Cisco Systems 2960 Bedienungsanleitung
- Schauen Sie die Anleitung online durch oderladen Sie diese herunter
- 680 Seiten
- 7.98 mb
Zur Seite of
Ähnliche Gebrauchsanleitungen
-
Switch
Cisco Systems MDS 9200
70 Seiten 9.85 mb -
Switch
Cisco Systems 6000
62 Seiten 0.91 mb -
Switch
Cisco Systems 3750E-48PD-F
32 Seiten 2.45 mb -
Switch
Cisco Systems DOC-78-17916
182 Seiten 4.82 mb -
Switch
Cisco Systems N5KC5596TFA
122 Seiten 1.66 mb -
Switch
Cisco Systems 3032
34 Seiten 0.85 mb -
Switch
Cisco Systems WSC2960XR24TDI
18 Seiten 0.21 mb -
Switch
Cisco Systems WSC4500XF32SFP
194 Seiten 7.47 mb
Richtige Gebrauchsanleitung
Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Cisco Systems 2960 an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Cisco Systems 2960, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.
Was ist eine Gebrauchsanleitung?
Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Cisco Systems 2960 die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.
Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Cisco Systems 2960. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.
Was sollte also eine ideale Gebrauchsanleitung beinhalten?
Die Gebrauchsanleitung Cisco Systems 2960 sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Cisco Systems 2960
- Den Namen des Produzenten und das Produktionsjahr des Geräts Cisco Systems 2960
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Cisco Systems 2960
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen
Warum lesen wir keine Gebrauchsanleitungen?
Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Cisco Systems 2960 zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Cisco Systems 2960 und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Cisco Systems finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Cisco Systems 2960 zu überspringen, wie es bei der Papierform passiert.
Warum sollte man Gebrauchsanleitungen lesen?
In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Cisco Systems 2960, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.
Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Cisco Systems 2960 widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.
Inhaltsverzeichnis der Gebrauchsanleitungen
-
Seite 1
Corporate He adquarters Cisc o Syst ems , Inc . 170 West Ta sman Drive San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Catal yst 2960 S witc h S of t w are Conf iguration Guide Cisco IOS R elease 12.2(25 )FX S epte mber 2005 Custome r Order Numb er: DO C-78168 81= Text Pa rt Nu mber: 78-[...]
-
Seite 2
THE SPECIFICATIONS AND INFORMATION REGARDING TH E PRODUCTS IN THIS MANUAL ARE SUBJE CT TO CHANGE WITHOUT NO TICE. ALL STATEMENT S, INFORMATI ON, AND RECOMMENDA TIONS IN T HIS MANUAL ARE BELIEVED TO BE ACCURATE BU T ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED. USERS MUST TA KE FULL RESPONSIBILITY FOR THEIR AP PLICATION OF ANY PR[...]
-
Seite 3
iii Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 CONTENTS Preface xx vii Audienc e xxvii Pur pose xxvi i Conv enti ons xxviii Rela ted Publi cation s xxvi ii Obtain ing Docu mentati on xxix Cisco. com xxix Produc t Documentat ion DVD xx x Orderi ng Documenta tion xxx Document ation F eedback xxx Cisco Pr oduct S ecurit y Overview[...]
-
Seite 4
Cont ent s iv Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Wher e to Go N ext 1-16 CHAPTER 2 Using t he Command -Line I nterface 2-1 Underst anding Comma nd Modes 2-1 Underst anding th e Help Sy stem 2-3 Underst anding Abb reviat ed Commands 2-4 Underst anding no and defa ult Forms of Commands 2-4 Underst anding CL I Erro r Messa[...]
-
Seite 5
Content s v Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Specif ying the Fi lename to Read and Writ e the Syst em Configu ration 3-12 Bootin g Manual ly 3-13 Bootin g a Speci fic Soft ware Image 3-13 Contro lling En viro nment Vari ables 3-14 Schedul ing a Relo ad of the Software I mage 3-1 5 Config urin g a Schedule d Reloa d 3-[...]
-
Seite 6
Cont ent s vi Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 CHAPTER 6 Administ ering the Swit ch 6-1 Managing the System Ti me and Date 6-1 Underst anding th e Syste m Clock 6-2 Underst anding Net work Ti me Protoco l 6-2 Config urin g NTP 6-4 Defaul t NTP Conf igurati on 6-4 Config urin g NTP Authent icatio n 6-5 Config urin g NT[...]
-
Seite 7
Content s vii Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 CHAPTER 7 Configur ing S DM Templates 7-1 Underst anding th e SDM Templa tes 7-1 Config urin g the Switch SDM Templat e 7-2 Defaul t SDM Template 7-2 SDM Templ ate Confi guratio n Guideli nes 7-2 Setti ng the SDM Temp late 7-2 Displa ying the SDM Te mplate s 7-3 CHAPTER 8[...]
-
Seite 8
Cont ent s viii Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Config urin g RADIUS Author ization f or User Pri vilege d Access and Net work Ser vices 8-27 Starti ng RADI US Acco unting 8-28 Config urin g Setting s for All RADI US Servers 8-29 Config urin g the Switch to Use Vend or-Speci fic R ADIUS A ttribu tes 8-29 Config urin [...]
-
Seite 9
Content s ix Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Using IE EE 802. 1x with VLAN Ass ignment 9-8 Using IE EE 802. 1x with Gues t VLAN 9-10 Conf igur ing IEEE 8 02. 1x Au then tic ation 9-10 Defa ult IEEE 8 02.1x Conf igur ation 9-11 IEEE 802 .1x Con figurat ion Guid elines 9-1 2 Config urin g IEEE 802. 1x Authe nticat ion [...]
-
Seite 10
Cont ent s x Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Config urin g IEEE 802. 3x Flo w Control 10-14 Config urin g Auto-MDIX on an Inte rface 10-15 Adding a De scrip tion for an Interf ace 10-16 Config urin g the System MTU 10-1 6 Monitor ing an d Mainta inin g the Inte rface s 10-18 Moni tori ng In terfa ce S tat us 10-18 Cl[...]
-
Seite 11
Content s xi Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Displa ying VLANs 12-1 3 Config urin g VLAN Trunks 12-14 Trunki ng Over view 12-14 IEEE 802 .1Q Conf igurat ion Consi derati ons 12 -15 Defau lt Lay er 2 Et herne t Inte rfac e VLAN Conf igura tion 12-16 Config urin g an Etherne t Inter face as a Trunk Port 12-16 Intera ct[...]
-
Seite 12
Cont ent s xii Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 VTP C onf igurat ion in G lobal Con fig uratio n M ode 13-7 VTP Confi gurati on in VLAN Data base Con figurati on Mode 13-7 VTP Confi gurati on Guid elines 13-8 Domain Names 13-8 Passw or ds 13-8 VTP Versi on 13-8 Config urati on Requir ements 13-9 Config urin g a VTP Se[...]
-
Seite 13
Content s xiii Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 How a Switch or Port Become s the Root Swi tch or Root Port 15-7 Spannin g Tree an d Redundan t Connec tivit y 15-8 Spannin g-Tr ee Address Man agement 15-8 Acceler ated Aging to R etain Connect ivity 15-8 Spannin g-Tr ee Modes and Pro tocols 15-9 Support ed Sp anning- T[...]
-
Seite 14
Cont ent s xiv Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Bridg e Pr otoc ol Da ta U nit F orm at an d Pr oce ssing 16-9 Proces sing Su perior BP DU Informat ion 16-10 Proces sing Inf erior BPDU I nformati on 16-1 0 Topolo gy Chang es 16-10 Config urin g MSTP Feat ures 16-11 Defaul t MSTP Conf igurati on 16-1 1 MSTP Confi gurat[...]
-
Seite 15
Content s xv Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Enabli ng E therChan nel Guard 17-14 Enab ling R oot G uard 17-15 Enab ling L oop G uard 17-15 Displa ying the Sp anning- Tree St atus 17-16 CHAPTER 18 Configur ing F lex Lin ks 18-1 Underst anding Fl ex Links 18-1 Config urin g Flex Lin ks 18-2 Defau lt F lex Link Conf ig[...]
-
Seite 16
Cont ent s xvi Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Config urin g IGMP Snoop ing 20-6 Defaul t IGMP Snoo ping Co nfigura tion 20-6 Enabl ing or Disa blin g IGMP Snoopi ng 20-6 Setti ng the Snoopi ng Meth od 20-7 Config urin g a Multi cast Route r Port 20-8 Config urin g a Host Stati cally to Join a Grou p 20-9 Enabli ng I[...]
-
Seite 17
Content s xvii Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Config urin g a Protect ed Port 21-6 Config urin g Port Bloc king 21-6 Defaul t Por t Bloc king C onfig uratio n 21-6 Blocki ng Floode d Traf fic on an In terface 21-7 Config urin g Port Secur ity 21-7 Underst andi ng Port Secu rity 21-8 Secure MAC Add resses 21-8 Secu r[...]
-
Seite 18
Cont ent s xviii Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 SPAN Confi gurati on Guideline s 23-10 Creati ng a Local SPAN S ession 23-10 Creati ng a Loca l SPAN Sessi on and Confi guring I ncoming Tr affic 23-1 3 Specif ying VLANs t o Filter 23-15 Config urin g RSPAN 23 -16 RSPA N Co nfig urat ion G uide line s 23-16 Config uri[...]
-
Seite 19
Content s xix Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Defaul t Syste m Message Lo gging Conf igurat ion 26-3 Disabl ing Message Loggin g 26-3 Setti ng the Message Displ ay Destina tion Device 26-4 Synchro nizing Log Mes sages 26-5 Enabli ng and Disa blin g Time Stamps on Log Messag es 26 -7 Enabli ng and Disa blin g Sequence[...]
-
Seite 20
Cont ent s xx Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Config urin g IPv4 ACLs 28-4 Creati ng Standar d and Ext ended IPv 4 ACLs 28-5 Access Li st Numbers 28-6 Creati ng a Nu mbered Standar d ACL 28-7 Creati ng a Nu mbered Extend ed ACL 28-8 Reseque ncing ACEs i n an ACL 28-1 2 Creati ng Named Stand ard and Extended ACL s 28-[...]
-
Seite 21
Content s xxi Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Config urin g Auto-QoS 29-19 Generat ed Auto- QoS Confi guratio n 29-19 Effect s of Auto-Q oS on the Co nfigura tion 29-24 Auto-Qo S Conf igurat ion Guideline s 29-24 Enabli ng Auto -QoS for VoI P 29-2 5 Auto-Qo S Conf igurat ion Example 29-26 Displa ying Au to-QoS Inf or[...]
-
Seite 22
Cont ent s xxii Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Config urin g Egress Queu e Chara cteris tics 29-62 Config uration Guidel ines 29-6 2 Alloca ting Buff er Spac e to and Sett ing WTD Thres holds for an Egress Que ue-Se t 29-6 2 Mapping DSC P or CoS Value s to an Egr ess Queue and to a Thresho ld ID 29-64 Config urin g [...]
-
Seite 23
Content s xxiii Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Recover ing from a Comma nd Switch Fa ilure 31-7 Replac ing a Fail ed Command Swit ch with a Clus ter Member 31-8 Replac ing a Fail ed Command Switch with Anoth er Swit ch 31-9 Reco veri ng f rom L ost Clu ster Mem ber C onn ect ivity 31-1 1 Preven ting Au tonegoti atio[...]
-
Seite 24
Cont ent s xxiv Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Copyin g File s B-4 Dele ting F iles B-5 Creati ng, Di splayi ng, and Ext racting tar File s B- 5 Creati ng a tar F ile B-6 Displa ying the Co ntent s of a tar Fi le B-6 Extracti ng a tar F ile B-7 Displa ying the Co ntent s of a File B-8 Working with C onfigur atio n F[...]
-
Seite 25
Content s xxv Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Copyin g Image Fil es By Using RCP B-29 Prepar ing to Download or Upl oad an Image File By Usi ng RCP B-29 Download ing an Im age File By Using RCP B-31 Uploadi ng an Ima ge File By Us ing RCP B-32 APPENDI X C Recommendati ons f or Upgrad ing a Catalys t 2950 Switch to a [...]
-
Seite 26
Cont ent s xxvi Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Span ning Tre e D-4 Unsuppor ted Globa l Conf igurati on Command D-4 Unsuppor ted Inte rfac e Configur ation Co mmand D-4 VLAN D-4 Unsuppor ted Globa l Conf igurati on Commands D-4 Unsuppor ted vlan -conf ig Command D-5 Unsuppor ted User EX EC Commands D-5 VTP D-5 Unsup[...]
-
Seite 27
xxvii Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Preface Audience This gu ide is for the ne tworking profe ssional m ana ging the Cata lyst 29 60 switc h, here after refe rred t o as t he switch . Before using thi s guide, you should have e xperienc e workin g with the Cisco IO S software and be fami liar wit h th e conc epts a[...]
-
Seite 28
xxvii i Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Preface Conv ent ions Conven tions This pu blica tion use s the se conv enti ons to conve y instru ctions and i nforma tion: Command descri ptions use th ese conventions: • Command s and keywords are in boldface te xt. • Arguments fo r which you suppl y values are in italic[...]
-
Seite 29
xxix Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Pre face Obtaining Documentat ion • For cluste r requ ireme nts, see the Release Notes for C isco Network Assistant (no t orderabl e but av ailable on Cisco.co m). • For upgrading i nform ation , see the “D ownloading Soft ware” se ction in th e release notes. Y ou can ord[...]
-
Seite 30
xxx Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Preface Docum entation Fe edback Product Docu mentation DVD Cisco docum entat ion and a dditiona l litera ture ar e av ailable in the Pro duct Do cument ation D VD package , which may have shipped with your pro duct. Th e Produc t Docum entation DVD is updated regula rly and may be[...]
-
Seite 31
xxxi Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Pre face Cisco Pro duct Se curity Ove rview Cisco Product Security Overview Cisco pro vides a free onlin e Security V ulnerability Polic y po rtal at t his URL: http://www .cisco.com/en /US/products/pr oducts_security_ vulnerability_p olicy .html From th is site, you ca n pe rform[...]
-
Seite 32
xxxii Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Preface Obtain ing Techni cal Ass istance Obtaining Tech nical Ass istance Cisco T ech nical Suppo rt provides 24- hour-a-day award-win ning techn ical assistance . The Cisc o T echnica l Support & Docume ntatio n website o n Cisco. com fea tures extensiv e online sup port re[...]
-
Seite 33
xxxii i Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Pre face Obtaining Additional Publications and Information T o ope n a servi ce reque st by telephone , use one of th e following numb ers: Asia-Pacific: +61 2 8446 7411 (Austral ia: 1 800 805 227 ) EMEA: +3 2 2 704 55 55 USA: 1 800 553-2 447 For a complete list of Cisco T A C [...]
-
Seite 34
xxxiv Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Preface Obtainin g Addi tional Pub lications and Informat ion • iQ Magazine is t he quarte rly publ ication fr om Ci sco System s designe d to help gr owing compan ies learn how t hey can u se t echnol ogy to i ncr ease revenue, st reaml ine the ir business , and expand service[...]
-
Seite 35
C HAPTER 1-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 1 Overview This chapte r provides these topics about the Catal yst 2960 switch software: • Feat ures , page 1- 1 • Defa ult Settings After In itial Swi tch Conf iguration, page 1-8 • Network Configu ration E xamples, page 1-11 • Where to Go Next, page 1-16 In th is d[...]
-
Seite 36
1-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Ch apter 1 Over view Feature s Ease -of-Use and Eas e-of- Deployme nt Featur es • Express Se tup for quickly configur ing a swi tch for t he first time with ba sic IP i nforma tion, contac t inform ation, sw itch a nd T eln et passwords, and Sim ple N etwork Manageme nt Prot ocol[...]
-
Seite 37
1-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 Ov erview Features Performa nce Featu res • Autosensi ng of port spe ed and aut onegotiation of duplex mode on all switch por ts for optimi zing bandwidth • Automatic -medium-depende nt interfa ce crossov er (auto-MDIX) capability on 10/1 00 and 10/100/1000 Mbps interfa[...]
-
Seite 38
1-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Ch apter 1 Over view Feature s • CLI—Th e Cisco I OS software suppo rts desktop - and mu ltilaye r-switching fe atures. Y ou can access the CLI e ither by c onnec ting your man agement station direc tly to the sw itch con sole por t or by usi ng T elnet fro m a remote managemen[...]
-
Seite 39
1-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 Ov erview Features • In-band manageme nt access thro ugh SNMP V ersions 1, 2c, and 3 get and set reque sts • Out-of- band mana geme nt access th rough th e switch conso le port to a directly att ached termin al or to a remote term inal through a se rial c onnec tion or [...]
-
Seite 40
1-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Ch apter 1 Over view Feature s VLAN Fea tures • Support for up to 255 VL ANs for assi gning use rs to VLANs assoc iated wit h appro priate ne twork resources, traff ic pat terns, a nd bandw idth • Support for VL AN ID s in the 1 to 4094 range as al lowed by the IEE E 80 2.1Q st[...]
-
Seite 41
1-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 Ov erview Features – Guest VLAN to pr ovide lim ited servi ces to non- IEEE 80 2.1x- compl iant u sers – IEEE 8 02.1x acc ountin g to track netwo rk usage • T A CA CS+, a propri etar y featur e for mana ging network security th rough a T ACA CS ser ver • RADIUS for [...]
-
Seite 42
1-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Ch apter 1 Over view Default Set tings Aft er Initial Swi tch Configurat ion • Egress q ueues a nd sche duling – Four egress que ues p er port – WTD as the co ngesti on-a v oidance me chanism f or managi ng the queue lengths and pro viding drop pr ecedenc es for d if ferent t[...]
-
Seite 43
1-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 Ov erview Default Settings After Initial Switch Configuration If you do not co nfigure the switc h at all, t he switch operate s with the se default sett ings: • Default swi tch IP addre ss, subnet mask , and defaul t gateway is 0.0.0.0. For more in formati on, see Chapte[...]
-
Seite 44
1-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Ch apter 1 Over view Default Set tings Aft er Initial Swi tch Configurat ion • For STP , PVST+ is enabl ed on VLAN 1 . For m ore informatio n, see Chapter 15, “C onfiguring STP .” • MSTP is disa bled. For mo re inform ation , see C hapter 1 6, “Configuri ng MSTP .” •[...]
-
Seite 45
1-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 Ov erview Network Configuration Examples Network Config uration Examp les This se ction provides network co nfigurati on conc epts a nd inc ludes examples of using the s witch t o creat e dedica ted network segment s and int erconne ctin g the segment s throug h Fast Ether[...]
-
Seite 46
1-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Ch apter 1 Over view Netwo rk Configura tion Examp les Bandwidt h alone is not the only c onsidera tion whe n designing you r network. As your netwo rk traffic profiles evolv e, con sider p roviding network services that can sup port a pplicat ions f or voice a nd dat a inte grati[...]
-
Seite 47
1-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -1 High-P erfor mance W or kgr oup (Gigabit-t o-the-Desktop ) • Serv er aggr eg ation ( Figure 1-2 )— Y ou c an us e the switch es to in tercon nect groups of servers, central izing phy sical sec urity and ad ministra [...]
-
Seite 48
1-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Ch apter 1 Over view Netwo rk Configura tion Examp les Figu re 1 - 2 Ser ver Aggregati on Small to M edium-Si zed Net work Using Catalyst 2960 Switches Figure 1-3 shows a configurat ion fo r a ne twork of up to 500 e mployees. T his net work uses Catal yst 2960 switches w ith high[...]
-
Seite 49
1-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 Ov erview Network Configuration Examples Catalyst PoE sw itch ports aut omatical ly detect any Cisco pre-standard and IEEE 802. 3af- complia nt powered devices that ar e connec ted. Ea ch PoE switc h port provide s 15.4 W of power per port . The powered device, such as a C[...]
-
Seite 50
1-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Ch apter 1 Over view Where to Go Nex t Figur e 1 -4 Long-Distanc e, High-Bandw idth T ransp ort Con figur ation Where to Go Next Before conf iguring the switch, re vie w these secti ons for startup informatio n: • Chapter 2, “Using the Comman d-Lin e Inter face” • Chapter [...]
-
Seite 51
C HAPTER 2-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 2 Using the Command-Line Interface This c hapte r descr ibes t he Cisco IOS comm and-li ne in terface ( CLI) and how t o use it to configure your Catalyst 29 60 switch. I t contain s these sectio ns: • Understa nding C omman d Modes, pa ge 2-1 • Understa nding the Hel p [...]
-
Seite 52
2-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 2 Usi ng th e Com ma nd-L ine I nter face Unders tanding Comm and Mode s T able 2-1 Command Mo de Summa ry Mod e Acce ss Met hod Promp t Exit M ethod Abou t Thi s Mode User EXE C Begin a session with your sw itch. Switch> Enter logout or quit . Use this mode to • Chan[...]
-
Seite 53
2-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 Using the Comma nd-Line In terface Understa nding the Hel p System For more detail ed info rmat ion on the command mode s, see the c omma nd refe rence g uide for th is re lease . Understandin g the Help System Y o u can enter a quest ion ma rk (?) at th e system prompt to [...]
-
Seite 54
2-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 2 Usi ng th e Com ma nd-L ine I nter face Unders tanding Abbre viated Co mmands Understandin g Abbreviated Co mmands Y ou need to en ter on ly e nough charac ters for t he swit ch to rec ognize t he co mmand as u nique. This e xample sho ws how to e nter the sho w configur[...]
-
Seite 55
2-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 Using the Comma nd-Line In terface Unders tandin g CLI Err or Messages Understandin g CLI Error Mess ages Ta b l e 2 - 3 li sts so me err or messa ges that you might encoun ter whi le using the C LI to configure your switch. Using Command History The software provides a his[...]
-
Seite 56
2-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 2 Usi ng th e Com ma nd-L ine I nter face Using E diting Feature s Beginning i n lin e co nfiguration mode , en ter th is co mmand to c onfigure t he nu mber of com mand line s the switc h records for all se ssions on a p articular lin e: Switch(config-line)# history [ siz[...]
-
Seite 57
2-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 Using the Comma nd-Line In terface Using Edit ing Featu res Enabling a nd Di sabling Ed iting F eatures Although enhan ced edit ing mode i s automa tical ly enable d, you can di sable it, re-en able it, or co nfigure a sp ecif ic lin e to ha ve enha nced e ditin g. The se p[...]
-
Seite 58
2-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 2 Usi ng th e Com ma nd-L ine I nter face Using E diting Feature s Editing C ommand Lines that Wrap Y ou can use a w raparo und f eature for c ommands that extend b eyond a si ngle l ine o n the screen . W hen the cursor reaches the right mar gin, the command lin e shifts [...]
-
Seite 59
2-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 Using the Comma nd-Line In terface Searching and Filtering Output of show and m ore Commands In this exam ple, the acce ss-list global configura tion com mand e ntry extend s beyond one line . When the cursor f irst reach es the end of the line, th e line is shifted ten spa[...]
-
Seite 60
2-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 2 Usi ng th e Com ma nd-L ine I nter face Access ing the CLI Accessing the CLI throu gh a Co nsole Conn ection or through Telnet Before y ou can acce ss the CLI , you mus t connect a termin al or PC to the switc h consol e port an d power on the switch as described in the[...]
-
Seite 61
C HAPTER 3-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 3 Assigning the Switch IP Address and Default Gateway This chap ter de scribe s ho w to creat e the initial s witch conf iguration (f or e xampl e, assign ing the switch IP ad dress and defau lt gateway informatio n) for th e Catalyst 2960 switch by using a v ariety of autom[...]
-
Seite 62
3-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Assign ing Swi tch Info rmatio n The bo ot loader prov ides ac cess to t he flas h f ile syste m before the ope rating s ystem is loaded. Normally , the bo ot load er is used o nly to load, unco mpress, a nd l aunch t h[...]
-
Seite 63
3-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information These sec tions co ntain this co nfiguration info rmat ion: • Default Swi tch Infor mation, pa ge 3-3 • Understa nding DHCP- Based Aut oconfigurat ion, page 3-3 • Manuall y Assi gni[...]
-
Seite 64
3-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Assign ing Swi tch Info rmatio n DHCP Client Request Proce ss When you boot your switch, the DHC P clie nt is inv o ked and requests c onfiguration informat ion fro m a DHCP ser ver wh en the co nfig uration f ile is no[...]
-
Seite 65
3-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information Configuring DHCP-Base d Autoconfiguration These sec tions co ntain this co nfiguration info rmat ion: • DHCP Serv er Conf iguration Gui delines, p age 3-5 • Configuring t he TFT P Ser[...]
-
Seite 66
3-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Assign ing Swi tch Info rmatio n If you did no t speci fy the co nfiguration filenam e, the TFTP server , or if the configurati on file could not be do wnloaded, the switch attempts to do wn load a conf igurati on file [...]
