Cisco Systems 2950 manual
- Consulta online o descarga el manual de instrucciones
- 674 páginas
- 18.88 mb
Ir a la página of
manuales de instrucciones parecidos
-
Switch
Cisco Systems N6KC600496Q
74 páginas 1.6 mb -
Switch
Cisco Systems GSR12-CSC=
14 páginas 0.45 mb -
Switch
Cisco Systems 4000
46 páginas 1.39 mb -
Switch
Cisco Systems OL-6157-01
82 páginas 2.51 mb -
Switch
Cisco Systems N5KC5596TFA
122 páginas 1.66 mb -
Switch
Cisco Systems SE1500
22 páginas 11.15 mb -
Switch
Cisco Systems 6503
19 páginas 0.52 mb -
Switch
Cisco Systems ESW 500
442 páginas 6.71 mb
Buen manual de instrucciones
Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones Cisco Systems 2950. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica Cisco Systems 2950 o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.
¿Qué es un manual de instrucciones?
El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual Cisco Systems 2950 se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.
Desafortunadamente pocos usuarios destinan su tiempo a leer manuales Cisco Systems 2950, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.
Entonces, ¿qué debe contener el manual de instrucciones perfecto?
Sobre todo, un manual de instrucciones Cisco Systems 2950 debe contener:
- información acerca de las especificaciones técnicas del dispositivo Cisco Systems 2950
- nombre de fabricante y año de fabricación del dispositivo Cisco Systems 2950
- condiciones de uso, configuración y mantenimiento del dispositivo Cisco Systems 2950
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas
¿Por qué no leemos los manuales de instrucciones?
Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de Cisco Systems 2950 no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de Cisco Systems 2950 y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico Cisco Systems en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de Cisco Systems 2950, como se suele hacer teniendo una versión en papel.
¿Por qué vale la pena leer los manuales de instrucciones?
Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo Cisco Systems 2950, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.
Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual Cisco Systems 2950. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.
Índice de manuales de instrucciones
-
Página 1
Americas Headquarters Cisco Systems, In c. 170 West Tasman Drive San Jose, CA 951 34-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553-NETS (638 7) Fax: 408 527-0883 Catal yst 2950 and Catal yst 2955 S witc h S of tw are Conf iguration Guide Cisco IOS Release 12.1(22)EA1 1 and Later Marc h 20 08 Text Part Number: OL -10101-02[...]
-
Página 2
THE SPECIFICATION S AND INFORMATION RE GARDING THE PRODU CTS IN THIS MANU AL ARE SUBJECT T O CHANGE WITHOUT N OTICE. ALL STATEMENTS , INFORMATION , AND RECOMMEN DATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSI BILITY FOR THEIR APPLICATION OF ANY PR[...]
-
Página 3
iii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 CONTENTS Preface xxvii Audience xxvii Purpose xxvii Conventi ons xxviii Related Publica tions xxix Obtaining Documentation and Submitting a Serv ice Request xxx CHAPTER 1 Overview 1-1 Features 1-1 Ease of Deployment and Ease of Us e 1-2 Performance 1-3 Manageabil[...]
-
Página 4
Contents iv Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 CHAPTER 2 Using the Command-Line Interface 2-1 Cisco IOS Command Modes 2-1 Getting Help 2-3 Abbreviating Command s 2-4 Using no and default Forms of Commands 2-4 Understanding CLI Messages 2-5 Using Command History 2-5 Changing the Co mmand History Buffer S[...]
-
Página 5
Contents v Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring Alarm Profiles 3-9 Creating o r Modifying an Alarm Profi le 3-9 Attaching an Alarm Profile to a Speci fic Port 3-10 Enabling SNMP Traps 3-11 Displaying Catalyst 2955 Switch Alarms Statu s 3-11 CHAPTER 4 Assigning the Switch IP Ad dress and Defa[...]
-
Página 6
Contents vi Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Event Service 5-3 NameSpace Mapper 5-3 What You Should Know About the CNS IDs and Dev ice Hostnames 5-3 ConfigID 5-4 DeviceID 5-4 Hostname and DeviceID 5-4 Using Hostname, DeviceID, and ConfigID 5-5 Understanding Cisco IOS Agents 5-5 Initial Configuration 5[...]
-
Página 7
Contents vii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 TACACS+ and RADIUS 6-13 LRE Profiles 6-13 Catalyst 1900 and Catalyst 2820 CLI Considerations 6-14 Using SNMP to Manage Switch Clusters 6-14 CHAPTER 7 Administering the Switch 7-1 Managing the System Time and Date 7-1 Understanding the Sys tem Clock 7-1 U[...]
-
Página 8
Contents viii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring MAC Address Notification Traps 7-21 Adding and Removing Static Address Entries 7-23 Configuring Unicast MAC Address Filtering 7-24 .Displaying Address Table Entries 7-25 Managing the ARP Table 7-26 CHAPTER 8 Configuring Switch-Based Authentica[...]
-
Página 9
Contents ix Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring RADIUS 8-19 Default RADIUS Configuration 8-20 Identifying the RADIUS Server Host 8-20 Configuring RADIUS Login Authentication 8-23 Defining AAA Server Groups 8-25 Configuring RADIUS Authorization for Us er Privileged Access and Network Serv ic[...]
-
Página 10
Contents x Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring IEEE 802.1x Authentication 9-12 Default IEEE 802.1x Authen tication Configuration 9-12 IEEE 802.1x Authentication Con figuration Guidelines 9-13 IEEE 802.1x Authentication 9-14 VLAN Assignment, Guest VLAN, and Restricted VLAN 9-14 Upgrading from [...]
-
Página 11
Contents xi Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring Media Types for Gigabit Ethernet Interface s on LRE Switches 10-13 Configuring IEEE 802.3x Flow Control on IEEE 80 2.3z Gigabit Ethernet Ports 10-13 Adding a Description fo r an Interface 10-14 Configuring Loopback Detection 10-15 Monitoring a[...]
-
Página 12
Contents xii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Using Rate Selection to Au tomatically Assign P rofiles 12-14 Precedence 12-15 Profile Locking 12-15 Link Qualification and SNR Margin s 12-16 Configuring LRE Link Persistence 12-19 Configuring LRE Link Monitor 12 -19 Configuring LRE Interleave 12-19 Confi[...]
-
Página 13
Contents xiii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring Spanning-Tree Feature s 13-10 Default Spanning-Tree Configuration 13-11 Spanning-Tree Configuration Guid elines 13-11 Changing th e Spanning-Tree Mode 13-12 Disabling Spanning Tree 13-13 Configuring the Root Switch 13-14 Configuring a Second[...]
-
Página 14
Contents xiv Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring the Root Switch 14-14 Configuring a Secondary Root Switch 14-15 Configuring the Port Priority 14-16 Configuring the Path Cost 14-17 Configuring the Switch Priority 14 -18 Configuring the Hello Time 14-19 Configuring the Forwarding-De lay Time 1[...]
-
Página 15
Contents xv Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Enabling Root Guar d 15-20 Enabling Loop Guard 15-20 Displaying the Spanning-Tree Status 15 -21 CHAPTER 16 Configuring VLANs 16-1 Understanding VLANs 16-1 Supported VLANs 16 -2 VLAN Port Membership Modes 16-3 Configuring Normal-Range VLANs 16-4 Token Ring[...]
-
Página 16
Contents xvi Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring VMPS 16-23 Understanding VMP S 16-23 Dynamic Port VLAN Membership 16-24 VMPS Database Config uration File 16-24 Default VMPS Client Configuration 16-25 VMPS Configuration Guid elines 16-25 Configuring the VMPS Client 16-26 Entering the IP Addre[...]
-
Página 17
Contents xvii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Enabling VTP Pruning 17-14 Adding a VTP Client Switch to a VTP Domain 17-14 Monitoring VTP 17-15 CHAPTER 18 Configuring Voice VLAN 18-1 Understanding Voice VLAN 18-1 Configuring Voice VLAN 18-2 Default Voice VLAN Configuration 18-2 Voice VLAN Configurat[...]
-
Página 18
Contents xviii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring IGMP Snooping 20-6 Default IGMP Snooping Configuration 20-7 Enabling or Disabling IGMP Snooping 20-7 Setting the Sno oping Method 20-8 Configuring a Multicast Router Port 20-9 Configuring a Host Statically to Join a Group 20-9 Enabling IGMP I[...]
-
Página 19
Contents xix Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Configuring Port Blocking 21 -5 Blocking Flooded Traffic on an Interface 21-5 Resuming Normal Fo rwarding on a Port 21-6 Configuring Port Security 21-6 Understanding Port Security 21-6 Secure MAC Addresses 21-6 Security Violations 21-7 Default Port Secur[...]
-
Página 20
Contents xx Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 CHAPTER 24 Configuring SPAN and RSPAN 24-1 Understanding SPAN and RSPAN 24-1 SPAN and RSPAN Concepts and Terminolo gy 24-3 SPAN Session 24-3 Traffic Types 24-3 Source Port 24-4 Destination Port 24-4 Reflector Port 24-5 SPAN Traffic 24-5 SPAN and RSPAN Inter[...]
-
Página 21
Contents xxi Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Disabling and Enabling Message Log ging 26-3 Setting the Mes sage Display Destination De vice 26-4 Synchronizing Log Messa ges 26-5 Enabling and Disabling Timestamps on Log Me ssages 26 -6 Enabling and Disabling Sequence Numbers in Log Messa ges 26-7 Def[...]
-
Página 22
Contents xxii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Creating Standard and Exte nded IP ACLs 28-7 ACL Numbers 28-7 Creating a Numbered Standard ACL 28-8 Creating a Numbered Extended ACL 28-10 Creating Named Standard and Extend ed ACLs 28-13 Applying Time Ranges to ACLs 28-14 Including Comments About Entries[...]
-
Página 23
Contents xxiii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Enabling Auto-QoS for VoIP 29-13 Displaying Auto-QoS Information 29-14 Auto-QoS Configuration Example 29-14 Configuring Standard QoS 29-16 Default Standard QoS Configuration 29-17 Configuration Guidelines 29-17 Configuring Classification Us ing Port Tr[...]
-
Página 24
Contents xxiv Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Configuring Layer 2 EtherChannels 30-9 Configuring EtherChannel Lo ad Balancing 30-11 Configuring the PAgP Learn Method and Priority 30-12 Configuring the LACP Port Priority 30-12 Configuring Hot Standby Ports 30-13 Configuring the LACP System Priority 30[...]
-
Página 25
Contents xxv Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 APPENDIX A Supported MIBs A-1 MIB List A-1 Using FTP to Access the MIB Files A-3 APPENDIX B Working with the Cisco IOS File System, Configuration Fi les, and Software Images B-1 Working with the Flash File System B-1 Displaying Available File Systems B-2[...]
-
Página 26
Contents xxvi Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 tar File Format of Images on a Server or .com B-19 Copying Image Files By Using TFTP B-20 Preparing to Download or Upload an Image File By Using TFTP B-20 Downloading an Image File By Using TFTP B-21 Uploading an Image File By Using TFTP B-22 Copying Imag[...]
-
Página 27
xxvii Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Preface Audience This guide is for the netw orking professi onal managi ng the Catalyst 29 50 and 2955 switches, hereafte r referred to as the switches . Before using this guide, y ou should ha ve e xperience working with the Cisco IOS and be famil iar with the[...]
-
Página 28
xxviii Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Preface • CLI command information—This gu ide provides an o vervie w for using the CLI. For complete syntax and usage informat ion about the commands th at hav e been specifically created or changed for the switches, see the command reference for th is relea[...]
-
Página 29
xxix Catalyst 2950 and Catalyst 2955 Swit ch Software Con figurat ion Guide OL-10101-02 Preface Related Publications These documents pro vide complete information about th e switch and are a v ailable from thi s Cisco.com site: http://www .cisco.com/en/US/ products/ps67 38/tsd_pro ducts_support_series_home.html http://www .cisco.com/en/US/ products[...]
-
Página 30
xxx Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Preface Obtaining Documentation and Submitting a Service Request For info rmation on obtaining documentatio n, submitting a service request, and g athering additional information, see the mont hly What’ s New in Cisco Pr oduct Documentation , which also li sts al[...]
-
Página 31
CH A P T E R 1-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 1 Overview This chapter p rovides these topics ab out the Catalyst 2950 and Catalyst 2955 switch software: • Features, page 1-1 • Management Options, page 1-9 • Network Confi guration Examples, p age 1-11 • Where to Go Next, page 1-24 Note In t[...]
-
Página 32
1-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Features Certain Cisco Long-Reach Ethern et (LRE) custom er premises equipment (CPE) devices are not supported b y certain Catalyst 2950 LRE switches. In Ta b l e 1-2 , Ye s means that the CPE is supported by the switch; No means that the CPE is[...]
-
Página 33
1-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Features – Accomplishing multiple conf iguration tasks from a single windo w without needing to remember command-line interface (CLI) commands to accomplish specif ic tasks. – Interacti ve guide mode that guides you in co nfiguring complex fe[...]
-
Página 34
1-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Features • Port blocking on forw arding unknown u nicast and multicast traf fic (av ailable only on the Catalyst LRE sw itches and on the Catalyst 2950G-12-EI, 295 0G-24-EI, 2950G-24-EI-D C, 2950G-48-EI, and 2955 switches) • Per- port broadc[...]
-
Página 35
1-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Features • Default conf iguration storage in flash memory to ensure that the switch can be connected to a network an d can forward tr af fic with minimal user intervent ion • In-band management access through the em bedded de vice manager thr[...]
-
Página 36
1-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Features VLAN Support • The switches support 250 po rt-based VLANs for assignin g users to VLANs associated with appropriate network r esources, traf fic patterns, an d bandwidth Note The Catalyst 2950-12, Catalyst 2950- 24, Cataly st 2950SX-2[...]
-
Página 37
1-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Features • IEEE 802.1x with wake-on-LAN to allo w dormant PC s to be powered on based on the receipt of a specific Ethernet frame • IEEE 802.1x with restricted VLAN to provide limited services to users who are IEEE 802.1x compliant, but do no[...]
-
Página 38
1-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Features Monitoring • Switch LEDs that sho w port and switch status • Switched Port Analy zer (SP AN) and Rem ote SP AN (RSP AN) fo r traf fic mo nitoring on an y port or VLAN Note RSP AN is av ailable only in the EI. • SP AN support of In[...]
-
Página 39
1-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Management Option s • Support for conf iguring the interleav e delay feature • Support for DC-inp ut po wer and compliance with the V DSL 997 band plan on Cataly st 2950ST -24 LRE 997 switc hes • Upstream po wer back-off mechanis m for norm[...]
-
Página 40
1-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Management Option s • SNMP—SNMP provides a means to monitor and control the switch an d switch cluster members. Y ou can manage switch conf iguration settings, perf or mance, and security and collect st atistics by using SNMP mana gement ap[...]
-
Página 41
1-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Network Configuration Examples This section pro vides network config uration concepts and includes e x amples of using the switch to create dedicated net work se gments and interconnect in g the se gments through [...]
-
Página 42
1-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Figure 1-1 sho w s conf iguration e x amples of using t he Catalyst switches to create these netw orks: • Cost-effecti ve wiring closet—A cost-effecti ve way to connect many users to th e wiring closet is to [...]
-
Página 43
1-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples – GigaStack GBIC module for crea ting a 1-Gb ps stack config uration of up to nine su pported switches. The GigaStack GBIC support s one full-duple x link (in a point-to- point conf iguration) or up to nine half[...]
-
Página 44
1-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Small to Medium-Sized Network Configuration Figure 1-2 sho w s a conf iguration for a netw ork that has up to 250 users. Users in this netw ork require e-mail, file-sharing, database, and Internet access. Y ou op[...]
-
Página 45
1-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Servers are connected to the GBIC module ports on th e switches, allo wing 1-Gbps throug hput to users when needed. When th e switch and server ports are configured fo r full-duplex o peration, the links provide 2[...]
-
Página 46
1-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Figur e 1 -3 Collapsed Bac kbone and Switc h Cluster Con figurati on Hotel Network Configuration Figure 1-4 sho ws Catalyst 2950ST -8 LRE and 2950ST -24 LRE switches in a ho tel network en vironment with approxim[...]
-
Página 47
1-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Note All telephones not di rectly connecte d to the hotel room CPE de vice require microfilters with a 300- ohm termination. Microf ilters improve v o ice call quality when voice and data equi pment are using the [...]
-
Página 48
1-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Figur e 1 -4 Netw or k Hotel Configur ation Service-Provider Central-Office Configuration Figure 1-5 sho ws the Catalyst 2950ST -24 LRE 997 switches in a service-prov ider central-off ice network en vironment. Th[...]
-
Página 49
1-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Y ou c an use a PO TS splitter to connect the switc h es to the CPE de vices. The splitter routes data (high-frequency) to a Catalyst 295 0 LRE switch and voice (lo w-freque ncy) traf fic from the telephone line t[...]
-
Página 50
1-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples Figur e 1 -5 Service Pr ovider Cen tral Of fice Configur ation Large Campus Configuration Figure 1-6 sho ws a configu ration for a netw ork of more than 1000 users. Because it can aggregate up to 130 Gigabit conn[...]
-
Página 51
1-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Figur e 1 -6 Larg e Campus Configuration Multidwelling Network Using Catalyst 2950 Switches A gro wing segment of resi dential and commerci al cu stomers are requiring hi gh- speed access to Ethernet metropolitan-[...]
-
Página 52
1-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Network Config uration Examples All ports on the residential Cata lyst 2950 and 29 55 switches (and Catalyst LRE switches if they are included) are conf igured as 802.1Q trunks with p rotected port and STP r oot guard features enabled. The prot[...]
-
Página 53
1-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 1 Overview Network Co nfiguration Examples Long-Distance, High-Bandwidth Transport Configuration Note T o use the feature described in this section, you must hav e the EI installed on your switch. Figure 1-8 sho ws a conf iguration for transporting 8 Gigab[...]
-
Página 54
1-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 1 Overvi ew Where to Go Next Where to Go Next Before conf iguring the switch, re view th ese sections for star t-up information: • Chapter 2, “Using t he Command-Line Interface” • Chapter 4, “ A ssigning the Swit ch IP Address and Default Gate wa[...]
-
Página 55
CH A P T E R 2-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 2 Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) that you can use to configure your Catalyst 2950 and Catalyst 2955. It contains these sect ions: • Cisco IOS Command Modes, page 2-1 • Getting Help[...]
-
Página 56
2-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Cisco IOS Command Modes Ta b l e 2-1 describes the main command modes, how to acce ss each one, the prompt you see in that mode, and ho w to exit th e mode. The examples in the tabl e use the host name Switc h . Ta b l e [...]
-
Página 57
2-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 2 Using th e Co mmand-Line Interface Getting Help Getting Help Y o u can enter a question mark (?) at the system prompt to display a list of commands a vailabl e for each command mo de. Y o u can also obta in a list of asso ciated keyw ords and arg uments f[...]
-
Página 58
2-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Abbreviating Command s Abbreviating Commands Y ou have to en ter only enough characters for the swit ch to recognize the co mmand as unique. This example sho ws how to enter the show conf iguration privileged EXEC command[...]
-
Página 59
2-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 2 Using th e Co mmand-Line Interface Understanding CLI Messages Understanding CLI Messages Ta b l e 2-3 lists some error messages that you mi ght encounter while u sing the CLI to conf igure your switch. Using Command History The software pro vides a histor[...]
-
Página 60
2-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Using Ed iting Features Recalling Commands T o recall commands from the history b uffer , perform one of the actions listed in Ta b l e 2-4 : Disabling the Command History Feature The command history feature is automatica[...]
-
Página 61
2-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 2 Using th e Co mmand-Line Interface Using Editing Feature s T o globally disable enhanced editin g mode, en ter this command in line con figur ation mode: Switch(config-line)# no editing Editing Commands through Keystrokes Ta b l e 2-5 sho ws the ke ystrok[...]
-
Página 62
2-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Using Ed iting Features Editing Command Lines that Wrap Y ou can use a wraparound feature for commands that extend b eyond a single line on the screen. When the cursor reaches the right margin, the command line shifts ten[...]
-
Página 63
2-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 2 Using th e Co mmand-Line Interface Searching and Filtering Outpu t of show and more Commands Use line wrapping w ith the command history feat ur e to recall and modify pre vious complex comman d entries. For inf ormation about recalling pre vious command [...]
