end stations in t he Layer 2 net[...]
-
Seite 310
14-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features Y ou can execute this command on more than one sw itch to conf igure mu ltiple backup roo t switches. Use the same network d iameter and hello-time v alues that you used when you conf igured the primary root [...]
-
Seite 311
14-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features Beginning in pri vileged EXEC mod e, follo w these steps to conf igure the MSTP port priority of an interface. This pro cedure is optional. Note The show spanning-tr ee mst interface interfac e-id pri vileged [...]
-
Seite 312
14-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features Note The show spanning-tr ee mst interface interfac e-id pri vilege d EXEC command displays informati on only for ports that are in a link-up oper ati ve sta te. Otherwise, y ou can use t he show running-conf[...]
-
Seite 313
14-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features Beginni ng in pri vileged EXEC mode, follo w these steps to conf igure the switch priority . This procedure is optio nal. T o return the switch to its default setting, use the no spanning-tr ee mst instance-id[...]
-
Seite 314
14-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features T o return the switch to its default setting, use the no spanning-tree mst hello-time global configuration command. Configuring the Forwarding-Delay Time Beginni ng in pri vileged EXEC mod e, follo w these st[...]
-
Seite 315
14-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features T o return the switch to its def a ult setting, use th e no spanning-tree mst max-age global co nfiguration command. Configuring the Maximum-Hop Count Beginni ng in pri vile ged EXEC mode, follo w these steps [...]
-
Seite 316
14-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Displaying the MST Configuration and Status T o return the switch to its default setting, use the no spanning-tr ee link-type interface configuration command. Restarting the Protocol Migration Process A switch running MSTP supports a [...]
-
Seite 317
CH A P T E R 15-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 15 Configuring Optional Spanning-Tree Features This chapter describes ho w to configu re optional spanning -tree features on your Catalyst 2 950 or Catalyst 2955 switch. Y ou can configu re all of these features when your switch is running the per -VL[...]
-
Seite 318
15-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures Understanding Port Fast Port Fast immediately brings an interface conf igured as an access or trunk port from a blocking state to the forwarding state, bypas[...]
-
Seite 319
15-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features The BPDU guard feature pro vides a secure response to in v alid conf igurations because y ou must manually put the port b ack in service. Use the BPDU guard fea[...]
-
Seite 320
15-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures Figur e 15-2 Switches in a Hier archical Netw ork If a switch loses connecti vity , it beg ins using the alte rnate paths as soon as th e spanning tree selec[...]
-
Seite 321
15-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features Figur e 15-3 UplinkF ast Example Befor e Direct Link F ailure If Switch C de tects a link f ailure on the currentl y acti ve link L2 on the ro ot port (a dir ec[...]
-
Seite 322
15-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures How CSUF Works CSUF ensure s that one link in t he stack is electe d as the path to th e root. As shown in Figure 15-5 , Switches A, B, and C are cascaded th[...]
-
Seite 323
15-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features The switch sending the fa st-transition request needs to do a fast transiti on to the forw arding state of a port that it has chosen as the root po rt, and it m[...]
-
Seite 324
15-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures Limitations These limitations apply to CSUF: • CSUF uses the GigaStack GBI C module and runs on al l Catalyst 3550 switches, all Catalyst 3500 XL switches,[...]
-
Seite 325
15-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features Figur e 15-6 GigaStack GBIC Module Connecti ons and Spanning-T ree Conv ergence Understanding BackboneFast BackboneFast detects indirect failures in the core of[...]
-
Seite 326
15-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures to the root swit ch). Under spanni ng-tree rules, the switch ignores inferior BPDUs for the conf igured maximum aging time specif ied by t he spanning-tree [...]
-
Seite 327
15-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features Figur e 15-8 BackboneF ast Exa mple Af ter Indirect Link F ailure If a ne w switch is introd uced into a shar ed-medium topolog y as sho w n in Figure 15-9 , B[...]
-
Seite 328
15-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures Y ou can enable this feature by u sing the spanning-tree ether channel guard misconfig global confi guration command. Understanding Root Guard The Layer 2 n[...]
-
Seite 329
15-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Configuring Optio nal Spanning-Tree Features Understanding Loop Guard Y ou can use loop guard to pre vent alternate or roo t ports from becoming designat ed ports because of a failure that leads to a unidir[...]
-
Seite 330
15-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Configuring Option al Spanning-Tree Featur es Optional Spanning-Tree Configuration Guidelines Y o u can configure PortFast, BPDU guard, BPDU filter ing, EtherChannel guard, roo t guard, or loop guard if you[...]
-
Seite 331
15-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Configuring Optio nal Spanning-Tree Features Note Y ou can use the spanning-tree portfast default global conf iguration comma nd to globally enable the Port Fast feature on all nontrun king ports. T o disab[...]
-
Seite 332
15-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Configuring Option al Spanning-Tree Featur es Beginni ng in pri vileged EXEC mode, follo w these steps to globally enable the BPDU guar d feature. This procedure is optional . T o disable BPDU guard, use th[...]
-
Seite 333
15-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Configuring Optio nal Spanning-Tree Features T o disable BPDU fi ltering, use the no spanning-tr ee portfast bpdufilter default global con figur ation command. Y o u can ov e rride the setting of the no spa[...]
-
Seite 334
15-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Configuring Option al Spanning-Tree Featur es When UplinkFast is enabled, the sw itch priority of all VLANs is set to 49152 . If you change the path cost to a va lue less than 3000 and you enable UplinkF as[...]
-
Seite 335
15-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Configuring Optio nal Spanning-Tree Features Enabling BackboneFast Y ou can enable BackboneFast to detect indirect li nk failures and to start the spanning-tree reconfiguration sooner . Note If you use Back[...]
-
Seite 336
15-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Configuring Option al Spanning-Tree Featur es After the conf iguration is corrected, enter the shutdown and no shutdown in terface conf iguration commands on the port-channel interf aces that were misconf i[...]
-
Seite 337
15-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Displaying the Spanning -Tree Status T o globally disable loop g uard, use the no spanning-tr ee loopguard default global configuratio n command. Y ou can override the setting of the no spanning-tree loopgu[...]
-
Seite 338
15-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Displaying the Sp anning-Tree Status[...]
-
Seite 339
CH A P T E R 16-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 16 Configuring VLANs This chapter describes ho w to config ure normal-range VLANs on your Catalyst 2950 or Catalyst 295 5 . It includes information about VLAN modes and th e VLAN Membership Policy Serv er (VMPS). Note For complete syntax and usage in [...]
-
Seite 340
16-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Understandi ng VLANs Figure 16-1 sho ws an example of VLANs seg mented into logically def ined networks. Figur e 16-1 VLANs as Logically Defined Ne tw or ks VLANs are often associated with IP subnet works. F or example, all the end st[...]
-
Seite 341
16-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Understanding VLAN s VLAN Port Membership Modes Y ou configure a port to belong to a VLAN by assignin g a memb ership mode that determines the kind of traff ic the port carries and the numb er of VLANs to which it can belong. Ta b l e [...]
-
Seite 342
16-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Norma l-Range VLANs Configuring Normal-Range VLANs Normal-range VLANs are VLA Ns with VLAN IDs 1 to 1005. If the switch is in VT P server or transparent mode, you can add, m odify or remo ve conf igurations for VLANs 2 to [...]
-
Seite 343
16-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring Normal-Rang e VLANs • Normal-Range VLAN Co nf ig uration Guidelines, page 16-5 • VLAN Config uration Mode Options, page 16 -6 • Saving VLAN Configuration, page 16-6 • Default Eth ernet VLAN Config uration, page 16-7[...]
-
Seite 344
16-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Norma l-Range VLANs are se veral adjacent switches that all hav e run out of spanning-tree instances. Y ou can pre vent this possibility b y setting allo wed lists on the trunk po rts of switches that ha ve used up their a[...]
-
Seite 345
16-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring Normal-Rang e VLANs startup configuration f ile. Y ou can use the show running-conf ig vlan pri vile ged EXEC command to display the switch running conf iguration file. T o display the VLAN co nfigu ration, enter the show v[...]
-
Seite 346
16-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Norma l-Range VLANs Creating or Modifying an Ethernet VLAN Each Ethernet VLAN in the VLAN databa se has a unique, 4-digit ID that can be a number fro m 1 to 1001. VLAN IDs 1002 to 1005 are reserved for T oken Ring and FDDI[...]
-
Seite 347
16-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring Normal-Rang e VLANs Beginning in pri vileged EXEC mode, follow these step s to use VLAN configurati on mode to create or modify an E thernet VLAN : Note Y ou cannot configure an RSP AN VLAN in VLAN database configuration mo[...]
-
Seite 348
16-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Norma l-Range VLANs Beginni ng in pri vileged EXEC mode, follo w these steps to delete a VLAN on the switch b y using global confi guration mode: T o delete a VLAN in VLAN data base co nfiguratio n mode, use the vlan data[...]
-
Seite 349
16-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring Extende d-Range VLANs This example sho ws how to conf igure a port a s an access port in VLAN 2: Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface Switch(conf[...]
-
Seite 350
16-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Exten ded-Range VLANs • The switch must be in VTP tran sparent mode when you create ex tended -range VLANs. If VTP mode is server or client, an error message is gene rated, and the e xtended-ra nge VLAN is rejected. •[...]
-
Seite 351
16-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Displaying VLANs T o delete an extended-range VLAN, use t he no vlan vlan-id global conf iguration command. The procedure for assigning static-access ports to an extended-range VLAN is the same as for normal-range VLANs. See the “ A[...]
-
Seite 352
16-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Trunking Overview A trunk is a point-to-point link between one or more Ethernet switch inte rfaces and another networking de vice such as a router or a switch. Gi ga b it E th er n et t ru n ks carry the traf[...]
-
Seite 353
16-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VLAN Trunk s – Manually shut do wn the GigaStack port by usin g the shutdown interf ace configuration command. – Manually conf igure trunk mode on th e GigaStack port b y using the switchport mode trunk interface conf [...]
-
Seite 354
16-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Default Layer 2 Ethernet Interface VLAN Configuration Ta b l e 16-5 shows th e default Layer 2 Ethernet interface V LAN conf iguration. Configuring an Ethernet Interface as a Trunk Port Because trunk ports se[...]
-
Seite 355
16-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VLAN Trunk s • A port in dynam ic mode can ne gotiate with its neig hbor to become a trunk port. If you tr y to enable IEEE 802.1X on a dynamic port, an error message appears, and I EEE 802.1X is not enabled. If you try [...]
-
Seite 356
16-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Defining the Allowed VLANs on a Trunk By default, a trunk port sends traf fic to and rece i ves traf fic from all VLANs. All VLAN IDs are allo wed on each trunk. Ho wever , you can remo ve VLANs from the allo[...]