-
Seite 67
3-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information Figur e 3-2 Rela y Device Use d in A utoconfig urat ion Obtaining Configurati on Files Depending on the a vailabi lity of the IP addre ss and the conf iguration file name in the DHCP rese[...]
-
Seite 68
3-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Assign ing Swi tch Info rmatio n Note The switch br oadcasts TFTP server requests if the TFTP serv er is not obtained f rom the DHCP replies, if all attempts to read the conf iguration f ile through un icast transmi ssi[...]
-
Seite 69
3-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information TFTP Serve r Conf iguration (on UNIX) The TF TP server base di rectory is set to / tftpserver/wor k/. This di recto ry contai ns the ne twork-conf g file used in the two -file read m etho[...]
-
Seite 70
3-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Checking and Saving th e Running Con figuration T o remov e the switch IP ad dress, use the no ip address inte rface con figuratio n comma nd. If yo u are remo ving the add ress through a T elnet session, your c onnect[...]
-
Seite 71
3-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Modifying the Startup Configuration ip address 172.20.137.50 255.255.255.0 no ip directed-broadcast ! ip default-gateway 172.20.137.1 ! ! snmp-server community private RW snmp-server community public RO snmp-server [...]
-
Seite 72
3-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Modifyin g the Startup Conf iguration Default Boot Configuration Ta b l e 3 - 3 shows the default boot c onfiguration. Automatically Downloadin g a Con figuratio n File Y ou ca n automa tical ly download a configurati [...]
-
Seite 73
3-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Modifying the Startup Configuration T o return to the default setting, use the no boot config-f ile glo bal configurat ion c omma nd. Booting Manua lly By default, the swit ch automati cally boo ts; howe ver , you c[...]
-
Seite 74
3-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Modifyin g the Startup Conf iguration T o return to the default setting, use t he no boot syste m globa l configurat ion c ommand. Controlling Environment Variables W ith a n ormal ly op erati ng swi tch, y ou en ter t[...]
-
Seite 75
3-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Schedul ing a Rel oad of t he Sof tware Ima ge Note For c omplete s yntax and usag e info rmation for th e boot loader command s and en vironment v ariables, see the c omman d refere nce fo r this rel ease. Ta b l e[...]
-
Seite 76
3-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Scheduli ng a Reload of the Software Image Configur ing a Sc heduled Reload T o conf igure you r switch to relo ad the soft ware i mage at a la ter time, use o ne of these co mmands in privileged EXEC mode : • reloa [...]
-
Seite 77
3-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Schedul ing a Rel oad of t he Sof tware Ima ge Displaying S chedu led Reload Information T o di splay infor matio n about a previous ly sched uled reloa d or to find out if a reload has been scheduled on the switch,[...]
-
Seite 78
3-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 Assigning the Switch IP Address and Defau lt Gateway Scheduli ng a Reload of the Software Image[...]
-
Seite 79
C HAPTER 4-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 4 Configuring IE2100 CNS Ag ents This chap ter descri bes ho w to c onfigu re the Inte lligence En gine 2100 (IE2 100) Serie s Cisco Netwo rking Services (CN S) emb edded age nts on your C atal yst 2960 switch. Note For comp lete syntax and usag e informa tion for th e comma[...]
-
Seite 80
4-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 4 Configur ing IE2100 C NS Agents Unders tanding IE21 00 Series Conf igurati on Registrar Sof tware Figur e 4-1 Configur ation Regi strar Ar c hitec tur al Ov erview These sect ions co ntain this co nceptu al in forma tion: • CNS Configurati on Servi ce, pag e 4-2 • CNS[...]
-
Seite 81
4-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 4 Conf iguring IE21 00 CNS Agents Understan ding IE2100 Series Co nfigu ration Regi strar Software CNS E vent Servi ce The Conf ig uration Re gistrar uses the CNS E vent Service for receip t and genera tion of co nfigur ation e ven ts. The CNS ev ent ag ent reside s on the sw[...]
-
Seite 82
4-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 4 Configur ing IE2100 C NS Agents Unders tanding IE21 00 Series Conf igurati on Registrar Sof tware DeviceID Each co nfigured s witch pa rticip ating o n the event b us has a unique deviceID, whic h is an alogous t o the switch source ad dress so that the switch can be targ[...]
-
Seite 83
4-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 4 Conf iguring IE21 00 CNS Agents Unde rstan ding CNS Embe dde d Ag ent s Understandin g CNS Embedded Agent s The CNS e vent agen t feature a llo ws the swit ch to pub lish and sub scribe to ev ents on the e vent b us and works with the CNS configurati on agent. The CNS conf [...]
-
Seite 84
4-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 4 Configur ing IE2100 C NS Agents Configur ing CNS Embedd ed Agents Incremental (Partial) Configur ation After t he ne twork is runn ing, new serv ices c an be adde d by usi ng the CNS con figuration agen t. Increme ntal (partial) conf iguratio ns can be se nt to the swi tc[...]
-
Seite 85
4-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 4 Conf iguring IE21 00 CNS Agents Config uri ng CNS Embe dde d Ag ents Note For more informatio n about running the setup program and cr eating templates o n the Configurat ion Registrar , see the Cisco Intelligence Engine 2100 Series C onfiguration Re g istrar Manual . T abl[...]
-
Seite 86
4-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 4 Configur ing IE2100 C NS Agents Configur ing CNS Embedd ed Agents Enabling th e CNS Ev ent Agent Note Y ou must ena ble the CNS e v ent agen t on t he swit ch befo re you enable the CNS co nf iguratio n agent. Beginn ing in pri vilege d EXEC mode, follo w th ese steps to [...]
-
Seite 87
4-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 4 Conf iguring IE21 00 CNS Agents Config uri ng CNS Embe dde d Ag ents This e xample sho ws ho w to enable the CNS e vent agent, set th e IP address g ate way to 1 0.180.1.27, set 120 seconds as the kee pali ve in terv al, and set 10 as the retry cou nt. Switch(config)# cns e[...]
-
Seite 88
4-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 4 Configur ing IE2100 C NS Agents Configur ing CNS Embedd ed Agents Step 3 conf ig-cli or line -c li Enter conf ig-cli to connect to the Conf iguration Registrar through t he interface de fined in cns c onfig connect-i ntf . Enter line-cli to connec t to th e Registrar thr[...]
-
Seite 89
4-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 4 Conf iguring IE21 00 CNS Agents Config uri ng CNS Embe dde d Ag ents T o dis abl e the CNS co nf igur ati on age nt, use t he no cns conf ig initia l { ip-add r ess | hostnam e } gl obal configurati on c ommand. This e xample sho ws ho w to conf igure an initia l conf igur[...]
-
Seite 90
4-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 4 Configur ing IE2100 C NS Agents Configur ing CNS Embedd ed Agents Enabling a Partial Configur ation Beginn ing in pri vilege d EXEC mode, follo w th ese steps to enab le the CNS config uration agen t and to initiate a p artial conf iguration on the switch: T o dis abl e [...]
-
Seite 91
4-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 4 Conf iguring IE21 00 CNS Agents Displaying CNS Configuration Displaying CNS Configuration Y ou ca n use the privileged EXEC co mmand s in Ta b l e 4 - 2 to displa y CNS Configuration inf ormati on. T able 4-2 Displa ying CNS Co nfiguratio n Command Purpose show cns conf ig[...]
-
Seite 92
4-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 4 Configur ing IE2100 C NS Agents Displaying CNS Con figuration[...]
-
Seite 93
C HAPTER 5-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 5 Clustering Switches This ch apter pr ov ides an o ver vie w of the concepts an d of the pro cedure s used to cr eate and ma nage Catalyst 296 0 switc h cluste rs. Y ou ca n creat e and manage switch cluster s by using Network Assista nt, the comm and-lin e interface (CLI),[...]
-
Seite 94
5-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 5 C lustering Switches Unders tanding Switch Cl usters Using switc h clusters simpl ifies the managem ent of multip le switches, regar dless of their physi cal location and p latfo rm fam ilies. Clusteri ng also provides redunda ncy throu gh stand by cluste r comma nd switc[...]
-
Seite 95
5-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 5 Cluste ring Switche s Using the CLI to Manage Switch Clusters • It is r edundantly c onnected to the c luster so th at connect i vity to c luster mem ber switche s is maintaine d. • It i s not a co mmand or m embe r swit ch of an othe r clus ter . Note Standby cluster c[...]
-
Seite 96
5-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 5 C lustering Switches Using SNMP to Ma nage Sw itch Clusters If you do not know the mem ber-switc h number, enter the show cluster memb ers privileged EX EC comm and on the cluster co mmand switch. For m ore infor mati on about t he rcommand command and a ll other clust er[...]
-
Seite 97
5-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 5 Cluste ring Switche s Using S NMP to Ma nage Swit ch Clust ers Note Whe n a clust er standby grou p is configured , the clu ster c ommand swi tch can ch ange without you r kno wled ge. Use the f irs t read-write an d read-only community st rings to comm unicate wit h the cl[...]
-
Seite 98
5-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 5 C lustering Switches Using SNMP to Ma nage Sw itch Clusters[...]
-
Seite 99
C HAPTER 6-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 6 Administering the Switch This c hapter d escrib es how to per form one-time opera tions to admi nister t he Cata lyst 29 60 switch. This chap ter cons ists of th ese sectio ns: • Managin g the System Time and Date , page 6-1 • Configuring a System N ame a nd Prompt , p[...]
-
Seite 100
6-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Understand ing the S ystem Clock The heart o f the time serv ice is the system clock. This cl ock runs from th e moment the syste m starts up and keeps tra ck of the da te and tim e. The sy stem c lock ca n then[...]
-
Seite 101
6-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Cisco’ s implementatio n of NTP doe s not suppor t stratum 1 se rvice; it is not possibl e to conne ct to a radi o or atom ic cloc k. W e reco mmend t hat the time ser vice f or your network b e derived fr[...]
-
Seite 102
6-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Configuring NTP The switc h does not have a hardware-sup ported clo ck and cann ot functi on as an NTP maste r clock to which p eers syn chronize themselv es when an e xternal NT P source is n ot a v ailabl e. T[...]
-
Seite 103
6-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Configuring NTP Authentication This pr oced ure must be c oordina ted w ith th e ad ministra tor of the N TP server ; the i nform ation you conf igure in this procedu re must be matched by the ser vers used [...]
-
Seite 104
6-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Configuring NTP Associations An NTP associat ion ca n be a peer asso ciatio n (this switc h can eithe r synchroniz e to the othe r device or allow the other device to sync hronize to it), or it ca n be a server [...]
-
Seite 105
6-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Configuring NTP Broadcast Service The co mmunic ations between devices run ning NTP (k nown as associations ) are usua lly statically configured ; each device is giv en th e IP addresse s of al l devices w i[...]
-
Seite 106
6-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Beginn ing in pri vileg ed EXEC mode, follo w th ese step s to configur e the switch to recei ve NTP broadca st packet s from co nnecte d peer s: T o di sable a n inte rface fro m rece iving NTP broadc ast p ack[...]
-
Seite 107
6-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Creating an Access Gro up and Assigni ng a Basic IP Access List Beginn ing in pri vilege d EXEC mode, follo w these steps to contro l access to NTP services b y using access lists: The ac cess group keywords[...]
-
Seite 108
6-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the Syste m Time and Date T o remov e acces s control to th e switch NTP servi ces, use the no ntp access-gr oup { query-only | serve -only | serve | peer } global con figuration com mand . This e xample s ho ws ho w to conf igu re the [...]
-
Seite 109
6-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te The specif ied interface is used for the source a ddress for all packets sent to all destinat ions. If a source address is to be used for a spec ific association , use the source ke yword i n the ntp peer o[...]
-
Seite 110
6-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the Syste m Time and Date This example shows ho w to manuall y set the system cl ock to 1:32 p.m . on July 23, 2001 : Switch# clock set 13:32:00 23 July 2001 Displaying the Time and Dat e Configuration T o display the time and date conf[...]
-
Seite 111
6-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Configuring Summer Time (Daylight Saving Time) Beginning in pr ivileged EXEC mode, fo llow these steps t o co nfigure summer time (dayligh t saving time) in areas wh ere it starts an d ends on a par ticular[...]
-
Seite 112
6-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Configur ing a System Nam e and Prom pt Beginning in privileged EX EC mode, fol low these steps if summ er tim e in your area do es not foll ow a recurr ing patt ern (con figure the exact da te and tim e of the next summe r time ev ents) : The fi[...]
-
Seite 113
6-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Confi guring a S ystem Name an d Prompt These sec tions co ntain this co nfiguration info rmat ion: • Default Syste m Name and Prom pt Configuration , page 6- 15 • Configuring a System Name, page 6- 15 • Understa nding D NS, page 6 -15 Defau[...]
-
Seite 114
6-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Configur ing a System Nam e and Prom pt These sec tions co ntain this co nfiguration info rmat ion: • Default DN S Configuration, page 6-1 6 • Setting Up DNS, pag e 6-16 • Displayin g the DNS Configurat ion, page 6-1 7 Default DNS Configur [...]
-
Seite 115
6-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Creat ing a Bann er If you u se t he switc h IP ad dress a s its hostnam e, the IP a ddress i s used and no DNS query oc curs. I f you configure a ho stname that contai ns no periods (. ), a period fol lowed by the de fault domai n name is appende[...]
-
Seite 116
6-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Creating a Banner Configurin g a Mess age-of-the -Day Log in Bann er Y ou can crea te a single o r multiline m essage banner that appears on the screen when someone logs in to the switch. Beginning in privileged EX EC mode, fol low these steps to[...]
-
Seite 117
6-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Managin g the MAC Addre ss Table Beginning i n privileged EX EC mo de, fol low these s teps t o configure a logi n banne r: T o delet e the lo gin ba nne r , use t he no banner login global con figurati on comm and. This example shows ho w to con [...]
-
Seite 118
6-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the MAC A ddress Tab le • Configuring M A C Addr ess Notificat ion Traps, page 6-21 • Adding and Re moving Static Addr ess Entries, pag e 6-23 • Configuring Unic ast MAC A ddress Filte ring, page 6-24 • Displayin g Address T abl[...]
-
Seite 119
6-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Managin g the MAC Addre ss Table Changing the Addre ss Aging Time Dynami c address es are sour ce MA C addresses that the sw itch lear ns and then ages when they ar e not in use. Y ou can change the ag ing time setting for all VLANs or for a speci[...]
-
Seite 120
6-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the MAC A ddress Tab le Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf ig ure the switch to send MA C address notif ication traps to an NMS host: Command Purpos e Step 1 conf igure terminal Enter glob al co nfigurati[...]
-
Seite 121
6-23 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Managin g the MAC Addre ss Table T o di sable the sw itch from se nding MAC address notificat ion traps, use the no snmp-serv er enable traps mac-notification global con f igura tion co mman d. T o disable th e MA C addre ss notification tr aps on[...]
-
Seite 122
6-24 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the MAC A ddress Tab le Beginning i n privileged EX EC mo de, follo w these steps to add a static addr ess: T o remove st atic en tri es fr om t he addr ess ta ble, u se the no mac addre ss-table static m ac- addr vlan vlan-i d [ interf[...]
-
Seite 123
6-25 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 6 Administer ing the Switch Managin g the MAC Addre ss Table For example, if yo u ent er t he mac address-table static mac-addr vlan vlan-id int er fac e interface- id glob al configura tion comm and fol lowed by the mac addr ess-table static mac-addr vlan vlan-i d drop c om[...]
-
Seite 124
6-26 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 6 Administering the Switch Managin g the ARP Table Managing the ARP Ta ble T o co mmuni cate with a device (over Ethern et, for exam ple), t he softwa re first must learn the 48-b it MAC address o r the l ocal dat a lin k address o f that device. The pr ocess of lear ning [...]
-
Seite 125
C HAPTER 7-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 7 Configuring SDM Templates This chapte r describes ho w to conf igure the Switch Data base Management (SDM ) templates on the Catalyst 2960 swit ch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman d refere nce fo[...]
-
Seite 126
7-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 7 Configuring SDM Templates Conf igu rin g th e Swi tch SDM T empl ate The ro ws in the table represen t approximate ha rdware bounda ries set when a template is selected . If a section of a hardwar e resource is full, all processing over flo w is sent to the CPU, seriously[...]
-
Seite 127
7-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 7 Conf iguring SDM Te mplates Displaying the SDM Templates Displaying the SDM Te mplates Use the show sdm pr efer pri vile ged EXEC command w ith no parame ters to display the a cti v e template. Use the show sd m prefer [ default | qos ] pr ivileged EXEC com mand to dis play[...]
-
Seite 128
7-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 7 Configuring SDM Templates Display ing the SDM Templates[...]
-
Seite 129
C HAPTER 8-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 8 Configuring Switch-Based Authentication This c hapter d escrib es how to configure switch -based authen tication on the Cata lyst 2 960 swit ch. It consists of these sect ions: • Pre ve nting Unauthorized Acc ess to Y our Switch, page 8-1 • Protectin g Acce ss to Privi[...]
-
Seite 130
8-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds • If you want t o use usernam e and password pairs, but you want to st ore them c entral ly on a ser ver instead o f locall y , you c an store them in a database on a secur ity serv[...]
-
Seite 131
8-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s Setting o r Changin g a Static Enab le Pa ssword The en able password control s access to the privileged EXEC mode. Beginning in privileged EXE C mode, follo w th ese steps to se[...]
-
Seite 132
8-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Be ginnin g in pri vileg ed EXEC mode, follo w these steps to conf igure encryp tion for enab le and enable secr et pas swords : Command Purpose Step 1 conf igure terminal Enter g lob[...]
-
Seite 133
8-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s If bo th the en able and e nable sec ret pas sword s are de f ined, us ers must enter th e enable s ecret p asswo rd. Use th e level keyword to define a password fo r a sp ecific[...]
-
Seite 134
8-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds T o r e-ena ble password r ecovery , us e the service pas sword- reco v ery global con f igura tion com mand. Note Disabling password recov ery will not w ork if yo u hav e set the sw[...]
-
Seite 135
8-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s Configuring Us ername and P assword Pairs Y ou ca n configure use rname an d password pai rs, which a re locally stored on the switch. These pai rs are assign ed to lines or por [...]
-
Seite 136
8-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Configuring Multiple Privil ege Levels By default, the Cisco IO S software has two modes of passwor d security: use r EXEC and pr i vileged EXEC. Y ou ca n configure up t o 16 hierar [...]
-
Seite 137
8-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s When y ou set a command to a pr i vile ge le vel, all co mmands whose s yntax is a subset of tha t comman d are al so set to th at le vel. For example , if you se t the sho w ip [...]
-
Seite 138
8-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ Logging into and Exiting a Privilege Level Beginn ing in pri vile ged EXEC mode, f ollo w these steps to log in to a s pe c if i ed pr i vi l e ge le ve l and to e xi t to a specified pri v[...]
-
Seite 139
8-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ Figur e 8-1 T ypical T AC ACS+ Ne twor k Configur ation T A CAC S+, adm iniste red thro ugh t he AAA se curity services, can p rovid e these servic es: • Authent ication— Provides com ple[...]
-
Seite 140
8-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ TACACS+ Ope ration When a use r attempts a sim ple ASCII login by authent icating to a switch using T A C A CS+, this p rocess occurs: 1. When th e connectio n is esta blishe d, the sw itch[...]
-
Seite 141
8-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ • Configuring T A CA CS+ Authori zation for Privile ged E XEC Access a nd Networ k Ser vices, pa ge 8-16 • Startin g T A CA CS+ Accoun ting, pa ge 8-17 Default TACAC S+ Configuratio n T A[...]
-
Seite 142
8-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ T o remo ve the spec if ied T A CA CS+ server n ame or addr ess, use the no tac acs- server host hostna me global configurat ion comm and. T o re move a server group from the co nfiguration[...]
-
Seite 143
8-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ Step 3 aaa authent ication log in { default | list-name } method1 [ meth od2 ... ] Create a logi n authen tica tion meth od list. • T o create a def ault list tha t is used when a n amed li[...]
-
Seite 144
8-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ T o disa ble A AA, use the no aaa new-model global co nfiguration comm and. T o disable AA A authenti cation, use th e no aaa aut hentica tion log in { def ault | list-name } method1 [ me t[...]
-
Seite 145
8-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Starting TACACS+ Accounting The AA A accou nting featu re trac ks the servic es tha t users are a ccess ing an d the amoun t of ne twor k resources th at the y are consuming. When AAA ac count[...]
-
Seite 146
8-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Understanding RADIUS RADIUS is a distr ibu ted client /serv er system that secures n etworks against u nauthori zed access . RADIUS c lients run on sup ported Ci sco route rs an d switches .[...]
-
Seite 147
8-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Figur e 8-2 T ransitioning fro m RADIUS to T ACACS+ Services RADIUS Operation When a user attem pts to log in and auth enticate to a switch that is acce ss controlled b y a RADIUS serv er , th[...]
-
Seite 148
8-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Configuring RADIUS This se ction describe s how to c onfigure your switch to su pport R ADIUS. At a mini mum, y ou mus t identify t he host or host s that ru n the RA DIUS server software an[...]
-
Seite 149
8-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Y ou identify RADIUS security servers b y their hostname or IP address, hostname and specif ic UDP po rt numbers, or their I P addre ss and specific UD P port num bers. The combin ation of the[...]
-
Seite 150
8-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Comma nd Pu rpos e Step 1 conf igure t erminal Enter globa l configurati on mode. Step 2 radius-server host { hostname | ip-addr ess } [ au th-p ort por t-n umbe r ] [ acct-po rt port-n umbe[...]
-
Seite 151
8-23 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o remov e the specif ied RADIUS serve r , u se the no radius-serv er host hostname | ip- addre ss glob al configurati on c ommand. This exampl e sho ws ho w to con fi gure one RADIUS ser ver[...]
-
Seite 152
8-24 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf igure login authenticat ion. This procedu re is requir ed. Comma nd Pu rpos e Step 1 conf igure t erminal Enter globa l con[...]
-
Seite 153
8-25 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o disa ble A AA, use t he no aaa new-model global co nfiguration comm and. T o disable AA A authenti cation, use th e no aaa aut hentica tion log in { def ault | list-name } method1 [ me tho[...]
-
Seite 154
8-26 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Be ginning in pri vile ged EXEC mode, follo w these steps to define th e AAA server group and associate a particula r RADIUS serve r with it: Comma nd Pu rpos e Step 1 conf igure t erminal E[...]
-
Seite 155
8-27 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o remov e the specif ied RADIUS serve r , u se the no radius-serv er host hostname | ip- addre ss glob al configurati on comm and. T o remove a server group fro m the configur ation list, us[...]
-
Seite 156
8-28 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Beginn ing in pri vil eged EXEC m ode, follo w these steps to sp ecify RADIUS a uthorizatio n for pri vile ged EXEC a ccess and n etwork ser vices: T o disable author ization, u se the no aa[...]
-
Seite 157
8-29 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Configuring Settings for All RADIUS S ervers Beginning i n privileged EX EC mo de, fol low these s teps t o configure g lobal commun icatio n setti ngs between the switch and all RADIUS serv e[...]
-
Seite 158
8-30 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS This e xample sho ws ho w to provid e a user lo gging in f rom a swit ch with immed iate ac cess to pri vileged EXEC co mmands : cisco-avpair= ”shell:priv-lvl=15“ This e xample s hows ho[...]
-
Seite 159
8-31 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS As ment ioned ea rlier, to configure RAD IUS (w hether vendor-proprie tary or IETF dr aft-c omplia nt), yo u must specif y the host ru nning the RADIUS se rver daemon an d the secr et text str[...]
-
Seite 160
8-32 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Configur ing the Switc h for Lo cal Authe ntication a nd Authori zation Configuring the Switc h for Local Authenti cation and Authorization Y ou can c onfi gure AAA t o opera te without a serv er b y settin g the switch to impl eme[...]
-
Seite 161
8-33 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell Configuring the Switch for Se cure Shell This section descri bes how to c onfigure the Secure Shell ( SSH) f eature. T o use this fe ature, yo u must install t he cryp tograph ic (enc rypted[...]
-
Seite 162
8-34 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Conf igu rin g th e Swi tch for S ec ure S hel l SSH also supports these user authen tication methods: • T A CA CS+ (fo r more i nform ation, se e the “Controllin g Switch Access with T A CA CS+” section on page 8-10 ) • RA[...]
-
Seite 163
8-35 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell Setting Up the Switch to R un SSH Foll ow these steps to set up your switch to run SSH: 1. Download the cr ypto graph ic software imag e from Cisco .com . This st ep is requi red. For mor e [...]
-
Seite 164
8-36 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Conf igu rin g th e Swi tch for S ec ure S hel l Configuring the SSH Server Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf ig ure the SSH serv er: T o return to the def ault SSH c ontrol param eters, use the no [...]
