Cisco Systems 2940 manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Cisco Systems 2940. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Cisco Systems 2940 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Cisco Systems 2940 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation Cisco Systems 2940 devrait contenir:
- informations sur les caractéristiques techniques du dispositif Cisco Systems 2940
- nom du fabricant et année de fabrication Cisco Systems 2940
- instructions d'utilisation, de réglage et d’entretien de l'équipement Cisco Systems 2940
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Cisco Systems 2940 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Cisco Systems 2940 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Cisco Systems en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Cisco Systems 2940, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Cisco Systems 2940, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Cisco Systems 2940. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    Corporate He adquarters Cisc o Syst ems , Inc . 170 West Ta sman Drive San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Catal yst 2940 S witc h S of t w are Configuration Guide Cisco IOS Release 12.1(1 9)EA1 October 20 03 Custome r Order Numb er: DO C-78155 07= Text Pa rt Nu mber: 78-15 5[...]

  • Page 2

    THE SPECIFICATIONS AND INFORMATION REG ARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOU T NOTICE. ALL STATEMENT S, INFORMATI ON, AND RECOMMENDA TIONS IN T HIS MANUAL ARE BELIEVED TO BE ACCURATE BU T ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED. USERS MUST TAKE FULL RESPON SIBILITY FOR THEIR AP PLICATION OF ANY PRO[...]

  • Page 3

    iii Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 CONTENTS Preface xix Audienc e xix Pur pose xi x Conv enti ons xx Rela te d Publi cation s xxi Obtain ing Docu mentati on xxi Cisco. com xxi Document ation C D-ROM xxii Orderi ng Documenta tion xxii Docu m en ta t ion Fe ed bac k xxii Obtain ing Tec hnical As sist anc e xxii Cisco [...]

  • Page 4

    Cont ent s iv Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Abbrevi ating Comma nds 2-4 Using no an d defau lt Forms of Commands 2-4 Underst anding CL I Message s 2-5 Using Comma nd History 2-5 Changin g the Comma nd Hi story Buf fer Size 2-5 Recall ing Commands 2-6 Disabl ing the Comman d History Feature 2-6 Using Edi tin g Featu[...]

  • Page 5

    Content s v Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Displa ying CMS 3-10 Launching CMS 3-10 Front Panel View 3-12 Topolo gy View 3-14 CMS Icons 3-15 Wher e to Go N ext 3-15 CHAPTER 4 Assignin g the Switch IP Addr ess and Defa ult Gateway 4-1 Underst anding th e Boot Pr oc ess 4-1 Assigni ng S witch Infor matio n 4-2 Defaul t[...]

  • Page 6

    Cont ent s vi Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 IP Ad dres ses 5-12 Host Na mes 5-12 Passw or ds 5-12 SNMP Communi ty Str ings 5-13 TACACS+ a nd RAD IUS 5-1 3 Access Mode s in CMS 5-13 Management VLAN 5-14 LRE Pr of iles 5-15 Availa bilit y of Switch- Speci fi c Featur es in Switc h Clust ers 5-15 Creati ng a Switch Cl[...]

  • Page 7

    Content s vii Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Underst anding DNS 6-16 Defau lt D NS C onfig urat ion 6-1 7 Setti ng Up DNS 6-1 7 Displa ying the DNS Co nfig ura tion 6-18 Creati ng a Banner 6-18 Defaul t Banner Con figurat ion 6-18 Config urin g a Message -of -the -Da y Logi n Banner 6-19 Config urin g a Login Bann e[...]

  • Page 8

    Cont ent s viii Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Config urin g TACAC S+ Autho rizati on for Privi leged EXE C Access and Net work Ser vices 7-15 Starti ng TA CACS+ Acc ounting 7-16 Displa ying the TA CACS+ Conf igurat ion 7-16 Contro lling Swi tc h Access wit h RADIUS 7-16 Underst anding RADI US 7-17 RADIUS Operat ion[...]

  • Page 9

    Content s ix Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Config urin g the Host Mo de 8-14 Resett ing th e 802 .1X Conf igurat ion to the Defaul t Values 8-15 Displa ying 8 02. 1X Statis tics and Status 8-16 CHAPTER 9 Configur ing the Switch Interf aces 9-1 Underst anding I nterf ac e Types 9-1 Access Po rts 9-2 Trunk Po rts 9-2[...]

  • Page 10

    Cont ent s x Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 CHAPTER 11 Configur ing S TP 11-1 Underst anding Spa nnin g-T ree Fea tures 11-1 STP O ver view 11-2 Spannin g-Tr ee To polog y an d BPDUs 11-2 Bridge ID, S witch Pri ority, and E xtended Syst em ID 11-3 Spannin g-Tr ee Interf ace State s 11-4 Blocki ng Stat e 11-5 List en[...]

  • Page 11

    Content s xi Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Underst anding Upl inkFas t 12-3 Underst anding Bac kbone Fas t 12-5 Underst anding Et herCh ann el Guard 12-7 Underst anding Roo t Guard 12-8 Underst anding Lo op Guard 12-9 Config urin g Optional Spanning -Tree Fea tures 12-9 Defaul t Optional Spanning -Tre e Configur at[...]

  • Page 12

    Cont ent s xii Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Intera ctio n wit h O ther F eat ures 13-14 Config urin g a Trunk Por t 13-14 Defin in g the Allo w e d V LA N s on a Tr un k 13 -16 Changin g the Pr uning-E ligibl e List 13-17 Config urin g th e Nativ e VLAN for Untag ged Tra ff ic 13-17 Load S harin g Using STP 13-18 [...]

  • Page 13

    Content s xiii Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 VTP Versi on 14-8 Config urati on Requir ements 14-9 Config urin g a VTP Server 14-9 Config urin g a VTP Clien t 14-10 Disabl ing VTP (VT P Trans par ent Mode ) 14-11 Enabli ng V TP Versi on 2 14-12 Enabli ng V TP Pruni ng 14-13 Adding a VT P Client Swi tch to a VTP Do m[...]

  • Page 14

    Cont ent s xiv Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Config urin g th e Aging Time 16-1 2 Displa ying IGMP Sno oping Informat ion 16-12 Underst anding Mul ticast VLAN Reg istrat io n 16-14 Using MVR in a Mu ltica st Te levi sion Appl icat ion 16-1 4 Config urin g MVR 16-16 Defaul t MVR Configu ration 16-1 6 MVR Conf igura [...]

  • Page 15

    Content s xv Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Methods t o Detect U ni directi onal Li nks 18-2 Config urin g UDLD 18-4 Defaul t UDLD Config urati on 18-4 Config uration Guidel i nes 18-4 Enabli ng UDL D Global ly 18-5 Enabli ng UDLD on an Int erface 18-5 Rese tting an In ter face Shut Do wn by UDL D 18-6 Displa ying U[...]

  • Page 16

    Cont ent s xvi Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 CHAPTER 21 Configur ing R MON 21-1 Underst anding RMON 21-1 Config urin g RMON 21-2 Defaul t RMON Configur ation 21-3 Config uring RMON A la rms and Event s 21-3 Config urin g RMON Col lectio n on an Inter face 21-5 Displa ying RMON Stat us 21-6 CHAPTER 22 Configur ing S[...]

  • Page 17

    Content s xvii Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Config urin g SNMP Gro ups and Us ers 23-8 Config urin g SNMP Not ificat ions 23-10 Setti ng the Age n t Contact and Locati on Infor matio n 23-13 Limit ing TFTP Se rve rs Us ed T hro ugh S NMP 23-13 SNM P Ex a m pl es 23-14 Displa ying SNMP Stat us 23 -15 CHAPTER 24 Con[...]

  • Page 18

    Cont ent s xviii Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Config urin g the LACP P or t Prio rity 25-12 Config urin g Hot Standby Ports 25-13 Config urin g the LACP Syst em Prio rity 25-13 Displa ying Ethe rChan nel, PAgP, and LACP Stat us 25 -14 CHAPTER 26 Troubles hootin g 26-1 Using Rec overy Procedur es 26-1 Recover ing f[...]

  • Page 19

    xix Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Preface Audience The Cataly st 2 940 Sw itch Software Configuration Gu ide i s f or the networ k mana ger r e sponsib le for configuring th e Catalyst 2940 switc h, here after ref erred to as th e switc h . Before using this guide, you should be famili ar with t he concept s and te[...]

  • Page 20

    xx Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Preface Conv ent ions Note Th is guide do es not repe at the c oncept s and CLI pro cedure s provided in th e standar d Cisco IOS Release 12 .1 docum entati on. For informa tion ab out the stan dard Cisc o IOS Relea se 12.1 com mands, refer to the IOS docum entation s et a v ailable[...]

  • Page 21

    xxi Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Pre face Related Publ ications Related Publications These do cuments p rovid e comple te informati on about the swit ch and are a v ailable from this U RL: http://www .cisco.com /univ ercd/cc/td/doc/pr oduct/lan/ca t2940/inde x.htm Y ou can order pri nt ed copie s of doc uments wi [...]

  • Page 22

    xxii Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Preface Obtain in g Technical Assis ta nce Documenta tion C D-ROM Cisco documentati on and additio nal literature are a v ailable in a Cisco Documentation CD-R OM packag e, w hich ma y have shipped with your produ ct. The Do cume ntati on CD-ROM is upd ated r egularly and may be m[...]

  • Page 23

    xxiii Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Pre face Ob taining Technical Assistance Cisco TAC W ebsite The Cisco T A C website ( http://www .cisco.com/tac ) prov ides onli ne doc ument s and to ols for troublesh ooti ng and re solvin g te chni cal iss ues wi th C isco pr oduct s and t ech nolog i es. T he C isco T A C web[...]

  • Page 24

    xxiv Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Preface Obtainin g Addi ti ona l Publicat io ns and Info rmatio n Obtaining Ad ditional Public ations and In formation Informa tion ab out Cisco pro ducts, tec hn ologie s, and net wor k solutions is available from various onlin e and printe d source s. • The Ci sco Pr oduct C a[...]

  • Page 25

    C HAPTER 1-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 1 Overview This chapte r pro vide s these topics about the Catal yst 2940 swit ch softw are: • Feat ures , page 1- 1 • Managem ent Options, page 1-5 • Network Configu ratio n Exa mp les, pa ge 1-7 • Where to Go Next, page 1-11 Note In thi s docum en t, I P r efer s t[...]

  • Page 26

    1-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Ch ap ter 1 Ov er vi ew Feature s Note Refer to the release notes for the list of Catalyst switches el igible for switch clu stering, includ ing which on es c an be co mmand swi tch es a nd whi ch on es ca n on ly be memb er sw itch es. Se e Chapter 5, “Cluste ring Swit ches,” [...]

  • Page 27

    1-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 1 Overview Features • Default c onfiguration storag e in Flash memo ry to ens ure that the switc h can be conn ecte d to a network and ca n forward t raff ic with mi nima l user inter vention • In-band mana geme nt acc ess t hrough a C MS w eb-base d sessi on • In-b and[...]

  • Page 28

    1-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Ch ap ter 1 Ov er vi ew Feature s • VLAN Trunking Protoc ol (VTP) fo r reducing ne twork traffic b y restric ting floode d traffic to links dest ined for st ation s rec eiving th e tra ff ic. • Dynamic Trunking Pr otoc ol ( DTP) fo r negotiati ng trun king on a l ink bet wee n [...]

  • Page 29

    1-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 1 Overview Manageme nt Options • Scheduli ng of egress queues— Four egress queues on a ll switch ports. Suppor t for strict pri ority and weight ed round-ro bin (WR R) CoS polic ies Monitoring • Switch LEDs that pro vide visu al port an d switch stat us • Switched Por[...]

  • Page 30

    1-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Ch ap ter 1 Ov er vi ew Managem e nt Optio ns Manageme nt Interface Optio ns Y ou ca n configure an d monitor ind i vidua l switches a nd switch clust ers by using these interface s: • CMS—CMS i s a gra ph ical user int erface tha t c an be laun ched fr om anywhe re in yo ur ne[...]

  • Page 31

    1-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 1 Overview Network Configuration Examples • V ie w a top ology of in terco nnected de vices to identify e xisting switch c lus ters and eli gible switc h es that can joi n a clus ter . Y ou can al so use the t opology to quickly identify link info rmati on betwee n switch e[...]

  • Page 32

    1-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples Small Network C onfiguration Figure 1-1 sh ows a con figuratio n for a net work that ha s u p to 25 us ers . Users in thi s net work r equi re e-mail, f ile-sharing, data base, and Internet a ccess. Note An external po wer [...]

  • Page 33

    1-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 1 Overview Network Configuration Examples W ireless Access Point provides netw ork connecti vity for mobile users. Although the wireless ac cess provid es less bandwidth, it all ows u sers to ha ve netwo rk connecti vity re gardless of th eir location in the of fice. A server[...]

  • Page 34

    1-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Ch ap ter 1 Ov er vi ew Netwo rk Conf igurati on Ex amples The work gr oups are cre ate d by cluste ring a ll t he C at aly st swi tch es exce pt th e Ca talyst 4500 s wi tch . Using C MS an d Cisc o switc h cl usteri ng techn ology , you can gr oup t he sw itche s in to mu l tipl[...]

  • Page 35

    1-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 1 Overview Where t o Go Next Note An ext erna l p ower supply i s requ ire d for IP ph ones a nd the C is co Airon et acc ess poi n t. Figur e 1 -3 Large Campus Confi gurat ion Where to Go Next Before conf iguring the switch, re vie w these secti ons for s tart-up inf ormati[...]

  • Page 36

    1-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Ch ap ter 1 Ov er vi ew Where to Go Nex t[...]

  • Page 37

    C HAPTER 2-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 2 Using the Command-Line Interface This ch apt er de scri bes t he Ci sco IOS c omma nd- line int erface ( CL I) that you ca n use to con figure y our Catalyst 2940 switc h s wit ches . It conta ins these secti ons: • Cisc o IOS C omman d Mode s, page 2-1 • Getting He lp[...]

  • Page 38

    2-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Cisco IOS Comm a nd Mode s Ta b l e 2 - 1 describes the main command modes, ho w to access each one, the prompt yo u see in that mod e, and ho w to exit the mode. The e xamples in the table use the host name Switch . T able 2-1 [...]

  • Page 39

    2-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 2 Using the Comm a nd-Line In terface Getting Help Getting Help Y ou can enter a qu es t ion ma rk (? ) at the sy st em pr om pt to d is p lay a list of comman d s a v ailable f or eac h comma nd mode . Y ou can also obtain a lis t of associa ted k eyw ords and ar gume nts fo[...]

  • Page 40

    2-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Specifyin g Ports in In ter face Confi gura tion Mode Specifying Ports in Interfac e Configu ration Mode T o conf igure a port, y ou ne ed to sp eci fy the inte rf ace type, slot, an d p or t nu m be r b y usin g th e int erface[...]

  • Page 41

    2-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 2 Using the Comm a nd-Line In terface Understanding CLI Messages Understandin g CLI Message s Ta b l e 2 - 3 lists so me e rror me ssage s tha t y ou migh t e ncoun ter w hile using t he C LI to co nfigure you r switch. Using Command History The Ci sco I O S provide s a hi st[...]

  • Page 42

    2-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Using E diting Feature s Recalling Commands T o re call comm ands fro m the histor y buf fer , perform one of the ac tions liste d in Ta b l e 2 - 4 : Disabling the Comma nd History Fe ature The c ommand histor y feat ure is aut[...]

  • Page 43

    2-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 2 Using the Comm a nd-Line In terface Using Edit ing Featu res T o reconf igure a sp ecif ic lin e to ha ve enha nced e diting mode, enter t his comm and in line con fi guration mode: Switch(config-line)# editing T o globally disable en hanced editing mod e, enter this comman[...]

  • Page 44

    2-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Using E diting Feature s Editing C ommand Lines that Wrap Y ou ca n use a wra paro und f eature for c om mands t hat extend beyond a singl e l ine on th e scre en . W hen the cursor reaches the right mar gin, the command lin e s[...]

  • Page 45

    2-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 2 Using the Comm a nd-Line In terface Searching and Filtering Output of show and m o re Co mm ands After you co mplete the entry , press Ctrl- A to check th e complete s yntax be fore pr essing the Retur n key to e x ecute the comman d. Th e d o llar si g n ($ ) ap p ea rs at[...]

  • Page 46

    2-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt er 2 Us i ng th e Com ma n d-L i ne In terfa ce Access ing th e CLI from a Br owse r For inform ation abo ut conf iguring the s witch fo r T elnet acces s, see the “Sett ing a T e lnet Password for a T erm inal Line ” sect ion on pag e 7-5 . The swit ch suppor ts up to 1[...]