-
Página 64
2-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 2 Using the Comman d-Line Interface Accessing the CLI[...]
-
Página 65
CH A P T E R 3-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 3 Configuring Catalyst 2955 Switch Alarms This section descri bes ho w to conf igure the di f ferent alarms for the Cata lyst 2955 switch . Note The alarms described in this chapte r are not av aila ble on the Catalyst 2950 sw itch. For complete syntax[...]
-
Página 66
3-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Understanding Ca talyst 2955 Switch Alarms Global Status Monitoring Alarms The Catalyst 2955 switch contains facilities for processing alarms related to temperat ure and power supply conditions. These are referred t[...]
-
Página 67
3-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Understanding Catalyst 2955 Switch Alarms Port Status Monitoring Alarms The Catalyst 2955 switch can al so monitor the status of the Ethernet ports and generate alarm messages based on the alarms listed in Ta b l e[...]
-
Página 68
3-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms • SNMP T raps SNMP is an applicat ion-layer protocol that pr ovides a message format for communication between managers and agents. The SNMP system consists of an SNMP manag[...]
-
Página 69
3-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms Configuring the Power Supply Alarm This section describes ho w to conf igure the po wer supply alarm on your switch. It contains this configuration information: • Setting t[...]
-
Página 70
3-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms T o disable sending the alarm to a relay , to syslog, or to an SNMP server , use the no alarm facility power -supply relay , no alarm facility power -supply notif ies , or no [...]
-
Página 71
3-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms Associating the Temperatur e Alarms to a Relay By default, the pr imary temperature alarm is a ssociated to the major rela y . Y ou can use the alarm facility temperature com[...]
-
Página 72
3-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms Setting the FCS Error Threshold The switch generates an FCS bit error rate alarm w h en the actual FCS bit erro r rate is close to the configured FCS bit error rate. Use the f[...]
-
Página 73
3-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms Use the no alarm facility fcs-hyst eresis command to set the FCS error hysteresis threshold t o its default va lu e . Note The show running conf ig command displays any FCS e[...]
-
Página 74
3-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Configuring Catalyst 2955 Switch Alarms This example creates or modifies the alarm profile fastE for the fastEthernetPo rt with link-do wn ( alarmList ID 3) and an FCS error rate of 30 percent ( alarmList ID 4) ala[...]
-
Página 75
3-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 3 Configur ing Catalyst 2955 Switch Alarms Displaying Catalyst 2955 Switch Alarms Status This example detaches an alarm profile named fastE from a port. Switch(config)# interface FastEthernet 0/2 Switch(config-if)# no alarm profile fastE Enabling SNMP Trap[...]
-
Página 76
3-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 3 Configuring Catalyst 2955 Switch Alarms Displaying Catalyst 2955 Switch Alarms Status[...]
-
Página 77
CH A P T E R 4-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 4 Assigning the Switch IP Address and Default Gateway This chapter describes how to creat e the initial switch conf iguration (for example, assign the switch IP address and default ga te way informatio n) for the Catalyst 2950 or Catalyst 2 955 switch [...]
-
Página 78
4-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information The boot loader provides access to the flash fi le syst em before the operating system is lo aded. Normally , the boot loader is used only to load, uncompress, and launch th[...]
-
Página 79
4-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information CLI-based setup program also allo ws you to configur e your switch as a comman d or member switch of a cluster or as a standalone switch. For more info rmation about the Exp[...]
-
Página 80
4-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Note The DHCP server feature i s only av ailable on Catalyst 2955 switches. During DHCP-based autoconf iguration, your switch (DHCP client) is a utomaticall y configured at [...]
-
Página 81
4-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information In a DHCPREQUEST broadcast message, the client returns a for mal request for the of fered configuration information to the DHCP serv er . The formal request is broadcast so [...]
-
Página 82
4-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information If you want the switch to recei ve IP address informat ion, yo u must configure the DHCP server with these lease options: • IP address of the client (required) • Subnet [...]
-
Página 83
4-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Configuring the DNS The DHCP server uses the DNS server to resolve the TFTP serv e r name to an IP address. Y ou must configure the TFTP serv er name-t o-IP address map on t[...]
-
Página 84
4-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Obtaining Configuration Files Depending on the a vailability o f the IP address a nd the conf iguration filename in the DHCP reserved lease, the switch obtains its confi gur[...]
-
Página 85
4-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Example Configuration Figure 4-3 shows a sample network for retrieving IP info rmation by using DHCP-based autoconfiguration . Figur e 4-3 DHCP -Base d A utoconfiguration Ne[...]
-
Página 86
4-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information switchb-confg switchc-confg switchd-confg prompt> cat network-confg ip host switch1 10.0.0.21 ip host switch2 10.0.0.22 ip host switch3 10.0.0.23 ip host switch4 10.0.0.[...]
-
Página 87
4-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Note The configur ation f ile that is downloaded from TFTP is mer ged with the switch es exist ing config uration in the running conf iguration and is not sa ved in the NVR[...]
-
Página 88
4-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Checking and Saving the Ru nning Configuration Note Y ou should only conf igure and ena ble the Layer 3 inte rface. Do not assign an IP address or DHCP-based autoconf iguration with a sa ved conf igura[...]
-
Página 89
4-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Modifying the Startup Configuration T o store the conf iguration or changes you ha ve made to your startup conf iguration in flash memory , enter the copy running-config start up-confi g privile ged EX[...]
-
Página 90
4-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Modifying the Star tup Configuration Specifying the Filename to Read and Write the System Configuration By default, the Cisco IO S software uses the f ile config .text to read and write a non volatile [...]
-
Página 91
4-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Modifying the Startup Configuration T o disable manual booting, use the no boot manual global conf iguration command. Booting a Specific Software Image By default, th e switch attempts to automatically[...]
-
Página 92
4-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Modifying the Star tup Configuration Controlling Environment Variables Y o u enter the boot loader mo de only through a switch console connection c onf igured for 9600 bp s. Unplug the switch po wer co[...]
-
Página 93
4-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Scheduling a Re load of the Software Image Ta b l e 4-5 describes the function of th e most common en vironment v a riables. Scheduling a Reload of the Software Image Y o u can schedule a reload of the[...]
-
Página 94
4-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Scheduling a Reload of the Software Image Note A scheduled reload must take pl ace within approxima tely 24 days. Configuring a Scheduled Reload T o config ure your switch to reload the softw are image[...]
-
Página 95
4-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Scheduling a Re load of the Software Image Displaying Scheduled Reload Information T o display information abou t a pre viously scheduled reload or to d etermine if a reload has been scheduled on the s[...]
-
Página 96
4-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 4 Assigning the Sw itch IP Address and Default Gateway Scheduling a Reload of the Software Image[...]
-
Página 97
CH A P T E R 5-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 5 Configuring Cisco IOS CNS Agents This chapter describes ho w to config ure the Cisco IOS CNS agents on the Cat alyst 2950 or Catalyst 295 5 switch.T o use the feature described in this chapter , you must ha ve the en hanced software image (EI) instal[...]
-
Página 98
5-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Understanding Cisc o Configuration Engine Software Figur e 5-1 Configuration En gine Arc hitect ural Overview These sections contain this conceptual information: • Config uration Service, page 5-2 • Event Service, pag[...]
-
Página 99
5-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Understanding Cisco Co nfiguration Engine Softw are The Configuration Service uses the CNS Event Service to send and recei ve conf iguration change e vents and to send success and fail ure notificatio ns. The configuration[...]
-
Página 100
5-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Understanding Cisc o Configuration Engine Software W ithin the scope o f a single ins tance of the conf igur ation serv er , no two conf ig ured switches can share the same v alue for Conf igID. W ithin the scope of a si [...]
-
Página 101
5-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Understanding Cisco IOS Age nts Using Hostname, DeviceID, and ConfigID In standalone mode, when a hostname value is se t for a switch, the conf iguration server uses the hostname as the DeviceID when an e vent is sent on h[...]
-
Página 102
5-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Understanding Cisco IOS Agents Figur e 5-2 Initial Config uration Overview Incremental (Partial) Configuration After the networ k is running, ne w services can be added by using the Cisco IOS agent. Incremental (partial) [...]
-
Página 103
5-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents Configuring Cisco IOS Agents The Cisco IOS agents embedded in the switch Cisco IOS software allo w the switch to be connected and automatically configured as described in the “Enabling Automa[...]
-
Página 104
5-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Configuring Cisco IOS Agents Enabling the CNS Event Agent Note Y ou must enable the CNS e vent ag ent on the switch before you en able the CNS configuration agent. Beginni ng in pri vileged EXEC mod e, follo w these steps[...]
-
Página 105
5-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents Enabling the Cisco IOS CNS Agent After enabling the CNS ev ent agent, start the Cisco IOS CNS agent on the switch. Y ou can enable the Cisco IOS agent with these commands: • The cns config in[...]
-
Página 106
5-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Configuring Cisco IOS Agents Step 7 cns id inte rface num { dns-re verse | ipaddress | mac-addr ess } [ eve nt ] or cns id { hardwar e-serial | hostname | string string } [ event ] Set the unique Ev entID or ConfigID use[...]
-
Página 107
5-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 5 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents T o disable the CNS Cisco IOS age nt, use the no cns conf ig initial { ip-address | hostname } global confi guration command. This ex ample sho ws how to conf igure an initial conf iguration o[...]
-
Página 108
5-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 5 Configurin g Cisco IOS CNS Agents Displaying CNS Configuration Displaying CNS Configuration Y ou can use the pri vileged EXEC co mmands in Ta b l e 5-2 to display CNS conf iguration in formation. Ta b l e 5-2 Displaying CNS Configur ation Command Purpose[...]
-
Página 109
CH A P T E R 6-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 6 Clustering Switches This chapter provides the concepts and pr oce dures to create and manage Catalyst 2950 and 2955 switch clusters. Y ou c an create and manage switch clusters by usi ng Cisco N etwork Ass istant (her eafter kno wn as Network Assista[...]
-
Página 110
6-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Understanding Switch Clusters In a switch cluster , 1 switch must be the cluster command swi tch an d up to 15 other switches can be cluster member sw itches . The total number of switches in a cluster cannot exceed 16 switch es. The [...]
-
Página 111
6-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Understanding Sw itch Clusters • It has an IP address. • It has Cisco Disco very Protocol (CDP ) version 2 enab led (the default). • It is not a command or cluster member swit ch of another cluster . • A Catalyst 2955 command s[...]
-
Página 112
6-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter Note Non-LRE Catalyst 2950 command swit ches running Ci sco IOS Release 12.1(9)EA1 or later can connect to standb y command switches in the management VLAN. • It is redundantly connected t o the cluster so[...]
-
Página 113
6-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster • IP Addresses, page 6-12 • Hostnames, page 6-12 • Passwords, pag e 6-12 • SNMP Community Strings, page 6- 13 • T A CA CS+ and RADIUS, pa ge 6-13 • LRE Prof iles, page 6-13 • Catalyst 19 00 and [...]
-
Página 114
6-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter Figur e 6-1 Discovery Through CDP Hops Discovery Through Non-CDP-Capable and Noncluster-Capable Devices If a cluster command switch is connected to a non-CDP-capab le thir d-party hub (such as a non-Cisco hu[...]
-
Página 115
6-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster Discovery Through Different VLANs If the cluster command switch is a Catalyst 2940, Catalyst 2950, Catal yst 2955, or Catalyst 3550 switch, the cluster can hav e cluster me mber switches in di fferent VLANs. [...]
-
Página 116
6-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter • Switch 9 because automatic d iscovery does not exte nd bey ond a noncandidate de vice, which is switch 7 Figur e 6-4 Discovery Through Dif f erent Management VLANs with a Lay er 3 Clust er Command Swi tc[...]
-
Página 117
6-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster Figur e 6-5 Discov ery of Newly Installed Switc hes HSRP and Standby Cluster Command Switches The switch uses Hot Standb y Router Protocol (HSRP) so that you can conf igure a group of standb y cluster command[...]
-
Página 118
6-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter • Other Considerations for Cl uster Standby G roups, page 6-10 • Automatic Reco very of Clu ster Config uration, page 6-11 Virtual IP Addresses Y ou need to assign a unique virtual IP ad dress and group[...]
-
Página 119
6-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster Figur e 6-6 VLAN Connectivity between Standby -Group Members and Clust er Members Automatic Recovery of Cluster Configuration The activ e cluster command switch continually forw ards cluster-conf iguration i[...]
-
Página 120
6-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Planning a Switch Clus ter IP Addresses Y ou must assign IP information to a cluster command switch. Y ou can a ssign more than one IP address to the cluster command swit ch, and you can access the cluster th rough any of th e comman[...]
-
Página 121
6-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Planning a Switch Clu ster For password considerations specific to the Catalyst 1900 and Catalyst 2820 switches, refer to the installation and con figur ation guides for tho se switches. SNMP Community Strings A cluster member switch [...]
-
Página 122
6-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Using SNMP to Man age Switch Clusters The T elnet session a ccesses the member-switch CLI at the same privile g e le vel as on the command switch. The CLI commands then operate as u sual.For instru ctions on conf iguring the switch f[...]
-
Página 123
6-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Switches Using SNMP to Mana ge Switch Clusters If a member switch has its o wn IP ad dress and community strin gs, they can be used in addition to the access provided by the command switch. For more in formation about SNMP and community string[...]
-
Página 124
6-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 6 Clustering Sw itches Using SNMP to Man age Switch Clusters[...]
-
Página 125
CH A P T E R 7-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 7 Administering the Switch This chapter describes ho w to perform one-t ime operations t o administer your Cat alyst 2950 or Catalyst 2955. This chapter consists of these sections: • Managing the System T ime and Date, page 7-1 • Config uring a Sys[...]
-
Página 126
7-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date The system clock can provide time to these services: • User show commands • Logging and deb ugging messages The system clock keep s track of time internally based on Uni versal T ime Coordina[...]
-
Página 127
7-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date Figur e 7 -1 T ypical NTP Netw ork Con figuration If the network is isolated from the Internet, Cisco’ s implementation of NTP allo ws a device to act as though it is synchro nized through NTP ,[...]
-
Página 128
7-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date • Config uring NTP Broadcast Ser vice, page 7-6 • Config uring NTP Access Restrictions, page 7-8 • Config uring the Source IP Add ress for NTP Pack ets, page 7-10 • Displaying the NTP Con[...]
-
Página 129
7-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date T o disable NTP authentica tion, use the no ntp authenticate global conf iguration co mmand. T o remove an authentication key , u se th e no ntp authentication-key number global conf iguration com[...]
-
Página 130
7-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date Beginni ng in pri vileged EXEC mode, follo w these steps to form an NTP association with another de vice: Y ou need to configu re only one end of an association; the oth er de vice can automatica[...]
-
Página 131
7-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date The switch can send or receiv e NTP broadcast packets on an interface-by -interfa ce basis if there is an NTP broadcast server , such as a router, broadcasting time i nformation on the netw ork. T[...]
-
Página 132
7-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date T o disable an interface from rece i v ing NTP broadcast packets, use the no ntp br oadcast client interface confi guration command. T o change the estimated roun d-trip delay to the d efault, us[...]
-
Página 133
7-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date The access group keyw ords are scanned in this orde r, from least restricti ve to most restr ictiv e: 1. peer —Allows time req uests and NTP control queries and allo ws the switch to synchronize[...]
-
Página 134
7-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date T o re-enable receipt of NTP pack ets on an interface, use the no ntp disable interf ace configuration command. Configuring the Source IP Address for NTP Packets When the switch sends an NTP pac[...]
-
Página 135
7-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date Configuring Time and Date Manually If no other source of time is av ai lable, you can manu ally conf igure the time and date after the system is restarted. The time remains accurate until the nex[...]
-
Página 136
7-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the System Time and Date • .—T ime is authoritativ e, bu t NTP is not synchronized. Configuring the Time Zone Beginning in priv ileged EXEC mode, foll ow these steps to manually config ure the time zone: The minutes[...]
-
Página 137
7-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the System Time and Date The first part of the clock summer -time global conf iguration command specifi es when summer time begins, and the second part specif ies when it ends. All times are relativ e to the local t ime [...]
-
Página 138
7-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Configuring a System Nam e and Prompt The first part of the clock summer -time global conf iguration command specifi es when summer time begins, and t he second part specif ies when it ends. All times are relati ve to the local [...]
-
Página 139
7-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Configuring a System Name and Prompt • Config uring a System Name, page 7-15 • Understanding DNS, page 7- 15 Default System Name and Prompt Configuration The default switch system name and prom pt is Switch . Configuring a Sy[...]
-
Página 140
7-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Configuring a System Nam e and Prompt Default DNS Configuration Ta b l e 7-2 show s the default DNS co nfigu ration. Setting Up DNS Beginning in pri vileged EXEC mod e, follo w th ese steps to set up your switch to use the DNS: [...]
-
Página 141
7-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Creating a Banner If you use the switch IP address as its hostname, th e IP address is used and no DNS query occurs. If you confi gure a hostname that contains no periods (.), a period follo wed by the def ault domain name is app[...]
-
Página 142
7-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Creating a Banner T o delete the MO TD banner , use the no banner motd global conf iguration command. This examp le shows ho w to confi gure a MO TD banner for the swi tch by using t he pound sign (#) symbol as the begi nning an[...]
-
Página 143
7-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the MAC Address Table T o delete the login banner , use the no banner login global conf iguration command. This example sho ws how to conf igure a login banner for the switch b y using the dollar sign ($) symbol as the b[...]
-
Página 144
7-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the MAC Address Table • Adding and Remo ving Static Address Entries, page 7-23 • Config uring Unicast MA C Address Filtering, page 7-2 4 • .Displaying Address T able Entries, page 7- 25 Building the Address Table [...]
-
Página 145
7-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the MAC Address Table Changing the Address Aging Time Dynamic addresses are source MAC addresses that the sw itch learns and then ages when they are not in use. The aging time parameter def i nes ho w long the switch ret[...]
-
Página 146
7-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the MAC Address Table Beginning in priv ileged EXEC mode, foll ow th ese steps to conf igure the switch to send MA C address notif ication traps to an NMS host: Command Purpose Step 1 configure terminal Enter global con[...]
-
Página 147
7-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the MAC Address Table T o disable the switch from sending MA C address notif ication traps, use the no snmp-serv er enable traps mac-notif ication global conf iguration command. T o disa ble the MA C address notification[...]
-
Página 148
7-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the MAC Address Table Beginning in pri vileged EXEC mod e, follow these steps to add a static address: T o remove static entries from the address table, use the no mac address-tab le static mac-addr vlan vlan-id [ inter[...]
-
Página 149
7-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 7 Administering the Switch Managing the MAC Address Table • If you add a unicast MA C address as a static address an d configure unicast MA C address filtering, the switch either ad ds the MA C address as a static address or drops packets with that MA C [...]
-
Página 150
7-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 7 Administerin g the Switch Managing the ARP Table Managing the ARP Table T o communicate with a de vice (ov er Ethernet, for ex ample), the softw are first must determi ne the 48-bit MA C or the local data link address of that de vice. Th e process of det[...]
-
Página 151
CH A P T E R 8-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 8 Configuring Switch-Based Authentication This chapter describe s ho w to configure switch-based authentica tio n on the Catalyst 2950 or Catalyst 2955. This chapter consists of these sections: • Pre venting Unauthorized A ccess to Y our Switch, page[...]
-
Página 152
8-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Protecting Acce ss to Privileged EXEC Comma nds Protecting Access to Privileged EXEC Commands A simple wa y of provid ing terminal access control in yo ur network is t o use passwords and assign privile g e le vel[...]
-
Página 153
8-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Protecting Ac cess to Privileged EXE C Commands Setting or Changing a Static Enable Password The enable password controls acces s to the pri vileged EX EC mode. Begin ning in pri vileged EXEC mode, follo w these st[...]
-
Página 154
8-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Protecting Acce ss to Privileged EXEC Comma nds Protecting Enable and Enable Secret Passwords with Encryption T o provide an additional layer of security , particularly for passwords th at cross the netw ork or th[...]
-
Página 155
8-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Protecting Ac cess to Privileged EXE C Commands Use the level keyw ord to def ine a password for a specif ic pri vilege le vel. After you specify the le vel and set a password, gi ve the password only to users who [...]
