Cisco Systems ME3400G2CSA Bedienungsanleitung
- Schauen Sie die Anleitung online durch oderladen Sie diese herunter
- 885 Seiten
- 9.36 mb
Zur Seite of
Ähnliche Gebrauchsanleitungen
-
Switch
Cisco Systems SRW2024PK9NA
483 Seiten 4.69 mb -
Switch
Cisco Systems IGX 8
12 Seiten 0.05 mb -
Switch
Cisco Systems OL-12518-01
30 Seiten 0.48 mb -
Switch
Cisco Systems 1800
8 Seiten 0.18 mb -
Switch
Cisco Systems Cisco 7507
38 Seiten 0.43 mb -
Switch
Cisco Systems WSC4500XF16SFP
194 Seiten 7.47 mb -
Switch
Cisco Systems SFS 7000
37 Seiten 0.79 mb -
Switch
Cisco Systems N3KC3524P10G
112 Seiten 4.16 mb
Richtige Gebrauchsanleitung
Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Cisco Systems ME3400G2CSA an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Cisco Systems ME3400G2CSA, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.
Was ist eine Gebrauchsanleitung?
Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Cisco Systems ME3400G2CSA die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.
Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Cisco Systems ME3400G2CSA. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.
Was sollte also eine ideale Gebrauchsanleitung beinhalten?
Die Gebrauchsanleitung Cisco Systems ME3400G2CSA sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Cisco Systems ME3400G2CSA
- Den Namen des Produzenten und das Produktionsjahr des Geräts Cisco Systems ME3400G2CSA
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Cisco Systems ME3400G2CSA
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen
Warum lesen wir keine Gebrauchsanleitungen?
Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Cisco Systems ME3400G2CSA zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Cisco Systems ME3400G2CSA und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Cisco Systems finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Cisco Systems ME3400G2CSA zu überspringen, wie es bei der Papierform passiert.
Warum sollte man Gebrauchsanleitungen lesen?
In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Cisco Systems ME3400G2CSA, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.
Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Cisco Systems ME3400G2CSA widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.
Inhaltsverzeichnis der Gebrauchsanleitungen
-
Seite 1
Corporate He adquarters Cisc o Syst ems , Inc . 170 West Ta sman Drive San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Cisco ME 340 0 Ethernet A ccess Switc h S of t w are Conf iguration Guide Cisco IOS Release 12.2(25) EX No vem ber 2005 Custome r Order Numb er: DO C-78170 58= Text Pa r[...]
-
Seite 2
THE SPECIFICATIONS AND INFORMATION REG ARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOU T NOTICE. ALL STATEMENT S, INFORMATI ON, AND RECOMMENDA TIONS IN T HIS MANUAL ARE BELIEVED TO BE ACCURATE BU T ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED. USERS MUST TAKE FULL RESPON SIBILITY FOR THEIR AP PLICATION OF ANY PRO[...]
-
Seite 3
iii Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 CONTENTS Preface xx xiii Audienc e xxxii i Pur pose xxxi ii Conv enti ons xxxiii Rela te d Publi cation s xxxiv Obtain ing Docu mentati on xxxv Cisco. com xxxv Produc t Documentat ion DVD xx xv Orderi ng Documenta tion xxxv Document ation F eedback xxxvi Cisco Pr od[...]
-
Seite 4
Cont ent s iv Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Defau lt Se ttin gs Aft er I nitial Sw itch C onfigu rat ion 1-8 Netw ork Confi gur atio n Ex ampl es 1-1 1 Multid welling or Ether net-to -the-S u bscri be r Networ k 1-11 Laye r 2 VPN Applic ation 1-13 Multi-V RF C E App lic atio n 1-14 Wher e to Go N ex[...]
-
Seite 5
Content s v Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Manua lly As sign ing IP Infor matio n 3-9 Checki ng and Sav in g the Runn i ng Configu ration 3-10 Modi fy in g th e Sta rt up Co nf igur at ion 3-1 2 Defau lt B oot Conf igur atio n 3-13 Automa ticall y Download ing a Con fi gurati on File 3-13 Specif ying[...]
-
Seite 6
Cont ent s vi Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Config urin g NTP 5-4 Defaul t NTP Conf ig urati o n 5-4 Config urin g NTP Authent icatio n 5-5 Config urin g NTP As socia tions 5-6 Config urin g NTP Broadca st Serv ic e 5-7 Config urin g NTP Ac cess Res tricti on s 5-8 Config urin g th e Source IP Addre[...]
-
Seite 7
Content s vii Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 CHAPTER 6 Configur ing S DM Templates 6-1 Underst anding th e SDM Templa tes 6-1 Config urin g the Switch SDM Templat e 6-2 Defaul t SDM Template 6-2 SDM Templ ate Confi guratio n Guideli nes 6-2 Setti ng the SDM Temp late 6-3 Displa ying the SDM Te mplate[...]
-
Seite 8
Cont ent s viii Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Config urin g RADI US 7-20 Defaul t RADIUS Confi gu ration 7-20 Identi fying t he RADI US Serv er Host 7-20 Config urin g RADI US Login A uth enti cat ion 7-23 Defini ng AAA Server Groups 7-25 Config urin g RADI US Authori zation f or User Pri vi leged A[...]
-
Seite 9
Content s ix Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Config urin g IEEE 802. 1x Authe nt icat io n 8-9 Defa ul t IEEE 8 02.1x Conf igur at ion 8-9 IEEE 802 .1x Con figurat ion Guid elines 8-1 0 Config urin g IEEE 802. 1x Authe nt icat io n 8-11 Config urin g th e Switch -t o-RADI US- Server Commun icat io n 8[...]
-
Seite 10
Cont ent s x Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Config urin g Auto-MDIX on an Inte rface 9-18 Adding a De scrip ti on for an I nterf ac e 9-19 Config urin g Layer 3 I nterfa ces 9-20 Config urin g th e System MTU 9-21 Monitor ing an d Mainta inin g th e Inte rface s 9-22 Moni tori ng In terfa ce S tat us[...]
-
Seite 11
Content s xi Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Defau lt Laye r 2 Et he rn et Int erfa c e VL A N Co nf ig ura tio n 11-16 Config urin g an Etherne t Inter face as a Trunk Port 11-16 Intera ctio n wit h O ther F eat ures 11-16 Config urin g a Trunk Por t 11-17 Defin in g the Allo w e d V LA N s on a Tr u[...]
-
Seite 12
Cont ent s xii Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Config urin g a Lay er 2 Inter face as a Pri vate -V LAN Host Por t 12-12 Config urin g a Lay er 2 Inter face as a Pri vate -V LAN Promi scu ous Por t 12-13 Mapp ing Seco nda ry VLA Ns to a Prim ary VLAN La yer 3 VLA N In terf ace 12 -14 Moni tori ng P ri[...]
-
Seite 13
Content s xiii Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Spannin g-Tr ee Mode s and Pro tocols 14-9 Support ed Sp anning- Tree I nstances 14-10 Spannin g-Tr ee I nterope rabili ty and Ba ckwa rd Compat i bilit y 14-10 STP and IE EE 802. 1Q Tr unks 14-10 Config urin g Spanning -Tree F ea tures 14-11 Defaul t Spa[...]
-
Seite 14
Cont ent s xiv Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Config urin g MSTP Feat ures 15-11 Defaul t MSTP Conf ig uration 15-12 MSTP Confi gurati on Guideline s 15-1 2 Specif ying the MST Re gion Conf igura ti on and Enabl ing MSTP 15-13 Config urin g the Root Swi tch 15-1 4 Config urin g a Sec ondar y Root Swi[...]
-
Seite 15
Content s xv Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 CHAPTER 17 Configur ing F lex Lin ks 17-1 Underst anding Fl ex Links 17-1 Config urin g Flex Lin ks 17-2 Defau lt F lex Link Conf igur atio n 17-2 Flex Li nk Config urati on Guidel ines 17-2 Config urin g Flex Link s 17-3 Moni tori ng F lex Link s 17-4 CHAP[...]
-
Seite 16
Cont ent s xvi Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 CHAPTER 19 Configur ing Dynamic ARP Ins pectio n 19-1 Underst anding Dyn amic ARP Ins pection 19-1 Inter face Trus t State s an d Network Securit y 19-3 Rate Lim iting of ARP P ack ets 19-4 Relati ve Prior ity o f ARP ACL s and DHCP Sn ooping Ent ries 19-[...]
-
Seite 17
Content s xvii Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Unde rsta nding Mult icas t V LAN R egi strati on 20-16 Using MV R in a Multic ast Telev isi on Applica tion 20-16 Config urin g MVR 20-18 Defaul t MVR Configu ration 20-1 8 MVR Conf igura tion G uideli nes and Limita tions 20-19 Config urin g MV R Global[...]
-
Seite 18
Cont ent s xviii Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 CHAPTER 22 Configur ing C DP 22-1 Underst anding CDP 22-1 Config urin g CDP 22-2 Defaul t CDP Conf ig urati on 22-2 Config urin g the CDP Chara cter is tics 22-2 Disab ling an d En abli ng CD P 22-3 Disab ling an d En abli ng CD P o n an I nter fac e 22[...]
-
Seite 19
Content s xix Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Config urin g Local SPAN 24-10 SPAN Confi gurati on Gui deline s 24-10 Creati ng a Local SPAN S ession 24-11 Creati ng a Loca l SP AN Sessio n and Confi guring I ngress Tr affi c 24-13 Specif ying VLANs t o Filter 24-15 Config urin g RSPAN 24 -16 RSPA N Co[...]
-
Seite 20
Cont ent s xx Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 CHAPTER 27 Configur ing SNMP 27-1 Underst anding SNMP 27-1 SNMP Vers ions 27-2 SNMP Manage r Fu nctions 27-3 SNM P Age nt Fu nc ti ons 27-4 SNMP Communi ty Str ings 27-4 Using SNMP to Access MIB Variabl es 27-4 SNMP No tific ations 27-5 SNMP if Ind e x MIB[...]
-
Seite 21
Content s xxi Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Applyi ng an IPv4 ACL to an Inter face 28-1 9 Hardwa re and Soft ware Treat ment of IP ACL s 28-21 IPv4 A CL Conf igur atio n Ex ampl es 28-21 Numbered ACL s 28-2 3 Exten ded AC Ls 28-23 Named ACLs 28-23 Time Range Applied t o an IP ACL 28-24 Comme n te d [...]
-
Seite 22
Cont ent s xxii Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Classi ficati on 30-5 Class Maps 30-6 The match Co mmand 30 -7 Classi ficati on Base d on Layer 2 CoS 30-7 Classi ficati on Base d on IP Prece dence 30-8 Classi ficati on Base d on I P DSCP 30-8 Classi ficati on C ompariso ns 30-9 Classi ficati on Base d[...]
-
Seite 23
Content s xxiii Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Displa ying QoS In format ion 30-55 QoS Stati stics 30-55 Config urati o n Exampl es for Po li cy Maps 30-56 QoS Confi guratio n for Cu stomer A 30-56 QoS Confi guratio n for Cu stomer B 30-58 Modi fy in g O ut pu t Po lici es an d Ad d i n g or De le ti[...]
-
Seite 24
Cont ent s xxiv Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 CHAPTER 32 Configur ing IP Unicast Routing 32-1 Underst anding I P Routing 32-2 Type s of Routin g 32-2 Steps for Conf igur ing Routi ng 32-3 Config urin g IP Address ing 32-4 Defaul t Addres sing Conf igur at ion 32-4 Assig n in g IP Add re s se s to Ne[...]
-
Seite 25
Content s xxv Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Config urin g EIGRP 32-32 Defaul t EIGRP Conf igur ation 32-34 Config urin g Bas ic EIGRP Par ameter s 32-3 5 Config urin g EIGRP Int erfaces 32-36 Config urin g EIGRP Route Authen ticati on 32 -37 Monitor ing an d Ma intain ing EI GRP 32- 38 Config urin g[...]
-
Seite 26
Cont ent s xxvi Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Filt er in g Ro u tin g Info r mat io n 32-79 Setti ng Passive Inter fa ces 32-79 Contro lling Adv ertisi ng and Proc essin g i n Routing Upd ates 32-80 Filte ring S ource s of Ro utin g Info rmatio n 32 -81 Managing Auth enticat ion Ke ys 32-82 Monit or[...]
-
Seite 27
Content s xxvii Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Config urin g a Rendezvo us Poin t 34-1 0 Manua lly As sign ing a n RP t o Mu lticas t Gr oups 34-1 1 Config urin g Auto-RP 34-12 Config urin g PIMv2 BSR 34-16 Using Aut o-RP an d a BSR 34-2 0 Monitor ing the RP Mapp ing Info rmation 34-21 Troubl eshoo t[...]
-
Seite 28
Cont ent s xxvii i Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Contr ollin g Sou rce Infor matio n th at Yo ur S witch Or iginat es 35-8 Redist ributi ng So urces 35-9 Filt er in g So u rc e-A ct iv e R eq ue s t Mes s ag e s 35-1 1 Contro lling So urce Info rmation t hat You r Swi tch Forwar ds 35 -12 Using a Fi[...]
-
Seite 29
Content s xxix Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Using TDR 36-17 Underst anding TDR 36-17 Running TDR and Dis pl aying the Result s 36-17 Using Deb ug Commands 36-18 Enabli ng Debug ging on a Spe cific Fe ature 36-18 Enabli ng All -System Diagn ostics 36-1 9 Redire ctin g Debu g and Err or Messa ge Ou t[...]
-
Seite 30
Cont ent s xxx Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Copyin g Configur ation Fi les By Usin g FTP B-1 1 Prepa ring to Down load or U plo ad a C onf igurat ion File By Using FT P B-12 Download ing a Con fi gurati on File By Us ing FTP B-13 Uploadi ng a Conf igurat ion File By Using FTP B-14 Copyin g Configur[...]
-
Seite 31
Content s xxxi Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 IGMP Snoopi ng Commands C-2 Unsuppor ted Globa l Conf ig uration Commands C-2 Inter face Comma nds C-3 Unsuppor ted Priv ileged EXEC Command s C-3 Unsuppor ted Globa l Conf ig uration Commands C-3 Unsuppor ted Inte rfac e Con figurat ion Co mma nds C- 3 I[...]
-
Seite 32
Cont ent s xxxii Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Span ning Tre e C-9 Unsuppor ted Globa l Conf ig uration Command C-9 Unsuppor ted Inte rfac e Con figurat ion Co mma nd C-9 VLAN C-10 Unsuppor ted Globa l Conf ig uration Commands C-10 Unsuppor ted User EX EC Commands C-10 I NDEX[...]
-
Seite 33
xxxii i Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Preface Audience This gu ide i s f or t he ne twor king pr ofession al ma na ging the Cisc o Me tro E ther net (ME ) 340 0 Se rie s Ethern et Access switch, hereaft er referr ed to as the swi tc h . Be fo re u s in g th is gu id e, y ou sho ul d h ave experien c[...]
-
Seite 34
xxxiv Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Preface Related Publi ca tions Inter acti ve exampl es use these con ventio ns: • T erminal sessions and system displays are in screen font. • Informa tio n y ou e nter is in boldf ace sc reen f ont. • Nonpri nting ch aract ers, such a s passwords or tabs , [...]
-
Seite 35
xxxv Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Pre face Obtaining Docume ntation • Cisco Gigabit Ethernet T ransceiver Modules Compat ibility Matrix (not order able but available on Cisco.com) • Cisco 100-Me gabit Etherne t SFP Modules Comp atibility Ma trix (not order able but av a ilable on Cisco.com) •[...]
-
Seite 36
xxxvi Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Preface Docum ent ation Fe edback Nonregistere d Cisco.c om users can order technic al documen tation from 8:00 a.m . to 5:00 p.m. (0800 to 1700 ) PDT by calling 1 86 6 4 63-348 7 in t he U nite d State s and Ca nada , or el sewhere by calling 011 408 519- 5055. Y[...]
-
Seite 37
xxxvi i Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Pre face Ob taining Technical Assistance Reporting Se curity Problems in Cisco P roducts Cisco is committ ed to deli vering secure produc ts. W e test our products internally before we releas e them, and we striv e to correct a ll vulnerabilities quickly . If yo[...]
-
Seite 38
xxxvii i Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Preface Obtain in g Technical Assis ta nce Note Us e t he Ci sco Prod uct Identi fication (CPI ) to ol to loc ate your pr odu ct s er ial n umb er bef ore subm itt ing a web or phon e request for service. Y ou can ac cess the CPI tool fr om the Cisco T echni ca[...]
-
Seite 39
xxxix Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Pre face Ob ta ining Additional Publications and Information Obtaining Ad ditional Public ations and In formation Informa tion ab out Cisco pro ducts, tec hn ologie s, and net wor k solutions is available from various onlin e and printe d source s. • Cisco Ma rk[...]
-
Seite 40
xl Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Preface Obtainin g Addi ti ona l Publicat io ns and Info rmatio n[...]
-
Seite 41
C HAPTER 1-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 1 Overview This chap ter pro vides these topics about the Cis co Metro Ether net (ME) 3400 Series Ethernet Access switch software: • Feat ures , page 1- 1 • Defa ult Settings After In itial Swi tch Conf iguration, page 1-8 • Network Configu ratio n Ex[...]
-
Seite 42
1-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Ch ap ter 1 Ov er vi ew Feature s The swi tch h as thes e featu res: • Performa nce Feat u res, pa ge 1- 2 • Managem ent Options, page 1-3 • Managea bil ity Featu re s, page 1- 3 (inc ludes a feat ure requ iring th e crypto graph ic versions of the software) ?[...]
-
Seite 43
1-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 1 Overview Features • IGMP f ilte ring for con trolling the se t of mu lticast grou ps to which hosts on a swit ch port ca n belong • IGMP throttl ing for conf iguring the actio n when the maximum number of entries is in the IGMP forwarding t abl e • I[...]
-
Seite 44
1-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Ch ap ter 1 Ov er vi ew Feature s • Cisco IOS File System (IFS) for provi ding a single interf ace to all f ile systems that the switch uses • In-band ma nageme nt access fo r up to 16 sim ultaneo us T elnet conn ections for multipl e CLI-base d sessions ove r t[...]
-
Seite 45
1-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 1 Overview Features VLAN Fea tur es • Support fo r up to 100 5 VLANs for assigni ng users to VLA Ns associ ate d with appropr iate network resourc es, tr affic patterns, and band widt h • Support for VL AN IDs in t he f ull 1 t o 4094 r an ge a llowed by[...]
-
Seite 46
1-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Ch ap ter 1 Ov er vi ew Feature s • Configuration file secu rity so that onl y authe nticated and author ized users have access to the configuration file, p r ev enting use rs fr om acce ssing the configu ratio n file by using the p assword recovery process • Mu[...]
-
Seite 47
1-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 1 Overview Features • W e ighted tail d rop ( WTD) a s the conge stion- av oidance m echanis m for mana ging the que ue le ngths and providi ng drop pre cedenc es for differen t traffic classifications • T ab le maps for map ping DSCP , CoS, and IP prec [...]
-
Seite 48
1-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Ch ap ter 1 Ov er vi ew Default Set t ings After I nit i al Switch Conf iguratio n • Protocol-Inde pendent Multicast (PI M) for multicast routing within the network, allo wing for de vices in the netw ork to recei ve the multicast feed requested an d for switches [...]
-
Seite 49
1-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 1 Overview Default Settings After Initial Switch Configuration If you d o not c onfi gure the switch a t all, the Cisc0 ME 3 400 switch oper ates with the def ault se ttings sho wn in Ta b l e 1 - 1 . T able 1 -1 Def ault Settings Aft er Initial S witc h Con[...]
-
Seite 50
1-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Ch ap ter 1 Ov er vi ew Default Set t ings After I nit i al Switch Conf iguratio n T unneli ng • 802.1Q tu nne ling (re qu ire s metro I P acc ess or m etro ac cess imag e) Disabled Chapter 13, “ Configuring IEEE 802.1Q and La yer 2 Pr otoco l T unnel ing” ?[...]
-
Seite 51
1-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 1 Overview Network Configuration Examples Network Config uration E xamples This se cti on pr ovides ne twork co nfiguration c once pts and inc lude s examples of using th e s wit ch to creat e dedica ted network segment s and int erconne ctin g the segment [...]
-
Seite 52
1-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex ample s denial -of -service attac ks are a vo ided. T he Cis co ME swit ch als o pro vides mecha nisms such as p ort securi t y and IP Sour ce Guar d to pro tect again st MAC or IP spoofing. By usin g advanced acc[...]
-
Seite 53
1-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 1 Overview Network Configuration Examples Layer 2 VPN Application Enterprise c ustomers need n ot only high band width, b ut also the a bility to e x tend their pri vate ne twork across the s ervice p rovider’ s shared infrastructure. W ith Ethernet in th[...]
-
Seite 54
1-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex ample s Multi-VRF CE Application A VPN is a collect ion of si tes sharing a common r outing tab le. A custo mer site is c onnected to the service -pro vider netw ork by one or more interf aces, an d the servic e p[...]
-
Seite 55
1-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 1 Overview Where t o Go Next Where to Go Next Before conf iguring the switch, re vie w these sections for startup informatio n: • Chapter 2, “Us ing the Comm and-Li ne Inter fa ce” • Chapter 3, “ Assigning the Switch IP Address and Def ault Gate w[...]
-
Seite 56
1-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Ch ap ter 1 Ov er vi ew Where to Go Nex t[...]
-
Seite 57
C HAPTER 2-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 2 Using the Command-Line Interface This c hapte r descr ibes t he Cisc o IOS comm and-li ne in terface ( CLI) and how to use it to configure your Cisco ME 3400 Eth ernet Acc ess switch. It con tains these sec tions: • Understa nding C ommand Mo des, pa ge[...]
-
Seite 58
2-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Unders tan ding Comm and Mode s For more detail ed info rmat ion on the command mode s, see the c omma nd refe rence g uide for th is re lease . T able 2-1 Command Mo de Summa ry Mod e Acce ss Meth od Promp t Exi[...]
-
Seite 59
2-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 2 Using the Comm a nd-Line In terface Understa nding the Hel p System Understandin g the Help Syste m Y ou can enter a qu es t ion ma rk (? ) at th e s y s tem pr om p t to d is p lay a lis t of co mm an d s a v ailab l e f or eac h comma nd mode . Y ou can [...]
-
Seite 60
2-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Unders tan ding no and de fault Fo rms of Comm ands Understandin g no and def ault Fo rms of Comma nds Almos t e v ery co nf iguration comma nd also has a no form. In ge neral, us e the no form to di sable a feat[...]
-
Seite 61
2-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 2 Using the Comm a nd-Line In terface Using Com mand History Changing the Command Hist ory Buffer Size By default, the switch records ten command lines in its history b uf fer . Y ou can alter this number for a curre nt term inal s ession or for all se ssion[...]
-
Seite 62
2-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Using E diting Feature s Using Editing Fea tures This secti on descri bes the ed iting fea tures tha t can help you ma nipul ate the com mand line . It cont ains these sectio ns: • Ena bling and Dis abli ng Ed [...]
-
Seite 63
2-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 2 Using the Comm a nd-Line In terface Using Edit ing Featu res Press Esc Y . Recall the ne xt b uf fer entry . The buf fer co ntains only the last 10 items that you have deleted or cut. If y ou pre ss Esc Y more than ten times, you cy cle to the fi rst buf f[...]
-
Seite 64
2-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Searching and F iltering O utput of show and more Com man ds Editing C ommand Lines that Wrap Y o u can use a w rapa ro und f ea ture for c om mands tha t ext end b eyond a si ngle li ne o n the sc reen . W he n [...]
-
Seite 65
2-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 2 Using the Comm a nd-Line In terface Acce ssi ng th e C L I Accessing the CLI Y o u can ac cess the CL I t hro ugh a c ons ole co nne ctio n, thro ugh T e lnet , or by u s ing th e browser . Accessing the CLI throu gh a Co nsole Conn ection or through Telne[...]
-
Seite 66
2-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Access ing the CLI[...]
-
Seite 67
C HAPTER 3-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 3 Assigning the Switch IP Address and Default Gateway This chap ter de scribe s ho w to creat e the initial s witch conf iguration (for e xampl e, assign ing the switch IP addre ss and defau lt gateway informa tion) fo r the Cisco Metro Ethe rnet (M E) 3400[...]
-
Seite 68
3-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmatio n • Initial izes the fla sh f ile sys tem on the system boar d. • Loads a default operating sy stem softw are image into memory and boot s the switc h. The bo ot loader [...]
-
Seite 69
3-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information These sec tions co ntain this configura tion info rmat ion: • Default Swi tch Informa tion, page 3-3 • Understa nding DHCP- Based Aut oconfiguratio n, page 3-3 • [...]
-
Seite 70
3-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmatio n Figure 3-1 shows th e sequen ce of mess age s that ar e e xchanged betw een the DHCP c lient an d the DHC P server . Figur e 3-1 DHCP Client and Serv er Messag e Exc hange[...]
-
Seite 71
3-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Configuring DHCP-Based Autoconfiguration These sec tions co ntain this configura tion info rmat ion: • DHCP Serv er Config urati on Guidelin es, page 3- 5 • Configu[...]
-
Seite 72
3-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmatio n If you did no t speci fy t h e configurat i on filename, the TFT P ser ver , or if t he configurat i on file could not be do wnloaded, the switch attempts to do wn load a [...]
-
Seite 73
3-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Note If the switch is act ing a s the relay de vic e, co nf igure th e int erfac e as a r outed port. Fo r more in formatio n, see th e “Route d Ports” sec tion o n[...]
-
Seite 74
3-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmatio n After obtaini ng its hostname from the default conf igurati on file or the DHCP reply , the switch reads the con figurat ion f ile that has the sa me name as it s hostname[...]
-
Seite 75
3-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information DNS Ser ver Conf iguration The DNS server ma ps the TF TP server name tftpserver to IP addre ss 10. 0.0.3 . TFTP Serve r Conf iguration (on UNIX) The TF TP server base [...]
-
Seite 76
3-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Checking and Saving th e Run ning Confi gura tion T o remov e the switch IP address , use the no ip address interfa ce con figuratio n command . If you are remo ving the address through a T elnet session[...]
-
Seite 77
3-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Chec king and Savin g the Ru nnin g Co nfig ur atio n ! vlan 2,10 ! class-map match-all test1 class-map match-all class2 class-map match-all class1 ! ! policy-map test class class1 police cir perc[...]
-
Seite 78
3-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Modifyin g th e Startup Config uration session-timeout 120 exec-timeout 120 0 speed 115200 line vty 0 4 password cisco no login line vty 5 15 no login ! ! end T o store t he conf igura tion o r change s [...]
-
Seite 79
3-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Modifying the Startup Configuration Default Boot Configuration Ta b l e 3 - 3 shows the d efault bo ot configu ratio n. Automatically Downloading a Configuration File Y o u can auto matica lly dow[...]
-
Seite 80
3-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Modifyin g th e Startup Config uration Booting Manua lly By default, the swit ch automati cally boo ts; howe ver , you c an configure it to manu ally boot. Beginning in p rivileged EXEC m ode, fo llow th[...]
-
Seite 81
3-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Modifying the Startup Configuration T o return to the default setting, use the no boot system globa l c onfigurat ion com ma nd. Controlling Environment Variables W ith a n orm all y oper at ing s[...]
-
Seite 82
3-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Scheduli ng a Re load of the S oft w are Image Y o u can c hange t he sett ings of t he environmen t variables by acc essing the boo t load er or by using Cisco IOS comman ds. Under norma l circumstance [...]
-
Seite 83
3-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Schedul ing a Rel oad of the Sof tware Ima ge Configur ing a Sc he duled Relo ad T o conf igure your switch to relo ad the softw are i mage at a later time, use o ne of th ese co mmands in privile[...]
-
Seite 84
3-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 3 Assigning the Switch IP Address and Default Gateway Scheduli ng a Re load of the S oft w are Image Displaying Scheduled Reload Information T o display infor mation ab out a previousl y schedu led reload or to find out if a reload has been sche duled on th[...]
-
Seite 85
C HAPTER 4-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 4 Configuring Cisco IOS CNS Age nts This chap ter des cribes how t o conf igure the Ci sco IOS CNS agents on the Cisco ME 3400 switch. Note For complete confi guratio n informatio n for the Cisco Conf igurati on Engine, see th is URL on Cisco.c om http://ww[...]
-
Seite 86
4-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 4 Configurin g Cisco I OS CNS Agent s Unders tan din g Cisco Conf ig urat ion Engin e Software Figur e 4-1 Configur ation Eng ine Ar chit ectural O vervie w These secti ons cont ain this co nceptu al in forma tion: • Configuration Ser vice , pa ge 4 -2 ?[...]
-
Seite 87
4-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 4 Configuring Cisco IOS CNS Agen ts Understanding Cisco Configuration Engine S oftware Event Servic e The Ci sco C onfigur ation E ngine uses t he Event Se rv ice f or re ceipt an d g en erati on of c on figurati on e ven ts. The e v ent agent is on the swit[...]
-
Seite 88
4-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 4 Configurin g Cisco I OS CNS Agent s Unders tan din g Cisco Conf ig urat ion Engin e Software DeviceID Each co nfigured swit ch parti cipati ng on the ev ent bus has a unique D eviceID, which is a nalogou s to the switch source ad dress so that the switch [...]
-
Seite 89
4-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 4 Configuring Cisco IOS CNS Agen ts Understanding Cisco IOS Agents Understandin g Cisco IOS Age nts The CNS e vent agen t feature allo ws the swit ch to publish and sub scribe to ev ents on the e vent b us and works with the Cisc o IOS agent. Th e Cisco IOS [...]
-
Seite 90
4-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 4 Configurin g Cisco I OS CNS Agent s Configuring Cisco I OS A ge nts Incremental (Partial) Configur ation After t he ne twork is r unn ing, new serv ice s c an b e adde d by usi ng t he Cisc o IOS a gent . In cr em en tal (partia l) co nfigurations can be [...]
-
Seite 91
4-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 4 Configuring Cisco IOS CNS Agen ts Configuring Cisco IOS Agents Note For more informatio n about running the setup program and cr eating templates o n the Configurat ion Engine , see the Cisc o Configuration En gine Inst allat ion and Setup G uide, 1.5 for [...]