-
Seite 165
8-37 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP For more informa tion about th ese command s, see the “ Secur e Shell Commands ” section in the “Other Securit y Features ” chapter o f the Cisc o IOS Secu rity Comma nd [...]
-
Seite 166
8-38 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Conf igu rin g the S wit ch f or Se cur e So cket L aye r HT TP When a c onnec tion at tempt is made , the HT TPS s erver provid es a se cure connect ion by iss uing a certif ied X.509v 3 certif icate, obta ined from a specif ied C[...]
-
Seite 167
8-39 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP CipherSuit es A CipherSuite specif ies the en cryption algorithm a nd the digest algorithm to use on a SSL connection. When conne cting to the HTTPS server , the client W eb brow[...]
-
Seite 168
8-40 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Conf igu rin g the S wit ch f or Se cur e So cket L aye r HT TP SSL Configuration Guid elines When SSL is used in a switch cluster , the SSL session terminates at the cluster commander . Cluster member switches must run standard HT[...]
-
Seite 169
8-41 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP Use the no crypto ca tr ustpo int nam e global conf iguration command to d elete all iden tity inform ation and ce rtifica tes as soc iated wit h the CA . Configuring the Secure [...]
-
Seite 170
8-42 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Conf igu rin g the S wit ch f or Se cur e So cket L aye r HT TP Use th e no ip http server global configu ration c ommand to disabl e the standa rd HTT P server . Use the no ip http secur e-serv er global configurat ion co mmand to[...]
-
Seite 171
8-43 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 8 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP Use the no ip http client secure -trustpoint name to remo ve a client trustpoint conf iguration. Use the no ip http client sec ure- ciphersuite to remove a previously configur ed[...]
-
Seite 172
8-44 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 8 Configuring Switch-Based Authentication Conf igu rin g the S wit ch f or Se cur e So cket L aye r HT TP[...]
-
Seite 173
C HAPTER 9-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 9 Configuring IEEE 802.1x Port-Based Auth enticat ion This chapter desc ribes how to configure IEEE 802 .1x port- bas ed authent ication on t he Catalyst 29 60 switch. IEEE 802.1 x prevents unau thoriz ed d e vice s (clie nts) fro m gai ning a ccess to the network. Note For [...]
-
Seite 174
9-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Unders tanding IE EE 802.1x Port-Ba sed Au thentic ation • Using IE EE 802.1x wit h V oice VLA N Ports, page 9-8 • Using IE EE 802.1x wit h VLAN Assign ment, pa ge 9-8 • Using IEEE 80 2.1x with Guest VLAN, page 9 -[...]
-
Seite 175
9-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Underst anding I EEE 8 02.1x P ort-Based Authent ication within the nati ve fra me format. When the switch recei ves frames from the a uthenticat ion server , the serv er’ s frame header is re mov ed, le a ving t he EAP[...]
-
Seite 176
9-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Unders tanding IE EE 802.1x Port-Ba sed Au thentic ation Figur e 9-2 Messag e Ex chan ge Ports in Au thorized and Un authorized S tates Depend ing on the sw itch port s tate, the switch can grant a client acc ess to the [...]
-
Seite 177
9-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Underst anding I EEE 8 02.1x P ort-Based Authent ication received. The switch re quests the identity of the clie nt and begins r elaying aut hentic ation m essages between the client and the authen tication serv er . Each[...]
-
Seite 178
9-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Unders tanding IE EE 802.1x Port-Ba sed Au thentic ation Ta b l e 9 - 1 lists the A V pairs and when the y are sent are sent b y the switch: Y ou ca n view the A V pa irs that ar e being sen t by the switch by entering t[...]
-
Seite 179
9-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Underst anding I EEE 8 02.1x P ort-Based Authent ication W it h the multip le-host s mode en abled, y ou can use IEEE 802.1x to authent icate t he port and port securit y to ma nage n etwork access for al l MAC addresses,[...]
-
Seite 180
9-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Unders tanding IE EE 802.1x Port-Ba sed Au thentic ation • If the port is administr ativ ely shut do wn, the port becomes unauthenticate d, and all dynamic entrie s are re moved from the se cure host table. • Port s [...]
-
Seite 181
9-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Underst anding I EEE 8 02.1x P ort-Based Authent ication When co nfigured on the switch and the RA DIUS se rver , IEE E 802.1x with V LAN a ssignmen t has the se char act eris tics : • If no V LAN is supplied by th e RA[...]
-
Seite 182
9-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Configur ing IEEE 80 2.1x Authen ticatio n Using IEEE 8 02.1x with Guest V LAN Y ou can conf igure a gues t VLAN for each IEEE 802.1x port on the switch to pro vide limited services to client s, such as downloadi ng the[...]
-
Seite 183
9-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion • Resetting the IEEE 802.1 x Configurati on to the D efault V alues , page 9-20 ( optional) • Configuring IEEE 802.1x Account ing, pag e 9-21 (op tional ) Default IEEE 802. 1[...]
-
Seite 184
9-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Configur ing IEEE 80 2.1x Authen ticatio n IEEE 80 2.1x C onfig uration Gu idelines These ar e the IE EE 802. 1x authe ntica tion co nfiguration guidel ines : • When IEEE 802.1x is enabled, ports are au then ticated b[...]
-
Seite 185
9-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion T o allo w VLA N assignmen t, you mu st enable A AA author ization to c onfig ure the switch for all network-re lated ser vice re quests. This i s th e IEEE 802. 1x AAA pro cess:[...]
-
Seite 186
9-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Configur ing IEEE 80 2.1x Authen ticatio n Configuring the Sw itch-to-RADIUS-Serv er Communication RADIUS se curity servers are identi fied by their ho stname or IP ad dress, hostname and specific UDP por t numbers, or [...]
-
Seite 187
9-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion Y ou also need to conf igure some settin gs on the RADIUS serve r. These settin gs include the IP addre ss of the switch and the ke y string to be shared b y both the serve r and[...]
-
Seite 188
9-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Configur ing IEEE 80 2.1x Authen ticatio n Changing the Quiet P eriod When the swi tch cannot au thenticate the client, the switch remains idle f or a set period of time and then tries agai n. The dot1x ti meout q uiet-[...]
-
Seite 189
9-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion T o return to the defaul t retransmission time, use the no d ot1x timeou t tx- period interfa ce conf iguratio n comm and. This e xample shows h ow to set 60 as the number of sec[...]
-
Seite 190
9-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Configur ing IEEE 80 2.1x Authen ticatio n Note Y ou shoul d ch ange th e defaul t value of th is comm and on ly to a djust for un usual cir cumsta nces suc h as unrelia ble l inks or speci f ic b ehavioral p roblem s w[...]
-
Seite 191
9-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion This e xample shows ho w to ena ble IEEE 802.1x an d to allo w multiple hosts: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# dot1x port-control auto Switch(conf[...]
-
Seite 192
9-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Configur ing IEEE 80 2.1x Authen ticatio n Beginn ing in pri vilege d EXEC mode, follo w th ese steps to enab le the optional guest VLAN beha vior and to configu re a guest V LAN. Th is proced ure is op tiona l. T o di [...]
-
Seite 193
9-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 9 Configuri ng IEEE 802.1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion Configuring IEEE 802.1x Accounting Enabling AAA sy stem accountin g with IEEE 802.1x acc ounting allo ws s ystem relo ad ev ents to be sent to the a ccount ing RADIUS server for [...]
-
Seite 194
9-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 9 Configuring IEEE 802.1x Por t-Based Aut hentication Displaying IEEE 802.1x St atistics and St atus Displaying IEEE 802.1x Statistics an d Status T o d isplay IEEE 802.1 x statis tics for all ports, use the s how dot1x all statistics pri vilege d EXE C comman d. T o disp [...]
-
Seite 195
C HAPTER 10-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 10 Configuring Interface Cha racteristics This ch apter d efines the type s of inter faces on the Catalyst 2960 swi tch an d describe s how to configure them. The chapte r consists of these sectio ns: • Understa nding I nterfac e T ypes, pa ge 10- 1 • Using Interfac e C[...]
-
Seite 196
10-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Unders tanding Inte rface Type s Port-Based VLANs A VLAN is a switched netwo rk that is logically segmented b y function, team, or application, witho ut reg ard to the physic al location of the user s. For more in format ion about V[...]
-
Seite 197
10-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es T wo ty pes of a ccess por ts are sup ported : • Static acces s ports are manually assigned to a VLAN (or throu gh a RADIUS serv er for use with IEEE 8 02.1x. For more infor matio n, see the ?[...]
-
Seite 198
10-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Using I nterface Configu ration Mode Dual-P urpose Uplin k Ports Some Cataly st 2960 switch es suppor t dual-p urpose upl ink port s. Each up link port is consider ed as a single interface wi th dual front ends ( an RJ-45 connector [...]
-
Seite 199
10-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Using Inte rface C onfigu ration Mo de T o configu re a phys ical interface (por t), specify the interface type, m odule number , and switch port number , and en te r in terf ace co n f ig ur at io n m od e. • T ype —Fast Ether[...]
-
Seite 200
10-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Using I nterface Configu ration Mode Step 3 Foll o w each interface command w ith the interf ace con fig uration comma nds that the in terface requires. The co mman ds that you enter define the pro toco ls and appl icati ons that wi[...]
-
Seite 201
10-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Using Inte rface C onfigu ration Mo de When usin g the interf ace range glob al con figuration co mman d, no te these gu idel ines: • V alid entries for por t-r ang e : – vlan vlan -ID , wh ere t he V LAN I D i s 1 t o 40 94 No[...]
-
Seite 202
10-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Using I nterface Configu ration Mode Beginning in privileged EX EC mode, fol low these steps t o define an interface ra nge macr o: Use the no de fine interface-range macr o_ name global conf igura tion comm and to delete a macro. W[...]
-
Seite 203
10-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Configuring Ethernet Interfaces This example shows ho w to define an interfac e-rang e named en et_li st to incl ude port s 1 and 2 a nd to ver ify the ma cro con fig urat ion: Switch# configure terminal Switch(config)# define inte[...]
-
Seite 204
10-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Configur ing Ethern et Interface s Configuring In terface Sp eed and Du plex M ode Ether net inter faces on the swit ch opera te at 10, 10 0, or 1000 Mbps an d in eith er full- or ha lf-dupl ex mode. In full- duplex mode, two stati[...]
-
Seite 205
10-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Configuring Ethernet Interfaces Speed and Duplex Configuration Gui delines When configur ing an inte rface spee d and duplex mode , note th ese guidel ines: • Fast Ethern et (10/100- Mbps) ports su pport a ll sp eed and dupl ex [...]
-
Seite 206
10-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Configur ing Ethern et Interface s T o return to the default setting, use t he no media-type interface co nfiguration c ommand. When you cha nge the i nterface t ype, the speed and d uplex configurat ions are re moved. The swit ch [...]
-
Seite 207
10-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Configuring Ethernet Interfaces The switch does not ha ve this be ha vior with 100B ASE-FX-GE SFP modules. Setting the Interface Speed and Duplex Pa rameters Beg i nn i ng in pr ivi l eg ed E X EC m o de , f ol l ow th e se s te p[...]
-
Seite 208
10-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Configur ing Ethern et Interface s This e xample sho ws how to set the interface speed to 100 Mbps on a 10/100/1000 Mbps por t: Switch# configure terminal Switch(config)# interface gigabitethernet0/2 Switch(config-if)# speed 100 Co[...]
-
Seite 209
10-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Configuring Ethernet Interfaces This exampl e shows ho w to turn on flow contro l on a port: Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# flowcontrol receive on Switch(config-if)# end [...]
-
Seite 210
10-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Conf igu rin g the S yst em MT U This e xample s ho ws ho w to enable auto- MDIX on a por t: Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# speed auto Switch(config-if)# duplex auto Switc[...]
-
Seite 211
10-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Confi guring the S ystem MTU Y o u canno t set t he M TU size for an individual interfa ce; yo u set i t for a ll 10/10 0 or a ll Giga bit Et hernet interfaces on the switch. When you change the M TU size, you must reset the switc[...]
-
Seite 212
10-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Monito ring and Mai ntainin g the Interfac es Monitoring and Maintainin g the Interfaces These section s contain interf ace monitor ing and maintenance information: • Monitori ng I nterfac e Statu s, page 10 -18 • Clear ing and[...]
-
Seite 213
10-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 0 Configuring Interfac e Charact eristics Monitoring and Maintaining the Interfaces Clearing and Resetting In terfaces and Counters T ab le 10-4 lists the pri vileged EXEC mode clear commands that you can u se to clear counte rs and res et interf aces. T o clea r th e int[...]
-
Seite 214
10-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 10 Configuring Interface Characteristics Monito ring and Mai ntainin g the Interfac es[...]
-
Seite 215
C HAPTER 11-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 11 Configuring Smartports Macro s This chapt er describ es ho w to configure and appl y Smartport s macros on th e Catalyst 296 0 switch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman d refere nce fo r th is re[...]
-
Seite 216
11-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 11 Configur ing Smart ports Mac ros Configuring Smartpor ts Macros Cisco also provid es a collection of pretes ted, Cisco-recommende d baseline conf iguration tem plates for Catalyst switc hes. The online reference gui de template s provide th e CLI commands that you can u[...]
-
Seite 217
11-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 11 Configur ing Smartpor ts Macros Configuring Smartports Macros Smartports Mac ro Con figuration Guidelines Follow these guideli nes when configuring ma cros on your sw itch: • When crea ting a macro , do not use the exit or end comman ds or cha nge the co mmand mo de by [...]
-
Seite 218
11-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 11 Configur ing Smart ports Mac ros Configuring Smartpor ts Macros The Cisc o-defaul t macros use th e $ character to help iden tify required k eyw ords. There is no restric tion on using the $ char acte r to define keywords w hen y ou cr eate a m acro. Creating Sm artport[...]
-
Seite 219
11-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 11 Configur ing Smartpor ts Macros Configuring Smartports Macros Applying Smartpo rts Macro s Beginning i n privileged E XEC mo de, follow these s teps to app ly a Smartpor ts mac ro: Y ou ca n delete a global macro-a pplied c onfiguration on a switch only by enteri ng the n[...]
-
Seite 220
11-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 11 Configur ing Smart ports Mac ros Configuring Smartpor ts Macros This exam ple sh ows how to app ly th e user-cre ated m acro c alle d snmp , to set the h ostname address to test- server , and to set the IP prec edence value to 7 : Switch(config)# macro global apply snmp[...]
-
Seite 221
11-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 11 Configur ing Smartpor ts Macros Configuring Smartports Macros Y ou ca n delete a global macro-a pplied c onfiguration on a switch only by enteri ng the no ver sion of ea ch comm and th at is in t he macro. Y ou can delete a m acro-a pplie d co nfigurati on on a n in terfa[...]
-
Seite 222
11-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 11 Configur ing Smart ports Mac ros Displaying Smartpor ts Macros Displaying Smartports Macros T o display th e Smartports macros, use one or mo re of the pri vileged EXE C command s in T abl e 11-2 . T able 1 1 -2 Com mands for Displ aying Smar tports Macr os Comma nd Pu [...]
-
Seite 223
C HAPTER 12-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 12 Configuring VLANs This c hapter describ es how to c onfigure norm al- range VL ANs (V LAN IDs 1 t o 100 5) and extended-ra nge VLA Ns (VLA N IDs 1006 to 409 4) on the Cata lyst 2 960 swi tch. It incl udes info rmation about VLA N membe rship mode s, VLAN con figuration m[...]
-
Seite 224
12-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Unders tanding VL ANs Figure 12-1 shows an exampl e of VL ANs segme nted into logic ally de fined networ ks. Figur e 12 -1 VLANs as Logica lly Defined N etwor ks VLANs are of ten assoc iated with IP su bnetw orks. F or ex ample, all the end sta tions i[...]
-
Seite 225
12-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Unde rsta ndin g VLAN s VLAN Port M embership M odes Y ou co nfigure a port to belong to a VLA N by assigning a mem bership mode that spec ifies the kind of traf fic the p ort car ries and t he numb er of V LANs to whic h it can belong. T a ble 12-1 lis[...]
-
Seite 226
12-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing Normal- Range VLA Ns Configuring Normal -Range VLANs Normal- range V LANs a re VL ANs with VLAN IDs 1 to 1005 . If the swi tch is in VT P server or VTP tr anspa rent m ode, y ou ca n ad d, mo dify or rem ove configuratio ns for VLANs 2 to [...]
-
Seite 227
12-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns These sec tions co ntain normal -ran ge VLAN configurat ion info rmati on: • T oken Ring V LANs, pa ge 1 2-5 • Normal -Range VL AN Con figuration Guidel ines, page 1 2-5 • VLAN Co nfiguration Mode Optio ns, pag[...]
-
Seite 228
12-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing Normal- Range VLA Ns are se ve ral adj acent switch es that all h av e run o ut of span ning-tree instances. Y ou can pre vent this possibil ity by setti ng allowe d lists on the trunk ports of switches that ha ve used u p their allocatio [...]
-
Seite 229
12-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns When you save VLAN and VTP infor mation (i ncluding extended-r ange VLAN configurat ion informatio n) in the star tup conf iguration fil e and reb oot the switch, the switch co nfig uration is selected as fo llows: ?[...]
-
Seite 230
12-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing Normal- Range VLA Ns Creating or Modifyin g an Et hernet VLAN Each E therne t VLA N in the VLAN d ataba se has a uni que, 4- digit I D tha t ca n be a nu mber fr om 1 to 1001. V LAN IDs 1002 to 1005 are reser ved for T oken Ring and FD DI [...]
-
Seite 231
12-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns Y ou ca n also cre ate or mod ify Ethe rnet VL ANs by using the VL AN datab ase co nfiguration mo de. Note VLA N data base configurati on m ode doe s not sup port RSP AN VLAN c onfiguratio n or extende d-range VLANs.[...]
-
Seite 232
12-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing Normal- Range VLA Ns Cautio n When you delete a VL AN, an y ports a ssigned to that VLAN become in acti ve. They remain assoc iated with th e VLAN ( and thus in acti ve) until y ou assign th em to a n ew VLAN. Beginn ing in pri vileg ed E[...]
-
Seite 233
12-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Confi guring Exte nded-Ra nge VL ANs T o return an interfac e to its default conf iguration, use the defaul t interface interface-id interface configurati on c ommand. This exampl e shows ho w to configure a por t as an access por t in VLAN 2: Switch# [...]
-
Seite 234
12-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing Extend ed-Range VLANs Extended -Ran ge VLAN Con figuration Gu idelines Foll ow these guidelines when crea ting exte nded-range VLANs: • T o a dd an extended- range VLAN, y ou mu st use th e vl an vlan-id globa l configurati on command a[...]
-
Seite 235
12-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Displaying VL ANs T o delete an ex tended- range VLAN, use the no vlan vlan -id gl obal con figurati on comm and. The proc edure fo r assign ing stat ic-acc ess port s to an ext ended-r ange VLAN is the s ame as for normal-ra nge VL ANs. See the “ As[...]
-
Seite 236
12-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing VLAN Tr unks For more detail s about the show comman d options an d explanat ions of outp ut fields, see the comm and refere nce fo r th is rel ease. Configuring VL AN Trun ks These sect ions co ntain this co nceptu al in forma tion: • [...]
-
Seite 237
12-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Config uri ng V LAN Trunk s IEEE 802.1Q Configuration Considerations The IE EE 8 02.1Q t runks i mpose these limita tions o n the trun king stra tegy for a network: • In a ne twork of Cisco switch es conne cted through IEEE 802.1 Q trun ks, the sw it[...]
-
Seite 238
12-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing VLAN Tr unks Default Layer 2 Ethernet Inte rface VLAN Con figuration T ab le 12-5 shows the default L ayer 2 Et herne t inte rface V LAN configurat ion. Configuring a n Ethern et Interface as a Trunk P ort Because t runk po rts send a nd [...]
-
Seite 239
12-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Config uri ng V LAN Trunk s • If you try to enabl e IEEE 802 .1x on a t runk por t, an err or message appear s, and IE EE 802.1x is not enab led. If you try to chan ge the mode of an IEEE 802.1 x-ena bled por t to trunk , the po rt mode is not chan g[...]
-
Seite 240
12-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing VLAN Tr unks Defining the Allowed VLANs on a Trunk By default, a trunk port sends traf fic to and recei ves traf fic from all VLANs. All VLAN IDs, 1 to 4094, are al lo wed on each t runk. Ho we ver , you can re mo ve VLANs f rom the allo [...]
-
Seite 241
12-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Config uri ng V LAN Trunk s T o return to the def ault allo wed VLAN l ist of all V LANs, use the no switchport trunk allowed vlan interf ace conf iguration comman d. This exam ple sh ows how to remove VLAN 2 from th e a llowed VLAN list on a p ort: Sw[...]
-
Seite 242
12-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing VLAN Tr unks For informa tion ab out IEEE 802.1Q con figuratio n issues , see the “IEE E 802.1 Q Configurati on Consider ation s” sect ion on page 12-15 . Beginn ing in pri vileg ed EXEC mode, follo w these steps to conf igure the nat[...]
-
Seite 243
12-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Config uri ng V LAN Trunk s Figure 12-2 shows two trunks conne cting s upporte d switche s. In this example, t he switches ar e configured as f oll ows: • VLANs 8 through 10 ar e assigne d a port prio rity of 16 on Trunk 1. • VLANs 3 thr ough 6 ret[...]
-
Seite 244
12-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configur ing VLAN Tr unks Load Sharing Using STP Path C ost Y ou ca n configure para llel tru nks to share VLAN traff ic by setting different pa th costs on a tru nk and associ ating the path costs with di ff erent sets of VLANs, blo cking dif ferent [...]
-
Seite 245
12-23 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Configuring VMPS Beginn ing in priv ileg ed EXEC mode, follo w these steps to co nfigur e the networ k shown in Figure 12-3 : Configuring VMPS The VLA N Quer y Protocol (V QP) is u sed to suppor t dynami c-ac cess ports , which are not perma nently ass[...]
-
Seite 246
12-24 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configuring VMPS • “T rouble shoot ing Dynami c-Acce ss Port VLAN M embership ” secti on on page 12-2 9 • “VMP S Conf igurat ion Exam ple” s ecti on on pa ge 12 -29 Understand ing VMP S Each time t he client switc h recei ve s the MA C add[...]
-
Seite 247
12-25 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Configuring VMPS If the link goes down on a dy namic -access por t, the p ort r eturns to an is olated st ate and do es not be long to a VLAN. An y hosts th at come online thr ough the por t are check ed again thr ough the VQP with the VMPS before the [...]
-
Seite 248
12-26 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configuring VMPS Configuring the VMPS Client Y ou c onfigure dy namic V LANs by usi ng the VMPS (s erver). Th e switc h can b e a VMPS cli ent; it canno t be a VMPS server . Entering the IP Address of the VMPS Y ou must f irst ente r the IP addr ess o[...]
-
Seite 249
12-27 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Configuring VMPS T o return an interfac e to its default conf iguration, use the defaul t interface interface-id interface conf iguration command. T o return an interfac e to its defa ult switchpo rt mode (dynamic a uto), use the no switchport mode int[...]
-
Seite 250
12-28 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configuring VMPS Changing the Retry Count Beginn ing in pri vileg ed EXEC mode, follo w th ese step s to change the number of times that the switch attempt s to conta ct the VMPS before q uerying t he nex t serv er: T o return the switch to it s def a[...]
-
Seite 251
12-29 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 2 Configuring VLANs Configuring VMPS Troublesho oting Dyna mic-Acce ss Port V LAN Memb ership The VMPS shuts down a dynamic -access port unde r these cond itions: • The VMPS is in secure mode, and it does not allo w the host to connect to the port. The VMPS shuts down t[...]
-
Seite 252
12-30 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 12 Configuring VLANs Configuring VMPS Figur e 12 -4 Dynamic P or t VLAN M embership Con figur ation Primar y VMPS Ser ver 1 Catalyst 6500 series Secondar y VMPS Ser ver 2 Catalyst 6500 series Secondar y VMPS Ser ver 3 172.20.26.150 172.20.26.151 Catalyst 6500 series switc[...]
-
Seite 253
C HAPTER 13-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 13 Configuring VTP This c hapter describ es how to us e t he VLA N Trunking Prot ocol ( VTP) a nd the VLAN databa se fo r managing VLANs with the Catalyst 2960 switc h. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the co[...]
-
Seite 254
13-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 13 Configuring VTP Unders tanding VTP These sect ions co ntain this co nceptu al in forma tion: • The VTP Do main, pa ge 13-2 • VTP Mode s, page 13-3 • VTP Ad vert isem ents , pag e 13-3 • VTP V ersi on 2, pa ge 1 3-4 • VTP Prun ing, page 13-4 The VTP Do main A V[...]