-
Página 156
8-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Protecting Acce ss to Privileged EXEC Comma nds Beginning in priv ileged EXEC mode, foll ow th ese steps to disable password r ecov ery: T o re-enable password recov ery , use the service password-recovery global [...]
-
Página 157
8-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Protecting Ac cess to Privileged EXE C Commands T o remove the passw ord, use the no password global conf iguration command . This example sho ws how to set the T elnet password to let45me67in89 : Switch(config)# l[...]
-
Página 158
8-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Protecting Acce ss to Privileged EXEC Comma nds T o disable userna me authenticatio n for a specific user , use the no username name global configuration command. T o disable password checkin g and allo w connecti[...]
-
Página 159
8-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Protecting Ac cess to Privileged EXE C Commands When you set a command to a privilege le vel, all commands whose syntax is a subset of that command are also set to that le vel. For e xample, if you set the show ip [...]
-
Página 160
8-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with TACACS+ Logging into and Exiting a Privilege Level Beginni ng in pri vileged EXEC mode, follo w these steps to log in to a s pec if ie d pri vil eg e le v el and t o ex it to a spec[...]
-
Página 161
8-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Swit ch Access w ith TACACS+ Figur e 8-1 T ypical T ACACS+ Netw ork Configur ation T A CA CS+, administered through the AAA secu ri ty services, can provide these services: • Authentication—Pro vid[...]
-
Página 162
8-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with TACACS+ TACACS+ Operation When a user attempts a simple ASCII log in by authenticati ng to a switch by using T ACA CS+, this process occurs: 1. When the connection is established, t[...]
-
Página 163
8-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Swit ch Access w ith TACACS+ • Config uring T A CA CS+ Authorization for Pri vileged EXEC A ccess and Network Services, page 8-16 • Starting T A CA CS+ Accounting, page 8- 16 Default TACACS+ Config[...]
-
Página 164
8-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with TACACS+ T o remove the specified T ACA CS+ server name or address, use the no tacacs -server host hostname global conf iguration command. T o remov e a server gr oup from the conf i[...]
-
Página 165
8-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Swit ch Access w ith TACACS+ T o disable AAA, use the no aaa new-model global conf iguration command. T o disable AAA authenticati on, use the no aaa authentication logi n { default | list-name } metho[...]
-
Página 166
8-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with TACACS+ Configuring TACACS+ Authorization for Pr ivileged EXEC Access and Network Services AAA authorization limit s the servi ces a vailable to a user. When AA A authorizati on is [...]
-
Página 167
8-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS Beginning in priv ileged EXEC mode, follow these steps to enable T A CACS+ accoun ting for each pri vilege le vel and for net work services: T o disable accounting, use t he n[...]
-
Página 168
8-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS The RADIUS host is normally a mu ltiuser system running RADIUS server software from Cisco (Cisco Secure Access Control Server v ersion 3.0), Liv ingston, Merit, Microsof t, o[...]
-
Página 169
8-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS Figur e 8-2 T ransitioni ng fr om R ADIUS t o T ACA CS+ Services RADIUS Operation When a user attempts to log in and auth enticate to a switch that is access controlled by a R[...]
-
Página 170
8-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS A method list def ines the sequence and methods to be used to authenticate, to au thorize, or to keep accounts on a user. Y ou can use method lists to designate on e or more [...]
-
Página 171
8-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS If two dif ferent host entries on the sam e RADIUS server are conf igured for the same service—for example, accounting— the second host e ntry configured acts as a f ail-o[...]
-
Página 172
8-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS Beginning in priv ileged EXEC mode, foll ow these steps to conf igure per-serv er RADIUS server communication. This procedure is req uired. T o remove the specified RADIUS se[...]
-
Página 173
8-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS This exampl e sho ws how to conf igure host1 as the RADIUS server an d to use the defaul t ports for both authentication an d accounting: Switch(config)# radius-server host ho[...]
-
Página 174
8-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS Step 3 aaa authentication login { default | list-name } method1 [ method2... ] Create a login authen tication method list. • T o create a default list that is used when a n[...]
-
Página 175
8-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o disable AAA, use the no aaa new-model global conf iguration command. T o disable AAA authenticati on, use the no aaa authentication logi n { default | list-name } method1 [...]
-
Página 176
8-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS Beginning in pri vileged EXEC mode, fol lo w these st eps to define the AAA serv er group and associate a particular RADIUS server with it: Command Purpose Step 1 configur e [...]
-
Página 177
8-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o remove the specified RADIUS server , use the no radius-server host hostname | ip-addr ess global confi guration command. T o remov e a server group from t he configurati o[...]
-
Página 178
8-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS T o disable authorization, use the no aaa authorization { network | exec } method1 global configuration command. Starting RADIUS Accounting The AAA accounting feature tracks [...]
-
Página 179
8-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o return to the default setting f or the retransmit, timeout, and deadtime, use the no forms of these commands. Configuring the Switch to Use V endor-Specific RADI US Attrib[...]
-
Página 180
8-30 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Controlling Switch Access with RADIUS This example sho ws how to specify an author ized VLAN in the RADIUS serv er database: cisco-avpair= ”tunnel-type(#64)=VLAN(13)” cisco-avpair= ”tunnel-medium-type(#65)=[...]
-
Página 181
8-31 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o delete the vendor -proprietary RADIUS host, use the no radius-server host { hostname | ip-addr ess } non-standard global conf iguration command. T o disable the key , use [...]
-
Página 182
8-32 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Configuring the Switch for Lo cal Authentication and Authorizatio n Configuring the Switch for Local Authentication and Authorization Y ou c an configure AAA to operate wi thout a server b y setting the switch to[...]
-
Página 183
8-33 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Configuring th e Switch for Se cure Shell Configuring the Switch for Secure Shell This section describes how to configure the Secure Sh ell (SSH) feature. SSH is a cryptographic security feature that is subject to[...]
-
Página 184
8-34 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Configuring the Switch for Secure Shell • T A CACS+ (for more information, see the “Control ling Switch Access with T ACA CS+” section on page 8-10 ) • RADIUS (for more information, see the “Controlling[...]
-
Página 185
8-35 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Configuring th e Switch for Se cure Shell Cryptographic Software Image Guidelines These guidelines apply on ly to non-LR E Catalyst 2950 an d 2940 switches: The SSH feature uses a large amount of switch me mory , [...]
-
Página 186
8-36 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Configuring the Switch for Secure Shell T o delete the RSA ke y pair , use the crypto key zeroize rsa global conf iguration command. After the RSA key pair is deleted, the SSH server is aut omatically disabled. C[...]
-
Página 187
8-37 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 8 Configuri ng Switch-Based Authentication Configuring th e Switch for Se cure Shell Displaying the SSH Configuration and Status T o display the SSH server conf iguration and status, use one or more of the pri vileged EXEC commands in Ta b l e 8-2 : For mo[...]
-
Página 188
8-38 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 8 Config uring Switch-Based Authentic ation Configuring the Switch for Secure Shell[...]
-
Página 189
CH A P T E R 9-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 9 Configuring IEEE 802.1x Port-Based Authentication This chapter describes ho w to configure IEEE 802.1x port-based authen tication on the Catalyst 2950 or Catalyst 2955 switch. IEEE 802.1x authentication prev ents unauthorized de vices (c lients) from[...]
-
Página 190
9-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication • Using IEEE 802.1x Auth entication with VLAN A ssignment, page 9-7 • Using IEEE 802.1x Auth entication with Guest VLAN, page 9-8 • Using IEEE 802[...]
-
Página 191
9-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication information wit h the authentication serv er , and rela ying a response to the client. The switch includes the RADIUS client, which is responsib le for [...]
-
Página 192
9-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication Figur e 9-2 Messag e Exc hang e Ports in Authorized and Unauthorized States During IEEE 802.1x authentication, depending on the switch port state, the s[...]
-
Página 193
9-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication • auto —enables IEEE 802.1x authenti cation and causes the port t o begin in t he unauthorized state, allowing only EAPOL frames to be sent and rece[...]
-
Página 194
9-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication IEEE 802.1x Accounting The IEEE 802.1x standard defines ho w users are au thorized and authenticated for network access but does not keep track of netwo[...]
-
Página 195
9-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication For mo re i nf or m at io n ab ou t A V pa i rs , s e e R F C 3 58 0 , “IEEE 802.1X Remote Authen tication Dial In User Service (RADIUS) Usage Guideli[...]
-
Página 196
9-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication • Enable IEEE 802.1x authen tication (the VLAN assignment feature is automatically enabled when you conf igure IEEE 802.1x authenti cation on an acces[...]
-
Página 197
9-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication Using IEEE 802.1x Authentication with Restricted VLAN Y ou can configure a restricted VLAN for each IEEE 802.1x port on a sw itch to pro vide limited se[...]
-
Página 198
9-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802. 1x Port-Based Authentication Using IEEE 802.1x Authentication with Voice VLAN Ports A voice VLAN port is a special access por t associated with two VLAN identifi ers: • VVID to c[...]
-
Página 199
9-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication • When an IEEE 802.1x client logs off, the port changes to an unauthenticated state, and all dynamic entries in the secure host table ar e cleared, i[...]
-
Página 200
9-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication • Set the action to be tak en when the switch tries to re-authenticate the cli ent by using the T ermination-Action RADIUS attribut e (Attribut e[29]). If the v al[...]
-
Página 201
9-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication IEEE 802.1x Authentication Configuration Guidelines These section has configuration guidelines for these features: • IEEE 802.1x Authentication, page 9-14 • VLAN[...]
-
Página 202
9-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication IEEE 802.1x Authentication These are the IEEE 802.1x authenti cation configuration guidelines: • When IEEE 802.1x authen tication is enabled, ports are auth entica[...]
-
Página 203
9-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication client times out and tr ies to get a host IP address from the DHCP serv er . Decrease the settings for the IEEE 802.1x authentication process ( dot1x timeout quiet-p[...]
-
Página 204
9-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Step 6 The switch sends an interim accountin g update to the ac counting server that is based on the result o f re-authentication. Step 7 The user disconnects from t[...]
-
Página 205
9-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication T o disable AAA, use the no aaa new-model global configuration command. T o disable IEEE 802.1x AAA authentication, use the no aaa authentication dot1x { default | l[...]
-
Página 206
9-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication T o delete the specified RADIUS server , use the no radius-server host { hostname | ip -addr ess } global confi guration command. This example sho ws how to specify [...]
-
Página 207
9-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Enabling Periodic Re-Authentication Y ou can enable periodic IEEE 802.1x client re-authe ntication and specify how often it occurs. If you do not specify a time peri[...]
-
Página 208
9-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Changing the Quiet Period When the switch cannot auth enticate the client, the switch remains idle for a set period of time, and then tries again. The id le time is [...]
-
Página 209
9-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication T o return to the default retransmission time, use the no dot1x timeout tx-period interface conf iguration command. This exampl e show s how to set 60 as the number [...]
-
Página 210
9-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Configuring IEEE 802.1x Accounting Enabling AAA system accounting with IEEE 802.1x accounting allo ws system reload e vents to be sent to the accounting RADI US serv[...]
-
Página 211
9-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Configuring a Guest VLAN When you configure a guest VLAN, clients that are not IEEE 802.1x- capable are put into the guest VLAN when the server does not recei ve a r[...]
-
Página 212
9-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Y ou can enable optional guest VLAN beha vior by using the dot1x guest-vlan suppli cant global configuration command. When enabled, the switch do es not maintain the[...]
-
Página 213
9-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Beginni ng in pri vileged EXEC mode, foll ow t hese steps to conf igure a restricted VLAN. This procedure is optio nal. T o disable and remo ve the restrict ed VLAN,[...]
-
Página 214
9-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication T o return to the default v alue, use the no dot1x auth-fail max-attempts interface conf iguration command. This example sho ws how to set 2 as the number of au then[...]
-
Página 215
9-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802.1x Authentication Configuring NAC Layer 2 IEEE 802.1x Validation In Cisco IOS Release 12.1 (22)EA6 or later , you can configure N A C Layer 2 IEEE 802.1x validation, which is also ref[...]
-
Página 216
9-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 9 Configuring IEEE 802.1x Port-Based Authentication Displaying IEEE 802.1x Statistics and Status Resetting the IEEE 802.1x Configuration to the Default Values Beginning in pri vileged EXEC mode, follow these steps to reset the IEEE 802.1x configuration to [...]
-
Página 217
CH A P T E R 10-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 10 Configuring Interface Characteristics This chapter describes the ty pes of interfaces on a Catalyst 29 50 or Catalyst 2955and ho w to conf igure them. The chapter has these sections: • Understanding Interf ace T ypes, page 10-1 • Using the Inte[...]
-
Página 218
10-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Understanding Interface Types These sections describes these types of interfaces: • Access Ports, page 10-2 • T runk Ports, page 10-2 • Port-Based VLANs, page 10-3 • EtherChannel Port Groups, page 10 -3 •[...]
-
Página 219
10-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Understanding Interface Types A trunk port can onl y become a member of a VLAN if VTP kno ws of the VLAN and the VLAN is in the enabled state. If VTP learns of a new , enabled VL AN and the VLAN is in the allo wed [...]
-
Página 220
10-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Using the Interface Command When you conf igure an EtherChannel, you create a port -channel logical in terfa ce and assign an interface to the EtherChannel. For Layer 2 interfaces, the logi cal interface is dynamic[...]
-
Página 221
10-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Using the Inte rface Command Y ou can identify physical interfaces b y physically checking the interf ace location on the switch. Y ou can also use the Cisco IOS show pri vileged EXEC co mmands to display informati[...]
-
Página 222
10-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Using the Interface Command Beg i nn in g i n pr ivi leg e d E XE C mo de , f o ll ow t he se st e ps to conf igure a range of interfaces with the same parameters: When using the interface range global conf igurati[...]
-
Página 223
10-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Using the Inte rface Command This example sho ws how to use a comma to add dif feren t interface type strings to t he range to enable all Fast Ethernet interfaces in t he range 0/1 to 0/3 and Gig abit Ethernet inte[...]
-
Página 224
10-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Configuring Ethernet Inte rfaces – port-channel port-chann el-number - port-c hannel-number , where port-c hannel-nu mber is from 1 to 6. • Y o u must add a space between the interface numbers and the hyphen wh[...]
-
Página 225
10-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Configuring Ethernet Interfaces • Config uring Media T ypes for Gigabit Ethe rnet I nterfaces on LRE Switches, page 10-13 • Configuring I EEE 802.3x Flow Control on IEEE 802.3z Gi gabit Ethernet Ports, page 10 [...]
-
Página 226
10-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Configuring Ethernet Inte rfaces Configuring Interface Speed and Duplex Mode The 10/100 Ethernet int erfaces on a non-LRE switch operate in 10 or 100 Mbps and in ei ther full- or half-duple x mode. The 10/100/1000[...]
-
Página 227
10-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Configuring Ethernet Interfaces • When connecting an interface to a 100B ASE-T device that does not autonegotiate, set the speed to a nonautonegot iation v alue (for example, none gotiate), and set the duple x m[...]
-
Página 228
10-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Configuring Ethernet Inte rfaces Setting the Interface Speed and Duplex Parameters on a Non-LRE Switch Port Be gi nn in g i n pr ivi le ge d E X EC mo de , fo ll ow t he s e s te p s t o set the speed and duplex m[...]
-
Página 229
10-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Configuring Ethernet Interfaces Use the no local speed and no local duplex interface conf iguration commands to return the interf ace to the default speed and duplex setti ngs. T o return all interface set tings t[...]
-
Página 230
10-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Configuring Ethernet Inte rfaces • rec ei ve on (or desired ) and send off : The port cannot send pause fra mes b ut can operate with an attached device that is required to or can send pause frames; the port can[...]
-
Página 231
10-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Monitoring and Ma intaining the Interfaces Use the no description interface co nfigu ration command to delete the descriptio n. This exampl e show s how to add a description on a port and to verify the description[...]
-
Página 232
10-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Monitoring an d Ma intaining the Interfaces Monitoring Interface and Controller Status Commands entered at the pri vileged EXEC prompt di splay info rmation about the interf ace, including the version of th e soft[...]
-
Página 233
10-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 10 Configuring Interfac e Characteristics Monitoring and Ma intaining the Interfaces T o clear the interface counters shown by the show interfaces privile ged EXEC command, use the clear counters pri vileged EXEC command. Th e clear counters command clear[...]
-
Página 234
10-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 10 Configur ing Interface Characteristics Monitoring an d Ma intaining the Interfaces When the shutdown interf ace conf iguration command i s entered on an LRE interface, t he LRE link is shut do wn. T o shut down the 10/100 Ethernet ports on CPE de vice,[...]
-
Página 235
CH A P T E R 11-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 11 Configuring Smartports Macros This chapter describes ho w to configure an d apply Smartports macros on t he Catalyst 2950 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see the command reference for[...]
-
Página 236
11-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 11 Configur ing Smartport s Macros Configuring Smartports Macros Cisco also provides a collection of pretested, Ci sco-recommended baseline conf iguration templates for Catalyst switches. Th e online reference guide templates pr ovide t he CLI commands tha[...]
-
Página 237
11-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 11 Configuring Smartports Macros Configuring Smartports Macros Smartports Macro Configuration Guidelines Follo w these guidelines when conf iguring macros on your switch: • When creating a macro, do not use the exit or end commands or change the command [...]
-
Página 238
11-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 11 Configur ing Smartport s Macros Configuring Smartports Macros Creating Smartports Macros Beginning in priv ileged EXEC mode, foll ow these steps to create a Smartports macro: The no form of the macr o name global con figur ation command only deletes the[...]
-
Página 239
11-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 11 Configuring Smartports Macros Configuring Smartports Macros Applying Smartports Macros Beginning in priv ileged EXEC mode, follow these steps to apply a Smartports macro: Y ou can delete a global macr o-applied conf iguration on a swi tch only b y enter[...]
-
Página 240
11-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 11 Configur ing Smartport s Macros Configuring Smartports Macros This e xample sho ws how to ap ply the user -created macro cal led snmp , to set the host name address to test-server and t o set the IP precedence v alue to 7 : Switch(config)# macro global [...]
-
Página 241
11-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 11 Configuring Smartports Macros Configuring Smartports Macros Y ou can delete a global macr o-applied conf iguration on a swi tch only b y entering the no version of each command that is in th e macro. Y ou can delete a macr o-applied configurat ion on an[...]
-
Página 242
11-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 11 Configur ing Smartport s Macros Displaying Smartports Ma cros Displaying Smartports Macros T o display the Smartports macros, use one or more of the privileged EXEC commands in Ta b l e 11-2 . Ta b l e 11 - 2 C o m m a n d s f o r D i s p l a ying Smart[...]
-
Página 243
CH A P T E R 12-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 12 Configuring LRE This chapter describe s ho w to configure the Lo ng-Reach Ethernet (LRE) features on your Catalyst 29 50 LRE switch. This chapter consists of these section s: • Understanding LR E Features, page 12-1 • Config uring LRE Ports, pa[...]
-
Página 244
12-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Understanding LRE Features • LRE link—This is the co nnection between the switch LRE port and the RJ-11 w all port on an LRE CPE de vice such as the Cisco 575 LRE CPE or the Cisc o 585 LRE CPE. This connection can be through categor[...]
-
Página 245
12-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Understanding LRE Features Note Use the rates and distances in Ta b l e 12-1 and Ta b l e 12-2 only as guidelines. Fact ors such as the type of cable that you use, ho w it is bundled, an d the inte rference and noise on the LR E link can[...]
-
Página 246
12-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Understanding LRE Features Y o ur data rates will always be less than th e gross data rate listed in tables. A small percentage of the link rate is used b y the Catalyst 2950 LRE swi tch for supervisory func tions with the CPE de vice c[...]
-
Página 247
12-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Understanding LRE Features LRE Sequences The LRE switches are shipped with predefined sequences. Sequences are sets of profiles and are used with the rate selection feature. Th e rate selection feature enables th e switch to automat ical[...]
-
Página 248
12-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Understanding LRE Features Beginni ng with the f irst prof ile in a sequence, t he switch attempts to app ly each prof ile within that sequence to the LRE interf ace. The switch co nt inues these attempts until it con verg es ( con ver [...]