-
Seite 92
4-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 4 Configurin g Cisco I OS CNS Agent s Configuring Cisco I OS A ge nts Enabling th e CNS Ev ent Agent Note Y ou mus t enabl e the CNS e vent agent on the switch before you en able the C NS con figu ration agent. Beginn ing in pri vilege d EXEC mode, follo w [...]
-
Seite 93
4-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 4 Configuring Cisco IOS CNS Agen ts Configuring Cisco IOS Agents Enabling th e Cis co IOS CNS Ag ent After enabling the CNS e vent agent, start the Cisco IOS CNS a gent on th e switch. Y ou can enab le the Cisco IOS ag ent with the se commands : • The cns [...]
-
Seite 94
4-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 4 Configurin g Cisco I OS CNS Agent s Configuring Cisco I OS A ge nts Step 7 cn s id interfac e num { dns-re verse | ipaddress | mac-addr ess } [ ev en t ] or cns id { hardware -serial | hostname | string string } [ eve n t ] Set th e uni qu e EventI D or [...]
-
Seite 95
4-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 4 Configuring Cisco IOS CNS Agen ts Configuring Cisco IOS Agents T o disab le the C NS Cis co IOS agent, use t he no cns conf ig initial { ip-address | hostname } global configurati on comm a nd. This e xample sho ws ho w to configure an in itia l co nf igu[...]
-
Seite 96
4-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 4 Configurin g Cisco I OS CNS Agent s Displaying CNS Con figuration Displaying CNS Confi guration Y o u can use the privileged EXE C command s in Ta b l e 4 - 2 to displa y CNS c onfiguratio n in forma tion. T able 4-2 Displa ying CNS Co nfiguratio n Comma[...]
-
Seite 97
4-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 4 Configuring Cisco IOS CNS Agen ts Displaying CNS Configuration[...]
-
Seite 98
C HAPTER 5-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 5 Administering the Switch This chap ter describ es how to perform one-ti me operat ions to admini ster the Cisco M E 3400 Ethe rnet Access switch. This chap ter cons ists of th ese sectio ns: • Managin g the System Time and Da te, pa ge 5-1 • Configuri[...]
-
Seite 99
5-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the Syste m Time and Date Understand ing the S ystem Clock The heart o f the time serv ice is the system clock. This cl ock runs from th e moment the syste m starts up and keeps tra ck of the da te and tim e. The sy stem [...]
-
Seite 100
5-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Cisco’ s impleme ntation of N TP does not su pport stra tum 1 serv ice; it is not po ssible to connect to a radio or atom i c clock. W e re comme nd that t he ti me servic e for y our [...]
-
Seite 101
5-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the Syste m Time and Date Configuring NTP The switc h does not have a hardware-sup ported clo ck and cann ot function as an NTP maste r clock to which p eers syn chronize themselv es when an e xternal NT P source is not a[...]
-
Seite 102
5-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Configuring NTP Authentication This proced ure mus t be coordinat ed with the ad ministr ator o f the N TP ser ver; the i nformation you co nf igu re in this procedure must be matched by[...]
-
Seite 103
5-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the Syste m Time and Date Configuring NTP Associations An NTP associat ion can be a pe er asso cia tio n (this swi tch ca n eit her sync hroni ze to th e othe r device or allow the other device to sync hronize to it), or [...]
-
Seite 104
5-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Configuring NTP Broadcast Service The co mmunic ations bet ween devices run ning NTP (k nown as associations ) are us ually statically configured ; each device is giv en th e IP addresse[...]
-
Seite 105
5-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the Syste m Time and Date Beginning in privileged EXEC mode, follow these st eps to co nfigure the switc h to rec eiv e NTP broa dcast packets from c onnect ed peers: T o disable an interface fro m receiv ing NTP broadcas[...]
-
Seite 106
5-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Creating an Access Gro up and Assigni ng a Basic IP Access List Beginn ing in pri vilege d EXEC mode, follo w these steps to contro l access to NTP services b y using access lists: The a[...]
-
Seite 107
5-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the Syste m Time and Date T o remov e access control to the sw itch NTP servi ces, use the no ntp access-gr oup { query-only | serve -only | serve | peer } global con figuration com mand. This e x ample sho ws how to co [...]
-
Seite 108
5-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e The specif i ed interface is u sed for the sour ce address for all pack ets sent to all destinations. If a source addr ess is to be used f or a specif ic association, use the source ke [...]
-
Seite 109
5-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the Syste m Time and Date This example shows ho w to manually set the system cl ock to 1:32 p.m . on July 23, 2001 : Switch# clock set 13:32:00 23 July 2001 Displaying the Time and Dat e Configuration T o display the tim[...]
-
Seite 110
5-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Configuring Summer Time (Daylight Saving Time) Beginning in pr ivileged EXEC mode, fo llow these steps t o co nfigure summer time (dayligh t saving time) in areas wh ere it starts an d [...]
-
Seite 111
5-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Configur ing a Sys tem Nam e and Prompt Beginning in privileged EX EC mode, fol low these steps if summ er time in your area do es not follow a recurr ing patt ern (con figure the exact dat e and time of the next summer tim e ev e[...]
-
Seite 112
5-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Confi guring a S ystem Name an d Prompt These sec tions co ntain this configura tion info rmat ion: • Default Syste m Name and Prom pt Configuration , page 5-15 • Configuring a Syste m N ame , page 5-15 • Understa ndin g D[...]
-
Seite 113
5-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Configur ing a Sys tem Nam e and Prompt These sec tions co ntain this configura tion info rmat ion: • Default DN S Configuration, page 5-16 • Setting Up DNS, pag e 5-16 • Displayin g the DNS Configurat ion, page 5-1 7 Defaul[...]
-
Seite 114
5-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Creat ing a Bann er If you u se t he switc h IP ad dress a s its hostnam e, the IP a ddress i s used and no DNS query oc curs. I f you configure a ho stname that contai ns no periods (.), a period foll owed by the defaul t domai[...]
-
Seite 115
5-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Creating a Banner Configurin g a Mess age-of-the -Day Log in Bann er Y ou can create a sin gle o r mult ilin e m essage ban ner tha t a ppea rs on th e scr een when so meo ne lo gs in to the switch. Beginning in privileged EX EC m[...]
-
Seite 116
5-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Managin g the MAC Addre ss Table Configurin g a Login B anner Y o u can co nfigure a log in banne r to be displ aye d on all conn ec ted ter mina ls. T hi s bann er ap pear s a fter the M O TD ba nn er a nd befo re the lo gin pr[...]
-
Seite 117
5-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the MAC A ddre ss Table These sec tions co ntain this configura tion info rmat ion: • Building the A d dress T able, pa ge 5 -20 • MA C Addres ses an d VLAN s, page 5-20 • Default MAC Address T able Configuratio n,[...]
-
Seite 118
5-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Managin g the MAC Addre ss Table If the switch is runnin g the metro IP acc ess or metr o acces s image, you can disabl e MA C address learnin g on a per-VLAN basis. Customers in a servic e provider network ca n tunnel a large n[...]
-
Seite 119
5-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the MAC A ddre ss Table Beginn ing in pr iv ileged EXEC mode, follo w thes e steps to conf igure the dynamic a ddress table aging time: T o return to th e default v alue, use t he no mac addr ess-table aging-time global [...]
-
Seite 120
5-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Managin g the MAC Addre ss Table Beginning i n privileged E X EC mo de , follow these s teps to c on figure th e switc h t o send M A C a ddress notif ication traps to an NMS host: Command Purpos e Step 1 configur e terminal Ent[...]
-
Seite 121
5-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the MAC A ddre ss Table T o disable the sw itch from se nding MAC address notificati on traps, use th e no snmp-ser ver ena ble traps mac-notification global con f igura tion co mman d. T o disable the M A C address noti[...]
-
Seite 122
5-25 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Managin g the MAC Addre ss Table Beginning i n privileged EX EC mo de , follo w these steps to add a static address: T o remove st at ic en tr i es fr om t he a ddr es s t abl e, u se th e no mac address-t able static mac-addr v[...]
-
Seite 123
5-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the MAC A ddre ss Table • If you add a uni cast MA C address as a static address and con figure u nicast MA C address filte ring, the switc h eithe r add s the MA C address as a static ad dress or dr ops pa ck ets with[...]
-
Seite 124
5-27 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Adminis ter ing the Switch Managin g the MAC Addre ss Table Foll ow these gui delines when d isabling MA C address le arning on a VLAN: • Disabling MA C addre ss learni ng on a VLAN is suppor ted onl y if the switc h is runn ing the m etro I P acce ss o[...]
-
Seite 125
5-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 5 Administering the Switch Managin g the ARP Table Displaying A ddress Table Entries Y o u can displa y the MAC address table by using one or more of the privileged EXE C command s describe d in Ta b l e 5 - 4 : Managing the ARP Ta ble T o communi cate wi t[...]
-
Seite 126
C HAPTER 6-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 6 Configuring SDM Templates This chapte r describes ho w to conf igure the Switch Data base Management (SDM ) templates on the Cisco ME 3400 Ether net Access switch. SDM template configu ration is supported only wh en the switch is runni ng the metro IP acc[...]
-
Seite 127
6-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 6 Configuring SDM T emplates Conf igu rin g th e Swi tch SDM T empl ate Ta b l e 6 - 1 sho ws the approxim ate number of each resourc e supported in e ach of the two te mplates for a switch r unning the metro IP access image. The v alues in the te mplate are[...]
-
Seite 128
6-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 6 Configuring SD M Te mplates Config uring t he Swit ch SDM Te mplate • Do not use the def ault tem pla te if you do not ha ve routing enabled on you r switc h. The sdm pr efer default global c onfigu ration c omma nd prevents other f eature s f rom u sing[...]
-
Seite 129
6-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 6 Configuring SDM T emplates Display ing the SDM Tem p lates This e x ample sho ws how to conf igure a switch w ith the layer -2 templa te. Switch(config)# sdm prefer layer-2 Switch(config)# end Switch# reload Proceed with reload? [confirm] Displaying the SD[...]
-
Seite 130
C HAPTER 7-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 7 Configuring Switch-Based Authentication This chapte r describes ho w to conf igure switch-b ased authentica tion on the Cisco ME 3400 switch. This chap ter cons ists of th ese sectio ns: • Pre ve nting Unauthorized Acc ess to Y our Switch, page 7-1 • [...]
-
Seite 131
7-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Protecting Access to Privileged EXEC Command s A simpl e way of p rovidin g te rmi nal acces s c ontr ol i n you r netwo rk i s to use p ass words a nd as sign privile[...]
-
Seite 132
7-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds Setting o r Changin g a Static Enab le Pa ssword The en able password control s access to the privileged EXEC mode. Beginning in privileged EXEC mode, follo[...]
-
Seite 133
7-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Protecting En able and E nable Secre t Passw ord s with Enc ryption T o provide an additiona l layer of security , particul arly for passwords that cross the netw ork [...]
-
Seite 134
7-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds If bo th the en able and e nable sec ret pas sword s are de f ined, us ers must enter th e enable s ecret p asswo rd. Use th e level keyword to define a pas[...]
-
Seite 135
7-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds T o re-ena ble pa ssword r ecovery , us e th e service pass word- reco v ery global con figuration com mand. Note Disabling password recov ery will not w ork if you ha[...]
-
Seite 136
7-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds Configuring Us ername and P assword Pairs Y o u can co nfigure usernam e and password pairs, wh ich are loca lly stored on the switc h. These pa irs are ass[...]
-
Seite 137
7-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Configuring Multiple Privilege Level s By default, the Cisco IO S software has two modes of passwor d security: use r EXEC and privileged EXEC. Y ou ca n configure up [...]
-
Seite 138
7-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds When y ou set a command to a pr i vile ge le vel, all co mmands whose s yntax is a subs et of th at com mand are al so set to th at le vel. For exa mple, if[...]
-
Seite 139
7-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controlling Sw itch Acce ss w ith TACACS+ Logging into and Exiting a Privilege Level Beginn ing in pri vile ged EXEC mode, f ollo w these steps to log in to a s pe cif ie d p ri vi l e ge l e ve l and to e x i t to [...]
-
Seite 140
7-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ Figur e 7 -1 T ypical T ACA CS+ Netw or k Conf igur ation T A CAC S+, adm inistered thro ugh the AAA se curity services, can p rovid e these services : • Authent ication?[...]
-
Seite 141
7-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controlling Sw itch Acce ss w ith TACACS+ TACACS+ Ope ration When a use r attempts a sim ple ASCII login by authent icating to a switch using T A CA CS+, this process occurs: 1. When th e connection is establishe d,[...]
-
Seite 142
7-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ Configuring TACACS+ This se ction de scri bes how to c onfigure yo ur swi tch to su ppo rt T A CA C S+. A t a m i nimu m, yo u must identify the host or hosts maintainin g [...]
-
Seite 143
7-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controlling Sw itch Acce ss w ith TACACS+ Beginn ing in pr iv ileged EXEC mode, f ollo w these steps to identify the IP host o r host m aintaining T A CA CS+ server and opt ionall y set the encr yption key: T o remo[...]
-
Seite 144
7-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ authe nticate users; if that m ethod fails to resp ond, the software selects the next a uthenti cation m ethod in the method list. This process contin ues until there is su[...]
-
Seite 145
7-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controlling Sw itch Acce ss w ith TACACS+ T o disa ble A AA, u se t he no aaa new-model glo bal co nfigurat ion co mma nd. T o disa ble A AA authenti cation, use th e no aaa aut hent ica tion l ogin { default | list[...]
-
Seite 146
7-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ T o disable au thoriz ation , use t he no aaa aut horizati on { network | exec } method1 gl obal c onfigurat ion comm an d. Starting TACACS+ Accounting The AA A accou nting[...]
-
Seite 147
7-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Controlling Switch Access with RADIUS This secti on descri bes how to enable and co nfigure the RAD IUS, which provides detai led accou nting inform ation a nd flexible ad [...]
-
Seite 148
7-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS RADIUS is not suitable in these netw ork security situations: • Multipr otocol acce ss en vironmen ts. RADIUS do es not supp ort AppleT alk Remote Access (A RA), NetBI OS [...]
-
Seite 149
7-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Configuring RADIUS This se ctio n de scri bes how to c onfigure yo ur sw itch to su ppo rt R ADI US. At a mi nim um, y ou mus t identify t he host or host s that ru n the R[...]
-
Seite 150
7-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Y ou identify RADIUS security ser vers by the ir hostname or IP address, host name and specif ic UDP port numbers, or their I P addre ss and specific UD P port num bers. The[...]
-
Seite 151
7-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Step 3 radius-server host { hostname | ip-addr ess } [ au th-p ort por t-n umbe r ] [ acct-po rt port-n umbe r ] [ timeout second s ] [ retr ansmit r etries ] [ key str ing[...]
-
Seite 152
7-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o remove th e specifie d RADIUS server , use the no radius-serv e r host hostname | ip- address global configurati on comm a nd. This exampl e sho ws ho w to conf igure on[...]
-
Seite 153
7-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf ig ure login authenticat ion. This procedu re is re quir ed. Comma nd Pu rpos e Step 1 conf igure t ermin[...]
-
Seite 154
7-25 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o disa ble A AA, u se t he no aaa new-model glo bal co nfigurat ion co mma nd. T o disa ble A AA authenti cation, use th e no aaa aut hent ica tion l ogin { default | list[...]
-
Seite 155
7-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Be ginning in pri v ile ged EXEC mode, fo llo w these step s to def ine the AAA ser ver group and associate a particula r RADIUS serve r with it: Comma nd Pu rpos e Step 1 [...]
-
Seite 156
7-27 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o remove th e specifie d RADIUS server , use the no radius-serv e r host hostname | ip- address global configurati on comm and. T o remove a server group fro m the configu[...]
-
Seite 157
7-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Beginn ing in pri vile ged EXEC mo de, follo w these ste ps to specif y RADIUS author ization for privile ged EXEC a cce ss an d n etwor k ser vi ces: T o disable author iz[...]
-
Seite 158
7-29 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Configuring Settings for All RADIUS S ervers Beginning i n privileged E X EC mo de , follow these s teps to c on figure gl obal com mun ica tion sett ings between the switch[...]
-
Seite 159
7-30 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS For ex ample, this A V pair acti vates Cisco’ s mul tiple named ip addr ess pools featur e during IP authorization (during PPP IPCP add ress assignment): cisco-avpair= ?[...]
-
Seite 160
7-31 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Configuring the Switch for Vendor-Proprietar y RADIUS Server Communication Although an IET F draft stand ard for R ADI US specifies a m ethod f or co mmunic ating vendor-pro[...]
-
Seite 161
7-32 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Sw itch Acce ss with Kerb eros Controlling Switch Access with Kerberos This sec tion describ es ho w to enab le and c onfi gure the Ke rberos sec urity system, wh ich auth enticates requests fo r networ[...]
-
Seite 162
7-33 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with Kerberos This soft ware rel ease sup port s Kerberos 5, w hich a llows organizatio ns that are alr eady using Kerberos 5 to use the same K erberos au thenticatio n database on the [...]
-
Seite 163
7-34 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Controllin g Sw itch Acce ss with Kerb eros Kerberos Operation A K erb eros serv er can be a Cisc o ME sw itch that is co nf igu red a s a netw ork securi ty se rv er an d that ca n authe nticat e remote use rs by u[...]
-
Seite 164
7-35 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with Kerberos Authenticating t o a B oundary S witch This se cti on de scri bes t he first laye r of se cu rity t hroug h w h ich a re mo te u ser must p ass. T he use r mu st fi rst au[...]
-
Seite 165
7-36 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Configur ing the Switc h fo r Local Au thentica tion and A uthorizat ion Configur ing Ke rber os So that remo te u ser s can a uthenticate to netw ork serv ices, y ou m ust co nf igure the hosts and the KDC in the K[...]
-
Seite 166
7-37 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell T o disa ble A AA, u se t he no aaa new-model glo bal co nfigurati on comm a nd. T o disa ble aut hor izat ion, use the no aaa autho rizat ion { network | exec } method1 g[...]
-
Seite 167
7-38 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Conf igu rin g th e Swi tch for S ec ure S hel l Understand ing SSH SSH is a pr otocol that p rovides a s ecur e, rem ote co nnection to a device. SSH provi des more securi ty for remote connec tions th an T elnet d[...]
-
Seite 168
7-39 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell Configuring SSH This section has this conf igurat ion information: • Configuration Gu idelines, page 7-39 • Setting Up the Swi tch to Run SSH, pa ge 7-39 (required) ?[...]
-
Seite 169
7-40 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Conf igu rin g th e Swi tch for S ec ure S hel l T o delete the RSA ke y pair , use the cr ypto k ey zer oiz e rsa global configur ati on c om mand. A fte r t he RSA ke y pair is deleted, the SSH serv er is automati[...]
-
Seite 170
7-41 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell T o return to the def ault SSH contr ol paramete rs, use the no ip ssh { tim eout | authenti cation- ret ries } global configurat ion comm and. Displaying th e SSH Co nfig[...]
-
Seite 171
7-42 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 7 Configuring Switch-Based Authentication Conf igu rin g th e Swi tch for S ec ure S hel l[...]
-
Seite 172
C HAPTER 8-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 8 Configuring IEEE 802.1x Port-Based Auth enticat ion This ch ap ter desc ribe s how to c onfigure IEEE 8 02.1x por t-ba sed aut hent icat ion on th e Cisco M E 3 400 Ether net Acce ss switch. As L ANs extend to hote ls, airp orts, and corporat e lobbies an[...]
-
Seite 173
8-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Unders tanding IE EE 802.1x Port-Ba sed Au th enticati on These sec tions descr ibe IEE E 802.1x po rt-b ased authe nticat ion: • Device Roles, pa ge 8-2 • Authentic ation Initiat ion and Messag e Ex[...]
-
Seite 174
8-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Underst anding I EEE 8 02.1x P ort-Based Authent ication • Switc h ( edge swi tch or w ireless acce ss point)— control s the physical access to the net work base d on the auth entica tion status of [...]
-
Seite 175
8-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Unders tanding IE EE 802.1x Port-Ba sed Au th enticati on Figur e 8-2 Messag e Exc han g e Ports in Au thorized and Un authorized S tates Depend ing on the sw itch port s tate, the switch can grant a cli[...]
-
Seite 176
8-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Underst anding I EEE 8 02.1x P ort-Based Authent ication If the cl ient is s ucces sf u lly aut he nti cat ed (r ece i ves an Accep t fr am e fr o m the au th en tic atio n serv er), the port s tate cha[...]
-
Seite 177
8-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Unders tanding IE EE 802.1x Port-Ba sed Au th enticati on Y o u can view the A V pai rs that ar e being sen t by the switch by enabl ing the debug radius accounting or debug aaa accounting pri vilege d E[...]
-
Seite 178
8-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Underst anding I EEE 8 02.1x P ort-Based Authent ication Figur e 8-3 Multiple Hos t Mode Exampl e Using IEEE 802.1x with Port Security Y ou can conf igure an IEEE 80 2.1x port with p ort secur ity in ei[...]
-
Seite 179
8-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Unders tanding IE EE 802.1x Port-Ba sed Au th enticati on Using IEEE 802.1x with VLAN Assignment The RADIUS s erv er sends the VLA N assign ment to con fig ure the switch port. Th e RADIUS serv er databa[...]
-
Seite 180
8-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion Configuring IEEE 802.1x Authentication These sec tions co ntain this configura tion info rmat ion: • Default IE EE 8 02. 1x Configura tion, p ag e 8-9 • IEE[...]
-
Seite 181
8-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Configur ing IEEE 802 .1x Authen ticatio n IEEE 802.1x Configuration Guidelines These ar e the IE EE 802.1x authe nticat ion configur ation guideli nes: • When IEE E 802.1 x is enab l ed, port s are a[...]
-
Seite 182
8-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion • Y o u can co nfigure IEEE 802.1x on a private-VLAN por t, but do not configure IE EE 802. 1x with port securi ty on priv ate-VLA N ports. • Befor e globa[...]
-
Seite 183
8-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Configur ing IEEE 802 .1x Authen ticatio n Configuring the Switch-to-RADIUS-Server Communication RADIUS se curity servers are identi fied by their ho stname or IP ad dress, hostname and specific UDP por[...]
-
Seite 184
8-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion T o delete the specif ied RADIUS serv er , use the no ra dius -server hos t { hostn ame | ip-address } global configurati on comm a nd. This exam ple sh ows ho[...]
-
Seite 185
8-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Configur ing IEEE 802 .1x Authen ticatio n Thi s exa mple sho ws ho w to en able pe riod ic re-a uthe nti cation an d set th e numbe r of se conds betwee n re-authe nticat ion atte mpts to 400 0: Switch[...]
-
Seite 186
8-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion Changing the Sw itch-to-Clie nt Retran smission Time The client respon ds to the EAP-request/id entity frame fro m the switch with an EAP-response/i dentity fr[...]
-
Seite 187
8-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Configur ing IEEE 802 .1x Authen ticatio n T o return to the default retransmissio n number , use the no dot1x m ax-req interf ace configu ration comm and. This example shows ho w to set 5 as the numbe [...]
-
Seite 188
8-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Configur ing IEEE 802.1x Auth enticat ion Configuring the Host Mode Beginn ing in pri vilege d EXEC mode, follo w these steps to allo w multiple hosts (clients) on an IEEE 802.1x-au thorized port that [...]
-
Seite 189
8-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Configur ing IEEE 802 .1x Authen ticatio n Configuring IEEE 802.1x Accounting Enabling AAA sy stem accounting wi th IEEE 802.1x acc ounting allo ws s ystem reload ev ents to be sent to the a ccount ing [...]
-
Seite 190
8-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuri ng IEEE 802. 1x Port-Ba sed Auth entication Displayi ng IEEE 802.1x Statistics and Status Displaying IEEE 802.1x Statistics an d Status T o display I EE E 802 .1 x s ta ti stic s fo r a ll port s, use t he show dot1x all statistics privileged EX[...]
-
Seite 191
8-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 8 Configuring IEEE 802.1x P ort-Based Aut hentica tion Displaying IEEE 802.1x St atistics and St atus[...]
-
Seite 192
C HAPTER 9-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 9 Configuring Interface Cha racteristics This ch apter d efines the type s of interfa ces on the Cis co ME 340 0 Ether net Acc ess switch an d desc ribes ho w to conf igure th em. The chapte r consists of these sectio ns: • Understa ndin g I nte rface T y[...]
-
Seite 193
9-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Unders tan ding Inte rfa ce Type s Port-Based VLANs A VLAN is a switched netwo rk that is logically segmented b y function, team, or application, witho ut reg ard to the physic al location of the user s. For more in fo[...]
-
Seite 194
9-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Unde rsta ndi n g In t erf ac e Ty p es Note Whe n you put an int erface that is in Layer 3 mod e into La yer 2 mode, the previous configuration informatio n related to the a ff ected i nterfac e might b e lost, and[...]
-
Seite 195
9-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Unders tan ding Inte rfa ce Type s the y are enabled . Dynamic acc ess ports o n the switch are as signed to a VLAN b y a VLAN Membership Policy Server (V MPS). T he VMPS ca n be a C atalyst 6 500 ser ies switc h; the [...]
-
Seite 196
9-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Unde rsta ndi n g In t erf ac e Ty p es Note En ter ing a no switchport inte rface co nfigu ration command s huts do wn the interf ace and then re-en ables it, which mi ght genera te message s on the device to whic [...]
-
Seite 197
9-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Unders tan ding Inte rfa ce Type s EtherChann el Port Groups EtherC hannel port groups treat multip le switch por ts as one switc h port. Thes e port gro ups act as a single logical por t for high-ba ndwidth c onnectio[...]
-
Seite 198
9-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Using Inte rface C onfigu ration Mo de When the metro IP access ima ge is running on the switch, routin g can be enabled on the switch. Whenever possible, to maint ain high perf ormance , forwardi ng is done by the [...]
-
Seite 199
9-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Using I nterface Configu ration Mode Note Y ou do not n eed to add a s pace betwee n the interf ace ty pe and interf ace number . For exam ple, in the prec ed ing l ine, you can spe cif y eit her fastether net 0 /1 , f[...]
-
Seite 200
9-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Using Inte rface C onfigu ration Mo de When usin g the interf ace range glob al con figuration co mman d, note th ese gui delin es: • V alid entries for port- r ang e : – vlan vlan -ID - vlan-I D , where the VLA[...]
-
Seite 201
9-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Using I nterface Configu ration Mode Configur ing and Us ing Inter f ace R ang e Mac ros Y ou can crea te an inte rface range macr o to aut omatically select a range of i nterf aces fo r conf igur ation. Befo re you c[...]
-
Seite 202
9-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Configuring Ethernet Interfaces • All inter faces defined as in a rang e must be th e same type (a ll Fast Ethern et ports, all Gigabit Ethernet por ts, all EtherChan nel ports, or all VL ANs), b ut you can com b[...]
-
Seite 203
9-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Configur ing Ethernet Int erfaces Default Ethernet Interface Configuration Ta b l e 9 - 1 sho ws the Ethernet inte rface de fault conf iguration for NNIs, and Ta b l e 9 - 2 shows the Ethernet interf ace def ault conf[...]
-
Seite 204
9-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Configuring Ethernet Interfaces Configuring Us er Netwo rk and Netwo rk Node In terfaces By default, all the 10/100 ports on the Cisco ME swit ch are configured as UNIs, and the SFP module ports ar e conf igured as[...]
-
Seite 205
9-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Configur ing Ethernet Int erfaces Beg i n n i ng i n p riv i l e ge d E X E C m o de , fo l low t h e se s te p s t o conf igure the port type on an interface: This e xample shows h ow to change a port from a UNI to a[...]
-
Seite 206
9-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Configuring Ethernet Interfaces Speed and Duplex Configuration Gui delines When configur ing an inte rface spee d and duplex mode , note these guideli nes: • Y o u can co nfigure interface speed on Fast Ether net[...]
-
Seite 207
9-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Configur ing Ethernet Int erfaces Use the no spee d and no duplex interf a ce c onf iguration comman ds to re turn th e inte rface to th e def ault speed and duple x settin gs (autone gotiate ). T o return all interf [...]
-
Seite 208
9-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Configuring Ethernet Interfaces Configuring IEEE 802.3x Flow Control IEEE 80 2.3x f low control e nable s connec ted Ethe rnet ports to contr ol traffic rates d uring co ngesti on by allowing cong ested nod es to p[...]
-
Seite 209
9-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Configur ing Ethernet Int erfaces Configuring Auto-MDIX on an Interface When automatic medium-depen dent interfa ce crosso ve r (auto-MDI X) is enabled on an interf ace, the interf ace automatic ally detects the requi[...]
-
Seite 210
9-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Configuring Ethernet Interfaces This exam pl e s h ows how to en able a ut o -MDI X on a p ort: Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# no shutdown Switch(config-i[...]
-
Seite 211
9-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Configur ing Layer 3 In ter faces Configuring Laye r 3 Interfa ces The Ci sco 3 400 M E sw itch mu st be runn i ng th e me tro IP acc ess i mage to su pport Lay er 3 i nterfac e s. The Cisco ME switch supports these t[...]
-
Seite 212
9-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Confi guring the S ystem MTU T o remo ve an IP a ddress f rom a n interf ace, u se the no ip address interf ace con fig uratio n command . This exam ple shows how to co nfigure a port as a r oute d port and to a ss[...]
-
Seite 213
9-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Monito rin g and Mai nt aining th e In terfaces Note If Layer 2 Gigabi t Ethern et interf aces are co nfi gured to accept fra mes grea ter than the 10/1 00 interf aces, jumbo fra mes rece iv ed on a L ayer 2 Gigabi t [...]
-
Seite 214
9-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring In te rface Charac teristics Monitoring and Maintaining the Interfaces Monitoring Interface Status Command s entere d at the privileged EXEC pro mpt displ ay info rmati on about th e interfac e, includ ing the ver sions of the softwar e and th[...]
-
Seite 215
9-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 9 Configuring Interface Characteristics Monito rin g and Mai nt aining th e In terfaces Clearing and Resetting Interfaces and Counters Ta b l e 9 - 5 lists the privileged EXEC mode clear commands t hat y ou c an use to cl ear co unte rs and r es et interf a[...]