-
Seite 255
13-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 13 Configur ing VTP Understanding VTP VTP Mode s Y ou ca n configure a supp orted switc h to be in one of the VT P modes listed i n Ta b l e 1 3 - 1 . VTP Advertisements Each swi tch in the VTP domain sends period ic globa l configuratio n advertise ments f rom each trunk po[...]
-
Seite 256
13-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 13 Configuring VTP Unders tanding VTP • Update id entity an d update timestamp • MD5 diges t VLAN co nf igurat ion, in clud ing max imum tr ansmi ssion unit (M TU) si ze fo r each VLAN. • Frame fo rmat VTP adv ertis ements distrib ute this VLAN in formation for each [...]
-
Seite 257
13-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 13 Configur ing VTP Understanding VTP Figure 13-1 shows a switched network w ithout VTP pruni ng enabled. Port 1 on Switch A and Port 2 on Switch D are assigned to the Red VLAN . If a broadc ast is sent f rom the host connec ted to Switch A, Switch A floo ds the broa dcast a[...]
-
Seite 258
13-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 13 Configuring VTP Conf igu rin g VTP See the “Enabling VT P Pruning” section on page 13-1 4 . VTP pr uning t akes effect sev eral sec onds aft er you enable it. VTP pruni ng does no t prune traffic from VLANs tha t are pruni ng-ineligi ble. VL AN 1 and VLANs 1002 to 1[...]
-
Seite 259
13-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 13 Configur ing VTP Configuring VTP VTP Configuration Options Y ou ca n configure VTP by using th ese configurat ion mode s. • VTP Configura tion in Global Configuration Mode , page 1 3-7 • VTP Configuratio n in VLA N Datab ase Configuratio n Mode, page 13-7 Y ou access [...]
-
Seite 260
13-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 13 Configuring VTP Conf igu rin g VTP VTP Configu ra tion Guidelines These sec tions descr ibe guid eline s you should fol low when implem entin g VTP in your ne twork. Domain Names When co nfiguring VT P for t he first tim e, you must a lways assign a doma in nam e. Y ou [...]
-
Seite 261
13-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 13 Configur ing VTP Configuring VTP • Do not enable VTP V ersion 2 on a switch unless all of the switches in the same VTP domain are V ersion-2-ca pabl e. When yo u enable V ersion 2 on a switc h, all of the V ersion-2- capable sw itches in the domain en able V ersion 2. I[...]
-
Seite 262
13-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 13 Configuring VTP Conf igu rin g VTP When you con figure a domain na me, it cannot be rem oved; you can only rea ssign a switc h to a different domain. T o r eturn the sw itch to a no-passwor d stat e, u se the no vtp password global co nfigurati on comman d. This exampl[...]
-
Seite 263
13-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 13 Configur ing VTP Configuring VTP Configuring a VTP Client When a switch i s in VTP clie nt mode, you ca nnot cha nge its VLAN configuration . The cli ent switch recei v es VTP u pdates from a VTP serv er in th e VTP d omain and then modif ies its confi guration accor din[...]
-
Seite 264
13-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 13 Configuring VTP Conf igu rin g VTP Disabling V TP (VTP Tr anspar ent Mod e) When you conf igure the switch fo r VTP transparent mode, VTP is disable d on the switch. The switch does not send VTP u pdates and does no t act on VT P update s received from ot her switche s[...]
-
Seite 265
13-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 13 Configur ing VTP Configuring VTP Enabling V TP Versio n 2 VTP V ersion 2 is disabled by default on VTP V ersion 2-capab le switches. When you enabl e VTP V ersion 2 on a switch, e very VTP V ersion 2-capable switc h in the VTP domai n enables V ersion 2. Y ou can onl y c[...]
-
Seite 266
13-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 13 Configuring VTP Conf igu rin g VTP Enabling V TP Prunin g Pruning inc reases available bandwi dth by restric ting flood ed traffic to those trunk lin ks that the traff ic must use to acces s the destinat ion devices. Y ou can onl y enabl e VTP prun ing on a swit ch in [...]
-
Seite 267
13-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 13 Configur ing VTP Configuring VTP Beginning i n privileged E XEC mo de, follow these steps to ver ify an d res et the VTP configurati on revision number on a switch befor e adding it to a VTP domain: Y o u can also change the VTP domain name b y enterin g the vlan databas[...]
-
Seite 268
13-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 13 Configuring VTP Monito ring VTP Monitoring VTP Y ou monito r VTP by disp layin g VTP c onfiguration i nforma tion: th e dom ain na me, t he cur rent VT P revision, and the n umber of VLAN s. Y ou ca n also displa y stat istics about the advertis emen ts se nt and recei[...]
-
Seite 269
C HAPTER 14-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 14 Configuring Voic e VLAN This chap ter des cribes how t o conf igure the v oice VLAN feature on the Catalyst 2 960 switch . V oice VLAN is referr ed to as an auxi liary VLAN in some Catalyst 650 0 family switc h documen tation. Note For c omplete s yntax and usag e info r[...]
-
Seite 270
14-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 14 Configuring Voice V LAN Unders tanding Voice VL AN Figur e 14 -1 Cisco 7960 IP Phone Conne ct ed t o a S witc h Cisco IP Phone Voice Traffic Y o u can conf igu re an access port with an attached Cisc o IP Phone to use one VLAN fo r voic e traf f ic and anot her VL AN fo[...]
-
Seite 271
14-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 4 Configuring Voice VLA N Configuring Voice VLAN Configuring Vo ice VLAN These sec tions co ntain this co nfiguration info rmat ion: • Default V oic e VLAN Configuratio n, page 14-3 • V oice VLAN Configu ration Guidelines, page 14-3 • Configuring a Port C onnec ted t[...]
-
Seite 272
14-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 14 Configuring Voice V LAN Configuring Voice VLAN • If the Ci sco IP Phone an d a d e vice a ttached t o the Ci sco IP Ph one ar e in t he same VLAN, they must be in the same IP subnet. These co nditions indica te that they are in the same VLAN: – They both use IEEE 80[...]
-
Seite 273
14-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 4 Configuring Voice VLA N Configuring Voice VLAN Configuring IP Phone Voi ce Traffic Y ou c an con figure a port connec ted to the Cisco IP Phone to send CDP pac kets to th e phone to configu re the wa y in whic h the phon e sends voic e traf fic. The p hone can carry v oi[...]
-
Seite 274
14-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 14 Configuring Voice V LAN Displa ying Vo ice VLA N T o return the port to its defa ult setting, use the no swit chport v oice vlan inter face co nfig uration comm and. Configuring the Priori ty of Incoming Data Frames Y ou ca n connec t a PC or other dat a device to a Cis[...]
-
Seite 275
C HAPTER 15-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 15 Configuring STP This chapt er desc ribes how to configure the Sp anni ng T ree Protoc ol (STP) on port-ba sed VLAN s on the Catalyst 296 0 switch. Th e switch ca n use either th e per-VLAN span ning-tre e plus (PVST+) protocol based o n th e IEEE 802. 1D sta ndard a nd C[...]
-
Seite 276
15-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Unders tanding Spa nning-Tree Featu res • Spanning- T ree Interoper ability and Backwar d Compatibility , page 15-10 • STP and IEEE 802.1Q Trunks, page 15-10 For config uration infor mation, see the “Configuring Spanni ng-Tree Features ” sec tion[...]
-
Seite 277
15-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Unders tanding Spanni ng-Tree Featu res Spannin g-Tr ee Topo logy and BP DUs The stable, ac tiv e spanning-t ree topology of a switch ed network is controlle d by these elem ents: • The uni que bridge ID (sw itch p rior ity and MAC address) a ssociate d[...]
-
Seite 278
15-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Unders tanding Spa nning-Tree Featu res Bridge ID, Switch Priority , an d Extended Syste m ID The IE EE 80 2.1D standa rd requi res th at ea ch switc h has a n uni que bridge ident ifier (bri dge ID ), wh ich control s the select ion of the ro ot switc h[...]
-
Seite 279
15-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Unders tanding Spanni ng-Tree Featu res An interfac e mov es through these state s: • From initiali zation to blocking • From bl ocking to list ening or to disab led • From list ening to lea rning o r to di sabled • From le arning t o fo rwarding [...]
-
Seite 280
15-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Unders tanding Spa nning-Tree Featu res Blocking State A Layer 2 interf ace in th e blocking state does not p articipate in frame f orwardin g. After initi alization , a BPDU is sent to each swi tch interface. A switch initially functions as the root unt[...]
-
Seite 281
15-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Unders tanding Spanni ng-Tree Featu res Disabled State A Laye r 2 int erface in th e disab led state do es not parti cipa te in frame forwar ding or in the span ning tree. An interf ace in the disabled state is nonop erational. A disab led int erfac e per[...]
-
Seite 282
15-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Unders tanding Spa nning-Tree Featu res Spanning Tree and Redun dant Conn ectiv ity Y ou c an crea te a re dundant back bone wi th spannin g tre e by connect ing two switch in terface s to an other device or to two different devices, as shown in Figu re [...]
-
Seite 283
15-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Unders tanding Spanni ng-Tree Featu res Becau se each VLAN is a sepa rate span ning- tree ins tance, th e switch a ccelerate s aging o n a per -VLAN basis . A spanni ng- tree rec onf igur ation on one VLAN can ca use the dyn amic addr esse s learne d on t[...]
-
Seite 284
15-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Configur ing Spannin g-Tree Feat ures Spanning-Tree Interoperability and Backward Compatibility T ab le 15-2 lists the inter operability and compatibility among the s upported s panning-tree mo des in a network. In a mi xed MSTP and PV ST+ n etwork, the[...]
-
Seite 285
15-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Confi guring S panni ng-Tree Featu res • Disabling Spann ing Tree, page 1 5-13 (optiona l) • Configuring t he Root Switc h, page 15-1 4 (opt iona l) • Configuring a Second ary R oot Switch, page 1 5-15 (optional) • Configuring Por t Prio rity , p[...]
-
Seite 286
15-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Configur ing Spannin g-Tree Feat ures If 128 insta nces of spa nning tr ee are alread y in use, yo u can disabl e spanni ng tree on one of th e VLANs and then enable it on th e VLAN where yo u want it to run. Use th e no spanning-tree vlan vl an-id glob[...]
-
Seite 287
15-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Confi guring S panni ng-Tree Featu res T o return to the def ault settin g, use the no spanning-tr ee mode globa l configurat ion com mand. T o ret urn the port to its defa ult setting, use the no spanning-tre e link-type inter face co nf igurat ion comm[...]
-
Seite 288
15-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Configur ing Spannin g-Tree Feat ures Beginning in privileged EXEC mo de, fol low these steps to disabl e spanni ng-tree on a per-VLAN basi s. This proc edure is option al. T o re -enable spa nnin g-tree, use the spanning-tree vlan vlan-id global c onfi[...]
-
Seite 289
15-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Confi guring S panni ng-Tree Featu res Note After conf iguring the switch as the roo t switch, we recomme nd that you av o id manuall y config uring the hello t ime, forward- delay time, and m aximu m-age tim e thro ugh th e spanning-tree vlan vlan- id h[...]
-
Seite 290
15-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Configur ing Spannin g-Tree Feat ures Beginn ing in pri vile ged EXEC mode, follo w these step s to confi gure a switch to b ecome the second ary root for the speci fied VLAN. This pr ocedur e is optional. T o return to the default setting, use t he no [...]
-
Seite 291
15-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Confi guring S panni ng-Tree Featu res Note Th e show spanning-tree inter face interface- id privileged EXEC command displa ys informa tion only if th e port is in a l ink-up oper ative state. Othe rwise, you can use th e show running-conf ig interface p[...]
-
Seite 292
15-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Configur ing Spannin g-Tree Feat ures Beginn ing in pri vileg ed EXEC mode, follo w these steps to conf igure the cost of an interf ace. This procedur e is optional. Note Th e show spanning-tree inter face interface- id privileged EXEC command displa ys[...]
-
Seite 293
15-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Confi guring S panni ng-Tree Featu res Configuring th e Switch Priority of a VLAN Y ou can con fi gure the swit ch pri ority and make it more lik ely that the switc h will b e chosen as the root switch. Note Exercis e care when using this comm and. F or [...]
-
Seite 294
15-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Configur ing Spannin g-Tree Feat ures The sectio ns that f ollow prov ide the c onfi guration ste ps. Configuring the Hello Time Y ou can conf igure the in terv al between th e generation of configu ration messages b y the root switch b y chan ging the [...]
-
Seite 295
15-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 15 Configur ing STP Confi guring S panni ng-Tree Featu res Configuring the Forwarding -Delay Time fo r a VLAN Beginning i n privileged E XEC mode, follow these ste ps to c onfigure t he forwarding -del ay ti me for a VLAN. Th is proc edure is opt ional . T o return to the d[...]
-
Seite 296
15-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 15 Configuring STP Displaying the Spannin g-Tree Stat us Displaying the Sp anning-Tre e Status T o display th e spannin g-tree st atus, use one or mor e of the pri vileged EXE C command s in T abl e 15-5 : Y ou ca n clear spanning- tree co unters by using the clear spanni[...]
-
Seite 297
C HAPTER 16-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 16 Configuring MSTP This chapte r describes ho w to conf igure the Ci sco implementation of the Multiple STP (MSTP) on the Catalyst 296 0 switc h. The MSTP e nables multip le VLANs to be mapp ed to th e same span ning-tree instance, reducin g the number o f spann ing-tree i[...]
-
Seite 298
16-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Unders tanding MST P Understandin g MSTP MSTP , which uses RSTP for ra pid con vergence, en ables VL ANs to be grouped int o a spanni ng-tree instan ce, w ith ea ch insta nce havin g a s panning -tree topo logy inde pendent of other spanning -tree insta[...]
-
Seite 299
16-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Unde rsta ndi ng M STP IST, CIST, an d CST Unlik e PVST+ and rapid PVST+ in which all the spanni ng-tre e instances ar e indepe ndent, the MSTP establishes and maintains tw o types of spanning trees: • An interna l spanning tree (IST) , which is the sp[...]
-
Seite 300
16-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Unders tanding MST P Operations Between M ST Regions If there are multip le regio ns or legac y 802.1D switches wit hin the network, MSTP esta blishes and maintains the CST , which includes all MST reg ions and all leg acy STP switches in the network. T[...]
-
Seite 301
16-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Unde rsta ndi ng M STP Hop Count The IST and M ST inst ances do not use the mes sage- age an d maxi mum-age infor mation in the configurati on BPDU to c ompute the sp anni ng-tre e topolo gy . Inst ead, they use th e pa th cost to the root and a h op-cou[...]
-
Seite 302
16-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Unders tanding RSTP Ho we ver , the switch does not autom atically re vert to t he MSTP mode if it no l onger rece iv es IEEE 802.1D BPDUs be caus e it can not dete ct whe ther the legacy switch h as been r emoved from t he link unless th e legacy switc[...]
-
Seite 303
16-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Understa nding RST P In a st able to pology with co nsisten t po rt roles througho ut the networ k, the RSTP ensur es that every root port a nd desi gnated p ort immedia tely transit ion to t he forwarding state while all a ltern ate and bac kup ports ar[...]
-
Seite 304
16-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Unders tanding RSTP When S witc h C is co nnecte d to Swi tch B , a simil ar set of hands haki ng mes sag es are exch an ged. Switch C select s the port conn ected to Swi tch B as its root port, and both ends imm ediately transition to the forwar ding s[...]
-
Seite 305
16-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Understa nding RST P Figur e 16 -3 Sequence of Ev ents Dur ing Rapid Con ve r gence Bridge Protoco l Data Unit Format an d Process ing The R STP BP DU for mat is th e sam e as t he IEEE 802.1D BPD U fo rmat exce pt tha t th e proto col vers ion is set to[...]
-
Seite 306
16-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Unders tanding RSTP The RSTP does not have a separate topo logy chan ge notificati on (TCN) BPD U. It uses the topology change (TC) f lag to show the topolo gy changes. Howe ver , for interoper ability with IEEE 8 02.1D switches, the RST P swit ch proc[...]
-
Seite 307
16-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Confi guring MST P Featu res • Protoc ol mi gration—F or backwa rd co mpatibil ity with IEEE 8 02.1D swi tches, RSTP selecti vely sends IEEE 802.1D configuratio n BPDUs and TCN BPDU s on a per-port basis. When a port is initializ ed, the migrate- de[...]
-
Seite 308
16-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Configur ing MSTP Featur es For informat ion about the suppor ted numbe r of spanni ng-tree instan ces, see the “Supp orted Spanning -T ree In stan ces” se ction on pag e 15-9 . MSTP Con figuration G uidelines These are th e configurat ion guide li[...]
-
Seite 309
16-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Confi guring MST P Featu res Specifying the MST Region Co nfiguration and En abling MST P For two or more swit ches t o be in the same MST re gion, they must ha v e the same VLAN-to -instance mappin g, the same con figuration revision numbe r , and the [...]
-
Seite 310
16-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Configur ing MSTP Featur es T o r etur n to th e defa ult M ST region c onfigurati on, u se th e no spanning-tree mst configurat ion globa l conf iguration c ommand. T o return to the default VLAN-to-in stance map, use the no instance instance-id [ vla[...]
-
Seite 311
16-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Confi guring MST P Featu res forward- delay ti me, and max imum-a ge time for a network of tha t diamet er , which ca n significantl y reduce the co n ve rg ence time. Y o u can u se the hello k eyw ord to o v erride t he autom atically calc ulated hell[...]
-
Seite 312
16-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Configur ing MSTP Featur es T o return the switch to it s def ault setting, use the no spanning-tree mst instance-id roo t global configurati on c ommand. Configuring Port Priority If a l oop occur s, the MST P uses the port priority when selec ting an[...]
-
Seite 313
16-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Confi guring MST P Featu res Note Th e show sp anning-t ree mst inte rface interface-id privileged EXEC comma nd displa ys informa tion only if the port is in a link- up oper ative state. Ot herwi se, you can use the show running-config interfac e privi[...]
-
Seite 314
16-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Configur ing MSTP Featur es Note Th e show sp anning-t ree mst inte rface interface-id privileged EXEC comma nd displa ys informa tion only for por ts that are in a link-up ope rative state. Other wise, you can use the show running-confi g privileged E[...]
-
Seite 315
16-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Confi guring MST P Featu res Beginning in privileged EXEC mod e, fo llow these steps to co nfigure the sw itch pri ority . T his pr ocedure is optional. T o return the switch to it s def ault setting, use the no spanning-tree mst instan ce-id priority g[...]
-
Seite 316
16-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Configur ing MSTP Featur es Configuring th e Forwarding-Dela y Time Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf igure the forwarding-d elay time for all MST inst ance s. This procedure is optio nal. T o return the switch to it s [...]
-
Seite 317
16-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 16 Configur ing MSTP Confi guring MST P Featu res Configuring th e Maximum-H op Cou nt Beginning i n privileged E XEC mo de, follow these steps to con figure th e ma ximum- hop c ount fo r all MST inst ance s. This procedure is optio nal. T o return the switch to its defaul[...]
-
Seite 318
16-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 16 Configuring MSTP Displaying the MST Configu ration and Stat us Restarting the Protocol Mi gration Proce ss A switch r unning M STP supp orts a built-in pr otocol migrat ion mecha nism that enable s it to i nteroper ate with legacy IEEE 802.1D switche s. If this switc h[...]
-
Seite 319
C HAPTER 17-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 17 Configuring Optional Spannin g-Tree Features This chap ter desc ribes how to configure optio nal spanni ng-tr ee featur es on th e Catalyst 2 960 swi tch. Y ou can configure a ll of these fe ature s when you r switch is ru nning the per-VLAN spann ing-tr ee plus (PVST+) [...]
-
Seite 320
17-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 17 Configu ring Opti onal Sp anning -Tree Feature s Unders tanding O ptional Spann ing-Tre e Features Understand ing Port Fa st Port Fast immedia tely br ings an inte rface configured as an acces s or trunk port to the forward ing state from a blocki ng sta te, bypa ssing[...]
-
Seite 321
17-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 7 Configuring Op tional Spa nning-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Understanding BPDU Guard The BP DU guard feature can be global ly enab led on th e switch or can b e enab led per in terfa ce, b ut the featu re oper ate s wit h som e differe[...]
-
Seite 322
17-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 17 Configu ring Opti onal Sp anning -Tree Feature s Unders tanding O ptional Spann ing-Tre e Features Understanding UplinkFast Switches i n hie rarchic al ne tworks can be grou ped into bac kbone sw itches, distri bution switc hes, an d acces s switches . Figur e 17- 2 sh[...]
-
Seite 323
17-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 7 Configuring Op tional Spa nning-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Figur e 1 7 -3 U plinkF ast Example Bef ore Di r ect Link F ailur e If Switch C detects a lin k failure on the cur rently acti ve link L2 on the root port (a dir e ct link fai[...]
-
Seite 324
17-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 17 Configu ring Opti onal Sp anning -Tree Feature s Unders tanding O ptional Spann ing-Tre e Features The swit ch tries to f ind if it has an alt ernate pa th to the r oot switch. If the inferior BPDU arri v es on a blocked inte rface, t he root port an d other b locked i[...]
-
Seite 325
17-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 7 Configuring Op tional Spa nning-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Figur e 1 7 -6 Ba ckbon eF ast Exam ple Af t er Indir ect Li nk F ailure If a ne w switc h is introduced into a share d-medium topo logy as sho wn in Figu re 17-7 , Back boneF[...]
-
Seite 326
17-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 17 Configu ring Opti onal Sp anning -Tree Feature s Unders tanding O ptional Spann ing-Tre e Features Unders tanding Root Gu ard The Laye r 2 network of a service provide r (SP) can in clude ma ny connectio ns to swit ches that ar e not owned by the SP . In such a topolo [...]
-
Seite 327
17-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 7 Configuring Op tional Spa nning-Tree Features Confi guring Opti onal Spa nning- Tree Featu res Understand ing Loop Guard Y ou can use loo p guard to prevent altern ate o r roo t port s from b ecom ing de signated ports b ecause of a failur e that leads to a unidir ection[...]
-
Seite 328
17-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 17 Configu ring Opti onal Sp anning -Tree Feature s Configur ing Opti onal Spanni ng-Tree Features Optional Spa nning-Tree Co nfiguration Guid elines Y ou ca n configure Port Fast, BPDU gua rd, BPDU filteri ng, Ethe rChan nel guar d, root gua rd, or loop guard if your sw[...]
-
Seite 329
17-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 7 Configuring Op tional Spa nning-Tree Features Confi guring Opti onal Spa nning- Tree Featu res Note Y ou can use the spanning-tree portf ast default global configurat ion co mmand to gl oball y enab le the Port Fast featur e on all nont runking por ts. T o disab le th e[...]
-
Seite 330
17-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 17 Configu ring Opti onal Sp anning -Tree Feature s Configur ing Opti onal Spanni ng-Tree Features Enabling BPDU Filtering When you glo bally enable BPDU fi ltering on Port Fast-e nabled interf aces, it pr ev ents inte rfaces th at are in a Port F ast-operat ional state [...]
-
Seite 331
17-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 7 Configuring Op tional Spa nning-Tree Features Confi guring Opti onal Spa nning- Tree Featu res Enabling Up linkFast for Us e with R edundan t Link s UplinkFas t can not be enab led on VLAN s that have been configured with a swi tch p riority . T o en able UplinkF ast on[...]
-
Seite 332
17-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 17 Configu ring Opti onal Sp anning -Tree Feature s Configur ing Opti onal Spanni ng-Tree Features Enabling Ba ckbon eFast Y ou ca n enab le Backb oneFast to dete ct indire ct link fail ures and to star t the span ning-t ree reconfigur ation sooner. Note If you use Backb[...]
-
Seite 333
17-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 7 Configuring Op tional Spa nning-Tree Features Confi guring Opti onal Spa nning- Tree Featu res Y ou ca n use the show interfaces status err -disabled privileged EXEC co mman d to show which switch ports are disabled because of an Ethe rChannel misconfigu ration. O n the[...]
-
Seite 334
17-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 17 Configu ring Opti onal Sp anning -Tree Feature s Displaying the Spannin g-Tree Stat us Beginn ing in priv ileg ed EXEC mode, follo w these steps to enable lo op guard. This procedur e is optional. T o g lobal ly dis able lo op gua rd, use the no spanning-tree loopguar[...]
-
Seite 335
C HAPTER 18-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 18 Configuring Flex Link s This ch apter describ es how to configure Flex Links, a pair of interfaces o n the Cat alyst 2 960 switch tha t are use d to prov ide a mu tual ba ckup. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter ,[...]