-
Página 249
12-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Understanding LRE Features CPE toggle cannot be disabled on a Ci sco 575 LRE or Cisco 57 6 LRE 997 CPE link b ut can be disabled on a Cisco 585 LRE CPE. For more information, see the “Conf iguring CPE T oggle” section on page 12-21 .[...]
-
Página 250
12-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports • Event—The switch logs only LRE e vents. • Extended— The switch logs LRE e ven ts and all the LRE paramet ers. • Normal—The switch logs LRE e vents and the typical LRE parameters. Y o u can use the log[...]
-
Página 251
12-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports • Rate selectio n is enabled on al l interfaces, but a se quence with which to start rat e selection is not defined. • LRE link persi stence is enabled . The default is 3 second s. • LRE link mo nitoring is en[...]
-
Página 252
12-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports – Older installations o ver 30 years old often use hea vy gauge wire (2 2 or 20 A WG) with no signif icant twist. In man y cases, the cabling is set into the f abric of the building. The cables might be tightly [...]
-
Página 253
12-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports Guidelines for Configuring Cisco 575 LRE CPEs and 576 LRE 997 CPEs Y ou can configure the CPE Ethernet port to oper ate at 10 or 100 Mbps and at half- or full-dupl ex mode, depending on the capabi lity of the remot[...]
-
Página 254
12-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports The loopback interf ace conf iguration command is not supported on the LRE ports. Ext ernal loopback on the LRE ports is also not sup ported. Connecting a CPE Ethern et port to anoth er Ethernet port on the same C[...]
-
Página 255
12-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports T o delete the prof ile from a sequence, use the no prof ile pr of ile-name interface conf iguration command. T o display the LRE link st atistics and pr of ile information on the LRE ports, use the show controller[...]
-
Página 256
12-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports T o remove a sequence from a port, use the no sequence sequence- name interface conf iguration command. T o display the LRE link statistics and se quence information on the LRE ports, use the show controllers lre [...]
-
Página 257
12-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports Precedence The rate selection feature can be applied at bot h th e port le vel and at the swi tch lev el. Profiles and sequences hav e a system-defined prio rity lev el that work with rate selection to determine th[...]
-
Página 258
12-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports Link Qualification and SNR Margins When rate selection is running, the SNR is u sed as an indicator of lin k qualit y . The switch does not provid e any internal mech anism to ensure link quali ty . There can be d[...]
-
Página 259
12-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports Ta b l e 12-7 SNR Requirements f or Upstr eam Rates for the Catalyst 2950S T -8 LRE and the Catalyst 2950ST -24 LRE Swi tch es Profile Gross Data Rate QAM Theoretical Minimum SNR Low Noise SNR Medium Noise SNR High[...]
-
Página 260
12-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports The margin ran ge for link qualif ication is from 1 to 10 dB. The recommended valu e in a lo w-noise en vironment is 2 dB. The recommended v alue for medium noise en vironment is 4 dB. The recommend ed v alue in a[...]
-
Página 261
12-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports Configuring LRE Link Persistence If the LRE link shuts do wn and is automatically re-enabled quickly , the switch config uration might change. For example, the dynamic MA C addresses ar e remo ved from th e MA C ad[...]
-
Página 262
12-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports A lo wer v alue of the interlea ve block size means less tole rance to noise and causes a lo wer latency of frame transmis sion. For e xample, lowe r val ues of the interleave block size can be us ed for v oice ap[...]
-
Página 263
12-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Configuring LRE Ports • Make sure that all t he CPEs in the prod uction network are runnin g the same LRE binary version . Use the show controllers lr e cpe version priv ileged EXEC com mand to display t he binary v ersion on all CPE [...]
-
Página 264
12-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Configuring LRE Ports T o re-enable CPE toggle on the Cisco 585 LRE CPE link, use the cpe toggle [ port port -id ] interface confi guration command. Configuring Syslog Export If the syslog export feature is enabled, the swit ch sends t[...]
-
Página 265
12-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Upgrading LRE Switch Firmware T o turn of f the logging of e vents, use the no logging lr e { eve nt | extended | normal } interface confi guration command. Upgrading LRE Switch Firmware The Catalyst 29 50 LRE switch can store and prope[...]
-
Página 266
12-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Upgrading LRE Switch Firmware Note Y ou must remo ve global conf igurations that might af fect t he controll er and de vices connected to it. Note If you enter the lre upgrade default family global config uration command and the upgrad[...]
-
Página 267
12-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Upgrading LRE Switch Firmware Y ou can use the upgrade controller conf iguration command to ov erride the system def ault selection of an LRE binary that will b e applied on either end of a particular LRE link. Con troller conf iguratio[...]
-
Página 268
12-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Upgrading LRE Switch Firmware ! controller LongReachEthernet 1 ! controller LongReachEthernet 2 ! controller LongReachEthernet 3 ! controller LongReachEthernet 4 ! controller LongReachEthernet 5 ! controller LongReachEthernet 6 ! ! <[...]
-
Página 269
12-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 12 Configuring LRE Displaying LRE St atus Displaying LRE Status T o display the LRE informat ion, use one or more of th e pri vileged EXEC command s in Ta b l e 12-10 . For detailed i nformation about the f ields in the command outputs, see the co mmand r[...]
-
Página 270
12-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 12 Configurin g LRE Displaying LRE Status[...]
-
Página 271
CH A P T E R 13-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 13 Configuring STP This chapter describe s ho w to configure the Spanning T ree Pro tocol (STP) on port-based VL ANs on your Catalyst 2950 or Catal yst 2955 switch. The switch can use either the per-VLAN spanning-tree pl us (PVST+) protocol based on t[...]
-
Página 272
13-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Understandin g Spanning-T ree Features • Spanning-T ree Interoperability and Backw ard Compatibility , page 13-10 • STP and IEEE 802.1Q Trunks, page 13-10 For conf iguration information, see the “Configuring Span ning-T ree Featur[...]
-
Página 273
13-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Understanding Spa nning-Tree Features When the switches in a network are powered up, each functions as the root switch. Each switch sends a confi guration BPDU through al l of its ports. The BPDUs co mmunicate and compute the sp anning-t[...]
-
Página 274
13-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Understandin g Spanning-T ree Features In Cisco IOS Release 12.1(9)EA1 a nd later , Catalyst 2950 and Catalyst 2955 switches support the IEEE 802.1t spanning -tree extensions. Some of the bits pr e viously used for the switch priorit y [...]
-
Página 275
13-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Understanding Spa nning-Tree Features • From forwarding to dis abled Figure 13-1 illustrates how an interf ace mo ves through the states. Figur e 13-1 Spanning-T ree Interf ace States When you power up the switch, span ning tree is ena[...]
-
Página 276
13-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Understandin g Spanning-T ree Features • Receiv es BPDUs Listening State The listening state is the first state a Layer 2 interf ace enters after the blocking state. The interface enters this state when the spanning tree determines th[...]
-
Página 277
13-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Understanding Spa nning-Tree Features How a Switch or Port Becomes the Root Switch or Root Port If all switches in a network are enabled with defaul t spanning-tree settings, the swi tch with the lo west MA C address becomes the root swi[...]
-
Página 278
13-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Understandin g Spanning-T ree Features Figur e 13-3 Spanning T ree and Re dundant Connectivity Y ou can also create redundant links b etween sw itches by using Et herChannel groups. For more informatio n, see Chapter 30, “Config uring[...]
-
Página 279
13-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Understanding Spa nning-Tree Features Spanning-Tree Modes and Protocols The switch support s these spanning-tre e modes and protocol s: PVST+—This spanning-tree mode is based on the IEEE 802.1D st andard and Cisco proprietary extension[...]
-
Página 280
13-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es Spanning-Tree Interoperabi lity and Backward Compatibility Ta b l e 13-2 lists the interoperability an d compatibility among t he supported spanning-tree modes in a network. In a mixed MSTP an d PVS[...]
-
Página 281
13-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features • Config uring the Root Swit ch, page 13-14 (optio nal) • Config uring a Secondary Root Swi tch, page 13-16 (optional) • Config uring the Port Priority , page 13-17 (optional) • Config uring t[...]
-
Página 282
13-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es If 64 instances of spanning tree are alread y in use, you can disable spanning tree on one of t he VLANs and then enable it on the VLAN wh ere you want it to run . Use the no spanning-tr ee vlan vla[...]
-
Página 283
13-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features T o return to the defau lt setting, use the no spanning-t ree mode global co nfigu ration command. T o return the port to its def ault setting, use the no spanning-tree link-type interface conf igurat[...]
-
Página 284
13-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es Beginning in pri vileged EXEC mode, follo w these steps to disable spannin g tree on a per -VLAN basis. This procedure is optional. T o re-enable spanning tree, use the spanning-tree vlan vlan-id gl[...]
-
Página 285
13-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features • For Catalyst 2950 swi tches without the ex tended system ID (softw are earlier than Cisco IOS Release 12.1(9)EA1), if al l network de vices in VLAN 100 ha ve th e default prio rity of 32768, enter[...]
-
Página 286
13-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es T o return the switch to its default setting, use the no spanning-tr ee vlan vlan-id roo t global confi guration command. Configuring a Secondary Root Switch When you conf igure a Catalyst 2950 or C[...]
-
Página 287
13-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features T o return the switch to its default setting, use the no spanning-tr ee vlan vlan-id roo t global confi guration command. Configuring the Port Priority If a loop occurs, spanning tree us es the port p[...]
-
Página 288
13-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es Note The show spanning-tr ee interface interfac e-id pri vilege d EXEC command displays informati on only if the port is in a link-up operativ e s tate. Otherwise, you can use the show running-confi[...]
-
Página 289
13-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features Note The show spanning-tr ee interface interfac e-id pri vilege d EXEC command displays informati on only for ports that are in a link-up operati ve state. Otherwise, you can use the show running-conf[...]
-
Página 290
13-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es T o return the switch to its default setting, use the no spanning-tr ee vlan vlan-id priority global confi guration command. Configuring Spanning-Tree Timers Ta b l e 13-4 describes the timers that [...]
-
Página 291
13-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Configuring Spa nning-Tree Features Configuring the Forwardi ng-Delay Time for a VLAN Beginni ng in pri vileged EXEC mod e, follo w these steps to conf igure the forwarding-delay time for a VLAN. This procedure is optional. T o return t[...]
-
Página 292
13-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Configuring Sp anning-Tree Featur es Configuring Spanni ng Tree for Use in a Cascaded Stack Spanning tree uses def ault va lues that can be reduced when configuring your switch in cascaded configurations. If a root switch is part of a [...]
-
Página 293
13-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 13 Configuring STP Displaying the Spanning -Tree Status Displaying the Spanning-Tree Status T o display the spanning-tree status, use o ne or more of the pri vileged EXEC commands in Ta b l e 13-6 : Y o u can clear spanning-tre e counters by using the cle[...]
-
Página 294
13-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 13 Configur ing STP Displaying the Sp anning-Tree Status[...]
-
Página 295
CH A P T E R 14-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 14 Configuring MSTP This chapter describe s ho w to configure the Cisco im plementation of the IEE E 802.1s Multiple STP (MSTP) on your Catalyst 2950 or Catalyst 29 55 switch. Note The multiple spanning-tree (MST) implementation is a prestandard imple[...]
-
Página 296
14-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng MSTP Understanding MSTP MSTP , which uses RSTP for rapid co n verge nce, en ables VLANs to be grou ped into a spanning-tree instance, with each instance h aving a spann ing-tree topology inde pendent of other spanning-t [...]
-
Página 297
14-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Understanding M STP All MST instances within the same re gion share the same protocol timers, bu t each MST instance has its o wn topology parameters, such as root switch ID, root path cost, and so fort h. By default, all VLANs are assi[...]
-
Página 298
14-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng MSTP Figur e 14-1 MST Regions, IST Masters, and the CS T Root Figure 14-1 does not sho w additional MST instances for each reg ion. Note that the topology of MST instances can be dif ferent from that of the IST for the s[...]
-
Página 299
14-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Understanding M STP recei ved remaining hop count b y one an d propagates this v alue as the rem aining hop count i n the BPDUs it generates. Wh en the count reaches zero, the switch discards the BPDU and ag es the information held for [...]
-
Página 300
14-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng RSTP Understanding RSTP The RSTP takes adv antage of point-to-poi nt wiring and pro vides rapid con vergence of the spanning tree. Reconfi guration of the sp anning tree can occu r in less than 1 second (in contrast to 5[...]
-
Página 301
14-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Understanding RST P T o be consistent with Cisco STP implementations, th is guide def ines the port state as bloc king instead of discar ding . Designated ports sta rt in the l istening state. Rapid Convergence The RSTP provides for rap[...]
-
Página 302
14-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng RSTP Figur e 14-2 Proposal and Agr eement Hand shaking for Rapid Conv ergence Synchronization of Port Roles When the switch receiv es a proposal message on one of its ports and that port is selected as the ne w root port[...]
-
Página 303
14-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Understanding RST P Figur e 14-3 Seq uence of Events Dur ing Rapid Conv erg ence Bridge Protocol Data Unit Format and Processing The RSTP BPDU format is the same as the IEEE 8 02.1D BPD U format except that the pr otocol version is set [...]
-
Página 304
14-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Understandi ng RSTP The RSTP does not ha ve a separate topology change notificat ion (TCN) BPDU. It uses the topolog y change (TC) flag to sho w the to pology changes. Howe ver , for in teroperability with IEEE 802.1D switches, the RS[...]
-
Página 305
14-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features • Protocol migration—F or backward compatibilit y with IEEE 802.1D switches, RSTP selecti vely sends IEEE 802.1D conf iguration BPDUs and TCN BPDUs on a per -port basis. When a port is initialized, the mig[...]
-
Página 306
14-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features For info rmation about the supported number of spanning-tree instan ces, see the “Support ed Spanning-Tree Instances” section on page 13-9 . MSTP Configuration Guidelines These are the configurati on guid[...]
-
Página 307
14-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features Specifying the MST Region Configuration and Enabling MSTP For tw o or more switches to be in the same MST re gion, the y must hav e the same VLAN-to-instance mapping, the same conf iguration re vision number ,[...]
-
Página 308
14-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features T o return to the default MST region conf iguration, use the no spanning-tree mst conf iguration global confi guration command. T o return to the def ault VLAN-to-instance map, use the no instance instance-id[...]
-
Página 309
14-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features Use the diameter keyw ord, which is a vai lable only for MST instance 0, to specify the Layer 2 n etwork diameter (that is, th e maximum number of switch h ops between any tw o end stations in t he Layer 2 net[...]
-
Página 310
14-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features Y ou can execute this command on more than one sw itch to conf igure mu ltiple backup roo t switches. Use the same network d iameter and hello-time v alues that you used when you conf igured the primary root [...]
-
Página 311
14-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features Beginning in pri vileged EXEC mod e, follo w these steps to conf igure the MSTP port priority of an interface. This pro cedure is optional. Note The show spanning-tr ee mst interface interfac e-id pri vileged [...]
-
Página 312
14-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features Note The show spanning-tr ee mst interface interfac e-id pri vilege d EXEC command displays informati on only for ports that are in a link-up oper ati ve sta te. Otherwise, y ou can use t he show running-conf[...]
-
Página 313
14-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features Beginni ng in pri vileged EXEC mode, follo w these steps to conf igure the switch priority . This procedure is optio nal. T o return the switch to its default setting, use the no spanning-tr ee mst instance-id[...]
-
Página 314
14-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Configuring MSTP Features T o return the switch to its default setting, use the no spanning-tree mst hello-time global configuration command. Configuring the Forwarding-Delay Time Beginni ng in pri vileged EXEC mod e, follo w these st[...]
-
Página 315
14-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 14 Configuring MSTP Configuring MSTP Features T o return the switch to its def a ult setting, use th e no spanning-tree mst max-age global co nfiguration command. Configuring the Maximum-Hop Count Beginni ng in pri vile ged EXEC mode, follo w these steps [...]
-
Página 316
14-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 14 Configuring M STP Displaying the MST Configuration and Status T o return the switch to its default setting, use the no spanning-tr ee link-type interface configuration command. Restarting the Protocol Migration Process A switch running MSTP supports a [...]
-
Página 317
CH A P T E R 15-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 15 Configuring Optional Spanning-Tree Features This chapter describes ho w to configu re optional spanning -tree features on your Catalyst 2 950 or Catalyst 2955 switch. Y ou can configu re all of these features when your switch is running the per -VL[...]
-
Página 318
15-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures Understanding Port Fast Port Fast immediately brings an interface conf igured as an access or trunk port from a blocking state to the forwarding state, bypas[...]
-
Página 319
15-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features The BPDU guard feature pro vides a secure response to in v alid conf igurations because y ou must manually put the port b ack in service. Use the BPDU guard fea[...]
-
Página 320
15-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures Figur e 15-2 Switches in a Hier archical Netw ork If a switch loses connecti vity , it beg ins using the alte rnate paths as soon as th e spanning tree selec[...]
-
Página 321
15-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features Figur e 15-3 UplinkF ast Example Befor e Direct Link F ailure If Switch C de tects a link f ailure on the currentl y acti ve link L2 on the ro ot port (a dir ec[...]
-
Página 322
15-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures How CSUF Works CSUF ensure s that one link in t he stack is electe d as the path to th e root. As shown in Figure 15-5 , Switches A, B, and C are cascaded th[...]
-
Página 323
15-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features The switch sending the fa st-transition request needs to do a fast transiti on to the forw arding state of a port that it has chosen as the root po rt, and it m[...]
-
Página 324
15-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures Limitations These limitations apply to CSUF: • CSUF uses the GigaStack GBI C module and runs on al l Catalyst 3550 switches, all Catalyst 3500 XL switches,[...]
-
Página 325
15-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features Figur e 15-6 GigaStack GBIC Module Connecti ons and Spanning-T ree Conv ergence Understanding BackboneFast BackboneFast detects indirect failures in the core of[...]
-
Página 326
15-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures to the root swit ch). Under spanni ng-tree rules, the switch ignores inferior BPDUs for the conf igured maximum aging time specif ied by t he spanning-tree [...]
-
Página 327
15-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Understanding Optio nal Spanning-Tree Features Figur e 15-8 BackboneF ast Exa mple Af ter Indirect Link F ailure If a ne w switch is introd uced into a shar ed-medium topolog y as sho w n in Figure 15-9 , B[...]
-
Página 328
15-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Unde rstanding O ptional Span ning-Tree Fe atures Y ou can enable this feature by u sing the spanning-tree ether channel guard misconfig global confi guration command. Understanding Root Guard The Layer 2 n[...]
-
Página 329
15-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Configuring Optio nal Spanning-Tree Features Understanding Loop Guard Y ou can use loop guard to pre vent alternate or roo t ports from becoming designat ed ports because of a failure that leads to a unidir[...]
-
Página 330
15-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Configuring Option al Spanning-Tree Featur es Optional Spanning-Tree Configuration Guidelines Y o u can configure PortFast, BPDU guard, BPDU filter ing, EtherChannel guard, roo t guard, or loop guard if you[...]
-
Página 331
15-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Configuring Optio nal Spanning-Tree Features Note Y ou can use the spanning-tree portfast default global conf iguration comma nd to globally enable the Port Fast feature on all nontrun king ports. T o disab[...]
-
Página 332
15-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Configuring Option al Spanning-Tree Featur es Beginni ng in pri vileged EXEC mode, follo w these steps to globally enable the BPDU guar d feature. This procedure is optional . T o disable BPDU guard, use th[...]
-
Página 333
15-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Configuring Optio nal Spanning-Tree Features T o disable BPDU fi ltering, use the no spanning-tr ee portfast bpdufilter default global con figur ation command. Y o u can ov e rride the setting of the no spa[...]
-
Página 334
15-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Configuring Option al Spanning-Tree Featur es When UplinkFast is enabled, the sw itch priority of all VLANs is set to 49152 . If you change the path cost to a va lue less than 3000 and you enable UplinkF as[...]
-
Página 335
15-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Configuring Optio nal Spanning-Tree Features Enabling BackboneFast Y ou can enable BackboneFast to detect indirect li nk failures and to start the spanning-tree reconfiguration sooner . Note If you use Back[...]