  • Page 47

    C HAPTER 3-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 3 Getting Started with CMS This chapt er contains t hese sect ions that desc ribe the Clust er Manage ment Suite (CM S) on the Catalyst 2940 switch: • “Under stand ing C MS” s ecti on on pa ge 3-1 • “Configuring CMS” se ction on page 3-7 • “Disp laying C MS?[...]

  • Page 48

    3-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 3 Getting Started with CMS Unders tan din g CMS Front Panel View The Front Pa nel vi e w displays the Front P anel image of a specif ic set of switches in a cluster . From this vie w , you can selec t multiple p orts or multip le switches a nd conf igure t hem with t he sam[...]

  • Page 49

    3-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 3 Getting Star ted with CMS Understanding CMS • The feat ure bar sh ow s the featur es av ailable for the de vices in yo ur cluster . B y defau lt, the fea ture bar is in stand ard mod e. In this mode , the feat ure bar is always visi ble, and you ca n reduce or increase th[...]

  • Page 50

    3-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 3 Getting Started with CMS Unders tan din g CMS Figur e 3-2 Featur e Bar and Sear ch Windo w Note On ly featur es suppor ted by the devices in your cluster ar e displa yed in the feat ure bar . Y o u can sear ch for feat u re s t hat a r e available f or y our clu ster by c[...]

  • Page 51

    3-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 3 Getting Star ted with CMS Understanding CMS Online help includes thes e featur es: • Feature-spec ific help that giv es background informat ion and concepts on the featur es • Dialog -spec ific help th at gives procedure s for per for ming ta sks • An in dex of o nli [...]

  • Page 52

    3-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 3 Getting Started with CMS Unders tan din g CMS Guide mode is not av ailable if your switc h access level is read-on ly . For more infor mati on about th e read- only acc ess mode, s ee the “Privilege Lev els” se ction on pa ge 3-6 . Expert Mode Exper t mod e is f or us[...]

  • Page 53

    3-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 3 Getting Star ted with CMS Configuring CMS Access to Older Switches In a Cluster If your clu ster has these member switches run ning earlie r software re leases and if you have read- only access to these memb er switches, some conf iguration windo ws f or those switches disp[...]

  • Page 54

    3-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 3 Getting Started with CMS Conf igu rin g CMS Operating System and Browser Support Y ou can acces s the CMS inter face b y using the operat ing system s and bro wsers listed in Ta b l e 3 - 3 . CMS checks the br owser version when st arti ng a se ssion to e nsu re t hat t h[...]

  • Page 55

    3-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 3 Getting Star ted with CMS Configuring CMS Solari s For Solaris, Jav a plug-in 1. 4.1 is requir ed to run CMS. Y ou can download the Jav a plug-in an d installati on instruction s from this URL: http://www .cisco.com /pcgi-bin/ta blebuild .pl/ja va On Solaris platf orms, fol[...]

  • Page 56

    3-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 3 Getting Started with CMS Displa ying CM S Beginn ing in pri vileg ed EXEC mode, follo w these steps to conf igure the HTTP serv er interf ace: After you have configured the H TTP server int erface , displ ay the C MS a ccess page , as de sc ribed i n t he “Launching CM[...]

  • Page 57

    3-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 3 Getting Star ted with CMS Displaying CMS Figur e 3-4 S witc h Home P age The Sw itc h Home Page has t hes e tabs : • Express Setup —Open s the Express Setup pa ge Note Y ou can use Expr ess Se tup to a ssign a n IP addr ess t o an u nco nfigured sw itch . For mor e inf[...]

  • Page 58

    3-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 3 Getting Started with CMS Displa ying CM S Figur e 3-5 CMS Star tu p Report The CMS St a rtup Rep ort has links t hat inst ru ct yo u how to cor re ctly configure you r PC or work st at ion. If the CMS Startup Repo rt appears, click the links, and follo w the instructions[...]

  • Page 59

    3-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 3 Getting Star ted with CMS Displaying CMS Figur e 3-6 T oolbar The Front P anel vie w displays the fr ont-panel image of th e command switch and other selecte d switches, as sh own i n Figur e 3-7 , and you c an select more switches to be displayed. Y ou can ch oose a nd co[...]

  • Page 60

    3-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 3 Getting Started with CMS Displa ying CM S Topology View When CM S is laun ch ed from a com mand sw itch, th e T opology v iew appea rs by de fault. (T his v iew is av ailable on ly when CMS is la unched fr om a comman d switch. ) When you cli ck the topol ogy button on t[...]

  • Page 61

    3-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 3 Getting Star ted with CMS Where t o Go Next • Collapse Cluster—W hen you righ t-clic k a comm and-swi tch icon a nd select Collapse Cluster , the clust er is colla psed and represen ted by a s ingle icon . The vie w shows ho w the cluster is connecte d to other cluster[...]

  • Page 62

    3-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 3 Getting Started with CMS Where to Go Nex t[...]

  • Page 63

    C HAPTER 4-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 4 Assigning the Switch IP Address and Default Gateway This chapt er describes ho w to create the initial switch conf iguration (for e xample, assig n the switch IP address an d default gateway informa tion) by using a variety of au tomati c and manua l methods. Note For comp[...]

  • Page 64

    4-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 4 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmatio n The boot loader a lso provid es trap-door access in to the system if the o perating system has problems serious enoug h that i t cannot be use d. The trap- door me chan ism provides en ou[...]

  • Page 65

    4-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Understand ing DHCP-Ba sed Autoco nfiguration The DHCP prov ides confi guration information to Intern et hosts and internetwo rking de vices. This protoc ol co nsis ts of two c omp onent[...]

  • Page 66

    4-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 4 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmatio n Figure 4-1 shows th e sequen ce of mess age s that ar e e xchanged betw een the DHCP c lient an d the DHC P server . Figur e 4-1 DHCP Client and Serv er Messag e Exc hang e The c lient, S[...]

  • Page 67

    4-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information If you want the switch to rece iv e the configura tion file from a TFTP ser ver , you must configure the DHCP serv er with these lease op tions: • TFTP se rver name (requ ire d) • Bo[...]

  • Page 68

    4-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 4 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmatio n Configuring the DNS The DH CP ser ver uses the DNS s erv er to reso lve the TF TP serv er name to an IP a ddres s. Y ou m ust configure the T FTP ser ver n ame- to-I P a ddr ess m ap on t[...]

  • Page 69

    4-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information Obtaining Configurati on Files Depending on the a vailabi lity of the IP add ress and the conf iguration file name in the DHCP reser ved lease, t he switch o btains i ts conf iguration i[...]

  • Page 70

    4-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 4 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmatio n Example Configuration Figure 4-3 shows a sa mple netwo rk for re trieving IP informat ion by using DHCP-b ased auto configurat ion. Figur e 4-3 DHCP- Based A utoconfigur ation Networ k Ex[...]

  • Page 71

    4-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Assigning Switch Information switch2-confg switch3-confg switch4-confg prompt> cat network-confg ip host switch1 10.0.0.21 ip host switch2 10.0.0.22 ip host switch3 10.0.0.23 ip host switch4 10.0.0.24 DHCP Cli en[...]

  • Page 72

    4-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 4 Assigning the Switch IP Address and Default Gateway Checking and Saving th e Run ning Confi gura tion T o remov e the switch IP addr ess, use th e no ip address interface configurat ion comma nd. If yo u are remo ving the address through a T elnet session, yo ur connec t[...]

  • Page 73

    4-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 4 Assigni ng the Swi tch IP Addr ess an d Defa ult Ga tewa y Chec king and Savin g the Ru nnin g Co nfig ur atio n no ip route-cache ! ip default-gateway 172.20.139.129 ip http server ! ip access-list extended CMP-NAT-ACL dynamic Cluster-HSRP deny ip any any dynamic Cluster-[...]

  • Page 74

    4-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 4 Assigning the Switch IP Address and Default Gateway Checking and Saving th e Run ning Confi gura tion[...]

  • Page 75

    C HAPTER 5-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 5 Clustering Switches This chapte r provides these topics to help you get started with switch clu stering: • Understa ndin g Swi tch Cl u sters , pa ge 5-1 • Planning a Sw itch Cluster, page 5-3 • Creating a Switch C l uster, page 5- 15 • Using the CL I to Manage Sw [...]

  • Page 76

    5-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Underst an ding Switch Cl us ters Cluster members ar e connected to the comm and switch according to the connect i vity guide lines describe d in t he “ Auto mat ic Di scovery of Cl uste r Ca ndida tes and M embe rs” sec tion on p ag e 5- 3 . • C[...]

  • Page 77

    5-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Candidate Switch and Member Switc h Characteristic s Candid ate swi tch es are cluster-capa ble switc hes tha t hav e not yet be en added t o a clus ter . Me mber switch es are swi tches that ha ve actually been added to a s[...]

  • Page 78

    5-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Foll owi ng these connec tiv ity guidelines ensures auto matic disco very of the switch cluster , cluster candi date s, conn ec ted swi tch cl usters , a nd neig hbo ring edge d evices: • Discovery Through CD P Ho ps, pa[...]

  • Page 79

    5-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Discovery Through Non-CDP-Capabl e and Noncluster-Capable Devices If a comman d swi tch is connecte d to a non-CDP-c apable t hir d-party hub (such as a non -Cisc o hub), it can disco ver clus ter-en abled de vices conne cte[...]

  • Page 80

    5-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Figur e 5-3 Disco very Thr ough the Same Manag ement VLAN Discovery Through Different M anagement VLANs W e reco mmend usin g a Catalyst 3550 command sw itch, a Cata lyst 2 955 comma nd switch, a Catalyst 2950 command swit[...]

  • Page 81

    5-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Figur e 5-4 Disco v ery Thr ough Dif f erent M anage ment VLANs with a Lay er 2 Command S witc h Discovery of Newly Installed Switches T o jo in a cluster, the ne w , out-of-the -box switc h must be con nected to the cl uste[...]

  • Page 82

    5-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Figur e 5-5 Disco v ery of Newly I nstalled S witc hes in Dif fer ent Managem ent VLANs HSRP and S tandby Command Sw itches The switc h supp orts H ot Sta ndby Rout er Protoc ol (HSRP) so that you ca n co nfigure a group o[...]

  • Page 83

    5-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Note Th e clu ster sta ndby group i s an H SRP g rou p. D isab lin g HSRP di sable s t he c luste r stand by group. The switch es in the clus ter standb y group ar e ranke d accordin g to HSRP prioritie s. The swi tch with t[...]

  • Page 84

    5-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er – When the c ommand switch is a Cataly st 2955 swi tch ru nning Cisc o IOS Rele ase 12. 1(12c)E A1 or later, all stan dby co mman d sw itc hes m ust b e Catalyst 2955 swi tches ru nning Cisc o IOS Release 12.1(12c)E A1 [...]

  • Page 85

    5-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Figur e 5-6 VLAN Co nnectivity Betw een Standby -Group Mem bers and Clus ter Members Catalyst 1900, Catalyst 2820, Catalyst 2900 XL, Cat alyst 295 0, and Catalyst 3500 XL member switches m ust be conn ec ted t o the c lust [...]

  • Page 86

    5-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er IP Addresse s Y ou must as sign IP info rmation to a command switch. Y ou can access the cl uster thr ough the comman d-sw it ch IP a dd ress. I f yo u configu re a c luste r sta ndby gro up, you mu st u se the sta ndby-g[...]

  • Page 87

    5-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er If yo u chang e the mem ber -switch passw ord to be dif fer ent fr om the co mmand- switch passw ord an d sa v e the change, the switch is not manageable b y the command switch until you chang e the member -switch password [...]

  • Page 88

    5-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er For more infor mation abo ut CMS access mo des, see the “Pri vilege L ev els” se ction on pa ge 3-6 . Note • If your cluster has these member switches run ning ear lier software releases and if you have read-o nly a[...]

  • Page 89

    5-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Creati ng a Swit ch Cluster LRE P rofi les In Cisco IO S Rel ease 12. 1(1 4)EA 1 or lat er, the Catalyst 295 0 L RE sw itch es do no t sup por t pu blic profiles. In softw are releases ea rlier than Cisco IOS Rele ase 12.1 (19)EA1, a conf iguratio n co[...]

  • Page 90

    5-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Creating a Switch Cluster Note • W e strongly re commen d that the high est-en d, comman d-capa ble switch in the cluster be the comm an d s witc h: – If your switch cl uster has a Catalyst 3550 switch, that switch sho uld be the command swi tch. [...]

  • Page 91

    5-17 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Creati ng a Swit ch Cluster Figur e 5-8 A dd t o Cluste r Window From C MS, the re ar e two ways to add swit ches t o a clus ter: • Select Cluster > Add to Cluster , select a c andidate s witch from th e list, click Add , and c lick OK . T o add m[...]

  • Page 92

    5-18 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Creating a Switch Cluster Figur e 5-9 Using the T opolo gy V iew to A dd Membe r Sw itches Instead o f using CMS t o add memb er s to the cl uster, you can use the cluster member global conf igura tion command from the comman d switch. Us e the passwo[...]

  • Page 93

    5-19 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Creati ng a Swit ch Cluster Creating a Clu ster S tandby Group The cl uster s tandb y grou p member s must meet the requ irements descri bed in the “Stand by Command Switch C haract eristics” section on pag e 5-2 and “HSRP and Standby Command Swi[...]

  • Page 94

    5-20 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Creating a Switch Cluster • When th e comm and swi tch is a Catal yst 2 940 swi tches, al l sta ndby command switches must be Catalyst 294 0 switches. • When the com mand switch i s running Cisco IO S Releas e 12.0( 5)WC2 or ear lier, the standby [...]

  • Page 95

    5-21 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Using the CLI to Manage Switch Clusters Figur e 5-1 1 Inv entory Windo w Step 4 Se lect Reports > In ventory to displa y an in ventor y of the switches in t he clust er ( Figu re 5- 11 ). The summary includes inf ormation su ch as switch m odel numb[...]

  • Page 96

    5-22 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Using SNMP to Ma nage Sw itch Cl usters The T elnet sessio n accesse s the member -switch CLI at the same pri vile ge le v el as on the comm and swit ch. The Cis co IOS comm ands then operate as us ual. F or ins truct ions on con fi guring the switch [...]

  • Page 97

    5-23 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 5 Clustering Switche s Using S NMP to Ma nage Swit ch Clust ers If a m emb er switc h has i ts own I P a ddr ess a nd co mmuni ty stri ngs, t h ey can be u sed i n addi tio n to the acces s pro vided b y the command switch. F or m ore in formation about SNMP and co mmunity s[...]

  • Page 98

    5-24 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 5 Clustering Switches Using SNMP to Ma nage Sw itch Cl usters[...]

  • Page 99

    C HAPTER 6-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 6 Administering the Switch This chap ter describ es how to perform one-ti me operat ions to admini ster your Ca talyst 2940 switch. This chap ter cons ists of th ese sectio ns: • Managin g the System Time and Da te, pa ge 6-1 • Configuring a System Na me a nd Pro mpt, pa[...]

  • Page 100

    6-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the Syste m Time and Date The sy stem clo ck can provid e time t o these servi ces: • User show comman ds • Logging and de bugging m essag es The syste m clock keeps tr ack of time internal ly based on Univ ersal Time Coordina ted (U[...]

  • Page 101

    6-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Se v e ral manuf act urer s inclu de NT P softw ar e fo r t heir hos t systems, and a public ly a vailable v er sion f or systems running UNIX and its various deriv ati ves is also available . This softwa[...]

  • Page 102

    6-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Default NTP Configurati on Ta b l e 6 - 1 shows the default NTP co nfigurati on. NTP is enable d on all interfa ces b y defau lt. All interfa ces rece iv e NTP packets. Configuring NTP Authentication This proced[...]

  • Page 103

    6-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e T o di sab le NTP auth en t ica t ion, us e th e no ntp authenticate global co nfigur ation co mm and. T o rem ove an auth entication ke y , use the n o ntp au then ticat ion-k ey number gl ob al co nfigu[...]

  • Page 104

    6-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Y ou ne ed to configure onl y one en d of an associat ion; the other device can automa tical ly establ ish the associat ion. If you are using the default NTP version (version 3) and NTP sync hronizati on does no[...]

  • Page 105

    6-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e T o disable the interface fro m sending NTP broadcas t packets, use the no ntp broadcast interface conf igurat ion command. This e xample sho ws ho w to conf igure an interf ace to send NTP version 2 pack[...]

  • Page 106

    6-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Creating an Access Gro up and Assigni ng a Basic IP Access List Beginn ing in pri vilege d EXEC mode, follo w these steps to contro l access to NTP services b y using access lists: The ac c ess gr oup keywords a[...]