-
Seite 357
16-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VLAN Trunk s This example sh ows ho w to remove VLAN 2 from the allo wed VLAN list: Switch(config)# interface Switch(config-if)# switchport trunk allowed vlan remove 2 Switch(config-if)# end Switch# Changing the Pruning-El[...]
-
Seite 358
16-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Beginning in pri vileged EXEC mo de, follow these steps to conf ig ure the native VLAN on an IEEE 802.1Q trunk: T o return to the default nati ve VLAN, VLAN 1, use the no switchport trunk nati ve vlan interfa[...]
-
Seite 359
16-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VLAN Trunk s In this way , T runk 1 carries traf fic for VLANs 8 through 10, and T runk 2 carries traf fic for VL ANs 3 through 6. If the acti ve trunk fails, the trunk with th e lo wer priority takes o ver and carries the[...]
-
Seite 360
16-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Load Sharing Usin g STP Path Cost Y ou can configure paral lel trunks to share VLAN traf fic b y setting dif ferent path costs on a trunk and associating the path costs with dif ferent sets of VLANs. The VLAN[...]
-
Seite 361
16-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VMPS Configuring VMPS The switch cannot be a VMPS server but can act as a client to the VMPS and commun icate with it through the VLAN Query Protocol (VQP). VM PS dynamically assigns dynamic access port VLAN membership. Th[...]
-
Seite 362
16-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VMPS In response to a request, the VMPS takes one o f these actions: • If the assigned VLAN is restricted to a group of ports, the VMPS verif ies the requesting port against this group and responds as follo ws: – If t[...]
-
Seite 363
16-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VMPS Y o u can configure a fallback VLAN na me. If you connect a device with a MA C address that is no t in the database, the VMPS sends the f allback VLAN name to the client. If you do not conf igure a fallback VLAN and t[...]
-
Seite 364
16-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VMPS • Port channels cannot be conf igured as dynamic access ports. • The VTP mana gement domain of the VMPS clie nt and the VMPS server must be the same. • VQP does not supp ort extended-rang e VLANs (V LAN IDs hig[...]
-
Seite 365
16-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VMPS Beginni ng in pri vileged EXEC mode, follo w these steps to conf igure a dynamic access port on a VMPS client swit ch: T o return an interface to its d efault conf iguration, use the default interface interface-id int[...]
-
Seite 366
16-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VMPS Beginni ng in pri vileged EXEC mod e, follo w these steps to change the recon firmation i nterv al: T o return the switch to its default setting, use the no vmps re confirm glob al conf iguration command. Changing th[...]
-
Seite 367
16-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VMPS This is an example of output for the show vmps pri vileged EXEC command: Switch# show vmps VQP Client Status: -------------------- VMPS VQP Version: 1 Reconfirm Interval: 60 min Server Retry Count: 3 VMPS domain serve[...]
-
Seite 368
16-30 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VMPS Figur e 16-5 Dynamic Por t VLAN Membe rship Configur at ion Primar y VMPS Ser v er 1 Catalyst 6500 series Secondar y VMPS Ser v er 2 Catalyst 6500 series Secondar y VMPS Ser v er 3 172.20.26.150 172.20.26.151 Catalys[...]
-
Seite 369
CH A P T E R 17-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 17 Configuring VTP This chapter describe s ho w to use the V LAN T r un king Protocol (V TP) and the VLAN database for managing VLANs on your Catalyst 2950 or Catalyst 2955 switch. Note For complete syntax and usage in formation for the co mmands used[...]
-
Seite 370
17-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Understandi ng VTP The VTP Domain A VTP domain (also called a VLAN management domain) consist s of one switch or se veral interconnected switches und er the same administrat i ve responsibility sharing th e same VTP domain name. A switc[...]
-
Seite 371
17-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Understanding VT P When the networ k is confi gured with more than the maximum 25 0 VLANs supported by t he Catalyst 2950 switches running the enhanced softw are image (EI), or 128 VLANs supported b y the Catalyst 2950 switches ru nning [...]
-
Seite 372
17-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Understandi ng VTP • VLAN state • Additional VLAN conf iguration information speci fic to the VLAN typ e VTP Version 2 If you use VTP i n your network, you must decide whether to use version 1 or version 2. By default, V TP operates[...]
-
Seite 373
17-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Understanding VT P Figur e 1 7 -1 Floo ding T raf fic wit hout VTP Pr uning Figure 17-2 sho ws a switched netw ork with VTP pruni ng enabled. The broadcast traf fic from Switch A is not forwarded to Switches C, E, and F because tr aff ic[...]
-
Seite 374
17-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP • T urn off VTP pruni ng by making all VLANs on the trunk of th e switch upstream to the VTP transparent switch prunin g ineligible. T o config ure VTP pruning on an int erface, use the swi tchport trunk pruning vlan i[...]
-
Seite 375
17-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Configuring VTP VTP Configuration in Global Configuration Mode Y o u can use the vtp global configuration command t o set the VTP password, the v ersion, the VTP file name, the interface pr oviding updated VTP inf ormation, the domain na[...]
-
Seite 376
17-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP VTP Configuration Guidelines These sections describe guidelines you should follo w when implem enting VTP in your netw ork. Domain Names When config uring VTP for the f irst time, you must al ways assign a domai n name. [...]
-
Seite 377
17-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Configuring VTP VTP Version Follo w these guidelines wh en decidi ng which VTP versio n to implem ent: • All switches in a VTP domain mu st run the same VTP version. • A VTP version 2-capable switch can operate in the same VTP dom ai[...]
-
Seite 378
17-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP When you conf igure a domain name, it cannot be remo ved; you can only reassign a swi tch to a dif ferent domain. T o return the switch to a no-password state, use the no vtp passw ord global conf iguration command. Thi[...]
-
Seite 379
17-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Configuring VTP This exampl e shows h ow to use VLAN conf iguration mode to confi gure the switch as a VTP serv er with the domain name eng_gr oup an d the passw ord mypassword : Switch# vlan database Switch(vlan)# vtp server Switch(vla[...]
-
Seite 380
17-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP Use the no vtp mode global configur ation command to return the switch to VTP server mode . T o return the switch to a no-password state, use the no vtp password global co nfigu ration command. When you confi gure a dom[...]
-
Seite 381
17-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Configuring VTP Note If extended-range VLANs are configured on the swit ch, you cannot change VTP mode to server . Y ou recei ve an error messa ge, and the conf iguration is not al lo wed. Note Y ou can also conf igure VTP transparent m[...]
-
Seite 382
17-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP Enabling VTP Pruning Pruning increases a vail able bandwidth b y restricting flood ed traff ic to those trunk links that t he traff ic must use to access the destination de vices. Y ou can only enable VTP pruning on a s[...]
-
Seite 383
17-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Monitoring VTP Beginni ng in pri vileged EXEC mod e, follo w these steps to verify an d reset the VTP conf iguration revision number on a switch befor e adding it to a VTP domain: Y o u can also change the VTP domain name by entering th[...]
-
Seite 384
17-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Monitoring VTP Ta b l e 17 -3 VTP Moni t or ing Commands Command Purpose show vtp status Display the VTP switch co nfiguration information. show vtp counters Disp lay counters about VTP messages th at ha ve been sent and recei ved.[...]
-
Seite 385
CH A P T E R 18-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 18 Configuring Voice VLAN This chapter d escribes how to configure the v oice VLAN feature on your Catalyst 2950 or Catalyst 2955 switch. V oice VLAN is sometime s referred to as an auxiliary VLAN in the Cat alyst 6000 famil y switch documentation. No[...]
-
Seite 386
18-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 18 Configurin g Voice VLAN Configuring Voice VLAN Figur e 18-1 Cisco 7960 IP Phone Connect ed to a Switc h When the IP Phone connects to the switch, the acce ss port (PC-to-telephone jack) of the IP phone can connect to a PC. Packets to and from the PC and[...]
-
Seite 387
18-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 18 Configuring Voice VLAN Configuring Vo ice VLAN Voice VLAN Configuration Guidelines These are the voice VLAN conf iguration guidelines: • Y o u should configure voice VLAN on switch acc ess ports. • The voice VLAN should be present and active on the [...]
-
Seite 388
18-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 18 Configurin g Voice VLAN Configuring Voice VLAN • Config uring the IP Phone to T rust the CoS Priority of Incoming Data Frames, p age 18-5 Configuring Ports to Carry Voice Traffic in IEEE 802.1Q Frames Beginning in pri vileged EX EC mode, follow these [...]
-
Seite 389
18-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 18 Configuring Voice VLAN Configuring Vo ice VLAN Overriding the CoS Priority of Incoming Data Frames Y o u can connect a PC or ot her data device to a Cisco 7960 IP Phone port. The PC can generate pack ets with an assigned CoS v alue. Y ou can configure t[...]
-
Seite 390
18-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 18 Configurin g Voice VLAN Displaying Voice VLAN Use the no switchport priority extend interface conf iguration command or the switchport pri ority extend cos 0 interface conf iguration command to return the port to its default set ting. Displaying Voice V[...]
-
Seite 391
CH A P T E R 21-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 21 Configuring Port-Based Traffic Control This chapter describes h ow to configure t he port-based traf fic control features on your Catalyst 29 50 or Catalyst 29 55 switch. Note For complete syntax and usage in formation for the co mmands used in thi[...]
-
Seite 392
21-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Storm Control Storm control uses one of th ese methods to measure traf fic act ivi ty: • Bandwidth based • T r af fic rate at which packets are recei ved (in pa ckets per second ) (av ailable only [...]
-
Seite 393
21-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Storm Control T o disable storm control, use the no storm-contr ol br oadcast leve l , the no storm-contr ol multicast level , or the no storm-control un icast lev el interface co nfiguratio n command.[...]
-
Seite 394
21-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Protec ted Ports Configuring Protected Ports Some applications require that no traffic be forw ar ded between ports on the same switch so that one neighbor does not see the traf fic generated b y anoth[...]
-
Seite 395
21-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port B locking Configuring Port Blocking By default, the sw itch floods packet s with unkno wn destination MA C addresses to all ports. If unkno wn unicast and multicast traf fic is forwarded to a prot[...]
-
Seite 396
21-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security Resuming Normal Forwarding on a Port Beginni ng in pri vileged EXEC mode, follow these steps to resume normal forw arding on a port: Configuring Port Security Y ou can use the port securi[...]
-
Seite 397
21-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security • Stic ky secure MA C address es—These can be dynamically learned or manually conf igured, stored in the address table, and added t o the running conf iguration. If these addresses ar[...]
-
Seite 398
21-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security Ta b l e 21-1 shows th e violation mode and t he actions taken when y ou conf igure an interface for port security . Default Port Security Configuration Ta b l e 21-2 shows th e default p[...]
-
Seite 399
21-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security • When a voice VLAN is conf igured on a se cure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and a[...]
-
Seite 400
21-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security T o return the interface to the default condition as not a secure po rt, use the no switchport port- security interface conf iguration command. If you enter this comm an d when sticky l [...]
