Cisco Systems 3550 manual

Corporate He adquarters Cisc o Syst ems , Inc . 170 West Ta sman Drive San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Catal yst 3550 Multila y er S witc h S of t w a re Conf iguration Guide Cisco IOS Release 12.1(8)EA1 F ebruary 20 02 Custome r Order Numb er: DO C-78111 94= Text Pa rt N[...]

THE SPECIFICATIONS AND INFORMATION REG ARDING THE PRODUCT S IN THIS MANUAL ARE SUBJE CT TO CHANGE WITHOU T NOTICE. ALL STATEMENTS , INFORMATION, AND RE COMMENDATIONS IN THIS MANUA L ARE BELIEVED TO BE ACCURAT E BUT ARE PRESENTED WITHOUT WARRANT Y OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FUL L RESPONSIBILITY F OR THEIR APPLICATION OF ANY PR [...]

iii Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 CONTEN TS Preface xx vii Audienc e xxv ii Pur pose xxvi i Organi zation xx viii Conv enti ons xxx Rela te d Publicati on s xxxi Obtain ing Documentat i on xxxi World Wide Web xxxi Document ation CD-ROM xxxi Orderi ng Documenta t ion xxxi i Docu m en ta t ion Fe ed bac k [...]

Cont ents iv Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Underst anding CLI Message s 2-4 Using Comma nd History 2-5 Changin g the Command Histor y Buffer Size 2-5 Recall ing Commands 2-5 Disabl ing the Comman d History Featur e 2-5 Using Edi ting Featu re s 2-6 Enabli ng and Disablin g Editing Featu res 2-6 Editi ng [...]

Content s v Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Tool Ti ps 3-27 Online Help 3-27 CMS Window Compon ents 3-28 Host Na me List 3-28 Tabs, Li sts, and Tables 3-29 Icons Used in W indo ws 3- 29 Button s 3-29 Acce ss in g C M S 3-30 Access Mode s in CMS 3-31 HTTP Acces s to CMS 3-31 Verif y ing Your Ch anges 3-3 2 C[...]

Cont ents vi Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Schedul ing a Reload of the Software I mage 4-17 Config uring a Schedu led Reloa d 4-17 Displa ying Scheduled Reload I nf ormation 4-18 CHAPTER 5 Cluster ing Switc hes 5-1 Underst anding Switch Clust ers 5-2 Command S witch Char acteris tics 5-2 Standby Command [...]

Content s vii Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 CHAPTER 6 Administ ering the Swit ch 6-1 Preven ting Unauthori zed Access to Your Swi tch 6-1 Protec ting Access to Pri vi leged EXEC Commands 6-2 Defaul t Password and Priv ilege Level Con figuration 6-3 Setti ng or Changing a Stat ic Enable Passwor d 6-3 Prote[...]

Cont ents viii Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Managing the System Ti me and Date 6-32 Underst anding the Syste m Clock 6-32 Underst anding Network Ti me Protoco l 6-32 Config uring NTP 6-34 Defaul t NTP Configurati on 6-35 Config uring NTP Authe nt ication 6-35 Config uring NTP Assoc ia tions 6-36 Config [...]

Content s ix Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 CHAPTER 7 Configur ing 802.1X Po rt-Based Authent ication 7-1 Underst anding 802.1X Po rt-Based Authen tication 7-1 Device Ro les 7-2 Authe nti cati on I nitia tion a nd Mess age Exc hang e 7-3 Ports in A utho rized an d Una uthor ized Sta tes 7-4 Support ed Topo[...]

Cont ents x Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Config uring IEEE 80 2. 3X Flow Control 8-16 Adding a De scription for an Interface 8-17 Moni tori ng a nd M aint aini ng the La yer 2 Inte rfac e 8-1 8 Monitor i ng Inte rface and Cont roller Status 8-18 Cleari ng and Resettin g Interface s and Counte rs 8-20 Sh[...]

Content s xi Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 802.1Q Co nfiguration Consid eratio ns 9-24 Defau lt Laye r 2 Et he rn et Int erfa c e VL A N Co nf ig ura tio n 9-24 Config uring an Ethe rne t Interface as a Trunk Po rt 9-25 Config uring a Trunk P or t 9-25 Defin in g the Allo w e d V LA N s on a Tr un k 9-27 [...]

Cont ents xii Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Learni ng State 10-7 Forw ardi ng S tat e 10-8 Disabl ed State 10-8 STP Addres s Management 10 -8 STP and IE EE 802.1Q Trunks 10-8 VLAN-Bri dge STP 10-9 STP and Redu ndant Connect i vity 10 -9 Acceler ated Agin g to R etain Conn ectivi ty 10-10 Underst anding A[...]

Content s xiii Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Config uring Root Gua rd 10-36 Enabli ng EtherC hannel Guard 10 -37 CHAPTER 11 Configur ing IGMP Snooping and MVR 11 -1 Underst anding IGMP Snoo pi ng 11-1 Joinin g a Mu ltic ast G roup 11-2 Leavin g a M ulti cast Group 11-4 Immediat e-Leave Processing 11-4 Con[...]

Cont ents xiv Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Config uring Port Bloc king 12 -6 Blocki ng Flooded Traf fic on an Interf ace 12-6 Resuming Normal Forwa rding on a Port 12-7 Config uring Port Se cur ity 12 -8 Underst anding Port Secu rity 12-8 Defaul t Port Se curity Confi guration 12-9 Config uration Guidel[...]

Content s xv Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Config uring SPAN 15-6 Defaul t SPAN Configurati on 15-7 SPAN Confi gurati on Gui delines 15-7 Creat ing a S PAN S essio n a nd Sp ecif ying Po rts to Mo nitor 15-8 Remo v in g Port s fr om a SP A N Se ss io n 15-10 Specif ying VLANs t o M onito r 15-11 Specif yi[...]

Cont ents xvi Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 CHAPTER 18 Configur ing SNMP 18-1 Underst anding SNMP 18- 1 SNMP Vers ions 18 -2 SNMP Manage r Functions 18-2 SNM P Age nt Fu nc ti ons 18-3 SNMP Communi ty Str ings 18-3 Using SNMP to Access MIB Variabl es 18-3 Config uring SNMP 18-4 Defau lt S NMP Conf igur a[...]

Content s xvi i Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Time Range Applied t o an IP ACL 19- 25 Commented IP ACL Entr ies 19-25 ACL L ogg ing 19- 26 Config uring VLAN Maps 19-27 VLAN Map Con figura ti on Guidelines 19- 28 Creati ng Named MAC Exten ded ACLs 19 -28 Creati ng a VL AN Map 19 -30 Example s of ACLs and V[...]

Cont ents xviii Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Config uring the Tru st State on Ports with in the Q oS Domai n 20-22 Config uring the CoS Va lue for an I nterface 20-24 Config uring the DSCP Trus t State on a Port Bor dering Another QoS Domain 20-25 Config uring a QoS Policy 20-26 Classi fying Traffi c by[...]

Content s xix Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Underst anding Load Bala ncing and Forward i ng Meth ods 21-5 Config uring EtherCha nnel 21 -7 Defaul t EtherChanne l Config ur ation 21-7 EtherC hannel Configur ation Guideline s 21-8 Confi gur ing Laye r 2 Et herCh ann els 21-9 Confi gur ing Laye r 3 Et herCh [...]

Cont ents xx Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Config uring IGRP 22-30 Load Ba lan ci ng an d Tr affi c Di st ri bu tion Cont ro l 22-31 Split H or izo n 22-3 4 Config uring OSPF 22-35 OSPF Inte rface Parameter s 22-38 OSPF Area Pa rameters 22-39 Other OSPF Behavior Parameters 22-41 Change LSA Group Pac ing [...]

Content s xxi Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 CHAPTER 24 Configur ing IP Multic ast Routing 24-1 Cisco I mplementat ion of IP Multic ast Routing 24-2 Underst anding IGMP 24-3 IGMP Ve rsio n 1 24-3 IGMP Ve rsio n 2 24-4 Underst anding PIM 24-5 PIM V ers ions 24-5 PIM Modes 24-5 Auto-RP 24-8 Bootst rap Router[...]

Cont ents xxii Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Changin g the IGMP Query Ti meout for IGMPv2 24-32 Changin g the Maximum Query Resp onse Time for IGMP v2 24-3 3 Config uring the Mult ilayer Switch as a Membe r of a Group 24-34 Contr olling Acce ss t o IP Mu ltic ast G roups 24-3 5 Modi fyin g the IGMP Ho st[...]

Content s xxiii Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Config uring a Default MSDP Peer 25-4 Cachin g Source-Active State 25-6 Request ing Source Info rmation from an MSDP Pee r 25-8 Contr ollin g Sou rce Infor mat ion th at Yo ur S witch Or iginat es 25-8 Redist ributing So urces 25-9 Filt er in g So u rc e-A ct [...]

Cont ents xxiv Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Recover i ng from a Comma nd Switch Failure 27-7 Replac ing a Failed Command Switch with a Clus ter Member 27-7 Replac ing a Failed Command Switch with An other Swit ch 27-9 Recover ing from Lost Member Connectiv ity 27-10 Preven ting Autonegoti ation Mismatch[...]

Content s xxv Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Creati ng a Conf igurat ion Fi le By Usi ng a T ext Editor B-10 Copyin g Configuratio n Files By Using TF TP B-10 Prepa ring to Down load or U pload a C onf igurat ion File By U sing TFTP B-10 Downlo adi ng t he Co nfigu ratio n File By Usin g TF TP B-11 Uploadi[...]

Cont ents xxvi Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 FallB ack Bridging C-2 Unsuppor ted Privile ged EXEC Command s C-2 Unsuppor ted Global Conf igurati on Comman ds C-2 Unsuppor ted Interfac e Configurati on Co m mands C-2 HSRP C-3 Unsuppor ted Global Conf igurati on Comman ds C-3 Unsuppor ted Interfac e Config[...]

xxvii Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 Preface Audience This guid e is for the netw orking pro fessiona l manag ing the Catal yst 3550 swit ch, herea fter refer red to as the sw itch or the m ultila yer swit ch. Be fore using th is guide , you shou ld have exper ience worki ng with the Cisco IOS and be fami[...]

xxvii i Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Preface Organizati on Organization This guide is or ganized into the se chapters: Chapter 1, “O verview ,” lists the softwa re feat ures of this releas e and provi des examp les of ho w the swi tch can be depl oyed in a ne twork. Chapter 2, “Using the Com mand-[...]

xxix Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Pre face Organization Chapter 14, “Con figu ring U DLD ,” describes how to config ure the UniDirect ional Link Detection (UDLD) f eature. UDLD enables devices conne cted thro ugh fiber -optic or twisted-pa ir Ethernet cables to monitor the physi cal configuratio n of[...]

xxx Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Preface Conv entions Appendix A, “Sup ported M IBs,” lists the supporte d MIBs for th is relea s e and how t o use FT P to acc ess the MIB files. Appendix B, “W orking wit h the IOS File Syste m, Con figurati on Files, a nd Software Images, ” d escribes how to ma[...]

xxxi Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Pre face Related Publ ications Related Publications These doc uments p rov ide co mple te inf orma tio n abou t the swit ch and are available fro m this Cisco . com site: http://www .cisco.com/univercd /cc/td/doc/prod uct/lan/c3550 /index.htm Y ou ca n o rder pr i nted c[...]

xxxii Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Preface Obtain in g Technical Assis ta nce Ordering Docume ntation Cisco do cumentati on is availab le in the follow ing ways: • Register ed Cisc o D irect C ustom er s can orde r Cisc o prod uc t do cu ment ation f rom the Ne twork in g Products Ma rketPlace : http:[...]

xxxii i Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Pre face Ob taining Technical Assistance Cisco.com Cisco.com is the foundatio n of a suite of interac tive, networ ked servi ces th at provides im media te, open access to Cisco information, networki ng solut i ons, serv ices, progra ms, and r esource s at an y tim e,[...]

xxxiv Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Preface Obtain in g Technical Assis ta nce If you can not re solv e yo ur te ch nica l iss ues by using the Cisco T AC W eb Site, and you are a Cisc o.co m registe red us er, you can op en a c as e onl ine b y u sing t he T AC C ase Open t oo l at t he fo l low ing U R[...]

C HAPTER 1-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 1 Overview This chapte r provides these topics about th e Catalyst 3550 multilayer switch software: • Feat ures , page 1- 1 • Managem ent Options, page 1-5 • Networ k Configura tion Ex ample s, page 1-7 Features The Catal yst 3550 soft ware support s the h[...]

1-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Ch ap ter 1 Overv iew Feature s Perf orma nce • Auto sensing of po rt speed an d autone gotiation of duplex mod e on all switch por ts for opti mizing ba ndwidth • IEEE 802.3X flo w contro l on all Eth ernet por ts • EtherCh anne l for enhan ced fault toleranc e an[...]

1-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 1 Overview Features Red undan cy • Hot Standby Rout er Proto col (HSRP) for co mman d switch and Layer 3 ro uter redundan cy • UniDi rectio nal Link De tection (U DLD) on all Etherne t ports for de tecting an d disab ling unidi rectio nal links on fiber - opti[...]

1-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Ch ap ter 1 Overv iew Feature s • T erminal Access Cont roller Acc ess Control System Plu s (T A CAC S+), a propri etar y featur e for mana ging netwo rk securi ty through a T ACACS serv er • Remote Auth entication Dial-In U ser Service (RADIUS), wh ich prov ides det[...]

1-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 1 Overview Manageme nt Options Management Options The Cat al yst 3 550 swi tch is de signe d for pl ug-a nd- pla y ope ratio n: you n ee d to conf igure o nly b asic IP inform ation fo r the switc h and con nect it to th e other devi ces in your network . If you h[...]

1-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Ch ap ter 1 Overv iew Managem e nt Optio ns • SNMP—SNMP provi des a means to monitor and control the switc h and switch cluster members. Y ou can manage switch co nfiguration sett ings, performance, security , an d collect statistics by using SNMP manage ment ap plic[...]

1-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 1 Overview Network Configuration Examples Network Config uration E xamples This se cti on pr ovi des net work c onfig urat ion co ncep t s and inc lud es e xamp les of usi ng t he s wit ch i n different network to pologies. Design Co ncep ts As your ne two rk use [...]

1-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Ch ap ter 1 Overv iew Netwo rk Conf igurati on Ex amples Bandwidt h alone is not the only c onsiderat ion when desig ning you r network. As your networ k traffic profile s evolve, consi der provi ding netw ork ser vices that can suppor t applicat ions for voi ce and data[...]

1-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 1 Overview Network Configuration Examples Figure 1-1 shows three config uration example s of using Catalyst switches to c reate the fo llowing: • Cost-ef fective wiri ng closet—A cost- effect iv e way to connect many user s to the wirin g closet is to connect [...]

1-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Ch ap ter 1 Overv iew Netwo rk Conf igurati on Ex amples Figur e 1 -1 Examp le Configur ations Si Si Si Si Catalyst 3550 GigaStack cluster 1-Gbps HSRP 50830 Catalyst 3550-12T or Catalyst 3550-12G s witch Gigabit ser ver Catalyst 3550 s witch Cost-Effective Wiring Closet[...]

1-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 1 Overview Network Configuration Examples Small to Mediu m-Sized Ne two rk Usin g Mixed Sw itches Figure 1-2 sho ws a config uration for a network of up to 500 e mploye es. Th is netw ork u ses Ca talyst 3550 multilayer switches to aggregate up to ten wiring clos[...]

1-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Ch ap ter 1 Overv iew Netwo rk Conf igurati on Ex amples Figur e 1 -2 Catalys t 3550 S wi tc hes in a Collapsed Bac kbone Configura tion IP Gigabit ser vers 50831 Cisco IP Phones Cisco IP Phones W orkstations r unning Cisco SoftPhone software Catalyst GigaStack cluster [...]

1-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 1 Overview Network Configuration Examples Large Network Using Only Catalyst 3550 Switches Switche s in t he w iri ng c lose t ha ve tr ad ition all y been L ayer 2-only d evice s, but as ne two rk t raffic profiles evol ve, switches in the wiring closet ar e incr[...]

1-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Ch ap ter 1 Overv iew Netwo rk Conf igurati on Ex amples Figur e 1-3 Catalyst 35 50 Switc hes in Wir ing Closets i n a Backbone Config uration Multidwelling Network Usi ng Catalyst 3550 Switches A growin g segment of reside ntial a nd comme rcia l custome rs are requ ir[...]

1-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 1 Overview Network Configuration Examples unauth orized devi ce s fr om bec omin g th e STP roo t swit ch. All p orts ha ve I GMP snoo pi ng or CGM P enabled for multic ast traffi c management. ACLs on the uplink ports to the aggre gating Catalyst 3550 multilaye [...]

1-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Ch ap ter 1 Overv iew Netwo rk Conf igurati on Ex amples[...]

C HAPTER 2-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 2 Using the Command-Line Interface This chap ter des cribes the IOS command- line interface (CL I) that yo u can use to co nfigure y our switch es. It cont ains these s ections: • IOS Comma nd Modes, pa ge 2-1 • Getting He lp , page 2 -3 • Abbrev iating Co[...]

2-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt er 2 Us ing t he C omma nd- Line Inte r fac e IOS Command Modes T able 2-1 Command Mo de Summary Mod e Acce ss Met hod Pro mpt Exit Meth od About This Mode User EXEC Begin a session with your sw itch . Switch> Enter logo ut or quit . Use this mode to • Change [...]

2-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 2 Using the Com m a nd-Line In te rface Getting Help Getting Help Y ou can e nt er a question m ar k ( ?) at th e s ys tem p ro mpt to d is play a lis t o f co mm an ds a vailable for e ach comman d mode . Y ou can a lso ob ta i n a li st of a ssociat e d key word[...]

2-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt er 2 Us ing t he C omma nd- Line Inte r fac e Using no and default Forms of Comman ds Using no and defa ult Forms of Comman ds Almost every c onfigur ation comma nd also has a no form . In genera l, use the no form to disable a featur e or f unction o r rev erse t [...]

2-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 2 Using the Com m a nd-Line In te rface Using Com mand History Using Command History The IOS pr ovides a hi story or r ecord of co mmands th at you have en tered. This feature is particula rly useful for re calling long or comp lex commands or entri es, includ ing[...]

2-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt er 2 Us ing t he C omma nd- Line Inte r fac e Using E diting Feature s T o di s able the fea ture during the cu rrent termi n al session , enter the terminal no history privi lege d EXEC co mmand. T o di sable comman d history for the line, ente r the no hist ory l[...]

2-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 2 Using the Com m a nd-Line In te rface Using Edit ing Featu res Rec all co mman ds from the buffer and paste them in the command line. The swi tch provid es a buf fer with t he last ten i tems that you delete d. Press Ctrl-Y . Re call the most recent en try in th[...]

2-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt er 2 Us ing t he C omma nd- Line Inte r fac e Searching and F iltering O utput of show and more Com man ds Editing C ommand Lines that Wrap Y ou can use a wraparoun d feature fo r command s that exte nd beyo nd a single line on the scr een. When the cursor reaches [...]

2-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 2 Using the Com m a nd-Line In te rface Acce ssi ng th e C L I Accessing the CLI Before you can acc ess the CLI , you need to connec t a terminal or PC to the switch co nsol e port an d power o n the switc h as desc ribed in the hardw are i nstallat ion guide that[...]

2-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt er 2 Us ing t he C omma nd- Line Inte r fac e Access ing the CLI[...]

C HAPTER 3-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 3 Getting Started with CMS This chap ter pro vides these topics about th e Cluster Man agement Sui te (CMS) software: • Feat ures , page 3- 2 • Front Pa nel V iew , pa ge 3- 4 • T opology V iew , page 3-10 • Men us and T oolbar , pa ge 3-15 • Int eract[...]

3-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Feature s Features CMS pr ovides these featur es ( Figure 3-1 ) for man agin g s witch c lust ers an d in divi dual swit che s fr om W e b browser s such as Netsca pe Commun icato r or Micro soft In ternet Ex plorer: • T wo views o f [...]

3-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Features • T wo level s of access to the configuratio n options: read-write access for users allowed to chan ge switch settings; read-only access for users allo wed to only view switch settings • Consiste nt set of GU I com pon en [...]

3-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Front Panel Vi ew Front Panel View When CMS is launc hed from a co mman d switch, the Fro nt Panel vie w displays th e front-p anel im ages of all swit ches in the clus ter ( Figure 3-2 ). W hen C MS is la unche d from a stan da lone o [...]

3-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Front Pa nel Vie w Cluste r Tr ee The clu ste r tre e ( Figure 3-3 ) appears in the left frame of the Fro nt Panel view and shows the name of t he cluste r and a list of its memb ers. The se quenc e of the clust er-tree icons ( Figure [...]

3-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Front Panel Vi ew Front-Panel Images Y ou ca n m ana ge t he sw it ch f rom a r emot e st at ion b y using the f ront- pane l ima ge s. The fr ont- pane l images are upda ted b ased on the net work p ollin g in terv al t hat you set fro[...]

3-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Front Pa nel Vie w Redundant Power System LE D The Re dun dant Pow er Syste m (RPS) L ED s hows t he RPS sta tus ( Ta b l e 3 - 2 ). Certain switches in the switch clust er use a specific RPS model: • Cisco RP S 30 0 (mo del PWR300- [...]

3-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Front Panel Vi ew Port Modes and LEDs The por t mode s ( Ta b l e 3 - 3 ) determi ne the ty pe of infor mation displ ayed through the port L EDs. When you cha nge por t mo de s, the me ani ngs of t he p or t LED col or s ( Ta b l e 3 - [...]

3-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Front Pa nel Vie w VLAN Membership Modes Ports in the Front Panel view are outli n ed by colors ( Ta b l e 3 - 5 ) w hen you cli ck Highlight VL AN Port Membership Modes o n the Conf igure VLA Ns tab on the V LAN wind ow ( VLA N > V[...]

3-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Topology Vie w Topology Vie w The T opol ogy view disp lays h ow the d ev ice s wit hin a swi tch clust er a re conne c ted a nd how t he swit ch cluste r i s c onn ecte d to ot her c luster s a nd devi ce s. From thi s view , you c an[...]

3-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Topol ogy View Figur e 3-6 Ex pand Clust er View Figur e 3-7 Col lapse Cluster V iew Right-click a link icon to displa y a link popup menu. Cluster members of cluster1 and other de vices connected to cluster1. 65722 Right-click a de v[...]

3-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Topology Vie w Topology Icons The T opol ogy view and the cluste r tree use the sa me set of d evice i cons to repres ent clus ters, com mand and stand by comm and swit ches, an d member sw itches ( Figure 3-8 ). The T o pology v iew a[...]

3-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Topol ogy View Figur e 3-9 T opolog y-V iew Link Icons Device and Link Lab els The T opol ogy vi ew displ ays de vice and l ink in form at ion by u sing th ese la be ls : • Cluster and switch names • Switch MAC and IP addres ses ?[...]

3-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Topology Vie w Colors in the Topo logy Vie w The colors of the T opology view icons reflec t the status of the devices and links ( Ta b l e 3 - 6 , Ta b l e 3 - 7 , and Ta b l e 3 - 8 ). The co lor of a devic e label shows t he cluster[...]

3-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Menus and To olbar Menus and Tool bar The co nfigura tion an d monito ring option s for conf igurin g switches and switch cl usters are avai lable from the menu bar , toolba r , an d the Fron t-Panel an d T opology vi ew popup me nus.[...]

3-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Menu s an d Toolba r • If your clu ster has these me mber switches run ning earlie r software releases a nd if you have read-only ac cess to these member switch es, some configurat ion windows for those switc hes display incomplete i[...]