-
Seite 216
C HAPTER 10-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 10 Configuring Command Mac ros This cha pter d escrib es how to configu re a nd appl y co mm an d m acr os o n th e Cisc o 3400 M E swi tch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman d ref[...]
-
Seite 217
10-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 10 Configuring Command Macro s Conf igu rin g Com mand Macr os Configuring Co mmand Macros Y o u can cre ate a new com mand macro or use an exist ing mac ro as a te mplat e to cre ate a new macr o that is speci fic to your appli cation. After you create the[...]
-
Seite 218
10-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 10 Configuring Comman d Macro s Conf iguring Command Macros • Some CLI c ommands ar e specif ic to cer tain inte rface types. If a macro is applied to an inter face that does not accept the con fig uratio n, the macr o will fail th e syntax ch eck or the [...]
-
Seite 219
10-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 10 Configuring Command Macro s Conf igu rin g Com mand Macr os Applyi ng C omman d Mac ro s Beginning i n privileged EX EC mode , foll ow these s te ps t o app l y a com mand m acro : Comma nd Pu rpos e Step 1 conf igure t erminal Enter globa l configurati [...]
-
Seite 220
10-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 10 Configuring Comman d Macro s Displaying Command Macros Y o u can del ete a glob al macr o-applie d configurati on on a swit ch only by ente ring the no versi on of ea ch comm and th at is in t he macro. Y ou c an del ete a m acr o-app lied co nfigurati o[...]
-
Seite 221
10-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 10 Configuring Command Macro s Displaying Comma nd Macros[...]
-
Seite 222
C HAPTER 11-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 11 Configuring VLANs This c hapt er d escri b es how to c onfigure norm al -ra nge V LAN s (V L AN IDs 1 to 100 5) and extended-ra ng e VLAN s ( VLA N I Ds 10 06 to 4094) o n th e Cisc o M E 34 00 Ethe rne t A cce ss swi tch . It include s info rmation abo[...]
-
Seite 223
11-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Unders tan ding VLAN s Figure 11-1 shows an exam ple of V L ANs segmented into l ogica lly defined n etwor ks. Figur e 1 1 -1 VLAN s as Logica lly Defined N etwor ks VLANs are of ten assoc iated with IP su bnetw orks. F or ex ample, all[...]
-
Seite 224
11-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Unde rst an din g VLA Ns Supporte d VLANs VLANs are id en tified wit h a num be r fro m 1 t o 4094. V LAN IDs 1 002 thr oug h 1 005 are r es erved fo r T o ken Ring and FDDI VL ANs. VLAN ID s greater tha n 1005 are extende d-range VLAN[...]
-
Seite 225
11-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Unders tan ding VLAN s • Ring number fo r FDDI and T rCRF VLAN s • Pa rent VL AN num ber for T rCRF VLANs • Spanning Tree Protoc ol ( STP) type for TrCRF VLANs • VLAN n umb er to use whe n tra nsla ting f rom o ne V L AN type to[...]
-
Seite 226
11-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Unde rst an din g VLA Ns For more de tail ed definitions of ac cess a nd t runk mo des a nd the ir f uncti ons, se e T able 11-4 on page 11-1 5 . When a port belongs to a VLAN , the switch l earns and mana ges the add resses assoc iate[...]
-
Seite 227
11-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Creating and M odifyin g VL ANs • UNI co mmunity VLAN—Lo cal switchi ng is all ow ed among UNIs on the switc h that belong to t he same UN I commu nity VL AN. If U NIs be long to t he same c ustome r , and y ou want to switch packet[...]
-
Seite 228
11-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Creati ng and Modi fying VLANs These sec tions co ntain VLAN con figuration info rmati on: • Default Eth erne t VLAN Configur ation , page 11-7 • VLAN Co nfigurat ion Gu ide line s, page 11 -8 • Creatin g or Modify ing an Eth ern[...]
-
Seite 229
11-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Creating and M odifyin g VL ANs VLAN Configuration Guidelines Foll ow th ese guidelines when crea ting and modifyi ng VLANs in your netw ork: • The switc h supports 100 5 VLAN s. • Normal -ra nge Eth er net VL ANs a re ide nti fied [...]
-
Seite 230
11-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Creati ng and Modi fying VLANs Creating or Modifyin g an Et hernet VLAN T o access VLAN con fig uration mode, enter the vlan global con figura tio n co mma nd wi th a VL AN ID. Enter a ne w VLAN ID to create a VLAN, or en ter an e x is[...]
-
Seite 231
11-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Creating and M odifyin g VL ANs T o delete a VLAN, use the no vlan vlan -id global con figuration comm a nd. Y ou c annot dele t e VLAN 1 or VLAN s 1002 to 100 5. Cautio n When you delete a VL AN, an y ports a ssigned to th at VLAN bec[...]
-
Seite 232
11-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Creati ng and Modi fying VLANs T o return an interfac e to its default conf igura tion, use the defaul t interface interface-id interface configurati on comm a nd. This exampl e shows ho w to configure a por t as an access por t in VL[...]
-
Seite 233
11-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Creating and M odifyin g VL ANs Configuring UNI VLANs By default , every VLAN co nfigured on t he swit ch i s a U N I iso l ate d VL A N. Y ou c an c ha nge VLA N conf igura tion to that of a UNI community VLAN, a pri va te VLAN. or an[...]
-
Seite 234
11-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Creati ng and Modi fying VLANs Configuring UNI VLANs By def ault, e very VLAN c reated on the switch is a UNI isola ted VLAN. Y ou can c hange th e conf igura tion to UNI commu nity VLAN or to a pri vate VLAN or RSP AN VLAN. Fo r proc[...]
-
Seite 235
11-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Displa ying VL ANs Displaying VLANs Use the show vlan privi leged EXE C command to display a list of all VLANs on the switch, including extended -range V LANs. Th e displa y includ es VLAN status, port s, and configurat ion inf ormati [...]
-
Seite 236
11-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Config uri n g VL AN Tr unk s • T o enable trunki ng, use the switchport mode trunk interface configurat ion comm and to chan ge the interf ace to a trunk. IEEE 802.1Q Configuration Considerations The IE EE 8 02.1Q tr unk s imp ose [...]
-
Seite 237
11-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Configur ing VLAN Trunk s Default Layer 2 Ethernet Interface VLAN Configuration T ab le 11-5 shows th e de fault Lay er 2 E ther ne t i nte rface VLA N co nfigurat ion. Configuring a n Ethern et Interface as a Trunk P ort These sec tio[...]
-
Seite 238
11-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Config uri n g VL AN Tr unk s Configuring a Trunk Port Beginning i n privileged EX EC mode , foll ow these s te ps t o con figure a port as an IE EE 80 2. 1Q trunk p ort: T o return an interfac e to its default conf igura tion, use th[...]
-
Seite 239
11-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Configur ing VLAN Trunk s Note VLA N 1 is the default VLAN on all trunk ports in all Cisco sw itches, an d it has previously been a requir ement tha t VLAN 1 always be ena bled on every trunk link. Th e VLA N 1 minimi zation fe ature a[...]
-
Seite 240
11-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Config uri n g VL AN Tr unk s Configuring the Native VLAN for Untagged Traff ic A tru nk por t configu red w it h IE EE 80 2.1Q ta gging c an r ece ive both tag ge d and un tag ged tr affic. By def ault, the switch forw ards untagge d[...]
-
Seite 241
11-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Configur ing VLAN Trunk s Load Sharing Using STP Port Priorities When two ports on the same switch form a l oop, the switch use s the STP port priori ty to decide which port is enab led an d which port is in a blocki ng state. Y ou ca [...]
-
Seite 242
11-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Config uri n g VL AN Tr unk s Follow the same steps on Switch B to configure the trunk port for T run k 1 with a spanni ng-tree port priorit y of 16 for VLA Ns 8 through 10 , and the co nfigure tr unk port for T runk 2 with a spa nnin[...]
-
Seite 243
11-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Configur ing VLAN Trunk s Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure th e netw o r k sho wn in Figure 11 -4 : Follow the same steps on Switch B to configure the trunk port for T run k 1 with a pat h cost of [...]
-
Seite 244
11-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Configuring VMPS Configuring VMPS The VL AN Q ue ry Protoc ol (V QP) su ppor ts dy namic -a ccess po rts, wh ich ar e not perma ne ntly a ssi gned to a VL AN , but give VLAN assign me nts b ased on the MAC source a ddress es seen on t[...]
-
Seite 245
11-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Configuring VMPS If the sw itch recei ves an a cces s-de nied response from the VMPS, it continue s to block traffic to and from the host MA C address. The switch continues to monito r the packets directed to the port and sends a query[...]
-
Seite 246
11-25 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Configuring VMPS VMPS Configuration Guidelines These guide li nes and re stric tio ns app l y to dy nami c- acces s port VL AN me mber shi p: • Y o u should configure the VM PS bef ore you configure po rts a s dynam ic- access por t[...]
-
Seite 247
11-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Configuring VMPS Configuring Dynamic-Access Ports on VMPS Clients Cautio n Dynamic -acce ss p ort VLA N m em bersh ip i s for e nd stati ons or h ubs c onnec ted to en d sta tions. Connecti ng dynami c-acces s ports to oth er switch es[...]
-
Seite 248
11-27 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Configuring VMPS Changing the Reconfirmation In terval VMPS clien ts period ical ly reconfirm t he VLA N mem bership in format ion re ceived from the VMPS.Y ou can se t t he nu mb er of m i nute s aft er wh ich rec onfirmat ion occ ur[...]
-
Seite 249
11-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Configuring VMPS • VMPS Actio n—the result of t he most recent reco nfir mation atte mpt. A reconf irmation attempt can occur aut omatically when the reconf irmatio n interv al exp ired, or you can for ce it by enter ing the vmps r[...]
-
Seite 250
11-29 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLA Ns Configuring VMPS Figur e 1 1 -5 Dyn amic P ort VLAN M embership Con figur ation Primar y VMPS Ser ver 1 Catalyst 6500 series Secondar y VMPS Ser ver 2 Catalyst 6500 series Secondar y VMPS Ser ver 3 172.20.26.150 172.20.26.151 Catalyst[...]
-
Seite 251
11-30 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 11 Configuring VLANs Configuring VMPS[...]
-
Seite 252
C HAPTER 12-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 12 Configuring Private VLANs This ch apter d escrib es how to configure p riv ate VLAN s on the C isco ME 3400 E thernet Ac cess swit ch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman d refere[...]
-
Seite 253
12-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Private VLANs Unders tan din g Pri vate VLANs Types of P rivate VLANs a nd Private-VL AN Ports Pri vate VLANs partition a r egular VLAN do main into subdomains. A su bdomain is represented by a pair of VLANs: a primary VLAN and a secondary VL[...]
-
Seite 254
12-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Privat e VLA Ns Unde rs tan din g Priv at e VLA Ns • Isolate d—A n iso lat ed p ort is a host po rt th at be longs t o an is ola ted seco nda ry V LAN . It has comp lete Layer 2 separation from other ports withi n the sam e priv a te VLAN[...]
-
Seite 255
12-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Private VLANs Unders tan din g Pri vate VLANs IP Addressin g Scheme with Private V LANs Assign ing a separate VLAN to each c ustomer cr eates an ine ff icie nt IP ad dressi ng sch eme: • Assigning a block of add resses to a cu stomer VLAN c[...]
-
Seite 256
12-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Privat e VLA Ns Confi guring P rivate VLANs Private VLANs and Unicast, Broadcast, and Multicast Traffic In re gular VLANs, d ev ices in the same VL AN can com municate with e ach other at t he Layer 2 le v el, b ut de vices connect ed to inte[...]
-
Seite 257
12-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Private VLANs Configur ing Priv at e VLANs • Conf iguring a La yer 2 Inte rface as a Pri v ate-VL AN Promis cuous Por t, page 12 -13 • Mapping Sec on dary VLA Ns t o a Prim ar y VLAN L ayer 3 V LAN Int erface, p age 12-14 Tasks for Config[...]
-
Seite 258
12-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Privat e VLA Ns Confi guring P rivate VLANs Secondary and Primary VLAN Conf iguration Foll ow these gui delines when conf iguring pri vate VLANs: • Y o u use VLA N configur ation m ode to configur e priv ate VLA Ns. For mor e infor matio n [...]
-
Seite 259
12-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Private VLANs Configur ing Priv at e VLANs • When a fra me is Layer 2 fo rwar ded within a pri vat e VLAN, the s ame VLAN map i s a pplied at the receiving and sending side s. When a frame is routed from i nside a pr iv ate VLAN to an exter[...]
-
Seite 260
12-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Privat e VLA Ns Confi guring P rivate VLANs Limitations with Other Features When conf iguring pri v ate VLANs, remember these lim itations with other feat ures: Note In some cases , the conf iguration is accepte d with no erro r mess ages, b [...]
-
Seite 261
12-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Private VLANs Configur ing Priv at e VLANs Configuring and Associating VLANs in a Private VLAN Beginning i n privileged E XEC mo de, foll ow these s teps to c on figure a private VLAN : Note Th e private- vlan co mmand s d o n ot t ake e ffe[...]
-
Seite 262
12-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Privat e VLA Ns Confi guring P rivate VLANs When you as sociate s econdary VLANs with a primary VLAN, note this syntax in format ion: • The seco ndary_vla n_list par ameter canno t contain spac es. It can conta in multiple co mma-separate [...]
-
Seite 263
12-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Private VLANs Configur ing Priv at e VLANs Configur ing a Lay er 2 In ter face a s a P riv ate-V LAN Host P ort Beginning i n privileged E XEC mo de , fol low these s teps t o con figure a Laye r 2 in terfa ce a s a priv a te -VLA N h ost po[...]
-
Seite 264
12-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Privat e VLA Ns Confi guring P rivate VLANs Configur ing a Lay er 2 In ter fac e as a Priv ate- VLAN Prom isc uous P ort Y o u can con figure only NNI s as pr om iscuo us po rts. B eginni ng in pr ivileged EXEC m ode, f ol low these steps t [...]
-
Seite 265
12-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Private VLANs Configur ing Priv at e VLANs Mapping S econd ary VLAN s to a Primary VLAN Layer 3 VLAN Interfa ce If the switch is running the metro IP access image and the priv ate VLAN will be used for inter -VLAN routing, yo u co nfigure a [...]
-
Seite 266
12-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Privat e VLA Ns Monitoring Private VLANs Monitoring Private VLANs T ab le 12-1 shows the pri vileged EXEC commands for monitoring pri vate-VLAN ac tiv ity . This i s a n exam ple of the o utput from t he show vlan private- vlan co mmand : Sw[...]
-
Seite 267
12-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 12 Configuring Private VLANs Monito rin g Private VLAN s[...]
-
Seite 268
C HAPTER 13-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 13 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling V irtual pri vate ne tworks (VPNs) p rovide en terprise-sc ale connecti vity on a shared infrastruc ture, often Etherne t-based, with the same se curity , prioritizatio n, reliab ility , an d manage[...]
-
Seite 269
13-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Unders tanding IE EE 802.1Q Tunnel in g Custome r traff ic tagged in th e normal way with appropr iate VLAN IDs comes from a n IEEE 802.1 Q trunk port on the custom er device and into a t unnel po[...]
-
Seite 270
13-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEE E 80 2.1Q and L ay er 2 Protocol Tun neling Understanding IEEE 802.1Q Tunneling Figur e 13-2 Or iginal (Nor mal), I EEE 802.1Q , and Double-T agg ed Ether net P ac k et F or mats When the pack et enters the tru nk port of the service-pro [...]
-
Seite 271
13-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Configur ing IEEE 802 .1Q Tunnel ing Configuring IEE E 802.1Q Tunneling These sec tions co ntain this configura tion info rmat ion: • Default IE EE 802.1Q T u nneling Configu ration, pa ge 13-4 [...]
-
Seite 272
13-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEE E 80 2.1Q and L ay er 2 Protocol Tun neling Configuring IEEE 802.1Q Tunneling These are some wa ys to solv e this p roblem: • Use ISL tru nks betw een core switches in the servi ce-provi der network. Althoug h custome r interfaces conne[...]
-
Seite 273
13-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Configur ing IEEE 802 .1Q Tunnel ing IEEE 802.1 Q Tunn eling and Oth er Featu res Although IEEE 802.1Q tunneling works well for Layer 2 packet switching, there are incompatibilities betwee n s ome[...]
-
Seite 274
13-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEE E 80 2.1Q and L ay er 2 Protocol Tun neling Configuring IEEE 802.1Q Tunneling Use the no switchport mode dot1q- tunnel int erface c onfi guration c ommand to return the port to the def ault state of ac cess. Use the no vlan dot1q tag nati[...]
-
Seite 275
13-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Unders tanding L ayer 2 Pro tocol Tunn eling Understandin g Layer 2 Protocol Tun neling Cust omers a t dif ferent si tes c onnect ed acr oss a s ervic e-pro vider netw ork need to use v ario us La[...]
-
Seite 276
13-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEE E 80 2.1Q and L ay er 2 Protocol Tun neling Un derstandi ng Layer 2 P rotocol Tun neling Figur e 13-4 Lay er 2 Prot ocol T unneling Figur e 13-5 Lay er 2 Networ k T opolog y withou t Pr oper Con v e r gence In an SP net work, y ou c an u [...]
-
Seite 277
13-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Configur ing Layer 2 Prot oco l Tunne ling For exam ple, in Figure 13- 6 , Customer A has two switc hes in the same VLAN that are connected through the SP network. When th e network tun nels PDUs[...]
-
Seite 278
13-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEE E 80 2.1Q and L ay er 2 Protocol Tun neling Configu ring Laye r 2 Protoco l Tunnel ing address. These do uble-ta gged packets have the metro VL AN tag of 40, as well as an inne r VLAN tag (for e xample, VLAN 100). When the double-tag ged[...]
-
Seite 279
13-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Configur ing Layer 2 Prot oco l Tunne ling • The switc h supports P AgP , LA CP , and UDLD tunneling for emula ted poin t-to-poi nt network topologi es. Pr otocol tunnel ing i s disable d by de[...]
-
Seite 280
13-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEE E 80 2.1Q and L ay er 2 Protocol Tun neling Configu ring Laye r 2 Protoco l Tunnel ing Use the no l2protocol-tunnel [ cdp | stp | vtp ] int erfac e configura tio n com ma nd t o disa ble prot ocol tunnel ing for one of the Laye r 2 proto[...]
-
Seite 281
13-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Configur ing Layer 2 Prot oco l Tunne ling Switch# show l2protocol COS for Encapsulated Packets: 7 Port Protocol Shutdown Drop Encapsulation Decapsulation Drop Threshold Threshold Counter Counter[...]
-
Seite 282
13-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEE E 80 2.1Q and L ay er 2 Protocol Tun neling Configu ring Laye r 2 Protoco l Tunnel ing Use the no l2pr otocol-tunnel [ point-to-point [ pag p | lacp | udld ]] inter fa ce co nf ig urati on com mand to disable po int-t o-point p rotoco l [...]
-
Seite 283
13-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Configur ing Layer 2 Prot oco l Tunne ling Use the no switchport mode trunk , the no udld enable , and th e no channel group channel-gr oup-n umber mo de desirabl e interface con figurat ion comm[...]
-
Seite 284
13-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEE E 80 2.1Q and L ay er 2 Protocol Tun neling Configu ring Laye r 2 Protoco l Tunnel ing Switch(config)# interface gigabitethernet0/2 Switch(config-if)# switchport access vlan 20 Switch(config-if)# switchport mode dot1q-tunnel Switch(confi[...]
-
Seite 285
13-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 13 Configuring IEEE 802. 1Q and Layer 2 P rotocol Tu nneling Monito rin g and Maint ain ing Tunnel ing Statu s Monitoring and Main taining Tun neling Sta tus T ab le 13-2 shows the pri vileged EXEC comma nds for monitoring and maint aining IEEE 802.1 Q and[...]
-
Seite 286
C HAPTER 14-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 14 Configuring STP This chapt er desc ribes how to configure the Sp anni ng T ree Protocol (ST P) on por t-base d VLANs on t he Cisco ME 3 400 Et hernet Access switc h. The swi tch uses the per -VLAN spanni ng-t ree pl us (PVST +) protoc ol based on the IE[...]
-
Seite 287
14-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures • Spanning -Tree Modes and Pr ot ocols, pa ge 1 4-9 • Supporte d Spanning -T ree In stances, pa ge 14-1 0 • Spanning- T ree Interoper ability and Backwar d Compatibility , page 14-10 • STP[...]
-
Seite 288
14-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tanding Spanni ng-Tree Featu res Note The switch sends kee paliv e messages (t o ensure the connecti on is up) only on inter faces that do not hav e small form-fa ctor pluggable (SFP) m odules. Spannin g- Tr ee To polo gy and BP DU[...]
-
Seite 289
14-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures • A des ignated switc h for eac h LAN se gment is se lected. The d esignated swi tch incur s the lo west path cost whe n forwardi ng packets from that LAN t o the root switch. Th e port thr ough[...]
-
Seite 290
14-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tanding Spanni ng-Tree Featu res Each L aye r 2 inte rface o n a swit ch using spa nnin g tr ee (or on a Cisco M E switc h, e ach Laye r 2 NNI ) exi sts in one of th ese states: • Blocking —The in ter face doe s n ot p artic ip[...]
-
Seite 291
14-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures When t he spanni ng-tree al gori thm place s a Layer 2 spannin g-tre e interf ace in the forwa rding st ate, t his process oc curs: 1. The interf ace is in the liste ning state while spanning tree[...]
-
Seite 292
14-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tanding Spanni ng-Tree Featu res Forwarding State A Layer 2 interface i n the forwa rding state forwar ds frames. The inte rface ente rs the fo rwardin g state from the learning st ate. An interf ace in the forw arding state perfo [...]
-
Seite 293
14-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures When t he spann ing-tr ee top ology is calc ulated based on de fault par amete rs, th e pat h bet ween source and destinat ion e nd stati ons in a swit ched ne twork mi ght not be id eal. For inst[...]
-
Seite 294
14-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tanding Spanni ng-Tree Featu res Accelerated Aging to Retain Connectivity The default for aging dy namic addr esses is 5 minu tes, the defaul t setting of th e mac address-table aging-time g lo bal configur ation c om mand. H owev [...]
-
Seite 295
14-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Unders tan ding Spa nni ng-Tree Fea tures Supporte d Spa nning-Tree Ins tances In PVST+ or rapi d-PVST+ mo de, the swi tch suppor ts up to 128 spann ing-tre e instance s. In MSTP mode, the switc h supp orts up t o 16 MST insta nces. The [...]
-
Seite 296
14-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Confi guring S panni ng-Tree Featu res Configuring Sp anni ng-Tree Features These sec tions co ntain this configura tion info rmat ion: • Default Spanni ng-Tree Co nfiguration, p age 14- 11 • Spanning-Tree Co nfiguration Gui del ines[...]
-
Seite 297
14-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Configur ing Span ning-T ree F eature s Spannin g- Tr ee Co nf igura tion Guideli ne s If more VL A Ns a re de fined th an the re a re s panni ng -tre e i nsta nc es, y ou can en ab le PVST+ or r ap id PVST+ on NNIs in onl y 128 VLANs on[...]
-
Seite 298
14-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Confi guring S panni ng-Tree Featu res Changing the Spa nning-Tree M ode. The sw itch s upports th ree spanning -tree mo des: PV ST+, ra pid PVST +, o r MSTP . By default, the swi tch runs th e rapid PVST+ pr otoc ol o n all N NIs. Begin[...]
-
Seite 299
14-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Configur ing Span ning-T ree F eature s T o return to the d efault se tting, use the no spanning-tr ee mode g lobal configurati on comma nd. T o return the NNI to its def a ult spanning-t ree setti ng, u se th e no spanning-t r ee link- [...]
-
Seite 300
14-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Confi guring S panni ng-Tree Featu res Note If your net work consist s of swi tches that both do a nd do not suppor t the extende d system ID, it i s unlikel y that the switc h with the e xtended system ID support will be come the root s[...]
-
Seite 301
14-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Configur ing Span ning-T ree F eature s Configur ing a Se co ndar y R oot S witch When you con figure a switch as the secondary root, the switc h priori ty is modified from t he default value (32768 ) to 28672. Th e switc h is then likel[...]
-
Seite 302
14-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Confi guring S panni ng-Tree Featu res Beginn ing in pri vileg ed EXEC mode, follo w these steps to confi gure the port prior ity of an NNI. This procedur e is optional. Note Th e show spanning-tree int erface interface- id privileged EX[...]
-
Seite 303
14-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Configur ing Span ning-T ree F eature s Configuring Path Cost The spanni ng-tr ee path c ost defaul t v alue i s derived from the med ia speed of an i nterface (N NI or port chan nel of mult iple NNI s). If a loop oc curs, spanning t ree[...]
-
Seite 304
14-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Confi guring S panni ng-Tree Featu res T o return to the default setting, use the no spanning-tr ee [ vl an vl an-id ] co st in terface co nfiguration comman d. For inf ormat ion on h ow to configure lo ad sha ring on t runk po rts by us[...]
-
Seite 305
14-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Configur ing Span ning-T ree F eature s Configuring S pannin g-Tree Timers T ab le 14-4 descr ibes th e timer s that af fect the entire spannin g-tree perfor mance. The sectio ns that f ollow prov ide the c onfi guration ste ps. Configur[...]
-
Seite 306
14-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Confi guring S panni ng-Tree Featu res Configuring the Forwarding -Delay Time fo r a VLAN Beginning i n privileged E XEC mo de , fol low these s teps t o con figure t h e for war ding -de lay ti me for a VLAN. Th is proc edure is opt ion[...]
-
Seite 307
14-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 14 Configuring STP Displaying the Spannin g-Tree Stat us Displaying the Sp anning-Tre e Status T o display th e spannin g-tree stat us, us e one or mor e of the pri vileged EXE C command s in T a ble 14-5 : Y o u can cle ar spanni ng-tree co unters by usin[...]
-
Seite 308
C HAPTER 15-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 15 Configuring MSTP This chapte r describes ho w to config ure the Cisco impl ementation of the IEEE 802.1s Multi ple STP (MSTP) on the Cisco ME 3400 Ethe rnet A ccess swi tch. On the Ci sco ME swi tch, STP is sup ported only on network node interfaces (NN[...]
-
Seite 309
15-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Unders tan din g MSTP Understandin g MSTP MSTP , whi ch uses RSTP for ra pid conver gence, en ables VL ANs to be grouped into a spanni ng-tree instan ce, wi th e ach inst anc e havin g a s pan ni ng-t ree t opol ogy inde pende nt o f oth[...]
-
Seite 310
15-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Unde rsta ndi n g MS TP All MST instances with in the same reg ion share the same protocol timer s, but eac h MST instance has its own topology para meters , such as root switch ID, ro ot path cost, and so fort h. By default, a ll VLANs [...]
-
Seite 311
15-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Unders tan din g MSTP Figur e 15-1 MS T Regions, IST Mas te rs, and the CS T Root Figure 15-1 does n ot sh ow additional MST instance s for eac h region. Note tha t the to pology of M ST instan ce s ca n be di fferent f rom th at o f t h[...]
-
Seite 312
15-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Unde rsta ndi n g MS TP maximu m v alue. When a switch r ecei ves thi s BPD U, i t decr emen ts the r ecei ved rem ainin g ho p coun t b y one and propagate s this v alue as the r emaining hop count i n the BPDUs it generate s. When the [...]
-
Seite 313
15-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Unders tan din g RSTP If all the le gac y switches o n the link are RSTP switches, they c an process MS TP BPDUs as if they are RSTP BPDUs . Therefo re, MSTP swit ches send either a V ersion 0 co nf igurat ion and TCN B PDUs or V e rsion[...]
-
Seite 314
15-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Understa nding RST P T o be consistent with Cisco STP implement ations, this guide docu ments the port state as blo c king instead of discar ding . Designated ports start i n the listening sta te. Rapid Con vergenc e The RSTP provides fo[...]
-
Seite 315
15-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Unders tan din g RSTP The switc h lea rns the link t ype from the por t dup lex mode: a fu ll- dup lex port is consid ered to have a poi nt-to-po int co nnectio n; a half-du plex port is co nsidered to h av e a shared connec tion. Y ou c[...]
-
Seite 316
15-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Understa nding RST P Figur e 15-3 Sequence of Eve nts Dur ing Rapid Con ver gence Bridge Protoco l Data Unit Format an d Process ing The R STP BP DU for mat is th e sam e as t he IEEE 802.1D BPD U fo rmat exce pt tha t th e proto col ver[...]
-
Seite 317
15-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Unders tan din g RSTP The RSTP does not have a separate topol ogy chan ge notificati on (TCN) BPDU . It uses the topology change (T C) flag to sho w the to pology cha nges. Ho wev er , f or interoper ability with 802 .1D switches, th e [...]
-
Seite 318
15-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Confi guring MST P Featu res • Propagat ion—When an RSTP switch re ceives a TC messa ge from anot her switch t hrough a designat ed or r oot por t, it pro pagat es the cha ng e t o al l o f it s non ed ge, d esig na ted por ts a nd [...]
-
Seite 319
15-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Configur ing MSTP F eatures Default MSTP Configuration T ab le 15-3 shows the de fault M ST P configur ation . For informat ion about the suppor ted number of spanning- tree in stance s, see the “Supporte d Spanning -Tree Instan ce s?[...]
-
Seite 320
15-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Confi guring MST P Featu res of the MST regions mu st contain th e CST root, and al l of th e ot her MST r egions must have a better path to the r oot co ntaine d with in t he MST cl oud t han a pat h th rou gh the PVST+ or ra pid- PVST[...]
-
Seite 321
15-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Configur ing MSTP F eatures T o return t o th e default MST r egion configur ation , use the no spanning-tree mst conf iguration global conf iguration c ommand. T o return to the default VLAN-to-instan ce map, use t he no instance insta[...]
-
Seite 322
15-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Confi guring MST P Featu res If an y root switch for the specif ied instance has a switch p riority lo wer than 24576, the switc h sets its o wn prior ity to 4096 less than the lo west switch priority . (4096 is the v alue of t he least[...]