-
Seite 401
21-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security T o disable sticky learning on an interface, use the no switchport port-security mac-address stick y interface configuration command. The interf ace con ver ts the sticky secure MA C add[...]
-
Seite 402
21-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security Beginni ng in pri vileged EXEC mode, follow these steps to conf igure port security aging: T o disable port security aging fo r all secure addresses on a port, use the no switchport port[...]
-
Seite 403
21-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Displaying Po rt-Based Tr affic Control Se ttings Displaying Port-Based Traffic Control Settings The show interfaces interface- id switchport pri vileged EXEC command displays (among other characteristics) the in[...]
-
Seite 404
21-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Displaying Port-Based Traffic Control Settings[...]
-
Seite 405
CH A P T E R 19-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 19 Configuring DHCP Features This chapter describes ho w to conf igure DHCP snooping and t he option-82 data inserti on features on the Catalyst 29 50 or Catalyst 2955 switch. Note For complete syntax and usage in formation for the co mmands used in t[...]
-
Seite 406
19-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 19 Config uring DHCP Feat ures Understanding DHCP Features DHCP Server The DHCP server assigns IP addr esses from specified ad dress pools on a switch or router to DHCP clients and manages them. If the DHCP server cannot giv e the DHCP client the requested[...]
-
Seite 407
19-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 19 Configuring DHCP Fea tures Understanding DHCP Feature s The switch drops a DHCP packet when one of these s ituations occurs: • A packet from a DHCP serv er , such as a DHCPOFFER, DHCP ACK, DHCPN AK, or DHCPLEASEQUER Y packet, is recei ved from outside[...]
-
Seite 408
19-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 19 Config uring DHCP Feat ures Understanding DHCP Features Figur e 19-1 DHCP Relay A gent in a Metr opolitan Ether net Networ k When you enable the DHCP snoopin g information option 82 on the swi tch, this sequence of ev ents occurs: • The host (DHCP cli[...]
-
Seite 409
19-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 19 Configuring DHCP Fea tures Configuring DHCP Features The port numbers in the port fiel d of the ci rcuit-ID suboption start at 0. For e xample, on a Catalyst 2950G-24-EI swit ch, port 0 is the F a st Ethernet 0/1 port, port 1 is the Fast Ethernet 0/2 po[...]
-
Seite 410
19-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 19 Config uring DHCP Feat ures Configuring DHCP Feat ures DHCP Snooping Configuration Guidelines These are the conf iguration guidelines for DHCP snooping. • Y ou must globally enable DHCP snooping on the swi tch. • DHCP snooping is not acti ve until D[...]
-
Seite 411
19-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 19 Configuring DHCP Fea tures Configuring DHCP Features Configuring the DHCP Server The Catalyst 2955 switch can act a s a DHCP server . By default, the Cisco IOS DHCP server and relay agent features are enabled on your switch but are not configured. These[...]
-
Seite 412
19-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 19 Config uring DHCP Feat ures Displaying DHCP Information T o disable DHCP snooping, use t he no ip dhcp snooping global conf iguration command. T o disable DHCP snooping on a VLAN or ran ge of VLANs, use the no ip dhcp snooping vlan vlan-id global confi [...]
-
Seite 413
CH A P T E R 20-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 20 Configuring IGMP Snooping and MVR This chapter describe s ho w to configure Internet Group M anagement Protocol (IGMP) snoopin g on your Catalyst 2950 or Catalyst 2955, including an application of lo cal IGMP snooping, Multicast VLAN Registration ([...]
-
Seite 414
20-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Understanding IGMP Snooping the switch adds th e host port number to the forw ardi ng table entry; when i t receiv es an IGMP Leave Group message from a host, it remov es the host port from the tabl e entry . It also [...]
-
Seite 415
20-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Understanding IGM P Snooping An IGMPv3 switch can receive messages from and forwar d messages to a de vice running the Source Specif ic Multicast (SSM) feature. F or more information, see the “C onfiguring IP Multica[...]
-
Seite 416
20-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Understanding IGMP Snooping Note that the switch hardw are can distinguish IGMP information pack ets from other packets for the multicast group. • The fir st entry in the table tells the switching en gine to send IG[...]
-
Seite 417
20-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Understanding IGM P Snooping When hosts want to leav e a multicas t group, they can eithe r silently leave, or they can send a leave message. When the switch receives a lea ve message from a host, it sends a group-spec[...]
-
Seite 418
20-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping If the multicast router query al so includes requests for IGMPv3 reports, the swi tch forwards all IGMPv1, IGMPv2, and IGMPv3 reports for a group to the multicast d evices. If you disable IGM[...]
-
Seite 419
20-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Snooping • Config uring the Aging T ime, page 20-13 • Displaying IGMP Sn ooping Information, page 20 -13 Default IGMP Snooping Configuration Ta b l e 20-3 sho ws the defaul t IGMP snooping conf ig[...]
-
Seite 420
20-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping T o disable IGMP snooping on a VLAN interf ace, use the no ip igmp snooping vlan vlan-id global confi guration command for t he specifi ed VLAN number . Setting the Snooping Method Multicast-[...]
-
Seite 421
20-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Snooping T o return to the defa ult learning method, use th e no ip igmp snooping vlan vlan-id mr outer lear n cgmp global conf iguration command. Configuring a Multicast Router Port T o add a multica[...]
-
Seite 422
20-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping T o remove the Layer 2 port fr om the multicast group, use the no ip igmp snooping vlan vlan-id static mac-addr ess inter face interfa ce-id global conf iguration command. This example sho w[...]
-
Seite 423
20-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Snooping • The default lea ve time is 1000 milliseconds. • The IGMP confi gurable lea ve time is only support ed on hosts running IGMP V ersion 2. • The actual leav e latency in the network is [...]
-
Seite 424
20-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping T o re-enable IGMP report suppression, use the ip i gmp snooping report-suppr ession gl obal confi guration command. Disabling IP Multicast-Source-Only Learning The IP multicast-sour ce-only[...]
-
Seite 425
20-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Displaying IGMP Snooping Information Configuring the Aging Time Y ou can set the aging time for forwarding-table entries th at the switch learns by using the IP multicast-source-only le arning method. Beginni ng in pr[...]
-
Seite 426
20-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Understanding Mu lticast VLAN Registration For more inf ormation about the ke ywords and options in these commands, see the co mmand reference for this release. For e xamples of output from the commands in Ta b l e 2[...]
-
Seite 427
20-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Understanding Multicast VLAN Registration The switch CPU identifies the MV R IP multicast streams and th eir associated MA C address es in the switch forwarding t able, intercepts the IGMP messages, and modif ies the [...]
-
Seite 428
20-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Understanding Mu lticast VLAN Registration Figur e 20-3 Multicast VLAN Registr ation Example MVR eliminates the need to dupli cate tele vision-channel multicast tr af fic for subscribers in each VLAN. Multicast traf [...]
-
Seite 429
20-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring MVR Configuring MVR These sections include basic MVR confi guration inf ormation: • Defaul t MVR Confi guration, page 20-17 • MVR Conf iguration Guidel ines and Limitations, page 20-17 • Config uring[...]
-
Seite 430
20-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring MVR Configuring MVR Global Parameters Y ou do not need to set the optional MVR parameters i f you choose to use the default settin gs. If you do want to chan ge the default parameters (e xcept for the MVR[...]
-
Seite 431
20-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring MVR Switch(config)# mvr querytime 10 Switch(config)# mvr vlan 22 Switch(config)# mvr mode dynamic Switch(config)# end Switch# show mvr MVR Running: TRUE MVR multicast vlan: 22 MVR Max Multicast Groups: 256[...]
-
Seite 432
20-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Displaying MVR Information T o return the interface to its de fault settings, use the no mvr [ type | immed iate | vlan vlan-id | group ] interface configuration commands. This example sho ws how to conf igure a port[...]
-
Seite 433
20-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Filtering and Throttling Configuring IGMP Filtering and Throttling In some en vironments, for e xample, metropolitan or mult iple-dwelling unit (MDU) installations, you might want t o control the set[...]
-
Seite 434
20-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Filtering and Throttling When the maximum number of g roups is in forwar ding table, the defaul t IGMP throttling action is to deny the IGMP report. For conf iguration guidelines, see the “Conf igu[...]
-
Seite 435
20-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Filtering and Throttling Switch(config-igmp-profile)# permit Switch(config-igmp-profile)# range 229.9.9.0 Switch(config-igmp-profile)# end Switch# show ip igmp profile 4 IGMP Profile 4 permit range 2[...]
-
Seite 436
20-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Filtering and Throttling Setting the Maximum Number of IGMP Groups Y ou can set the maximum number of IGMP groups th at a Layer 2 interf ace can join by usi ng the ip igmp max-gr oups interface conf [...]
-
Seite 437
20-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Displaying IGMP Filterin g and Throttling Configuration – If you conf igure the throttling action as deny , the entries that were previously in t he forwarding table are n ot remov ed but are a ged out. After these [...]
-
Seite 438
20-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Displaying IGMP Filte ring and Throttling Configuration Use the privile ged EXEC commands in Ta b l e 20-8 to display IGMP filteri ng and throttling configuration: Ta b l e 20-8 Commands f or Displaying IG MP Filter [...]
-
Seite 439
CH A P T E R 22-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 22 Configuring UDLD This chapter descri bes how to configure the UniDirectional Li nk Detection (UD LD) protocol on you r Catalyst 2950 or Catalyst 29 55 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , [...]
-
Seite 440
22-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Understanding UDLD A unidirectional link occurs whene ver traf fic sent by a local device is recei ved by its neighbor b ut traff ic from the neighbor is not receiv ed by the local de vice. In normal mode, UDLD detects a u nidirectional[...]
-
Seite 441
22-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Configuring UDLD UDLD relies on echoing as i ts detection mechan ism. Whene ver a UDLD device learns about a ne w neighbor or recei ves a resynchronization request from an o ut-of-sync neighbor , it restarts the detection windo w on its[...]
-
Seite 442
22-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Configuring UDLD Default UDLD Configuration Ta b l e 22-1 shows th e default UDLD con figur ation. Configuration Guidelines These are the UDLD configuration guidelines: • A UDLD-capable interface also cannot detect a un idirectional l[...]
-
Seite 443
22-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Configuring UDLD Enabling UDLD Globally Beginni ng in pri vileged EXEC mode, follow these steps to enable UDLD in the aggressi ve or normal mode and to set the conf igurable message timer on all f iber-optic interf aces on the switch: T[...]
-
Seite 444
22-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Configuring UDLD T o disable UDLD on a non-f iber- optic interface, use th e no udld port interface conf iguration command. Note On fiber -optic interfaces, the no udld port command re verts the interface conf iguration to the udld enab[...]
