SMC Networks TigerSwitch 100 manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation SMC Networks TigerSwitch 100. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel SMC Networks TigerSwitch 100 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation SMC Networks TigerSwitch 100 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation SMC Networks TigerSwitch 100 devrait contenir:
- informations sur les caractéristiques techniques du dispositif SMC Networks TigerSwitch 100
- nom du fabricant et année de fabrication SMC Networks TigerSwitch 100
- instructions d'utilisation, de réglage et d’entretien de l'équipement SMC Networks TigerSwitch 100
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage SMC Networks TigerSwitch 100 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles SMC Networks TigerSwitch 100 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service SMC Networks en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées SMC Networks TigerSwitch 100, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif SMC Networks TigerSwitch 100, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation SMC Networks TigerSwitch 100. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    T igerSwitch 10/100/1000 Gigabit Ether net Switch ◆ 24 auto-M DI/MDI-X 10/10 0/1000B ASE -T ports ◆ 4 ports shared with 4 SFP transcei ver s lots ◆ Non-blocking switching architecture ◆ Support for a redundant po wer unit ◆ Spanning T ree Protocol ◆ Up to six LA CP or static 4-port trunks ◆ Layer 2/3/4 C oS support through four priori[...]

  • Page 2

    [...]

  • Page 3

    38 T esla Irvine, CA 9261 8 Phone: (9 49) 679-80 00 T igerSwitch 10/100/1000 Manag ement Guide From SM C’ s T iger line of feature-r ich work group LAN solutions February 2003 Pub. # 15 020001 6900A[...]

  • Page 4

    Infor mation fur nished by SMC Networks, Inc . (SMC) is believed to be accurate and reliable. Ho wever , no re sponsibili ty is assumed by SMC for its use, nor f or any in fringe ments of p atents or other r ights of third par ties which may result from its use. No license is g ranted by implicatio n or oth- erwise under any pa tent or p atent r ig[...]

  • Page 5

    v L IMITED W ARRANTY Limited W ar ranty Statement: SM C Networks, Inc. (“SMC ”) warra nts its p roducts to be free from defects in wor kmanship and materials , under normal use and service, for the applicable warranty term . All SMC products carry a standard 90-day limited warranty from the date of purc hase from SMC or its Authorized R eseller[...]

  • Page 6

    L IMIT ED W AR RANTY vi LIABILITY IN C ONNECTION WITH THE SALE, I NSTALLA TION, MAINTENANCE OR USE OF ITS P RODUCTS . SMC SHALL NOT BE LIABLE UNDER THIS W ARR ANTY IF ITS TESTING AND EXAMINATION DISCLOSE THE ALLEGED DEFECT IN THE PR ODUCT DOES NOT EXIST OR W AS CA USED BY CUSTOMER’S OR ANY THIRD PERSON’S MISUSE , NEGLECT , IMPROP ER INSTALLA TI[...]

  • Page 7

    vii C ONTENTS 1 Switch Management . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Connecting to the Switc h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Configurat ion Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Required Co nnections . . . . . . . . . . . . . . . . . . . .[...]

  • Page 8

    C ONTENTS viii Displaying C onnectio n Status . . . . . . . . . . . . . . . . . . . . . . . . . . 2-32 Configuri ng Interface C onnections . . . . . . . . . . . . . . . . . . . . . . 2-34 Setting Br oadcast Storm Th resholds . . . . . . . . . . . . . . . . . . . . . 2-36 Configuri ng Port Mirror ing . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 9

    C ONTENTS ix SNMP IP Filt ering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-97 Multicast Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-99 Configuri ng IGMP Paramete rs . . . . . . . . . . . . . . . . . . . . . . . . 2-100 Interface s Attached t o a Multicast Route r . . . . . .[...]

  • Page 10

    C ONTENTS x delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-21 dir . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22 whichb oot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23 boot sys tem . . . . . . . [...]

  • Page 11

    C ONTENTS xi show rad ius-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-55 tacacs-se rver host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-56 tacacs-se rver port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-56 tacacs-se rver key . . . . . . . . . . . . . . .[...]

  • Page 12

    C ONTENTS xii capabilit ies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-89 flowcont rol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-90 shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-91 switchpor t broadcast . . . . . .[...]

  • Page 13

    C ONTENTS xiii switchpor t ingress-filter ing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-127 switchpor t native vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-128 switchpor t allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-129 switchpor t forbidden vlan . . . . . . . . . . . . . . . [...]

  • Page 14

    C ONTENTS xiv Mirror Port C ommands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-163 port moni tor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-163 show por t monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-164 Port Trunking C ommands . . . . . . . . . . .[...]

  • Page 15

    1-1 C HAPTER 1 S WITCH M ANAGEMENT Connect ing to the Switc h Configuration Opt ions The Tig erSwitch 10/100/1000 includes a built-in netw ork managem ent age nt. T he ag ent offers a variety of ma nageme nt opt ions, includ ing SNM P , RMON and a W eb-based inte rface. A PC may also b e connected dir ectly to the switch for configuration and moni [...]

  • Page 16

    S WITCH M ANAG EMENT 1-2 The switch’ s CLI conf iguration pro g ram, W eb interf ace, and S NMP agent allow you to perf or m the following manage ment func tions: • Set user na mes and pas swords for up to 16 users • Set an IP in terfa ce fo r a manage men t VLAN • Con figu re SN MP pa rame ters • Enable /disable any port • Set th e spe[...]

  • Page 17

    C ONNECTING TO THE S WITCH 1-3 Required Connections The switch provides an RS-232 serial port that enables a connection to a PC or te r minal f or moni toring and conf igurin g the s witc h. A n ull- modem console cable is prov ided with th e switch. Attach a VT100-compatible ter minal, or a PC r unning a ter minal emu lation p rogram to t he swi t[...]

  • Page 18

    S WITCH M ANAG EMENT 1-4 4. Once y ou hav e set up the terminal correctly , the conso le login screen will be displayed. Note: Refer to “Line Commands” on page 3-73 for a complete desc riptio n of cons ole co nfigurati on opti ons. F or a descr iption of ho w to use t he CLI, se e “Usi ng the Co mmand Line Interface” on page 3-1. F o r a li[...]

  • Page 19

    B ASIC C ONFIGURATION 1-5 Basic Configuration Console Connection The CLI program pro v id es tw o different comm and lev els — no r mal access level (Nor mal Exec) and privileged access level (Privileged Exec). The commands av ailable at the Normal Ex ec lev el are a l imited subs et of those available at the Pri vileg ed Exec lev el and allow y [...]

  • Page 20

    S WITCH M ANAG EMENT 1-6 P assw ords can c onsist of up to eight alphan umeric characters an d are case sensitive. T o p revent unauth orized a ccess to th e switch, set th e passwords as follows: 1. Open th e consol e interface with the default user name a nd pass wo rd “admin” to access th e Pri vileged Exe c level. 2. T ype “co nfigure” [...]

  • Page 21

    B ASIC C ONFIGURATION 1-7 Note: Only one VLA N interf ace can be assigne d an IP add ress (t he default is VLAN 1). This d efines the ma nagement VL AN, the only VLAN through w hich yo u can gai n mana geme nt acces s to th e switch. If you assign an IP addre ss to any other V LAN, the new IP address overrid es the o riginal IP addr ess and this be[...]

  • Page 22

    S WITCH M ANAG EMENT 1-8 4. T o set the IP a ddre ss of th e defa ult gatew ay for the net wo rk to whic h the switch belongs, type “ip de fault-g ateway gatewa y , ” where “gatewa y” is the IP addr ess of t he defaul t gatewa y . Press < Enter>. Dynamic Configuration If you select the “boot p” or “dhcp” option , IP will be en[...]

  • Page 23

    B ASIC C ONFIGURATION 1-9 3. T ype “exit ” to retur n to the glo bal config uration mode. Press <Ente r>. 4. T ype “ip dhcp restart” to begin br oadcasti ng service request s . Press <Ente r>. 5. W ait a few min utes , and then c hec k the I P config uration setting s , b y typi ng the “s how ip inte rface” command. Press &l[...]

  • Page 24

    S WITCH M ANAG EMENT 1-10 Community Strings Comm unity st rings are used to control m anagement ac cess to SNMP stations , as well as to authorize SNMP stat ions to recei ve t rap messages from t he switc h. Y ou therefo re nee d to assi gn comm unity s trings to speci fied users o r user gr oups, and set the ac cess l evel. Th e defau lt str ings [...]

  • Page 25

    B ASIC C ONFIGURATION 1-11 Trap Receivers Y ou ca n also specify SNMP stations that are to re ceiv e traps from t he switch. T o configure a tr ap recei v er, co mplete the follo wing s teps: 1. Fr om the Privil eged Ex ec lev el global co nfigura tion mode prompt, type “s nmp-ser ver ho st host-address community- string , ” where “host-ad dr[...]

  • Page 26

    S WITCH M ANAG EMENT 1-12 Managing System Files Th e switch’ s fl ash memor y sup ports three types of system file s that can be managed by the CLI prog ram, W eb interface, or SNMP . Th e switch’ s file syste m allow s files t o be up loaded and downlo aded, co pied, dele ted, an d set as a start-up file . Th e thre e types of files a re: • [...]

  • Page 27

    S YSTEM D EFAULTS 1-13 In the s ystem flash memory , one file of e ach type must b e set as the start-up file. Durin g a system boot, the diag nostic and operat ion code files set as the start-up file are r un, and then the start-up configurat ion file is loaded. System Defaults The swit c h’ s system defaults are provided in the config uration f[...]

  • Page 28

    S WITCH M ANAG EMENT 1-14 Security Privileged Exec Level Username “ admin” Password “admin” Normal Exec Level Username “guest” Password “guest” Enable Privilege d Exec from Normal Exec Level Password “super” Authentication local Console Port Connection Baud Rate 9600 Data bits 8 Stop bits 1 Parity none Local Console Timeou t 0 ([...]

  • Page 29

    S YSTEM D EFAULTS 1-15 Virtual LANs Default VLAN 1 PVID 1 Acceptable Frame Type All Ingress Filterin g Disabled GVRP (global ) Disabled GVRP (port interface) Disabled Class of Service Ingress Port Priority 0 Wei ghte d Ro und Ro bin C las s 0: 16 Class 1: 64 Class 2: 128 Class 3: 240 IP Precede nce Priority Disabled IP DSCP Priority Disabled Multic[...]

  • Page 30

    S WITCH M ANAG EMENT 1-16[...]

  • Page 31

    2-1 C HAPTER 2 C ONFIGU RING THE S WITCH Using the We b Interface This sw itch provides an embedded HTTP W eb agent. Usin g a W eb bro wser y ou can confi gure the s witch an d view stati stics to monitor netw ork ac tivity . T he W eb agent can be accessed by an y computer on the network us ing a standa rd W eb browser ( Inter net Expl orer 5 .0 o[...]

  • Page 32

    C ONFIGURING THE S WI TCH 2-2 Notes: 1. Yo u are allow ed three attempts to enter the correct p assword; on th e third fail ed atte mpt the curr ent connectio n is terminate d. 2. If you log in to the Web interface as guest (Normal Exec le vel), you can view pag e informat ion but only chan ge the gue st password. If you log in as “admin” (Priv[...]

  • Page 33

    N AVIGATIN G THE W EB B RO W S E R I NTE RFA CE 2-3 The Main Men u links are used to navigate to ot her menus , and displa y config uration p aramete rs and st atist ics. Configuration Opt ions Configur able parameters ha ve a di alog bo x or a drop-do wn lis t. Once a config uration cha nge has be en made on a pag e, be sure to click on the “ Ap[...]

  • Page 34

    C ONFIGURING THE S WI TCH 2-4 Notes: 1. To ensur e prope r scre en ref resh, be sure that I nternet Explor er 5.x is configured as follow s: Under the men u “Tools / Internet Options / Gen eral / Temporary Internet Files / Settings,” the setting f or item “Chec k for newe r versio ns of st ored pag es” should be “Every visit to the pa ge.[...]

  • Page 35

    M AIN M ENU 2-5 Main Menu Using the on board W eb agent, you ca n defin e system para meters , manage and control the switch, and all its por ts, or monitor network condition s . The following table briefly des cribes the selec tions av ailable from this prog ram . Menu Des cription Page System System In formation Provides basic syst em description[...]

  • Page 36

    C ONFIGURING THE S WI TCH 2-6 Port Security Action Configure s the port i ntrusion act ion globally for the switch 2-4 0 Port Security Status Enables po rt security on specified ports 2-40 Address Table Static Add resses Displa ys entries for interfac e, address or VLAN 2 -41 Dynamic Address es Displays or edits static entries in the Address Table [...]

  • Page 37

    M AIN M ENU 2-7 Priority Default Port Priority Sets the default priority for each port 2 -77 Default Trunk P riority Sets the default priority for each trunk 2-77 Traffic Class Maps IE EE 802.1p priority tags to output queues 2-7 8 Queue Scheduling Configure s Weighted Round Robin queueing 2 -81 IP Precedence/D SCP Priority Status Globally sele cts[...]

  • Page 38

    C ONFIGURING THE S WI TCH 2-8 Basic Configuration Displaying System I nformation Y ou ca n easily identify the sys tem b y provi ding a d escripti v e name, location an d contact info r mation. Command Att ributes • Sy stem Name – Nam e assign ed to the s witch s ystem. • Object ID – MI B II object I D for switc h’s networ k managemen t s[...]

  • Page 39

    B ASIC C ONFIGURATION 2-9 • Web secure server port * – Shows the TCP port number used b y the HTTPS server. • POST result * – Shows resu lts of the po wer-on se lf-test * CLI Only We b – Click Sy stem, Sy stem I nfor ma tion. S pecify t he sy stem n ame, location , and cont act infor mation fo r th e syst em admi nistrato r, then c lick A[...]

  • Page 40

    C ONFIGURING THE S WI TCH 2-10 CLI – Specify the h ostname, location and contact infor m ation. Setting the IP A ddress An IP address m ay be used fo r managemen t access to the switc h ov er your netw ork. By default, the switc h uses DHCP to ass ign IP settings to VLAN 1 on the swit c h. If you wish to manually configure IP sett ings , you need[...]

  • Page 41

    B ASIC C ONFIGURATION 2-11 • Management VLAN – This is the only VLAN through w hich you can gain m anageme nt acces s to the swi tch. B y default , all ports on the switch are members of VL AN 1, so a management station can be connec ted to a ny port on the sw itch. H owever, i f othe r VLANs are confi gured and you chang e the M anageme nt VLA[...]

  • Page 42

    C ONFIGURING THE S WI TCH 2-12 Manual Con figuration We b – Clic k System, IP . Specify the m anagement in terface , IP a ddress and default g ate wa y , then cl ick Apply . CLI – Specify t he management i nterface , IP addres s and defaul t gatewa y . Usin g DHCP /BOO TP If you r network p rovide s DHCP /BOO TP ser vices, you can con figur e t[...]

  • Page 43

    S ECUR ITY 2-13 If y ou lose your m anagement co nnectio n, use a console c onnectio n and enter “sh ow ip interfa ce” to d eter mine the new switch addr ess . CLI – Specif y the ma nagement i nterface , and set the IP A ddress Mode to DHCP or BOOTP . Renewing DCHP – DHCP may lease addres ses to clients i ndefi nitel y or for a sp ecific pe[...]

  • Page 44

    C ONFIGURING THE S WI TCH 2-14 as soon as possib le, and s tore it in a sa fe plac e. (If for some reas on yo ur password is lost, you can reload the factory deafults file to restore the defau lt passw ords as describe d in “Tro ublesh ooting Cha rt” on pag e A-1.) The default gue st name is “guest ” with the p assw o rd “gue st. ” The [...]