-
Seite 336
18-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 18 Configuring Flex Links Configur ing Flex L inks Figur e 1 8-1 Flex Link s Configu ratio n Example If a p rimary (for warding) li nk go es down, a trap n otifies the network mana gement stations. If the stan dby link goes do wn, a trap notif ies the users. Flex Links are[...]
-
Seite 337
18-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 8 Configuring Fl ex Links Monitor ing Flex Li nks Configurin g Flex Link s Beginning i n privileged E XEC mo de, follow these s teps to con figure a pa ir of Fl ex Links : This e xample s ho ws ho w to conf igur e an interfa ce with a ba ckup int erfac e and to ve rify the[...]
-
Seite 338
18-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 18 Configuring Flex Links Monito ring Flex L inks[...]
-
Seite 339
C HAPTER 19-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 19 Configuring DHCP Features This ch apt er descri bes how to configur e DHC P snoopi ng and t he o ption-82 d ata in sertion featu res on the Catalyst 296 0 switc h. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comm[...]
-
Seite 340
19-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 19 Configuri ng DHCP Feature s Unders tanding DHCP Feat ures DHCP Server The DHCP server as signs IP addresse s from sp ecified address pools on a switch or router to DHCP clients a nd manag es them . If the D HCP server ca nnot give the DHCP client the requ ested c onfigu[...]
-
Seite 341
19-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 9 Configuring DH CP Features Understa nding DHCP Fe atures The s witch d rops a DHCP pack et when one of the se si tuations occur s: • A pack et from a DHCP serv er , such as a DHCPOFFER, DHCP A CK, DHCPN AK, or DHCP LEASEQU ER Y p acket, is r eceived from outsid e t he [...]
-
Seite 342
19-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 19 Configuri ng DHCP Feature s Unders tanding DHCP Feat ures Figur e 1 9-1 DHCP Relay A g ent in a Metr opolitan Ether net Networ k When you ena ble the DHCP snoo ping info rmation option 82 on th e switch, this sequenc e of eve n t s o c c u r s : • The host (DHCP clien[...]
-
Seite 343
19-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 9 Configuring DH CP Features Understa nding DHCP Fe atures In the port field of th e circu it ID subopt ion, the port numbers st art at 3. For example , on a switch w ith 24 10/100 p orts and sma ll form -factor pluggable (SFP) mo dule slots, port 3 is th e Fast Ethernet 0[...]
-
Seite 344
19-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 19 Configuri ng DHCP Feature s Configur ing DHCP Fe atures This is the format of the f ile with bindings: <initial-checksum> TYPE DHCP-SNOOPING VERSION 1 BEGIN <entry-1> <checksum-1> <entry-2> <checksum-1-2> ... ... <entry-n> <checksu[...]
-
Seite 345
19-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 9 Configuring DH CP Features Config uring DHC P Features Default DHCP Co nfiguration T ab le 19-1 shows the default DH CP co nfiguration. DHCP Snooping Config uration Guidelines These ar e the configur ation guidelin es for DHCP snoo ping. • Y ou must gl obally en able D[...]
-
Seite 346
19-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 19 Configuri ng DHCP Feature s Configur ing DHCP Fe atures • Before co nfiguring the DHCP sn ooping inf ormatio n optio n on your switch, be sure to configure t he de vice t hat is actin g as the DHCP serv er . F or ex ample, you must spec ify the IP ad dresse s that the[...]
-
Seite 347
19-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 9 Configuring DH CP Features Config uring DHC P Features Enabling DHC P Snoo ping and Op tion 82 Beginning in privileged EX EC mode , foll ow these ste ps to ena ble D HCP snoo ping on the sw itch: Comma nd Pu rpos e Step 1 conf igure t erminal Enter globa l configurati on[...]
-
Seite 348
19-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 19 Configuri ng DHCP Feature s Configur ing DHCP Fe atures T o disab le DHCP snoopi ng, use the no ip dhcp snooping global configurat ion comm and. T o di sable DHCP snoo ping o n a VLAN or range of VLA Ns, use the no ip dhcp snooping vlan vlan -range global configurati o[...]
-
Seite 349
19-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 1 9 Configuring DH CP Features Displaying DHCP Snooping Information T o s top u sing the da tabas e ag ent a nd bindi ng files, use the no ip dhcp snooping database global configurat ion c omma nd. T o rese t the t imeou t or de lay values, use th e ip dhcp snooping databas[...]
-
Seite 350
19-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 19 Configuri ng DHCP Feature s Display ing DHCP Sno oping Inform ation[...]
-
Seite 351
C HAPTER 20-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 20 Configuring IGMP Sno oping and MVR This cha pter descr ibes how to configure Int ernet Group Ma nageme nt Proto col (IGMP) snooping on the Catalyst 29 60 switch, incl uding an applicat ion of l ocal IGMP sno oping, Mu lticast VLAN Registrati on (MVR). It also includes pr[...]
-
Seite 352
20-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Unders tanding IGM P Snoopin g Note For mor e inf ormati on on IP m ulticast and IG MP , see RFC 1112 and RFC 2236. The multica st router sends out periodic gener al queri es to all VL ANs. All hosts intereste d in this multi cast tra f[...]
-
Seite 353
20-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping Note IGM Pv3 join an d leave messages are not suppo rted on switc hes runn ing IGMP filtering or MVR. An IGMPv 3 swit ch ca n rece iv e messa ges from and fo rward me ssages to a device ru nning the Sourc e [...]
-
Seite 354
20-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Unders tanding IGM P Snoopin g The switc h hardware ca n distingui sh IGMP informa tion packet s from othe r packets for th e multic ast group. T he in format ion in the table te lls the swit ching engine t o send fram es a ddres sed to[...]
-
Seite 355
20-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping When hosts want to lea v e a multicast group, the y can silently leav e, or the y can send a lea ve message. When the switc h rece iv es a lea v e messag e from a host, it se nds a group-spe cif ic qu ery to[...]
-
Seite 356
20-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Configuring IGMP Snooping If you di sable IGMP report supp ression, al l IGMP rep orts are fo rwarded t o the multic ast router s. Fo r configuration steps, see the “Disabling IG MP R eport Suppressi on” sec tion on page 20 -14 . Co[...]
-
Seite 357
20-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Global IGMP sn ooping overri des the V LAN IGMP sn ooping. If glo bal snoo ping is disabl ed, yo u canno t enab le VLAN sno oping. If global sno oping is ena bled, you can enab le or disa ble VLAN snooping. Be[...]
-
Seite 358
20-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Configuring IGMP Snooping Note If you w ant to use CGMP as th e learn ing method a nd no mu lticast rou ters in t he VLAN ar e CGMP proxy-en abl ed, you mu st enter th e ip cgmp router -only comm and to dyna micall y access the router .[...]
-
Seite 359
20-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping T o remo ve a multicas t router port from the VLAN , use the no ip igmp snooping vlan vlan-id mr outer interface inte rface-id global configurat ion comm and. This e xample sho ws how to enable a static conn e[...]
-
Seite 360
20-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Configuring IGMP Snooping Note Im media te Leave is supported only on IGM P V er sion 2 h osts. Beginn ing in pri vileg ed EXEC mode, follo w these steps to enable IGMP Immed iate Lea ve : T o disabl e IGMP Immed iate Lea v e on a VLAN[...]
-
Seite 361
20-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping T o globally reset the IGMP lea ve timer to the default setting, use the no ip igmp snooping last-member -query-int erva l global configura tion co mman d. To re mov e the conf igured IGMP lea v e-time settin[...]
-
Seite 362
20-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Configuring IGMP Snooping Recovering from Flood Mode When a topology change occurs, t he span ning- tree roo t sends a speci al IGMP leave message (also known as global lea ve) with the group multic ast address 0.0.0.0 . Ho we ver , wh[...]
-
Seite 363
20-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configuring th e IGMP S nooping Qu erier Follow these guideli nes wh en configuring t he IGMP snoo ping queri er: • Conf igure the VLAN in glob al conf iguration mode. • Conf igure an IP addre ss on th e [...]
-
Seite 364
20-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Displaying IGMP Snooping Information This exam ple sh ows how to set th e IGM P snoop ing q uerie r sour ce add ress to 10.0.0 .64: Switch# configure terminal Switch(config)# ip igmp snooping querier 10.0.0.64 Switch(config)# end This [...]
-
Seite 365
20-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information T o d isplay IGMP snoo ping i nform ation , use one or mo re of t he privileged EX EC comm ands in T ab le 20-4 . For more inform ation abou t the keywords and option s in thes e co mman ds, see th[...]
-
Seite 366
20-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Unde rs tand ing M ult icas t VLA N Re gist rat ion Understandin g Multicast VL AN Registration Multica st VLA N R egistration (MVR) is d esigned for appli cations using w ide-sc ale d eploymen t of multic ast tr aff ic acr oss an Et h[...]
-
Seite 367
20-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Understanding Multicast VLAN Registration Figur e 20-3 Multica st VLAN Registr ation Ex ample When a subscriber chan ges channels or turns of f the tele vision, the set-to p box sends an IGMP leav e message for t he multica st stream [...]
-
Seite 368
20-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Conf igu rin g MVR These messa ges dynamically re gister for streams o f multicast traf fic in the multicast VL AN on the Layer 3 device. Switch B. The a ccess layer sw itch, Swi tch A, modifies t he forward ing be havior to a llow the[...]
-
Seite 369
20-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Configuring MVR • Because MVR on the switch uses IP multicast ad dresses instead of MA C m ulticast add resses, aliased IP multicast addresses are allo wed on the switch . Ho we ver , if the sw itch is interoperatin g with Catalyst [...]
-
Seite 370
20-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Conf igu rin g MVR T o return the switch to its defau lt settings, use th e no mvr [ mode | group ip- ad dress | querytime | vlan ] global configurat ion comm ands. This e xample s ho ws ho w to enab le MVR, conf igur e the group addre[...]
-
Seite 371
20-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Displaying MVR Information T o return the interfa ce to its default setti ngs, use the no mvr [ ty pe | immediate | vl an vlan -id | gro up ] interf ace conf iguration comman ds. This exam ple sh ows how to co nfigure a port a s a r e[...]
-
Seite 372
20-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Con figur ing IGM P Fil te ring and Thro ttli ng Configuring IGMP Fi lteri ng and Throttling In some en vironments, for ex ample, metropo litan or multiple-dwell ing unit (MDU) installat ions, you might w ant to control th e set of mul[...]
-
Seite 373
20-23 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling Default IGMP Filtering and Throttling Configuration T ab le 20-7 shows the def ault IGMP filter ing config uration. When the maximum numb er of groups is in forward ing table, the de fault IGM[...]
-
Seite 374
20-24 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Con figur ing IGM P Fil te ring and Thro ttli ng T o delete a prof ile, us e the no ip ig mp pro f ile pr ofile number gl obal co nfigurati on comm and. T o delete an IP multicast addre ss or range of IP multicast add resses, use the n[...]
-
Seite 375
20-25 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling T o remo ve a p rof ile fro m an interf ace, u se the no ip igmp f ilter pr ofile nu mber inter face c onfigu ration comm and. This exam ple sh ows how to appl y IGMP profile 4 t o a port: Swi[...]
-
Seite 376
20-26 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Con figur ing IGM P Fil te ring and Thro ttli ng Foll ow these gui delines when conf iguring the IGMP thro ttling action : • Y o u can u se thi s comman d on a l ogic al Ethe rChann el interf ace but ca nnot u se it on ports th at be[...]
-
Seite 377
20-27 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 0 Configuring IGMP Sno oping and M VR Displaying IGMP Filtering and Throttling Configuration T o return to the def ault action of dro pping the repor t, use the no ip igmp max-groups ac tion interfac e configurati on c ommand. Displaying IGMP Filtering and Throttling Conf[...]
-
Seite 378
20-28 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 20 Configuring IGMP Snooping and MVR Displaying IGMP Filterin g and Thro ttling Configu ration[...]
-
Seite 379
C HAPTER 21-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 21 Configuring Port-Base d Traffic Con trol This chapte r descr ibes ho w to con fig ure the por t-base d traf f ic contro l featur es on the Cata lyst 2960 switch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman[...]
-
Seite 380
21-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 21 C onfiguring Port-Based Traffic Contro l Configuring Storm Control Storm contro l use s one o f these metho ds to m easure t raf f ic acti vity: • Bandwidth as a perc entage of the tot al av ailable bandwidth of the por t that can be used b y the broadca st, mul ticas[...]
-
Seite 381
21-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 1 Configuring Port-B ased Traff ic Control Configuring Storm Control Default Storm Control Configuration By default, unicast, broad cast, and multicast sto rm control are disabled on the swit ch interf aces; that is, the suppression le ve l is 100 percent. Configur ing Sto[...]
-
Seite 382
21-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 21 C onfiguring Port-Based Traffic Contro l Configuring Storm Control Step 3 sto rm- con tr ol { br oadcast | mul ticast | unicast } le vel { le vel [ lev el-low ] | bps bps [ bps-low ] | pps pps [ pps-low ]} Configure broa dcast, m ultica st, or unica st storm c ontrol . [...]
-
Seite 383
21-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 1 Configuring Port-B ased Traff ic Control Configuring Protected Ports T o disabl e storm co ntrol, use the no storm-control { br oadcast | multicast | unicast } level interface configurati on c ommand. This exa mple shows how to ena ble un icast stor m c ontrol on a port [...]
-
Seite 384
21-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 21 C onfiguring Port-Based Traffic Contro l Configur ing Port Block ing Prot ected P ort Co n figuration Guidelines Y ou ca n configure protec ted port s on a physical inter face (for exam ple, Gi gabit Eth erne t port 1) o r an Ether Channel group (for example, port -chan[...]
-
Seite 385
21-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 1 Configuring Port-B ased Traff ic Control Confi guring Port Securi ty Blocking Flooded Tra ffic on an Interface Note Th e inter face can be a physica l interfac e or an Ether Chann el group. When you blo ck multic ast or unic ast traffic for a port chan nel, it is bloc ke[...]
-
Seite 386
21-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 21 C onfiguring Port-Based Traffic Contro l Configuring Port Security • Enab ling and Configurin g Port Se curity , page 2 1-11 • Enablin g and Configurin g Port Se curity Aging, page 21-15 Understand ing Port Secu rity These sect ions co ntain this co nceptu al in for[...]
-
Seite 387
21-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 1 Configuring Port-B ased Traff ic Control Confi guring Port Securi ty Security Violations It is a security violatio n when o ne of the se situatio ns occurs: • The max imum number of secur e MA C addre sses have been add ed to t he addre ss table, and a sta tion whose M[...]
-
Seite 388
21-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 21 C onfiguring Port-Based Traffic Contro l Configuring Port Security Default Port Security Configuration T ab le 21-2 shows the def ault port security conf iguration for an interface. Port Secu rity Con figuration Guidelines Foll ow these gui delines when co nfig uring p[...]
-
Seite 389
21-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 1 Configuring Port-B ased Traff ic Control Confi guring Port Securi ty T ab le 21-3 summarizes port secu rity compati bility with other por t-based f eatures. Enabling a nd Con figuring Port Security Beginn ing in privi leged EXEC mode, follo w these steps to restrict inp[...]
-
Seite 390
21-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 21 C onfiguring Port-Based Traffic Contro l Configuring Port Security Step 6 switchport port-security [ maximum value [ vlan { vlan-list | { acces s | vo i ce }}]] (Opti onal) Set th e maxim um number of se cure MAC addresses for the interfa ce. The ma xim um number of se[...]
-
Seite 391
21-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 1 Configuring Port-B ased Traff ic Control Confi guring Port Securi ty Step 8 switchport port-security [ mac-addre ss mac-ad dr ess [ vlan { vlan-id | { access | voice }}] (Optiona l) En ter a secu re M A C addr ess fo r th e int erface. Y ou can use this co mmand to ente[...]
-
Seite 392
21-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 21 C onfiguring Port-Based Traffic Contro l Configuring Port Security T o return the in terface to the defau lt conditi on as not a secu re port, use the no switchport port-se curity interf ace conf iguration command. I f you enter this command wh en sticky learning is en[...]
-
Seite 393
21-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 1 Configuring Port-B ased Traff ic Control Confi guring Port Securi ty Switch(config-if)# switchport port-security mac-address 0000.0000.0003 Switch(config-if)# switchport port-security mac-address sticky 0000.0000.0001 vlan voice Switch(config-if)# switchport port-securi[...]
-
Seite 394
21-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 21 C onfiguring Port-Based Traffic Contro l Displaying Port-Base d Traffic Cont rol Settings T o di sable port se curity agi ng for all sec ure addr esses on a port, use the no switchport port-security aging tim e interfac e conf igur ation comma nd. T o disabl e aging fo[...]
-
Seite 395
C HAPTER 22-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 22 Configuring CDP This c hapter d escrib es how to configure Cisco Discovery Protoco l (C DP) on the Catalyst 2960 swi tch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman d reference for t his release a nd the [...]
-
Seite 396
22-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 22 Co nfigu ring CD P Conf igu rin g CD P Configuring CDP These sec tions co ntain this co nfiguration in format ion: • Default CDP Configurat ion, pa ge 22-2 • Conf iguring the CDP Ch aracteri stics, page 22-2 • Dis ablin g an d Ena bli ng CDP , pa ge 22 -3 • Dis[...]
-
Seite 397
22-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 2 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings. This e xample sho ws ho w to conf igur e CDP character istics. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdtime 120 Switch(config)#[...]
-
Seite 398
22-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 22 Co nfigu ring CD P Conf igu rin g CD P Disabling an d Enab ling CDP on a n Interfac e CDP is enabled by def ault on all supported inter faces to send and to rece iv e CDP information . Beginning in privileged EX EC mo de, fol low these s teps to d isab le CDP on a p or[...]
-
Seite 399
22-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 2 Configuring CDP Monitoring and Maintaining CDP Monitoring and Maintaining CDP T o m onito r and m aintai n CDP on your device, per form one or mor e of these tasks, begi nning in privileged EXEC mode . Command Description clear cdp counters Reset the tr af fic counter s [...]
-
Seite 400
22-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapte r 22 Co nfigu ring CD P Monito ring and Mai ntainin g CDP[...]
-
Seite 401
C HAPTER 23-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 23 Configuring SPAN and RSPAN This chap ter des cribes ho w to conf igure Switc hed Port Analyzer (S P AN) and Rem ote SP AN (RSP AN) on the Ca talyst 29 60 sw itch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comma[...]
-
Seite 402
23-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N These sect ions co ntain this co nceptu al in forma tion: • Local SP AN, page 23-2 • Remo te SP AN, page 23-2 • SP AN and RSP AN Conce pts and T ermino logy , pa ge 23 -3 • SP AN a nd RSP AN Inte raction [...]
-
Seite 403
23-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Understandi ng SPAN and RS PAN Figur e 23 -2 Example of R SP AN Configur ation SPAN and RS PAN Conc epts a nd Terminology This secti on descri bes conce pts an d terminology associat ed with SP A N and RSP AN co nfiguration. SPAN Sessions SP AN [...]
-
Seite 404
23-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N An RSP AN source sessio n is ver y similar to a lo cal SP AN session, ex cept for where the pack et stre am is directe d. In an RSP AN source session, SP AN packets are r elabeled w ith the RSP AN VLAN ID and dir[...]
-
Seite 405
23-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Understandi ng SPAN and RS PAN • T rans mit (T x) SP A N—Th e goal of tran smi t (or egress) SP AN is to moni tor as much as pos sible a ll the p ackets sent b y the sou rce int erfac e aft er all m odif ication and p rocess ing is perfor me[...]
-
Seite 406
23-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N • It ca n be a n acce ss por t, trunk port , or voic e VLA N port . • It ca nnot be a de stinati on po rt. • Source por ts can be in the same or differen t VLANs. • Y ou can monit or multiple so urce port[...]
-
Seite 407
23-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Understandi ng SPAN and RS PAN A destinati on port has th ese charact eristics: • For a local SP A N session, the d estinat ion port must reside on the same sw itch as the source port. For an RSP AN session, it is located on the switch contain[...]
-
Seite 408
23-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N RSPAN V LAN The RSP AN VLAN c arries SP AN traf f ic betwe en RSP AN source and destination se ssions. It has these special ch aracter istics: • All traf fic i n the RS P AN VLAN i s alw ays flooded. • No MAC[...]
-
Seite 409
23-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Config uring SPAN and RSPAN If a physi cal por t that be longs to an Ethe rChan nel gro up is a d estinat ion port and the E therC hannel group is a sourc e, the port i s removed from t he E therCh annel g roup a nd from t he li st of mon itore [...]
-
Seite 410
23-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Configuring Local SPAN These sec tions co ntain this co nfiguration in format ion: • SP AN Co nfig uration Guideline s, page 23-10 • Creating a Loca l SP AN Session, page 23 -10 • Creati ng a Local SP AN Sessi[...]
-
Seite 411
23-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Config uring SPAN and RSPAN Step 3 monitor s ession session_numbe r source { interface in terface-id | vl an vlan-id } [ , | - ] [ both | rx | tx ] Specify the SP AN sessio n an d the source p ort (monit ored po rt). Fo r session _number , th e[...]
-
Seite 412
23-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN session, use the no mo nitor session session _number gl obal c onfiguration c ommand. T o r emove a source or d estination port or VL AN from the SP A N sessi on, use the no monitor session sessio[...]
-
Seite 413
23-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Config uring SPAN and RSPAN This exampl e shows ho w to disab le rece iv ed traffic monitorin g on port 1, whic h was configured for bidirec tional mo nitorin g: Switch(config)# no monitor session 1 source interface gigabitethernet0/1 rx The mo[...]
-
Seite 414
23-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN session, use the no mo nitor session session _number gl obal c onfiguration c ommand. T o r emove a source or d estination port or VL AN from the SP A N sessi on, use the no monitor session sessio[...]
-
Seite 415
23-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Config uring SPAN and RSPAN This example shows how to remov e any existing configuration on SP A N session 2, configure SP A N session 2 to mo nitor received traff ic on Gigabit Etherne t sourc e port 1, an d send it to destina tion Gi gabit Et[...]
-
Seite 416
23-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o monitor all VLANs on the trunk port, use the no monitor session session_nu mber filt er global configurati on c ommand. This example shows how to remov e any existing configuration on SP A N session 2, configure[...]
-
Seite 417
23-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Config uring SPAN and RSPAN • RSP AN VLANs a re included as sou rces for port- based RSP A N sessions when source trunk por ts ha ve acti ve RSP AN VLANs. RSP AN VLANs can also be sources in SP AN sessions. Ho wev er , since the swi tch do es[...]
-
Seite 418
23-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Creating an RSPAN S ource Session Beginning in privileged EXEC mo de, fol low these steps t o start an RSP AN source se ssion and to specif y the monito red source a nd the destin ation RSP AN VLAN: T o delete a SP [...]
-
Seite 419
23-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Config uring SPAN and RSPAN T o rem ove a source port or VLAN fro m the SP AN ses sion, use the no monitor session session_n umber sour ce { interface interface-id | vlan vlan-i d } global conf iguration comman d. T o remo ve th e RSP AN VLAN f[...]
-
Seite 420
23-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN session, use the no mo nitor session session _number gl obal c onfiguration c ommand. T o r emove a destinat ion por t from the SP AN session, use the no monito r session session_ number destinati[...]
-
Seite 421
23-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Config uring SPAN and RSPAN T o delete an RSP AN session, use the no monitor session session_number global configuration comman d. T o remove a destin ation po rt from the RSP A N session, use the no monit or session session_num ber destination[...]
-
Seite 422
23-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Specifying VLANs to Filter Beginning in privileged EXEC mo de, follow these steps to con figure the RSP AN source session to limit RSP AN source traf f ic to specif ic VLANs: T o monitor all VLANs on the trunk port,[...]
-
Seite 423
23-23 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Displaying SPAN and RS PAN Sta tus Displaying SPAN and RSPAN Status T o displ ay the cu rrent SP AN or RSP AN configurat ion, use the show monitor user EXEC comm and. Y ou can also use t he show running-conf ig privileged EX EC comm and to d is[...]
-
Seite 424
23-24 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 23 Configuring SPAN and RSPAN Display ing SPAN and RSPAN Status[...]
-
Seite 425
C HAPTER 24-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 24 Configuring UDLD This c hapter descri bes how to c onfigure t he Un iDirec tional Link D etect ion (U DLD) protoc ol on t he Catalyst 2960 switch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman d refere nce f[...]
-
Seite 426
24-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 24 Configuring UDLD Unders tanding U DLD In norm al mode, UDL D detect s a unidirec tional li nk when f iber strand s in a fi ber -opt ic port are misconnecte d and the Layer 1 mechanisms do not de tect this misconnec tion. If the po rts are connected correctl y bu t the t[...]