  • Page 107

    6-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e If the source IP address m atches the access lists fo r more t han one acces s type, the f irst typ e is grant ed. If n o access gro ups are spec ifie d, all a ccess types are gr anted t o all de vices . [...]

  • Page 108

    6-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Beginn ing in pri vile ged EXEC mode, follo w these steps to conf igure a specif ic interface fro m which the IP sourc e ad dress is to be take n: The specif i ed interface is u sed for the sour ce address for [...]

  • Page 109

    6-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Setting the System Clock If you have an outsid e source on the net work that pr ovides time ser vices, su ch as a n NTP server , you do not need to manuall y set the syste m clock. Begi nning in pri vile[...]

  • Page 110

    6-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Configuring the Tim e Zone Beginn ing in pri vilege d EXEC mode, follo w th ese steps to manually conf igure the time zone: The minutes-of fset v ariable in the clo ck timezone global con figurat ion c om mand [...]

  • Page 111

    6-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Mana gi ng th e S y stem Tim e an d Da t e Configuring Summer Time (Daylight Saving Time) Beginning in pr ivileged EXEC mode, fo llow these steps t o co nfigure summer time (dayligh t saving time) in areas wh ere it start s and ends on a particul[...]

  • Page 112

    6-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Configur ing a Sys tem Nam e and Prompt Beginning in privileged EX EC mode, fol low these steps if summ er time in your area do es not follow a recurr ing patt ern (con figure the exact dat e and time of the next summer tim e ev ents) : The first[...]

  • Page 113

    6-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Confi guring a S ystem Name an d Prompt This se ctio n c onta ins thi s configu ratio n inf or mat ion: • Default Syste m Name and Prom pt Configuration , page 6-15 • Configuring a Syste m N ame , page 6-15 • Conf iguri ng a Syst em Pr ompt[...]

  • Page 114

    6-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Configur ing a Sys tem Nam e and Prompt Configuring a System P rompt Beginning i n privileged EX EC mode , follow th ese s teps t o ma nual ly c on figure a s yst em prom pt: T o r e turn to th e defaul t p rom pt, use th e no prompt [ string ] g[...]

  • Page 115

    6-17 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Confi guring a S ystem Name an d Prompt Default DNS Configur ation Ta b l e 6 - 2 shows the default DN S configur ation . Setting Up DNS Beginning i n privileged EX EC mo de , follow these s teps to s et up you r s witc h to use th e DNS: If you [...]

  • Page 116

    6-18 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Creating a Banner domain name is the v alue set b y the ip do ma in- nam e g lo bal c onfigurati on c om mand. I f ther e is a period (.) in the hostn ame, the Cisco IO S software l ooks up the I P addre ss without appendi ng any default domain n[...]

  • Page 117

    6-19 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Creat ing a Bann er Configurin g a Mess age-of-the -Day Log in Bann er Y ou can crea te a sin gl e or mult ilin e m essage b anne r t hat a ppea rs on th e scr een when so meo ne lo gs in to the switch. Beginning in privileged EX EC mode, fol low[...]

  • Page 118

    6-20 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the MAC A ddre ss Table Configurin g a Login B anner Y ou c an co nfigur e a l og in ba nner t o be di spla yed on al l c onnec ted t ermi nal s. Thi s ba nn er ap pe ar s aft er the M O TD ba nn er a nd befo re the lo gin pro mpt. Begi[...]

  • Page 119

    6-21 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Managin g the MAC Addre ss Table This se ctio n c onta ins thi s configu ratio n inf or mat ion: • Building the A d dress T a ble , pa ge 6 -21 • MA C Addre sses an d VLA Ns, page 6-21 • Default MAC Address T ab le Configurat ion, page 6-22[...]

  • Page 120

    6-22 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the MAC A ddre ss Table Default MAC Address Table Configuration Ta b l e 6 - 3 sho ws the default MAC address table con figuration. Changing the Addre ss Aging Time Dynami c add re s ses ar e so ur ce MA C addresses tha t the s witc h l[...]

  • Page 121

    6-23 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Managin g the MAC Addre ss Table Removi ng Dyn amic Ad dre ss E ntries T o re move all dynami c en tries, use the c lea r ma c ad dress- tab le dy nami c comman d in pr ivileged EXEC mode. Y ou can also rem ov e a sp ecif ic M A C addr ess ( cl e[...]

  • Page 122

    6-24 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the MAC A ddre ss Table T o di sable the sw itch from se nding MAC address notificati on traps, use the no snmp-serv e r enable traps mac-notification global con f igura tion co mman d. T o di sable th e MA C address not ification trap [...]

  • Page 123

    6-25 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 6 Adminis ter ing the Switch Managin g the MAC Addre ss Table Adding and Remo ving Sta tic Address E ntries A static address has these characteristics: • It is manu ally en tered in th e address t able an d must be manu ally removed. • It can be a unicast or multicast ad[...]

  • Page 124

    6-26 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 6 Administering the Switch Managin g the ARP Table Displaying A ddress Table Entries Y ou ca n display th e MA C addre ss table by using one or mor e of the privileged EXEC com mand s describe d in Ta b l e 6 - 4 : Managing the ARP Ta ble T o communica te with a de vi ce ([...]

  • Page 125

    C HAPTER 7-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 7 Configuring Switch-Based Authentication This chapter describes ho w to conf igure switch-based authen tication on the Cata lyst 2940 switch. This chapter co nsists of these sections: • Pre ve nting Unauthorized Acc ess to Y our Switch, page 7-1 • Protectin g A cce ss t[...]

  • Page 126

    7-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Protecting Access to Privileged EXEC Command s A simpl e way of p rovidin g te rmi nal acces s c ontr ol i n you r netwo rk i s to use p ass words a nd as sign privilege lev els. Pass[...]

  • Page 127

    7-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds Setting o r Changin g a Static Enab le Pa ssword The en able password control s access to the privileged EXEC mode. Beginning in privileged EXEC mode, follo w th ese steps to[...]

  • Page 128

    7-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Protecting En able and E nable Secre t Passw ord s with Enc ryption T o provide an additio nal layer of security , particularly for passwords tha t cross the network or that are store[...]

  • Page 129

    7-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds If bo th the en able and e nable sec ret pas sword s are de f ined, us ers must enter th e enable s ecret p asswo rd. Use th e level keyword to define a password fo r a sp ec[...]

  • Page 130

    7-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds T o remov e the passwor d, use the no password glob al configur ation comm and. This example sho ws ho w to set the T elnet password to let45m e67in 89 : Switch(config)# line vty 10 S[...]

  • Page 131

    7-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds Configuring Multiple Privilege Level s By default, the Cisco IO S software has two modes of passwor d security: use r EXEC and privileged EXEC. Y ou ca n configure up t o 16 [...]

  • Page 132

    7-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds When y ou set a command to a pr i vile ge le vel, all co mmands whose s yntax is a subs et of th at com mand are al so set to th at le vel. For exampl e, if y ou set the sho w ip traf[...]

  • Page 133

    7-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ Logging into and Exiting a Privilege Level Beginn ing in pri vile ged EXEC mode, f ollo w these steps to log in to a s pe cif ie d p ri vi l e ge le ve l and to e x it to a specified pri vile[...]

  • Page 134

    7-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controlling Sw itch Acce ss w ith TACACS+ The goal of T A CA CS+ is to provide a method for man aging multiple network a ccess points from a single manageme nt ser vice. Y our sw it ch c an b e a ne twork acc ess se rver a long wi [...]

  • Page 135

    7-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ The T ACA C S+ pr otoc ol pr ovides a uthe nti cati on b etwe en th e swi tc h and t he T A CACS+ daemon, and i t ensures conf identiality because all protoco l exchang es between the switch[...]

  • Page 136

    7-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controlling Sw itch Acce ss w ith TACACS+ authorize, or to keep accounts on users; if that meth od does not respond, the software selec ts the next method in the list. Th is process c ontinues until th ere is successf ul communicat[...]

  • Page 137

    7-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ T o remov e the specif ied T A C A CS+ serve r name or address, use the no tacacs- server ho st hostna me global configurat ion comm and. T o remove a server group from the configur ation li[...]

  • Page 138

    7-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controlling Sw itch Acce ss w ith TACACS+ Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf igure login au thenticatio n: Comma nd Pu rpos e Step 1 configur e terminal Enter globa l configurati on mode. Step 2 a aa[...]

  • Page 139

    7-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ T o disa ble A AA, use t he no aaa new-model glob al co nfigurati on comm a nd. T o disa ble A AA authenti cation, use th e no aaa aut hent ica tion l ogin { default | list-name } method1 [ [...]

  • Page 140

    7-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Starting TACACS+ Accounting The AAA acco unting feature tracks th e services that users are acces sing an d the amoun t of netwo rk resources th at the y are co nsuming. When AAA ac counti[...]

  • Page 141

    7-17 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Understanding RADIUS RADIUS is a distr ibu ted client /serv er system that secures netw orks ag ainst una uthorized access. RADIUS c li ents run o n supp orte d Ci sco rout ers and swi tch es[...]

  • Page 142

    7-18 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Figur e 7 -2 T ransitioning fr om RADIUS t o T ACA CS+ Servi ces RADIUS Operation When a user attem pts to log in and authentic ate to a switch that is acce ss controlled by a RADIUS serv [...]

  • Page 143

    7-19 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Configuring RADIUS This se ctio n de scri bes how to c onfigure your sw itch to su ppo rt R ADI US. At a mi nim um, y ou mus t identify the host or ho sts that run the RADIUS server software [...]

  • Page 144

    7-20 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Y ou iden tif y R A DIUS secu ri ty s er vers by the ir host na me or I P a ddre ss, host na me a nd spe c ific UDP port num bers, or t heir I P addre ss and spec ific UDP port numb ers. T[...]

  • Page 145

    7-21 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Beginning i n privileged E XEC mo de, foll ow these s teps to c on figure p er-server R ADI US ser ver comm unicatio n. This pr oced ure is requir ed. T o remov e the specif ied RADIUS serve [...]

  • Page 146

    7-22 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS This example shows ho w to configure host1 as the RADIUS se rver and to use the default ports fo r both authenti cation a nd acc ountin g: Switch(config)# radius-server host host1 Note Y o[...]

  • Page 147

    7-23 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Step 3 a aa authent ication login { default | list-name } method1 [ meth od2 ... ] Create a login auth entic ation meth od list. • T o create a def ault list tha t is used when a n amed lis[...]

  • Page 148

    7-24 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS T o disa ble A AA, use t he no aaa new-model glob al co nfigurati on comm a nd. T o disa ble A AA authenti cation, use th e no aaa aut hent ica tion l ogin { default | list-name } method1 [...]

  • Page 149

    7-25 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Be ginning in pri v ile ged EXEC mode, fo llo w these step s to def ine the AAA ser ver group and associate a particula r RADIUS serve r with it: Comma nd Pu rpos e Step 1 configur e terminal[...]

  • Page 150

    7-26 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS T o remov e the specif ied RADIUS serve r , u se the no radius-serv er host hostname | i p-add r ess global configurat ion comm and. T o remove a server group fro m the c onfiguration list[...]

  • Page 151

    7-27 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Beginn ing in pri vile ged EXEC mo de, follo w these ste ps to specif y RADIUS author ization for privile ged EXEC a cce ss an d n etwor k ser vi ces: T o di sable authori zation , use t he n[...]

  • Page 152

    7-28 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Configuring Settings for All RADIUS S ervers Beginning i n privileged E X EC mo de , follow these s teps to c on figure gl obal com mun ica tion sett ings between the switch and all RADIUS[...]

  • Page 153

    7-29 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS For ex ample, this A V pair acti vates Cisco’ s multiple named ip addr ess pools featur e during IP authorization (during PPP’ s I PCP addr ess assignment): cisco-avpair= ”ip:addr-pool=[...]

  • Page 154

    7-30 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Controllin g Switch A cce ss wit h RA DIUS Beginning i n privileged EXEC mode, f ollow thes e steps to specif y a vendor-propr ietar y RADI US server host a nd a sh ared se cret te xt string: T o d elete t he vendor-propriet ary RA[...]

  • Page 155

    7-31 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 7 Configuri ng Sw itch-Ba sed Auth entication Configuring the Switch for Local Authentication and Authorization Configuring the Switch for Local Authentication and Authorizat ion Y ou can c onfi gure AAA t o opera te without a serv er b y settin g the switch to impl ement AA[...]

  • Page 156

    7-32 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 7 Configuring Switch-Based Authentication Configur ing the Switc h fo r Local Au thentica tion and A uthorizat ion[...]

  • Page 157

    C HAPTER 8-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 8 Configuring 802.1X Port-Ba sed Authen tication This c hapt er d escri bes how to c onfigure I EE E 802 .1X por t-ba sed a uth en tic ation o n the Cat al yst 2 940 switch to pre ve nt unauthorized devi ces (clients) from ga ining access to the netw ork. Note For comple te [...]

  • Page 158

    8-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen tication Unders tan ding 802.1X Port -Based A ut henticat io n Device Roles W ith 802.1X por t-bas ed authentic ation, the de vices in the netw ork ha ve speci fic ro les as sho wn in Figure 8-1 . Figu re 8- 1 80 2. 1X De vic e Rol [...]

  • Page 159

    8-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Understandi ng 802.1X P ort-Based Aut henticat ion Authentication Initiation and Message Exchange The swi tch or th e client can initi ate authen tication. If you enable auth entication on a p ort b y using the dot1x port -[...]

  • Page 160

    8-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen tication Unders tan ding 802.1X Port -Based A ut henticat io n Ports in Au thorized and Un authorized S tates The switc h port state determi nes whet her or not the client is gran ted acces s to the net work. The por t starts in the[...]

  • Page 161

    8-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Understandi ng 802.1X P ort-Based Aut henticat ion In a po in t-to- point configur ati on (se e Figu re 8-1 on pa ge 8-2 ) , only one cli ent can be connec ted to the 802.1X -enabled switch port. The switch de tects the cl [...]

  • Page 162

    8-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen tication Configur ing 80 2. 1X Au thent ica tion Configuring 802.1X Authent ication These sec tions de scri be how t o con figure 8 02. 1X p or t-ba sed a uthe ntic ati on on yo ur sw itch: • Default 80 2.1X Configura tion, pag e [...]

  • Page 163

    8-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication Retran smission ti me 30 seconds (nu mber of seco nds that the switch should wait for a response to an EAP request/iden tity frame from the c lient bef ore resen ding the reque st). Maxim[...]

  • Page 164

    8-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen tication Configur ing 80 2. 1X Au thent ica tion 802.1X Configuration Guidelines These ar e the 80 2.1X aut henti cation co nfigurati on guid elines : • When 802.1 X is enabl ed, port s are auth enticat ed befor e any other Laye r[...]

  • Page 165

    8-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication global c onfi guration c ommand. I f 802.1X was run ning in mu ltiple-hosts m ode on an interf ace i n the previous releas e, make sure to re configure it by using the dot1x host-mode mul[...]

  • Page 166

    8-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen tication Configur ing 80 2. 1X Au thent ica tion T o disa ble A AA, use t he no aaa new-model glob al co nfigurati on comm a nd. T o disa ble 80 2.1 X A AA authenti cation, use t he no aaa authenti cation dot1x { default | list-nam[...]

  • Page 167

    8-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication T o delete the specif ied RADIUS serv er , use the no ra diu s- server h ost { hostnam e | ip-add r ess } global configurati on comm a nd. This exam ple sh ows how to specify the server [...]

  • Page 168

    8-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen tication Configur ing 80 2. 1X Au thent ica tion Beginn ing in pri vileged EXE C mode, follo w these steps to e nable periodic re-aut hentication of th e client and to co nfigure t he num ber of se conds b etwe en r e-au then tic a[...]

  • Page 169

    8-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication T o return to the def ault quie t time, use the no dot1x time out quiet -peri od interface con figu ration comm and. This e xample shows ho w to set t he quiet time on the switch to 30 s[...]

  • Page 170

    8-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen tication Configur ing 80 2. 1X Au thent ica tion This e xample shows h ow to set 60 as the number of seconds that th e switch waits for a response to an EAP-re que st/ iden tity fr am e fr om the c lien t befo re rese ndin g t he r[...]

  • Page 171

    8-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 8 Configuring 8 02.1X Port-B as ed Authen ti cat ion Configuring 802. 1X Authent ication W ith the multiple-hosts mode enabled, you can use 802.1X to authentica te the port and port security to manage network ac cess for all M A C addresse s, includ ing tha t of t he clie nt[...]

  • Page 172

    8-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 8 Configur ing 802. 1X Port-Bas ed Authen tication Display ing 802.1 X Stat is t ics and Status Displaying 802.1X St atistics and Status T o display 80 2.1X stati stics fo r all interf aces, use the show dot1x all statistics pri vil ege d EXEC command. T o display 802.1X s[...]