-
Página 336
15-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Configuring Option al Spanning-Tree Featur es After the conf iguration is corrected, enter the shutdown and no shutdown in terface conf iguration commands on the port-channel interf aces that were misconf i[...]
-
Página 337
15-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 15 Configuring Optiona l Spanning-Tree Feature s Displaying the Spanning -Tree Status T o globally disable loop g uard, use the no spanning-tr ee loopguard default global configuratio n command. Y ou can override the setting of the no spanning-tree loopgu[...]
-
Página 338
15-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 15 Configur ing Optional Spanning-Tree Featu res Displaying the Sp anning-Tree Status[...]
-
Página 339
CH A P T E R 16-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 16 Configuring VLANs This chapter describes ho w to config ure normal-range VLANs on your Catalyst 2950 or Catalyst 295 5 . It includes information about VLAN modes and th e VLAN Membership Policy Serv er (VMPS). Note For complete syntax and usage in [...]
-
Página 340
16-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Understandi ng VLANs Figure 16-1 sho ws an example of VLANs seg mented into logically def ined networks. Figur e 16-1 VLANs as Logically Defined Ne tw or ks VLANs are often associated with IP subnet works. F or example, all the end st[...]
-
Página 341
16-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Understanding VLAN s VLAN Port Membership Modes Y ou configure a port to belong to a VLAN by assignin g a memb ership mode that determines the kind of traff ic the port carries and the numb er of VLANs to which it can belong. Ta b l e [...]
-
Página 342
16-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Norma l-Range VLANs Configuring Normal-Range VLANs Normal-range VLANs are VLA Ns with VLAN IDs 1 to 1005. If the switch is in VT P server or transparent mode, you can add, m odify or remo ve conf igurations for VLANs 2 to [...]
-
Página 343
16-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring Normal-Rang e VLANs • Normal-Range VLAN Co nf ig uration Guidelines, page 16-5 • VLAN Config uration Mode Options, page 16 -6 • Saving VLAN Configuration, page 16-6 • Default Eth ernet VLAN Config uration, page 16-7[...]
-
Página 344
16-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Norma l-Range VLANs are se veral adjacent switches that all hav e run out of spanning-tree instances. Y ou can pre vent this possibility b y setting allo wed lists on the trunk po rts of switches that ha ve used up their a[...]
-
Página 345
16-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring Normal-Rang e VLANs startup configuration f ile. Y ou can use the show running-conf ig vlan pri vile ged EXEC command to display the switch running conf iguration file. T o display the VLAN co nfigu ration, enter the show v[...]
-
Página 346
16-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Norma l-Range VLANs Creating or Modifying an Ethernet VLAN Each Ethernet VLAN in the VLAN databa se has a unique, 4-digit ID that can be a number fro m 1 to 1001. VLAN IDs 1002 to 1005 are reserved for T oken Ring and FDDI[...]
-
Página 347
16-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring Normal-Rang e VLANs Beginning in pri vileged EXEC mode, follow these step s to use VLAN configurati on mode to create or modify an E thernet VLAN : Note Y ou cannot configure an RSP AN VLAN in VLAN database configuration mo[...]
-
Página 348
16-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Norma l-Range VLANs Beginni ng in pri vileged EXEC mode, follo w these steps to delete a VLAN on the switch b y using global confi guration mode: T o delete a VLAN in VLAN data base co nfiguratio n mode, use the vlan data[...]
-
Página 349
16-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring Extende d-Range VLANs This example sho ws how to conf igure a port a s an access port in VLAN 2: Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface Switch(conf[...]
-
Página 350
16-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring Exten ded-Range VLANs • The switch must be in VTP tran sparent mode when you create ex tended -range VLANs. If VTP mode is server or client, an error message is gene rated, and the e xtended-ra nge VLAN is rejected. •[...]
-
Página 351
16-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Displaying VLANs T o delete an extended-range VLAN, use t he no vlan vlan-id global conf iguration command. The procedure for assigning static-access ports to an extended-range VLAN is the same as for normal-range VLANs. See the “ A[...]
-
Página 352
16-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Trunking Overview A trunk is a point-to-point link between one or more Ethernet switch inte rfaces and another networking de vice such as a router or a switch. Gi ga b it E th er n et t ru n ks carry the traf[...]
-
Página 353
16-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VLAN Trunk s – Manually shut do wn the GigaStack port by usin g the shutdown interf ace configuration command. – Manually conf igure trunk mode on th e GigaStack port b y using the switchport mode trunk interface conf [...]
-
Página 354
16-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Default Layer 2 Ethernet Interface VLAN Configuration Ta b l e 16-5 shows th e default Layer 2 Ethernet interface V LAN conf iguration. Configuring an Ethernet Interface as a Trunk Port Because trunk ports se[...]
-
Página 355
16-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VLAN Trunk s • A port in dynam ic mode can ne gotiate with its neig hbor to become a trunk port. If you tr y to enable IEEE 802.1X on a dynamic port, an error message appears, and I EEE 802.1X is not enabled. If you try [...]
-
Página 356
16-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Defining the Allowed VLANs on a Trunk By default, a trunk port sends traf fic to and rece i ves traf fic from all VLANs. All VLAN IDs are allo wed on each trunk. Ho wever , you can remo ve VLANs from the allo[...]
-
Página 357
16-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VLAN Trunk s This example sh ows ho w to remove VLAN 2 from the allo wed VLAN list: Switch(config)# interface Switch(config-if)# switchport trunk allowed vlan remove 2 Switch(config-if)# end Switch# Changing the Pruning-El[...]
-
Página 358
16-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Beginning in pri vileged EXEC mo de, follow these steps to conf ig ure the native VLAN on an IEEE 802.1Q trunk: T o return to the default nati ve VLAN, VLAN 1, use the no switchport trunk nati ve vlan interfa[...]
-
Página 359
16-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VLAN Trunk s In this way , T runk 1 carries traf fic for VLANs 8 through 10, and T runk 2 carries traf fic for VL ANs 3 through 6. If the acti ve trunk fails, the trunk with th e lo wer priority takes o ver and carries the[...]
-
Página 360
16-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VLAN Tr unks Load Sharing Usin g STP Path Cost Y ou can configure paral lel trunks to share VLAN traf fic b y setting dif ferent path costs on a trunk and associating the path costs with dif ferent sets of VLANs. The VLAN[...]
-
Página 361
16-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VMPS Configuring VMPS The switch cannot be a VMPS server but can act as a client to the VMPS and commun icate with it through the VLAN Query Protocol (VQP). VM PS dynamically assigns dynamic access port VLAN membership. Th[...]
-
Página 362
16-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VMPS In response to a request, the VMPS takes one o f these actions: • If the assigned VLAN is restricted to a group of ports, the VMPS verif ies the requesting port against this group and responds as follo ws: – If t[...]
-
Página 363
16-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VMPS Y o u can configure a fallback VLAN na me. If you connect a device with a MA C address that is no t in the database, the VMPS sends the f allback VLAN name to the client. If you do not conf igure a fallback VLAN and t[...]
-
Página 364
16-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VMPS • Port channels cannot be conf igured as dynamic access ports. • The VTP mana gement domain of the VMPS clie nt and the VMPS server must be the same. • VQP does not supp ort extended-rang e VLANs (V LAN IDs hig[...]
-
Página 365
16-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VMPS Beginni ng in pri vileged EXEC mode, follo w these steps to conf igure a dynamic access port on a VMPS client swit ch: T o return an interface to its d efault conf iguration, use the default interface interface-id int[...]
-
Página 366
16-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VMPS Beginni ng in pri vileged EXEC mod e, follo w these steps to change the recon firmation i nterv al: T o return the switch to its default setting, use the no vmps re confirm glob al conf iguration command. Changing th[...]
-
Página 367
16-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLANs Configuring VMPS This is an example of output for the show vmps pri vileged EXEC command: Switch# show vmps VQP Client Status: -------------------- VMPS VQP Version: 1 Reconfirm Interval: 60 min Server Retry Count: 3 VMPS domain serve[...]
-
Página 368
16-30 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 16 Configuring VLA Ns Configuring VMPS Figur e 16-5 Dynamic Por t VLAN Membe rship Configur at ion Primar y VMPS Ser v er 1 Catalyst 6500 series Secondar y VMPS Ser v er 2 Catalyst 6500 series Secondar y VMPS Ser v er 3 172.20.26.150 172.20.26.151 Catalys[...]
-
Página 369
CH A P T E R 17-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 17 Configuring VTP This chapter describe s ho w to use the V LAN T r un king Protocol (V TP) and the VLAN database for managing VLANs on your Catalyst 2950 or Catalyst 2955 switch. Note For complete syntax and usage in formation for the co mmands used[...]
-
Página 370
17-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Understandi ng VTP The VTP Domain A VTP domain (also called a VLAN management domain) consist s of one switch or se veral interconnected switches und er the same administrat i ve responsibility sharing th e same VTP domain name. A switc[...]
-
Página 371
17-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Understanding VT P When the networ k is confi gured with more than the maximum 25 0 VLANs supported by t he Catalyst 2950 switches running the enhanced softw are image (EI), or 128 VLANs supported b y the Catalyst 2950 switches ru nning [...]
-
Página 372
17-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Understandi ng VTP • VLAN state • Additional VLAN conf iguration information speci fic to the VLAN typ e VTP Version 2 If you use VTP i n your network, you must decide whether to use version 1 or version 2. By default, V TP operates[...]
-
Página 373
17-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Understanding VT P Figur e 1 7 -1 Floo ding T raf fic wit hout VTP Pr uning Figure 17-2 sho ws a switched netw ork with VTP pruni ng enabled. The broadcast traf fic from Switch A is not forwarded to Switches C, E, and F because tr aff ic[...]
-
Página 374
17-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP • T urn off VTP pruni ng by making all VLANs on the trunk of th e switch upstream to the VTP transparent switch prunin g ineligible. T o config ure VTP pruning on an int erface, use the swi tchport trunk pruning vlan i[...]
-
Página 375
17-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Configuring VTP VTP Configuration in Global Configuration Mode Y o u can use the vtp global configuration command t o set the VTP password, the v ersion, the VTP file name, the interface pr oviding updated VTP inf ormation, the domain na[...]
-
Página 376
17-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP VTP Configuration Guidelines These sections describe guidelines you should follo w when implem enting VTP in your netw ork. Domain Names When config uring VTP for the f irst time, you must al ways assign a domai n name. [...]
-
Página 377
17-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Configuring VTP VTP Version Follo w these guidelines wh en decidi ng which VTP versio n to implem ent: • All switches in a VTP domain mu st run the same VTP version. • A VTP version 2-capable switch can operate in the same VTP dom ai[...]
-
Página 378
17-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP When you conf igure a domain name, it cannot be remo ved; you can only reassign a swi tch to a dif ferent domain. T o return the switch to a no-password state, use the no vtp passw ord global conf iguration command. Thi[...]
-
Página 379
17-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Configuring VTP This exampl e shows h ow to use VLAN conf iguration mode to confi gure the switch as a VTP serv er with the domain name eng_gr oup an d the passw ord mypassword : Switch# vlan database Switch(vlan)# vtp server Switch(vla[...]
-
Página 380
17-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP Use the no vtp mode global configur ation command to return the switch to VTP server mode . T o return the switch to a no-password state, use the no vtp password global co nfigu ration command. When you confi gure a dom[...]
-
Página 381
17-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Configuring VTP Note If extended-range VLANs are configured on the swit ch, you cannot change VTP mode to server . Y ou recei ve an error messa ge, and the conf iguration is not al lo wed. Note Y ou can also conf igure VTP transparent m[...]
-
Página 382
17-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Configuring VTP Enabling VTP Pruning Pruning increases a vail able bandwidth b y restricting flood ed traff ic to those trunk links that t he traff ic must use to access the destination de vices. Y ou can only enable VTP pruning on a s[...]
-
Página 383
17-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 17 Configuring VTP Monitoring VTP Beginni ng in pri vileged EXEC mod e, follo w these steps to verify an d reset the VTP conf iguration revision number on a switch befor e adding it to a VTP domain: Y o u can also change the VTP domain name by entering th[...]
-
Página 384
17-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 17 Configur ing VTP Monitoring VTP Ta b l e 17 -3 VTP Moni t or ing Commands Command Purpose show vtp status Display the VTP switch co nfiguration information. show vtp counters Disp lay counters about VTP messages th at ha ve been sent and recei ved.[...]
-
Página 385
CH A P T E R 18-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 18 Configuring Voice VLAN This chapter d escribes how to configure the v oice VLAN feature on your Catalyst 2950 or Catalyst 2955 switch. V oice VLAN is sometime s referred to as an auxiliary VLAN in the Cat alyst 6000 famil y switch documentation. No[...]
-
Página 386
18-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 18 Configurin g Voice VLAN Configuring Voice VLAN Figur e 18-1 Cisco 7960 IP Phone Connect ed to a Switc h When the IP Phone connects to the switch, the acce ss port (PC-to-telephone jack) of the IP phone can connect to a PC. Packets to and from the PC and[...]
-
Página 387
18-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 18 Configuring Voice VLAN Configuring Vo ice VLAN Voice VLAN Configuration Guidelines These are the voice VLAN conf iguration guidelines: • Y o u should configure voice VLAN on switch acc ess ports. • The voice VLAN should be present and active on the [...]
-
Página 388
18-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 18 Configurin g Voice VLAN Configuring Voice VLAN • Config uring the IP Phone to T rust the CoS Priority of Incoming Data Frames, p age 18-5 Configuring Ports to Carry Voice Traffic in IEEE 802.1Q Frames Beginning in pri vileged EX EC mode, follow these [...]
-
Página 389
18-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 18 Configuring Voice VLAN Configuring Vo ice VLAN Overriding the CoS Priority of Incoming Data Frames Y o u can connect a PC or ot her data device to a Cisco 7960 IP Phone port. The PC can generate pack ets with an assigned CoS v alue. Y ou can configure t[...]
-
Página 390
18-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 18 Configurin g Voice VLAN Displaying Voice VLAN Use the no switchport priority extend interface conf iguration command or the switchport pri ority extend cos 0 interface conf iguration command to return the port to its default set ting. Displaying Voice V[...]
-
Página 391
CH A P T E R 21-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 21 Configuring Port-Based Traffic Control This chapter describes h ow to configure t he port-based traf fic control features on your Catalyst 29 50 or Catalyst 29 55 switch. Note For complete syntax and usage in formation for the co mmands used in thi[...]
-
Página 392
21-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Storm Control Storm control uses one of th ese methods to measure traf fic act ivi ty: • Bandwidth based • T r af fic rate at which packets are recei ved (in pa ckets per second ) (av ailable only [...]
-
Página 393
21-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Storm Control T o disable storm control, use the no storm-contr ol br oadcast leve l , the no storm-contr ol multicast level , or the no storm-control un icast lev el interface co nfiguratio n command.[...]
-
Página 394
21-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Protec ted Ports Configuring Protected Ports Some applications require that no traffic be forw ar ded between ports on the same switch so that one neighbor does not see the traf fic generated b y anoth[...]
-
Página 395
21-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port B locking Configuring Port Blocking By default, the sw itch floods packet s with unkno wn destination MA C addresses to all ports. If unkno wn unicast and multicast traf fic is forwarded to a prot[...]
-
Página 396
21-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security Resuming Normal Forwarding on a Port Beginni ng in pri vileged EXEC mode, follow these steps to resume normal forw arding on a port: Configuring Port Security Y ou can use the port securi[...]
-
Página 397
21-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security • Stic ky secure MA C address es—These can be dynamically learned or manually conf igured, stored in the address table, and added t o the running conf iguration. If these addresses ar[...]
-
Página 398
21-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security Ta b l e 21-1 shows th e violation mode and t he actions taken when y ou conf igure an interface for port security . Default Port Security Configuration Ta b l e 21-2 shows th e default p[...]
-
Página 399
21-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security • When a voice VLAN is conf igured on a se cure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and a[...]
-
Página 400
21-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security T o return the interface to the default condition as not a secure po rt, use the no switchport port- security interface conf iguration command. If you enter this comm an d when sticky l [...]
-
Página 401
21-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security T o disable sticky learning on an interface, use the no switchport port-security mac-address stick y interface configuration command. The interf ace con ver ts the sticky secure MA C add[...]
-
Página 402
21-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Configuring Port Security Beginni ng in pri vileged EXEC mode, follow these steps to conf igure port security aging: T o disable port security aging fo r all secure addresses on a port, use the no switchport port[...]
-
Página 403
21-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Displaying Po rt-Based Tr affic Control Se ttings Displaying Port-Based Traffic Control Settings The show interfaces interface- id switchport pri vileged EXEC command displays (among other characteristics) the in[...]
-
Página 404
21-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 21 Configuri ng Port-Based Traffic Control Displaying Port-Based Traffic Control Settings[...]
-
Página 405
CH A P T E R 19-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 19 Configuring DHCP Features This chapter describes ho w to conf igure DHCP snooping and t he option-82 data inserti on features on the Catalyst 29 50 or Catalyst 2955 switch. Note For complete syntax and usage in formation for the co mmands used in t[...]
-
Página 406
19-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 19 Config uring DHCP Feat ures Understanding DHCP Features DHCP Server The DHCP server assigns IP addr esses from specified ad dress pools on a switch or router to DHCP clients and manages them. If the DHCP server cannot giv e the DHCP client the requested[...]
-
Página 407
19-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 19 Configuring DHCP Fea tures Understanding DHCP Feature s The switch drops a DHCP packet when one of these s ituations occurs: • A packet from a DHCP serv er , such as a DHCPOFFER, DHCP ACK, DHCPN AK, or DHCPLEASEQUER Y packet, is recei ved from outside[...]
-
Página 408
19-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 19 Config uring DHCP Feat ures Understanding DHCP Features Figur e 19-1 DHCP Relay A gent in a Metr opolitan Ether net Networ k When you enable the DHCP snoopin g information option 82 on the swi tch, this sequence of ev ents occurs: • The host (DHCP cli[...]
-
Página 409
19-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 19 Configuring DHCP Fea tures Configuring DHCP Features The port numbers in the port fiel d of the ci rcuit-ID suboption start at 0. For e xample, on a Catalyst 2950G-24-EI swit ch, port 0 is the F a st Ethernet 0/1 port, port 1 is the Fast Ethernet 0/2 po[...]
-
Página 410
19-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 19 Config uring DHCP Feat ures Configuring DHCP Feat ures DHCP Snooping Configuration Guidelines These are the conf iguration guidelines for DHCP snooping. • Y ou must globally enable DHCP snooping on the swi tch. • DHCP snooping is not acti ve until D[...]
-
Página 411
19-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 19 Configuring DHCP Fea tures Configuring DHCP Features Configuring the DHCP Server The Catalyst 2955 switch can act a s a DHCP server . By default, the Cisco IOS DHCP server and relay agent features are enabled on your switch but are not configured. These[...]
-
Página 412
19-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 19 Config uring DHCP Feat ures Displaying DHCP Information T o disable DHCP snooping, use t he no ip dhcp snooping global conf iguration command. T o disable DHCP snooping on a VLAN or ran ge of VLANs, use the no ip dhcp snooping vlan vlan-id global confi [...]
-
Página 413
CH A P T E R 20-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 20 Configuring IGMP Snooping and MVR This chapter describe s ho w to configure Internet Group M anagement Protocol (IGMP) snoopin g on your Catalyst 2950 or Catalyst 2955, including an application of lo cal IGMP snooping, Multicast VLAN Registration ([...]
-
Página 414
20-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Understanding IGMP Snooping the switch adds th e host port number to the forw ardi ng table entry; when i t receiv es an IGMP Leave Group message from a host, it remov es the host port from the tabl e entry . It also [...]
-
Página 415
20-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Understanding IGM P Snooping An IGMPv3 switch can receive messages from and forwar d messages to a de vice running the Source Specif ic Multicast (SSM) feature. F or more information, see the “C onfiguring IP Multica[...]
-
Página 416
20-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Understanding IGMP Snooping Note that the switch hardw are can distinguish IGMP information pack ets from other packets for the multicast group. • The fir st entry in the table tells the switching en gine to send IG[...]
-
Página 417
20-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Understanding IGM P Snooping When hosts want to leav e a multicas t group, they can eithe r silently leave, or they can send a leave message. When the switch receives a lea ve message from a host, it sends a group-spec[...]