3-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Menus and To olbar Clust er Cluster Ma nager 3 Launch a C MS session from the co mmand switch . Create Cluster 1 4 Desig nate a c ommand swi tch, and na me a cluste r . Delete Clu ster 1 5 Delete a clu ster . Add to Cluster 1 5 Add a [...]

3-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Menu s an d Toolba r Router Redu nda ncy 2 6 (guide mode a vai lab le 1 ) Add a swi tch t o or re mo ve a swit ch f rom an HS RP grou p. Fallback Br idging 2 6 Create a f all back b ridgi n g grou p, mo dify a g rou p, de let e a g rou[...]

3-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Menus and To olbar Reports Invent ory Displa y th e de vice ty pe, soft wa re v er sion, IP addr ess, and ot h er inf orm ati on abou t a switch. Port S tatistics Display por t statistics. Bandwidth G raphs Display graphs tha t pl ot [...]

3-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Menu s an d Toolba r Help Overview Obtain an overvie w of the CMS interface. What’ s Ne w Obtai n a d es crip tio n o f th e new CMS fe atur es . Help For Activ e Wi n dow Display th e help for the activ e open window . This is the s[...]

3-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Menus and To olbar Toolbar The t oolba r button s d is play com mon ly us ed sw it ch a nd clu ster c onfig ur ation op tion s and i nfo rmat ion windows suc h as legend s and online he lp. Hover t he cursor ove r an icon to di splay [...]

3-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Menu s an d Toolba r Front Panel V iew Po pup M enus These popu p menus ar e a vaila ble in the Front Pane l v iew . Device Popup Menu Y ou can di splay all switch a nd cluster c onfigura tion window s from the menu bar , or you can di[...]

3-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Menus and To olbar Topology View P opup Men us These popu p menus ar e available in the T opology vie w . Link Popup Menu Y ou can di spla y repor ts a nd gr aphs for a specifi c link disp laye d in the T opol ogy view ( Ta b l e 3 - [...]

3-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Menu s an d Toolba r Device Popup Menus Specific devic es in the T opology view di splay a specific popup menu: • Cluster ( Ta b l e 3 - 1 5 ) • Command switch ( Ta b l e 3 - 1 6 ) • Membe r or standby comm and swit ch ( Ta b l e[...]

3-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Menus and To olbar T able 3-18 Device P opup M enu of a Cand idat e-Switc h Icon (When the Candidat e Switc h Has an IP A ddre s s) Pop up Menu O ption T ask Add to Cluste r 1 Add a ca nd idat e t o a c l uster . Devic e Manager 2 Lau[...]

3-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Interac ti on M odes Interaction Modes Y ou can cha nge the interacti on mode o f CMS to eithe r guide or ex pert mod e. Guide mod e steps you thr ough ea ch feat ure opti on and pro vide s infor matio n about the para meter . Expert m[...]

3-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Tool Tips Tool Tips CMS disp lays a po pup m essage wh en you mov e you r mou se ov er t hese de vices: • A yell ow d ev ice i con i n th e cluste r tre e or in T opolog y view —A p opu p di splay s a fau lt messa ge, such as that[...]

3-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS CMS W indow Com ponents CMS Window Components CMS windo ws consi ste ntly p re sen t c onfig urat ion info rmat ion. Figu re 3-12 shows th e compone nts of a typical CMS windo w . Figur e 3-12 CMS Wind ow Comp onents Host Name List T o[...]

3-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS CMS Wi nd ow Co mpo n ents Tabs, Lists, and T ables Some CMS w indo ws ha ve ta bs that present d iffe r ent sets of in format ion. T a bs are arranged like folder headings a cross the t op of the window . Clic k the t ab to displa y [...]

3-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Access ing CMS Accessing CMS This section assumes the followi ng: • Y ou kn ow the IP address a nd passw ord of the comma nd switch or a spec ific switc h. This infor mation is either: – Assigned to the switch by foll owing the set[...]

3-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Acce s sing CMS Access Mo des in CMS CMS provid es two levels of acc ess to the co nfigura tion opti ons: read -write access and read -only acce ss. Privilege le vels 0 to 15 are support ed. • Privilege level 15 pr ovides you wi th [...]

3-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Verifying Yo ur Cha nges Verifying Your Changes CMS provi des notificat ion cues t o help you track and conf irm the chan ges you ma ke. Change Notification A gree n bord er a rou nd a f ield or tabl e cell m eans that y ou ma de an un[...]

3-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting S tar ted with CMS Usin g Di ff e ren t Ve rsio ns of CM S Using Different Versions of CMS When ma naging switch cl usters th rough CMS, rem ember that clust ers ca n have a mix o f switch models using dif ferent IOS releases an d that CMS in earl ier I[...]

3-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 3 Getting Started with CMS Where to Go Nex t[...]

C HAPTER 4-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 4 Assigning the Switch IP Address and Default Gateway This chap ter describ es how to crea te the initial switch configuration ( for example, a ssign the switch I P address an d d efa ult gat ewa y in for mat ion) by us ing a vari ety of aut oma tic and m an ual[...]

4-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmation The boot loader provides access to the Flash fi le system before the o perating system is lo aded. N ormally , the bo ot load er is used o nly to load, unco mpress, a nd l aunch[...]

4-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assi gni ng the Swi tc h IP Addr ess an d De fault Ga tewa y Assigning Switch Information Default Switch Information Ta b l e 4 - 1 show s the default swi tch i n form ation. Understand ing DHCP-Ba sed Autoco nfiguration The D HC P pr ovid es confi g urat ion in[...]

4-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmation DHCP Client Request Proce ss When you boot your switch , the DHCP clien t is invoked an d auto matically reques ts configura tion informatio n from a DHCP server when the config[...]

4-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assi gni ng the Swi tc h IP Addr ess an d De fault Ga tewa y Assigning Switch Information Configuring the DHCP Ser ver Y ou sho ul d conf ig ur e the DHCP serve r w ith r es er ved lea s es that are bound to e ach switch by th e sw i tch hardware add re ss. If y[...]

4-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmation For the switch t o successful ly down load a config uration fi le, the TFT P serve r must conta in one or mor e configuratio n files in its base d irectory . The files can inclu[...]

4-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assi gni ng the Swi tc h IP Addr ess an d De fault Ga tewa y Assigning Switch Information Figur e 4-2 Rela y Device Use d in A utoconfig uration Obtaining Configurati on Files Depending on the availability o f the IP address a n d the c onfiguration filename in [...]

4-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Assign ing Swi tch Info rmation Note Th e switch bro adcast s TFTP server request s if the TFT P server is not obtain ed from the DH CP replies, if all attempts to r ead the configu ration file throu gh unicas[...]

4-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assi gni ng the Swi tc h IP Addr ess an d De fault Ga tewa y Assigning Switch Information DNS Server Configuration The DN S server maps th e TFTP s erver name maritsu to I P a dd re ss 1 0.0 .0. 3. TFTP Server Configuration ( on UNIX) The TFT P ser ver b ase di [...]

4-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Checking and Saving th e Run ning Confi gura tion Manually Assigning IP Information Beginning in privileged EXEC m ode, follo w these steps to ma nually assign IP info rmation to multiple switched vi rtual in[...]

4-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assi gni ng the Swi tc h IP Addr ess an d De fault Ga tewa y Checki n g an d Sav in g the Ru nnin g Co nf igur atio n ! interface GigabitEthernet0/1 no switchport ip address 172.20.137.50 255.255.255.0 ! interface GigabitEthernet0/2 ! interface GigabitEthernet0[...]

4-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Modifyin g th e Startup Config uration Modifying the Start up Configu ration This section descr ibes how to modify the switch star tup configuratio n. It contains this configu ration inform ation: • Defa ul[...]

4-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assi gni ng the Swi tc h IP Addr ess an d De fault Ga tewa y Modifying the Startup Configuration Specifying the Filename to Read and Write the System Configuration By default, the IOS softwa r e uses the file config .text to re ad an d writ e a non volatil e co[...]

4-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Modifyin g th e Startup Config uration T o disable m anua l bo oti ng, us e t he no boot manual globa l config uration c omman d. Booting a Specific Software Image By default, the switc h attempts to automati[...]

4-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assi gni ng the Swi tc h IP Addr ess an d De fault Ga tewa y Modifying the Startup Configuration Controlling Environment Variables W i th a n orm ally op er ati ng sw itc h, y ou e nter the boot load er m ode only th rough a swi tch conso l e connec tion c on f[...]

4-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Modifyin g th e Startup Config uration Ta b l e 4 - 5 desc ribes the fun ction of the most comm on environ ment var iables. T able 4-5 Env i ronment V ar i ables V ariable Boot Lo ader Co mmand IOS Glo bal Co[...]

4-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assi gni ng the Swi tc h IP Addr ess an d De fault Ga tewa y Schedul ing a Rel oad of the Sof tware Image Scheduling a Re load of the Software Image Y ou can s ch edu le a reload of the sof twa re image to occur o n the s wit ch at a la ter tim e ( fo r exam p [...]

4-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 4 Assigning the Switch IP Address and Default Gateway Scheduli ng a Re load of the S oft w are Image This example shows how to reload the s oftwar e on t h e swit ch at a fut u re tim e: Switch# reload at 02:00 jun 20 Reload scheduled for 02:00:00 UTC Thu Jun 20[...]

C HAPTER 5-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 5 Clustering Switches This chapte r provides these topics to help you get started with switch clust ering: • Understa ndin g Swi tch Cl u sters , pa ge 5-2 • Planning a Sw itch Cluster, page 5-4 • Creating a Switch C l uster, page 5- 18 • Using the CL I [...]

5-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Unders tan din g Sw itch Cluste rs Understandin g Switch Clust ers A switch cluster i s a group of connected C atalyst swit ches that a re manage d as a sing le entity . In a switch cluster , 1 switch must be the co mmand swit ch and up t o [...]

5-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Underst anding Swi tch Clust ers Standby C ommand Switch Characteristic s A Catalyst 3550 standby c omman d switch must me et these re quirem ents: • It is running 12.1(4) EA1 or later . • It has an IP address . • It has CDP ver sion 2[...]

5-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Planning a Switch Cl uster Anticipatin g conflicts and compatibilit y issues is a high priority when you manage several switch es through a c lust er . Thi s sect ion descr ibe s the se guid eli nes, re qui reme[...]

5-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Discovery through CDP Hops By using CDP , a c omm and sw itch can di scove r sw itche s u p to se ven CDP hops aw ay ( the defa ult is three hops) from the ed ge of the clus ter . The edge of the cluster is wher [...]

5-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Discovery through Non-CDP-Capabl e and Noncluster-Capable Devices If a command swi tch i s conne cted to a non-CDP-capa ble thi r d-p arty hub ( such as a non -Cisco hub ), it can discove r cluster-en abled devi[...]

5-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Discovery through Different V LANs A cluste r can have Catalyst 3550 member switches co nfigur ed with dif ferent VLANs. How ever , each member switch must be conn ected throug h at least one VLAN in common with [...]

5-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Discovery through the Same Management VLAN When the cluster ha s a Catalyst 2900 XL, Catalyst 2950, or Catalyst 3500 XL c ommand switch, a ll cluste r memb ers mu st conne ct to it thro ugh th e co mmand-sw itch[...]

5-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Discovery through Different M anagement VLANs W e stron gly recomm end that a Catal y st 3550 swit ch be the comman d switch when the cluste r has Catalyst 1900, Catalyst 2820, Catalyst 2900 XL, Ca talyst 295 0, [...]

5-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Discovery through Routed Ports If the comm and switch has a rout ed port (RP) conf igured , it disco vers only candida te and member switch es in the same VLAN as the rout ed port. For mor e informa tion ab out[...]

5-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Discovery of Newly Installed Switches A new , ou t-of-the -box switch is set wi th th e defa ult VLAN , VLA N 1. B y def ault, all access ports on the new swit ch a re assi gned to V LA N 1. T o ad d a new switc[...]

5-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er HSRP and S tandby Command Sw itches The swi tch su pports Ho t Standby Router Protoco l (HSRP) so that you can co nfigure a group of st andby comman d s wit che s. Beca use a c om mand sw itch ma nage s the fo [...]

5-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Virtual IP Addresses Y ou need t o assi gn a uniq ue virt ual I P add ress an d gro up n umber and name to the c luster st andby group . This i n fo rmat i on mu st be c onf igured on a specif i cVLAN or rou ted[...]

5-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Considerations for Cluster Stan dby Groups In addi tion to p rov idi ng a vir tu al IP a dd ress t o the c lust er stand by gro up, t hese r equi reme nts ap ply: • When the comma nd switch is a Catalyst 35 5[...]

5-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er Figur e 5-8 VLAN Connectivi t y betw een Standb y-Gr oup Members and Clu s ter Members IP Addresse s Y ou must assi gn IP info rmation to a comma nd switch. Y ou can ass ign more t han one IP addr ess to the com[...]

5-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Planning a Sw it ch Cl ust er Host Names Y ou do not need to assign a host name to either a command switch or an eligi ble cluster membe r . However , a host name assigned to the comman d switch can help to more easily identi fy the switch [...]

5-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Planni ng a Swit ch Clust er TACACS+ If T erminal Access Con troll e r Acce ss Co ntro l System Pl us (T ACACS+) i s conf i gur ed on the co mmand switch, T ACACS+ must also be configured on all member switches to access the switch cluster [...]

5-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Creating a Switch Cluster Availability of Switch-Specifi c Features in Switch Clusters The men u bar on the com mand swi tch displ ays all op tion s av aila ble from the swit ch clu ster . T he refo re , featu re s sp ec i fic to a me mb er[...]

5-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Creati ng a Swit ch Cluster Enabling a Command S witch The sw itc h you de sign ate to be the comma nd swi tch m ust m eet th e requi rem ents de scri bed in t he “Comm and Switch Cha racterist ics” section on pa ge 5-2 , “Planning a [...]

5-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Creating a Switch Cluster Adding Me mber Sw itches As expl ained i n the “A utomat ic Discovery of Cluster Candida tes and Memb ers” secti on on page 5- 4 , the comman d s wit ch a utom a tica lly disc overs c an dida te switc hes . Whe[...]

5-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Creati ng a Swit ch Cluster Figur e 5-1 0 Add t o Cluster Windo w Figur e 5-1 1 Using the T opolog y Vi ew t o A dd Member S witches Enter the pass word of the candidate s witch. If no pass word e xists for the s witch, leav e this field bl[...]

5-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Creating a Switch Cluster Creating a Clu ster S tandby Group The cl u ster sta ndby grou p m e mbers mu st m eet the req uire ment s descr ibe d in t he “Standby Com mand Switch C haract eristics” section on pag e 5-3 and “HSRP and St[...]

5-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Creati ng a Swit ch Cluster Figu re 5 - 12 Stand by Com ma nd Co nfi g urat i on W in dow 2950C (cisco WS-C2950-C-24, HC, ... NMS-3550-12T -149 (cisco WS-C3550-1 3550-150 (cisco WS-C3550-12T , SC, ... Active command s witch. Standby command[...]

5-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Creating a Switch Cluster Verifying a Switch Cluster When you fin ish adding cl uster me mber s, follo w these step s to verify the cluste r: Step 1 Ent er the comman d switch IP address in the b rowser Location field ( Netscap e Communicat[...]

5-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switche s Using the CLI to Manage Switch Clusters Using the CLI to Manage Swit ch Clusters Y ou can configur e member switches from th e CLI by first logging into the comman d switch. Ente r the rcommand user EXEC com mand and th e membe r switch num[...]

5-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 5 Clustering Switches Using SNMP to Ma nage Sw itch Cl usters Using SNMP to Manage Switc h Clusters When you f irst powe r on the sw itch, SN MP is enabl ed if you enter th e IP infor matio n by using t he setup program a nd accep t its prop ose d co nfi gu rati[...]

C HAPTER 6-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 6 Administering the Switch This cha pter descri bes how to per form one-t ime opera tions to adm inister your switch. This ch apter consists of t h ese sectio ns: • Preventing U nauthor ized Access to Y ou r Switch, page 6-1 • Protectin g Access to Privile g[...]

6-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Protecting A ccess to Privileged EXE C Comman ds T o prevent una uthorize d access into your switch, you should conf igure one or more of these se curit y featu res : • At a min imum, you sh ould con figu re password s and pr ivilege [...]

6-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds Default Password and Privilege Level Configuration Ta b l e 6 - 1 sho ws the d ef ault passw ord a nd priv ilege leve l c onfi gurat ion . Setting o r Changin g a Static Enab le [...]

6-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Protecting A ccess to Privileged EXE C Comman ds This exam ple shows ho w to change th e enable pass word to l1u2c3 k4y5 . The p assword is not encrypted and provides access to leve l 15 (traditional privileged EXE C mode access): Switc[...]

6-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds If bo th the enable and ena b le se cret pass word s are defined, users must enter the enab le sec ret pas sword. Use th e le vel keyword to define a passwo rd for a specific pri[...]

6-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Protecting A ccess to Privileged EXE C Comman ds Beginnin g in pr ivilege d EXE C m od e, f ollow the se st eps to di sabl e p asswor d reco very: T o re-e nable passwo rd reco very , use the serv ice pa s sw or d- recove ry glo bal co [...]

6-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds T o remove the passw ord, use the no pa ssword glob al confi gura tion co mmand . This example shows h ow to set the T elnet password to let45me67in89 : Switch(config)# line vty [...]

6-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Protecting A ccess to Privileged EXE C Comman ds T o di sable usernam e au then tica tion for a specifi c user , use th e no username name global confi guration comman d. T o disable password che cking and allow conn ections w ithout a [...]

6-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Prote c ting Acce ss t o Priv i lege d EX EC Co mman ds When yo u set a command to a privilege level, all co mmands wh ose syntax is a subset of that command are also set to that leve l. Fo r example, if you set the show ip route comm[...]

6-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controlling Sw itch Acce ss w ith TACACS+ Logging into and Exiting a Privilege Level Beginning in p rivile ged E XEC mode , f oll ow the se step s to lo g in to a s pe cif ie d p r iv ile ge le v el and t o e x it to a specified privil[...]

6-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with TACACS+ The goal of T ACACS+ is to provide a me thod for managing mu ltiple network acc ess points from a single manageme nt ser vice. Y our switch c an be a ne two rk ac cess se rver alo ng w ith oth e[...]

6-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controlling Sw itch Acce ss w ith TACACS+ Y ou ne ed a syst em runn ing th e T ACACS+ daem on sof tware to use T ACACS+ on yo ur switc h. TACACS+ Ope ration When a user attem pts a simple ASCII login by auth entic atin g to a switch us[...]

6-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with TACACS+ Configuring TACACS+ This secti on describe s how to confi gure your swit ch to support T A CACS+. At a min imum, you must identi fy the host or hos ts maint aining th e T ACACS+ daem on and def [...]

6-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controlling Sw itch Acce ss w ith TACACS+ Beginning in privil eged EXEC mode, follow these steps to identify the IP host or host maint aining T ACACS+ server an d optiona lly set th e encrypt ion k ey: T o remove th e spe c ified T ACA[...]

6-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with TACACS+ A method list describe s the sequence and authentic ation methods to be queried to authenticate a user . Y ou ca n desi gnat e one or more secur ity proto co ls to be us ed for aut hent ica tion[...]

6-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controlling Sw itch Acce ss w ith TACACS+ T o di sable AAA, use th e no aaa new-model global conf iguration co mmand. T o disable AAA authenti cation, use th e no aaa aut hent ica tion l ogin { default | list-name } method1 [ method2 .[...]

6-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with RADIUS Starting TACACS+ Accounting The AA A accounting featu re trac ks the ser v ices that us ers a re acce ssing and the am ount o f networ k resources th at they ar e consuming . When AA A acco untin[...]

6-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controllin g Switch A cce ss wit h RA DIUS Understanding RADIUS RADIUS is a dis tribut ed clien t/server system that se cures networ ks again st unau thorized acces s. RADIUS clients run on supported Cisco routers and switches (inclu d[...]

6-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with RADIUS Figur e 6-2 T ypical AAA Netw ork Con figuration RADIUS Operation When a user attempts to log in and auth enticate to a switc h that is ac cess controlled by a R ADIUS ser v er , thes e even ts o[...]

6-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controllin g Switch A cce ss wit h RA DIUS soft ware uses the first me thod list ed to authen ticate, to au thoriz e, or to keep acc ounts on user s; if that method does not respond, the softwar e selects the next method in the list. T[...]

6-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with RADIUS If two d iff erent host entries on the sam e RADIUS server are configured f or the same service —f or exam ple, account ing —the secon d host entry conf igured acts as a fail- over backup to [...]

6-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controllin g Switch A cce ss wit h RA DIUS T o remove the speci fied RADI US server , use the no radius-server host hostname | ip-address global config urati on comm and. This e xample shows ho w to confi gu re on e RA D IUS serv er t [...]

6-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with RADIUS This exa mp le shows how t o configu re host1 as t he RADIUS se rver and to use the defa ul t ports fo r bot h authenti cation and accountin g: Switch(config)# radius-server host host1 Note Y o u[...]

6-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controllin g Switch A cce ss wit h RA DIUS T o di sable AAA, use th e no aaa new-model global conf iguration co mmand. T o disable AAA authenti cation, use th e no aaa aut hent ica tion l ogin { default | list-name } method1 [ method2 [...]

6-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with RADIUS Server g roups al so can inclu de multiple host entries for the same se rver if each entr y has a un ique identifie r (the co mbination of the IP a d dress an d UDP port number), allowing d iffer[...]

6-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controllin g Switch A cce ss wit h RA DIUS T o remove the speci fied RADI US server , use the no radius-server host hostname | ip-address global config urati on comm and. T o remov e a serve r group from t he confi gurati on list , use[...]

6-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with RADIUS Beginning in p rivileged EXEC mod e, follow these steps to specify RADIUS authoriza tion for privileged EXEC a cce ss an d n etw ork s er vice s: T o disable a uthor izatio n, use th e no aaa aut[...]

6-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controllin g Switch A cce ss wit h RA DIUS Configuring Settings for All RADIUS S ervers Beginnin g in pr ivi leged EX EC m od e, f oll ow t hese ste ps to c onfi gure gl obal commu ni cati on se tting s between the switch and all RADIU[...]

6-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Controlling Switch Access with RADIUS For exam pl e, the follow ing A V p air ac tiv ate s Cisco ’ s m ultiple na med ip ad dr ess pools fea ture during IP authorization (during PPP’ s IPCP addr ess assignm ent): cisco-avpair= ?[...]

6-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Controllin g Switch A cce ss wit h RA DIUS Beginning in privile ged EXEC mode, follow these steps to specif y a vendor -proprietary RADIUS serv er host a n d a s hared s ecret text s tring: T o delete the vendor-propr ietary RADIUS hos[...]

6-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Configuring the Switch for Local Authentication and Authorization Configuring the Switch for Local Authentication and Authorizat ion Y ou can configure AAA to operate without a server b y settin g the switch to impl ement AAA i n loc[...]

6-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Managing the System Time and Date Y ou can manage the system tim e and date on your switch usin g automatic, such as the Netwo rk T im e Protoco l (NTP), or man ual config uration me thods. Note For [...]

6-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Mana gi ng th e S y stem Tim e an d Da t e running NTP autom atically chooses as its time source the device with the lowest stratum number with which it communic ates through NTP . This strategy effec tively builds a self-or ganizing[...]

6-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Figur e 6-3 T ypical NTP Netw ork Configuration Configuring NTP The Cat alyst 3550 sw itches do not ha ve a hardwa re-su pported clock, and t hey cann ot functi on as an NTP master cloc k to whic h p[...]