  • Page 173

    C HAPTER 9-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 9 Configuring the Switch Interfaces This c hapt er d escrib es the types of int erfaces on a Ca taly st 29 40 switc h an d h ow to c onfigure them. The c hap ter has these sections: • Understa ndin g I nte rface T ypes, pa ge 9-1 • Using th e Interfa ce Comm and, page 9-[...]

  • Page 174

    9-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 9 Configuring the Switch Interfaces Underst an ding In te rface Type s Access Ports An access por t belongs to an d carri es the traffic of only one VLAN (unless it is configu red as a voice VLAN port) . T raf fic is rec eiv ed and sent in nati ve formats with no VLAN taggi[...]

  • Page 175

    9-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 9 Configuring th e Sw itch Interf ace s Unde rsta ndi n g In t erf ac e Ty p es Port-Based VLANs A VLAN is a switched netwo rk that is logically segmented b y function, team, or application, witho ut reg ard to the physic al location of the user s. For more in format ion abou[...]

  • Page 176

    9-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 9 Configuring the Switch Interfaces Using the Inter fa ce Comma nd Figur e 9-1 Connec ting VLANs with La y er 2 S witche s Using the Interf ace Command T o configu re a physical interf ace (port), use the interfa ce global conf i guration command to enter int e rf a ce conf[...]

  • Page 177

    9-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 9 Configuring th e Sw itch Interf ace s Using the Interface Command Procedures for Configuring In terfaces These ge neral instruc tions apply to all interfa ce conf iguration processes. Step 1 Enter th e confi gure terminal comma nd at the pr i vileged EXEC prom pt: Switch# c[...]

  • Page 178

    9-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 9 Configuring the Switch Interfaces Using the Inter fa ce Comma nd 5 minute output rate 1000 bits/sec, 2 packets/sec 2832963 packets input, 214073802 bytes, 0 no buffer Received 21170 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 14 i[...]

  • Page 179

    9-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 9 Configuring th e Sw itch Interf ace s Using the Interface Command Beg i n ni n g i n p r iv i l eg ed E X E C m o d e , fo l l ow t h e s e s te p s t o configur e a range of interface s with the same paramet ers: When usin g the interf ace range glob al con figuration co m[...]

  • Page 180

    9-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 9 Configuring the Switch Interfaces Using the Inter fa ce Comma nd *Oct 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to up *Oct 6 08:24:35: %LINK-3-UPDOWN: Interface FastEthernet0/4, changed state to up *Oct 6 08:24:35: %LINK-3-UPDOWN: Interface Fast[...]

  • Page 181

    9-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 9 Configuring th e Sw itch Interf ace s Using the Interface Command Use the no de fine interface-range macr o_ name global conf iguration comm and to de lete a macro . When usin g the def ine interface-ra nge global configurat ion comma nd, note these gui delines: • V alid [...]

  • Page 182

    9-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 9 Configuring the Switch Interfaces Configur ing Ethernet Int erfaces Configuring Eth ernet Inte rfaces The swit ch supports these interf ace types: • Physical p orts—Sw it ch p orts, inc luding ac cess a nd t runk por ts • VLANs—Switch virtual interfa ces (SVIs) ?[...]

  • Page 183

    9-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 9 Configuring th e Sw itch Interf ace s Configuring Ethernet Interfaces Configuring In terface Sp eed and Du plex M ode The 1 0/100 Ethern et int erface s on the sw itch o perate i n 10 or 1 00 Mbp s and i n either full- o r half- duplex mode. The 10/100/ 1000 Ethe rnet inte[...]

  • Page 184

    9-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 9 Configuring the Switch Interfaces Configur ing Ethernet Int erfaces Setting the Interface Speed and Duplex Pa rameters Beg i nn i n g i n pr ivi le ge d E X EC mo d e , f o l low t h es e s t e p s t o set the speed and duple x mode f or a phys ical interface: Use the no[...]

  • Page 185

    9-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 9 Configuring th e Sw itch Interf ace s Configuring Ethernet Interfaces Configuring Auto-MDIX on an Interface When autom atic mediu m-dependent interface crossover ( Auto-MDIX) is enabled on an interface, the interfac e automati cally detec ts the req uired cable connecti on[...]

  • Page 186

    9-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 9 Configuring the Switch Interfaces Monito rin g and Mai nt aining th e In terfaces This example shows how to enable Auto-MDI X on Gi gabit Ethern et inte rface 0/1: Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# speed auto Switc[...]

  • Page 187

    9-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 9 Configuring th e Sw itch Interf ace s Monitoring and Maintaining the Interfaces Monitorin g Interface an d Controlle r Status Command s entere d at the privileged EXEC pro mpt displ ay info rmati on about th e interfac e, includ ing the ver sion of the softwar e and the ha[...]

  • Page 188

    9-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 9 Configuring the Switch Interfaces Monito rin g and Mai nt aining th e In terfaces T o clea r th e inte rface coun ter s shown by the show inte rfac es privileged EXEC co mman d, use t he clear counters pri vil eged EXEC comm and. The clear counters command cle ars all cu[...]

  • Page 189

    9-17 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 9 Configuring th e Sw itch Interf ace s Monitoring and Maintaining the Interfaces This exampl e shows ho w to re-ena ble Fast Ethern et inter face 0/5: Switch# configure terminal Switch(config)# interface fastethernet0/5 Switch(config-if)# no shutdown Switch(config-if)# *Sep[...]

  • Page 190

    C HAPTER 10-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 10 Configuring SmartPort Ma cros This c hapter d escrib es how to c onfigure and appl y Sma rtPor t m acro s on y our Cataly st 2940 switch. Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to th e command refer ence for this [...]

  • Page 191

    10-2 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 10 Configuring Smart P ort Mac ros Confi guring Smart -Port Mac ros Default SmartPort Macro Configuration There are no defa ult SmartPo rt macros conf igured on the swi tch. SmartPort Macro C onfiguratio n Guidelines Follow these guideli nes when configuring ma cros on your [...]

  • Page 192

    10-3 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 10 Configuring SmartPort Macros Configuring Smart-Port Ma cros The no form o f the macro name global conf iguration command only delete s the macro def inition. It does not affect th e configurat ion of tho se inter faces on whi ch the ma cro is alre ady app lied. Y ou can[...]

  • Page 193

    10-4 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 10 Configuring Smart P ort Mac ros Displaying SmartPort Macros -------------------------------------------------------------- Fa0/9 desktop-config -------------------------------------------------------------- Displaying Sma rtPort Ma cro s T o di splay the Sma rtPort ma cro[...]

  • Page 194

    10-5 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 10 Configuring SmartPort Macros Displaying SmartPort Mac ros[...]

  • Page 195

    C HAPTER 11-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 11 Configuring STP This ch apter descr ibes how to co nfigure the Sp anni ng T ree Pr otocol (STP) o n your Catalyst 2940 swit ch. For informat ion about option al spanning -tree features, se e Chapte r 12, “Configuring O pti onal Spanning -Tree Featur es .” Note For co[...]

  • Page 196

    11-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Underst an ding Spa nning- Tree Featu res For informat ion about option al spanning -tree features, se e Chapte r 12, “Configuring O pti onal Spanning -Tree Featur es .” STP Overvie w STP is a Lay er 2 link mana gement pr otocol t hat provide s path [...]

  • Page 197

    11-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Unders tanding Spanni ng-Tree Featu res • The br id ge I D of the se ndin g switc h • Message age • The iden tif ier of the sending interfac e • V alu es f or th e h ell o, forwa rd -del ay , a nd ma x-ag e pr otoc ol t ime r s When a switch recei [...]

  • Page 198

    11-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Underst an ding Spa nning- Tree Featu res Spannin g tree uses the exte nded system ID, the switch prio rity , and the allocated spanning-tr ee MA C addr ess to mak e the bridge ID u nique f or each VLA N. Wi th earl ier releases , spanni ng tree u sed on[...]

  • Page 199

    11-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Unders tanding Spanni ng-Tree Featu res Figure 11-1 illustrates ho w an interface mo ves throug h the states. Figur e 1 1 -1 Spannin g-T ree I nte rf ace States When yo u po wer up the switch, spanning t ree is en abled b y default, an d e very interf ace [...]

  • Page 200

    11-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Underst an ding Spa nning- Tree Featu res Listening State The li stening state i s the fir st state a Layer 2 inte rface enter s after the block ing sta te. The interf ace e nters this state when the spann ing tree determ ines that the interf ace should [...]

  • Page 201

    11-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Unders tanding Spanni ng-Tree Featu res How a Sw itch or Port Beco mes th e Root S witch o r Root Port If all switches in a netw ork are enabled with default spanni ng-tree settings, th e switch with the lo west MA C address becomes the root switch. In Fig[...]

  • Page 202

    11-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Underst an ding Spa nning- Tree Featu res Figur e 1 1 -3 Spannin g T r ee and Redun dan t Conne ctiv ity Y ou ca n also creat e redund ant links be tween swit ches by using Ethe rChannel groups. For more inform ati on, see Ch apter 25, “Configuri ng Et[...]

  • Page 203

    11-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Unders tanding Spanni ng-Tree Featu res Span ning- Tr ee Mo des a nd Pr ot ocols The sw itch supp orts PV ST+. T his span ning -tree mode i s based on th e IEEE 802. 1D standa rd and Cisco proprie tar y exte nsion s. It i s the defau lt spa nning -t ree m [...]

  • Page 204

    11-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s When you c onnect a Cis co switch t o a non-Ci sco device throug h an 802 .1Q tru nk, the Cisco s witch uses PVST+ to prov ide spanning-tree interoperability . If rapid PVST+ is enabled, the switch uses it in stea[...]

  • Page 205

    11-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing S panning- Tree Features STP Configuration Guidelines Y ou ca n disabl e STP on one of the VLAN s and then e nable it on the VLAN whe re you want it to run . Use the no spanning-tree vlan vlan- id global configurat ion comm and to disable spa[...]

  • Page 206

    11-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s Beginning in privileged EXEC mo de, follow these steps to di sable STP on a per-VLAN basis: T o r e -ena ble spa nnin g t ree , use th e spanning-tree vlan vlan-id glob al con figuration co mman d. Configuring the[...]

  • Page 207

    11-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing S panning- Tree Features Use the diameter ke yword t o sp eci fy t he La yer 2 networ k d iam ete r (tha t is , t he max i mum n umb er o f switch hops b etw een a ny two end stat ion s in t he L ayer 2 network ). Wh en yo u s pecify the n et[...]

  • Page 208

    11-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s Configur ing a Se co ndar y R oot S witch When you con f igure a Catal yst 2940 switch that su pports the extended syste m ID a s the seco ndary ro ot, the swi tch pr iorit y is m odified fr om t he d efa ult valu[...]

  • Page 209

    11-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing S panning- Tree Features Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf igure the port prior ity of an interfac e. This proc edure is option al: Note Th e show spanning-tree int erface interface- id privileged EXEC command[...]

  • Page 210

    11-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s Configuring the Path Cost The spanni ng-tr ee path c ost defaul t v alue i s derived from the med ia speed of an i nterface. If a loop occurs , spanning tree uses c ost when s electing an interfa ce to put in the [...]

  • Page 211

    11-17 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing S panning- Tree Features T o return the interfa ce to it s def ault setting, use the no spanning-tree [ vlan vlan-id ] cost interf ace configurati on comm a nd. For inf orm ati on on how to co nfigure loa d sh ari ng on t run k po rts by usin[...]

  • Page 212

    11-18 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing Span ning-T ree F eature s Configuring Spanning-T ree Timers T ab le 11-4 descr ibes th e timer s that af fect th e entir e spann ing-tree perfo rmanc e. The sectio ns that f ollow prov ide the c onfi guration ste ps. Configuring the Hello [...]

  • Page 213

    11-19 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 11 Configuring STP Configur ing S panning- Tree Features Configuring th e Forwarding-Dela y Time for a VLAN Beginning i n privileged E XEC mo de , fol low these s teps t o con figure t h e for war ding -de lay ti me for a VLAN. Th is proc edure is opt ional . This proc edur[...]

  • Page 214

    11-20 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 11 Configuring STP Displaying the Spannin g-Tree Stat us Displaying the Sp anning-Tre e Status T o display th e spannin g-tree st atus, use one or mor e of the pri vileged EXEC comman ds in T able 1 1-5 : Y ou ca n clear span ning- tree count ers by using the clear spanni[...]

  • Page 215

    C HAPTER 12-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 12 Configuring Optional Spannin g-Tree Features This cha pter descri b es how to configure opt iona l span ning- t ree fea tu res. Y ou ca n co nfigure all of the se featu res w hen you r Cata lyst 2940 sw itch is run ni ng the pe r-VLAN spa nning tre e pl u s ( PVST +) m o[...]

  • Page 216

    12-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 12 Con figuri ng Opti onal Sp anning-Tr ee Feat ures Underst an ding O pti on al Spann ing -Tree Fe atures Por ts co nnect ed to a singl e wo rkst atio n or s erve r sho uld n ot rec ei v e bri dge pr otoc ol dat a uni ts (B PDUs) . A port with Port Fast enabled goe s thr[...]

  • Page 217

    12-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res The BPDU guard feat ure pr ovides a secur e response t o in valid configurati ons becau se you must manual ly put the por t back in service. U se the BPDU guard feat ure in a[...]

  • Page 218

    12-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 12 Con figuri ng Opti onal Sp anning-Tr ee Feat ures Underst an ding O pti on al Spann ing -Tree Fe atures Figu re 12-2 Switches in a Hie rarchical Network If a switch loo ses connecti vity , it begi ns using the alternate paths as soon as the sp anning tree selec ts a ne[...]

  • Page 219

    12-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Figur e 12-3 UplinkF ast Exam ple Bef or e Dir ect Link F ailure If Switch C detects a link failu re on the currentl y acti ve lin k L2 on the root port (a dir ect link fai l[...]

  • Page 220

    12-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 12 Con figuri ng Opti onal Sp anning-Tr ee Feat ures Underst an ding O pti on al Spann ing -Tree Fe atures The swi tch tries to determine if it h as an al ternate pa th to the r oot switch. If the inferior BPDU arri ves on a blo cked port , the r oot p ort and other b loc[...]

  • Page 221

    12-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Unders tanding Opt ional Spanning- Tree Featu res Figur e 12-6 Bac kboneF ast Example Aft er Indirec t Link F ailur e If a ne w switch is introduced in to a shared -medium topolog y as sho wn in Figure 12-7 , Back boneFa st [...]

  • Page 222

    12-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 12 Con figuri ng Opti onal Sp anning-Tr ee Feat ures Underst an ding O pti on al Spann ing -Tree Fe atures If the switc h detects a mi sconfigurat ion on the othe r device, EtherCha nnel gua rd plac es the switch interf aces in the error -disa bled stat e, and this er ror[...]

  • Page 223

    12-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Understand ing Loop Guard Y ou ca n use loo p g ua rd t o prevent al tern ate or roo t po rt s from b ecom ing de signa ted port s b ecause o f a failur e that leads to a u nidi[...]

  • Page 224

    12-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 12 Con figuri ng Opti onal Sp anning-Tr ee Feat ures Configur ing Optiona l Spanning- Tree Fea tures Optional Spa nning-Tree Co nfiguration Guid elines The U pli nkFast, B ac kb oneFast, and cr oss-st ack Up link Fast fe atu res are no t su ppo rte d wi th the ra pid PVS[...]

  • Page 225

    12-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Enabling BP DU Guard (Optiona l) When yo u global ly enable BPDU gu ard on ports that are Port F ast-en abled (th e ports ar e in a Port Fast-operational state), sp anning tree[...]

  • Page 226

    12-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 12 Con figuri ng Opti onal Sp anning-Tr ee Feat ures Configur ing Optiona l Spanning- Tree Fea tures Cautio n Configure Po rt Fast on l y on p ort s that conn ec t t o en d stati ons; othe rwi se , an acc ide ntal topol o gy loo p could ca use a data pac ket loop an d di[...]

  • Page 227

    12-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures Beginn ing in pri vilege d EXEC mode, follo w th ese steps to enable Up linkFast. This procedure is optional: When UplinkF ast is enabled, the switc h priority of all VLANs is [...]

  • Page 228

    12-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 12 Con figuri ng Opti onal Sp anning-Tr ee Feat ures Configur ing Optiona l Spanning- Tree Fea tures T o disa ble t he Backb oneF ast featu re, u se the no spanning-tre e backbonefast global configurat ion comm and. Enabling E therChan nel Guard (Optional) Y ou ca n en a[...]

