Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/newdedyk/domains/bkmanuals.com/public_html/includes/pages/manual_inc.php on line 26
Cisco Systems 3750E manuale d’uso - BKManuals

Cisco Systems 3750E manuale d’uso

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236

Vai alla pagina of

Un buon manuale d’uso

Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso Cisco Systems 3750E. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica Cisco Systems 3750E o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.

Che cosa è il manuale d’uso?

La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso Cisco Systems 3750E descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.

Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.

Quindi cosa dovrebbe contenere il manuale perfetto?

Innanzitutto, il manuale d’uso Cisco Systems 3750E dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo Cisco Systems 3750E
- nome del fabbricante e anno di fabbricazione Cisco Systems 3750E
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature Cisco Systems 3750E
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti

Perché non leggiamo i manuali d’uso?

Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio Cisco Systems 3750E non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti Cisco Systems 3750E e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio Cisco Systems in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche Cisco Systems 3750E, come nel caso della versione cartacea.

Perché leggere il manuale d’uso?

Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo Cisco Systems 3750E, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.

Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso Cisco Systems 3750E. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.

Sommario del manuale d’uso

  • Pagina 1

    Americas Hea dquarters Cisc o Syst ems , Inc . 170 West Ta sman Driv e San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 527-0883 Catal yst 3750-E and 3560-E S w itc h S of tw are Conf iguration Guide Cisco IOS R elease 12.2(37 )SE May 2 0 07 Text Pa rt Nu mber: OL-9775- 02[...]

  • Pagina 2

    THE SPECIFICATIONS AND INFORMATION REGARDING TH E PRODUCTS IN THIS MANUAL ARE SUBJE CT TO CHANGE WITHOUT NO TICE. ALL STATEMENT S, INFORMATI ON, AND RE COMMENDATIONS IN T HIS MANUAL ARE BELI EVED TO BE A CCURATE BUT ARE P RESENTED W ITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED. USERS MUST TA KE FULL RESPONSIBILITY FOR THEIR AP PLICATION OF ANY [...]

  • Pagina 3

    iii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CONTENTS Preface xli ii Audienc e xliii Pur pose xliii Conv enti ons xliii Relat ed P ubl icatio ns xliv Obtain ing Documentati on, Obt aining Su pport, an d Security Guide lines xlvi CHAPTER 1 Overview 1- 1 Featur es 1-1 Deployme nt Feat ures 1-2 Perfor mance Features[...]

  • Pagina 4

    Cont ents iv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Underst anding Abb r eviat ed Commands 2-4 Underst andi ng no and defa ult Fo rms of Commands 2-4 Underst andi ng CLI Erro r Messages 2- 5 Using Con figuration Lo gging 2-5 Using Comma nd History 2-6 Changin g the Command Histor y Buffer Si ze 2-6 Recall ing C[...]

  • Pagina 5

    Content s v Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Schedul ing a Reload of the Software I mage 3-17 Config uring a Schedu led Reloa d 3-17 Displa ying Scheduled Reload I nformati on 3-18 CHAPTER 4 Configur ing Cisc o IOS CNS Agents 4-1 Underst andi ng Cisco Con figurat ion En gine Soft ware 4-1 Config uration S[...]

  • Pagina 6

    Cont ents vi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Stack Pr otoco l Versio n Compatibi lity 5-11 Major V ersio n Num ber Inco mpat ibility Amo ng Sw itche s 5-11 Minor Ver sion Number Incompati bility Amon g Switches 5-11 Underst andi ng Auto-Upg rade and Auto-Advi se 5-12 Auto-Up grade and Auto-A dvise Exa mp[...]

  • Pagina 7

    Content s vii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 HSRP and Sta ndby Cluster Comman d Switches 6-11 Virtua l IP Ad dress es 6-12 Other Considerati ons for Clu ster St andby Groups 6-12 Automa tic Recov ery of Cluste r Config uration 6-13 IP Ad dres ses 6-14 Hostname s 6-14 Passw or ds 6-15 SNMP Communi ty Str[...]

  • Pagina 8

    Cont ents viii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Creati ng a Bann er 7-1 7 Defaul t Banner Configur ation 7-17 Config uring a Message -of-the -Day Login Banner 7-18 Config uring a Login B anner 7-19 Mana gin g the MA C Addr ess Ta ble 7-19 Buildi ng the Addres s Table 7-20 MAC Addresse s and VLANs 7-20 MAC[...]

  • Pagina 9

    Content s ix Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring Multi ple Pr ivileg e Levels 9- 7 Setti ng the Pr ivileg e Level for a Command 9-8 Changin g the Def ault P rivil ege L evel f or L ines 9-9 Logg ing into and Exit ing a Pri vile ge Level 9-9 Contro lling Swi tch Access with TACACS+ 9-10 Underst a[...]

  • Pagina 10

    Cont ents x Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring th e Swit ch for Secure S hell 9-37 Underst anding SSH 9-38 SSH Serv ers, Int egrat ed C lien ts, and Supp orte d V ers ions 9-38 Limita tions 9-39 Config uring SSH 9- 39 Config uration Guidel ines 9-39 Setti ng Up the Switc h to Run SSH 9-40 Confi[...]

  • Pagina 11

    Content s xi Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Using IE EE 802.1x Auth enticat ion with Port S ecurit y 10-16 Using IE EE 802.1x Authent ication with Wake -on-LAN 10-17 Using IE EE 802.1x Authent ication with MAC Aut hentication Bypass 10-17 Netw ork A dmis sion Cont rol L ayer 2 IE EE 8 02.1x Va lidatio n[...]

  • Pagina 12

    Cont ents xii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 CHAPTER 11 Configur ing I nterfac e Characterist ics 11-1 Underst andi ng Interf ace Typ es 11 -1 Port-B as ed V LANs 11-2 Switch Po rts 11-2 Access Po rts 11-3 Trunk Po rts 11-3 Tunnel Ports 11 -4 Routed Po rts 11- 4 Switch Vi rtua l Interf aces 11-5 EtherC [...]

  • Pagina 13

    Content s xiii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring the Power Sup plies 11-37 Monit orin g and Ma inta inin g the In terf aces 11-38 Moni tori ng I nter face Stat us 11-38 Cleari ng and Re settin g Interfaces and Counte rs 11-39 Shutti ng Do wn and Restar ting the I nter face 11-4 0 CHAPTER 12 Co[...]

  • Pagina 14

    Cont ents xiv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Trunki ng Ov erview 13-16 Encap sul atio n Typ es 13- 18 IEEE 802 .1Q Configurat ion Con siderat ions 13-19 Defau lt Lay er 2 Et herne t Inte rfac e VLAN Conf igura tion 13-19 Config uring an Etherne t Interface as a Trunk Po rt 13-1 9 Intera ctio n wit h O t[...]

  • Pagina 15

    Content s xv Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring VTP 14 -6 Defaul t VTP Configurat ion 14-7 VTP Confi gurati on Options 14-7 VTP C onf igurat ion in Gl obal Con figur atio n Mo de 14-7 VTP Confi gurati on in VLA N Database Con figuration Mode 14-8 VTP Confi gura tion Guid elin es 14-8 Domain Nam[...]

  • Pagina 16

    Cont ents xvi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring Private VLANs 16-6 Tasks for Co nfigur ing Priv ate VLAN s 16 -6 Defaul t Priv ate-VLAN Co nfigu ration 16-7 Privat e-VLAN C onfiguratio n Guide lines 16-7 Seco ndar y a nd Pr imar y VL AN C onf igur atio n 16-7 Priva te-V LAN Po rt Co nfigur ati[...]

  • Pagina 17

    Content s xvii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Bridg e ID, Swi tch Pr iori ty, and Ex ten ded Sys tem ID 18-4 Spannin g-Tree Interf ace St ates 18-5 Blocki ng St ate 18-7 List ening Sta te 18-7 Learni ng St ate 18-7 Forw ardi ng S tat e 18-7 Disabl ed State 18-8 How a Sw itch o r Po rt B ecom es the Ro o[...]

  • Pagina 18

    Cont ents xviii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 CHAPTER 19 Configur ing MST P 19-1 Underst anding MSTP 19-2 Multip le Sp anning- Tree Regions 19-2 IST, C IST , and CST 19-3 Operati ons Withi n an MST Region 19-3 Operati ons Betw een MST Reg ions 19-4 IEEE 802 .1s Ter minolog y 19-5 Hop Count 19-5 Boundar[...]

  • Pagina 19

    Content s xix Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Specif ying t he Link Typ e to Ensu re Rapi d Transit ions 19-24 Designa ting the Ne ighbo r Type 19-25 Restar ting the Pr otocol Migration Proce ss 19-26 Displa ying t he MST Config uration and Status 19-26 CHAPTER 20 Configur ing Opti onal Spanning -Tree Fe[...]

  • Pagina 20

    Cont ents xx Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring Flex Lin ks and MAC Addr ess-Table Move Upd ate 21-5 Config uration Guidel ines 21-5 Defau lt C onfig urat ion 21-5 Config uring Flex Lin ks and MAC Addr ess-Table Move Upd ate 21-6 Config uring Flex Lin ks 21-6 Config uring VLAN Load Bala ncing o[...]

  • Pagina 21

    Content s xxi Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CHAPTER 23 Configur ing Dynami c ARP Inspectio n 23-1 Underst anding Dyn amic ARP Inspecti on 23 -1 Interf ace Tru st St ates and Netw or k Se curi ty 23-3 Rate Lim iting of ARP P ack ets 23-4 Relati ve Priority o f ARP ACLs and DHCP Sn ooping Entries 23-4 Lo[...]

  • Pagina 22

    Cont ents xxii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Displa ying IGMP Snooping Inform ation 24-17 Unde rsta nding Mult icas t V LAN R egi strati on 24-18 Using MVR in a Mu ltica st Te levi sion Appl icat ion 24-19 Conf igurin g MVR 24-20 Defaul t MVR Configu r ation 24-2 0 MVR Conf iguration G uidelines a nd L[...]

  • Pagina 23

    Content s xxiii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CHAPTER 26 Configur ing Port -Based Traf fic Control 26-1 Config uring Storm Contr ol 26-1 Underst anding St orm Contro l 26-1 Defaul t Storm Co ntrol Con figurat ion 26-3 Config uring Storm Contr ol and Threshol d Level s 26 -3 Config uring Prote cted Port[...]

  • Pagina 24

    Cont ents xxiv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring LLDP and LLDP- MED 28- 3 Defau lt L LDP C onfig ura tion 28- 3 Config uring LLDP Char acteri stic s 28 -3 Disab ling an d En abli ng LL DP Glob ally 28-4 Disab ling an d Enab ling LL DP on an Inte rface 28-5 Config urin g LLDP-MED TLVs 28-6 Moni[...]

  • Pagina 25

    Content s xxv Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring Local SPAN 30-1 1 SPAN Confi gurati on Guideli nes 30-11 Creati ng a Loca l SPAN S ession 30 -12 Creati ng a Loca l SPAN Sess ion and Con figuring Inco ming Traf fic 30- 14 Specif ying VL ANs to Filt er 30-1 5 Config uring RSPAN 30-16 RSPAN Confi[...]

  • Pagina 26

    Cont ents xxvi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring UNIX Syslog Servers 32-12 Loggin g M essage s to a UNIX Sysl og Daemon 32-12 Config uring the UNIX Syst em Logging Facil ity 32-1 3 Displa ying the Loggin g Confi gurati on 32 -14 CHAPTER 33 Configur ing S NMP 33 -1 Unde rsta nding SNM P 33 -1 S[...]

  • Pagina 27

    Content s xxvii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Creati ng a Numbered Extended ACL 34-11 Reseque ncing ACEs in an ACL 34-15 Creati ng Named St andard and Extend ed ACLs 34-15 Using Ti me Ranges with ACLs 34-1 7 Incl uding Comm en ts i n ACL s 34-19 Applyi ng an IPv4 ACL to a Terminal Line 34-19 Applyi ng [...]

  • Pagina 28

    Cont ents xxvii i Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring IPv6 ACL s 35 -4 Defaul t IPv6 ACL Configur ation 35-4 Inter action wi th Othe r Feature s and Swit ches 35-4 Creati ng I Pv6 ACLs 35-5 Applyi ng an IPv6 ACL to an Inter face 35-8 Displa ying IPv 6 ACLs 35-9 CHAPTER 36 Configur ing Q oS 36-1 [...]

  • Pagina 29

    Content s xxix Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Standar d QoS Configurat ion Gui delines 36-35 QoS ACL Guide lines 36-35 Applyi ng QoS on In terfac es 36- 35 Polici ng G uid elines 36-36 General QoS Guideli nes 36-36 Enabli ng QoS Global ly 36-37 Enabli ng VLAN-Based QoS on Physica l Port s 36-37 Config u[...]

  • Pagina 30

    Cont ents xxx Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 CHAPTER 37 Configur ing E therCh annels and Link -State T r ackin g 37-1 Underst andi ng EtherCh annels 37-1 EtherC hannel Overview 37-2 Port-C ha nnel Int erface s 37 -4 Port Aggr egation Proto col 37- 5 PAgP Modes 37-6 PAgP Int eraction with Ot her Features[...]

  • Pagina 31

    Content s xxxi Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring IP Addr essing 38-5 Defaul t Addressing Conf iguration 38-6 Assig nin g IP A ddre sses to N etw ork Inte rfaces 38-7 Use of Subn et Zero 38-7 Classl ess Rou ting 38-8 Config uring Address Res olution Meth ods 38-9 Define a St atic ARP Ca che 38 [...]

  • Pagina 32

    Cont ents xxxii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring Basic EIGR P Parame ters 38-39 Config uring EIGRP Int erfac es 38 -40 Config uring EIGRP Route Authen ticati on 38-41 EIGRP St ub Ro utin g 38-42 Monit orin g and Ma inta inin g EIGRP 38-4 3 Config uring BGP 38-43 Defaul t BGP Configurati on 38[...]

  • Pagina 33

    Content s xxxii i Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring Policy- Based Routin g 38 -83 PBR Confi gurati on Guideli nes 38-84 Enab ling P BR 38-85 Filt ering Ro utin g Infor mat ion 38-87 Setti ng Passi ve Inter face s 38-87 Contro lling Advertisi ng and Processin g in Routi ng Updat es 38 -88 Filte[...]

  • Pagina 34

    Cont ents xxxiv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 CHAPTER 40 Configur ing H SRP and Enhanced Ob ject Tracking 40-1 Unde rsta nding HSR P 40-1 Mult iple HSRP 40-3 HSRP and Sw itch St acks 40-4 Config uring HSRP 40 -4 Defaul t HSRP Configurat ion 40-5 HSRP Confi gurat ion Guid elines 40- 5 Enabli ng HSRP 40 [...]

  • Pagina 35

    Content s xxxv Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CHAPTER 42 Configur ing I P Multic ast Routing 42-1 Underst andi ng Cisco’ s Implem entatio n of IP Multi cast Rout ing 42- 2 Underst andi ng IGMP 42-3 IGMP V ersio n 1 42-3 IGMP Ve rsio n 2 42-3 Underst andi ng PIM 42-4 PIM V ers ions 42-4 PIM Modes 42-4 [...]

  • Pagina 36

    Cont ents xxxvi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Changin g the IGMP Query Ti meout f or IGMPv2 42-32 Changin g the Maximum Query Resp onse Ti me for IGMP v2 42-33 Config uring the Switch as a Statica lly Connected Memb er 42-33 Config uring Optional Multi cast Ro uting Fea tures 42-34 Enab ling C GM P S e[...]

  • Pagina 37

    Content s xxxvi i Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Contro lling Source In forma tion that Your Switc h Origina tes 43-9 Redist ribu ting So urces 43-9 Filt ering So urc e-Act ive R eque st Mes sage s 43-11 Contro lling Source In forma tion that Your Switc h Forwar ds 43 -12 Using a Fi lter 43-12 Using TTL[...]

  • Pagina 38

    Cont ents xxxvii i Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Recover i ng from Lo st Cluste r Member Connectiv ity 45-13 Preven ting Autonegoti ation Mis matches 45 -13 Troubl eshoo ting Power over Ether net Switch Ports 45-13 Disabl ed Port Caused by Powe r Loss 45-1 4 Disabl ed Port Caus ed by False Link Up 45-1[...]

  • Pagina 39

    Content s xxxix Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring Online Di agnosti cs 46-2 Schedul ing Onli ne Diagnos tics 46-2 Config uring Health- Monito ring Diag nostics 46-3 Running Online Diagnost ic Tes ts 46 -5 Starti ng O nlin e Diagno stic Tes ts 46 -5 Displa ying Online Diag nostic Te sts an d Te[...]

  • Pagina 40

    Cont ents xl Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Cleari ng C onfigur ation Info rmation B-19 Clear ing th e Sta rtup Config urat ion Fi le B-20 Dele ting a Stor ed C onfigur ation File B-20 Work ing wit h Soft ware Images B-2 0 Image Loc ation on the Switch B-2 1 File Fo rmat of Imag es on a S erver o r Ci s[...]

  • Pagina 41

    Content s xli Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 HSRP C-4 Unsuppor ted Global Conf igurati on Comman ds C-4 Unsuppor ted Interfac e Configur ati on Commands C-5 IGMP Snoopi ng Commands C-5 Unsuppor ted Global Conf igurati on Comman ds C-5 Inter face Comma nds C- 5 Unsuppor ted Privile ged EXEC Command s C-5[...]

  • Pagina 42

    Cont ents xlii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 RADIUS C-11 Unsuppor ted Global Conf igurati on Comman ds C-1 1 SNMP C-12 Unsuppor ted Global Conf igurati on Comman ds C-1 2 Spannin g Tree C-1 2 Unsuppor ted Global Conf igurati on Comman d C-12 Unsuppor ted Interfac e Configur ati on Command C-12 VLAN C-1[...]

  • Pagina 43

    xliii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Preface Audience This gui de is for the ne tworking p rofess ional ma naging the stan dalone Catalyst 3 750-E or 356 0-E swit ch or the Ca talyst 3750- E switch stack , referred t o as the switc h . Before using this g uide, you shou ld have experien ce workin g wi t[...]

  • Pagina 44

    xliv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Preface Related Publi cations • Brace s ({ }) grou p req uired choices, and verti cal bars ( | ) se para te the alternati ve e lements. • Brace s and ve rtical bar s within squar e brack ets ([{ | }]) mean a required choic e within an optional elemen t. Inter acti[...]

  • Pagina 45

    xlv Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Pre face Relate d Publicati ons • Catalyst 3 750-E and 3 560-E Switch S ystem Me ssage Guide (no t orderabl e but a vailable on Cisco.com) • Cisco Softwar e Activatio n and Compatib ility Document (not or derabl e but av a ilab le on Ci sco.com ) • Device manage [...]

  • Pagina 46

    xlvi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Preface Obtainin g Docume ntation , Obtaining Sup port, and Se curity G uidelines Obtaining Do cumentation, Obtaining Support, and Security Guidelines For informat ion on obtai ning docu menta tion, obt aining sup port, provid ing docum entati on feedba ck, secu rity [...]

  • Pagina 47

    C HAPTER 1-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 1 Overview This c hapter provides these topic s abou t the C ataly st 3750- E a nd 3560-E sw itch software : • Feat ures , page 1-1 • Defa ult Settin gs After I nitial Swi tch Configurati o n, page 1-13 • Network Configu ration E xamples, page 1-16 • Wh[...]

  • Pagina 48

    1-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • IP services f eature set, which pr ovide s a richer set o f enterp rise-class inte lligent serv ices. It in cludes all IP base featur es plus full Layer 3 rou ting (IP unicast routing , IP multicast rou ting, and fallb ack bridging) [...]

  • Pagina 49

    1-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features • An embe dded de vice mana ger GUI for conf igur ing an d monit orin g a singl e swit ch through a we b br ow s er. Fo r inf ormation about starting th e de vice manager , see the getting started guide. For more information about the devi[...]

  • Pagina 50

    1-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • Switch clus tering t echnol ogy f or – Unif ied conf iguratio n, monitoring, au thenticatio n, and software upgr ade of multiple, cluste r-capable sw itches , regardles s of their ge ograp hic proxi mity and interco nnectio n medi [...]

  • Pagina 51

    1-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features • IGMP sn oopin g queri er suppo rt to configure switch to ge nerate periodi c IG MP Gene ral Qu ery messages • Multica st Liste ner Disc overy (MLD) snooping to enabl e efficient distribution of IP V ersio n 6 (I Pv6) multicas t data t [...]

  • Pagina 52

    1-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s Manageability Features These a re the manageab ility features : • CNS embe dded ag ents for au tomat ing switc h mana geme nt, conf iguration storag e, and del i ver y • DHCP fo r au tomat ing co nfiguration of sw itch i nform ation [...]

  • Pagina 53

    1-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features Availabi lity and R edund ancy F eatures These a re the a vail ability an d redunda ncy f eatures: • HSRP for comm and switch a nd L ayer 3 route r re dundan cy • Automati c stack maste r re-e lection (fa ilover support) for replac ing s[...]

  • Pagina 54

    1-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • Link-state tracking to mirr or the state of the p orts that carry upstr eam traf fic from co nnected hosts and server s and to allow the failover of the ser ver traff ic to an ope ratio nal link on an other Ci sco Ether net sw itc h [...]

  • Pagina 55

    1-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features • Protected port op tion f or rest ricting the forwa rding of tra f fic to designa ted po rts on th e sam e switc h • Port security optio n for limiting and identi fying MA C addresses of the stations allo wed to access the port • VLAN[...]

  • Pagina 56

    1-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • MA C authentication b ypass to authorize clie nts based on the client MA C address. • Network Ad mission Cont rol (NA C) feat ures : – N AC L ayer 2 IEEE 802.1x v alidation of the anti v irus cond ition or po stu r e of endpoint[...]

  • Pagina 57

    1-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features – T r usted boun dary for det ectin g the prese nce of a Cisco IP Phone , trustin g the CoS value recei ved, and ensur ing port s ecu rity • Policing – T r aff ic-policin g policie s on the switch por t for mana ging how much of the p[...]

  • Pagina 58

    1-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • Polic y-based routing (PBR) for conf iguring defined polic ies for traf fic flo ws • Multiple VPN routing/forw arding (mu lti-VRF) instances in c u stomer edge d ev ices to allo w service provid ers to support multiple virtu al pr[...]

  • Pagina 59

    1-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Default Settings After Initial Switch Configurat ion • Ability to moni tor the r eal-ti me power consum ption. On a pe r-PoE port basi s, the switch se nses the total power consum ption, polices the power usage, and reports t he power usage. Monit[...]

  • Pagina 60

    1-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Default Set tings A fter Initial Sw itch Conf iguration If you do not co nfigure the switc h at all, t he switch operate s with the se default sett ings: • Default swi tch IP addre ss, subnet mask , and defaul t gateway is 0.0.0.0. For more in [...]

  • Pagina 61

    1-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Default Settings After Initial Switch Configurat ion • VLANs – Defa ult VLAN is VLAN 1. F or more information , see Chapter 13 , “Configur ing VLAN s.” – VLAN tr unking settin g is d ynamic au to (DTP). F or more in formation, see Ch apter[...]

  • Pagina 62

    1-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les • UDLD is di sabled . For more info rmat ion, see Chapt er 29, “Configur ing UDLD .” • SP AN and RSP A N are di sabled . For more inform ation , see Cha pter 30, “C onfiguring SP AN and RSP AN.” • R[...]

  • Pagina 63

    1-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Bandwidt h alone is not the only c onsidera tion whe n designing you r network. As your netwo rk traffic profiles evolv e, con sider p roviding network se rvices that c an suppor t appl icati ons f or voice and data in[...]

  • Pagina 64

    1-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Y o u can u se the switches and swit ch stacks to create the f ollo wing: • Cost- effective wiring closet ( Figure 1- 1 )—A cost- ef fectiv e w ay to con nect man y users to the wiri ng closet is to have a sw[...]

  • Pagina 65

    1-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples For high-speed IP forwarding at th e distributio n layer, connect the switc hes in the acce ss layer to a Gigabit m ultilayer switch in the b ackbone, such as a Cataly st 4500 Gigabit switch or Cata lyst 6500 Gigabit s[...]

  • Pagina 66

    1-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Figur e 1 -3 High-P erfor mance W or kgr oup (Gigabit-t o-the-Deskt op) • Redunda nt Gigabit backbone (Figure 1-4 )—Usi ng HSRP , you ca n create backup pa ths betwe en two Catalyst 3750-E m ultilayer Gi gabi[...]

  • Pagina 67

    1-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -4 Redundant G igabi t Bac kbone • Serv er aggr e gation ( Figure 1-5 ) and Lin ux server cluste r ( Figure 1- 6 )—Y ou ca n use t he Catalyst 3560-E swit ches and Catalyst 37 50-E-o nly switch stac ks to[...]

  • Pagina 68

    1-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Figu re 1 -5 Ser ver Aggregatio n 86931 Si Si Si Si Si Si Campus core Catalyst 6500 s witches Catalyst 4500 multila yer switches Catalyst 3750-E-only StackWise Plus s witch stacks Ser ver r acks 200857 Campus cor[...]

  • Pagina 69

    1-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -6 Linux Serv er Cluster Small to M edium-Si zed Networ k Using Catalyst 3750-E and 3560-E Switches Figure 1-7 an d Figure 1-8 show a configuratio n for a net work of up t o 500 emp loyees . This net work use[...]

  • Pagina 70

    1-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les When an end sta tion in one VL AN needs to communicate with an end s tation in anoth er VLAN, a rou ter or Laye r 3 switc h route s the traffic to the de stinatio n VL AN. In this network, the C atalyst 3750- E-o[...]

  • Pagina 71

    1-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -8 Catalyst 3560-E S witches in a Collapsed Back bone Conf igur ation Gigabit ser vers 200860 Cisco 2600 or 3700 routers Catalyst 3560-E s witches Internet Cisco IP phones W orkstations running Cisco SoftPhon[...]

  • Pagina 72

    1-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Large Ne twork Us ing Catalys t 3750 -E an d 3560-E S witc hes Switche s in the wiring close t hav e trad itionall y been only Layer 2 devices, but as network traff i c profiles e volve, switches in the wiring cl[...]

  • Pagina 73

    1-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -9 Catalyst 37 50-E Switc h Stac ks in Wiri ng Closets in a Bac kbone Configur ation Cisco 7x00 routers Catalyst 6500 multila yer switches Cisco IP Phones with workstations IEEE 802.3af-compliant powered de v[...]

  • Pagina 74

    1-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Figur e 1 -1 0 Catalyst 35 60-E S witc hes in Wir ing Closets in a Bac kbone Conf iguration Cisco 7x00 routers Catalyst 6500 multila yer switches Catalyst 3560-E s witches Catalyst 3560-E s witches Cisco IP Phone[...]

  • Pagina 75

    1-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Multidwelling Network Usi n g Ca talyst 3750-E Switches A growing segmen t of residen tial a nd co mmer cial cu stome rs ar e requir ing h igh-spe ed acc ess t o Ether net metropolita n-area n etwork s (MANs). Figure 1[...]

  • Pagina 76

    1-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Figur e 1 -1 1 Catalys t 3750-E Sw itch es in a M AN Configu ration Long-Distan ce, High-Ba ndwidth T ransport C onfiguration Figure 1-12 shows a configur ation fo r sending 8 Gi gabits of data over a single fibe[...]

  • Pagina 77

    1-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Where t o Go Next Figur e 1 -12 Long-Distanc e, High-Bandw idth T r ansp ort Con figur ation Where to Go Next Before conf iguring the switch, re view these secti ons for startup infor mation: • Chapter 2, “U sing the Co mmand -Line I nterface”[...]

  • Pagina 78

    1-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Where to Go Nex t[...]

  • Pagina 79

    C HAPTER 2-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 2 Using the Command-Line Interface This c hapte r descr ibes t he Cisc o IOS comm and-li ne in terface ( CLI) and how to use it to configure your standa lone Cataly st 3750-E or 35 60-E switc h and to a Cataly st 3750-E swit ch stack, referred to as the switch [...]

  • Pagina 80

    2-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Underst anding Com mand M odes Ta b l e 2 - 1 describes the ma in comm and mod es, how to access ea ch one, t he prompt you see in th at mode , and how to exit the mode. Th e exampl es in the tab le use the h ostname Switch .[...]

  • Pagina 81

    2-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Understa nding th e Help Syst em For more detail ed info rmat ion on the command mode s, see the c omma nd refe rence g uide for th is rel ease. Understandin g the Help Syste m Y ou can enter a quest ion mark (?) at th e syst[...]

  • Pagina 82

    2-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Underst anding A bbreviated Co mmand s Understandin g Abbreviated Commands Y o u need to enter only enough char acte rs for the sw itch t o rec ognize the c omma nd a s unique . This e xample sho ws ho w to enter th e show co[...]

  • Pagina 83

    2-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Understanding CLI Error Messages Understandin g CLI Error Messages Ta b l e 2 - 3 lists some error message s that you mi ght e ncounte r whi le using the C LI to configure your switch. Using Configuratio n Logging Y o u can l[...]

  • Pagina 84

    2-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Usin g Comma nd His tor y Using Command History The software provides a histor y or rec ord of comma nds that you have enter ed. The co mman d history feature is particular ly useful for recal ling long or comple x commands o[...]

  • Pagina 85

    2-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Using Edit ing Featu res Disabling th e Comman d Histor y Featu re The comma nd history featur e is autom atically enabled. Y ou can disable it for t h e curre nt termin al sessi on or for the comman d line. The se proc edure[...]

  • Pagina 86

    2-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Using E diting Feature s Editing C ommands throu gh Keystrok es Ta b l e 2 - 5 sh ows th e ke ystrokes that you ne ed to edit comm and lines. These ke ystroke s are option al. T able 2-5 Editing Comma nds thr ough Ke ystr ok [...]

  • Pagina 87

    2-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Using Edit ing Featu res Editing C ommand Lines that Wrap Y o u can use a wrapa round feature for commands t hat extend beyond a singl e line on th e screen . When the cursor reaches the right mar gin, the command line shifts[...]

  • Pagina 88

    2-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Searching and Filterin g Output of show and more Commands Use lin e wrapping with th e comman d histo ry featu re to recal l and modif y previous comp lex command entries. F or information a b out recallin g pre vious comman[...]

  • Pagina 89

    2-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Acce ssi ng th e C LI Accessing the CLI throu gh a Co nsole Conn ection or through Telnet Before yo u can acce ss the CLI, you must connect a t ermin al or a PC to the switch c onsole or c onnect a PC to the Ethe rnet m anag[...]

  • Pagina 90

    2-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Access ing the CLI[...]

  • Pagina 91

    C HAPTER 3-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 3 Assigning the Switch IP Address and Default Gateway This chap ter de scribe s ho w to creat e the initi al switch co nf igurati on (for ex ample, as sign ing the IP address an d default gateway informa tion) by using a variety of au tomati c and manua l metho[...]

  • Pagina 92

    3-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion The nor mal b oot p rocess involv es the opera tion of the boot lo ader software, which perfo rms the se acti vities: • Performs lo w-lev el CPU initialization. It init[...]

  • Pagina 93

    3-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information Note Stac k me mbers r etain their IP ad dress wh en yo u re move them f rom a sw itch st ack. T o avoid a c onflict by ha ving two devices with the same IP add ress in your[...]

  • Pagina 94

    3-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion W i th DHCP-b ased autoc onfiguration , no DHCP clie nt-sid e configuration is needed on your switc h. Howe ver, you need to configure the DHC P server f or various leas [...]

  • Pagina 95

    3-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information The DHCP serv er sends the client a DHCPN AK denial broad cast message, which means tha t the of fered configurati on param eters have not been assign ed, tha t an error ha [...]

  • Pagina 96

    3-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion If you do no t conf igure the DHCP server with the lea se options d escribed pre viously , it re plies to clien t requests wit h only those par ameters t hat are configur[...]

  • Pagina 97

    3-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information Configuring the Relay Device Y o u must configur e a relay device, also referr ed to as a re l a y a g e n t , when a swit ch send s broa dcast pack ets th at requ ire a r e[...]

  • Pagina 98

    3-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion • The IP a d dress and the conf iguration f ilename is reser ved f or th e switch, b ut the TFT P serv er address i s not provided in the DH CP reply (o ne-file read me[...]

  • Pagina 99

    3-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information Ta b l e 3 - 2 sho ws the conf iguration of the res erv ed leases o n the DHCP serv er . DNS Ser ver Conf iguration The DNS server ma ps the TF TP se rver name tftpserver t [...]

  • Pagina 100

    3-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion • It re ads its host t able by i ndexing i ts IP a ddress 10.0.0 .21 t o its hostnam e (swi tcha). • It reads the configuratio n file that cor responds t o its hostn[...]

  • Pagina 101

    3-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Checki ng and Savi ng the Running C onfigu r ation Checking and Sa ving the Running Configuratio n Y o u can chec k the configur ation settings you e ntered or changes yo u made by enter ing this pri v[...]

  • Pagina 102

    3-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Modifyin g the Startup Conf iguration Modifying the Start up Configuration These sec tions descr ibe how to modify th e switch st artup co nfiguration: • Def aul t Bo ot Con fi guratio n, pa ge 3-12 ?[...]

  • Pagina 103

    3-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Modify ing the Start up Confi gurat ion Note On C atal yst 3750- E swi tches, this command only works pr operly from a standa lone switch. Beginn ing in pri vileged EXEC mode, follo w these steps to sp[...]

  • Pagina 104

    3-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Modifyin g the Startup Conf iguration T o d isab le ma nual b ooting, u se the no boot manual g lobal c onfiguration c ommand . Booting a Specific Software Image By default, the switch attempts to autom[...]

  • Pagina 105

    3-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Modify ing the Start up Confi gurat ion T o return to the default setting, use the no boot system globa l configurat ion c ommand. Controlling Environment Variables W ith a n ormall y op erati ng swi t[...]

  • Pagina 106

    3-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Modifyin g the Startup Conf iguration Note For c omplete s yntax and u sage in forma tion fo r the boot loader command s and en vironment variab les, see the c omman d refere nce fo r this rel ease. Ta [...]

  • Pagina 107

    3-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Scheduling a Reload of the Software Image When t he swit ch is c onne cted to a PC through the Ethern et ma nageme nt port , yo u can download or upload a conf iguration f ile to the bo ot loader by us[...]

  • Pagina 108

    3-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Scheduli ng a Reload of the Software Image Note Use the at keyw ord on ly if the swit ch system clock has be en set (throu gh Networ k T ime Protocol (NTP), t he hardwa r e calen dar , or manually ). Th[...]

  • Pagina 109

    C HAPTER 4-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 4 Configuring Cisco IOS CNS Age nts This chapt er descr ibes how to configure the Cisco IO S CNS agents on the Catal yst 3750-E and 3560-E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch and to a C [...]

  • Pagina 110

    4-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Underst anding Cisco Configurat ion Engin e Software Figur e 4-1 Configur ation Engine Ar chit ectur al Ove rview These sect ions co ntain this co nceptu al in forma tion: • Configuration Servi ce, page 4-2 • Event Se[...]

  • Pagina 111

    4-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Understanding Cisco Configuration Engine Software Event Servic e The Ci sco C onfiguration Engine uses t he Event Se rvice for re ceipt and g enerat ion of configurat ion e vents. The e vent agent is on the switch and facilita[...]

  • Pagina 112

    4-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Underst anding Cisco Configurat ion Engin e Software DeviceID Each co nfigured swit ch parti cipati ng on the ev ent bus has a un ique DeviceID, w hich is ana logous to the switch source ad dress so that the switch can be[...]

  • Pagina 113

    4-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Understa nding Ci sco IOS Age nts Understandin g Cisco IOS Agents The CNS e vent ag ent featu re allo ws the switch to publish an d subscr ibe to e vents on th e e vent b u s and works with the Cisc o IOS agent. Th e Cisco IOS[...]

  • Pagina 114

    4-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Configuring Cisco IOS Agents Incremental (Partial) Configur ation After t he ne twork i s runn ing, new serv ices c an b e adde d by usi ng the Cisco IOS a gent. Increm ent al (partia l) co nfigurations can be sent to the[...]

  • Pagina 115

    4-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Configuring Cisco IOS Agents Note For more informatio n about running the setup program and creating templ ates on the Config uration Engine , see the Cisc o Configuration En gine I nstallat ion and Setup Guide, 1. 5 for Li nu[...]

  • Pagina 116

    4-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Configuring Cisco IOS Agents Enabling th e CNS Ev ent Agent Note Y ou mu st ena ble the CNS e vent ag ent on the s witch b efore you en able th e CNS co nf iguratio n agen t. Beginn ing in pri vileged EXEC mode, follo w t[...]

  • Pagina 117

    4-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Configuring Cisco IOS Agents Enabling th e Cisco IOS C NS Agent After enabling th e CNS e vent age nt, start t h e Cisco IOS CNS agent on the switch. Y ou can e nable the Cisco IOS ag ent with the se comman ds: • The cns con[...]

  • Pagina 118

    4-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Configuring Cisco IOS Agents Step 7 cn s id inte rface num { dns-rev erse | ipaddress | mac-addr ess } [ ev en t ] or cns id { hardware -serial | hostname | string string } [ eve n t ] Set th e uniqu e Even tID or Config[...]

  • Pagina 119

    4-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Configuring Cisco IOS Agents T o disab le th e CNS C isco IO S agent , us e the no cns conf ig initial { ip-address | hostname } global configurati on c ommand. This e xample sho ws h o w to conf igure an initial conf igurati[...]

  • Pagina 120

    4-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Displaying CNS Con figuration Displaying CNS Configuration Y o u can use the privileged EXE C command s in Ta b l e 4 - 2 to di splay CN S configuratio n infor mation. T able 4-2 Displayi ng CNS Configuratio n Comma nd P[...]

  • Pagina 121

    C HAPTER 5-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 5 Managing Switch Stacks This chapt er provid es the concept s and proced ures to man age Ca talyst 3750 -E swit ch stack s. Note For c omplete s yntax and u sage in forma tion fo r the command s used in th is cha pter , see the co mmand refere nce fo r th is r[...]

  • Pagina 122

    5-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks – A mixed software stac k with only Ca talyst 3750-E switch es support ing differen t feat ures or only Catalyst 3750 swi tches support ing di f ferent featu res as st ack m embers. For example, a Cat al[...]

  • Pagina 123

    5-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks T o ma nage switch stac ks, you sho uld under stand: • These conce pts on how swit ch stac ks ar e formed : – Switch Stack M embers hip, page 5 -3 – Stack Mast er Electi on and Re-Ele ction, pa ge 5-5 ?[...]

  • Pagina 124

    5-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Note M ake sure that you power off t he swi tches th at you add to or re move from the switc h stack. After ad ding or re moving sta ck memb ers, m ake sure th at the sw itch stack is ope rating at full ba[...]

  • Pagina 125

    5-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Figur e 5-2 A dding a S tandalone S witch t o a Switc h Stack Stack Mas ter Election an d Re-Ele ction The st ack mast er is ele cted or re-e lecte d based on one of t hese fact ors and in the ord er list ed:[...]

  • Pagina 126

    5-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks A stack ma ster ret ains its role unless one of thes e ev ents occurs: • The switch stack is reset. * • The stack master is remov ed from the switch stack. • The stac k master is reset or powered off[...]

  • Pagina 127

    5-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Stack member s in the same switc h stac k canno t have the sam e stac k me mber n umber. Every stack member , including a standalone switch, ret ains its member number until you manually chan ge the number or[...]

  • Pagina 128

    5-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Switch Stack Offline Configuration Y o u can use the offline configurati on featu re to pr ovision ( to supply a configu ration to ) a new switc h before it joins the swi tch stack . Y ou c an configure in[...]

  • Pagina 129

    5-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks If you add a prov isioned switch that is a dif f erent type than specif ied in the provisioned co nf iguration to a po wered-do wn switch stack and then apply po wer, the switch stack rejects the (no w incorr[...]

  • Pagina 130

    5-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Note If the switch stack does not contain a pro v isioned co nf iguration for a ne w switch, the switc h joins the stack wi th the d efault interface c onfigurati on. The switch st ack the n add s to its [...]