-
Seite 323
15-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Configur ing MSTP F eatures Configur ing a Se co ndar y R oot S witch When you c onfigure a swi tc h wi th the extend ed sys te m ID support as t he se conda ry root , t he sw it ch priorit y is mo dified from t he default value (3276 8[...]
-
Seite 324
15-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Confi guring MST P Featu res Configuring Port Priority If a loop o ccurs, the MST P uses the port prio rity when selectin g an NNI to pu t into the forwardi ng state . Y ou can assig n high er prio rity v alues (lo wer numerica l v alue[...]
-
Seite 325
15-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Configur ing MSTP F eatures Configuring Path Cost The MSTP path cost default va lue is deri ved from the me dia speed of an NNI. I f a loop occu rs, the MS TP uses cost when selecting an interfa ce to put in the forw arding stat e. Y ou[...]
-
Seite 326
15-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Confi guring MST P Featu res Configuring the Switch Priority Y ou can conf igure the switch prior ity and make it more likely that th e switch will be chosen as the root switch. Note Exercis e care when using this comm and. F or mos t s[...]
-
Seite 327
15-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Configur ing MSTP F eatures Beginn ing in pri vileg ed EXEC mode, follo w these steps to conf igure the hello time for al l MST instances. This pro cedure is optional. T o return the switch to its d ef ault setting , use th e no spannin[...]
-
Seite 328
15-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Confi guring MST P Featu res Configuring the Maxi mum-Aging Time Beginning in privileged EX EC mode, fol low these steps to con figure the maxi mum- aging tim e for all MST inst ance s. This proc edure is optio nal. T o return the switc[...]
-
Seite 329
15-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Configur ing MSTP F eatures Specifying the Link Type to Ensure Rapid Transitions If you con ne ct an NN I to a no ther NN I t hro ugh a po i nt-to- poi nt lin k an d t he lo cal po rt beco me s a designated por t, the RSTP negoti ates a[...]
-
Seite 330
15-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Displaying the MST Configuration and Status T o r e start the prot ocol mi grat ion proc ess on a spe cific inte rface , use the clear spanning -tr ee detecte d-pr otocol s interface in terface-id privileged EXEC c omma nd. Displaying t[...]
-
Seite 331
15-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 15 Configuring MSTP Displaying the MST Configu rat ion and Status[...]
-
Seite 332
C HAPTER 16-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 16 Configuring Optional Spannin g-Tree Features This c hapter descri bes how to con figure opt ional spa nning-t ree f eatures on th e Cisco ME 3400 Eth ernet Access s witch. Y o u can conf igure all of thes e feature s when your s witch is runn ing per -V[...]
-
Seite 333
16-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 16 Configurin g Optiona l Spann ing-Tree Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures Understand ing Port Fa st Port Fast imm ed iately br ings an N NI co nfigured as a n acc ess or tr unk port t o the fo rwarding st ate from a bloc king[...]
-
Seite 334
16-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 16 Configuring Op tiona l Spa nni ng-Tree Features Understan ding Optio nal Spanni ng-Tr ee Features The BPDU guard feat ure pr ovides a secur e response t o in valid configurati ons becau se you must manually p ut the in terface back in service. Use the BP[...]
-
Seite 335
16-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 16 Configurin g Optiona l Spann ing-Tree Featu res Unders tan ding Opti on al Spann ing -Tree Fe at ures If a switch outside the SP net work beco mes the ro ot switch, t he interf ace is bl ocked (r oot-inconsisten t state), and spannin g tree sele cts a n[...]
-
Seite 336
16-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 16 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Configuring Optio nal Spanning-Tre e Feature s These sec tions co ntain this configura tion info rmat ion: • Default Opt iona l Sp ann ing- Tree Configuratio[...]
-
Seite 337
16-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 16 Configurin g Optiona l Spann ing-Tree Featu res Configur ing Optiona l Spanning- Tree Fea tures Beginn ing in pri vile ged EXEC mode, follo w these steps to enab le Port Fast. Th is procedure is optional. Note Y ou ca n use the spanning-tree portfast de[...]
-
Seite 338
16-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 16 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Cautio n Configure Po rt Fast on l y on N NIs t hat conn ec t to e nd stati ons ; othe rwi se , an a ccide nta l topo lo gy lo op could ca use a data pa cket l[...]
-
Seite 339
16-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 16 Configurin g Optiona l Spann ing-Tree Featu res Configur ing Optiona l Spanning- Tree Fea tures Y o u can also use the spanning-tree bpduf ilter enable inte rface c onf iguration command to enable BPDU filteri ng on any NNI w ithout also enab ling the P[...]
-
Seite 340
16-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 16 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures T o disabl e the Ethe rChan nel gu ard f eature, use the no spanning-tre e etherchannel guard misconf ig global configurat ion comm and. Y o u can use th e sho[...]
-
Seite 341
16-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 16 Configurin g Optiona l Spann ing-Tree Featu res Displaying the Spannin g-Tree Stat us Note Y ou canno t ena bl e bo th loo p g ua rd a nd roo t gu ar d at th e sam e t ime . Y o u can en ab le this fea ture if yo ur switc h i s r unn ing PVST +, r ap i[...]
-
Seite 342
C HAPTER 17-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 17 Configuring Flex Link s This cha pter d escrib es how to configure Flex L inks, a p air of i nte rface s o n th e Cisco M E 34 00 sw itch that are used to provide a mutual ba ckup. Thi s featur e is available only when the sw itch is runn ing the metro [...]
-
Seite 343
17-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 17 Configuring Flex Links Configur ing Flex L inks port 2 (the back up link) an d switch C is not for warding tra f f ic. If port 1 goes down, port 2 comes up and starts forwarding traffic to switch C. When port 1 comes ba ck up, it goes i nto standby mod e[...]
-
Seite 344
17-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 17 Configuring Fl ex L inks Configur ing Flex Links • A back up lin k do es not h ave to be the sa me t y pe (Fa st Et hern et , G igabi t E the rne t, or p or t ch an nel) as the a ctive link. Ho wev er , you should conf igure both Fle x Links with simil[...]
-
Seite 345
17-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 17 Configuring Flex Links Monito ring Flex L inks Monitoring Flex Link s T ab le 17-1 shows th e privileged E X EC co mm an d f or m oni tor ing Fl ex Li nk c onfigurat ion . T able 17 -1 Flex Link Monit or ing Command Comma nd Pu rpos e show interf ace [ i[...]
-
Seite 346
C HAPTER 18-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 18 Configuring DHCP Features and IP Source Gua rd This ch apt er descri bes how to configur e DHC P snoopi ng and t he o ption-82 d ata in sertion featu res on the Cisco ME 34 00 Eth erne t A cce ss wi tch. It a lso de scri bes how to c onfigure t h e IP s[...]
-
Seite 347
18-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 18 Configuri ng DHCP Fe atures and IP So urce Gua rd Unders tan din g D HCP Feature s DHCP Server The DHCP server as signs IP a ddresse s from specified address poo ls on a switch or r outer to DHCP clients a nd manag es them . If the D HCP server ca nnot [...]
-
Seite 348
18-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 18 Configuring DH CP Features and IP Sou rce G uard Understa nding DHCP Fe atures The s witch d rops a DHCP pack et when one of the se si tuations occur s: • A pack et from a DHCP serv er , such as a DHCPOFFER, DHCP ACK, DHCPN AK, or DHCP LEA SEQU ER Y p [...]
-
Seite 349
18-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 18 Configuri ng DHCP Fe atures and IP So urce Gua rd Unders tan din g D HCP Feature s Figur e 18-1 DHCP Rela y A gent in a Metr opolitan E ther net Netw or k When you ena ble the DHCP snoo ping info rmation option 82 on th e switch, this se quence of eve n[...]
-
Seite 350
18-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 18 Configuring DH CP Features and IP Sou rce G uard Understa nding DHCP Fe atures In the port field of th e circu it ID subopt ion, the port numbers st art at 3. For example , on a switch wi th 24 10/100 p orts and sma ll form-factor pluggable (SFP) module [...]
-
Seite 351
18-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 18 Configuri ng DHCP Fe atures and IP So urce Gua rd Configur ing DHCP Fe at ures This is the format of the f ile that has the bindings: <initial-checksum> TYPE DHCP-SNOOPING VERSION 1 BEGIN <entry-1> <checksum-1> <entry-2> <chec[...]
-
Seite 352
18-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 18 Configuring DH CP Features and IP Sou rce G uard Config uring DHC P Features Default DHCP Configuration T ab le 18-1 shows the de fault DH CP co nfiguration. DHCP Snooping Configuration Guidelines These ar e the configur ation g uidelin es for DHCP snoo [...]
-
Seite 353
18-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 18 Configuri ng DHCP Fe atures and IP So urce Gua rd Configur ing DHCP Fe at ures • Before co nfiguring the DHCP sn ooping inf ormatio n optio n on your switch, be sure to configure t he de vice t hat is actin g as the DHCP serv er . F or ex ample, you m[...]
-
Seite 354
18-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 18 Configuring DH CP Features and IP Sou rce G uard Config uring DHC P Features Specifying the Packet F orwarding Ad dress If the D HCP s erver and t he DHCP c lients are on different networ ks or subn ets and the switch i s run ning the metro IP a ccess im[...]
-
Seite 355
18-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 18 Configuri ng DHCP Fe atures and IP So urce Gua rd Configur ing DHCP Fe at ures Enabling DHC P Snoo ping and Op tion 82 Beginning in privileged E XEC mo de, fol low these s teps t o ena ble DHC P snoo pi ng on the swi tch : Comma nd Pu rpos e Step 1 con[...]
-
Seite 356
18-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 18 Configuring DH CP Features and IP Sou rce G uard Config uring DHC P Features T o di sable DHCP sno oping, use the no ip dhcp snooping glob al con figuration co mman d. T o disabl e DHCP snoo ping o n a VLA N or r ange of VL A Ns, use t he no ip dhcp sno[...]
-
Seite 357
18-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 18 Configuri ng DHCP Fe atures and IP So urce Gua rd Configur ing DHCP Fe at ures Enabling th e DHCP Sn ooping Bind ing Data base Agen t Beginning in privileged E XEC mo de, fol low these s teps t o ena ble and c onfigure t he D HCP snoo ping binding d at[...]
-
Seite 358
18-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 18 Configuring DH CP Features and IP Sou rce G uard Displaying DHCP Snooping Information Displaying DHCP Snoopi ng Information T o display the DH CP sno opi ng inf orm atio n, use on e or m ore of th e pr ivileged EX EC co mma nds in T ab le 18-2 : Underst[...]
-
Seite 359
18-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 18 Configuri ng DHCP Fe atures and IP So urce Gua rd Conf igu ring I P Sourc e Guar d Source IP Address Filtering When IP so urce guard is enabled with this option, IP traf f ic is f iltered based on t he source I P address. The sw itc h for war ds IP tra[...]
-
Seite 360
18-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 18 Configuring DH CP Features and IP Sou rce G uard Confi g uring IP S our ce Gu ard IP Source Gua rd Config uration Guidelin es Note IP sour ce guard is supporte d only when the metro ac cess or metro IP access image is running on the switch. These ar e t[...]
-
Seite 361
18-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 18 Configuri ng DHCP Fe atures and IP So urce Gua rd Display ing IP Sou rce Gua rd In formatio n T o disable IP source guard with source IP addr ess f iltering, use the no ip veri fy sou rce interface configurati on comm a nd. T o d ele te a st atic IP so[...]
-
Seite 362
C HAPTER 19-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 19 Configuring Dynamic ARP Insp ectio n This chapt er desc ribes how to configure dynam ic Addr ess Resolu tion Proto col inspec tion ( dynami c ARP inspectio n) on the Cisco ME 3 400 switc h. This f eatur e helps prevent malici ous att acks on the switch [...]
-
Seite 363
19-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 19 Configur ing Dynami c ARP Inspec tion Unders tan din g Dynamic ARP Inspec tion Figur e 19-1 ARP Cache P oisoning Hosts A, B, and C are connected to the switch on interfaces A, B and C, all of which are on the same subnet. Th eir IP a nd MAC addresses a [...]
-
Seite 364
19-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 19 Configuring Dy namic A RP In sp ectio n Understandi ng Dynami c ARP Inspect ion Y o u can configure dynamic ARP inspect ion to drop ARP packets when the IP addre sses in the pac kets are i nv a lid or whe n the MAC addresses in t he body o f th e ARP p a[...]
-
Seite 365
19-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 19 Configur ing Dynami c ARP Inspec tion Unders tan din g Dynamic ARP Inspec tion Dynamic ARP inspe ctio n e nsure s tha t h osts ( on un truste d in terfa ces) conne ct ed to a sw itch run ning dynami c ARP inspect ion do not po ison the ARP ca ches of ot[...]
-
Seite 366
19-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 19 Configuring Dy namic A RP In sp ectio n Configuring Dynamic ARP Inspection Y o u use the ip arp inspection lo g-buff er global co nfigur atio n c omm and to con figure the numbe r o f entries in the b uf fer and the number of entr ies needed in the speci[...]
-
Seite 367
19-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 19 Configur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Insp ect ion Dynamic ARP In spectio n Configuratio n Guidelin es These are the dynamic ARP inspectio n conf iguratio n guideline s: Note This feature is supported only whe n the metr o IP a[...]
-
Seite 368
19-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 19 Configuring Dy namic A RP In sp ectio n Configuring Dynamic ARP Inspection Configuring Dynamic ARP Inspection in DHCP Environments This pro cedure shows how to configure dynamic ARP insp ecti on when two switches supp ort th is feat ure. Host 1 is connec[...]
-
Seite 369
19-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 19 Configur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Insp ect ion T o disable dy namic ARP inspect ion, use t he no ip arp inspecti on vlan vlan-range globa l con figuration command. T o return the interf aces to an untrust ed state, use the [...]
-
Seite 370
19-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 19 Configuring Dy namic A RP In sp ectio n Configuring Dynamic ARP Inspection Step 3 permi t ip host sender-ip mac host sende r-mac [ log ] Permi t ARP pack ets fro m th e spec if ied host (Host 2). • For se nder-ip , enter th e IP addres s of Host 2 . ?[...]
-
Seite 371
19-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 19 Configur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Insp ect ion T o remov e the ARP A CL, use the no ar p access-list global c onfiguration c ommand. T o remove the ARP A CL attached to a V LAN, use the no ip arp inspecti on filt er arp-a [...]
-
Seite 372
19-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 19 Configuring Dy namic A RP In sp ectio n Configuring Dynamic ARP Inspection For configurat ion gui delines f or ra te limit ing tr unk port s and E therCha nnel ports, see the “Dynamic AR P Inspecti on Configuration G uidelin es” sectio n on page 19 [...]
-
Seite 373
19-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 19 Configur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Insp ect ion Perfor ming Valid ation Chec ks Dynami c ARP inspection intercepts , logs, and d iscard s ARP pack ets with in valid IP-to-MA C addres s bindings. Y ou ca n configure the swit[...]
-
Seite 374
19-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 19 Configuring Dy namic A RP In sp ectio n Configuring Dynamic ARP Inspection Configuring the Log Buffer When th e sw itc h d r op s a p ac k e t , i t pl ace s an entry in th e lo g b uf fer and then g en er ates s y stem m es sag es on a ra te-controlled[...]
-
Seite 375
19-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 19 Configur ing Dynami c ARP Inspec tion Display ing Dyna mic ARP Insp ectio n In format ion T o return to the default log b uf fer settings , use the no ip arp inspection log-b uffer { entries | logs } global configurati on com mand. T o return to the de[...]
-
Seite 376
19-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 19 Configuring Dy namic A RP In sp ectio n Displaying Dynamic ARP Inspection Information T o clear or display dynamic ARP inspectio n statistics, use the pri vileged EXEC comma nds in T ab le 19-3 : For t he show ip arp inspec tion statisti cs c om mand, t[...]
-
Seite 377
19-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt er 19 Configur ing Dynami c ARP Inspec tion Display ing Dyna mic ARP Insp ectio n In format ion[...]
-
Seite 378
C HAPTER 20-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 20 Configuring IGMP Sno oping an d MVR This cha pt er descr ibes how to configure Inte rnet G roup Ma na gement Pro tocol ( IGMP) snoo ping on th e Cisco ME 3400 Ethernet Access switch, includin g an application of local IG MP snooping, Multicast VLAN Regi[...]
-
Seite 379
20-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Unders tan ding IGM P Snoo ping Note For mor e inf ormat ion on IP m ultica st a nd IGM P , see RFC 11 12 and RFC 223 6. The multica st router sends out periodic gener al queri es to all VL ANs. All hosts intereste d in[...]
-
Seite 380
20-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping Note IGM Pv3 join an d leave messages are not suppo rted on switc hes runnin g IGMP filtering or MV R. An IGMPv 3 sw itc h ca n r ece ive messages f rom a nd forwa rd me ssage s to a device [...]
-
Seite 381
20-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Unders tan ding IGM P Snoo ping The switc h hardware ca n distingui sh IGMP in format ion packets fr om other pa ckets for the mu lticast group. T he in format ion in the table te lls the swit ching engine t o send fram[...]
-
Seite 382
20-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping Leaving a Multicast Group The router sends periodic multicast general querie s, and the switch forwar ds these queries through all ports in the VLAN. Interested hosts respo nd to the queries[...]
-
Seite 383
20-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Configuring IG MP Sn ooping IGMP Report S uppress ion Note IGMP report suppression is supported only when t he multicast query h as IGMPv1 and IGMPv2 re ports. This fea ture is not supp orted when the query inc ludes IG[...]
-
Seite 384
20-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Enabling or Disa bling IGM P Sn oopin g By default, IGM P snoopin g is globall y enab led on the swit ch. When glob ally en abled or disabled, i t is also enabled or disa bled in all existin g[...]
-
Seite 385
20-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Configuring IG MP Sn ooping Configuring a Multicast Router Port T o add a multicast router p ort (add a static connec tion to a multicast ro uter), us e the ip igmp snooping vlan mrouter global c onfigura tio n com mand[...]
-
Seite 386
20-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Beginn ing in pri vile ged EXEC mode, follo w the se steps to add a Layer 2 port a s a member of a multicast group: T o remov e the Layer 2 port fro m the multicast group , use the no ip igmp [...]
-
Seite 387
20-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Configuring IG MP Sn ooping T o disabl e IGMP Immed iate Lea ve o n a VLAN, use the no ip igmp snooping vlan vlan- id immediate-lea ve global c onfigurati on com mand. This exam ple sh ows how to enab le IG MP Imme dia[...]
-
Seite 388
20-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configur ing TCN-R elated C omman ds These sec tions de scr ibe how to c ont rol flood ed m ult ica st t raffic during a T CN event: • Controlling the Multic ast Floodin g T ime After a TC [...]
-
Seite 389
20-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Configuring IG MP Sn ooping Beginn ing in pri vilege d EXEC mode, follo w these steps to enab le the switch sends the global lea ve message whether or not it is the span ning-t ree root : T o return to the def ault que[...]
-
Seite 390
20-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configuring th e IGMP S nooping Qu erier Follow these guideli nes wh en configuring t he IGMP snoo ping queri er: • Conf igure the VLAN in glob al conf iguration mode. • Conf igure an IP [...]
-
Seite 391
20-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Configuring IG MP Sn ooping This exam ple sh ows how to set the IGM P sn oop ing q ue rie r s ource a ddre ss to 10 .0. 0.64: Switch# configure terminal Switch(config)# ip igmp snooping querier 10.0.0.64 Switch(config)[...]
-
Seite 392
20-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information Displaying IGMP Snooping Information Y o u can displ ay I G MP snoo pi ng inf orm ation f or dyn am ical ly l ear ned an d sta ti cal ly c on figured route r ports and V LAN interf[...]
-
Seite 393
20-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Unde rs ta n din g Mu ltic as t V LAN Reg i stra t io n For more inf orm ati on abou t t he keywords a nd option s in the se co mm an ds, se e the com ma nd refe renc e for th is rel eas e. Understandin g Multicast VL [...]
-
Seite 394
20-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Underst anding Multicast VLAN Registration this recei ver p ort and VLAN as a forwar ding destin ation of the specif ied multicast stream wh en it is recei ved from the multica st VLAN. U plink por ts that send and re[...]
-
Seite 395
20-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Conf igu rin g MVR IGMP lea ve was rece iv ed. As soon as the lea ve mes sage is recei ved, the rece i ver po rt is remov ed from multic ast group me mber ship, whi ch speeds up leave laten cy . En able the Imme diate-[...]
-
Seite 396
20-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring MVR MVR Configuration Guidelines and Limitations Foll ow these gui delines when conf iguring MV R: • Receiver ports can onl y be ac c ess ports; they cannot be tr unk p orts. Rece iv er port s on a swit [...]
-
Seite 397
20-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Conf igu rin g MVR T o return the switch to its defa ult settin gs, use the no mvr [ mode | group ip-a dd ress | querytime | vlan ] global configurati on comm ands. This e x ample sho ws how to en able MVR, con fig ure[...]
-
Seite 398
20-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring MVR T o return the interfa ce to its default setti ngs, use the no mvr [ ty pe | immediate | vlan vl an-id | gr oup ] interf ace conf iguration com mands. This exam pl e sh ows how to co nfigure a por t a [...]
-
Seite 399
20-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Disp l ay in g MV R Info rma t ion Displaying MVR Information Y ou can display MVR information for th e switch or f or a spec ifie d interfa ce. Be ginning in pri vilege d EXEC mode, use th e comm ands in Ta b l e 2 0 [...]
-
Seite 400
20-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling IGMP f iltering is applicab le only to the dynamic learnin g of IP multicast group addresse s, not static configurat ion. W ith the IG MP thro t tling fe at ure, yo u ca n s e[...]
-
Seite 401
20-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Con figur ing IGM P Fil ter in g an d Thr o tt li ng • permit : Spec ifie s that matc hing addresses are perm itted. • rang e : Specif ies a ra nge o f IP addre sses for the pr of ile. Y ou can enter a sing le IP a[...]
-
Seite 402
20-25 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling Applying IGMP P rofil es T o control access as defined i n an IGMP profile, u se th e ip igmp fil ter interfa ce conf iguration c ommand to apply the prof ile to the appropria[...]
-
Seite 403
20-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Con figur ing IGM P Fil ter in g an d Thr o tt li ng Beginning in privileged EX EC mo de, fol low these steps to se t the m aximum nu mber o f IGMP gr oups in the forw ardi ng table: T o remove the maximum gro up limit[...]
-
Seite 404
20-27 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling T o prevent the swi tc h f rom r em oving t he for war ding- tab le entr i es, y ou can co nfigure t he IG M P throttlin g action b efore an in terface adds e ntries to the fo[...]
-
Seite 405
20-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 20 Configuring IGMP Snooping and M VR Displaying IGMP Filterin g and Thro tt ling Co nfigurat ion Displaying IGMP Filtering and Throttling Configuration Y o u can di splay IG MP profile cha racter istics, and yo u can di splay the IGMP profile and maximu m[...]
-
Seite 406
C HAPTER 21-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 21 Configuring Port-Base d Traffic Control This chap ter de scribe s ho w to conf igur e the port-b ased tr af fic co ntrol fe atures on the Cisco ME 34 00 Ethernet Access switc h. Note For c omplete s yntax and usag e info rmation for th e com mands us ed[...]
-
Seite 407
21-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Configuring Stor m Control Storm contro l use s one o f these metho ds to m easure t raf fic acti vity: • Bandwidth as a perc entage of the tot al av ailable bandwidth of the por t that can be used b y the broad[...]
-
Seite 408
21-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port -B ased Tra ffic Control Configuring Storm Control Default Storm Control Configuration By default, unic ast, bro adcast , an d multic ast sto r m contr ol a re di sab led on th e swit ch inter f ac es; that i s, the suppression le ve l i[...]
-
Seite 409
21-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Configuring Stor m Control Step 4 sto rm- con tr ol { broadcast | multicast | unicast } le vel { le vel [ lev el-low ] | bps bps [ bps-low ] | pps pps [ pps -lo w ]} Conf igure broadcast , multicast, or unicast st[...]
-
Seite 410
21-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port -B ased Tra ffic Control Configuring Protected Ports T o disabl e storm co ntrol, use the no storm-control { broadcast | multicast | unicast } lev el interface configurati on comm a nd. This exa mple shows how to ena ble un icast stor m [...]
-
Seite 411
21-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Configuring Protected Po rts Protected Port Configuration Guidelines Y o u can co nfigure prote cted ports on a physic al int erface that is configure d as an NN I (for examp le, Gigabit E the rnet p ort 1) or a n[...]
-
Seite 412
21-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port -B ased Tra ffic Control Configuring Port Blocking Configuring Po rt Blocking By default, the swi tch flo ods pa ckets wi th u nknown desti nat ion MAC addresses o ut of a ll po rt s. If unkno wn unicast and multic ast tra f f ic i s for[...]
-
Seite 413
21-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Configuring Port Security This e xample shows h ow to block unica st and multicast flooding on a port: Switch# configure terminal Switch(config)# interface fastethernet0/1 Switch(config-if)# no shutdown Switch(con[...]
-
Seite 414
21-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty • Dynam ic secure MA C address es—Th ese are dyn amically co nf igured, stored only in the addre ss tabl e, and r emo ved when the swi tch res tart s. • Stic ky secu re MAC addre[...]
-
Seite 415
21-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Configuring Port Security • shutdown—a por t secur ity viola tion c auses the interfac e to beco me er ror-disabled and to s hut down immediatel y , and the port LED tur ns of f. An SNMP trap is sen t, a sysl[...]
-
Seite 416
21-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty • When y ou en te r a maximu m s ecur e a ddress v alue for an in ter f a ce, an d th e n e w valu e i s gr ea ter th an the pre vious v alue, the ne w value o verwrites th e previo[...]
-
Seite 417
21-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Configuring Port Security Step 6 switchport port-security [ maximum value [ vlan vlan-list | acces s ] (Opti onal) Set th e maximu m number of se cure MAC addresses for the interfa ce. The ma ximum nu mber of sec[...]
-
Seite 418
21-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Step 8 switchport port-security [ mac-addre ss mac-ad dr ess [ vlan { vlan-id | { access }}] (Optiona l) En ter a secu re M A C a ddress fo r th e i nte rfac e. Y ou c an u s e t his [...]
-
Seite 419
21-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Configuring Port Security T o return the inter fac e to the de fault conditi on as not a secure p ort, use the no switchport port -security interf ace co nf igurati on com mand. If you enter this comman d when st[...]
-
Seite 420
21-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty This e xa mple sho ws ho w to enable stick y por t secu rity on a port, t o manual ly co nf igur e MA C addresse s for data VLAN, and to set the tot al maxim um number of se cure addr[...]
-
Seite 421
21-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Configuring Port Security T o disable por t securit y aging for all sec ure addr esses on a port , use the no switchport port-security aging tim e interfac e conf iguration comma nd. T o disabl e aging fo r only [...]
-
Seite 422
21-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port -B ased Tra ffic Control Displayin g Port-Bas ed Traff ic Contr ol Setti ngs Displaying Port-Based Traffic Control Settings The show i nterfa ces i nterface-id switchport privileged EXEC com ma nd disp lays (am ong othe r char acte rist[...]
-
Seite 423
21-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 21 Configuring Port-Based Traffic Co ntro l Displaying Port-Base d Traffic Cont rol Settings[...]
-
Seite 424
C HAPTER 22-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 22 Configuring CDP This chapt er desc ribes how to configure Cis co Discovery Protocol (CDP) on t he Cisc o ME 3400 Ethe rnte Access switch. Note For c omplete s yntax and usag e info rmation for th e com mands us ed in this cha pter , see the comman d ref[...]
-
Seite 425
22-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 22 Co nfigu ri n g CDP Conf igu rin g CD P Configuring CDP These sec tions co ntain this configura tion info rmat ion: • Default CDP Configurat ion, pa ge 22-2 • Conf iguring the CD P Characteri stics, page 22-2 • Dis ablin g an d Ena bli ng CDP , pa[...]
-
Seite 426
22-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 22 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings. This e xample sho ws how to conf igur e CDP characteri stics. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdtime 120[...]
-
Seite 427
22-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 22 Co nfigu ri n g CDP Conf igu rin g CD P Disabling an d Enab ling CDP on a n Interfac e CDP is enabled by def ault on all supported inter faces to send and to rece iv e CDP information . Beginning in privileged E XEC mo de , fol low these s teps to d isa[...]
-
Seite 428
22-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 22 Configuring CDP Monitoring and Maintaining CDP Monitoring and Maintaining CDP T o m on ito r and m ainta in CDP on yo ur device, p erfor m one o r more of thes e t asks, beginnin g i n privileged EXEC mo de . Command Description clear cdp counters Reset [...]
-
Seite 429
22-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 22 Co nfigu ri n g CDP Monito rin g and Mai nt aining CDP[...]
-
Seite 430
C HAPTER 23-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 23 Configuring UDLD This c hap ter d esc rib es how to configu re t he U n iDire ctio nal Lin k D et ecti on (UD LD) prot ocol o n th e Cisco ME 3400 Et her net A ccess sw itch . Note For c omplete s yntax and usag e info rmation for th e com mands us ed i[...]
-
Seite 431
23-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 23 Configuring UDLD Unders tan ding UDL D In norm al mode, UDL D detect s a unidirec tional li nk when f iber strand s in a fi ber -opt ic port are misconnecte d and the Layer 1 mechanisms do not de tect this misconnec tion. If the po rts are connected corr[...]
-
Seite 432
23-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 23 Configuring UD LD Understand ing UDLD • Ev ent-dr iv en detection and echoin g UDLD re lies on echo ing as its detec tion m echanism . Whene ver a U DLD d ev ice lear ns ab out a n ew neighb or or receives a resynchro nizati on request from an out-of-s[...]
-
Seite 433
23-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 23 Configuring UDLD Conf igu ring U DLD Configuring UDLD These sec tions co ntain this configura tion info rmat ion: • Default UD LD Configurati on, page 23-4 • Configuration Gu idelines, page 23-4 • Ena bling UDLD Gl oball y , page 23-5 • Ena bling[...]