  • Page 229

    12-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 12 Configuring Op tiona l Spa nni ng-Tree Features Configurin g Optional Spanni ng-Tree Fe atures T o dis abl e root gua rd, u se the no spanning-tr ee guard inter face conf iguration command. Enabling L oop Guard (Op tional) Y ou ca n use loo p g ua rd t o prevent al tern [...]

  • Page 230

    12-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 12 Con figuri ng Opti onal Sp anning-Tr ee Feat ures Displaying the Spannin g-Tree Stat us Displaying the Sp anning-Tre e Status T o display th e spannin g-tree st atus, use one or mor e of the pri vileged EXEC comman ds in T able 1 2-2 : Y ou ca n clear span ning- tree [...]

  • Page 231

    C HAPTER 13-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 13 Configuring VLANs This ch apter des cribes how to configu re the supp orte d four nor mal-r ange VLANs (VLAN I Ds 1 to 1 005) on your Ca talyst 2940 s wit ch. Th is cha pter incl udes in forma ti on ab out V LAN mode s and t he V LA N Membership Polic y Serv er (VMPS) . [...]

  • Page 232

    13-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Underst a n ding VLAN s Figure 13-1 shows an exam ple of V L ANs segmented into l ogica lly defined n etwor ks. Figur e 13-1 VLANs as Logically Defined Netw ork s VLANs are of ten assoc iated with IP su bnetw orks. F or ex ample, all the end sta tions [...]

  • Page 233

    13-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Unde rst an din g VLA Ns VLAN Port M embership M odes Y ou c onfigure a por t to belo ng to a VLA N by assigni ng a memb ership mo de that dete rmines th e kind o f traf fic the port c arries and t he number of V LANs to which i t can belon g. T able 13[...]

  • Page 234

    13-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing Normal- R ang e VLAN s Configuring Normal -Range VLANs Normal- range VL A Ns are VL ANs with VLA N I Ds 1 to 1005 . If the sw it ch is in VT P server or transpare nt mod e, y ou ca n a dd, modi fy or r e move configurat ions for VL ANs 2 t[...]

  • Page 235

    13-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Config uri ng Norm a l-R an ge VLAN s • Creatin g or Modify ing an Eth erne t VLAN, page 13-7 • Delet ing a VLAN , page 13-9 • Assigning Static -Ac cess Port s to a V LA N, pag e 13- 10 Token Rin g VLANs Although the sw itch does not suppo rt T o [...]

  • Page 236

    13-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing Normal- R ang e VLAN s VLAN Configuration in config- vlan Mode T o access co nfig-v lan mode , enter the vlan gl obal co nfigurati on co mman d with a VLA N ID. Enter a new VLAN ID to cr eate a VLAN or with an e xist ing VLAN ID to modif y[...]

  • Page 237

    13-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Config uri ng Norm a l-R an ge VLAN s Default Ethernet VLAN Configuration T ab le 13-2 shows the def ault conf iguration for Ethe rnet VLANs. Note The switch suppo rts Ethe rnet interf aces exc lusi v ely . Be cause FDDI and T oken Ri ng VLANs are not l[...]

  • Page 238

    13-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing Normal- R ang e VLAN s T o return the VLAN name to the defa ult settings, use th e no vlan name , no vlan mtu , or no remote span config-vl an co mman ds. This e xample sho ws ho w to use co nf ig-vla n mode to creat e Ethe rnet VLAN 20, n[...]

  • Page 239

    13-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Config uri ng Norm a l-R an ge VLAN s Note Y o u ca nnot configu re an RSP A N V LAN in VL AN databa se configura tion m od e. T o return the VLAN n ame to the def ault setti ngs, use the no vlan vlan-id name or no vlan vlan-id mtu VLAN conf iguration c[...]

  • Page 240

    13-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing Normal- R ang e VLAN s Assigning S tatic-Ac cess Ports to a VLAN Y ou can assi gn a s tati c-ac cess port to a VLAN wi tho ut having VT P gl obal ly p rop agat e V LAN configurati on info rmation by disabling VTP (V TP transp aren t mode)[...]

  • Page 241

    13-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Displaying VL ANs Displaying VLANs Use th e sho w vl an p ri vile ged EXE C command to disp lay a list of all VLANs on th e switch. The di splay include s V LAN st atus, p orts, and c onfigura tion i nf orma tio n. T o view norma l-ra ng e VLA Ns i n t[...]

  • Page 242

    13-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing VLAN Trunk s Figure 13-2 shows a network of swit ches that are conn ected by 802.1Q trunks. Figur e 13-2 Catal yst 2940, 2900 XL, and 3 500 XL S witche s in a 802 .1Q T r unking En viro nment Y ou ca n co nfigure a t runk o n a singl e E [...]

  • Page 243

    13-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s 802.1Q Configuration Considerations 802.1 Q trunks impos e these lim itations on t he trunkin g strategy for a net work: • In a network of Cisco swi tches con necte d throug h 802.1 Q trunks, t he switche s maint ain one[...]

  • Page 244

    13-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing VLAN Trunk s Configuring a n Ethern et Interface as a Trunk P ort Because t runk po rts send a nd receive VTP advertisem ents, t o use VTP y ou must en sure th at at lea st one trunk p ort is c onfigured on th e s witc h and t hat th i s [...]

  • Page 245

    13-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s T o return an interfac e to its default conf iguration, use the defaul t interface interface-id interface configurat ion com mand. T o reset a ll t runki ng char ac ter istic s of a trunk ing i nte rface t o the defaul ts,[...]

  • Page 246

    13-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing VLAN Trunk s Defining the Allowed VLANs on a Trunk By default, a trunk port sends traf fic to and recei ves traf fic from all VL ANs. All VLAN IDs, 1 to 1005, are al lo wed on each t runk. Ho we ver , you can remo ve VLANs f rom the allo [...]

  • Page 247

    13-17 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s This e x ample sho ws how to remo ve VLAN 2 fr om the al lo wed VLAN list: Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport trunk allowed vlan remove 2 Switch(config-if)# end Switch# Changing the Pru[...]

  • Page 248

    13-18 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing VLAN Trunk s Beginning i n privileged EX EC mo de, foll ow these s teps to c onfigure th e nat iv e VL AN on an 8 02. 1Q trunk: T o return to the defau lt nati ve VL AN, VLAN 1, use the no switchport trunk nativ e vlan in te r fac e confi[...]

  • Page 249

    13-19 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Config uri n g VL AN Tr unk s In thi s way , Trunk 1 c arri es tr affic for VLA Ns 8 thr oug h 10 , a nd T runk 2 car rie s tra ffic for VLA Ns 3 through 6. If the a cti ve tru nk fails, the trunk with the lo wer priority tak es ov er and carries t he [...]

  • Page 250

    13-20 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configur ing VLAN Trunk s Load Sharing Using STP Path C ost Y ou ca n configure para llel trunks t o share VLAN traff ic by setting different pa th costs on a trunk an d associ ating the path costs with dif feren t sets of VLA Ns. The VLANs keep t he [...]

  • Page 251

    13-21 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Configuring VMPS Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure th e netw o r k sho wn in Figure 13 -4 : Configuring VMPS The swi tch c annot be a VMPS s erver b ut can act as a clien t to th e VMPS an d com municate w ith it th[...]

  • Page 252

    13-22 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configuring VMPS • “Mon itori ng t he V MPS” sect ion on pa ge 13-28 • “Troubleshoot ing Dynami c Port VLAN Me mber ship” section on pa ge 13-29 • “VMPS Co nf igu rati on Exam ple ” sec tion on page 13-29 Understand ing VMP S When th[...]

  • Page 253

    13-23 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Configuring VMPS If the link goes do wn on a d ynamic port, the por t returns to an isolated state and does not be long to a VLAN. An y h osts that com e online through the port are chec ked again through t he VQP with the VMPS before the p ort is a ss[...]

  • Page 254

    13-24 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configuring VMPS ! address <addr> vlan-name <vlan_name> ! address 0012.2233.4455 vlan-name hardware address 0000.6509.a080 vlan-name hardware address aabb.ccdd.eeff vlan-name Green address 1223.5678.9abc vlan-name ExecStaff address fedc.ba[...]

  • Page 255

    13-25 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Configuring VMPS VMPS Configuration Guidelines These gui deline s and restric tions appl y to dynamic a ccess port VL AN mem bership: • Y ou shou ld c onfigure the VM PS b efore you c onfigure po rt s as dyn am ic. • The co mm unic ation be tw een [...]

  • Page 256

    13-26 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configuring VMPS Note Th e swi tch por t that is c onn ect ed t o the VMPS se rver ca nno t be a dy na mic a cce ss po rt. It ca n be e it her a stat ic ac cess po rt or a tr unk por t . See th e “Conf iguri ng an Ethe rnet Interf ace as a T runk Po[...]

  • Page 257

    13-27 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Configuring VMPS T o return an interfac e to its default conf iguration, use the defaul t interface interface-id interface configurati on comm and. T o return an interfac e to its default switchpor t mode (dyn amic de sirable) , use the no switchpor t [...]

  • Page 258

    13-28 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configuring VMPS Changing the Retry Count Beginn ing in pri vileg ed EXEC mode, follo w these steps to change the number of times tha t the switch attempt s to conta ct the VMPS before q uerying t he nex t serv er: T o return the switch to it s def au[...]

  • Page 259

    13-29 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 13 Configuring VLA Ns Configuring VMPS This i s a n exam ple of out put for th e show v mps privileged EXE C c om mand : Switch# show vmps VQP Client Status: -------------------- VMPS VQP Version: 1 Reconfirm Interval: 60 min Server Retry Count: 3 VMPS domain server: 172.20[...]

  • Page 260

    13-30 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 13 Configuring VLANs Configuring VMPS Figur e 13-5 Dynami c P or t VLAN Membe rship Conf iguration Primar y VMPS Ser ver 1 Secondar y VMPS Ser ver 2 Secondar y VMPS Ser ver 3 172.20.26.150 172.20.26.151 T r unk por t Catalyst 5000 series 172.20.26.152 Ethernet segment (T [...]

  • Page 261

    C HAPTER 14-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 14 Configuring VTP This c hapt er d escri b es how to us e t he V LAN Trunking Pr otoc ol ( VTP) a nd t he V LAN dat aba se for managing VLANs on you r Catalyst 2940 switch. Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to [...]

  • Page 262

    14-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 14 Configuring VTP Underst an ding VTP The VTP Do main A VTP do ma in ( also c alle d a VLA N ma nage ment domai n ) con sis ts of o ne sw itch or several interconn ected swit ches under th e same a dministrati ve responsibili ty sharing the same VTP d omain name. A swi tc[...]

  • Page 263

    14-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 14 Configuring VTP Understanding VTP VTP Mode s Y ou ca n configure a supp orted switc h to be in one of the VTP mod es listed in Ta b l e 1 4 - 1 . When the netwo rk is configured with the maximum four VLANs, the switch automatica lly changes from VTP serve r or client mode[...]

  • Page 264

    14-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 14 Configuring VTP Underst an ding VTP • MD5 diges t VLAN co nf igurat ion, in clud ing max imum tr ansmi ssion unit (M TU) si ze fo r each VLAN. • Frame fo rmat VTP adv ertis ements distrib ute this VLAN in formation for each conf igured VL AN: • VLAN IDs • VLAN n[...]

  • Page 265

    14-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 14 Configuring VTP Understanding VTP Figure 14-1 shows a switche d network w ithout VTP pr unin g en able d. Port 1 on Swi tch 1 and Port 2 on Switch 4 are assi gned to the Red VLAN. If a broa dcast is sent fro m the ho st connect ed to Switch 1, Switch 1 f lood s the broa d[...]

  • Page 266

    14-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 14 Configuring VTP Conf igu rin g VTP VTP pruning is not designed to func tion in VTP transparent mode . If one or more switches in the netwo rk are in VTP transparen t mode, yo u should do on e of thes e: • T urn off VTP prun ing in the en tire network . • T urn off V[...]

  • Page 267

    14-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 14 Configuring VTP Configuring VTP VTP Configuration Options Y ou ca n configure VTP by using th ese configurat ion mode s. • VTP Configura tion i n G loba l Co nfigurati on M ode, pa ge 1 4-7 • VTP Configurat ion in VLA N Configuratio n Mod e, p ag e 14- 7 Y ou ac cess [...]

  • Page 268

    14-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 14 Configuring VTP Conf igu rin g VTP VTP Configuration Guidelines These sec tions descr ibe guid elines you should fol low when implem entin g VTP in your ne twork. Domain Names When co nfiguring VTP f or the first tim e, y ou mu st always a ssign a do main n am e. Y ou m[...]

  • Page 269

    14-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 14 Configuring VTP Configuring VTP • Do not enable VTP v ersion 2 on a switch unless all of the switches in the same VTP domain are version-2-ca pable . When y ou ena ble versio n 2 on a switch, all of the version-2-ca pable switches in the domain en able ver sion 2. If th[...]

  • Page 270

    14-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 14 Configuring VTP Conf igu rin g VTP Switch(config)# vtp domain eng_group Switch(config)# vtp password mypassword Switch(config)# end Y ou ca n also use VLA N configuration mode to configure VTP paramet ers. Beginning in privileged EXEC mode, foll ow these steps to use V[...]

  • Page 271

    14-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 14 Configuring VTP Configuring VTP Beginn ing in p ri vilege d EXEC m ode, follo w these step s to conf igur e the swi tch as a VTP clien t: Use the no vtp mode glob al configurat ion com mand to re turn the swi tch to VT P server mode. T o retu rn the swi tch to a no-pa ss[...]

  • Page 272

    14-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 14 Configuring VTP Conf igu rin g VTP T o return the switch to VTP serve r mode, use the no vtp mode globa l c onfigurati on c om mand. Note Y ou ca n also configure V TP transpare nt mode by using the vlan d ata base privileged EXEC c omman d to ente r VLAN c onfiguratio[...]

  • Page 273

    14-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 14 Configuring VTP Configuring VTP Note Y o u can also e nable VTP version 2 by using t he vlan database priv ilege d EXEC c ommand to enter VLAN conf iguration mode and en tering the vtp v2-mode VLAN configurat ion comm and. T o disabl e VTP version 2, use the no vtp v2-mo[...]

  • Page 274

    14-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 14 Configuring VTP Conf igu rin g VTP Beginning i n privileged EX EC mode , foll ow these s te ps t o ver ify an d rese t th e VTP co nfigurat ion revision number on a switch befor e adding it to a VTP domain: Y ou can also change the VTP domain name b y enterin g the vla[...]

  • Page 275

    14-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 14 Configuring VTP Monito rin g VTP Monitoring VTP Y ou mon itor V TP by di sp layin g VT P configu ratio n in for matio n: t he dom ain na me, the cur rent VT P revision, and the n umb er of VL AN s. Y o u c an a lso di spla y sta ti stics ab out th e ad vertis emen ts se [...]

  • Page 276

    14-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 14 Configuring VTP Monito rin g VTP[...]

  • Page 277

    C HAPTER 15-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 15 Configuring Voic e VLAN This cha pter describ es how to configure the voice VLAN feat ure on yo ur Catalyst 294 0 swit ch. V oice VLAN is referr ed to as an auxi liary VLAN in the Catalyst 6 000 f amily switch d ocumentatio n. Note For comple te syntax and us age inform [...]

  • Page 278

    15-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 15 Configuring Voice VLAN Configuring Voic e VL AN Figure 15-1 shows one way to connect a Ci sco 7 960 IP Phone. Figur e 15-1 Cisco 7960 IP Phone Conne ct ed t o a Sw itch When the IP Phone conne cts to the switch, the access p ort (PC-to- telep hone jack) of the IP phone [...]

  • Page 279

    15-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 15 Configuring Voice VLA N Configuring Voice VLAN Voice V LAN Con figuration Guide lines These a re the v oice VLAN conf iguration guidel ines: • Y ou shou ld configu re voice VLA N on swi tch a cce ss port s. • The Port Fas t featu re is au tomatical ly en abled whe n v[...]

  • Page 280

    15-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 15 Configuring Voice VLAN Configuring Voic e VL AN Configuring Ports to Carr y Voice Traffic in 802.1Q Frames Beginn ing in pri vileg ed EXEC mode, follo w these steps to conf igure a port to carry v oice traf fic in 802.1 Q fram es for a speci fic VLAN: T o r e m ove vo i[...]

  • Page 281

    15-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 15 Configuring Voice VLA N Configuring Voice VLAN Overriding the CoS Pr iority of Incoming Data Frame s Y ou c an con nect a PC o r othe r data d evice to a Cisco 7960 IP Phon e por t. The PC c an genera te pa c kets with an assigned CoS valu e. Y ou can confi gure the switc[...]