  • Pagina 131

    5-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks For more infor mation, see the “Stack Protoc ol V e rsion Compa tibility” section on pa ge 5-11 a nd the Cisco Softwar e Activation and Compatibilit y Document on Cisco.com. For informat ion about mixed [...]

  • Pagina 132

    5-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Understanding Auto-Upgrade and Auto- Advise When the software detects mismatc h ed softwa re and t ries to upg rade the switch in V M mode, tw o soft ware pr ocesses are in volv ed: automatic up grade and[...]

  • Pagina 133

    5-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Y o u can use the archi ve-do wnload-sw /al low-featur e-upgrade privileged EXEC c omman d to allo w installing an differ ent softw are image. Auto-Upgrade and Auto-Advise Example Messages When you add a swi[...]

  • Pagina 134

    5-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks *Mar 11 20:36:15.038:%IMAGEMGR-6-AUTO_COPY_SW:extracting c3750e-universal-mz.122-0.0.313.SE/c3750e-universal-mz.122-35.SE2 (4945851 bytes) *Mar 11 20:36:15.038:%IMAGEMGR-6-AUTO_COPY_SW:extracting c3750e-u[...]

  • Pagina 135

    5-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Note Auto-advise and auto-co py iden tify which image s are running b y examin ing the info f ile and b y search ing the dire ctory structure on the swit ch stac k. If you downloa d your image by usi ng the [...]

  • Pagina 136

    5-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Y o u back up and re store the st ack configurat ion in the same way as you would for a standa lone switc h configurati on. For more info rmation a bout file systems and configur ation files, see Appe ndi[...]

  • Pagina 137

    5-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Connectivity to the Switch Stack Thr ough an IP Address The switch stack is managed thro ugh a single IP ad dress. The IP addr ess is a system-lev el setting and is not specif ic to the stac k master or to a[...]

  • Pagina 138

    5-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Switch Stac k Configuratio n Scen arios Ta b l e 5 - 2 pr ovides s witch s tack conf iguration sce narios. Mos t of th e scenar ios assume th at at leas t tw o switch es are connect ed through their Stack[...]

  • Pagina 139

    5-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Stack mast er elect ion sp ecific al ly d ete rm ined by the cryptog raphic soft ware i mage an d the IP base featur e se t Assuming that all stack members hav e the same priority v alue: 1. Make sure tha t [...]

  • Pagina 140

    5-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Conf igurin g the Sw itch Stack Configuring the Switch Stack These sec tions co ntain this co nfiguration in format ion: • Default Swi tch Stack Con f igura tion, page 5-20 • Enablin g Persis tent M A C Addre ss, page 5-20 • Ass[...]

  • Pagina 141

    5-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Configuring the Switch Stack • If you e nter a time delay of 1 to 60 minu tes, the stac k MA C addr ess of the previous stac k maste r is used unt il the configur ed tim e peri od expires or until you enter the no stack-ma c persiste[...]

  • Pagina 142

    5-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Conf igurin g the Sw itch Stack WARNING: Administrators must make sure that the old stack-mac does WARNING: not appear elsewhere in this network domain. If it does, WARNING: user traffic may be blackholed. Switch(config) # end Switch#[...]

  • Pagina 143

    5-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Configuring the Switch Stack Beginn ing in pri vilege d EXEC mode, follo w th ese steps to assign a priori ty valu e to a stack member: This proc edure is option al. Provisioning a New Member for a Switch Stack Note This task is av ail[...]

  • Pagina 144

    5-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Access ing the CLI of a Specif ic Stack Memb er T o remo ve pro visione d informa tion an d to a voi d recei ving an error messa ge, remo v e the sp ecif ied switch from the stac k before you use the no form o f this c omm and . This [...]

  • Pagina 145

    5-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Displaying Switch Stack Information sho w swit ch st ack- por ts Displays port information for the entir e switch stack. show swi tch s tack-ring activity [ detail ] Displays the number of fram es per stack member that ar e sent to the[...]

  • Pagina 146

    5-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Displaying Switch Stack Inf ormation[...]

  • Pagina 147

    C HAPTER 6-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 6 Clustering Switches This chap ter pro vides the con cepts and p rocedu res to cr eate an d manage Cataly st 37 50-E and 3 560-E swit ch cl u ster s. Un les s ot her wis e no ted, th e ter m switch ref ers to a stan dalone swit ch and t o a switc h stack. Y o [...]

  • Pagina 148

    6-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Underst anding Swit ch Clusters In a switch cluster , 1 switch must be the cluster command switch and up to 15 othe r switches can be cluster member switch es . The tot al numbe r of switche s in a cluste r cannot excee d 16 switc hes. Th[...]

  • Pagina 149

    6-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Understanding Switch Clusters Cluster Command Switc h Characteristics A cluster co mmand switch must me et these req uirements : • It is running Cisco IOS Release 12.2(35)SE 2 or later . • It has an IP address . • It has Cisco Disc o[...]

  • Pagina 150

    6-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Candidate Switch and Cluster Me mber Switch Characteristics Candid ate swi tches are cluster-capable swi tches and sw itch stacks t hat hav e not yet be en added to a cluster . Cluster member switches are switch[...]

  • Pagina 151

    6-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er Automatic Disco very of Clus ter Candid ates and M embers The clust er com mand swit ch uses Cisc o Discovery Protoc ol (CDP) to discover cluste r member sw itches, candi date switc hes, n eighborin g switch c [...]

  • Pagina 152

    6-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster In Figure 6-1 , the cl uster com mand sw itch ha s ports assigne d to VL ANs 16 and 62. The CDP hop count is three. The clu ster command switch di scov e rs switches 11, 12, 13, and 14 because the y are within t[...]

  • Pagina 153

    6-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er Figure 6-2 sh o ws that the cluste r command switch disco ve rs the switch that is co nnected to a third-p arty hub . Ho wev er , the cluster co mmand switch does not di scov er the switch that is connected to [...]

  • Pagina 154

    6-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Figur e 6-3 Discov ery Throug h Dif f erent VLANs Discovery Through Different M anagement VLANs Catalyst 296 0, Catalyst 297 0, Catalyst 355 0, Catalys t 3560, Cataly st 3560-E, Cataly st 3750, or Catalyst 3750-[...]

  • Pagina 155

    6-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er Figur e 6-4 Discov ery Throug h Dif f erent M anage ment VLANs with a Layer 3 Clust er Command Sw i tc h Discovery Through Routed Ports If the c luster comma nd switc h has a r outed port (RP) configured , it d[...]

  • Pagina 156

    6-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Figur e 6-5 Disco very Thr ough Rou ted P o r ts Discovery of Newly Installed Switches T o jo in a cluster, the ne w , out -of-the -box switc h must be conne cted to the clust er throu gh one of its acce ss por[...]

  • Pagina 157

    6-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er HSRP and S tandby Cluster Command Switches The switc h supports H ot Standby Router Prot ocol (HSRP) so that you can configur e a group of standby cluste r comm and switche s. Be cause a clust er co mman d s w[...]

  • Pagina 158

    6-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Virtual IP Addresses Y o u need t o assign a unique vi rtual IP add ress and gr oup num ber and na me to the clus ter stand by group. This info rmatio n must b e conf igured on a speci f ic VLAN or ro uted port[...]

  • Pagina 159

    6-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er • All stan dby-group memb ers must be member s of the clus ter . Note There is no limit to t he numbe r of switc hes that yo u can assi gn as stan dby cluster c omman d switches. Howe ver , the total number [...]

  • Pagina 160

    6-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Automatic d iscov ery has these lim itations: • This limitation applies only to cluste r s that hav e Catalyst 2950, Cata lyst 2960, Catalyst 2970, Catalyst 355 0, Catalyst 356 0, Catalyst 356 0-E, Catalyst 3[...]

  • Pagina 161

    6-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er If a sw itch join s a clus ter and it do es not have a hostname , the c luster c ommand switch a ppen ds a uniq ue member num ber to it s o wn hostname and assigns it sequenti ally as e ach switch jo ins the c[...]

  • Pagina 162

    6-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Switch Clus ters and Sw itch Stacks A switc h cluster can ha ve one or more Catal yst 3750-E switch stac ks. Each switc h stack can ac t as the clust er command s witch or a s a singl e cluster mem ber . Ta b l[...]

  • Pagina 163

    6-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er These ar e conside rati ons to keep in mind whe n you have switch stacks in switch c luster s: • If the cluster comm and switch is not a Catalyst 3750-E switch or switc h stack and a new stac k master is e l[...]

  • Pagina 164

    6-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Using the CLI to Ma nage Swit ch Clusters Using the CLI to Manage Swit ch Clusters Y o u can co nfigure cluster me mber switch es from the CLI by first logg ing into th e clus ter comma nd switch. En ter the r command user E XEC co mmand[...]

  • Pagina 165

    6-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Using SNMP to Manag e Swit ch Clust ers Using SNMP to Manage Switc h Clusters When you first power on the sw itch, SN MP is en abled i f you e nter the IP infor matio n by using the setup program and accep t its p ropose d configura tion.[...]

  • Pagina 166

    6-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Using SNMP to Ma nage Sw itch Clusters[...]

  • Pagina 167

    C HAPTER 7-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 7 Administering the Switch This chapt er desc ribes how to perfor m one- time opera tions to a dministe r the Catal yst 3750- E or 3560-E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch and to a C a[...]

  • Pagina 168

    7-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date The sy stem c lock ca n then be set from these s ource s: • NTP • Manual configurat ion The sy stem c lock can pro vide tim e to these s ervices: • User show comman ds • Logging and de buggi[...]

  • Pagina 169

    7-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Figure 7-1 shows a ty pical netw ork exam ple using NTP . Switch A is the NT P master , with Switch es B, C, and D configured in NTP server mod e, in server associa tion with Switc h A. Switch [...]

  • Pagina 170

    7-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date These sec tions co ntain this co nfiguration in format ion: • Def aul t NT P Conf igurati on, pag e 7- 4 • Conf iguring NTP Authen tication, page 7-4 • Configuring NT P Associati ons, pa ge 7-[...]

  • Pagina 171

    7-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te T o disab le N TP auth en tica tio n, use th e no ntp authenticate global co nfigurati on comma nd. T o remove an auth enticatio n k ey , use the no ntp authe nticatio n-k ey number glob al co [...]

  • Pagina 172

    7-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date Beginning in privileged EXE C mode, foll ow these s teps to form a n NTP associa tion with a nother device: Y o u need to co nfigure only one en d of an assoc iation; t he other de vice can a utomat[...]

  • Pagina 173

    7-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te The switc h can send or re ceive NTP broadcast packets on an interface -by-inte rface basis if there is an NTP broa dcast ser ver , such as a router , broad casting time infor mation on the net[...]

  • Pagina 174

    7-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date T o di sable a n inte rface fro m rece iving NTP broadc ast p ackets, use the no ntp broadcast client in terfa ce configurat ion c omma nd. T o ch ange t he estimat ed r ound-tr ip de lay to the def[...]

  • Pagina 175

    7-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te The ac cess group keywords are sc anned i n thi s ord er , from leas t restri ctive to most r estrict iv e: 1. peer —Allo ws time requests and NTP control queries and al low s the switch to s[...]

  • Pagina 176

    7-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date Disabling N TP Serv ices on a S pecific Interface NTP service s are enabled on all interfa ces b y default. Beg i n ni n g i n pr ivi l eg ed E X E C mo de , fo l low t h es e s te p s t o d is ab [...]

  • Pagina 177

    7-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Displaying the NTP Config uration Y o u can use two privileged EXEC c omman ds to display NTP inform ation: • show ntp associations [ detail ] • show ntp status For detailed informat ion a[...]

  • Pagina 178

    7-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date Displaying the Time and Dat e Configuration T o display the time and date conf iguration, use the show clock [ det ail ] pri vileged EXEC comm and. The system clock keeps an authoritative fla g tha[...]

  • Pagina 179

    7-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Configuring Summer Time (Daylight Saving Time) Beginn ing in pri vileged EXEC mode, follo w these steps to confi gure summer time (day light sa ving time) in ar eas wher e it starts and ends o[...]

  • Pagina 180

    7-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Configur ing a System Nam e and Prom pt Beginning in privileged EX EC mode, fol low these steps if summ er tim e in your area do es not foll ow a recurr ing patt ern (con figure the exact da te and tim e of the next summe r time ev e[...]

  • Pagina 181

    7-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Confi guring a S ystem Name an d Prompt For complete syntax a nd usage information for th e comman ds used in this se ction, see the Cisc o IOS Configuration Fund amen tals Com mand Reference, Relea se 12.2 a nd the Cisc o IOS I P Co[...]

  • Pagina 182

    7-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Configur ing a System Nam e and Prom pt T o kee p track of domain n ames, IP h as defined the conc ept of a domain n ame s erver , which hol ds a cac he (or dat abase) of na mes map ped to IP a ddresses. T o map domain names to IP ad[...]

  • Pagina 183

    7-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Creat ing a Bann er If you u se t he switc h IP ad dress a s its hostnam e, the IP a ddress i s used and no DNS query oc curs. I f you configure a ho stname that contai ns no periods (. ), a period fol lowed by the de fault domain na[...]

  • Pagina 184

    7-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Creating a Banner Configurin g a Mess age-of-the -Day Log in Bann er Y ou can create a single or multiline m essage banner that appears on the scr een when som eone logs in to the switch. Beginning in privileged EX EC mode, fol low t[...]

  • Pagina 185

    7-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng the MA C A ddr ess T able Configurin g a Login B anner Y o u can co nfigure a l ogin banner to be di splayed on all c onnec ted t erminal s. This banner appe ars aft er the M O T D bann er a nd befo re the logi n pro mpt. [...]

  • Pagina 186

    7-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the MAC A ddress Tab le These sec tions co ntain this co nfiguration in format ion: • Building the Ad dress T able, pa ge 7-20 • MA C Addre sses and VLA Ns, page 7- 20 • MA C Addr esses and Sw itch Sta cks, pa ge 7- 2[...]

  • Pagina 187

    7-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng the MA C A ddr ess T able When pr iv ate VLAN s are co nfigured , ad dress le arnin g dep ends on the t ype of MAC addres s: • Dynami c MA C addresses lea rned in one VLA N of a pri vate VLAN ar e replicate d in the asso[...]

  • Pagina 188

    7-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the MAC A ddress Tab le Beginn ing in pr i vilege d EXEC m ode, follo w these st eps to co nf igure the d ynamic a ddress table aging time: T o return to the def ault v alue, use the no mac address- table aging-time global [...]

  • Pagina 189

    7-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng the MA C A ddr ess T able Beginning i n privileged EX EC mo de, fol low these s teps t o configure t he sw itch to send MA C addr ess notif ication traps to an NMS host: Command Purpos e Step 1 configur e terminal Enter gl[...]

  • Pagina 190

    7-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the MAC A ddress Tab le T o di sable the sw itch from se nding MAC address notificat ion traps, use the no snmp-serv er enable traps mac-notification global con f igura tion co mman d. T o di sable th e MA C address not ifi[...]

  • Pagina 191

    7-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng the MA C A ddr ess T able Beginning i n privileged EX EC mo de, follo w th ese steps to add a static addr ess: T o remove st atic en tri es fr om t he addr es s ta ble, u se the no mac addre ss-table static mac-addr vlan v[...]

  • Pagina 192

    7-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the MAC A ddress Tab le • If you add a uni cast MA C address as a static address a nd conf igure unicast MA C address f iltering, the switc h eithe r adds the MA C addre ss as a stat ic addres s or drop s pack ets with th[...]

  • Pagina 193

    7-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Managi ng the ARP Table Displaying A ddress Table Entries Y o u can displa y the MAC address table by using one or more of the privileged EXE C command s describe d in Ta b l e 7 - 4 : Managing the ARP Ta ble T o communic ate with a [...]

  • Pagina 194

    7-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the ARP Table[...]

  • Pagina 195

    C HAPTER 8-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 8 Configuring SDM Templates This chapter descr ibes ho w to conf igure the Switc h Database Managem ent (SDM) template s on the Catalyst 3 750-E or 3 560-E sw itch. Un less othe rwise n oted, t he te rm switch refe rs to a Ca talyst 3750-E or 3560- E stan dalo [...]

  • Pagina 196

    8-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 8 Configuring SDM Templates Underst anding th e SDM Templ ates The f irst e ight ro ws in the tables (un icast MA C addresses thr ough security A CEs) represent ap proximate hardw are boundaries set wh en a template is selecte d. If a section of a hardw are res[...]

  • Pagina 197

    8-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 8 Conf iguring SDM Te mplates Underst anding the SDM Templa tes SDM Template s and Switch St acks In a C atalyst 37 50-E- only or a m ixed hardware switch stack, a ll s tack m embers must u se the same SD M desktop template that is stored on the stack master . W[...]

  • Pagina 198

    8-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 8 Configuring SDM Templates Conf igurin g the Sw itch SDM Temp lat e 2d23h:%SDM-6-MISMATCH_ADVISE:compatible desktop SDM template: 2d23h:%SDM-6-MISMATCH_ADVISE: 2d23h:%SDM-6-MISMATCH_ADVISE: "sdm prefer vlan desktop" 2d23h:%SDM-6-MISMATCH_ADVISE: &quo[...]

  • Pagina 199

    8-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 8 Conf iguring SDM Te mplates Configuring the Switch SDM Template Setting the SDM Template Beginn ing in pri vileged EXEC mode, follo w these step s to use the SDM template to maximi ze feature usage: After the syste m reboots, you can use the show sdm pr efer p[...]

  • Pagina 200

    8-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 8 Configuring SDM Templates Display ing the SDM Templates number of qos aces: 0.5K number of security aces: 1K On next reload, template will be “desktop vlan” template. T o return to the default tem plate, use the no sdm prefer global c onfigurat ion co mma[...]

  • Pagina 201

    8-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 8 Conf iguring SDM Te mplates Displaying the SDM Templ ates This is an e xample of ou tput fr om the sho w sdm prefer dual-ipv4-and-ipv6 routing comm and ente red on a de sktop swi tch: Switch# show sdm prefer dual-ipv4-and-ipv6 routing The current template is &[...]

  • Pagina 202

    8-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 8 Configuring SDM Templates Display ing the SDM Templates[...]

  • Pagina 203

    C HAPTER 9-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 9 Configuring Switch-Based Authentication This chapt er descr ibes how to configure switch-b ased aut henticat ion on the Ca talyst 3750-E or 3560- E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch [...]

  • Pagina 204

    9-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds • If you want t o use usernam e and password pairs, but you want to st ore them c entral ly on a ser ver instead o f locall y , you can st ore th em in a dat abase on a[...]

  • Pagina 205

    9-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s Setting o r Changin g a Static Enab le Pa ssword The en able password control s access to the privileged EXEC mode. Beginning in privileged EXE C mode, follo w thes[...]

  • Pagina 206

    9-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Be ginnin g in pri vileged EXE C mode, follo w these step s to conf igure encryp tion for en able and enab le secr et pas swords : If bo th the e nable and enable secre t[...]

  • Pagina 207

    9-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s This exampl e shows ho w to configure th e encr ypted password $1$F aD0$X yti5Rk ls3Loy xzS8 for pri v ileg e le vel 2: Switch(config)# enable secret level 2 5 $1$F[...]

  • Pagina 208

    9-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Setting a Telnet P assword for a Te rminal L ine When you power-up your switch for the first ti me, a n au tomat ic setup prog ram runs to as sign IP inform ation and t o[...]

  • Pagina 209

    9-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s Beginn ing in pri vileged EXEC mode, follo w these steps to establish a usernam e-based authentic ation system that re quests a logi n usernam e and a password: T o[...]

  • Pagina 210

    9-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Setting the Privil ege Level for a Command Beginn ing in pri vile ged EXEC mode, follo w these steps to set the pri v ileg e le vel f or a command mode: When y ou set a c[...]

  • Pagina 211

    9-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s Changing the Default Pri vilege Level fo r Lines Beginn ing in pri vileged EXEC mode, fo llo w these steps to chan ge the defaul t pri vilege le vel for a line: Use[...]

  • Pagina 212

    9-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ Controlling Switch Access with TACACS+ This sec tion describe s ho w to enable an d conf igure T erminal Access C ontrol ler Access Control System Plus (T A CA CS+), which prov[...]

  • Pagina 213

    9-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ Figur e 9-1 T ypical T ACA CS+ Networ k Configur ation T A CA CS+, a d minist ered through the AA A secu rity s ervices, can p rovid e thes e ser vices: • Authent ication— P[...]

  • Pagina 214

    9-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ TACACS+ Ope ration When a use r attempts a sim ple ASCII login by authenticating to a switch u sing T ACA CS+, this proc ess occurs: 1. When th e conne ction is esta blished, t[...]

  • Pagina 215

    9-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ • Configuring T A CACS+ Authoriz ation f or Privileged EXEC Acces s and Network Services, page 9-16 • Startin g T A CA C S+ Accoun ting, pa ge 9-17 Default TACAC S+ Configur[...]

  • Pagina 216

    9-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ T o remo ve th e specif ied T A CA CS+ serv er name or address, us e the no tacac s-server host hostname global configurat ion comm and. T o remove a server grou p from the con[...]

  • Pagina 217

    9-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ T o disa ble AAA, use the no aaa new-model global configurat ion comma nd. T o disa ble A AA authenti cation, use th e no aaa auth entica tion log in { default | list-name } m e[...]

  • Pagina 218

    9-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ Note T o se cure the switch for HTT P acce ss b y using AAA meth ods, you must con fi gure t he switch with th e ip htt p au thenti cati on aaa glo bal c onfiguration com mand.[...]

  • Pagina 219

    9-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Starting TACACS+ Accounting The AA A acco unting fe ature tr acks the s ervices that users a r e a ccessi ng an d the amoun t of n etwor k resources th at the y are consum ing. W[...]

  • Pagina 220

    9-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Understanding RADIUS RADIUS is a distr ibuted clie nt/ser ver system that secures netw orks against u nauthori zed access . RADIUS c lients run on sup ported Ci sco route rs an [...]

  • Pagina 221

    9-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Figur e 9-2 T ran s itioning fr om RADIUS t o T A CACS+ Services RADIUS Operation When a user attem pts to log in and auth enticate to a switch that is a ccess controlled by a RA[...]

  • Pagina 222

    9-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Configuring RADIUS This se ction describe s how to c onfigure your switch to su pport R ADIUS. At a mini mum, y ou mus t identify t he host or host s that ru n the RA DIUS serve[...]

  • Pagina 223

    9-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Y ou identify RADIUS security ser vers b y their hostname or IP a ddress, hostname and specif ic UDP port numbers, or their I P addre ss and specific UD P port num bers. The comb[...]

  • Pagina 224

    9-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Beginn ing in pri vileg ed EXEC mode, follo w these steps to conf igure per - serve r RADIUS server comm unicatio n. This pr oced ure is requi red. Comma nd Purpos e Step 1 conf[...]

  • Pagina 225

    9-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o remov e the specif ied RADIUS serve r, use the no radius-serv er host hostname | ip- address global configurati on c ommand. This exam ple sh ow s ho w to conf igur e one R A[...]

  • Pagina 226

    9-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Step 3 aaa authent ication log in { default | list-name } method1 [ meth od2... ] Create a logi n authen tica tion meth od list. • T o create a def ault list that is used when[...]

  • Pagina 227

    9-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o disa ble AAA, use the no aaa new-model global configurat ion comma nd. T o disa ble A AA authenti cation, use th e no aaa auth entica tion log in { default | list-name } m et[...]

  • Pagina 228

    9-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Beginning i n privileged E XEC mo de, follow these steps to d efine the AAA server g roup an d assoc iate a particu lar RADI US server with it : Comma nd Purpos e Step 1 conf ig[...]

  • Pagina 229

    9-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o remov e the specif ied RADIUS serve r, use the no radius-serv er host hostname | ip- address global configurati on comm and. T o remove a server group fro m the configurat io[...]

  • Pagina 230

    9-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS T o disable author ization, u se the no aaa authorizat ion { net work | exec } method1 global configurat ion comm and. Starting RADIUS Accountin g The AAA acco unti ng featu re [...]

  • Pagina 231

    9-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Configuring Settings for All RADIUS S ervers Beginning i n privileged EX EC mo de, fol low these s teps t o configure g lobal commun icatio n setti ngs between the switch and all[...]

  • Pagina 232

    9-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS This e xample sho ws how to pro vide a u ser logg ing in fr om a swit ch with immed iate ac cess to p ri v ile ged EXEC co mmands : cisco-avpair= ”shell:priv-lvl=15“ This e [...]

  • Pagina 233

    9-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with Kerberos As ment ioned ea rlier, to configure RAD IUS (w hether vendor-proprie tary or IETF dr aft-c omplia nt), yo u must specif y the host ru nning the RADIUS se rver daemon an d the [...]

  • Pagina 234

    9-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch Acce ss wit h Kerberos Y ou must obtain auth orization to use this feat u re and t o do wnload th e cryptograp hic softw are f iles from Cisco. com.For mo re info rmation , see the re lease no tes f[...]

  • Pagina 235

    9-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with Kerberos This soft ware rel ease sup port s Kerberos 5, w hich a llows organizatio ns that are alr eady using Kerberos 5 to use the same K erberos authenticatio n database on the KDC th[...]

  • Pagina 236

    9-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch Acce ss wit h Kerberos Kerberos Operation A Kerberos server can be a C atalyst 3750-E or 3560- E switch tha t is configured as a ne twork secu rity server and that can a uthent icate rem ote us ers [...]

  • Pagina 237

    9-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with Kerberos 4. The KDC send s an encryp ted TGT that includes the user ide ntity to the swi tch. 5. The switch attem pts to decrypt the TGT b y using the passw ord that the use r entered. [...]

  • Pagina 238

    9-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Configur ing the Switc h for Lo cal Authe ntication a nd Authori zation Note A Kerbero s server can be a Cat alyst 3750-E or 3560-E sw itch that is configured as a net work securit y serv er and that can authe nticate [...]

  • Pagina 239

    9-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell T o disa ble AAA, use the no aaa new-model global configurat ion c omma nd. T o disabl e au thoriza tion, use the no aaa autho rization { network | exec } method1 globa l confi[...]

  • Pagina 240

    9-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g the Sw itch for Sec ure Shel l For SSH configuration examples, se e the “SSH Configura tion Ex amples ” secti on in the “C onfiguring Secure Shell” se ction in the “Other Security Fe atures” c[...]

  • Pagina 241

    9-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell SSH also supports these user authen tication methods: • T A CA CS+ (for m ore inf orma tion, see the “Controlling Switch Acc ess with T A CA CS+” section on page 9-10 ) ?[...]

  • Pagina 242

    9-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g the Sw itch for Sec ure Shel l • When genera ting the RSA key pair , the message No dom ain specif ied might appear . If it does, you must c onfigure an IP d omain name by usi ng the ip dom a in- nam e [...]

  • Pagina 243

    9-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell Configuring the SSH Server Beginn ing in pri vileged EXEC mode, follo w these steps to confi gure the SSH serv er: T o return to th e def ault SSH c ontrol par ameters, u se th[...]

  • Pagina 244

    9-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g th e Sw itch for Sec ure Sock et L a ye r HTTP For more infor mation ab out these com mands, see th e “ Secure She ll Commands ” se ction in the “Other Securit y Features ” chapte r of the Cisc o [...]

  • Pagina 245

    9-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP When a conn ecti on attempt is made, the HTTPS server provid es a secure connect ion by issuing a certif ied X.509v3 certif icate, obtained from a specif ied CA tru[...]

  • Pagina 246

    9-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g th e Sw itch for Sec ure Sock et L a ye r HTTP CipherSuit es A CipherSuite spe cifi es the encryption alg orithm and the dige st algorithm to use on a SSL con nection. When conne cting to the HTTPS server[...]

  • Pagina 247

    9-45 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP SSL Configuration Guid elines When SSL is used in a switch cluster , the SSL session terminates at the clu ster commander . C luster member switches must run standa[...]

  • Pagina 248

    9-46 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g th e Sw itch for Sec ure Sock et L a ye r HTTP Use the no crypto ca tr ustpo int nam e global conf ig uration command to d elete all id entity info rmation and ce rtifica tes as soci at ed wit h the C A. [...]

  • Pagina 249

    9-47 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP Use th e no ip http server global configu ration c ommand to disabl e the standa rd HTT P server . Us e the no ip http secur e-serv er global co nfigurati on co mma[...]

  • Pagina 250

    9-48 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g the Sw itch for Sec ure Copy Proto col Use the no ip http client secur e-trustpo int nam e to remov e a client trustpoi nt conf iguration. Use the no ip http client sec ur e-ciphersuite to remov e a previ[...]

  • Pagina 251

    9-49 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Copy P rotocol Information Abo ut Secure Copy T o c onfigure Se cure Copy feat ure, y ou shou ld u nderstand thes e conc epts . The beha vior of SCP is si milar to that of re mote co[...]

  • Pagina 252

    9-50 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g the Sw itch for Sec ure Copy Proto col[...]

  • Pagina 253

    C HAPTER 10-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 10 Configuring IEEE 802.1x Port-Based Auth entic ation This c hapte r descr ibes h ow to con figure IEEE 802.1x port- based authe ntic ation on the Ca talyst 3750-E or 3560-E sw itch. IEEE 802 .1x authe nticat ion prevents unauthoriz ed devices (clients) from [...]

  • Pagina 254

    10-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation • IEEE 8 02.1x Host Mo de, pag e 10-8 • IEEE 8 02.1x Accou nting, pa ge 10-9 • IEEE 802. 1x Accou nting Att ribute-V alue Pairs, pag e 10-9 [...]

  • Pagina 255

    10-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion • Au thenticati on server —per forms th e act ual a uthenti cation of t he clien t. The authentic ation serv er v alidates the ident ity of th [...]

  • Pagina 256

    10-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation Figure 10-2 shows the authentication process. If Multi Do main Authen tication (MD A) is enabled on a port, this flo w can be u sed with some exce[...]

  • Pagina 257

    10-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion The Session- T imeout RADIUS attrib ute (Attribu te[27]) spec ifie s the time after which re-auth enticatio n occurs. The T ermination- Action RADI[...]

  • Pagina 258

    10-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation Figur e 1 0-3 Messag e Ex chan ge If IEEE 802.1 x authentica tion times out while wai ting f or an EAPOL message exchan ge and MA C authenti catio[...]

  • Pagina 259

    10-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion Ports in Au thorized and Un authorized S tates During IEEE 802.1x authen tication, depe n ding on the switch por t state, the switch can grant a cl[...]

  • Pagina 260

    10-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation If IP connecti vity to the RADIUS serv er is interrupt ed becau se the swit ch that was co nnected to the serv er is rem ove d or fails , these e [...]

  • Pagina 261

    10-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion IEEE 802.1 x Acco unting The IEEE 802.1x st andard de fines ho w users ar e author ized an d authenti cate d for networ k access but does not keep [...]

  • Pagina 262

    10-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation Y o u can view the A V pairs th at are be ing sen t by the switch by enteri ng the debug radius account ing pri vileged EXEC comman d. Fo r more [...]

  • Pagina 263

    10-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion If an IEEE 802. 1x por t is a uthent icate d an d put in t he RAD IUS server-assigned VL AN, a ny chan ge to the port acc ess VLAN config urat ion[...]

  • Pagina 264

    10-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation Y o u can use the Filt er-Id attribute to spec ify an inbou nd or outboun d A CL that is alread y configured on the swit ch. The at trib ute cont[...]

  • Pagina 265

    10-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion Any number of IEEE 802 .1x-inca pable clie nts are allo wed acces s when the switc h port is mov ed to the guest VL AN. I f an IEEE 802.1x -capab [...]

  • Pagina 266

    10-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation After a p ort mo ves to the restr icted VL AN, a sim ulated EAP success message is sent t o the clie nt. This prev ents c lients from indefinite [...]

  • Pagina 267

    10-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion Inaccessible au thenticatio n bypass interac ts with these features: • Guest VLAN—Inacce ssible auth entication bypass is comp atible wi th gu[...]

  • Pagina 268

    10-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation In single-hos t mode, only the IP phone is allowe d on the voice VLAN. In multiple- hosts mode, additional clients can send t r af fi c on the v [...]

  • Pagina 269

    10-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion • When an IEE E 802.1x cl ient logs off, the port chang es to an unauthe nticat ed state , and all dynami c entrie s in the s ecure host t able [...]

  • Pagina 270

    10-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation frame with a user name and pa ssword bas ed on the M A C addre ss. If authori zation succee ds, the sw itch grants the client access to the netwo[...]

  • Pagina 271

    10-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion Network Admission Control La yer 2 IEEE 802. 1x Validation The switc h supports t he Network A dmission Control (N AC) Layer 2 IEEE 802.1x validat[...]

  • Pagina 272

    10-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation • Until a device is autho rized, th e port drops i ts traff ic. Non-Ci sco IP phone s or voice devices are allo wed into both t h e data and v [...]

  • Pagina 273

    10-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Note The pr oxyacl entry determines the ty pe of al lo wed network ac cess. For more infor mation, see the “Configuring W eb Authent ication” sect ion on pag[...]

  • Pagina 274

    10-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Default IEEE 802.1x Auth entication Co nfiguration T ab le 10-2 shows the def a ult IEEE 802.1x au thenticatio n config uration. T able 1 0-2 Def ault IEEE 802.[...]

  • Pagina 275

    10-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication IEEE 802.1x Authenticatio n Configur atio n Guidelines These sec tion has configu ration gui delines fo r these featur es: • IEEE 8 02.1x Authe nticati on, pag[...]

  • Pagina 276

    10-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n – Ether Channel port —Do not con figure a p ort t hat i s an active or a no t-yet -active membe r of an Ether Channel as an IEEE 802. 1x port . If you try t[...]

  • Pagina 277

    10-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication – Y o u can co nfigure the ina ccessi ble aut henti cation bypass fe ature a nd the rest ricted VLAN on an IEEE 802.1x port. If the switch tries to re-authenti[...]

  • Pagina 278

    10-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Beginning i n privileged E XEC mo de, follow these s teps to con figure IEEE 802.1 x por t-based authenti cation: Configuring the Sw itch-to-RADIUS-Serv er Comm[...]

  • Pagina 279

    10-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Beginning i n privileged EX EC m ode, fo llow these steps to con figure the RADIU S server pa ramet ers on the switc h. This p rocedure is require d. T o delete [...]

  • Pagina 280

    10-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Configuring the Host Mode Beginn ing in pri vileg ed EXEC mode, follo w these steps to allo w multiple hosts (client s) on an IEEE 802. 1x-au thorize d port tha[...]

  • Pagina 281

    10-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Configuring Periodic Re-Authentication Y o u can ena ble perio dic IEE E 802.1 x client re-auth entica tion an d specify how often it oc curs. If yo u do not spe[...]

  • Pagina 282

    10-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Changing the Quiet P eriod When the swi tch canno t authentic ate the c lient, the swi tch remains idle for a set period o f time and then tries agai n. The dot[...]

  • Pagina 283

    10-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication T o return to the defaul t retransmission time, use th e no dot 1x time out tx-peri od interface co nfig uration comm and. This e xample sho ws how to set 60 as [...]

  • Pagina 284

    10-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Setting th e Re-Aut hentication Number Y ou can also ch ange th e number o f times that the switch restarts the authentic ation pr ocess before the port chan ge[...]

  • Pagina 285

    10-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Note Y ou must co nfigure the RAD IUS ser ver to perform accounti ng tasks, such as l ogging s tart, stop , and interim-upd ate messages and time stamps. T o tur[...]

  • Pagina 286

    10-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n T o disab le and rem o ve th e guest VLAN, use the no dot1x guest- vlan interface co nf igurat ion comman d. The port returns to the unau thorized state. This e[...]

  • Pagina 287

    10-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication T o disabl e and remo ve the re strict ed VLAN, us e the no dot1x auth-fail vlan interface co nfigurati on comm and. Th e port retur ns to the una utho rized sta[...]

  • Pagina 288

    10-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n T o return to the default v alue, use the no dot1 x au th-fail max-a ttemp ts interface con fig uration comm and. This exam pl e sh ows how to set 2 as the numb[...]

  • Pagina 289

    10-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Step 4 radius-se rver host ip- ad dress [acct- port udp-port ] [ auth-por t udp-port ][ test username name [ idle-time ti me ] [ ignor e-acct- port ] [ ignore-au[...]

  • Pagina 290

    10-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n T o return to th e RADIUS serv er def ault setting s, use th e no radius-ser ver dead-cri teria , the no radius-serv er deadtime , and the no radius-server host[...]

  • Pagina 291

    10-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication T o d isab le IE EE 80 2.1x auth entic atio n with W oL, us e th e no dot1x control-dir ection interface configurati on c ommand. This e xample sho w s ho w to e[...]

  • Pagina 292

    10-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Configuring NAC Layer 2 IEEE 802.1x Validation Y o u can configure N A C La yer 2 IEEE 802.1x validation, which i s also referre d to as IEEE 802.1x authenti ca[...]

  • Pagina 293

    10-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Configuring Web Authentication Beginn ing in pri vileged EXEC mode, fo llo w these steps to conf igure authentica tion, authorizat io n, accoun ting ( AAA) a nd [...]

  • Pagina 294

    10-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Beginn ing in pri vileged EXEC mode, fo llo w these steps to conf igure a port to use web authentica tion: This example shows ho w to con figure only web authen[...]

  • Pagina 295

    10-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication This e xample sh ow s ho w to conf igure IEEE 802.1 x authen tication with web authenti cation as a fallb ack method . Switch(config) configure terminal Switch(c[...]

  • Pagina 296

    10-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Displaying IEEE 802.1x St atistics and St atus This exampl e shows how to disab le IEEE 802.1x au thent icatio n on the port : Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# no dot1x p[...]

  • Pagina 297

    C HAPTER 11-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 11 Configuring Interface Cha racteristics This c hapter d efines the types of i nterface s on th e Ca talyst 3750-E o r 3560 -E swi tch and descr ibes how to conf igure them. Unle ss otherwise noted, the term switc h refers to a Catal yst 3750 -E or 3560 -E st[...]

  • Pagina 298

    11-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes • EtherC hannel Po rt Gro ups, pag e 11 -5 • 10-Gigabi t Et hernet I nterfac es, page 11-6 • Po wer ov er Ethernet Ports, page 11-6 • Connecti ng Int erfaces, pa ge 11- 11 • Et[...]

  • Pagina 299

    11-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Configure switch ports by using t he switchport interface c onfi guration comman ds. Use th e switchpor t comm and with no keywords to put an interface th at is in La yer 3 mode i n[...]

  • Pagina 300

    11-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes is in the all owed list for a trunk port, the trunk port a u tomatically b ecomes a member of that VLAN a n d traffic is forwarde d to and f rom t he trunk p ort for tha t VL AN. I f VTP[...]

  • Pagina 301

    11-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Switch Virtual Interfaces A switch virtual i n terf ace (SVI ) represe nts a VL AN of swi tch po rts as one interf ace to the r outing or bridging f unctio n in the sys tem. Onl y o[...]

  • Pagina 302

    11-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes When you c onfigure an Et herCha nnel, you cr eate a port -chan nel lo gical inte rface an d assign a n inte rface to the Ethe rCha nnel. For Layer 3 in terface s, you manua lly crea te [...]

  • Pagina 303

    11-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es power mode. T he p owered device first boots up i n low-power mode, c onsume s less than 7 W , and negotiates to obtain en ough power to oper ate in high -power mode. The device cha[...]

  • Pagina 304

    11-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes the request is granted, the switch upda tes the po wer budget . If the r equest is denie d, the switch ensures that power to t he p ort is tur ned o ff, generates a sysl og messag e, and[...]

  • Pagina 305

    11-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Ho we ver , if the power ed-de vice IEEE cla ss is greater than the maxim um wattage , the switch does not supply power to it. If the swit ch learns throu gh CDP messages th at the [...]

  • Pagina 306

    11-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes Maximum Power Allocation ( Cutoff P ower) on a PoE Port When po wer polici ng is enab led, t he switch determines o ne of the these v alues as the cutof f po wer on the PoE port in this[...]