  • Page 45

    S ECUR ITY 2-15 CLI – Assign a user nam e to acc ess-lev el 15 (i. e., ad ministra tor), then speci fy the pa ssw ord. Configuring RADI US/TACACS Logon A uthentication Y ou can conf igure t his sw itc h to authentic ate user s logging in to the s ystem for man agement access using local, RAD IUS , or TA CA CS+ authenticat ion method s . RADIU S a[...]

  • Page 46

    C ONFIGURING THE S WI TCH 2-16 • RADIUS uses UDP while TACACS+ uses TCP. UDP only offer s best effort d elivery , while TC P offers a c onnectio n-oriente d transpo rt. Also, note th at RADIUS en crypts only the password in the access-r equest pa cket from t he client t o the s erver, whi le TACACS+ encrypt s the e ntire bo dy of the packet. • [...]

  • Page 47

    S ECUR ITY 2-17 The local switch user database has to be set up by manually entering user names an d passw ords using the CLI. RADIUS Settings • Server IP Address – Add ress of t he RADIUS s erver. (Default: 10.1.0.1) • Server Port N umber – Ne twork (UDP) port o f the RADI US ser ver used for auth enticatio n messages. (Range: 1-65535; Def[...]

  • Page 48

    C ONFIGURING THE S WI TCH 2-18 We b – Click System, Authentication Settings . T o configure local or remote authen ticati on pre ference s , specify the aut henticat ion se quence ( i.e ., one to three methods), fill in the parameters for RADIUS or TA CACS+ authen ticati on if selected, and cl ick App ly .[...]

  • Page 49

    S ECUR ITY 2-19 CLI Commands CLI – Sp ecify all the required pa rameters to enable log on a uthentic ation. HTTPS Y ou ca n configu re the swi tch to enable t he Secure Hyp ertext T ransfer Proto col (HTT PS) over the Sec ure Socket Lay er (SSL), providing se cure access (i.e ., an encrypted con nection ) to th e switc h’ s W eb interface . Bot[...]

  • Page 50

    C ONFIGURING THE S WI TCH 2-20 The foll owi ng W eb bro wser s and op eratin g system s currentl y support HTTPS: When y ou start HTTPS , the client and server es tablish a secure e ncr ypted conne ction. A p adlock icon sh ould appe ar in the st atus bar f or Inter net Explorer 5.x and Netscape Navigator 4.x. Command Att ributes • HTTPS St atus [...]

  • Page 51

    S ECUR ITY 2-21 CLI Commands CLI – En ter the follo wing commands to spe cify the s ecure port n umber and to en able HTTPS . SSH The Secure Shell ( SSH) server f eature pr ovid es remo te manageme nt access via en cr ypte d paths between the swit ch and SS H-enab led ma nag ement station clie nts . Note: There are tw o versions of the S SH prot [...]

  • Page 52

    C ONFIGURING THE S WI TCH 2-22 CLI Commands CLI – En ter the follo wing commands to conf igure the SSH service. Managing Firmwa re Y ou can up load/down load fir mwa re to or fro m a TFTP ser v er . By saving r untime code to a file on a TFTP ser v er, that file can later be downloaded to the sw itch to restor e opera tion. Y ou ca n also set th [...]

  • Page 53

    M ANAGIN G F IR MW AR E 2-23 • Destination File Name — File names are cas e-sensiti ve . The file name sh ould not co ntain sla shes ( or /), the le ading lett er of th e file name shou ld not be a period (.), a nd the max imum length for file names on the TFTP ser ver is 127 char acters or 31 c haracters for files on the sw itch. (V alid char[...]

  • Page 54

    C ONFIGURING THE S WI TCH 2-24 T o start the new fi r mware , rebo ot the system. CLI – Enter t he IP a ddress o f the TFTP ser v er , sele ct conf ig or opcod e file type, then enter the source and destination file names , set the new file to star t up the system, a nd then rest ar t the swit ch. Saving or Restoring Configuration Sett ings Y ou [...]

  • Page 55

    M ANAGIN G F IR MW AR E 2-25 names on the TFTP ser ver is 127 char acters or 31 c haracters for files on the switch. (Valid characters: A-Z, a-z, 0-9, “.”, “-”, “_”) Note: The maxim um number of user -defined configuration file s is limited only by available Flash memory spac e. Y ou can sa ve the configuration file under a new file nam[...]

  • Page 56

    C ONFIGURING THE S WI TCH 2-26 CLI – Enter the IP address of the TFTP server , specify the sou rce file on the se r ver, and set the star tup file name on t he switch. If you downloa d the star tup configuration file under a new f ile name, y ou can set this file as the startup file at a later ti me, and the n restart the switch. Copying the Runn[...]

  • Page 57

    D ISPLA YIN G B RIDGE E XTEN SIO N C APABILITIES 2-27 CLI – If you copy the r un ning configuration to a file, you can set this file as the startup file at a later time, a nd then rest ar t the s witch. Display ing Bridge Extens ion Capabilit ies Th e Bridg e MIB includ es exte nsions for ma naged devices th at suppor t Multicast Filtering , T ra[...]

  • Page 58

    C ONFIGURING THE S WI TCH 2-28 • Static Entry Individual Port – This switch allows static filtering for unicast and multicast add resses. (Refe r to “Setting Static Addr esses” on page 2-41.) • VLAN Learning – T his switc h uses I ndepende nt VLAN Learning (IVL), whe re each port maintain s its own filtering database. • Configurable P[...]

  • Page 59

    D ISPLA YIN G B RIDGE E XTEN SIO N C APABILITIES 2-29 We b – Click System, Bridg e Extension . CLI – Enter the following command. Console#show bridge-ext 3-137 Max support vlan numbers: 255 Max support vlan ID: 4094 Extended multicast filtering services: N o Static entry individual port: Yes VLAN learning: IVL Configurable PVID tagging: Yes Loc[...]

  • Page 60

    C ONFIGURING THE S WI TCH 2-30 Displayi ng Switc h Hardw are/So ftware Versio ns Command Att ributes Main Board • Serial Number – The ser ial number of the s witch. • Service Tag * – Not i mplem ented. • Number of Ports – Numbe r of built-in RJ -45 ports • Hardware Versi on – Hardwar e version of the main boar d. • Internal Power [...]

  • Page 61

    D IS PLAYING S WITCH H ARDW AR E /S OFTWARE V ERSIONS 2-31 We b – Click System, Switch Infor mation . CLI – Use the followin g command to display version infor mation. Console#show version 3-49 Unit1 Serial number :A217056372 Service tag :[NONE] Hardware version :R0C Number of ports :24 Main power status :up Redundant power status :not present [...]

  • Page 62

    C ONFIGURING THE S WI TCH 2-32 Port Configura t ion Displaying Connection Status Y ou can use the Port Infor ma tion or T r unk Infor m ation pag es to display the current c onnecti on stat us , incl uding link sta te, sp eed/dupl ex mode , flow co ntrol, and auto-negotiat ion. Command Att ributes • Name – Inter face labe l. • Type – Indica[...]

  • Page 63

    P ORT C ONFIGURATION 2-33 We b – Click P or t, P or t Infor matio n or T r unk In for mation. Modify the required interface settings, and c lick Apply . CLI – This example s hows t he connect ion sta tus for P ort 13. Console#show interfaces status ethernet 1/13 3-95 Information of Eth 1/13 Basic information: Port type: 1000T Mac address: 00-00[...]

  • Page 64

    C ONFIGURING THE S WI TCH 2-34 Configuring I nterface Connections Y ou can use the T r unk Configuration or Port Configuration pag e to enable/disable an int erface , manually fix t he speed and duplex mode , set flow con trol, set auto-neg otiation , and set the inte rface capabilities to adve r tise. Command Att ributes • Name – Allows you to[...]

  • Page 65

    P ORT C ONFIGURATION 2-35 used for half-dup lex operation and IEEE 802.3x for full-du plex opera tion. (Av oid usi ng flow con trol on a port conn ected to a hub unless it is actually required to solve a problem. Otherwise back pressu re jamming signals m ay degrade overall perfo rmance for t he segm ent attach ed to t he hub. ) - (Default: Autone [...]

  • Page 66

    C ONFIGURING THE S WI TCH 2-36 CLI – Sele ct the in terface, and t hen enter th e require d settings. Setting Broadcast Storm Thresholds Broadc ast storms may occu r when a d evice on y our netw ork is malfunctioning, o r if application prog rams are not well design ed or proper ly config ured. If there is too m uch broadcas t traffi c on your ne[...]

  • Page 67

    P ORT C ONFIGURATION 2-37 500-262143 packets per second ; Default : 500 packets per sec ond) • Broadc ast Contr ol Status – Shows whethe r or not br oadcas t storm cont rol has been e nabled. (Default: E nabled) We b – Click P ort, Port Broadcast Control. Set th e threshold for all por ts , and then click A pply . CLI – Specify t he requi r[...]

  • Page 68

    C ONFIGURING THE S WI TCH 2-38 Configuri ng Port Mirrorin g Y ou ca n mirror traffic fr om any s ource port to a ta rget port for real-ti me analysi s . Y ou can then attac h a logi c analyzer o r RMON probe to the tar get port and stud y the traffic crossing the sourc e port in a comp letely unobtrusiv e manner . Command Usa ge • The mi rror po [...]

  • Page 69

    P ORT C ONFIGURATION 2-39 Configuring P ort Security P ort se curity is a feature that allows you to configure a switch port with one or more device MA C addresses t hat are a uthori zed to acces s the network thro ugh tha t por t. Whe n por t secur ity is enab led on a p ort , the swit ch stops lear nin g new MA C addresses on the s pecified po rt[...]

  • Page 70

    C ONFIGURING THE S WI TCH 2-40 Port S ecurit y Actio n The sw itc h allo ws you to se t th e secur ity ac tion to be take n whe n a po rt intr usion is dete cted. T his setting applie s to all por ts on the switch. • Shutdown and Trap — Ind icates the action to be taken w hen a port security violation is d etected: - No ne : Indicat es that no [...]

  • Page 71

    A DDR ESS T ABLE S ETTINGS 2-41 CLI Configuratio n Use the interface comman d to sele ct the ta rget port, then use the port security action command to c onfigure the por t intr usion acti on (applies to all por ts). Use the por t security comma nd to enable security for the por t. Addre ss Tabl e Sett ings Switches sto re the addresse s for all kn[...]

  • Page 72

    C ONFIGURING THE S WI TCH 2-42 Command Usa ge Entries specified via the W eb interface are per manent. Entries specified via the CL I can be mad e per man ent or c an be set t o be delete d on rese t. We b – Click Address T able, Static Addresses. Specify the interface, the MA C addr ess and VL AN , then c lick “ A dd Static Address. ” CLI ?[...]

  • Page 73

    A DDR ESS T ABLE S ETTINGS 2-43 Command Usa ge • You c an displ ay entri es in t he dynam ic address table by select ing an interface ( either port or trunk), MAC addres s, or VLAN. • You ca n sort the informat ion display ed based on interfa ce (port or trunk), MAC address, or VLAN. We b – Click A ddress T able , Dynam ic Addr esses . Specif[...]

  • Page 74

    C ONFIGURING THE S WI TCH 2-44 Changing the Agin g Time Y ou can se t the aging tim e for entri es in the dy namic addr ess table. Command Usa ge The range for the aging time is 17 - 2184 seconds. (The default is 300 second s .) We b – Click Address Table, Address Aging . Specify the new aging time, then click Ap ply . CLI – This example sets t[...]

  • Page 75

    S PANNING T REE P RO T OC O L C ONFIGURATION 2-45 Th e Spanni ng T r ee Prot ocols su ppor ted by th e switch inc lude th e following st andards: • STP – Spanning Tree Protocol (IEEE 802.1D). • RSTP – Rapid Spanning Tree Protocol (IEEE 802.1w). STP uses a distrib uted algorithm to sel ect a b ridging de vice (STP-c ompliant switc h, br idge[...]

  • Page 76

    C ONFIGURING THE S WI TCH 2-46 STP Information The Spanning Tree, STP Information page co ntains in form atio n on th e current status of the Sp anning T ree . Command Att ributes • Spanning Tree State — Indica tes if the Span ning Tr ee Protocol i s current ly enabled o n the swit ch. • Bridge ID — Identifies a unique iden tifier for t he [...]

  • Page 77

    S PANNING T REE P RO T OC O L C ONFIGURATION 2-47 • Designated Root — Iden tifies th e prior ity and MA C addr ess of the device in the Span ning Tree that t he switch h as accept ed as th e root device. - Root Port — Specifies t he por t number on the s witch tha t is cl osest to the ro ot. The s witch comm unicates with the root device thro[...]

  • Page 78

    C ONFIGURING THE S WI TCH 2-48 * CLI only . We b – Click Spann ing T ree, S TP Information to disp lay cu r rent Sp anning T ree info r mation.[...]

  • Page 79

    S PANNING T REE P RO T OC O L C ONFIGURATION 2-49 CLI – This exampl e show s the current Spannin g T ree setti ngs . Console#show spanning-tree 3-11 9 Spanning-tree information ----------------------------------------------------- ---------- Spanning tree mode :RSTP Spanning tree enable/disable :enable Priority :32768 Bridge Hello Time (sec.) :2 [...]

  • Page 80

    C ONFIGURING THE S WI TCH 2-50 STP Configuration Global sett ings apply to the ent ire switch. Command Usage RSTP su ppor ts conne ctions to e ither S TP or RSTP nodes by moni toring the inco ming prot ocol m essag es and d ynamically adjusting t he type of protoc ol mes sag es the RS TP node tr ansmits, as de scribed b elow: • STP Mode – If th[...]

  • Page 81

    S PANNING T REE P RO T OC O L C ONFIGURATION 2-51 priority, th e device with the lowe st MAC addre ss will th en become th e root de vice . - Default: 32768 - Range: 0-61440, in steps of 4096 - Options: 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440 • Hello Time — Interval (in seconds ) [...]

  • Page 82

    C ONFIGURING THE S WI TCH 2-52 - D e f a u l t : 1 5 - Mini mum: Th e higher of 4 or [ (Max. Mes sage Ag e / 2) + 1] - Maximum: 30 • Path Cost Method — The p ath cost is u sed to de termine th e best path be tween devi ces. T he path co st method is used t o determin e the range o f values th at can be assigne d to each int erface. - Long : Spe[...]

  • Page 83

    S PANNING T REE P RO T OC O L C ONFIGURATION 2-53 We b – Click Spanni ng T ree, STP Conf igura tion. Modify th e required attributes, then click Apply . CLI – T his exa mple enable s Spanni ng T ree Pr otocol, a nd the n sets the indicated att ributes . Console(config)#spanning-tree mode rstp 3- 10 7 Console(config)#spanning-tree 3-106 Console([...]

  • Page 84

    C ONFIGURING THE S WI TCH 2-54 STP Port and Trunk In formation Th e Spannin g T re e, STP P or t Inf or matio n and Spa nning T ree, STP T r unk Information display the current status of po r ts and trunks in the Spanning Tr e e . Command Att ributes • STP S tatus — Displays curre nt stat e of this po rt withi n the Span ning Tree: - Discardi n[...]

  • Page 85

    S PANNING T REE P RO T OC O L C ONFIGURATION 2-55 • Designated Bridge — Th e priori ty and M AC address o f the device through which this port must communicate to reach t he root of the Spanning Tree. • Designated Port — The priority a nd number of the port on t he designated brid ging device through wh ich this swit ch must communi cate wi[...]