6-35 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Mana gi ng th e S y stem Tim e an d Da t e Default NTP Configurati on Ta b l e 6 - 2 show s th e defa ult NTP co nfig urati o n. NTP is enable d on all interface s by default. All inter faces rece ive NTP packets . Configuring NTP Au[...]

6-36 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the Syste m Time and Date T o di sable NT P au th entica tio n, use the no ntp authentic ate global con figura tion comm and. T o remove an auth entication key , use th e no ntp authentication-key number glob al co nfigura ti[...]

6-37 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Mana gi ng th e S y stem Tim e an d Da t e Y ou need to configur e only one end of an associat ion; the other devic e can automatical ly establish th e associat ion. If you are us ing th e de fault NT P versi o n (ve rsion 3) and NTP[...]

6-38 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the Syste m Time and Date T o disab le the interface from se nding NTP broadcast packets, use the no nt p br oad cast interface configurat ion comman d. This example shows h ow to configure an interf ace to send NTP vers ion [...]

6-39 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Mana gi ng th e S y stem Tim e an d Da t e Creating an Access Group and A ssigni ng a Basic IP Access List Beginning in privil eged EXEC mode, follow these steps to control acc ess to NTP services by using access lists: The acc ess g[...]

6-40 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the Syste m Time and Date If the source I P address matches the a ccess lists for more than one acce ss type, the firs t type is granted. If no acces s group s are spec ified, all acc ess types ar e granted to all devic es. I[...]

6-41 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Mana gi ng th e S y stem Tim e an d Da t e The specified interface i s used for the s ource add ress for all packets sent to all dest inations. If a so urce address is to be used f o r a specific association, us e the source ke ywor [...]

6-42 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Setting the System Clock If you have an outside source on the netw ork that pro vides time services, such as an NTP se rver , you do not need to manuall y set the syste m clock. Beginning in priv i l[...]

6-43 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Mana gi ng th e S y stem Tim e an d Da t e Configuring the Tim e Zone Beginn ing in privileged EXEC mode, fo llow these s teps to manu ally con figure the time zone: The minutes-offset va riable in the clock ti me zo ne gl ob al co n[...]

6-44 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the Syste m Time and Date Configuring Summer Time (Daylight Saving Ti me) Beginnin g in pr ivi leged EX EC m od e, f oll ow t hese ste ps to c onfi gure sum me r tim e (d ay lig ht sa ving time) in ar eas where it starts and [...]

6-45 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Mana gi ng th e S y stem Tim e an d Da t e Beginning in priv ileged EXEC mode, follow these steps i f summer time in your ar ea does not follow a recur ring pa ttern (config u re th e exact date and t ime of the next s ummer ti me ev[...]

6-46 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Configur ing a Sys tem Nam e and Prompt Configuring a System Name a nd Prompt Y ou configure the system name on the switch to identify it. By d efault, the system name and pro mpt a re Switch . If you hav e not conf igured a syste m pr[...]

6-47 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Confi guring a S ystem Name an d Prompt Configuring a System P rompt Begin ning in privil eged EXEC mode, follow these s teps t o manu ally co nfigu re a sy stem promp t: T o return to the de faul t pr om pt, use the no prompt [ stri[...]

6-48 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Configur ing a Sys tem Nam e and Prompt Default DNS Configur ation Ta b l e 6 - 3 shows the defa ult DNS c onfiguration. Setting Up DNS Beginning in privileged EXEC mode, follow th ese steps to set up your switch to use the DNS: If you[...]

6-49 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Creat ing a Bann er domain n ame is the v alue set b y the ip domain-na me globa l c on figur at ion c om mand. I f ther e is a period (.) in th e hostn am e, the IO S so ftw are look s up the IP a dd ress w ithou t appe nd ing a ny [...]

6-50 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Creating a Banner Configurin g a Mess age-of-the -Day Log in Bann er Y ou can c reate a single or multiline me ssage b ann er th at ap p ears o n the sc re en when so meone lo gs in to the switch. Beginnin g in pr ivi lege d EX E C m o[...]

6-51 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Managin g the MAC Addre ss Table Configurin g a Login B anner Y ou can config ure a login ba nner to be disp layed on al l conne cted termi nals. This banner is displ ayed after the MOTD banne r and befor e the login prompt. Beginnin[...]

6-52 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the MAC A ddre ss Table This section con tains this configuratio n information: • Building the A d dress T able, page 6-52 • MAC Addr esses an d VLANs , page 6-52 • Default MA C Addres s T able Confi guration , page 6-5[...]

6-53 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Managin g the MAC Addre ss Table Default MAC Address Table Configuration Ta b l e 6 - 4 show s the defaul t MAC addre ss tabl e conf igurati o n. Changing the Addre ss Aging Time Dynamic a ddresses are sou r ce M AC ad d re sse s th [...]

6-54 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the MAC A ddre ss Table Removi ng Dyn amic Ad dre ss E ntries T o remove al l d ynami c e ntr ies, use th e clear mac-address-table dynamic command in pr ivi leged EXEC m ode. Y ou can al so re move a s pec ific MAC ad dres s[...]

6-55 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Managin g the MAC Addre ss Table T o disable th e switc h fro m sen ding M AC a ddr ess no tif ica tion t raps, use t h e no snmp-server ena ble traps mac -not ifica tion global configurat ion command. T o disable the MAC address not[...]

6-56 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Managin g the MAC A ddre ss Table Adding and Remo ving Sta tic Address E ntries A static address has these characteristics: • It is manu ally ente red in the a ddress tab le and must be manual ly remo ved. • It can be a unicast or [...]

6-57 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Optimizi ng System Re sources for User-Se lected Feat ures Displaying A ddress Table Entries Y ou can di splay the MAC ad dress tabl e by using one or mo re of the privi leged EX EC comma nds describe d in Ta b l e 6 - 5 : Optimizing[...]

6-58 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Optimizin g Sys tem Resourc es for Us er-Se lected Fe atures The numbe r of subne t VLANs (ro uted ports and SVIs) are not limited by sof tware and can be set to a number h igher t han ind icat ed in the tables. I f the nu mber of subn[...]

6-59 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Adminis ter ing the Switc h Optimizi ng System Re sources for User-Se lected Feat ures Using the Te mplate s Follow these guideli n es when using the SDM templates: • The maxi mum nu mber of resource s allow ed in eac h templ ate is an ap prox imati on and de[...]

6-60 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 6 Administering the Switch Optimizin g Sys tem Resourc es for Us er-Se lected Fe atures This exa mple shows how to configure a switch with t he routing tem plate an d verify the configur ation: Switch(config)# sdm prefer routing Switch(config)# end Switch# copy [...]

C HAPTER 7-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 7 Configuring 802.1X Port-Ba sed Authen tication This cha pter d escribe s how to confi gure IEEE 802 .1X p ort-b ased a uthent icati on to prevent unau thorize d devices ( clients) from ga ining access to the network . As LANs ex tend to hote ls, airports, a nd[...]

7-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configur ing 802. 1X Port-Bas ed Authenticati on Unders tan ding 802.1X Port -Based A ut henticat io n Device Roles W ith 802.1X port-based authentication , the devices in the network have spec ific roles as shown in Figure 7-1 . Figu re 7 -1 802 . 1X De vic e [...]

7-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configuri ng 8 02.1X Port-B as ed A uthenti cat io n Understandi ng 802.1X Port-Base d Authent ication Authentication Initiation and Message Exchange The swi tch or th e client can initi ate authen tication. I f you enable au thenticatio n on a p ort by using th[...]

7-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configur ing 802. 1X Port-Bas ed Authenticati on Unders tan ding 802.1X Port -Based A ut henticat io n Ports in Au thorized and Un authorized S tates The switc h port state de termin es whethe r or not the clie nt is gran ted acces s to the network . The por t [...]

7-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configuri ng 8 02.1X Port-B as ed A uthenti cat io n Configuring 802. 1X Authent ication In a po in t-to- point confi g urat ion (see Figure 7-1 on page 7-2 ), only one cli ent can be connect ed to the 802.1X -enabled switch port. The switch de tects the cl ient[...]

7-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configur ing 802. 1X Port-Bas ed Authenticati on Configur ing 80 2. 1X Au thent ica tion Default 802.1X Configuration Ta b l e 7 - 1 shows the defau lt 802.1X co nfigura tion. T able 7 -1 Def ault 802.1X Configur ation Feature Default Setting Auth entic ation, [...]

7-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configuri ng 8 02.1X Port-B as ed A uthenti cat io n Configuring 802. 1X Authent ication 802.1X Configuration Guidelines These ar e the 80 2.1X aut henti cation co nfig uration gui deli nes: • When 802.1 X is enabl ed, port s are auth enticat ed befor e any ot[...]

7-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configur ing 802. 1X Port-Bas ed Authenticati on Configur ing 80 2. 1X Au thent ica tion Enabling 802.1X Authentication T o enable 802.1X por t-based au thenticatio n, you m ust enable A AA and specify th e authen tication method list. A method list describes t[...]

7-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configuri ng 8 02.1X Port-B as ed A uthenti cat io n Configuring 802. 1X Authent ication This exa mple shows how to enable AAA and 802.1X on Fast Ethern et port 0/1: Switch# configure terminal Switch(config)# aaa new-model Switch(config)# aaa authentication dot1[...]

7-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configur ing 802. 1X Port-Bas ed Authenticati on Configur ing 80 2. 1X Au thent ica tion This exa mple shows how to specify the se rver with IP address 172.2 0.39. 46 as the RADIU S server, to use port 1612 as th e auth orizat ion por t, and to se t the en cry[...]

7-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configuri ng 8 02.1X Port-B as ed A uthenti cat io n Configuring 802. 1X Authent ication Manually Re-Authenticating a Client Connected to a Port Y ou can manually re-authentic ate the client connected to a spec ific port at any tim e by entering the dot1x re-a [...]

7-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configur ing 802. 1X Port-Bas ed Authenticati on Configur ing 80 2. 1X Au thent ica tion Changing the Sw itch-to-Clie nt Retran smission Time The client respon ds to the EAP-request/id entity frame fro m the switch with an EAP-response/i d entity frame. If the[...]

7-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configuri ng 8 02.1X Port-B as ed A uthenti cat io n Configuring 802. 1X Authent ication Setting the Switch-to-Client Frame-Retransmission Number In addi ti on t o c hang i ng th e swi tch- to-c li ent re tra nsmiss io n ti m e, y ou ca n ch an ge the n umb er [...]

7-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 7 Configur ing 802. 1X Port-Bas ed Authenticati on Display ing 802.1 X Stat is t ics and Status T o disable multiple hosts on the port, use the no dot1x multiple-hosts interface c onfiguration c ommand. This exampl e shows how to ena ble 802.1 X on Fast Etherne [...]

C HAPTER 8-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 8 Configuring Interface Cha racteristics This chapte r defines the types of interface s on the switch and describes how to configure them. The chap ter has these sect ions: • Understa nding Inte rface T ypes, pa ge 8-1 • Using th e In te rfa ce C o mman d, p[...]

8-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Unders tan ding Inte rfa ce Type s Port-Based VLANs A VLAN is a switched network that is logically segmen ted by function, team, or application, without regard to the physica l locat ion of the users. Fo r more info rmati o[...]

8-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Unde rsta ndi n g In t erf ac e Ty p es Trunk Ports A trunk port carri es the traf fic of multiple VLANs and by default is a member of all VLANs in the VLAN database . T wo t yp es of tru nk port s a re su ppo rted : •[...]

8-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Unders tan ding Inte rfa ce Type s Switch Virtual Interfaces A switch virtual i n terface ( SVI) r epresents a VLAN of sw itch port s as one in terface to the r outing or bridging fu nctio n in the system . Only one SVI can[...]

8-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Unde rsta ndi n g In t erf ac e Ty p es For more informat ion about IP unicast and multicast routing and routing protocols, see Chapter 22, “Conf igur ing I P U nic ast Rout ing” a nd Chapte r 24, “Confi guri ng IP[...]

8-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Using the Inter fa ce Command Figur e 8-2 Connecting VLANs with the Catalyst 355 0 Multilay er Switch The Cataly st 3550 switch with the enhanced multi layer softwar e image suppor ts two methods o f forwardin g traff ic be[...]

8-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Using the Interface Command T o conf igure a physical interface (por t ), enter int e rf a ce configuration mode, an d specify the interface type , slot, an d number . • T ype—Fast E therne t (fas tethe rnet or fa) f[...]

8-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Using the Inter fa ce Command Ente r t he sh ow in terf ac es privileged EXEC co mman d to see a list of all inter fa ces on or co nfigur ed fo r the switc h. A re port is provi ded for each i nterf ace th at the device sup[...]

8-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Using the Interface Command 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored [...]

8-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Using the Inter fa ce Command • Y ou m ust add a sp ac e bet wee n t he inte rf ace nu mbers a nd the hy phen wh en u s ing the interf ace ra nge c omm an d. F or ex ampl e, the c omm and interface rang e gigabitet herne[...]

8-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Using the Interface Command Configur ing and Us ing Interf ac e Ra nge M acro s Y ou can create a n interfac e range macro to automat ically sele ct a range of interfaces fo r config uration. Befo re you can us e the ma[...]

8-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Configur ing Layer 2 In ter faces Thi s exampl e shows how to de fine an in terf ace-ran ge macro na med enet_li st to select Gigabit Et h ernet ports 1 to 4 and to verify the mac ro configurat ion: Switch# configure termi[...]

8-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Configuring Layer 2 Interfaces Default Layer 2 Ethernet Interface Configuration Ta b l e 8 - 1 shows the Layer 2 Ethernet inter face default conf iguration. For more details on the VLAN paramete rs listed in the table, [...]

8-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Configur ing Layer 2 In ter faces Configuring In terface Sp eed and Du plex M ode These sec tions descr ibe how t o configu re the in terface speed and dupl ex mode: • Configur ation G uid eli nes , pa ge 8-14 • Settin[...]

8-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Configuring Layer 2 Interfaces Be g i n n i n g i n p r i v i l e g e d E X E C m o d e , f o l l o w t h e s e s t e p s t o set the speed and dupl ex mode for a physical interface: Use the no sp eed an d no duplex int[...]

8-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Configur ing Layer 2 In ter faces Configuring IEEE 802.3X Flow Control Flow contr ol enable s connecte d Ethernet ports to con trol traffic ra tes during co ngestion by al lowing congest ed nodes to pause lin k opera tion [...]

8-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Configuring Layer 2 Interfaces Be g i n n i n g i n p r i v i l e g e d E X E C m o d e , f o l l o w t h e s e s t e p s t o configure flow control o n an interface: T o disable f low con tr ol, use t h e flow control [...]

8-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Mon i tor in g an d Mai nta in in g th e La yer 2 Inte rfa ce Use the no description interf ace configur ation comman d to delete the descri ption. This e xample sh ows h ow to add a descr iption o n Fast E thern et in ter[...]

8-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Monitoring and Maintaining the Layer 2 Interface This e xampl e sh ow s how to di splay t he st atus and c onfig urat ion of Giga bit Eth erne t i nterf ac e 0/2: Switch# show interfaces gigabitethernet0/2 GigabitEthern[...]

8-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Mon i tor in g an d Mai nta in in g th e La yer 2 Inte rfa ce This e xample sh ows h ow t o di splay t he sta tus o f swi tchi ng port s: Switch# show interfaces switchport Name: Gi0/1 Switchport: Enabled Administrative Mo[...]

8-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Monitoring and Maintaining the Layer 2 Interface Note Th e clear counters privil ege d EX EC comm a nd doe s not c lear coun ter s r etrie ved by using Simp le Network Ma nagement Protocol (SN MP), but only those seen w[...]

8-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Configur ing Layer 3 In ter faces T o ve rify that an interf ace is disable d, enter th e show inte rfaces privileged EXE C comma nd. A dis abled interfac e is sho wn as administratively down in the show inte rfac e com ma[...]

8-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuri ng In te rface Charac teristics Configuring Layer 3 Interfaces Beginnin g in pr ivi leged EX EC mod e, fol low the se st eps to conf igur e a Laye r 3 in terfa ce: T o remove an IP addr ess from an interfac e, use the no ip address interface conf i gu[...]

8-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 8 Configuring Interface Characteristics Configur ing Layer 3 In ter faces This is an example of ou tput from the show ip int erface privileged EXEC comman d for an interface: Switch# show ip interface gigabitethernet0/2 GigabitEthernet0/2 is up, line protocol is[...]

C HAPTER 9-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 9 Creating and Maintaining VLANs This chapte r de scr ibes how to creat e an d ma int ain V LANs. I t in clude s inf ormatio n a bout VL AN mo des, the VLAN Trunking Protoc ol (VTP) dat aba se, a nd the VL AN Mem ber ship Policy Serv er ( VMPS). Note For complet[...]

9-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan ding VLAN s Figur e 9-1 VLANs as Lo gically Define d Networ ks VLANs ar e often assoc iated wit h IP subnetw orks. For exa mple, all th e end stati ons in a part icular IP subnet belong to the sa me VLAN. Interface VLAN[...]

9-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Using the V LAN Trunki ng Proto col VLAN Port M embership M odes Y ou co nfigure a port to bel ong to a VLA N by assignin g a mem bership mode that de termine s the kin d of traf fic the port carrie s and the number of VLANs to [...]

9-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Using the VLA N Trunking Pro tocol The VTP Do main and VTP Mode s A VTP do ma in ( also cal led a VLA N ma nage ment dom ain ) c on sist s of one swi tch or se vera l interconn ected switches under the same administrative resp ons[...]

9-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Using the V LAN Trunki ng Proto col VTP Advertisements Each swi tch in t he VTP dom ain sends per iodic glob al con figura tion adve rtise ments from each trunk po rt to a reserved multic ast address. Neighboring switches recei [...]

9-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Using the VLA N Trunking Pro tocol VTP Vers ion 2 If you use VTP in y our n etwor k, you must d ecide whe the r to u se versi on 1 or v ers ion 2. VTP version 2 supp orts the se feature s not suppo rted in versi on 1: • T oken R[...]

9-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Using the V LAN Trunki ng Proto col Figur e 9-2 Flooding T r affic w ithout VTP Pr uning Figure 9-3 sho ws a sw itched network with V TP pruni ng en abled. T he broa dcast tr affic from Sw itch 1 is not forwar ded to Swi tches 3[...]

9-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Using the VLA N Trunking Pro tocol T o configure V TP pruning on an interfa ce, use the switchport trunk pruning vlan interf ace config urat ion comm an d (see th e “Changi ng the Prun ing-E li gible List” sec tion o n page 9-[...]

9-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Using the V LAN Trunki ng Proto col Passwords Y ou can configure a passwor d for the VTP domain, but it is not required. If you do config ure a domain password , all do main sw itch es mu st sha re t he sa me p asswor d and yo u[...]

9-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Using the VLA N Trunking Pro tocol Configuring a VTP Server When a switc h is in VT P server mo de, you can cha nge the V L AN conf igurat i on and hav e it prop ag ated through out the ne twork. Beginning in privileged EXEC mode[...]

9-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Using the V LAN Trunki ng Proto col Configuring a VT P Client When a swi tch is i n V TP cl ie nt m ode, yo u ca nno t c hange its VL AN conf igur ation. T he c li ent sw itch receive s VTP updat es from a VTP server i n the VT[...]

9-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Using the VLA N Trunking Pro tocol T o return the switch to VTP ser ver mode, use the no vtp transparent VLAN configur ation command. Enabling VTP Version 2 VTP version 2 is disabled by defa ult on VTP versio n 2-c apabl e switch[...]

9-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Using the V LAN Trunki ng Proto col Enabling VTP Pruning Pruning inc reases avail able bandwi dth by restri cting flood ed traffic to those tr unk links that the traffic must use to access the de stination devi ces. Y ou ena bl[...]

9-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Using the VLA N Trunking Pro tocol This is an example of ou tput from the show vtp status privile ged EXEC comma nd: Switch# show vtp status VTP Version : 2 Configuration Revision : 5 Maximum VLANs supported locally : 1005 Number[...]

9-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns VLANs i n the VT P Dat a base VLANs in the VTP Database Y ou can set the se parameter s when you create a ne w VLAN or modify an existing VLAN in the VTP database: • VLAN ID • VLAN name • VLAN type (Ether net, Fiber Distr[...]

9-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs VLANs in the VTP Databa se VLAN Configuration Guidelines Follow the se g uide lines w hen c rea ting and m odif ying V LANs in yo ur ne two rk: • The Ca talyst 3550 sw itc h su ppo rts 1 005 VL ANs in VT P c lient, serv er, and[...]

9-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns VLANs i n the VT P Dat a base Configuring VLANs in the VTP Database Y ou ca n a dd, mo dify or rem ove VL AN co nfig ura tions in t he VT P dat aba se by us ing t h e CLI V LA N config urat ion mod e. VT P g loba lly propa gat [...]

9-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs VLANs in the VTP Databa se This e xampl e sh ow s how to a dd Et hern et V LAN 20 to the VL AN data base and name it te st 20 : Switch# vlan database Switch(vlan)# vlan 20 name test20 Switch(vlan)# exit APPLY completed. Exiting..[...]

9-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns VLANs i n the VT P Dat a base Cautio n When y ou de lete a VL AN, any port s assigned to th at VLAN b ecome inact ive. Th ey rem ain associate d with the VLAN (and thus inactive) until you assign them to a new VLAN. Beginning i[...]

9-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs VLANs in the VTP Databa se T o return an interface to its def ault config uration, us e the def ault interfac e interface-id interface config urati on comm and. This exam ple shows how to con figure Gi gabit Eth ernet inte rface [...]

9-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns VLANs i n the VT P Dat a base Displaying VLANs in the VTP Database Use the show vlan privileged EXEC comman d to display a list of VLANs in the database, inclu ding status , por ts, and c onfi gur ation : Switch# show vlan VLAN[...]

9-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan ding VLAN Trunks Understandin g VLAN Trunks These sec tions descr ibe how VLAN trunks func tion on the swi tch: • T r unk ing Over vie w , pa ge 9 -22 • Encapsu lation T ypes, pa ge 9-23 • Defau lt Layer 2 Et her[...]

9-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rsta ndi n g VL AN Tr unk s Note DTP i s a point-t o-poin t protocol. Howev er , som e interne twork ing devic es might fo rward DT P frames improp erly . T o avoid this, ensure tha t interf aces conn ected to de vices tha[...]

9-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan ding VLAN Trunks 802.1Q Configuration Considerations 802.1Q t runks impos e these li mitati ons on the trunki ng strate gy for a networ k: • In a netwo rk of Cisco sw itches c onnec ted throu gh 802. 1Q trunks, t he [...]

9-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rsta ndi n g VL AN Tr unk s Configuring a n Ethern et Interface as a Trunk P ort Because tru nk p orts se nd and re c eive V T P adv ert isem en ts , yo u must en sure t hat at le as t one trun k po rt is configured on the[...]

9-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan ding VLAN Trunks T o return an interface to its def ault config uration, us e the def ault interface interface-id interface conf iguration command. T o re set all trunk ing char acteri stics of a tru nking inte rface t[...]

9-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rsta ndi n g VL AN Tr unk s In this example, the enc apsulation metho d is ISL: Switch# show interfaces gigabitethernet0/4 trunk Port Mode Encapsulation Status Native vlan Gi0/4 desirable n-isl trunking 1 Port Vlans allowe[...]

9-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan ding VLAN Trunks T o retur n to the default allow ed VLAN list of all VLANs, use the no switchport trunk allowed vlan interfac e config uration comm and. This exa mple shows how to rem ove VL AN 2 fr om the allow ed VL[...]