  • Pagina 307

    11-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Because t he swit ch suppor ts interna l power supplie s and the Cisco Redun dant Power System 2300 ( also referred to as the RPS 2300), the total amount of po wer a v ailable for [...]

  • Pagina 308

    11-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes • The ro uting f u nction can be en abled on all SVIs an d rout ed por ts. The swi tch routes on ly IP traf fic . When IP r outing protoc ol para meters a nd a ddress co nfigurati on [...]

  • Pagina 309

    11-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Figur e 1 1 -3 Connecting a Switch Stac k t o a PC By default , the Ethern et m anagem ent po rt is e nable d. Th e swit ch ca nnot rou te pac kets from the E therne t manage ment [...]

  • Pagina 310

    11-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes In Figure 11 -4 , if the Ethern et mana gement p ort and th e netw ork port s are associa ted with the same routi n g proc ess, the ro utes are pr opag ated as follo ws: • The routes [...]

  • Pagina 311

    11-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Using Interface Configuration Mode Use the commands in T able 1 1-2 when using TFT P to download or upl oad a configur ation f ile to the boot loader . Using Interface Con figuration Mode The swit ch supports th ese [...]

  • Pagina 312

    11-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Using I nterface Configu ration Mode • Port num ber—T he int erface numb er on t he switch. The 10 /100/10 00 po rt n umber s always b egin at 1, starting with the far left po rt when fac ing the front of the switc[...]

  • Pagina 313

    11-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Using Interface Configuration Mode Step 3 Foll ow each interface command with the inte rface conf iguration commands that the interface requires. The co mman ds that you enter define the pro toco ls and appl icati on[...]

  • Pagina 314

    11-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Using I nterface Configu ration Mode When usin g the interf ace range global configurat ion comm and, no te th ese guide lines : • V alid entries for port- rang e : – vlan vlan -ID - vlan-I D , where the VLAN ID is[...]

  • Pagina 315

    11-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Using Interface Configuration Mode Configur ing and Using Interf ace Range Mac ros Y ou can crea te an inte rface range macro to a utomatic ally select a range of inte rface s for confi g uratio n. Befo re you can us[...]

  • Pagina 316

    11-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s • The VLAN inter faces must ha ve been co nf igured with the interf ace vlan command . The show running-conf ig privileged E XEC c omman d di splays th e co nfigured VLAN inte rface[...]

  • Pagina 317

    11-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces Default Ethernet Inte rface C onfigur ation T ab le 11-3 shows the Ethern et interface default c onfigurat ion, i ncluding some feat ures th at ap ply only to Layer 2 inter faces. F [...]

  • Pagina 318

    11-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s Configuring In terface Sp eed and Du plex M ode Ether net i nterfaces on the switch oper ate a t 10, 100, 1000, or 10,0 00 M b/s a nd in eithe r fu ll- or half-d uplex mode. In full-d[...]

  • Pagina 319

    11-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces • If one inte rface suppo rts au tonegotiati on and the other e nd does no t, configure dup lex and spee d on both i nterface s; do not use the auto setting on the sup ported side [...]

  • Pagina 320

    11-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s Use the no spee d and no duplex interfa ce conf iguration command s to return the interf ace to the def ault speed and duple x settings (autonegot iate). T o return all interf ace set[...]

  • Pagina 321

    11-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces T o disa ble flo w cont rol, use the flowcont rol r ecei ve off interface co nfiguration c omman d. This exampl e shows ho w to turn on flow contro l on a port: Switch# configure ter[...]

  • Pagina 322

    11-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s T o disa ble a uto-MDIX, use the no mdix auto in terface con figurati on co mman d. This e xample sho ws ho w to enab le auto-MD IX on a port: Switch# configure terminal Switch(config[...]

  • Pagina 323

    11-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces For informa tion ab out the outp ut of the show power in line user EXEC comm and, se e the comma nd refere nce for t his rele ase. For more informa tion ab out PoE- rel ated co mmand[...]

  • Pagina 324

    11-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s Cautio n Y ou shou ld car efully plan your switch power budget, ena ble the power mo nitorin g feat ure, a nd ma ke certai n not to oversubscribe the power supply . Note When you manu[...]

  • Pagina 325

    11-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces T o return to the default setting, use the no power inl ine consumption def ault interfac e conf iguration comm and. For informa tion ab out the outp ut of the show power in line con[...]

  • Pagina 326

    11-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s T o di sable poli cing of the re al-tim e power consumptio n, use the no power inline police interface configurati on comm and. T o disable erro r recovery for PoE error-disable d cau[...]

  • Pagina 327

    11-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Configur ing Layer 3 Interf aces Switch# show interfaces gigabitethernet1/0/2 description Interface Status Protocol Description Gi1/0/2 admin down down Connects to Marketing Configuring E thernet M anagement P orts T[...]

  • Pagina 328

    11-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Layer 3 Interfaces • If the sw itch is notified by VLAN Trunking Pro tocol (VT P) of a new VLAN, it sends a me ssage tha t there a re not e nough hardware resourc es av ailable a nd shu ts down the VL AN[...]

  • Pagina 329

    11-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Confi guring t he Syste m MTU Configuring the System MTU The d efault ma ximum t ransmi ssion uni t (MTU) s ize for fram es re ceived and sent on all i nterfaces o n the switch or sw itch stack is 1500 bytes. Y ou ca[...]

  • Pagina 330

    11-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Conf igurin g th e Syst em MTU The upp er limit of t he system ro uting MT U v alue is based on the swit ch or switc h stack co nfiguration and refer s to either th e currently applied system MT U or the system jumbo M[...]

  • Pagina 331

    11-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Configur ing the Cisc o Redunda nt Power System 2300 If you e nter a v alue th at is outsid e the a llo wed ra nge for th e specif ic type of interfa ce, the v alue is not acce pted. This example shows ho w to set th[...]

  • Pagina 332

    11-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing the Cisco Red undant Pow er System 230 0 • Y o u can co nfigure the pr iority o f an RPS 2300 port fro m 1 to 6. Specify ing a value of 1 assigns the port a nd its connec ted d evices the h ighest priori[...]

  • Pagina 333

    11-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Configuring the Power Supplies T o return to the RPS 2300 default settings, use these co mmands: • T o re turn to the de fault name se tting (no na me is co nfigured), use th e power r ps switch-number port rps-por[...]

  • Pagina 334

    11-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Monito ring and Mai ntainin g the Interfac es For more infor mati on about usin g the power supply user E XEC comman d, see the comman d re ference for th is re lease . Monitoring and Main taining the In terfaces These[...]

  • Pagina 335

    11-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Monitoring and Maintaining the Interfaces Clearing and Resetting In terfaces and Counters T ab le 11-7 lists the pri vilege d EXEC mode clear comman ds that you can us e to clear co unters and reset interf aces. T o [...]

  • Pagina 336

    11-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Monito ring and Mai ntainin g the Interfac es Shutting Down and Restarting the Interface Shutting d ow n an i nterfac e disable s all fu nctions o n the spe cifi ed interf ace and marks the inter face as unav ailable o[...]

  • Pagina 337

    C HAPTER 12-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 12 Configuring Smartports Macro s This cha pter descr ibes how to configure and appl y Smartp orts mac ros on the Ca talyst 3750-E or 35 60-E switch. Note For c omplete s yntax and u sage in forma tion fo r the command s used in th is cha pter , see the co mma[...]

  • Pagina 338

    12-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 12 Configuri ng Smart ports Mac ros Configuring Smartpor ts Macros Cisco also provid es a collection of prete sted, Cisco-recomme nded baseline conf iguration templates for Catalyst switc hes. The onli ne reference g uide temp lates pro vide the CLI co mmands [...]

  • Pagina 339

    12-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 12 Configur ing Smartpor ts Macros Config uring Smartp orts Mac ros Smartports Mac ro Con figuration Guidelines Follow these guideli nes when configuring ma cros on your sw itch: • When crea ting a macro , do not use the exit or end comm ands or change th e c[...]

  • Pagina 340

    12-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 12 Configuri ng Smart ports Mac ros Configuring Smartpor ts Macros Foll ow th ese guidelines when you apply a Cisco-d efault Smartp orts macro on an interf ace: • Display all macr os on the switch by using the show pa rser ma cro user EXE C comm and. Dis pla[...]

  • Pagina 341

    12-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 12 Configur ing Smartpor ts Macros Config uring Smartp orts Mac ros Applying Smar tports Ma cros Beginning i n privileged E XEC mo de, follow these s teps to app ly a Smartpor ts mac ro: Y o u can dele te a globa l macr o-applie d configurati on on a swit ch on[...]

  • Pagina 342

    12-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 12 Configuri ng Smart ports Mac ros Configuring Smartpor ts Macros This exam ple sh ows how to app ly th e user-cre ated m acro c alle d snmp , to set the ho stname address to test- server , and to set the IP prec edence valu e to 7 : Switch(config)# macro glo[...]

  • Pagina 343

    12-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 12 Configur ing Smartpor ts Macros Config uring Smartp orts Mac ros Y o u can dele te a globa l macr o-applie d configurati on on a swit ch only by ente ring the no vers ion of each comm and th at is in t he macro. Y ou can delete a m acro-a pplie d co nfigurat[...]

  • Pagina 344

    12-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 12 Configuri ng Smart ports Mac ros Displaying Smartpor ts Macros Displaying Smartports Macros T o display th e Smartpo rts macros , use one o r more of the p ri v ile ged EXE C commands in T a ble 12-2 . T able 12-2 Commands for Displ aying Smar tports Macr o[...]

  • Pagina 345

    C HAPTER 13-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 13 Configuring VLANs This c hapter describ es how to c onfigure norm al- range VL ANs (V LAN IDs 1 t o 100 5) and extended-ra nge VLAN s (VLA N IDs 1006 to 4094) on th e Ca talyst 3750-E and 3560- E sw itch. I t include s info rmation about VLA N member ship m[...]

  • Pagina 346

    13-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Underst anding VL ANs Note Be fore you create VLANs , you mu st deci de wh ether to use V LAN Trunking Pr otocol (V TP) to maint ain global VL AN configurat ion for you r network. For more informa tion on VTP , see Chapt er 14, “Configur[...]

  • Pagina 347

    13-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Unde rsta ndin g VLAN s Supporte d VLANs The swi tch suppor ts VLANs in VT P client, serv er , and transpar ent mod es. VLANs a re identif ied by a number fr om 1 to 4094. VLAN ID s 1002 throu gh 1005 a re reserved for T oken Ring a nd FDD[...]

  • Pagina 348

    13-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Normal- Range VLA Ns For more de tailed definitions of acce ss and tru nk mo des and their f unctions, see T a ble 13-4 on page 13-1 8 . When a port belongs to a VLAN , the switch l earns and ma nages the add resses associated[...]

  • Pagina 349

    13-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns Cautio n Y ou can cause inconsistenc y in the VLAN d atabase if you attempt to manually delete th e vlan.dat file. If you wa nt to modi fy the V LAN c onfiguration, use the comma nds descr ibed i n thes[...]

  • Pagina 350

    13-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Normal- Range VLA Ns Token Rin g VLANs Although the switch does not s upport T o ken Ring connec tions, a remot e device such as a Catalyst 5000 series switch with T oken Rin g con nection s could be ma naged from o ne of the [...]

  • Pagina 351

    13-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns VLAN Configuration Mode Options Y o u can c onfigure nor mal-rang e VL ANs (wi th VLAN IDs 1 t o 1005) by using the se two configu ration modes: • VLAN Configur ation in config-vlan M ode, page 13 -7 [...]

  • Pagina 352

    13-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Normal- Range VLA Ns When you save VLAN and VTP infor mation (i ncluding extended-r ange VLAN configurat ion informatio n) in the star tup conf iguration f ile and re boot the switch, the swit ch configurat io n is selec ted a[...]

  • Pagina 353

    13-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns Creating or Modifyin g an Et hernet VLAN Each E therne t VLA N in the VLAN d ataba se has a uni que, 4- digit I D tha t ca n be a nu mber fr om 1 to 1001. V LAN IDs 1002 to 1005 are re served for T oken[...]

  • Pagina 354

    13-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Normal- Range VLA Ns Y o u can also c reate or mod ify Ethe rnet VLANs by using the VLAN database co nfiguration mo de. Note VLA N data base configurati on mode doe s not sup port RSP AN VLA N configura tion o r extended- ran[...]

  • Pagina 355

    13-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns Cautio n When you delete a VLAN, a ny por ts assigned to that VLAN be come inac tiv e. They r emain associ ated with th e VLAN ( and thus inacti ve) until you assign them to a ne w VLAN. Beginn ing in [...]

  • Pagina 356

    13-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Extend ed-Range VLANs T o return an interfac e to its defaul t configu ration, use the default interface in terface-id interfa ce configurati on c ommand. This example shows ho w to configure a port as an access port in VLAN [...]

  • Pagina 357

    13-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Conf iguri ng Ext end ed-R ange VL ANs Extended -Ran ge VLAN C onfiguration G uidelines Foll ow th ese guidelines when cr eating exte n ded-range VLA Ns: • T o a dd an extended-ra nge VLAN, y ou mu st use th e vl an vlan-id globa l conf[...]

  • Pagina 358

    13-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Extend ed-Range VLANs Creating an E xtended-Ra nge VL AN Y o u cr eate an exten ded-r ange VLAN in g loba l configur ation mode by ente ring the vlan glob al configurati on comm and with a VLAN ID from 1006 to 4094. Th is com[...]

  • Pagina 359

    13-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Conf iguri ng Ext end ed-R ange VL ANs This e xample shows how to c reate a ne w ex tended-ra nge VLAN w ith all d efault charac teristics, e nter config-vlan mode , an d sav e th e new VLAN in th e swit ch start up configu ration file : [...]

  • Pagina 360

    13-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Displa ying VL ANs Displaying VLANs Use the show vlan privi leged EXEC command to display a list of all VLA Ns on the switch, including extended -range V LANs. Th e displa y includ es VLAN status, port s, and co nfiguration inform ation .[...]

  • Pagina 361

    13-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s Figure 13-2 shows a network of swit ches that are conn ected by ISL trunks. Figur e 13-2 Switc hes in an ISL T runk ing En vir onment Y o u can configure a trunk o n a single Ether net i nterface or o n an Ethe[...]

  • Pagina 362

    13-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks Encapsulation Type s T ab le 13-5 lists the Et hernet trunk enca psulat ion types and keyw ords. Note Th e switch doe s not support La yer 3 trunk s; you canno t configure subint erfaces or use the encapsulation [...]

  • Pagina 363

    13-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s IEEE 802.1Q Configuration Considerations The IE EE 8 02.1Q t runks i mpose these limita tions o n the trun king stra tegy for a network: • In a ne twork of Cisco switch es conne cted through IEEE 802.1 Q trun[...]

  • Pagina 364

    13-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks • Changing t he Pruning-Elig ible List, page 13- 22 • Conf iguring the Nati ve VLAN for Unta gged T raff ic, page 13-23 Note By default, an interfa ce is in Layer 2 mode. The de fault mode for Layer 2 interfa[...]

  • Pagina 365

    13-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s T o return an interfac e to its defaul t configu ration, use the default interface in terface-id interfa ce configurat ion com mand. T o reset all tru nking cha rac teris tics of a trunk ing in terface t o the [...]

  • Pagina 366

    13-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks T o re duce t he risk o f spann ing-tree loo ps or storm s, you c an disa ble VLA N 1 on any in dividual VLAN trunk port by removin g VLAN 1 from t he allowed list. Whe n you remove VLAN 1 from a trunk port , the[...]

  • Pagina 367

    13-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s Beginn ing in pri vileg ed EXEC mode, follo w these steps to remov e VLANs from the pruning- eligible list on a trunk por t: T o r etur n to th e de fault pruni ng-e ligibl e list o f al l VLAN s, us e the no s[...]

  • Pagina 368

    13-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks T o return to the defau lt nati ve VL AN, VLAN 1, use the no switchport trunk nativ e vlan inte r face configurati on c ommand. If a pack et has a VL AN ID th at is t h e sa me as the out going p ort n ati ve VLA[...]

  • Pagina 369

    13-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s In thi s way , Trunk 1 c arries traffic for V LANs 8 thr ough 1 0, and T runk 2 car ries tra ff i c fo r VLA Ns 3 through 6. If the a cti ve trunk f ails, the tr unk with the lo wer priority tak es ov er and ca[...]

  • Pagina 370

    13-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks Load Sharing Using STP Path C ost Y o u can configure pa rallel trunks to share VLAN traffic by setting di fferent path costs on a trunk and associ ating the path costs wit h dif feren t sets of VLANs, blockin g [...]

  • Pagina 371

    13-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s Figur e 13-4 Load-Shar ing T run ks with T ra f fic Distr ibuted b y P ath Cost Beginn ing in pri vile ged EXEC mode, follo w these steps to conf igure the netw ork sho wn in Figure 13 -4 : 90573 Switch A Switc[...]

  • Pagina 372

    13-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configuring VMPS Configuring VMPS The VLA N Quer y Protocol (V QP) is u sed to suppor t dynami c-ac cess ports , which are not perma nently assigne d to a VLAN, but gi ve VLAN assign ments base d on the MAC source addresses se en on the p[...]

  • Pagina 373

    13-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Configuring VMPS Dynamic-Access Port VLAN M embership A dynamic -access port can belo ng to only one VL AN with an ID from 1 to 4094. Wh en the link comes up, the switch does not for ward traf fic to or from this port unt il the VMPS prov[...]

  • Pagina 374

    13-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configuring VMPS • IEEE 802. 1x ports ca nnot be c onfigured as dy namic-a ccess ports. If you try to ena ble IEEE 802.1x on a dyna mic-a ccess ( VQP) por t, an e rror message appears , and IEEE 802 .1x i s not enab led. If you try to c[...]

  • Pagina 375

    13-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Configuring VMPS Note Y ou must have IP connectivity to the VMPS for dynam ic-acc ess ports to work. Y ou can test for IP connec tivity b y pinging th e IP address of t he VMPS and verifyin g that you get a response . Configuring Dynamic-[...]

  • Pagina 376

    13-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configuring VMPS Changing the Reconfirmation In terval VMPS clients perio dically r econf irm the VLAN member ship inf ormation recei ved fro m the VMPS.Y ou can se t the numb er of m inute s afte r wh ich rec onfirmation occ urs. If you [...]

  • Pagina 377

    13-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Configuring VMPS Monitoring the VMPS Y ou can displ ay inform ation ab out the VM PS by usin g the sho w vmps pri vileged EXEC co mmand. The switch displays this information about the VMPS: • VMPS VQP V ersion—the ver sion of VQP used[...]

  • Pagina 378

    13-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configuring VMPS • End stations are connected to the clien ts, Switch B and Switch I. • The dat abase con figuration file is store d on the TFTP server with th e IP address 172. 20.22 .7. Figur e 13-5 Dynami c P or t VLAN Membe rship [...]

  • Pagina 379

    C HAPTER 14-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 14 Configuring VTP This c hapter describ es how to us e t he VLA N Trunking Prot ocol ( VTP) a nd the VLAN databa se fo r managing VLANs wi th the Catalyst 3750-E or 35 60-E sw itch. Unl ess otherwis e noted, t he term switch refers to a Catalyst 3750-E or 3 5[...]

  • Pagina 380

    14-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Underst anding VTP The swi tch suppo rts 1005 VLA Ns, but the numbe r of r outed po rts, SVIs, and othe r configured feat ures af fects the u sage of the switch hardw are. If the switch is n otifie d by VTP of a ne w VLAN a nd the swit ch is[...]

  • Pagina 381

    14-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Underst anding VT P For domain nam e and p assword configuration gui delines, see t he “VTP Conf iguration Guidel ines” section on page 14-8 . VTP Mode s Y o u can configur e a suppor ted switch or sw itch stack t o be in one of the V TP[...]

  • Pagina 382

    14-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Underst anding VTP VTP adv ertiseme nts distrib ute this global domain i nformation: • VTP domain na me • VTP configurati on revision number • Update id entity an d updat e timestam p • MD5 diges t VLAN conf iguration, including maxi[...]

  • Pagina 383

    14-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Underst anding VT P VTP pruni ng blocks unn eeded floo ded traffic to VLANs on tr unk ports th at are i nclude d in the pruning -elig ible list. Only VLA Ns incl uded in the pruning -el igible l ist can be prun ed. By de fault, VLANs 2 thr o[...]

  • Pagina 384

    14-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP Enab ling VT P prun ing on a V TP server e nable s prun ing for the e ntire m anagem ent d omain. Mak ing VLANs pru ning-eligible or pruning-i neligible af fects prun ing eligibility for th ose VLANs on th at trunk only (no[...]

  • Pagina 385

    14-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP Default VTP Configuration T ab le 14-2 shows the def ault VTP conf iguration. VTP Configuration Options Y o u can configure VTP by using these co nfiguration mo des. • VTP Configura tion in Global Configuration Mode , page [...]

  • Pagina 386

    14-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP VTP Configuration in VLAN Database Configuration Mode Y o u can configure al l VTP param eters in VLA N database con figuration mod e, which you access by ent erin g th e vlan database p rivileged EXEC comma nd. For more in[...]

  • Pagina 387

    14-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP VTP Ve rsi on Foll ow these guidelines w hen decidin g which VTP v ersion to implem ent: • All switches in a VTP domain must run the same VTP versi on. • A VTP V ersion 2 -capa ble switch c a n operate in the same VTP dom[...]

  • Pagina 388

    14-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP When you con figure a domain na me, it cannot be rem oved; you can only rea ssign a switc h to a different domain. T o r eturn the sw itch to a no-passwor d stat e, u se the no vtp password global co nfigurati on comman d.[...]

  • Pagina 389

    14-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP This exam ple sh ows ho w to use VLAN databa se configu ration m ode to configure t he swit ch as a V TP serv er with th e domain name eng_group and the password mypassw or d : Switch# vlan database Switch(vlan)# vtp server [...]

  • Pagina 390

    14-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP Use the no vtp mode global co nfigurati on comma nd to retu rn the switc h to VTP server mo de. T o return the swi tch to a no- password sta te, u se t he no vtp password pr ivileged EX EC c ommand. Wh en y ou configure a [...]

  • Pagina 391

    14-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP Note Y ou can also c onfigure VTP tra nsparent mod e by using the vlan d ata base privileged EXEC comm and to enter VLAN datab ase conf iguration mod e and by ente ring the vtp transparent command, simila r to the seco nd pr[...]

  • Pagina 392

    14-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP Enabling V TP Prunin g Pruning inc reases available bandwi dth by restric ting flood ed traffic to those trunk lin ks that the traff i c must use to acces s the destinat ion devices. Y ou can onl y enabl e VTP prun ing on [...]

  • Pagina 393

    14-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP Beginning i n privileged E XEC mo de, follow these steps to ver ify an d res et the VTP configurati on revision number on a switch befor e adding it to a VTP domain: Y ou can also ch ange the VTP domain na me by enterin g th[...]

  • Pagina 394

    14-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Monito ring VTP Monitoring VTP Y o u mon itor VT P by displayin g VT P configuratio n infor mation: the domain name, the c urrent V TP revision, and the n umber of VLAN s. Y ou ca n also displa y stat istics about the advertis emen ts se nt[...]

  • Pagina 395

    C HAPTER 15-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 15 Configuring Voic e VLAN This c hapter describ es how to c onfigure the voice V LAN fea ture on the Cata lyst 37 50-E or 3560- E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch and to a Catal y s[...]

  • Pagina 396

    15-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 15 Configuring Voice V LAN Underst anding Voice VL AN Figure 15-1 shows one way to conne ct a Cisco 7960 IP Phon e. Figur e 15-1 Cisco 79 60 IP Phone Connect ed to a Sw itch Cisco IP Phone Voice Traffic Y ou can conf igur e an access po rt with an atta ched Ci[...]

  • Pagina 397

    15-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 5 Configuring Voice VLA N Configuring Voice VLAN Note Un tagged traffic from th e device a ttache d to t he Cisco I P Phone passes t hrou gh the phone unc hanged, regardless of the tr ust stat e of t he acce ss port on the phone. Configuring Vo ice VLAN These[...]

  • Pagina 398

    15-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 15 Configuring Voice V LAN Configuring Voice VLAN • The Port Fast featu re is automati cally enabled wh en v oice VLAN is c o nf igured . When y ou disa ble v oice VLAN , the Po rt F a st featu re is n ot automatic ally disabled. • If the Cisc o IP Phon e [...]

  • Pagina 399

    15-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 5 Configuring Voice VLA N Configuring Voice VLAN Configuring Cisco IP Phone V oice Traffic Y o u can c onfigure a po rt conn ecte d to the Cisco IP Phon e to se nd CDP pa ckets to th e phon e to c onfigure the wa y in whic h the phone send s vo ice traf fic. [...]

  • Pagina 400

    15-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 15 Configuring Voice V LAN Configuring Voice VLAN This example shows ho w to configure a port connected to a Cisco IP Phone to use the CoS value to classify inco ming traf fic, to use I EEE 802.1p prior ity tagging for v oice traf fi c, and to use the def ault[...]

  • Pagina 401

    15-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 5 Configuring Voice VLA N Displaying Voice VLAN This exa mple sh ows ho w to c onfigure a port c onnec ted to a Cisco IP Pho ne to not change t he priorit y of frame s rece i ved from t he PC or the attached de vice: Switch# configure terminal Enter configura[...]

  • Pagina 402

    15-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 15 Configuring Voice V LAN Displa ying Vo ice VLA N[...]

  • Pagina 403

    C HAPTER 16-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 16 Configuring Private VLANs This c hapter d escrib es how to configu re private VLANs on the C ataly st 3750- E or 3560-E switch. Unless otherw ise noted, the term switch refers to a Catalyst 3750-E or 3 560-E stan dalone switch and to a Cataly st 3750-E swit[...]

  • Pagina 404

    16-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Underst anding Priva te VLANs Figu re 16-1 Priv a te-VL AN Doma in Ther e are two ty pes o f second ary VLA Ns: • Isol ated VLA Ns—Ports within an iso lated VL AN cann ot comm unicate with ea ch oth er at t h e Layer 2 level. ?[...]

  • Pagina 405

    16-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Unde rsta ndin g Priva te VLAN s Primary an d second ary VLANs ha ve these char acter istics: • Primary VLAN—A pri v ate VLAN h as only one primar y VLAN. Ev ery por t in a p ri v ate VLAN is a member of the prim ary VLAN. T h[...]

  • Pagina 406

    16-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Underst anding Priva te VLANs Private VLANs across Multiple Switches As with regula r VLANs, pri vate VLAN s can span multiple switches. A trunk port carries the primar y VLAN a nd seco ndary VLANs to a n eighbor ing sw itch. T he [...]

  • Pagina 407

    16-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Unde rsta ndin g Priva te VLAN s Y o u should also se e the “Se condar y and Prima ry VLAN Co nfiguration” section on page 16- 7 under the “Pri v ate-VLAN Conf iguration G u idelines” sect ion. Private VLANs and Unicast , [...]

  • Pagina 408

    16-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s Private VLANs and Swi tch Stacks Pri vate VLANs can operat e within the switc h stack, and pri vate -VLAN por ts can resid e on dif feren t stack members. Howe ver , some changes to the switch stack can [...]

  • Pagina 409

    16-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Conf igurin g Priva te VLAN s Step 5 If inter-VLA N routing will be u sed, co nfigure the pr imary SVI , and ma p secondar y VLAN s to the primary . See th e “Map ping Seconda ry V LANs to a Pri mary V LA N Laye r 3 VL AN Int er[...]

  • Pagina 410

    16-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s • W e recomme nd that you prune th e pri vate VLANs from the trunks on de vices that carry no tra ff ic in the p ri v ate VLANs. • Y ou can apply di fferen t quali ty of serv ice (QoS) co nf iguratio[...]

  • Pagina 411

    16-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Conf igurin g Priva te VLAN s • Do not configu re ports that bel ong to a P A gP or L A CP E therCha nnel a s priv a te-V LAN port s. Whi le a po rt is part o f the priv ate-V LAN co nfigurati on, any Et herC hannel c onfigurati[...]

  • Pagina 412

    16-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s Note Dyn amic MA C address es lear ned in on e VLAN of a pri vat e VLAN are re plicat ed in the associ ated VLANs. F or example , a MAC address lear ned in a sec ondary VL AN is replicate d in th e prim[...]

  • Pagina 413

    16-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Conf igurin g Priva te VLAN s When you as sociat e seconda ry VLANs with a prim ary VLA N, note this s yntax info rmation : • The seco ndary_ vlan_lis t paramete r canno t conta in spaces . It can co ntain multiple comm a-sep a[...]

  • Pagina 414

    16-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s Configur ing a Lay er 2 Inter face a s a Priv ate-VLAN Host Port Beginning i n privileged E XEC mode, follow these ste ps to c onfigure a Laye r 2 i nterface as a priv a te-VLA N host port and to assoc [...]

  • Pagina 415

    16-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Conf igurin g Priva te VLAN s Configur ing a Layer 2 Inter face a s a Priv ate-VLAN Prom iscuous Port Beginning i n privileged E XEC mode, follow these ste ps to c onfigure a Laye r 2 i nterface as a priv a te-VLA N prom iscu ous[...]

  • Pagina 416

    16-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s Mapping S econd ary VLAN s to a Primary VLAN Layer 3 VLAN Interfa ce If the p ri vate VL AN will be used f or inter -VLAN routing , you con fig ure an S VI for th e primar y VLAN and map sec ondar y VLA[...]

  • Pagina 417

    16-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Monitoring Private VLANs Monitoring Private VLANs T ab le 16-1 shows the pri vileged EXE C commands for monitori ng pri v ate-VLAN acti vity . This i s an exampl e of t he o utput from the show vlan private-vlan comm and: Switch([...]

  • Pagina 418

    16-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Monito ring Private VL ANs[...]

  • Pagina 419

    C HAPTER 17-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 17 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling V irtual pri v ate netw orks (VPNs) pro vide enter prise-scale connecti vity on a shared infras tructure, ofte n Etherne t-based, w ith the sam e securi ty , prio ritization , reliabili ty , and managea[...]

  • Pagina 420

    17-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Underst andin g IEEE 802. 1Q Tunnel ing tagge d packets. A port co nfigured to support IEEE 8 02.1Q tunnel ing is called a tunnel port . When you configure tunn eling, you assign a t unnel port t o a V[...]

  • Pagina 421

    17-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Understand ing IEEE 802.1Q Tunnel ing Figur e 17 -2 Or iginal (Nor mal), IEEE 802 .1Q, and Dou ble-T agged Ether net P ack et For mats When the pack et enters the trunk port of the service- prov ider[...]

  • Pagina 422

    17-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing IEEE 80 2.1Q Tunn eling Configuring IEE E 802.1Q Tunneling These sec tions co ntain this co nfiguration in format ion: • Default IE EE 802.1Q T u nneling Configu ration, pa ge 17-4 • I[...]

  • Pagina 423

    17-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configur ing IEEE 802.1Q Tunnel ing These are some wa ys to solv e this problem: • Use ISL tru nks betw een core switches i n the servi ce-prov ider networ k. Althoug h custo mer interfaces connec [...]

  • Pagina 424

    17-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing IEEE 80 2.1Q Tunn eling For example, the switch su pports a maximu m fram e size of 149 6 bytes with one of the se co nfigurations: • The sw itch ha s a sy stem jum bo M TU value of 1500[...]

  • Pagina 425

    17-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configur ing IEEE 802.1Q Tunnel ing Configur ing an IEEE 80 2.1Q Tunneli n g Port Beginning i n privileged E XEC mo de, follow these steps to con figure a port a s an IEEE 80 2.1Q tunne l port: Use t[...]

  • Pagina 426

    17-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Underst andin g Layer 2 Pro tocol Tunneling Understandin g Layer 2 Protocol Tunnelin g Cust omers a t dif feren t sit es conn ected acr oss a se rvice-pro vider ne twork ne ed to us e v arious Layer 2 [...]

  • Pagina 427

    17-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Understan ding Layer 2 Protoco l Tunnel ing Figur e 17 -4 Lay er 2 Pr ot ocol T unneling Figur e 17 -5 Lay er 2 Networ k T opolog y without Proper Con ve r gence In an SP network , you ca n use L aye[...]

  • Pagina 428

    17-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing Layer 2 Protocol Tu nneling For exam ple, in Figur e 17-6 , Customer A has two switc hes in the same VLAN that are connected through the SP network. When th e network tun nels PDUs , swit[...]

  • Pagina 429

    17-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configu r ing Laye r 2 Protoco l Tunnel ing See Figure 17-4 , with Customer X and C ustom er Y in acc ess VLANs 30 and 4 0, res pecti vel y . Asymmetric lin ks connect th e customers in Site 1 to ed[...]

  • Pagina 430

    17-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing Layer 2 Protocol Tu nneling Layer 2 Protoco l Tunneling C onfigura tion Guide lines These are some co nfigurati on gu ideline s and ope rating c harac teristi cs of L ayer 2 prot ocol tun[...]

  • Pagina 431

    17-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configu r ing Laye r 2 Protoco l Tunnel ing Configuring L ayer 2 P rotocol Tu nneling Beginning in privileged EXEC mo de, fol low these steps to con figure a port for La yer 2 proto col tunneli ng: [...]

  • Pagina 432

    17-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing Layer 2 Protocol Tu nneling Use the no l2protocol-tunnel [ cdp | stp | vtp ] int erface configurat ion com mand t o disa ble pr otocol tunnel ing for one of the Laye r 2 protoco ls or for[...]

  • Pagina 433

    17-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configu r ing Laye r 2 Protoco l Tunnel ing Use the no l2pr otocol-tunnel [ po int-to-point [ pag p | lacp | udld ]] inter face conf iguration co mmand to disable po int-t o-point protoco l tunneli [...]

  • Pagina 434

    17-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing Layer 2 Protocol Tu nneling Configuring the Customer Sw itch After conf iguring the SP edge switch, begin in pri vileged EXEC mode and follo w these steps to configure a c ustomer switch [...]

  • Pagina 435

    17-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configu r ing Laye r 2 Protoco l Tunnel ing Switch(config-if)# l2protocol-tunnel drop-threshold point-to-point pagp 1000 Switch(config-if)# exit Switch(config)# interface gigabitethernet1/0/3 Switch[...]

  • Pagina 436

    17-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Monito ring and Mai ntaining Tun neling Sta tus Monitoring and Main taining Tunneling Status T ab le 17-2 shows the pri vileged EXE C commands for monitori ng and maintaining IEEE 802.1Q and Lay er 2 [...]

  • Pagina 437

    C HAPTER 18-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 18 Configuring STP This chapt er desc ribes how to configure the Sp anni ng T ree Protoc ol (STP) on port-ba sed VLANs on the Catalyst 3750-E or 3560-E switch. The swi tch can u se ei ther the per-VLAN spa nning-t ree plus ( PVST+ ) protocol based on the IEE E[...]

  • Pagina 438

    18-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures • Spanning -T ree Mode s an d Protoc ols, pa ge 18-1 0 • Supporte d Spanning -Tree Instances, pa ge 18-1 0 • Spanning- T ree Interop erability and Backw ard Compatibi lity , page 18-11 • STP a[...]

  • Pagina 439

    18-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures Spannin g-Tr ee Topo logy an d BPDUs The stable, ac tiv e sp anning-t ree topolog y of a switched network is controlled by these elements: • The uni que bridge ID (sw itch p rior ity and MAC address)[...]

  • Pagina 440

    18-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures Only one outgoin g port on the stack root switc h is selected as the root port. The remaining switch es in the stack become its designated switch es (Switch 2 and Switch 3) as sho wn in Figure 1 8-1 o[...]

  • Pagina 441

    18-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures The swi tch sup ports t he IEEE 802.1t spanni ng-tre e extension s, and some of t he bits pr eviously used for the switch prior ity are no w used as the VLAN identif ier . The result is that fe wer MAC[...]

  • Pagina 442

    18-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures • From le arning t o fo rwarding o r to disable d • From for warding to d isabled Figure 18-2 illustrates ho w an interface mo ves through the states. Figur e 18-2 Spannin g-T r ee Inte rf ace Sta[...]

  • Pagina 443

    18-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures Blocking State A Layer 2 interf ace in the blockin g state does not particip ate in fram e forw arding. Af ter initi alization, a BPDU is sent to each swi tch interfac e. A switch initial ly functions [...]

  • Pagina 444

    18-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures Disabled State A Laye r 2 int erface in th e disab led state do es not parti cipa te in frame forwar ding or in the span ning tree. An interf ace in the disabled state is nonoperational. A dis abled i[...]

  • Pagina 445

    18-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures Spanning Tree and Redun dant Conn ectiv ity Y o u can cr eate a redunda nt back bone w ith spa nning t ree by co nnecting two switc h inte rfaces to anot her device or to two different devices, as show[...]

  • Pagina 446

    18-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures Becau se each V LAN is a sepa rate sp anning -tre e instan ce, the switc h accelerates aging o n a per - VLAN basis . A spanni ng-tree rec onf iguration on one VLAN can ca use the dynami c address es[...]

  • Pagina 447

    18-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures Spanning-Tree Interoperability and Backward Compatibility T ab le 18-2 lists the inter operability and compatibility among the s upported s panning-tree mo des in a network. In a mi xed MSTP and PV ST[...]

  • Pagina 448

    18-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures individual VL AN spa nning tre es to pr ev ent lo ops from f ormi ng if the re are multip le con necti ons among VLANs . It also prevents the individual spanning trees from the VLAN s being bridged fro [...]

  • Pagina 449

    18-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures • Conf iguring th e Switch Priority of a VLAN, page 18- 21 (optional) • Conf igur ing Sp annin g-T ree T imer s, page 18 -22 (optional ) Default Span ning-T ree Configur ation T ab le 18-3 shows the[...]

  • Pagina 450

    18-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures Cautio n Switches that are not running spanning tre e still forwar d BPDUs that they rece iv e so that the other switche s on the V LA N that have a run ning span ning -tree in stance can b reak l oops.[...]

  • Pagina 451

    18-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Changing the Spa nning-Tree M ode. The sw itch s upports th ree spanning -tree mo des: PV ST+, rapi d PVST+, or MS TP . By defau lt, the switch runs th e PVST+ protocol . Beginning in privileged EXEC mo[...]

  • Pagina 452

    18-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures Disabling Sp anning Tree Spanning tree is enab led by defau lt on V LAN 1 and on all newly crea ted VL ANs up to the spannin g-tree limit specif ied in the “ Suppor ted Spann ing-Tree Instances” sec[...]

  • Pagina 453

    18-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Note Th e ro ot swit ch fo r eac h span ning -tree instan ce shou ld be a ba ckbone or di stribution switch . Do not conf igure an acces s switch as the span ning -tre e primar y root. Use the diameter [...]

  • Pagina 454

    18-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures Configur ing a Secondar y Root Switch When you con figure a switch as the secondary root, the switc h priori ty is modified from t he default value (32768 ) to 28672. Th e switc h is then l ikely to bec[...]

  • Pagina 455

    18-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Note If your switch is a m ember of a switch stack, you mu st us e the spanning-tree [ vlan vlan-id ] cost cost interfac e configurati on comma nd instea d of the spanning-tree [ vlan vla n-id ] port-pr[...]

  • Pagina 456

    18-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures T o return to the default setting, use the no spanning-tree [ vlan vlan-id ] port-pr iori ty interf ace configurati on c ommand. For inf ormati on o n how to co nfigure l oad sh aring on trun k port s b[...]

  • Pagina 457

    18-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Note Th e show spanning-tree inter face interface- id privileged EXEC comma nd displays in format ion only for ports that ar e in a link-up op erati ve sta te. Otherw ise, you can use the show runni ng-[...]

  • Pagina 458

    18-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures Configuring S pannin g-Tree Timers T ab le 18-4 descr ibes the timer s that af fect the en tire spanning -tree p erfor mance. The sectio ns that follo w pro vide the conf iguration steps. Configuring th[...]

  • Pagina 459

    18-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Configuring the Forwarding -Delay Time fo r a VLAN Beginning i n privileged E XEC mode, follow these ste ps to c onfigure t he forwarding -del ay ti me for a VLAN. Th is proc edure is opt ional . T o re[...]