  • Page 282

    15-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 15 Configuring Voice VLAN Displa ying Vo ice VLA N T o return the port to its defa ult setting, use the no swit chport priority extend interface co nfiguration comm an d o r th e switchport priorit y extend cos 0 inter face configurat ion comm and. Displaying Voice VLAN T [...]

  • Page 283

    C HAPTER 16-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 16 Configuring IGMP Sno oping an d MVR This cha pter d escribes h ow to configure In ternet Gr oup Ma nageme nt Prot ocol (IGM P) snoop ing on your Catalyst 29 40 switch, in cluding an applicat ion of l ocal IGMP sn ooping, Mu lticast VLAN Registr ation (MVR). It also inclu[...]

  • Page 284

    16-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Underst an ding IGM P Snoopin g the switc h adds the host p ort numb er to the for wardin g table en try; when it recei ves an IGMP Lea ve Group message from a host, it remo ves the host port from the table entry . It also periodically [...]

  • Page 285

    16-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping An IGMPv 3 sw itc h ca n r ece ive messages f rom a nd forwa rd me ssage s to a device ru nning the So urce Specif ic Multica st (SSM) featu r e. F or more in format ion, refer to the “C onf iguri ng IP Mul[...]

  • Page 286

    16-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Underst an ding IGM P Snoopin g Note that the switc h hardware can distin guish IGMP information pack ets f rom other packets for the multicas t group. • The fir st entry in the table tells the switching engine to send IGMP pack ets t[...]

  • Page 287

    16-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping When ho sts want to lea ve a multic ast group, they can eith er silently lea ve, or the y can se nd a leav e message . When th e switc h receives a leave message f rom a h ost, it se nds out a M A C-b ased ge[...]

  • Page 288

    16-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Configuring IG MP Sn ooping The default learning method is IP mu lticast- source -only lea rning. Y ou can di sable IP multic ast- sour ce-o nly lea rnin g by u sin g the no ip igmp snooping source- only-lear ning global configurati on [...]

  • Page 289

    16-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Enabling or Disa bling IGM P Sn oopin g By default, IGM P snoopin g is globall y enab led on the swit ch. When glob ally en abled or disabled, i t is also enabled or disa bled in all existin g VLAN interfa ces.[...]

  • Page 290

    16-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Configuring IG MP Sn ooping listens to only CG M P self-jo in and CGMP prox y-jo in pac kets and no other CG MP packe ts. T o learn of multicast rout er po rt s th rou gh onl y PIM-DVMRP pac kets, use the ip igmp snooping vlan vlan-id m[...]

  • Page 291

    16-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Beginn ing in pri vilege d EXEC mode, follo w th ese steps to enable a static connection to a multicast router : T o remo ve a multicas t router port from the VLAN , use the no ip igmp snooping vlan vlan-id mr [...]

  • Page 292

    16-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Configuring IG MP Sn ooping This e xample sho ws how to statically conf ig ure a host on an interfa ce and verif y the conf iguration: Switch# configure terminal Switch(config)# ip igmp snooping vlan 1 static 0100.5e00.0203 interface g[...]

  • Page 293

    16-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Beginning in privileged EXEC mo de, foll ow these steps to disab le IGM P report suppr ession : T o r e -ena ble IG MP rep ort supp re ssion, us e the ip igmp snooping report-suppre ssion globa l configurati o[...]

  • Page 294

    16-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Displaying IG MP Sn ooping Informa tion Current configuration : 1972 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch ! enable password m[...]

  • Page 295

    16-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information T o d i splay IGM P snoo ping i nfo rmat ion , u se on e or mo re o f th e privileged E XEC c omm an ds in T ab le 16-4 . For more information abo ut the ke ywords and options in these commands, r e[...]

  • Page 296

    16-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Underst an ding Mu lticas t VLA N Registrat ion Understandin g Multicast VL AN Registrati on Multica st VLA N R egistrat ion (M VR) is desi gned f or ap pli cati ons usi ng wi de-sc ale d ep loymen t of multica st traf f ic acros s an [...]

  • Page 297

    16-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Underst anding Multicast VLAN Registration as a forwar ding destinatio n of the specifi ed multicast strea m when it is recei ved from the multicast VLAN. Upli nk port s that sen d and r ecei ve multicast data to and from the multic as[...]

  • Page 298

    16-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Conf igu rin g MVR MVR elimin ates the need to duplicate tele vision-c h annel multi cast traf fic for subscribers in e ach VLAN. Multicast traf fic for all channels is only sent ar ound the VLAN trunk once —only on the multicast VLA[...]

  • Page 299

    16-17 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Configuring MVR MVR Configuration Guidelines and Limitations Foll ow these gui delines when conf iguring MV R: • Receiver ports cann ot b e t runk p ort s. Re ceiver port s on a sw it ch c an be in d i fferent VL AN s, but should not[...]

  • Page 300

    16-18 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Conf igu rin g MVR T o return the switch to its defa ult sett ings, use th e no mvr [ mode | group ip-a ddress | querytime | vlan ] global configurati on comm ands. This e xample sho ws how to enable MVR, conf igure the MVR group addre[...]

  • Page 301

    16-19 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Configuring MVR T o return the interfa ce to its default setti ngs, use the no mvr [ ty pe | immediate | vl an vlan -id | gro up ] interf ace conf iguration com mands. This exam ple sh ows how to co nfigure Gigabi t E ther ne t po rt 0[...]

  • Page 302

    16-20 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Disp l ay in g MV R Info rma t ion This is an example of output fro m the show mvr interface privileged EXEC com mand whe n the member keyword is inc lud ed : Switch# show mvr interface fastethernet0/2 members 224.0.1.1 DYNAMIC ACTIVE [...]

  • Page 303

    16-21 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling This is an example of output fro m the show mvr interface pri vile ged EXEC command for a specif ied interf ace: Switch# show mvr interface fastethernet0/2 224.0.1.1 DYNAMIC ACTIVE This is an e[...]

  • Page 304

    16-22 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Con figur ing IGM P Fil ter in g an d Thr o tt li ng These se ctions describ e ho w to conf igure IGMP f iltering and th rottling: • Defa ult IGMP Filtering and Th rottling Conf igurat ion, page 16-22 • Configuring I GMP Profiles, [...]

  • Page 305

    16-23 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling Beginn ing in pri vilege d EXEC mode, follo w th ese steps to create an IGMP prof ile: T o delete a prof ile, us e the no ip ig mp pro f ile pr ofile number glob al co nfiguration co mman d. T [...]

  • Page 306

    16-24 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Con figur ing IGM P Fil ter in g an d Thr o tt li ng Beginn ing in pri vilege d EXEC mode, follo w th ese steps to apply an IGMP prof ile to a switch port: T o remo ve a p rof ile fro m an interf ace, use the no ip igmp f ilter pr of i[...]

  • Page 307

    16-25 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling Setting th e Maximum Numbe r of IGMP Groups Y ou c an set the maxim um num ber of IG MP gro ups that a Layer 2 inter face can jo in by using the ip igmp max-groups interf ace con fig uration co[...]

  • Page 308

    16-26 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Con figur ing IGM P Fil ter in g an d Thr o tt li ng – If you c onf igur e the thrott ling act ion as de ny , the entries t hat we re pr e viously i n th e forw ardin g tabl e are n ot rem ov ed b ut are aged out. After t hese e ntri[...]

  • Page 309

    16-27 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 16 Configuring IGMP Sno oping and M VR Displaying IGMP Filtering and Throttling Configuration Displaying IGMP Filtering and Throttling Configuration Y ou c an displa y IGMP p rofile charac teris tics, and you c an displa y the IGM P profile and maximu m grou p conf iguratio[...]

  • Page 310

    16-28 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 16 Configuring IGMP Snooping and MVR Displaying IGMP Filterin g and Thro tt ling Co nfigurat ion[...]

  • Page 311

    C HAPTER 17-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 17 Configuring Port-Base d Traffic Control This chap ter de scribe s ho w to conf igure the port-b ased tr af fic co ntrol fe atures on your Catalyst 2940 switch. Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to th e comman[...]

  • Page 312

    17-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Stor m Control Storm contro l use s one o f these metho ds to m easure t raf f ic acti vity: • Bandwidth ba sed • T raff ic rate at which pack ets are recei ved ( in pack ets per secon d) (a vai lable on ly on no [...]

  • Page 313

    17-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 17 Configuring Port -B ased Tra ffic Control Configuring Storm Control The outp ut f rom t he show storm-c ontrol privileged EXE C com ma nd shows the u ppe r, lo wer, and curren t thresho lds as a perc ent age of the tota l bandwi dth or the pa ckets per sec ond, de pending[...]

  • Page 314

    17-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Protected Po rts Configuring Prote cted Ports Some appl ications re quire tha t no traff ic be forward ed betw een ports on the same swi tch so that one neighb or does not see the traffi c gener ated by anothe r neigh[...]

  • Page 315

    17-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 17 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Switch# show interfaces gigabitethernet0/1 switchport Name: Gi0/1 Switchport: Enabled <output truncated> Protected: True Unknown unicast blocked: disabled Unknown multicast blocked: disabled Confi[...]

  • Page 316

    17-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Port Security The stick y secure MA C addresses do not autom atically become par t of the conf iguratio n f ile, which is the startu p co nf iguration used each time the switch r estarts. If you sa ve the stick y sec [...]

  • Page 317

    17-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 17 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Default Port Security Configuration T ab le 17-2 shows the def ault port security conf iguration for an interface. Port Security Configuration Guidelines Foll ow these gui delines when co nfig uring por[...]

  • Page 318

    17-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Port Security T o return the in terfac e to the default conditi on as not a secure p ort, use the no switchport port -security interf ace co nf igurati on com mand. If you enter this comman d when sticky learnin g is [...]

  • Page 319

    17-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 17 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty T o disa ble st icky learni ng on an in terfa ce, use the no switchport port-security mac-addr ess sticky interf ace conf iguratio n command. The inter face con ver ts the sticky secure MA C addresses t[...]

  • Page 320

    17-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 17 Configuring Port-Based Traffic Co ntro l Configuring Port Security 1 0003.fd62.1d45 SecureConfigured Fa0/5 - 1 0003.fd62.21d3 SecureSticky Fa0/5 - 1 0005.7428.1a45 SecureSticky Fa0/8 - 1 0005.7428.1a46 SecureSticky Fa0/8 - 1 0006.1218.2436 SecureSticky Fa0/8 - --------[...]

  • Page 321

    17-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 17 Configuring Port -B ased Tra ffic Control Confi guring Port Securi ty Beginn ing in pri vilege d EXEC mode, follo w th ese steps to conf igure port security aging: T o di sable port se curity agin g for all secur e addresse s on a port, use the no switchport port-securit[...]

  • Page 322

    17-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 17 Configuring Port-Based Traffic Co ntro l Displaying Port-Base d Traffic Cont rol Settings Displaying Port-Based Traffic Control Settings The show i nterfa ces i nterface-id switchport privileged EXEC c om mand disp lays (a mong ot her characteri stics) the interf ace t[...]

  • Page 323

    C HAPTER 18-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 18 Configuring UDLD This c hapt er d escri b es how to c onfigure the Un iDi rec tiona l Li n k De tect ion (UD LD) pr otoc ol o n y our Catalyst 294 0 switch. Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to th e command r[...]

  • Page 324

    18-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 18 Configuring UDLD Underst andin g U DLD A unidirectio nal link occurs when ev er traf f ic sent by a local de vice is re cei ved b y its neighbor b ut traf fic from the neighb or is not recei ved by the loca l devic e. In norm al mode, UDL D detects a unid irectio nal li[...]

  • Page 325

    18-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 18 Configuring UD LD Understand ing UDLD • Ev ent-dr iv en detection an d echoin g UDLD re lies on echo ing as its detec tion m echanism . Whene ver a U DLD d ev ice lear ns ab out a n ew neighb or or receives a resynchro nizati on request from an out-of-sy nc neighb or , [...]

  • Page 326

    18-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 18 Configuring UDLD Conf igu ring U DLD Configuring UDLD This se cti on de scri bes how to c onfigure UD LD o n your sw it ch. It con tai ns t his c on figurati on inform ation: • Default UD LD Configurati on, page 18-4 • Configuration Gu idelines, page 18-4 • Ena bl[...]

  • Page 327

    18-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 18 Configuring UD LD Configur ing UDLD Enabling UDL D Globally Beginn ing in pri vilege d EXEC mode, follo w th ese steps to enable UDLD in the aggressiv e or n ormal mode and to set the conf igurable message timer on all f iber -optic interf aces on the switch: T o d i sab [...]

  • Page 328

    18-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 18 Configuring UDLD Conf igu ring U DLD T o disa ble UD LD on a non-fiber-optic int erface, use the no udld port interfa ce configu ration command. Note O n fi b e r- o p ti c i n t e r f a c e s , t h e no udld port command rev erts the int erface conf iguration to the ud[...]

  • Page 329

    18-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 18 Configuring UD LD Displaying UDLD Status Displaying UDLD Status T o displa y the U DLD st atus for the specif ied interf ace o r for all inter faces , use the show udld [ interface-id ] pri vileged EX EC comm and. For detailed in formation ab out the f ields i n the comma[...]

  • Page 330

    18-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 18 Configuring UDLD Displa ying U DLD Statu s[...]

  • Page 331

    C HAPTER 19-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 19 Configuring CDP This c hapter de scribe s how to co nfigure Cisco Discovery Pro tocol (C DP) o n your Catalys t 2940 s wit ch. Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to th e command refere nce for this releas e an[...]

  • Page 332

    19-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 19 Co nfigu ri n g CDP Conf igu rin g CD P Configuring CDP These sec tions inclu de CDP con figuration info rmation a nd procedu res: • Default CDP Configurat ion, pa ge 19-2 • Conf iguring the CD P Characteri stics, page 19-2 • Dis ablin g an d Ena bli ng CDP , pag[...]

  • Page 333

    19-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 19 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings. This e xample sho ws how to confi gure and v erify CDP character istics. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdtime 120 Switch[...]

  • Page 334

    19-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 19 Co nfigu ri n g CDP Conf igu rin g CD P This example shows how to enable CDP if it has been di sabled . Switch# configure terminal Switch(config)# cdp run Switch(config)# end Disabling an d Enab ling CDP on a n Interfac e CDP is enabled by def ault on all supported int[...]

  • Page 335

    19-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 19 Configuring CDP Monitoring and Maintaining CDP Monitoring and Maintaining CDP T o m on itor a nd m ainta in CDP on yo ur device, p erfor m one o r mor e of t hese ta sks, begi nnin g in privileged EXEC mo de . This i s a n exam ple of the o utput from t he show cdp pri vi[...]

  • Page 336

    19-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapte r 19 Co nfigu ri n g CDP Monito rin g and Mai nt aining CDP[...]

  • Page 337

    C HAPTER 20-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 20 Configuring SPAN This c ha pter d esc ribes how to c onfigure Swi t ched Po rt Anal yz er ( S P AN) on your Catalyst 2940 s wit ch . Note For comple te syntax and us age inform ation for the co mmands used in this chapter , refer to th e command refere nce fo r thi s r e[...]

  • Page 338

    20-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 20 Configuring SP AN Underst an ding SPAN Figur e 20-1 Example SP AN Configur ation Only traffic that ent ers or le aves source port s c an be mon i tore d by us ing SP A N. SP AN does not af f ec t the s witc hing o f netw ork tr af fi c o n so ur ce po r t s; a c op y of[...]

  • Page 339

    20-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 20 Configuring SPAN Understa nding SPAN Traffic Types SP AN sessions include these traff ic types: • Recei ve (Rx) SP AN—The goal of re cei ve (o r ingress ) SP AN is to monitor as much as pos sible all the pa ck ets recei v ed by the s our ce int erfac e. A c op y of e [...]

  • Page 340

    20-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 20 Configuring SP AN Underst an ding SPAN • It canno t be a source por t or a reflec tor port. • It canno t be an Ether Channel group or a V LAN. • It can be a physica l port tha t is ass igned t o an Eth erChanne l group, even if the Ethe rCh anne l group has been s[...]

  • Page 341

    20-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 20 Configuring SPAN Understa nding SPAN • Ether Channel —Y o u can configure an Ether Channel group as a sou rce port but not as a SP A N destinat ion po rt. Wh en a g rou p is co nfigured a s a SP AN sour ce , t he e nti re g ro up is mo ni tore d. If a po rt is added t[...]