-
Seite 434
23-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 23 Configuring UD LD Configur ing UDLD Enabling UDL D Globally Beginn ing in pri vilege d EXEC mode, follo w th ese steps to enable UDLD in the aggressiv e or n ormal mode a nd to se t th e co nfigurab le m e ssage tim er o n all fiber-optic p ort s on t he[...]
-
Seite 435
23-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 23 Configuring UDLD Displa ying U DLD Statu s Resetting an Interface Disabled by UDLD Beginn ing in pri vilege d EXEC mode, follo w these steps to reset all ports disable d by UDLD: Y o u can also br ing up the port by using these com mands : • The shutdo[...]
-
Seite 436
C HAPTER 24-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 24 Configuring SPAN and RSPAN This chap ter des cribes ho w to conf igure Switc hed Port Analyzer (S P AN) and Remot e SP AN (RSP AN) on the Cisco ME 3 400 Etherne t Access switc h. Note For c omplete s yntax and usag e info rmation for th e com mands us e[...]
-
Seite 437
24-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Understan din g SPA N and RSPAN These secti ons cont ain this co nceptu al in forma tion: • Local SP AN, page 24- 2 • Remo te SP AN, page 24-2 • SP AN a nd RSP AN Conce pts a nd T ermino logy , page 24 -3 • SP AN a nd R[...]
-
Seite 438
24-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Understandi ng SPAN and RS PAN Figur e 24-2 Example o f RSP AN Configur ation SPAN and RS PAN Conc epts a nd Terminology This secti on descri bes conce pts and te rminology associate d with SP A N and RSP AN configuration. SPAN[...]
-
Seite 439
24-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Understan din g SPA N and RSPAN An RSP AN sour ce session is very similar to a local SP AN session, e xcept fo r where the pa cket s tream is directe d. In an RSP AN source session, SP AN packets a re relabe led with the RSP AN[...]
-
Seite 440
24-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Understandi ng SPAN and RS PAN • T rans mit (T x) SP AN—Th e go al of tran sm it (or egress) SP AN is to m onit or as mu ch as pos s ibl e a ll the p ackets sent b y the sou rce int erfac e aft er all m odif ication and pro[...]
-
Seite 441
24-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Understan din g SPA N and RSPAN • It can b e any port type —for examp le, Et herCh an nel, Fast Ethe rn et, Giga bit Et herne t, us er networ k interfac e (UNI) , network nod e interfac e (NNI) , and so fort h. • For Ethe[...]
-
Seite 442
24-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Understandi ng SPAN and RS PAN Destination Port Each local SP AN sessio n or RSP AN destination session m ust have a destination port (a lso called a monitoring po rt ) th at receives a copy of traffic from the sourc e ports or[...]
-
Seite 443
24-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Understan din g SPA N and RSPAN RSPAN V LAN The RSP AN VLAN carr ies SP AN tra ff ic between RSP AN source and destination se ssions. It has these special ch aracter istics: • All traf fic i n the R SP AN VLAN i s alw ays f l[...]
-
Seite 444
24-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Config uring SPAN and RSPAN • Ether Channel —Y o u can co nfigure an Eth erChann el gro up as a source po rt but not as a SP AN destinat ion po rt. Wh en a g rou p is co nfigured a s a SP AN sour ce , t he e nti re g ro up [...]
-
Seite 445
24-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Default SPAN and RSPAN Configuration T ab le 24-1 shows the de fault SP AN an d RS P A N c onfiguration . Configuring Local SPAN These sec tions co ntain this configura tion info rmat ion: • SP AN [...]
-
Seite 446
24-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Config uring SPAN and RSPAN • Y o u can limi t SP AN traffic to specific VLANs by using the filter vlan keyword. I f a trunk p ort is being monitored , only traff ic on the VLANs specif ied with this ke yword is monitored. B[...]
-
Seite 447
24-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o d elete a SP AN session, use the no mo nitor session session _number gl obal c onfigura tion c omm and. T o r e move a source o r desti nat ion port or V L AN fr om the SP A N sessio n, use t he [...]
-
Seite 448
24-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Config uring SPAN and RSPAN The mo nitoring of traffic receiv ed on port 1 is disabled, but traff ic sent from t his port co ntinue s to be monitored. This example shows how to remov e any existing configuration on SP AN sessi[...]
-
Seite 449
24-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o d elete a SP AN session, use the no mo nitor session session _number gl obal c onfigura tion c omm and. T o r e move a source o r desti nat ion port or V L AN fr om the SP A N sessio n, use t he [...]
-
Seite 450
24-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Config uring SPAN and RSPAN Specifying VLANs to Filter Beginn ing in p ri vil eged EXEC mode , follo w these steps to limit SP AN source traf fic to sp ecif ic VLANs: T o monitor all VLANs on the trunk port, use th e no monito[...]
-
Seite 451
24-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN and RSPAN This example shows how to remov e any existing configuration on SP AN session 2, configure SP A N sess ion 2 t o monito r tra ff ic rece iv ed on Giga bit Ether net tr unk po rt 2, and se nd traf fi [...]
-
Seite 452
24-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Config uring SPAN and RSPAN Configuring a VLAN as an RSPAN VLAN Create a n ew VL AN to be the RSP AN VLAN for the RSP AN session. Y ou must create the RSP AN VLAN in all switches that will par ticipate in RSP AN. Y ou must con[...]
-
Seite 453
24-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN session, use the no monitor session sessi on_num ber glo ba l configur ation c om mand. T o remove a source port or VLAN fro m th e SP AN sess ion, use the no monitor session sessi[...]
-
Seite 454
24-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Config uring SPAN and RSPAN Creating an RSPAN Destination Sessio n Y ou configu re the RSP AN destination session on a dif ferent switch; th at is, not the swit ch on which the source sess ion was configured. Beginn ing in pri[...]
-
Seite 455
24-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN and RSPAN This example shows ho w to configure VLA N 901 as the sou rce remo te VLAN and por t 1 as the destinatio n interface: Switch(config)# monitor session 1 source remote vlan 901 Switch(config)# monitor [...]
-
Seite 456
24-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Config uring SPAN and RSPAN T o delete an RSP AN session, use the no monitor session session_numb er global configurat ion comman d. T o remove a destinat ion port from the RSP A N session, u se the no monit or session session[...]
-
Seite 457
24-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 24 Configuring SPAN and RSPAN Display ing SPAN and RSPAN Status T o monitor all VLANs on the trunk port, use the no monitor session session_num ber filter vlan globa l configurati on comm a nd. This exam pl e shows how to remove any existing c onfiguration[...]
-
Seite 458
C HAPTER 25-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 25 Configuring RMON This c hapt er d escri bes how to c onfigure Re mo te Networ k Mo ni toring ( RMO N) on the C isc o M E 3400 Ethernet Access switc h. RMON i s a st anda rd m onit ori ng specificati on t hat defines a se t of sta tis tics a nd func tion[...]
-
Seite 459
25-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 25 Configuring RMON Conf igu ring R MON Figur e 25-1 Remot e Monit or ing Example The switc h supports t hese RM ON groups (defined in RFC 1757) : • Statistics ( RMON group 1)—Collects Ethernet statistics ( including F ast Ether net and Gig abit Ethern [...]
-
Seite 460
25-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 25 Configuring RMON Confi guring RMON Default RMON Configuration RMON is disa bled by default ; no alarms or events are configured . Only RMON 1 is supp orted on the switch. Configuring R MON Alarms a nd Events Y o u can co nfigure you r s wit ch f or RMO N[...]
-
Seite 461
25-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 25 Configuring RMON Conf igu ring R MON T o disable an al arm, use the no rm on al arm nu mber global c onfigurat ion com mand on e ach al arm you configured . Y ou ca nno t disa ble a t on ce al l the a la rms t hat yo u con figured. T o di sabl e a n even[...]
-
Seite 462
25-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 25 Configuring RMON Confi guring RMON Collecting Group History Statistics on an Interface Y o u must first configure RM ON al arms an d events to di spla y colle ctio n i nfor ma tion. Beginn ing in pri vileged EXE C mode, follo w these steps to colle ct gr[...]
-
Seite 463
25-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 25 Configuring RMON Displa ying RM ON Sta tus Collecting Group Ethernet Statistics on an Interface Beginn ing in pr iv ileged EXEC mode, follo w thes e steps to collect g roup Ethernet statistic s on an interf ace. This proc edure is optional. T o disabl e [...]
-
Seite 464
C HAPTER 26-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 26 Configuring System Message Logg ing This chapt er describes how to configure system messag e logging on the Cisco ME 3400 Ethe rnet Acc ess switch. Note For c omplete sy ntax a nd usag e info rmation for th e comman ds used in th is chapt er , see the C[...]
-
Seite 465
26-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Confi guring S ystem Message Logging Configur ing System Mes sage Logg ing Configuring Sy stem Me ssage Logging These sec tions co ntain this configura tion info rmat ion: • System Log Me ssage Format, page 26-2 • Default Syste m Message Logg ing Con[...]
-
Seite 466
26-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Configuring Sys te m Message L ogging Co nfiguri ng System Message Logg ing This example shows a partial switch system message : 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 00:00:47: %LINK-3-UPDOWN: Interface GigabitEthernet0/1[...]
-
Seite 467
26-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Confi guring S ystem Message Logging Configur ing System Mes sage Logg ing Beginning i n privileged EX EC mode , foll ow these s te ps t o d isab le messag e logg ing. T his p roc edur e is optional. Disabling the logging proce ss ca n slo w down th e sw[...]
-
Seite 468
26-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Configuring Sys te m Message L ogging Co nfiguri ng System Message Logg ing The logging buffered globa l configur ation comm and c opies l ogging messa ges to a n inte rnal buffer . The buf fer is c irc ula r, so newer message s overwrite o lder m ess ag[...]
-
Seite 469
26-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Confi guring S ystem Message Logging Configur ing System Mes sage Logg ing is retu rned. Ther efore , unsolici ted messag es and deb ug command output ar e not inter sperse d with solicite d device o utput an d p rom pts. Aft er t he un sol icit ed m es [...]
-
Seite 470
26-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Configuring Sys te m Message L ogging Co nfiguri ng System Message Logg ing Enabling a nd Disab ling Time S tamps on Log M essages By default, log message s are not time-stam ped. Beginning in privileged EX E C mode, follow these st eps to en able t i me[...]
-
Seite 471
26-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Confi guring S ystem Message Logging Configur ing System Mes sage Logg ing T o disable seq uence num bers, use the no service seque nce-numbers global configur ation co mmand. This example shows part of a logging displa y with sequenc e numbe rs enabled [...]
-
Seite 472
26-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Configuring Sys te m Message L ogging Co nfiguri ng System Message Logg ing T ab le 26-3 descri bes the level ke ywords. I t a lso li sts t he co rrespo nding U NIX sy slog definition s from the most se vere le vel to the least sev ere le vel. The sof tw[...]
-
Seite 473
26-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Confi guring S ystem Message Logging Configur ing System Mes sage Logg ing When the histor y table is full (i t contains th e maximum num ber of messa ge entries s pecified with the log gi ng his t ory s i ze glob al conf iguration command), the olde st[...]
-
Seite 474
26-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Configuring Sys te m Message L ogging Co nfiguri ng System Message Logg ing Step 3 Mak e su re th e sy slog daem on re ads the ne w ch anges : $ kill -HUP `cat /etc/syslog.pid` For more informa tion, see the man syslog.conf and man syslogd com mand s on[...]
-
Seite 475
26-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 26 Confi guring S ystem Message Logging Display ing the Log gi ng Configur ation Displaying the Log ging Configuration T o display th e loggi ng configur ation and th e conte nts of t he log buf fer , use the show logging pri vile ged EXEC co mmand. F or i[...]
-
Seite 476
C HAPTER 27-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 27 Configuring SNMP This chapt er describ es ho w to configure the Sim ple Network Mana gement Protocol (SNM P) on the Cisco ME 3400 Et her net A ccess sw itch . Note For comp lete syntax and usag e informa tion for th e comman ds used i n this c hapter , [...]
-
Seite 477
27-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNMP Unders tan ding SNMP • Using SNMP to Access MIB V ariables, page 27-4 • SNMP Notif ications, page 27-5 • SNMP ifIn dex MIB Object V al ues, pa ge 27-5 SNMP Versio ns This sof tware rel ease su ppor ts t hese SNM P version s: • SN[...]
-
Seite 478
27-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNM P Underst anding SN MP T ab le 27-1 identifie s the charac teristics of the dif ferent combinations of secur ity models and le vels. Y o u must configure t he SNMP age nt to use the SNMP versio n supporte d by the manageme nt station. Bec[...]
-
Seite 479
27-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNMP Unders tan ding SNMP SNMP Agen t Fun ctions The SNMP a gent responds to SNMP manage r requests as follo ws: • Get a MIB v ariable—Th e SNM P ag ent be gins this functi on in response to a requ est from the NM S. The agent r etriev es[...]
-
Seite 480
27-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNM P Underst anding SN MP SNMP Notifications SNMP allo ws the switch to send n otifica tions to SNMP manager s when p articular ev ents oc cur . SNMP notifications ca n be sent as tr aps or inform request s. In com mand synt ax, un less ther[...]
-
Seite 481
27-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNMP Conf igu rin g SNMP Configuring SNMP These sec tions co ntain this configura tion info rmat ion: • Default SNMP Con figuration, page 27-6 • SNMP Configuration Gu idelines, page 27-6 • Disablin g the SNMP Agent, page 27-7 • Config[...]
-
Seite 482
27-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNM P Configuring SNMP When configur ing SNMP , follow thes e guideli nes: • When configuring an SNMP group , do not specif y a notify view . The snmp - server ho s t globa l configurat ion c omma nd au toge ne rat es a no tif y v iew for t[...]
-
Seite 483
27-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNMP Conf igu rin g SNMP Configuring Community Strings Y o u use the SNM P c om muni ty st rin g to define t he r ela tionshi p betw een t he SN MP mana ger and th e agent. The co mmunity string acts like a password to perm it access to the a[...]
-
Seite 484
27-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNM P Configuring SNMP Note T o dis able a ccess for an SNMP c ommunity , set the commu nity s tring for th at com munity to the n ull string (do not enter a value for th e communi ty string ). T o remove a spe cific communit y string, use th[...]
-
Seite 485
27-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNMP Conf igu rin g SNMP Step 3 s nmp- server group g r oupname { v1 | v2c | v3 { auth | noauth | priv }} [ re ad re a d v i e w ] [ write writevi ew ] [ notify notifyvie w ] [ access access -list ] Configure a ne w SNMP gro up on the remote[...]
-
Seite 486
27-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNM P Configuring SNMP Configuring SNMP Notifications A trap manag er is a mana geme nt statio n that recei ves and process es traps. T raps are sy stem aler ts that the switc h gen erates wh en cert ain events occu r . By default, no trap m[...]
-
Seite 487
27-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNMP Conf igu rin g SNMP T able 2 7 -5 Switc h Notifica tion T ypes Notification T yp e Keyword Description bgp Gene rates Bo rde r Gateway Protocol (B GP) state c hange t ra ps. This opt ion is only a v ailable when the m etro IP access ima[...]
-
Seite 488
27-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNM P Configuring SNMP Note Th oug h visibl e in the c om mand -l ine help stri ngs, t he cpu [ thr esho ld ], flash insertion, flash re moval, fru-ctrl , and vtp k eywords are not supp orted. The snmp-serv er enable informs global configura[...]
-
Seite 489
27-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNMP Conf igu rin g SNMP The snmp-serv er host co mmand s pecif ies which ho sts rec eiv e the notif ications. T he snmp-server enab le trap command global ly enables the me chanism f or the speci f ied notif ication (fo r traps and informs [...]
-
Seite 490
27-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNM P Configuring SNMP Limiting TFTP Servers Used Through SNMP Beginning i n privileged EX EC mode , foll ow these s te ps t o li mit t he T FTP ser vers us ed for saving a nd loading c onfigu ration f iles thro ugh SNMP to the server s spec[...]
-
Seite 491
27-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 27 Configuring SNMP Displaying SNM P Status This e xample shows h ow to allo w read-only access for all objects to members of access list 4 that use the coma ccess community string. No other SNMP mana gers have access to any objects. SNMP Authentic ation F[...]
-
Seite 492
C HAPTER 28-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 28 Configuring Network Security with ACLs This c hapter de scribes h ow to configure network securi ty on the Cisco ME 3 400 Eth ernet A ccess swi tch by u sing access co ntrol lists (A CLs), which are also refe rred to in c ommands and tab les as access l[...]
-
Seite 493
28-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Unders tandin g A CLs which type s of t ra ff ic are f orward ed or bl ocked a t ro ut er int erfac es. For exampl e, you ca n all ow e-mail traffic to be forwarded but no t T elnet t raff ic. A CLs can be config[...]
-
Seite 494
28-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Unde rsta ndi n g AC Ls • When a VLAN map, input router A CL, and input port A CL exist in an SVI, incomin g packets recei ved on the ports to whic h a port A CL is applie d are only f iltered b y the port A CL[...]
-
Seite 495
28-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Unders tandin g A CLs Figur e 28-1 Using A CLs to Contr ol T ra ffic t o a Netw or k When you apply a port A CL to a trunk port, the A CL filters tra ff ic on all VLANs present on the trunk port. W ith port A CLs[...]
-
Seite 496
28-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Unde rsta ndi n g AC Ls As w ith p ort A CLs, t he sw itch exam ines A CLs ass oci ated wi th f eatur es co nfigur ed on a given in terface . Howe ver , ro uter ACLs are su ppo rte d in bo th di r ecti ons. A s p[...]
-
Seite 497
28-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls Some ACEs do not chec k Layer 4 info rmati on and th eref ore can be appl ied to al l packet f ragment s. A CEs that do test Layer 4 informatio n cannot be applied in the stand ard manne[...]
-
Seite 498
28-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs The switc h does not supp ort these Ci sco IOS rout er A CL-rel ated feat ures: • Non -IP prot ocol A CLs (s ee T abl e 28-1 on pa ge 28 -8 ) or bri dge-g roup A CLs • IP accoun ting •[...]
-
Seite 499
28-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls IPv4 Access List Numbers The num ber you use to denote you r IPv4 ACL sho ws the typ e of access list that you ar e cre ating. T ab le 28-1 lists the ac cess-l ist number an d correspon [...]
-
Seite 500
28-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs The f irst packet that tr iggers t he A CL causes a logg ing messa ge righ t a way , and subseq uent pac ket s are collec ted over 5-minut e intervals befo re they app ear or logge d. Th e l[...]
-
Seite 501
28-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls This exampl e shows ho w to creat e a standard ACL to deny access to IP host 171 .69.1 98.102, pe rmit access to an y others, and display the results. Switch (config)# access-list 2 den[...]
-
Seite 502
28-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs Beginn ing in pri vileg ed EXEC mode, follo w these steps to create an exte nded A CL: Command Purpo se Step 1 co nfi gure terminal Enter glob al configura tion mo de. Step 2a access-list a[...]
-
Seite 503
28-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls or access-list access- list-num ber { deny | permit } pr otocol any any [ prec edence pr eceden ce ] [ tos tos ] [ fragmen ts ] [ log ] [ log-input ] [ time-r ange ti me-range-na me ] [[...]
-
Seite 504
28-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs Use the no a ccess-lis t a ccess-list-number gl obal conf igurat ion command to dele te the entire access list. Y o u canno t dele te i n dividual ACEs from n umb er ed acc ess l ist s. Thi[...]
-
Seite 505
28-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls After c reating a numb ered e xtended A CL, you can apply it to termina l lines (see the “ Applying an IPv4 A CL to a T ermi nal Line” sec tio n on page 28-18 ), to inter faces (see[...]
-
Seite 506
28-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs T o remov e a named stan dard A CL, use the no ip access-list standard na me g loba l c onfiguratio n comm and. Beginn ing in pri vilege d EXEC mode, follo w th ese steps to create an ex te[...]
-
Seite 507
28-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls This example shows ho w you can delet e individual A CEs fro m the named ac cess lis t bor der-list : Switch(config)# ip access-list extended border-list Switch(config-ext-nacl)# no per[...]
-
Seite 508
28-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs Repeat the steps if you ha ve multiple items that you w ant in ef fect at dif ferent times. T o remov e a configu red time -range limit ation, use the no time-r ange time -range-name gl oba[...]
-
Seite 509
28-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls This exampl e uses name d A CLs to perm it and deny the same traff ic. Switch(config)# ip access-list extended deny_access Switch(config-ext-nacl)# deny tcp any any time-range new_year_[...]
-
Seite 510
28-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs Beginning i n privileged EX EC mod e, fo llow these st eps t o restri ct i ncom ing a nd ou tgoing co nne ction s betwee n a virtual termin al line an d the addre sses in an ACL: T o remov [...]
-
Seite 511
28-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls Beginn ing in pr iv ilege d EXEC mode, follo w these steps to control a ccess to an interf ace: T o remov e the specif ied access group, use the no ip acce ss-group { access-list-number[...]
-
Seite 512
28-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs Hardware and Softw are Treatment of IP ACLs A CL processing is primar ily accom plished in hardwar e, b ut re quires fo rwardin g of some tr af f ic f lo ws to the CPU for so ftwar e pr oce[...]
-
Seite 513
28-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls Use rout er ACLs to do this in one of two ways: • Crea te a stan dard ACL, and filter tr aff ic com ing to th e server from Port 1 . • Create an ex tended A CL, and filter traf fic [...]
-
Seite 514
28-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs Numbered ACLs In this e xampl e, netw ork 36.0.0.0 is a Class A netw ork whose second oc tet specif ie s a subnet; th at is, its subnet ma sk is 255.2 55.0.0 . The thi rd and fou rth oct et[...]
-
Seite 515
28-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Conf iguri ng I Pv4 AC Ls The market ing_group A CL allo ws an y TCP T elnet traf fic to the destinatio n address and wildcar d 171.6 9.0.0 0. 0.255. 25 5 and de nie s a ny other TC P t raffic. It per mit s I CM[...]
-
Seite 516
28-25 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring IPv4 ACLs In this examp le of a name d A CL, t he Jo ne s subne t i s not al lowed ac cess: Switch(config)# ip access-list standard prevention Switch(config-std-nacl)# remark Do not allow Jones subne[...]
-
Seite 517
28-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Creating Nam e d MAC Exten ded ACL s This i s a an exampl e of a lo g f or a n exte nded ACL: 01:24:23:%SEC-6-IPACCESSLOGDP:list ext1 permitted icmp 10.1.1.15 -> 10.1.1.61 (0/0), 1 packet 01:25:14:%SEC-6-IPAC[...]
-
Seite 518
28-27 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Creati ng Na med M AC Exte nde d AC L s Use the no mac access-list extended name global conf iguration co mmand to dele te the entir e A CL. Y ou can a lso d ele te in dividual ACEs from n am ed M AC extended AC[...]
-
Seite 519
28-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Creating Nam e d MAC Exten ded ACL s Applying a MAC ACL to a La yer 2 Interfa ce After y ou cr ea te a M AC A CL, you ca n appl y it to a Laye r 2 in terfa ce t o filter non -I P tra ffic coming in that inte rfa[...]
-
Seite 520
28-29 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring VLAN Maps Configuring VLAN Ma ps This section descr ibes how to con figu re VLAN maps, which is the only way to con trol filte ring within a VLA N. V LAN ma ps h ave no direct ion. T o filter tra ff [...]
-
Seite 521
28-30 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Configur ing VLA N Maps VLAN Map C onfiguration Gu idelines Foll ow these gui delines when conf iguring VL AN maps: • If th ere is n o A CL conf igur ed to den y traf f ic on an inte rface and no VLAN ma p is [...]
-
Seite 522
28-31 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring VLAN Maps Creating a VL AN Map Each VLA N map consi sts of an ordered ser ies of entri es. Beginning i n privileged EXEC mode, follow thes e step s to crea te, ad d to, or de lete a VLAN map entr y: [...]
-
Seite 523
28-32 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Configur ing VLA N Maps This exampl e shows how to c rea t e a V LAN map to pe rmit a packet. ACL ip2 permits UDP pack ets and any pack ets that m atch the ip2 A CL are fo rwarded. In th is ma p, any IP p ackets[...]
-
Seite 524
28-33 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring VLAN Maps Switch(config)# mac access-list extended good-protocols Switch(config-ext-macl)# permit any any decnet-ip Switch(config-ext-macl)# permit any any vines-ip Switch(config-ext-nacl)# exit Swit[...]
-
Seite 525
28-34 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Configur ing VLA N Maps Using VLAN Maps in Your Network These sec tions descr ibes some typ ical uses for VLAN maps: • W iring Closet Configuration , page 28-34 • Denying Acc ess to a Server on Anot her VLAN[...]
-
Seite 526
28-35 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Configuring VLAN Maps Switch(config)# ip access-list extended match_all Switch(config-ext-nacl)# permit ip any any Switch(config-ext-nacl)# exit Switch(config)# vlan access-map map2 20 Switch(config-access-map)#[...]
-
Seite 527
28-36 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Using VL AN Ma ps wi th Rout er AC Ls Step 2 Def ine a VLAN map usin g this A CL that w ill drop IP p acket s that matc h SER VER1_A CL and forwa rd IP packets tha t do not match the ACL. Switch(config)# vlan ac[...]
-
Seite 528
28-37 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Using VLAN Maps with Router ACLs • Whene ver possible, try to write the A CL with all entries ha ving a single act ion e xcept for the f inal, default act ion of the ot her type. T hat is , write the ACL using[...]
-
Seite 529
28-38 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Using VL AN Ma ps wi th Rout er AC Ls Figur e 28-6 Applyin g ACLs o n S witched P ack ets ACLs and Routed Packe ts Figure 28-7 sho ws ho w A CLs ar e appl ied on route d pack ets. F or rout ed pack ets, the A CL[...]
-
Seite 530
28-39 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Configuring Net work Securi t y with ACLs Displaying IPv4 ACL Configu ration ACLs and Multicast Pa ckets Figure 28-8 shows ho w A CLs are applied o n pa ck ets that ar e r ep lic ated f o r IP m ul tica stin g. A m u ltica st packet be ing ro ut ed ha s[...]
-
Seite 531
28-40 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 28 Co n figuring Network Security w ith ACLs Display ing IPv4 ACL Co nfigurat ion Y ou can also d isplay info rmation abou t VLAN ac cess maps or VLAN f ilters. U se the pri vileged EXEC comm ands in Ta b l e 2 8 - 3 to display VLAN map i nformation. show [...]
-
Seite 532
C HAPTER 29-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 29 Configuring Control-Plane Sec urity This c hapter describe s the c ontrol -plan e sec urity fe ature in t he Cisc o ME 34 00 Et hernet Access switc h. In any network, Lay er 2 and Layer 3 sw itches exchange cont rol packets wit h other sw itches in the [...]
-
Seite 533
29-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 2 9 Con f igurin g C ontr ol-Pl an e Sec urity Unders tan din g Control-Plan e Security These ty pes of contr ol packets ar e droppe d or rate-l imited : • Layer 2 pro tocol contr ol packets: – Control packets that are always dropp ed on UNIs, such as [...]
-
Seite 534
29-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 29 Configuring Control -Pl ane Security Underst anding Con trol-P lane Secu rity The swit ch automatic ally alloca tes 27 control- plane secu rity policer s fo r CPU protectio n. At syst em bootup , it assigns a po licer t o each port nu mbere d 0 to 26. Th[...]
-
Seite 535
29-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 2 9 Con f igurin g C ontr ol-Pl an e Sec urity Configuring Cont rol-Plane Securi ty This exampl e s hows the defau lt police rs assigned to NN Is. Most pr otocol s have no po licers assi gned to NNIs. A value o f 2 55 me ans that no pol ic er is assign ed [...]
-
Seite 536
29-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 29 Configuring Control -Pl ane Security Monitor ing Con trol-P lane Secu rity This exam ple sh ows how to set the CPU p rote ction t hresh old to 1000 0 b ps an d to verify the configurat ion. Switch# config t Enter configuration commands, one per line. End[...]
-
Seite 537
29-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapte r 2 9 Con f igurin g C ontr ol-Pl an e Sec urity Monitorin g Control-Plane Security[...]
-
Seite 538
C HAPTER 30-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 30 Configuring QoS This chapte r describes ho w to conf igure quality of service (QoS) b y using the modular QoS comm and-lin e inte rface (C LI), or MQC, co mman ds on th e Cisco M E 340 0 Ether net Ac cess swi tch. With QoS, you can pro vide pref erent i[...]
-
Seite 539
30-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS Figur e 30-1 Modular Qo S CLI Model Basi c QoS inc ludes thes e acti ons. • Pa ck et class if ica tion allo ws you to o r gan ize tr af f ic on the bas is of whet he r or not the t raf f ic matches a speci fic [...]
-
Seite 540
30-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS Modular QoS CLI Modula r Q oS C LI (MQ C) a llo ws use rs t o cr ea te tra ffic po l icies a nd att ach t hes e po l icies t o int erfa ces . A traf fic policy contain s a traf fic clas s and one or more QoS featur[...]
-
Seite 541
30-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS Step 3 Attach the t raf fi c polic y to a n interf ace. Y o u u se th e s ervic e-p oli cy interface con f igurat ion command to attac h the polic y map to an interf ace for packet s entering or lea v ing t he in[...]
-
Seite 542
30-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS Output Policy Maps Output policy ma p class ifi cation crit eria inc lude matchi ng a CoS, a DSCP , an IP precedence, or a QoS group values. Out put policy maps can hav e any of these ac tions: • Queuing ( queue-[...]
-
Seite 543
30-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS Figur e 30-3 QoS Class ification La yers in Fr ames and P ack ets These section s contain additional in formation about cla ssifica tion: • “Class Ma ps” secti on on page 3 0-6 • “The match Comma nd” [...]
-
Seite 544
30-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS Y o u can mat ch more than on e cri terion for c lassificati on. Y ou can also crea te a class ma p that re quires that al l matchi ng criteria in the class m ap be in the p acket header b y using the class map mat[...]
-
Seite 545
30-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS This example shows how to creat e a class map to match a C oS value of 5: Switch(config)# class-map premium Switch(config-cmap)# match cos 5 Switch(config-cmap)# exit Classification Based on IP Precede nce Y o u [...]