9-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rsta ndi n g VL AN Tr unk s T o r eturn to the def ault pruning-elig ible list of al l VLANs, use the no switchport trunk pruning vlan interfac e config uration comm and. Configuring the Native VLAN for Untagged Traff ic A[...]

9-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan ding VLAN Trunks Load Sharing Using STP Port Priorities When two ports on th e same switch form a lo op, the STP port pr iority setting dete r mines which port is enabled an d which port is in a blocking state. Y ou ca[...]

9-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rsta ndi n g VL AN Tr unk s Step 6 show vlan V erify tha t the VLANs exist in the database on Switch 1. Step 7 configur e terminal En ter glob al confi gurat ion mode. Step 8 interface gigabit ethernet 0/ 1 Ent er in terf [...]

9-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan ding VLAN Trunks Load Sha ring Using STP Pa th Cost Y ou can conf igure parallel tru nks to shar e VLAN traf fic by setti ng differ ent path costs on a trun k and associ ating the path co sts with di ffe r ent sets of [...]

9-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rs tan ding VM PS Understandin g VMPS The Catalyst 3550 switch act s as a client to the VMPS and communicates with it thr ough the VLAN Query Pro tocol (VQP). When the VMPS rec eives a VQP requ est from a client switch, it[...]

9-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan din g VMPS If the switc h receiv es an acc ess- denied response f rom the VMPS, it continue s to block traff ic from the MAC a ddress t o or fr om the po rt. Th e switc h conti nues to m onitor t he p acke ts d i rect [...]

9-35 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rs tan ding VM PS This exa m ple sh ows a exam pl e of a VM PS da taba se c onfi gurat ion fil e as i t ap pear s on a Cat alyst 6000 serie s switch. The fil e has these char acteristic s: • The se curit y mode is op en [...]

9-36 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan din g VMPS ! vmps-vlan-group Engineering vlan-name hardware vlan-name software ! ! !VLAN port Policies ! !vmps-port-policies {vlan-name <vlan_name> | vlan-group <group-name> } ! { port-group <group-name&[...]

9-37 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rs tan ding VM PS Default VMPS Configuration Ta b l e 9 - 9 shows the default V MPS and dynami c port co nfigura tion on clie nt switches . Configuring a n Inte rface as a L ayer 2 Dyna mic Access P ort Y ou co nfi gure dy[...]

9-38 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan din g VMPS This i s a n exam pl e o f out put for th e show v mps privil eged EXE C comm and, used to verify th e VMPS server IP address. Switch# show vmps VQP Client Status: -------------------- VMPS VQP Version: 1 Re[...]

9-39 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rs tan ding VM PS Reconfirming VLAN Memberships Beginning in privileged EXEC mode, f ollow these step s to confirm t he dynamic po rt VLAN member ship assignments th at the switch has rec eived from t h e VMPS: Changing th[...]

9-40 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan din g VMPS Administering an d Monitoring the VMP S Y ou can display in formation ab out the VMPS by using the show vmps privilege d EXEC command . The switch displays this information about the VMPS: Troublesho oting D[...]

9-41 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintai nin g VLA Ns Unde rs tan ding VM PS Figur e 9-7 Dynamic P ort VLAN Member ship Configur ation Primar y VMPS Ser ver 1 Catalyst 6000 series Secondar y VMPS Ser ver 2 Catalyst 6000 series Secondar y VMPS Ser ver 3 172.20.26.150 172.20.26.151 [...]

9-42 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 9 Creating and Maintaining VLANs Unders tan din g VMPS[...]

C HAPTER 10-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 10 Configuring STP This c hapt er d escrib es how to c on figur e the Spa nn ing Tree Protocol (ST P) o n y our sw it ch. Note For complete synta x and usage informati on for the comman ds used in thi s chapter , refe r to the Catalyst 3550 Multilaye r Switch C[...]

10-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g B asic STP Featur es For infor mation a bout a dvanced STP feat ures, se e the “ Unders tanding A dvanced ST P Featur es” section on page 1 0-10 and the “Conf iguring Ad vanced STP Featu res” sect ion on page 10-32 . S[...]

10-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Understa nding Basi c STP Features Multipl e active paths am ong end sta tions cause l oops in th e netwo rk. If a loop exists in the networ k, end stations might receive duplicat e messa ges. Switche s might a lso learn end- station MA C add r[...]

10-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g B asic STP Featur es • The rem oval of loo ps in the switche d network b y blocki ng Laye r 2 inte rface s connecte d to redu ndant links For each VLAN, the switch with the highest switch prior ity (the lowest numerical p ri[...]

10-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Understa nding Basi c STP Features STP Timers T able 10-2 desc ribes the STP t imers that affec t the entir e spanning -tree performa nce. Creating the S TP Topolog y In Figure 10 -1 , Switch A is elected as the root swit ch because the switch [...]

10-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g B asic STP Featur es STP Interfa ce States Propag ation de la ys ca n occur wh en pr otoc ol inf or mat ion p ass es thro ugh a sw it ched L AN. A s a resul t, topolo gy cha nges c an take pl ace at di fferen t ti mes a nd a t[...]

10-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Understa nding Basi c STP Features When th e spa nnin g-t ree a lgorith m p laces a L ayer 2 inte rfac e in the forw ardin g sta te, this proce ss o ccur s: 1. The Laye r 2 interfac e is in the liste ning state whi le spanning t ree waits for p[...]

10-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g B asic STP Featur es • Learns addr esses • Receives BPDUs Forwarding State A Laye r 2 inte rface in the forwar ding sta te for ward s fram es. Th e Laye r 2 inte rfac e ente rs the f orwa rding state fr om the learning s t[...]

10-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Understa nding Basi c STP Features However , all PVST+ informatio n is main tained by Cisco switches se parated by a cloud of non-C isco 802.1Q s witches . The non-Cis co 802. 1Q cloud separating the Cisco sw itches i s treat ed as a single tru[...]

10-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g Advance d STP Feature s Accelerated Aging to Retain Connectivity The default for aging dynamic a ddresses is 5 m inutes, th e default se tting of the mac-addr ess-table aging-time g lo bal conf igur ati on comm an d. H ow eve[...]

10-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Underst anding Advan ced STP Features Figur e 1 0-4 Po rt F ast-Enabled P or ts Understanding BPDU Guard When th e BPDU guard featur e is enabled on the switch, STP sh uts do wn Port Fast-e nabled interf aces that rece ive BPDUs rather than pu[...]

10-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g Advance d STP Feature s Understanding UplinkFast Switches i n hiera rchi cal ne twor ks ca n be g rou ped i nto bac kbo ne swi tch es, d istri bution sw itche s, a nd access switches. Figure 10-5 show s a compl ex networ k wh[...]

10-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Underst anding Advan ced STP Features Figur e 1 0-6 UplinkF ast Exam ple Befor e Dir ect Link F ailure If Switch C detects a link failur e on the currently activ e link L2 on the root port (a d ir ect link fa ilure), UplinkFas t unblocks the b[...]

10-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g Advance d STP Feature s How CSUF Work s CSUF ensures that one link in the stack is elected as the path to the root. As shown in Figu re 10-8 , Switche s A, B, and C are cascaded th rough the G igaStack GB IC to form a mu ltid[...]

10-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Underst anding Advan ced STP Features The switch sending the fa st-transition request n eeds to do a fast transition to the forwardin g state of a port that it ha s chosen as the root por t, and it mus t obtain an acknowl edgeme nt from ea ch [...]

10-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g Advance d STP Feature s Limitations These lim itations ap ply to CSUF: • CSUF uses t he G igaStack G BI C and ru ns on al l C atal yst 3 550 swit ches, a ll Catalyst 3500 XL switches, bu t on ly on m odu lar Cat alys t 290 [...]

10-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Underst anding Advan ced STP Features Figur e 1 0-9 GigaStac k GBIC Connections and S TP Conv erg ence SPEED SYSTEM RPS STATUS MODE UTIL DUPLX 2 Catalyst 3500 XL 1 1 2 SPEED SYSTEM RPS STATUS UTIL DUPLX 2 Catalyst 3500 XL 1 1 2 MODE 1x 2x 3x 4[...]

10-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g Advance d STP Feature s Understand ing Back boneF ast Backbon eFa st i s sta rte d whe n a root po rt or blo ck ed por t on a swi tch rece iv es i nf erior BPD Us fr om it s designat ed br idge . An infe rior BPD U id en tif [...]

10-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Underst anding Advan ced STP Features switch ov er t akes approx im ate ly 30 seconds, twi ce the Forw ar d Dela y time if t he def ault Forward Del ay time of 15 seconds is set. Figure 10-11 shows how Ba ckbon eFas t r econ figur es the topo [...]

10-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Unders tan din g Advance d STP Feature s Unders tanding Root Gu ar d The La ye r 2 ne two rk of a se rvic e pr ovid er (SP) ca n in cl ud e ma ny conn ec ti ons t o swi tc hes tha t a re n ot owned by the SP . In suc h a topology , STP can re[...]

10-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi guring Basi c STP Features Configuring Basic STP Features These sect ions incl u de ba sic ST P c onfi gurat ion info rm ati on: • Default STP Con figurati on, page 10-21 • Dis abling ST P , page 10-22 • Configuri ng the Ro ot Swit[...]

10-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Basi c STP F eatures Disabling STP STP is enabled by defa ult on VLAN 1 and o n all newly cr eated VLANs up to the spann ing-tree limit specified in T able 10-3 . Disa ble STP on l y if you ar e sure th ere a re no loo ps in t he[...]

10-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi guring Basi c STP Features T o c o nfigu r e a swi tch to become the root, use t he spanni ng-tr e e vlan vlan-id roo t global confi gurat ion command t o modify the swit ch priority from th e default v alue (32768) to a significantly lo[...]

10-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Basi c STP F eatures Beginn ing in privileged EXEC mode, fo llow these step s to configure a switch as the ro ot switch: T o return the switch to i ts default setting, u se the no spanning-tree vlan vlan-id root global config ura[...]

10-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi guring Basi c STP Features Beginn ing in privileged EXEC mode, fo llow these st eps to config ure a switch as the secondary root switch: T o return the switch to i ts default setting, u se the no spanning-tree vlan vlan-id root global co[...]

10-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Basi c STP F eatures Configuring STP Port Priority If a loop occ urs, STP uses the por t priorit y when select ing an interf ace to put into th e forwardin g state. Y ou can assign h ighe r prior ity valu es (l ower nu meric al v[...]

10-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi guring Basi c STP Features Configuring STP Path Cost The STP pat h cost default value is derive d from the media speed of an interfa ce. If a loop occ urs, STP uses cos t when sele ctin g an inter fa ce to put in the forwa r ding sta te.[...]

10-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Basi c STP F eatures Configuring the Switch Priority of a VLAN Y ou can conf igure the switch priority and ma ke it more likely th at the switch will b e chosen as the r oot switch. Note Ex ercise care when usi ng this co mmand .[...]

10-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi guring Basi c STP Features Configuring the Hello Time Y ou ca n conf igure the inte rval betwe e n the ge nera ti on of con fig ura tio n messag es by the ro ot switc h by changi ng the ST P h ello tim e. Note Ex ercise care when usi ng [...]

10-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Basi c STP F eatures T o return the switch to i ts default setting, u se the no spanning-tree vlan vlan-id forw ard -time globa l config urati on comm and. Configuring the Maximum- Aging Time for a VLAN Beginnin g in privil eg ed[...]

10-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi guring Basi c STP Features Figur e 1 0-14 Gig abi t Ether net Stack Displaying S TP Statu s T o di splay the curren t STP status, u se one or mo re of the priv ileged EXE C commands i n T able 10-5 : For inform atio n about othe r keywor[...]

10-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Advan ced STP Fe atures Configuring Advan ced STP Features These se ctions inc lude advan ced STP configurat ion inform ation: • Configuri ng Port Fast, pag e 10-32 • Configur ing BPDU Guard , page 10-33 • Configur ing Upl [...]

10-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi g uri ng Adv anc ed S TP F ea ture s Configuring BPDU Guard When th e BPDU guard featur e is enabled on the switch, STP sh uts do wn Port Fast-e nabled interf aces that rece ive BPDUs rather than putt ing them into the blocking state . C[...]

10-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Advan ced STP Fe atures Configuring UplinkFast for Use with Redundant Links UplinkFast in creases the switch prior ity to 49152 and adds 3000 to the STP path cost only if the port used the default path cost before you enabled Upl[...]

10-35 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi g uri ng Adv anc ed S TP F ea ture s Configuring C ross-Stac k UplinkF ast Before ena blin g CSU F , make su re your st ack swi tches ar e pr ope rly conn ec ted . For mo re i nf ormat ion , see th e “ Connec ti ng t he Stac k Port s ?[...]

10-36 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Advan ced STP Fe atures Configurin g Backbon eFast Y ou can enable Back boneFast to detect indi rect link failures an d to start the spanning-tree reconf igurat ion sooner . Note If you use Bac kbon eFast , yo u m ust e nabl e i [...]

10-37 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Confi g uri ng Adv anc ed S TP F ea ture s Enabling E therChan nel Gua rd Use th e Ethe rChan nel gua rd fea ture t o dete ct a misconf igured EtherC hannel when Ca talyst 3550 sw itch interf aces are co nfigure d as an Ethe rChann el while in[...]

10-38 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 10 Configuring STP Configur ing Advan ced STP Fe atures[...]

C HAPTER 11-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 11 Configuring IGMP Sno oping an d MVR This chapt er descr ibes how to configur e Interne t Group Ma nageme nt Protocol (IGMP) sno oping on yo ur switch, i ncluding an app lica tion of l ocal IGMP sn oopin g, Mul ticast V LAN Regi strati on (MV R). It also incl[...]

11-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Unders tan ding IGM P Snoo ping the switc h adds the host port numb er to the for warding table en try; when i t receives an IGMP Leave Group me ssage from a ho st, it remov es the host port from the tab le entry . It al so p[...]

11-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Understanding IGMP Snooping Figur e 1 1 -1 Initial IGMP J oin Messag e Router A se nds a gener al query t o the switch , which for wards t he query to po rts 2 thro ugh 5, al l members of the same VLAN. Ho st 1 wants to join[...]

11-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Unders tan ding IGM P Snoo ping Figur e 1 1 -2 Secon d Host Joi ning a Multic ast Gr oup Leaving a Multicast Group The ro uter sends peri odic mu lticast ge neral queries an d the switch for war ds these queri es throug h all[...]

11-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Note Y o u sh ould on ly us e t he Im me dia te- Lea ve pr ocessi ng fea tur e on V LAN s w here a si ngle h ost is conn ected to each po rt. If Immedia te Leave is enabled in VLANs where more than [...]

11-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Configuring IG MP Sn ooping Begin ning in privil eged EXEC mode , follow thes e steps to gl obally en able IGMP sno oping on the switch: T o global ly disa ble I GMP snoo ping on all V LAN i nte rf ace s, use t he no ip igmp [...]

11-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Beginning in p rivile ge d EXEC m ode, foll o w these steps to alte r the m etho d i n whic h a VLAN interface dynamically accesses a multicast router : This exampl e shows how to configure IGMP sno[...]

11-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Configuring IG MP Sn ooping T o re move a multicast rou ter port from the VLA N, use the no ip igmp snooping vlan v lan-id mrouter interface inte rfa ce-id global config urat ion comma nd. This exa mple shows how to enable a [...]

11-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information Enabling IGM P Immediate -Leave Process ing When yo u enable IGMP Im mediate- Leave pr ocessin g, the switch immediate ly removes a po rt when it detects an IGM P version 2 leave message [...]

11-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Displaying IG MP Sn ooping Informa tion This i s an exam ple of output from the sho w ip igmp snooping privil eged E XEC comman d for all VLAN interfac es on the switch: Switch# show ip igmp snooping vlan 1 ---------- IGMP s[...]

11-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information This i s an exa mple of output f rom the show ip igmp snooping privileg ed EXEC com mand for a s pecific VLAN interfa ce: Switch# show ip igmp snooping vlan 1 vlan 1 ---------- IGMP snoo[...]

11-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Unde rs ta n din g Mu ltic as t V LAN Reg i stra t io n Understandin g Multicast VL AN Registrati on Multica st VLA N R eg istrat ion (MV R) is d es ig ned f or appl ic ations usi n g wi de-sc al e de ploym en t of multic as[...]

11-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Underst anding Multicast VLAN Registration When a subscr iber chan ges chan nels or turns off the tele vision, th e set-top box sends an IGMP lea ve message f or the mu ltic ast stre am. Th e swi tch CPU se nds a n IGM P gr[...]

11-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Conf igurin g MVR MVR elimi nates the need to duplica te televisio n-channel multi cast traf fic for subscr ibers in each VLAN. Multicast traffic for all channels is only sent around the VLAN tr unk once — only on the mult[...]

11-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Configuring MVR Default MVR Configuration T able 1 1-5 sh ows the d efaul t M VR c onfi gurat ion . Configurin g MVR Glob al Para meters Y ou do no t need to se t the opt ional MV R pa ramet ers if you choose t o use the de[...]

11-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Conf igurin g MVR T o ret urn th e switch to its defa ult sett ings, use th e no mvr [ mode | group i p-address | querytime | vl an ] global configu ratio n command s. This exam ple shows ho w to enable MVR, configur e the M[...]

11-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Configuring MVR T o retu rn the interface to its default settings, use the no mvr [ type | immediate | vlan vlan -id | group ] interfac e configurati o n commands. This e xampl e sh ow s ho w to c onf igure Gig ab it Ethern[...]

11-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Disp l ay in g MV R Info rma t ion This is an example of ou tput from the show mv r interf ace priv ileged EXEC comma nd when the member keywo rd i s inc lude d: Switch# show mvr interface gigabitethernet0/6 member 239.255.0[...]

11-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Displaying MVR Information This is an example of ou tput from the show mv r interfa ce priv ile ged EX EC comma nd: Switch# show mvr interface Port Type Status Immediate Leave ---- ---- ------- --------------- Gi0/1 SOURCE [...]

11-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Conf igurin g IGM P Filt ering Configuring IGMP Fil teri ng In some environme nts, for examp le metropolitan or multiple-dwelli ng unit (MDU) installati o ns, an administr ator might want to control th e set of multicast gro[...]

11-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Con f ig u ri n g IG M P Fi lte r in g Beginn ing in privileged EXEC mode, fo llow these s teps to creat e an IGMP profil e: T o delete a profile, u se the no ip igmp pr ofile pr ofile number glo b al conf igurat ion comman[...]

11-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Conf igurin g IGM P Filt ering Applying IGMP P rofil es T o contro l acces s as de fine d in an I GMP pro file, u se the ip igmp filter interf ace c onfigur ation com mand to appl y the profi le to the ap propri ate in terfa[...]

11-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Sno oping and M VR Con f ig u ri n g IG M P Fi lte r in g Setting th e Maximum Numbe r of IGMP Groups Y ou c an set the maxim um num ber of IG MP gr oups th at a La yer 2 i nterfa ce can j oin. U se the no form of this comman d to set t h e m[...]

11-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 11 Configuring IGMP Snooping and MVR Displaying IGMP Filterin g Configura ti on Displaying IGMP Filtering Configuration Y ou can d isplay IGMP prof ile char acter istics, and you can display the IGMP profile a nd maximu m group configu ration for all interf ace[...]

C HAPTER 12-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 12 Configuring Port-Base d Traffic Control This cha pter describ es how to con figure the port-base d traffic contr ol feature s on your swit ch. Note For complete synta x and usage informati on for the comman ds used in thi s chapter , refe r to the Catalyst 3[...]

12-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port-Based Traffic Contr o l Configuring Stor m Control Note When the rate of multicast traf fic exceeds a se t threshold, all incoming traff ic (broadcast, multicast, and unicast) is dropped until the lev el drops below the threshold level . Only[...]

12-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port -Based Tra ffic Control Configuring Storm Control Note Be for e IO S Release 12.1(8)E A1, you se t up stor m c ontrol th reshold val ues by using t he switchport broadcast , switc hport multicast , and switchport unicast inte rface conf igurat[...]

12-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port-Based Traffic Contr o l Configuring Stor m Control T o disa bl e stor m con tro l, us e the no storm-control broadcast level , no storm-contr ol multicast level , or no storm-contro l unicast level int erf ac e c onf igur ati on comm an ds. T[...]

12-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port -Based Tra ffic Control Configuring Protected Ports Configuring Prote cted Ports Some appl ications re quire tha t no traffic be forward ed betw een port s on the same switch so that on e neighb or does not see the traffic gene rated by anothe[...]

12-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port-Based Traffic Contr o l Configur ing Port Blocking This e xa mple sh ows h ow to c onfig ure Gig abi t Ethe rn et int erfa ce 0 / 3 as a pro tec ted po rt a nd v erif y the config urati on: Switch# configure terminal Switch(config)# interface[...]

12-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port -Based Tra ffic Control Configuring Port Blocking T o r etur n t he inter fa ce t o the defa ult co nditi on wher e n o tr af fic is blocked, use th e no switchport block { multicast | unicast } interf ace configur ation co mmands. This exam p[...]

12-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port-Based Traffic Contr o l Configuring Port Security Configuring Po rt Security Y ou can use the port securi ty feature to restrict in put to an interface by limitin g and identifying MAC addresses o f the stations allowed to access the por t. W[...]

12-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port -Based Tra ffic Control Confi guring Port Security Default Port Security Configuration T able 12-1 sh ows t he de faul t po rt se curi ty conf igura ti on fo r a n inter fac e. Configuration Guidelines Follow these guideli n es when configurin[...]

12-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port-Based Traffic Contr o l Configuring Port Security T o r eturn the inte rface to the de fault co ndition as not a secur e port, u se the no switchport port -security interfac e config uration comm and. T o return t he i nte rfa ce to t he de [...]

12-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port -Based Tra ffic Control Displayin g Port-Based Tr affic Contr ol Settings This e xampl e sh ow s how to c onfig ure a secu re MAC a ddres s on Fa st E the rnet port 12 an d v eri fy the config urati on. Switch# configure terminal Enter config[...]

12-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port-Based Traffic Contr o l Displaying Port-Base d Traffic Co ntrol Settings This is a an exam ple of output from the sho w inte rfac es swi tchp ort p rivi le ged E XEC c omm and: Switch# show interfaces gigabitethernet0/1 switchport Name: Gi0/[...]

12-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port -Based Tra ffic Control Displayin g Port-Based Tr affic Contr ol Settings This is an example of ou tput from the show storm-control command wh en no keyw ords are e ntered . Because no traffic type key word was ent ered, the br oadcast storm [...]

12-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 12 Configuring Port-Based Traffic Contr o l Displaying Port-Base d Traffic Co ntrol Settings[...]

C HAPTER 13-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 13 Configuring CDP This c hapt er d escrib es how to c on figur e Ci sco D isc overy Pr otocol (C DP) on you r switch. Note For complete synta x and usage informati on for the comman ds used in thi s chapter , refe r to the Catalyst 3550 Multilaye r Switch Comm[...]

13-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapte r 13 Co nfigu ring CD P Conf igurin g CDP Configuring CDP These sec tions incl ude CDP con figura tion infor mation an d procedur es: • Default CDP Co nfig urat ion, page 13- 2 • Configuri ng the CDP Characte ristics , page 13-2 • Dis ablin g and Ena bling [...]

13-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 13 Configuring CDP C onfiguring CDP Use the no form of th e CDP com mands to return t o the de fault set tings. This exam ple shows ho w to configu re and verif y CDP charact eristics. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp ho[...]