-
Página 418
20-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping If the multicast router query al so includes requests for IGMPv3 reports, the swi tch forwards all IGMPv1, IGMPv2, and IGMPv3 reports for a group to the multicast d evices. If you disable IGM[...]
-
Página 419
20-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Snooping • Config uring the Aging T ime, page 20-13 • Displaying IGMP Sn ooping Information, page 20 -13 Default IGMP Snooping Configuration Ta b l e 20-3 sho ws the defaul t IGMP snooping conf ig[...]
-
Página 420
20-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping T o disable IGMP snooping on a VLAN interf ace, use the no ip igmp snooping vlan vlan-id global confi guration command for t he specifi ed VLAN number . Setting the Snooping Method Multicast-[...]
-
Página 421
20-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Snooping T o return to the defa ult learning method, use th e no ip igmp snooping vlan vlan-id mr outer lear n cgmp global conf iguration command. Configuring a Multicast Router Port T o add a multica[...]
-
Página 422
20-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping T o remove the Layer 2 port fr om the multicast group, use the no ip igmp snooping vlan vlan-id static mac-addr ess inter face interfa ce-id global conf iguration command. This example sho w[...]
-
Página 423
20-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Snooping • The default lea ve time is 1000 milliseconds. • The IGMP confi gurable lea ve time is only support ed on hosts running IGMP V ersion 2. • The actual leav e latency in the network is [...]
-
Página 424
20-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping T o re-enable IGMP report suppression, use the ip i gmp snooping report-suppr ession gl obal confi guration command. Disabling IP Multicast-Source-Only Learning The IP multicast-sour ce-only[...]
-
Página 425
20-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Displaying IGMP Snooping Information Configuring the Aging Time Y ou can set the aging time for forwarding-table entries th at the switch learns by using the IP multicast-source-only le arning method. Beginni ng in pr[...]
-
Página 426
20-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Understanding Mu lticast VLAN Registration For more inf ormation about the ke ywords and options in these commands, see the co mmand reference for this release. For e xamples of output from the commands in Ta b l e 2[...]
-
Página 427
20-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Understanding Multicast VLAN Registration The switch CPU identifies the MV R IP multicast streams and th eir associated MA C address es in the switch forwarding t able, intercepts the IGMP messages, and modif ies the [...]
-
Página 428
20-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Understanding Mu lticast VLAN Registration Figur e 20-3 Multicast VLAN Registr ation Example MVR eliminates the need to dupli cate tele vision-channel multicast tr af fic for subscribers in each VLAN. Multicast traf [...]
-
Página 429
20-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring MVR Configuring MVR These sections include basic MVR confi guration inf ormation: • Defaul t MVR Confi guration, page 20-17 • MVR Conf iguration Guidel ines and Limitations, page 20-17 • Config uring[...]
-
Página 430
20-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring MVR Configuring MVR Global Parameters Y ou do not need to set the optional MVR parameters i f you choose to use the default settin gs. If you do want to chan ge the default parameters (e xcept for the MVR[...]
-
Página 431
20-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring MVR Switch(config)# mvr querytime 10 Switch(config)# mvr vlan 22 Switch(config)# mvr mode dynamic Switch(config)# end Switch# show mvr MVR Running: TRUE MVR multicast vlan: 22 MVR Max Multicast Groups: 256[...]
-
Página 432
20-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Displaying MVR Information T o return the interface to its de fault settings, use the no mvr [ type | immed iate | vlan vlan-id | group ] interface configuration commands. This example sho ws how to conf igure a port[...]
-
Página 433
20-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Filtering and Throttling Configuring IGMP Filtering and Throttling In some en vironments, for e xample, metropolitan or mult iple-dwelling unit (MDU) installations, you might want t o control the set[...]
-
Página 434
20-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Filtering and Throttling When the maximum number of g roups is in forwar ding table, the defaul t IGMP throttling action is to deny the IGMP report. For conf iguration guidelines, see the “Conf igu[...]
-
Página 435
20-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Configuring IGM P Filtering and Throttling Switch(config-igmp-profile)# permit Switch(config-igmp-profile)# range 229.9.9.0 Switch(config-igmp-profile)# end Switch# show ip igmp profile 4 IGMP Profile 4 permit range 2[...]
-
Página 436
20-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Configuring IGMP Filtering and Throttling Setting the Maximum Number of IGMP Groups Y ou can set the maximum number of IGMP groups th at a Layer 2 interf ace can join by usi ng the ip igmp max-gr oups interface conf [...]
-
Página 437
20-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 20 Configuring IGMP Sn ooping and MVR Displaying IGMP Filterin g and Throttling Configuration – If you conf igure the throttling action as deny , the entries that were previously in t he forwarding table are n ot remov ed but are a ged out. After these [...]
-
Página 438
20-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 20 Config ur ing IGMP Snooping and MVR Displaying IGMP Filte ring and Throttling Configuration Use the privile ged EXEC commands in Ta b l e 20-8 to display IGMP filteri ng and throttling configuration: Ta b l e 20-8 Commands f or Displaying IG MP Filter [...]
-
Página 439
CH A P T E R 22-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 22 Configuring UDLD This chapter descri bes how to configure the UniDirectional Li nk Detection (UD LD) protocol on you r Catalyst 2950 or Catalyst 29 55 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , [...]
-
Página 440
22-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Understanding UDLD A unidirectional link occurs whene ver traf fic sent by a local device is recei ved by its neighbor b ut traff ic from the neighbor is not receiv ed by the local de vice. In normal mode, UDLD detects a u nidirectional[...]
-
Página 441
22-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Configuring UDLD UDLD relies on echoing as i ts detection mechan ism. Whene ver a UDLD device learns about a ne w neighbor or recei ves a resynchronization request from an o ut-of-sync neighbor , it restarts the detection windo w on its[...]
-
Página 442
22-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Configuring UDLD Default UDLD Configuration Ta b l e 22-1 shows th e default UDLD con figur ation. Configuration Guidelines These are the UDLD configuration guidelines: • A UDLD-capable interface also cannot detect a un idirectional l[...]
-
Página 443
22-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Configuring UDLD Enabling UDLD Globally Beginni ng in pri vileged EXEC mode, follow these steps to enable UDLD in the aggressi ve or normal mode and to set the conf igurable message timer on all f iber-optic interf aces on the switch: T[...]
-
Página 444
22-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Configuring UDLD T o disable UDLD on a non-f iber- optic interface, use th e no udld port interface conf iguration command. Note On fiber -optic interfaces, the no udld port command re verts the interface conf iguration to the udld enab[...]
-
Página 445
22-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Displaying UDLD Status Displaying UDLD Status T o display the UDLD status for the s pecifie d interface or for all interfaces, use the show udld [ interface- id ] pri vileged EXEC command. For detailed i nformation about the f ields in [...]
-
Página 446
22-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 22 Configuring UDLD Displaying UDLD Status[...]
-
Página 447
CH A P T E R 23-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 23 Configuring CDP This chapter describes ho w to confi gure Cisco Disco very Protocol (CDP) on yo ur 2950 or Catalyst 2955 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see the command reference for [...]
-
Página 448
23-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 23 Configur ing CDP Configuring CDP Configuring CDP These sections include CDP configur ation infor mation and procedures: • Default CD P Config uration, page 23-2 • Config uring the CDP Characteristics, page 23 -2 • Disabling an d Enabling CDP , pag[...]
-
Página 449
23-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 23 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings. This exampl e shows ho w to configu re CDP characteristics. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdtime 120 [...]
-
Página 450
23-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 23 Configur ing CDP Monitoring and Maintaining CDP Disabling and Enabling CDP on an Interface CDP is enabled b y default on all suppo rted interfaces to send and recei ve CDP information. Beginni ng in pri vileged EXEC mode, follow these steps to disable C[...]
-
Página 451
23-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 23 Configuring CDP Monitoring and Maintaining CDP show cdp entry entry-name [ protocol | version ] Display information ab out a specif ic neighbor . Y ou c an enter an asterisk (*) to displa y all CDP neig hbors, or you can enter th e name of the neighbor [...]
-
Página 452
23-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 23 Configur ing CDP Monitoring and Maintaining CDP[...]
-
Página 453
CH A P T E R 24-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 24 Configuring SPAN and RSPAN This chapter de scribes ho w to configur e Switched Port An alyzer (SP AN) and Remote SP AN (RSP AN) on your Catalyst 2950 or Catalyst 29 55. Note For complete syntax and usage in formation for the co mmands used in this [...]
-
Página 454
24-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Understanding SPAN and RSPAN Figur e 24-1 Example SP AN Configuration Only traf fic th at enters or lea ves sour ce p orts can be monitored b y using SP AN. RSP AN extends SP AN by enabling remo te monitoring of multiple swit[...]
-
Página 455
24-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Understanding SPAN and RSPAN SPAN and RSPAN C oncepts and Terminology This section descri bes concepts and terminology associated with SP AN and RSP AN configuration. SPAN Session A local SP AN session is an association of a d[...]
-
Página 456
24-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Understanding SPAN and RSPAN Source Port A source port (also called a monitor ed port ) is a switched port that you monitor for network traf fic analysis. In a single local SP AN session o r RSP AN source session, you can mon[...]
-
Página 457
24-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Understanding SPAN and RSPAN Reflector Port The reflector port is the mechanism that copies packets onto an RSP AN VLAN. The reflector port forwards only the tr af fic f rom the RSP AN source session with whic h it is aff ilia[...]
-
Página 458
24-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Understanding SPAN and RSPAN • VLAN Trunking Protocol (VTP)— Y ou can use VTP to prune an RSP AN V LAN between switc hes. • VLAN and trunking—Y ou can modify VLAN membership or trunk sett ings for source, or destinati[...]
-
Página 459
24-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN Default SPAN and RSPAN Configuration Ta b l e 24-1 sho ws the defaul t SP AN and RSP AN conf iguration. Configuring SPAN This section describes ho w to configure SP AN on your switch . It contains this conf ig[...]
-
Página 460
24-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Configuring SPAN – If you disable all sou rce ports or the destinat ion port, the SP AN function stops until both a source and the destination port are enabled. Creating a SPAN Session and Specifying Ports to Monitor Beginn[...]
-
Página 461
24-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring SPAN Switch(config)# no monitor session 1 Switch(config)# monitor session 1 source interface fastethernet0/10/17 Switch(config)# monitor session 1 destination interface fastethernet0/80/18 encapsulation dot1q Switc[...]
-
Página 462
24-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Configuring SPAN This exampl e show s how to configu re the destination port for ing ress traf fic on VLAN 5 by using a security device that does not support IEEE 802.1Q encapsulation. Switch(config)# monitor session 1 desti[...]
-
Página 463
24-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring RSPAN This exampl e show s how to disable recei ved traf fic monitor ing on a port that w as config ured for bidirectional monitoring: Switch(config)# no monitor session 1 source interface fastethernet0/1 rx The m[...]
-
Página 464
24-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Configuring RSPAN – All participatin g switches support RSP AN. Note The RSP AN VL AN cannot be VLAN 1 (t he default VLAN) or VLAN IDs 1002 through 1005 (reserv ed to T oken Ring and FDDI V LANs). • Y ou should create an[...]
-
Página 465
24-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring RSPAN Creating an RSPAN Source Session Beginni ng in pri vileged EXEC mod e, follo w these st eps to start an RSP AN sour ce session and to specify the monitored source and the destination RSP AN VLAN: Command Pur[...]
-
Página 466
24-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Configuring RSPAN This exampl e sho ws how to clear any e xisting RSP AN confi guration for session 1 , conf igure RSP AN session 1 to monitor mul tiple source interfaces, and conf igure the destination RSP AN VLAN and the r[...]
-
Página 467
24-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 24 Configuring SPAN and RSPAN Configuring RSPAN Removing Ports from an RSPAN Session Beginning in priv ileged EXEC mode, foll ow these steps to remove a port as an RSP AN source for a session: This exampl e show s how to remove po rt 17 as an RSP AN sourc[...]
-
Página 468
24-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 24 Config uring SPAN and RSPAN Displaying SPAN and RSPAN Status Displaying SPAN and RSPAN Status T o display the status of the curren t SP AN or RSP AN conf iguration, use the show monitor pri vileged EXEC command. This is an example of output for the sho[...]
-
Página 469
CH A P T E R 25-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 25 Configuring RMON This chapter describes ho w to configur e Remote Network Monit oring (RMON) on your Catal yst 2950 or Catalyst 2955 switch. RMON is a standard monitorin g spec ification that defines a set of statistics and functions that can be e [...]
-
Página 470
25-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Configuring RMON Figur e 25-1 Remote Monit oring Example The switch supports these RMON groups (defined in RFC 1757): • Statistics (RMON grou p 1)—Collects Ethernet, F ast Ethernet, and G igabit Ethe rnet statist ics on an interface[...]
-
Página 471
25-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Configuring RMO N Default RMON Configuration RMON is disabled by def a ult; no al arms or e vents are conf igured. Only RMON 1 is supported on the swit ch. Configuring RMON Alarms and Events Y ou can configure your swit ch for RMON by u[...]
-
Página 472
25-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Configuring RMON T o disable an a larm, use the no rmon alarm number global conf iguration command on each alarm you confi gured. Y ou cannot disable at once all the alarms that you conf igured. T o disable an e vent, use the no rmon ev[...]
-
Página 473
25-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Configuring RMO N Beginni ng in pri vileged EXEC mod e, follo w these steps to collect group hi story statistics on an interface: T o disable history collection, use the no rmon collection history inde x interface conf iguration command[...]
-
Página 474
25-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 25 Configuring RMON Displaying RMON Status T o disable the collection of grou p Ethernet statistics, use the no rmon c ollection stats inde x inte rface confi guration command. Displaying RMON Status T o display the RMON status, use one or mo re of the pri[...]
-
Página 475
CH A P T E R 26-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 26 Configuring System Message Logging This chapter describes ho w to configure syst em message logging on your Catalyst 2950 or Catalyst 2955 switch. Note For complete syntax and usage information for the co mmands used in this chapter , see the Cisco[...]
-
Página 476
26-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging Configuring System Message Logging These sections describe ho w to configure system message log ging: • System Log Message Format, page 26-2 • Default Syst em Message Logging C[...]
-
Página 477
26-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging This example sho ws a partial switch system message: 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 00:00:47: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, c[...]
-
Página 478
26-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging Disabling the loggi ng process can slo w dow n the switch because a process mu st wait until t he messages are written to the console before co ntinuing. When the logging proces s [...]
-
Página 479
26-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging The logging buffer ed global conf iguration command copies logg ing messages to an internal b uffer . The buf fer is circular , so newer messages o verwrite older messag es after th[...]
-
Página 480
26-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging Beginni ng in pri vileged EXEC mode, follow these steps to conf igure synchronous logging: T o disable synchronizati on of unsolic ited messag es and debug outpu t, use the no logg[...]
-
Página 481
26-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging T o disable timestamps for both deb ug and log messages, use the no ser vice timestamps global confi guration command. This example shows part of a logging displa y with the service[...]
-
Página 482
26-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging Defining the Message Severity Level Y ou can limit messages displayed to the selected de vi ce by specifying the se verity le vel of the message, which are described in Ta b l e 26[...]
-
Página 483
26-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging The software generates four other cat egories of messages: • Error messages about software or hardware malfunctions that appear at le vels war nings through emergencies . These ty[...]
-
Página 484
26-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Configuring System Messa ge Logging When the history table is full (it contains the ma ximum number of message entries specif ied with the logging history size glob al configurati on command), the oldest messag e en[...]
-
Página 485
26-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 26 Configuring System Messag e Logging Configuring System Messa ge Logging Configuring the UNIX System Logging Facility When sending system log messag es to an external de vice, you can c a use the switch to ident ify its messages as originating from an y[...]
-
Página 486
26-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 26 Config ur ing System Message Logging Displaying the Logging Configuration Displaying the Logging Configuration T o display the logging conf iguration and the contents of the log buf fer , use the show logging privile ged EXEC command. For in formation [...]
-
Página 487
CH A P T E R 27-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 27 Configuring SNMP This chapter describe s ho w to configure the Simpl e Network Management Protoc ol (SNMP) on your Catalyst 29 50 or Catalyst 2955 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see [...]
-
Página 488
27-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Understandi ng SNMP • Using SNMP to Access MIB V ariables, pa ge 27-4 • SNMP Notifi cations, page 27- 5 SNMP Versions This software release supports t hese SNMP versions: • SNMPv1—The Simple Netw ork Management Protoc ol, a Ful[...]
-
Página 489
27-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Understanding SN MP Y ou must configure the SNMP agent t o use the SNMP version su pported by the manag ement station. Because an agent can commu nicate with multiple manage rs, you can configur e the software to support communications [...]
-
Página 490
27-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Understandi ng SNMP The SNMP agent also sends unsolicited trap messages to notify an NMS that a signif icant event has occurred on the agent. Examples of trap cond itions include, b ut are not limited to , when a port or module goes up[...]
-
Página 491
27-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP SNMP Notifications SNMP allows the switch to send notifications to S N MP managers when particular ev ents occur . SNMP notifications can be sen t as traps or inform req uests. In command syntax, unless there is an opti[...]
-
Página 492
27-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP SNMP Configuration Guidelines If the switch starts and th e switch st artup conf iguration ha s at least one snmp-server global configuration command, the SNMP agent is enabled. An SNMP gr oup is a table that maps SNMP[...]
-
Página 493
27-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP • Changing the v a lue of the SNMP engine ID has important side ef fects. A user's password (entered on the command line) is con verted to an MD5 or SH A securi ty digest based on t he password and the local engi[...]
-
Página 494
27-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP Beginni ng in pri v ile ged EXEC mode, follo w these st eps to configure a community string on the sw itch: Note T o disable access for an SNMP community , set the community string for that community to the null string[...]
-
Página 495
27-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP T o remove a specific commu nity string, use the no snmp-server community string global configuration command. This example sho ws how to assign the string comaccess to SNMP , to allow read-only access, and to specify t[...]
-
Página 496
27-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP Step 3 snmp-s erv er group gr oupname { v1 | v2c | v3 { auth | noauth | priv }} [ rea d re a d v i e w ] [ write write view ] [ noti fy notifyview ] [ access access-list ] Config ure a new S NMP group on the remote de[...]
-
Página 497
27-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP Configuring SNMP Notifications A trap manager is a management station that recei ves and processes traps. T rap s are system alerts that the switch generates when certain e vents occur . By de fault, no trap manager is[...]
-
Página 498
27-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP Y o u can use the snmp-server host global conf iguration command to a specif ic hos t to recei ve the notif ication types listed in Ta b l e 27 -4 . Beginni ng in pri vileged EXEC mode, configu re the switch to send t[...]
-
Página 499
27-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP Step 3 snmp-server user username gr oupname { remote host [ udp-port port ]} { v1 [ access access -list ] | v2c [ access access-list ] | v3 [ encrypted ] [ access access-list ] [ auth { md5 | sha } auth-password ]} Con[...]
-
Página 500
27-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Configuring SNMP The snmp-server host command specif ies which hosts receive the notif ications. The sn mp-server enable trap command globally enables the mechanism for the specif ied notif ication (for traps and informs). T o enable [...]
-
Página 501
27-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 27 Configuring SNMP Configuring SNMP Limiting TFTP Servers Used Through SNMP Beginning in pri vileged EXEC mode, follow these steps to limit the TFTP servers used f or saving and loading configurat ion files through SNMP to the servers specif ied in an ac[...]
-
Página 502
27-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 27 Configu ring SNMP Displaying SNMP Status This example sho ws how to allo w read-only acces s for all objects to members of access list 4 that use the comacces s community strin g. No other SNMP managers hav e access to any objects. SNMP Authentication [...]
-
Página 503
CH A P T E R 28-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 28 Configuring Network Security with ACLs This chapter describes h ow t o conf igure network securi ty on a Catalyst 2950 or Catalyst 29 55 switch b y using acce ss control lists (A CLs), whic h are al so referred to in commands and tables as access l[...]
-
Página 504
28-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Understanding ACLs Understanding ACLs Packet f iltering can limit ne twork traf fic and restrict network use by certain users or devices. A CLs can filt er traf fic as it passes through a switch and permit or deny[...]