  • Page 86

    C ONFIGURING THE S WI TCH 2-56 • Path Cos t – This parame ter is used b y the STA to determine th e best path b etween devi ces. Therefo re, lower values should be a ssigned to ports attache d to fast er media, and high er values a ssigned to port s with slower m edia. (P ath cost take s precede nce over po rt prior ity.) • Priority – Defin[...]

  • Page 87

    S PANNING T REE P RO T OC O L C ONFIGURATION 2-57 durin g rec onfigu rati on even ts, do es not ca use th e spann ing tr ee to reconfi gure when the in terface ch anges sta te, and also ov ercomes other STA-related time out prob lems. Howeve r, remembe r that Edge Port s hould only be enabl ed for po rts conn ected to an end-no de device. We b – [...]

  • Page 88

    C ONFIGURING THE S WI TCH 2-58 CLI – T his ex ampl e displ ys the cur rent S panni ng T ree st atus of a por t. STP Port and Trunk Configur ation Y ou ca n configu re RSTP attr ibutes for specifi c interfa ces , includi ng port prior ity , path cos t, lin k type , and ed ge port. Y ou ma y use a different priorit y or pat h cost for por ts of sam[...]

  • Page 89

    S PANNING T REE P RO T OC O L C ONFIGURATION 2-59 begins learni ng addr esses. - Forwarding — Port for wards pack ets, and continues learning addr esses. • Priority — Defines t he priority us ed for this por t in the Spannin g Tree Protoc ol. If the pa th cost f or all ports on a swit ch is the same, t he port with the high est priority (i.e.[...]

  • Page 90

    C ONFIGURING THE S WI TCH 2-60 - Auto — The switch automatica lly determines if the interface is attache d to a point -to-poi nt link or to s hared me dia. • Admi n Edge Port — You can enable this optio n if an interface is attache d to a LAN se gment th at is at the e nd of a brid ged LAN or to an end n ode. Sin ce end no des cann ot cause f[...]

  • Page 91

    VLAN C ONFIGURATION 2-61 We b – Click S pannin g T ree, S TP P ort Config uration o r STP T r un k Configuration. Modify the requir ed attri butes , then c lick A pply . CLI – This example sets STP attribut es for port 5. VLAN C onfig urat ion In conventional networks with rou ters , broa dcast traffic is split up into separate domains. Switche[...]

  • Page 92

    C ONFIGURING THE S WI TCH 2-62 An IEEE 802.1Q VLAN is a g roup of por ts that can be located anywhere in the n etw ork, but commun icate as t hough th ey belong to th e same ph ysical seg ment. VLANs he lp to simplify network manag ement by allowing you to move device s to a new VLAN without h aving to chang e any p hysical conne ctions. VLANs ca n[...]

  • Page 93

    VLAN C ONFIGURATION 2-63 along th e path that will car r y this traffic to the same VLAN (s), either manually or dynamically using GVRP . Howev er, if you want a por t on this switch to par ticipate in one or more VLANs, but none of the inter m ediate network dev ices n or the ho st at the other end of t he conn ection suppor ts VLANs , then you sh[...]

  • Page 94

    C ONFIGURING THE S WI TCH 2-64 configu red to broa dcast a mess age to you r network indica ting the VLA N group s it wa nts to join. When this switch receiv e s these messages , it will autom aticall y place th e receivi ng port in th e specif ied VLANs , and the n forw ard the message to all other po r ts . When the message ar ri ves at another s[...]

  • Page 95

    VLAN C ONFIGURATION 2-65 forw arding a frame from this switch along a pa th that does not cont ain any VLAN-aware devices (inc luding the destin ation host) , the switch must first strip off the VLAN tag before forw arding the frame. When the switch recei v es a tagg ed frame , it will p ass th is frame on to the VL AN(s) ind icated by t he frame t[...]

  • Page 96

    C ONFIGURING THE S WI TCH 2-66 Displaying Current VLANs The VLAN Curren t T able sho ws the current port member s of ea ch VLAN and whethe r or not the po r t su pports VLAN t ag ging . P or ts assi gned to a large VLAN group that crosses se ver al swi tch es should use VLAN tag ging. Ho wever , if yo u just want to create a small por t-based VLAN [...]

  • Page 97

    VLAN C ONFIGURATION 2-67 We b – Click V LAN , VLAN Current T able. Sel ect any ID fro m the scroll-down list. Command Att ributes for CLI Interface • VLAN – ID of co nfigured VLAN (1-4094, no leading zeroes). • Type – Shows how th is VLAN was a dded to th e switch. - Dynamic : Au tomatical ly learned via GV RP. - Static : A dded as a s ta[...]

  • Page 98

    C ONFIGURING THE S WI TCH 2-68 • Ports / Channel groups – Shows t he VLAN inter face m embers. CLI – Cur rent VLAN i nfor mation can be disp layed with the following command. Creati ng VLANs Use The VLAN Static List to create or r emov e VLAN g roup s . T o propagate information about VLAN groups used on this s witch to external netw ork devi[...]

  • Page 99

    VLAN C ONFIGURATION 2-69 • State – Shows if this VLAN is enabled or di sabled (CLI). - Active : V LAN is operation al. - Suspe nd : VLAN is suspe nded; i.e., does no t pass pac kets. • Add – Adds a n ew VLAN gro up to the c urrent list. • Remove – R emoves a VLAN gr oup fro m the c urrent list. If an y port is assign ed to this grou p a[...]

  • Page 100

    C ONFIGURING THE S WI TCH 2-70 Adding Interf aces Based on Membership Type Use the VLA N Static T abl e to modify the settings for an existing V LAN . Y ou ca n add o r delet e port membe rs for a VLAN , dis able or enable VLAN tag ging for any por t, or prevent a po rt from b eing autom atically added to a VLAN via the GVRP protoco l. (Note that V[...]

  • Page 101

    VLAN C ONFIGURATION 2-71 therefore not carry VL AN or CoS infor mation. Note that an interface mus t be assig ned to at least one group as an untag ged port. - Forbidden : Interface is forbid den from automatically joining the VLAN via GVRP. For more informat ion, see “GVRP” on page 81. - None : Interfac e is not a member of the VLAN . Packets [...]

  • Page 102

    C ONFIGURING THE S WI TCH 2-72 CLI – The follow ing examp le sho ws ho w to ad d tag ged and un tag ged ports t o VL AN 2. Adding Interf aces Based on Static Membership Use the VLAN S tatic Membership by P ort menu to assi gn VLAN g roup s to the se lected in terface add an interf ace to the sele cted VLAN as a t ag ged member. Command Att ribute[...]

  • Page 103

    VLAN C ONFIGURATION 2-73 We b – Open VLAN , VLAN Stati c Membershi p . Select an interf ace from the scr oll-down box (Port or T r unk). C lick Quer y to d isplay VLAN membership in for mation for the interface. Select a VLAN ID , and then click Add t o add the int erface as a tagg ed member , or click R emov e to remov e the interface. After con[...]

  • Page 104

    C ONFIGURING THE S WI TCH 2-74 Command Usa ge • GVRP – GARP VLAN Reg istratio n Protoc ol define s a way f or switch es to ex change VLAN in form ation in order to automatically regis ter VLAN m embers on interfaces across th e netwo rk. • GARP – Group Address Registra tion Prot ocol is use d by GVRP and GMRP to register or deregist er clie[...]

  • Page 105

    VLAN C ONFIGURATION 2-75 port ). - If ingress filte ring is enabled, th e interface will discard inco ming frames tagged for VLANs w hich do not include th is ingress port in their member set. - Ingress filtering does not affect VLAN independent BPDU frames, such as GVR P or STP. However, it does affect VLAN dependent BPDU frames, such as GMRP. •[...]

  • Page 106

    C ONFIGURING THE S WI TCH 2-76 - 1Q Trunk – Specifies a port as an end-point for a VLAN t runk. A trunk is a direct link betwe en two s witches, so the po rt trans mits tagged frames that ide ntify the sou rce VLAN . However, not e that frames be longing to the port’ s default VL AN (i.e., associate d with the PVID) are sent untag ged. - Hybrid[...]

  • Page 107

    C LASS OF S ER VICE C ONFIGURATION 2-77 Class of Se rvice Configura tion Class of Ser vice (CoS) allows you to sp ecify which data packets ha ve greater pr ecedence whe n traffi c is buff ered in th e switc h due to cong estion . Th is switch suppo rts CoS with fou r priorit y queue s for each port. Data pack ets in a por t’ s hig h-priority queu[...]

  • Page 108

    C ONFIGURING THE S WI TCH 2-78 • If the outpu t port is an un tagged me mber of the as sociated VL AN, these f rames a re stri pped of a ll VLAN tags pr ior to tr ansmiss ion. Command Att ributes • Default Priority – The priority that is assigned to untagged fra mes received on the speci fied por t. (Range: 0 - 7, Default: 0) • Number of Eg[...]

  • Page 109

    C LASS OF S ER VICE C ONFIGURATION 2-79 W eighte d R ound R obin (WRR ). Up t o eigh t separ ate traff ic pri oriti es a re defined in IEEE 802.1p . The default priority leve ls are assigned according to recommendations in the IEEE 802.1p standard as shown in the foll owing table . The priority levels recommended in the IEEE 802.1p stan dard for v [...]

  • Page 110

    C ONFIGURING THE S WI TCH 2-80 • Traffic Class – Output queue buf fer. (Range: 0 - 3, where 3 is t he highest CoS priorit y queue) We b – Click Priority , T raffic Classes. Assign priorities to the output queues , then cl ick App ly . CLI – The follow ing examp le sho ws ho w to map CoS v alues 0, 1 a nd 2 to CoS priority queu e 0, value 3 [...]

  • Page 111

    C LASS OF S ER VICE C ONFIGURATION 2-81 Setting the Service Weight for Traffic Classes Th is swit ch uses the W eight ed Round Robin (WRR ) alg orit hm to deter mine the frequency at which it ser vices each priority queu e. As described in “Mapping CoS V alues to Eg ress Queues” o n page 2-78, the traffic classes are mappe d to one o f the four[...]

  • Page 112

    C ONFIGURING THE S WI TCH 2-82 CLI – The follow ing examp le sho ws how to assi gn WRR w eights o f 1, 4, 16 and 64 to the CoS priority queues 0, 1, 2 and 3. Mapp ing Laye r 3/ 4 Pri ori ties to C oS Val ues Th is switch supp ort s a commo n method of priori tizing laye r 3/4 traf fic to meet application requireme nts . T raffic priorities can be[...]

  • Page 113

    C LASS OF S ER VICE C ONFIGURATION 2-83 Command Attributes • IP Precedence/DSCP Priority Status – Sele cts IP Pr eced ence, DSCP, or dis ables both priority s ervices. We b – Click Prio rity , IP Preceden ce Prior ity . Select IP Precede nce or IP DSCP from th e IP Precede nce , DSCP Prio rity Status menu. CLI – The follow ing examp le glob[...]

  • Page 114

    C ONFIGURING THE S WI TCH 2-84 Command Attributes • IP Precedence Priority Table – Show s the I P Preced ence to CoS map. • Class of Service Value – Map s a CoS value to the sel ected IP Precende nce value. Note that “0” r epres ents low priority a n d “7” repr esent h igh pr iority. 4F l a s h O v e r r i d e 3F l a s h 2 Immediate[...]

  • Page 115

    C LASS OF S ER VICE C ONFIGURATION 2-85 We b – Click Priori ty , IP Precedence Pri ority . Select an I P Precedence v alue from t he IP Prece dence Prior ity T able b y clic king on i t with y our curs or , enter a valu e in the Cl ass of Ser vice V alue field, and then clic k Apply . Be sure to also sele ct IP Prece dence from t he IP Prec edenc[...]

  • Page 116

    C ONFIGURING THE S WI TCH 2-86 CLI – The follow ing examp le glob ally enabl es IP Prece dence service on the swi tch, maps IP Preceden ce v alue 1 to CoS v alue 0 on port 5, and t hen disp lays all the IP Preceden ce setti ngs for that port. (N ote that the set ting is global and applie s to all ports o n the switch.) Mapping DSCP Priority The D[...]

  • Page 117

    C LASS OF S ER VICE C ONFIGURATION 2-87 Command Attributes • DSCP Priori ty Table – Sho ws the D SCP Prior ity to CoS map. • Class of Service Value – Ma ps a CoS value to the selected DS CP Priority va lue. Note that “0” repres ents low priority and “7” re present high prio rity. We b – Click Priority , IP DSCP Priority . Select a[...]

  • Page 118

    C ONFIGURING THE S WI TCH 2-88 CLI – T he following example globally e nables DSCP Priority ser vice on t h e s w i t c h, m a ps DS C P v a l u e 1 t o C o S v a l u e 0 o n p o r t 5 , an d t h e n d is p l ay s all the DSCP Priorit y settings fo r that por t. (No te that the set ting is glob al and applies to all ports on the switch.) Port Tru[...]

  • Page 119

    P ORT T RUN K C ONFIGURATION 2-89 consist s of more than four por ts , all othe r ports will be plac ed in a standby mode. Should one link in the t runk fail, one of th e standby ports will auto matic ally b e acti vat ed to rep lace it. Command Usage Beside s balancin g the load a cross each por t in the t r unk, the other p or ts provide re dund [...]

  • Page 120

    C ONFIGURING THE S WI TCH 2-90 Dynamically Configuring a Trunk with LACP Command Usage • To av oid crea ting a loo p in the ne twork, be sure you en able LAC P befor e conn ecti ng the po rts, and also di sconn ect the port s befo re disabling LACP. • If the ta rget swit ch has also en abled LACP on the connect ed ports , the trunk will be acti[...]

  • Page 121

    P ORT T RUN K C ONFIGURATION 2-91 We b – Click T r unk, LACP Configuration. Select any of the switch por ts from the scroll-down por t list and click Add. After you hav e completed adding por ts to the m ember li st, click Apply .[...]

  • Page 122

    C ONFIGURING THE S WI TCH 2-92 CLI – The follow ing exampl e enables L A CP for po rts 17 and 18. J ust connec t thes e ports to tw o LA CP- enabled tr unk po rts on anot her swit ch to for m a tr unk. Statically Configuring a Trunk Command Usage • When configuring s tatic trunks, you may not be abl e to link switches of diffe rent types, de pe[...]

  • Page 123

    P ORT T RUN K C ONFIGURATION 2-93 We b – Click T r unk, T r unk Configuration. Enter a tr unk ID of 1-6 in the T r unk fiel d, select an y of the switc h ports fro m the scro ll-do wn port lis t, and cl ick Add. After y ou hav e comple ted ad ding ports to the memb er list, click Apply .[...]

  • Page 124

    C ONFIGURING THE S WI TCH 2-94 CLI – This example creates tr unk 1 with port s 11 and 12. J us t connect these ports to tw o sta tic trunk ports on an other s witch to form a tr unk. Configu ring SNMP The switc h incl udes an onboard agent that cont in uously mo nitors th e status of it s hardware, as well as th e traffic passing through its por [...]

  • Page 125

    C ONFIGURING SNMP 2-95 Setting Community Access Strings Y ou ma y configure up to fi ve co mmunity str ings authorize d for manag em ent ac cess. F or se curity reaso ns , you s hould c onsider removin g the de fault str ings. Command Att ributes Community String – A community string that acts like a passw o rd an d per mits acce ss to the SN MP [...]

  • Page 126

    C ONFIGURING THE S WI TCH 2-96 CLI – The followi ng example ad ds the st ring “spi derman” with read/ write access . Specifying Trap Managers Y ou can specify up to five manag ement stations that will receive authentica tion failure messages and othe r trap messages from the switch. Command Usa ge • If you d o not ente r a trap mana ger hos[...]