-
Seite 546
30-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS cs6 Match packets with CS6(precedence 6) dscp (110000) cs7 Match packets with CS7(precedence 7) dscp (111000) default Match packets with default dscp (000000) ef Match packets with EF dscp (101110) For more info rm[...]
-
Seite 547
30-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS Classification Based on QoS ACLs Packets can also be c lassified in input policy ma ps b ased on an A CL looku p. The ACL classificati on is communi cate d to a n outp ut po licy by assign ing a QoS g rou p o r [...]
-
Seite 548
30-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS T o communicat e an A CL classi f ica tio n t o an outp ut po lic y , you assig n a QoS n u mb er to sp ecif y pa ck ets at ingress. This e xample identi fies specif ic packets as part of QoS group 1 for later pro[...]
-
Seite 549
30-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS The swi tch sup ports a maxim um of 2 56 uni que ta ble ma ps. Y ou ca n ente r up to 6 4 differen t map from – to entries in a ta ble map. T hese t able maps are suppor ted on t he switch : • DSCP to CoS ?[...]
-
Seite 550
30-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS These sect ions de scri be the typ es of po l icing sup port ed on the swi tc h: • Individual Polic ing, pag e 30- 13 • Aggregate Polici ng, page 30 -14 • Unconditio nal Priority Policing, pag e 30-15 Indivi[...]
-
Seite 551
30-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS After you creat e a table ma p, you co nfigure a po licy-map police r to use the table ma p. • Y o u can c onfigure on ly one exceed-act ion police mar kdown table m ap of each type (Co S, DSC P , or IP prece [...]
-
Seite 552
30-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS After yo u conf igure the aggre gate policer , you creat e a policy map and an asso ciate d class map, associate the policy map wit h the aggr egate policer, and appl y the service policy to a port. Note On ly one[...]
-
Seite 553
30-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS This exam ple shows how to use the priority with police comm an ds t o c onfigure ou t-class1 as t he priorit y queue, with tra ff ic going to t he queue limited t o 20,00 0,000 bps so that th e priori ty queu e[...]
-
Seite 554
30-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS Note Y ou c onfigure onl y one set ac tion wit h a table map in a class. Y ou ca nnot co nfigure any other set action in the same class a s a set action wi th table map. Figure 30-6 sho ws the proced ures for m ar[...]
-
Seite 555
30-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS This exam ple u s es a policy map t o re mark a p acket. The first m arking (the set command) app lies to the QoS def ault class m ap that m atches all tr af fic not matche d by cl ass AF31-AF 33 and set s all t[...]
-
Seite 556
30-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS These sec tions co ntai n addi tiona l i nfor ma tio n abo ut sc he dulin g: • T raffi c Shap ing, page 30-19 • Class-Ba sed W e ighte d Fair Q u eu ing, page 3 0-2 1 • Priority Que uing , page 30 -22 Traffi[...]
-
Seite 557
30-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS Port S hapi ng T o configure po rt shapi ng ( a tran smit po rt sh aper), crea te a policy ma p that cont ains onl y a default c lass, and use the shape average co mmand to specify th e maximu m bandwi dth for a[...]
-
Seite 558
30-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS Class-Based Weighted Fair Queuing Y ou can c onfigure cla ss-based w eighted fair queuing (CBWFQ) to set the rela tive precedenc e of a queu e by allo cating a portio n of the total bandwidth that is av ailable fo[...]
-
Seite 559
30-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS Switch(config)# interface fastethernet 0/1 Switch(config-if)# service-policy output out-policy Switch(config-if)# exit This exampl e shows ho w to a l l ocate t he excess band widt h am ong queues by co nfigurin[...]
-
Seite 560
30-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS Note When priority is configured in an output poli cy map without the police command, y ou can only co nf igur e the ot her qu eues f or shari ng b y usin g the bandwidt h remaining percent polic y-map command to [...]
-
Seite 561
30-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Unders tan ding QoS Congestio n Avoida nce and Q ueuing Conges tion av oidanc e uses alg orithm s such as tai l drop to con trol the num ber of packe ts entering t he queuing a nd sche duling st age to av oid c onges tio n a nd ne [...]
-
Seite 562
30-25 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Under sta n din g Q oS This e xam ple co nf ig ures class A to matc h DCSP values and a polic y map, PM1 . The DSCP v alues of 30 and 50 are ma pped to unique t hresho lds (32 and 64, resp ectively). The D SCP values of 40 and 60 ar e m[...]
-
Seite 563
30-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS • A WTD qualif ier in the queue-lim it comma nd must be th e same as at le ast one ma tch qual ifie r in the asso ciated cl ass map. This exam ple sh ows how to con figure ban dw idt h an d q ue ue l imi t so t[...]
-
Seite 564
30-27 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Default QoS Configuration There ar e no po l icy ma ps, c lass ma ps, t abl e ma ps , o r poli cer s configu re d. A t the egre ss por t , al l t raffic goes thro ugh a single default queu e tha t is giv en the full op[...]
-
Seite 565
30-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS Creating IP Standard ACLs Beginn ing in pri vilege d EXEC mode, follo w th ese steps to create an IP standard A CL for IP traff ic: T o delete an acces s list, u se the no access-list acc ess-list-numbe r global [...]
-
Seite 566
30-29 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Creating IP Exte nded ACLs Beginn ing in pri vileg ed EXEC mode, follo w these steps to create an IP ex tended A CL for IP traf f ic: Command Purpose Step 1 conf igure t erminal E nter g loba l c onfigurati on m ode . [...]
-
Seite 567
30-30 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS T o delete an acces s list, u se the no access-list acc ess-list-numbe r global con figuration co mmand . This e xamp le sho ws ho w to create an A CL that permit s IP traf f ic from an y source to an y d estinat[...]
-
Seite 568
30-31 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S T o delete an acces s list, u se the no mac acces s-list exte nded access-list- name global con figuration comm and. This e xample sh ow s ho w to create a Laye r 2 MA C A CL with two permit sta temen ts. Th e f ir st [...]
-
Seite 569
30-32 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS Beginn ing in pr i vilege d EXEC mode, follo w these steps to create a class map and to d efi ne the ma tch criteri on to classify traff ic: Command Purpose Step 1 conf igure t erminal E nter g loba l c onfigurat[...]
-
Seite 570
30-33 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Use t he no form o f the approp riate comm and to delete an existi ng cla ss map or r emove a ma tch cr iterion . This e xample sh o ws how to create access list 103 and co n f igure the class map calle d class1 . Th e[...]
-
Seite 571
30-34 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS Beginn ing in pr iv ilege d EXEC mode, follo w these steps to create a table map: T o delete a table map, use the no table- map ta ble-m ap-na me global con figurat ion co mm an d. This e xamp le sho ws how to cr[...]
-
Seite 572
30-35 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Attaching a Traffic Policy to an Interface Y o u us e th e service-po licy interf ace conf igu ration co mmand t o attach a traf f ic po licy to an inte rface and to specif y the direc tion in w hich the policy should [...]
-
Seite 573
30-36 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS • When an input polic y map with only Laye r 2 classific ation is attached to a routed port or a switch port cont ai ning a rout ed SV I , th e ser vi ce poli cy ac ts on ly o n sw itch ing eli gibl e t raffic [...]
-
Seite 574
30-37 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Step 4 police { r ate-bps | cir cir-bps } [ bu rst -b y tes | bc b urst- bytes ] Def ine a policer for th e class of traf fic. By default, no poli cer is de fined. • Fo r rate -b ps , specify a ve rage traf fic rate [...]
-
Seite 575
30-38 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS After you ha ve created an input polic y map, you attach it to an interfa ce in the input directio n. See the “ Attaching a T raff ic Policy to an Interf ace” section on pa ge 30-35 . Use the no form of the a[...]
-
Seite 576
30-39 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S This exam ple sh ows how to use po licy-m ap c las s po lice c onfiguratio n m ode to set excee d ac ti on mark-do wn using tab le-maps. The polic y map sets a committed information rate o f 23000 bps and a confo rm bu[...]
-
Seite 577
30-40 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS Beginn ing in pri vileg ed EXEC mode, follo w these steps to create an aggre gate police r: After you have creat ed an aggregat e poli cer, you atta ch it to a n ingr ess port. S ee the “ Att aching a T raf f i[...]
-
Seite 578
30-41 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S T o remove the specified aggr egate polic er fr om a p oli cy map, use th e no police ag gr egate aggr egate-poli cer-name pol icy m ap c onfigu ratio n m ode . T o del ete a n ag gregate p olic er an d it s parame ter[...]
-
Seite 579
30-42 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS Use the no f or m of th e app r op r iate co m man d to d el e te a po l ic y map or t a ble ma p or rem o v e an assi gned CoS, DSCP , prec ede nce, or Q oS-gr oup value. This exam ple u s es a policy map t o re[...]
-
Seite 580
30-43 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Configuring Output Policy Maps Y o u use o utput p olicy maps to m anag e conge stion avoidance, q ueuing, and sche dulin g of packe ts leaving the switch . The switch h as four egress queue s, and you use output poli [...]
-
Seite 581
30-44 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS • Y o u can att ach only one output policy map per por t. • The maxi mum num ber of policy map s configured on t he switch is 256. These sec tions descr ibe how to configure different type s of output poli cy[...]
-
Seite 582
30-45 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S After you have created an outpu t policy ma p, you a ttach it to an egress port. See the “ Attaching a T raf f ic Polic y to an Interfac e” section on page 30-35 . Use the no form of the appro priat e c omma nd t o[...]
-
Seite 583
30-46 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS Configuring Output Pol icy Maps with Class-Based Shaping Y o u use the shape average policy-map cl ass configura tion co mmand t o configure traff ic shaping . Class-based shaping is a control mechanism that is a[...]
-
Seite 584
30-47 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S This exam ple s ho ws ho w to conf igure tra ff ic shaping for o utgoi ng traf fi c on a Fast Ethe rnet po rt so that outclass1 , outclass2 , and outc lass3 ge t a ma ximum o f 50, 20 , an d 10 Mbps of the available po[...]
-
Seite 585
30-48 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS After yo u hav e created the hier archical output poli cy map, you attach it to an e gress por t. See the “ Attaching a T raff ic Policy to an Interf ace” section on pa ge 30-35 . Use the no form of the appro[...]
-
Seite 586
30-49 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Beginn ing in pri vileg ed EXEC mode, follo w these steps to confi gure a strict priority queu e: After you have created an outpu t policy ma p, you a ttach it to an egress port. See the “ Attaching a T raf f ic Poli[...]
-
Seite 587
30-50 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS This exam ple sh ows how to configure the class out-class 1 as a stri ct priority queue so that all pack ets in that cl ass are sent bef ore an y oth er class of traf f ic . Other tr af fic queues ar e con figur [...]
-
Seite 588
30-51 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Step 6 police { r ate-bps | cir cir-bps } Define a polic er for th e prio rit y cla ss of tr aff ic. • For ra te -b ps , specify a verage tra f f ic rate in bits per second (bps). T he r a nge i s 64000 t o 1000 000 [...]
-
Seite 589
30-52 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS After you have created an outpu t policy ma p, you a ttach it to an egress port. See the “ Attaching a T raf f ic Polic y to an Interfac e” sect ion on pa ge 30-35 . Use th e no form of the ap propri ate comm[...]
-
Seite 590
30-53 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Confi guring Qo S Configuring Output Pol icy Maps with Weighted Tail Drop W e igh ted tai l drop (WTD) adjust s the qu eue si ze (buffer size) assoc iate d with a t raffic class. Y ou configure WT D by using the queue-limit policy-map c[...]
-
Seite 591
30-54 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rin g QoS After yo u have created an output policy map, you att ach i t to an egre ss port. Se e the “Configuri ng Outp ut Policy Maps” sect ion on page 30-4 3 . Use the no form of the ap propri a te c omma nd to dele [...]
-
Seite 592
30-55 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Displaying QoS Information Displaying QoS Information T o display QoS info rmat ion, use on e or more of the privileged EX EC comman ds in Ta b l e 3 0 - 2 . For explanat ion s a bou t available keyword s, see th e co mm an d ref er enc[...]
-
Seite 593
30-56 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rat ion Exam ples for Poli cy Maps Configuration E xamples for Po licy Maps This secti on include s configurati on examples fo r configuring QoS po licies on the Cisco ME switch, includi ng configuration limita tions an d [...]
-
Seite 594
30-57 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Configuration Examples for Policy Maps This e xample co nf igures cla sses fo r input ser vice policies and def ine s three classe s of serv ice: gold, silv er , and bronze. Because a match-all classification ( the de fault ) c an have [...]
-
Seite 595
30-58 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rat ion Exam ples for Poli cy Maps This exam ple configu res a se cond ou t put s erv ice poli cy to be a ppli ed t o Fast Et hern et U NIs 1 t o 8, providing stric t priorit y to the gold cla ss and distr ibuting the rema[...]
-
Seite 596
30-59 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Configuration Examples for Policy Maps This e xamp le conf igures a third outp ut serv ice pol icy to be a ttache d to F ast Et hernet UNIs 9 through 12, prov iding a minimum guaran teed bandwid th of 50 Mbps to the gold class, 20 Mbps [...]
-
Seite 597
30-60 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rat ion Exam ples for Poli cy Maps Modifying O utput Po licies and Chan ging Que uing or S chedu ling Parameters This section pro vides e xamples of updating an ex isting set of output polic y maps to modify the parame ter[...]
-
Seite 598
30-61 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Configuration Examples for Policy Maps • Reattach the outp ut policy to the app ropriate ports. • T ake t he ports out of the shutdown state. Note these restrict ions for con fig uring output policies: • Y o u can define up to thr[...]
-
Seite 599
30-62 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rat ion Exam ples for Poli cy Maps This is the ov erall sequence of conf iguration: • Shut down all active ports. • Detach the outpu t policies fro m all F ast Ether net and Gigabit E thernet po rts. • Delete t he cl[...]
-
Seite 600
30-63 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 30 Configuring Qo S Configuration Examples for Policy Maps These s teps acti v ate a ll appl icable Fas t Ether net a nd Gigab it Et hernet ports : Switch(config)# interface range gigabitethernet0/1-2, fastethernet0/1-12 Switch(config-if-range)# no shutdow[...]
-
Seite 601
30-64 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapt e r 30 Conf igur ing Q o S Conf igu rat ion Exam ples for Poli cy Maps[...]
-
Seite 602
C HAPTER 31-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 31 Configuring EtherChannels This cha pter describ es how to configure EtherCha nnels on La yer 2 an d Layer 3 ports on the Cisco ME 3400 Ethe rnet Acc ess swi tch . EtherC han ne l provides fault-tol era nt hi gh-spe ed links betw ee n switc hes, router s[...]
-
Seite 603
31-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Unders tan ding Ether Channels EtherChann el Overview An EtherCh annel consi sts of individual Fast Ethe rnet or Giga bit Ethern et links bundled int o a single logical lin k as shown in Figu re 31 -1 . Figur e 31 -1 T ypica[...]
-
Seite 604
31-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Understa nding Et herChann els Y o u can co nfigure an Ether Chann el in one of the se modes: Port Aggregation Prot oco l (P AgP), Link Aggregation C ont rol Pro toco l (L ACP), or On mo de. P A gP and LACP are available only [...]
-
Seite 605
31-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Unders tan ding Ether Channels Figur e 31 -2 Relationship of Ph ysical P orts , Logical P ort Cha nnels, and Channel G roup s After y ou co nf igu re an Eth erC hann el , conf iguration change s ap plie d to the po rt- chan [...]
-
Seite 606
31-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Understa nding Et herChann els PAgP Modes T ab le 31-1 shows the use r-configurable Et herC ha nnel P A g P mo des f or the channel-group interfa ce configurat ion comm and on an NNI. Switch por ts exchange P AgP pac kets only[...]
-
Seite 607
31-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Unders tan ding Ether Channels Link Aggreg ation Control Pro tocol The LACP is defi ned in IEEE 802. 3ad stand ard and ena bles Cisco sw itches to manag e Ethernet chan nels between switches th at conform t o the stan dard. [...]
-
Seite 608
31-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Understa nding Et herChann els EtherChann el On Mode EtherC hanne l on mod e can b e us ed to m anua ll y configur e an Et herC hannel . The on mode fo rces a p ort to join an EtherC hannel w ithou t negotia tions. It ca n be [...]
-
Seite 609
31-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Unders tan ding Ether Channels W i th desti nation-I P-addr ess-base d forward ing, w hen pac kets are f orwarded to an Ether Channel , they are distributed across the ports in the EtherCh annel base d on the destin ation-IP[...]
-
Seite 610
31-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Config uring Et herCh annels Configuring Eth erChannels These sec tions co ntain this configura tion info rmat ion: • Default Eth erCha nnel Configurat ion, pa ge 31-9 • Ether Channe l C onfigurat ion G uide line s, pa ge [...]
-
Seite 611
31-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Configur ing Eth erChann els EtherChann el Configuratio n Guidelin es If imp rop erl y co nfigure d, so me Et her Chann el por ts are a utom atic all y disa bled to avoid network lo ops and othe r problem s. Follow these gu[...]
-
Seite 612
31-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Config uring Et herCh annels • For Layer 2 EtherC hannels : – Assign all p orts in the Eth erChannel to the same VLAN, o r conf igure them a s trunks. Ports with different nat ive V LAN s cannot for m an Et herChann el. ?[...]
-
Seite 613
31-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Configur ing Eth erChann els T o remove a p ort fr om the Eth er Chann el gro up, us e t he no channel-group interface configurat ion comm and. Step 4 channel- group c hann el-group-number mo de { auto [ non- sile nt ] | de[...]
-
Seite 614
31-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Config uring Et herCh annels This example shows how to configure an EtherChann el. It assigns two po rts as static-acces s ports in VLAN 1 0 to c hanne l 5 wi th t he P AgP mode desirable : Switch# configure terminal Switch(c[...]
-
Seite 615
31-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Configur ing Eth erChann els T o remove th e por t- ch an ne l, u s e the no interface port-channel port-channel-nu mber glob al configurati on comm a nd. This example shows ho w to create t he logical po rt chann el 5 and [...]
-
Seite 616
31-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Config uring Et herCh annels Step 5 chan nel-g roup channel-g roup -number mode { auto [ non- sile nt ] | desirable [ non-silen t ] | on } | { active | passive } Assign th e port to a ch annel gr oup, an d specify the P Ag P [...]
-
Seite 617
31-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Configur ing Eth erChann els This example shows ho w to configure an Ethe rChannel . It assign s two ports to cha nnel 5 with the LACP mode ac tive : Switch# configure terminal Switch(config)# interface range gigabitetherne[...]
-
Seite 618
31-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Config uring Et herCh annels Configuring the PAgP Learn Method and Priority Network devices are cla ssified as P AgP physic al lea rner s o r a gg regate-por t l ear ne rs. A d evice is a physical learn er i f i t lea rns a d[...]
-
Seite 619
31-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Configur ing Eth erChann els Beginning i n privileged E X EC mo de , follow these s teps to c on figure your sw itch as a P AgP physical- port lea rner a nd to a djust the p riority so th at the sa me por t in the bundle is[...]
-
Seite 620
31-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Config uring Et herCh annels Note LACP is only av a ilable on NN Is. If you configure more than eight links for an EtherC hannel group , the soft ware automa ticall y decides which of the hot-stand by ports to make acti v e b[...]
-
Seite 621
31-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Configur ing Eth erChann els T o return the LA CP system priority to the defa ult v alue, use the no lacp system-prio rity global configurati on comm a nd. Configuring the LACP Port Pr iority By def ault, all p orts use t h[...]
-
Seite 622
31-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Configuring Eth erCh annels Displaying EtherC hannel, P AgP, and LACP Status Displaying EtherCh annel, PAgP, a nd LACP Status T o displ ay Eth erCha nne l, P AgP , and LA CP status i nfor matio n, use t he pri vile ged EX EC com mands describe d in Ta b[...]
-
Seite 623
31-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 31 Confi guri ng EtherC hannel s Displaying Eth erChannel, PA gP, and LACP Status[...]
-
Seite 624
C HAPTER 32-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 32 Configuring IP Unicast Ro uting This chapt er describ es ho w to configure IP V ersi on 4 (IPv4) unicas t routing on t he Cisco ME 3400 Ethernet Access switc h. Note Rou ting is supporte d only on switch es that are runnin g the metro IP ac cess image. [...]
-
Seite 625
32-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Unders tan din g IP Routing Understandin g IP Routing In some network en vironment s, VLAN s are associ ated wit h individual networks or subnetwork s. In an IP network, each subnet work is ma pped to an i ndividual VLA N. [...]
-
Seite 626
32-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Steps f or Conf iguri ng Routi ng • Routers usi n g link -sta te pro tocols ma inta in a com plex d ataba se of network top ology , based o n the exc hange of link-state ad vertisem ents (LSAs) between routers. LSAs ar[...]
-
Seite 627
32-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu ring I P Ad dres sing Configuring IP Addre ssing A required task for conf iguring IP routing is to assign IP addresses to Layer 3 networ k interface s to enable t he interf aces an d allo w communication wit h the [...]
-
Seite 628
32-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring IP Address ing Assigning IP Address es to Netwo rk Interface s An IP ad dress identif ies a locatio n to whi ch IP pa ckets can be sent. Som e IP add resses ar e reser ved f or special u ses an d ca nnot be [...]
-
Seite 629
32-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu ring I P Ad dres sing Use of Subnet Zero Subnetti ng with a subnet a ddress o f z ero is st ron gly disc ourag ed beca use of th e proble ms that c an arise if a network a nd a subne t have the same addr esses. For[...]
-
Seite 630
32-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring IP Address ing In Figure 32 -3 , the rou ter in network 128 .20.0 .0 is conne cted to subne ts 128.20.1.0 , 128.20 .2.0, and 128.20.3 .0. If the host sends a packet to 120.20 .4.1, because the re is no ne tw[...]
-
Seite 631
32-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu ring I P Ad dres sing The swi tch can use these fo rms of addr ess reso lution : • Address Resolut ion Protoc ol (ARP) i s used to associa te IP ad dress wi th MA C addresses. T aki ng an IP addre ss as i nput, A[...]
-
Seite 632
32-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring IP Address ing T o remove an entr y from t he ARP cach e, use t he no arp i p - a d d re s s h a rd w a re - a d d re s s t yp e gl obal conf iguratio n command. T o remov e all nonstatic e ntries fro m the [...]
-
Seite 633
32-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu ring I P Ad dres sing Enable Proxy ARP By default, the sw itch uses pro xy ARP to help hosts learn MA C addresses of hosts on ot her network s or subnets. Beginning i n privileged E X EC mo de , follow these s tep[...]
-
Seite 634
32-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring IP Address ing Default Gate way Another m etho d for loca ting ro utes is t o define a defaul t route r or default gat eway . All non local pa ckets are sen t to th is rou t er, which eit her r oute s t hem[...]
-
Seite 635
32-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu ring I P Ad dres sing If you chang e the maxadvertinterv al va l u e , th e holdtime and minadvertinterval v alues also cha nge, so it is important t o f irst ch ange the maxadvertinte rval value, before ma nuall [...]
-
Seite 636
32-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring IP Address ing Routers pro vide some protectio n from broadcast storms by limiting their ex tent to the local cable. Bridges (inc luding intelligen t bridges), b ecause th ey are Layer 2 de vices, forwar d [...]
-
Seite 637
32-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu ring I P Ad dres sing Use the no ip directed -broa dcas t interfa ce con figurat ion co mm and t o disa ble tra nsla tion of dire c ted broadca st t o phy sica l br oadc asts . U se t he no ip forward-protocol gl [...]
-
Seite 638
32-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring IP Address ing Use the no ip helper -address int erfac e co nfigur ati on com ma nd to d is able th e for warding of b roa dca st pack ets to s pecif ic ad dresse s. Use the no ip f orward-protocol global c[...]
-
Seite 639
32-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu ring I P Ad dres sing T o be consid ered for floo ding, pa ckets mus t meet thes e cr iteria. (No te tha t thes e ar e the same cond itions used t o co nside r pack et forwar ding u sing I P helper addr esses. ) ?[...]
-
Seite 640
32-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Enablin g IPv4 Unicast Routing Monitoring and Maintaining IP Addressing When the co ntents of a par ticular ca che, table , or datab ase ha v e become or ar e suspect ed to be in val id, you ca n r emove al l it s c ont[...]
-
Seite 641
32-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g RI P Use the no ip routing global con figuration com mand to disa ble rout ing. This exam ple sh ows how to enable I P r outing usi ng R IP a s the ro uti ng pro t ocol : Switch# configure terminal Enter con[...]
-
Seite 642
32-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring RIP These sec tions co ntain this configura tion info rmat ion: • Default RI P Co nfiguration, p age 32-19 • Configuring Ba sic RI P Para meter s, page 32 -19 • Conf iguring RIP Authenticatio n, page 3[...]
-
Seite 643
32-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g RI P Beginning in privileged EXEC mo de, foll ow these steps to enable and configure RIP: Command Purpose Step 1 conf igure t erminal E nter g loba l c onfigurati on m ode . Step 2 ip ro uting Enable IP rout[...]
-
Seite 644
32-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring RIP T o turn of f the RI P ro uting proc ess, use the no r outer rip global configurati on comm and. T o display the par ame ters and cu rren t state of the ac tive routing proto col proc ess, use the show i[...]
-
Seite 645
32-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g RI P Note In general, di sabling split horizon i s not reco mmended un less you are certain t hat your a pplicati on requires it to proper ly adv ertise r outes. If you want t o configur e an int erfac e run[...]
-
Seite 646
32-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring OS PF Configuring Split Horizon Router s conne cted t o bro adca st-ty pe I P networ ks and us in g distan ce -vect or r outing p rotoc ols no rm all y use th e split-horiz on mechanism to reduce the possib[...]
-
Seite 647
32-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring OSPF The Cisco implementation conforms to the OSPF V ersion 2 specifications with these ke y features: • Definition of stub areas is suppor ted. • Routes lear ned th rough any IP routi ng protoc ol can be r[...]
-
Seite 648
32-25 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring OS PF Area Authentication type: 0 ( no authen tication). Default c ost: 1. Rang e: Dis abl ed. Stub: No stub ar ea defined. NSSA: No NSSA area defi ned. Auto c ost 1 00 M bps. Default- informati on originat[...]
-
Seite 649
32-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring OSPF Configuring Basic OSPF Parameters Enabling OSPF requires that you create an OSPF routing process, specify the r ange of IP addr esses to be asso ciated with the routing pro cess, an d assign area IDs to be[...]
-
Seite 650
32-27 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring OS PF Use the no form of these comm ands to re mov e the conf igured par ameter v alue or return to the default value. Configuring OSPF Area Parameters Y ou can op tionally confi g ure sev eral OSPF area pa[...]
-
Seite 651
32-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring OSPF Rout e summariz ation is the cons olidati on of adv ertis ed addres ses into a si ngle summ ary route to be advertis ed by other areas. If network num bers are c ontigu ous, you can use the area ra nge rou[...]
-
Seite 652
32-29 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring OS PF Configuring Other OSPF Parameters Y ou can option ally confi gure other OSPF parameters in router conf iguration mode. • Route summa rization: When redist ributing routes fr om other pr otocols as d[...]
-
Seite 653
32-30 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring OSPF Changing LSA Gro up Pa cing The OSPF LS A gr oup pa cing featur e a llows the router to gr oup OSPF L SAs and pac e the refr eshing, check- summi ng, and a ging functions f or mo re efficient rout er use .[...]
-
Seite 654
32-31 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Config uring OS PF T o return to the default v alue, u se the no timers lsa-gr oup-pacing ro uter c on figurat ion co mma nd . Configurin g a Lo opback In terface OSPF uses the highest IP address configured on the inter[...]
-
Seite 655
32-32 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing EIG R P Configuring EIGRP Enhanc ed IGRP (E IGRP) is a Cisco p rop rieta ry enha nce d vers ion of the IGRP . E IGR P use s t he sa me dista nce v ector algo rithm and d istance informa tion as IGRP; ho wev er[...]
-
Seite 656
32-33 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring EIGRP • Arbitr ary route s ummari zation. • EIGRP scal es to larg e networks . EIGRP has these fo ur bas ic c omponen ts: • Neighbor di scovery and recovery is the process th at routers use to dynamic [...]
-
Seite 657
32-34 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing EIG R P Default EIGRP Configuration T ab le 32-7, Part 1 sho ws the defa ult EIGRP config uration. T able 32-7 , P ar t 1 Def ault EIGRP Conf igur ation Feature D e fault Se tting Auto summa r y Enabled. Sub p[...]
-
Seite 658
32-35 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring EIGRP T o create an EIGRP rout ing process, yo u must enable EIGRP and asso ciat e networks. EIG RP sends updates to the interf aces in the specif ied networks. If you do not specify an interface netw ork, i[...]
-
Seite 659
32-36 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing EIG R P Configuring EIGRP Interfaces Other o pt iona l E IGRP pa rame ter s c an b e configure d on a n in terfa ce bas is. Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf igure EIGRP interf[...]
-
Seite 660
32-37 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring EIGRP Configuring EIGRP Route Authentication EIGRP r oute aut hent ic ati on pr ovides MD 5 au th ent ica tion o f rou tin g upda tes fr om the EIG RP rout ing protocol to prev ent the introdu ction of unaut[...]
-
Seite 661
32-38 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Monitoring and Maintaining EIGRP Y o u can de lete nei ghbors fr om the neighbo r tabl e. Y ou can a lso di splay various EIG RP routing stati stics. T ab le 32-8 list s the privileged E X EC c omm an ds[...]
-
Seite 662
32-39 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP Figur e 32-4 EBGP , IBGP , and Multiple A ut onomous S yst ems Before exch anging in format ion with an external AS, BGP en sures that ne tworks wi thin the AS c an be reached by defining inte rnal BGP p[...]
-
Seite 663
32-40 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP BGP V e rsion 4 suppo rts cla ssless inte rdomain ro uting (C IDR) so you can reduc e the size of you r routi ng table s by creat ing ag gregate rout es, res ulti ng in superne ts . CIDR eliminates the c[...]