13-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapte r 13 Co nfigu ring CD P Conf igurin g CDP This e xample sh ows h ow t o e nabl e CDP i f i t ha s be en disabl ed. Switch# configure terminal Switch(config)# cdp run Switch(config)# end Disabling an d Enab ling CDP on a n Interfac e CDP is enab led by defaul t on[...]

13-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 13 Configuring CDP Monitoring and Maintaining CDP Monitoring and Maintaining CDP T o monitor and ma inta in C DP on yo ur de vice, perf or m one o r more of thes e t asks, be ginn ing in privile ged EXE C mode. These are ex ample s of output s from t he CDP show [...]

13-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapte r 13 Co nfigu ring CD P Monito rin g and Mai nt aining CDP Switch# show cdp entry * ------------------------- Device ID: Switch Entry address(es): IP address: 10.1.1.66 Platform: cisco WS-C3550-12T, Capabilities: Switch IGMP Interface: GigabitEthernet0/2, Port ID[...]

13-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 13 Configuring CDP Monitoring and Maintaining CDP Switch# show cdp interface GigabitEthernet0/1 is up, line protocol is up Encapsulation ARPA Sending CDP packets every 60 seconds Holdtime is 180 seconds GigabitEthernet0/2 is up, line protocol is down Encapsulatio[...]

13-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapte r 13 Co nfigu ring CD P Monito rin g and Mai nt aining CDP[...]

C HAPTER 14-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 14 Configuring UDLD This c hap ter d esc rib es how to c on figur e the UniD ire ction al Li nk De tect ion ( UDL D) pro toc ol on y our switch. Note For complete synta x and usage informati on for the comman ds used in thi s chapter , refe r to the Catalyst 35[...]

14-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 14 Configuring UDLD Unders tan ding UDL D UDLD oper ates by us ing two mech anisms: • Neighbor datab ase maintenance UDLD l ear ns ab out othe r UDL D-c apabl e n eigh bor s b y p eri odic ally se nding a hel lo pa cket (also called an adver tisement or probe [...]

14-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 14 Configuring UD LD Configur ing UDLD Configuring UDLD This se cti on de sc ribes how to c onfi gure U DLD on y our swi tch . It con tai ns this conf igur ati on inform ation: • Default UDL D Co nfig ura ti on, pa ge 14- 3 • Ena bling UDLD Gl obally , page 1[...]

14-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 14 Configuring UDLD Conf igurin g UDLD T o disable UDL D global ly on fiber-opt ic interfa ces, use th e no udld enable gl obal con figur ati on comm and. Enabling UDL D on an Inte rface Beginning in privileged EXEC mode, fo llow these steps to enable UDL D o n [...]

14-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 14 Configuring UD LD Displaying UDLD Status Displaying UDLD Status T o di splay the UDLD status for the specified interf ace or for all interfac es, use the show udld [ interface-id ] privi leged E XEC command .[...]

14-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 14 Configuring UDLD Displa ying U DLD Statu s[...]

C HAPTER 15-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 15 Configuring SPAN This chapte r descr ibes how t o conf igure Swit ch Port Anal yzer (SP AN) o n your switch . Note For complete synta x and usage informati on for the comman ds used in thi s chapter , refe r to the Catalyst 3550 Multilaye r Switch Command Re[...]

15-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SP AN Unders tan din g SPA N Figur e 15-1 Example SP AN Conf iguration Only tr affic th at en ter s or leav es sou rce por ts or tr affic th at en ters sourc e VLAN s can be mo nit ored by using SP AN; traffic th at get s routed to ingr ess sou rc[...]

15-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SPAN Understa nding SPAN Y ou can co nfigure SP AN sessio ns on disabl ed ports ; howev er , a SP A N session do es not beco me active unless you ena ble the destina tion por t and at l east one source port or VLA N for t hat session. The sho w mon[...]

15-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SP AN Unders tan din g SPA N Source Port A source port (also ca lled a monitored port ) is a swit ched or rout ed por t t hat you mon ito r fo r ne tw ork traf fic analys is. In a single SP AN sessi on, you can mo nitor sourc e port traf fic such [...]

15-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SPAN Understa nding SPAN VLAN-Based SPAN VLAN-ba sed SP AN (VSP AN) is th e anal ysis of the n etw ork t raffic in on e or m ore VL ANs. Y ou can configur e VSP AN to monitor only received (Rx) traf fic, which applies to all the ports for that VLAN[...]

15-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SP AN Configuring SPAN • VLAN and trunk ing — Y ou can modi fy VLA N member ship or trun k settings fo r source and destinatio n ports at any time. However , changes in VLAN membersh ip or trunk settings for a destinati on port do not take e f[...]

15-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SPAN Configuring SPAN Default SPAN Configuration T able 15-1 sh ows the default SP AN configuration. This release supp orts only local SP AN; remote SP AN (RSP AN) is not supported. SPAN Configuration Guidelines Follow thes e guideline s when confi[...]

15-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SP AN Configuring SPAN • The no monitor session session_ number global con figur ation c om mand remo ve s a so urce or destinati on port f rom th e SP AN session or remo ve s a sourc e VLAN fro m the SP AN session. I f you do not sp ecify any o[...]

15-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SPAN Configuring SPAN T o remove the ent ire SP AN session , use the no monitor session sessio n_numbe r globa l c onfig urat ion comman d. T o remove a sou rce or desti nation port from the SP AN session , use the no mo nitor session session_num b[...]

15-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SP AN Configuring SPAN Removin g Ports from a SPAN S ession Begi nning in pr ivile ged EXEC mo de, follow thes e step s to r emove a por t as a SP AN s ource for a sessio n: T o remove a dest inat ion po rt f rom th e SP AN session, us e t he no [...]

15-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SPAN Configuring SPAN This e xampl e sh ow s how to di sable re ceiv ed tra ffic moni tor ing o n por t 1, whi ch was co nfigu re d for bidirec tional mo nitorin g: Switch(config)# no monitor session 1 source interface gigabitethernet0/1 rx The mo[...]

15-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SP AN Configuring SPAN This ex ample shows how to c lear any existin g configur ation on SP AN session 2, config ure SP AN session 2 to monitor receive d traff ic on all ports belonging to VLANs 1 through 3, and sen d it to destination port 7. Th[...]

15-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SPAN Displaying S PAN Status T o monitor al l VLANs on th e trunk por t, use the no monitor session session_nu mber filter global config urati on comm and. This ex ample shows how to c lear any existin g configur ation on SP AN session 2, config u[...]

15-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 15 Configuring SP AN Displaying SPAN Status[...]

C HAPTER 16-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 16 Configuring RMON This cha pter describ es how to confi gure Remo te Network Monitor ing (RMON ) on your switc h. Note For complete syntax and usage inf ormation fo r the command s used in this ch apter , refer to the Cisco IOS Config uration Fundamen tals Co[...]

16-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 16 Configuring RMON Conf iguring R MON Figur e 1 6-1 Remote Mo nito r ing Exam ple The switc h supports t hese RMO N groups (define d in RFC 1757): • Statistics (RMON gro up 1) — C ollects Et h ernet, Fast Ether net, and G igabit Ether net statisti cs on an [...]

16-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 16 Configuring RMO N Confi guring RMON Default RMON Configuration RMON is di sabled by default; no alarms or eve nts are co nfigured. Only RMON 1 is supp orted on the switch. Configuring R MON Alarms a nd Events Y ou can con figure yo ur switch for RMO N by using[...]

16-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 16 Configuring RMON Conf iguring R MON T o d isable an alarm, use th e no rmon alarm nu mber g l obal co nfigu ra tion c omma nd o n eac h alar m you config ure d. Y ou cann ot d is able at o nce all the a larm s th at you c onf igure d. T o di sabl e a n e vent[...]

16-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 16 Configuring RMO N Confi guring RMON Configuring RMON Collection on an Interface Y ou must fir st config ure RMON ala rms and e vents to displa y colle ction informa tion. Beginning in privil eged EXEC mode, follow these steps to collect group histor y statisti[...]

16-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 16 Configuring RMON Displa ying RM ON Status T o disable the collect io n of gr oup Ether net statistics, u se the n o rm on c ol le ct io n st ats inde x interface config urati on comm and. Displaying RMON Status T o displ ay th e RMON st atus, u se one or more[...]

C HAPTER 17-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 17 Configuring System Message Logg ing This chapt er describ es how to configur e system messa ge logging on yo ur switch. Note For complete syntax and usage inf ormation fo r the command s used in this ch apter , refer to the Cisco IOS Config uration Fundamen [...]

17-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configur ing System Message Logg ing Configur ing System Mes sage Logg ing Configuring Sy stem Me ssage Logging This se cti on de sc ribes how to c onfi gure syst em messag e logg ing. I t co nta ins this co nfi gura ti on inform ation: • Syst em Lo g Mess [...]

17-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configuring Sys tem Messa ge Loggin g Config uring Syst em Message Logging This exam ple shows a partia l switch syste m message: 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 00:00:47: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, cha[...]

17-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configur ing System Message Logg ing Configur ing System Mes sage Logg ing Disabling an d Enab ling Me ssage Lo gging Message l ogging is enab led by defa ult. It must be enable d to sen d mes sages to any destin ation other than the conso le. Wh en ena ble d[...]

17-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configuring Sys tem Messa ge Loggin g Config uring Syst em Message Logging The log ging buffer ed global c onfigura tion com mand copi es logg ing messa ges to an int ernal buffer . The buffer is ci rcula r, so newer m essage s overw rite o lder messa ges af t[...]

17-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configur ing System Message Logg ing Configur ing System Mes sage Logg ing Synchronizing Log M essages Y ou can c onfigu re the sy stem to synch ronize un solicited messages and debug privileged EXEC comman d outpu t with solic ited devi ce output and prompts[...]

17-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configuring Sys tem Messa ge Loggin g Config uring Syst em Message Logging T o disable synchroni zation of unsol icited messages a nd debu g out put, us e the no logging synchronous [ level sever ity- lev el | all ] [ limit number -of-buf fers ] l ine conf igu[...]

17-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configur ing System Message Logg ing Configur ing System Mes sage Logg ing Enabling a nd Disab ling Seq uence Numb ers in Lo g Messa ges Becau se the re is a chan ce th at m ore than o ne l og messa ge c an h ave the same ti me stamp, yo u ca n d isplay messa[...]

17-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configuring Sys tem Messa ge Loggin g Config uring Syst em Message Logging Note Spe cifying a level causes messages at th at level and numerical ly lower levels to be displa yed at the destination. T o disable lo gging to the co nsole , use the no logging cons[...]

17-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configur ing System Message Logg ing Configur ing System Mes sage Logg ing Limiting Syslog Messages Sent to the History Table and to SNMP If you ha ve en ab led sysl og m essag e tr aps to be se nt to a n SN MP netw or k man ag ement s tation b y usi n g the[...]

17-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configuring Sys tem Messa ge Loggin g Config uring Syst em Message Logging Logging Messages to a UNIX Syslog Daemo n Before yo u ca n send system log m essages to a UNIX syslog serve r , you m ust co nfigure the syslog daemon on a UNIX ser ver . Log in as roo[...]

17-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 17 Configur ing System Message Logg ing Display ing the Log gi ng Configur ation T o remove a syslog serv er , use the no l ogging ho st global co nfigura tion co mman d, and spe cify the syslog serv er IP a ddress. T o disable log ging to syslog serve rs, ente[...]

C HAPTER 18-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 18 Configuring SNMP This c hapt er d escrib es how to c on figur e t he Si mpl e N etwork M ana geme nt Pr otoc ol ( SNMP) on your switch. Note For complete synta x and usage informati on for the comman ds used in thi s chapter , refe r to the Catalyst 3550 Mul[...]

18-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNMP Unders tan ding SNMP SNMP Versio ns This softw are release suppo rts these SNMP ver sions: • SNMPv1 — The Simple Network Mana geme nt Pr otocol, a Fu ll Inte rnet S tanda rd, d efined i n RFC 1 15 7. • SNMPv2C , which ha s these feat ur[...]

18-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNM P Underst anding SN MP SNMP Agen t Fun ctions The SNMP a gent responds to SNMP manage r requests as follows: • Get a MIB v ar iab le — Th e SNMP a gent begi ns this f unc tio n in resp onse t o a re quest f rom th e NM S. The age nt retriev[...]

18-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNMP Conf iguri ng SN MP Figur e 18-1 SNMP Netw or k For inf orm atio n on su ppo rted M IB s a nd how to a cce ss th em , see Ap pendi x A, “ Suppo rted M IB s. ” Configuring SNMP This secti on descri bes how to conf igure SN MP on your switc[...]

18-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNM P Configuring SNMP Disabling the SNMP Agent Beginn ing in privil eged EXEC mode, follo w these step s to disable th e SNMP agent: No spec ific IOS comm and exists t o enable SNMP . The f irst snmp-server global conf igurat ion com mand that you[...]

18-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNMP Conf iguri ng SN MP Note T o disable ac cess for an SNMP communit y , set the community string for that co mmunity to the null string (do not enter a val ue for the community st ring). T o r emove a sp ecific com munity str ing, use th e no s[...]

18-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNM P Configuring SNMP Config ur ing Tr ap Mana ge rs an d Enab lin g Trap s A trap mana ger is a mana gement sta tion that re ceive s and proc esses tra ps. T raps are syste m alerts that the switc h genera tes when c ertain e vents oc cur . By de[...]

18-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNMP Conf iguri ng SN MP Beginning in privil eged EXEC mode, follow these steps to config ure the switch to send traps to a host: T o remove th e spec ifi ed ho st from re cei vin g tr ap s, use t he no snmp-server host host g loba l configuratio [...]

18-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNM P Configuring SNMP Setting th e Agent C ontact and Location In formation Beginn ing in privil eged EXEC mode, follo w these step s to set the syste m contact an d location of the SNMP agen t so that these de scripti ons can be accesse d through[...]

18-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 18 Configuring SNMP Displaying SNM P Status SNMP Examp les This exam ple shows how to enab le SNMPv1 an d SNMPv2C. Th e configur ation permits any SNMP manager to access all objects with read-only permissions using the community string public . This config urat[...]

C HAPTER 19-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 19 Configuring Network Security with ACLs This c hapt er d escri b es how to con figur e ne twork se cu rity on you r s witc h b y usi ng acc ess c ontr ol l ist s (ACLs), whic h are also r eferred to in commands and tables a s access lists. T o take advantage [...]

19-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Unders tandin g A CLs Switches tra ditionally oper a te at Layer 2 only , switc hing traf fic within a VLAN, whereas rout ers route traf fic betwee n VLANs. The Cataly st 3550 switch with the enhance d multilayer soft wa[...]

19-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Unde rsta ndi n g AC Ls One ACL ca n be used with multiple fe atures fo r a given inter face, and one featu re can use multipl e ACLs. When a single r outer ACL is used by multip le features, it is examined multiple ti[...]

19-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Unders tandin g A CLs W i th VLAN ma ps, forwa rding of pac kets is pe rmitte d or denied , based on th e action spe cified i n the map. Figu re 19-2 illustrate s how a VLA N map is applied to deny a specific t y pe of t[...]

19-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s • Packet B i s fr om host 1 0.2 .2. 2, por t 650 01, goin g t o ho st 10. 1.1.2 on t he T e lnet port . If th is pac ke t is fragm ented , the fi rst fra gment m atches th e second ACE ([...]

19-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls These fac tors can cause pack ets to be sent to th e CPU: • Usin g th e log keyw ord • Enab lin g I CM P un re acha ble s • Hardwa re reachi ng it s cap acity to store ACL configurat ions [...]

19-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s These are t he ste ps to us e ACLs: Step 1 Create an A CL by sp ec ify in g a n a cc es s li st nu mb er or n am e an d ac c ess co ndit ions . Step 2 Apply the ACL to interfa ces or ter m[...]

19-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls Note In addition to nu mbered standa rd and exten ded ACLs, you can also crea te standard an d extende d named IP ACLs usi ng the sup ported nu mbers. Tha t is, the na me of a standa rd IP ACL c[...]

19-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s Note When creating an ACL, remember that, by defau lt, the end of the ACL contai ns an implicit de ny stateme nt for all pa ckets th at it did not find a match for befor e reachi ng the en[...]

19-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls Pro tocol ( igrp ), an y Inte rior Protoc ol ( ip ), IP in IP tunn eling ( ipinip ), KA9Q NOS- compatible IP over IP tunn eling ( no s ), Open Short est Path Firs t routing ( ospf ), P ayl oad [...]

19-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s Beginn ing in privileged EXEC mode, fo llow these s teps to creat e an extended ACL: Command Purpo se Step 1 configur e terminal Enter gl obal co nfigu ration mod e. Step 2a access-list a[...]

19-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls or access-list access- list-num ber { deny | permit } pr oto col any a ny [ prec edence pr ecedence ] [ tos tos ] [ fragmen ts ] [ log ] [ log-input ] [ time-r ange time-range- name ] [ dscp ds[...]

19-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s Use the no access-list access-list-numb er global conf igur ation comman d to del ete the entir e acces s list. Y ou ca nno t del ete i ndi vidua l ACE s f rom n um bere d ac cess lists. [...]

19-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls Creating Named Standard and Extende d ACLs Y ou c an ide ntify I P ACL s with an alp hanum eric str ing ( a name ) rathe r than a num ber . Y ou ca n use n amed ACLs t o c onfigur e mor e IP ac[...]

19-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s Begin ning in privil eged EXEC mode , follow thes e steps to cr eate an exte nded ACL usin g names: T o remove a name d extend ed ACL , use the no ip access-list extende d na me gl obal c[...]

19-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls and argument are refe renced in the nam ed and numbe red exte nded ACL task table s in the pre vious sections , the “ Crea ting Standard and Extended IP AC Ls ” sec tion on pa ge 19- 6 , an[...]

19-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s Switch(config-time-range)# exit Switch(config)# time-range thanksgiving_2000 Switch(config-time-range)# absolute start 00:00 22 Nov 2000 end 23:59 23 Nov 2000 Switch(config-time-range)# e[...]

19-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls Including Comments About Entries in ACLs Y ou can use the re m ar k keyword to include co mments (r emarks ) about en tries in any IP sta n dard or exten ded ACL . The rema rks mak e the ACL ea[...]

19-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s Beginnin g in pri vileg ed EX EC mode, f oll ow these steps to re stri ct incomi ng and out g oing conn ec tions betwee n a virtual termin al line an d the ad dresses in an ACL: T o remov[...]

19-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls Note Th e ip access-gr oup int erfa c e c onf igura ti on co mm an d is onl y val id w h en appl ie d to a Lay er 3 interf ace: an SVI , a Layer 3 EtherC hannel, or a rou ted port . The inter f[...]

19-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s This is an example of ou tput from the show access-lists pri vil eged E XEC co mm an d, displa yi ng a ll stan dard an d extend ed ACLs: Switch# show access-lists Standard IP access list [...]

19-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls This exam ple shows how to use the show running-conf ig interface privileged EXEC command to display th e ACL conf igurati on of Gigabi t Etherne t interfac e 0/2: Switch# show running-config i[...]

19-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s Figur e 1 9-3 Usi ng Router A CLs to Contr ol T raf fic This ex ample use s a standar d ACL to filte r traf fic coming into Server B from por t 0/3, per mitting traf fic only fr om Ac co [...]

19-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls Numbered ACLs In this exam ple, n etwork 36.0.0.0 is a Class A network w hose seco nd octet specif ies a subnet ; that is, its subnet ma sk is 255 .255.0 .0. Th e third and four th octet s of a[...]

19-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configu ri n g Ro uter A CL s The mark eting_group ACL allows any TCP T elnet tr aff ic to the destination addr ess and wildcard 171.6 9.0.0 0.0 .255. 255 an d denie s any ot her TC P traffi c. It pe rmits any IC MP t[...]

19-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing Router AC Ls In this exa mple of a named ACL , the Jones subn et is not allo wed acces s: Switch(config)# ip access-list standard prevention Switch(config-std-nacl)# remark Do not allow Jones subnet through[...]

19-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configuring VLAN Maps This is a a n examp le of a log for an ext ended ACL: 01:24:23:%SEC-6-IPACCESSLOGDP:list ext1 permitted icmp 10.1.1.15 -> 10.1.1.61 (0/0), 1 packet 01:25:14:%SEC-6-IPACCESSLOGDP:list ext1 perm[...]

19-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing VLA N Maps Step 4 Use the vlan filter globa l c onf igura ti on comm an d t o a pply a VLA N ma p to on e or more V LA Ns . This se cti on cont ai ns th ese to pics : • VLAN M ap C onf igura ti on Guid el[...]

19-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configuring VLAN Maps Beginn ing in privileged EXEC mode, fo llow these s teps to creat e a named MAC exten d ed ACL: Use the no mac access-li st extended name global configurat ion command to delete the entire ACL. Y[...]

19-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing VLA N Maps Creating a VL AN Map Each VL AN map co nsists of an ordered ser ies of ent ries. Beg inning in privile ged EXE C mode, fo llow thes e step s to crea te, ad d to, or de lete a VLAN map entr y: Use[...]

19-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configuring VLAN Maps This example shows ho w to crea te a VLAN ma p to permit a p acket. A C L ip2 permits UDP pa ckets and any packe ts that match t he ip2 ACL are fo rwarde d. Switch(config)# ip access-list extende[...]

19-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing VLA N Maps Switch(config)# mac access-list extended good-hosts Switch(config-ext-macl)# permit host 000.0c00.0111 any Switch(config-ext-macl)# permit host 000.0c00.0211 any Switch(config-ext-nacl)# exit Swi[...]

19-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configuring VLAN Maps Displaying VLAN Map Information Y ou can displa y informat ion about VLA N access m aps or VLAN filt ers. U se the privi leged E XEC command s in T able 19- 4 to d isplay VLAN map informati on. T[...]

19-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Configur ing VLA N Maps Wiring Closet Configuration In a wiring clo set configu ration, the Catalyst 3550 switc h might not be runni ng the enhanced multilaye r software i mage. I n this con figuratio n, the switch can [...]

19-35 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Configuring VLAN Maps Then , apply VL AN acc ess map map2 to VLAN 1. Switch(config)# vlan filter map2 vlan 1 Denying Access to a Server on Another VLAN Y ou can restr ict access to a server on another V LAN. For exam [...]

19-36 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Using VL AN Ma ps wi th Rout er AC Ls Using VLAN Maps with Router ACLs T o access control both bridge d and route d traffic, you ca n use VLAN ma ps only or a combi nation of router ACLs and VLAN maps. Y o u can defi ne[...]

19-37 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Using VLAN Maps with Router ACLs • A void inclu ding Laye r 4 informa tion in an A CL; addi ng this in format ion compl icat es the merging process. The be st merge resul ts are obt ained i f the ACLs are filte re d[...]

19-38 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Using VL AN Ma ps wi th Rout er AC Ls This out put fr om th e show f m labe l pr ivilege d EXEC co mmand s hows a mer ge failure on an in put access group: Switch# show fm label 1 Unloaded due to merge failure or lack o[...]

19-39 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Using VLAN Maps with Router ACLs Note Whe n conf igurin g ACLs on t he sw itch, t o al locate maxim um h ardware resourc es f or ACL s, yo u ca n use the sdm pref er access global co nfigura tion comm and to set the S[...]

19-40 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Using VL AN Ma ps wi th Rout er AC Ls ACLs and Bridged Packets Figure 19-7 show s how an ACL is applied on fal lback-br idged pac kets. For bri dged pack ets, only Layer 2 ACLs are applied to the input VLAN. Only non- I[...]