  • Pagina 460

    18-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Displaying the Spannin g-Tree Stat us Configuring the Transmit Hold -Count Y o u can configure the BPDU burst size by changing th e transm it hold coun t v alue . Note Changing this parameter to a hi gher va lu e can hav e a significant imp[...]

  • Pagina 461

    C HAPTER 19-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 19 Configuring MSTP This c hapter describ es how to c onfigure the Cisco imple mentat ion of the I EEE 802 .1s Multiple STP (MS TP) on t he Cat alyst 3 750-E or 3560- E switch. Note The multiple spanning-tree (MST) implementation is based on the IEEE 802.1s st[...]

  • Pagina 462

    19-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding MST P • Configuring M STP Fea tures, p age 19-14 • Display ing the MST Configura tion and Statu s, page 19-26 Understandin g MSTP MSTP , which uses RSTP for ra pid con vergence, en ables VLA Ns to be group ed into a spann[...]

  • Pagina 463

    19-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Unde rsta ndi ng M STP IST, CIST, an d CST Unlik e PVST+ and rapid PVST+ in whi ch all the spann ing-t ree inst ances are in depend ent, the MST P establishes and maintains tw o types of sp anning trees: • An interna l spanning tree (IST)[...]

  • Pagina 464

    19-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding MST P For correct operatio n, all switch es in the MST region m ust agree on the sam e CIST regi onal root. Theref ore, any two switches in the regi on only sync hronize their port roles for an MST insta nce if th ey conv erg[...]

  • Pagina 465

    19-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Unde rsta ndi ng M STP MSTP switch es use V ersion 3 R STP BPDUs o r IEEE 8 02.1D STP BPD Us to com municate wi th legacy IEEE 8 02.1D sw itches . MST P switch es use M STP BPD Us to commun icate with MSTP switches . IEEE 802.1s Terminology[...]

  • Pagina 466

    19-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding MST P The messa ge-age and maxim um-ag e info rmati on in the RST P portion of the BPDU re main th e same through out the region, and the sam e values are propagated by the regi on designat ed ports at t he boundary . Bounda [...]

  • Pagina 467

    19-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Unde rsta ndi ng M STP Port Role Naming Change The bo undary role is no lo nger in the f inal MST standar d, b u t this boundary c oncept is maintained in Cisco’ s implemen tation. Howe ver , an MST instan ce por t at a bound ary of the r[...]

  • Pagina 468

    19-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding MST P Detecting Unidirect ional Link Failure This fea ture is not yet pr esent in the IEEE MST st andard, but it is included in th is Cisco IOS rele ase. The sof tware chec ks the c onsis tency of the port ro le an d stat e i[...]

  • Pagina 469

    19-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Understa nding RST P Interoperability with IEEE 802.1D STP A switch r unning M STP supp orts a built-in pr otocol migrat ion mecha nism that enable s it to i nteroper ate with legacy IEEE 802.1D switche s. If this switc h receives a legac y[...]

  • Pagina 470

    19-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding RSTP • Backup po rt—A cts as a backup for t he path p rovided by a de sign ated po rt toward the le av es of the spannin g tree . A ba ckup port can exist only when t wo port s are c onne cted in a lo opback by a point-t[...]

  • Pagina 471

    19-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Understa nding RST P After recei ving Sw itch B’ s agreemen t message, Switc h A also immediately tran sitions its designat ed port to the forwar ding state. No lo ops i n the n etw ork a re for med b ecause Switch B blocked al l of it s[...]

  • Pagina 472

    19-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding RSTP If a designa ted port is in the forwarding state and is not con figu red as an edge port, it transitions to th e blocking state when the R STP forces it t o sync hroniz e with new root informa tion. In g eneral, when th[...]

  • Pagina 473

    19-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Understa nding RST P The sending switch sets the proposal flag in the RSTP BPDU to propose itself as the d esignated switch on that LAN. The p ort role in the proposa l message is alway s set to the designated port. The send ing switch set[...]

  • Pagina 474

    19-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es • Notificati on—Un like IE EE 802. 1D, which u ses TCN BPDUs, the RSTP d oes n ot us e them . Ho we ver , for IEEE 802.1D interoperability , an RSTP switch processes an d generates TCN BPDUs. • Ackno wledg[...]

  • Pagina 475

    19-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res Default MSTP Configuration T ab le 19-4 shows the default M STP c onfiguration . For informat ion about the suppor ted numbe r of spanni ng-tree instan ces, see the “Supp orted Spanning -T ree In stance s” s[...]

  • Pagina 476

    19-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es • VTP propa gation of the MST co nfiguration i s not suppo rted. Howev er , you can manu ally c onfigure the MS T co nfiguration (region n ame , revision num ber, and VLA N-to-in stance mappi ng) o n each swit[...]

  • Pagina 477

    19-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res T o r etur n to th e defa ult M ST region c onfigurati on, u se th e no spanning-tree mst configurat ion global conf iguratio n command. T o return to the def ault VLAN- to-instanc e map, use the no instance ins[...]

  • Pagina 478

    19-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es T o conf igure a s witch t o beco me the root, use the spanning-tr ee mst instance- id root gl obal configurati on c ommand to m odify t he sw itch priori ty from the default value (32768) to a sign ificantly lo[...]

  • Pagina 479

    19-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res T o return the switch to it s default setting, use the no spanning- tree mst instance-id ro o t gl obal configurati on c ommand. Configur ing a Secondar y Root Switch When you con figure a swit ch wit h the exte[...]

  • Pagina 480

    19-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es Configuring Port Priority If a l oop occur s, the MST P uses the p ort pr iority when selecting an interf ace to put into th e forw arding state. Y ou can assig n higher p riority v alues (l o wer num erical va [...]

  • Pagina 481

    19-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res T o return the interface to it s default setting , use the no spanning- tree mst insta nce-id port-priority interf ace c onfig uration co mmand. Configuring Path Cost The MSTP path cost def ault v alue is deriv [...]

  • Pagina 482

    19-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es Configuring the Switch Priority Y ou can conf igure the switch priorit y and make it more lik ely that a standalo ne switch or a switch in the stack will be c hosen as the root switch. Note Exercis e care when u[...]

  • Pagina 483

    19-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure the hell o time for all MST instances. This pro cedure is optional. T o return the sw itch to its d efault se tting, use the no spanning-tre[...]

  • Pagina 484

    19-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es Configuring the Maxi mum-Aging Time Beginn ing in p ri vileg ed EXEC mode, fo llo w these s teps to conf ig ure the maximum-agi ng time f or all MST inst ance s. This procedure is optio nal. T o return the switc[...]

  • Pagina 485

    19-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res By default, the link type is c ontrol led from the duplex mode of the i nterface: a full-d uplex port is conside red t o have a poin t-to-poi nt co nnecti on; a half- duplex por t is c onsi dered to have a share[...]

  • Pagina 486

    19-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Displaying the MST Configu ration and Stat us Restarting the Protocol Mi gration Proce ss A switch r unning M STP supp orts a built-in pr otocol migrat ion mecha nism that enable s it to i nteroper ate with legacy IEEE 802.1D switche s. If[...]

  • Pagina 487

    C HAPTER 20-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 20 Configuring Optional Spannin g-Tree Features This c hapter describ es how to c onfigure op tional spannin g-tree featur es on the C ataly st 3750- E or 3560-E sw itch. Y ou can configure a ll of these fe ature s when your sw itch is runni ng the pe r -VLA N[...]

  • Pagina 488

    20-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures Understand ing Port Fa st Port Fast immedia tely br ings an inte rface configured as an acces s or trunk port to the forward ing state from a blocki ng sta te, b[...]

  • Pagina 489

    20-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Unders tandin g Optional Spanni ng-Tree Fe atures At the interf ace le vel, you en able BPDU guard on an y port b y using the spanning-tr ee bpduguard enab le interface conf iguration command with out also e nab[...]

  • Pagina 490

    20-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures Figu re 20-2 Switches in a Hi erarchical Ne twork If a switch loses co nnectivity , it begins using t he alterna te path s as soon as the span ning tree selec ts[...]

  • Pagina 491

    20-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Unders tandin g Optional Spanni ng-Tree Fe atures Figur e 20-3 UplinkF ast Exam ple Befor e Dir ect Link F ailur e If Switch C detects a lin k failure on the currently act i ve link L2 on the root port (a dir e [...]

  • Pagina 492

    20-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures How CSUF Work s CSUF ensures that one link in the stack is elected as the path to the root. As shown in Figure 20-5 , the stack- root po rt on Sw itch 1 provide [...]

  • Pagina 493

    20-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Unders tandin g Optional Spanni ng-Tree Fe atures Each switch in the stac k decides if the sending switch is a better choice than itself to be the stack root of this span ning- tree inst ance b y compar ing the [...]

  • Pagina 494

    20-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures Backbon eFast, w hich is e nable d by us ing th e spanning-tree backbonefast global c onfiguratio n comm and, star ts when a ro ot port or bl ocked inter face on[...]

  • Pagina 495

    20-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Unders tandin g Optional Spanni ng-Tree Fe atures If lin k L 1 fails as sh own in Figu re 20-7 , Switch C cannot detect this f ailure bec ause it is not co nnected direct ly to link L1. Ho wev er , because Switc[...]

  • Pagina 496

    20-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures Understand ing Ethe rCha nnel Gua rd Y o u can use EtherC hannel guard to detect an Ethe rChan nel mi sconfigurati on betwe en the switch a nd a connect ed devi[...]

  • Pagina 497

    20-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Confi guring Opt ional Spanni ng-Tree Fe atures Figu re 20-9 R oot G ua rd in a Se rvi ce- Provider Network Understand ing Loop Guard Y o u can use loo p gua rd to prevent al ternate or root po rts from becom i[...]

  • Pagina 498

    20-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Configur ing Opti onal Spanni ng-Tree Features • Enab ling B ackbone Fast, page 20-1 6 (optional) • Ena bling Ether Channel Guard, page 20-17 (optional) • Enab ling Root Guar d, page 20-1 8 (opt iona l) ?[...]

  • Pagina 499

    20-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Confi guring Opt ional Spanni ng-Tree Fe atures Y o u can enab le th is fea ture if your switch is r unning PVST+, rapi d PVST+, or MSTP . Beginn ing in pri vile ged EXEC mode, follo w these steps to enable Por[...]

  • Pagina 500

    20-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Configur ing Opti onal Spanni ng-Tree Features The BPDU guard fe ature pr ovides a secur e respon se to in valid configurati ons becau se you m ust manual ly put the por t ba ck in serv ice. Use t he BPDU gua rd[...]

  • Pagina 501

    20-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Confi guring Opt ional Spanni ng-Tree Fe atures Y o u can also use the spanning-tree bpduf ilter enable inte rface conf iguration com mand to enable BPDU fil tering on any interf ace without also en abling the [...]

  • Pagina 502

    20-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Configur ing Opti onal Spanni ng-Tree Features Beginn ing in pri vileged EXEC mode, follo w these steps to enable UplinkF ast and CSUF . This procedu re is optional. When UplinkF ast is enabled, the switc h prio[...]

  • Pagina 503

    20-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Confi guring Opt ional Spanni ng-Tree Fe atures Note If you use Backbon eFast, you m ust enabl e it o n all switch es in th e ne twork. B ackboneFast is no t supported on T oken Ring VLAN s. This featur e is su[...]

  • Pagina 504

    20-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Configur ing Opti onal Spanni ng-Tree Features Enabling R oot Guard Root gu ard e nable d on an int erface applie s to all th e VLA Ns to whi ch th e int erface belongs . Do not enable t h e root guard on interf[...]

  • Pagina 505

    20-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Display ing the Spanning -Tree Status T o g lobal ly dis able lo op gua rd, use the no spanning-tree loopguard default global configuratio n command. Y ou can o verride the settin g of the no spanning-tr ee loo[...]

  • Pagina 506

    20-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Displaying the Spannin g-Tree Stat us[...]

  • Pagina 507

    C HAPTER 21-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 21 Configuring Flex Link s and the MAC Address-Table Move Update Feature This chapte r describes ho w to conf igure Fle x Links, a pair of inter faces on the Cataly st 3750-E or 3560-E sw itch that provide a mutua l backup. It also descr ibes how to configure [...]

  • Pagina 508

    21-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Underst andin g Flex Links and the M AC Addr ess-Tabl e Mov e Update Y o u configure Flex Link s on one Layer 2 interface (the activ e link) by assign ing anothe r Layer 2 interf ace [...]

  • Pagina 509

    21-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Understan ding Flex Links a n d the MAC Addr ess-Table Mo ve Update Figur e 21 -2 VLAN Flex Links Load Balancing Configu ratio n Examp le MAC Addr ess-Ta ble Move Up date The MAC add[...]

  • Pagina 510

    21-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Underst andin g Flex Links and the M AC Addr ess-Tabl e Mov e Update switch C l earns the MAC address of the PC on p ort 4. Switch C upda tes the MA C addr ess ta ble, includi ng the [...]

  • Pagina 511

    21-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Config uring Fl ex Links an d MAC Address- Table Mo ve Update Configuring Flex Links and MAC Address-Tab le Move Update These se ctions conta in this i nformation: • Configuration [...]

  • Pagina 512

    21-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Configur ing Flex L inks and MA C Addr ess-Tabl e Move Update Configuring Flex Links and MAC Address-Tab le Move Update This section contain s this information: • Configuring Flex L[...]

  • Pagina 513

    21-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Config uring Fl ex Links an d MAC Address- Table Mo ve Update Beginning in int erface configur ation mode , follow these steps t o configure a pree mption scheme for a pair of Flex L[...]

  • Pagina 514

    21-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Configur ing Flex L inks and MA C Addr ess-Tabl e Move Update Configuring V LAN Load Ba lancing on Flex Lin ks Beginning in privileged EXEC mo de, follow these steps t o configure VLA[...]

  • Pagina 515

    21-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Config uring Fl ex Links an d MAC Address- Table Mo ve Update When a Flex Link in terface com es up, VL ANs pre ferred on t his interfa ce ar e blocked on the peer interf ace a nd mo[...]

  • Pagina 516

    21-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Configur ing Flex L inks and MA C Addr ess-Tabl e Move Update T o di sable th e MA C address- table move update featur e, use t he no mac address-table move update transmit interfac [...]

  • Pagina 517

    21-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Monitor ing Flex Links and the MAC Address- Table Move Upd ate T o di sable th e MA C address- table move update featur e, use t he no mac address-table move update rec e ive c onfi[...]

  • Pagina 518

    21-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Monito ring Flex L inks and t he MAC Addr ess-T able Move Updat e[...]

  • Pagina 519

    C HAPTER 22-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 22 Configuring DHCP Features and IP Source Guard This c hapter describ es how to c onfigure DH CP snoop ing an d th e option -82 da ta inse rtion feat ures on the Cataly st 3750-E or 356 0-E switc h. It also desc ribes how to configure the IP source guard fea [...]

  • Pagina 520

    22-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Underst anding DHCP F eatures For information a bout the DHCP c lient, see t he “ Configuring DHC P ” section of the “ IP Addressing and Services ” section of the C isco IOS IP C onfiguration Guide, [...]

  • Pagina 521

    22-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Understa nding DHCP Fe atures The s witch drops a DH CP pack et when on e of t hese situa tions occurs : • A pack et from a DHCP serv er, such as a DHCPOFFER, DHCP A CK, DHCPN AK, or DHCP LEASEQU ER Y p acke[...]

  • Pagina 522

    22-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Underst anding DHCP F eatures Figure 22-1 is an exam ple of a metropo litan Ethern et networ k in which a centraliz ed DHCP server assign s IP addr esses to sub scribe rs connec ted to the sw itch at the acc[...]

  • Pagina 523

    22-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Understa nding DHCP Fe atures • Remote-ID suboptio n fields – Suboption t ype – Length of th e subo ption type – Remote-ID typ e – Leng th o f t he remo te -ID typ e In the port f ield of th e circu [...]

  • Pagina 524

    22-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Underst anding DHCP F eatures The values fo r these fields in the packets chan ge from t he default values when you c onfigure the remote-I D and circu it-ID subo ptions: • Circuit-ID subop tion f ields ?[...]

  • Pagina 525

    22-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Understa nding DHCP Fe atures Each da tabase en try ( binding ) has an IP addr ess, an ass ociated MA C address, the lea se time (in hexa d ecimal format ), the interfa ce to which the bindin g applies, and th[...]

  • Pagina 526

    22-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Configur ing DHCP Fe atures DHCP Snoop ing and Switch Sta cks DHCP sn oopin g is manage d on the st ack mas ter . When a ne w switch joi n s the stac k, the swit ch recei ves the DHCP snooping conf iguration[...]

  • Pagina 527

    22-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Config uring DHC P Featu res DHCP Snooping Config uration Guidelines These ar e the configur ation guidelin es for DHCP snoo ping. • Y o u must globall y enable DHCP snooping on the switch. • DHCP snooping[...]

  • Pagina 528

    22-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Configur ing DHCP Fe atures • Before conf iguring the DHCP rel ay agent on your switch, make su re to conf igure the de vice that is acti ng as the D HCP ser ver . For example , you must spec ify the I P [...]

  • Pagina 529

    22-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Config uring DHC P Featu res Configuring the DHCP Relay Agent Beginn ing in pri vileged EXEC mode, follo w these steps to enable the DHCP relay agen t on the switch: T o disabl e the DHCP s erv er and relay a[...]

  • Pagina 530

    22-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Configur ing DHCP Fe atures T o remo ve the D HCP pac ket forw ardin g addr ess, u se th e no ip helper -addr ess addr ess in terfa ce configurati on c ommand. Enabling DHC P Snoo ping and Op tion 82 Beginn[...]

  • Pagina 531

    22-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Config uring DHC P Featu res T o disab le DHCP snoopi ng, use the no ip dhcp snooping global configurat ion comm and. T o disab le DHCP snoo ping o n a VLAN or range of VLA Ns, use the no ip dhcp snooping vla[...]

  • Pagina 532

    22-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Configur ing DHCP Fe atures Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# ip dhcp snooping limit rate 100 Enabling DHC P Snoo ping on Priva te VLANs Y o u can en able D HCP sno oping on [...]

  • Pagina 533

    22-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Display ing DHCP Sno oping In formation T o s top u sing the da tabas e ag ent a nd bindi ng files, use the no ip dhcp snooping database global configurati on c ommand. T o rese t the t imeou t or de lay valu[...]

  • Pagina 534

    22-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Underst anding IP So urce Gu ard Note If DHCP snooping is enabled and an in terface ch anges to the do wn state, the switch does not delete th e static ally co nfigured bind ings. Understandin g IP Source G[...]

  • Pagina 535

    22-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Confi guri ng IP S our ce G uard Source IP and MA C Address Filtering When IP s ource guard is enabl ed with th is option , IP tra ff ic is f ilter ed bas ed on the s ource IP and MA C addr esses. The s witch[...]

  • Pagina 536

    22-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Conf igurin g IP S our ce Gu ard • When configur ing IP source guard on i nterfac es on whic h a priv a te VLAN is configured , port securit y is not supporte d. • IP source gua rd is n ot su pported on[...]

  • Pagina 537

    22-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Displaying IP Source Guard Information This exam ple sh ows how to enable IP so urce guard with source IP an d MAC f ilter ing on VLAN s 10 and 11: Switch# configure terminal Enter configuration commands, one[...]

  • Pagina 538

    22-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Display ing IP Source G uard Info rmation[...]

  • Pagina 539

    C HAPTER 23-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 23 Configuring Dynamic ARP Insp ection This chapt er desc ribes how to configure dynam ic Addr ess Resolu tion Proto col inspec tion ( dynami c ARP inspection) on the Catalyst 3750-E or 3560-E switc h. This feature helps pre vent malicious atta cks on the swit[...]

  • Pagina 540

    23-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Underst anding D ynamic ARP I nspection Figur e 23-1 ARP Cache P oisoning Hosts A, B, and C are connected to the switch on interfaces A, B and C, all of which are on the same subnet. Their IP and MAC address es are shown i[...]

  • Pagina 541

    23-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Understa nding Dynami c ARP Inspect ion Y o u can configure dynamic ARP inspec tion to drop ARP packets when the IP addre sses in the pac kets are i n valid or when the M A C addr esses in the body of t he ARP pac kets [...]

  • Pagina 542

    23-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Underst anding D ynamic ARP I nspection Dynamic ARP i nspectio n ensure s that h osts (on untrust ed in terfaces) connec ted t o a sw itch run ning dynami c ARP inspect ion do not po ison the ARP ca ches of other hosts in [...]

  • Pagina 543

    23-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion Logging o f Dropped Packet s When th e switch d rops a p acke t, it pl aces an entry in the log b uffe r and th en gener ates syst em mess ages on a ra te-controlle d basis. Afte r[...]

  • Pagina 544

    23-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Configur ing Dynam ic ARP Insp ection Dynamic ARP In spectio n Configuratio n Guidelin es These are the dynam ic ARP inspec tion con figu ration guidel in es: • Dynamic ARP inspectio n is an ingre ss security feat ure; i[...]

  • Pagina 545

    23-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion • The operati ng rate for the p ort channe l is cumulati ve across all the physical p orts within the c hannel. For ex ample, if y ou conf igure the port ch annel with an ARP rat[...]

  • Pagina 546

    23-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Configur ing Dynam ic ARP Insp ection T o di sable dy namic ARP insp ecti on, use the no ip arp inspec tion vlan vlan-range g lobal c onfigurati on command. T o return th e inter faces to an untrusted state, u se the no ip[...]

  • Pagina 547

    23-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure an ARP AC L on Switch A. This procedu re is requir ed in non-DH CP environments. Command Purp ose Step 1 co n[...]

  • Pagina 548

    23-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Configur ing Dynam ic ARP Insp ection T o remov e the ARP A CL, use the no arp access-li st global configurat ion comma nd. T o remove the ARP A CL attach ed to a V LAN, use the no ip arp inspection f ilter a rp-acl- name[...]

  • Pagina 549

    23-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion For configurat ion gui delines f or ra te limit ing tr unk port s and E therCha nnel ports, see the “Dynamic AR P Inspecti on Configuration G uidelin es” sectio n on page 23-6[...]

  • Pagina 550

    23-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Configur ing Dynam ic ARP Insp ection Be ginnin g in pri vileged EXE C mode, fo llo w these st eps to perf orm specif ic chec ks on inco ming ARP packet s. This procedur e is optional. T o di sable ch ecki ng, use the no [...]

  • Pagina 551

    23-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion If the log b uffer o verf low s, it means that a log e vent does not f it into the log buf fer , and the display for the show ip arp inspection l og privileged EXEC comma nd is af[...]

  • Pagina 552

    23-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Display ing Dyna mic ARP Insp ectio n Informat ion T o return to the default log b uffer settin gs, use the no ip arp inspectio n log-buf fer { ent ries | logs } global configurati on com mand. T o return to the de fault [...]

  • Pagina 553

    23-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Displaying Dynamic ARP Inspection Information T o clear or display dynamic ARP inspec tion statistics, use the pri vile ged EXEC commands in T ab le 23-3 : For t he show ip arp inspec tion statis tics c omma nd, th e s[...]

  • Pagina 554

    23-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Display ing Dyna mic ARP Insp ectio n Informat ion[...]

  • Pagina 555

    C HAPTER 24-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 24 Configuring IGMP Sno oping and MVR This cha pter descr ibes how to configure Int ernet Group Ma nageme nt Proto col (IGMP) snooping on the Catalyst 375 0-E or 3 560-E switch, includ ing an appli cation of loc al IGMP sno oping, Mu lticast VL AN Registration[...]

  • Pagina 556

    24-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Underst anding IG MP Snoo ping Understandin g IGMP Snooping Layer 2 switches can use IGMP snooping to constra in the flooding of multic ast traf f ic by dynamically conf iguring Layer 2 inter faces so that multicast tr[...]

  • Pagina 557

    24-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Underst andin g IGMP Sn ooping IGMP Versions The sw itch supports IGM P V ersion 1, IGM P V ersion 2, and IGMP V ersion 3. The se version s are interope rable on th e sw itch. For exam ple, if IG MP snoo ping i s enabl ed[...]

  • Pagina 558

    24-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Underst anding IG MP Snoo ping Figur e 24-1 Initial IGM P Join M essag e Router A sends a genera l quer y to th e switch , which forwar ds the qu ery to ports 2 t hroug h 5, whi ch are all members of the same VLAN. Hos[...]

  • Pagina 559

    24-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Underst andin g IGMP Sn ooping If anothe r ho st (for example, Host 4 ) send s an unsolici ted IGM P jo in message for t he sam e group ( Figure 24 -2 ), the CPU receives that message a nd adds the por t numb er of Host 4[...]

  • Pagina 560

    24-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Underst anding IG MP Snoo ping Immediat e Leave Immedi ate Leave is only support ed on IGM P V er sion 2 hosts. The swi tch uses IG MP snoop ing Imme diate Leave to remove from the forwar ding ta ble an inte rface that[...]

  • Pagina 561

    24-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping IGMP Snoop ing and Switch Sta cks IGMP snooping functions across th e switch stack ; that is, IGMP con trol inf ormation from one swit ch is distrib uted to all switches in the stack. ( See Chap [...]

  • Pagina 562

    24-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping Enabling or Dis abling IGMP Sn ooping By default, IGM P snoopin g is global ly enab led on the swi tch. When gl oball y enab led or disable d, it is also enabled or disa bled in all existin g [...]

  • Pagina 563

    24-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Setting th e Snoo ping M ethod Multicast -capable ro uter port s are added to the forw arding table for e very Layer 2 multic ast entry . The switch learn s of such port s through one of these me[...]

  • Pagina 564

    24-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping This example shows ho w to configure IGMP sno oping to use CGMP packets as t he learni ng method : Switch# configure terminal Switch(config)# ip igmp snooping vlan 1 mrouter learn cgmp Switch[...]

  • Pagina 565

    24-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configuring a Host Sta tically to Join a Group Hosts or La yer 2 port s normall y join m ulticast groups dyna mically , but yo u can also sta tically configure a host on an in terface . Beginn i[...]

  • Pagina 566

    24-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping T o disabl e IGMP Immed iate Lea ve on a VLA N, use the no ip igmp snooping vlan vlan-i d immediate-lea ve glo bal c onfiguration com mand. This exam ple sh ows how to enable IG MP Imme diate[...]

  • Pagina 567

    24-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configur ing TCN-Related Com mands These secti ons descr ibe how t o con trol fl ooded mult icast t raffic during a TCN ev ent: • Controlling the Multic ast Flooding T ime After a TCN Ev ent, [...]

  • Pagina 568

    24-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping Beginn ing in pri vileged EXEC mode, follo w these steps to enable the switch to send the gl obal lea ve message whether or not it is the span ning-t ree ro ot: T o return to th e def ault qu[...]

  • Pagina 569

    24-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configuring th e IGMP S nooping Qu erier Follow these guideli nes wh en configuring t he IGMP snoo ping queri er: • Conf igure the VLAN in glob al conf iguration mode. • Conf igure an IP a d[...]

  • Pagina 570

    24-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping This exam ple sh ows how to set th e IGM P snoop ing q uerier s ource add ress to 10.0.0. 64: Switch# configure terminal Switch(config)# ip igmp snooping querier 10.0.0.64 Switch(config)# end[...]

  • Pagina 571

    24-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information Displaying IGMP Sn ooping Information Y o u can displa y IGMP snoopi ng inf ormat ion f or dyn amica lly le arned and st atica lly con figured rou ter ports and V LAN interfac es. Y o[...]

  • Pagina 572

    24-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Underst anding Mu lticas t VLAN Regi stratio n For more inform ation abou t the keywords and option s in these comm ands, see the c ommand refe rence for th is re lease . Understandin g Multicast VLAN Regist ration Mu[...]

  • Pagina 573

    24-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Understanding Multicast VLAN Registration Using MVR in a M ulticast Television Application In a multicast tel ev ision applica tion, a PC or a tele vision with a set-top box can re cei ve the multicast stream. Mult ip le[...]

  • Pagina 574

    24-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Conf igurin g MVR When a subscriber chan ges channels or turns of f the tele v ision, the set-to p box sends an IGMP leav e message for t he multica st stream . The swi tch CPU sends a MAC-based general qu ery throu g[...]

  • Pagina 575

    24-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring MVR MVR Configuratio n Gu idelin es and Limitatio ns Foll ow these guidelines whe n conf iguring MVR: • Receiver ports can onl y be acc ess ports; th ey cannot be trunk ports. Receiv er port s on a switc h [...]

  • Pagina 576

    24-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Conf igurin g MVR T o return the switch to its defa ult settings, use the no mvr [ mode | group ip-ad dress | querytime | vlan ] global configurat ion comm ands. This e xample sho ws ho w to enable MVR, con fig ure th[...]

  • Pagina 577

    24-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring MVR T o return the interfa ce to its default setti n gs, use the no mvr [ ty pe | immediate | vlan vlan-i d | gro up ] interf ace c onfig uration co mmands. This exam ple sh ows how to co nfigure a port a s a[...]

  • Pagina 578

    24-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Disp lay ing MVR In fo rmat ion Displaying MVR Information Y ou can display MVR informatio n for the switch o r for a specif ied in terface. Beg inning in pri vile ged EXEC mode, use th e comm ands in Ta b l e 2 4 - 6[...]

  • Pagina 579

    24-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling IGMP f iltering is applicab le only to the dynamic lea rning of IP multicast group add resses, not static configurat ion. W ith the IGMP thro ttling feat ure, yo u can set t he m[...]

  • Pagina 580

    24-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Con figur ing IGM P Fil te ring and Thro ttli ng • permit : Spec ifie s that m atching addr esses are p ermitted. • rang e : Specif ies a ra nge of IP add ress es for the pr of ile. Y ou can en ter a singl e IP ad[...]

  • Pagina 581

    24-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling Switch# show ip igmp profile 4 IGMP Profile 4 permit range 229.9.9.0 229.9.9.0 Applying IGMP Profil es T o c ontro l acc ess as d efined in an IGM P profile, u se th e ip igmp fi[...]

  • Pagina 582

    24-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Con figur ing IGM P Fil te ring and Thro ttli ng Beginning in privileged EX EC mo de, fol low these steps to se t the m aximum nu mber o f IGMP gr oups in the forw arding tabl e: T o remov e the maximu m group limita [...]

  • Pagina 583

    24-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Displaying IGMP Filtering and Throttling Configuration Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure the thr ottling action when the maxim um numbe r of entrie s is in the f orwarding table : T o[...]

  • Pagina 584

    24-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Displaying IGMP Filterin g and Thro ttling Configu ration[...]

  • Pagina 585

    C HAPTER 25-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 25 Configuring IPv6 MLD Snooping Y ou can use Multicast Listener Disc ov ery (M LD) snoopin g to ena ble ef ficien t distrib ution of IP V ersion 6 ( IPv6) multicast data to clients and routers in a switched netw ork on the Catalyst 3750-E or 3560- E sw itch. [...]

  • Pagina 586

    25-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Underst anding ML D Snoopin g MLD is a protoco l used b y IPv6 multica st routers to disco ver the pre sence of multic ast listeners ( nodes wishing to re cei ve IPv6 multi cast pack ets) on t he links th at a re dire ctly atta[...]

  • Pagina 587

    25-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Unde rsta ndi ng MLD Snoo ping MLD Mess ages MLDv1 sup ports three ty pes of message s: • Listen er Querie s are the equ i v alent of IGM Pv2 quer ies and are ei ther General Quer ies or Multicast -Address-Spec ific Queries [...]

  • Pagina 588

    25-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Underst anding ML D Snoopin g Multicast Rou ter Disc overy Like IG MP sn ooping, MLD s noopi ng perfo rms m ultica st r outer d iscovery , with these char acter istics: • Ports c onfigured by a user never age out. • Dynamic[...]

  • Pagina 589

    25-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Configuring IPv6 MLD Snooping The numbe r of MASQs ge nerated is configured by using the ipv6 mld sno oping last-listener -query count global con figuration co mmand . The de fault numb er is 2. The MASQ i s sent to the IPv6 m[...]

  • Pagina 590

    25-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Configur ing IPv6 MLD Snoo ping Default MLD S noopi ng Configuration T ab le 25-1 shows the default ML D sno oping configu ration. MLD Snoo ping Co nfig uration Guidelines When configur ing MLD snoopi ng, c onsider the se guid [...]

  • Pagina 591

    25-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Configuring IPv6 MLD Snooping Enabling o r Disab ling MLD Sn ooping By default, IPv6 M LD sno oping i s globa lly d isabled on the switch and e nabled on al l VLAN s. When MLD snoop ing is glob ally disa bled, it is also disab[...]

  • Pagina 592

    25-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Configur ing IPv6 MLD Snoo ping Configuring a Sta tic Multicast Group Hosts or La yer 2 port s normal ly join m ulticast groups dyna micall y , but you can also sta tically configure an IPv6 mu lticast addre ss and membe r port[...]

  • Pagina 593

    25-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Configuring IPv6 MLD Snooping Beginn ing in pri vileged EXEC mode, follo w these steps to add a multicast rou ter port to a VLAN: T o remov e a multic ast router por t from the VLAN, u se the no ipv6 mld snooping vlan vl an-i [...]

  • Pagina 594

    25-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Configur ing IPv6 MLD Snoo ping Configur ing MLD Snooping Queries When Imme diate Le ave i s not en abled an d a port rece iv es an MLD Done message , the swit ch generat es MASQs on th e port and sends them to the I Pv6 multi[...]

  • Pagina 595

    25-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Displaying MLD Snooping Information This exam ple sh ows ho w to set the MLD sn oopi ng globa l robustness variab le to 3: Switch# configure terminal Switch(config)# ipv6 mld snooping robustness-variable 3 Switch(config)# exi[...]

  • Pagina 596

    25-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Display ing MLD Sn ooping Inf ormation T a ble 25-2 Commands for Displ aying MLD Snoopi ng Inf or mation Comma nd Purpos e show ipv6 ml d snooping [ vlan vlan-id ] Display t he MLD snoopi ng configurat ion informa tion fo r al[...]

  • Pagina 597

    C HAPTER 26-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 26 Configuring Port-Base d Traffic Control This chap ter de scribe s ho w to conf igure the por t-base d traf fic contro l featur es on the Catalys t 3750- E or 3560- E sw itch. Unl ess oth erwise noted, the te rm switch refers to a Cataly st 3750- E or 3560-E[...]

  • Pagina 598

    26-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Storm Control Storm cont rol use s one of th ese meth ods to measu re t raf f ic acti v ity: • Bandwidth as a perc entage of the tot al av ailable bandwidth of the port that can be used b y the broadca s[...]

  • Pagina 599

    26-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Config uring Storm Cont rol Y o u use the storm-control in terfa ce conf iguration comm ands to set the threshold v alue for eac h traf fic type. Default Storm Control Configuration By default, unicast, broad cast, a[...]

  • Pagina 600

    26-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Storm Control Step 3 sto rm- contr ol { broadc ast | multic ast | unicast } le vel { le vel [ level-low ] | bps bps [ bps-low ] | pps pps [ pps-low ]} Configure broa dcast, m ultica st, or unica st storm c[...]

  • Pagina 601

    26-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Configuring Protected Ports T o disabl e stor m contro l, use the no storm-contro l { broadcast | multicast | unicast } level interface configurati on c ommand. This exa mple shows how to ena ble un icast stor m c on[...]

  • Pagina 602

    26-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configur ing Port Block ing Prot ected P ort Con figuration Guidelines Y o u can co nfigure prote cted ports on a physic al int erface (fo r example, Gigabi t Ether net port 1) or an Ether Channel group (for example, [...]

  • Pagina 603

    26-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity Default Port Blocki ng Configuration The default is to not b lock flooding o f unknown multicast and u nicast traff ic out o f a port, but to flood these pac kets to a ll ports. Blocking [...]

  • Pagina 604

    26-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security These sect ions co ntain this co ncept ual and con figuratio n in format ion: • Understa nding Po rt Sec urity , page 2 6-8 • Default Por t Security C onfiguration , page 26-10 • Port S[...]

  • Pagina 605

    26-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity If st icky lear ning is d isab led, the stic ky se cure M A C addr esse s ar e co nv erted to dyn am ic sec ure addresse s and a re rem oved from th e ru nning c onfiguratio n. The maxi m[...]

  • Pagina 606

    26-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security Default Port Security Configuration T ab le 26-2 shows the def ault port security con figurat io n for an interfac e. Port Secu rity Con figuration Guidelines Foll ow these g uidelines whe n[...]

  • Pagina 607

    26-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity • A secu re p ort ca nnot be a priv ate-V LAN p ort. • When y ou enab le por t secu rity on an i nterface t h at i s also config ured w ith a v oice VLAN, s et t he maxim um allowed [...]

  • Pagina 608

    26-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security Enabling a nd Con figuring Port S ecurity Beginn ing in pri vileged EXE C mode, follo w these steps to restrict input to an interface b y limiting and identify ing MA C addresses of the stat[...]

  • Pagina 609

    26-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity Step 7 switchport port-security violation { protec t | r estrict | shutdown | shutdown vlan } (Optiona l) Set the vi olatio n mode, the action to be taken when a sec urity violatio n is [...]

  • Pagina 610

    26-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security Step 8 switchport port-security [ mac-addre ss mac-address [ vlan { vlan-id | { access | voice }}] (Optional) Ent er a secure MA C address for the interface . Y ou can use this comman d to e[...]

  • Pagina 611

    26-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity T o return the in terface to the def ault conditi o n as not a secure port, use the no switchport port-security interf ace conf iguration com mand. If you enter this co mmand when sticky[...]

  • Pagina 612

    26-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security Switch(config-if)# switchport port-security mac-address 0000.0000.0003 Switch(config-if)# switchport port-security mac-address sticky 0000.0000.0001 vlan voice Switch(config-if)# switchport [...]

  • Pagina 613

    26-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity T o di sable port se curity agi ng for all sec ure addr esses on a port, use the no switchport port-security aging tim e interfac e conf iguratio n comma n d. T o di sabl e aging for onl[...]

  • Pagina 614

    26-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Displaying Port-Base d Traffic Cont rol Settings Switch(config-if)# switchport mode private-vlan promiscuous Switch(config-if)# switchport port-security maximum 288 Switch(config-if)# switchport port-security Switch([...]

  • Pagina 615

    C HAPTER 27-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 27 Configuring CDP This c hapter d escrib es how to configure Cisco Discovery Prot ocol ( CDP) o n the Catalyst 3750-E or 3560- E sw itch. Unl ess oth erwise noted, the te rm switch refers to a Cataly st 3750- E or 3560-E standalo ne swit ch and to a Catalyst [...]

  • Pagina 616

    27-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 27 Co nfigu ring CD P Conf igurin g CDP CDP and Switch Stacks A switch stack ap pears as a single s witch in the netw ork. Theref ore, CDP dis cov ers the switc h stack , not the individual stack mem bers. Th e switch stac k sends CDP message s to neighbor in[...]

  • Pagina 617

    27-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 7 Configuring CDP Config uring CDP Use the no form of the CDP commands to return to the de fault settings . This e xample sho ws how to confi gure CDP charac teristic s. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdtime 120 [...]

  • Pagina 618

    27-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 27 Co nfigu ring CD P Conf igurin g CDP This example shows how to enable CDP if it has been di sabled. Switch# configure terminal Switch(config)# cdp run Switch(config)# end Disabling an d Enab ling CDP on a n Interfac e CDP is enabled by def ault on all supp[...]

  • Pagina 619

    27-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 7 Configuring CDP Monitoring and Maintaining CDP Monitoring and Maintaining CDP T o m onito r and m aintai n CDP on your device, per form one or mor e of these tasks, begi nning in privileged EXEC mode . Command Description clear cdp counters Reset the traf f[...]

  • Pagina 620

    27-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 27 Co nfigu ring CD P Monito ring and Mai ntainin g CDP[...]