-
Seite 445
22-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Displaying UDLD Status Displaying UDLD Status T o display the UDLD status for the s pecifie d interface or for all interfaces, use the show udld [ interface- id ] pri vileged EXEC command. For detailed i nformation about the f ields in [...]
-
Seite 446
22-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Displaying UDLD Status[...]
-
Seite 447
CH A P T E R 23-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 23 Configuring CDP This chapter describes ho w to confi gure Cisco Disco very Protocol (CDP) on yo ur 2950 or Catalyst 2955 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see the command reference for [...]
-
Seite 448
23-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 23 Configur ing CDP Configuring CDP Configuring CDP These sections include CDP configur ation infor mation and procedures: • Default CD P Config uration, page 23-2 • Config uring the CDP Characteristics, page 23 -2 • Disabling an d Enabling CDP , pag[...]
-
Seite 449
23-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 23 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings. This exampl e shows ho w to configu re CDP characteristics. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdtime 120 [...]
-
Seite 450
23-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 23 Configur ing CDP Monitoring and Maintaining CDP Disabling and Enabling CDP on an Interface CDP is enabled b y default on all suppo rted interfaces to send and recei ve CDP information. Beginni ng in pri vileged EXEC mode, follow these steps to disable C[...]
-
Seite 451
23-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 23 Configuring CDP Monitoring and Maintaining CDP show cdp entry entry-name [ protocol | version ] Display information ab out a specif ic neighbor . Y ou c an enter an asterisk (*) to displa y all CDP neig hbors, or you can enter th e name of the neighbor [...]
-
Seite 452
23-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 23 Configur ing CDP Monitoring and Maintaining CDP[...]
-
Seite 453
CH A P T E R 24-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 24 Configuring SPAN and RSPAN This chapter de scribes ho w to configur e Switched Port An alyzer (SP AN) and Remote SP AN (RSP AN) on your Catalyst 2950 or Catalyst 29 55. Note For complete syntax and usage in formation for the co mmands used in this [...]
-
Seite 454
24-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Understanding SPAN and RSPAN Figur e 24-1 Example SP AN Configuration Only traf fic th at enters or lea ves sour ce p orts can be monitored b y using SP AN. RSP AN extends SP AN by enabling remo te monitoring of multiple swit[...]
-
Seite 455
24-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Understanding SPAN and RSPAN SPAN and RSPAN C oncepts and Terminology This section descri bes concepts and terminology associated with SP AN and RSP AN configuration. SPAN Session A local SP AN session is an association of a d[...]
-
Seite 456
24-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Understanding SPAN and RSPAN Source Port A source port (also called a monitor ed port ) is a switched port that you monitor for network traf fic analysis. In a single local SP AN session o r RSP AN source session, you can mon[...]
-
Seite 457
24-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Understanding SPAN and RSPAN Reflector Port The reflector port is the mechanism that copies packets onto an RSP AN VLAN. The reflector port forwards only the tr af fic f rom the RSP AN source session with whic h it is aff ilia[...]
-
Seite 458
24-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Understanding SPAN and RSPAN • VLAN Trunking Protocol (VTP)— Y ou can use VTP to prune an RSP AN V LAN between switc hes. • VLAN and trunking—Y ou can modify VLAN membership or trunk sett ings for source, or destinati[...]
-
Seite 459
24-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN Default SPAN and RSPAN Configuration Ta b l e 24-1 sho ws the defaul t SP AN and RSP AN conf iguration. Configuring SPAN This section describes ho w to configure SP AN on your switch . It contains this conf ig[...]
-
Seite 460
24-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Configuring SPAN – If you disable all sou rce ports or the destinat ion port, the SP AN function stops until both a source and the destination port are enabled. Creating a SPAN Session and Specifying Ports to Monitor Beginn[...]
-
Seite 461
24-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN Switch(config)# no monitor session 1 Switch(config)# monitor session 1 source interface fastethernet0/10/17 Switch(config)# monitor session 1 destination interface fastethernet0/80/18 encapsulation dot1q Switc[...]
-
Seite 462
24-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Configuring SPAN This exampl e show s how to configu re the destination port for ing ress traf fic on VLAN 5 by using a security device that does not support IEEE 802.1Q encapsulation. Switch(config)# monitor session 1 desti[...]
-
Seite 463
24-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring RSPAN This exampl e show s how to disable recei ved traf fic monitor ing on a port that w as config ured for bidirectional monitoring: Switch(config)# no monitor session 1 source interface fastethernet0/1 rx The m[...]
-
Seite 464
24-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Configuring RSPAN – All participatin g switches support RSP AN. Note The RSP AN VL AN cannot be VLAN 1 (t he default VLAN) or VLAN IDs 1002 through 1005 (reserv ed to T oken Ring and FDDI V LANs). • Y ou should create an[...]
-
Seite 465
24-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring RSPAN Creating an RSPAN Source Session Beginni ng in pri vileged EXEC mod e, follo w these st eps to start an RSP AN sour ce session and to specify the monitored source and the destination RSP AN VLAN: Command Pur[...]
-
Seite 466
24-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Configuring RSPAN This exampl e sho ws how to clear any e xisting RSP AN confi guration for session 1 , conf igure RSP AN session 1 to monitor mul tiple source interfaces, and conf igure the destination RSP AN VLAN and the r[...]
-
Seite 467
24-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring RSPAN Removing Ports from an RSPAN Session Beginning in priv ileged EXEC mode, foll ow these steps to remove a port as an RSP AN source for a session: This exampl e show s how to remove po rt 17 as an RSP AN sourc[...]
-
Seite 468
24-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Displaying SPAN and RSPAN Status Displaying SPAN and RSPAN Status T o display the status of the curren t SP AN or RSP AN conf iguration, use the show monitor pri vileged EXEC command. This is an example of output for the sho[...]
-
Seite 469
CH A P T E R 25-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 25 Configuring RMON This chapter describes ho w to configur e Remote Network Monit oring (RMON) on your Catal yst 2950 or Catalyst 2955 switch. RMON is a standard monitorin g spec ification that defines a set of statistics and functions that can be e [...]
-
Seite 470
25-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Configuring RMON Figur e 25-1 Remote Monit oring Example The switch supports these RMON groups (defined in RFC 1757): • Statistics (RMON grou p 1)—Collects Ethernet, F ast Ethernet, and G igabit Ethe rnet statist ics on an interface[...]
-
Seite 471
25-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Configuring RMO N Default RMON Configuration RMON is disabled by def a ult; no al arms or e vents are conf igured. Only RMON 1 is supported on the swit ch. Configuring RMON Alarms and Events Y ou can configure your swit ch for RMON by u[...]
-
Seite 472
25-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Configuring RMON T o disable an a larm, use the no rmon alarm number global conf iguration command on each alarm you confi gured. Y ou cannot disable at once all the alarms that you conf igured. T o disable an e vent, use the no rmon ev[...]
-
Seite 473
25-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Configuring RMO N Beginni ng in pri vileged EXEC mod e, follo w these steps to collect group hi story statistics on an interface: T o disable history collection, use the no rmon collection history inde x interface conf iguration command[...]
-
Seite 474
25-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Displaying RMON Status T o disable the collection of grou p Ethernet statistics, use the no rmon c ollection stats inde x inte rface confi guration command. Displaying RMON Status T o display the RMON status, use one or mo re of the pri[...]
-
Seite 475
CH A P T E R 26-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 26 Configuring System Message Logging This chapter describes ho w to configure syst em message logging on your Catalyst 2950 or Catalyst 2955 switch. Note For complete syntax and usage information for the co mmands used in this chapter , see the Cisco[...]
-
Seite 476
26-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging Configuring System Message Logging These sections describe ho w to configure system message log ging: • System Log Message Format, page 26-2 • Default Syst em Message Logging C[...]
-
Seite 477
26-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging This example sho ws a partial switch system message: 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 00:00:47: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, c[...]
-
Seite 478
26-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging Disabling the loggi ng process can slo w dow n the switch because a process mu st wait until t he messages are written to the console before co ntinuing. When the logging proces s [...]
-
Seite 479
26-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging The logging buffer ed global conf iguration command copies logg ing messages to an internal b uffer . The buf fer is circular , so newer messages o verwrite older messag es after th[...]
-
Seite 480
26-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging Beginni ng in pri vileged EXEC mode, follow these steps to conf igure synchronous logging: T o disable synchronizati on of unsolic ited messag es and debug outpu t, use the no logg[...]
-
Seite 481
26-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging T o disable timestamps for both deb ug and log messages, use the no ser vice timestamps global confi guration command. This example shows part of a logging displa y with the service[...]
-
Seite 482
26-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging Defining the Message Severity Level Y ou can limit messages displayed to the selected de vi ce by specifying the se verity le vel of the message, which are described in Ta b l e 26[...]
-
Seite 483
26-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging The software generates four other cat egories of messages: • Error messages about software or hardware malfunctions that appear at le vels war nings through emergencies . These ty[...]
-
Seite 484
26-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging When the history table is full (it contains the ma ximum number of message entries specif ied with the logging history size glob al configurati on command), the oldest messag e en[...]
-
Seite 485
26-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging Configuring the UNIX System Logging Facility When sending system log messag es to an external de vice, you can c a use the switch to ident ify its messages as originating from an y[...]
-
Seite 486
26-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Displaying the Logging Configuration Displaying the Logging Configuration T o display the logging conf iguration and the contents of the log buf fer , use the show logging privile ged EXEC command. For in formation [...]
-
Seite 487
CH A P T E R 27-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 27 Configuring SNMP This chapter describe s ho w to configure the Simpl e Network Management Protoc ol (SNMP) on your Catalyst 29 50 or Catalyst 2955 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see [...]
-
Seite 488
27-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Understandi ng SNMP • Using SNMP to Access MIB V ariables, pa ge 27-4 • SNMP Notifi cations, page 27- 5 SNMP Versions This software release supports t hese SNMP versions: • SNMPv1—The Simple Netw ork Management Protoc ol, a Ful[...]
-
Seite 489
27-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Understanding SN MP Y ou must configure the SNMP agent t o use the SNMP version su pported by the manag ement station. Because an agent can commu nicate with multiple manage rs, you can configur e the software to support communications [...]
-
Seite 490
27-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Understandi ng SNMP The SNMP agent also sends unsolicited trap messages to notify an NMS that a signif icant event has occurred on the agent. Examples of trap cond itions include, b ut are not limited to , when a port or module goes up[...]
-
Seite 491
27-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP SNMP Notifications SNMP allows the switch to send notifications to S N MP managers when particular ev ents occur . SNMP notifications can be sen t as traps or inform req uests. In command syntax, unless there is an opti[...]
-
Seite 492
27-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP SNMP Configuration Guidelines If the switch starts and th e switch st artup conf iguration ha s at least one snmp-server global configuration command, the SNMP agent is enabled. An SNMP gr oup is a table that maps SNMP[...]