19-41 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Net w ork Securit y with ACLs Using VLAN Maps with Router ACLs ACLs and Routed Packe ts Figure 19-8 show s how ACLs ar e applied on routed pa ckets. For routed pac kets, the ACLs are app lied in this order: 1. VLAN map fo r input VLAN 2. Input r o[...]

19-42 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 19 Configuring Network Security with ACLs Using VL AN Ma ps wi th Rout er AC Ls ACLs and Multicast Pa ckets Figure 19-9 sh ows how ACLs are applied on packets that a re replica ted for IP multicasting. A multi cast packet being r outed h as two d if ferent kind[...]

C HAPTER 20-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 20 Configuring QoS This chap ter descri b es how to c o nfigure quality of service (QoS ) on your switch. W ith this feature, you can provi de prefe rentia l treatm ent to ce rtai n traffic at the ex pense of o thers. Without QoS, the switch offers best-effort [...]

20-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Unders tan ding QoS type of serv ice (TOS) fiel d to c arry the classificat ion ( clas s ) inform ation. Clas sifica tion can also be carrie d in the Layer 2 frame. These spe cial bits in the Layer 2 fra me or a Layer 3 packet are des[...]

20-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Under sta n din g Q oS All swi tches and ro uters t hat access th e Internet rely on the cla ss infor mation to provid e the same forwarding tr eat ment to p acket s with the same cla ss inf orma tion an d d if ferent treatmen t to pac ket s w[...]

20-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Unders tan ding QoS Figu re 20-2 Basi c QoS Mo de l Classification Classif ica tion i s the p roce ss o f di stin guishin g o ne kin d o f traffic fr om an othe r by ex am ini ng t he f iel ds in the packet. Classifica tion is enable [...]

20-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Under sta n din g Q oS For IP t raffic, y ou ha ve t hese c lass ifi cat ion opti ons as sh ow n in Figu re 20-3 : • T rust the IP DSCP in the incoming packet (configure the port to trust DSCP), and assign the same DSCP to t he pac ket for i[...]

20-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Unders tan ding QoS Figur e 2 0-3 Classification Flo wc har t 46976 Generate the DSCP based on IP precedence in pack et. Use the IP-precedence-to-DSCP map . Assign def ault por t CoS. Ye s Ye s No No No Ye s N o (Optional) Modify the [...]

20-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Under sta n din g Q oS Classification Based on QoS ACLs Y ou c an u se IP stan dard, I P e xte nded, and L ayer 2 MAC A CLs to defi ne a gro up of pa ck ets with t he same char acteristics ( class ). In the QoS context, the permit and deny act[...]

20-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Unders tan ding QoS The poli cy map can al so cont ain com mands tha t define the po licer, the bandwidth l imitati ons of the traf fic, and the acti o n to take if the limits are excee ded. For more informa tion, see the “ Policing[...]

20-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Under sta n din g Q oS Y ou co nfi gure the b ucke t de pth (the m axi mum b urst t hat is t ole rat ed be f ore t he buc ket ov er flow s) by using the burst-byte opti on of the police policy-m a p clas s c onf igur ati on c omm and or the ml[...]

20-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Unders tan ding QoS Figur e 2 0-4 Po licing and M ar king Flow char t 46977 Ye s Ye s No No P ass through Drop Mark Read the DSCP of the pack et. Is a policer configured f or this DSCP? Check if the pac ket is in profile by querying [...]

20-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Under sta n din g Q oS Mapping T ables During QoS processing, the switch represents the priorit y of all traffic (includ ing non-IP traf fic) with an internal DSCP value: • During cl assif ica tion, Q oS use s c on figur ab le mappin g t ab[...]

20-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Unders tan ding QoS Queuein g an d Sc he dulin g After a p acket is poli ce d and m ar ked, th e queu eing an d sched uling p rocess be gins as des cribed in these sections: • Queuein g and Sche duli ng on G igabi t-Capa ble Po rts[...]

20-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Under sta n din g Q oS During the que uei ng and sc hedu l ing p ro cess, the swit ch us es eg re ss que ues and WRR fo r conge sti on manage me nt, and ta il drop or WRED alg orithm s for con gestio n avoida nce on Gi gabit-c apable Et herne[...]

20-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Unders tan ding QoS WRED Cisco ’ s impl emen t ation of Rand om Ea rly De tec tio n (RE D) , ca ll ed W eight ed Rand om Ea rly De tec tio n (WRED), di ffe rs from other congesti o n-avoidanc e techniques because it at tempts to an[...]

20-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Under sta n din g Q oS Queueing and Scheduling on 10/ 100 Ethernet Ports Figure 20-6 show s the queue ing and sched uling flow chart for 10/100 Eth ernet port s. Figur e 20-6 Queuein g and Sc heduling Fl owc har t for 1 0 /1 0 0 Ether net P o[...]

20-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Unders tan ding QoS Each m ini mum- re serve le ve l is conf igur ed wi th a buffer siz e. A s shown in t h e fi gu re, que ue 4 of Fast Ethernet port 0/1 has a buffer si ze of 70 pa cke ts, que ue 4 of Fast Et herne t p ort 0/2 ha s[...]

20-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Under sta n din g Q oS Packet Modification A packe t is clas sified , police d, and q ueued to provide Q o S. Packet mo dific ations can occur durin g this process: • For IP packet s, class ificati on involves assi gning a DSCP to the packe[...]

20-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Configuring QoS Before conf iguri ng Q oS, y ou mu st ha ve a thoro ugh unde rsta nding o f th ese i te ms: • The type s of ap pli cat ions use d and t he traffi c patte rn s on y our ne tw ork . • T r affic cha[...]

20-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S The defa ult port CoS va lue is 0. The defa ult port trust stat e on all port s is untrust ed. No pol icy ma ps are config ured. No polic ers are config ured. The default CoS-to-DSCP map is shown in T able 20-3 on page 2 0-3[...]

20-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Configuration Guidelines Before begi nning th e QoS configu ratio n, you should be aware of this informa tion: • If you h ave Et herC ha nnel po rts con figure d on y our swi t ch , you mu st conf igure QoS c l as[...]

20-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Enabling Qo S Globally By default, QoS is disabled on the switch, whi ch means that the switc h of fers best-ef f ort service to each packet rega rdless of t he pac ket cont ents or size. Al l CoS va lues ma p to e gress que[...]

20-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Configuring the Trust State on Po rts within the QoS Domain Packets en tering a QoS domain are clas sifie d at the edge of the Qo S domain. When the packets are classified at the e d ge, t he switch po rt within t h[...]

20-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Beginning in p rivileged EXEC mode, fo llow these steps to configure the port to trust the classificati on of the traf fic that it receives: T o retur n a port to its untrusted state , u se the no mls qo s trust in terf ac e[...]

20-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Configuring the CoS Val ue for an Interface QoS assigns the CoS value specified wi th the mls qos cos interfa ce conf igurati on comma nd to untagge d frames re ceive d on truste d and untru sted port s. Beginning i[...]

20-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Configuring the DSCP Trust Sta te on a Port Bordering Another Qo S Domain If you a re adm inisterin g two se parate QoS doma ins betw een w hich yo u want to imple ment QoS featu res for IP traffic , you can co nfigure the s[...]

20-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS T o return a po rt to its n on-trusted state , use the no mls qos trust int erfac e config urati on comm and. T o return to the def ault DSCP-to- DSCP- mutation m ap values, u se the no mls qo s ma p dscp-mutation d[...]

20-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Classifying Traffic by Using ACLs Y ou can classify IP traffic by using IP st andard or IP ext ended AC Ls; you can cla ssify non -IP traffic by usin g Layer 2 MAC A CLs. Beginn ing in privileged EXEC mode, fo llow these s t[...]

20-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Begin ning in privil eged EXEC mode, fo llow these steps to cr eate an IP exte nded ACL fo r IP traf fic: T o delete an access list, use the no access-list acce ss-list- number g loba l c onfi gurat ion c omma nd. T[...]

20-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S This exam ple shows ho w to create an ACL that permits PIM traf fic from any sourc e to a destinat ion group addr ess of 224.0.0 .2 with a DSCP set t o 32: Switch(config)# access-list 102 permit pim any 224.0.0.2 dscp 32 Beg[...]

20-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS This e xample s hows how to cr eat e a Layer 2 MAC ACL wi th two per mit st ateme nts. Th e first statem ent allows t raffic from the host with MA C address 000 1.0000 .0001 to th e host with M AC addres s 0002.0000[...]

20-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S T o delete an existin g class map, use the no class-map class- map-name [ match-all | match-any ] gl ob al config urat ion comm and. T o rem ove a ma tch crit erion, use the no match { access-group acl-inde x-or-name | ip d [...]

20-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS This exa mple shows how to creat e a class map called class2 , which matches incoming traf fic with DSCP value s of 10, 11, and 12 . Switch(config)# class-map class2 Switch(config-cmap)# match ip dscp 10 11 12 Switc[...]

20-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Step 4 policy-map policy-ma p-name Cr eate a policy map by en terin g the polic y map name, and ente r poli cy-map c onfigurati o n mo de. By default , no policy ma ps are de fined. The defa ult behav ior of a polic y map is[...]

20-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Step 6 trust [ co s | dscp | ip-pr ecedence ] Configure the trust state , wh ich selects the value that QoS uses as the source of the inter nal DSCP value. Note This command is mutually exclu sive with the set comm [...]

20-35 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S T o delete an existing policy map, use the no policy-map policy-ma p-nam e glob al confi gura tion comm and. T o delet e an exist ing class ma p, use the no class class-map-nam e policy -map c onf igurat ion command. T o ret[...]

20-36 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS This examp le shows how to crea te a policy map and att ach it to an ingress in terface. In the configuration, the IP standard ACL permits traff ic f rom network 10.1.0 .0. For traf f ic matching this classif icatio[...]

20-37 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Classifying, Policing, and Marking Traff ic by Using Aggregate Policers By using an aggreg ate police r , you can cr eate a p olicer th at is sha red by multi p le traf fic classes within the same p oli cy m ap . Ho weve r, [...]

20-38 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS T o remove th e specif ied aggr egate police r from a po licy map, use the no police aggr ega te aggregate-polic er-name pol ic y m ap c on figu ratio n m ode. T o delet e a n agg re gate pol ic er a nd its parame t[...]

20-39 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Configuring DSCP Maps This se cti on desc ribe s how to c onf igur e the DSCP m a ps. It co ntain s this co nfi gu ratio n infor ma tion: • Configuri ng t he Co S-to- DSCP M ap, page 20-39 • Configuri ng the IP- Pre ced [...]

20-40 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS This e xample sh ows h ow t o mo dify a nd displa y the CoS-t o-DSCP map: Switch# configure terminal Switch(config)# mls qos map cos-dscp 10 15 20 25 30 35 40 45 Switch(config)# end Switch# show mls qos maps cos-dsc[...]

20-41 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Configuring the Policed- DSCP Map Y ou use the policed- DSCP map to mark down a DSCP value to a new value as the result of a policing and marki ng actio n. The defau lt policed-DSCP map is a null map, which maps an incoming [...]

20-42 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Configuring the DSCP-to- CoS Map Y ou use t he DSCP-to -CoS map to gene rate a CoS valu e, which i s used to select one of the fo ur egress queues. T able 20-5 sh ows t he defa ult D SCP-to -CoS map. If the se va lu[...]

20-43 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Configuring the DSCP-to- DSCP-Muta tion Map Y ou appl y the DSCP -to-DSC P-mu tation map to a port a t the boundar y of a QoS adm inistra tive d omain. If the tw o domai ns have di fferent DSCP de finition s bet ween the m, [...]

20-44 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS This example shows how to define the DSCP-to-DSCP-mutation map. All the entrie s that are not explicitly configur ed are no t modifie d (remains as spec ified in t he null map ): Switch# configure terminal Switch(co[...]

20-45 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Mapping CoS Values to Select Egress Queues Beginning in privile ged EXEC mode, follow these steps to map CoS ingress values to select one of the egres s queues : T o retur n the default CoS-to-egr ess-queue map, use the no w[...]

20-46 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Configuring the Egress Queue Size Ratios Beginnin g in pr ivilege d EXE C m ode, fol low thes e ste ps to c onfi gure the egre ss queue siz e ra tios: T o retur n to the default weights, use the no wrr - queue queue[...]

20-47 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Configuring Tail-Dr op Threshold Percentag es T ail drop is th e defa ult cong es tion -avoi d ance te ch nique on G igab it- capa ble E the rnet po rts. With tail drop, p ackets are qu eued until the threshold s are exceed [...]

20-48 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS T o retur n to the default thresholds , use the no wrr -queue thr eshold queue-id interface conf iguration comm and. T o return t o the defa ult DSCP- to-thr eshold ma p, use the no wrr-queue dscp-map [ thr esh old-[...]

20-49 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S T o disa ble WR ED, use the no wrr random-detect max-threshold [ queue-id ] i nte rfac e conf igur ati on comm and. T o return t o the defa ult DSCP- to-thr eshold ma p, use the no wrr-queue dscp-map [ thr esh old-id ] int e[...]

20-50 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Configuring the Egress Expedite Que ue Y ou can ens ure th at cer tai n packets have prio rit y o ve r all othe rs by queuing them in th e eg re s s exp ed ite queue. This queue is serviced until it is empty and b e[...]

20-51 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S T o return to the default bandwidth setti ng, use the no wrr -queue bandwidth inter face configu ration comm and. This e xampl e sh ow s how to c onfig ure the w eigh t ra tio of the WR R sche du ler runni ng on t he eg ress[...]

20-52 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS This section con tains this configuratio n information: • Mapping CoS V al ues to Selec t Egress Queu es, page 20- 52 • Configur ing the Mi nimum-R eserve Le vels, pa ge 20-5 3 • Configur ing the Egre ss Exped[...]

20-53 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S Configuring the Minimum- Reserve Levels Y ou can co nfigur e the buf fer size of the mi nimum- reser ve levels on all 10/100 por ts and assig n the minimum- rese rve level to an egress queue on a 10/100 Et hernet port. Begin[...]

20-54 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Conf igurin g QoS Configuring the Egress Expedite Que ue Y ou can ens ure th at cer tai n packets have prio rit y o ve r all othe rs by queuing them in th e eg re s s exp ed ite queue. This queue is serviced until it is empty and b e[...]

20-55 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S Confi guring Qo S T o return to the default bandwidth setti ng, use the no wrr -queue bandwidth inter face configu ration comm and. This e xampl e sh ow s how to c onfig ure the w eigh t ra tio of the WR R sche du ler runni ng on t he eg ress[...]

20-56 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S Displa ying QoS Information Displaying QoS Information T o di splay the curren t QoS informatio n, use one or more of t he privi leged EXEC co mmands in T able 20-6 : QoS Configuration Exa mples This se ct ion pro vides a QoS mi gr a[...]

20-57 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S QoS Config uratio n Examples Figur e 20-1 0 QoS Configu ratio n Example Netw or k QoS Config ur ation fo r th e Co mmon W iring C los et The c ommon wir ing cl oset in Figur e 20-10 con sists of exi sting Catalyst 35 00 X L and 2900 XL switch[...]

20-58 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S QoS Configura tion Examp les For the Catalys t 3500 XL and 2900 XL switch es, CoS c onfig ures ea ch egres s por t with a normal- priori ty transm it que ue and a h igh-p rior ity tra nsm it queu e, de pend ing on th e fr am e t ag o[...]

20-59 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S QoS Config uratio n Examples QoS Configuration for the Distribution Layer This ex ample focu ses on the configuratio n steps f o r the Cata lyst 3550-12G multil ayer switch at the distribu tion l aye r (see Figur e 20-10 ). Be caus e the clas[...]

20-60 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S QoS Configura tion Examp les Step 5 switchport mode tr unk Conf igure t his port as a t runk port. Step 6 exit Return t o g loba l c onfi gur ation mo de . Step 7 interfac e gigabitetherne t0/2 E nter inte rface con figurati on mode,[...]

20-61 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 20 Configuring Qo S QoS Config uratio n Examples Step 17 end Return to privile ged EXEC mode. Step 18 show mls qos interface and show interf aces V erify yo ur ent rie s. Step 19 copy running-config startup-config (Optional) Save your e ntries in the config urat[...]

20-62 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapt e r 20 Co nf i gur i n g Qo S QoS Configura tion Examp les[...]

C HAPTER 21-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 21 Configuring EtherChannel This c hapter describe s how to co nfigu re Ethe rChann el on La yer 2 and Laye r 3 i nterfa ce s. T o con figu re Layer 3 interfac es, you must have the enhanced multila yer software image (EMI ) installed on your switch. A ll Ca ta[...]

21-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configur ing Ethe rChannel Unders tan ding Ether Channel Figur e 21 -1 T ypical EtherChannel Con figuration Understand ing Port-Chann el Interfaces Y ou crea te an Et herCha nnel for Layer 2 inte rfaces di fferently fr om Layer 3 i nterface s. Both config ura[...]

21-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configuring Eth erCh annel Underst anding E therChannel Figur e 2 1 -2 Relation ship of Ph ysical P ort s, Logica l P ort Channe ls, and Channel Gr oups After you co nfigure an Eth erCha nnel, c onfigur ation chan ges ap plied t o the p ort- chann el inte rfac[...]

21-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configur ing Ethe rChannel Unders tan ding Ether Channel PAgP Modes T able 21-1 show s the user-config urable Et herChann el mod es for the cha nnel-group interfac e config urati on comm and: on , aut o , and desirable . Switch interfaces exc hange P AgP pack[...]

21-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configuring Eth erCh annel Underst anding E therChannel Physical Learners an d Aggregate-P ort Learners Network devi ces are class ifie d as P AgP physica l learners or aggregate-p ort lear ners. A device is a physica l le arne r if it le arns ad dresse s b y [...]

21-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configur ing Ethe rChannel Unders tan ding Ether Channel In Fi g ure 21-3 , an Ethe rCha nnel of four wor kstati ons c ommunic ates w ith a router . Because the ro uter i s a sing le-MAC- address device, source-ba s ed forwar ding on th e switch Eth erChann e[...]

21-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configuring Eth erCh annel Config uring Ether Channel Configuring Eth erChannel This secti on descri bes these configu rations for EtherC hannel on Layer 2 an d Layer 3 inte rface s: • Default Ethe rC ha nnel Co nfi gura ti on, p age 21- 7 • EtherC hanne l[...]

21-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configur ing Ethe rChannel Configur ing Eth erChann el EtherChann el Configuratio n Guidelin es If imp rop erl y con fi gure d, som e Et her Cha nnel inte rf ace s a re a utom a tica lly disa ble d to a void net work loops and othe r proble ms. Follow thes e [...]

21-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configuring Eth erCh annel Config uring Ether Channel Configurin g Layer 2 Ethe rChan nels Y ou configu re Layer 2 EtherChann els by configuring the Eth ernet inter faces with the channel-gr oup interfac e config uration comm and, which creates the port-ch ann[...]

21-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configur ing Ethe rChannel Configur ing Eth erChann el T o remove a n inte rface from the Ethe rChannel grou p, use the no channel-group inte rface conf igurat ion comm and. This exam ple shows how to assig n Gigabi t Etherne t interfac es 0/4 and 0/ 5 as st[...]

21-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configuring Eth erCh annel Config uring Ether Channel Configurin g Layer 3 Ethe rChan nels T o confi gure L ayer 3 Eth erC hanne ls, yo u c rea te the por t-c ha nnel log i cal inte rf ace a nd t he n p ut th e Ethernet in terfaces in to the po rt-channel as [...]

21-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configur ing Ethe rChannel Configur ing Eth erChann el Configuring the Physical Interfac es Beginn ing in privil eged EXEC mode, follo w these steps to assig n an Ethernet in terface to a Layer 3 EtherC hannel: Comma nd Purpos e Step 1 configur e terminal En[...]

21-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configuring Eth erCh annel Config uring Ether Channel T o remove a n inte rface from the Ethe rChannel grou p, use the no channel-group inte rface conf igurat ion comm and. This exa mple shows how to assign Gig abit Ethern et int erfaces 0/ 4 and 0/5 to ch an[...]

21-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configur ing Ethe rChannel Configur ing Eth erChann el Beginnin g in pr ivi leged EX EC m od e, f oll ow t hese ste ps to c onfi gure Et her Cha nnel l oad ba lan cing : T o return Et herChannel load bala ncing to th e default configuration, us e the no port[...]

21-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configuring Eth erCh annel Config uring Ether Channel Note Th e Cata lyst 35 50 suppo rts addr ess lea rning on ly on aggrega te por ts ev en thoug h the physical-port keywor d is provide d in the CLI . The pagp learn-met hod command an d the pagp port-priori[...]

21-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 21 Configur ing Ethe rChannel Displaying Eth erCh annel and PA gP Status Displaying EtherCh annel and PAgP Status Y ou can use the privi leged EX EC c ommands d escrib ed in T able 21-3 to displa y EtherC hannel and P AgP status information: For deta iled infor[...]

C HAPTER 22-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 22 Configuring IP Unicast Ro uting This chap ter describes how to configure IP u nicast routing o n your multilayer sw itch. T o u se this featur e, you must have the enhanced multilayer software i mage instal led on your switch. A ll Ca ta lys t 35 50 Gigabit [...]

22-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Unders tan din g Routing Understandin g Routing Networ k d evice s in di fferent VLA Ns ca nnot co mm unic ate w ith one an oth er w it hout a L ay er 3 devi ce (rout er) to r oute tra ffic betw een the VLANs. Router s can per f[...]

22-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Steps f or Conf iguri ng Routi ng When Host A in VLAN 10 need s to com municat e with Hos t B in VLAN 10, it send s a pa cket add resse d to that host. Swit ch A forwards the packet d irectly to Host B , without sending it to t[...]

22-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing Configuring IP Addre ssing A requ ire d task for co nfi guri ng IP rou tin g is t o assign I P a ddr esses to L a yer 3 ne twork i nte rfac es to enable t h e interf aces and a llow communic ation w[...]

22-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing Assigning IP Address es to Netwo rk Interface s An IP address identifies a location to which IP packet s can be sent. Some IP addresse s are reserve d for special u ses an d cann ot be used f or ho s[...]

22-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing Beginnin g in pri vileg ed EXEC mo de, fo llow t hes e step s to assign a n IP addre ss an d a net work m ask to a Layer 3 i nterfa ce: Use the no ip addre ss interfac e configu ration co mmand to r[...]

22-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing 0 input packets with dribble condition detected 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no c[...]

22-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing Use of Subnet Zero Subnetti ng with a subnet a ddress o f z ero is st ron gly disc ourag ed beca use of th e proble ms that c an arise if a netwo rk a nd a subnet have th e same add resses. For e xa[...]

22-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing In Figure 22 -2 , class less routin g is enab led. Whe n the host sen ds a packet to 120.20. 4.1, inst ead of discar ding the p acke t, the ro uter f orwa rds it to th e be st su pe rnet r out e. If [...]

22-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing Begin ning in privil eged EXEC mode , follow thes e steps to di sable cla ssless ro uting: T o re store the defa ult and have the switch for ward packet s destined for a su bnet of a netwo rk with [...]

22-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing Y ou can per form these t asks to config ure addre ss resolution: • Defi ne a S tatic ARP C ache, p age 22- 1 1 • Set ARP Encap sulation, pa ge 22-12 • Enab le Prox y A RP , page 22-13 Define [...]

22-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing This is a n exam ple of output fr om the show arp privileged EX EC command. Switch# show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.1.2.3 - 0002.4b29.2e00 ARPA GigabitE[...]