  • Pagina 621

    CH A P T E R 28-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 28 Configuring LLDP and LLDP-MED This c hapter describ es how to c onfigure the L ink La yer D iscovery Protoc ol (LL DP) an d LLDP Media Endpoin t Discovery ( LLDP-M ED) on the Cata lyst 3 750-E or 3560-E switc h. Unl ess ot herwis e note d, the term swit[...]

  • Pagina 622

    28-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 8 Configur ing LLDP an d LLDP-MED Underst anding L LDP and LLDP- MED LLDP sup ports a set of att ributes tha t it uses to discover neighbo r devices. The se at trib ut es co nt a in t ype , length, and v alue descriptions and are referred to as TL Vs. LL DP [...]

  • Pagina 623

    28-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 8 Configuring LL DP and LLD P-MED Config uring LLDP and LLDP-MED Note LL DP and LLD P-MED cannot operat e simultane ously in a network. By de fault, a network device send s only L LDP pack ets unt il it recei ves LLD P-MED packets f rom an end point de vice. [...]

  • Pagina 624

    28-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 8 Configur ing LLDP an d LLDP-MED Configur ing LLDP a nd LLDP-M ED Use the no form of each of the LL DP commands to return to the de fault setting. This e xample sho ws ho w to conf igure LLD P character istics. Switch# configure terminal Switch(config)# lld[...]

  • Pagina 625

    28-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 8 Configuring LL DP and LLD P-MED Config uring LLDP and LLDP-MED This exam ple sh ows how to disab le LL DP . Switch# configure terminal Switch(config)# no lldp run Switch(config)# end This exampl e sh ows how to enabl e L LDP . Switch# configure terminal Swi[...]

  • Pagina 626

    28-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 8 Configur ing LLDP an d LLDP-MED Configur ing LLDP a nd LLDP-M ED Configurin g LLDP-M ED TL Vs By def ault, the switch only sends LLDP packets u ntil it recei ve s LLDP-MED p ackets f rom the end device. The device conti nues to send L LDP-M ED pa ckets un [...]

  • Pagina 627

    28-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 8 Configuring LL DP and LLD P-MED Monitoring and Maintaining LLDP and LLDP-MED Monitoring and Main taining LLDP an d LLDP-MED T o mon itor and mainta in LLDP a nd LLD P-MED on you r device, perfo rm one or more of these tasks , beginning in pr i vileged E XEC[...]

  • Pagina 628

    28-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 8 Configur ing LLDP an d LLDP-MED Monito ring and Ma intainin g LLDP and LLDP-M ED[...]

  • Pagina 629

    C HAPTER 29-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 29 Configuring UDLD This c hapter descri bes how to c onfigure t he Un iDirec tional Link D etect ion (U DLD) protoc ol on t he Catalyst 3750-E or 356 0-E sw itch. Unl ess otherw ise note d, the term switch refers t o a Cat alyst 375 0-E or 3560- E stan dalo n[...]

  • Pagina 630

    29-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 29 Configuring UDLD Underst andin g UDLD A unidirectio nal link occurs wh ene ve r traff ic sent by a local de vice is recei ved by its neighbor but traf fic from the neighb or is not recei ved by the lo cal de vice. In norm al mode, UDL D detect s a unidirec [...]

  • Pagina 631

    29-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 9 Configuring UD LD Configur ing UDLD • Ev ent-dr i ven detect ion and ec hoing UDLD re lies on echo ing a s its detectio n mechan ism. Whene ver a U DLD de vice le arns ab out a n e w neighb or or receives a resynchro nizat ion requ est from an out-of -syn[...]

  • Pagina 632

    29-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 29 Configuring UDLD Conf igu rin g UDLD • Ena bling UDLD on an Inter fa ce, pa ge 29-6 • Resetti ng an Inte rface Disab led by UDLD, pa ge 29-6 Default UDLD Configuration T ab le 29-1 shows the default U DLD configurati on. Configuratio n Guidelines These [...]

  • Pagina 633

    29-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 9 Configuring UD LD Configur ing UDLD Enabling UDL D Globally Beginn ing in pri vileged EXEC mode, follo w these steps to enable UDLD in the aggr essiv e or normal mode a nd to se t th e co nfigurable m essag e time r on all fiber-optic p orts on the switch a[...]

  • Pagina 634

    29-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 29 Configuring UDLD Conf igu rin g UDLD Enabling UDL D on an Inte rface Beginn ing in p ri vileg ed EXEC mode, fo llo w thes e steps ei ther to enable U DLD in t he aggressi ve or normal m ode o r to d isable U DLD on a po rt: Resetting an Interface Disabled b[...]

  • Pagina 635

    29-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 9 Configuring UD LD Displaying UDLD Status Displaying UDLD Status T o display th e UDLD stat us for the specif ied port or for all port s, use the show udld [ interface-id ] pri vileged EXEC comman d. For detaile d informat ion about the f ields in the comman[...]

  • Pagina 636

    29-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 29 Configuring UDLD Displa ying U DLD Sta tus[...]

  • Pagina 637

    C HAPTER 30-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 30 Configuring SPAN and RSPAN This chap ter de scribe s ho w to conf igure Switched Port Analyze r (SP AN) an d Remote SP AN (RSP AN) on the Cataly st 3750-E or 35 60-E switc h. Unless other wise note d, the term switc h refers to a Catalyst 375 0-E or 3560-E [...]

  • Pagina 638

    30-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N These sect ions co ntain this co nceptu al in forma tion: • Local SP AN, page 30-2 • Remo te SP AN, page 30-3 • SP AN and RSP AN Conce pts and T erminology , page 30 -4 • SP AN and RSP AN Int[...]

  • Pagina 639

    30-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understandi ng SPAN and R SPAN Figur e 30-2 Example o f Local SP AN Configu ration on a S witch Stac k Remote S PAN RSP AN su pports s ource ports, source VLANs, and destina tion port s on different swi tches (or different switch s[...]

  • Pagina 640

    30-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N Figur e 30-3 Example o f RSP AN Co nfigur ation SPAN and RS PAN Conc epts a nd Terminology This secti on descri bes conce pts an d terminology associat ed with SP A N and RSP AN co nfiguration. SPAN [...]

  • Pagina 641

    30-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understandi ng SPAN and R SPAN An RSP AN source session is ver y similar to a lo cal SP AN sessi on, ex cept for where the pack et stream is directe d . In an R SP AN source session, SP AN packe ts are rela beled with the RSP AN VL[...]

  • Pagina 642

    30-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N • T r ans mit (T x) SP A N—Th e goal of tr ansmi t (or egress) SP AN is to monit or as mu ch as poss ible a ll the p ackets sent by the so urce i n terf ace after al l modif ication and p rocess [...]

  • Pagina 643

    30-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understandi ng SPAN and R SPAN A sourc e port has th ese ch arac te ristic s: • It can be m onitored in multiple SP AN sessions. • Each s ource port can be configu red wit h a direc tion (i ngress, egress, o r both) to monit or[...]

  • Pagina 644

    30-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N Destination Port Each local SP AN session o r RSP AN destination session must have a destination port (also called a monitoring port ) th at rece iv es a copy of traffic from the sour ce port s or VL[...]

  • Pagina 645

    30-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understandi ng SPAN and R SPAN RSPAN V LAN The RSP AN VLAN carr ies SP AN traff ic between RSP AN sourc e and d estination se ssions. It has these special ch aracter istics: • All traf fi c in th e RSP AN VLAN is al wa ys flood e[...]

  • Pagina 646

    30-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN A physical port tha t belongs to an Ethe rChannel group can be con figured as a SP AN source port and still be a part of the Eth erChannel . In this case, data from the physic al port is monitor ed as i[...]

  • Pagina 647

    30-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN Default SPAN and R SPAN Configura tion T ab le 30-1 shows the default SP AN and R SP AN configuration . Configuring Local SPAN These sec tions co ntain this co nfiguration info rmat ion: • SP AN Co [...]

  • Pagina 648

    30-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN • Y o u can limi t SP AN traff ic to specific VLAN s by using the filter vlan keyword. I f a tr unk po rt is being monitored , only traff ic on the VLANs specif ied with this ke yword is monito red. B[...]

  • Pagina 649

    30-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN T o delete a SP AN session, use the no monitor session se ssion_numb er globa l configura tion comm and. T o r emove a source or d estinati on port or VL AN fr om the SP AN session, use the no mo nito[...]

  • Pagina 650

    30-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN This example shows how to remov e any e xisting configuration on SP A N session 2, configure SP AN session 2 to moni tor rec eiv e d traff ic on all ports belo nging to VLA Ns 1 throug h 3, and sen d it[...]

  • Pagina 651

    30-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN T o delete a SP AN session, use the no monitor session se ssion_numb er globa l configura tion comm and. T o r emove a source or d estinati on port or VL AN fr om the SP AN session, use the no mo nito[...]

  • Pagina 652

    30-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o monitor all VLANs on the trunk port, use the no monitor session sessi on_num ber filt er glob al configurati on c ommand. This example shows how to remov e any e xisting configuration on SP A N sess[...]

  • Pagina 653

    30-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN • Y ou can apply a n output A CL to RSP AN traff ic to select i vely f ilter or m onitor specifi c packe ts. Specify these A CLs on the RSP AN VLAN in the RSP AN source switch es. • For RSP AN con[...]

  • Pagina 654

    30-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o remo ve the remo te SP AN c haracteristi c from a VLAN an d con ver t it ba ck to a normal VLAN, us e the no r e mote-s pan VLAN co nfigurati on comm and. This exam ple sh ows how to crea te RSP AN [...]

  • Pagina 655

    30-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN T o delete a SP AN session, use the no monitor session sess ion_numbe r glob al configur ation c omma nd. T o rem ove a source port or VLAN fro m the SP AN sess ion, use the no monitor session sessio [...]

  • Pagina 656

    30-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN session, use the no monitor session se ssion_numb er globa l configura tion comm and. T o r emove a destinat ion por t from the SP AN session, use the no monitor session session_num b[...]

  • Pagina 657

    30-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN T o delete an RSP AN session, use the no monitor session session_number global configuration comman d. T o remove a destinati on port from the RSP AN session, use t he no monitor se ssion session_num [...]

  • Pagina 658

    30-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Specifying VLANs to Filter Beginning in privileged EXEC mo de, follow these steps to con figure the RSP AN source session to limit RSP AN source traf f ic to specif ic VLANs: T o monitor all VLANs on th[...]

  • Pagina 659

    30-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Displa ying SPAN an d RSPA N Status Displaying SPAN and RSPAN Status T o display the current SP AN or RSP AN conf iguration, use the show monitor user EXEC co mmand . Y o u can also use the show running-conf ig pri vileged EXE C c[...]

  • Pagina 660

    30-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Display ing SPAN and RSPAN Status[...]

  • Pagina 661

    C HAPTER 31-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 31 Configuring RMON This ch apt er descri bes how to configure Remote Network Monit oring ( RMON) on the Ca talyst 3750 -E or 3560- E sw itch. Unl ess oth erwis e noted, the t erm switch refers to a Catalyst 3750- E or 3560-E standalo ne swit ch and to a Catal[...]

  • Pagina 662

    31-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 31 Configuring RM ON Conf igu rin g RMON Figur e 31 -1 Remote Mo nito r ing Ex ample The switc h supports these RM ON groups (defined in RFC 1757) : • Statistics ( RMON group 1)—Collects E thernet statistic s (includi ng Fast Ethernet and Giga bit Ethern e[...]

  • Pagina 663

    31-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 31 Configur ing RMON Confi guring R MON Default RMON Configuration RMON is disa bled by default ; no alarms or events are configur ed. Configuring R MON Alarms a nd Events Y o u can configure you r swit ch for RMO N by using the c omma nd-li ne int erface (CLI [...]

  • Pagina 664

    31-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 31 Configuring RM ON Conf igu rin g RMON T o disable an alarm, use the no rmon al arm number glo bal con figuration c omma nd on ea ch ala rm you configured . Y ou ca nnot di sable at on ce al l the a larms that yo u con figured. T o disa ble a n event, use th[...]

  • Pagina 665

    31-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 31 Configur ing RMON Confi guring R MON Collectin g Group Hist ory St atistics on an Interface Y o u must first configure RM ON a larms and events to display colle ction i nforma tion. Beginning i n privileged E XEC mo de, follow these s teps to coll ect group [...]

  • Pagina 666

    31-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 31 Configuring RM ON Displa ying R MON Sta tus T o disa ble t he coll ection o f gr oup E thern et sta tistics, use the no rmon collection stats inde x i nterf ace configurati on c ommand. This e x ample sho ws how to collec t RMON statistic s for the o wner r[...]

  • Pagina 667

    C HAPTER 32-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 32 Configuring System Message Logg ing This c hapter d escrib es how to configure system me ssage l ogging on the Catal yst 3750 -E or 3560-E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch and to [...]

  • Pagina 668

    32-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging Y ou can access logg ed system messages by usin g the switch co mmand- line inter face (C LI) or by sav ing them to a properly configured syslog server . The switch software sa ves [...]

  • Pagina 669

    32-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng T ab le 32-1 describes the elemen ts of syslog messages . This exam ple sh o ws a p artial s witch system m essage for a stack master and a stack member (hos tname Switc h-2 ): 00:0[...]

  • Pagina 670

    32-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging *Mar 1 18:46:11: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) 18:47:02: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) *Mar 1 18:48:50.483 UTC: %[...]

  • Pagina 671

    32-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng Disabling the loggin g process ca n slo w do wn the switch beca use a proce ss must wai t until the messages are writte n to the console b efore c ontinuing. When the loggin g proce[...]

  • Pagina 672

    32-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging The logging buffered g loba l configur ation comm and c opies l ogging messa ges to a n inte rnal buffer . T he b uf fer is circular , so ne wer messages o verwri te older message s[...]

  • Pagina 673

    32-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng Beginning i n privileged EX EC mo de, fol low these s teps t o configure s ynchr onous log ging . This procedur e is optional. T o disa ble synch ronizat ion of unsolic ited messa g[...]

  • Pagina 674

    32-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging Enabling a nd Disab ling Time S tamps on Log M essages By default, log message s are not time-stam ped. Beginning in privileged EXEC mo de, follow these steps to enab le time-st amp[...]

  • Pagina 675

    32-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng T o di sable seq uenc e numbers, use the no service seque nce-numbers global co nfiguration c omman d. This example shows part of a logging displa y with seque nce numbe rs enabl ed[...]

  • Pagina 676

    32-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging T ab le 32-3 descr ibes the le vel keywords. It a lso lists the cor respo nding U NIX s yslog definition s from the most se vere le vel to the least se ve re le vel. The sof tware [...]

  • Pagina 677

    32-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng Beginn ing in p ri vilege d EXEC m ode, follo w these st eps to ch ange the lev el and history table si ze defaults. T his proc edure i s option al. When the histor y table is full[...]

  • Pagina 678

    32-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging Beginning i n privileged E XEC mo de, follow these s teps to enabl e con figuration loggin g: This e xample sho ws how to enable the conf iguration -change logger an d to set the n[...]

  • Pagina 679

    32-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng Log in as r oot, and perf orm the se steps: Note Som e recent versi ons of UNIX sysl og daemons no longer accept by default syslo g packets from th e networ k. If this is the case [...]

  • Pagina 680

    32-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Display ing the Log ging Confi guration T o remo ve a sys log serv er , use the no logging host global configuratio n comma nd, and sp ecify the syslog server IP address. T o disa bl e loggi ng to syslog ser vers, ent[...]

  • Pagina 681

    C HAPTER 33-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 33 Configuring SNMP This chapt er describ es ho w to configure the Simpl e Network Manage ment Proto col (SNMP) on th e Catalyst 3750-E or 356 0-E sw itch. Unl ess otherw ise note d, the term switch refers to a Cata lyst 375 0-E or 3560- E stan dalo ne swit ch[...]

  • Pagina 682

    33-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Underst anding SNM P These sect ions co ntain this co nceptu al in forma tion: • SNMP V e rsions, pa ge 33-2 • SNMP Manage r Functions, page 33-3 • SNMP Agent Functions, pa ge 33-4 • SNM P Co mmuni ty Str ings , p age 33- 4 • Usi[...]

  • Pagina 683

    33-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Understanding SNMP T ab le 33-1 identif ies the charac teristics of the diff erent combina tions of security models and le vels. Y o u must configure t he SNMP age nt to use the SNMP versio n supporte d by the manageme nt stati on. Because [...]

  • Pagina 684

    33-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Underst anding SNM P SNMP Agen t Fun ctions The SNMP a gent respond s to SNMP manager requests as follows: • Get a MIB v a riable—Th e SNMP agent be gins this function in response to a requ est from the NMS. The agen t retri ev es the [...]

  • Pagina 685

    33-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Understanding SNMP As shown in Figur e 33-1 , the S NMP agen t gather s data f rom the MIB. Th e agent c an send tr aps, o r notification of c ertain events, to the SNMP ma nager, which receives and processes th e traps. Traps alert the SNM[...]

  • Pagina 686

    33-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP SNMP ifIndex MIB Object Values In an NMS, the IF-MIB g ener ates and a ssigns an inte rface index (if Index) obje ct value th at is a unique number gre ater than zero to ident ify a physica l or a logica l interfac e. Wh[...]

  • Pagina 687

    33-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP Default SNMP Configuration T ab le 33-4 shows the default SNM P configurat ion. SNMP Config ura tion Guidelines If the swi tch star ts and the wit ch star tup conf iguration h as at least o ne snmp-server global configurati[...]

  • Pagina 688

    33-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP in v alid, and you ne ed to r econfigure SN MP users by usi ng the snm p-se rver user usern ame global configurati on comm and. Similar restri ction s requi re the reco nfiguration of com munity string s when the engi ne[...]

  • Pagina 689

    33-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP Beginning in privileged EXEC mod e, foll ow these steps to configure a co mmuni ty string on the switch: Note T o disabl e acce ss for an SNM P commu nity , set the commu nity string for that co mmuni ty to t he nu ll strin[...]

  • Pagina 690

    33-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP This example shows how to assign the string co ma cces s to SNMP , to allo w read-onl y access, and to spec ify that IP acc ess list 4 can use the comm unity s tring to gain acc ess to the switch SNMP agent: Switch(conf[...]

  • Pagina 691

    33-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP Step 3 snmp -server group gr oupnam e { v1 | v2c | v3 { auth | noauth | priv }} [ rea d re a d v i e w ] [ write writevi ew ] [ notify notifyvie w ] [ ac cess access -list ] Configure a ne w SNMP gro up on the remote devic[...]

  • Pagina 692

    33-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP Configuring SNMP Notifications A trap manag er is a mana gement sta tion that re cei ves and pro cesses tr aps. T raps are sy stem aler ts that the switc h gener ates whe n cert ain events occu r . By de fault, no trap [...]

  • Pagina 693

    33-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP cluster Gener ates a tr ap when the clu ster conf iguration chan ges. conf ig Gener ates a trap fo r SNMP conf iguration chang es. copy-co nf ig Gene rates a trap for SNMP copy co nfiguration ch anges. entity Gen erates a [...]

  • Pagina 694

    33-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP Note Th ough visi ble in the command -line help str ings, t he cpu [ thresho ld ] keyword is not suppo rted on the Catalyst 37 50-E swi tch. Thoug h visible in the comm and- line help stri ngs, the cpu [ threshold ], fr[...]

  • Pagina 695

    33-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP The snmp-ser ver hos t comman d speci fies wh ich ho sts rec ei ve the no tif ications. T he snmp-serv er enab le trap command global ly enables the mech anism for the speci f ied notif ication (f or trap s and informs ). [...]

  • Pagina 696

    33-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP Limiting TFTP Server s Used Thr ough SNM P Beginning i n privileged E XEC mo de, follow these s teps to lim it the TFTP servers u sed f or saving a nd loading c onfig uration f iles through SNMP to th e serv ers specif [...]

  • Pagina 697

    33-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Disp la yin g S NM P S tatu s This e xample sho ws how to allow re ad-only access for all objec ts to members of access list 4 that use the coma ccess communi ty string. No other SNMP mana gers have access to any objects. SNMP Authentic at[...]

  • Pagina 698

    33-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Displaying SNMP Status[...]

  • Pagina 699

    C HAPTER 34-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 34 Configuring Network Security with ACLs This c hapter d escrib es how to configure network se curity on t he Cata lyst 37 50-E or 3560- E sw itch by using ac cess cont rol lists (A CLs), which in comm ands and tab les are also refe rred to as acce ss lists .[...]

  • Pagina 700

    34-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Underst andin g ACLs Y o u configure acce ss lists on a rout er or Layer 3 swit ch to provide basic security fo r your networ k. If you do not c onfigure A CLs, al l packets pa ssing throug h the s witch co uld be allo[...]

  • Pagina 701

    34-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Unde rsta ndi ng AC Ls • When an output router A CL and input p ort A CL ex ist in an SVI, incomin g pack ets recei ved on the ports to which a por t A CL is applied are f iltered by the por t A CL. Outgoing routed[...]

  • Pagina 702

    34-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Underst andin g ACLs Figur e 34-1 Using A CLs to Contr ol T raff ic to a Netw ork When you apply a port A CL to a trunk port, the A C L filte rs traf f ic o n all VLANs present on the trunk port. When you apply a po rt[...]

  • Pagina 703

    34-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Unde rsta ndi ng AC Ls As w ith p ort A C Ls, the swi tch exam ines ACLs asso cia ted wit h feat ures co nfigured on a given inte rface. Howe ver, router ACLs are suppo rted in both direc tions. A s pa ckets en ter t[...]

  • Pagina 704

    34-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Underst andin g ACLs • Den y A CEs that check La yer 4 informatio n ne ver match a fragmen t unless th e fragme nt contains Layer 4 infor mati on. Consid er acc ess list 10 2, co nfi gured with these command s, ap pl[...]

  • Pagina 705

    34-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Stack memb ers perfor m these ACL functions: • The y recei ve the A CL informat ion from the master switc h and program their har dwar e. • The y act as standby swit ches, r eady t o tak e o[...]

  • Pagina 706

    34-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Creating Stan dard and Exten ded IPv4 AC Ls This sec tion describ es IP ACLs. An ACL is a seque ntial collect ion of perm it and de ny condi tions. O ne by one, the switch tes ts pack ets again[...]

  • Pagina 707

    34-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Note In addit ion to n umber ed standa rd and ex tended A CLs, you c an also creat e standa rd an d ext ended named IP A CLs by u sing th e sup ported numbers. That is, t he nam e of a standa rd[...]

  • Pagina 708

    34-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Creating a Numbered Standard ACL Beginning in privileged EX EC mode, fol low these steps t o create a nu mbered st anda rd A C L: Use th e no access-list access-list- number g lobal co nf igur[...]

  • Pagina 709

    34-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs The switch alwa ys re writes the order of standard a ccess lists so that entrie s with host matches and en tries with mat ches having a do n’t car e mask of 0.0.0.0 are mov ed to the top of t[...]

  • Pagina 710

    34-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Beginn ing in pri vileged EXEC mode, follo w these steps to create an ex tended A CL: Command Purpo se Step 1 co nfi g ure terminal Enter glob al configura tion mo de. Step 2a a ccess-list ac [...]

  • Pagina 711

    34-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs or access-list access- list-num ber { deny | permit } pr ot ocol any any [ prec edence pr ecedence ] [ tos tos ] [ fragmen ts ] [ log ] [ log-input ] [ time-r ange ti me-range-na me ] [ dscp ds[...]

  • Pagina 712

    34-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Use the no access- list acc ess-list-number gl obal conf iguration comm and to delete the entire access list. Y o u canno t de lete in dividual ACEs from n umber ed a ccess l ists. This e x am[...]

  • Pagina 713

    34-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs After c reating a numbered e xtended A CL, you can a pply it to terminal lin es (see th e “ Applying an IPv4 A CL to a T ermina l Line” s ecti on on pa ge 34-19 ), to interf aces (see the ?[...]

  • Pagina 714

    34-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Beginning in privileged EXEC mo de, fol low these steps to crea te a stan dard A CL using na mes: T o remo ve a name d stand ard A CL, use th e no ip access-list standard name gl obal configu [...]

  • Pagina 715

    34-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs When you ar e creat ing standa rd extende d A C Ls, reme mber tha t, by default, the end of the A CL contai ns an implicit de ny statement f or everything if it did no t find a mat ch befor e r[...]

  • Pagina 716

    34-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Beginning i n privileged E XEC mo de, follow these steps to con figure a time- range parame ter fo r an AC L : Repeat the steps if you ha ve multiple items tha t you want in ef fect at dif fer[...]

  • Pagina 717

    34-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs This exampl e uses name d A C Ls to perm it and deny the sa me traffic. Switch(config)# ip access-list extended deny_access Switch(config-ext-nacl)# deny tcp any any time-range new_year_day_200[...]

  • Pagina 718

    34-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Beginning i n privileged EXEC mode, fo llow these st eps to restrict incom ing and outgoi ng conne ction s betwee n a virtual term inal line and th e ad dresses i n a n A CL: T o remo ve an A [...]

  • Pagina 719

    34-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Beginn ing in p ri vilege d EXEC m ode, follo w these st eps to co ntrol acce ss to an interf ace: T o remo ve th e specif ied access gro up, use the no ip access-g roup { access-list-n umber |[...]

  • Pagina 720

    34-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Hardware and Softw are Treatment of IP ACLs A CL pro cessing i s prima rily accomp lished in hardware, but require s for warding of some traffic flows to the CPU for sof tware proce ssing. If [...]

  • Pagina 721

    34-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Use rout er ACLs to do this in one of two ways: • Crea te a stan dard ACL, and filter tr aff ic com ing to th e server from Port 1. • Create an ex tended A CL, and filte r traf fic coming f[...]

  • Pagina 722

    34-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Numbered ACLs In this e xample, net work 36.0.0.0 is a Class A netw ork whose seco nd octet spec ifie s a subnet; that is, its subnet ma sk is 255.2 55.0.0 . The thi rd and fou rth oct ets of [...]

  • Pagina 723

    34-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Named ACLs Thi s e xampl e crea tes a standa rd A CL name d internet_f ilter an d an exten ded ACL name d marketing _gr oup . The internet_filter A CL allows all traffic from the sour ce ad dre[...]

  • Pagina 724

    34-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs In this ex ampl e of a number ed A CL, the W inter and Sm ith work stations are not al lowed t o bro wse the web: Switch(config)# access-list 100 remark Do not allow Winter to browse the web S[...]

  • Pagina 725

    34-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Creat ing N ame d MAC Ext end ed AC Ls This i s a an exam ple of a lo g for an ext ended A CL: 01:24:23:%SEC-6-IPACCESSLOGDP:list ext1 permitted icmp 10.1.1.15 -> 10.1.1.61 (0/0), 1 packet 01:25:14:%SEC-6-IPACCES[...]

  • Pagina 726

    34-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Creating Nam ed MAC Ext ended ACL s Use the no mac access-list extended name glob al conf iguration comma nd to delete th e entire ACL. Y ou can a lso d elete individual ACEs from nam ed MAC extende d A CLs. This exam[...]

  • Pagina 727

    34-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring VLAN Maps • A Laye r 2 interf ace can ha ve only one MA C access list. If you appl y a MA C acc ess list to a Lay er 2 interface that has a MA C A CL configu red, t he new ACL replaces the pr e viousl [...]

  • Pagina 728

    34-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Configur ing VLAN M aps T o c reat e a V LAN m ap and appl y it t o one o r mor e VLA Ns, perform th ese steps: Step 1 Create th e standa rd or extende d IPv4 A CLs or name d MAC e xt ended ACLs that you want to appl [...]

  • Pagina 729

    34-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring VLAN Maps • When a f r ame is L ayer -2 fo rwar ded within a pri vate VLA N, the same VLA N map is applie d at th e ingress side and at t he egress side. Wh en a frame is route d from insi de a private[...]

  • Pagina 730

    34-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Configur ing VLAN M aps Examples of ACLs and VLAN Maps Thes e exam ples sho w ho w to create A CLs and VLAN maps th at for speci fic purpos es. Example 1 This example shows how to creat e an ACL and a VLAN map to de n[...]

  • Pagina 731

    34-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring VLAN Maps Example 3 In thi s example, the V LAN map has a d efault a ction of drop for MAC packets an d a default a ction o f forw ard for IP pack ets. Used wit h MA C exten ded acc ess list s good-hosts[...]

  • Pagina 732

    34-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Configur ing VLAN M aps Applying a VLAN Map to a VLAN Beginning in privileged EXEC mode, fo llow these steps to app ly a VL AN map to one or more VL ANs: T o remo ve the VL AN map, use th e no vlan f ilter m apname vl[...]

  • Pagina 733

    34-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring VLAN Maps Figur e 34-4 Wir ing Closet Configur ation If you do not want HTT P traff i c switched fr om Host X to Host Y , yo u can configure a VLA N map on Switch A to dr op all HT TP traffic from Host X[...]

  • Pagina 734

    34-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Using VL AN Ma ps wi th Rout er AC Ls Figur e 34-5 Den y Access t o a Server on Anothe r a VLAN This exam ple sh ows how to deny acce ss to a server on anoth er VLA N by cre ating t he VLAN m ap SER V ER 1 that denies[...]

  • Pagina 735

    34-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Using VLAN Maps with Router ACLs Note When you use ro uter A CLs with VLA N maps, pack ets that requir e logging o n the rou ter A CLs are not logged if the y are de nied b y a VLAN map. If the VLAN map h as a matc [...]

  • Pagina 736

    34-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Using VL AN Ma ps wi th Rout er AC Ls Examples o f Router ACLs a nd VLA N Maps App lied to VL ANs This sec tion gives examples of a pply ing route r A C Ls and V LAN m aps to a VLAN for switc hed, bri dged, routed, an[...]

  • Pagina 737

    34-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Using VLAN Maps with Router ACLs Figur e 34-7 Applying A CLs on Br idged P ack ets ACLs and Routed Packe ts Figure 34-8 sho ws ho w A CLs are applied on r outed pack ets. F or rout ed pack ets, the A CLs are applie [...]

  • Pagina 738

    34-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Display ing IPv4 AC L Configu ration ACLs and Multicast Pa ckets Figure 34-9 shows ho w A CLs are ap plied on pa ckets that are replicated fo r IP multica sting. A multica st packet being rout ed has two di ff erent k[...]

  • Pagina 739

    34-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Displaying IPv4 ACL Configu ration Y ou can also d isplay i nformation a bout VLAN access ma ps or VLAN filte rs. Use t h e pri vileged EXEC comm ands in Ta b l e 3 4 - 3 to display VLA N map inf ormation. show ip i[...]

  • Pagina 740

    34-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Display ing IPv4 AC L Configu ration[...]

  • Pagina 741

    C HAPTER 35-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 35 Configuring IPv6 ACLs When the switch is running the adv anced IP services feature set, y ou can f ilter IP V ersion 6 (IPv6) traf fic by cre ating IPv6 access control lists (A CLs) and applying them to interf aces similarly to the way that you crea te and [...]

  • Pagina 742

    35-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Underst andin g IPv6 ACL s Understandin g IPv6 ACLs A swit ch runnin g the advanced IP servi ces fe ature set su pports two types o f IPv6 A CLs: • IPv6 rout er ACLs are suppor ted on outboun d or inbound traffic on Lay er 3 interf[...]

  • Pagina 743

    35-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 5 Configuring IPv 6 ACLs Understanding IPv6 ACLs Supporte d ACL F eatures IPv6 A CLs on the switch hav e these characteristics: • Fragme nted frame s (t he fragments keyword as in IPv4) are supporte d. • The sa me sta tistics su pport ed in IPv4 a re supp[...]

  • Pagina 744

    35-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Conf igu ring I Pv6 ACLs If a ne w switch tak es ove r as stack master , it distrib utes the AC L conf iguration to all stac k members. The memb er switch es sync up the configu ration dis tributed by the new stack mast er and flush [...]

  • Pagina 745

    35-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 5 Configuring IPv 6 ACLs Configuring IPv6 ACLs • If the hard ware me mory is full, for an y additio nal conf igured A CLs, pack ets are forw arded to the CPU, an d th e A C Ls ar e ap plied in sof tware. • The imple menta tion of IPv6 A CLs on Cataly st 3[...]

  • Pagina 746

    35-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Conf igu ring I Pv6 ACLs Step 3a { deny | permit } pr o tocol { source-ipv6-pref ix / p r efix-length | any | host sour ce-ipv 6-address } [ operator [ port- number ]] { destination-ipv6 -pr efix / pref i x-le ngth | any | host desti[...]

  • Pagina 747

    35-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 5 Configuring IPv 6 ACLs Configuring IPv6 ACLs Step 3b { deny | permit } tc p { source-ipv6-pref ix / p r efix-length | any | host sour ce-ipv 6-address } [ operator [ port- number ]] { destination-ipv6 - pr ef ix / pref ix-leng th | any | host destination-ip[...]

  • Pagina 748

    35-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Conf igu ring I Pv6 ACLs Use the no { deny | permit } IPv 6 access- list configur ation commands wi th keywords to remove the deny or permit conditio ns from the specif ied access list. This example configures the IPv6 a ccess list n[...]

  • Pagina 749

    35-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 5 Configuring IPv 6 ACLs Displaying IPv6 ACLs Use the no ipv6 traf fic-f ilter access-list-name interface con f igurat ion comm and to remo ve an acce ss list f rom an interf ace. This example shows how to ap ply the acc ess list Cisco to outbound tr affi c o[...]

  • Pagina 750

    35-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Displa ying I Pv6 ACL s[...]

  • Pagina 751

    C HAPTER 36-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 36 Configuring QoS This chapte r describes ho w to conf igure quality of service (QoS) b y using automat ic QoS (auto-QoS) comman ds or by using standa rd QoS c ommand s on t he Catalyst 3750-E or 3 560-E swi tch. With QoS, you can p rov ide prefe rential tr e[...]

  • Pagina 752

    36-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Understandin g QoS T ypically , networks operate on a best-ef fort deli very basis, wh ich mean s that a ll traf fic ha s equal priority and an equ al chance of being deli vere d in a timely manner . When cong estion [...]

  • Pagina 753

    36-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Figur e 36-1 QoS Class ificatio n Lay ers in F rames and P ack ets All swi tches and ro uters that a ccess the Inte rnet rely on the cla ss inf ormation to pro vide the sam e forwar ding treatm ent to pack ets with t he[...]

  • Pagina 754

    36-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Figure 36-2 sh o ws the basic QoS model. Ac tions at the ingress port incl ude classifying traff ic, policing, markin g, qu eueing , an d s chedul ing: • Classifying a distinct p ath for a pack et by associati n g i[...]

  • Pagina 755

    36-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Classification Classification is the pro cess of distingu ishing one kind of traffic from anothe r by e xamin ing the fields in the packe t. Classif ication is enabled only if QoS is globally enabled on the switch . By [...]

  • Pagina 756

    36-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS After cla ssification, th e pac ket is sent to the polic ing, marki ng, and the ing ress queue ing and schedul ing stag es. Figur e 36-3 Classific ation Flo wch art 86834 Generate the DSCP based on IP precedence in pa[...]

  • Pagina 757

    36-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Classification Based on QoS ACLs Y o u can u se IP st andard , IP exten ded, or Laye r 2 MAC A C Ls to de fine a group of pa ckets wit h the same char act eris tics ( class ). In the QoS conte xt, the permit and deny ac[...]

  • Pagina 758

    36-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS The po licy map can cont ain the police and polic e aggregate policy- map cla ss configurati on com mand s, which def ine the polic er , the bandwidth li m itation s of the tra ff ic, and the action to take if the lim[...]

  • Pagina 759

    36-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Policing on Physical Ports In policy m aps o n physic al por ts, y ou can create these types of pol icers: • Indi vidual—QoS applies the bandwid th limits spe cif ied in th e policer separately to eac h matched traf[...]

  • Pagina 760

    36-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Figur e 36-4 P olicing and Mar king Flo wch art o n Ph ysical P orts Policing on SVIs Note Be fore configuring a hi erarc hical pol icy map with ind i vidua l policers on an SVI, you must en able VLAN-based QoS on th[...]

  • Pagina 761

    36-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS When co nf iguring polic ing on an SVI, yo u can cr eate a nd conf igure a hie rarchic al polic y map with the se two le vels: • VLAN le ve l—Create this primary le vel by conf iguring class maps and classes that s[...]

  • Pagina 762

    36-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Mapping T ables During Qo S processing, the switc h represe nts the pri ority of a ll traff ic (inclu ding non- IP traff ic) with a n QoS label base d on the DSCP or CoS value from the classification st age: • Duri[...]

  • Pagina 763

    36-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Queuein g and S chedulin g Overview The swi tch has queue s at specif ic points to help pre vent con gestion as s ho wn in Figure 36-6 and Figure 36-7 . Figur e 36-6 Ingr ess and Egr ess Queue Lo cation on Catalyst 375[...]

  • Pagina 764

    36-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Weighted Tail Drop Both the in gress an d e gress qu eues use an enhan ced ve rsion of the tail-dr op cong estion -a voidance mecha nism ca lled weight ed ta il dr op (WTD ). WT D is impleme nted o n que ues t o mana[...]

  • Pagina 765

    36-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS In shar ed mod e, the queues share th e band width am ong th em ac cordi ng to the configured weight s. The bandwidt h is guarante ed at t his level but not limit ed to i t. For example , if a queue i s emp ty and n o [...]

  • Pagina 766

    36-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Figur e 36-1 0 Queueing an d Scheduling Fl ow char t for In gress P orts on Cataly st 3560-E S witches Note SRR services the prior ity queue for its conf igured share before servicing the other queue. The switch supp[...]

  • Pagina 767

    36-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS dscp1... dscp8 } or the mls qos srr -queue input cos-map queue qu eue- id { cos1.. .cos8 | thr eshold thr eshold-i d cos1.. .cos8 } global conf iguration command. Y o u c an d is p l ay t he D S C P in p u t q u eu e t[...]

  • Pagina 768

    36-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Queueing and Scheduling on Egress Que ues Figure 36-11 and Figure 36-12 show the queue ing and sched uling flowchart s for egress ports. Note If the ex pedite q ueue is en abled, SRR se rvices it u ntil it is empty b[...]

  • Pagina 769

    36-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Figur e 36-12 Q ueueing an d Sc heduling Fl ow char t f or Egr ess P orts on C atalyst 3560-E S w itche s Each por t supports fo ur egress queue s, one of w hich (queue 1) can be the egress expedite queue . The se queu[...]

  • Pagina 770

    36-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS b uf fers) or not empty (free b uffer s). If the queu e is not o ver- limit, the switc h can alloca te bu f fer space from t he r eserved poo l or f rom th e co mmon pool (if it is n ot emp ty). I f th ere a re no fr[...]

  • Pagina 771

    36-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS WTD Thresh olds Y o u can assig n each pa cket tha t fl ows through th e switc h to a que ue and to a thresho ld. Spe cifically , you map D SCP or C oS values to an egress queu e an d ma p DSCP or CoS values to a thres[...]

  • Pagina 772

    36-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS • During policing , IP and non-I P packets ca n have another DS CP assigned to them ( if they are out of prof ile and the polic er spec ifies a ma rkdow n DSCP). Onc e again, the DSCP in the pa cket is not modi[...]

  • Pagina 773

    36-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS Generated Auto-QoS Configuration By def ault, auto -QoS is di sabled on all ports. When au to-QoS is enabled , it use s the ing ress pa ck et label to c ategorize traf fic, to assign pack et labels, and to configure t [...]

  • Pagina 774

    36-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS trust the QoS label recei ved in the pack et. When a Cisco IP Phone is absent, the ingress classif icati on is set to not trust the QoS label i n the packe t. The switch c onfi gures ingress and e gress queues on[...]

  • Pagina 775

    36-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS The switch au tomatical ly maps DSCP v alues to an ingress queue and t o a thre shol d ID. Switch(config)# no mls qos srr-queue input dscp-map Switch(config)# mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 1[...]

  • Pagina 776

    36-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS The sw itch a utoma tically configures the egress queue buf fer sizes . It configur es the bandwi dth an d th e SRR m ode (sha ped or shared) on the egress queues ma pped to the por t. Switch(config)# mls qos que[...]