-
Seite 493
27-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP • Changing the v a lue of the SNMP engine ID has important side ef fects. A user's password (entered on the command line) is con verted to an MD5 or SH A securi ty digest based on t he password and the local engi[...]
-
Seite 494
27-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP Beginni ng in pri v ile ged EXEC mode, follo w these st eps to configure a community string on the sw itch: Note T o disable access for an SNMP community , set the community string for that community to the null string[...]
-
Seite 495
27-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP T o remove a specific commu nity string, use the no snmp-server community string global configuration command. This example sho ws how to assign the string comaccess to SNMP , to allow read-only access, and to specify t[...]
-
Seite 496
27-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP Step 3 snmp-s erv er group gr oupname { v1 | v2c | v3 { auth | noauth | priv }} [ rea d re a d v i e w ] [ write write view ] [ noti fy notifyview ] [ access access-list ] Config ure a new S NMP group on the remote de[...]
-
Seite 497
27-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP Configuring SNMP Notifications A trap manager is a management station that recei ves and processes traps. T rap s are system alerts that the switch generates when certain e vents occur . By de fault, no trap manager is[...]
-
Seite 498
27-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP Y o u can use the snmp-server host global conf iguration command to a specif ic hos t to recei ve the notif ication types listed in Ta b l e 27 -4 . Beginni ng in pri vileged EXEC mode, configu re the switch to send t[...]
-
Seite 499
27-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP Step 3 snmp-server user username gr oupname { remote host [ udp-port port ]} { v1 [ access access -list ] | v2c [ access access-list ] | v3 [ encrypted ] [ access access-list ] [ auth { md5 | sha } auth-password ]} Con[...]
-
Seite 500
27-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP The snmp-server host command specif ies which hosts receive the notif ications. The sn mp-server enable trap command globally enables the mechanism for the specif ied notif ication (for traps and informs). T o enable [...]
-
Seite 501
27-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP Limiting TFTP Servers Used Through SNMP Beginning in pri vileged EXEC mode, follow these steps to limit the TFTP servers used f or saving and loading configurat ion files through SNMP to the servers specif ied in an ac[...]
-
Seite 502
27-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Displaying SNMP Status This example sho ws how to allo w read-only acces s for all objects to members of access list 4 that use the comacces s community strin g. No other SNMP managers hav e access to any objects. SNMP Authentication [...]
-
Seite 503
CH A P T E R 28-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 28 Configuring Network Security with ACLs This chapter describes h ow t o conf igure network securi ty on a Catalyst 2950 or Catalyst 29 55 switch b y using acce ss control lists (A CLs), whic h are al so referred to in commands and tables as access l[...]
-
Seite 504
28-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Understanding ACLs Understanding ACLs Packet f iltering can limit ne twork traf fic and restrict network use by certain users or devices. A CLs can filt er traf fic as it passes through a switch and permit or deny[...]
-
Seite 505
28-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Understanding ACLs A CLs permit or deny packet forwarding based on ho w the packet matches the entries i n the A CL. For example, you can use A CLs to allow one host to acces s a part of a network, but to pre vent[...]
-
Seite 506
28-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Understanding ACLs Note In the first and second A CE s in the examples, the eq keyword after the destinati on addres s means to test for the TCP-destinat ion-port well-kno wn numbers equa ling Simple Mail T ransfe[...]
-
Seite 507
28-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Understanding ACLs – UDP (Y ou can specify a UDP source, destination port number , or both at the same time.) Note A mask can be a combination of either multiple Layer 3 and Layer 4 fields or of multiple Layer 2[...]
-
Seite 508
28-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs – Fast Ethernet ports support up to 75 A CEs per 1 A CL across a range of 8 Fast Eth ernet ports. This means that ports 1 to 8 support a combined to tal of 75 A CEs, ports 9 to 16 support a comb[...]
-
Seite 509
28-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Unsupported Features The switch does not support these Ci sco IOS router A CL-related features: • Non-IP protocol A CLs (see Ta b l e 28-2 on page 28-8 ) • Bridge-group A CLs • IP accounting[...]
-
Seite 510
28-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs Note In addition to num bered standard and e xtended A CLs , you can also create named standard and extended IP A CLs by using the supported numbers. That i s, the name of a standard IP A CL can b[...]
-
Seite 511
28-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Beginning in pri vileged EXEC mode, follow these steps to create a numbered standard IP A CL: Use the no access-list access-list-number global conf iguration command to delete th e entire A CL. Y [...]
-
Seite 512
28-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs Creating a Numbered Extended ACL Although standard A C Ls use only source addresses for matching, you can use an e xtended AC L source and destination addresses for mat c hing operations and op t[...]
-
Seite 513
28-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Note For information about creating A CLs to apply to management interfaces, see th e “Configuri ng IP Services” section of Cisco IOS IP and IP Routing Conf igurati on Guide, Release 12.1 and[...]
-
Seite 514
28-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs Use the no access-list access-list-number global configuration command to delete the entire access list. Y ou cannot delete individ ual A CEs from numbered access lists. This exampl e show s how [...]
-
Seite 515
28-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Creating Named Standard and Extended ACLs Y ou can identify IP A CLs with an alphanumeric string (a name) rather than a n umber . Y ou can use named A CLs to configure more IP access lists on a s[...]
-
Seite 516
28-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs When making the standard and ext ended A CL, remember that, by default, the end of the A CL contains an implicit deny statement fo r ev erything if it did not find a match b efore reaching the en[...]
-
Seite 517
28-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs • Y ou can control logging messages. A CL entries can log traf fic at certain times of the d ay , bu t not constantly . Therefore, you can simply deny access without h aving t o analyze many lo[...]
-
Seite 518
28-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs time-range entry: new_year_day_2000 (inactive) absolute start 00:00 01 January 2000 end 23:59 01 January 2000 time-range entry: thanksgiving_2000 (inactive) absolute start 00:00 22 November 2000 [...]
-
Seite 519
28-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Switch(config)# access-list 1 permit 171.69.2.88 Switch(config)# access-list 1 remark Do not allow Smith workstation through Switch(config)# access-list 1 deny 171.69.3.13 For an entry in a named[...]
-
Seite 520
28-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs This example sh ows ho w to create and display an access list named ma c1 , denying o nly EtherT ype DECnet Phase IV traff ic, but per mitting all oth er types of traf fic. Switch(config)# mac ac[...]
-
Seite 521
28-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Applying ACLs to Terminal Lines or Physic al Interfaces Applying ACLs to Terminal Lines or Physical Interfaces Note Before applying an A CL to a physical interface, see the “Guidelines for Applying A CLs to Phy[...]
-
Seite 522
28-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Displaying ACL Information Applying ACLs to a Physical Interface Beginni ng in pri vileged EXEC mod e, follo w thes e steps to control access to a Layer 2 interface: This exampl e show s how to apply access list [...]
-
Seite 523
28-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Displaying ACL Information Beginning in pri vileged EXEC mode, follow these steps to display access lists: This example sho ws all standard and extended A CLs: Switch# show access-lists Standard IP access list 1 [...]
-
Seite 524
28-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Examples for Co mpiling ACLs Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is permit Any Inbound access list is 13 [...]
-
Seite 525
28-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Examples for Compiling ACLs Figur e 28-2 Using Switch ACLs t o Contr ol T raf fic This example uses a standard A C L to allow access to a specific Internet host with the address 172.20.128 .64. Switch(config)# ac[...]
-
Seite 526
28-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Examples for Co mpiling ACLs Numbered ACL Examples This example sho ws that the switch accepts addresses on network 36.0.0.0 subnets and denies all pack ets coming from 56.0.0.0 subnets. Th e A CL is then applied[...]
-
Seite 527
28-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Examples for Compiling ACLs Switch(config)# access-list 100 deny host 171.69.3.85 any eq www Switch(config)# access-list 100 remark Do not allow Smith to browse the web Switch(config)# access-list 100 deny host 1[...]
-
Seite 528
28-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Examples for Co mpiling ACLs[...]
-
Seite 529
CH A P T E R 29-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 29 Configuring QoS This chapter describe s ho w to configure quality of serv ice (QoS) by using automatic-QoS (auto-Q oS) commands or by using standard QoS commands. W ith QoS, you can gi ve preferential treatment to certain types of traf fic at the e[...]
-
Seite 530
29-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understandi ng QoS Y ou can also use these wizards to conf igure QoS only if your swit ch is running the EI: • Priority data wizard—Lets you assign priori ty lev els to data application s based on their TCP or UDP ports. It has a sta[...]
-
Seite 531
29-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understanding Qo S Layer 3 IP pack ets can carry a Dif ferentiated Serv ices Code Point (DSCP) v alue. The supported DSCP v alues are 0, 8, 10, 16, 18, 24, 26, 32, 34, 40, 46, 48, and 56. Figur e 29-1 QoS Classification Layers in F rames[...]
-
Seite 532
29-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understandi ng QoS • Marking e valuates the policer and conf iguration informat ion for the action t o be taken when a packet is out of prof ile and decides what to do with the packet (pass through a pack et without modif ication, mark[...]
-
Seite 533
29-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understanding Qo S The trust DSCP conf iguration is meanin gless for non-IP traf fic. If you conf igure a port with this option and non-IP traf fic is recei ved, the switch assigns the def ault port CoS v alue and classifies traf fic bas[...]
-
Seite 534
29-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understandi ng QoS Classification Based on Cl ass Maps and Policy Maps A class map is a mechanism that y ou use to isolate and name a specif ic traff ic flow (or class) from all other traf fic. The cl ass map def ines the criteria used t[...]
-
Seite 535
29-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understanding Qo S • Only one policer can be applied to a pack et in the input direct ion. • Only the av erage rate and committed burst p arameters are configurable. • Policing occurs on the ingress interf aces: – 60 policers are[...]
-
Seite 536
29-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understandi ng QoS Port Priority Frames receiv ed from use rs in the administrati vel y defined VLANs are classified or tagged for transmission to other de vices. Based on rules that you define, a uni que identif ier (the tag) is inserte[...]
-
Seite 537
29-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Y o u can enable the egress expedite queue and assi gn WRR weights to the other queues b y using the wrr -queue bandwidth weight1 weight 2 weight3 0 global conf iguration command. Configuring Auto-QoS Note This featu[...]
-
Seite 538
29-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Ta b l e 29-3 lists the generated au to-QoS conf iguration for the egress queues. When you enable the auto-QoS feature on the first interface, these automatic actions occur: • When you enter the auto qos voip cisc[...]
-
Seite 539
29-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Effects of Auto-QoS on the Configuration When auto-QoS is enabled, the auto qos voip interface conf iguration command and t he generated confi guration are added to the running conf iguration. The switch applies the[...]
-
Seite 540
29-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Configuration Guidelines Before conf iguring auto-QoS, you sh ould be aw are of this informati on: • In releases earlier than Cisco IOS R elease 12.1( 20)EA2, auto-QoS conf igures the switch for V oIP only with Ci[...]