22-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing This is a n exam ple of output fr om the show in terfac es interface-id pri vileged EXEC comm and displaying AR P enc apsul ati on. Switch# show interfaces gigabitethernet0/10 GigabitEthernet0/10 is[...]

22-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing This is an e xam ple of ou tput fo rm th e show i p inte rfac e pri v ileged EXEC command f or Giga bit Ethernet interf ace 0/3, wher e proxy ARP is enabled. Switch# show ip interface gigabitethern[...]

22-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing Ethern et MAC add ress, and t he hos t that s ent the re ques t se nds th e pack et to th e sw itch, which forw ards it to the intended host . Proxy ARP treats all network s as if they are local and[...]

22-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing The onl y re qui red t ask fo r I RDP ro uting o n an i n terfa ce is t o en able I RDP pr ocessin g on t ha t int er face. When en abled , the defa ult par ameters ap ply . Y o u can opt ionall y [...]

22-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing GigabitEthernet0/3 has router discovery enabled Advertisements will occur between every 450 and 600 seconds. Advertisements are sent with broadcasts. Advertisements are valid for 1800 seconds. Defau[...]

22-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing Beginnin g in pri vilege d EXEC mode, fo llow these steps to e nable forwar ding of IP-dire cted b roadcas ts on an interface: Use the no ip directed -broa dcas t inter face config uration comman d[...]

22-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing If you do not spe cify any U DP po rt s wh en yo u con figu re the forw ard in g of U DP br oa dcast s, yo u a r e conf iguring th e router to act as a BOOTP for warding agent. BOOTP p ackets ca rry[...]

22-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing Establishing an IP Broadcast Address The mo st po pula r IP b roa dca st a ddr ess (and th e d efau lt) is an a ddress c onsis ting of a ll on es (255.255 .255.2 55). H oweve r , the sw itch ca n b[...]

22-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing Beginnin g in pr ivi leged EX EC mod e, fol low thes e st eps to us e th e br idgi ng spann in g-tr ee data base to flood U DP dat agr am s: Use the no ip forward-protocol spanning-tree global conf [...]

22-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IP Ad dres sing Y ou can display specific stat istics, such as the contents of IP routing table s, caches, and databases; the reachability of nodes; and th e routing path that packe ts are takin g through the netw[...]

22-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IP Address ing Switch# show ip redirects Default gateway is 172.20.135.193 Host Gateway Last Use Total Uses Interface ICMP redirect cache is empty Switch# show ip route Codes: C - connected, S - static, I - IGRP, [...]

22-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Enablin g IP Ro uting GigabitEthernet0/1 is up, line protocol is up Internet protocol processing disabled GigabitEthernet0/2 is up, line protocol is down Internet protocol processing disabled Enabling IP Routi ng By default, th[...]

22-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Configuring RIP Configuring RI P The R outi ng Inf orm a tion Pro to col (RI P) is an i nte rior ga teway pr otoc ol (I GP) cre ate d fo r us e in smal l, homogene ou s n etw orks. It is a dista nc e-ve cto r r outing p rot oc[...]

22-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g RIP For protoc ol-indep ende nt feature s that al so apply to RIP , see the “ Con figuring Prot ocol- Indepen dent Features ” section on page 22-53 . T o configur e RI P , you en ab le RIP rou ting f or a net [...]

22-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Configuring RIP T o turn off t he RI P rout ing pr ocess, u se t he no router rip global conf igur at ion comm a nd. T o displ ay t he p ar amete rs and cu rre nt stat e o f th e ac tive ro uti ng prot ocol p roce ss, use th e[...]

22-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g RIP RIP Authentication RIP versio n 1 do es not suppo rt au the ntica tio n. If yo u ar e send ing a nd rec eivi ng RIP V e rsion 2 pa ck ets, you can enable RIP au thentica tion on a n interface. T h e key chai n[...]

22-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Configuring RIP Note In general, di sabling split horizon i s not reco mmended un less you are certain t h at your applicati o n requires it to properly advertise routes. If you wan t to c onfig ure an int erf ac e runn ing RI[...]

22-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IGRP Configuring IGRP Interio r Ga tewa y Routing Pr otoc ol ( IGRP) is a d ynami c, dist anc e-ve ctor rout ing , pro pri etar y C isco protocol for routin g in an autonom ous system t hat conta ins large, arbitr[...]

22-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IGRP Routers ru nning IGRP use flash and poi son-reve rse update s to spe ed up t he conv ergenc e of the routi ng algorit hm. Flash upd ates are upda tes sent before the standa rd interva l, notify ing othe r rou[...]

22-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IGRP If varia nc e is con figur e d as de scrib ed i n the pr ec edi ng se cti on , IG RP or En ha nced IGRP di stribu tes traf f ic amon g multip le r out es of u nequal cost to the same destination. I f you wan [...]

22-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring IGRP T o shut d own an IGRP ro uti ng pro ce ss, use the no rout er igrp global conf igur ati on c om mand. This e xampl e sh ow s how to c onf igure a rou ter f or IGRP an d assi gn it a uton omo us system 1 09. [...]

22-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Conf igurin g IGRP This is an example of ou tput from the show ip protocols privil eged EXEC comma nd that ve rifie s the IGRP confi gurat ion. Switch# show ip protocols <output truncated> Routing Protocol is "igrp 1[...]

22-35 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring OSPF Configuring OSPF This section briefly describes how to configure Open S hortest Path First (OSPF). For a complete description of the OSPF commands, refer t o the “ OSPF Commands ” chapter o f th e Cisco I[...]

22-36 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configuring OSPF T able 22-7 Def ault OSPF Confi gurat ion Feature Default Setting Interface parameters Cost: No default cost predef ined. Retransmit interval: 5 second s. T r an smit de la y: 1 se co nd. Priority: 1 . Hello in[...]

22-37 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring OSPF Enabling OSPF requires that you create an OSPF routing process, specify the r ange of IP addr esses to be asso ciated with the routing pro cess, an d assign area IDs to be ass ociated wit h that range. Beginn[...]

22-38 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configuring OSPF This is an example of ou tput from the show ip protocols privil eged EXEC comma nd that ve rifie s the OSPF process ID. Switch# show ip protocols <output truncated> Routing Protocol is "ospf 109"[...]

22-39 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring OSPF Use the no form of these comman ds to remove the configured par ameter va lue or r eturn to the default v alue . This is an example of ou tput from the show ip ospf inte rface privile ged EXEC c ommand : Swit[...]

22-40 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configuring OSPF Note The OSPF area ro uter con fi gurat ion c om mands a re a ll op tion al. Beginning in privileged EXEC mode, follo w these steps to conf igure area parame ters: Use the no form o f these commands to remove t[...]

22-41 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring OSPF Switch# show ip ospf Routing Process "ospf 1" with ID 172.20.135.202 and Domain ID 0.0.0.1 Supports only single TOS(TOS0) routes Supports opaque LSA SPF schedule delay 5 secs, Hold time between two [...]

22-42 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configuring OSPF • Passive interfaces: Because inter f aces between two devices on an Ether net represen t only one network segment, to prevent OSPF from sending h ello packets for the send ing interface, you mu st config ure[...]

22-43 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring OSPF Change L SA Group P acing The OSPF LS A group pa cing featur e allows the route r to gr oup OSPF L SAs a nd pac e the refres hing, check-summin g, and aging functi ons for more effi cient router use . This fe[...]

22-44 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configuring OSPF Monitoring OSPF Y ou can disp lay specif ic statis tics such as the co ntents of IP routing tables , caches, and databases . T able 22-8 lists so me of the privileged EXEC command s for displaying statistics. F[...]

22-45 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Config uring OSPF This is a n exam ple of output fr om the show ip ospf database privi leged E XEC co mmand wh en no arguments or keyw ords ar e used: Switch# show ip ospf database O OSPF Router with ID (172.20.135.202) (Proce[...]

22-46 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing EIG R P Configuring EIGRP Enhanc ed IG RP (EIGRP) is a Cisco p ropri etary en hance d ver sion of th e IGR P . Enhance d IGRP uses the same dist ance v ector al gorit hm and d istance inform ation as IG RP; how eve[...]

22-47 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Configuring EIGRP feasi ble succ essors , but there ar e neig hbors adverti sing the dest inatio n, a r ecomputa tion mu st oc cur . This is th e process whereby a n ew succe ssor is dete rmined. Th e amount of time it takes t[...]

22-48 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing EIG R P T o cr eate an EIGRP routin g process, you mus t enable EI GRP and asso ciate netwo rks. EIGRP se nds update s to t he i nte rfac e s in t he spe ci fied n etw orks. If yo u do not spe cif y a n i nter face[...]

22-49 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Configuring EIGRP Use the no forms of these co mmands to disabl e the featur e or return the sett ing to the defaul t value. This is a n exam ple of output fr om the show ip protocols privi le ged E X EC comm a nd for E IGRP .[...]

22-50 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing EIG R P Use the no forms of th ese comman ds to disa ble the feat ure or return the setting to the defa ult val ue. This is an exa mple of ou tput f rom t he show ip eigrp interf ace privileged EXEC comm and: Switc[...]

22-51 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Configuring EIGRP Use the no forms of these commands to disable the feat ure or to return the setting to the default va lue. Monitoring and Maintaining EIGRP Y ou can d elete nei ghbors fr om the ne ighbor ta ble. Y ou can als[...]

22-52 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing EIG R P This is a n exam ple of output fr om the show ip eigrp interf ace privileged EXEC comman d: Switch# show ip eigrp interface IP EIGRP interfaces for process 109 Xmit Queue Mean Pacing Time Multicast Pending [...]

22-53 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Confi guring Protocol -Ind ependent Fe atures Configuring Proto col-Independ ent Features This secti on descri bes how to conf igure IP rou ting proto col-i ndepende nt featur es. For a comp lete descri ption of the I P ro uti[...]

22-54 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Beginning in priv ileged EXEC mode, follow these steps to enable CEF on an inte rface after it has been disabled : T o di s able CEF on an interfa ce, use the no ip ro ute-cache ce[...]

22-55 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Confi guring Protocol -Ind ependent Fe atures Beginning in privileged EXEC mode, follo w these steps to change the maximum number of paral lel paths inst alled in a r o uting tabl e from the d efault: Use the no maximum-paths [...]

22-56 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s The switc h retains stat ic route s until yo u remove them (by using the no ip route global c onfi gur ation comman d). H owe ver, you ca n ov erri de stat ic ro ute s wi th d yna [...]

22-57 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Confi guring Protocol -Ind ependent Fe atures Beginning in privil eged EXEC mode, follow these step s to define a static route to a network as the static default rout e: Use the no ip default-network ne twork n umber glo b al [...]

22-58 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Beginning in privil eged EXEC mode, follow these steps to c on fi gu re a route map for redistribution: Command Purpose Step 1 configur e terminal E nter globa l configura tion mo [...]

22-59 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Confi guring Protocol -Ind ependent Fe atures T o del ete an en try , use the no route-map map tag glo bal conf igurat ion co mmand or the no match or no set route -map conf igur ati on com mands. Step 12 set m etri c metric v[...]

22-60 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Y ou ca n d istr ibute r oute s f rom o ne rout ing do main int o anothe r and co ntro l rout e distri bu tion. Beginning in privileged EXEC mode, follo w these steps to contr ol r[...]

22-61 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Confi guring Protocol -Ind ependent Fe atures Filtering Routing Information Y ou can filter routing protocol information by perfo rming the tasks described in this section. Note When routes are redistributed between OSPF proce[...]

22-62 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Configur ing Protocol-I nde penden t Feature s Controlling Advertising and Processing in Routing Updat es Y ou can use the distribute-list router confi g uration command with access control lists to su ppress routes from bei ng[...]

22-63 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Confi guring Protocol -Ind ependent Fe atures T o remove a di stan ce def ini tio n, use the no distance rout er con fi gurat ion c om mand. Managing Authen tication Keys Key manage ment is a meth od of contro lling authe ntic[...]

22-64 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Monito rin g and Mai nt aining th e IP Ne twork T o remove th e key ch ain, use t he no key chain name-of-cha in gl obal c onf igur ati on c omm and. Monitoring and Maintaining the IP Network Y ou can re move all conten ts of a[...]

22-65 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unic as t Routing Monitoring and Maintaining the IP Network This is a n exa mpl e of o ut put from the show ip route privileged E XEC com mand whe n e ntere d w ithout an addr ess: Switch# show ip route Codes: C - connected, S - static, I - IGR[...]

22-66 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 22 Configuring IP Unicast Routing Monito rin g and Mai nt aining th e IP Ne twork This is an exa mp le of out pu t from th e show ip route supernets-only privi leged EXEC co mmand. This display shows supe rnets onl y; it does not show subnets. Switch# show ip r[...]

C HAPTER 23-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 23 Configuring HSRP This c hapter de scribe s h ow to use Hot Standby Rou ter Prot oco l (H SRP) to p rovid e rou t ing red undan cy for rout ing IP tra ffic wi thout bei ng dependen t on the av ailability o f any sing le router . T o use this feat ure, you mus[...]

23-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Unders tan din g H SRP Note Rou ter s in a n HSRP gr oup can be an y ro ute r int erfa ce that su ppo rts H SRP , i ncl udin g Cat aly st 355 0 routed ports a nd switch v irtual interfaces (SVIs). HSRP provides high network availability by pr[...]

23-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Configur ing HSRP Figur e 23-1 T ypical HSRP Con figur ation Configuring HSRP These se ctions inc lude HSRP conf iguration information: • Default HS RP Confi g urati on, pa ge 23- 4 • Enab lin g HS RP , pa ge 23 -4 • Configur ing HSRP Gr[...]

23-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Configuring HSRP • Ether channel por t channe l in Layer 3 mod e: a port -channe l logica l interf ace cre ated by using the interface port-channel port-cha nnel-nu mber gl obal co nfigu ratio n command and bind ing the Ether net inter fac [...]

23-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Configur ing HSRP Beginning in privilege d EXEC mode, follow these steps to cr eate or en able HSRP on a Layer 3 interface : Use the no standby [ gr oup-num ber ] ip [ i p-address ] interfac e conf igurat i on co mman d to di sable H SRP . Use[...]

23-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Configuring HSRP Configuring HSRP Group Attributes Although HSRP can ru n with no other configur ation requ ired, yo u can confi gure att ributes for the HSRP group, in cludin g authen tica tion, prio rity , pree mption and preemp tion del ay[...]

23-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Configur ing HSRP Beginnin g in pr ivi leged EX EC mod e, u se one o r more of the se st eps to conf igur e HS RP pri ority char acte rist ics on an interf ace : Comm and Pu rpos e Step 1 configur e terminal Enter globa l c onfi gu ratio n mod[...]

23-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Configuring HSRP Use the no standby [ group-number ] priority pr ior ity [ preempt [ delay delay ]] a nd no standby [ gr o up-num ber ] [ priority priority ] pr eempt [ delay delay ] interface confi guratio n comman ds to rest ore default pri[...]

23-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Configur ing HSRP Use the no standby [ gr oup-n umbe r ] authen ticat ion string interface configur ation comman d to de l ete an auth entication str ing. Use the no standby [ gr ou p-numbe r ] tim ers hellotime holdtim e interfac e config ura[...]

23-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 23 Configuring HSRP Displaying HSRP Configu rations Displaying HSRP Con figuratio ns From privil eged EXEC mo de, use this co mman d to display H SRP settings: show standby [ interface -id [ group ]] [ brief ] [ detail ] Y ou can display HSRP informatio n for t[...]

C HAPTER 24-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 24 Configuring IP M ulticast R outing IP multica sting is a more e fficient way to use network r esources, especially f or bandwidth-inten sive services such as audi o and video . IP multic ast all ow s a host (sour ce) to send pack et s to a g roup of hosts (r[...]

24-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Cisco Implem entation o f IP Multica st Rout ing • Configur ing Basic D VMRP Intero perabi lity Featur es, pag e 24-43 • Configuring Advan ced DVMRP Interoperability Features, page 24-50 • Monitori ng and Maintaining IP [...]

24-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Cisco Implementation of IP Multicast Routing Understand ing IGMP T o parti c ipate in IP multicasting, mult icast hosts, routers, and multilay er switches must have IGMP operating. T his protocol is the group membership pro[...]

24-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Cisco Implem entation o f IP Multica st Rout ing IGMP Version 2 IGMPv2 pr ovides enh ancements over IGMP v1. The query a nd member ship repor t messages are identical to IGMPv1 message with two e x ceptions. The fir st dif fer[...]

24-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Cisco Implementation of IP Multicast Routing group-spe cific qu ery . It responds w ith an IG MPv2 memb ershi p report to info rm Rout er 1 tha t a mem ber is still present. When Route r 1 receives the repo rt, it keeps the[...]

24-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Cisco Implem entation o f IP Multica st Rout ing The simplest form of a mult icast distributi on tree is a source tree whose root is the source of the multicast traf fic an d whose bran ches fo rm a span ning tr ee throu g h t[...]

24-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Cisco Implementation of IP Multicast Routing PIM SM PIM SM uses shared tre es and SP T s to distribute multicast traf f ic to multicast receivers in the netwo rk. In PIM SM, a router or multilay er switch assumes that other[...]

24-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Cisco Implem entation o f IP Multica st Rout ing Prune messa ges are sen t up the distribut ion tree to prun e mul ticast gr oup traffic. This ac tion perm its branch es of the sh ared tr ee or SP T that were created with expl[...]

24-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Cisco Implementation of IP Multicast Routing travel ho p-by-hop t hrougho ut the PIM doma in. Becau se BSR message s contain the IP ad dress of the current BSR, the floo ding mechanism allows can didate RPs to automatical l[...]

24-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Cisco Implem entation o f IP Multica st Rout ing Figu re 24- 6 RPF C heck PIM us es bot h sour ce trees and R P-root ed shar ed tree s to forward datagrams ( describe d in the “ PIM DM ” section on page 24-5 a nd the “ [...]

24-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Cisco Implementation of IP Multicast Routing Understand ing DVMR P Distance V ector Multic ast Routi ng Protocol (D VMRP) is imp lemente d in the equi pment of many vendors an d is based on the public-d omain mro uted prog[...]

24-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Cisco Implem entation o f IP Multica st Rout ing CGMP is a p rotocol u sed on Cisco r outers and multilayer switches conn ected to L ayer 2 Cataly st switche s to pe rfor m tasks simi la r to tho se pe rform ed by I GMP . CGM[...]

24-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring IP Multicast Routing Leaving a Group with CGMP When an IGM Pv2 host leaves a group , it can se nd an IGMP lea ve group message to the all-multic ast-routers group (224.0.0.2). The CGMP ser ver translates this l[...]

24-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng Multicast Routing Configuration Guidelines T o avoid misc onfiguring m ulticast routin g on yo ur multilayer switch, revie w the information in these sections: • PIMv1 an d PIMv2 I n[...]

24-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring IP Multicast Routing Auto-RP and BS R Configuration Guidelin es There are two ap proac hes to usin g PIMv2. Y ou can use V ersi on 2 exclusi vely in your netwo rk or migra te to V ersion 2 by employing a mixe d[...]

24-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o disa ble multicasting , use the no ip multicas t-routing globa l c onf igur ati on comm a nd. T o ret urn to the defa ult PIM vers io n, use t he no ip pim version in terf ace conf[...]

24-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring IP Multicast Routing Config ur ing a R end ez vous Po int If you ha ve configured PIM SM or PIM SM-DM , you must confi gure an RP for th e multicast g roup. Y ou can use seve ral me thods, as de scr ibed i n th[...]

24-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o rem ove an RP ad dres s, us e th e no ip pim rp-address ip-addr ess [ access -list-numb er ] [ override ] global configu ratio n command . This e xampl e sh ow s h ow t o c onf igu[...]

24-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring IP Multicast Routing This section con tains this configuratio n information: • Setting up Auto-RP in a New Internetwork, p age 24-19 • Adding A uto- RP to a n Exist ing Sparse -Mo de Clou d, page 2 4-19 •[...]

24-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o rem ove the PIM devi ce config ure d as the candi date RP , use the no ip pim send-rp-announce global config urati on comm and. T o remov e the mu ltilaye r switc h as the RP-ma pp[...]

24-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring IP Multicast Routing If all interfa ces are in spa rse mode, use a default -configure d RP to support the two well-k nown groups 224.0.1 .39 and 2 24.0.1 .4 0. Au to-RP uses thes e two w ell-kn own gr oups to c[...]

24-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng T o remove a f ilter on incoming RP announcement message s, use th e no ip pim rp-announce-filt er rp- lis t access-list-number group-list acce ss-list-num ber g lobal conf i gurat ion[...]

24-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring IP Multicast Routing Beginnin g in pr ivi leged EXE C m od e, f oll ow th ese ste ps to def ine the PIM dom ain bo rde r: T o rem ove th e PI M b o rd er, use t he no ip pim bsr-borde r inte rf ace conf i gurat[...]

24-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng Defini ng the IP Multi cast Bou ndary Y ou d efi ne a m ult ica st bo und ar y to pr ev en t A uto- RP m es sag es fr om en t erin g the PIM d omai n. Y ou creat e a n acce ss list to [...]

24-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring IP Multicast Routing Configur ing Can dida te BSRs Y ou c an c on figu re on e or m ore c andi dat e BSRs . The dev i ces s er ving as c andi dat e BSRs shou ld h av e good connec tivity to other devi ces and b[...]

24-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con fi gur ing IP Mu ltic ast R ou ti ng Configur ing Can dida te RPs Y ou ca n con figu re one or m ore c andi dat e RPs. Sim ilar to B SRs, t he RPs sho uld a lso have g ood connec tivity to oth er devi ces an d be in the b[...]

24-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring IP Multicast Routing This examp le shows how to configure the multilay er switch to adver tise itself as a candidate RP to the BSR in its PIM domai n. Standard acce ss list numbe r 4 specifies the gr oup pre fi[...]

24-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Advan ced PIM Fea tures Troubleshooting PIMv1 and PIMv2 Interoperability Problems When debu gging inte ropera bility pr oblems bet ween PIM v1 and PIMv2 , chec k these in th e order show n: 1. V erify RP ma pping[...]

24-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Confi guring Ad vanced P IM Feat ures This proc ess descri bes the mov e from a shar ed tree to a sour ce tree: 1. A receiver join s a group; leaf Router C sends a join message toward the RP . 2. The RP puts a link to Rout[...]

24-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Advan ced PIM Fea tures Beginning in privileged EXEC mode, follow th ese steps to configure a traffic r ate threshold that must be reach ed befor e multicast routing is sw itched from t h e source tree to the sho[...]

24-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Optional IGMP Features By default , multic ast rout ers and multilaye r switche s send PI M router-query messag es ever y 30 seco nds. Beginning in privileged EXEC mode, follo w these steps to modify the rout e[...]

24-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con f i gur ing Op ti o n a l IG M P Fea tu res Changing the IGMP Version By default, the m u ltilayer switch uses I GMP V ersion 2 , which allows features such as the I GMP query timeou t and the maximum qu ery resp onse tim[...]

24-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Optional IGMP Features Y ou can de termine the quer y interval by enter ing the show ip igmp inter face interfac e-id privil eged EXEC co mmand. Beginnin g in pr iv ilege d EXE C m od e, f oll ow t hese ste ps [...]

24-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con f i gur ing Op ti o n a l IG M P Fea tu res Configuring the Multilayer Switch as a Member of a Group Multilay er switches can be c o nfigured as member s of a m ulticast g roup. Th is is us eful to det ermine multicas t r[...]