  • Pagina 777

    36-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS Effects of Auto-QoS on the Configuration When auto- QoS is en abled, the au to qos v oip interface co nfiguration c omman d and the ge nerate d configurati on are add ed to the ru nning configuratio n. The swi tch appl[...]

  • Pagina 778

    36-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS • T o t ake advantage of th e auto- QoS default s, you sho uld ena ble auto- QoS befor e you configu re other QoS com mands. I f necessar y , you can fine-tune the QoS configurat ion, but we r ecomme nd tha t y[...]

  • Pagina 779

    36-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS T o display the QoS commands that are automatic ally generated when auto-QoS is enabl ed or disabled, enter the deb ug auto qos pr ivileged EXEC comm and befor e enabling auto -QoS. For more informa tion, see th e debu[...]

  • Pagina 780

    36-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS Auto-QoS Confi guration Example This se ction describe s how you co uld im pleme nt auto- QoS in a ne twork, as shown in Fi gur e 36-14 . For optimum QoS perfo rmance, enab le auto-QoS on all the de vices in the [...]

  • Pagina 781

    36-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS Note Y ou shou ld not configure a ny standard QoS com mands before enteri ng the a uto-Qo S com mands. Y ou can fine-t une th e Qo S configura tion, but w e rec ommend tha t you d o so o nly after the a uto-Q oS conf i[...]

  • Pagina 782

    36-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Displa ying A uto-QoS I nform ation Displaying Auto-Q oS Information T o display the initial auto-Q oS conf iguration, use the show auto qos [ interface [ interface- id ]] privileged EXEC comm and. T o displ ay any use r ch anges to tha[...]

  • Pagina 783

    36-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Default Standard QoS Configuration QoS is disa bled. Ther e is no conce pt of tru sted or untru sted por ts be cause the packet s are not m odified (the CoS, DSCP , and IP preceden ce v alues in the pack et are n[...]

  • Pagina 784

    36-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Default Egress Queue Configur ation T ab le 36-9 shows the default egre ss queue con figuration for ea ch qu eue-set when QoS is ena bled. All ports a re map ped to qu eue-se t 1. T he po rt ban dwidt h lim it[...]

  • Pagina 785

    36-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Default Mapping Table Conf iguration The default CoS-to-DSCP map is sho wn in T able 36- 12 on page 3 6-63 . The default IP-pre cedenc e-to-D SCP map is shown in T able 36-13 on page 3 6-64 . The de fault DSCP- t[...]

  • Pagina 786

    36-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS • Follow these gu ideline s wh en c onfiguring pol icy maps on p hysical p orts or SVIs: – Y o u cannot apply the same pol icy map to a physical port and to an SVI. – If VLAN -based QoS is configured on [...]

  • Pagina 787

    36-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS • A switch that is r unning t he IP se rvices f eature s et suppo rts QoS D SCP and IP preced ence matc hing in polic y-based routing (PBR) r oute maps wi th these limitations: – Y o u cannot apply QoS DSC P [...]

  • Pagina 788

    36-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Use the no mls qos vla n-based interface configura tion co mmand to disable VLAN-b ased QoS on the physical por t. Configuring Classification Using Port Trust States These sec tions descr ibe how to classify i[...]

  • Pagina 789

    36-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Figu re 36-15 Port T rusted St ates w ithin the Qo S Do mai n Beginn ing in pr i vilege d EXEC m ode, follo w these st eps to co nfi gure the p ort to tr ust the classif icati on of the traf fic that it re cei ve[...]

  • Pagina 790

    36-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o return a port to its untrusted state, use the no mls qos trust inte rface c onfigura tion comm and. For informatio n on ho w to chan ge the d efault Co S v alue, see the “C onf iguring the CoS V alue for[...]

  • Pagina 791

    36-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS T o return to th e defa u lt setting, use the no mls qos cos { def ault- cos | ov erride } interface co nfiguration comm and. Configuring a Truste d Boundary to Ensure Port Securit y In a t ypica l network , you [...]

  • Pagina 792

    36-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS W i th the t ruste d setti ng, you also can use the trusted bounda ry fea ture to prevent misuse o f a high-pr iority qu eue if a user bypasses the tel ephone a nd conne cts the PC di rectly to t he switch. W [...]

  • Pagina 793

    36-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS If D SCP t rans par ency is en able d by u sin g the no mls qos rewrite ip dscp command, the swit ch does not modify the DSCP field in the incoming pa cket, and the DSCP field in the outgoin g packet is the same [...]

  • Pagina 794

    36-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Figur e 36-16 DSCP -T r ust ed Stat e on a P or t Bor derin g Another Q oS Domain Beginn ing in pr i vilege d EXEC m ode, follo w these st eps to co nf igure the DSCP- trusted stat e on a port and modi fy the [...]

  • Pagina 795

    36-45 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS T o return a port to its non-trusted state , use the no mls qos trust interfa ce conf iguration co mmand. T o return to the d efault D SC P-to-DSCP-m utation m ap v alues, us e the no mls qos map dscp-mutation ds[...]

  • Pagina 796

    36-46 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Classifying Traffic by Using ACLs Y o u can classi fy IP tra ff i c by using IP sta ndard or IP extend ed ACLs; you can cla ssify non-I P traffic by usin g Layer 2 MA C A CLs. Beginn ing in pri vileged EXEC mo[...]

  • Pagina 797

    36-47 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginn ing in pri vileged EXEC mode, follo w these steps to create an IP extended A CL for IP traff ic: T o delete an acc ess list , use the no access-list access-list- number globa l configurat ion comma nd. Thi[...]

  • Pagina 798

    36-48 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginning in privileged EXEC mod e, follow these st eps to c reate a L ayer 2 M A C ACL for non-IP t raff ic: T o delete an acc ess list , use the no mac acce ss-list ex tended ac cess-list-name global configu[...]

  • Pagina 799

    36-49 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Classifying Traffic by Using Class Ma ps Y o u use the class-map global conf iguration co mmand to name and to isolate a s pecif ic tra f fi c flow (or class) f rom all o ther traf fic. The cla ss map def ines th[...]

  • Pagina 800

    36-50 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o delete an existin g polic y map, use the no policy-map poli cy-ma p-nam e globa l configuratio n comm and. T o delete an existing cla ss map, use th e no class- map [ match-all | match-any ] class-map-na m[...]

  • Pagina 801

    36-51 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Classifying, Policing, and Marking Traff ic on Physical Ports by Using Policy Maps Y o u can co nfigure a nonhier arch ical pol icy map on a physica l port that sp ecifies which traff ic class to act on. Actions [...]

  • Pagina 802

    36-52 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginning in privileged EX EC mode, fol low these steps t o create a no nhiera rchic al policy map: Command Purpose Step 1 conf igur e terminal E nter g lobal configuration mode . Step 2 class-map [ match-all [...]

  • Pagina 803

    36-53 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Step 5 trust [ cos | dscp | ip-pr ecedence ] Configure the t rust state, w hich QoS uses to gene rate a CoS-ba sed or DSCP-based QoS lab el. Note This co mmand is mutuall y exclusi ve with the set com mand withi [...]

  • Pagina 804

    36-54 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o delete an existin g polic y map, use the no policy-map poli cy-ma p-nam e globa l configuratio n comm and. T o delete an existing cla ss map, use th e no class c lass-map-name pol icy-map configurat ion co[...]

  • Pagina 805

    36-55 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Switch(config-ext-mac)# exit Switch(config)# class-map macclass1 Switch(config-cmap)# match access-group maclist1 Switch(config-cmap)# exit Switch(config)# policy-map macpolicy1 Switch(config-pmap)# class macclas[...]

  • Pagina 806

    36-56 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS • The hi erarchic al policy m ap is attached to th e SVI and af fects al l traf fic b elongin g to th e VLAN. The action s specif ied in the VLAN-l e vel p olicy map af fect the traf fi c belong ing to the S[...]

  • Pagina 807

    36-57 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Step 3 match { acce ss-group acl-index-or-name | ip dscp dscp-list | ip prec edence ip-pr eceden ce-list } Def ine the match crite rion to classify traf fic. By defau lt, no matc h cr iterion is de fined. Only o [...]

  • Pagina 808

    36-58 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Step 10 policy-map policy- map-nam e Create an inte r face -le vel polic y map b y entering the policy -map name, and en ter po licy-ma p con figuration mode. By defau lt, no pol icy maps are defined, and n o [...]

  • Pagina 809

    36-59 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Step 17 trust [ cos | dscp | ip-pr ecedence ] Configure the t rust state, w hich QoS uses to gene rate a CoS-ba sed or DSCP-based QoS lab el. Note This co mmand is mutuall y exclusi ve with the set com mand withi[...]

  • Pagina 810

    36-60 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o delete an existin g polic y map, use the no policy-map poli cy-ma p-nam e globa l configuration comm and. T o delete an existing cla ss map, use th e no cl ass class-map-na me policy-map c onfiguration com[...]

  • Pagina 811

    36-61 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Switch(config-pmap-c)# exit Switch(config-pmap)# class-map cm-2 Switch(config-pmap-c)# match ip dscp 2 Switch(config-pmap-c)# service-policy port-plcmap-1 Switch(config-pmap)# exit Switch(config-pmap)# class-map [...]

  • Pagina 812

    36-62 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o r emove the specified a ggregate pol icer from a pol icy map, use th e no police agg reg ate aggr egate-polic er-name policy m ap configu ratio n mode. T o delete an aggregate pol icer and it s parame ters[...]

  • Pagina 813

    36-63 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Switch(config-pmap-c)# trust dscp Switch(config-pmap-c)# police aggregate transmit1 Switch(config-pmap-c)# exit Switch(config-pmap)# class ipclass2 Switch(config-pmap-c)# set dscp 56 Switch(config-pmap-c)# police[...]

  • Pagina 814

    36-64 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginn ing in pr iv ilege d EXEC mode, follo w these steps to modify t he CoS-to-DSCP map . This procedur e is optional. T o return to the defau lt map, use the no mls qos cos-dscp global configuration com man[...]

  • Pagina 815

    36-65 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginn ing in pr i vilege d EXEC m ode, follo w these st eps to mo dify the I P-precede nce-to-DSCP ma p. This proc edure is option al. T o return to the defau lt map, use the no mls qos i p-prec-dscp global con [...]

  • Pagina 816

    36-66 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o return to the defau lt map, use the no mls qos policed- dscp glob al conf iguration comman d. This exam ple sh ows ho w to map DSCP 50 to 57 t o a ma rked-down DSCP value of 0: Switch(config)# mls qos map [...]

  • Pagina 817

    36-67 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginning in privileged EXEC mo de, foll ow these s teps to modif y the DSCP-to- CoS map. This procedur e is optional. T o return to the defau lt map, use the no mls qos dscp-cos global c onfiguration com mand. T[...]

  • Pagina 818

    36-68 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginning in privileged EXEC mo de, foll ow these steps to mod ify the DSCP-t o-DS CP-mutati on map . This proc edure is option al. T o return to the defau lt map, use the no mls qos dscp-mutation dscp-m utati[...]

  • Pagina 819

    36-69 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Note In the above DSCP-to- DSCP-m utati on map, t he mutat ed values are shown in the bod y of the matrix. Th e d1 colum n specif ies the most-signif icant digit o f the or iginal DSCP; th e d2 ro w specif ies th[...]

  • Pagina 820

    36-70 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Mapping DSCP or CoS Values to an Ingress Queue and Setting WTD Thresholds Y ou can prioritize traf fic b y placing pack ets with particul ar DSCPs or CoSs into certain queues and adjusting the queue thr eshold[...]

  • Pagina 821

    36-71 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS This exampl e shows ho w to map DSCP values 0 to 6 to ingres s queue 1 an d to thresh old 1 with a dro p thresho ld of 50 p ercent. It m aps DSC P values 20 to 2 6 to in gress queu e 1 a nd to th reshold 2 with a[...]

  • Pagina 822

    36-72 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginn ing in pri vileg ed EXEC mode, follo w these steps to allocate bandwid th between the ingress queues. This p rocedur e i s optio nal. T o return to the default setting, use the no mls qos srr - queue in[...]

  • Pagina 823

    36-73 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginning in privileged EXEC mod e, follow these steps to configure the pri ority queue. T his proc edure is optional. T o return to the default setting, use the no mls qos srr - queue input priority-queue queue-[...]

  • Pagina 824

    36-74 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS These sec tions co ntain this co nfiguration in format ion: • Configuration Gu idelines, page 36-74 • Alloca ting Buffer Space to and Setti ng WTD Thre sholds for an Egress Q ueue-Set , page 36- 74 (option[...]

  • Pagina 825

    36-75 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginning i n privileged EXEC mode, follow these steps to configure the me mory al loca tion and to drop thresholds for a queue-se t. This procedure is optional. Comma nd Purpos e Step 1 conf igur e terminal Ente[...]

  • Pagina 826

    36-76 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o return to the default setting, use the no mls qos queue-set output qset-id bu f f e r s global conf iguratio n command. T o return to the defa ult WTD threshold percen tages, use the no mls qos queue-set o[...]

  • Pagina 827

    36-77 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginning in privileged EXE C mode, follow thes e st eps to map DSCP or CoS values to an egress queu e and to a thr eshold ID . This procedur e is optio nal. T o r eturn to th e defaul t DSCP output queu e thre s[...]

  • Pagina 828

    36-78 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Configuring SRR Sh aped Weights on Egress Queues Y ou can spec ify ho w much of t he av ailable bandwi dth is allo cated to each queue. The r atio of the weig hts is the ra tio of frequen cy i n which the SR R[...]

  • Pagina 829

    36-79 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Configuring SRR Sh ared Weights on Egress Queues In shar ed mod e, the queues share th e band width am ong th em ac cordi ng to the configured weight s. The bandwidth is gu aranteed at this le vel b ut not limite[...]

  • Pagina 830

    36-80 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginn ing in pri vileged EXEC mode, follo w these steps to enable the e gress e xpedite queue. This procedur e is optional. T o dis able the egres s expedi te qu eue, us e th e no priority-queue out interface[...]

  • Pagina 831

    36-81 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Displaying Standard QoS Information T o return to the default setting, use the no srr -queue band width limit interface configura tion comm and. This exam ple sh ows how to limit the ba ndwid th on a port to 8 0 per cent: Switch(config)# i[...]

  • Pagina 832

    36-82 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Display ing Standar d QoS Inform ation show policy- map [ polic y-map- name [ clas s class-m ap-name ]] Display QoS po licy maps, w hich define cla ssification cri teria fo r inco ming traffic. Note Do not use the show policy-map interf[...]

  • Pagina 833

    C HAPTER 37-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 37 Configuring EtherC hannels and Link-State Tracking This cha pter descri bes how to configure EtherCha nnels on La yer 2 an d Layer 3 ports on t he Catalyst 3750-E o r 3560-E switch . Ethe rChanne l provides fault-tole rant h igh-spe ed links betwee n switch[...]

  • Pagina 834

    37-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels • Load -Balan cing and Forwarding Meth ods, page 3 7-8 • EtherCha nnel and Switch Stacks, page 37-10 EtherChann el Overview An Ethe rChan nel c onsists o f indiv[...]

  • Pagina 835

    37-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Understa nding Et herChann els Y o u can configure an Ether Chann el in one of these mode s: Port Aggregati on Protoco l (P AgP), Link Aggregation C ontro l Prot ocol (L ACP), or On. C onfigure bo th ends [...]

  • Pagina 836

    37-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels Figur e 37 -3 Cros s-Stac k EtherChannel Port-Chan nel Interfaces When you cre ate an E therCha nnel , a po rt-cha nnel logi cal i nterfa ce is inv o lved: • W ith[...]

  • Pagina 837

    37-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Understa nding Et herChann els Figur e 37 -4 Relationship of P h ysical P orts, Logica l Por t Channels, and Channel Gr oups After y ou conf igure an Eth erCha nnel, conf iguration change s appli ed to the[...]

  • Pagina 838

    37-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels PAgP Modes T ab le 37-1 shows the user-configurab le Ethe rChan nel P A gP mo des f or the channel-group interfa ce configurati on c ommand. Switch por ts exchange P[...]

  • Pagina 839

    37-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Understa nding Et herChann els P AgP sends an d receives P A gP PDUs only fr om ports th at are up an d hav e P AgP ena bled for the auto or desira ble m ode. Link Aggreg ation Control Pro tocol The LACP i[...]

  • Pagina 840

    37-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels In Lay er 2 EtherC hannels , the first port in th e ch annel that c omes up provide s its MAC addre ss to the Ether Channel . If this por t is rem oved from the bund[...]

  • Pagina 841

    37-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Understa nding Et herChann els W ith source -IP address- based forwardin g, when pa ckets are fo rwarded t o an Ether Channel , they are distributed acros s the port s in the Ethe rChanne l based on the so[...]

  • Pagina 842

    37-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels Figur e 37 -5 Load Distr ibution and F orwa rding Methods EtherChann el and S witc h Stack s If a stack mem ber that ha s ports part icipati ng in an Eth erChanne l[...]

  • Pagina 843

    37-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels For more information about switch stack s, see Chapter 5, “ Managing Swi tch Stacks.” Configuring Eth erChannels These sec tions co ntain this co nfiguration info rmat ion:[...]

  • Pagina 844

    37-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els EtherChann el Configuratio n Guidelin es If imp roper ly con figured, so me E therCha nnel ports are a utomati cally disa bled t o av oid n etwork loops and othe r pro[...]

  • Pagina 845

    37-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels – An Ethe rChanne l suppor ts the same allowed range of VL ANs on all t he port s in a trunking Layer 2 EtherCh annel. I f the a llowed range of VL ANs is not th e sam e, the[...]

  • Pagina 846

    37-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els T o r emove a p ort fr om t he Eth erCha nnel group, use the no channel-group interface configurat ion comm and. Step 4 channel- group c hann el-gr oup- number mo de {[...]

  • Pagina 847

    37-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels This exam ple sh ows how to configure an Eth erChann el o n a si ngle swi tch in the st ack. I t assigns two ports as static-acce ss ports in VLAN 10 to channel 5 with the P Ag[...]

  • Pagina 848

    37-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els Beginning in pr ivileged EXEC mod e, follow these st eps to crea te a port -channe l inter face for a Laye r 3 Ether Channel . Th is proc edure is re quir ed. T o remo[...]

  • Pagina 849

    37-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels Step 5 channel- group c hann el-gr oup- number mo de { auto [ non- silent ] | desirable [ no n-silent ] | on } | { active | passive } Assign th e port to a ch annel gr oup, an [...]

  • Pagina 850

    37-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els This example shows ho w to configure an Et herChann el. It assign s two ports to c hannel 5 w ith the LACP mode ac tive : Switch# configure terminal Switch(config)# in[...]

  • Pagina 851

    37-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels T o r etu rn Eth erCha nnel l oad -balan cing to the de fault configurat ion, u se the no port-channel load-balanc e global con figurati on comm and. Configuring the PAgP Le ar[...]

  • Pagina 852

    37-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els Beginning i n privileged EX EC mo de, fol low these s teps t o configure y our sw itch a s a P AgP physical- port lea rner a nd to a djust the p riority so th at the s[...]

  • Pagina 853

    37-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels If you configure more than ei ght links for an EtherC hannel group, the software automa tical ly decide s which of th e hot-stand by ports to make active based on the LA CP pri[...]

  • Pagina 854

    37-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els Configuring the LACP Port Pr iority By def ault, al l ports us e the same port pr iority . If the loca l system has a lo wer va lue for the syste m priority a nd the s[...]

  • Pagina 855

    37-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Displaying EtherC hannel , PAgP, and LACP Sta tus Displaying EtherCh annel, PAgP, and LACP Status T o disp lay Eth erChanne l, P AgP , and LA CP sta tus in for matio n, use the pri vile ged EXEC c omman d[...]

  • Pagina 856

    37-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding L ink-State Tracking When you e nable link-st ate track ing on the sw itch, the link states of the downstream ports are bound to the li nk state of one o r more of the upst ream p [...]

  • Pagina 857

    37-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Configuring Link-State Tracking Figur e 37 -6 T ypical Link-Stat e T rac king Configur ation Configuring Link -State Tracking These sec tions descr ibe how to configure link-st ate trac king port s: • D[...]

  • Pagina 858

    37-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing Link-S tate Tracki ng Default Link-Sta te Track ing Con figuratio n There are no li nk-stat e grou ps defined, and link-st ate tra cking is n ot ena bled f or a ny group. Link-State [...]

  • Pagina 859

    37-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Configuring Link-State Tracking Switch(config-if)# interface gigabitethernet1/0/3 Switch(config-if)# link state group 1 downstream Switch(config-if)# interface gigabitethernet1/0/5 Switch(config-if)# link[...]

  • Pagina 860

    37-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing Link-S tate Tracki ng[...]

  • Pagina 861

    C HAPTER 38-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 38 Configuring IP Unicast Ro uting This chapt er describ es how to conf igure IP V ersion 4 (IPv 4) unicas t routing on the Catalyst 3750-E or 3560- E sw itch. Unl ess oth erwise noted, the te rm switch refers to a Cataly st 3750-E or 356 0-E standal one switc[...]

  • Pagina 862

    38-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Underst anding IP Ro uting Note When configuring routing parameter s on the switch and to allocate system resourc es to maximize the number of un icast routes allowed, you ca n use the sdm pr efer r outing global c onfigurat i[...]

  • Pagina 863

    38-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Unders tanding IP Routi ng Default ro uting refe rs to sendi ng traffic with a destination unknown to the route r to a default outle t or destinatio n. Static unicas t routi ng fo rwards pa ckets from pre deter mined ports t [...]

  • Pagina 864

    38-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Underst anding IP Ro uting Stack memb ers per form these fun ction s: • The y act as routi n g standb y switches, rea dy to take o ver in case they are elec ted as the new s tack master if the stack master fails. • The y p[...]

  • Pagina 865

    38-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Steps f or Co nfiguri ng Routing Steps for Configurin g Routing By default, IP ro uting is disabl ed on the sw itch, and yo u must enable it before rou ting ca n take place . For detailed IP routing co nf iguration in formati[...]

  • Pagina 866

    38-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng • Configuring A ddress Re solutio n Met hods, page 38 -9 • Rout ing Assistan ce W hen I P Rout ing is Dis abled, page 38- 12 • Conf iguri ng Bro adca st Pack et Hand ling, pa ge 38-1 4 • [...]

  • Pagina 867

    38-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Assigning IP Address es to Netwo rk Interface s An IP ad dress identi fie s a location to which IP pack ets ca n be s ent. Som e IP add resses are reser ved for special u ses an d ca nnot be used [...]

  • Pagina 868

    38-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng Classless Routing By default, classless routing beha vior is enabled on the switch when it is confi g ured to route. W ith classle ss routing , if a route r receives packets for a subnet of a net[...]

  • Pagina 869

    38-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Figur e 38-3 No IP Clas sless Ro uting T o p revent the swi tch f rom for warding packets destined for unre cogniz ed subne ts to the be st supe rnet route poss ible, you can disab le classl ess r[...]

  • Pagina 870

    38-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng The swi tch can use these forms of address r esolutio n: • Address Resolut ion Protoc ol (ARP) i s used to associa te IP ad dress wi th MA C ad dresses. T aking a n IP addre ss as i nput, ARP [...]

  • Pagina 871

    38-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing T o remove an entr y from t he ARP cach e, us e the no arp i p - a d d re s s h a rd w a re - a d d re s s t y p e global conf iguratio n command . T o remo ve all nons tatic ent ries from th e A[...]

  • Pagina 872

    38-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng Enable Proxy ARP By default, the sw itch uses pro xy ARP to help hosts learn MA C address es of hosts on othe r networks or subnets. Beginning i n privileged EX EC mo de, fol low these s teps t [...]

  • Pagina 873

    38-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Beginning i n privileged E XEC mo de, follow these steps to d efine a de fault gat ew ay (ro uter) when IP routing is disa bled: Use the no ip default-gateway global c onfigurat ion co mmand to d[...]

  • Pagina 874

    38-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng If you chang e the maxadvertinterv al va l u e , th e holdtime and minadvertinterval v alues also cha nge, so it is importan t to f irst change the ma xadvertinte rval v alue , before ma nuall y[...]

  • Pagina 875

    38-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Enabling Directed Broadcast-to- Physical Broadcast Translation By default, IP direct ed broadc asts are dr opped; th ey are not forwarde d. Drop ping IP-di rected broa dcast s makes router s less[...]

  • Pagina 876

    38-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng Forwarding UDP Broadcast Packets and Prot ocols User Da tagram Prot ocol (U DP) is an IP host -to-host layer prot ocol, as is TCP . UDP provides a low-ov e rhead, conn ectionle ss session betw e[...]

  • Pagina 877

    38-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Establishing an IP Broadcast Address The mo st po pular IP broadc ast address (and the d efault) i s an add ress cons isting of al l ones (255.255 .255.2 55). Howe ver , the sw itch can b e co nf[...]

  • Pagina 878

    38-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng Beginning i n privileged EX EC mo de, fol low these s teps t o use the b ridging sp anni ng-tre e datab ase to flood U DP dat agram s: Use the no ip f orwa rd-protocol spanning-tree global co nf[...]

  • Pagina 879

    38-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Enabli ng IP Unic ast Rout ing Enabling IP Uni cast Routing By default, the switch is in Layer 2 switching mode and IP routin g is disabled. T o use the Layer 3 capabiliti es of the switch, you must enable I P routing. Begin[...]

  • Pagina 880

    38-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g RIP Switch(config-router)# network 10.0.0.0 Switch(config-router)# end Y o u can now set up parame ters for the selected routing prot ocols as de scribed in these sect ions: • Conf igur ing R IP , page 38-2 0 [...]

  • Pagina 881

    38-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring RIP Default RIP Configuration T ab le 38-4 shows the default RIP conf iguration. Configuring Basic RIP Parameters T o con figure RIP , you enable RIP routing fo r a network and opt ionall y configure ot her param[...]

  • Pagina 882

    38-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g RIP T o turn off the RIP rout ing process, use the no router rip global co nfigurati on comma nd. T o di splay the parame ters and cu rren t state of th e active routing pro tocol process , use the show ip proto[...]

  • Pagina 883

    38-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring RIP Configuring RIP Authentication RIP V ersion 1 does not suppor t authe nticat ion. If you are se nding a nd re ceiving RIP V ersi on 2 p ackets, you can en able RIP authen tication o n an interf ace. The ke y [...]

  • Pagina 884

    38-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g RIP Beginn ing in pri vileged EXEC mode, follo w these steps to set an inte rfac e to advertise a summa rized local IP address and to di sable split horizon on the interfa ce: T o disable IP summarization, use t[...]

  • Pagina 885

    38-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF Beginning in privileged EX EC mode , foll ow these s teps to disable split horizon on t he in terface: T o enable the split horizon m echanis m, use the ip split -horizon i nter face configur ation co mman [...]

  • Pagina 886

    38-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF These sec tions co ntain this co nfiguration in format ion: • Default OSPF Configuration, page 38-26 • Configuring Basic OSPF Paramete rs, page 38-29 • Configuring OSPF Interfa ces, page 38-29 • Confi[...]

  • Pagina 887

    38-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF OSPF Nonstop Forwarding The switc h stack supp orts two levels of nonstop forwardin g (NSF): • OSPF NSF A warene ss, page 38-28 • OSPF NSF Capability , page 38-28 Distance OSPF dist1 (a ll rout es with [...]

  • Pagina 888

    38-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF OSPF NSF Awareness The IP-services feature set suppor ts OSPF NSF A war eness supported for IPv4 . When the neighboring router is NSF-capabl e, the L ayer 3 switch co ntinue s to forward pac kets from the nei[...]

  • Pagina 889

    38-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF Configuring Basic OSPF Parameters Enabling OSPF r equires that you creat e an OSPF routi ng process, specify the r ange of IP addresses to be asso ciated with the routing p roces s, and assig n area IDs to [...]

  • Pagina 890

    38-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF Use the no form of thes e command s to remo ve the conf igured param eter valu e or retur n to the default value. Step 3 ip ospf cost (Opti onal) Explicitl y specify the cost of sending a packet on the interf[...]

  • Pagina 891

    38-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF Configuring OSPF Area Parameters Y ou can option ally confi gure se veral OSPF a rea para meters. Th ese parameters include authentic ation for pa ssw ord-b ased pr otec tion aga inst unautho rized acc ess [...]

  • Pagina 892

    38-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF Use the no form of thes e command s to remo ve the conf igured param eter valu e or to retu rn to the default value. Configuring Other OS PF Para meters Y ou can option ally confi gure other OSPF para meters [...]

  • Pagina 893

    38-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF Beginning in privile ged EXEC mode, follow the se steps to configure these OSPF parameter s: Command Purpose Step 1 conf igur e terminal E nter g lobal configuration mode . Step 2 router ospf pr oc ess-id E[...]

  • Pagina 894

    38-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF Changing LSA Gro up Pa cing The OSPF LS A group pacing feature allows the router to group OSPF L SAs and pa ce the re freshing, check- sum ming , and agi ng f unctio ns for mo re efficient rout er us e. T his[...]

  • Pagina 895

    38-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring EIGRP Monitoring OSPF Y ou can display specifi c statistics such as th e conten ts of IP r outing table s , caches, and database s. T ab le 38-6 lists some of the pr ivileged EXEC co mman ds for displ aying stati[...]

  • Pagina 896

    38-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing EIGRP EIGRP of fers these f eatures: • Fast co n vergenc e. • Incr emen tal upd ate s when the s tate of a des tinat ion chang es, i nstea d of sen ding t he en tire c ontent s of the routi ng ta ble, m inimi[...]

  • Pagina 897

    38-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring EIGRP • Configuring E IGRP Route Au thentic ation, page 3 8-41 • EIGRP Stub Routi ng, pag e 38-42 • Moni tor ing and Mai ntainin g EIGR P , page 38- 4 3 Note T o enab le EIGRP , the switc h or stack mas ter[...]

  • Pagina 898

    38-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing EIGRP T o cr eate an EIG RP routin g process, yo u must enable EIGRP and asso ciat e networks . EIGRP sends updates to the interf aces in the specif ied networ ks. If you do not specify an interface netw o rk, it[...]

  • Pagina 899

    38-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring EIGRP EIGRP N SF Capabili ty The Cat alyst 3750- E IP-se rvices fea ture set also suppor ts EIGRP NSF-c apabl e routing fo r IPv4 for better con ve rge nce and lo wer traf fic loss follo win g a stack master ch a[...]

  • Pagina 900

    38-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing EIGRP Use the no forms of th ese comman ds to disa ble the featur e or retur n the sett ing to the de fault v alue. Configuring EIGRP Interfaces Other o ptiona l EIG RP para meter s can be co nfigured on an i nte[...]

  • Pagina 901

    38-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring EIGRP Use the no forms of these co mmand s to disabl e the feat ure or re turn the sett ing to the defa ult v alue. Configuring E IGRP Ro ute Authentication EIGRP r oute a uthenti cation provides MD5 authen ticat[...]

  • Pagina 902

    38-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing EIGRP Use the no forms of these commands to disable the feature or to return the setting to the default v alue. EIGRP Stub R outing The EIGRP stub routing featu re, av ailable in all featur e sets, reduces resour[...]

  • Pagina 903

    38-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Figur e 38-4 EIGRP St ub Rout er Config urat ion For more inf ormation about E IGRP stub routing, see “Configu ring EIGRP St ub Rout ing” sect ion of the Cisco IO S IP Configuration Gui de, V olume 2 of 3[...]

  • Pagina 904

    38-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP For details about BGP co mman ds and keywords, se e the “IP Ro uting Protocols” part of the Cis co IO S IP Com mand Re fer ence, V ol ume 2 of 3: Routi ng Protocols, Rele ase 12. 2 . For a lis t of BGP c[...]

  • Pagina 905

    38-45 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP In BGP , ea ch rout e con sists of a n etwork number, a list of aut onomo us system s th at infor matio n has passed thr ough (the a utonomous syst em path ), and a list of oth er path attri butes . Th e prim[...]

  • Pagina 906

    38-46 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP T a ble 38-9 Def ault BGP Configur ation Feature Default Setting Aggregat e addr ess Disabled: N one de fined. AS pa th acce ss list None defined. Au to s umm ar y Enab led. Bes t pat h • Th e rou ter cons[...]

  • Pagina 907

    38-47 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Nonstop Forwarding Awareness The BGP NSF A wareness f eature is su pported f or IPv4 in the IP s ervices fea ture set . T o enable th is featu re with BGP ro uting, you need to en able Gr aceful Restart. When[...]

  • Pagina 908

    38-48 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP neig hbor ing r out er duri ng the inte rval betw een t he pr imar y Rout e Process or (R P) in a r outer f aili ng a nd the backup RP taking over , or while the primar y RP is manua lly relo aded fo r a non[...]

  • Pagina 909

    38-49 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Use the no route r bgp aut onomous-s ystem global co nfiguration comma nd to r emove a BGP AS. Use the no network network- number router configuration com mand to re move the network fr om the BGP tabl e. Use[...]

  • Pagina 910

    38-50 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Router B: Switch(config)# router bgp 200 Switch(config-router)# neighbor 129.213.1.2 remote-as 100 Switch(config-router)# neighbor 175.220.1.2 remote-as 200 Router C: Switch(config)# router bgp 200 Switch(co[...]

  • Pagina 911

    38-51 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP establi sh a TCP sessi on. A s oft re set al lows the dynam ic excha nge of route refresh request s and routing informa tion b etween B GP rout ers a nd th e subseq uent re-ad ver tisemen t of t h e res pecti[...]

  • Pagina 912

    38-52 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Configuring BGP Decision Attributes When a BGP speak er receiv es updates from multiple autono mous systems that describe dif ferent paths to the sa me destination, it must ch oose the single best path for r[...]

  • Pagina 913

    38-53 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Beginning i n privileged EX EC mo de, fol low these s teps t o configure s ome d ecision attr ibutes: Command Purp ose Step 1 co nfi g ure terminal Enter globa l configura tion mode . Step 2 r outer bgp auton[...]

  • Pagina 914

    38-54 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Use the no form of ea ch com mand t o retu rn t o the defau lt stat e. Configuring BGP Filtering with Route Maps W i thin B GP , route maps can be used t o cont rol a nd to m odif y rou ting in forma tion an[...]

  • Pagina 915

    38-55 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP path, comm unity , and network num bers. Auto nomous sys tem path mat ching re quires the match as-path access-lis t rou te-ma p command , commu nity based ma tching re quires the match community-list route- [...]

  • Pagina 916

    38-56 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Configuring Prefix Lists for BGP Filtering Y ou can use p ref ix lists a s an alte rnati ve to acces s list s in man y BGP rou te fi ltering comman ds, inclu ding the neighbor distribute-list router configur[...]

  • Pagina 917

    38-57 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP sequence number command; to reenabl e automatic generation, u se the ip pref ix-list sequence number command. T o clear the hit-co unt table of p ref ix list entrie s, use the c lear ip pr ef ix-list pri vile[...]

  • Pagina 918

    38-58 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Configur ing BGP Neighbors and Peer Grou ps Often m any BGP ne ighbo rs are configured wit h the same up date policie s (tha t is, the sa me out bound route ma ps, distribute lists, filter l ists, update sou[...]

  • Pagina 919

    38-59 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Step 7 neighbor { ip-addre ss | pe er-gr oup -name } default-originate [ route-map ma p-name ] (Optional) Allo w a BGP speak er (t he local r outer) to send th e default r oute 0 .0.0.0 to a n eighbor for use[...]

  • Pagina 920

    38-60 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP T o d isab le an existing B GP ne ighbor or nei ghbor peer g roup, use th e neighbor shutdown r outer configurat ion comm and. T o enab le a previous ly existing nei ghbo r or neighbo r peer gr oup that had [...]

  • Pagina 921

    38-61 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP T o delete an aggre gate entry , use the no aggregate-addr ess addr ess mask rou ter configuration comma nd. T o retur n option s to the de faul t v alues, use the comm and with ke ywor ds. Configuring Routin[...]

  • Pagina 922

    38-62 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP When the ro ute refl ector recei ves an ad vert ised route, it tak es one of these act ions, dependi ng on the neighb or: • A route from an e xternal B GP speak er is adv e rtise d to all c lients and nonc[...]

  • Pagina 923

    38-63 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Beginning i n privileged E XEC mo de, use thes e com mands t o configure BGP ro ute dampen ing: T o disa ble fla p dampenin g, use the no bgp dampening router co nfiguration c omman d withou t keywords. T o s[...]

  • Pagina 924

    38-64 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Y o u can also en able t he logging of message s generate d when a BG P neighbo r resets , comes up, or goes down b y using the bgp log -neighbor changes router configur ation com mand. Configuring M[...]

  • Pagina 925

    38-65 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE These se ctions conta in this i nformation: • Understan ding Multi-VRF CE, page 38-6 5 • Default Mu lti-VRF C E Configuration, pa ge 38-6 7 • Multi-VRF CE Conf iguration Guidelines, page 38- 67[...]

  • Pagina 926

    38-66 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Figur e 38-6 Catalyst 37 50-E or 35 60-E Switc hes Acting as Multiple V irt ual CEs When the CE switc h recei ves a command to add a Lay er 3 interf ace to a VRF , it sets up th e appropriate mapping[...]

  • Pagina 927

    38-67 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE T o conf igure VRF , you create a VRF table and specify the Layer 3 int erfac e associat ed with the VRF . Then configure th e rout ing pro toco ls in th e VPN and be tween t he CE and th e PE. BGP i[...]

  • Pagina 928

    38-68 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE • A cust omer ca n use m ultip le VLA Ns as lon g as t hey do not overlap with t hose o f other custome rs. A customer’ s VLANs are mapped to a specific routing table ID that is used to iden tify[...]

  • Pagina 929

    38-69 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE Use t he no ip vrf vrf-name global conf iguration command to delete a VRF and to remov e all interf aces from it. Use the no ip vrf f orwarding interface c onfig uration comm and to remo ve an interf[...]

  • Pagina 930

    38-70 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Configuring BG P PE to CE Routing Sessions Beginning in privileged EX EC mode , foll ow these ste ps to con figure a BGP PE t o CE ro uting sessio n: Use the no r outer bgp autono mous-s ystem -numbe[...]

  • Pagina 931

    38-71 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE Figur e 38-7 Multi-VRF CE Conf igur ation Exa mple Switch A Switch D VPN1 VPN2 CE1 Global network 208.0.0.0 F ast Ethernet 8 Gigabit Ethernet 1 101386 PE CE2 Switch E 108.0.0.0 F ast Ethernet 7 Switc[...]

  • Pagina 932

    38-72 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Configur ing Switch A On Switch A, enable routing and conf igure VRF . Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# ip routing Switch(config[...]

  • Pagina 933

    38-73 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE Switch(config)# interface vlan118 Switch(config-if)# ip vrf forwarding v12 Switch(config-if)# ip address 118.0.0.8 255.255.255.0 Switch(config-if)# exit Switch(config)# interface vlan208 Switch(confi[...]

  • Pagina 934

    38-74 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Configur ing Switch F Switch F belon gs to V PN 2. C onfigure the conn ecti on to Sw itch A by using thes e co mmands. Switch# configure terminal Enter configuration commands, one per line. End with [...]

  • Pagina 935

    38-75 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Unicast Reverse Path Forwarding Router(config)# router bgp 100 Router(config-router)# address-family ipv4 vrf v2 Router(config-router-af)# neighbor 83.0.0.8 remote-as 800 Router(config-router-af)# neighbor 83.0.0[...]

  • Pagina 936

    38-76 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Configuring Proto col-Independent Features This secti on descri bes how to configure IP routing pro toco l-indepe nden t feature s. These featur es are av ailable on switche s run[...]

  • Pagina 937

    38-77 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res The def ault conf ig uration is CEF or dCEF enabled on all Laye r 3 interface s . Entering the no ip route- cach e c ef int erface co nfiguration co mman d disab les CEF for tr a[...]

  • Pagina 938

    38-78 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Even though the ro uter au tomat ically learns about an d configur es equal -cost ro utes, you can cont rol the maxim um number of para llel pat hs supporte d by an IP routing pro[...]