  • Page 127

    C ONFIGURING SNMP 2-97 We b – Click SNMP , SNMP Configuratio n. Fill in the T rap Manag er IP Address bo x and the T rap Manager Commun ity String bo x, mark En able Au thenti cation T raps if requi red, an d then cl ick Add. CLI – This example adds a t rap manager and enables authenticati on traps . SNMP IP Filtering The switch al lows y ou to[...]

  • Page 128

    C ONFIGURING THE S WI TCH 2-98 IP address 192.168.1.1 and mask 255.255.255.255 — Specifie s a valid IP address of 192.168.1.1 only . Note: IP filt ering does not affe ct management acces s to the switc h using the We b inter face o r Teln et. Command Att ributes • IP Filter List — Displays a list of th e IP addre ss/subnet mask en tries curre[...]

  • Page 129

    M ULTICAST C ONFIGURATION 2-99 We b – Click SNMP , SNMP IP Filte ring . T o add an IP address , type the new IP address i n the IP Ad dress bo x, type the approp riate s ubnet ma sk in the Subnet M ask bo x, and the n click “ Add IP Filter ing Entr y .” T o delete an IP addres s , clic k the entry in the IP Filt er List, and then c lick “ R[...]

  • Page 130

    C ONFIGURING THE S WI TCH 2-100 reduc es the netw ork ov erhe ad requir ed by a mu lticas t ser v er , the broa dcast traf fic must be care fully p r uned at ever y mult icast switch/ route r it pass es throug h to en sure th at traffic is only passed o n the h osts wh ich subscr ibed to this ser vice. Th is switch uses IGMP (In ter net Grou p Mana[...]

  • Page 131

    M ULTICAST C ONFIGURATION 2-101 • IGMP Query – A router, or multicast-e nabled switch, can pe riodically ask their ho sts if the y want to receiv e multicast traffic. If th ere is more than o ne route r/swit ch on t he LAN perfor ming IP multic asting , one of thes e devices i s electe d “queri er” and ass umes the r ole of q uerying the LA[...]

  • Page 132

    C ONFIGURING THE S WI TCH 2-102 which had been receivin g query packet s) to have exp ired. (Default : 300 seconds, Range: 300 - 500) • IGMP Version — Sets the protocol version for compat ibility with other devices on the netw ork. (D efault: 2, Range : 1 - 2) Notes: 1. All syst ems on the sub net mu st suppor t the s ame ver sion. 2. Some attr[...]

  • Page 133

    M ULTICAST C ONFIGURATION 2-103 CLI – T his example modifies the settin gs for multicast filtering, and then disp lays t he current status . Interfaces Att ached to a Multicast Ro uter Multicast routers use the infor mation ob tained from IGMP Quer y , along with a m ulticast ro uting pr otocol s uch as D VMRP , to s upport IP mult icasting acros[...]

  • Page 134

    C ONFIGURING THE S WI TCH 2-104 We b – Click IGMP , Mult icast Ro uter P ort I nfor mation. Select the required VLAN ID from the scroll-down list to display the associated multicast routers . CLI – T his example shows that P ort 11 h as been statically config ured as a port attached to a multicast r outer . Specifyin g Interfaces Attac hed to a[...]

  • Page 135

    M ULTICAST C ONFIGURATION 2-105 • VLAN I D – Selects the VLAN to propagate all multicast traffic coming from the attached m ulticast r outer/swi tch. • Port or Trunk – Specifie s the in terface at tached to a mul ticast rout er. We b – Click IGMP , Static Multicast Ro uter P ort Configuratio n. Specify the interfaces attached to a multica[...]

  • Page 136

    C ONFIGURING THE S WI TCH 2-106 • Multicast IP Address – The IP addr ess for a speci fic multicas t servi ce • Multicast Group Port L ist – Ports propagating a multic ast service; i.e., ports that be long to the in dica ted VLA N group . We b – Click IGMP , IP Multicast Registration T able. Select the VLAN ID and multicast IP address . T [...]

  • Page 137

    M ULTICAST C ONFIGURATION 2-107 Adding Mu lticast Addresse s to VLAN s Multicast filte ring can be dynamic ally configured using IGM P Snooping and IGMP Query messages as de scribed i n “Conf iguring I GMP P arameters” on page 2-100. F or certain application that require tighter control, you may need to statically configure a m ulticast ser vic[...]

  • Page 138

    C ONFIGURING THE S WI TCH 2-108 We b – Click I GMP , IGMP Memb er P or t T able . Specify t he inter face attached to a multicast ser vice (via an IGMP-e nabled switch or multicast router), indicate the VLAN that w ill propag ate the multicast ser vic e, specify the multicast IP address , and then click Add. After you have completed adding po rts[...]

  • Page 139

    S HOWING D EVI CE S TATI STI CS 2-109 unusually hea vy loading). RMON st atistics provide access to a broad range of statistics, including a total count of d ifferent frame types and sizes passing thro ugh each por t. All values displayed ha ve been accumulated sinc e the las t syst em reboot , and are sho wn as co unts p er secon d. Statist ics ar[...]

  • Page 140

    C ONFIGURING THE S WI TCH 2-110 Transmit Octets The total number o f octets transmitted out of th e interface, inc luding framing chara cters. Tra nsm it U nica st Pack ets The t ota l nu mber of packets that higher- level protocols requested be transmitted to a subnetw ork-unicast addres s, including those t hat were discarde d or not sent. Transm[...]

  • Page 141

    S HOWING D EVI CE S TATI STI CS 2-111 Single Collisio n Frames The nu mber of successfully tran smitted frames for which trans mission is inhib ited by exactly one collision. Internal MA C Transmit Errors A count of frames for which transmissi on on a particular in terface fails due to an internal MAC sublayer tra nsmit error. Multiple Collision Fr[...]

  • Page 142

    C ONFIGURING THE S WI TCH 2-112 Received Frames The total number of frames (bad, broadcas t and multicast) received. Broadcast Fram es The total num ber of good frames receive d that were directed to the broadcast address. No te that this does not include multicast packet s. Multicast Frames The total nu mber of good frames receive d that were dire[...]

  • Page 143

    S HOWING D EVI CE S TATI STI CS 2-113 We b – Click Statistics, P or t Statistics . Select the requir ed interface , and then cl ick Query . Y ou can also us e the R efresh button a t the botto m of the page to update the s creen.[...]

  • Page 144

    C ONFIGURING THE S WI TCH 2-114 CLI – This example show s statistics for port 13. Console#show interfaces counters ethernet 1/13 3-97 Ethernet 1/13 Iftable stats: Octets input: 868453, Octets output: 34 92122 Unicast input: 7315, Unitcast output: 6 658 Discard input: 0, Discard output: 0 Error input: 0, Error output: 0 Unknown protos input: 0, QL[...]

  • Page 145

    U SIN G THE C OMMAND L INE I NTE RFA CE 3-1 C HAPTER 3 C OMMAND L INE I NTERF ACE This ch apter de scribes how t o use th e Command Line In terface (CLI ). Using the Com mand Line Inte rface Accessing the CLI When acces sing th e management interface for the s witch ov er a d irect connec tion to the server’ s consol e port, or via a T elnet conn[...]

  • Page 146

    C OMMAND L IN E I NTE RFA CE 3-2 After c onnecti ng to the sy stem thr ough th e conso le port, th e login sc reen displ ays: Telnet Connection T elnet op erates o ver the IP tran sport protocol . In th is enviro nment, y our management station and any netw ork device yo u want to manage o ver t he network must hav e a v alid IP address. V alid IP [...]

  • Page 147

    E NTERING C OMMANDS 3-3 After y o u con figure th e switch with an I P address , you can open a T elnet session by perfor ming these ste ps . 1. Fr om the rem ote ho st, ente r the T eln et comma nd and the IP addr ess of the device yo u want to access . 2. At th e prompt , enter the user name an d system p assw ord. The CLI will displa y the “ V[...]

  • Page 148

    C OMMAND L IN E I NTE RFA CE 3-4 interfaces and status are keyw ords , ether net is an argu men t th at spe ci fies the inte rface ty pe, and 1/5 specifi es the un it/port. Y ou ca n enter commands as follo ws: • To enter a simple command , ente r the comm and keywor d. • To enter multiple commands, enter each command in the required order. For[...]

  • Page 149

    E NTERING C OMMANDS 3-5 Sho wing C omm ands If you enter a “?” at the command prompt , the system will display the first lev el of k eyw ords for the curren t command class (No r mal Ex ec or Pri vileged Ex ec) or configur ation class (G lobal, Interfac e, Lin e, or VLAN Database). Y ou can also display a list of valid ke ywords for a specific [...]

  • Page 150

    C OMMAND L IN E I NTE RFA CE 3-6 Partial Keyword Lookup If yo u ter minate a partial keyw ord with a question mark, alternativ es that match the initial letters are provided. ( R emember not to le a ve a space betw een the com mand and quest ion mark.) F or example “ s? ” shows all th e keyw ords starting with “s . ” Negating the Effect of [...]

  • Page 151

    E NTERING C OMMANDS 3-7 command classe s and asso ciated mo des are dis pla yed in th e followin g table: Exec Commands When y ou open a new cons ole s ession o n switc h with the use r name “gues t, ” the syst em enters Nor mal Ex ec command mo de (or gu est mode ). Only a limited number of the comman ds are av ailable in this mode. Y o u can [...]

  • Page 152

    C OMMAND L IN E I NTE RFA CE 3-8 Configura tion Commands Configuration commands are privileged level commands used to modify switch setting s . T hese comman ds modify the r unning configuration o nly and are n ot sa ved w hen the s witch is reboo ted. T o store the r unning config uration in no nv olatile storag e, use the copy r unning-config sta[...]

  • Page 153

    E NTERING C OMMANDS 3-9 T o enter In terfac e, Line Conf igurati on, or VLAN mode, you must enter the “ interfac e ..., ” “ line ... ” or “ vlan database ” c ommand wh ile in Global Configuration mode. The system prompt will change to “Conso le(config-if )#, ” “Console (config-lin e)#” or Con sole(conf ig-vlan)” indicat ing th[...]

  • Page 154

    C OMMAND L IN E I NTE RFA CE 3-10 Comman d Groups The syst em command s can be brok en do wn into the funct ional groups shown below . Command Grou p Descr iption Page General Basic comman ds for ente ring privileged ac cess mode , restarting the system, or q uitting the CLI 3-1 2 Flash/File Ma nages code image or switch con figuration files 3-18 S[...]

  • Page 155

    C OMMAND G RO U P S 3-11 Note that the access mode shown in the following tab les is indicated by thes e abbre viation s: NE (Nor mal Exec) PE (Privilege d Exec) GC (Global Con figuration) IC (Inter face C onfig urati on) LC (Line Configuration ) VC (VLAN Database Configuration) IGMP Snooping Configures IGMP multicas t filtering, querier eligibilit[...]

  • Page 156

    C OMMAND L IN E I NTE RFA CE 3-12 General Comman ds enable Use th is command to acti v ate Pri v ile ged Exec m ode . In pri vileged mode, addition al commands are a v ailable, an d certain commands displa y additiona l infor matio n. See “Und erstanding Command Mod es” on pag e 3-6. Syntax enab le [ level ] leve l - Privil ege leve l to log in[...]

  • Page 157

    G ENERAL C OMMANDS 3-13 Command Usage • “super” is the default password re quired to ch ange th e command mode from Norma l Exec to Privilege d Exec. (To set this passw ord, see the enable password command on page 3-29.) • T he “#” cha racte r is append ed to the e nd of the prompt to indicate that the syste m is in privileged access mo[...]

  • Page 158

    C OMMAND L IN E I NTE RFA CE 3-14 Command Usage The “>” c haracter is appende d to the end of th e prompt to in dicate that t he system is in n or mal acces s mode . Example Related Commands enable (3-12) configure Use this command t o activate Global Co nfiguration m ode. Y ou must en ter this mo de to m odify an y setti ngs on th e switch [...]

  • Page 159

    G ENERAL C OMMANDS 3-15 show h ist ory Use this command to sho w the co ntent s of the co mmand hist ory buffer . Default Setting None Command Mode Nor mal Exec, Pri vileged Ex ec Command Usage The his tory buffer size is fix ed at 20 comma nds . Example In this exam ple, the sh ow histo ry c omma nd list s the con tent s of the comma nd hist ory b[...]

  • Page 160

    C OMMAND L IN E I NTE RFA CE 3-16 reload Use t his co mmand to re start th e syste m. Note: When th e system is restarted, it will always run the Pow er-On Self-Test. It will also retain all config uration information s tored in nonvo latile mem ory by the copy running-config startup-config command. Default Setting None Command Mode Pri vileged Ex [...]

  • Page 161

    G ENERAL C OMMANDS 3-17 Example This examp le sho ws how to return to the Pri vileged E xec mode from the Interface Config uration mode: exit Use this command to retur n to the previo us configuration mode or exit the configuration prog ram. Default Setting None Command Mode Any Example This examp le sho ws how to return to the Pri vileged E xec mo[...]

  • Page 162

    C OMMAND L IN E I NTE RFA CE 3-18 Command Mode Nor mal Exec, Pri vileged Ex ec Command Usage The quit and exit c ommand s can bot h exit t he confi gurati on program. Example This e xample sh ows how to quit a CLI session: Flash/File Commands These comman ds are use d to manage s ystem cod e and configu ration fil es . copy Use th is com mand to m [...]

  • Page 163

    F LASH /F ILE C OMMANDS 3-19 syste m operati on. The succes s of the file tran sfer d epends on the accessibility of the TFTP ser ver and the quality of the network connection . Syntax copy file { fil e | running-co nfig | startup-config | tft p } copy runni ng-config { file | startup-config | tftp } copy startup-config { file | r unning-config | t[...]

  • Page 164

    C OMMAND L IN E I NTE RFA CE 3-20 • T o replace the startup co nfigura tion, you mu st use startu p-config a s the destination . • T he Boot R OM image canno t be uploa ded or do wnloaded from the TFTP ser ver. You must use a direct con sole conne ction and ac cess the downlo ad menu dur ing a bo ot up to dow nload the Bo ot ROM (o r diagnostic[...]

  • Page 165

    F LASH /F ILE C OMMANDS 3-21 delete Use this command to delete a file or imag e. Syntax delete filename filename - Name of the configuration file or image name. Default Setting None Command Mode Pri vileged Ex ec Command Usage • If the file type is used for system startup, then this file cannot be delet ed. • “Factory_D efault_ Config .cfg ?[...]

  • Page 166

    C OMMAND L IN E I NTE RFA CE 3-22 dir Use this command t o display a list of files in Flash memor y . Syntax dir [ boot-rom | confi g | opco de [: filename ]] The type of file or image to disp lay includes: • boot-rom - Boot RO M (or diagnostic) image file • config - Switch configuratio n file • opcode - Run -time operation code image file. ?[...]

  • Page 167

    F LASH /F ILE C OMMANDS 3-23 Example The following example shows how to display all file infor mation: whichboot Use this comman d to display which files bo oted. Default Setting None Command Mode Pri vileged Ex ec Example This examp le sho ws the info r mation displa yed b y the whichboot command . See th e table on the pre vious p age for a desc [...]

  • Page 168

    C OMMAND L IN E I NTE RFA CE 3-24 boot system Use th is command to speci fy the file o r image used to sta r t up t he system . Syntax boot system { boot-rom | config | opcode }: filename The ty pe of file or imag e to set as a de fault includes : • boot-rom - Boot ROM • config - Config uration file • opcode - Run-ti me operatio n code The co[...]

  • Page 169

    S YSTE M M ANAGEME NT C OMMANDS 3-25 System Mana gement Com mands These comman ds are use d to con trol sys tem logs , passw ords , user nam e, browser configur ation o ptions, and di splay or con figure a variety of ot her system infor mation. Command Function Mode Page Device Descri ption Command hostname Specifies or modi fies the host name for [...]