-
Seite 541
29-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Enabling Auto-QoS for VoIP Beginning in pri vileged EXEC mode, follow these steps to enable auto-QoS for V oIP within a QoS domain: T o disable auto-QoS on the switch an d return to the def ault port trust state set[...]
-
Seite 542
29-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Displaying Auto-QoS Information Switch(config)# interface gigabitethernet0/1 Switch(config-if)# auto qos voip trust Displaying Auto-QoS Information T o display the initial au to-QoS confi guration, use the sho w auto qos [ interfa ce [ [...]
-
Seite 543
29-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Auto-QoS Configuration E xample Figur e 29-3 A uto-QoS Configur at ion Example Networ k The intelligent wiring clo sets in Figure 29-3 are composed of Catalyst 2950 switches running the EI and Catalyst 3550 switches. The object of this [...]
-
Seite 544
29-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Beginni ng in priv ileged EXEC mode, follo w these steps to configur e the switch at the edge of the QoS domain to prioritize t he V oIP traff ic over all other traf fic: Configuring Standard QoS Before conf ig[...]
-
Seite 545
29-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S Note If your switch is running the SI, y ou can confi gure only the features descri bed in the “ Conf iguring Classification Usin g Port T ru st States ” and the “ Configuri ng the Egress Queues ” secti[...]
-
Seite 546
29-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS • Y ou must disable the IEEE 802.3x flo wcontrol on all ports befo re enabling QoS on the switch. T o disable it, use the flowcontrol r eceive off and flowcontr ol send off interface conf iguration commands. [...]
-
Seite 547
29-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S Configuring Classification Using Port Trust States This section descri bes ho w to classify incoming t raf fic b y using port trust states: • Config uring the T rust State on Ports within the QoS Domain, p ag[...]
-
Seite 548
29-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS T o return a port to its untrusted st ate, use the no mls qos trust interf ace configuration command. For information on ho w to change the default CoS v alue, see the “Configuring the CoS V alue for an Inter[...]
-
Seite 549
29-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S T o return to the default setting, use t he no mls qos cos { default-cos | ov erride } interface conf iguration command. Configuring Trusted Boundary In a typical net work, you connect a Cisco IP Ph one to a sw[...]
-
Seite 550
29-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS trusted boundary feature di sables the trusted setting on the swi tch port and pre vents misuse of a high-priority queue. No te that the trusted boundary fe ature is no t effect iv e if the PC and Cisco IP Phon[...]
-
Seite 551
29-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S Enabling Pass-Through Mode In software releases ear lier th an Cisco IOS Release 12.1(11)EA1, the switch is in pass-thr ough mode. It uses the CoS value of incoming pack ets without modifyi ng the DSCP v alue a[...]
-
Seite 552
29-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Configuring a QoS Policy Note This feature is a v ailable only if your swit ch is running the EI. Config uring a QoS polic y typically requires classifying t raff ic into classes, conf iguring policies appli ed[...]
-
Seite 553
29-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S For more inf ormation about creating I P standard A CLs, see the “Guidelines for Applying A CLs to Physical Interf aces” section on page 28-5 . T o delete an A CL, use the no access-list access-list-number [...]
-
Seite 554
29-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Beginning in priv ileged EXEC mode, foll ow these steps to create an IP exten ded A CL for IP traf fic: Command Purpose Step 1 configur e terminal Enter global conf iguration mode. Step 2 access-list access-lis[...]
-
Seite 555
29-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S For more inf ormation about creating I P extended A CLs, see the “Guidelines for Apply ing A CLs to Physical Interf aces” section on page 28-5 . T o delete an A CL, use the no access-list access-list-number[...]
-
Seite 556
29-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS This example sho ws how to create a Layer 2 MA C A C L with a permit statement. The statement allo ws traf fic from the host with MA C address 0001.0000.0001 to th e host with MA C address 0002.0000.0001. Switc[...]
-
Seite 557
29-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S T o delete an existing class map, use the no class-map class-map-name global co nfiguration command. T o remove a match criterion , use the no match { access-group acl-inde x | name acl-name | ip dscp } class-m[...]
-
Seite 558
29-30 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Beginni ng in pri vileged EXEC mode, follow these steps to create a polic y map: Command Purpose Step 1 configur e terminal Enter global conf iguration mode. Step 2 access-list acces s-list-number permit { sour[...]
-
Seite 559
29-31 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S T o delete an existing polic y map, use the no policy-map policy-map-name global configuration command. T o delete an existin g class map, use the no class class-map-name poli cy-map co nfigu ration command. T [...]
-
Seite 560
29-32 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Switch(config)# access-list 1 permit 10.1.0.0 0.0.255.255 Switch(config)# class-map ipclass1 Switch(config-cmap)# match access-group 1 Switch(config-cmap)# exit Switch(config)# policy-map flow1t Switch(config-p[...]
-
Seite 561
29-33 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S If these v alues are not appropriate for your network, you need to modify them. Beginni ng in pri vileged EXEC mod e, follo w these steps to modify the CoS-to-DSCP map: T o return to the default map, use the no[...]
-
Seite 562
29-34 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS If these v alues are not appropriate for your network, you need to modify them. Beginning in pri vileged EXEC mode, foll ow th ese steps to modify the DSCP-to-CoS map: T o return to the default map, u se the no[...]
-
Seite 563
29-35 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S Configuring the Egress Queues Note This feature is supported b y both the SI and EI. This section describes how to conf igure the egress queues: • Config uring CoS Priority Qu eues, page 29-35 • Config urin[...]
-
Seite 564
29-36 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Displaying Stan dard QoS Information T o disable the WRR scheduling and enable the strict priorit y scheduling, use the no wrr -queue bandwidth global conf iguration command. T o enable one of the queues as the expedite queue and to ena[...]
-
Seite 565
29-37 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Standard QoS Co nfiguration Examples Standard QoS Configuration Examples Note These examples are applicable only if your switch is runni ng the EI. This section sho ws a QoS migration path to help you quickly implement QoS features b as[...]
-
Seite 566
29-38 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Standard Q oS Configuration Examp les Figur e 29-5 QoS Configuration Example Networ k QoS Configuration for the Existing Wiring Closet Figure 29-5 sho ws an existing wir ing closet with Cata lyst 2900 XL and 3500 XL switches, for exampl[...]
-
Seite 567
29-39 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Standard QoS Co nfiguration Examples For the Catalyst 29 00 and 3500 XL switches, CoS conf ig ures each transmit p ort (the egress port ) with a normal-priority tr ansmit queue and a high-pr iority transmit queue, depend ing on the fram[...]
-
Seite 568
29-40 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Standard Q oS Configuration Examp les Step 18 show class-map videoclass show policy-map v ideopolicy show mls qos maps [ cos-dscp | dscp-cos ] V erify your entries. Step 19 copy running-conf ig startup-conf ig (Optional) Save your entri[...]
-
Seite 569
CH A P T E R 30-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 30 Configuring EtherChannels This chapter descri bes how to conf igure EtherChan nel on the Layer 2 interfaces of a Catalyst 2950 or Catalyst 29 55 switch. This chapter consists of these sections: • Understanding EtherChannels, page 30 -1 • EtherC[...]
-
Seite 570
30-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Understanding EtherChannels Figur e 30-1 T ypica l EtherChannel Configuration Each EtherChannel can consist of up to eight compat i bly conf igured Ethernet int erfaces. All in terfaces in each EtherChannel must be the same sp[...]
-
Seite 571
30-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Understanding EtherCh annels Understanding Port-Channel Interfaces When you create an EtherChannel for Layer 2 interfa ces, a log ical interface is dynamically created, as sho wn in Figu re 30-2 . Y ou then manually assign an [...]
-
Seite 572
30-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Understanding EtherChannels PAgP and LACP Modes Ta b l e 30-1 shows th e user -config urable EtherChannel modes for th e channel-gr oup interface configuration command. Switch interfaces exchan ge P AgP packets only w ith part[...]
-
Seite 573
30-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Understanding EtherCh annels Exchanging LACP Packets Both the active and passive LA CP modes allow interf aces to negotiate with partner interf aces to determine if the y can form an EtherChannel based on criteria such as inte[...]
-
Seite 574
30-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Understanding EtherChannels EtherChannel On Mode EtherCha nnel on mode can be used to manually configur e an EtherChannel. The on mode forces a port to join an EtherChannel without negotiations. It can be usefu l if the remote[...]
-
Seite 575
30-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Configuring EtherChann els Figur e 30-3 Load Distr ibution and F orwar ding Methods Use the option that provides the greatest variety in your conf iguration. F or example, i f the traf fic on a channel is going only to a singl[...]
-
Seite 576
30- 8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Configuring Et herChannels Default EtherChannel Configuration Ta b l e 30-2 shows the default EtherChannel configuration. EtherChannel Configuration Guidelines If improperly conf igured, some EtherChannel ports ar e automatic[...]
-
Seite 577
30-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Configuring EtherChann els • An EtherChannel supports the same al lo wed rang e of VLANs on all the int erfaces in a trunking Layer 2 EtherChannel. When conf iguring an interf ace for P AgP , if the allowed range of VLANs is[...]
-
Seite 578
30-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Configuring Et herChannels Step 4 channel-group c hannel-gr oup-number mode {{ auto [ non-sil ent ] | desirable [ non-silent ] | on } | { active | passi ve }} Assign the port t o a channel group, and specify the P AgP or LA C[...]
-
Seite 579
30-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Configuring EtherChann els T o remove a po rt from the EtherChannel gro up, use the no channel-gr oup interface configuration command. If you delete the EtherChannel b y using the no interface port-channel global conf igurati[...]
-
Seite 580
30-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Configuring Et herChannels T o return EtherChannel load balancing t o the default con figurat ion, use the no port-channel load-balance global conf iguration command. Configuring the PAgP Learn Method and Priority Network de [...]
-
Seite 581
30-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Configuring EtherChann els Configuring Hot Standby Ports When enabled, LA CP tries to configure the maximu m num ber of LA CP-compatible ports in a channel, up to a maximum of 16 po rts. Only eight LA CP links can be acti ve [...]
-
Seite 582
30-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Displaying Ether Channel, PAgP, and LACP Status Displaying EtherChannel, PAgP, and LACP Status Y o u can use the privileged EXEC command s described in Ta b l e 30-3 to display EtherChannel, P A gP , and LA C P status informa[...]
-
Seite 583
CH A P T E R 31-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 31 Troubleshooting This chapter describes ho w to identify and resolve Catalyst 2950 and Catal yst 2955 software probl ems related to the Cisco IOS softw a re. Depending on the nature of the problem, you can use t he command-line interface (CLI ), the[...]