  • Pagina 939

    38-79 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res Static route s that point to an inte rface a re adver tised through RIP , IGR P , and other dynami c rout ing protocol s, whe ther or n ot sta tic re d i st r i bu t e router con[...]

  • Pagina 940

    38-80 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Use the no ip default-netw ork net work n umbe r global co nfiguration c omman d to remove the route . When default in format ion is passed th rough a dy namic ro uting pro tocol [...]

  • Pagina 941

    38-81 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res Note Alth ough e ach of Steps 3 throug h 14 in the following se ction is opt ional, you m ust ente r at least one match rou te-ma p con figuration comm and a nd on e se t rout e-[...]

  • Pagina 942

    38-82 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s T o delete an entry , use the no route-map map tag global c onfiguration c ommand or the no match or no set route- map co nf igur ation co mmands . Y o u can distri bute routes fr[...]

  • Pagina 943

    38-83 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res Beginn ing in p ri vileg ed EXEC mode, fo llo w thes e steps to con trol route r edistrib ution. Note th at the keywords are the same as defined in th e previous proce dure. T o [...]

  • Pagina 944

    38-84 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s W ith PBR, you clas sify tra f f ic using acc ess contr ol lists (A CLs) an d then mak e traf fic go through a dif ferent path. PBR is applied to in coming pac kets . All pack ets[...]

  • Pagina 945

    38-85 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res • T o use PBR, you must first en able the routing tem plate by using the sdm pr efer ro uting glob al conf iguratio n command. PBR is not supported with the VLAN or def a ult t[...]

  • Pagina 946

    38-86 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Beginn ing in pri vilege d EXEC mode, follo w th ese steps to c on f i g ur e PBR: Comma nd Purpos e Step 1 conf igur e terminal Enter global con figuration mod e. Step 2 route -m[...]

  • Pagina 947

    38-87 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res Use the no ro ute-map map- tag g lobal configurat ion com mand or the no match or no set rout e-map conf iguratio n commands to delete an entry . Use the no ip policy ro ute-map [...]

  • Pagina 948

    38-88 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Use a net work monit oring privileged EXEC co mman d such as show ip ospf inte rface to v erify t he interfaces t hat you enab led as passive, or use the show ip interface privile[...]

  • Pagina 949

    38-89 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res router to inte lligen tly di scrimina te bet ween so urces of rout ing in format ion. Th e rou ter always picks th e route whose r outing pr otocol has t he lowest adm inistra ti[...]

  • Pagina 950

    38-90 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Monito ring and Mai ntainin g the IP Networ k Beginning i n privileged EX EC mo de, fol low these s teps t o mana ge authe nticat ion keys: T o remo ve th e ke y chain, use the no key chain name-o f-chain gl obal co nfigurati[...]

  • Pagina 951

    38-91 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Monitoring and Maintaining the IP Network show ip route supern ets-on ly Displa y supern ets. sho w ip ca che Display the routing ta ble used to switch IP traf fic . sho w rou te -ma p [ map-n ame ] Display all route maps co[...]

  • Pagina 952

    38-92 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Monito ring and Mai ntainin g the IP Networ k[...]

  • Pagina 953

    C HAPTER 39-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 39 Configuring IPv6 Unicast Routing Intern et Protoc ol V ersio n 6 ( IPv6) is the ne twork-la yer Int ernet Pr otocol intend ed t o repl ace V ersion 4 (IPv4) in the TCP/IP su ite of pro tocols. T his cha pter descr ibes how to configure IP v6 unicast routing[...]

  • Pagina 954

    39-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Underst andin g IPv6 The arc hitecture of IPv6 allo ws e x isting IPv 4 users to transitio n easily to IPv6, a nd pro vides services such as end-t o-end sec uri ty , quality of service (QoS), and gl oball y unique ad dresses[...]

  • Pagina 955

    39-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Understanding IPv6 For more inform ation about IPv6 address for mats, ad dress type s, and the IPv6 packet hea der , go to “Impl ementing Bas ic Conn ecti vity for IPv6 ” chapte r of the Cisco IOS IPv6 Configuration Lib[...]

  • Pagina 956

    39-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Underst andin g IPv6 These addre sses are defined by a global routing prefix, a subne t ID , an d an i nterface ID. Cu rrent global unicast ad dress allo cation uses the range of addr esses that start wi th binary value 001 [...]

  • Pagina 957

    39-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Understanding IPv6 A v alue of 135 in the T ype fiel d of the ICMP packet he ader identif ies a neighbor solicitation messag e. These me ssages are sent on the local link when a no de needs to dete rmine t he link-laye r ad[...]

  • Pagina 958

    39-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Underst andin g IPv6 • DNS resolv er for AAAA ov er IPv4 transpor t • Cisco Disc overy Protocol (CDP) support for IPv6 addr esses For more informat io n about m anaging these applications with Cisc o IOS, see the “Mana[...]

  • Pagina 959

    39-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Understanding IPv6 • Simp le Networ k Manageme nt Protoco l (SNMP) ov er IP v6 tr anspo rt • IPv 6 Ho t Sta ndb y Rout er Pr otoc ol (HSR P) • DHCPv6 • IPv6 pa ckets destined to site-lo cal addre sses • T unn elin[...]

  • Pagina 960

    39-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Underst andin g IPv6 Note T o rout e IPv6 packets in a sta ck, all switche s in the stack should be running the adv anced IP s ervices featu re set . If a ne w switch become s the stac k master , the ne w master reco mpute s[...]

  • Pagina 961

    39-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Understanding IPv6 SDM Templates T o allocate sys tem res ources fo r unicast route s, MA C addresse s, A CLs and oth er featur es, the switc h SDM templa tes priorit ize system resources to optimize support f or certai n f[...]

  • Pagina 962

    39-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 Note An IPv4 rout e requi res only one hardwa re entry . Because of the h ardware com pressio n schem e used fo r IPv6, an IPv6 rout e can take mo re than one har dware entry , redu cing the nu mber of e[...]

  • Pagina 963

    39-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Default IPv6 Configuration T ab le 39-2 shows the default I Pv6 co nfiguration . Configuring IPv6 Addressi ng and En abling IP v6 Rou ting This se ction de scribe s how to assi gn IPv6 addre sses to in [...]

  • Pagina 964

    39-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 Beginning in privileged EXEC mode, foll ow these steps to assign an I Pv6 ad dress to a L ayer 3 interfac e and en able IPv6 ro uting: T o remo ve an IPv6 add ress fro m an interf ace, use the no ip v6 a[...]

  • Pagina 965

    39-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 without arg uments. T o disable IPv6 pro cessing on a n interf ace th at has no t been e xplicitly conf igured with a n IPv6 ad dress, use the no ipv6 enable interface configurat ion comm and. T o globa[...]

  • Pagina 966

    39-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 T o disa ble IPv 4 routing, use the no ip r outing global configurat ion c omman d. T o disable IPv 6 routi ng, use the no ipv6 unicast-routing globa l configurat ion c omma nd. T o rem ove an IPv4 addre[...]

  • Pagina 967

    39-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Configuring IPv6 IC MP Rate Limiting IPv6 ICMP rate limitin g uses a token- bu cket algorith m for limiting the ra te at which IPv6 ICMP error messages are sent to the network. The int erv al between er[...]

  • Pagina 968

    39-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 T o disa ble IP v6 CEF or distr ib uted CEF , use the no ipv6 cef or no ipv6 cef d istri buted glob al configurati on comm and. T o re enabl e IPv6 C EF or dCEF if it ha s been disabl ed, use the ipv6 ce[...]

  • Pagina 969

    39-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure an IPv6 static route: Comma nd Purpos e Step 1 conf igur e terminal Ente r global con figuration mod e. Step 2 ipv6 route ipv6-pr e[...]

  • Pagina 970

    39-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 T o remo ve a co nf igured static rou te, use the no ipv6 route ipv6-pr ef ix/pr efix length { ipv6-add r ess | interface- id [ ipv6-add r ess ]} [ admi nist ra tive di stance ] glo bal co nfigurati on c[...]

  • Pagina 971

    39-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Beginning in privileged EX EC mode , foll ow these re quired and optional steps t o configure I Pv6 RI P: T o di sable a RIP ro uting proce ss, use the no ipv6 rout er rip na me gl obal con figuration c[...]

  • Pagina 972

    39-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 Configuring OSPF for IPv6 Open Shortest Path First (OSPF) is a link-state prot ocol for I P , which means that routi ng decisions are based o n th e stat es o f the links t hat conne ct th e sourc e and [...]

  • Pagina 973

    39-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Beginn ing in pri vileged E XEC mode, follo w these r equired an d optional ste p s to conf igure IPv6 OSPF: Comma nd Purpose Step 1 conf igur e terminal Ente r global co nfigurati on mode . Step 2 ipv6[...]

  • Pagina 974

    39-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Displa ying I Pv6 T o disable an OSPF r outing process, use the n o ipv6 router ospf pr ocess-id global configu ration command. T o disable the OSPF routin g process for a n interfa ce, use the no ipv6 ospf process-id area [...]

  • Pagina 975

    39-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Displaying I Pv6 ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds <output truncated> This i s an exampl e of t he o utput from the show ipv6 cef pri vile ged E XEC co[...]

  • Pagina 976

    39-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Displa ying I Pv6 This i s an exampl e of t he o utput from the show ipv6 neighbor pri v ileg ed EXE C comm and: Switch# show ipv6 neighbors IPv6 Address Age Link-layer Addr State Interface 3FFE:C000:0:7::777 - 0007.0007.00[...]

  • Pagina 977

    39-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Displaying I Pv6 ICMP statistics: Rcvd: 1 input, 0 checksum errors, 0 too short 0 unknown info type, 0 unknown error type unreach: 0 routing, 0 admin, 0 neighbor, 0 address, 0 port parameter: 0 error, 0 header, 0 option 0 [...]

  • Pagina 978

    39-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Displa ying I Pv6[...]

  • Pagina 979

    C HAPTER 40-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 40 Configuring HSRP and Enhanced Objec t Tracking This c hapter d escrib es how to use Hot St andby Rout er Prot ocol (H SRP) on the Ca talyst 3750-E or 3560-E sw itch to provide routin g redund ancy for routin g IP traffic without bein g depen dent on th e av[...]

  • Pagina 980

    40-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Underst anding HSRP Note Rou ters in an H SRP gro up ca n be a ny router interfac e tha t suppo rts HS RP , incl uding Ca talyst 3750-E or 3560-E rou ted port s and switch virtu al interfaces (SVIs) . HSRP p[...]

  • Pagina 981

    40-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Unde rsta ndin g HS RP Figur e 40-1 T ypical HSRP Configur ation Multiple HSRP The switch sup ports Multiple H SRP (MHSRP), an extensio n of HSRP that allo ws load sharing betw een two or more HSRP gro ups. Y o[...]

  • Pagina 982

    40-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configuring HSRP Figu re 40-2 M HSR P Load Sharing HSRP and S witch S tacks HSRP hello mess ages are g ener ated by th e s tack ma ste r . If an H SRP-a ctive stack m aste r fails , a flap i n the HSRP acti [...]

  • Pagina 983

    40-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Configuring HSRP Default HSRP Configuration T ab le 40-1 shows the default HSRP conf iguration. HSRP Configuration Guidelines Foll ow these gui delines when conf iguring HSRP: • HSRP ca n be configured on a m[...]

  • Pagina 984

    40-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configuring HSRP When th e standby ip comma nd is enabled on an interf ace and pr oxy A RP is en abled, if the interfa ce’ s Hot Standb y state is acti ve, prox y ARP reque s ts are ans wered us ing the Ho[...]

  • Pagina 985

    40-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Configuring HSRP Configuring HSRP Priority The standby priority , st andby preempt , and standby track interfa ce configu ratio n com mands are al l used to set cha racteri stics f or finding active and stan db[...]

  • Pagina 986

    40-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configuring HSRP Use the no standby [ gr o up-numbe r ] priority priority [ preempt [ delay delay ]] a nd no standby [ gr oup-num ber ] [ priority priority ] preempt [ delay delay ] interface co nfig uration[...]

  • Pagina 987

    40-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Configuring HSRP This exam ple a ctiv a tes a port, sets an IP addre ss and a pri ority of 12 0 (high er tha n the default value), and waits for 30 0 second s (5 minutes ) before a ttempt ing to beco me the act[...]

  • Pagina 988

    40-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configuring HSRP When conf iguring these a ttrib utes, fo llo w these g uidelines: • The aut hentica tion string i s sent unenc rypted in all HSRP message s. Y o u must configure the same authenti cation [...]

  • Pagina 989

    40-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Disp laying H SRP Co nfig uratio ns This exampl e shows ho w to set the time rs on standby gro up 1 with the time betwe en hello packet s at 5 seconds an d the tim e after whi ch a rout er is consi dered down [...]

  • Pagina 990

    40-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configur ing Enhance d Object Tracking This is a an exam ple of out put fro m t he show standby privileged EXEC comma nd, displa ying HSRP inform ation fo r two standby groups (gro up 1 and grou p 100): Swi[...]

  • Pagina 991

    40-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Confi gurin g Enhan ced Objec t Track ing Configuring E nhanc ed Object Tra cking F eatures These sec tions descr ibe configur ing enha nced obj ect track ing: • T r ackin g Int erface Line-P rotocol or IP R[...]

  • Pagina 992

    40-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configur ing Enhance d Object Tracking This e xample conf igures the track ing of an interf ace line -protoco l state and veri fies the conf iguration : Switch(config)# track 33 interface gigabitethernet 1/[...]

  • Pagina 993

    40-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Confi gurin g Enhan ced Objec t Track ing Use the no track tra ck- number global conf iguration comman d to delete the track ed li st. This e xample con fig ures track list 4 w ith a Boolean AND e xpression th[...]

  • Pagina 994

    40-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configur ing Enhance d Object Tracking Use the no tr ack track-number global conf iguration co mmand to delete the track ed list. The exampl e configur es track list 4 to track by wei ght thr eshold. If obj[...]

  • Pagina 995

    40-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Confi gurin g Enhan ced Objec t Track ing This e xample co nfig ures track ed list 4 with three obj ects and a specif ied percenta ges to measure the state of the list: Switch(config)# track 4 list threshold p[...]

  • Pagina 996

    40-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configur ing Enhance d Object Tracking Configuring Other Tracking Char acteristics Y o u ca n also use th e en hanced ob ject t racki ng fo r trac king o ther c hara cteris tics. • Y ou can t rack th e re[...]

  • Pagina 997

    C HAPTER 41-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 41 Configuring Web Cac he Services By Using WCCP This c hapter d escrib es how to configu re your Catalys t 375 0-E or 3560-E swi tch to redir ect tra ff i c to wide-ar ea appli cation en gines (suc h as the Cisco Cache Engine 550 ) by using the W eb Cache Com[...]

  • Pagina 998

    41-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Understan ding WCCP WCCP enabl es supported Cisc o routers and sw itches to transp aren tly redirec t content re quests. With transpare nt redire ction, use rs do not have to configure the ir browsers to use a [...]

  • Pagina 999

    41-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 41 Configur ing Web Cache Services By Using WCCP Understa nding WCCP WCCP Negotiation In the exchange of WCCP protocol messages , the design ated appl ication engi ne and the WCCP-enable d switch ne g otiate these item s: • Fo rwar ding method (the met hod by[...]

  • Pagina 1000

    41-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Understan ding WCCP Y o u can configure up t o 8 service grou ps on a switch or sw itch stac k and up to 32 cli ents per servi ce group. WC CP mainta ins the pr iority o f the se rvice gr oup in t he group defi[...]

  • Pagina 1001

    41-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 41 Configur ing Web Cache Services By Using WCCP Config uring WCCP Unsupporte d WCCP Features These WCCP features are not supporte d in this software release: • Packet redirect ion on an out bound int erface that is configured by using the ip wccp redir ect o[...]

  • Pagina 1002

    41-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Configuring WCCP • The num ber of av ailable policy-based routing (PB R) labe ls are re duced as mor e interfac es are enabl ed for W CCP ingress r edirecti on. For ev ery int erface that supports ser vice gr[...]

  • Pagina 1003

    41-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 41 Configur ing Web Cache Services By Using WCCP Config uring WCCP Comma nd Purpos e Step 1 conf igur e terminal Enter globa l configurati on mode. Step 2 ip wccp { w eb- cach e | service-number } [ group-addr ess groupaddr ess ] [ group-list access-list ] [ re[...]

  • Pagina 1004

    41-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Configuring WCCP T o disa ble t he we b cach e serv ice, use t he no i p wccp web-cache global configurat ion comm and. T o disable inbound pac ket redir ection, use the no ip wccp web-cache r edirect in inter [...]

  • Pagina 1005

    41-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 41 Configur ing Web Cache Services By Using WCCP Monitoring and Maintaining WCCP This e xample sho ws how to conf igure SVIs an d how to enable the web cache ser vice with a multica st group l ist. VL AN 29 9 is crea ted a nd configu red wi th an IP a ddress of[...]

  • Pagina 1006

    41-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Monitorin g and Maintain ing WCCP show ip interface Displays st atus about a ny IP WCC P redir ection comm ands t hat a re conf igured on an interf ace; for exam ple, Web Cache Re direct is enabled / disab led[...]

  • Pagina 1007

    C HAPTER 42-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 42 Configuring IP M ulticast R outing This chapter describes how to conf igure IP multicast ro uting on the Catalyst 3750-E or 3560-E switch. IP multica sting is a more e ffi cient w ay to use netw o rk resource s, especially for bandwidth- intensi ve services[...]

  • Pagina 1008

    42-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Underst anding Cis co’s Im plementat ion of IP Mu lticast Rout ing Understandin g Cisco’s Imp lementation of IP Multic ast Routing The Cisco IOS softwa re supports these protocols to implem ent IP multica st routing: •[...]

  • Pagina 1009

    42-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Understanding Cisco’s Implementation of IP Multicast Routing Understand ing IGMP T o participate in IP multicasting, multicast hosts, rou ters, and multil ayer switches must ha ve the IGMP operati ng. Thi s pro tocol de f[...]

  • Pagina 1010

    42-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Underst anding Cis co’s Im plementat ion of IP Mu lticast Rout ing Understand ing PIM PIM is called pr otoc ol-in depen dent : regardle ss of the unic ast rout ing protoco ls used to pop ulate the unicast r outing table , [...]

  • Pagina 1011

    42-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Understanding Cisco’s Implementation of IP Multicast Routing When a new receiv er on a previously prune d branch of t he tree joins a multica st group, th e PIM DM de vic e detect s the ne w receiv er and immedi ately sen[...]

  • Pagina 1012

    42-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Underst anding Cis co’s Im plementat ion of IP Mu lticast Rout ing passive interfaces. On ly the non redun dant ac cess rout er topo logy is suppo rted by the PI M stub fe ature . By using a n onredunda nt t opology , th e[...]

  • Pagina 1013

    42-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Understanding Cisco’s Implementation of IP Multicast Routing Bootstrap Route r PIMv2 BSR is another method to distrib ute group-to-RP mapping information to all PIM rou ters and multilaye r switches in the netwo rk. It el[...]

  • Pagina 1014

    42-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Underst anding Cis co’s Im plementat ion of IP Mu lticast Rout ing Figu re 42-3 R PF Ch eck PIM use s both sour ce trees and RP-root ed shared trees to for war d datagr ams (desc ribed in the “PIM DM” sectio n on page [...]

  • Pagina 1015

    42-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Multicast Routing and Switch Stacks D V MRP neig hbors build a route t able by periodi cally exch anging sour ce network ro uting info rmat ion in route-r eport messa ges. The rou ting in formatio n stored in the D V MRP ro[...]

  • Pagina 1016

    42-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting • They do not build multic ast routing tables . Instead, the y use the multicast rout ing table that is distr ibu ted b y the stack master . Configuring IP Multicast Routing These se[...]

  • Pagina 1017

    42-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing Note Th e PIM i mplement ation of on Ca talyst 3 750-E an d 3560- E swit ches i s the sam e as th at on Ca talyst 3750 and 3560 swit ches exce pt for the d ifferences su mmar ized in the Ci[...]

  • Pagina 1018

    42-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting • Because boot strap messa ges are sen t hop-by-hop, a PIMv1 device pre vents these me ssages from reaching all routers and multilayer switches i n your n etwork. Therefor e, if y ou[...]

  • Pagina 1019

    42-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing T o disable multicasting, use the no ip multicast-r outing distributed global configurat ion com mand. T o return to the def ault PIM vers ion, use the no ip pim version interfa ce configur[...]

  • Pagina 1020

    42-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting T o di sable PIM stub rout ing on an in terface, use the no ip pim passive in terfa ce config uration command. Config uring a R endez vous Point Y ou must have an RP if the interface i[...]

  • Pagina 1021

    42-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing T o remo ve an RP address , use the no ip pim rp-addres s ip-address [ access-list-numbe r ] [ overr ide ] global configurat ion comm and. This exampl e shows ho w to configure the ad dress[...]

  • Pagina 1022

    42-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting Configuring Auto-RP Auto-RP us es IP multicast to automa te the distribution of group-to-R P mappings to all Cisco routers and multilaye r switches in a PIM network. It has these benef[...]

  • Pagina 1023

    42-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing Command Purpose Step 1 show running-confi g V erify that a defaul t RP is alrea dy configured on all PIM devices and the RP in t he sparse-m ode net work. It was previously configured wi th[...]

  • Pagina 1024

    42-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting T o r emove the PIM device configured as the cand idate RP , us e the no ip pim send-rp-announce interface- id global configu ration c omma nd. T o remove the sw itch as the RP-map pin[...]

  • Pagina 1025

    42-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing T o remov e a filte r on incoming RP announcemen t messages, use the no ip pim rp-announce- f ilter rp-list acc ess-list-number [ gr oup-list access-list-number ] global c onfiguratio n com[...]

  • Pagina 1026

    42-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting In thi s example , the mappi ng a gent a ccepts candi date RP annou ncem ents from o nly two devices, 172.1 6.5.1 a nd 172 .16.2 .1. The map ping a gent a ccepts candid ate RP annou nc[...]

  • Pagina 1027

    42-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing Figur e 42-4 Constr ainin g PIMv2 BSR Me ssag es Defini ng the IP Multicast Bou ndary Y ou de fine a multicast boundary to prev ent Auto-RP messages from entering the PIM domain. Y ou cre a[...]

  • Pagina 1028

    42-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting This e xample sho ws a portion of an IP multicast boundar y config uration that den ies Auto-RP inform ation: Switch(config)# access-list 1 deny 224.0.1.39 Switch(config)# access-list [...]

  • Pagina 1029

    42-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing Configur ing Can didate RPs Y o u can configure one or mor e candida te RPs. Similar to BSRs, the RPs should a lso have good connec tivity to other devices and be in the backbo ne porti on [...]

  • Pagina 1030

    42-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting This e x ample sho ws how to co nfigur e the swi tch to adver tise itself as a can didate RP to the BSR in its PIM domain . Standar d access list nu mber 4 sp ecif ies the group pref i[...]

  • Pagina 1031

    42-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Confi guring Ad vanced PIM Fe atures Monitoring the RP Mapping Information T o monitor the RP mapping informatio n, use these commands in priv ilege d EXEC mode: • show i p pim bsr displays in formation about the elec te[...]

  • Pagina 1032

    42-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced PIM Features Figur e 42-5 Shar ed T re e and Sour ce T r ee (Shor test-P ath T r ee) If the data rate warran ts, leaf rou ters (route rs with out any downstream conn ections) on t he shared tree can u[...]

  • Pagina 1033

    42-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Confi guring Ad vanced PIM Fe atures Delaying the Use of PIM S hortest-Path Tree The ch ange from shar ed to s ource tr ee ha ppens w hen the first data pa cket arrives at the la st-h op router (Route r C in Figure 42- 5 )[...]

  • Pagina 1034

    42-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing Op tiona l IGM P Fe atu res T o return to the default setting, use the no ip pim spt-thr eshold { kbps | infinity } global co nfiguration comm and. Modifying th e PIM R outer-Query Mes sage Interval PIM router[...]

  • Pagina 1035

    42-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional IGMP Features • Modify ing the IGM P Host-Qu ery Messa ge Interval, page 42- 31 (o ptiona l) • Changin g the IGM P Query T i meout for IGMPv2, pa ge 42-32 (optional) • Changin g the Maxim um Que [...]

  • Pagina 1036

    42-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing Op tiona l IGM P Fe atu res T o cancel m embersh ip in a gr oup, us e the no ip igmp join-group group-addr ess interf ace conf iguration comm and. This exam ple sh ows how to enable the switc h to j oin mu lti[...]

  • Pagina 1037

    42-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional IGMP Features T o di sable gro ups on an inte rface, use the no ip igmp access-gr oup in terface co nf iguration comm and. This exampl e shows ho w to configure hosts at tache d to a port as abl e to j[...]

  • Pagina 1038

    42-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing Op tiona l IGM P Fe atu res The switch elect s a PIM designated router (DR) for the LAN (subnet). Th e DR is the router or multilayer switch wi th the highest I P address f or IGMPv2. For IGMPv1, the DR is ele[...]

  • Pagina 1039

    42-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional IGMP Features T o return to the default setting, use the no ip igmp querier -timeout in terface c onfigura tion comm and. Changing the Max imum Query Resp onse Time for IG MPv2 If you are using IGMPv2 [...]

  • Pagina 1040

    42-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Opti onal Multic ast Routing F eature s Beginn ing in p ri vilege d EXEC m ode, follo w these st eps to co nf igure the swi tch itself to be a statica lly connec ted mem ber of a gro up (and enable fast swi tch[...]

  • Pagina 1041

    42-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional Multicast Routing Featu res T o disabl e CGMP on the interface, use th e no ip cgmp interfac e configuration comma nd. When multi ple Cisc o CGMP -capab le devices are co nnecte d to a switc hed networ[...]

  • Pagina 1042

    42-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Opti onal Multic ast Routing F eature s Enabling sdr Listener Support By def ault, the switch doe s not listen to session directory adv ertisements. Beginn ing in pri vileged EXEC mode, follo w these steps to e[...]

  • Pagina 1043

    42-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional Multicast Routing Featu res Configuring an IP Multicast Boundary Administrativ ely-scoped boundarie s can be used to li m it the forwarding of multicast traf fic outside of a domain or subdomain. This [...]

  • Pagina 1044

    42-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Basi c DVMRP Inte roperab ility Feature s Beginning in pr i vileged EX EC mode, fo llow these step s to set up an admi nistra ti vely-sco ped boun dary . This proc edure is option al. T o r emove the bounda ry [...]

  • Pagina 1045

    42-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Basic DVMRP Interoperability Features Configuring DVMR P Interoperability Cisco multicast routers and multila yer switches using PIM can interoperate with non-Cisco multicast router s tha t u se t he DVMRP . PI[...]

  • Pagina 1046

    42-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Basi c DVMRP Inte roperab ility Feature s T o disabl e the metric o r route ma p, use the no ip dvmrp metric me tric [ lis t access-list-numbe r ] [[ pr otoc ol p ro cess-id ] | [ dvmrp ]] or the no ip dvmrp me[...]

  • Pagina 1047

    42-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Basic DVMRP Interoperability Features Configurin g a DVMRP Tunne l The soft ware sup ports DVMRP tunne ls to th e MBO NE. Y ou can configure a D VMRP t unnel o n a ro uter or multilaye r switch if the other end[...]

  • Pagina 1048

    42-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Basi c DVMRP Inte roperab ility Feature s T o disa ble t he f ilter , us e the no ip dvmrp acce pt-fi lt er access-list-n umber [ dist ance ] neighbor -list access-list -numbe r inte rface c onfigura tion comm [...]

  • Pagina 1049

    42-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features Beginning i n privileged E XEC mo de, follow these s teps to advertis e networ k 0.0 .0.0 t o D VMRP neighb ors on an interfa ce. Th is proced ure is op tional. T o prev[...]

  • Pagina 1050

    42-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Features These sec tions co ntain this co nfiguration in format ion: • Enab ling DVMRP Unic ast Rout ing, page 42 -44 (optional) • Rejectin g a D V MRP Nonpru ning Neig hb[...]

  • Pagina 1051

    42-45 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features Rejectin g a DVM RP Nonp runing Ne ighbor By def ault, Cisco de vices accept a ll D VMRP neighbors as peers, re gardless of their D VMRP capabil ity . Howe ver, some non[...]

  • Pagina 1052

    42-46 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Features Figur e 42-8 Rout er Rejects Nonpr uning D VMRP Neig hbor Note that the ip dvm rp reject-non -pru ners in terfa ce c onfig urati on co mman d prevents peer ing with n[...]

  • Pagina 1053

    42-47 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features Controlling Rout e Exchanges These sec tions descr ibe how to tune the Cisco device ad vertisemen ts of D VMRP rout es: • Limiting the Number of D VMRP Routes A dverti[...]

  • Pagina 1054

    42-48 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Features Beginning in privileged EXEC mo de, foll ow these s teps to chang e the threshol d number of rou tes tha t trigger the wa rning. This proce dure is op tional. T o ret[...]

  • Pagina 1055

    42-49 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features Figur e 42-9 On Connect ed Unicast Rout es Are A dver tised b y Def ault ( Catalyst 3750 -E S witche s) Figu re 42-10 Only C onnec ted U nic ast R ou tes are Advertise d[...]

  • Pagina 1056

    42-50 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Features Beginn ing in pri vileg ed EXEC mode, follo w these steps to customize the summariza tion of D VMRP routes if th e default cla ssful auto summari zation does not suit[...]

  • Pagina 1057

    42-51 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features T o r e-e nable auto su mmar izat ion, use the ip dvm rp auto-summary interf ace con fig urat ion comman d. Adding a Metric Offset to the DVMRP Route By default, the swi[...]

  • Pagina 1058

    42-52 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Mon ito ring and Main tain ing IP M ultic as t Rou ting Monitoring and Maintainin g IP Mu lticast Routing These sections describe how to monitor and maintain IP multicast ro uting: • Clearin g Cach es, T ables, and Databa[...]

  • Pagina 1059

    42-53 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Monitoring and Maintaining IP Multicast Routing Monitoring IP Multicast Routing Y o u can use the p rivileged EXEC comma nds in T able 42-6 to monitor I P multicas t routers, pac kets, and paths: show ip igmp groups [ grou[...]

  • Pagina 1060

    42-54 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Mon ito ring and Main tain ing IP M ultic as t Rou ting[...]

  • Pagina 1061

    C HAPTER 43-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 43 Configuring MSDP This ch apter de scribes ho w to conf igure the Mu lticast Sou rce Disco ve ry Proto col (MSDP) o n the Catalyst 375 0-E or 3560 -E switch . The MSDP co nnec ts multiple Prot ocol-I ndepend ent Mult icast sparse-m ode (PIM-S M) doma ins. MS[...]

  • Pagina 1062

    43-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Underst anding MSD P The purpose of this topology is to hav e domains discove r multicast sources in other doma ins. If the multicast so urces are of interest to a d omain that h as recei vers, m ulticast data is deli vered o ver the norma[...]

  • Pagina 1063

    43-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Understandi ng MSDP Figur e 43-1 MSDP Running Be tween RP Peers MSDP Benefits MSDP has these benef its: • It break s up the shared m ulticast d istrib ution tree. Y ou can m ake t he shared tree loc a l to your domain. Y our local members[...]

  • Pagina 1064

    43-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Configuring MSDP These sec tions co ntain this co nfiguration in format ion: • Default MS DP Configurati on, page 43- 4 • Configuring a Default MSDP Peer, page 43-4 (r equire d) • Cachin g Source -Act i ve State, [...]

  • Pagina 1065

    43-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Figur e 43-2 Def ault MSDP P eer Net wor k Beginning in pr i vileged EX EC mode , follow these step s to speci fy a default MSD P peer . This proce dure is required. ISP A PIM domain ISP C PIM domain SA Router A Switch B 10[...]

  • Pagina 1066

    43-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP T o remov e the default peer , use the no ip msdp default-peer ip-ad dress | name gl obal con figuration comm and. This exam ple shows a partia l co nfiguration of Ro uter A and Ro uter C in F igure 4 3-2 . Each of thes[...]

  • Pagina 1067

    43-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Beginn ing in pri vileg ed EXEC mode, follo w these steps to enable the cachin g of source/group pairs. This proc edure is option al. Note An alternati ve to this command is th e ip msdp sa-request global con figuration co [...]

  • Pagina 1068

    43-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Requestin g Source Info rmation fro m an MSDP Peer Local RPs can send SA reque sts a nd get immedi ate r esponses f or al l active sources for a give n group . By default, the sw itch do es no t send any SA re quest mes[...]

  • Pagina 1069

    43-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Controlling Source In formation that Your Switch Originates Y ou can contro l the m ulticast so urce informa tion that originat es with y our switch : • Sources you advertise (base d on your sour ces) • Receivers of sou[...]

  • Pagina 1070

    43-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP T o remov e the f ilter , use the no ip msdp r edistribut e global configurati on com mand. Step 3 access-list access-list- number { deny | permit } sour ce [ so ur ce-wi ldcar d ] or access-list access-list- number { [...]

  • Pagina 1071

    43-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Filtering Source- Active R equest Messages By default, only switches that are ca ching SA informatio n can respond to SA reque sts. By default, such a switch honor s all SA reque st messages fr om its MSDP peers and suppli[...]

  • Pagina 1072

    43-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Controlling Source Informatio n that Your Switch Forwards By def ault, the switch for wards all SA me ssages it rec ei ves to all its MSDP pee rs. Ho we ver , you can prev ent o utgoin g messag es fr om bei ng for ward[...]

  • Pagina 1073

    43-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP T o remov e the f ilter , use the no ip msdp sa-f ilter out { ip-a ddress | name } [ list a ccess-list-n umber ] [ ro ut e -m a p map- tag ] glo bal configur ation c omma nd. This e x ample sho ws how to allo w only (S,G) [...]

  • Pagina 1074

    43-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Using TTL to Limit the Multicast Data Sent in SA Messages Y ou can use a TTL v alue to contro l what da ta is enca psulated in the f irst SA message f or e very sour ce. Only mu lticast pa ckets w ith an IP-header TTL [...]

  • Pagina 1075

    43-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Beginn ing in pri vileged EXEC mode, follo w these steps to apply a f ilter . This procedu re is optional. T o remov e the f ilter , use the no ip msdp sa-f ilter in { ip-address | name } [ list access-list-number ] [ ro u[...]

  • Pagina 1076

    43-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Config uring an MSDP M esh Gr oup An MSDP me sh group is a gro up of MSDP speakers that have fully meshed MS DP connec tivity among one anot her . Any SA mes sages re ceived from a peer in a mesh group are not forwa rd[...]

  • Pagina 1077

    43-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Beginning in privileged EXEC mo de, f ollow these step s to shut down a peer . This procedur e is o ptional . T o bring th e peer back up, us e the no ip msdp shutdo wn { peer -name | peer address } glob al conf iguratio n[...]

  • Pagina 1078

    43-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Note that the ip msdp originator -id global config uration command also identif ies an interf ace to be used a s the RP a ddress. If both the ip msdp border sa-address and the ip msdp originator -id gl obal configurat [...]

  • Pagina 1079

    43-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Monitoring and Maintaining MSDP Monitoring and Maintaining MSDP T o mon itor MSD P SA messages , peers, stat e, or peer status, use one or more of the privileged EXEC comm ands in Ta b l e 4 3 - 1 : T o clear MSDP conne ctions, s tatist ic[...]

  • Pagina 1080

    43-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Monito ring and Mai ntaining MSD P[...]

  • Pagina 1081

    C HAPTER 44-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 44 Configuring Fallbac k Bridging Thi s chapte r describe s ho w to conf igure fa llback bridging (VLAN brid ging ) on the C atal yst 3 750-E or 3560- E switc h. With fallback br idging , you can for ward non- IP packets t hat the switch does no t route betwee[...]

  • Pagina 1082

    44-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Underst anding F allback B ridging A VLAN bridge domai n is represented with switch virtual interf aces (SVIs). A se t of SVIs and routed ports ( which do no t have any VLA Ns associa ted w ith th em) c an b e configured (gro u[...]

  • Pagina 1083

    44-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Config uring Fa llback Br idging Figur e 44-1 F allback Br idging N etwor k Exam ple Fallback Brid ging an d Switch Sta cks When th e stack maste r fail s , a stac k me mber b ecomes th e ne w stack m aster b y using the el e[...]

  • Pagina 1084

    44-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Configur ing Fall back Bridg ing Default Fallback Brid ging Configuratio n T ab le 44-1 shows the default fal lbac k bridg ing co nfiguration. Fallback Brid ging Co n figuration Guidelines Up to 32 br idge g roups ca n be confi[...]

  • Pagina 1085

    44-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Config uring Fa llback Br idging Beginning i n privileged E XEC mo de, follow these steps to c reat e a br idge g roup a nd to ass ign an interf ace to it. This proced ure is required . T o remo ve a brid ge grou p, use the n[...]

  • Pagina 1086

    44-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Configur ing Fall back Bridg ing This example shows ho w to crea te bridge group 10 and to speci fy that the V LAN-bri dge STP runs in the bridge gr oup. It defines a n SVI for VL AN 2 a nd assi gns it to the bridge grou p: Swi[...]

  • Pagina 1087

    44-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Config uring Fa llback Br idging Changing the VLAN-Bri dge Spanning-Tree Priority Y o u can globa lly c onfigure the V LAN-bri dge spa nning -tree pri ority of a switch when it ties w ith anot her switch for the positio n as [...]

  • Pagina 1088

    44-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Configur ing Fall back Bridg ing T o return to the defa ult setting, use th e no bridge-gro up bridge-gr oup priority inter face conf iguration comm and. This example shows ho w to change the priority t o 20 on a port in br idg[...]

  • Pagina 1089

    44-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Config uring Fa llback Br idging Adjust ing BPDU Interv als Y o u can adju st BPDU intervals as desc ribed in the se section s: • Adjusting the Inte rv al betw een Hello B PDUs, pa ge 44-9 (optiona l) • Chan ging the Fo r[...]

  • Pagina 1090

    44-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Configur ing Fall back Bridg ing Changing the Forward- Delay Inter val The forward- delay inter val is th e am ount of time sp ent li sten ing for top ology chan ge inf ormat ion a fter a po rt has been a ctiv ated f or sw itc[...]

  • Pagina 1091

    44-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Monitoring and Maintaining Fallback Bridging Disabling the Spanning Tree on an Inter face When a loop-f ree pa th exists betwe en any two switched sub networks , you can p rev ent BPDUs ge nerated in one switchi ng subnetw o[...]

  • Pagina 1092

    44-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Monito ring and Maintain ing Fa llback Br idgin g[...]

  • Pagina 1093

    C HAPTER 45-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 45 Troubleshooting This chapter descr ibes ho w to identify and resolv e software probl ems related to the Cisco IOS software on the Cataly st 3750- E or 3560- E switc h. Dep ending on the natur e of t he pro blem, you can use the command-lin e interf ace (CLI[...]

  • Pagina 1094

    45-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recovering f rom a Softwa re Failure • Using the show platform for ward C omman d, page 45- 23 • Using the c rashinfo Files, pa ge 45-25 • Using On-Boar d Failure Log ging, p age 45- 26 Recovering fro m a Software Failure Switch softw[...]

  • Pagina 1095

    45-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recoveri ng from a Lost or For gotten P assword load_helper boot Step 7 Initial ize the flash f ile system: switch: flash_init Step 8 If you had se t the co nsole po rt spe ed to anything other than 9600, i t ha s been reset to tha t par ti[...]

  • Pagina 1096

    45-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recoveri ng from a Los t or Forgotten Password Foll ow th e steps in this procedure if you ha ve forgotte n or lost the switch password. Step 1 Use one o f these m ethods to c o nnect a terminal or PC to the switc h: • Connect a terminal [...]

  • Pagina 1097

    45-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recoveri ng from a Lost or For gotten P assword Procedure w ith Passw ord Recov ery Enabled If the pas sword- rec overy me chan ism i s en ab led, t his mes sage app ears: The system has been interrupted prior to initializing the flash file[...]