-
Página 505
28-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Understanding ACLs A CLs permit or deny packet forwarding based on ho w the packet matches the entries i n the A CL. For example, you can use A CLs to allow one host to acces s a part of a network, but to pre vent[...]
-
Página 506
28-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Understanding ACLs Note In the first and second A CE s in the examples, the eq keyword after the destinati on addres s means to test for the TCP-destinat ion-port well-kno wn numbers equa ling Simple Mail T ransfe[...]
-
Página 507
28-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Understanding ACLs – UDP (Y ou can specify a UDP source, destination port number , or both at the same time.) Note A mask can be a combination of either multiple Layer 3 and Layer 4 fields or of multiple Layer 2[...]
-
Página 508
28-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs – Fast Ethernet ports support up to 75 A CEs per 1 A CL across a range of 8 Fast Eth ernet ports. This means that ports 1 to 8 support a combined to tal of 75 A CEs, ports 9 to 16 support a comb[...]
-
Página 509
28-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Unsupported Features The switch does not support these Ci sco IOS router A CL-related features: • Non-IP protocol A CLs (see Ta b l e 28-2 on page 28-8 ) • Bridge-group A CLs • IP accounting[...]
-
Página 510
28-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs Note In addition to num bered standard and e xtended A CLs , you can also create named standard and extended IP A CLs by using the supported numbers. That i s, the name of a standard IP A CL can b[...]
-
Página 511
28-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Beginning in pri vileged EXEC mode, follow these steps to create a numbered standard IP A CL: Use the no access-list access-list-number global conf iguration command to delete th e entire A CL. Y [...]
-
Página 512
28-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs Creating a Numbered Extended ACL Although standard A C Ls use only source addresses for matching, you can use an e xtended AC L source and destination addresses for mat c hing operations and op t[...]
-
Página 513
28-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Note For information about creating A CLs to apply to management interfaces, see th e “Configuri ng IP Services” section of Cisco IOS IP and IP Routing Conf igurati on Guide, Release 12.1 and[...]
-
Página 514
28-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs Use the no access-list access-list-number global configuration command to delete the entire access list. Y ou cannot delete individ ual A CEs from numbered access lists. This exampl e show s how [...]
-
Página 515
28-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Creating Named Standard and Extended ACLs Y ou can identify IP A CLs with an alphanumeric string (a name) rather than a n umber . Y ou can use named A CLs to configure more IP access lists on a s[...]
-
Página 516
28-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs When making the standard and ext ended A CL, remember that, by default, the end of the A CL contains an implicit deny statement fo r ev erything if it did not find a match b efore reaching the en[...]
-
Página 517
28-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs • Y ou can control logging messages. A CL entries can log traf fic at certain times of the d ay , bu t not constantly . Therefore, you can simply deny access without h aving t o analyze many lo[...]
-
Página 518
28-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs time-range entry: new_year_day_2000 (inactive) absolute start 00:00 01 January 2000 end 23:59 01 January 2000 time-range entry: thanksgiving_2000 (inactive) absolute start 00:00 22 November 2000 [...]
-
Página 519
28-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Configuring ACLs Switch(config)# access-list 1 permit 171.69.2.88 Switch(config)# access-list 1 remark Do not allow Smith workstation through Switch(config)# access-list 1 deny 171.69.3.13 For an entry in a named[...]
-
Página 520
28-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Configuring ACLs This example sh ows ho w to create and display an access list named ma c1 , denying o nly EtherT ype DECnet Phase IV traff ic, but per mitting all oth er types of traf fic. Switch(config)# mac ac[...]
-
Página 521
28-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Applying ACLs to Terminal Lines or Physic al Interfaces Applying ACLs to Terminal Lines or Physical Interfaces Note Before applying an A CL to a physical interface, see the “Guidelines for Applying A CLs to Phy[...]
-
Página 522
28-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Displaying ACL Information Applying ACLs to a Physical Interface Beginni ng in pri vileged EXEC mod e, follo w thes e steps to control access to a Layer 2 interface: This exampl e show s how to apply access list [...]
-
Página 523
28-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Displaying ACL Information Beginning in pri vileged EXEC mode, follow these steps to display access lists: This example sho ws all standard and extended A CLs: Switch# show access-lists Standard IP access list 1 [...]
-
Página 524
28-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Examples for Co mpiling ACLs Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is permit Any Inbound access list is 13 [...]
-
Página 525
28-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Examples for Compiling ACLs Figur e 28-2 Using Switch ACLs t o Contr ol T raf fic This example uses a standard A C L to allow access to a specific Internet host with the address 172.20.128 .64. Switch(config)# ac[...]
-
Página 526
28-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Examples for Co mpiling ACLs Numbered ACL Examples This example sho ws that the switch accepts addresses on network 36.0.0.0 subnets and denies all pack ets coming from 56.0.0.0 subnets. Th e A CL is then applied[...]
-
Página 527
28-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 28 Configuri ng Network Security with ACLs Examples for Compiling ACLs Switch(config)# access-list 100 deny host 171.69.3.85 any eq www Switch(config)# access-list 100 remark Do not allow Smith to browse the web Switch(config)# access-list 100 deny host 1[...]
-
Página 528
28-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 28 Configurin g Network Security with ACLs Examples for Co mpiling ACLs[...]
-
Página 529
CH A P T E R 29-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 29 Configuring QoS This chapter describe s ho w to configure quality of serv ice (QoS) by using automatic-QoS (auto-Q oS) commands or by using standard QoS commands. W ith QoS, you can gi ve preferential treatment to certain types of traf fic at the e[...]
-
Página 530
29-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understandi ng QoS Y ou can also use these wizards to conf igure QoS only if your swit ch is running the EI: • Priority data wizard—Lets you assign priori ty lev els to data application s based on their TCP or UDP ports. It has a sta[...]
-
Página 531
29-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understanding Qo S Layer 3 IP pack ets can carry a Dif ferentiated Serv ices Code Point (DSCP) v alue. The supported DSCP v alues are 0, 8, 10, 16, 18, 24, 26, 32, 34, 40, 46, 48, and 56. Figur e 29-1 QoS Classification Layers in F rames[...]
-
Página 532
29-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understandi ng QoS • Marking e valuates the policer and conf iguration informat ion for the action t o be taken when a packet is out of prof ile and decides what to do with the packet (pass through a pack et without modif ication, mark[...]
-
Página 533
29-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understanding Qo S The trust DSCP conf iguration is meanin gless for non-IP traf fic. If you conf igure a port with this option and non-IP traf fic is recei ved, the switch assigns the def ault port CoS v alue and classifies traf fic bas[...]
-
Página 534
29-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understandi ng QoS Classification Based on Cl ass Maps and Policy Maps A class map is a mechanism that y ou use to isolate and name a specif ic traff ic flow (or class) from all other traf fic. The cl ass map def ines the criteria used t[...]
-
Página 535
29-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understanding Qo S • Only one policer can be applied to a pack et in the input direct ion. • Only the av erage rate and committed burst p arameters are configurable. • Policing occurs on the ingress interf aces: – 60 policers are[...]
-
Página 536
29-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Understandi ng QoS Port Priority Frames receiv ed from use rs in the administrati vel y defined VLANs are classified or tagged for transmission to other de vices. Based on rules that you define, a uni que identif ier (the tag) is inserte[...]
-
Página 537
29-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Y o u can enable the egress expedite queue and assi gn WRR weights to the other queues b y using the wrr -queue bandwidth weight1 weight 2 weight3 0 global conf iguration command. Configuring Auto-QoS Note This featu[...]
-
Página 538
29-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Ta b l e 29-3 lists the generated au to-QoS conf iguration for the egress queues. When you enable the auto-QoS feature on the first interface, these automatic actions occur: • When you enter the auto qos voip cisc[...]
-
Página 539
29-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Effects of Auto-QoS on the Configuration When auto-QoS is enabled, the auto qos voip interface conf iguration command and t he generated confi guration are added to the running conf iguration. The switch applies the[...]
-
Página 540
29-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Configuration Guidelines Before conf iguring auto-QoS, you sh ould be aw are of this informati on: • In releases earlier than Cisco IOS R elease 12.1( 20)EA2, auto-QoS conf igures the switch for V oIP only with Ci[...]
-
Página 541
29-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Auto-QoS Enabling Auto-QoS for VoIP Beginning in pri vileged EXEC mode, follow these steps to enable auto-QoS for V oIP within a QoS domain: T o disable auto-QoS on the switch an d return to the def ault port trust state set[...]
-
Página 542
29-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Displaying Auto-QoS Information Switch(config)# interface gigabitethernet0/1 Switch(config-if)# auto qos voip trust Displaying Auto-QoS Information T o display the initial au to-QoS confi guration, use the sho w auto qos [ interfa ce [ [...]
-
Página 543
29-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Auto-QoS Configuration E xample Figur e 29-3 A uto-QoS Configur at ion Example Networ k The intelligent wiring clo sets in Figure 29-3 are composed of Catalyst 2950 switches running the EI and Catalyst 3550 switches. The object of this [...]
-
Página 544
29-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Beginni ng in priv ileged EXEC mode, follo w these steps to configur e the switch at the edge of the QoS domain to prioritize t he V oIP traff ic over all other traf fic: Configuring Standard QoS Before conf ig[...]
-
Página 545
29-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S Note If your switch is running the SI, y ou can confi gure only the features descri bed in the “ Conf iguring Classification Usin g Port T ru st States ” and the “ Configuri ng the Egress Queues ” secti[...]
-
Página 546
29-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS • Y ou must disable the IEEE 802.3x flo wcontrol on all ports befo re enabling QoS on the switch. T o disable it, use the flowcontrol r eceive off and flowcontr ol send off interface conf iguration commands. [...]
-
Página 547
29-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S Configuring Classification Using Port Trust States This section descri bes ho w to classify incoming t raf fic b y using port trust states: • Config uring the T rust State on Ports within the QoS Domain, p ag[...]
-
Página 548
29-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS T o return a port to its untrusted st ate, use the no mls qos trust interf ace configuration command. For information on ho w to change the default CoS v alue, see the “Configuring the CoS V alue for an Inter[...]
-
Página 549
29-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S T o return to the default setting, use t he no mls qos cos { default-cos | ov erride } interface conf iguration command. Configuring Trusted Boundary In a typical net work, you connect a Cisco IP Ph one to a sw[...]
-
Página 550
29-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS trusted boundary feature di sables the trusted setting on the swi tch port and pre vents misuse of a high-priority queue. No te that the trusted boundary fe ature is no t effect iv e if the PC and Cisco IP Phon[...]
-
Página 551
29-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S Enabling Pass-Through Mode In software releases ear lier th an Cisco IOS Release 12.1(11)EA1, the switch is in pass-thr ough mode. It uses the CoS value of incoming pack ets without modifyi ng the DSCP v alue a[...]
-
Página 552
29-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Configuring a QoS Policy Note This feature is a v ailable only if your swit ch is running the EI. Config uring a QoS polic y typically requires classifying t raff ic into classes, conf iguring policies appli ed[...]
-
Página 553
29-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S For more inf ormation about creating I P standard A CLs, see the “Guidelines for Applying A CLs to Physical Interf aces” section on page 28-5 . T o delete an A CL, use the no access-list access-list-number [...]
-
Página 554
29-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Beginning in priv ileged EXEC mode, foll ow these steps to create an IP exten ded A CL for IP traf fic: Command Purpose Step 1 configur e terminal Enter global conf iguration mode. Step 2 access-list access-lis[...]
-
Página 555
29-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S For more inf ormation about creating I P extended A CLs, see the “Guidelines for Apply ing A CLs to Physical Interf aces” section on page 28-5 . T o delete an A CL, use the no access-list access-list-number[...]
-
Página 556
29-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS This example sho ws how to create a Layer 2 MA C A C L with a permit statement. The statement allo ws traf fic from the host with MA C address 0001.0000.0001 to th e host with MA C address 0002.0000.0001. Switc[...]
-
Página 557
29-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S T o delete an existing class map, use the no class-map class-map-name global co nfiguration command. T o remove a match criterion , use the no match { access-group acl-inde x | name acl-name | ip dscp } class-m[...]
-
Página 558
29-30 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Beginni ng in pri vileged EXEC mode, follow these steps to create a polic y map: Command Purpose Step 1 configur e terminal Enter global conf iguration mode. Step 2 access-list acces s-list-number permit { sour[...]
-
Página 559
29-31 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S T o delete an existing polic y map, use the no policy-map policy-map-name global configuration command. T o delete an existin g class map, use the no class class-map-name poli cy-map co nfigu ration command. T [...]
-
Página 560
29-32 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS Switch(config)# access-list 1 permit 10.1.0.0 0.0.255.255 Switch(config)# class-map ipclass1 Switch(config-cmap)# match access-group 1 Switch(config-cmap)# exit Switch(config)# policy-map flow1t Switch(config-p[...]
-
Página 561
29-33 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S If these v alues are not appropriate for your network, you need to modify them. Beginni ng in pri vileged EXEC mod e, follo w these steps to modify the CoS-to-DSCP map: T o return to the default map, use the no[...]
-
Página 562
29-34 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standa rd QoS If these v alues are not appropriate for your network, you need to modify them. Beginning in pri vileged EXEC mode, foll ow th ese steps to modify the DSCP-to-CoS map: T o return to the default map, u se the no[...]
-
Página 563
29-35 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Configuring Standard Qo S Configuring the Egress Queues Note This feature is supported b y both the SI and EI. This section describes how to conf igure the egress queues: • Config uring CoS Priority Qu eues, page 29-35 • Config urin[...]
-
Página 564
29-36 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Displaying Stan dard QoS Information T o disable the WRR scheduling and enable the strict priorit y scheduling, use the no wrr -queue bandwidth global conf iguration command. T o enable one of the queues as the expedite queue and to ena[...]
-
Página 565
29-37 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Standard QoS Co nfiguration Examples Standard QoS Configuration Examples Note These examples are applicable only if your switch is runni ng the EI. This section sho ws a QoS migration path to help you quickly implement QoS features b as[...]
-
Página 566
29-38 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Standard Q oS Configuration Examp les Figur e 29-5 QoS Configuration Example Networ k QoS Configuration for the Existing Wiring Closet Figure 29-5 sho ws an existing wir ing closet with Cata lyst 2900 XL and 3500 XL switches, for exampl[...]
-
Página 567
29-39 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Standard QoS Co nfiguration Examples For the Catalyst 29 00 and 3500 XL switches, CoS conf ig ures each transmit p ort (the egress port ) with a normal-priority tr ansmit queue and a high-pr iority transmit queue, depend ing on the fram[...]
-
Página 568
29-40 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 29 Configuring QoS Standard Q oS Configuration Examp les Step 18 show class-map videoclass show policy-map v ideopolicy show mls qos maps [ cos-dscp | dscp-cos ] V erify your entries. Step 19 copy running-conf ig startup-conf ig (Optional) Save your entri[...]
-
Página 569
CH A P T E R 30-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 30 Configuring EtherChannels This chapter descri bes how to conf igure EtherChan nel on the Layer 2 interfaces of a Catalyst 2950 or Catalyst 29 55 switch. This chapter consists of these sections: • Understanding EtherChannels, page 30 -1 • EtherC[...]
-
Página 570
30-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Understanding EtherChannels Figur e 30-1 T ypica l EtherChannel Configuration Each EtherChannel can consist of up to eight compat i bly conf igured Ethernet int erfaces. All in terfaces in each EtherChannel must be the same sp[...]
-
Página 571
30-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Understanding EtherCh annels Understanding Port-Channel Interfaces When you create an EtherChannel for Layer 2 interfa ces, a log ical interface is dynamically created, as sho wn in Figu re 30-2 . Y ou then manually assign an [...]
-
Página 572
30-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Understanding EtherChannels PAgP and LACP Modes Ta b l e 30-1 shows th e user -config urable EtherChannel modes for th e channel-gr oup interface configuration command. Switch interfaces exchan ge P AgP packets only w ith part[...]
-
Página 573
30-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Understanding EtherCh annels Exchanging LACP Packets Both the active and passive LA CP modes allow interf aces to negotiate with partner interf aces to determine if the y can form an EtherChannel based on criteria such as inte[...]
-
Página 574
30-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Understanding EtherChannels EtherChannel On Mode EtherCha nnel on mode can be used to manually configur e an EtherChannel. The on mode forces a port to join an EtherChannel without negotiations. It can be usefu l if the remote[...]
-
Página 575
30-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Configuring EtherChann els Figur e 30-3 Load Distr ibution and F orwar ding Methods Use the option that provides the greatest variety in your conf iguration. F or example, i f the traf fic on a channel is going only to a singl[...]
-
Página 576
30- 8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Configuring Et herChannels Default EtherChannel Configuration Ta b l e 30-2 shows the default EtherChannel configuration. EtherChannel Configuration Guidelines If improperly conf igured, some EtherChannel ports ar e automatic[...]
-
Página 577
30-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Configuring EtherChann els • An EtherChannel supports the same al lo wed rang e of VLANs on all the int erfaces in a trunking Layer 2 EtherChannel. When conf iguring an interf ace for P AgP , if the allowed range of VLANs is[...]
-
Página 578
30-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Configuring Et herChannels Step 4 channel-group c hannel-gr oup-number mode {{ auto [ non-sil ent ] | desirable [ non-silent ] | on } | { active | passi ve }} Assign the port t o a channel group, and specify the P AgP or LA C[...]
-
Página 579
30-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Configuring EtherChann els T o remove a po rt from the EtherChannel gro up, use the no channel-gr oup interface configuration command. If you delete the EtherChannel b y using the no interface port-channel global conf igurati[...]
-
Página 580
30-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Configuring Et herChannels T o return EtherChannel load balancing t o the default con figurat ion, use the no port-channel load-balance global conf iguration command. Configuring the PAgP Learn Method and Priority Network de [...]
-
Página 581
30-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 30 Configuring EtherCh annels Configuring EtherChann els Configuring Hot Standby Ports When enabled, LA CP tries to configure the maximu m num ber of LA CP-compatible ports in a channel, up to a maximum of 16 po rts. Only eight LA CP links can be acti ve [...]
-
Página 582
30-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 30 Config uring EtherChannels Displaying Ether Channel, PAgP, and LACP Status Displaying EtherChannel, PAgP, and LACP Status Y o u can use the privileged EXEC command s described in Ta b l e 30-3 to display EtherChannel, P A gP , and LA C P status informa[...]
-
Página 583
CH A P T E R 31-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 31 Troubleshooting This chapter describes ho w to identify and resolve Catalyst 2950 and Catal yst 2955 software probl ems related to the Cisco IOS softw a re. Depending on the nature of the problem, you can use t he command-line interface (CLI ), the[...]
-
Página 584
31-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Recovering from a Software Failure Switch software can be corrupted during an upgrad e, by do wnloading the wrong f ile to the switch, and by deleting th e image file. In all of these cases, th e switch does n[...]
-
Página 585
31-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s flash_init load_helper boot Step 5 Initialize the flash f ile system: switch: flash_init Step 6 If you had set the consol e port speed to an ything othe r t han 9600, it has been reset to that p articular spee[...]
-
Página 586
31-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Step 16 Return to pri vileged EXEC mode: switch(config)# exit switch# Step 17 Write the running conf iguration to the startup conf iguration file: switch# copy running-config startup-config The new password is[...]
-
Página 587
31-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s Password Recovery with Password Recovery Enabled If the password-recov ery mechanism is enabled, this message appears: The system has been interrupted prior to initializing the flash file system. The following[...]
-
Página 588
31-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Step 11 Change the password: Switch (config)# enable secret password The secret password can be from 1 to 25 alphanumer ic characters, can start with a number , is case sensitiv e, and allows spaces but ignore[...]
-
Página 589
31-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s Step 2 Load any helper files: Switch: load_helper Step 3 Display the contents of flash memory: switch: dir flash: The switch file system appears in the directory . Step 4 Boot the sy stem: Switch: boot Y ou ar[...]
-
Página 590
31-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Note The break key character is dif fer ent for each operating system. On a SUN work statio n running UNIX, Ctrl-C i s the break ke y . On a PC running W indo ws 2000, Ctrl-Break is the break k ey . Cisco T A [...]
-
Página 591
31-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s Step 8 Display the contents of flash memory as in thi s example: switch# dir flash: Directory of flash:/ The switch file system appears in the directory . Step 9 Rename the conf iguration file t o config.te xt[...]