  • Page 170

    C OMMAND L IN E I NTE RFA CE 3-26 show ip s sh Displays the status o f the SSH serv er and the configured values for authentication timeout and retries PE 3-37 show ssh Displa ys the status of current SSH session s PE 3-37 Event Logging Commands logging on Controls logging of error messages GC 3-38 logg ing hist ory Lim its s yslo g me ssag es s en[...]

  • Page 171

    S YSTE M M ANAGEME NT C OMMANDS 3-27 hostname Use this co mmand to speci fy or modify the ho st name for th is device . Use the no for m to restor e the default host name. Syntax hostname name no hostname name - T he name of this host. (Maximum length: 255 c h aracters) Default Setting None Command Mode Global Configura tion Example username Use th[...]

  • Page 172

    C OMMAND L IN E I NTE RFA CE 3-28 •{ 0 | 7 } - 0 means p lain passwo rd, 7 means en crypted p assword . • password password - The authent icatio n password fo r the user. (Maximum length: 8 characters plain text, 32 encrypted, case sensitive ) Default Setting • The default access l evel is No rmal Exec . • The factory d efaults for the u se[...]

  • Page 173

    S YSTE M M ANAGEME NT C OMMANDS 3-29 enable password After initially log g ing onto the system, you should se t the administrator (Pri vileged Ex ec) and gues t (No r mal Ex ec) passw ords . R emember to record t hem in a safe place . Use the enab le passw ord command to set the passw ord for access t o the P rivil eged Exec leve l from th e Norm a[...]

  • Page 174

    C OMMAND L IN E I NTE RFA CE 3-30 Related Commands enable (3-12) jumbo frame Use this command to enable ju mbo frames th rough th e switc h. Use th e no for m to d isable jumb o frames . Syntax jumb o frame no jumbo frame Default Setting Disabled Command Mode Global Configura tion Command Usage • This switch provides more effi cient th roughput f[...]

  • Page 175

    S YSTE M M ANAGEME NT C OMMANDS 3-31 ip http port Use this command to specify t he TCP port num ber used b y the W eb bro wser interface . Use the no fo r m to use the default port. Syntax ip http por t port-number no ip http por t por t-nu mber - Th e T C P p or t t o b e u s e d b y t h e b r o w se r i n t e r f a c e . (Range: 1-65535) Default [...]

  • Page 176

    C OMMAND L IN E I NTE RFA CE 3-32 Command Mode Global Configura tion Example Related Commands ip http po rt (3-31) ip http secure-server Use th is command to enabl e the se cure h ypertext transfe r proto col (HTTPS) ov er the Secure Socke t Lay er (SSL), pr ovidi ng secur e access (i .e. , an encrypted c onnecti on) to the swit ch’ s W eb interf[...]

  • Page 177

    S YSTE M M ANAGEME NT C OMMANDS 3-33 for the connection . - The clie nt and s erver gener ate ses sion keys for encr ypting and decry pting d ata. • The clien t and server establ ish a secu re encrypt ed conn ection. A padl ock icon should a ppear in the st atus bar f or Intern et Expl orer 5.x and Netscape Navigator 4.x. • T he foll owing Web [...]

  • Page 178

    C OMMAND L IN E I NTE RFA CE 3-34 Default Setting 443 Command Mode Global Configura tion Command Usage • You cannot co nfigur e the HTTP a nd HTTPS serve rs to us e the sam e port. • If you chan ge the HT TPS port n umber, clients a ttempting t o conn ect to the HTTPS serve r must specif y the port num ber in the UR L, in t his format: https://[...]

  • Page 179

    S YSTE M M ANAGEME NT C OMMANDS 3-35 Default Setting timeout: 120 seconds count: 3 Command Mode Global Configura tion Command Usage The tim eout specifies the int er val the switch will wait for a response from th e client durin g the SSH negotiation p hase . Once an SSH sessio n has bee n est ablishe d, the timeou t for us er inpu t is co ntrol le[...]

  • Page 180

    C OMMAND L IN E I NTE RFA CE 3-36 Command Usage • The SSH server supports up to four clie nt sessions. The maximum number of client sessions include s both curr ent Teln et sess ions an d SSH sess ions. • The SSH server uses RSA fo r key exch ange when the cl ient first establ ishes a connect ion with the swit ch, and then neg otiates with th e[...]

  • Page 181

    S YSTE M M ANAGEME NT C OMMANDS 3-37 show ssh Use this command to displa y the cur ren t Secure Sh ell (SSH) s er ver conne ctions. Command Mode Pri vileged Ex ec Command Usage This c ommand shows the following infor mation : • Sess ion – The sessi on nu mber. ( Range : 0-3) • Username – The user n ame of the c lient. • Versi on – The S[...]

  • Page 182

    C OMMAND L IN E I NTE RFA CE 3-38 Example Related Commands ip ssh (3-34) logging on Use th is command to contro l logging of error messages . This command sends debug or er ror messag es to a log ging p roces s . The no for m dis ables the log g ing process. Syntax logging on no log g ing on Default Setting None Command Mode Global Configura tion C[...]

  • Page 183

    S YSTE M M ANAGEME NT C OMMANDS 3-39 Related Commands log ging h istor y (3-39) log ging trap ( 3-42) clear log ging (3 -43) logging history Use this c ommand to limit syslog me ssage s sav ed to switch memo ry based on severity . Th e no for m returns t he logging of sysl og mess ages to th e default level. Syntax logging hist or y { fl a s h | ra[...]

  • Page 184

    C OMMAND L IN E I NTE RFA CE 3-40 * There are only Level 2, 5 and 6 error messages for the current firmware rele ase. Default Setting Flash: errors (lev el 3 - 0) RAM: warnings ( level 7 - 0) Command Mode Global Configura tion Command Usage The message lev el specified for Flash memory must be a higher p riorit y (i.e. , numerically lower) than tha[...]

  • Page 185

    S YSTE M M ANAGEME NT C OMMANDS 3-41 Default Setting None Command Mode Global Configura tion Command Usage • By using this command m ore than once you can build up a list of host IP add resse s. • Th e maximum number of host IP addresse s allowed is five. Example logging facility Use this command t o set the facility type for remot e log ging o[...]

  • Page 186

    C OMMAND L IN E I NTE RFA CE 3-42 logging trap Use this c ommand to limit syslog messag es saved to a remo te ser ver base d on severity . Use the no for m to retur n the rem ote log ging o f syslog messages to the defaul t lev el. Syntax loggin g tr ap level no log g ing trap level leve l - One of the level arguments listed below . Messag es sent [...]

  • Page 187

    S YSTE M M ANAGEME NT C OMMANDS 3-43 clear logging Use this command to clear messages fr om the lo g buffer . Syntax clear lo g ging [ fl a s h | ram ] • flash - Even t history stored in Flash memo ry (i.e., pe rmanent memory). • ram - Even t history stored in tempo rary RAM ( i.e., me mory flushed on powe r reset) . Default Setting None Comman[...]

  • Page 188

    C OMMAND L IN E I NTE RFA CE 3-44 Default Setting None Command Mode Pri vileged Ex ec Example show startup- config Use this command t o display the configuration file stored in nonv olatile memor y tha t is used to s tart u p the syst em. Default Setting None Console#show logging flash Syslog logging: Disable History logging in FLASH: level errors [...]

  • Page 189

    S YSTE M M ANAGEME NT C OMMANDS 3-45 Command Mode Pri vileged Ex ec Example Console#show startup-config building startup-config, please wait..... ! ! snmp-server community private rw snmp-server community public ro ! username admin access-level 15 username admin password 7 21232f297a57a5a 743894a0e4a801fc3 username guest access-level 0 username gue[...]

  • Page 190

    C OMMAND L IN E I NTE RFA CE 3-46 Related Commands show r unning -config (3-46) show runnin g-config Use th is command to disp lay t he conf iguration infor mation cur rently in use . Default Setting None Command Mode Pri vileged Ex ec Command Usage Use this command in conjunct ion with the show star tup-config command to com pare the infor mation [...]

  • Page 191

    S YSTE M M ANAGEME NT C OMMANDS 3-47 Example Related Commands show star tup-config ( 3-44) show system Use this command to displa y system information. Default Setting None Command Mode Nor mal Exec, Pri vileged Ex ec • F or a description of the items sho w n b y this command, refe r to “Displaying System Infor ma tion” on pag e 2-8 • The P[...]

  • Page 192

    C OMMAND L IN E I NTE RFA CE 3-48 Example show u ser s Shows all activ e conso le and T elnet sess ions , including user name, idle time, and IP address of T elnet client . Default Setting None Command Mode Nor mal Exec, Pri vileged Ex ec Command Usage The session us ed to ex ecute this comman d is indica ted by a “ *” symbol next to t he Line [...]

  • Page 193

    S YSTE M M ANAGEME NT C OMMANDS 3-49 Example show ve rsion Use this command to disp lay hard war e and software version infor mation for the system. Default Setting None Command Mode Nor mal Exec, Pri vileged Ex ec Command Usage See “Displaying System In for mation” on page 2-8 for detailed infor mation on th e items di spla yed b y this co mma[...]

  • Page 194

    C OMMAND L IN E I NTE RFA CE 3-50 Example Authen ticat ion Comma nds Y ou can configur e the s witch to authen ticate us ers lo g ging in to the system for management access using local or authentic ation-server meth ods . Re mote Authen tication Dial -in User Ser vic e (RADIUS) and T er minal Access Control ler Access Contro l System Pl us (T A CA[...]

  • Page 195

    A UTHE NTI CAT ION C OMMANDS 3-51 authentication login Use this command to de fine the l ogin au thentica tion method and preceden ce. Use the no for m to restore the default. Syntax authentication login {[ loca l ] [ radius ] [ tacacs ]} no authentication login • local - Use lo cal authen ticatio n. • radius - Use RADIUS server auth entication[...]

  • Page 196

    C OMMAND L IN E I NTE RFA CE 3-52 manag ement acc ess via the cons ole port, a Web brow ser, or Telnet. These ac cess option s must be co nfigured on the authe ntication server. • RADIUS and TACACS+ log on authenticati on assigns a specific privilege level for each user name and password pair. The user name, password, and privilege level must be [...]

  • Page 197

    A UTHE NTI CAT ION C OMMANDS 3-53 Example radius-server p ort Use this command to set t he RADIUS ser ver netw ork port. Use the no for m to res tore the defau lt. Syntax radius-ser ver port port_number no radius-server por t por t_nu mber - RADIUS ser ver UDP por t used for authenticatio n messages . (Range: 1-65535) Default Setting 1812 Command M[...]

  • Page 198

    C OMMAND L IN E I NTE RFA CE 3-54 Default Setting None Command Mode Global Configura tion Example radius-server re transmit Use this command to set the number of re tries . Use the no f o r m t o r e s t o r e the de fault. Syntax radius-server retransmit number_of _r etries no radius-server retransmit number_ of_r etries - Number of times the swit[...]

  • Page 199

    A UTHE NTI CAT ION C OMMANDS 3-55 radius-server t imeout Use this comma nd to set the inter val between trans mitting auth entication request s to the RA DIUS se r ver . Use th e no for m to restore the default. Syntax radius-ser ver ti meout numb er_of_s econds no radius-server timeout number_of_ seconds - Numb er of secon ds the swi tch waits for[...]

  • Page 200

    C OMMAND L IN E I NTE RFA CE 3-56 tacacs-server host Use this command to speci fy the T ACA CS+ server . Use the no form to restore the default. Syntax tacacs-ser ver host host_ip_address no tacacs-ser ver host host_ip_ address - IP addre ss of a TA CA CS+ server . Default Setting 10.11.12.13 Command Mode Global Configura tion Example tacacs-server[...]

  • Page 201

    A UTHE NTI CAT ION C OMMANDS 3-57 Example tacacs-server key Use this command to set t he TA CA CS+ encryption ke y . Use the no fo r m to restore th e default. Syntax tacacs-ser ver k ey ke y _ s tr i n g no tacacs-ser ver k ey key _ s t ri n g - Encr yption key used to authentica te log on access fo r the client. Do no t use blank spaces in the st[...]

  • Page 202

    C OMMAND L IN E I NTE RFA CE 3-58 Example SNMP Commands Controls access to this switch from SNMP m anagement stations, as well as the er ro r type s sent to t rap mana ger s . snmp-serv er community Use th is command to define the com munity access s tring for the Simpl e Network Man ageme nt Pr otocol. Use th e no for m to re mov e the sp ecified [...]

  • Page 203

    SNMP C OMMANDS 3-59 Syntax snmp-ser ver community str in g [ ro | rw ] no snmp-ser ver community string • string - Community string that acts like a passwo rd and permits acces s to th e SNMP p rotocol . (Max imum le ngth: 32 charac ters, c ase sensitive ; Maximum nu mber of st rings: 5) • ro - Specifi es Read-on ly access. Au thoriz ed manage [...]

  • Page 204

    C OMMAND L IN E I NTE RFA CE 3-60 snmp-serve r contact Use th is command to set the sys tem cont act stri ng . Use th e no for m to remo v e the sy stem co ntac t information. Syntax snmp-ser ver contact st rin g no snmp-ser ver contact string - String that describes the system co ntact infor mation . (Maximu m length: 255 charact ers) Default Sett[...]

  • Page 205

    SNMP C OMMANDS 3-61 Default Setting None Command Mode Global Configura tion Example Related Commands snmp-server con tact (3-60) snmp-serv er host Use this command to speci fy the rec ipient of a Simple Netw ork Manag ement P rotocol n otificatio n operat ion. Use the no for m to remove the spec ified h ost . Syntax snmp-server host {host-add r com[...]

  • Page 206

    C OMMAND L IN E I NTE RFA CE 3-62 Default Setting Host Add ress: N one SNMP V ersion: 1 Command Mode Global Configura tion Command Usage • If you do not enter an snm p-server host comm and, no n otifi cation s are se nt. In o rder to configure the switc h to se nd SNMP notificatio ns, you mus t enter at least on e snmp-serve r host com mand. In o[...]

  • Page 207

    SNMP C OMMANDS 3-63 snmp-serve r enable traps Use this command t o enable this device to send Simple Network Manag ement P rotocol tr aps (SNM P noti fications ). Use t he no for m to disab le SNMP not ification s . Syntax snmp-server enable traps [ authentication | link-up-down ] no snmp-ser ver ena ble traps [ authentication | link-up-down ] • [...]

  • Page 208

    C OMMAND L IN E I NTE RFA CE 3-64 Example Related Commands snmp-ser ver host (3-61) snmp ip f ilter Sets the IP addres ses of clien ts that are allowed manage ment acce ss to the switch vi a SNMP . Us e the no for m of this command to remo ve an IP address . Syntax snmp ip filt er ip_address subnet_mask n o sn m p i p f i l t e r ip_address subnet_[...]

  • Page 209

    SNMP C OMMANDS 3-65 specified by the bitmask. • Th e default setting is null, w hich a llows all IP groups SNM P access to the switch. If one IP address is configured, the IP filtering is enabled and only addresses in th e IP group will have SNMP access . • IP filterin g doe s not affec t mana gement access t o the swi tch usi ng the Web in ter[...]

  • Page 210

    C OMMAND L IN E I NTE RFA CE 3-66 Example Console#show snmp SNMP traps: Authentication: enable Link-up-down: enable SNMP communities: 0 SNMP packets input 0 Bad SNMP version errors 0 Unknown community name 0 Illegal operation for community nam e supplied 0 Encoding errors 0 Number of requested variables 0 Number of altered variables 0 Get-request P[...]