-
Seite 664
32-41 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP BGP confede ration iden tif ier/peers • Identifie r: Non e conf igured . • Peers: Non e identif ied. BGP Fa st ex ternal f allo ver Enabled . BGP loc al prefere nce 100 . The ra nge is 0 to 4294 9672[...]
-
Seite 665
32-42 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Enabling BGP Routing T o e nable BGP r outing, you establis h a BGP rou ting proc ess and define the lo cal network. Be cause BGP must completel y recognize the relationship s with its neighbors, you mus[...]
-
Seite 666
32-43 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP The sw itc h supp ort s th e use of pr ivate AS num ber s, usual ly a ssign ed by ser vic e prov ide rs and given to systems whose r outes a re not advertised to external n eighbor s. Th e private AS nu [...]
-
Seite 667
32-44 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Use the no router bgp au tonomous-syste m globa l configura tion com mand to remove a BGP AS. Use the no network ne twork-n umbe r router co nfiguration comma nd to remove the network from t he BGP table[...]
-
Seite 668
32-45 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP Managing Routing Polic y Change s Routing pol icies fo r a peer i nclude al l the con figurations tha t might affec t inb ound or ou tboun d routi ng table u pdates. Wh en you have defined two rout ers a[...]
-
Seite 669
32-46 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Configuring BGP Decision Attributes When a BGP speak er receiv es updates f rom multiple autonomous systems th at describe dif ferent paths to the sa me destination, it must cho ose the singl e best path[...]
-
Seite 670
32-47 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP 9. Prefer the route that ca n be reac hed thro ugh the cl osest IG P nei g hbor (t he lowest IGP metric). This means tha t the router will prefer the shortest internal p ath within t he AS to re ach the [...]
-
Seite 671
32-48 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Use the no form of ea ch comma nd to return t o the defau lt stat e. Configuring BGP Filtering with Route Maps W ithin B GP , ro ute m aps c an be used to cont ro l a nd t o m odif y routin g i n forma t[...]
-
Seite 672
32-49 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP Configuring BGP Filtering by Neighbor Y ou can filter BGP adv ertisements by using AS-path fil ters, such as the as-path access-li st glob al configurat ion c omm and an d th e neighbor filt er - list ro[...]
-
Seite 673
32-50 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Configuring Prefix Lists for BGP Filtering Y ou can use pr efix lists as an alternati v e to access lis ts in man y BGP route f iltering commands, in cluding the neighbor dist rib ute-list route r config[...]
-
Seite 674
32-51 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP T o delete a pref ix list and a ll of its entries, use the no ip pref ix-list list-name global co nfiguration command. T o delete an entry from a pr efix list, us e the no ip pre fix- list seq seq-value [...]
-
Seite 675
32-52 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Beginn ing in pri vilege d EXEC mode, follo w th ese steps to create and to apply a commu nity list: Configur ing BGP Ne igh bors and P e er Gr oups Often m any BGP ne ighbo rs are c onfigured wi th t he[...]
-
Seite 676
32-53 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP Beginning in privileged E XEC mo de, use thes e c omma nds to con figure B GP pee rs: Command Purpo se Step 1 co nfi gure terminal En ter glob al configurat ion mode . Step 2 r o uter bgp autonomous-syst[...]
-
Seite 677
32-54 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP T o disable an exis ting B GP nei ghb or or ne ighb or pee r g rou p, use the neighbor shutdown router configurat i on comm and. T o enab le a previously exist ing neig hbor or nei g hbor pee r group tha[...]
-
Seite 678
32-55 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP T o delete an ag gre gate en try , u se the no aggregate-address addr e ss mask r outer c onfiguration comma nd. T o return opt ions to th e def ault v alues, use the co mmand with ke ywor ds. Configurin[...]
-
Seite 679
32-56 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Configuring BG P Route Reflectors BGP requ ires tha t all of the IB GP speake rs be ful ly mesh ed. When a rout er rece i ves a ro ute from an ext ernal nei ghbor , it must adv ertise it to all internal [...]
-
Seite 680
32-57 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring BGP Configurin g Route Damp enin g Route f l ap da mp enin g is a B GP fe at ure de signed to min imize t he p rop agati on of f l apping rout es acro ss an interne twork. A rou te is considered to be flappi[...]
-
Seite 681
32-58 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Conf igu rin g BGP Monitoring and Maintaining BGP Y ou can remo ve all c ontents of a p articular c ache, table, or databa se. This might be n ecessary wh en the contents of the partic ular structu re hav e become or are s[...]
-
Seite 682
32-59 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring Multi-VRF CE Configuring Multi -VRF CE V irtua l Priv a te Networks (V PNs) provide a secu re way for custom ers to share ba ndwidth over an ISP backbon e network . A VPN is a colle ction of sites sharin g a[...]
-
Seite 683
32-60 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring Mul ti-VRF CE sites partic ipate in the same VPN. Each V PN is m apped to a specif ied VRF . A fter learnin g local VPN rout es from CEs, a PE ro uter excha nges VPN rou ting infor matio n with other PE rou ter[...]
-
Seite 684
32-61 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring Multi-VRF CE This is the packet-fo rwarding proce ss in a multi- VRF-CE-enabled netwo rk: • When the switch rece i ves a packe t from a VPN , the sw itch looks up the routing table based on the input pol i[...]
-
Seite 685
32-62 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring Mul ti-VRF CE • Multi-VRF CE lets multip le customer s share t he same p hysical link between t he PE and t he CE. T r unk ports with multiple VLANs separate packets among customers. Each customer has its own[...]
-
Seite 686
32-63 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring Multi-VRF CE Use t h e no ip vrf vrf-name global con figu ration command to delete a VRF and to remov e all inter faces from it. Use the no ip vrf f or warding inter face c onf igura tion comm and to remo v [...]
-
Seite 687
32-64 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Use t he no r o uter ospf pr ocess-id vrf vrf-nam e global con figuration c ommand t o disass ociat e the V PN forwarding table from the OSPF routing p rocess. Configuring BG P PE to CE Routing Se[...]
-
Seite 688
32-65 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring Multi-VRF CE Figur e 32-6 Multi-VRF CE Conf igur ation Example Configur ing Switch A On Switch A, enable routing and conf igure VRF . Switch# configure terminal Enter configuration commands, one per line. En[...]
-
Seite 689
32-66 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Switch(config)# interface gigabitethernet1/0/5 Switch(config-if)# switchport trunk encapsulation dot1q Switch(config-if)# switchport mode trunk Switch(config-if)# no ip address Switch(config-if)# [...]
-
Seite 690
32-67 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Configuring Multi-VRF CE Switch(config-router)# address-family ipv4 vrf vl1 Switch(config-router-af)# redistribute ospf 1 match internal Switch(config-router-af)# neighbor 38.0.0.3 remote-as 100 Switch(config-router-af)[...]
-
Seite 691
32-68 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Router(config-vrf)# exit Router(config)# ip cef Router(config)# interface Loopback1 Router(config-if)# ip vrf forwarding v1 Router(config-if)# ip address 3.3.1.3 255.255.255.0 Router(config-if)# e[...]
-
Seite 692
32-69 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Confi guring Protocol -Ind ependent Fe atures Configuring Proto col-Independ ent Features This secti on descri bes how to configure IP routing pro tocol -independ ent fea tures. For a comp lete descript ion of the I P r[...]
-
Seite 693
32-70 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s detail pri vileged EXE C comm and ca n be u seful t o debug soft ware-f orwarded traffic. T o enabl e CEF o n an interf ace for the softw are-forw arding path, use the ip rout[...]
-
Seite 694
32-71 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Confi guring Protocol -Ind ependent Fe atures Use the no maximum-paths router con figurati on comm and to rest ore the de fault value. Configuring Static Unicast Routes Static uni cast rout es are use r-d ef ined route [...]
-
Seite 695
32-72 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Static rout es tha t po int to an int erfac e a re a dver tised t hrough RI P , IGR P , and oth er dy nami c r outi ng protocol s, w heth er o r n ot sta tic re d is t r i bu [...]
-
Seite 696
32-73 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Confi guring Protocol -Ind ependent Fe atures When default in format ion is passed th rough a dy namic ro uting pro tocol, no fur ther con figuration i s required. The system pe riodically scans its routing table to cho[...]
-
Seite 697
32-74 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Beginning in privileged EXEC mo de, follow these steps t o con f ig ur e a route map for redistribution : Comma nd Pu rpos e Step 1 conf igure t erminal Enter glob al configur[...]
-
Seite 698
32-75 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Confi guring Protocol -Ind ependent Fe atures T o delete an entry , use the no route-map map tag global c onfiguration c ommand or the no match or no set route- map con f igurati on comm ands. Y o u can distri bute rout[...]
-
Seite 699
32-76 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Beginn ing in pr i vilege d EXEC mode, follo w these steps to contro l route redistrib ution. No te that the keywords are the same as defined in th e previous proce dure. T o [...]
-
Seite 700
32-77 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Confi guring Protocol -Ind ependent Fe atures W ith PBR, you class ify traf fic usi ng access con trol list s (A CLs) and then mak e traf fic go thr ough a dif ferent path. PBR is appl ied to inco ming pack ets. All pa [...]
-
Seite 701
32-78 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Enabling PBR By default, PBR is d isable d on t he sw itch. T o ena ble PBR, y ou mu st create a r oute m ap tha t sp eci fies the match crite ria and the resulting actio n if[...]
-
Seite 702
32-79 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Confi guring Protocol -Ind ependent Fe atures Use the no route-map map-tag g l obal configura tio n com ma nd or t he no match or no set rou te-ma p conf iguratio n commands to delete an entry . Use the no ip policy r o[...]
-
Seite 703
32-80 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Beginn ing in pri vileg ed EXEC mode, follo w these steps to conf igure passi ve interfac es: Use a net work monit oring privileged EXEC co mman d such as show ip ospf interf [...]
-
Seite 704
32-81 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Confi guring Protocol -Ind ependent Fe atures Use the no distr ibute-list in router con fi guratio n command to ch ange or c ancel a f ilter . T o cancel suppressi on of ne twork a dvertise ment s in u pdat es, u se the[...]
-
Seite 705
32-82 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Managing Authen tication Keys Ke y manageme nt is a meth od of co ntrolling a uthent ication keys used by routing protoc ols. Not all protocol s can use key manageme nt. Authe[...]
-
Seite 706
32-83 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unic as t Rou ting Monitoring and Maintaining the IP Network Monitoring and Maintaining the IP Network Y o u can remove all conte nts of a parti cular cache, ta ble, or data base. Y ou can al so display spe cific statistics. Use the pri v[...]
-
Seite 707
32-84 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 32 Configuring IP Unicast Routing Monito rin g and Mai nt aining th e IP Ne twork[...]
-
Seite 708
C HAPTER 33-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 33 Configuring HSRP This ch apter descr ibes how to us e Hot Sta ndby Router Protoco l (HSRP) on th e Cisco ME 34 00 Etherne t Access sw itch to provi de ro uti ng redu ndancy f or ro uti ng IP traffic witho ut be ing de pend en t on the av ailab ility of [...]
-
Seite 709
33-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Unders tan din g H SRP HSRP provides hi gh network availability by providing redundan cy for IP traff ic fro m hosts on ne tworks. In a gr oup o f r oute r inter fac es, th e ac tive router is th e rou ter of cho ic e f or ro utin g pack[...]
-
Seite 710
33-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Unde rsta ndi n g HS RP Figur e 33-1 T ypical HSRP Configur ation Multiple HSRP The switch sup ports Mu ltip le H SRP (MHSRP), an e xten sio n of HSRP that a llo ws load sharing betw een two or more HSRP gr oups. Y ou can c onfigure MHSR[...]
-
Seite 711
33-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Configuring HSRP Figu re 33- 2 M HSR P Load Sharing Configuring HSRP These sec tions co ntain this configura tion info rmat ion: • Default HS RP Configuration , page 33-4 • HSRP Configur ation G uide lin es, pa ge 33 -5 • Enab lin [...]
-
Seite 712
33-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Configur ing HSR P HSRP Configuration Guidelines Foll ow these guide lines when con figurin g HSRP: • HSRP ca n b e co nfigur ed on a m ax imum o f 32 VL AN or r out ing in te rface s. • In the procedu res, the specif ied interface m[...]
-
Seite 713
33-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Configuring HSRP Use the no standby [ gr oup- number ] ip [ ip- addr ess ] inte rfa ce co nfigurat ion c omm and to disa ble HS RP . This example shows ho w to activ ate HSRP fo r group 1 on a port . The IP a ddress use d by the hot stan[...]
-
Seite 714
33-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Configur ing HSR P • The hig hest number ( 1 to 255 ) represe nts the hi ghest prior ity (most likely t o become the ac tiv e router ). • When setting the prio rity , preempt, or both, you must specify at least one ke ywor d ( priori[...]
-
Seite 715
33-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Configuring HSRP Use the no standby [ gr oup-numbe r ] priority priority [ preempt [ delay delay ]] and no standby [ gr oup-num ber ] [ priority p riority ] pr eempt [ delay delay ] interface conf igurati on commands to restore def ault [...]
-
Seite 716
33-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Configur ing HSR P Configuring MHSRP T o enable M HSRP and lo ad ba lancing, you co nfigure two rou ters as ac tiv e routers for thei r groups, w ith virtual rou t ers as st andby rout ers. This exam ple shows ho w to en ab le the MHSRP [...]
-
Seite 717
33-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Configuring HSRP Beginning in privileged EXE C mo de , us e on e o r m ore of t hes e ste ps to c onfigu re H SRP au then t ica tio n and ti mers on an interf ace: Use the no standby [ gr oup- number ] authenti cati on string interfac e[...]
-
Seite 718
33-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Displaying HSRP Configu rations Enabling HS RP Sup port for ICMP Redirect M essage s IC M P ( In t e r ne t C o n tr o l Me s sa g e P r o to c o l ) redirect messages are automatically enab led on interfaces configured with HSRP . Th i[...]
-
Seite 719
33-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 33 Configuring HSRP Displaying HSRP Configu rations[...]
-
Seite 720
C HAPTER 34-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 34 Configuring IP M ulticast R outing This c hapt er d escri b es how to c onfigure IP mul tica st ro ut ing on the Cisco ME 3 400 Et herne t A cce ss switch . IP multicas ting is a more ef fic ient way to use network resour ces, especi ally for bandwidt h[...]
-
Seite 721
34-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Unders tan ding Cisco ’ s Im plement at ion of IP Mu lticast Rout in g Understandin g Cisco’s Imp lementati on of IP Multicast Ro uting The swit ch supports these protocols to implem ent IP multic ast routin g: • In[...]
-
Seite 722
34-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Unde rstanding Cisco’s Implementa tion of IP Multicast Routing IGMP Version 1 IGMP V ersion 1 (IGMPv1) p rimar ily u ses a q u ery-r esponse m o del th at e nab les the m u ltica st r oute r and multilaye r switch to [...]
-
Seite 723
34-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Unders tan ding Cisco ’ s Im plement at ion of IP Mu lticast Rout in g PIM Modes PIM can oper ate in dense mode (DM), sparse mode (SM), o r in sparse- dense m ode ( PIM DM -SM), which hand les both spars e groups and de[...]
-
Seite 724
34-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Unde rstanding Cisco’s Implementa tion of IP Multicast Routing switch es to a stati cal ly conf igu red RP th at wa s def ined with the ip pim r p-addr ess global configura tion command. If no staticall y conf igured [...]
-
Seite 725
34-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Unders tan ding Cisco ’ s Im plement at ion of IP Mu lticast Rout in g Some multica st routing protocols m aintain a separate multicast r outing table and use it for the RPF check. Howe ver , PIM uses the unica st routi[...]
-
Seite 726
34-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring IP Multicast Routing Configuring IP Multicast Routing These sec tions co ntain this configura tion info rmat ion: • Default Mu lticast Routing Con f igura tion, page 34-7 • Multicast Routing Conf igu rat[...]
-
Seite 727
34-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng PIMv1 and PIMv2 Interop erability The Cisco PIMv2 implementat ion prov ides interoperability and transition between V e rsion 1 and V e rsion 2 , altho ugh there might be some min [...]
-
Seite 728
34-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring IP Multicast Routing • If you have non-Cisco PIMv2 routers that ne ed to inter operat e with Cisco PIMv1 ro uter s and multilaye r switches, bo th Auto-RP and a BSR are required. W e recommend that a Cisco[...]
-
Seite 729
34-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o disable multicasting, use the no ip multic ast-routing distribut ed gl obal configura tion com mand. T o return to the def ault PIM v ersion, use the no ip pim version interfa[...]
-
Seite 730
34-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring IP Multicast Routing Manually Assigning an RP to Multicast Groups This se cti on expla ins how to manu al ly co nfigure an RP . If t he RP f or a group i s le a rned thro ugh a dynami c me cha nis m (suc h [...]
-
Seite 731
34-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o remov e an RP address , use the no ip pi m rp-addre ss ip-addr ess [ access-l ist-number ] [ override ] global configurat ion comm and. This example shows ho w to configure th[...]
-
Seite 732
34-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring IP Multicast Routing Adding A uto-RP t o an Existing Sparse-Mode Cloud This sec tion contains some suggestio ns for the initial de ployment of Auto-RP i nto an e xisting sparse-mod e cloud to minimize disru[...]
-
Seite 733
34-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o remove the PIM device configur ed as t h e cand id ate R P , u se the no ip pim send-rp-announce interface- id global configu ration c omma nd. T o rem ove the sw itch as the [...]
-
Seite 734
34-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring IP Multicast Routing Filtering Incoming RP Announcement Messa ges Y o u can ad d configur ation comma nd s to t he mapping agen ts to prevent a malici ously con figured ro uter from masq uera ding as a cand[...]
-
Seite 735
34-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng This exam ple sh ows a samp le configur ati on on a n Au to -RP ma pp ing a gen t that i s us ed to prevent candida te RP annou ncements from be ing accep ted from unau thorize d [...]
-
Seite 736
34-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring IP Multicast Routing T o remov e the PIM bord er , use the no ip pim bsr -border interf ace conf iguration comm and. Figur e 34-2 Constr aining PIM v2 BSR Me ssag es Defini ng the IP Multi cast Bou ndary Y [...]
-
Seite 737
34-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o remove the bounda ry , use th e no ip multicast boundary in terface conf igura tion comman d. This e xample sho ws a portion of an IP multicast boundary configu ration that de[...]
-
Seite 738
34-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring IP Multicast Routing This examp le shows ho w to configu re a candida te BSR, whi ch uses the IP a ddress 1 72.21.24. 18 on a p ort as the adv ertised BSR addr ess, uses 30 bits as th e hash-ma sk-len gth, [...]
-
Seite 739
34-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o remo ve this de vice as a cand idate RP , use th e no ip pim rp-candidate interface-id global configurati on comm a nd. This e x ample sho ws how to conf igure t he switch to [...]
-
Seite 740
34-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Confi guring Ad vanced P IM Feat ures Monitoring the RP Mapping Information T o monitor the RP mapping information, use th ese commands in pri vileged EXEC mode: • show i p pim bsr displays infor mation about the ele[...]
-
Seite 741
34-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Configur ing Advan ced PIM Fea tures Figur e 34-3 Shar e d T re e and Sour ce T ree (Shor test -P ath T re e) If the d ata r ate warr an ts , le af rou ters (r oute rs with out any downst ream c onn ect ions) o n th e sh[...]
-
Seite 742
34-23 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Confi guring Ad vanced P IM Feat ures Delaying the Use of PIM S hortest-Path Tree The ch ange from shar ed to sour ce tr ee ha ppens wh en the first da ta packe t arrives at the las t-hop rou ter (Route r C in Figur e [...]
-
Seite 743
34-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Configur ing Advan ced PIM Fea tures T o return to the default setting, use the no ip pim spt-thre shold { kbps | infinity } global co nfigurati on comm and. Modifying th e PIM R outer-Query Mes sage Interval PIM routers[...]
-
Seite 744
34-25 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring Optional IGMP Features Configuring Optio nal IGMP Features These sec tions co ntain this configura tion info rmat ion: • Default IG MP Configurat ion, pa ge 34-25 • Configuring the Swi tch as a Me mber [...]
-
Seite 745
34-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con f i gur ing Op ti o n a l IG M P Fea tu res Beginn ing in pr i vilege d EXEC mode, follo w these steps to conf ig ure the switch to be a m ember of a group. T his pro cedu re is opti onal. T o cancel mem bersh ip in [...]
-
Seite 746
34-27 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring Optional IGMP Features T o disable gro ups on an interfa ce, use the no ip igmp access-g roup interfac e conf iguration comman d. This exampl e shows ho w to configure hosts attache d to a port as able to j[...]
-
Seite 747
34-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con f i gur ing Op ti o n a l IG M P Fea tu res T o return to the default setting, use the no ip igmp v ersion inter face con fig urat ion comman d. Modifying th e IGMP Host-Qu ery Messa ge In terval The switch pe riodic[...]
-
Seite 748
34-29 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring Optional IGMP Features Changing the IGMP Q uery Timeo ut for IGMPv 2 If you are usi n g IGMPv 2 , you can spe cify the p eriod of time bef ore the swit ch takes over as the que rier for the interf ace. By d[...]
-
Seite 749
34-30 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Con f i gur ing Op ti o n a l IG M P Fea tu res T o return to the default setting, use the no ip igmp query-max -resp onse-time interf ace conf igurati on comm and. Configurin g the Switc h as a S tatically C onnected Me[...]
-
Seite 750
34-31 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring Optional Multicast Routing Features Configuring Optio nal Multicast Routin g Feature s These sections describe how to configur e optional multicast rou ting features: • Configuring sd r L ist ener Sup por[...]
-
Seite 751
34-32 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Configur ing Optiona l Multic as t Routing Feat ures Limiting How Long an sdr Cache Entry Exists By default, en tries are ne ver deleted from the sdr cache . Y ou can limit ho w long the entry remains acti ve so that if [...]
-
Seite 752
34-33 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Configuring Optional Multicast Routing Features Figur e 34-4 A dministr atively -Scope d Boundar ies Y o u can d efine an ad minist rativ e ly-sco ped b oundary on a routed inter face for m ultica st group addr esses. [...]
-
Seite 753
34-34 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Mon i tor in g an d Mai nt a in in g IP M ultic as t Rou ting T o remove the bounda ry , use th e no ip multicast boundary in terf ace conf igura tion comman d. This example shows ho w to set up a bounda ry for all ad mi[...]
-
Seite 754
34-35 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Mu ltic ast Routing Monitoring and Maintaining IP Multicast Routing Y o u can displ ay i n forma tio n to le ar n r esour ce u t iliz ation a nd solve ne twork p rob lem s. Y ou can al so display i nformation a bout node r eachability and[...]
-
Seite 755
34-36 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 34 Configuring IP Multicast Routing Mon i tor in g an d Mai nt a in in g IP M ultic as t Rou ting[...]
-
Seite 756
C HAPTER 35-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 35 Configuring MSDP This ch apter descr ibes ho w to conf igure the Multicas t Source Disco very Proto col (MSDP) on the Cisco ME 3400 Ethe rnet Access sw itch. The MSDP co nne ct s multip le Pro toco l-In de pende nt Mu ltic ast sparse-m ode (PIM-S M) dom[...]
-
Seite 757
35-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Unders tan din g MSDP MSDP Operation Figure 35-1 sho ws MSDP operati ng bet ween two MSD P peers . PIM uses MSD P as the st andard mechanis m to re gister a so urce with the RP of a domain. When MSDP is co nf igured, th is sequen ce oc[...]
-
Seite 758
35-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Understandi ng MSDP Figur e 35-1 MSDP Running Be tween RP P eers MSDP Benefits MSDP has these benef its: • It break s up the shared mu lticast distr ib ution tree. Y ou can mak e the shar ed tree lo cal to your domain. Y our local memb[...]
-
Seite 759
35-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Conf igu ring M SDP Configuring MSDP These sec tions co ntain this configura tion info rmat ion: • Default MS DP Configurati on, page 35-4 • Configuring a D efault MSD P Pe er, page 35 -4 (r equire d) • Cachin g Sour ce -Ac tive [...]
-
Seite 760
35-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Configuring MSDP Figur e 35-2 Def ault MSDP P eer Netw or k Beginning in pr i vileged EXEC mode, fo llow these step s to specify a de fault MSDP peer . This procedur e is required. ISP A PIM domain ISP C PIM domain SA Router A Switch B 1[...]
-
Seite 761
35-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Conf igu ring M SDP T o remov e the def ault peer , use the no ip msdp default-peer ip- ad dress | name globa l c on figuration comm and. This exam ple shows a partia l co nfiguration of Ro uter A and Ro uter C in F igure 3 5-2 . Each [...]
-
Seite 762
35-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Configuring MSDP Beginn ing in pri vileged EXE C mode, follo w these steps to enab le the c aching of source /group pairs. This procedur e is optional. Note An alternati v e to this co mmand is th e ip msdp sa-re quest globa l configurat[...]
-
Seite 763
35-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Conf igu ring M SDP Requestin g Source Info rmation fro m an MSDP Peer Local RPs can send SA r eq uests and ge t i mmed iat e r esponse s f or a ll act ive sources fo r a given group. By default, the swi tch does no t se nd any SA r eq[...]
-
Seite 764
35-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Configuring MSDP Redistributing Sources SA message s ori ginat e on RPs to which sou rces have registered. By defau lt, a ny sour ce that regist ers with an RP is adv ertised. The A fl ag is s et in the RP wh en a source is re g ister ed[...]
-
Seite 765
35-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Conf igu ring M SDP T o remove th e filte r , use the no ip msdp redi stribut e globa l c onfigurati on com ma nd. Step 3 access-list access-list- number { deny | permit } sourc e [ sour ce -wi ldca r d ] or access-list access-list- n[...]
-
Seite 766
35-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Configuring MSDP Filtering Source- Active R equest Messages By default, only switc hes tha t are ca ch in g SA informa tion can respon d to SA req uests. By def ault, such a switch honor s all SA reque st messages fr om its MSDP peers a[...]
-
Seite 767
35-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Conf igu ring M SDP Controlling Source Information that Your Switch Forwards By def ault, the switch forw ards all SA messages i t recei ves to all its MSDP pee rs. Ho we ver , you can prev ent o utgoi n g me ssag es fr om bei ng forw[...]
-
Seite 768
35-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Configuring MSDP T o remove th e filte r , use the no ip msdp sa-f ilter out { ip- ad dress | nam e } [ list access-list-number ] [ ro ut e -m a p map- tag ] glo bal configurat ion com ma nd. This e xample sho ws how to allo w only ( S,[...]
-
Seite 769
35-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Conf igu ring M SDP Using TTL to Limit the Multicast Data Sent in SA Messages Y ou can use a TTL v alue to co ntrol what data is en capsula ted in th e fir st SA messag e for e v ery sour ce. Only mu lticast pa ckets w ith an IP- head[...]
-
Seite 770
35-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Configuring MSDP Beginn ing in pri vilege d EXEC mode, follo w th ese steps to apply a f ilter . This procedure is optional. T o remove th e filte r , use the no ip msdp sa-filt er in { ip-address | name } [ list access-list- number ] [[...]
-
Seite 771
35-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Conf igu ring M SDP Config ur ing an MS DP Mes h Gr ou p An MSDP me sh gro up is a gro up of M SDP spea kers tha t hav e fully me shed MSDP c onnect i vity amo ng one anot her . A ny SA messages re ceived from a peer in a mesh group a[...]
-
Seite 772
35-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Configuring MSDP Beginning in privileged EXEC mo de, f ollow these step s to shut down a peer . This pro cedure is o ptiona l. T o bring the pe er back up , use the no ip msdp shutdown { peer -name | peer address } glob al conf iguratio[...]
-
Seite 773
35-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Conf igu ring M SDP Note that the ip msdp originator -id global conf iguration command also identif ies an inter face to be used a s the RP addr ess. If both the ip msdp border sa-addr ess and t he ip msdp originator -id glob al confi[...]
-
Seite 774
35-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 35 Configuring MSDP Monitoring and Maintaining MSDP Monitoring and Maintaining MSDP T o monitor MSD P SA messages , peers, sta te, or peer status, use one or more of the privileged EXEC comm ands in Ta b l e 3 5 - 1 : T o clear MSDP conne ctions, stati sti[...]
-
Seite 775
35-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chap ter 35 Configur ing MSDP Monito rin g and Maint ain ing MSDP[...]
-
Seite 776
C HAPTER 36-1 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 36 Troubleshooting This chapter descr ibes ho w to identify and resolv e software pro blems relat ed to the Cisco IOS software on the Cisco ME 3 400 switch. Y ou can use the comm and-line in terfa ce (CLI) to id entify and solve pr oblems. Additional troub[...]
-
Seite 777
36-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Recovering f rom Corrupt ed Software By Using the Xmode m Protocol Recovering fro m Corrupte d Softwa re By Using the Xmodem Protocol Switch software can be cor ru pted du ring an up grade , by downloadin g the wr ong file to the swi tc[...]
-
Seite 778
36-3 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Recovering fr om a Lost or Forgot ten Password Step 6 Press the break k ey , an d at th e sam e time , reco nnect t he po wer cord to the switch . Y o u can rel ease the bre ak key a second or two after t he LED ab ove port 1 goes off. [...]
-
Seite 779
36-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Recoveri ng f rom a Lost or F org otten Pass word The C isco ME swi tch boo t load er use s br eak- key dete ction to stop the a ut oma tic boot seque nc e for the password r ecovery purpo se. Note The break ke y character is di f feren[...]
-
Seite 780
36-5 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Recovering fr om a Lost or Forgot ten Password • If you see a messag e that begins wit h this: The password-recovery mechanism has been triggered, but is currently disabled. proceed to th e “Procedure w ith Password Recovery Disable[...]
-
Seite 781
36-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Recoveri ng f rom a Lost or F org otten Pass word Step 7 A t th e sw itch pr om pt, en ter privileged EXE C m ode: Switch> enable Step 8 Rename the conf iguration f ile to its original name: Switch# rename flash: config.text.old flas[...]
-
Seite 782
36-7 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Recovering fr om a Lost or Forgot ten Password Procedure w ith Password R ecovery Dis abled If the p assword-rec overy mechanism is disabled, this message appears : The password-recovery mechanism has been triggered, but is currently di[...]