-
Seite 427
24-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 4 Configuring UD LD Understand ing UDLD • Ev ent-dr iv en det ection an d echoin g UDLD re lies on echo ing as its detec tion m echanism . Whene ver a U DLD de vice lear ns abou t a ne w neighb or or receives a resynchro nizat ion requ est from an out-of -sync nei ghbor,[...]
-
Seite 428
24-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 24 Configuring UDLD Conf igu ring U DLD Configuring UDLD These sec tions co ntain this co nfiguration in format ion: • Default UD LD Configurat ion, pa ge 24-4 • Configuration Gu idelines, page 24-4 • Ena bling UDLD Gl oball y , page 24-5 • Ena bling U DLD on an In[...]
-
Seite 429
24-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 4 Configuring UD LD Configur ing UDLD Enabling UDL D Globally Beginn ing in pri vilege d EXEC mode, follo w th ese steps to enable UDLD in the aggressi ve or nor mal mode a nd to se t th e co nfigurable m essag e time r on all fiber-optic p orts on the switch : T o d isab [...]
-
Seite 430
24-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 24 Configuring UDLD Displa ying U DLD Statu s Resetting an Interface Disabled by UDLD Beginn ing in pri vilege d EXEC mode, follo w these steps to reset all ports disable d by UDLD: Y ou ca n also bri ng up the port by using th ese comma nds: • The shutdown inter face co[...]
-
Seite 431
C HAPTER 25-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 25 Configuring RMON This c hapter describ es how to c onfigure Remo te N etwork Mo nitori ng (RMO N) on the C ataly st 2960 switch. RMON i s a standa rd m onitori ng specificati on that defines a se t of sta tistics a nd f unctions that can be exchanged between RMON-c ompli[...]
-
Seite 432
25-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 25 Configuring RMON Conf igu ring R MON Figur e 25 -1 Remote Monito r ing Ex ample The switc h supports these RM ON groups (defined in RFC 1757) : • Statistics ( RMON group 1)—Collects Ethernet statistics ( including F ast Ether net and Gig abit Ethern et statist ics, [...]
-
Seite 433
25-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 25 Configur ing RMON Confi guring RMON Default RMON Configuration RMON is disa bled by default ; no alarms or events are configur ed. Only RMON 1 is supp orted on the switch. Configuring R MON Alarms a nd Events Y ou can configure your s witc h for RMON by using t he com man[...]
-
Seite 434
25-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 25 Configuring RMON Conf igu ring R MON T o disable an alarm, use the no rm on al arm number global c onfigurati on com mand on e ach al arm you configured . Y o u ca nnot di sable at on ce al l the a larms that yo u con figured. T o disable an event, use t he no rmo n eve[...]
-
Seite 435
25-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 25 Configur ing RMON Confi guring RMON Collectin g Group Hist ory St atistics on an Interface Y ou must first c onfigure RM ON al arms an d events to displ ay co llec tion inf ormat ion. Beginn ing in pri vile ged EXEC mo de, follo w these steps to collect gr oup history sta[...]
-
Seite 436
25-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 25 Configuring RMON Displa ying RM ON Sta tus Collectin g Group Et hernet St atistics on an Interface Beginn ing in pr iv ileged EXEC mode, follo w thes e steps to collect g roup Ethernet statistic s on an interf ace. This proc edure is optional. T o disa ble t he coll ect[...]
-
Seite 437
C HAPTER 26-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 26 Configuring System Message Logg ing This chapter descr ibes ho w to configure syst em message logging on the Catalyst 2960 switch . Note For c omplete sy ntax a nd usag e info rmation for th e comman ds used in th is chapt er , see the Cisco IOS Configuration Fund amen t[...]
-
Seite 438
26-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 26 Config uring Syste m Message Logg ing Configur ing System Message L ogging Configuring Sy stem Message Lo gging These sec tions co ntain this co nfiguration in format ion: • System Log Me ssage Format, page 26-2 • Default Syste m Message Logg ing Con f igura tion, p[...]
-
Seite 439
26-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 6 Configuring Syste m Message L ogging Config uring Syst em Message Logging This example shows a partial switch system message : 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 00:00:47: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to [...]
-
Seite 440
26-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 26 Config uring Syste m Message Logg ing Configur ing System Message L ogging Beginning i n privileged E XEC mo de, follow these s teps to di sable message loggi ng. Thi s proc edure is optional. Disabling the logging process can slow d o wn the switc h because a process m[...]
-
Seite 441
26-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 6 Configuring Syste m Message L ogging Config uring Syst em Message Logging The logging buffered globa l configur ation comm and c opies l ogging messa ges to a n inte rnal buffer . The buf fer is c ircul ar , so ne wer message s overwrite o lder m ess ages af ter t he buf[...]
-
Seite 442
26-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 26 Config uring Syste m Message Logg ing Configur ing System Message L ogging is retu rned. Ther efore , unsolici ted messag es and deb ug command output ar e not inter sperse d with solicite d device o utput and p rompts. Afte r the unsol icited m ess ages ap pear, the co[...]
-
Seite 443
26-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 6 Configuring Syste m Message L ogging Config uring Syst em Message Logging Enabling a nd Disab ling Time S tamps on Log M essages By default, log message s are not time-stam ped. Beginning in privileged EXEC mo de, follow these steps to enab le time-st ampin g of log me s[...]
-
Seite 444
26-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 26 Config uring Syste m Message Logg ing Configur ing System Message L ogging T o di sable seq uenc e numbers, use the no service seque nce-numbers global co nfiguration c omman d. This example shows part of a logging displa y with seque nce numbe rs enabl ed: 000019: %SYS[...]
-
Seite 445
26-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 6 Configuring Syste m Message L ogging Config uring Syst em Message Logging T ab le 26-3 descri bes the le vel keywords. It also li sts the corre sponding UNIX syslog definitions f rom the most se vere le vel to the least sev ere le v el. The sof tware genera tes fou r oth[...]
-
Seite 446
26-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 26 Config uring Syste m Message Logg ing Configur ing System Message L ogging Beginn ing in pr iv ilege d EXEC mode, follo w the se steps to change th e le ve l and hi story table si ze defaults. T his proc edure i s option al. When the histor y table is full (i t contain[...]
-
Seite 447
26-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 6 Configuring Syste m Message L ogging Config uring Syst em Message Logging Logging Messages to a UNIX Syslog Daemo n Before yo u can send system log messages to a UNIX syslog server , you must con figure the syslog daemon on a UNIX ser ver . T his p rocedur e i s opti on[...]
-
Seite 448
26-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 26 Config uring Syste m Message Logg ing Display ing the Log ging Confi guration T o remo ve a syslog serv er , use the no logging ho st gl obal c onfiguration comm and, and specif y the syslo g server IP address. T o disable logging to syslog servers, enter the no lo ggi[...]
-
Seite 449
C HAPTER 27-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 27 Configuring SNMP This chapt er describ es ho w to configure the Simpl e Network Mana gement Proto col (SNM P) on the Catalyst 2960 switch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman d refere nce fo r th i[...]
-
Seite 450
27-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 27 Co nfiguring SNMP Unders tanding SNM P • Using SNMP to Access MIB V a riables, page 27-4 • SNMP Notif ications, page 27-5 • SNMP ifIn dex MIB Object V alue s, page 27 -5 SNMP Versio ns This sof tware re lease su pports t hese SN MP versions : • SNMPv1—Th e Sim[...]
-
Seite 451
27-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 27 Configur ing SNMP Underst anding SN MP T ab le 27-1 identif ies the charac teristics of the dif ferent combinations of secur ity models and le vels. Y ou must configure the SN MP agent to use the SNMP version supp orted by the mana gement station. Because an ag ent can co[...]
-
Seite 452
27-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 27 Co nfiguring SNMP Unders tanding SNM P SNMP Agen t Fun ctions The SNMP a gent responds to SNMP manage r requests as follo ws: • Get a MIB v ariable—Th e SNMP agent be gins this functi on in response to a request f rom the NMS. The agen t retri ev es the value of the[...]
-
Seite 453
27-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 27 Configur ing SNMP Underst anding SN MP Figur e 27 -1 SNMP Networ k For informati on on suppor ted MIBs and how to access them, see Appen dix A, “ Suppor ted MIBs. ” SNMP Notifications SNMP allo ws the switch to send n otifica tions to SN MP managers when par ticular e[...]
-
Seite 454
27-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 27 Co nfiguring SNMP Conf igu rin g SNMP The swi tch u ses on e of the v alue s in T able 2 7-3 to assign an ifInde x valu e to an interfac e: Note The switch m ight not use s equential va lues with in a ran ge. Configuring SNMP These sec tions co ntain this co nfiguration[...]
-
Seite 455
27-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 27 Configur ing SNMP Configuring SNMP SNMP Config ura tion Guidelines If the swi tch star ts and the wit ch startup conf igurat ion has at le ast one snmp-serv er globa l configuration comm and, the SNM P ag ent i s en ab led. An SNMP gr oup is a tab le th at maps SNMP users[...]
-
Seite 456
27-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 27 Co nfiguring SNMP Conf igu rin g SNMP Disabling the SNMP Agent Beginn ing in pr iv ileged EXEC mode, f ollo w these steps to disable the SNMP agent: The no snmp-server global con figuration co mman d disable s all runn ing versions (V ersi on 1, V ersio n 2C, an d V er [...]
-
Seite 457
27-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 27 Configur ing SNMP Configuring SNMP Note T o disa ble a ccess for an SNMP c ommunity , set th e commu nity string for th at com munity to the null string (do not enter a value for th e communi ty string ). T o remov e a specif ic community string, use the no snm p-s erver [...]
-
Seite 458
27-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 27 Co nfiguring SNMP Conf igu rin g SNMP Beginn ing in pri vileg ed EXEC mode, follo w th ese step s to configur e SNMP on the switch: Command Purpo se Step 1 co nfigure term ina l En ter global co nfiguration mo de. Step 2 sn mp- server en gi neID { loca l eng ineid-stri[...]
-
Seite 459
27-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 27 Configur ing SNMP Configuring SNMP Configuring SNMP Notifications A trap manag er is a mana geme nt statio n that recei ves and pr ocesses traps. T raps are sy stem aler ts that the switc h gen erates wh en cert ain events occu r . By default, no trap mana ger is defined[...]
-
Seite 460
27-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 27 Co nfiguring SNMP Conf igu rin g SNMP Note Th ough v isible in the com mand- line he lp strin gs, the cpu [ thre shol d ], insertion , a nd removal ke yword s are not sup ported. T o enab le the sendin g of SNMP infor m notifications, use the sn mp- server e nable trap[...]
-
Seite 461
27-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 27 Configur ing SNMP Configuring SNMP Beginn ing in pri vileg ed EXEC mode, f ollow these steps to conf igure th e switch to send traps or infor ms to a host: Command Purpose Step 1 conf igure terminal Enter globa l configurati on mode. Step 2 snmp-ser ver engineID r emot e[...]
-
Seite 462
27-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 27 Co nfiguring SNMP Conf igu rin g SNMP The snmp-ser ver host comman d speci fies which h osts r ecei ve the n otif ications. The snmp-ser ver enab le trap command global ly enable s the mech anism for t he specif ied notif ication (f or trap s and informs ). T o enable [...]
-
Seite 463
27-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 27 Configur ing SNMP Configuring SNMP Limiting TFTP Server s Used Thr ough SNM P Beginning i n privileged E XEC mo de, follow these s teps to lim it the TFTP servers u sed f or saving a nd loading c onfigu ration f iles thro ugh SNMP to the server s specif ied in a n access[...]
-
Seite 464
27-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 27 Co nfiguring SNMP Displaying SNMP Status This e xample shows h ow to allo w r ead-only ac cess for all objects to members of access list 4 that use the coma ccess community string. No other SNMP mana gers have access to any objects. SNMP Authentic ation Failu re traps [...]
-
Seite 465
C HAPTER 28-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 28 Configuring Network Security with ACLs This c hapter d escribes how to configure ne twork sec urity on the C atalyst 2960 switch by using acc ess contr ol lists (A CLs), which in comman ds and tables are also refer red to as access lists. Note In format ion in this ch ap[...]
-
Seite 466
28-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Unders tandin g ACLs Y ou co nfigure acc ess lists on a switc h to provide ba sic secur ity for your ne twork. If you do not configure A CLs, all packets pa ssing thro ugh the switc h could be al lowed onto all par ts of the networ[...]
-
Seite 467
28-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Unde rsta ndi ng AC Ls Figur e 28 -1 Using A CLs t o Contr ol T ra ff ic t o a Netw or k When you apply a port A CL to a trunk port, the A CL filters traf fic on all VLANs presen t on the trunk port. When you apply a po rt ACL to [...]
-
Seite 468
28-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Conf iguri ng I Pv4 AC Ls Consid er acc ess l ist 102, conf igured wi th these command s, ap plied t o thre e frag mented p ackets : Switch(config)# access-list 102 permit tcp any host 10.1.1.1 eq smtp Switch(config)# access-list 1[...]
-
Seite 469
28-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs The sw itch does not support these Cisco IOS router ACL-related fe atures: • Non -IP prot ocol A CLs (see T abl e 28-1 on page 28-6 ) or bri dge-g roup A CLs • IP accoun ting • Inbound an d outbou nd ra[...]
-
Seite 470
28-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Conf iguri ng I Pv4 AC Ls Access List Numbers The numbe r you use to denote your ACL sho w s the type of access list that you are cre ating. T a ble 28-1 lists the ac cess-list number and cor respon ding acce ss li st type and sho [...]
-
Seite 471
28-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Creating a Numbered Standard ACL Beginning in privileged EX EC mode, fol low these steps t o create a nu mbered st anda rd A CL: Use th e no access-list access-list- number gl obal co nf igurati on comm and t[...]
-
Seite 472
28-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Conf iguri ng I Pv4 AC Ls The switch alwa ys re writes th e order of sta ndard acce ss lists so that e ntries with host matche s and en tries with mat ches having a do n’t car e mask of 0.0.0.0 ar e mov ed to the top of the list,[...]
-
Seite 473
28-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Beginn ing in pri vileg ed EXEC mode, follo w th ese step s to create an extended A CL: Command Purpo se Step 1 co nfi gure terminal En ter glob al co nfiguration mo de. Step 2a a ccess-list ac cess-list-n um[...]
-
Seite 474
28-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Conf iguri ng I Pv4 AC Ls or access-list access-list-number { deny | permit } pr o tocol host sour ce host d estination [ prec edence pr eceden ce ] [ tos tos ] [ fragmen ts ] [ tim e-range time- range-name ] [ dscp dsc p ] Def in[...]
-
Seite 475
28-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Use the no access-lis t access- list-number global con figur ation command to delete the enti re access list. Y ou canno t dele te in dividual ACEs from n umber ed acc ess lis ts. This e xample sho ws how to[...]
-
Seite 476
28-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Conf iguri ng I Pv4 AC Ls After c reating a numb ered e xtended A CL, you can apply it to termina l lines (see the “ Applying an IPv4 A CL to a T erminal Li ne” sec tion on page 2 8-16 ), to inter faces (see t he “ Appl ying[...]
-
Seite 477
28-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs T o remo ve a na med st andar d A CL, us e the no ip access-list standard name globa l configuratio n comm and. Beginn ing in pri vilege d EXEC mode, follo w th ese steps to create an extended A CL using nam[...]
-
Seite 478
28-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Conf iguri ng I Pv4 AC Ls After y ou creat e an A CL, any ad dition s are plac ed at the en d of the list. Y ou cannot se lecti v ely add A CL entrie s to a specif ic A CL. Howe ver , you can use no permit and no deny access-list [...]
-
Seite 479
28-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Repeat the steps if you ha ve multiple items that you w ant in ef fect at dif ferent times. T o remo ve a co nf igured time-ran ge limit ation , use the no time-ran ge time-range-na me globa l configurati on[...]
-
Seite 480
28-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Conf iguri ng I Pv4 AC Ls The rem ark ca n go before or after a permi t or deny statem ent. Y ou shou ld be con sistent ab out wh ere you put the rem ark so that it is cl ear which r emark describes w hich permit or den y statem e[...]
-
Seite 481
28-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs T o remo ve an A CL from a term inal line, use the no access-class access- list-number { in | out } l ine configurati on c ommand. Applying an IPv4 ACL to an Interface This se ction descri bes how to apply I[...]
-
Seite 482
28-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Conf iguri ng I Pv4 AC Ls IPv4 ACL Co nfiguration E xamples This se ction provides examples of con figuring a nd appl ying I Pv4 ACLs. For deta iled i nform ation a bout compilin g A CLs, see t he Cisco IOS Se curity Con figuratio[...]
-
Seite 483
28-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Named ACLs This exam ple c reates a n extende d A CL nam ed m arketing_group .The marketing_g r oup A CL allo ws any TCP T elne t traff ic to th e destina tion ad dress and w ildcar d 171.69 .0.0 0.0. 255.2 [...]
-
Seite 484
28-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Creating Nam ed MAC Ext ended ACL s In this example of a named A CL, the Jones su bnet is not a llowed to use outbou nd T elne t: Switch(config)# ip access-list extended telnetting Switch(config-ext-nacl)# remark Do not allow Jone[...]
-
Seite 485
28-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 8 Configuring Netw ork Securit y with ACLs Creat ing N ame d MA C Ex tend ed AC Ls Use the no mac access-list extended name global conf igurati on command to delete the entire A CL. Y ou can a lso del ete individual A CEs from nam ed MAC extende d A CLs. This exam ple sh [...]
-
Seite 486
28-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 28 Configuring Network Security with ACLs Display ing IPv4 AC L Configu ration After receiv ing a packet, the switc h checks i t agains t the inbou nd A CL. If the A CL permits it , the swit ch continue s to proc ess the pa cket. If the A CL rej ects the packet, the swit [...]
-
Seite 487
C HAPTER 29-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 29 Configuring QoS This chapte r describes ho w to conf igure quality of service (QoS) b y using automatic QoS (au to-QoS) comman ds or by using standard Q oS comman ds on the Ca talyst 2960 sw itch. With QoS, you can p rovide preferent ial treatment to c ertain types of tr[...]
-
Seite 488
29-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS The QoS imple mentatio n is based on the Dif ferent iated Servi ces (Dif f- Serv) arc hitectur e, an emer gin g standar d from the In ternet Engineer ing T ask Forc e (IET F). This archite cture sp ecif ies th at each packe t is c[...]
-
Seite 489
29-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Unde rsta ndi ng QoS Figur e 29 -1 QoS Classificat ion La yer s in F r ames and P ac k ets All swi tches and rou ters t hat acce ss the Intern et rely o n the class inf ormation to pro vide th e sam e forwar ding treatmen t to packe ts with the same clas[...]
-
Seite 490
29-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS Figure 29-2 sh o ws the basic QoS model. Actio ns at the ingress port incl ude classifying traf fic, policing , markin g, qu eueing , an d s chedul ing: • Classifying a distinct path for a pack et by associati ng it with a Qo S [...]
-
Seite 491
29-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Unde rsta ndi ng QoS Classification Classification is the pro cess of distingu ishing one kind of traffic from anothe r by e xamin ing the fields in the packe t. Classif ication is enab led only if QoS is globally ena bled on the switch. By defa ult, QoS[...]
-
Seite 492
29-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS After cla ssification, th e pac ket is sent to the polic ing, marki ng, and the ing ress queue ing and schedul ing stag es. Figur e 29 -3 Classification Flow chart 86834 Generate the DSCP based on IP precedence in pack et. Use the[...]
-
Seite 493
29-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Unde rsta ndi ng QoS Classification Based on QoS ACLs Y ou c an us e IP sta ndard, IP extende d, or Layer 2 MA C ACLs to define a group of packet s with the sa me char act eris tics ( class ). In the QoS conte xt, the pe rmit and deny actions in the acce[...]
-
Seite 494
29-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS Y o u creat e and name a p olic y map b y using the policy-map global con figuratio n comma nd. Wh en you enter this c ommand, the switch ente rs the polic y-map conf igur ation mode. In this mode, you spec ify the actions to tak [...]
-
Seite 495
29-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Unde rsta ndi ng QoS Policing on Physical Ports In policy m aps o n physic al por ts, y ou can create these types of pol icers: • Individual QoS applies the bandwid th limits specif ied in the policer separate ly to each matched traf f ic class. Y ou c[...]
-
Seite 496
29-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS Figur e 29 -4 Po licing and M ar king Fl ow c hart o n Ph ysi cal P orts Mapping T ables During Qo S processing, the switc h represe nts the pri ority of a ll traff ic (inc luding non- IP traffic) with an QoS label base d on the [...]
-
Seite 497
29-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Unde rsta ndi ng QoS • Before the traf fic reache s the sched uling stag e, QoS stores th e pack et in an ingr ess and an e gress queue acco rding to the QoS lab el. The QoS label is based on the DSCP or the CoS valu e in the pack et and sel ects the [...]
-
Seite 498
29-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS Weighted Tail Drop Both the in gress an d egr ess queu es use an enh anced v ersion of the tail-d rop cong estion -a vo idance mecha nism ca lled weight ed ta il dr op (WTD ). WT D is impleme nted o n que ues t o mana ge the queu[...]
-
Seite 499
29-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Unde rsta ndi ng QoS In shar ed mod e, the queues share th e band width am ong th em ac cordi ng to the configured weight s. The bandwidt h is guarante ed at t his level but not limit ed to i t. For example , if a queue i s emp ty and n o long er requir[...]
-
Seite 500
29-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS The switch supports tw o conf igurable in gress queues, wh ich are se rviced b y SRR in shar ed mode only . T ab le 29-1 descr ibes the que ues. Y ou a ssign each packet t hat flows throug h the sw itch to a queu e and to a thre [...]
-
Seite 501
29-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Unde rsta ndi ng QoS Priorit y Queueing Y ou ca n configure one ingress que ue as the prio rity qu eue by using the mls qos srr -queue input priority-queue queue-id ba ndwi dt h weight globa l configura tion com mand . Th e prio rity q ueue shoul d be u[...]
-
Seite 502
29-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS Figur e 29 -8 Queueing and Sc hedulin g Flow char t for Eg r ess P orts Each por t supports fo ur egress queue s, one of w hich (queue 1) can be the egress expedite qu eue. The se queues are assig ned to a queue-set. All traf f i[...]
-
Seite 503
29-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Unde rsta ndi ng QoS b uf fers) or not empty (f ree b uff ers). If the queue is no t ove r- limit, the sw itch can alloca te bu f fer space from t he r eserved poo l or f rom th e co mmon pool (if it is n ot emp ty). I f th ere a re no free buf fers i n[...]
-
Seite 504
29-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Unders tanding Q oS ID 1 a nd ID 2. T he drop thresho ld f or thre shold I D 3 i s pre set t o the queue-f ull sta te, and you c annot modify it . For more informa tion a bout how WTD works, see th e “W eighted T ail Drop” sectio n on page 29-1 [...]
-
Seite 505
29-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Configuring Auto-QoS The input mutatio n causes the DSCP to be rewritten depe nding on the new v alue of DSC P chosen. The set action in a polic y map also causes the DSCP to be re written. Configuring Auto-QoS Y ou c an use the auto-Q oS feat ure to si[...]
-
Seite 506
29-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Conf igu rin g Aut o-Q oS T ab le 29-3 shows the genera ted aut o-QoS c onfiguration for the ing ress q ueues. T ab le 29-4 shows the genera ted aut o-QoS c onfiguration for t he egress q ueues. When you en able the auto -QoS featu re on the f irst [...]
-
Seite 507
29-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Configuring Auto-QoS • When y ou enter the auto qos voip cisco-softphone interface co nfiguration c omma nd on a port at the ed ge of the ne twork tha t is conne cted to a device r unning the Cisco Sof tPhone, the switch uses policing to determine wh [...]
-
Seite 508
29-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Conf igu rin g Aut o-Q oS The switch au tomatical ly maps DSCP v alues to an ingress queue and t o a t hres hold ID. Switch(config)# no mls qos srr-queue input dscp-map Switch(config)# mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 [...]
-
Seite 509
29-23 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Configuring Auto-QoS The s witch a utoma tically configures the egre ss que ue buffer size s. It c onfigures t he bandw idth and th e SRR m ode ( shaped or shared) on the egress queues ma pped to the por t. Switch(config)# mls qos queue-set output 1 thr[...]
-
Seite 510
29-24 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Conf igu rin g Aut o-Q oS Effects of Auto-QoS on the Configuration When auto- QoS is en abled, th e aut o qo s v oip inter face configurat ion comm and and the gener ated configurati on are adde d to the ru nning configu ration. The swi tch applie s[...]