  • Page 211

    IP C OMMANDS 3-67 IP Commands An IP address m ay be used fo r managemen t access to the switc h ov er your netw ork. By default, the switc h uses DHCP to as sign IP settings to VLAN 1 on the swit c h. If you wish to manually configure IP se ttings, y ou need to chan ge the switch ’ s use r -specified def aults (I P address 0.0.0.0 and netmask 255[...]

  • Page 212

    C OMMAND L IN E I NTE RFA CE 3-68 • dhcp - Obtains IP address from DHCP. Default Setting IP address: 0.0.0.0 Netmask: 255.0.0.0 Command Mode Interf ace Conf igurati on (VLA N) Command Usage • You must assign an IP ad dress to this device t o gain management access ov er the n etwork. You can manually c onfigure a specific IP address , or direc [...]

  • Page 213

    IP C OMMANDS 3-69 Related Commands ip dhcp restart (3-69) ip dhcp rest art Use this command to submit a BOOTP or DCHP clie nt request. Default Setting None Command Mode Pri vileged Ex ec Command Usage • DHCP requires th e server to reassign the client ’s last address if available. • If the BOOTP or DHCP server h as been moved t o a different [...]

  • Page 214

    C OMMAND L IN E I NTE RFA CE 3-70 ip default-gateway Use th is command to a estab lish a s tatic ro ute betw een this device an d manageme nt stat ions t hat exis t on an other n etw ork s egment . Use th e no for m to remove the s tatic route. Syntax ip default-gatew ay ga tewa y no ip default-gateway gat e wa y - IP add ress of the default g atew[...]

  • Page 215

    IP C OMMANDS 3-71 Command Mode Pri vileged Ex ec Command Usage This s witch can only be assig ned one IP address. This address is used for manag ing the sw itch. Example Related Commands show ip redire cts (3-71) show ip redirects Use this command to show th e default gatew ay conf igured fo r this devic e. Default Setting None Command Mode Pri vil[...]

  • Page 216

    C OMMAND L IN E I NTE RFA CE 3-72 ping Use this command to send ICMP ech o request pack ets to an other no de on the netw ork. Syntax ping host [ co unt count ][ size size ] • host - IP addres s or IP alias of the hos t. • coun t - Number of packets to send. (Range: 1-16, default: 5) • size - Number of bytes in a packet. (Range: 32-512, defau[...]

  • Page 217

    L INE C OMMANDS 3-73 Example Related Commands inte rface (3 -85) Line Co mmand s Y ou can a ccess the onboard configuration program by attaching a VT100 compa tible devic e to the s er ver’ s serial port. These comman ds are us ed to set com municati on parame ters for the serial port or a virtual terminal. Note that T elnet i s consi dered a vi [...]

  • Page 218

    C OMMAND L IN E I NTE RFA CE 3-74 line Use this command to identi fy a specifi c line for config uration, an d to proce ss subseq uent line config uratio n command s . Syntax line { console | vty } • console - Consol e terminal line. • vty - Virtual termin al for remote cons ole access. Default Setting There is n o default line. Command Mode Gl[...]

  • Page 219

    L INE C OMMANDS 3-75 Example T o enter cons ole li ne mode , enter the follo wing com mand: Related Commands show line (3-83) show users (3-48) login Use this command to en able pass wo rd chec king at login. Use the no form to di sable passw ord chec king and allo w connecti ons wi thout a pass wo rd. Syntax login [ local ] no login local - Sele c[...]

  • Page 220

    C OMMAND L IN E I NTE RFA CE 3-76 Exec (NE) mo de. - logi n loc al selec ts auth enticatio n via the u ser na me and p assword specifie d by the usern ame command (i.e., de fault setti ng). Whe n using thi s method, th e managemen t interface starts in Normal Exec ( NE) or Pr ivile ged Exe c (PE) mo de, depe nding o n the user’ s privilege level [...]

  • Page 221

    L INE C OMMANDS 3-77 Command Mode Line Configuration Command Usage • W hen a c onnecti on is start ed on a lin e with password prote ction, th e system prompt s for the pass word. If you ent er the c orrect p asswo rd, the sys tem sh ows a prom pt. Yo u can use the password-thresh command to set the numbe r of time s a use r can ent er an inco rr[...]

  • Page 222

    C OMMAND L IN E I NTE RFA CE 3-78 Default Setting CLI: No timeout T elnet: 10 minutes Command Mode Line Configuration Command Usage • If input is detec ted, th e system resu mes the cur rent conn ection; or if no connect ions ex ist, it returns th e termin al to th e idle st ate and disco nnects th e inco ming se ssion . • This comma nd appl ie[...]

  • Page 223

    L INE C OMMANDS 3-79 Command Mode Line Configuration Command Usage • W hen the logon attem pt thre shold is rea ched, the syste m interface becomes silent fo r a specified amo unt of t ime before allowing the next logon atte mpt. (Use the sile nt-time comman d to set this inte rval.) When th is thres hold is reached for Telnet , the Te lnet logo [...]

  • Page 224

    C OMMAND L IN E I NTE RFA CE 3-80 Default Setting The default value is no si lent-time. Command Mode Line Configuration Command Usage If the pa ssword thresho ld was not set with the pass word-thresh command , silen t-time be gins af ter the defau lt v alue of t hree failed log on attemp ts . Example T o set the silent time to 60 seco nds, enter th[...]

  • Page 225

    L INE C OMMANDS 3-81 Command Mode Line Configuration Command Usage The databits co mmand can be used to mas k the high bit on input from dev ices that g ene rate 7 da ta bits wi th parity . If pa rity is be ing generated, specif y 7 data bits per c haracter . If no parit y is require d, specify 8 data bits per c haracter . Example T o specify 7 da [...]

  • Page 226

    C OMMAND L IN E I NTE RFA CE 3-82 Command Usage Communic ation pr otocol s provided by devices s uch as te r minals and modems o ften req uire a spec ific parity b it setting. Example T o specify no p arity , enter t his comma nd: spee d Use this command to set th e ter min al line's baud rate. T his co mmand sets both the tr ansmi t (to ter m[...]

  • Page 227

    L INE C OMMANDS 3-83 stopbit s Use this co mmand to set the number of the sto p bits transm itted per byte. Use the no for m to re store the defa ult setting. Syntax stopbits { 1 | 2 } • 1 - One st op bit • 2 - Two s top bit s Default Setting 1 stop bit Command Mode Line Configuration Example T o specify 2 stop bits , enter this command: show l[...]

  • Page 228

    C OMMAND L IN E I NTE RFA CE 3-84 Command Mode Nor mal Exec, Pri vileged Ex ec Example T o show all lines, enter this command: Interface Commands These comman ds are us ed to d ispla y or set co mmuni cation paramet ers for an Ethernet port, a g g regated link, o r VLAN . Console#show line Console configuration: Password threshold: 3 times Interact[...]

  • Page 229

    I NTERFACE C OMMANDS 3-85 interface Use this command to conf igure an i nterface type and enter i nterface config uration m ode. Use the no for m to remo ve a trunk. Syntax interf ace interface no interface por t-channel channel-id interface • ethernet unit / port - unit - This is device 1. - port - Port number. • port-channel chann el-id (Rang[...]

  • Page 230

    C OMMAND L IN E I NTE RFA CE 3-86 description Use this command to add a des cription t o an interfac e. Use th e no for m to remove the desc riptio n. Syntax description stri ng no description string - Commen t or a description to help y ou remember w hat is attached to this inter face. (Rang e: 1-64 charact ers) Default Setting None Command Mode I[...]

  • Page 231

    I NTERFACE C OMMANDS 3-87 • 1000full - Forces 1000 Mbps full-duplex operation • 100full - Forces 100 Mbps full-duplex oper ation • 100half - Forces 100 Mbps half-duplex operation • 10full - Forces 10 Mbps full-dup lex oper ation • 10half - Forces 1 0 Mbps half -duplex op eration Default Setting • Auto-ne gotiati on is enabl ed by d efau[...]

  • Page 232

    C OMMAND L IN E I NTE RFA CE 3-88 negotiation Use this command to enable auton ego tiation fo r a given interface . Use the no form to dis able a utonegoti atio n. Syntax negotiation no negotiation Default Setting Enabl ed Command Mode Interf ace Conf iguratio n (Eth ernet, P or t Chann el) Command Usage When auto-ne gotiatio n is enabled the switc[...]

  • Page 233

    I NTERFACE C OMMANDS 3-89 capabilities Use this command t o adv ertis e the port c apabilities of a given interface during auto negotiation. Use the no for m with paramete rs to remove an advertised capability , or the no for m with out parame ters to res tore the defau lt values. Syntax capabi lities { 1000full | 100full | 100half | 10full | 10hal[...]

  • Page 234

    C OMMAND L IN E I NTE RFA CE 3-90 Command Usage Whe n auto-neg otia tion is ena bled with th e neg otiation c ommand, the switch will n eg otiate the b est sett ings for a link based on the capab ilites command. Wh en auto-neg otiation is dis abled, you must manually specif y the link at tributes wi th the s peed-dupl ex and flow control commands .[...]

  • Page 235

    I NTERFACE C OMMANDS 3-91 optimal s ettings will b e determined by th e capabilities co mmand. To enable flow co ntrol under aut o-negot iati on, “fl owcon trol” must b e included in the capabilities list fo r any port. • To force operation t o the mode sp ecified in a flowco ntro l co mmand, use the no negotiation command to disabl e auto-ne[...]

  • Page 236

    C OMMAND L IN E I NTE RFA CE 3-92 Default Setting All interfaces are enabled. Command Mode Interf ace Conf iguratio n (Eth ernet, P or t Chann el) Command Usage Th is command allows you to dis able a po rt du e to abno r mal be havior (e.g ., excessive collisions), and then re enable it after the prob lem has been res olved. Y ou may als o want to [...]

  • Page 237

    I NTERFACE C OMMANDS 3-93 Command Usage • When broadcast traffic exc eeds the spe cified th reshold, pac kets above that th reshold are d ropped. • This comma nd can en able or disable broadc ast storm contr ol for the selected interface . However, the sp ecified thr eshold value a pplies to all ports o n the switch . • E nabling jumbo frames[...]

  • Page 238

    C OMMAND L IN E I NTE RFA CE 3-94 Command Usa ge • If you enab le port security, the sw itch will stop dynamic ally learning new addre sses on the specif ied port. Only incomi ng traff ic with sour ce addresses already stored in the dynami c or static address table will be accepted . • To use port security, first allow th e switch to dynamic al[...]

  • Page 239

    I NTERFACE C OMMANDS 3-95 Syntax clear counters inte rfa ce interface • ethernet unit / port - unit - This is device 1. - port - Port number. • port-channel chann el-id (Range: 1-6) Default Setting None Command Mode Pri vileged Ex ec Command Usage Statistics are only initializ ed for a power reset. This command sets the base value for d isplaye[...]

  • Page 240

    C OMMAND L IN E I NTE RFA CE 3-96 • ethernet unit / port - unit - This is device 1. - port - Port number. • port-channel chann el-id (Range: 1-6) • vlan vlan-id (Range: 1-4094) Default Setting None ( F or a de scripti on of th e items displa yed b y this command, see “Displaying Conne ction Sta tus” on page 2 -32.) Command Mode Nor mal Ex[...]

  • Page 241

    I NTERFACE C OMMANDS 3-97 show interfaces counters Use this command to displa y statistics for an interfac e. Syntax show interfaces counters [ interface ] interface • ethernet unit/p ort - unit - This is device 1. - port - Port number. • port-channel chann el-id (Range: 1-6) Default Setting Shows the counters for all interfaces. Command Mode N[...]

  • Page 242

    C OMMAND L IN E I NTE RFA CE 3-98 Example show i nterface s swit chport Use th is command to disp lay the administ rativ e an d operati onal status of the spec ifie d inte rface s.. Syntax show interfaces s witchpor t [ interfac e ] interface • ethernet unit / port - unit - This is device 1. - port - Port number. • port-channel chann el-id (Ran[...]

  • Page 243

    I NTERFACE C OMMANDS 3-99 Default Setting Shows all interf aces . Command Mode Nor mal Exec, Pri vileged Ex ec Command Usage If no interface is specified, infor matio n on all interfaces is d isplayed. The items dis play ed by thi s command in clude: • Broadcast threshold – Shows if bro adcast stor m suppress ion is enabled or dis abled; if ena[...]

  • Page 244

    C OMMAND L IN E I NTE RFA CE 3-100 Addre ss Ta ble Com mands These comma nds are use d to con figure th e addre ss table for filte ring speci fied add resses , displa ying current entri es , clearing the ta ble, o r sett ing the agin g time. mac-address-table static Use thi s comman d to map a static address t o a port in a V LAN . Use th e no for [...]

  • Page 245

    A DDRESS T ABL E C OMMANDS 3-101 Syntax mac-address-tabl e static mac-address interf ace vlan vlan-id [ action ] no mac-address-table sta tic mac-address vlan vlan-id • mac-address - MAC a ddress. • interface • ethernet unit / port - unit - This is device 1. - port - Port number. • port-channel chann el-id (Range: 1-4) • vlan -id - VLAN I[...]

  • Page 246

    C OMMAND L IN E I NTE RFA CE 3-102 Example show mac-address -table Use th is command to view cl asses of e ntries in the b ridge-forwa rding datab ase. Syntax show mac-address-ta ble [ addr ess mac-address [ mask ]] [ interface interface ] [ vlan vlan-id ] [ sort { address | vlan | interface }] • mac-address - MAC a ddress. • mask - Bits to mat[...]

  • Page 247

    A DDRESS T ABL E C OMMANDS 3-103 - Delete-o n-reset - static en try to be deleted when syst em is re set • The mask sh ould be hexade cimal num bers (repre senti ng an equi valent bit mask) in th e form xx-xx-xx-xx-xx-xx that is applied to the spe cified MAC address. Enter hexadeci mal numbers , where an equivale nt binary bit “0” means to ma[...]

  • Page 248

    C OMMAND L IN E I NTE RFA CE 3-104 Syntax mac-address-tabl e agin g- tim e seconds no mac-address-table aging-time seconds - Time is number of seconds (17-2184). Default Setting 300 seconds Command Mode Global Configura tion Command Usage The aging t ime is used to ag e out dynamica lly learned forward ing infor mation. Example show mac-address -ta[...]

  • Page 249

    S PANNING T REE C OMMANDS 3-105 Spanni ng Tree Com mands This secti on incl udes comma nds that config ure the Sp anning T ree Protoc ol (STP) for the o verall s witch , and com mands tha t configu re STP for the s elected interfa ce. Command Fu nction Mode Pa ge spanning-tre e En ables the spanning tree protocol GC 3-10 6 spanning-tre e mode Confi[...]

  • Page 250

    C OMMAND L IN E I NTE RFA CE 3-106 spanning- tree Use thi s command t o enable the S panni ng T re e Protocol glob ally for th is switch. U se the no form to disable it. Syntax spanning-tree no spanning-tree Default Setting Spanning T ree is enab led. Command Mode Global Configura tion Command Usage Th e Spannin g T re e Prot ocol can be us ed to d[...]

  • Page 251

    S PANNING T REE C OMMANDS 3-107 spanning- tree mode Use this command to select the Sp anning T ree mode for this s witch. Use the no form to disable it. Syntax spanning-tree mode { stp | rstp } no spanning-tree mode • stp - Spanning Tree P rotocol (IEEE 802.1D) • rstp - Rapid Spanning Tree Protocol (IEEE 802.1w) Default Setting rstp Command Mod[...]

  • Page 252

    C OMMAND L IN E I NTE RFA CE 3-108 Example The follo wing ex ample con figures t he switc h to us e Rapid Spann ing T ree: spanning-tree for ward-time Use th is command to conf igure the Spanning T ree bridge forw ard ti me globally for this sw itch. Use the no form to restore the default. Syntax spanning-tree for w ard- time sec onds no spanning-t[...]