-
Seite 783
36-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Preventing Autone gotiati on M ismatche s Step 6 En ter glob al configur ation mode : Switch# configure terminal Step 7 Cha nge the password: Switch (config)# enable secret password The secre t passwo rd can b e from 1 to 25 alphan umer[...]
-
Seite 784
36-9 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng SFP Module Security and Identification SFP Module Security and Iden tification Cisco small form -factor plugga ble (SFP) mo dules have a serial EEPRO M that contai ns the modu le serial number, the v endor na me and I D, a unique securi[...]
-
Seite 785
36-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Using P in g Using Ping These se ctions conta in this inf ormation: • Understa ndin g Ping , page 36 -10 • Using Ping, pa ge 3 6-1 0 Understand ing Ping The Ci sco M E swit ch sup por ts I P pi ng , w hich yo u can use t o test co [...]
-
Seite 786
36-11 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Using Ping All Softwa re Ver sions For all softw are image s for th e Cisco ME swit ch, you can us e a Layer 3 service policy to enab le pings from the switch to a host connecte d to a UN I. Note For a sw itc h ru nnin g the m etro IP [...]
-
Seite 787
36-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Using P in g IP Routing and SVI IP rout ing is onl y suppor ted on UN Is w hen t he switc h is ru nning t he m etr o IP a cce ss im age . Y o u can use this con figuration to ena ble IP ro uting and e nable pings fro m an SVI t o a hos[...]
-
Seite 788
36-13 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Using Layer 2 Tr aceroute Summary Keep these guideli nes in mind while pingi ng: • IP routing is a v ailable only with the metro IP access image and is disable d by defa ult. • T o pi ng a host in a di fferent IP subnetwor k from t[...]
-
Seite 789
36-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Using La ye r 2 Tracer oute Layer 2 Tracerou te Usage Gu idelines These a re the Layer 2 trac eroute usag e guideli nes: • Cisco Discovery Protocol (CDP) must be enabled on a ll the devices in the ne twork. For Layer 2 tracero ute t [...]
-
Seite 790
36-15 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Using IP Traceroute Displaying the Physical Path Y o u can displa y the physic al path tha t a packet takes fro m a sourc e device to a destinat ion device by using on e of the se pr ivileged EXE C c omma nds: • tracet route mac [ in[...]
-
Seite 791
36-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Using I P Trac eroute port-unreachable error to the so urce. Be cause all errors e xcept por t-unre achable errors co me from intermediate hops, t he receip t of a port-unreac hable er ror means th at this message wa s sent b y the des[...]
-
Seite 792
36-17 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Usin g TD R T o end a trace in pr ogress , enter the escape seque nce ( Ctrl- ^ X by default ). Simu ltane ously pr es s and release th e Ctrl , Shif t , and 6 keys , and then pres s the X key . Using TDR These se ctions conta in this [...]
-
Seite 793
36-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Using D ebug Command s Using Debug Commands These sec tions explains how you use debug comma nds to di agnose an d reso l ve int erne twork ing problems: • Enab ling D e bugging o n a Spe cific Fea ture , page 36- 18 • Enab ling A [...]
-
Seite 794
36-19 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Using the show platf orm forwa rd Command Enabling All-Sy stem Diag nostics Beginn ing in pri vileged EXE C mode, ent er this comm and to enabl e all-system d iagnostics: Switch# debug all Cautio n Because debugging ou tput ta kes prio[...]
-
Seite 795
36-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Using the s how pl atform fo rward Com m and This is an example of t he output from the s h ow p l a tfo rm fo r w a r d com mand on Giga bit Ethe rnet port 1 in VLAN 5 wh en the pac ket ente ring that port is addr essed t o unknown MA[...]
-
Seite 796
36-21 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troublesho oti ng Using the show platf orm forwa rd Command ------------------------------------------ Packet 1 Lookup Key-Used Index-Hit A-Data OutptACL 50_0D020202_0D010101-00_40000014_000A0000 01FFE 03000000 Port Vlan SrcMac DstMac Cos Dscpv Gi0/2 00[...]
-
Seite 797
36-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Chapter 36 Troubl eshoot ing Using t he c rashinfo File Using the crashinfo File The crashinfo f ile sav es information that helps Cisco technical support repr esentati v es to debug problems t ha t c aused t he Cisco IO S imag e to f ail (cr ash). T he swi tch wr[...]
-
Seite 798
A- 1 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 APPEND IX A Supported MIBs This a ppend ix lis ts t he supp orte d mana geme nt i nfor ma tio n base (MIBs) f or t his r ele as e on t he Cisco ME 3400 E thernet Access switc h. It cont ains thes e se ctions: • MIB List, pa ge A-1 • Usin g F TP to Acce ss th e [...]
-
Seite 799
A- 2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendi x A Suppor ted MIBs MIB Li st • CISCO- L2L3 -INT ERF A CE-CON FIG-M IB • CISCO-LAG-MIB • CISCO-MAC-NO TI FICA TION-MIB • CISCO- MEM OR Y -POO L-M IB • CISCO-P A E-MIB • CISC O- P AGP-MI B • CISCO-PING-MIB • CISCO- POR T -QO S-MIB • CISCO-P[...]
-
Seite 800
A-3 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix A Support ed MIBs Using FTP to Access the MIB Files • RFC1213-MIB (Fun ctionality is as per the agent capabilities specified in the CISCO-RFC1 213-CAP A BILITY .my .) • RFC1253-M IB (OSPF-MIB) • RMON-M IB • RMON2-MIB • SNMP -FRAM EWOR K-MIB • S[...]
-
Seite 801
A- 4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendi x A Suppor ted MIBs Using FTP t o Acces s the MIB Fi le s[...]
-
Seite 802
B-1 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 APPEND IX B Working with the Cisco IOS File System, Configuration Files, an d Software Images This ap pendix descr ibes how to ma nipula te the Cisco ME 3400 Ethern et Ac cess swit ch flas h file system, how to copy configurati on files, and h ow to archive (upload [...]
-
Seite 803
B-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working w it h t he F lash File Sy st em Displaying Available File Systems T o di splay the available file s ystem s o n your sw itch , use t he show file systems pri vi[...]
-
Seite 804
B-3 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with the Flash File System Setting the Default File System Y ou can specif y the f ile system o r direct ory that the system uses a s the def ault file syst[...]
-
Seite 805
B-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working w it h t he F lash File Sy st em Creating and Rem oving Directo rie s Beginning i n privileged E XEC mo de , fol low th ese s tep s t o cr ea te an d re move a d[...]
-
Seite 806
B-5 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with the Flash File System Some in valid combin ation s of source and dest inatio n exist. Specificall y , you cannot copy these comb inat ion s: • From a[...]
-
Seite 807
B-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working w it h t he F lash File Sy st em Creating a tar File T o create a ta r f ile and w rite f iles into it, use this pri vileged EX EC command: ar chiv e tar /cr eat[...]
-
Seite 808
B-7 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with the Flash File System This e xample shows h ow to display the contents of a switch tar f ile that is in flash memory: Switch# archive tar /table flash:[...]
-
Seite 809
B-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working w ith Con figuration Files Working with Configuration Files This sec tion describes h o w to crea te, load, and mainta in conf iguratio n file s. Configuration f[...]
-
Seite 810
B-9 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Configuration Files Note Th e co py { ftp: | r cp: | tftp: } system:running-conf ig pri vileged EXEC co mmand loads t he conf igura tion f iles on the [...]
-
Seite 811
B-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working w ith Con figuration Files Copying Configuration Files By Using TFTP Y o u can configure th e switch by using co nfiguration files you cr eate, download fro m a[...]
-
Seite 812
B-11 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Configuration Files Step 3 Lo g in to the s witc h th rou gh the conso le por t or a T eln et sess ion. Step 4 Download the c onfigu ration f ile f ro[...]
-
Seite 813
B-12 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working w ith Con figuration Files When you c opy a co nfigurati on file fro m th e switc h t o a s er ver by usin g FT P , th e Ci sco I OS sof t ware sends the fir st[...]
-
Seite 814
B-13 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Configuration Files Downloading a Configura tion File By Using FTP Beginn ing in pri vile ged EXEC mode, follo w these steps to do wnloa d a config ur[...]
-
Seite 815
B-14 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working w ith Con figuration Files Uploading a Configuration File By Using FTP Beginn ing in pr iv ileged EXEC mode, f ollo w these steps to upload a c onfig uration f [...]
-
Seite 816
B-15 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Configuration Files Copying Configuration Files By Using RCP The RCP provide s another method of downloadi ng, uplo ading, a nd copyin g configuration[...]
-
Seite 817
B-16 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working w ith Con figuration Files • When you upload a f ile to the RCP server , it must be pr operly conf igur ed to acc ept the RCP write request fro m the user on [...]
-
Seite 818
B-17 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Configuration Files This exam ple sh ows how to specify a rem ote us er name of netadmi n1 . Then it copies th e conf iguration fil e host2-con fg fro[...]
-
Seite 819
B-18 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working wi th Soft ware Images This e x ample sho ws how to store a star tup conf iguration f ile on a server: Switch# configure terminal Switch(config)# ip rcmd remote[...]
-
Seite 820
B-19 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Software Images Y o u upload a swi tch image f ile to a TFT P , FTP , or RCP server for ba ckup purpo ses. Y ou can u se this uploaded image fo r futu[...]
-
Seite 821
B-20 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working wi th Soft ware Images Note Disr egard the st ack ing_ numbe r field. It does n ot app ly to the swi tch. Copying Imag e Files By Us ing TF TP Y ou can do wnloa[...]
-
Seite 822
B-21 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Software Images Preparing to Download or Uploa d an Image File By Using TFTP Before yo u begin dow nload ing or uplo ading an i mage file by using TFT[...]
-
Seite 823
B-22 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working wi th Soft ware Images The do wnload algori thm veri fies that th e image is appropriate for the switch model and that enough DRAM is prese nt, or it abor ts th[...]
-
Seite 824
B-23 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Software Images Uploading an Image File By Using TFTP Y ou can upload an image f rom the switc h to a TFTP serv er . Y ou can la ter do wnload this im[...]
-
Seite 825
B-24 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working wi th Soft ware Images Preparing to Download or Uploa d an Image File By Using FTP Y o u can copy ima ges files to or from an FTP server . The FTP pr otoc ol r [...]
-
Seite 826
B-25 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Software Images Downloading an Image File By Using FTP Y ou can do wnload a n ew image f ile and o ver write the curren t image or k eep the curr ent [...]
-
Seite 827
B-26 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working wi th Soft ware Images The do wnload algori thm veri fies that th e image is appropriate for the switch model and that enough DRAM is prese nt, or it abor ts th[...]
-
Seite 828
B-27 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Software Images Uploading an Image File By Using FTP Y ou can upload an image from the switch to an FTP serv er . Y ou can later down load this image [...]
-
Seite 829
B-28 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working wi th Soft ware Images Copying Image Files By Using RCP Y ou can do wnload a sw itch imag e fro m an RCP serv er or upload the im age from the swit ch to an RCP[...]
-
Seite 830
B-29 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Software Images Before yo u begin dow nload ing or upload ing an image file b y using RCP , do these tasks: • Ensure that the wor kstat ion acting a[...]
-
Seite 831
B-30 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working wi th Soft ware Images The do wnload algori thm veri fies that th e image is appropriate for the switch model and that enough DRAM is prese nt, or it abor ts th[...]
-
Seite 832
B-31 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix B Workin g w ith the Cisco I OS File System, Conf igurati on F il es , and Softwa re Images Working with Software Images The alg orithm instal ls the downloaded image ont o the system boa rd flas h device (flash:). The imag e is placed into a ne w di rect[...]
-
Seite 833
B-32 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix B Working with the Cisco IOS File System , Co nfigurat ion Files, and S oftware Imag es Working wi th Soft ware Images The a rc hive upl oad-sw pri vileged EXE C command b uilds an image f ile on t he serve r by u ploading thes e fi les in order: in fo, th[...]
-
Seite 834
C-1 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 APPEND IX C Unsupported Co mmands in Cisco IOS Release 1 2.2(25) EX This app endix lists som e of the co mmand-line in terface (CLI) comm ands that ap pear when y ou enter t he question mark ( ?) a t t he C isco M etro Et herne t ( ME) 340 0 Et hern et Ac cess swi t[...]
-
Seite 835
C-2 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix C Unsupported C o mmands in Cisc o IOS Release 12.2 (2 5)EX Unsupp ort ed Debug Com m a nds Unsupported Interface Configuration Commands arp probe ip probe pr oxy Unsupported De bug Command s debug platf o rm cli-r edir ection ma in debug p latform c onfigu[...]
-
Seite 836
C-3 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix C Unsupp orted Com mands in Cisco IOS Re lease 12.2(25)E X Interface Command s Interface Command s Unsupporte d Privileged E XEC Co mmands show in terfac es [ interface-id | vlan vlan -id ] [ crb | fair -queue | irb | mac-acco unting | precede nce | irb | [...]
-
Seite 837
C-4 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix C Unsupported C o mmands in Cisc o IOS Release 12.2 (2 5)EX IP Unicas t Rou ti ng Unsupporte d Global Con figuratio n Commands All ip dvmrp commands ip pim accept- rp { addr ess | auto -rp } [ gr oup-access- list-numb er ] ip pim message-interv al seconds i[...]
-
Seite 838
C-5 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix C Unsupp orted Com mands in Cisco IOS Re lease 12.2(25)E X IP Unicast Routing show ip bgp dampene d-paths show ip bgp i nconsistent-as show i p bgp re gexp r e gula r e xpr es sion show i p pref ix-list r e gul ar e xpr ession Unsupporte d Global Con figur[...]
-
Seite 839
C-6 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix C Unsupported C o mmands in Cisc o IOS Release 12.2 (2 5)EX IP Unicas t Rou ti ng Unsupporte d BGP Router Co nfiguration Command s address-family vpn v4 default-inf ormation originate neighbor advert ise-map neighbor allo was -in neighbor default -originate[...]
-
Seite 840
C-7 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix C Unsupp orted Com mands in Cisco IOS Re lease 12.2(25)E X MAC Address C ommands MAC Address Comman ds Unsupporte d Privileged E XEC Co mmands show mac-addr ess-table show mac-addr ess- table addr ess show mac-addr ess-table aging-ti me show mac-addr ess- [...]
-
Seite 841
C-8 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix C Unsupported C o mmands in Cisc o IOS Release 12.2 (2 5)EX MSDP Unsupporte d Privileged E XEC Command s ar chiv e config remote command all sho w archi v e conf ig sho w archi v e log show cabl e-diagnostics prbs test cable-diagnostics prbs Unsupporte d sh[...]
-
Seite 842
C-9 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Append ix C Unsupp orted Com mands in Cisco IOS Re lease 12.2(25)E X QoS QoS Unsupporte d Global Con figuratio n Commands priority-list Unsupported Interface Configuration Commands priority-gr oup RADIUS Unsupporte d Global Con figuratio n Commands aaa nas port exte[...]
-
Seite 843
C-10 Cisco ME 3400 Et hernet Access Switch Software Configuratio n Guide 78-17058-01 Appendix C Unsupported C o mmands in Cisc o IOS Release 12.2 (2 5)EX VLAN VLAN Unsupporte d Global Con figuratio n Commands vlan internal alloca tion policy { ascending | descending } Unsupported Us er EXEC C ommands show running-conf ig vlan show vlan if index[...]
-
Seite 844
IN-1 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 INDEX A abbrev iati ng comm ands 2-3 ABRs 32-24 acces s-class comman d 28- 19 acces s control entries See ACEs access-de nie d res pons e, VM PS 11-23 access group s applyi ng IPv4 AC Ls to inte rface s 28-20 Layer 2 28-20 Layer 3 28-20 access lists See ACLs acces [...]
-
Seite 845
Index IN-2 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 ACLs ( continue d) logging m e ssages 28-8 MAC ex tended 28-26 matc hing 28-7, 28-20 monitori ng 28-39 named, IP v4 28-14 port 28-2 prece denc e of 28-2 QoS 30-10 resequenc ing entr ies 28-14 router 28-2 rout er ACLs and VLA N map conf igur ation guideline s [...]
-
Seite 846
Inde x IN-3 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 ARP config uring 32-8 defined 1-3, 5-28, 32-8 enca psul ation 32-9 static ca che conf igurat ion 32-8 table address resolution 5-28 managing 5-28 ASBRs 32-24 AS-path f ilters, BGP 32-49 assured for war ding, DSCP 30-8 asymmet rica l l inks, and IE EE 802 .1Q[...]
-
Seite 847
Index IN-4 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 BGP (conti nued) enab lin g 32-42 monitori ng 32-58 multipat h support 32-46 neighbors, typ es of 32-42 path selection 32-46 peers, co nfig uring 32-53 prefix filt e ring 32-50 resetting sessions 32-45 route da mpenin g 32-57 route ma ps 32-48 route re flect [...]
-
Seite 848
Inde x IN-5 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 CDP (conti nued) Layer 2 pro tocol tunneling 13-8 monitoring 22- 5 overvi ew 22-1 support fo r 1-3 transmission timer and holdtime, setting 22-2 update s 22-2 CEF defined 32-69 enab lin g 32-70 child policies, QoS 30-20 CIDR 32-54 Cisco C onfig urati on Engi[...]
-
Seite 849
Index IN-6 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 comm and m ode s 2-1 comm ands abbrev iating 2-3 no and defaul t 2-4 commands, set ting privile ge levels 7-8 community li st, BGP 32-52 comm unity port s 12-3 communi ty strings config uring 27-8 overvi ew 27-4 community VLANs 12-2, 12-3 compatibilit y, feat[...]
-
Seite 850
Inde x IN-7 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 config uring mar king in input policy map s 30-41 congest ion avoi dance, QoS 30-2, 30-24 congest ion manage ment, QoS 30-2, 30-18 connec tions, se cure rem ote 7-38 connec tiv ity probl ems 36-10, 36-13, 36-15 console p ort, conn ec ti ng t o 2-9 convent io[...]
-
Seite 851
Index IN-8 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 default conf igur ati on (con tin ued) SPAN 24-10 STP 14-11 system message logging 26-3 system name and prompt 5-15 TACACS+ 7-13 UDLD 23-4 VLAN, La yer 2 Ethe rnet in terfa ces 11-16 VLANs 11-7 VMPS 11-24 default gatew ay 3-10, 32-11 default net wor ks 32-72 [...]
-
Seite 852
Inde x IN-9 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 DHCP sno oping b indi ng da tab ase (cont inu ed) bindings 18-5 clearin g agent stat istics 18-12 config urati on guidelin es 18-8 config uring 18-12 default conf igur ati on 18-7 deleting binding f il e 18-12 bindings 18-12 databa se agen t 18-12 describe d[...]
-
Seite 853
Index IN- 10 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 dynami c addresse s See ad dresses dynamic ARP inspection ARP cache poison ing 19-1 ARP re quest s, de scri bed 19-1 ARP spoof ing att ack 19-1 clearin g log buffer 19-15 statistics 19-15 config urati on guidelin es 19-6 config uring ACLs for non- DHC P env[...]
-
Seite 854
Inde x IN- 11 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 enviro nment va riabl es, functi on of 3-16 equal-cost routin g 1-7, 32-70 error me ssages dur ing comm and entr y 2-4 EtherC hannel 802. 3ad , descri bed 31-6 automatic c reation of 31-4, 31-6 chan nel group s binding physi cal and logic al interfa ces 31[...]
-
Seite 855
Index IN- 12 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 F features, in compatible 21-11 FIB 32-69 fiber- optic, de tecting uni direc tional links 23-1 files copying B- 4 cras hinfo descript ion 36-22 displaying t he contents of 36-22 location 36-22 deleting B-5 displaying t he contents of B-7 tar crea ting B-6 d[...]
-
Seite 856
Inde x IN- 13 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 history chan ging t he b uff er si z e 2-5 describe d 2-4 disabling 2-5 recal ling co mman ds 2-5 history t able , leve l a nd numbe r of sy slog messag es 26-9 host ports config uring 12-12 kinds of 12-3 hosts, limit on dynami c ports 11-28 Hot Standb y R[...]
-
Seite 857
Index IN- 14 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 IGMP (c onti nued ) deleting cache entries 34-34 displaying gr oups 34-35 fast switching 34-30 flooded multic ast traffic contro llin g f lo oding ti me 20-11 disabli ng on an interf ace 20-12 global le ave 20-11 query solicitation 20-11 recove ring fr om f[...]
-
Seite 858
Inde x IN- 15 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 input polic y maps classifica tion criteria 30-4 config urati on guidelin es 30-35 config uring 30-35 displaying stat istics 30-55 interfac e number 9-7 range ma cros 9-10 interfac e comman d 9-7 interfac e config uration mode 2-2 interfac es config urati [...]
-
Seite 859
Index IN- 16 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 IP multica st routing (continued) Auto-RP adding to an existi ng sparse-m ode cloud 34-13 benefit s o f 34-12 clearin g the ca che 34-34 config urati on guidelin es 34-8 filtering incomin g RP announcement messages 34-15 overvi ew 34-4 preventi ng can dida [...]
-
Seite 860
Inde x IN- 17 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 IP routin g connect ing interfaces with 9-7 disabling 32-18 enab lin g 32-17 IP source gua rd and 802.1x 18-15 and DHCP sno oping 18-13 and Ethe rChan nels 18-15 and port se curit y 18-15 and pr ivate VLANs 18-15 and rou ted ports 18-15 and TC AM entries 1[...]
-
Seite 861
Index IN- 18 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 IP unicast rou ting (conti nued) rever se address resolutio n 32-7 routed po rt s 32-3 static routing 32-2 steps to config ure 32-3 subnet ma sk 32-5 subnet zero 32-6 supernet 32-6 UDP 32-14 with SVIs 32-3 See also BGP See also E IGRP See also OSPF See also[...]
-
Seite 862
Inde x IN- 19 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Layer 2 trac erou te and AR P 36-14 and CD P 36-14 broa dcas t tra ffic 36-13 describe d 36-13 IP addresse s and sub nets 36-14 MAC addresses and VLANs 36-14 multicas t traffic 36-14 mul tiple devi ces on a por t 36-14 unicast traf fic 36-13 usage gu ideli[...]
-
Seite 863
Index IN- 20 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 manage ment acce ss in-band CLI session 1-4 SNMP 1-4 out-of- band consol e port co nnectio n 1-4 manageme nt options CLI 2-1 CNS 4-1 overvi ew 1-3 markin g action with agg regate policer s 30-39 describe d 30-2, 30-12 match co mmand , QoS for cla ssi ficati[...]
-
Seite 864
Inde x IN- 21 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 monito ring ( cont inue d) traffic fl owi ng am ong sw itch es 25-1 traffic suppr es sion 21-17 tunneling 13-18 VLAN filters 28-40 maps 28-40 VLANs 11-14 VMPS 11-27 MQC process 30-3 steps to config ure 30-3 MSDP benefit s o f 35-3 clearin g MSDP connecti o[...]
-
Seite 865
Index IN- 22 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 MSTP, conf igurin g (continue d) root switch 15-14 seco ndary r oot switc h 15-16 switch p riority 15-19 CST defined 15-3 operati ons between re gions 15-3 default conf igur ati on 15-12 defau lt option al featur e configur ation 16-5 displaying sta tus 15-[...]
-
Seite 866
Inde x IN- 23 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 multi-VRF CE config urati on exam ple 32-64 config urati on guidelin es 32-61 config uring 32-61 default conf igur ati on 32-61 defined 1-14, 32-59 displaying 32-68 monitoring 32- 68 network c omponent s 32-61 packet -for warding pro cess 32-61 support fo [...]
-
Seite 867
Index IN- 24 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 NTP (continu ed) synchroniz ing devic es 5-6 time services 5-2 synchroniz ing 5-2 O Open Shortest Path First See OSPF optimizing syst em resour ces 6-1 options , manage ment 1-3 OSPF area pa rame ters, co nfigu ring 32-27 config uring 32-26 default conf igu[...]
-
Seite 868
Inde x IN- 25 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 perform an ce f eat ur es 1-2 per-V LAN spanni ng-tree plus See PVST+ PE to CE routin g, config uring 32-64 physica l p orts 9-2 PIM default conf igur ati on 34-7 dense m ode overvi ew 34-4 rendezvou s p oint ( RP), d escribe d 34-4 RPF lookups 34-6 displa[...]
-
Seite 869
Index IN- 26 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 port-based authenticatio n, configuring (conti nued) RADIUS server parame ters on the switch 8-12 switch-to-client fram e-retransmissio n number 8-15, 8-16 switch-to-client retransmission time 8-15 default conf igur ati on 8-9 describe d 8-1 device role s 8[...]
-
Seite 870
Inde x IN- 27 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 primar y VLAN s 12-2, 12-3 priority HSRP 33-6 priority co mmand 30-15 configurin g strict priority queuing 30-48 for QoS schedul ing 30-18 for s trict priori ty que uing 30-22 priority policin g, described 30-15 priority queu es config uring 30-48 describe[...]
-
Seite 871
Index IN- 28 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 Q QoS aggreg ate policer s 30-14 and MQC 30-1 basic mo del 30-2 CBWFQ 30-21 CBWFQ, con figuring 30-44 class-based shaping , described 30-19 classification ACL look up 30-10 bas ed on CoS va lue 30-7 bas ed on D SCP 30-8 base d on IP prec edence 30-8 based o[...]
-
Seite 872
Inde x IN- 29 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 QoS (conti nued) pack et cla ssific atio n 30-2 packet markin g 30-16 pack et polic ing 30-2 parent-c hild hi erarc hy 30-20 policers config uring 30-37, 30-40, 30-51 describe d 30-12 policing aggreg ate 30-14 describe d 30-2, 30-12 individu al 30-13 prior[...]
-
Seite 873
Index IN- 30 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 rapid PVST+ 802.1Q tru nking intero perability 14-10 describe d 14-9 instances supported 14-10 Rapid Span ning Tree Proto col See RSTP RARP 32-8 RCP config urati on files dow nloa ding B-16 overvi ew B-15 prep aring the server B-15 uploadin g B-17 image fi [...]
-
Seite 874
Inde x IN- 31 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 RIP advertisements 32- 18 authenti cation 32-21 config uring 32-19 default conf igur ati on 32-19 describe d 32-18 hop coun ts 32-18 split horizon 32-22 summary addr esses 32-22 support fo r 1-7 RMON default conf igur ati on 25-3 displaying sta tus 25-6 en[...]
-
Seite 875
Index IN- 32 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 RSTP active topolog y 15-6 BPDU format 15-9 processing 15-10 designat ed po rt, de fine d 15-6 designated swi tch, defi ned 15-6 interoper ability with 802.1D describe d 15-5 restar ting migr ation proc ess 15-22 topolo gy chan ges 15-10 overvi ew 15-6 port[...]
-
Seite 876
Inde x IN- 33 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 shape av erage co mmand, QoS 30-18, 30-20, 30-46 shaped roun d ro bin See SRR show access- lists hw-s ummar y comm and 28-21 show and mor e comm and outp ut, filte ring 2-8 show cdp t raffic comman d 22-5 show confi gurat ion comm and 9-19 show forw ard co[...]
-
Seite 877
Index IN- 34 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 snooping , I GMP 20-1 softw a re i m ag es location in flas h B-1 9 recove ry proc edures 36-2 sche duli ng r eload s 3-17 tar fi le for mat, de scr ibed B-19 See also down loadi ng and uplo ading source ad dresses, i n IPv4 ACLs 28-11 source- and-d est ina[...]
-
Seite 878
Inde x IN- 35 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 statistics IEEE 8 02. 1x 8-19 CDP 22-5 interfac e 9-23 IP multica st routing 34-34 OSPF 32-31 RMON group Et herne t 25-6 RMON group hist ory 25-5 SNMP input an d output 27-16 sticky l ear ning 21-9 storm contr ol config uring 21-3 describe d 21-1 disabling[...]
-
Seite 879
Index IN- 36 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 STP (continued) loop gu ar d describe d 16-4 enab lin g 16-9 modes sup port ed 14-9 multi cast addres ses, ef fec t of 14-8 option al featur es suppor ted 1-4 overvi ew 14-2 path costs 11-21, 11-22 Port Fast describe d 16-2 enab lin g 16-5 port prioritie s [...]
-
Seite 880
Inde x IN- 37 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 system clock See also NT P system message logging default conf igur ati on 26-3 defining err or messa ge se veri ty level s 26-8 disabling 26-3 displaying t he c on figur ation 26-12 enab lin g 26-4 facility keywo rds, described 26-11 level key word s, des[...]
-
Seite 881
Index IN- 38 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 templates, SDM 6-2 Terminal Access Contr oller Ac cess C ontrol Sy stem Plus See TACACS+ terminal lines, setting a password 7-6 TFTP config urati on files dow nloa ding B-10 prep aring the server B-10 uploadin g B-11 config uration fi les in base dire ctory[...]
-
Seite 882
Inde x IN- 39 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 trunks allowed-V LAN list 11-17 load sharing setting STP path costs 11-21 using STP port priori ties 11-20 nati ve VL AN fo r un tagge d tr affic 11-19 paralle l 11-21 tunneling defined 13-1 IEEE 8 02. 1Q 13-1 Layer 2 pro tocol 13-8 tunnel p or ts defined [...]
-
Seite 883
Index IN- 40 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 uploadin g ( cont inued) image fi les prep aring B-21, B-24, B-28 reasons for B- 19 using FTP B-27 using RC P B-31 using T FTP B-23 User D ata gram Pr otoc ol See UDP user EXE C mode 2-2 usern ame-base d authentic ation 7-7 user network i nterface See UNI V[...]
-
Seite 884
Inde x IN- 41 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01 VLANs (contin ued) modifyin g 11-9 multicas t 20-16 native, c on figur ing 11-19 normal-r ange 11-1, 11-3 number supp orted 1-5 parame ters 11-3 port m embe rship mode s 11-4 static-access ports 11-10 STP and 802.1Q trunks 14-10 supported 11-3 traff ic bet[...]
-
Seite 885
Index IN- 42 Cisco ME 3400 E thernet Access Switch Software Configurati on Guide 78-17058-01[...]