-
Seite 584
31-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Recovering from a Software Failure Switch software can be corrupted during an upgrad e, by do wnloading the wrong f ile to the switch, and by deleting th e image file. In all of these cases, th e switch does n[...]
-
Seite 585
31-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s flash_init load_helper boot Step 5 Initialize the flash f ile system: switch: flash_init Step 6 If you had set the consol e port speed to an ything othe r t han 9600, it has been reset to that p articular spee[...]
-
Seite 586
31-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Step 16 Return to pri vileged EXEC mode: switch(config)# exit switch# Step 17 Write the running conf iguration to the startup conf iguration file: switch# copy running-config startup-config The new password is[...]
-
Seite 587
31-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s Password Recovery with Password Recovery Enabled If the password-recov ery mechanism is enabled, this message appears: The system has been interrupted prior to initializing the flash file system. The following[...]
-
Seite 588
31-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Step 11 Change the password: Switch (config)# enable secret password The secret password can be from 1 to 25 alphanumer ic characters, can start with a number , is case sensitiv e, and allows spaces but ignore[...]
-
Seite 589
31-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s Step 2 Load any helper files: Switch: load_helper Step 3 Display the contents of flash memory: switch: dir flash: The switch file system appears in the directory . Step 4 Boot the sy stem: Switch: boot Y ou ar[...]
-
Seite 590
31-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Note The break key character is dif fer ent for each operating system. On a SUN work statio n running UNIX, Ctrl-C i s the break ke y . On a PC running W indo ws 2000, Ctrl-Break is the break k ey . Cisco T A [...]
-
Seite 591
31-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s Step 8 Display the contents of flash memory as in thi s example: switch# dir flash: Directory of flash:/ The switch file system appears in the directory . Step 9 Rename the conf iguration file t o config.te xt[...]
-
Seite 592
31-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Recovering from a Command Switch Failure This section describes ho w to recov er from a failed command switch. Y ou can configure a redundant command switch group b y using the Hot Standby Router Prot ocol (H[...]
-
Seite 593
31-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s Step 8 Return to pri vileged EXEC mode. Switch(config)# end Switch# Step 9 Use the manufa cturing defau lt confi guration, or set up th e switch through the man agement module. Step 10 Use the setup program t[...]
-
Seite 594
31-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Replacing a Failed Command Sw itch with Another Switch T o replace a failed command switch with a switch that is command-capable but not part of the cluster , follo w these steps: Step 1 Disconnect the comman[...]
-
Seite 595
31-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Preventing Auto nego tiation Mismatches Step 10 When prompted for the enable secr e t and enable passwo rds, enter the passwords of the failed comm and switch again. Step 11 When prompted, make sure to enable the swit ch as the cluster[...]
-
Seite 596
31-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting GBIC and SFP Module Security and Identification Note If a remote de vice does not autone gotiate, conf igure the duplex settings on the tw o ports to match. The speed parameter can adjust itself e ven if the connected port does n ot au[...]
-
Seite 597
31-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Diagnosing Connec tivity Problems • Destination unreachable—If the default gate wa y cannot reac h the sp ecified network, a destination-unr each able message is returned. • Network or host un reachable—If there is n o entry in[...]
-
Seite 598
31-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Diagnosing Co nnectivity Problems Using Layer 2 Traceroute This section descri bes this information: • Understanding Layer 2 T raceroute, page 31-16 • Usage Guidelines, page 31-16 • Displaying the Physical Path, page 31-17 Unders[...]
-
Seite 599
31-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Diagnosing LR E Connection Problems – If an ARP entry e xists for th e specified IP addr ess, the switch uses th e associated MA C address and identifies the ph ysical path. – If an ARP entr y does not exist, the switch sends an AR[...]
-
Seite 600
31-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using De bug Commands Using Debug Commands This section e xplains how you use the deb ug commands to diagnose and resolv e internetworking problems. It contains this information: • Enabling Debugging o n a Specific Feature, page 31- [...]
-
Seite 601
31-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Debug Command s Caution Because debugg ing output is assigned high prio rity in the CPU process, it can render the syst em unusable. For thi s reason, use debug comm ands only to troubleshoot sp ecific pro blems or during trouble[...]
-
Seite 602
31-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using De bug Commands The no debug all p rivile ged EXEC command disables all diagnostic output. Usi ng the no debug all command is a con venient way to en sure that you ha ve no t accidentally left any debug commands enabled. Redirect[...]
-
Seite 603
31-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using the show controlle rs Commands For more inf ormation about auto-QoS , see the “Conf iguring Auto-QoS” section o n page 29-9 . This example sho ws how to displa y the QoS commands that are automa tically generated wh en auto-Q[...]
-
Seite 604
31-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using the cr ashinfo File The information in the f ile includes the software imag e name and v ersion that failed , a dump of the processor registers, and a stack trace. Y ou can giv e this information to the technical support represen[...]
-
Seite 605
A-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 APPENDIX A Supported MIBs This appendix lists t he supported MIBs for this release. It contains these sections: • MIB List, page A-1 • Using FTP to Access the MIB Files, page A-3 MIB List Note The Cataly st 2955 switch supp orts the ENTI TY -MIB, CISCO-ENVMON-[...]
-
Seite 606
A-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix A Supported MIBs MIB List • CISCO-P AE-MIB • CISCO-P A GP-MIB • CISCO-PING-MIB • CISCO-POR T -SECURITY - MIB • CISCO-PR OCESS-MIB • CISCO-PR ODUCTS-MIB • CISCO-R TTMON-MIB (subsystems supported : sub_rtt_rmo n and sub_rtt_rmonli b) • CISCO-[...]
-
Seite 607
A-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix A Supported MIBs Using FTP to Access the MIB Files Note The IF-MIB and the CISCO-IETF-VDSL-LINE-MIB ar e supported as read-only MI Bs for the Fast Ethernet interfaces on the CPE devices. Using FTP to Access the MIB Files Y ou can get each MIB file b y usi[...]
-
Seite 608
A-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix A Supported MIBs Using FTP to A ccess the MIB Files[...]
-
Seite 609
B-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 APPENDIX B Working with the Cisco IOS File System, Configuration Files, and Software Images This appendix describes ho w to manipulate the 2950 or 2955 flash file system, how to cop y conf iguration files, and how to archi ve (upload and do wnload) software images[...]
-
Seite 610
B-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with the Flash File System Displaying Available File Systems T o display the available f ile sy stems on your sw itch, use the show f ile systems pri vileged EX EC[...]
-
Seite 611
B-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with the Flash File Syste m Setting the Default File System Y o u can specify the file system or di rectory that the system uses as th e default file system by usi[...]
-
Seite 612
B-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with the Flash File System Creating and Removing Directories Beginning in pri vileged EXEC mode, foll ow th ese steps to create and remo ve a directory: T o delete[...]
-
Seite 613
B-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with the Flash File Syste m Local writable f ile systems include flash:. Some in valid comb inations of source and destination e xist. Specifically , you cannot co[...]
-
Seite 614
B-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with the Flash File System For destination-u rl , specify the de stination URL al ias for the lo cal or network f ile system and the name of the tar file to create[...]
-
Seite 615
B-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files Extracting a tar File T o extract a tar file into a di rectory on the flash f ile system, use the privile ged EXEC command: archiv e tar [...]
-
Seite 616
B-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files • T o use the confi guration f ile for another switch. F or example, yo u might add another sw itch to your network an d want it to hav [...]
-
Seite 617
B-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files confi guration f ile is a mixture of the e xisting conf iguration f ile and the copied config uration f ile, with the copied configuratio[...]
-
Seite 618
B-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files Preparing to Download or Upload a Configuration File By Using TFTP Before you be gin do wnloading or uploading a conf iguration file b y [...]
-
Seite 619
B-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files This example sho ws how to conf igure the software from t he file tok yo-confg at IP address 172.16.2.1 55: Switch# copy tftp://172.16.2[...]
-
Seite 620
B-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files The username and password must be associat ed with an account on the FTP server . If you are writing to the server , the FTP server must [...]
-
Seite 621
B-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files This example sho ws how to cop y a config uration f ile named host1-confg from the netadmin1 dir ectory on the remo te server with an IP[...]
-
Seite 622
B-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files This examp le shows ho w to copy the running co nfigur ation file named switch2-conf g to the netadmin1 directory on the remote host with[...]
-
Seite 623
B-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files • The username set by the ip rcmd r emote-username username global conf iguration command if the command is conf igured. • The remot[...]
-
Seite 624
B-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files Downloading a Configuration File By Using RCP Beginni ng in pri vileged EXEC mod e, follo w these steps to do wnload a conf iguration fil[...]
-
Seite 625
B-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files Uploading a Configuration File By Using RCP Beginning in pri vileged EXEC mode, follow these st eps to upload a configuration file b y u[...]
-
Seite 626
B-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images Caution Y ou cannot restore the startup conf iguration file after i t has been deleted. Deleting a Stored Configuration File T o delete a s[...]
-
Seite 627
B-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Y o u can use the s how ve rsio n pri vileged EXEC command to see the software v ersion that is currently running on your swit ch. In the dis[...]
-
Seite 628
B-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images Copying Image Files By Using TFTP Y ou can download a switch image fro m a TFTP serv er or upload the image from the switch to a TFTP serve[...]
-
Seite 629
B-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Downloading an Image File By Using TFTP Y o u can do wnload a new image f ile and repla ce the current image or keep the current image. Begin[...]
-
Seite 630
B-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images If you specify the /lea ve-old-sw , the existing f iles are not remo ved. If there is not enou gh space to install the ne w image and k eep[...]
-
Seite 631
B-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Y o u do w nload a switch image file from a server to upgrade the switch software. Y ou can overwrite the current im age with the ne w one or[...]
-
Seite 632
B-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images username global configuration command. This ne w name will be used during all archive operations. The new username is stored in NVRAM. If y[...]
-
Seite 633
B-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images The do wnload algorith m verif ies that the image is appropriate for the switch model and th at enough DRAM is present, or it stops the proce[...]
-
Seite 634
B-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images The archiv e upload-sw command bui lds an image file on t he server b y uploading these fil es in order: info, the Cisco IOS image, the HTM[...]
-
Seite 635
B-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Preparing to Download or Upload an Image File By Using RCP RCP provid es another method of do wnloading and up loading image f iles between r[...]
-
Seite 636
B-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images If the switch IP address translates to Switch 1.company .com , the .rhosts file for User0 on the RCP server should contain t his line: Swit[...]
-
Seite 637
B-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images The do wnload algorith m verif ies that the image is appropriate for the switch model and th at enough DRAM is present, or it stops the proce[...]
-
Seite 638
B-30 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images The algorithm instal ls the do wnload ed image onto the system board flas h de vice (flash:). The image is placed in a new directory named [...]
-
Seite 639
B-31 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images The archiv e upload-sw privile ged EXEC command builds an image f ile on the server by uploadin g these files in order: info, the Cisco IOS i[...]