  • Page 342

    20-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 20 Configuring SP AN Configuring SPAN Configuring SPAN This sec tion d escribes h ow to configure SP AN o n your switch. It conta ins this c onfiguration inform ation: • SP AN Co nfigura tion Guidelines, page 20-6 • Creating a SP AN Session an d Sp eci fyin g Port s to[...]

  • Page 343

    20-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 20 Configuring SPAN Configuring SPAN This example shows how to set up a SP AN session, s ession 1, for moni toring sour ce port tra ff ic to a destinati on port . Fi rst, any existing SP A N c on figuration for session 1 is clea red, a nd t hen bidi rect ion al traffic is mi[...]

  • Page 344

    20-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 20 Configuring SP AN Configuring SPAN Creating a SPAN Session and Enabling Ingress Traffic Beginn ing in pri vileged EXEC mode, follo w these steps to create a SP AN session, to specify the source and destinatio n ports, and to enable ingress traf f ic on the destination p[...]

  • Page 345

    20-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 20 Configuring SPAN Configuring SPAN This exam ple sh ows how to configure th e dest inati on port for i ng ress t raffic on VLAN 5 by u si ng a secu rity de vice that support s 802.1Q encapsulati on. Switch(config)# monitor session 1 destination interface Fa 0/5 encapsulati[...]

  • Page 346

    20-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 20 Configuring SP AN Displaying SPAN Status This exam pl e sh ows how to di sabl e rece ived traffic monitor in g on por t 1, w hic h was co nfigured fo r bidirec tional mo nitorin g: Switch(config)# no monitor session 1 source interface fastEthernet0/1 rx The mo nitoring[...]

  • Page 347

    C HAPTER 21-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 21 Configuring RMON This c hapt er d escri bes how to c onfigure Re mo te N etwork Mo nito ring ( RMON ) on yo ur Cat alyst 2940 switch. RMON is a sta ndard monitor ing specif icatio n that def ines a set of statistic s and func tions that can be exchange d betwe en RMO N-c[...]

  • Page 348

    21-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 21 Configuring RMON Conf igu ring R MON Figur e 21 -1 Remot e Monit or ing Example The switc h supports t hese RM ON groups (defined in RFC 1757) : • Statistics (RMON gro up 1)—Collec ts Eth erne t, F a st Etherne t, and Gig abit Ethernet st atisti cs on an interf ace.[...]

  • Page 349

    21-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 21 Configuring RMON Confi guring RMON Default RMON Configuration RMON is disa bled by default ; no alarms or events are configured . Only RMON 1 is supp orted on the switch. Configuring R MON Alarms a nd Events Y ou ca n co nfigure you r s wi tc h for RM ON by usin g t he co[...]

  • Page 350

    21-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 21 Configuring RMON Conf igu ring R MON T o disable an alarm, use the no rm on al arm number global c o n figuration c omma nd on ea ch ala rm you configured . Y o u c anno t di sabl e at once a ll t he a la rms tha t yo u c onfigure d. T o disa ble a n event, use th e no [...]

  • Page 351

    21-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 21 Configuring RMON Confi guring RMON Configuring RMON Collection on an Interface Y ou must first c onfigure RM ON a lar ms an d events to displ ay co llec tio n inf orma tio n. Beginning i n privileged EX EC mode , follow th ese s teps t o col le ct gro up hi stor y sta tis[...]

  • Page 352

    21-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 21 Configuring RMON Displa ying RM ON Sta tus T o disa ble t he coll ection of grou p Ethe rnet statistic s, us e the no rmon collection stats inde x i nterf ace configurati on comm a nd. Displaying RMON Status T o di splay the RMO N status, use one or mo re of the privile[...]

  • Page 353

    C HAPTER 22-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 22 Configuring System Message Logg ing This c hapter d escrib es how to c onfigure sy stem messa ge l oggi ng on yo ur Cat alys t 294 0 switc h. Note For comp lete syntax a nd usage i nformation f or the commands u sed in th is chapter , refer to the Ci sco IOS Configuratio[...]

  • Page 354

    22-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 22 Configur ing System Me ssage Logging Configur ing System Mes sage Logg ing Configuring Sy stem Me ssage Logging These sec ti ons de scr ibe how to c on figure s ystem m es sag e loggi n g: • System Log Me ssage Format, page 22-2 • Default Syste m Message Logg ing Co[...]

  • Page 355

    22-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging This example shows a partial switch system message : 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 00:00:47: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to [...]

  • Page 356

    22-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 22 Configur ing System Me ssage Logging Configur ing System Mes sage Logg ing Disabling an d Enab ling Me ssage Lo gging Message logging is enab led by de fault. It must be enabled to send messages to any destination othe r than the conso le. Wh en ena ble d, l og me ssage[...]

  • Page 357

    22-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging The logging buffered globa l configur ation comm and c opies l ogging messa ges to a n inte rnal buffer . The buf fer is c irc ula r, so newer message s overwrite o lder m ess ages af ter the buffe[...]

  • Page 358

    22-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 22 Configur ing System Me ssage Logging Configur ing System Mes sage Logg ing is retu rned. Ther efore , unsolici ted messag es and deb ug command output ar e not inter sperse d with solicited d e vice outp ut and pr ompts. After the unsolic ited messages app ear , the con[...]

  • Page 359

    22-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging Enabling a nd Disab ling Time S tamps on Log M essages By default, log message s are not time-stam ped. Beginn ing in pri vilege d EXEC mode, follo w these steps to enable tim estamping of log mess[...]

  • Page 360

    22-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 22 Configur ing System Me ssage Logging Configur ing System Mes sage Logg ing This example shows part of a logging displa y with sequenc e numbe rs enabled : 000019: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) Defining the Message Severity Level Y ou ca[...]

  • Page 361

    22-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging The sof tware ge ner ates fou r o ther c a tegories of m essage s: • Error mes sag es about softwa re or hardwa re malfunc tions tha t appea r at lev els warnings through emerge ncie s . These me[...]

  • Page 362

    22-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 22 Configur ing System Me ssage Logging Configur ing System Mes sage Logg ing When the histor y table is full (i t contains th e maximum num ber of messa ge entries s pecified with the log gi ng his t ory s i ze glob al conf iguration command), the olde st message entr y [...]

  • Page 363

    22-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 22 Configuring Sys te m Message L ogging Config uring Syst em Message Logging Configuring the UNIX System Logging Facility When sending system log messa ges to an external device, you can cause the swit ch to identif y its messages as originating f rom any of the UN IX sysl[...]

  • Page 364

    22-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 22 Configur ing System Me ssage Logging Display ing the Log gi ng Configur ation Displaying the Log ging Configuration T o di splay the lo gging c onfiguration and th e con tents o f the log buf fer , use the show logging pri vile ge d EXEC co mmand. F or info rmation abo[...]

  • Page 365

    C HAPTER 23-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 23 Configuring SNMP This chapt er describ es ho w to configure the Sim ple Network Mana gement Prot ocol (SNM P) on your Catalyst 2940 swi tch. Note For comp lete syntax and usag e informa tion for th e comman ds used i n this c hapter , refer to th e switch command referen[...]

  • Page 366

    23-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 23 Configuring SNMP Underst an ding SNM P • Using SNMP to Access MIB V ariables, page 23-4 • SNMP Notif ications, page 23-4 SNMP Versio ns This sof tware rel ease su ppor ts t hese SNM P version s: • SNMPv1—Th e Simple Ne twork Man agem ent Pr otoc ol, a Full Int e[...]

  • Page 367

    23-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 23 Configuring SNM P Underst anding SN MP Y ou must configure the SN MP agent to use the SNMP version supp orted by the mana gement s tation. Because an ag ent can commu nicate with multip le managers, y ou can conf igure the software to supp ort com munica tio ns with one m[...]

  • Page 368

    23-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 23 Configuring SNMP Underst an ding SNM P A com mun ity st ring c an h ave one of t hese at tribute s: • Read-only (R O)—Gi ves read ac cess to authorized managem ent stations to all objects in the MIB except th e co mmuni ty stri ngs, but doe s not al low write ac ces[...]

  • Page 369

    23-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 23 Configuring SNM P Configuring SNMP T raps are un rel iable bec ause t he r ece iver does no t send an ackn owledgment wh en it rece ives a trap , and the send er canno t determine if the trap wa s recei ved. When an SNMP manage r recei ves an infor m request, i t acknowle[...]

  • Page 370

    23-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 23 Configuring SNMP Conf igu rin g SNMP SNMP Configuration Guidelines An SNMP gr oup is a tab le th at maps SNMP users to SNM P views. An SNMP use r is a member of an SNMP group. An SNMP host is th e recipient of an SNMP trap operati on. An SNMP engine ID is a name for th [...]

  • Page 371

    23-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 23 Configuring SNM P Configuring SNMP Disabling the SNMP Agent Beginn ing in pr iv ileged EXEC mode, f ollo w these steps to disable the SNMP agent: The no snmp-server global con figuration com mand disabl es all ru nning version s (version 1, version 2C, and v ersion 3) on [...]

  • Page 372

    23-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 23 Configuring SNMP Conf igu rin g SNMP Note T o dis able a ccess for an SNMP c ommunity , set th e comm unity string for that com munity to the null string (do not enter a value for th e communi ty string ). T o remov e a specific communit y string, use the no snmp -serve[...]

  • Page 373

    23-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 23 Configuring SNM P Configuring SNMP Beginn ing in pri vileg ed EXEC mode, follo w these steps to confi gure SNMP on the switch: Command Purpo se Step 1 c onfigure te rmina l Enter global co nfiguration mo de. Step 2 s nmp- server eng ineID { lo ca l engine id-stri ng | rem[...]

  • Page 374

    23-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 23 Configuring SNMP Conf igu rin g SNMP Configuring SNMP Notifications A trap manag er is a mana geme nt statio n that recei ves and process es traps. T raps are sy stem aler ts that the switc h gener ates whe n cert ain events occu r . By default, no trap manage r is de [...]

  • Page 375

    23-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 23 Configuring SNM P Configuring SNMP Some noti fication type s can not be c ontr olled wi th the sn mp-se rver ena ble globa l configurati on comm an d, for exampl e, tty a nd udp-port . Thes e no ti f ication types ar e al w ays en abled . Y ou can use the snmp-ser ver ho[...]

  • Page 376

    23-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 23 Configuring SNMP Conf igu rin g SNMP The snmp-serv er host co mmand s pecif ies which ho sts rec eiv e the notif ications. T he snmp-server enab le trap command global ly enables the me chanism f or the speci f ied notif ication (fo r traps and informs ). T o enable a [...]

  • Page 377

    23-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 23 Configuring SNM P Configuring SNMP Setting th e Agent C ontact and Location In formation Beginn ing in pri vilege d EXEC mode, follo w these step s to set the system contact and locatio n of the SNMP agen t so that these de scripti ons can be accesse d through the config[...]

  • Page 378

    23-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 23 Configuring SNMP Conf igu rin g SNMP SNMP Examp les This example shows ho w to enable all versions of SN MP . Th e configurat ion perm its any SNMP manager to access all objects with read-only permissions using the co mmunity string public . This configurati on does no[...]

  • Page 379

    23-15 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 23 Configuring SNM P Disp la yin g S N M P S t at us Displaying SNMP Status T o di spla y SNM P input and o ut put sta tisti cs, i ncl udin g the num ber of illegal co mm unit y strin g en tri es, errors, a nd re que ste d variable s, use t he show snmp privileged EX EC com[...]

  • Page 380

    23-16 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 23 Configuring SNMP Displaying SNM P Status[...]

  • Page 381

    C HAPTER 24-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 24 Configuring QoS This chapte r describes ho w to config ure quality of service (QoS) by using stan dard QoS commands. W ith QoS, you can giv e pre fer entia l treatm ent to cer tain types of traffic at the expe nse of other s. W it hout QoS, the Ca talyst 2940 switch offe[...]

  • Page 382

    24-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt e r 24 Conf igur ing Q o S Underst andin g Q oS Figur e 24-1 QoS Clas sification La yers in Fr ames and P ack ets All switche s and routers that a ccess the Inter net rely on the cl ass information to gi ve the sam e forward ing treatme nt to pack ets with the sam e class in[...]

  • Page 383

    24-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 24 Configuring Qo S Configur ing Qo S Eac h port on t he sw itch has a singl e r ece iv e que ue buffer (the ingre ss port) for incomi ng traffi c. When an untagged frame arr iv es, it is assigned the v alue of the port as its port def ault priority . Y ou assign this val ue[...]

  • Page 384

    24-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt e r 24 Conf igur ing Q o S Conf igu rin g QoS • By default, the port trust state is not configured. • All traffi c is sent thr ough one egress queue . Configuring Classification Using Port Trust States This se ction de scri bes how to cla ssify inc omi ng t raffic by usi[...]

  • Page 385

    24-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 24 Configuring Qo S Configur ing Qo S Beginn ing in pr iv ileged EXEC mode, follo w thes e steps to confi gure the port to tr ust the classif ication of the traf fic that it re cei ves : After you enter the mls qos trust cos co mmand, th e DSCP v alues ar e changed ac cordin[...]

  • Page 386

    24-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt e r 24 Conf igur ing Q o S Conf igu rin g QoS Configuring the CoS Val ue for an Interface QoS assigns the CoS v al ue specif ied with the mls qos cos interfac e conf igu ration c ommand to unta gged frames re ceived on trusted and untrust ed port s. Beginn ing in pri vilege [...]

  • Page 387

    24-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 24 Configuring Qo S Configur ing Qo S Ho we ver , if a u ser b ypasses the t elephone an d connect s the PC d irectly to the switc h, the CoS la bels generated by t he PC are trusted by the switch ( because o f the tr usted CoS setting) an d can allo w misuse of high- priori[...]

  • Page 388

    24-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt e r 24 Conf igur ing Q o S Conf igu rin g QoS Enabling Pass-Through Mode When the sw itch is i n pass-th rough mode , it use s the CoS value of in coming packets wi thout mo difying the DSCP value and sends the packets from one of the four egress queues. By default, pass-t h[...]

  • Page 389

    24-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 24 Configuring Qo S Configur ing Qo S Configuring CoS Pri ority Queues Beginn ing in pri vilege d EXEC mode, follo w these steps to conf igure the CoS priority queu es: T o disable the new CoS settings and return to default settin gs, use the no wrr - queue cos-map gl obal c[...]

  • Page 390

    24-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapt e r 24 Conf igur ing Q o S Displa ying QoS Infor mation Displaying QoS Information T o di splay QoS in format ion, us e one or mo re of the privileged EX EC comm ands in Ta b l e 2 4 - 3 : T able 24-3 Comman ds f or Displa y ing QoS Inf or mation Command Purpose show wrr -q[...]

  • Page 391

    C HAPTER 25-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 25 Configuring EtherChannels This c hapt er d escri bes how to c onfigure E ther Cha nnel on t he L ayer 2 interfac es of a C ata lyst 2940 switch. E the rChann el provide s fau lt-tol eran t high -sp eed links b etw een swit ches, rout ers, and servers. Y ou ca n use it to[...]

  • Page 392

    25-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 25 Config uring Et herChan nels Underst an ding Et her Channel s Figur e 25-1 T ypical EtherChanne l Configur ation Each Et h erCha nne l ca n co ns is t of up to eigh t com pa tib ly configur ed Ethe rn et i nte rface s. A ll in te rface s in ea ch E ther Cha nn el must b[...]

  • Page 393

    25-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 25 Configuring Eth erCh annels Understa nding Et herChann els Figur e 25-2 Relation ship of Ph ysical P orts, Lo gical P ort Cha nnels, and Channel Gr oups When a port joins an Ethe rChanne l, the physic al inter face for that port is shut down. When the port leav es the por[...]

  • Page 394

    25-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 25 Config uring Et herChan nels Underst an ding Et her Channel s Exchanging P AgP Packets Both the auto and desirable P A gP modes allo w interf aces to n egotia te with partner inter faces to determ ine if they can form a n Et herCh annel ba sed o n crite ria su ch as int[...]

  • Page 395

    25-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 25 Configuring Eth erCh annels Understa nding Et herChann els Exchanging LA CP Packets Both the acti v e and passive LA CP modes allo w interface s to negotiate wit h partner interfac es to determ ine if they can form a n Et herCh annel b ased o n crite ria su ch as interf a[...]

  • Page 396

    25-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 25 Config uring Et herChan nels Underst an ding Et her Channel s P AgP sends an d receives P AgP PDU s only from interface s that have P AgP en abled for the auto or desirabl e mode. LA CP sen ds and rec eiv es LACP PDUs only from interface s that h av e LA CP ena bled fo [...]