  • Pagina 1098

    45-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recoveri ng from a Los t or Forgotten Password Step 9 Copy the configurat ion file into me mory: Switch# copy flash: config.text system: running-config Source filename [config.text]? Destination filename [running-config]? Press Return in re[...]

  • Pagina 1099

    45-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recoveri ng from a Lost or For gotten P assword Procedure w ith Password R ecovery Dis abled If the p assword-recovery mechanism is disabled, this m essage app ears: The password-recovery mechanism has been triggered, but is currently disab[...]

  • Pagina 1100

    45-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Prev enting Switch S tac k Pr oblems Step 7 Change the password: Switch (config)# enable secret password The secre t passw ord can b e from 1 to 25 alph anumeric ch arac ters, can s tart with a numb er , is case sensitive, and allows spaces[...]

  • Pagina 1101

    45-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recovering from a Command Switch Failure the switch curr ent- stac k-m ember -number r enumber new-stack-member-number globa l configurati on comm and to manua lly assign a stack membe r number . F o r more in format ion abou t stack me mbe[...]

  • Pagina 1102

    45-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recoveri ng from a Com mand Switc h Failure Replacing a Failed Command Sw itch with a Clu ster M ember T o replac e a f ailed command switch with a command -capab le memb er in th e same cluster , follo w these steps: Step 1 Disconnec t th[...]

  • Pagina 1103

    45-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recovering from a Command Switch Failure If this pro mpt does not app ear , enter enable , and press Return . En ter setup , and press Re turn to start the set up progra m. Step 11 Respond to the questions in the setup program. When p romp[...]

  • Pagina 1104

    45-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recoveri ng from a Com mand Switc h Failure At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Basic management[...]

  • Pagina 1105

    45-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recovering from Lost Cluster Member Connectivity Recovering fro m Lost Cluster Member Connecti vity Some conf igurations can pre ve nt the command switc h from maintaini ng contact with mem ber switches. If you are u nable to ma intain man[...]

  • Pagina 1106

    45-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting SFP Module Secu rity and Ident ificatio n Disabled Port Caused b y Power L oss If a p owered device (such as a C isco IP Phone 7910) that is con nected to a Po E sw itch por t and is powered by an AC power source loses p ower from the AC p[...]

  • Pagina 1107

    45-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Monito ring SFP Modul e Sta tus If the module is identified as a Cisco SFP module , but the system is unable to read v e ndor-data information to ve rify its ac curacy , an SFP module erro r message is generated. In this case, you sho uld [...]

  • Pagina 1108

    45-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using P ing Executing Ping If you atte mpt to ping a host in a different IP subne twork, you m ust define a static rout e to the netwo rk or have IP rout ing c onfigured t o ro ute bet ween those su bnets . For mo re inf ormat ion, see Cha[...]

  • Pagina 1109

    45-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using Layer 2 Tr aceroute Using Layer 2 Traceroute These se ctions conta in this i nformation: • Understa nding L ayer 2 Traceroute, page 45 -17 • Usag e Guide lines , pag e 45-17 • Display ing the Physica l Path, page 45-1 8 Underst[...]

  • Pagina 1110

    45-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using I P Trac eroute • The tracerou te ma c i p com mand outp ut sh ows the Layer 2 path when th e spe cified source and destinat ion IP a ddres ses belon g to the sa me sub net. Wh en you s pecify the IP a ddresses, the s witch uses th[...]

  • Pagina 1111

    45-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using IP Trace route of 1 or 0, it drops t he da tagram and se nds an I nterne t Cont rol M essage Prot ocol (ICMP) time-t o-live-exceeded messag e to the se nder . Tracerout e f inds th e address of t he first hop by e xami ning the so ur[...]

  • Pagina 1112

    45-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Usin g TDR T o end a trace in progres s, enter the escape seq uence ( Ctrl-^ X by defa ult). Si multane ously pr ess a nd release th e Ctrl , Shift , and 6 keys and then p ress the X ke y . Using TDR These se ctions conta in this i nformat[...]

  • Pagina 1113

    45-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using Debug C ommands When you run TDR, t he swit ch re ports a ccurate infor mation i f • The c able for th e Giga bit li nk i s a so lid-cor e cable . • The open-en ded cable is n ot te rmin ated. When you run TDR, the switch d oes n[...]

  • Pagina 1114

    45-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using D ebug Command s All deb ug comm ands are en tered in pri vileged EXEC mode , and most deb ug comman ds take no arguments. For exampl e, begi nning i n privileged E XEC mode , en ter thi s com mand to en ab le the debugging for Switc[...]

  • Pagina 1115

    45-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using the show platf orm forw ard Comma nd Note Be aware that the debuggin g destin ation yo u use affects system overhead . Logging messages to the console produces very high ov erhea d, wherea s logging me ssages to a vir tual term inal [...]

  • Pagina 1116

    45-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using the s how platfo rm forward Co mmand Gi1/0/1 0005 0001.0001.0001 0002.0002.0002 ------------------------------------------ Packet 2 Lookup Key-Used Index-Hit A-Data OutptACL 50_0D020202_0D010101-00_40000014_000A0000 01FFE 03000000 Po[...]

  • Pagina 1117

    45-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using the crash info Files This is an e xample of the out put when the pa cket comin g in on port 1 in VLAN 5 has a de stination MA C address s et to the rou ter MAC address in V LAN 5 and th e d estination IP add ress set to an IP address[...]

  • Pagina 1118

    45-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using On-Board F ailure Lo gging fi le is created, you ca n use the rena m e pri v ileg ed EXEC comma nd to rename it, bu t the conten ts of the renamed f ile will n ot be di splayed b y the show stacks or the s how tech-support privileged[...]

  • Pagina 1119

    45-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using On-Board Failure Logging • Power ov e r Ether net (PoE )—Record of th e power consum ption of Po E port s on a sta ndalon e swit ch or a stac k member • T emperat ure—T emperat ure of a standa lone switch or a switc h stac k [...]

  • Pagina 1120

    45-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using On-Board F ailure Lo gging Displaying OBFL Information T o disp lay th e OBFL i nform ation, use one or more of t he pri vile ged EXEC com man ds in T able 45-3 : For more info rmat ion abou t using t he comm ands i n T able 45-3 and[...]

  • Pagina 1121

    C HAPTER 46-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 46 Configuring Online Diagnostics This chapter de scribes how to co nfigure the online diagnost ics on the Catalyst 3750-E or 3560- E switch: Note For c omplete s yntax and u sage in forma tion fo r the command s used in th is cha pter , see the co mmand refer[...]

  • Pagina 1122

    46-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 46 Config uring Onl ine Diagno stics Configur ing On line Dia gnostic s Configuring Onlin e Diagnostics Y o u must configure t he failur e threshold and the interval betwe en tests befo re enabl ing diagno stic monitoring. This section has this informatio n: [...]

  • Pagina 1123

    46-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 6 Configuring On line Dia gnostics Configuring Online Diagnostics Th is ex am p l e s h ows h ow t o schedule diagnostic testing to o ccur weekly at a specif ic time on member switch 6 when this com mand is entere d on a C atalyst 3750-E st ack master: Switch[...]

  • Pagina 1124

    46-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 46 Config uring Onl ine Diagno stics Configur ing On line Dia gnostic s T o disable diagnostic testi n g and return to the de fault sett ings, use these commands: Note Th e switch nu mber optio n is supported onl y on Catalys t 3750-E swit ches. • T o disab[...]

  • Pagina 1125

    46-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 6 Configuring On line Dia gnostics Runni ng Online Dia gnostic Tests • T o confi g ure the swit ch to not genera te a syslog message wh en the healt h -monitori ng test f ails, use the no diagnostic monitor syslog global conf igur ation c omma nd. • T o r[...]

  • Pagina 1126

    46-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 46 Config uring Onl ine Diagno stics Running O nline Di agnosti c Tests This exam ple sh ows ho w to start a diagno stic te st by usin g the test na me: Switch# diagnostic start switch 2 test TestInlinePwrCtlr Th i s ex am p l e s h ow s h ow t o st a rt all [...]

  • Pagina 1127

    A- 1 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 APPENDIX A Supported MIBs This a ppend ix list s the supporte d ma nagement infor matio n base (MIBs) for t his rel ease on the Catalyst 375 0-E or 3560 -E switch. It con tains the se sections: • MIB List, pa ge A-1 • Usin g F TP to Acce ss th e M IB Fil es, page [...]

  • Pagina 1128

    A- 2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendi x A Supported MI Bs MIB List • CISCO-I ETF-IP- FOR W ARDING-MIB (O nly with the adv anced IP serv ices featu re set) • CISCO- IGM P-FIL T ER-M IB • CISCO-IM A G E-MIB (Only Cataly st 3750-E stac k master feature set de tails are shown.) • CISCO IP-ST A[...]

  • Pagina 1129

    A-3 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix A Supported M IBs MIB List • OLD-CISCO-C HASSIS-M IB (Partial support on Catal yst 3750-E switches; some obje cts reflect only th e stac k master .) • OLD-CISCO -FLASH-M IB (Supp orts only t he stack m aster in a Cataly st 3750-E sw itch stac k. Use CISCO[...]

  • Pagina 1130

    A- 4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendi x A Supported MI Bs Using FTP to Acces s the MIB Files Using FTP to Access the MIB Files Y o u can get eac h MIB file by using this proced ure: Step 1 Make sure that you r FTP clie nt is in passiv e mode. Note Some FTP clie nts do n ot suppo rt passive mode. S[...]

  • Pagina 1131

    B-1 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 APPENDIX B Working with the Cisco IOS File System, Configuration Files, an d Software Images This append ix descri bes how to m anipula te the Cat alyst 375 0-E or 3560-E swit ch fl ash file syste m, how to copy configurat ion files, and how to archive (uploa d and dow[...]

  • Pagina 1132

    B-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith the Flash F ile System vie wed from the stack master, refers to the same file system as does flash: on stack member 3. Use the show f ile system s pri vileged EX[...]

  • Pagina 1133

    B-3 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with the Flash File System 57409536 27306496 flash rw flash5: Setting the Def ault File System Y ou can specif y the fi le syst em or d irectory that t he system [...]

  • Pagina 1134

    B-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith the Flash F ile System Displaying In formation ab ou t Files on a File System Y o u can view a list of t he conte nts o f a file system be fore manip ulating its[...]

  • Pagina 1135

    B-5 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with the Flash File System Creating and Removi ng Directorie s Beginning i n privileged E XEC mode, follow th ese s teps to c rea te an d remove a d irect ory: T [...]

  • Pagina 1136

    B-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith the Flash F ile System Some in valid combinat ions of source and dest inatio n exist. Specificall y , you cannot copy t hese comb inat ion s: • From a runni ng[...]

  • Pagina 1137

    B-7 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with the Flash File System Beginn ing in pri vileged EXEC mode, follo w these steps to create a f ile, displ ay the contents, and e xtract it. Command Purpose Ste[...]

  • Pagina 1138

    B-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith the Flash F ile System This e xample sho ws ho w to create a f ile. This comm and wri tes the conten ts of the new-configs director y on the loca l flash device [...]

  • Pagina 1139

    B-9 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files service linenumber service udp-small-servers service pt-vty-logging ! <output truncated> Working with Configuration Files This sec [...]

  • Pagina 1140

    B-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files Guidelines for Cr eating and Using Co nfiguration Files Creatin g configuratio n files can aid i n your switch con figuration. Configuratio[...]

  • Pagina 1141

    B-11 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files Creating a Configuration File By Using a T ext Editor When cre ating a configura tion file, you must lis t comman ds logicall y so that [...]

  • Pagina 1142

    B-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files • Ensure t hat the co nf iguratio n file to be do wnloaded is in the correct director y on the TFTP server (usually / tftpboot on a UNIX [...]

  • Pagina 1143

    B-13 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files Step 3 Upload th e switch co nfiguration t o the TFTP server . Specif y the IP addre ss or hostnam e of the TFT P serv er and the de sti[...]

  • Pagina 1144

    B-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files These sec tions co ntain this co nfiguration in format ion: • Preparin g to Downlo ad or Upload a Conf iguration File By Using FTP , page[...]

  • Pagina 1145

    B-15 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files This exam ple shows how to copy a c onfiguration file named host1-c onfg from th e neta dmin1 directory on the remot e server w ith a n [...]

  • Pagina 1146

    B-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files This exam ple shows how to copy t he running configura tion file na med switch2-conf g to the netadmin1 directo ry on the rem ote ho st wi [...]

  • Pagina 1147

    B-17 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files The RC P requires a client t o send a re mote user name with each RCP requ est to a ser ver . When you c opy a conf iguration fil e from[...]

  • Pagina 1148

    B-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files Downloading a Configura tion File By Using RCP Beginning in privileged EXEC mode , follow these steps to download a configuration file by u[...]

  • Pagina 1149

    B-19 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files Uploading a Configuration File By Using RCP Beginn ing in pr i vilege d EXEC m ode, follo w these step s to upload a conf iguration f il[...]

  • Pagina 1150

    B-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es Clearing the Startup Con figuration File T o c lear the c ontent s of your startup configur ation, use the erase n vram: or the erase startup-[...]

  • Pagina 1151

    B-21 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Y o u upload a swi tch image file to a TFT P , FTP , or RCP server for ba ckup purpo ses. Y ou can use t his uploaded image for futur e do w[...]

  • Pagina 1152

    B-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es version_suffix:universal-mz.122-35.SE2 version_directory:c3750e-universal-mz.122-35.SE2 image_system_type_id:0x00000000 image_name:c3750e-univ[...]

  • Pagina 1153

    B-23 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images These sec tions co ntain this co nfiguration info rmat ion: • Prepar ing to Do wnload or Upload an Image File By Using TFTP , pag e B-2 3 [...]

  • Pagina 1154

    B-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es Beginning i n privileged EXE C mode , foll ow Steps 1 thr ough 3 to d ownload a n ew image from a TFTP serv er and to over write the existing [...]

  • Pagina 1155

    B-25 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Note If the fla sh device has sufficient space t o hold t wo image s and you want to overwri te one of thes e image s with the same ve rsion[...]

  • Pagina 1156

    B-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es Copying Imag e File s By Using FTP Y ou can do wnload a s witch im age fr om an FT P serv er or uploa d the image f rom the switch to an FTP s[...]

  • Pagina 1157

    B-27 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Use the ip ftp username and ip f tp password comman ds to spec ify a use rname an d passwor d for all copie s. Incl ude the use rnam e in th[...]

  • Pagina 1158

    B-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es The do wnload algorithm veri fies th at the image is appropria te for the switch model and that eno ugh DRAM is prese nt, or it abor ts the pr[...]

  • Pagina 1159

    B-29 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Note If the fla sh device has sufficient space t o hold t wo image s and you want to overwri te one of thes e image s with the same ve rsion[...]

  • Pagina 1160

    B-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es The archi ve upload-sw comman d builds an imag e file on the serv er by uploading these f iles in order: info, t he Cisco IOS im age, and the [...]

  • Pagina 1161

    B-31 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Preparing to Download or Uploa d an Image File By Using RCP RCP provide s another metho d of do wnloading and u ploading image f iles betwee[...]

  • Pagina 1162

    B-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es If the switch IP addre ss translates to Swit ch1.compa ny .com , the .rhosts file for User0 on the RCP server shou ld conta in this line: Swit[...]

  • Pagina 1163

    B-33 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Step 6 archiv e download-sw /allow-feature-upgrade [ /direc tory ] /overwrit e /relo ad tftp: [[ // location ] / dir e ctor y ] / image-name[...]

  • Pagina 1164

    B-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es The do wnload algorithm veri fies th at the image is appropria te for the switch model and that eno ugh DRAM is prese nt, or it abor ts the pr[...]

  • Pagina 1165

    B-35 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images The archi ve upload-sw pri vileged EXEC comma nd build s an image file on th e server b y uploading these f iles in order: info, the Cisco I[...]

  • Pagina 1166

    B-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es Beginn ing in pri vileged EXEC mode from the stac k member that y ou want to upgrade, fo llo w these steps to copy the ru nning image file fro[...]

  • Pagina 1167

    C-1 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 APPENDIX C Unsupported Co mmands in Cisco IOS Release 1 2.2(37 )SE This app endix lists so me of the command-line interf ace ( CLI) comm ands that a ppear when you enter the question m ark (?) at the Ca talyst 3750-E or 3560-E sw itch p rompt but are n ot sup ported in[...]

  • Pagina 1168

    C-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E Archive Com mands Archive Commands Unsupporte d Privileged E XEC Commands ar chiv e conf ig sho w ar chiv e conf ig sho w ar chiv e log ARP Comma nds Unsupporte d Global Con figuratio n Commands arp i[...]

  • Pagina 1169

    C-3 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE Fallback Bridging Fallback Bridg ing Unsupporte d Privileged E XEC Co mmands clear bridg e [ bridge- gr o up ] multicast [ router-ports | gr oups | counts ] [ gr ou p-address ] [ interfac e-unit ] [ co[...]

  • Pagina 1170

    C-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E HSRP bridge-gr oup bridge-gr o up input-address-list access-list- number bridge-gr oup bridge-gr o up i nput-l at-servi ce-den y group-list bridge-gr oup bridge-gr o up i nput-l at-servi ce-per mit gr[...]

  • Pagina 1171

    C-5 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE IGMP Sno oping Comma nds Unsupporte d Interface Configuration Commands mtu standby mac-refr esh seconds standby use-bia IGMP Snooping Comman ds Unsupporte d Global Con figuratio n Commands ip igmp snoo[...]

  • Pagina 1172

    C-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E IP Multic ast Routi ng The debug ip mpacket [ detail ] [ access-l ist-numb er [ gr oup -name- or-addr ess ] command aff ects onl y packet s recei ved by the switch CPU. Because most multic ast p acket[...]

  • Pagina 1173

    C-7 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE IP Unicast Routing IP Unicast Routing Unsupporte d Privileged E XEC or User EX EC Commands clear ip accounting [ checkpoint ] clear ip bgp addr e ss flap- statistics clear ip bgp pre f ix-list debug i [...]

  • Pagina 1174

    C-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E IP Unicas t Routing Unsupporte d Interface Configuration Commands ip accounting ip load-sharing [ per -packet ] ip mtu bytes ip verify ip unnumbere d type num ber All ip securit y commands Unsupporte [...]

  • Pagina 1175

    C-9 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE MAC Ad dress Comm ands set metr ic-ty pe i nternal set tag tag-valu e MAC Address Commands Unsupporte d Privileged E XEC Co mmands show mac-addr ess-table show mac-addr ess-table address show mac-addr [...]

  • Pagina 1176

    C-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E MSDP Unsupporte d Global Con figuratio n Commands errdisab le rec ov ery cause unica st floo d l2protocol-tunnel global dr op-threshold ser vice compr e ss-conf ig stack-mac persistent timer (supp or[...]

  • Pagina 1177

    C-11 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE Network Address Translation (NAT) Commands Network Address Translation (NAT) Commands Unsupporte d Privileged E XEC Co mmands show ip nat statistics show ip nat translations QoS Unsupporte d Global Co[...]

  • Pagina 1178

    C-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E SNMP SNMP Unsupporte d Global Con figuratio n Commands snmp-ser ver ena ble inf orms snmp-ser ver if index persist Spanning Tree Unsupporte d Global Con figuratio n Command spanning-tree pathcost met[...]

  • Pagina 1179

    IN-1 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 INDEX Numerics 10-Gi gabit E thern et i nte rface s 11-6 A AAA dow n po licy, N AC La yer 2 I P val idatio n 1-10 abbrev iati ng comm ands 2-4 ABRs 38-25 AC (c omma nd sw itc h) 6-11 acces s-class comma nd 34-20 acces s contr ol entries See ACEs access-de nied r espon[...]

  • Pagina 1180

    Index IN-2 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 ACLs (continued) IP crea ting 34-8 fragme nts and QoS gui deline s 36-35 implici t deny 34-10, 34-14, 34-17 implicit m asks 34-10 matc hing cri teria 34-8 undef ined 34-21 IPv4 applyi ng to inter faces 34-20 crea ting 34-8 matc hing cri teria 34-8 named 34-15 nu[...]

  • Pagina 1181

    Inde x IN-3 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 addresses (continued) static adding a nd removi ng 7-24 defined 7-19 address resolution 7-27, 38-9 Add res s Re sol utio n Prot ocol See ARP adjace ncy table s, with CEF 38-76 adminis trative di stances defined 38-88 OSPF 38-32 rout ing protoc ol defa ult s 38-[...]

  • Pagina 1182

    Index IN-4 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 automatic d iscovery conside rations beyond a non candid ate devi ce 6-8 bran d new swit ches 6-10 connect ivity 6-5 differe nt VLANs 6-7 manageme nt VLAN s 6-8 non-CDP- capabl e devic es 6-6 nonclus ter-ca pable dev ices 6-6 routed port s 6-9 in switch cluster [...]

  • Pagina 1183

    Inde x IN-5 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 BGP (continued) route re flect ors 38-61 routin g domain c onfed erati on 38-61 routing session with multi-VRF CE 38-70 show comm ands 38-63 supernet s 38-60 support fo r 1-11 Version 4 38-45 binding cl uster gro up and HSR P group 40-11 binding d atabase addre[...]

  • Pagina 1184

    Index IN-6 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 CDP and truste d bounda ry 36-42 automatic discover y in switch cluster s 6-5 config uring 27-2 default confi guration 27-2 defined w ith LLDP 28-1 describe d 27-1 disabling for r outing de vice 27-3 to 27-4 ena bling and disab ling on an interfa ce 27-4 on a sw[...]

  • Pagina 1185

    Inde x IN-7 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CLI (continued) erro r messag es 2-5 filtering c ommand output 2-10 getting help 2-3 history chan ging t he b uffer siz e 2-6 describe d 2-6 disabling 2-7 recal ling co mman ds 2-6 managing clust ers 6-18 no and defaul t form s of c ommand s 2-4 client mode, VT[...]

  • Pagina 1186

    Index IN-8 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 commands, set ting privilege levels 9-8 comm and sw itc h acce ssing 6-12 active (AC) 6-11 config urati on confl icts 45-13 defined 6-2 passive ( PC) 6-11 password privilege levels 6-18 priority 6-11 recove ry from comm and-sw itc h failure 6-11, 45-9 from lost [...]

  • Pagina 1187

    Inde x IN-9 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 console port, conn ecting to 2-11 conte nt-rout ing techn ology See WCCP convent ions comm and xl iii for ex amples xliv publicat ion xliii text xliii corrupt ed so ftware , re cover y step s wit h Xmode m 45-2 CoS in Layer 2 frames 36-2 override prior ity 15-6[...]

  • Pagina 1188

    Index IN- 10 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 default configuration (c ontinued) HSRP 40-5 IEEE 8 02.1Q tunne ling 17-4 IGMP 42-29 IGMP f ilte ring 24-25 IGMP sn ooping 24-7, 25-6 IGMP throttling 24-25 initial switc h information 3-3 IP addressi ng, IP routing 38-6 IP multica st rout ing 42-10 IP source g[...]

  • Pagina 1189

    Inde x IN- 11 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 DHCP Cisco IOS serve r database config uring 22-14 default confi guration 22-9 describe d 22-6 enab lin g relay ag ent 22-11 server 22-10 DHCP-b ased au toconf igurati o n client re quest message ex change 3-4 config uring client side 3-4 DNS 3-6 relay de vic[...]

  • Pagina 1190

    Index IN- 12 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 DHCP snooping binding database (continued) describe d 22-6 displaying 22-15 binding e ntries 22-15 status and statistics 22-15 displaying st atus and statisti cs 22-15 enab lin g 22-14 ent ry 22-7 renewin g database 22 -15 resetting delay va lue 22-15 timeout [...]

  • Pagina 1191

    Inde x IN- 13 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 dual p rotocol stacks config uring 39-13 IPv4 a nd IPv 6 39-9 SDM template s supporti ng 39-9 DVMRP autosummariza tion config uring a summ ary addre ss 42-48 disabling 42-50 connec ting PIM do main to DV MRP router 42-41 enabling unica st routing 42-44 intero[...]

  • Pagina 1192

    Index IN- 14 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 dynamic ARP inspection (continued) interf ace tru st states 23-3 log buffer clearin g 23-15 config uring 23-12 displaying 23-15 logging of dro pped pa ckets, described 23-5 man-in-t he mi ddle at tack, de scribe d 23-2 networ k secur ity issue s and i nterfac [...]

  • Pagina 1193

    Inde x IN- 15 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 EtherChannel (cont inued) config uring Layer 2 int erface s 37-13 Layer 3 phy sical inte rfaces 37-16 Layer 3 por t-chan nel log ical inte rfac es 37-15 default confi guration 37-11 describe d 37-2 displaying status 37-23 forwar ding met hods 37-8, 37-18 IEEE[...]

  • Pagina 1194

    Index IN- 16 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 extended univer sal identifier See EUI Extensib le Authen ticat ion Protocol over LAN 10-1 ext erna l BGP See EBGP exter nal neighb ors, BGP 38-48 F Fa0 port See Ethern et ma nageme nt port failove r support 1-7 fallback br idging and pro tected po rts 44-4 br[...]

  • Pagina 1195

    Inde x IN- 17 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 file system displaying ava ilable f ile syst ems B-2 displaying file in formation B-4 local file system nam es B-1 network fil e system names B- 5 setting the default B-3 filtering in a VLAN 34-29 IPv6 t raffi c 35-4, 35-8 non-IP tra ffic 34-27 show and mor e[...]

  • Pagina 1196

    Index IN- 18 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 H hardwa re lim itatio ns an d Laye r 3 i nterf aces 11-31 hello time MSTP 19-22 STP 18-22 help, for th e command line 2-3 hierar chic al policy ma ps 36-8 config urati on guideli nes 36-35 config uring 36-55 describe d 36-11 history chan ging t he b uffer siz[...]

  • Pagina 1197

    Inde x IN- 19 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 IEEE 8 02.1D See STP IEEE 8 02.1p 15-1 IEEE 8 02.1Q and trunk ports 11-3 config urati on limitat ions 13-19 enca psul ation 13-16 nati ve VLAN for u ntag ged traf fic 13-23 tunneling compatibilit y with other features 17-6 default s 17-4 describe d 17-1 tunne[...]

  • Pagina 1198

    Index IN- 20 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 IGMP gr oups configurin g filtering 24-28 setting the maximum number 24-27 IGMP Imm ediate Leave config urati on guideli nes 24-12 describe d 24-6 enab lin g 24-11 IGMP pr ofile applyi ng 24- 27 config urati on mode 24-25 config uring 24-26 IGMP sn ooping and [...]

  • Pagina 1199

    Inde x IN- 21 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 interf aces ran ge macro command 11-19 interfac e types 11-15 Interior Gatew ay Prot ocol See IGP internal BGP See IBGP internal neighb ors, BGP 38-48 internal power supplies See power suppl ies Int erne t Co ntro l Mes sage Protoc ol See ICMP Intern et Group[...]

  • Pagina 1200

    Index IN- 22 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 IP multicast routing ( continued) bootstr ap r outer config urati on guideli nes 42-11 config uring c andidat e BSRs 42-22 config uring c andida te RPs 42-23 defining the I P multicast bound ary 42-21 defining the PI M do main b order 42-20 overvi ew 42-7 usin[...]

  • Pagina 1201

    Inde x IN- 23 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 IP source gua rd and 802.1x 22-18 and DHCP sno oping 22-16 and Ethe rChan nels 22-18 and har dware entrie s 22-18 and port se curit y 22-17 and pr ivate VLANs 22-18 and rou ted ports 22-17 and trunk interf ace s 22-17 and VR F 22-18 binding c onfigu ration au[...]

  • Pagina 1202

    Index IN- 24 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 IP unicast routing (continued) passive i nterf aces 38-87 protoc ols distan ce-v ect or 38-3 dynam ic 38-3 link-state 38-3 proxy ARP 38-10 redistribu tion 38-80 rever se addres s resolu tion 38-9 routed port s 38-5 static routing 38-3 steps to config ure 38-5 [...]

  • Pagina 1203

    Inde x IN- 25 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 IRDP config uring 38-13 definition 38-13 support fo r 1-12 ISL and IPv6 39-3 and trunk ports 11-3 enca psul ation 1-8, 13-16 trunking w ith IEEE 802 .1 tunn eling 17-5 isolate d port 16-2 isolated VLANs 16-2, 16-3 J join messages, IGMP 24-3 K KDC describe d 9[...]

  • Pagina 1204

    Index IN- 26 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 Layer 3 fe atures 1-11 Layer 3 int erface s assigning IP ad dresses to 38-7 assigning IPv4 a nd I Pv6 ad dresses to 39-13 assi gning I Pv6 ad dress es to 39-12 chan ging fr om L ayer 2 mode 38-7 types of 38-5 Layer 3 pa ckets, classifica tion meth ods 36-2 LDA[...]

  • Pagina 1205

    Inde x IN- 27 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 M MAC a ddresses aging tim e 7-21 and VLAN association 7-20 building the address tab le 7-20 default confi guration 7-21 discoveri ng 7-27 displaying 7-27 displayi ng in the IP source bindin g table 22-19 dynam ic lear ning 7-20 removi ng 7-22 in ACLs 34-27 I[...]

  • Pagina 1206

    Index IN- 28 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 MDA config urati on guideli nes 10-19 to 10-20 describe d 1-9, 10-19 exceptions with authentica tion process 10-4 member ship mod e, VLAN por t 13-3 member swit ch automatic d iscovery 6-5 defined 6-2 managing 6-18 passwords 6-14 recove ring fr om l ost co nne[...]

  • Pagina 1207

    Inde x IN- 29 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 monitoring (continued) traffic suppr ession 26-18 tunneling 17-18 VLAN filters 34-41 maps 34-41 VLANs 13-16 VMPS 13-33 VTP 14-16 more 10-43 MSDP benefit s of 43-3 clearin g MSD P connecti ons and s tatisti cs 43-19 controllin g source information forwar ded b[...]

  • Pagina 1208

    Index IN- 30 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 MSTP (continued) root switch 19-17 seco ndary r oot s witch 19-19 switch p riority 19-22 CST defined 19-3 operati ons betwee n regions 19-4 default confi guration 19-15 defau lt option al featur e config urat ion 20-12 displaying sta tus 19-26 enab ling th e m[...]

  • Pagina 1209

    Inde x IN- 31 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 multi cast pack ets ACLs o n 34-40 blocking 26-7 multicas t router interface s, m onitoring 24-17, 25-12 multic ast rout er ports, a dding 24-10, 25-8 Multica st Source D iscovery Pr otocol See MSDP multicast sto rm 26-1 multicas t storm-con trol comman d 26-[...]

  • Pagina 1210

    Index IN- 32 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 Network Assistant benefit s 1-2 describe d 1-5 dow nloa ding i mage fil es 1-3 gui de m ode 1-3 manageme nt options 1-3 managing switch stacks 5-2, 5-16 requir ements xli v upgradi ng a sw itch B-20 wizard s 1-3 network c onfigura tion ex ample s cost -effec t[...]

  • Pagina 1211

    Inde x IN- 33 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 O OBFL config uring 45-27 describe d 45-26 displaying 45-28 object tracking, HSRP 40-17 offline c onfig uration fo r switc h stacks 5-8 on-board failur e logg ing See OBFL online diagno stics describe d 46-1 overvi ew 46-1 ru nnin g test s 46-5 Open Shortest [...]

  • Pagina 1212

    Index IN- 34 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 percentage t h resholds in tracked lists 40-16 perform ance, netw ork design 1-16 perform ance f eatur es 1-4 persistent self -signed certif icate 9-43 per-V LAN span ning -tre e plu s See PVST+ PE to CE routin g, config uring 38-70 physica l ports 11-2 PIM de[...]

  • Pagina 1213

    Inde x IN- 35 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 policy-b ased routi ng See PBR policy m aps for QoS char acte rist ics of 36-51 describe d 36-7 displaying 36-82 hierar chical 36- 8 hierar chical on SVIs config urati on guideli nes 36-35 config uring 36-55 describe d 36-11 nonhier archi cal on p hysic al po[...]

  • Pagina 1214

    Index IN- 36 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 port -bas ed a uthe ntica tion (c ontin ued) port security and voic e VLAN 10-17 describe d 10-16 interactio ns 10-16 multiple-hosts mod e 10-8 resetting to defau lt values 10-44 stack ch an ges, ef fects of 10-7 statistics, displa ying 10-44 switch as proxy 1[...]

  • Pagina 1215

    Inde x IN- 37 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 prefix lists, BGP 38-56 preven ting una uthorized access 9-1 primar y links 21-2 primar y VLAN s 16-1, 16-3 priority HSRP 40-7 overridi ng CoS 15-6 trusting CoS 15-6 privat e VL AN ed ge po rts See pr otect ed por ts privat e VL ANs across multiple switch es [...]

  • Pagina 1216

    Index IN- 38 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 pru nin g- eli gib le list chan ging 13-22 for VT P prun ing 14-5 VLANs 14-14 PVST+ describe d 18-10 IEEE 802.1Q trunking inter operability 18-11 instances supported 18-10 Q QoS and MQC comm ands 36-1 auto-Q oS categor izing tra ffic 36-23 config urati on and [...]

  • Pagina 1217

    Inde x IN- 39 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 QoS (continued) egres s queu es allocat ing buffer space 36-74 buffer alloca tion sche me, de scribed 36-19 config uring sh aped weig hts f or S RR 36-78 config uring sh ared we ights for SRR 36-79 describe d 36-4 displaying the t hreshol d map 36-77 flowch a[...]

  • Pagina 1218

    Index IN- 40 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 QoS (continued) rewrites 36-21 support fo r 1-10 trust sta tes bordering anothe r do main 36-43 describe d 36-5 trusted de vice 36-41 within the domain 36-38 quality of service See QoS queries , IGMP 24-4 query so licit ation, I GMP 24-13 R RADIUS attributes v[...]

  • Pagina 1219

    Inde x IN- 41 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 reliabl e tran sport protoc ol, EIG RP 38-36 reloadi ng software 3-17 Remote Authent ication Dial -In User Service See RADIUS Remote C opy Pro toco l See RCP Remote Networ k Monitoring See RMON Remote SPAN See RSPAN remote SPAN 30-3 report su ppressi on, IG M[...]

  • Pagina 1220

    Index IN- 42 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 root gu ard describe d 20-10 enab lin g 20-18 support fo r 1-7 root switch MSTP 19-17 STP 18-16 route calcula tion timers, OSPF 38-32 route da mpenin g, BGP 38-62 route d packet s, ACLs on 34-39 routed port s config uring 38-5 defined 11-4 in switch cluster s [...]

  • Pagina 1221

    Inde x IN- 43 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 RSTP (continued) interoper ability with IEEE 802.1D describe d 19-9 restar ting migr ation pr ocess 19-26 topolo gy chan ges 19-13 overvi ew 19-9 port roles describe d 19-9 synchroniz ed 19-11 proposal -agree ment handsh ake pr ocess 19-10 rapid co nverg ence[...]

  • Pagina 1222

    Index IN- 44 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 show an d mor e co mman d out put, f ilteri ng 2-10 show c dp traffi c comman d 27-5 show clu ste r mem bers com mand 6-18 show confi gurat ion co mman d 11-30 show forw ard comma nd 45-23 show inte rfaces com mand 11-23, 11-30 show l2prot ocol comma nd 17-13,[...]

  • Pagina 1223

    Inde x IN- 45 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 SNMP (continued) traps describe d 33-3, 33-5 differ ence s from infor ms 33-5 disabling 33-15 enab lin g 33-12 enabling MAC address notif ication 7-22 overvi ew 33-1, 33-5 types of 33-12 users 33-7, 33-10 version s suppo rted 33-2 SNMPv1 33-2 SNMPv2C 33-2 SNM[...]

  • Pagina 1224

    Index IN- 46 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 SSH config uring 9-39 crypto graph ic softwa re image 9-37 describe d 1-6, 9-38 encryption methods 9-38 switch stac k conside rations 5-17, 9-38 user au thent icatio n meth ods, suppo rted 9-39 SSL config urati on guideli nes 9-45 conf iguring a s ecure HTT P [...]

  • Pagina 1225

    Inde x IN- 47 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 stacks, switch (continued) copy ing an image fi le from one memb er to anothe r B-35 default confi guration 5-20 descript ion of 5-1 displayi ng inf ormati on of 5-24 enabling pe rsistent MAC addre ss timer 5-20 hardwar e comp atibility and SD M mismatch mode[...]

  • Pagina 1226

    Index IN- 48 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 standby comma nd switc h config uring conside rations 6-12 defined 6-2 priority 6-11 requir ements 6-3 virtual IP a ddress 6-12 See also clus ter standb y grou p and H SRP standby group , clust er See cluste r standby group and HS RP stan dby ip comm and 40-5 [...]

  • Pagina 1227

    Inde x IN- 49 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 STP (continued) BPDU mes sage ex change 18-3 config urati on guideli nes 18-13, 20-12 config uring forwar d-dela y time 18-23 hello time 18-22 maximu m aging tim e 18-23 path cost 18-20 port priority 18-18 root switch 18-16 seco ndary r oot s witch 18-18 span[...]

  • Pagina 1228

    Index IN- 50 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 STP (continued) root switch config uring 18-16 effec ts of extended syst em ID 18-4, 18-16 elect ion 18-3 unexpec ted b ehavio r 18-16 shutdown Po rt Fast-enable d port 20-2 stack ch an ges, ef fects of 18-12 status, displaying 18-24 superior BPDU 18-3 timers,[...]

  • Pagina 1229

    Inde x IN- 51 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 system message logging (continue d) syslog facility 1-13 time sta mps, enabli ng and disabli ng 32-8 UNIX sysl og serv ers configur ing the daemon 32-12 configurin g the logging facility 32-13 facilities su pported 32-14 system MTU and IEEE 802. 1Q tunnel ing[...]

  • Pagina 1230

    Index IN- 52 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 time stamps in log messages 32-8 time z ones 7-12 TLVs defined 28-2 LLDP 28-2 LLDP -MED 28-2 Token R ing VLAN s support fo r 13-6 VTP support 14-4 ToS 1-10 tracer oute, Lay er 2 and AR P 45-18 and CD P 45-17 broa dcast tra ffic 45-17 describe d 45-17 IP addres[...]

  • Pagina 1231

    Inde x IN- 53 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 trunks allowed-V LAN list 13-21 config uring 13-20, 13-25, 13-27 ISL 13-16 load sharing setting STP path costs 13-26 using STP port priori ties 13-24, 13-25 nati ve VLAN for u ntag ged traf fic 13-23 paralle l 13-26 pruning-el igible list 13-22 to non- DTP de[...]

  • Pagina 1232

    Index IN- 54 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 univer sal softw are image crypto graph ic 1-1 featu re set advanc ed IP servic es 1-2 IP base 1-1 IP servi ces 1-2 noncrypt ogra phic 1-1 UNIX syslog servers daemon c onfigura tion 32-12 facilities su pported 32-14 message l ogging confi gurat ion 32-13 unrec[...]

  • Pagina 1233

    Inde x IN- 55 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 VLAN M anagem ent Polic y Ser ver See VMPS VLAN map entr ies, orde r of 34-30 VLAN maps applyi ng 34-34 comm on uses for 34-34 config urati on guideli nes 34-30 config uring 34-29 crea ting 34-31 defined 34-2 deny ing acces s to a serve r exampl e 34-35 denyi[...]

  • Pagina 1234

    Index IN- 56 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 VMPS (continued) enteri ng server addr ess 13-30 mapping M AC ad dresse s to VLA Ns 13-28 monitori ng 13-33 reconf irmation i n terval , chan ging 13-32 reconfi rming mem bership 13-31 retry co unt, changi ng 13-32 voice-ov er-IP 15-1 voice VLAN Cisco 7 960 ph[...]

  • Pagina 1235

    Inde x IN- 57 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 VTP (continued) monitoring 14- 16 passwords 14-8 pruning disabling 14-14 enab lin g 14-14 exam ples 14-5 overvi ew 14-4 support fo r 1-8 pruning-el ig ible l ist, chan ging 13-22 serv er mod e, co nfigur ing 14-9 statistics 14-16 support fo r 1-8 Token R ing [...]

  • Pagina 1236

    Index IN- 58 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02[...]