  • Page 253

    S PANNING T REE C OMMANDS 3-109 spanning-tree hello-t ime Use this command to conf igure the Spanni ng T ree bri dge hello ti me globally for this sw itch. Use the no form to restore the default. Syntax spanning-tree hello-ti me tim e no spanning-tree hello-time time - Time in seconds . (Rang e: 1-10 seconds) The maximum v alue is the lowe r of 10 [...]

  • Page 254

    C OMMAND L IN E I NTE RFA CE 3-110 Default Setting 20 seconds Command Mode Global Configura tion Command Usage This command s ets the m aximu m time (in s econds) a device can w ait without receiving a configur ation mess age be fore a ttempting to reconfi gure. All device p orts (ex cept for desi gnated po r ts) s hould recei v e configur ation me[...]

  • Page 255

    S PANNING T REE C OMMANDS 3-111 Command Mode Global Configura tion Command Usage Bridge prio rity is used in selecting the root device, root por t, and design ated po rt. T he device w ith the hi ghest p riorit y becomes the STP root devi ce. Howe ver , if all device s hav e the same priori ty , the device with the lo west MA C address will then be[...]

  • Page 256

    C OMMAND L IN E I NTE RFA CE 3-112 Example spanning-tree transm ission-limit Use th is command to conf igure the minim um interval bet ween t he transm issio n of consecu tiv e RSTP BPDUs . Use the no for m to restore th e defau lt. Syntax spanning-tree transmi ssion-limit count no spanning-tree transmission-limit count - T he transmission limit in[...]

  • Page 257

    S PANNING T REE C OMMANDS 3-113 spanning-tree cost Use this command to conf igure the Spanni ng T ree path cost fo r the specified inte rface . Use the no for m to restore the d efault. Syntax spanning-tree cost cost no spanning-tree cost cost - Th e path cost for the interface. (Range – 1-200,000,000) The recom mended range is - - Ethernet: 200,[...]

  • Page 258

    C OMMAND L IN E I NTE RFA CE 3-114 Example Related Commands spanning-tree port-priority (3-114) spanning- tree port-priority Use this co mmand to con figure the pri ority for th e specifie d interface . Use the no for m to resto re the defa ult. Syntax spanning-tree por t-priority priority no spanning-tree por t-priority prio rity - The priority fo[...]

  • Page 259

    S PANNING T REE C OMMANDS 3-115 Related Commands spanning-tree cost (3-113) spanning-tree por tfast Use this command to set an interface t o fast forw arding . Use the no for m to disable fast forwarding . Syntax spanning-tree portfast no spanning-tree por tfast Default Setting Disabled Command Mode Interfac e Confi guration (E thern et, Po r t Cha[...]

  • Page 260

    C OMMAND L IN E I NTE RFA CE 3-116 Related Commands spanning-tree edge-por t (3-116) spanning-tree edge-port Use thi s comman d to specify an inte rface as an edge port. Use th e no form to restore th e default. Syntax spanning-tree edge-por t no spanning-tree edge-por t Default Setting Disabled Command Mode Interf ace Conf iguratio n (Eth ernet, P[...]

  • Page 261

    S PANNING T REE C OMMANDS 3-117 Related Commands spanni ng-tree por tfast (3-1 15) spanning-tree protocol-m igration Use this command to re-ch eck the ap propriate BPDU format to send on the se lected i nterface . Syntax spanning-tree protocol -mig ration in terface interface • ethernet unit / port-number - unit - This is device 1. - port-number [...]

  • Page 262

    C OMMAND L IN E I NTE RFA CE 3-118 spanning-tree link- type Use thi s comman d to config ure the link type for the Rapid Spann ing T ree. Use the no form to restore the defau lt. Syntax spanning-tree link-type { auto | point-to-point | shar ed } no spanning-tree link-type • auto - Automatica lly derived fr om the duplex mod e setting. • point-t[...]

  • Page 263

    S PANNING T REE C OMMANDS 3-119 show spa nning-t ree Use this command to sho w the configur ation for th e Spannin g T ree. Syntax show spanning-tree [ interfac e ] • interface • ethernet unit / port-number - unit - This is device 1. - port-number • port-channel chann el-id (Range: 1-6) Default Setting None Command Mode Pri vileged Ex ec Comm[...]

  • Page 264

    C OMMAND L IN E I NTE RFA CE 3-120 Example Console#show spanning-tree Spanning-tree information ----------------------------------------- ---------------------- Spanning tree mode :RSTP Spanning tree enable/disable :enable Priority :32768 Bridge Hello Time (sec.) :2 Bridge Max Age (sec.) :20 Bridge Forward Delay (sec.) :15 Root Hello Time (sec.) :2[...]

  • Page 265

    VLAN C OMMANDS 3-121 VLAN Commands A VLAN is a g roup of por ts that ca n be locate d anywhe re in the network, but co mmunicat e as th ough they belong t o the sa me ph ysical s egment. This secti on descr ibes comm ands used to creat e VLAN groups , add port members , specify h ow VLA N tag ging is used, an d enable aut omatic VLAN reg istratio n[...]

  • Page 266

    C OMMAND L IN E I NTE RFA CE 3-122 vlan database Use this command to enter VLA N databas e mode. All com mands in t his mode will take effect immediate ly . Default Setting None Command Mode Global Configura tion Command Usage • Use the VLAN databas e command mode to a dd, change, and delete VLANs. After finis hing co nfigurat ion c hanges, y o u[...]

  • Page 267

    VLAN C OMMANDS 3-123 vlan Use this command to conf igure a VLAN . Us e the no for m to restore the default se ttings or delete a VL AN . Syntax vlan vlan-id [ name vlan -name ] m edia ether net [ state { ac tive | suspend }] no vlan vla n-id [ name | state ] • vlan -id - ID of co nfigured VL AN. (Ran ge: 1-409 4, no leading zeroes) • name - Key[...]

  • Page 268

    C OMMAND L IN E I NTE RFA CE 3-124 Example The following example adds a VLAN , using vlan-id 105 and name RD5. The VL AN is acti v ated b y defau lt. Related Commands show vlan (3-131) interface vlan Use this co mmand to ente r interface con figurati on mode for VL ANs , and configure a physical interface . Syntax interface vlan vlan- id vlan-id - [...]

  • Page 269

    VLAN C OMMANDS 3-125 Related Commands show vlan (3-131) switch port mode Use this command to conf igure the VLAN mem bership mode for a p ort. Use the no for m to restore the default. Syntax swi tchpor t mode { tr unk | hy bri d } no switchpor t mode • trunk - Specifies a po rt as an end-poin t for a VLAN trunk. A trunk is a direc t link betwee n[...]

  • Page 270

    C OMMAND L IN E I NTE RFA CE 3-126 switchport acceptable-frame- types Use this command to con figure th e acceptable fra me types fo r a port. Use the no for m to resto re the defa ult. Syntax swi tchpor t acceptable-frame-types { all | tagged } no switchpor t accepta ble-frame-types • all - The p ort passes al l frames, t agged or u ntagged. •[...]

  • Page 271

    VLAN C OMMANDS 3-127 switchport ingress-filter ing Use this command to enable i ngress filtering for an in terfa ce. Use the no for m to res tore the defau lt. Syntax swi tchpor t ingr ess-filtering no switchpor t ingress-filtering Default Setting Disabled Command Mode Interfac e Confi guration (E thern et, Po r t Channe l) Command Usage • Ingres[...]

  • Page 272

    C OMMAND L IN E I NTE RFA CE 3-128 switchport native vlan Use this c ommand to con figure the PV ID (i.e., default V LAN ID) for a port. U se the no for m t o restore th e defau lt. Syntax swi tchpor t nativ e vlan vlan -id no switchpor t nativ e vlan vlan-id - Default VLAN ID fo r a port. (Range : 1-4094, n o leading zero es) Default Setting VLAN [...]

  • Page 273

    VLAN C OMMANDS 3-129 switchport allowed vlan Use this command to conf igure VLA N groups on the s electe d interf ace. Use the no for m to restore the default. Syntax • switchport allowed vlan { add vlan-l ist [ tag ged | untagged ] | remove vlan-lis t } no switchport allowed vlan • add vlan-lis t - List o f VLAN identifier s to add. • rem ov[...]

  • Page 274

    C OMMAND L IN E I NTE RFA CE 3-130 Example Th e following example shows how to add VLANs 2 , 5 an d 6 to the allowed list as tagg ed VLA Ns for port 1: switchport forbid den vlan Use this command to confi gure forbid den VLANs . Use the no for m to remov e the list of fo rbidden VLANs . Syntax • switchport forbidden vlan { add vlan-li st | remove[...]

  • Page 275

    VLAN C OMMANDS 3-131 Example Th e following example shows how to pr event por t 1 fro m being ad ded to VLAN 3: show v lan Use this command t o show VLAN infor mation. Syntax show v lan [ id vlan -id | name vlan- name ] • id - Keyw ord to be f ollowed by the VLAN ID. - vlan -id - ID of the configured VLAN. (Range: 1-4094, no leading zeroe s) • [...]

  • Page 276

    C OMMAND L IN E I NTE RFA CE 3-132 GVRP and Bridge E xtensio n Comma nds GARP VLA N Registration P rotocol d efines a way for switches to exc h ange VLA N infor mation in order to automat ically register VLAN members on inte rfaces a cross t he netw ork. This sect ion descr ibes h ow to enable GVRP for individual interfaces and globally for the swi[...]

  • Page 277

    GVRP AND B RIDGE E XTENSION C OMMANDS 3-133 Default Setting Disabled Command Mode Interfac e Confi guration (E thern et, Po r t Channe l) Example show gvrp configuration Use this command to show if GVRP is enabled. Syntax show gvr p configuration [ interface ] interface • ethernet unit / port - unit - This is device 1. - port - Port number. • p[...]

  • Page 278

    C OMMAND L IN E I NTE RFA CE 3-134 garp timer Use this command to set the value s for th e join, lea v e and l eav eall ti mers . Use the no form to res tore the ti mers’ de fault va lues . Syntax gar p timer { jo in | leave | le aveal l } timer_value no gar p timer { join | leav e | leav eall } •{ join | leave | lea veal l } - Wh ich ti mer to[...]

  • Page 279

    GVRP AND B RIDGE E XTENSION C OMMANDS 3-135 Note: Set GVRP ti mers on all Layer 2 device s conne cted in t he same network to the same values. Otherwise, GVRP will n ot operate success fully. Example Related Commands show gar p timer (3-135) show garp timer Use this command to sho w the G ARP timer s for th e selected interf ace. Syntax show garp t[...]

  • Page 280

    C OMMAND L IN E I NTE RFA CE 3-136 Example Related Commands garp timer (3-134) bridge-ext gvrp Use this co mmand to enable GVRP . Use the no form to disable it. Syntax bridge-ext gvr p no bridge-ext gvr p Default Setting Disabled Command Mode Global Configura tion Command Usage GVRP defines a way for switches to exchange VLAN infor mation in order [...]

  • Page 281

    GVRP AND B RIDGE E XTENSION C OMMANDS 3-137 show bridge-ext Use this command to sho w the conf iguratio n for bri dge exte nsion commands . Default Setting None Command Mode Pri vileged Ex ec Command Usage See “D isplaying Basi c VLAN In for mat ion” on pag e 2-65 an d “Displaying Bridg e Extension Capabilities ” on pag e 2-27 for a descrip[...]

  • Page 282

    C OMMAND L IN E I NTE RFA CE 3-138 IGMP Snoo ping Com mands Th is switch uses IGMP (In ter net Grou p Manag ement Pr otocol) to quer y for any a ttac hed hosts that w ant to rece iv e a spec ific m ulticast ser vice . It ident ifies the ports cont aining ho sts requ esting a service and sends data out to those po rts only . It th en propa gates the[...]

  • Page 283

    IGMP S NOOPING C OMMANDS 3-139 ip igmp snooping Use this command to enable IGMP snooping o n this switch. Use the no for m to disable it. Syntax ip igm p snoo ping no ip igmp snooping Default Setting Enabl ed Command Mode Global Configura tion Example The follo wing example enables IGMP sno oping . Mulitcast Ro uter Commands ip igmp snooping vla n [...]

  • Page 284

    C OMMAND L IN E I NTE RFA CE 3-140 ip igmp snooping vlan static Use this c ommand to add a por t to a multicas t grou p . Use the no for m to remov e the port. Syntax ip igm p snoopin g vlan vlan-id static ip-address interface no ip igmp snooping vlan vlan-id st atic ip-addr ess interface • vlan -id - VLAN ID (Range: 1-4094) • ip-address - IP a[...]

  • Page 285

    IGMP S NOOPING C OMMANDS 3-141 ip igmp snooping version Use this command to conf igure the IGMP sno oping v ers ion. Use the no for m to res tore the defau lt. Syntax ip igm p snoo ping v ersion { 1 | 2 } no ip igmp snooping version • 1 - IGMP Version 1 • 2 - IGMP Version 2 Default Setting IGMP V ers ion 2 Command Mode Global Configura tion Com[...]

  • Page 286

    C OMMAND L IN E I NTE RFA CE 3-142 Command Mode Pri vileged Ex ec Command Usage See ““Configuring IGMP Pa rameters” on page 2-100 fo r a de scription of the d ispla yed items . Example Th e following shows the cur re nt IGMP s nooping c onfigurat ion: show mac-address -table multicast Use th is command to sho w kno wn mul ticast ad dresses . [...]

  • Page 287

    IGMP S NOOPING C OMMANDS 3-143 Command Usage Membe r type s disp layed inclu de IGMP o r USE R, depend ing on selec ted opt ions . Example The following shows the multicast entries learned through IGMP snoopin g for VLAN 1: ip igmp snooping querier Use this command to enable the switc h as an IGMP snooping querier . Use the no form to disable it. S[...]

  • Page 288

    C OMMAND L IN E I NTE RFA CE 3-144 ip igmp snooping query-count Use th is command to conf igure the quer y cou nt. Use t he no for m to restore the default. Syntax ip igmp snooping quer y-count count no ip igmp snooping quer y-count count - T he max im um num ber of queries is sued f or whic h there has been no r esponse bef ore the switch takes ac[...]

  • Page 289

    IGMP S NOOPING C OMMANDS 3-145 ip igmp snooping query-int erval Use this command to conf igure the snoo ping query int er val . Use th e no for m to res tore the defau lt. Syntax ip igmp snooping quer y-inter v al seco nds no ip igmp snooping quer y-inter v al seconds - T he freque ncy at wh ich the switch sends IG MP host-qu ery messages . (Range:[...]

  • Page 290

    C OMMAND L IN E I NTE RFA CE 3-146 Command Mode Global Configura tion Command Usage • The switch must be us ing IGMPv2 for this command to take effect. • This comman d defines th e time after a query, during which a respo nse is expe cted from a multica st client . If a quer ier has se nt a numbe r of queries defined by the ip igmp snooping que[...]

  • Page 291

    IGMP S NOOPING C OMMANDS 3-147 ip igmp snooping router -port-expire-time Use this command t o configur e the snoo ping rout er-po rt-expire-time . Use the no form of this command to re store the default. Syntax ip igm p snoo ping rout er- port-expire- time seconds no ip igmp snooping router-por t-expire-time seconds - T he time the switch waits af [...]

  • Page 292

    C OMMAND L IN E I NTE RFA CE 3-148 ip igmp snooping vlan mrouter Use this command to st atically config ure a m ulticast rout er port. Use the no form t o remo v e the configuration . Syntax ip igm p snoopin g vlan vlan-id mrout er interface no ip igmp snooping vlan vlan-id mrouter interface • vlan -id - VLAN ID (Range: 1-4094) • interface • [...]