-
Seite 511
29-25 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Configuring Auto-QoS Enabling Auto-QoS for VoIP Beginn ing in pri vilege d EXEC mode, follo w th ese steps to enab le auto-QoS for V oIP within a QoS domain: T o display the QoS commands that are automatic ally generated when auto-QoS is enabled or disa[...]
-
Seite 512
29-26 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Conf igu rin g Aut o-Q oS This e xample sho ws how to enable auto-QoS an d to trust the QoS labels recei ved in incoming pack ets when the swi tch or rou ter conn ecte d to a port is a trus ted device: Switch(config)# interface gigabitethernet0/1 Sw[...]
-
Seite 513
29-27 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Configuring Auto-QoS Note Y o u shou ld no t configure a ny standard QoS com mands before enteri ng the auto-Qo S com mands. Y ou can fine-t une th e Qo S configura tion, but w e rec ommend tha t you d o so o nly after the a uto-Q oS conf iguration is c[...]
-
Seite 514
29-28 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Displa ying Aut o-QoS In format ion Displaying Auto-Q oS Information T o display the initial auto-Q oS conf iguration, use the show auto qos [ interfa ce [ interface-id ]] privileged EXEC comm and. T o di splay any user c hanges t o tha t configu ra[...]
-
Seite 515
29-29 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Default Standard QoS Configuration QoS is disa bled. Ther e is no conce pt of tru sted or untru sted por ts be cause the packet s are not m odified (the CoS, DSCP , and IP preceden ce v alues in the pack et are not changed). T [...]
-
Seite 516
29-30 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Default Egress Queue Configur ation T ab le 29-9 shows the default egre ss queue con figuration for ea ch qu eue-set when QoS is ena bled. All ports a re map ped to qu eue-se t 1. T he po rt ban dwidt h lim it is se t to 1[...]
-
Seite 517
29-31 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Default Mapping Table Conf iguration The default CoS-to-DSCP map is sho wn in T able 29- 12 on pa ge 2 9-51 . The default IP-pre cedenc e-to-D SCP map is shown in T able 29-13 on pa ge 29-52 . The de fault DSCP- to-CoS m ap is [...]
-
Seite 518
29-32 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS • On a po rt configu red f or QoS, a ll t raff ic re ceived through the po rt is class ified, poli ced, a nd ma rked accord ing to the policy map atta ched to t he port. On a trunk port configured for QoS, t raff ic in a[...]
-
Seite 519
29-33 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS • Enabl ing DS CP T ransparen cy Mo de, page 29-36 • Configuring the DSCP Tr ust Stat e on a Port Bo rder ing Anot her Qo S Domain , pag e 29-37 Configuring the Trust State on Po rts within the QoS Domain Pa ckets en tering[...]
-
Seite 520
29-34 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Beginn ing in pr iv ilege d EXEC mode, follo w the se steps to conf igure the port to trust t he classif icati on of the traf fic that it recei ves: T o return a port to its untrusted state, use the no mls qos trust inte r[...]
-
Seite 521
29-35 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Beginn ing in pri vilege d EXEC mode, follo w these steps to def ine the def ault CoS va lue of a port or to assign the def ault CoS to all incoming pack ets on the port: T o return to th e defa ult setting, u se the no mls qos[...]
-
Seite 522
29-36 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS W ith the t ruste d setti ng, you also c an use t he trusted bounda ry fea ture to prevent misuse o f a high-pr iority qu eue if a user bypasses the tel ephone a nd conne cts the PC di rectly to t he switch. W ithout trust[...]
-
Seite 523
29-37 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS If D SCP t rans par ency is en able d by u sin g the no mls qos rewrite ip dscp comman d, the swit ch does not modify the DS CP field in th e inco ming p acket, and the DSCP field in the outgoi ng packet is the same a s that in[...]
-
Seite 524
29-38 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Figur e 29 -12 DSCP -T rust ed Stat e on a P or t Bor der ing Another QoS Dom ain Beginn ing in pr iv ileged EXEC mode, follo w thes e steps to conf igure the DSCP-trusted stat e on a port and modi fy the D SCP-to-D SCP-mu[...]
-
Seite 525
29-39 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS T o return a port to its non-trusted state , use the no mls qos trust interfa ce conf igurat ion comm and. T o return to the def ault D SCP-to-DSCP-m utation map v alues, use th e no mls qos ma p dscp-mutation dscp -mut ati on-[...]
-
Seite 526
29-40 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Classifying Traffic by Using ACLs Y ou ca n classif y IP traffic by using IP standard or IP extended A CLs; you can classify no n-IP traffi c by usin g Laye r 2 MA C A CLs. Beginn ing in pri vilege d EXEC mode, follo w th [...]
-
Seite 527
29-41 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Beginn ing in pri vileg ed EXEC mode, follo w these steps to create an IP exte nded A CL for IP traff ic: T o delete an acc ess list, u se the no access-list access-l ist-number gl obal con f igura tion co mmand . This example [...]
-
Seite 528
29-42 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Beginning in privileged EXEC mod e, follow these st eps to c reate a L ayer 2 M A C A CL for non-IP t raff ic: T o delete an acc ess list, u se the no mac acce ss-list exte nded access- list-name global con figuration comm[...]
-
Seite 529
29-43 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Classifying Traffic by Using Class Ma ps Y ou use the class-map global con fig uration command to name and to i solate a spe cifi c traf fic flo w (or class) f rom all oth er traf fic. The class map d ef ines the cr iteria to u[...]
-
Seite 530
29-44 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS T o delete an existin g policy map, use the no policy-map poli cy-map- nam e global con figuration comm and. T o delet e an existing cl ass map, use the no cl ass-map [ match-all | match-any ] class-map-na me global conf i[...]
-
Seite 531
29-45 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Classifying, Policing, and Marking Traff ic on Physical Ports by Using Policy Maps Y ou can confi gure a polic y map on a physical port that spec ifies which traff ic class to act on. Actions can include tru sting the CoS, DSCP[...]
-
Seite 532
29-46 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Step 3 policy-map policy- map-nam e Creat e a po licy ma p by ente ring the p olicy map name , and e nter pol icy -map co nf igur ation mode . By defau lt, no pol icy maps are de fined. The defa ult behav ior of a polic y [...]
-
Seite 533
29-47 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS T o delete an existin g policy map, use the no policy-map poli cy-map- nam e global con figuration comm and. T o delet e an existing cl ass map, use the no class class-map-na me policy-map c onfiguration comm and. T o re turn t[...]
-
Seite 534
29-48 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS This e x ample sho ws ho w to creat e a polic y map and a ttach it to an ingress port. I n the co nf iguratio n, the IP standard A CL perm its tr aff ic from network 10 .1.0.0 . For traffic matching t his cl assification ,[...]
-
Seite 535
29-49 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Beginn ing in pri vileg ed EXEC mode, follo w th ese step s to create an aggre gate policer: Comma nd Purp ose Step 1 conf igure t erminal Enter glob al configur ation mo de. Step 2 mls qos aggregate-policer aggr e ga te-pol ic[...]
-
Seite 536
29-50 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS T o r emove the specified a ggregate pol icer from a pol icy map, use th e no police agg reg ate aggr egate-poli cer-nam e policy m ap c onfiguratio n mode . T o de lete a n ag gregate p olice r an d its parame ters, use t[...]
-
Seite 537
29-51 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Configuring DSCP Maps These sec tions co ntain this co nfiguration info rmat ion: • Conf iguring the CoS-to-DSCP Map, page 29-51 ( opt iona l) • Configuring the IP -Prece dence-t o-DS CP Map, page 29-52 (op tio na l) • Co[...]
-
Seite 538
29-52 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS T o return to the defau lt map, use the no mls qos cos-dscp global configurati on com mand. This exa mple shows ho w to modify and display the CoS-to-DSCP map: Switch(config)# mls qos map cos-dscp 10 15 20 25 30 35 40 45 S[...]
-
Seite 539
29-53 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS T o return to the defau lt map, use the no mls qos ip-pr ec-dscp global configurati on comm and. This exam ple sh ows how to modif y an d display the I P-pre cedenc e-to-D SCP map: Switch(config)# mls qos map ip-prec-dscp 10 15[...]
-
Seite 540
29-54 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS This exam ple sh ows ho w to map DSCP 50 t o 57 to a marked-down DS CP value of 0: Switch(config)# mls qos map policed-dscp 50 51 52 53 54 55 56 57 to 0 Switch(config)# end Switch# show mls qos maps policed-dscp Policed-ds[...]
-
Seite 541
29-55 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS T o return to the defau lt map, use the no mls qos dscp-cos global c onfiguration com mand. This exam ple sh ows how to map DS CP values 0, 8, 16, 24, 32, 40, 48, and 5 0 to CoS value 0 and t o display th e map: Switch(config)#[...]
-
Seite 542
29-56 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Beginning in privileged EXEC mo de, foll ow these steps to mod ify the DSCP-t o-DS CP-mutati on map . This proc edure is option al. T o return to the defau lt map, use the no mls qos dscp-mutation dscp-m utati on-na me glo[...]
-
Seite 543
29-57 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Note In the above DSCP-to- DSCP-m utati on map, t he mutat ed values are shown in the bod y of the matrix. Th e d1 colum n specif ies the most -signific ant digit of the origi nal DSCP; the d2 ro w specif ies the least-signif i[...]
-
Seite 544
29-58 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS T o re turn to the defau lt CoS input que ue thre shold ma p or the de fault DSCP i nput que ue threshol d map, use the no mls qos sr r -queue input c os-map or the no mls qos srr-queue input dscp-map glob al conf iguratio[...]
-
Seite 545
29-59 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS In this example, the DS CP values (0 to 6) are assigned the WT D thr eshold of 50 perce nt and will be dropped soone r than the D SCP values (2 0 to 26 ) assi gned to t he WTD thres hold of 70 pe rcent. Allocating Buffer Space [...]
-
Seite 546
29-60 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Allocating Bandwidth Between the Ingress Que ues Y ou nee d to specify how much of the av a ilable bandwi dth is alloca ted bet ween the i ngress queue s. The ratio of the weights is the ratio of the fr equency in which th[...]
-
Seite 547
29-61 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Configuring the Ingress Priority Queue Y ou should use the prior ity queue o nly for tr af f ic that nee ds to be e xpedi ted (for exam ple, v oice traf fic , which n eeds minimum d elay and ji tter). The priority qu eue is gua[...]
-
Seite 548
29-62 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Configuring E gress Queu e Characteristic s Depend ing on the co mplexity of yo ur networ k and your Qo S solution, you mig ht need to pe rform al l of the tasks in the ne xt sections. Y ou will need to make decisio ns abo[...]
-
Seite 549
29-63 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Beginning i n privileged EXEC mode, follow these steps to configure the me mory al loca tion and to drop thresholds for a queue-se t. This procedure is optional. Comma nd Pu rpos e Step 1 conf igure t erminal Enter globa l conf[...]
-
Seite 550
29-64 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS T o return to the de fault settin g, use the no mls qos queue- set output qse t-id bu ff e r s global conf igurati on comm and. T o return to the defaul t WTD thre shold percenta ges, use the no mls qos queue-set output qs[...]
-
Seite 551
29-65 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS T o r eturn to th e defaul t DSCP output queu e thre shold m ap o r the default C oS out put que ue th reshold map, u se the no mls qos srr -queue output dscp-map or th e no mls qo s srr -queue output cos-map global configurat [...]
-
Seite 552
29-66 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Configuring SRR Sh aped Weights on Egress Queues Y ou ca n specif y how much of t he av ailab le bandwi dth is all ocated to each queu e. The ra tio of the wei ghts is the r atio of fre quency in w hich the SRR schedul er [...]
-
Seite 553
29-67 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Confi guring Standard QoS Configuring SRR Sh ared Weights on Egress Queues In shar ed mod e, the queues share th e band width am ong th em ac cordi ng to the configured weight s. The bandwidth is gu aranteed at this le vel but n ot limited to it. F or e[...]
-
Seite 554
29-68 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Configur ing Standar d QoS Configuring the Egress Expedite Que ue Y ou can ensure that ce rtain pack ets ha ve prio rity o ver all oth ers by que uing them in the e gress e xpedite queue. SRR services this queue until i t is empty before servicin g [...]
-
Seite 555
29-69 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 2 9 Configuring Qo S Displaying Standard QoS Information Beginning i n privileged E XEC mo de, follow these steps to li mit t he band width on a n egress po rt. This procedur e is optional. T o return to the default setting, use the no srr- queue bandwidth limit inter face [...]
-
Seite 556
29-70 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapt er 29 Conf igur ing Q oS Display ing Standar d QoS Inform ation show mls qos queue-set [ qset-id ] D isplay QoS settings for the egress queues. show policy- map [ polic y-map- name [ clas s class-m ap-name ]] Display QoS po licy maps, w hich define cla ssification cri teria[...]
-
Seite 557
C HAPTER 30-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 30 Configuring EtherChannels This c hapter d escrib es how to configu re Et herChann els on Laye r 2 por ts on the C atalyst 2 960 sw itch. Ether Channel provides fault-tol erant high-spe ed links between sw itches, ro uter s, and ser vers. Y ou ca n use it t o inc rease th[...]
-
Seite 558
30-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Unders tanding Ether Channel s EtherChann el Overview An EtherCh annel c onsists of individual Fast Ethernet or Giga bit Ether net links bundled int o a single logical lin k as shown in Figu re 30 -1 . Figur e 30 -1 T ypical EtherChannel Co[...]
-
Seite 559
30-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 0 Configuring EtherCh annels Understa nding Et herChann els Port-Chan nel Interfaces When you cre ate a La yer 2 Ethe rChan nel, a por t-c hannel logical i nterfac e is in volved. Y ou ca n crea te the Ethe rChan nel in these w ays: • Use the channel-group interface conf[...]
-
Seite 560
30-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Unders tanding Ether Channel s Port Aggreg ation Pro tocol The Port Aggr egation Protocol (P AgP) is a Cisco -propr ietary pr otocol that can be run only on Ci sco switches and on tho se switches lice nsed by vendors to suppo rt P AgP . P A[...]
-
Seite 561
30-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 0 Configuring EtherCh annels Understa nding Et herChann els PAgP Interaction with Other Features The Dyna mic Trunking Protocol (DT P) and the Ci sco Discovery Protoco l (CDP) send and receive packets over the physica l ports in the Et herChann el. T runk ports send an d r[...]
-
Seite 562
30-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Unders tanding Ether Channel s LACP Interaction with O ther Features The DT P and the CD P send a nd receive packets over the physical ports in t he Ether Chann el. Trunk ports send and rece ive LA CP PDUs on the l owest numbered VLA N. In [...]
-
Seite 563
30-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 0 Configuring EtherCh annels Understa nding Et herChann els W ith source -and-de stinati on MAC address forwardi ng, when packets ar e forward ed to an Ethe rCha nnel, they are distri buted across the por ts in the cha nnel based on bot h the source and destinat ion MAC ad[...]
-
Seite 564
30-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Configur ing EtherChann els Figur e 30 -3 Load Distr ibution and F orwa rdin g Methods Configuring Eth erChannels These sec tions co ntain this co nfiguration in format ion: • Default Eth erCha nnel Configurat ion, pa ge 30-9 • Ether Ch[...]
-
Seite 565
30-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 0 Configuring EtherCh annels Config uring Et herCh annels Default EtherCh annel Con figuratio n T ab le 30-3 shows the default E therCh annel co nfiguration . EtherChann el Configuratio n Guidelin es If imp roper ly con figured, so me E therCha nnel ports are a utomati cal[...]
-
Seite 566
30-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Configur ing EtherChann els • Do not configure an EtherC hanne l in bo th the P AgP an d LACP modes. Ether Channel group s running P AgP an d LACP can c oexist on the s ame sw itch. Individual EtherC hannel grou ps can run e ither P AgP [...]
-
Seite 567
30-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 0 Configuring EtherCh annels Config uring Et herCh annels T o r emove a p ort from t he E therCha nnel gro up, us e the no channel-group interface co nfiguration comm and. Step 3 switchport mode { access | trunk } switchport access vlan vla n-id Assign all ports as static[...]
-
Seite 568
30-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Configur ing EtherChann els This example shows how to configure an EtherChann el. It assig ns two ports as static-access ports in VLAN 1 0 to c hannel 5 wi th the P AgP m ode desirable : Switch# configure terminal Switch(config)# interface[...]
-
Seite 569
30-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 0 Configuring EtherCh annels Config uring Et herCh annels T o return E therChannel load bala ncing to th e defa ult conf igura tion, use the no port-c hannel load-balanc e global con figurati on comm and. Configuring the PAgP Le arn Meth od and Priority Network devices ar[...]
-
Seite 570
30-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Configur ing EtherChann els T o return the priority to its def ault setting, us e the no pagp port-priority interf ace c onfigu ration command. T o return th e learning m ethod to its def ault setting, u se the no pagp lear n-method inte r[...]
-
Seite 571
30-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 0 Configuring EtherCh annels Config uring Et herCh annels Determ ining wh ich p orts ar e act i ve and wh ich ar e hot st andby is a two-ste p proc edure. First th e syst em with a numerically lo wer sy stem priority and system-id is placed in char ge of the decision. Ne [...]
-
Seite 572
30-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Displaying Eth erChannel, PA gP, and LACP Status Note If LA CP is not able to aggrega te all the ports tha t are compatible (for e xample, the remote system might ha ve more restric tiv e hardware lim itations), all the ports tha t cannot [...]
-
Seite 573
30-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 0 Configuring EtherCh annels Displaying EtherC hannel, P AgP, and LACP Status Y ou can clear L A CP c hannel -group i nform ation a nd t raff ic c ounters by using the clear lacp { channel -gr oup-numb er counters | counter s } pri vile ged EXEC com mand. For detailed inf[...]
-
Seite 574
30-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 3 0 Config uring E therChan nels Displaying Eth erChannel, PA gP, and LACP Status[...]
-
Seite 575
C HAPTER 31-1 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 31 Troubleshooting This chapter descr ibes how to iden tify and resolve softw are problems relat ed to the Cisco IOS software on the Cataly st 2960 switch. Depe nding on the natu re of t he problem , you c an u se the comma nd-lin e interf ace (CLI ), the d ev ice manager ,[...]
-
Seite 576
31-2 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Recovering f rom a Softwa re Failure Recovering fro m a Software Failure Switch software c an be c orru pted du ring an upgr ade, by downlo ading th e wr ong file to the swi tch, and by d eleting the im age f ile. In all o f these case s, the switch d o[...]
-
Seite 577
31-3 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Recoverin g from a Lost or For gotten Passwo rd Step 8 If yo u had set the co nsole po rt sp eed to anything other than 9600, it ha s been reset to th at p articula r speed. Change the emulati on softw are line spe ed to mat ch that of the switch console[...]
-
Seite 578
31-4 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Recoveri ng from a Los t or Forgotten Password Se ver al lines of information about the softw are appear with instruct ions, informing you if the password recovery proc edure has b een di sabled or n ot. • If you see a messag e that begins wit h this:[...]
-
Seite 579
31-5 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Recoverin g from a Lost or For gotten Passwo rd Step 5 Rename the conf ig uration file to conf ig.text.ol d. This file cont ains the passwo rd definition. switch: rename flash: config.text flash: config.text.old Step 6 Boot the system: switch: boot Y ou [...]
-
Seite 580
31-6 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Recoveri ng from a Los t or Forgotten Password Step 14 Reload the switch: Switch# reload Procedure w ith Passw ord Recove ry Disabled If the p assword-recovery mechanism is disabled, this m essage app ears: The password-recovery mechanism has been trigg[...]
-
Seite 581
31-7 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Recovering from a Command Switch Failure Step 5 At the swit ch prom pt, en ter privileged EXE C mode : Switch> enable Step 6 Enter global co nfiguration mo de: Switch# configure terminal Step 7 Change the password: Switch (config)# enable secret passw[...]
-
Seite 582
31-8 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Recoveri ng from a Com mand Switc h Failure Y ou can prep are f or a comma nd sw itch fai lure by assignin g an IP addre ss to a me mber sw itch o r an other switch tha t is command- capable , making a note of the comma nd-swi tch password, and ca bling[...]
-
Seite 583
31-9 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Recovering from a Command Switch Failure Would you like to enter basic management setup? [yes/no]: Step 10 En ter Y at th e f irst p rompt. The prom pts in the se tup pro gram vary dependi ng on the m embe r switch yo u selecte d to be th e comma nd swit[...]
-
Seite 584
31-10 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Recoveri ng from a Com mand Switc h Failure Step 4 Ente r the pa ssw ord of th e failed command swit ch. Step 5 Use the setup progra m to configur e the switc h IP informa tion. This pr ogram prompt s you for IP addre ss infor mation a nd p asswords. F[...]
-
Seite 585
31-11 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Recoveri ng from Lost Cluste r Member Con nectivi ty Recovering fro m Lost Cluster Member Connecti vity Some conf ig urations can prev ent the com mand switch from maintai ning contact wi th member switches. If you are una ble to ma intain ma nageme nt [...]
-
Seite 586
31-12 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Monitorin g SFP Modu le Status Note The security error message r eferences the GBIC_S ECURITY facility . The switch supports SFP modules and doe s not support GBIC modul es. Alt hough the err or me ssage text refers to GB IC int erfaces an d modules, t[...]
-
Seite 587
31-13 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Using Layer 2 Tr aceroute Executing Ping Beginning in privileged EXEC mode , use this co mman d to ping a nother device on the netwo rk from th e switch: Note Th ough o ther p roto col keywords ar e available w ith th e ping com mand, they ar e not supp[...]
-
Seite 588
31-14 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Using La yer 2 Tra cerout e Understand ing Layer 2 T raceroute The Lay er 2 tra cerou te feat ure al lows the swit ch to id entif y the physic al pat h that a packet takes fr om a source device to a destin ation device. La yer 2 trace route sup ports o[...]
-
Seite 589
31-15 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Using IP Traceroute • When multipl e dev ices are at tached to one port t hrough hubs (f or example , multiple CDP neighbors are de tecte d on a port) , the Layer 2 tra cerou te fea ture i s not support ed. Wh en m ore than on e CD P neighb or is dete[...]
-
Seite 590
31-16 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Using I P Trac eroute T o learn when a datagram reach es its destination, trace route sets the UDP destinati on port number in the datagram to a v ery larg e v alue that the destin ation host is unlikel y to be using. When a host recei ves a datagram d[...]
-
Seite 591
31-17 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Usin g TDR T o end a trace in progres s, enter the escape seq uence ( Ctrl-^ X by default). Simulta neously pres s and release th e Ctrl , Shif t , and 6 keys and then press t he X key . Using TDR These se ctions conta in this inf ormation: • Understa[...]
-
Seite 592
31-18 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Using D ebug Command s Using Debug Commands These sec tions explains how you use debug comma nds t o diag nose and r esolve int ernet working problems: • Enab ling De bugging o n a Spe cific Feature , page 31- 18 • Enab ling Al l-System Diag nostic[...]
-
Seite 593
31-19 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Using the show platf orm forwa rd Command Enabling All-Sy stem Diag nostics Beginn ing in pri vileged EXE C mode, ent er this comman d to enabl e all-system d iagnostics: Switch# debug all Cautio n Because debugging ou tput ta kes priori ty over other n[...]
-
Seite 594
31-20 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Using the s how platfo rm forward Co mmand This is an example of the out put from the s how p l at for m fo rw a rd comm and on port 1 in VLAN 5 whe n the packe t enteri ng tha t port is addr essed to unknown MAC addresses. T he pac ket should be flood[...]
-
Seite 595
31-21 Catalyst 2960 Switch Software Configuration Guide 78-16881-01 Chapter 3 1 Troubleshooti ng Usin g th e cr ashi nfo F ile Packet 1 Lookup Key-Used Index-Hit A-Data OutptACL 50_0D020202_0D010101-00_40000014_000A0000 01FFE 03000000 Port Vlan SrcMac DstMac Cos Dscpv Gi0/2 0005 0001.0001.0001 0009.43A8.0145 Using the crashinfo File The crashinfo f[...]
-
Seite 596
31-22 Catalyst 2960 Swi tch Software Configu ration Guide 78-16881-01 Chapter 31 Trouble shooting Using t he c rashinfo File[...]
-
Seite 597
A- 1 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 APPEND IX A Supported MIBs This append ix li sts the supp orted manage ment inf orma tion base (MIBs) for this r elea se on the Catalyst 29 60 switch. I t contains th ese sections: • MIB List, pa ge A-1 • Usin g F TP to Acce ss th e M IB Fil es, page A- 3 MIB List • BRIDGE-M[...]