-
Seite 640
B-32 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images[...]
-
Seite 641
IN-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 INDEX Numerics 802.1Q and trunk po rts 10-2 encapsulation 16-14 802.3x flow co ntrol 10-13 A abbreviating commands 2-4 AC (command switch) 6-9 access-class command 28-19 access control entries See ACEs access control lists See ACLs access control parameter See AC[...]
-
Seite 642
Index IN-2 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 ACLs (continued) IP creating 28-7 implicit deny 28-9, 28-12, 28-14 implicit masks 28-9 management interfaces, applying to 28-19 matching criteria 28-2, 28-7 named 28-13 physical interfaces, applying to 28-20 undefined 28-18, 28-20 virtual terminal lines, set[...]
-
Seite 643
Index IN-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 authentication (continued) RADIUS defined 8-17 key 8-21 login 8-23 TACACS+ defined 8-11 key 8-13 login 8-14 See also port-based authentication authentication failed VLAN See restricted VLAN authoritative time so urce, described 7-2 authorization with RADIUS[...]
-
Seite 644
Index IN-4 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 BPDU guard (continued) support for 1-5 broadcast storm control See storm control C cables, monitoring for unidirect ional links 22-1 candidate switch automatic discovery 6-5 defined 6-4 requirements 6-4 See also command switch, cluster stand by group, and me[...]
-
Seite 645
Index IN-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 CiscoWorks 2000 1-10, 27-4 class maps for QoS configuring 29-28 described 29-6 displayin g 29-36 class of service See CoS clearing interfaces 10-16 CLI abbreviating commands 2-4 command modes 2-1 described 1-9 editing features enabling and disabling 2-6 key[...]
-
Seite 646
Index IN-6 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 command switch accessing 6-10 active (AC) 6-9 configuration conflicts 31-13 defined 6-2 passive (PC) 6-9 password privi lege levels 6-14 priority 6-9 recovery from command-switch failure 6-9 from failure 31-10 from lost member connectivity 31-13 redundant 6-[...]
-
Seite 647
Index IN-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 configuring (continued) or an LRE upgrade 12-23 LRE ports 12-8 speed on Cisco 575 LRE CPE 12-11 Configuring a Restricted VLAN 9-24 config-vlan mo de 2-2, 16-6 conflict s, configurat ion 31-13 connections, secure remote 8-33 connectivity problems 31-14 consi[...]
-
Seite 648
Index IN-8 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 default configuration (continued) MSTP 14-11 MVR 20-17 NTP 7-4 optional span ning-tree features 15-13 password and p rivilege level 8-2 port security 21-8 QoS 29-17 RADIUS 8-20 RMON 25-3 RSPAN 24-7 SNMP 27-5 SPAN 24-7 storm control 21-2 STP 13-11 system mess[...]
-
Seite 649
Index IN-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 DHCP snooping (continued) option 82 da ta insertion 19-3 trusted interfac e 19-2 untrusted interface 19-2 untrusted messages 19-2 DHCP snooping binding database described 19-2 displayin g 19-8 entries 19-2 DHCP snooping binding tabl e See DHCP snooping bind[...]
-
Seite 650
Index IN-10 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 egress port scheduling 29-8 enable password 8-4 enable secret password 8-4 encapsulation 29-8 encryption for pa sswords 8-4 environment variables function of 4-17 location in F lash 4-16 error messages during command entr y 2-5 setting the display destin at[...]
-
Seite 651
Index IN-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 files (continued) tar creating B-5 displaying t he contents of B-6 extracting B-7 image file fo rmat B-19 files, cras hinfo description 31-21 displaying t he contents of 31-22 file system displaying availabl e file systems B-2 displayin g file informat ion[...]
-
Seite 652
Index IN-12 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 HSRP automatic cluster recovery 6-11 cluster standby group consi derations 6-10 See also clusters, cluster standby group, and standby command switch I ICMP ping executing 31-15 overview 31-14 IE2100 described 1-9 support for 1-4 IEEE 802.1D See STP IEEE 802[...]
-
Seite 653
Index IN-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 interfaces (continued) configuring 10-5 configuring dupl ex mode 10-10 configuring speed 10-10 counters, clearing 10-16 described 10-14 descriptive nam e, adding 10-14 displayin g information a bout 10-16 flow control 10-13 monitoring 10-15 naming 10-14 ph[...]
-
Seite 654
Index IN-14 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 L LACP See EtherChannel Layer 2 frames, classification with CoS 29-2 Layer 2 interfaces, default configu ration 10-9 Layer 2 traceroute and ARP 31-16 and CDP 31-16 described 31-16 IP addresses and subnets 31-16 MAC addresses and VLANs 31-16 multicast traffi[...]
-
Seite 655
Index IN-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 LRE ports (continued) rate selection described 12-14 sequence s 12-5 troubleshooting 31-17 LRE profiles assigning global pro files 12-13 port sequences 12-13 private p rofiles 12-12 public profiles 12-12 considerations 12-10 described 12-2 rate selection 1[...]
-
Seite 656
Index IN-16 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 member switch automatic discovery 6-5 defined 6-2 passwords 6-12 recovering from lost connectivity 31-13 requirements 6-4 See also candidate switch, cluster standby group, and standby command switch message logging, LRE 12-7 metropolitan-area n etworks See [...]
-
Seite 657
Index IN-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 MSTP (continued) extended system ID effects on root switch 14-14 effects on secondary root switch 14-15 unexpected be havior 14-14 instances supported 13-9 interface state, blocking to forwarding 15-2 interoperability an d compatibility among modes 13-10 i[...]
-
Seite 658
Index IN-18 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Network Assistant (continued) described 1-9 guide mode 1-3 management options 1-2 wizards 1-3 network examples collapsed backbone and switch cluster 1-15 design conc epts cost-effective wiring closet 1-12 high-performance workgroup 1-12 network performance [...]
-
Seite 659
Index IN-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 passwords (continued) setting enable 8-3 enable secret 8-4 Telnet 8-6 with usernames 8-7 VTP domain 17-8 patch pan el 1-17 path cost MSTP 14-17 STP 13-18 PBX 1-16 PC (passive command switch) 6-9 performing an LRE upgrade 12-23, 12-24 persistence, LRE link [...]
-
Seite 660
Index IN-20 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 port-based authentication (continued) initiation and message exchange 9-3 magic pack et 9-11 method lists 9-15 multiple-hosts mode, described 9-5 ports authorization state and d ot1x port-control command 9-4 authorized and u nauthorized 9-4 port security, m[...]
-
Seite 661
Index IN-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 private VL AN edge ports See protected ports privileged EXEC mode 2-2 privilege levels changing the default for li nes 8-9 command switch 6-14 exiting 8-10 logging into 8-10 mapping on member switch es 6-14 overview 8-2, 8-8 setting a command wi th 8-8 pro[...]
-
Seite 662
Index IN-22 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 QoS (continued) configuring auto-QoS 29-9 class maps 29-28 CoS and WRR 29-35 default port CoS v alue 29-20 egress queu es 29-35 IP extended ACLs 29-26 IP standard ACLs 29-24 MAC ACLs 29-27 policy maps 29-29 port trust states within th e domain 29-19 QoS pol[...]
-
Seite 663
Index IN-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 RADIUS (continued) identifying the server 8-20 in cluste rs 6-13 limiting the servi ces to the user 8-27 method list, defined 8-20 operation of 8-19 suggested ne twork environment s 8-18 tracking services accessed by user 8-28 range macro 10-7 of interface[...]
-
Seite 664
Index IN-24 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 RFC (continued) 2236, IP mult icast and IGMP 20-2 2273-2275, SNMP v3 27-2 RMON default configu ration 25-3 displaying st atus 25-6 enabling alarms and events 25-3 groups supported 25-2 overview 25-1 statistics collecting group Ethernet 25-5 collecting group[...]
-
Seite 665
Index IN-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 servers, BOOTP 1-4 service-provider netw ork, MSTP and RSTP 14-1 set-request operat ion 27-4 settings duplex mode 12-11 speed 12-11 set-top box, televisi on 1-16, 1-19 setup program, failed command swit ch replacement 31-10, 31-12 severity leve ls, definin[...]
-
Seite 666
Index IN-26 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 SNMP (continued) users 27-9 versions supported 27-2 snooping, IGMP 20-1 SNR definition of 12-16 downstream rate requirements 12-16, 12-17 margins 12-16 upstream rate requirements 12-17, 12-18 software, VLAN considerations 17-8 software images location in f [...]
-
Seite 667
Index IN-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 statistics (continued) IEEE 802.1x 9-28 interface 10-16 QoS ingress and egress 29-37 RMON group Ethe rnet 25-5 RMON group hist ory 25-5 SNMP input and out put 27-16 VTP 17-15 sticky learning configuration file 21-7 defined 21-7 disabling 21-7 enabling 21-7[...]
-
Seite 668
Index IN-28 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 STP (continued) interface states blocking 13-5 disabled 13-6 forwarding 13-5, 13-6 learning 13-6 listening 13-6 overview 13-4 interoperability and comp atibility among modes 13-10 limitations with IEEE 802.1Q tr unks 13-10 load sharing overview 16-20 using [...]
-
Seite 669
Index IN-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 system message logging (continued) enabling 26-3 facility keywords, described 26-11 level keywords, descri bed 26-8 limiting messages 26-9 message format 26-2 overview 26-1 sequence numbers, enabling an d disabling 26-7 setting the display dest ination dev[...]
-
Seite 670
Index IN-30 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 traceroute, Layer 2 and ARP 31-16 and CDP 31-16 described 31-16 IP addresses and subnets 31-16 MAC addresses and VLANs 31-16 multicast traffic 31-16 multiple device s on a port 31-17 unicast traffic 31-16 usage guid elines 31-16 traffic blocking flooded 21-[...]
-
Seite 671
Index IN-31 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 UniDirectional Link Detection protocol See UDLD UNIX syslog servers daemon configuration 26-10 facilities supported 26-11 message logging configurati on 26-11 unrecognized Type-Len gth-Value (TLV) support 17-4 upgrade behavior d etails 12-25 configuring fo[...]
-
Seite 672
Index IN-32 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 VLANs (continued) creating in VLAN configuration mod e 16-9 default configu ration 16-7 deletin g 16-9 described 10-3, 16-1 displayin g 16-13 extended-range 16-11 illustrated 16-2 modifying 16-8 native, configu ring 16-19 normal-range 16-1, 16-4 parameters [...]
-
Seite 673
Index IN-33 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 VTP (continued) disabling 17-12 domain names 17-8 domains 17-2 modes client 17-3, 17-11 server 17-2, 17-9 transition s 17-2 transparent 17-3, 17-12 monitoring 17-15 passwords 17-8 pruning disabling 17-14 enabling 17-14 examples 17-5 overview 17-4 pruning-e[...]
-
Seite 674
Index IN-34 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02[...]