  • Page 293

    IGMP S NOOPING C OMMANDS 3-149 show ip igmp snooping mr outer Use this command to displa y infor mat ion on statically config ured and dynamically lear ned multicast router por ts . Syntax show ip igmp snoo ping mrouter [ vlan vlan-id ] vlan-id - VLAN ID (Range: 1-4094) Default Setting Displays multicast router por ts for all configured VLANs. Comm[...]

  • Page 294

    C OMMAND L IN E I NTE RFA CE 3-150 Priority Commands The com mands described in this se ction allow you to specify which data pack ets h ave g reat er precede nce when t raffic is buffer ed in the switc h due to con gestion. This switc h supp orts CoS with four p riority queues for each port. Data pack ets in a por t’ s hig h-priority queue will [...]

  • Page 295

    P RIORITY C OMMANDS 3-151 switchport prior ity default Use this command to set a p riority for inc oming unt ag ged frames , or t he prior ity of fram es recei v ed by th e device co nnected t o the spec ified interface. Use the no form to res tore the defau lt val ue. Syntax swi tchpor t priority default de faul t-pri ori ty-id no switchport prior[...]

  • Page 296

    C OMMAND L IN E I NTE RFA CE 3-152 • The default prio rity applies for a n untagged fra me received on a port set to accept a ll frame types (i.e, receive s both untagg ed and t agged frames). This priority does not apply to IEEE 802.1Q VLAN tag ged frames. If the incoming frame is an IEEE 802.1Q VLAN tagged frame, the IEEE 802.1p User Priority b[...]

  • Page 297

    P RIORITY C OMMANDS 3-153 Command Mode Global Configura tion Command Usage WRR all ows ban dwidth s haring at the e gr ess po rt by d efinin g schedul ing weights. Example Th e following exam ple shows h ow to assi gn WRR we ights of 1 , 3, 5 and 7 to the CoS priority queu es 0, 1, 2 and 3: Related Commands sho w queue ban dwidth ( 3-155) queue cos[...]

  • Page 298

    C OMMAND L IN E I NTE RFA CE 3-154 Default Setting This s witch supports Clas s of Ser vice by using four priorit y queues , with W eighted R ound R obin for eac h port. Eight separa te traf fic classe s are defined in IEEE 802.1p . Th e defau lt priority levels are assigned according to recommendations in the IEEE 802.1p standard as sho wn in the [...]

  • Page 299

    P RIORITY C OMMANDS 3-155 Related Commands show queue cos-map (3-155) show queue bandwidth Use this command to displa y the W eighted R ound-R obin (WRR) bandw idth allo cation fo r the fou r class of ser vic e (CoS) p riority qu eues. Default Setting None Command Mode Pri vileged Ex ec Example show queue cos-map Use this command to sho w the class[...]

  • Page 300

    C OMMAND L IN E I NTE RFA CE 3-156 Default Setting None Command Mode Pri vileged Ex ec Example map ip precedence (Global Configuration) Use th is command to enab le IP pr ecedence map ping (i.e ., IP T ype of Service). Use the no for m to dis able IP pre cedence mapping. Syntax map ip precedence no map ip precedence Default Setting Disabled Command[...]

  • Page 301

    P RIORITY C OMMANDS 3-157 Example The follo wing example show s ho w to ena ble IP pr ecedence mapping globally: map ip precedence (Interface Configuration) Use this command to set IP preced ence pri ority (i .e ., IP T ype of Service prio rity ). Us e the no for m to resto re the default table. Syntax map ip precedence ip-pr ecedence-value cos cos[...]

  • Page 302

    C OMMAND L IN E I NTE RFA CE 3-158 Command Usage • The prece dence fo r priori ty mappi ng is IP Preced ence or IP DS CP, and defau lt switch port prior ity. • IP Precedence values are ma pped to defa ult Class of Service val ues on a one-to-one basis according to recommendations in the IEEE 802.1p standa rd, and th en mapped t o the q ueue def[...]

  • Page 303

    P RIORITY C OMMANDS 3-159 • IP Precedenc e and I P DSCP can not bot h be enabl ed. En abling o ne of these priority types will autom atically disable the other type. Example Th e following exa mple shows how to enab le IP DSCP mapping gl obally: map ip dscp (Interface Co nfiguration) Use this comma nd to set IP D SCP priority (i.e., Differentiate[...]

  • Page 304

    C OMMAND L IN E I NTE RFA CE 3-160 Command Mode Interf ace Conf iguratio n (Eth ernet, P or t Chann el) Command Usage • The preced ence for p riority mapping i s IP Por t, IP Pre cedence or IP DSCP, an d default s witchpo rt prio rity. • DSCP priority values are map ped to default Class of Service values according t o recommendations in the I E[...]

  • Page 305

    P RIORITY C OMMANDS 3-161 Command Mode Pri vileged Ex ec Example Related Commands map ip precedence (Global Configura tion) (3-156) map ip prece dence (Inter face Configur ation) (3-157) - Maps CoS values to IP p recedence v alues . show map ip dscp Use this command to show the IP DSCP priority map . Syntax show map ip dscp [ interface ] interface [...]

  • Page 306

    C OMMAND L IN E I NTE RFA CE 3-162 Command Mode Pri vileged Ex ec Example Related Commands map ip dscp (Global Configuration) (3-158) map ip dscp (Interface Configuration) (3-159) - Maps CoS valu es to IP DSCP v alues . Console#show map ip dscp ethernet 1/1 DSCP mapping status: disabled Port DSCP COS --------- ---- --- Eth 1/ 1 0 0 Eth 1/ 1 1 0 Eth[...]

  • Page 307

    M IR R OR P ORT C OMMANDS 3-163 Mirror Port Commands Th is section d escribe s how to config ure po rt mi rro r sessions. port monitor Use this command to config ure a mir ror session. Use the no for m to clear a mirror sessi on. Syntax por t monitor interface [ rx | tx | both ] no por t monitor interface • interface - ethernet unit / port (sourc[...]

  • Page 308

    C OMMAND L IN E I NTE RFA CE 3-164 Command Usage • You can mirr or tr affic from any source port to a destin ation port for real-tim e analysi s. You can then att ach a lo gic anal yzer or RMON probe t o the des tination port and study t he traffi c cross ing the so urce port in a complete ly unobtrusive manner. • Th e destination port is se t [...]

  • Page 309

    M IR R OR P ORT C OMMANDS 3-165 Default Setting Sho ws all session s . Command Mode Pri vileged Ex ec Command Usage This comman d displ ays th e currently confi gured so urce port, destinat ion por t, and m ir ror mode (i.e., RX, TX , RX/TX). Example The foll owin g sho ws mirrorin g confi gured fro m port 6 to port 11: Related Commands port mon it[...]

  • Page 310

    C OMMAND L IN E I NTE RFA CE 3-166 Port Trunki ng Co mmand s P o rts can be statically g rouped into an ag g reg ate link to increase the bandw idth of a network connec tion or to en sure fau lt recover y . Or you can use the L ink Ag g reg atio n Control Pr otocol (LACP), als o known as 802.1ad, to automatically nego tiate a tr unk link between th[...]

  • Page 311

    P ORT T RUNKING C OMMANDS 3-167 • All ports in a trunk must be configured in an identical manner, including communicatio n mode (i.e., speed, dup lex mode and flow control) , VLAN assign ments, and C oS settings. • All the port s in a trunk hav e to be treat ed as a whole when mov ed from/to, added or delete d from a VLAN via the sp ecified por[...]

  • Page 312

    C OMMAND L IN E I NTE RFA CE 3-168 Example The follo wing ex ample crea tes trunk 1 and then adds po r t 11: lacp Use this command to enable 802.3ad L ink Ag g regation Control Protocol (LA CP) for th e cur rent int erface. Use the no form to disable it. Syntax lacp no lacp Default Setting Disabled Command Mode Interf ace Conf igurati on (Eth ernet[...]

  • Page 313

    P ORT T RUNKING C OMMANDS 3-169 Example Th e following shows LACP enabled on por ts 11 -13. Bec ause LACP has also bee n enabl ed on the p orts at the o ther end of the l inks , the show interfaces status por t-channel 1 command sh ows that T r unk 1 has b een established. Console(config)#interface ethernet 1/11 Console(config-if)#lacp Console(conf[...]

  • Page 314

    C OMMAND L IN E I NTE RFA CE 3-170[...]

  • Page 315

    A-1 A PPENDIX A T ROUBLESHOOTING Troub leshoot ing Char t Troubl eshooting Ch art Symptom Action Cannot con nect using Telnet, W eb browser, or SNMP software • Be sure to have config ured the agent with a valid IP addre ss, subnet mask and def ault gate way. • Be sure that you r management st ation has manag ement VLAN access to the switch (def[...]

  • Page 316

    T R OUBLESHOOTING A-2[...]

  • Page 317

    B-1 A PPENDIX B U PGRADING F IRMW ARE VIA THE S ERIAL P ORT Th e switch con tains three fi rm ware comp onen ts that ca n be upg rad ed; the diagnostics (or Boot-R OM) code, r untime ope ration code, and the loader code . The r unti me code can be upgraded via th e switch ’ s RS-232 ser ial conso le port, via a ne tw ork co nnection to a TFTP ser[...]

  • Page 318

    U PGRADING F IRMW ARE VIA THE S ERIAL P ORT B-2 4. When th e switch initialization screen appears, enter fir mwar e-download mode by pres sing <Ct rl><u> imme diat ely afte r power on. Scr een text sim ilar to th at shown be low displays: 5. Press < C> to c hange the baud r ate of th e switc h’ s serial co nnection . 6. Press &l[...]

  • Page 319

    B-3 9. Press <X> to star t to download th e new code file. If using W indows Hyper T er min al, click the “T ransfer ” button, a nd then c lick “ Send File .... ” Select t he XModem Pr otocol and th en use the “Br owse” but ton to s elect the req uired firmware code file from your PC sy stem . The “ Xmode m file send” win dow [...]

  • Page 320

    U PGRADING F IRMW ARE VIA THE S ERIAL P ORT B-4 12. T o set the new do wnloaded file as the s tartup file, use th e [S]et Star tup File menu option. 13. When you ha v e finish ed do wnloading code file s , use the [C]h an ge Baudrate menu option to c hange the ba ud rate of the switch’ s serial connection b ack to 9600 ba ud. 14. Set your PC’ s[...]

  • Page 321

    C-1 A PPENDIX C P IN A SSIGN MEN TS Console Port Pin Assignments The DB-9 seria l port on the swit ch’ s front panel is us ed to conn ect to th e switch for out-of-b and co nsole co nfigura tion. T he onbo ard menu-d riven config uration prog ram can be accesse d from a ter m inal, or a PC r u nning a ter mina l emulatio n prog ram. T he pin a ss[...]

  • Page 322

    P IN A SSIG NMEN TS C-2 Console Port to 9-Pin DTE Port on PC Console Port to 25-Pin DTE Port on PC Switch’s 9 -Pin Serial Port Nu ll Mo de m PC’s 9-Pin DTE Po rt 2 RXD <-- ---- ---T XD ---- --- ----- 3 TXD 3 TX D --- ------- -RXD ---- ------> 2 R XD 5 SGND -------- --- SGND ----- ---- - 5 SG ND No other pins are u sed. Switch ’s 9-P in [...]

  • Page 323

    Glossary-1 G LOSSA RY 10BASE-T IEEE 802.3 sp ecification for 1 0 Mbps Etherne t ov er two pairs of Categ or y 3, 4, or 5 U TP cable. 100BASE-TX IEEE 802.3u specifica tion for 100 Mbps Fast Ethernet over tw o pairs of Categ or y 5 UTP cable. 1000BASE-T IEEE 802.3ab spec ification for Gig abit Ethe rnet over tw o pairs of Cat egor y 5, 5e 100-ohm UTP[...]

  • Page 324

    G LOSSAR Y Glossary-2 Collis ion Doma in Single CSMA/C D LAN segme nt. CSMA/CD Car rier Sense Multiple Access/C ollision Detect is the communication method employed by Ethernet and F ast Ether net. Dynamic Ho st Control Protocol (DHC P) Provides a framework for passing c onfiguration infor ma tion to hosts on a TCP/I P network. DHCP is based on the[...]

  • Page 325

    G LOSSAR Y Glossary-3 Generic Attr ibute Registrati on Protocol (GA RP) GARP is a protocol t hat can be used by ends tations and swi tches to register and propag ate multicast g roup member ship infor mation in a swi tched environment so that mu lticast data frames are pr opagated only to those parts of a switc hed LAN containing regi stered ends t[...]

  • Page 326

    G LOSSAR Y Glossary-4 IEEE 802.3ab Defines CSMA/ CD access method and ph ysical layer specif ications for 1000BASE-T Gigabit Ethernet. IEEE 802.3ac Defines frame exten sions for VLAN tag ging . IEEE 802.3u Defines CSMA/ CD access method and ph ysical layer specif ications for 100BAS E-TX Fast Ethernet. IEEE 802.3x Defines Ether net fram e start /st[...]

  • Page 327

    G LOSSAR Y Glossary-5 IP Multicast Filteri ng A process whereby this switch can pass multicast traffic along to par ticipating hosts. Layer 2 Data Link layer in the ISO 7- Layer Data Communications Protocol. This i s related directly to the hardware interface for ne tw ork devices an d passes on traffic based on MA C address es . Layer 3 Network la[...]

  • Page 328

    G LOSSAR Y Glossary-6 Port Mirror ing A method whereby data on a targe t port is mir rored to a m onitor port for troublesh ooting with a logic ana lyzer or RMON probe. This all ows data on the target port to be studied unobstructiv ely . Port Trunk Defines a network link ag g reg ation and tr unking m ethod which specifies how to create a single h[...]

  • Page 329

    G LOSSAR Y Glossary-7 Virtual LAN (VLAN) A Virtual LAN is a collection of network nodes that share the same collisi on domain reg ardless of their physical location or connection point in the netw ork. A VLAN ser ves as a logical workg roup with no physical bar riers, and allows users to share infor mation and resources as though loc ated on the sa[...]

  • Page 330

    G LOSSAR Y Glossary-8[...]

  • Page 331

    Index-1 A addres s table 2-41 B BOOTP 2-12 broadcast st orm, threshold 2-36 C Class of S erv ice configuring 2-7 7 queue mapping 2-77 community string 2-95 configurat ion settings, s aving or restoring 2-24 console port pin assignments C-1 D default priority, ingres s port 2- 77 default settings 1-13 DHCP 2-12 downloading software 2-23 dynamic ad d[...]

  • Page 332

    I NDE X Index-2 path cost, STP 3-111 , 3-113 pin assignm ents 25-pin DTE port C-2 9-pin DTE port C-2 console port C-1 port priority configuring 2-7 7 defaul t ingre ss 2-77 port security, config uring 2-39 ports, config uring 2-32 priority, default p ort ingress 2-77 priority, STP 3-110 problems, trou bleshooting A-1 protocol mig ration 3-117 R RAD[...]

  • Page 333

    [...]

  • Page 334

    38 T esla Irvine, C A 9261 8 Phone: (949 ) 679-8000 FOR TECHNICAL SUPPOR T , CALL: From U.S.A. an d Canada (2 4 hours a day , 7 da ys a week) (800) SMC-4-YOU; (94 9) 679-8000; F ax: (949 ) 679-1481 From E urope (8:00 AM - 5: 30 PM UK Time) 44 (0) 118 974 870 0; Fax: 44 (0) 118 974 87 01 INTERNET E-mail a ddresses: techsupp ort@smc.c om europea n.te[...]