  • Page 397

    25-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 25 Configuring Eth erCh annels Config uring Et herCh annels Figur e 25-3 Load Distr ibution a nd F orwa rding Me thods Configuring Eth erChannels These sec tions descr ibe how to configure Ethe rChanne l interfac es: • Default Eth erCha nnel Configurat ion, pa ge 25-8 • [...]

  • Page 398

    25-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 25 Config uring Et herChan nels Configur ing Eth erChann els Default EtherCh annel Configura tion T ab le 25-2 shows the de fault E the rCh annel co nfigur ation . EtherChann el Configuratio n Guidelin es If improperly co nf igured, some EtherCh annel interf aces are autom[...]

  • Page 399

    25-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 25 Configuring Eth erCh annels Config uring Et herCh annels desirable mode. When c onf igur ing an in terfa ce for LA CP , if the allo wed range of VLANs is not the same, t he interf aces do n ot form an E therChannel e ven when LA CP is set to the active or passive mode •[...]

  • Page 400

    25-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 25 Config uring Et herChan nels Configur ing Eth erChann els Step 3 channel-gr oup channel-group- number mode {{ auto [ non-silent ] | desirab le [ non-silent ] | on } | { active | passive }} Assign the i nterface to a c hannel grou p, and speci fy the P A gP or LA CP mod[...]

  • Page 401

    25-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 25 Configuring Eth erCh annels Config uring Et herCh annels T o re move an interfac e from the Eth erCha nnel gro up, use t he no channel-group interfa ce configurat ion comm and. If you del ete th e Ethe rCha nnel by u sing the no interface port-channel global configura ti[...]

  • Page 402

    25-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 25 Config uring Et herChan nels Configur ing Eth erChann els T o return E therChannel load bala ncing to the def ault conf iguration, use the no port-channel load-balanc e global con figurati on comm and. Configuring the PAgP Learn Method and Priority Network devices are [...]

  • Page 403

    25-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 25 Configuring Eth erCh annels Config uring Et herCh annels Configuring Hot Standby Ports When enabled , LA CP tries to config ure the maximum number of LA CP-compatible ports i n a channel, up to a m ax imu m of 1 6 po r ts . O nly e i gh t L A CP link s ca n be act i v e [...]

  • Page 404

    25-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 25 Config uring Et herChan nels Displaying Eth erChannel, PA gP, and LACP Status Beginn ing in pri vilege d EXEC mode, follo w these steps to conf ig ure the LA CP system priority: Displaying EtherCh annel, PAgP, a nd LACP Status Y ou ca n use the privileged EXEC comma nd[...]

  • Page 405

    C HAPTER 26-1 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 26 Troubleshooting This ch apter descr ibes how to iden tify a nd resol ve Catalyst 2940 sof tware prob lems related t o the Cisco IOS software . Depend ing on the nature of the problem, you can use th e comm and-li ne interfa ce (CLI) or the Cluster Manage ment Suite (CMS)[...]

  • Page 406

    26-2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 26 Trouble shooting Using Re covery Procedu res Recovering from Corru pted Softw are Switch software can be cor ru pted du ring an up grade , by downloadin g the wr ong file to the swi tch, and by d eleting the im age f ile. In all o f these case s, the switch d oes not pa[...]

  • Page 407

    26-3 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 26 Troublesho oti ng Using Reco very Pr ocedures Step 4 Press th e Mode button, and at the same time, reconnect the po wer cord to the switch. Y ou can r elease th e Mod e b utton a seco nd or two after the LED above port 1X turns off. Sev eral lines of informatio n about th[...]

  • Page 408

    26-4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 26 Trouble shooting Using Re covery Procedu res Press Return in response to the confirmation pr ompts. The co nf iguration file is no w reloaded, and yo u can us e the follo wing norma l comman ds to chang e the password. Step 14 En ter glob al configurat ion mode : switch[...]

  • Page 409

    26-5 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 26 Troublesho oti ng Using Reco very Pr ocedures Replacing a Failed Command Switch with a Cluster Member T o replac e a f ailed co mmand switch with a comm and-c apable mem ber in the same cluste r , follo w these steps: Step 1 Disconnect the command switch fr om the member [...]

  • Page 410

    26-6 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 26 Trouble shooting Using Re covery Procedu res If this pro mpt does not app ear , enter enable , and press Return . Enter se tup , and press Re turn to start the set up pro gra m. Step 11 Respond to the questions in the setup program. When prom pted for t he host n ame, r[...]

  • Page 411

    26-7 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 26 Troublesho oti ng Using Reco very Pr ocedures Basic management setup configures only enough connectivity for management of the system, extended setup will ask you to configure each interface on the system Would you like to enter basic management setup? [yes/no]: Step 6 En[...]

  • Page 412

    26-8 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 26 Trouble shooting Preventing Autone gotiati on M ismatche s Preventing Autone gotiation Mismatc hes The IEE E 802.3A B auto negotiation proto col mana ges the sw itch sett ings for speed (10 Mbps, 100 Mbps, and 1 000 Mbps excludin g GBIC ports) and dup lex (hal f or ful [...]

  • Page 413

    26-9 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 26 Troublesho oti ng Diagnosing Connectivit y Problems Executing Ping If you attem pt to pi ng a host in a d ifferent IP subne twork, you m ust define a st atic route to the network. Beginning in privileged EXEC mode , use this co mman d to ping a nother device on the netwo [...]

  • Page 414

    26-10 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 26 Trouble shooting Diagno sing Connec tivity Prob lems Using La yer 2 Tr ac erou te This section describes this information: • Understa ndin g L aye r 2 Traceroute, page 26 -10 • Usag e Guide lines , pag e 26-10 • Display ing the Physica l Path, page 26-1 1 Underst[...]

  • Page 415

    26-11 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 26 Troublesho oti ng Using Debug C ommands • The trac erout e m a c i p c omma nd outp ut sh ows the La yer 2 p ath whe n th e specified so urc e a nd destinati on IP addr es ses b elon g to t he sa me sub ne t. Wh en you s pe cify the IP addr esse s, th e s witc h uses A[...]

  • Page 416

    26-12 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 26 Trouble shooting Using D ebug Command s Enabling Debugging on a Specific Feature All deb ug comman ds are en tered in pr i vile ged EXEC mode, an d most deb ug co mman ds take no arguments. For exa mple , beginni ng i n privileged E X EC mo de , en ter thi s c om mand [...]

  • Page 417

    26-13 Catalyst 2940 Switch Software Configuration Guide 78-15507-02 Chapter 26 Troublesho oti ng Usin g th e cr a shi n fo Fi le Note Be aware that the debuggin g destin ation yo u use affects system overhead. Lo gging messages to the console produces very high ov erhea d, where as logging me ssages to a vir tual termi nal produ ces less overhead. [...]

  • Page 418

    26-14 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Chapter 26 Trouble shooting Using t he c rashinfo File[...]

  • Page 419

    A- 1 Catalyst 2940 Switch S oftware Configur ation Gui de 78-15507-02 APPEND IX A Supported MIBs This app endix lists the supporte d manage ment info rmation ba se (MIBs) for this rel ease. I t contains the se sections: • MIB List, pa ge A-1 • Usin g F TP to Acce ss th e MIB File s, pa ge A-3 MIB List • BRIDGE-MIB (R FC149 3) • CISCO-290 0-[...]

  • Page 420

    A- 2 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Appendi x A Suppor ted MIBs MIB Li st • CISCO-SMI • CISCO-ST A CKMAKER-MIB • CISCO-STP-EXTENSIONS-MIB • CISCO-SYSLOG-MI B • CISCO-TC • CISCO-TCP-MIB • CISCO-VL AN-MEMB ERSHIP-M IB • CISCO-VTP-MIB • ENTI TY -MIB • IANAifT ype-M IB • IF-M IB (RFC 1573) • OLD-[...]

  • Page 421

    A-3 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Append ix A Supported M IBs Using FTP to Access the MIB Files Using FTP to Access the MIB Files Y ou ca n obt ai n ea ch MIB file by u sing th is pr oced ure : Step 1 Use FTP to acc ess the serv er ftp .cisco .com . Step 2 Log in with the username anonymous . Step 3 En ter yo ur e-[...]

  • Page 422

    A- 4 Catalyst 2940 Swi tch Software Configu ration Guide 78-15507-02 Appendi x A Suppor ted MIBs Using FTP t o Acces s the MIB Fi le s[...]

  • Page 423

    IN-1 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 INDEX Numerics 802.1 D See STP 802.1 Q and trunk ports 9-2 config urati on limitat ions 13-13 nati ve VL AN fo r un tagge d tr affic 13-17 802.1 X See port -based auth entication A abbrev iati ng comm ands 2-4 AC (c omma nd swi tch) 5-9, 5-20 access con trol list See ACL access-de[...]

  • Page 424

    Index IN-2 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 ARP table address resolution 6-26 managing 6-26 attribute s, RADIUS vendor-p ropri etary 7-29 vendor-s peci fic 7-28 aut hent ica tio n local mo de with AAA 7-31 NTP associations 6-4 RADIUS key 7-20 login 7-22 TACACS+ defined 7-10 key 7-12 login 7-13 See also por t-based au t[...]

  • Page 425

    Inde x IN-3 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 C cables , monit oring for uni direct ional links 18-1 candidate switch adding 5-16 automatic d iscovery 5-3 defined 5-3 HC 5-20 passwords 5-18 requir ements 5-3 standby gr oup 5-19 See also comm and swit ch, clust er standby grou p, and member sw itch cautions xx CC (comma[...]

  • Page 426

    Index IN-4 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 planning c onsid er atio ns automatic d iscovery 5-3 automatic r ecovery 5-8 CLI 5-21 host names 5-12 IP addresses 5-12 LRE pro files 5-15 manageme nt VLAN 5-14 passwords 5-12 RADIUS 5-13 SNMP 5-13, 5-22 swit ch-spec ifi c feature s 5-15 TACACS+ 5-13 redunda ncy 5-19 troubles[...]

  • Page 427

    Inde x IN-5 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 design co ncepts network pe rforman ce 1-7 network se rvices 1-7 large ca mpus 1-10 small to medium-size d network 1-8 config urati on files limiti ng TFTP serv er access 23-13 obtaining w ith DHCP 4-7 system contact an d location informat ion 23-13 VMPS database 13-23 conf[...]

  • Page 428

    Index IN-6 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 Devi ce Mana ger 3-13 See also Swi tch Manager DHCP-b ased autoc onfig urati on client re quest m essage ex change 4-4 config uring client side 4-3 DNS 4-6 relay de vic e 4-6 serv er-sid e 4-4 TFTP se rv er 4-5 exam ple 4-8 lease opti ons for IP address infor matio n 4-4 for [...]

  • Page 429

    Inde x IN-7 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 PAgP aggreg ate-port lea rners 25-5 compatibilit y with Catalyst 1900 25-12 displaying sta tus 25-14 interactio n with other featur es 25-5 learn method an d priority confi guration 25-12 modes 25-3 overvi ew 25-3 silent mode 25-4 support fo r 1-2 port-chan nel interfa ces [...]

  • Page 430

    Index IN-8 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 HP OpenView 1-6 HSRP automatic cluster recovery 5-11 cluste r st andby g rou p c ons ider a tions 5-9 See also clu sters , cluster st andby group, an d standby comm an d sw it ch I ICMP ping exec uting 26-9 overvi ew 26-8 IDS, using with SPAN 20-2 IEEE 8 02. 1P 15-1 IGMP join[...]

  • Page 431

    Inde x IN-9 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 Intrusion De tection System See IDS inventor y, c lus ter 5-21 IP addresses candi dat e o r me mb er 5-3, 5-12 clust er access 5-2 comm an d sw it ch 5-2, 5-9, 5-12 discoveri ng 6-26 manageme nt VLAN 5-14 redunda nt c luste rs 5-9 standby comm a nd sw itch 5-9, 5-12 See als[...]

  • Page 432

    Index IN- 10 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 lear ning 6-21 removi ng 6-23 static adding 6-25 char acte rist ics of 6-25 removi ng 6-25 MAC address mult icast entrie s, monitoring 16-13 MAC addr ess-to-VL AN mapp ing 13-22 macro s See S martPort macr os manageme nt options benefit s clus te ring 1-6 CMS 1-6 CLI 2-1 ov[...]

  • Page 433

    Inde x IN- 11 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 interoper ability and compat ibility among modes 11-9 loop gu ar d describe d 12-9 enab lin g 12-15 Port Fast describe d 12-1 enab lin g 12-10 preven ting root switch selec tion 12-8 root gu ar d describe d 12-8 enab lin g 12-14 shutdown Po rt Fast-ena bled port 12-2 mult[...]

  • Page 434

    Index IN- 12 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 P PAgP See E ther Chann el pass-throug h mode 24-8 passwords default conf igur ati on 7-2 encr ypting 7-4 in clusters 5-12, 5-18 overvi ew 7-1 recove ry of 26-2 setting enab le 7-3 enab le sec ret 7-4 Telne t 7-5 with user names 7-6 VTP domain 14-8 path cost STP 11-16 PC (p[...]

  • Page 435

    Inde x IN- 13 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 ports acces s 9-2 dynami c access 13-3 priority 24-2 protec ted 17-4 secure 17-5 static-access 13- 3, 13-10 switch 9-1 trunks 13-11 VLAN assignments 13-10 port security agi ng 17-10 config uring 17-7 default conf igur ati on 17-7 describe d 17-5 displaying 17-12 sticky l [...]

  • Page 436

    Index IN- 14 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 queries , IGMP 16-3 R RADIUS attributes vendor-p ropri etary 7-29 vendor-s peci fic 7-28 config uring accoun ting 7-27 authenti cation 7-22 author izat ion 7-26 communi cation , global 7-20, 7-28 comm unication , per-se rver 7-19, 7-20 multiple UDP por ts 7-20 default conf [...]

  • Page 437

    Inde x IN- 15 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 root gu ar d describe d 12-8 enab lin g 12-14 support fo r 1-3 root switch STP 11-12 RSPAN default conf igur ati on 20-5 destinati on port s 20-3 displaying sta tus 20-10 interactio n with other featur es 20-4 monitore d ports 20-3 monit oring po rts 20-3 overvi ew 20-1 r[...]

  • Page 438

    Index IN- 16 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 system contact and lo cation 23-13 trap m ana ger , conf ig uring 23-11 traps describe d 23-3, 23-4 differ ence s from infor ms 23-5 enab lin g 23-10 enabling MAC address notif ication 6-23 overvi ew 23-1, 23-4 types of 23-10 users 23-8 version s su ppo rted 23-2 snooping ,[...]

  • Page 439

    Inde x IN- 17 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 BPDU filtering describe d 12-3 enab lin g 12-11 BPDU guard describe d 12-2 enab lin g 12-11 BPDU mes sage ex change 11-2 config urati on guidelin es 11-11, 12-10 config uring forwar d-dela y time 11-19 hello time 11-18 maximu m aging tim e 11-19 path cost 11-16 port prior[...]

  • Page 440

    Index IN- 18 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 summ er t ime 6-13 Sun Net Mana ger 1-6 switch cl usterin g tech nology See clu sters, switc h switch ed ports 9-1 Switch Mana ger 3-13 See al so Devi ce Man ager swit chpor t prot ected command 17-4 switch p riority STP 11-17 syslog See system me ssage loggin g system cloc[...]

  • Page 441

    Inde x IN- 19 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 TFTP config uration fi les in base dire ctory 4-5 config uri ng for au t oconf ig urat ion 4-5 limiti ng acc ess by server s 23-13 time See NTP and s ystem cloc k time stamps in log messages 22-7 time z ones 6-12 Token R in g VLAN s support fo r 13-5 VTP support 14-4 Topo[...]

  • Page 442

    Index IN- 20 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 UplinkFast describe d 12-3 enab lin g 12-12 support fo r 1-3 user EXE C mode 2-2 usern ame-base d authentic ation 7-6 V version -depend ent transpa rent mode 14-4 virtual IP add re ss cluster st andby g roup 5-9, 5-20 comm an d sw it ch 5-9, 5-20 See also IP addresses vlan.[...]

  • Page 443

    Inde x IN- 21 Catalyst 2940 Switch S oftware Configur ation Guide 78-15507-02 reconf irmation i nterval , changi ng 13-27 reconfi rmi ng m embe rship 13-27 retry co unt, changi ng 13-28 voice VL AN Cisco 7 960 ph one , port con nec ti ons 15-1 config urati on guidelin es 15-3 config uring I P ph one s for da ta tra ffi c override Co S of inco mi ng[...]

  • Page 444

    Index IN- 22 Catalyst 2940 Switch Sof tware Configuration Guide 78-15507-02 WRR config uring 24-9 defining 24-3 descript ion 24-3 X XMOD EM pr otoc ol 26-2[...]