-
Página 592
31-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Recovering from a Command Switch Failure This section describes ho w to recov er from a failed command switch. Y ou can configure a redundant command switch group b y using the Hot Standby Router Prot ocol (H[...]
-
Página 593
31-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Recovery Procedure s Step 8 Return to pri vileged EXEC mode. Switch(config)# end Switch# Step 9 Use the manufa cturing defau lt confi guration, or set up th e switch through the man agement module. Step 10 Use the setup program t[...]
-
Página 594
31-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using Recover y Procedures Replacing a Failed Command Sw itch with Another Switch T o replace a failed command switch with a switch that is command-capable but not part of the cluster , follo w these steps: Step 1 Disconnect the comman[...]
-
Página 595
31-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Preventing Auto nego tiation Mismatches Step 10 When prompted for the enable secr e t and enable passwo rds, enter the passwords of the failed comm and switch again. Step 11 When prompted, make sure to enable the swit ch as the cluster[...]
-
Página 596
31-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting GBIC and SFP Module Security and Identification Note If a remote de vice does not autone gotiate, conf igure the duplex settings on the tw o ports to match. The speed parameter can adjust itself e ven if the connected port does n ot au[...]
-
Página 597
31-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Diagnosing Connec tivity Problems • Destination unreachable—If the default gate wa y cannot reac h the sp ecified network, a destination-unr each able message is returned. • Network or host un reachable—If there is n o entry in[...]
-
Página 598
31-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Diagnosing Co nnectivity Problems Using Layer 2 Traceroute This section descri bes this information: • Understanding Layer 2 T raceroute, page 31-16 • Usage Guidelines, page 31-16 • Displaying the Physical Path, page 31-17 Unders[...]
-
Página 599
31-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Diagnosing LR E Connection Problems – If an ARP entry e xists for th e specified IP addr ess, the switch uses th e associated MA C address and identifies the ph ysical path. – If an ARP entr y does not exist, the switch sends an AR[...]
-
Página 600
31-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using De bug Commands Using Debug Commands This section e xplains how you use the deb ug commands to diagnose and resolv e internetworking problems. It contains this information: • Enabling Debugging o n a Specific Feature, page 31- [...]
-
Página 601
31-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using Debug Command s Caution Because debugg ing output is assigned high prio rity in the CPU process, it can render the syst em unusable. For thi s reason, use debug comm ands only to troubleshoot sp ecific pro blems or during trouble[...]
-
Página 602
31-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using De bug Commands The no debug all p rivile ged EXEC command disables all diagnostic output. Usi ng the no debug all command is a con venient way to en sure that you ha ve no t accidentally left any debug commands enabled. Redirect[...]
-
Página 603
31-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Chapter 31 Troub leshooting Using the show controlle rs Commands For more inf ormation about auto-QoS , see the “Conf iguring Auto-QoS” section o n page 29-9 . This example sho ws how to displa y the QoS commands that are automa tically generated wh en auto-Q[...]
-
Página 604
31-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Chapter 31 Troublesho oting Using the cr ashinfo File The information in the f ile includes the software imag e name and v ersion that failed , a dump of the processor registers, and a stack trace. Y ou can giv e this information to the technical support represen[...]
-
Página 605
A-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 APPENDIX A Supported MIBs This appendix lists t he supported MIBs for this release. It contains these sections: • MIB List, page A-1 • Using FTP to Access the MIB Files, page A-3 MIB List Note The Cataly st 2955 switch supp orts the ENTI TY -MIB, CISCO-ENVMON-[...]
-
Página 606
A-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix A Supported MIBs MIB List • CISCO-P AE-MIB • CISCO-P A GP-MIB • CISCO-PING-MIB • CISCO-POR T -SECURITY - MIB • CISCO-PR OCESS-MIB • CISCO-PR ODUCTS-MIB • CISCO-R TTMON-MIB (subsystems supported : sub_rtt_rmo n and sub_rtt_rmonli b) • CISCO-[...]
-
Página 607
A-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix A Supported MIBs Using FTP to Access the MIB Files Note The IF-MIB and the CISCO-IETF-VDSL-LINE-MIB ar e supported as read-only MI Bs for the Fast Ethernet interfaces on the CPE devices. Using FTP to Access the MIB Files Y ou can get each MIB file b y usi[...]
-
Página 608
A-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix A Supported MIBs Using FTP to A ccess the MIB Files[...]
-
Página 609
B-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 APPENDIX B Working with the Cisco IOS File System, Configuration Files, and Software Images This appendix describes ho w to manipulate the 2950 or 2955 flash file system, how to cop y conf iguration files, and how to archi ve (upload and do wnload) software images[...]
-
Página 610
B-2 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with the Flash File System Displaying Available File Systems T o display the available f ile sy stems on your sw itch, use the show f ile systems pri vileged EX EC[...]
-
Página 611
B-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with the Flash File Syste m Setting the Default File System Y o u can specify the file system or di rectory that the system uses as th e default file system by usi[...]
-
Página 612
B-4 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with the Flash File System Creating and Removing Directories Beginning in pri vileged EXEC mode, foll ow th ese steps to create and remo ve a directory: T o delete[...]
-
Página 613
B-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with the Flash File Syste m Local writable f ile systems include flash:. Some in valid comb inations of source and destination e xist. Specifically , you cannot co[...]
-
Página 614
B-6 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with the Flash File System For destination-u rl , specify the de stination URL al ias for the lo cal or network f ile system and the name of the tar file to create[...]
-
Página 615
B-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files Extracting a tar File T o extract a tar file into a di rectory on the flash f ile system, use the privile ged EXEC command: archiv e tar [...]
-
Página 616
B-8 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files • T o use the confi guration f ile for another switch. F or example, yo u might add another sw itch to your network an d want it to hav [...]
-
Página 617
B-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files confi guration f ile is a mixture of the e xisting conf iguration f ile and the copied config uration f ile, with the copied configuratio[...]
-
Página 618
B-10 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files Preparing to Download or Upload a Configuration File By Using TFTP Before you be gin do wnloading or uploading a conf iguration file b y [...]
-
Página 619
B-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files This example sho ws how to conf igure the software from t he file tok yo-confg at IP address 172.16.2.1 55: Switch# copy tftp://172.16.2[...]
-
Página 620
B-12 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files The username and password must be associat ed with an account on the FTP server . If you are writing to the server , the FTP server must [...]
-
Página 621
B-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files This example sho ws how to cop y a config uration f ile named host1-confg from the netadmin1 dir ectory on the remo te server with an IP[...]
-
Página 622
B-14 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files This examp le shows ho w to copy the running co nfigur ation file named switch2-conf g to the netadmin1 directory on the remote host with[...]
-
Página 623
B-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files • The username set by the ip rcmd r emote-username username global conf iguration command if the command is conf igured. • The remot[...]
-
Página 624
B-16 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Working with Configuration Files Downloading a Configuration File By Using RCP Beginni ng in pri vileged EXEC mod e, follo w these steps to do wnload a conf iguration fil[...]
-
Página 625
B-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configura tion Files Uploading a Configuration File By Using RCP Beginning in pri vileged EXEC mode, follow these st eps to upload a configuration file b y u[...]
-
Página 626
B-18 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images Caution Y ou cannot restore the startup conf iguration file after i t has been deleted. Deleting a Stored Configuration File T o delete a s[...]
-
Página 627
B-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Y o u can use the s how ve rsio n pri vileged EXEC command to see the software v ersion that is currently running on your swit ch. In the dis[...]
-
Página 628
B-20 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images Copying Image Files By Using TFTP Y ou can download a switch image fro m a TFTP serv er or upload the image from the switch to a TFTP serve[...]
-
Página 629
B-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Downloading an Image File By Using TFTP Y o u can do wnload a new image f ile and repla ce the current image or keep the current image. Begin[...]
-
Página 630
B-22 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images If you specify the /lea ve-old-sw , the existing f iles are not remo ved. If there is not enou gh space to install the ne w image and k eep[...]
-
Página 631
B-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Y o u do w nload a switch image file from a server to upgrade the switch software. Y ou can overwrite the current im age with the ne w one or[...]
-
Página 632
B-24 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images username global configuration command. This ne w name will be used during all archive operations. The new username is stored in NVRAM. If y[...]
-
Página 633
B-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images The do wnload algorith m verif ies that the image is appropriate for the switch model and th at enough DRAM is present, or it stops the proce[...]
-
Página 634
B-26 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images The archiv e upload-sw command bui lds an image file on t he server b y uploading these fil es in order: info, the Cisco IOS image, the HTM[...]
-
Página 635
B-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Preparing to Download or Upload an Image File By Using RCP RCP provid es another method of do wnloading and up loading image f iles between r[...]
-
Página 636
B-28 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images If the switch IP address translates to Switch 1.company .com , the .rhosts file for User0 on the RCP server should contain t his line: Swit[...]
-
Página 637
B-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images The do wnload algorith m verif ies that the image is appropriate for the switch model and th at enough DRAM is present, or it stops the proce[...]
-
Página 638
B-30 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images The algorithm instal ls the do wnload ed image onto the system board flas h de vice (flash:). The image is placed in a new directory named [...]
-
Página 639
B-31 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images The archiv e upload-sw privile ged EXEC command builds an image f ile on the server by uploadin g these files in order: info, the Cisco IOS i[...]
-
Página 640
B-32 Catalyst 2950 and Catalyst 2955 Sw itch Software Configuration Guide OL-10101-02 Appendix B Workin g with the Cisco IOS File System, Configuration Files, and Software Imag es Workin g with S oftware Images[...]
-
Página 641
IN-1 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 INDEX Numerics 802.1Q and trunk po rts 10-2 encapsulation 16-14 802.3x flow co ntrol 10-13 A abbreviating commands 2-4 AC (command switch) 6-9 access-class command 28-19 access control entries See ACEs access control lists See ACLs access control parameter See AC[...]
-
Página 642
Index IN-2 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 ACLs (continued) IP creating 28-7 implicit deny 28-9, 28-12, 28-14 implicit masks 28-9 management interfaces, applying to 28-19 matching criteria 28-2, 28-7 named 28-13 physical interfaces, applying to 28-20 undefined 28-18, 28-20 virtual terminal lines, set[...]
-
Página 643
Index IN-3 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 authentication (continued) RADIUS defined 8-17 key 8-21 login 8-23 TACACS+ defined 8-11 key 8-13 login 8-14 See also port-based authentication authentication failed VLAN See restricted VLAN authoritative time so urce, described 7-2 authorization with RADIUS[...]
-
Página 644
Index IN-4 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 BPDU guard (continued) support for 1-5 broadcast storm control See storm control C cables, monitoring for unidirect ional links 22-1 candidate switch automatic discovery 6-5 defined 6-4 requirements 6-4 See also command switch, cluster stand by group, and me[...]
-
Página 645
Index IN-5 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 CiscoWorks 2000 1-10, 27-4 class maps for QoS configuring 29-28 described 29-6 displayin g 29-36 class of service See CoS clearing interfaces 10-16 CLI abbreviating commands 2-4 command modes 2-1 described 1-9 editing features enabling and disabling 2-6 key[...]
-
Página 646
Index IN-6 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 command switch accessing 6-10 active (AC) 6-9 configuration conflicts 31-13 defined 6-2 passive (PC) 6-9 password privi lege levels 6-14 priority 6-9 recovery from command-switch failure 6-9 from failure 31-10 from lost member connectivity 31-13 redundant 6-[...]
-
Página 647
Index IN-7 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 configuring (continued) or an LRE upgrade 12-23 LRE ports 12-8 speed on Cisco 575 LRE CPE 12-11 Configuring a Restricted VLAN 9-24 config-vlan mo de 2-2, 16-6 conflict s, configurat ion 31-13 connections, secure remote 8-33 connectivity problems 31-14 consi[...]
-
Página 648
Index IN-8 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 default configuration (continued) MSTP 14-11 MVR 20-17 NTP 7-4 optional span ning-tree features 15-13 password and p rivilege level 8-2 port security 21-8 QoS 29-17 RADIUS 8-20 RMON 25-3 RSPAN 24-7 SNMP 27-5 SPAN 24-7 storm control 21-2 STP 13-11 system mess[...]
-
Página 649
Index IN-9 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 DHCP snooping (continued) option 82 da ta insertion 19-3 trusted interfac e 19-2 untrusted interface 19-2 untrusted messages 19-2 DHCP snooping binding database described 19-2 displayin g 19-8 entries 19-2 DHCP snooping binding tabl e See DHCP snooping bind[...]
-
Página 650
Index IN-10 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 egress port scheduling 29-8 enable password 8-4 enable secret password 8-4 encapsulation 29-8 encryption for pa sswords 8-4 environment variables function of 4-17 location in F lash 4-16 error messages during command entr y 2-5 setting the display destin at[...]
-
Página 651
Index IN-11 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 files (continued) tar creating B-5 displaying t he contents of B-6 extracting B-7 image file fo rmat B-19 files, cras hinfo description 31-21 displaying t he contents of 31-22 file system displaying availabl e file systems B-2 displayin g file informat ion[...]
-
Página 652
Index IN-12 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 HSRP automatic cluster recovery 6-11 cluster standby group consi derations 6-10 See also clusters, cluster standby group, and standby command switch I ICMP ping executing 31-15 overview 31-14 IE2100 described 1-9 support for 1-4 IEEE 802.1D See STP IEEE 802[...]
-
Página 653
Index IN-13 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 interfaces (continued) configuring 10-5 configuring dupl ex mode 10-10 configuring speed 10-10 counters, clearing 10-16 described 10-14 descriptive nam e, adding 10-14 displayin g information a bout 10-16 flow control 10-13 monitoring 10-15 naming 10-14 ph[...]
-
Página 654
Index IN-14 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 L LACP See EtherChannel Layer 2 frames, classification with CoS 29-2 Layer 2 interfaces, default configu ration 10-9 Layer 2 traceroute and ARP 31-16 and CDP 31-16 described 31-16 IP addresses and subnets 31-16 MAC addresses and VLANs 31-16 multicast traffi[...]
-
Página 655
Index IN-15 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 LRE ports (continued) rate selection described 12-14 sequence s 12-5 troubleshooting 31-17 LRE profiles assigning global pro files 12-13 port sequences 12-13 private p rofiles 12-12 public profiles 12-12 considerations 12-10 described 12-2 rate selection 1[...]
-
Página 656
Index IN-16 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 member switch automatic discovery 6-5 defined 6-2 passwords 6-12 recovering from lost connectivity 31-13 requirements 6-4 See also candidate switch, cluster standby group, and standby command switch message logging, LRE 12-7 metropolitan-area n etworks See [...]
-
Página 657
Index IN-17 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 MSTP (continued) extended system ID effects on root switch 14-14 effects on secondary root switch 14-15 unexpected be havior 14-14 instances supported 13-9 interface state, blocking to forwarding 15-2 interoperability an d compatibility among modes 13-10 i[...]
-
Página 658
Index IN-18 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 Network Assistant (continued) described 1-9 guide mode 1-3 management options 1-2 wizards 1-3 network examples collapsed backbone and switch cluster 1-15 design conc epts cost-effective wiring closet 1-12 high-performance workgroup 1-12 network performance [...]
-
Página 659
Index IN-19 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 passwords (continued) setting enable 8-3 enable secret 8-4 Telnet 8-6 with usernames 8-7 VTP domain 17-8 patch pan el 1-17 path cost MSTP 14-17 STP 13-18 PBX 1-16 PC (passive command switch) 6-9 performing an LRE upgrade 12-23, 12-24 persistence, LRE link [...]
-
Página 660
Index IN-20 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 port-based authentication (continued) initiation and message exchange 9-3 magic pack et 9-11 method lists 9-15 multiple-hosts mode, described 9-5 ports authorization state and d ot1x port-control command 9-4 authorized and u nauthorized 9-4 port security, m[...]
-
Página 661
Index IN-21 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 private VL AN edge ports See protected ports privileged EXEC mode 2-2 privilege levels changing the default for li nes 8-9 command switch 6-14 exiting 8-10 logging into 8-10 mapping on member switch es 6-14 overview 8-2, 8-8 setting a command wi th 8-8 pro[...]
-
Página 662
Index IN-22 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 QoS (continued) configuring auto-QoS 29-9 class maps 29-28 CoS and WRR 29-35 default port CoS v alue 29-20 egress queu es 29-35 IP extended ACLs 29-26 IP standard ACLs 29-24 MAC ACLs 29-27 policy maps 29-29 port trust states within th e domain 29-19 QoS pol[...]
-
Página 663
Index IN-23 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 RADIUS (continued) identifying the server 8-20 in cluste rs 6-13 limiting the servi ces to the user 8-27 method list, defined 8-20 operation of 8-19 suggested ne twork environment s 8-18 tracking services accessed by user 8-28 range macro 10-7 of interface[...]
-
Página 664
Index IN-24 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 RFC (continued) 2236, IP mult icast and IGMP 20-2 2273-2275, SNMP v3 27-2 RMON default configu ration 25-3 displaying st atus 25-6 enabling alarms and events 25-3 groups supported 25-2 overview 25-1 statistics collecting group Ethernet 25-5 collecting group[...]
-
Página 665
Index IN-25 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 servers, BOOTP 1-4 service-provider netw ork, MSTP and RSTP 14-1 set-request operat ion 27-4 settings duplex mode 12-11 speed 12-11 set-top box, televisi on 1-16, 1-19 setup program, failed command swit ch replacement 31-10, 31-12 severity leve ls, definin[...]
-
Página 666
Index IN-26 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 SNMP (continued) users 27-9 versions supported 27-2 snooping, IGMP 20-1 SNR definition of 12-16 downstream rate requirements 12-16, 12-17 margins 12-16 upstream rate requirements 12-17, 12-18 software, VLAN considerations 17-8 software images location in f [...]
-
Página 667
Index IN-27 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 statistics (continued) IEEE 802.1x 9-28 interface 10-16 QoS ingress and egress 29-37 RMON group Ethe rnet 25-5 RMON group hist ory 25-5 SNMP input and out put 27-16 VTP 17-15 sticky learning configuration file 21-7 defined 21-7 disabling 21-7 enabling 21-7[...]
-
Página 668
Index IN-28 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 STP (continued) interface states blocking 13-5 disabled 13-6 forwarding 13-5, 13-6 learning 13-6 listening 13-6 overview 13-4 interoperability and comp atibility among modes 13-10 limitations with IEEE 802.1Q tr unks 13-10 load sharing overview 16-20 using [...]
-
Página 669
Index IN-29 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 system message logging (continued) enabling 26-3 facility keywords, described 26-11 level keywords, descri bed 26-8 limiting messages 26-9 message format 26-2 overview 26-1 sequence numbers, enabling an d disabling 26-7 setting the display dest ination dev[...]
-
Página 670
Index IN-30 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 traceroute, Layer 2 and ARP 31-16 and CDP 31-16 described 31-16 IP addresses and subnets 31-16 MAC addresses and VLANs 31-16 multicast traffic 31-16 multiple device s on a port 31-17 unicast traffic 31-16 usage guid elines 31-16 traffic blocking flooded 21-[...]
-
Página 671
Index IN-31 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 UniDirectional Link Detection protocol See UDLD UNIX syslog servers daemon configuration 26-10 facilities supported 26-11 message logging configurati on 26-11 unrecognized Type-Len gth-Value (TLV) support 17-4 upgrade behavior d etails 12-25 configuring fo[...]
-
Página 672
Index IN-32 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02 VLANs (continued) creating in VLAN configuration mod e 16-9 default configu ration 16-7 deletin g 16-9 described 10-3, 16-1 displayin g 16-13 extended-range 16-11 illustrated 16-2 modifying 16-8 native, configu ring 16-19 normal-range 16-1, 16-4 parameters [...]
-
Página 673
Index IN-33 Catalyst 2950 and Catalyst 2955 Swit ch Software Con figuration Guide OL-10101-02 VTP (continued) disabling 17-12 domain names 17-8 domains 17-2 modes client 17-3, 17-11 server 17-2, 17-9 transition s 17-2 transparent 17-3, 17-12 monitoring 17-15 passwords 17-8 pruning disabling 17-14 enabling 17-14 examples 17-5 overview 17-4 pruning-e[...]
-
Página 674
Index IN-34 Catalyst 2950 and Catalyst 2955 Swit ch Software Configuration Guide OL-10101-02[...]