-
Seite 598
A- 2 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendi x A Supported MI Bs MIB Li st • CISC O- P AGP-MI B • CISCO-PING-MIB • CISCO-PR ODUCTS-MIB • CISCO-PR OCESS-MIB • CISCO-R TTMON-M IB • CISCO- SM I-MIB • CISCO-ST A CKMAKER-MIB • CISCO-STP-EXTENSIONS-MIB • CISCO-SYSLOG-MI B • CISCO- TC-M IB • CISCO-TCP-[...]
-
Seite 599
A-3 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix A Supported M IBs Using FTP to Access the MIB Files • SNMPv 2-MIB • TCP-M IB • UDP-MIB Note Y ou ca n also use th is URL for a lis t of support ed MIBs for the Catal yst 2960 swit ch: ftp://ftp.cisco.com/pub/mibs/su ppo rtlists/cat2960 /cat2960-su pportlist.htmlY ou[...]
-
Seite 600
A- 4 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendi x A Supported MI Bs Usin g FTP to Acc es s the MIB Files[...]
-
Seite 601
B-1 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 APPEND IX B Working with the Cisco IOS File System, Configuration Files, an d Software Images This a ppendix descri bes how to m anipul ate the Cata lyst 2 960 flas h file syst em, how to copy configurati on files, and how to arc hiv e (upl oad a nd download) so ftware i mages t o [...]
-
Seite 602
B-2 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Work ing wit h the Flas h File Sys tem Displaying Available File Systems T o d isplay the av ailable file system s on your swit ch, use the show file systems pri vile ged EXEC comm and as [...]
-
Seite 603
B-3 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with the Flash File System Setting the Def ault File System Y ou can specify the fi le syst em or dir ectory th at the sy stem use s as the defau lt f ile syste m by using the [...]
-
Seite 604
B-4 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Work ing wit h the Flas h File Sys tem Creating and Removi ng Directorie s Beginning i n privileged E XEC mode, follow th ese s teps to c rea te an d remove a d irect ory: T o delete a dir[...]
-
Seite 605
B-5 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with the Flash File System Some in valid combin ation s of source and de stinatio n exist. Specificall y , you can not copy thes e comb inat ion s: • From a runni ng configur[...]
-
Seite 606
B-6 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Work ing wit h the Flas h File Sys tem Creating a tar File T o create a tar f ile a nd write f iles into it, use this pri vileged EX EC command: ar chiv e tar /cr eate de stin ati on- url [...]
-
Seite 607
B-7 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with the Flash File System This e xample shows h ow to display the contents of a switch tar f ile that is in flash memory: Switch# archive tar /table flash:c2960-lanbase-mz.122[...]
-
Seite 608
B-8 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wit h Configura tion Files Displaying th e Conte nts of a File T o display the contents of any reada ble file, including a f ile on a remote f ile system, use the more [ /ascii | /[...]
-
Seite 609
B-9 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Configuration Files • Copying Configuration Fi les By Using RCP , page B-15 • Cle aring Conf igurat ion In forma tio n, pa ge B-18 Guidelines for Creating and Using Co[...]
-
Seite 610
B-10 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wit h Configura tion Files Creating a Configuration File By Using a T ext Editor When cre ating a configura tion file, you must lis t comman ds logicall y so that the syst em can [...]
-
Seite 611
B-11 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Configuration Files • Ensure t hat the co nfig uration f ile to be do wnloaded is in th e correc t director y on the TFTP serv er (usually / tftpboot on a UNIX w orksta[...]
-
Seite 612
B-12 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wit h Configura tion Files The file is uploade d to the TFT P server . This example shows ho w to upload a configur ation file from a switch to a TFT P server: Switch# copy system[...]
-
Seite 613
B-13 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Configuration Files Preparing to Download or Uploa d a Configuration File By Using FTP Before yo u begin downloading or uplo ading a co nfiguration file by using FTP , do[...]
-
Seite 614
B-14 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wit h Configura tion Files This exam ple shows how to copy a c onfiguration file named host1-c onfg from th e neta dmi n1 directory on the remot e server w ith a n IP a ddress of [...]
-
Seite 615
B-15 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Configuration Files This exam ple shows how to copy t he running configura tion file na med switch2-conf g to the netadmin1 directo ry on the rem ote ho st wi th an IP ad[...]
-
Seite 616
B-16 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wit h Configura tion Files • The r emote usern ame asso cia ted wi th the curre nt TTY (te rmina l) pr oces s. For ex ample, if th e u ser is connected to the router through T e[...]
-
Seite 617
B-17 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Configuration Files Downloading a Configura tion File By Using RCP Beginning in privileged EXEC mode , follow these steps to download a configuration file by using RCP: T[...]
-
Seite 618
B-18 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wit h Configura tion Files Uploading a Configuration File By Using RCP Beginn ing in pr iv ileged EXEC mode, f ollo w these steps to upload a c onfigu ration f ile b y using RCP: [...]
-
Seite 619
B-19 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Software Images Clearing the Startup Con figuration File T o c lear the c ontent s of your start up co nfiguration, use the erase n vram: or the erase startup-conf ig pri[...]
-
Seite 620
B-20 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Softwa re Images • Copying Image Files By Using FTP , page B-24 • Copying Image Files By Using RCP , page B-29 Note For a l ist of sof twar e image s and the suppo rted [...]
-
Seite 621
B-21 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Software Images Copying Imag e Files By Us ing TF TP Y ou can do wnload a switc h image from a T FTP serv er or upload the image from the switch to a TFTP server . Y ou d[...]
-
Seite 622
B-22 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Softwa re Images Note Y ou must restart the in etd daemon af ter modifyi ng the /etc/in etd.conf an d /etc/services f iles. T o restar t the d aemon, e ither st op the inetd[...]
-
Seite 623
B-23 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Software Images The download a lgorithm verifies t hat t he im age is app rop riate f or t he swi tch m odel a nd tha t enou gh DRAM is prese nt, or it abor ts the proce [...]
-
Seite 624
B-24 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Softwa re Images Uploading an Image File By Using TFTP Y ou can upl oad an ima ge from the switch to a TFTP server . Y ou can later d o wnload this image to the switch or to[...]
-
Seite 625
B-25 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Software Images These sec tions co ntain this co nfiguration info rmat ion: • Prepar ing to Do wnload or Upload an Ima ge File B y Using FTP , page B-25 • Do wnloadin[...]
-
Seite 626
B-26 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Softwa re Images Before yo u begin dow nload ing or uplo ading an image file b y using FTP , do these tasks: • Ensur e that the swit ch has a route to th e FTP serve r . T[...]
-
Seite 627
B-27 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Software Images The download a lgorithm verifies t hat t he im age is app rop riate f or t he swi tch m odel a nd tha t enou gh DRAM is prese nt, or it abor ts the proce [...]
-
Seite 628
B-28 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Softwa re Images The alg orithm instal ls the downloaded image onto the syste m board fla sh device (flash: ). The im age is placed into a ne w directory na med wit h the so[...]
-
Seite 629
B-29 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Software Images The archi ve upload-sw command b uilds an image f ile on the serv er by upl oading these f iles in order: info, t he Cisco IOS im age, and the we b manage[...]
-
Seite 630
B-30 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Softwa re Images • The r emote usern ame asso cia ted wi th the curre nt TTY (te rmina l) pr oces s. For ex ample, if th e u ser is connected to the router through T elnet[...]
-
Seite 631
B-31 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Software Images Downloading an Image File By Using RCP Y ou can d o wnload a ne w imag e f ile and replac e or k eep the curr ent ima ge. Beginning in privileged EXEC m o[...]
-
Seite 632
B-32 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Softwa re Images The do wnload algori thm veri fies that th e image is appropriate for the switch model and that enough DRAM is prese nt, or it abor ts the proce ss and repo[...]
-
Seite 633
B-33 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix B Working with th e Cisco IOS File Sy stem, Conf iguration F iles, and Softw are Images Working with Software Images Beginn ing in pri vilege d EXEC mode, follo w th ese steps to upload an imag e to an RCP server: The a rc hive upload- sw pri vile ged EXEC c ommand bu il[...]
-
Seite 634
B-34 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Softwa re Images[...]
-
Seite 635
C-1 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 APPEND IX C Recommendations for Upgrading a Catalyst 2950 Switch to a Catalyst 29 60 Switch This app endix describes th e confi guration co mpatibility i ssues and the f eature beha v ior dif f erences tha t you mi ght enc ounter w hen you u pgrade a Ca talyst 2950 s witch to a Cat[...]
-
Seite 636
C-2 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix C Recommendatio ns for Upgradi ng a Catalyst 2950 S witch to a Catalyst 2960 Switch Configura tion Compat ibility Issues T able C-1 Catalyst 2950 and 296 0 Switc h Configur ation Incompatib ilities Feature Cataly st 2950 Switch Command and E xplanatio n Result on the Cata [...]
-
Seite 637
C-3 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix C Recommendati ons for Upgrad ing a Catalyst 2950 Switch to a Catal yst 2960 Switc h Configuration Compatibility Issues IEEE 802.1x In Ci sco IOS 12.1E A, the Cat alyst 2950 swit ch ranges for t he IEE E 80 2.1x ser ver-timeout, supp-t imeout, and tx-pe riod are 1 to 6553[...]
-
Seite 638
C-4 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix C Recommendatio ns for Upgradi ng a Catalyst 2950 S witch to a Catalyst 2960 Switch Configura tion Compat ibility Issues QoS 2 There i s limite d QoS conf igura tion compa tibility between the Cataly st 2950 switch and the Ca talyst 2960 switch. W e recommend that you enab[...]
-
Seite 639
C-5 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix C Recommendati ons for Upgrad ing a Catalyst 2950 Switch to a Catal yst 2960 Switc h Feature Behavior Incompatibilities Feature Behavior In compatibilities Some fe ature s behave differently on the Ca talyst 2950 an d Cat alyst 2 960 sw itches, a nd som e fea tures are no[...]
-
Seite 640
C-6 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix C Recommendatio ns for Upgradi ng a Catalyst 2950 S witch to a Catalyst 2960 Switch Feature B ehavi or Incom patibil ities • QoS The Cat alyst 2 960 swi tch uses different port ha rdware t han the C atalyst 2950 switch, an d mor e QoS featu res are o ffered on t he Cat a[...]
-
Seite 641
D- 1 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 APPEND IX D Unsupported Co mmands in Cisco IOS Release 1 2.2(25) FX This app endix lists som e of the command-li ne interfa ce (CLI) c ommands th at appear when you enter the question mark (?) at th e Catalyst 2960 switch prompt but are not supported in this relea se, either be ca[...]
-
Seite 642
D- 2 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix D Unsuppo rted Co mmands in Cisco IOS Release 12.2( 25)FX IGMP Snooping Commands IGMP Snooping Comman ds Unsupporte d Global Con figuratio n Commands ip igmp snoo ping tcn Interface Command s Unsupporte d Privileged E XEC Commands show in terfac es [ interface-id | vlan v[...]
-
Seite 643
D-3 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix D Unsu pported Com mands in Cisco IO S Release 1 2.2(25) FX Miscell aneous Note Use the show ip igmp snoo ping groups privile ged EXE C command to display Laye r 2 multicast addr ess-tab le entrie s for a VLAN. Unsupporte d Global Con figuratio n Commands mac-ad dres s-ta[...]
-
Seite 644
D- 4 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix D Unsuppo rted Co mmands in Cisco IOS Release 12.2( 25)FX RADIUS Unsupporte d Interface Configuration Commands priority-gr oup RADIUS Unsupporte d Global Con figuratio n Commands aaa nas port extended radius-serv er attrib ute nas-port radius-serv er conf igur e radius-se[...]
-
Seite 645
D-5 Catalyst 2960 Switch Softwar e Configur ation Guide 78-16881-01 Append ix D Unsu pported Com mands in Cisco IO S Release 1 2.2(25) FX VTP Unsupported v lan-config Command private-vlan Unsupported Us er EXEC C ommands show running-conf ig vlan show vlan if index show vlan private-vlan VTP Unsupporte d Privileged E XEC Co mmands vtp { password pa[...]
-
Seite 646
D- 6 Catalyst 2960 Swit ch Software Configu ration Guide 78-16881-01 Appendix D Unsuppo rted Co mmands in Cisco IOS Release 12.2( 25)FX VTP[...]
-
Seite 647
IN-1 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 INDEX A abbrev iati ng comm ands 2-4 acces s-class comman d 28-16 acces s control entries See ACEs access-de nied r espons e, VM PS 12-24 access group s, appl ying IPv4 AC Ls to interf aces 28-17 access lists See ACLs access port s, define d 10-2 accoun ting with 80 2.1x 9-21 with[...]
-
Seite 648
Index IN-2 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 ACLs ( continue d) standa rd IPv4 crea ting 28-7 matc hing cri teria 28-5 support fo r 1-6 support in h ardware 28-17 time ranges 28-14 unsupport ed fea tures, IPv4 28-5 active link s 18-1 address aliasing 20-2 addresses displaying the MA C addre ss table 6-25 dynam ic accel[...]
-
Seite 649
Inde x IN-3 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 autoc onfigura tion 3-3 automatic QoS See QoS auto -MDIX config uring 10-15 describe d 10-15 autonegotiati on duplex mo de 1-3 interfa ce confi gurat ion guidel ines 10-11 misma tches 31-11 autose nsing, p ort spe ed 1-3 auxili ary VLAN See voi ce VLAN availabili ty, featur[...]
-
Seite 650
Index IN-4 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 CA trust point config uring 8-40 defined 8-38 caution , descr ibed xxviii CDP and truste d bounda ry 29-36 config uring 22-2 default confi guration 22-2 describe d 22-1 disabling for r outing de vice 22-3 to 22-4 ena bling and di sabl ing on an interface 22-4 on a switch 22-[...]
-
Seite 651
Inde x IN-5 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 comm and-l ine i nte rfac e See CLI comm and m odes 2-1 comm ands abbrev iating 2-4 no and defaul t 2-4 commands, sett ing privile ge levels 8-8 comm and sw itc h config urati on confl icts 31-11 defined 5-2 password privilege levels 5-4 recove ry from comm and-sw itc h fai[...]
-
Seite 652
Index IN-6 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 CoS in Layer 2 frames 29-2 override prior ity 14-6 trust pr iority 14-6 CoS input queue threshold map for QoS 29-14 CoS outp ut queu e t hreshol d map f or Q oS 29-17 CoS-to-DSCP map for QoS 29-51 counte rs, c lea ring i nte rface 10-19 cras hinfo file 31-21 crypto graph ic [...]
-
Seite 653
Inde x IN-7 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 device disco very prot ocol 22-1 device ma nager benefit s 1-2 describe d 1-2, 1-3 in- band ma nage ment 1-4 requir ements xxvii i upgradi ng a sw itch B-19 DHCP enab lin g relay ag ent 19-8 DHCP-b ased autoc onfig urati on client re quest m essage ex change 3-4 config urin[...]
-
Seite 654
Index IN-8 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 DHCP sno oping b inding datab ase (cont inued) delay va lue 19-11 timeout value 19-11 DHCP sno oping b inding tabl e See DHCP snooping binding da tabase Differ entiated Se rvices a rchitectur e, QoS 29-2 Differen tiated Serv ices Code Poin t 29-2 direct ed uni cast req uests[...]
-
Seite 655
Inde x IN-9 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 E editing featu res ena bling and di sabl ing 2-7 keystro kes us ed 2-7 wrapped l ines 2-8 enab le pass word 8-3 enable secret password 8-3 encrypt ion, Ci pherSuite 8-39 encrypt ion f or pa ssword s 8-3 enviro nment va riabl es, functi on of 3-15 error me ssages dur ing co[...]
-
Seite 656
Index IN- 10 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 F features, in compatible 21-11 fiber- optic, de tecting u nidirec tional li nks 24-1 files copying B- 4 cras hinfo descript ion 31-21 displaying t he contents of 31-21 location 31-21 deleting B-5 displaying t he contents of B-8 tar crea ting B-6 displaying t he contents o[...]
-
Seite 657
Inde x IN- 11 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 H hello time MSTP 16-19 STP 15-20 help, for the command line 2-3 history chan ging t he b uffer siz e 2-5 describe d 2-5 disabling 2-6 recal ling co mman ds 2-6 history t able, level and numbe r of sy slog me ssages 26-9 hosts, limit on dynami c ports 12-29 HP OpenView 1-[...]
-
Seite 658
Index IN- 12 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 IGMP (c onti nued ) queries 20-3 report su ppression describe d 20-5 disabling 20-14 supported ve rsions 20-2 support fo r 1-3 IGMP f ilte ring config uring 20-23 default confi guration 20-23 describe d 20-22 monitori ng 20-27 support fo r 1-3 IGMP gr oups configurin g fil[...]
-
Seite 659
Inde x IN- 13 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 interfac es (continue d) restar ting 10-19 shutting down 10-19 speed a nd du plex , co nfiguri ng 10-13 status 10-18 supported 10-4 types of 10-1 interf aces rang e macro co mmand 10-7 interfac e types 10-5 Intrusion De tection System See IDS appliances IP ACLs for QoS cl[...]
-
Seite 660
Index IN- 14 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 Link A ggrega tion C ontrol Pro tocol See E ther Chann el link re dundan cy See F lex Links links, unidirec tional 24-1 local SPAN 23-2 login a uthenticati on with RADIUS 8-23 wit h TACA CS+ 8-14 login banne rs 6-17 log message s See system me ssage loggin g Long-Re ach Et[...]
-
Seite 661
Inde x IN- 15 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 maximu m hop count , MSTP 16-21 member ship mod e, VLAN por t 12-3 member swit ch defined 5-2 managing 5-3 recove ring fr om l ost co nnec tivity 31-11 requir ements 5-3 See also cand idate switc h, cluster standby grou p, and standby comma nd switc h messages, to u sers [...]
-
Seite 662
Index IN- 16 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 MSTP (c ontinued) exten ded sy stem ID effec ts on ro ot swit ch 16-14 effec ts on se conda ry root swit ch 16-15 unexpec ted b ehavio r 16-14 instances supported 15-9 interface stat e, blocking t o forward ing 17-2 interoper ability and compat ibility among modes 15-10 in[...]
-
Seite 663
Inde x IN- 17 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Network Assistant benefit s 1-2 describe d 1-3 dow nloa ding ima ge f iles 1-2 gui de m ode 1-2 manageme nt options 1-2 requir ements xxvii i upgradi ng a sw itch B-19 wizard s 1-2 network c onfigura tion ex ample s increasing netw ork per formanc e 1-11 long-di stanc e, [...]
-
Seite 664
Index IN- 18 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 password s (conti nued) recove ry of 31-3 setting enab le 8-3 enab le sec ret 8-3 Telne t 8-6 with user names 8-7 VTP domain 13-8 path cost MSTP 16-17 STP 15-17 perform ance, netw ork design 1-11 perform ance f eatur es 1-3 persistent self -signed certif icate 8-38 per-V L[...]
-
Seite 665
Inde x IN- 19 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 port-base d auth enticati on ( continue d) ports author izatio n state and dot 1x port -cont rol comm and 9-4 autho rized an d unautho rized 9-4 voice VL AN 9-8 port security and voic e VLAN 9-8 describe d 9-7 interactio ns 9-7 multiple-hosts mod e 9-7 resetting to defau [...]
-
Seite 666
Index IN- 20 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 privileg e levels (continued ) logging i nto 8-10 mapping on me mber switc hes 5-4 overvi ew 8-2, 8-8 setting a command with 8-8 pr otect ed p orts 1-6, 21-5 prun ing, VT P disabling in VTP domain 13-14 on a port 12-19 enab lin g in VTP domain 13-14 on a port 12-19 exam pl[...]
-
Seite 667
Inde x IN- 21 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 QoS (conti nued) config uring (cont inued) policy m aps on physica l port s 29-45 port trust states with in the domain 29-33 trusted bou ndary 29-35 default auto configuration 29-19 default standard conf igurati on 29-29 displaying stat istics 29-69 DSCP tra nsp aren cy 2[...]
-
Seite 668
Index IN- 22 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 QoS (conti nued) queues (cont inued) high pr iority (expedi te) 29-18, 29-68 location of 29-11 SRR, descri bed 29-12 WTD , des cribe d 29-12 rewrites 29-18 support fo r 1-7 trust sta tes bordering anothe r do main 29-37 describe d 29-5 trusted de vice 29-35 within the dom [...]
-
Seite 669
Inde x IN- 23 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Remote Authent ication Dial -In User Service See RADIUS Remote C opy Pro toco l See RCP Remote Networ k Monitoring See RMON Remote SPAN See RSPAN remote SPAN 23-2 report su ppressi on, IG MP describe d 20-5 disabling 20-14 requir ements clu ster xxix device ma nager xxvii[...]
-
Seite 670
Index IN- 24 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 RSTP (contin ued) designated switch , define d 16-6 interoper ability with IEEE 802.1D describe d 16-5 restar ting migr ation pr ocess 16-22 topolo gy chan ges 16-10 overvi ew 16-6 port roles describe d 16-6 synchroniz ed 16-8 proposal -agree ment handsh ake pr ocess 16-7 [...]
-
Seite 671
Inde x IN- 25 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 Sim ple Netw ork Ma nage ment Protoc ol See SNMP Smartports macros applying Cisco- defaul t macros 11-6 applyi ng glo bal pa ramet er valu es 11-5, 11-6 applyi ng m acros 11-5 applyi ng para mete r va lues 11-5, 11-7 config urati on guideli nes 11-3 crea ting 11-4 default[...]
-
Seite 672
Index IN- 26 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 source- IP addre ss based forw arding , Ethe rChanne l 30-7 source- MAC addre ss forw arding, EtherCh annel 30-6 SPAN config urati on guideli nes 23-10 default confi guration 23-9 destinati on po rts 23-6 displaying sta tus 23-23 interact ion w ith othe r fea tures 23-8 mo[...]
-
Seite 673
Inde x IN- 27 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 statistics (cont inued) RMON group hist ory 25-5 SNMP input an d output 27-16 VTP 13-16 sticky l earning 21-8 storm contr ol config uring 21-3 describe d 21-1 disabling 21-5 displaying 21-16 support fo r 1-3 thr esh olds 21-1 STP acceler ating root port sele ction 17-4 Ba[...]
-
Seite 674
Index IN- 28 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 STP (continued) loop gu ard describe d 17-9 enab lin g 17-15 modes sup ported 15-9 multi cast addre sses , effec t of 15-8 option al featur es suppor ted 1-5 overvi ew 15-2 path costs 12-22, 12-23 Port Fast describe d 17-2 enab lin g 17-10 port prioritie s 12-21 preven tin[...]
-
Seite 675
Inde x IN- 29 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 system messa ge logging (c ontinued ) UNIX sysl og se rver s configur ing the daemon 26-11 configurin g the logging facility 26-11 facilities su pported 26-12 system name default confi guration 6-15 default setting 6-15 manua l conf igur ation 6-15 See also DN S system pr[...]
-
Seite 676
Index IN- 30 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 tracer oute, Lay er 2 and AR P 31-14 and CD P 31-14 broa dcas t tra ffic 31-14 describe d 31-14 IP addresse s and sub nets 31-14 MAC addresses and VLANs 31-14 multicas t traffic 31-14 mul tiple devi ces on a por t 31-15 unicast traf fic 31-14 usage gu ideline s 31-14 trace[...]
-
Seite 677
Inde x IN- 31 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 UDLD ( continue d) echoi ng detect ion mech anism 24-3 enab lin g globall y 24-5 per inter face 24-5 link- detect ion mech anism 24-1 neighbor da tabase 24-2 overvi ew 24-1 resettin g an interface 24-6 status, displaying 24-6 support fo r 1-5 unautho rized port s with IEE[...]
-
Seite 678
Index IN- 32 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 vlan d ataba se comm and 12-6 VLAN filter ing and SPAN 23-6 vlan g lobal c onfigur ation comm and 12-6 VLAN ID, disc overing 6-26 VLAN mana geme nt dom ain 13-2 VLAN M anagem ent Polic y Ser ver See VMPS VLAN memb ership confir ming 12-27 modes 12-3 VLAN Quer y Protocol Se[...]
-
Seite 679
Inde x IN- 33 Catalyst 2960 Switch S oftware Configur ation Guide 78-16881-01 voice V LAN (co ntinued) default confi guration 14-3 describe d 14-1 displaying 14-6 IP phone data tra ffic, descri bed 14-2 IP phone voice traf fic, d escrib ed 14-2 VQP 1-6, 12-23 VTP adding a cl ient to a d omain 13-14 advertisements 12- 16, 13-3 and exte nded -rang e [...]
-
Seite 680
Index IN- 34 Catalyst 2960 Switch Softwa re Co nfiguration Guide 78-16881-01 WTD describe d 29-12 setting thresholds egress queue -sets 29-62 ingress qu eues 29-57 support fo r 1-7, 1-8 X Xmodem prot ocol 31-2[...]