24-35 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Optional IGMP Features Controlling Access to IP Multicast Groups The multilayer switch sends IGMP host-query messa ges to determine which multicast groups have members on attach ed local networks . The switch t[...]

24-36 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Con f i gur ing Op ti o n a l IG M P Fea tu res Modifying th e IGMP Host-Qu ery Messa ge In terval The mul tilayer sw itch peri odically se nds IGMP h ost-quer y message s to discover w hich m ulticast g roups are pr ese nt o[...]

24-37 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Optional Multicast Routing Features Beginning in priv ileged EXEC mode, follo w these steps to confi gure the switch itself to be a statically connec ted mem ber of a gro up (and allo w fast swit ching) : T o r[...]

24-38 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Optiona l Multic as t Routing Feat ures Enabling C GMP Serv er Support The multilayer switch serves as a CGMP server for devices that do not support IGMP snooping but have CGMP client funct ionality . CGMP is a p[...]

24-39 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Optional Multicast Routing Features Configuring s dr Listener Su pport The MBONE is the small subset o f Internet r o uters and hos ts that are i nterconn ected and cap able of forwardin g IP multica st traffic[...]

24-40 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Optiona l Multic as t Routing Feat ures T o retur n to the default setting, use the no ip s dr ca che-t im eout global con fi gurat ion co mma nd. T o delete the en tire cache, use the cl ear ip sdr privile ged E[...]

24-41 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Optional Multicast Routing Features multicas t packets with an init ial TTL value set to 99. The engineering an d marketing depart ments have set a TTL thr eshold of 40 at the perimete r of their netw orks; th [...]

24-42 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Optiona l Multic as t Routing Feat ures Configuring an IP Multicast Boundary Like TT L thresho lds, admi nistrat ively-sc oped boundar ies can also be used to limi t the forwa rding of multica st traf fic outside[...]

24-43 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Basic DVMRP Interoperability Features Beginnin g in privil eg ed EXEC mo de, fo llow these st e ps to set up an adm inistra tively- s co ped boun dary: T o remove the bou ndary , use the no ip multicast boundar[...]

24-44 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Basi c D VMRP Interope rabilit y F eat ures Configuring DVMRP Interoperability Cisco multicast routers and multila yer switches using PIM can interoperate with non-Cisco mult icast router s tha t u s e t he DV MR[...]

24-45 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Basic DVMRP Interoperability Features Beginnin g in priv ileged E XEC m ode, fol low these steps t o config ure the source s that are adverti sed an d the m et ric s t h at ar e use d wh en DV MR P ro ute -re p[...]

24-46 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Basi c D VMRP Interope rabilit y F eat ures This example sh ows how to configure DVMRP interoper ability when t he PIM device and th e DVMRP route r are on the sa me network s egment . In this examp le, access li[...]

24-47 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Basic DVMRP Interoperability Features Beginnin g in pr ivi leged EX EC mod e, fol low the se st eps to conf igur e a DV MRP t unnel : Command Purpose Step 1 configur e terminal E nt er globa l c on figur ation [...]

24-48 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Basi c D VMRP Interope rabilit y F eat ures T o di sable the filter , use the no ip dvmrp accept-filter access-list-numbe r [ dist ance ] neighbor-list access-list -numbe r interfa ce configura tion comman d. Thi[...]

24-49 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Basic DVMRP Interoperability Features T o p revent the defa ult route adv ertisemen t, use the no ip dvmrp default-information { originate | only } interfac e config uration comm and. Respond ing to mrin fo Req[...]

24-50 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Fe atures Configuring Advan ced DVMRP Interoperability Feat ures Cisco routers and multilaye r switches run PIM to forward multicast packets to receivers and receive multic ast [...]

24-51 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Advanced DVMRP Interoperability Features Rejectin g a DVM RP Nonp runing Ne ighbor By default, Cisco d evices acc ept al l DVMRP neig hbors as peer s, re gardless of thei r DVMRP capabi lity . However, some non[...]

24-52 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Fe atures Figur e 24-14 Router Rejects Nonpr uning D VM RP Neighbor Note that the ip dvm rp reject-n on-p runer s inte rf ace c onfi gur ation c om mand pre vent s peer i ng wi [...]

24-53 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Advanced DVMRP Interoperability Features Controlling Route Exchanges This se cti on desc ribe s how to t un e th e Ci sco d ev ice adv er tise ment s of DV MRP ro ute s. It c on tains thi s config urati on info[...]

24-54 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Fe atures Changing the DVMR P Route Threshold By default , 10,000 DV MRP routes c an be rece ived per int erface wit hin a 1-mi nute interv al. When that rate is exce eded, a sy[...]

24-55 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Configuring Advanced DVMRP Interoperability Features Figu re 24- 1 5 Only C onne cted Un ica st Ro utes A re Adv e rtise d by De fault Beginning in privileged EXEC mode, follo w these step to customize th e summarization o[...]

24-56 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Fe atures Disabling DVMRP Autosummarization By default, the Cisco I OS software a utomatically performs some le v el of DV MRP summarizatio n. Disable t his fu nc tion if yo u w[...]

24-57 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Monitoring and Maintaining IP Multicast Routing Beginning in privileged EXEC mode, follo w these steps to change the default metric: T o re turn to the default value, use the no ip dvmrp metric-offset interface conf i gura[...]

24-58 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Mon i tor in g an d Mai nt a in in g IP M ultic as t Rou ting Clearing Cac hes, Ta bles, and D atabas es Y ou ca n remove all co nten ts of a par ticula r cache , tabl e, or dat abase. Cleari ng a cac he, ta ble, or da tabas [...]

24-59 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Mu lt ic as t Routing Monitoring and Maintaining IP Multicast Routing Monitoring IP Multicast Routing Y ou can u se the p rivi leg ed EXEC comm ands in T able 24-5 to monitor IP multicast route rs, packets, and paths: show ip pim interface [ ty[...]

24-60 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 24 Configuring IP Multicast Routing Mon i tor in g an d Mai nt a in in g IP M ultic as t Rou ting[...]

C HAPTER 25-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 25 Configuring MSDP This chapte r describes how to configure the Multicast Source Disc overy Protocol (MSDP) on your multilaye r switch. T he MSDP c onnects m ultiple Proto col-Indep endent Multic ast sparse-mode (PIM -SM) domai ns. MSDP is not fully supporte d[...]

25-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Unders tan din g MSDP The purpos e of thi s topolog y is to hav e domain s discov er mult icast sourc es in othe r domains . If the multicas t sources are of interest to a do main that has receiver s, multicast data is de livered over the [...]

25-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Understandi ng MSDP Figur e 25-1 MSDP Running Be tween RP P eers MSDP Benefits MSDP has th ese bene fits: • It breaks up the shared multicast distribu tion tree. Y ou can make the share d tree local to your domain. Y our lo ca l member s jo[...]

25-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Conf iguring M SDP Configuring MSDP This se cti on desc ribe s how t o c onf igur e MSDP . It co nt ain s t his co nfigu ra tio n in for mat ion: • Default MSD P Configur ation , page 25-4 • Configur ing a Defau lt MSDP Peer, page 25-4[...]

25-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Configuring MSDP Figur e 2 5-2 Def ault MSDP P eer Netw or k Beginning in privil eged EXEC mode, follow these steps to specify a default MSDP peer : Si ISP A PIM domain ISP C PIM domain SA Router A Multila yer Switch B 10.1.1.1 Def ault MSDP [...]

25-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Conf iguring M SDP T o remove the de fault peer , use the no ip msdp def a ult-peer globa l c onfi gura tion c om mand. This ex ampl e shows a pa rtia l config urat ion of Ro uter A and Rout er C in Figure 25- 2 . Each of t hese I SPs have[...]

25-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Configuring MSDP Begin ning in privil eged EXEC mode, fo llow these steps to en able the cachi ng of source/g roup pair s: Note An alternati ve to thi s command i s the ip msdp sa-request global config urati on comm and, whi ch causes the mul[...]

25-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Conf iguring M SDP Requestin g Source Info rmation fro m an MSDP Peer Local RPs can send SA req ues ts a nd get i mm edi ate r esp onses f or al l ac ti ve so urce s f or a given gro up. By default, the mul tilayer swi tch does not send an[...]

25-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Configuring MSDP Redistributing Sources SA messages ar e originat ed on RPs to whic h sources hav e register ed. By defa ult, an y source that regis ters with an RP is adverti s ed. Th e A flag is set in th e RP when a sour ce is regi stered,[...]

25-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Conf iguring M SDP T o remove the filter , use th e no ip msdp r edistribute global con figura tion com mand . Step 3 access-list access-list- number { deny | permit } sourc e [ sour c e-wi ldcar d ] or access-list access-list- number { d[...]

25-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Configuring MSDP Filtering Source- Active R equest Messages By default, only multilay er switches that are caching SA information can respond to SA requests. By default, such a sw itch ho nors al l SA requ est me ssages from i ts MSDP peers [...]

25-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Conf iguring M SDP Controlling Source Information that Your Switch Forwards By default, the multilayer switch f orwards all SA messages it rece ives to all its MSDP pee rs. However , you can preve nt outgoing messages fro m being for ward[...]

25-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Configuring MSDP T o remove the filter , use th e no ip msdp sa-filt er out { ip-a dd ress | nam e } [ list access-list-numbe r ] [ ro ut e -m a p map- tag ] glo bal co nfigura tion co mman d. This e xampl e sh ows h ow to allo w onl y (S,G [...]

25-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Conf iguring M SDP Using TTL to Limit the Multicast Data Sent in SA Messages Y ou can use a T T L value t o cont rol what data is encapsulated in the fir st SA message f or every source. Only multic ast packets with an IP-hea der TTL grea[...]

25-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Configuring MSDP Beginning in privileged EXEC mode, follo w these steps to apply a filter : T o remove the filter , use th e no ip msdp sa-filt er in { ip-address | name } [ list access-list-number ] [ ro ut e -m a p map- tag ] glo bal co nf[...]

25-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Conf iguring M SDP Config ur ing an MS DP Mes h Gr ou p An MSD P mesh group is a grou p of M SDP spe akers tha t have full y meshed MSDP conne ctivity among one an other . Any SA messages receive d from a pee r in a mesh g roup a re not f[...]

25-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Configuring MSDP Beginn ing in privileged EXEC mode, fo llow these s teps to shut d own a peer: T o bring the p eer back up , use t he no ip msdp shutdown { peer-nam e | peer address } global config urati on comm and. Th e TCP conn ecti on i[...]

25-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Conf iguring M SDP Note that t he ip msdp origina tor -id global config uration c ommand also identifi es an inte rface typ e and number t o be used as the RP addre ss. If both the ip msdp border sa-address and the ip msdp originator -id [...]

25-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 25 Configuring MSD P Monitoring and Maintaining MSDP Monitoring and Maintaining MSDP T o monitor MS DP SA m essag es, p ee rs, st ate, o r peer sta tus, use o ne or m ore of the pri vil eged EXE C comm ands in T able 25-1 : T o clear MSDP con nection s, stat ist[...]

25-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chap ter 25 Config uring MS DP Monito rin g and Maint ain ing MSDP[...]

C HAPTER 26-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 26 Configuring Fallbac k Bridging This c hapt er d escri b es how to co nfi gure fa llb ack bri dging on y our sw it ch. With fall back br idging , you can forw ard non -I P protocol s that the multila yer sw itch doe s not rou te be twee n VLA N bri dge dom ai[...]

26-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fallback Bridging Unders tan ding Fall ba ck Bridgi ng acts l ike a por t on a r oute r, but it i s n ot c onn ect e d to a ro ut er . A rou ted po rt i s not asso ci at ed w it h a particu lar VLA N, does n ot suppor t VLAN su binterfa ces, bu t [...]

26-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fal lback Bri dg ing Configuring Fallback Bridging Configuring Fall back Bridging This section descri bes how to conf igur e fallb ack br idgi ng on your switc h. It cont ain s this config ura tion inform ation: • Default Fal lba ck B ri dgin g C[...]

26-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fallback Bridging Configur ing Fallback Bridg ing Creating a Bridg e Group T o configur e fal lba ck br idgi ng for a se t of SVIs or ro ute d port s, t hes e i nte rfac es mu st b e assi g ned t o bridge group s. All i nter faces in the s ame gr [...]

26-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fal lback Bri dg ing Configuring Fallback Bridging This exa m ple sh ows ho w to c rea te br idge gr oup 10, spe cify t he VL AN -brid ge STP t o r un in th e br idge group, a nd assign a n int erf ace to the br idge g rou p: Switch(config)# bridge[...]

26-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fallback Bridging Configur ing Fallback Bridg ing Configuring the Bridge Table Aging Time A switch forw ards, fl oods, or dro ps packet s based on the bri dge tab le. The brid ge table ma intai ns both static an d dynamic entries. S tatic entr ies[...]

26-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fal lback Bri dg ing Configuring Fallback Bridging Beginning in privileged EXEC mode, follo w these steps to filter by the MAC-layer address: T o disable the fr ame forw ardi ng abil ity , use th e no bridge bridge-g r oup add ress mac -address glo[...]

26-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fallback Bridging Configur ing Fallback Bridg ing Changing the Switch Prio rity Y ou can globally co nfigure the priority of an individ ual switch when two switches tie for position as the root switch, or you can configure the likeli h ood that a [...]

26-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fal lback Bri dg ing Configuring Fallback Bridging No no form of this command exists. T o return to the default settin g, use the bridge-gr oup bridge-group priority nu mber interfac e c onf igur ati on comm an d. This e xampl e sh ow s h ow t o c [...]

26-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fallback Bridging Configur ing Fallback Bridg ing Adjust ing BPDU Interv als Y ou can adjust BPDU intervals as describ ed in these sections: • Adjusting th e Interval between Hello BPDUs • Defining the Forw ard Delay Interval • Defi ning th[...]

26-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fal lback Bri dg ing Configuring Fallback Bridging T o retur n to the default setting, use the no bridge bridge-group forw ard-t ime seconds globa l config urati on comm and. This e xampl e sh ow s h ow t o c ha nge th e for war d-d elay i n terv [...]

26-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 26 Configuring Fallback Bridging Monito rin g and Maint aining th e Network Disabling the Spanning Tree on an Inter face When a loo p-fre e path exis ts betwe en any tw o switch ed sub networ ks, you ca n pre vent BPDU s genera ted in one switc hing subne twork[...]

C HAPTER 27-1 Catalyst 3550 Multilaye r Switch Software Configu ration Guide 78-11194-03 27 Troubleshooting This chapte r describes how to identify and resolve softwar e problems related to the IOS software. Depen ding on the nature of the problem , you can use th e comman d-line interf ace (CLI ) or the Clu ster Managem ent Suite (CMS) to identif [...]

27-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Using Re covery Procedu res Recovering from Corru pted Softw are Switch so ftw are c an be corr upt ed du ring an upg ra de, by dow nlo adin g the w rong fi le to t he sw itch, an d by deletin g the ima ge file. In all of these cases, the swi[...]

27-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Troublesho oting Using Reco very Procedu res Recovering from a Lost or Fo rgotten Pass word The default config uration for Cataly st 3550 switches allows an end user with physical acce ss to the switch to re cover fr om a lost pas sword by interrup ting the bo[...]

27-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Using Re covery Procedu res Step 2 If you had set the co nsole port speed to an ything othe r than 9600 , it has been re set to that par ticula r speed. Chan ge the em ulation sof tware line sp eed to match that of the switch console port. St[...]

27-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Troublesho oting Using Reco very Procedu res Step 12 Retu rn to privi leged EX EC mode : Switch (config)# exit Switch# Step 13 W rite the running co nfiguration to the star tup configuratio n file: Switch# copy running-config startup-config The new password is[...]

27-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Using Re covery Procedu res Step 3 Dis play the cont ents of Flash memo ry: switch: dir flash: The switch file system is displayed: Directory of flash: 13 drwx 192 Mar 01 1993 22:30:48 c3550-i5q3l2-mz-121-0.0.53 17 -rwx 27 Mar 01 1993 22:30:5[...]

27-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Troublesho oting Using Reco very Procedu res Recovering from a Command Switc h Failure This se cti on de sc ribes how to re cove r fr om a fail ed c om mand sw itch. Y ou can conf igur e a re du ndant comman d switc h group by using the Hot Standby Router Prot[...]

27-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Using Re covery Procedu res Step 9 Use the setu p prog ram to config ure th e swit ch I P inform ation . Thi s pro gram pro mp ts you fo r IP a ddres s inform ation and pa ssword s. From privi leged EX EC mode, ent er setup , and pre ss Retur[...]

27-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Troublesho oting Using Reco very Procedu res Replacing a Failed Command Switch with Another Sw itch T o re place a failed command switch with a switch that is comman d-capable but not part of the cluster , follow the se step s: Step 1 Inse rt the new swi tch i[...]

27-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Preventing Autone gotiati on M ismatche s Step 10 When pr omp ted, assign a n ame to t he cl us ter , and pr ess Return . The clu ster name can be 1 to 31 al phan umeric cha ract ers, dashe s, or under score s. Step 11 When the initia l conf[...]

27-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Troublesho oting Diagnosing Connectivit y Problems Diagnosing Co nnectivity Prob lems This se cti on de scri bes how to tro uble shoo t c onn ect ivity p roble ms: • Understa ndin g Ping , page 27 -11 • Exe cutin g Ping, page 27-1 1 • Understa ndin g I [...]

27-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Diagno sing Connec tivity Prob lems This e xample sh ows h ow t o pi ng a n IP host: Switch# ping 172.20.52.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echoes to 172.20.52.3, timeout is 2 seconds: !!!!! Success rate is 100 perc[...]

27-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Troublesho oting Diagnosing Connectivit y Problems T o det er mine when a datagram reac h es its destinat io n, trace route sets the UD P destination p ort number in the datagram to a very lar ge value that the destina tion host is unlikely to be using. When [...]

27-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Using D ebug Command s T o ter minate a trace in pr ogress, enter th e escape s equence ( Ctrl-^ X by defa ult). Y ou enter the defau lt by simu ltane ous ly pres sin g and r ele as ing t h e Ctrl , Shift , and 6 keys, and t hen p ressi ng t[...]

27-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Troublesho oting Using the sho w forward C ommand Enabling All-Sy stem Diag nostics Beginnin g in pr ivi leged EX EC m od e, e nte r this comm and to ena ble al l-syste m diagnos tic s: Switch# debug all Cautio n Because deb ugging out put takes pr iority ove[...]

27-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Using the s how f orward Com m an d This is a n ex am ple of th e ou t put f ro m t h e show forward privileged EXEC comman d for Fast Ethern et port 8, whe re VLAN ID , source and de stinat ion MAC add resses, an d source and de stinat ion [...]

27-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Troublesho oting Usin g th e cr a shi n fo Fi le Using the crashinfo File The cr as hi nfo file save s infor ma tion t hat hel ps C isco tec hni cal su pport r epre sen tati ves to debug problem s that c aused the IOS im age to fail ( c rash). The swi tch wri[...]

27-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Chapter 27 Trouble shooting Using t he c rashinfo File[...]

A-1 Catalyst 3550 Multilay e r Switch Software Configuration Guide 78-11194-03 APPENDIX A Supported MIBs This app endix lists the supporte d manage ment info rmation ba se (MIBs) for this rel ease. I t contains the se sections: • MIB List, pa ge A-1 • Usin g F TP to Acce ss th e MIB File s, pa ge A-2 MIB List • RFC 1213 • IF-M IB • CISCO-[...]

A- 2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendi x A Suppor ted MIBs Using FTP t o Acces s the MIB Fi le s • CISCO-ME MOR Y -POOL-MIB • CISCO-R T TMON-M IB (subsystems supp orted: sub_ rtt_rm on and sub_rt t_rmonli b) • CISCO-PROCESS-MIB • OLD-CISCO- SYS-MIB • CISCO-CONFI G-MAN-MIB • CISCO -MAC-NOT[...]

B-1 Catalyst 3550 Multilay e r Switch Software Configuration Guide 78-11194-03 APPENDIX B Working with the IOS File System, Configuration Files, and Software Imag es This a ppend ix desc ribe s how to m an ipulat e th e Flash fi le syste m, how to copy c onf igur ation fi le s, an d how to archi ve (up load and do wnload ) softwa re imag es. Note F[...]

B-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w it h t he F lash File Sy st em Displaying Available File Systems T o display the available file system s on your sw itch, use the show file systems privil eged EXEC comm an[...]

B-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Wo rking with the Flash File System Setting the Default File System Y ou c an spec ify th e fi le syste m o r dir ect ory that the syste m us es as t he defa ult fi le s yst em [...]

B-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w it h t he F lash File Sy st em Creating and Rem oving Directo rie s Begin ning in priv ileged EXEC mode , follow thes e steps to cr eate and re move a dir ectory : T o dele[...]

B-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Wo rking with the Flash File System Some inval id combi nations of sour ce an d destinat ion exi st. Specifi cally , you cannot co py these comb inat ion s: • From a runni ng [...]

B-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w it h t he F lash File Sy st em Creating, Displaying, and Extracting tar Files Y ou can create a tar file and write files into it, list the files in a tar file, and extract [...]

B-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Wo rking with the Flash File System Y ou can also limit the displa y of the files by specifying an option al list of files or directories after the tar file; then only these f i[...]

B-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w ith Con figuration Files Displaying th e Conte nts of a File T o disp lay the contents o f any readabl e file, includ ing a file on a re mote file system, use th e more [ /[...]

B-9 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es W orking with Configuration Files • Copy ing Conf igur ation Files By Using FTP , page B-12 • Copying Con figura tion Files By Using RCP , pa ge B-16 • Clear ing C onf igu[...]

B-10 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w ith Con figuration Files Creating a Configuration File By Using a Text Editor When creating a configuration file, you must list commands logical ly so that the system can [...]

B-11 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es W orking with Configuration Files • Ensure th at the c onfigura tion fil e to be dow nloade d is in the co rrect directory on the TFT P server (usually / tftpboot on a UNIX w[...]

B-12 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w ith Con figuration Files Uploading the Configurati on File By Using TFTP T o upload a c o nfigurati o n file f rom a swit ch to a T FTP server for sto rage, f ollow these [...]

B-13 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es W orking with Configuration Files If the server has a directo ry structure, the configuration file is written to or copied from the dire ctory associ ated with the userna me on[...]

B-14 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w ith Con figuration Files This exa mple shows how to cop y a confi gura tio n file na med hos t1-confg from the netadmin1 directory on the remo te serv er wi th a n I P add[...]

B-15 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es W orking with Configuration Files Uploading a Configuration File By Using FTP Beginning in privileged EXEC mode, follo w these steps to upload a conf iguration fil e by using F[...]

B-16 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w ith Con figuration Files Copying Configuration Files By Using RCP The Re mote C opy Prot ocol (RCP) pr ovide s anot her m e thod of down loa ding, u ploa ding, and c opyi [...]

B-17 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es W orking with Configuration Files • When you upload a file to the RCP server , it must be properly configured to accept the RCP write request fro m the user on the switch. Fo[...]

B-18 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working w ith Con figuration Files This exampl e shows how to speci fy a remot e usern ame of netadmin1 . Then it copies the config uratio n file ho st2-confg fro m the netadmi n1 d[...]

B-19 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Working with Software Images This exa mple shows how to store a star tup confi gurat ion file on a serve r: Switch# configure terminal Switch(config)# ip rcmd remote-username n[...]

B-20 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working wi th Software Imag es This section includes this informa tion: • Imag e Locat ion on the Switch , pag e B-20 • tar File Format of Imag es on a Serve r or Cisco. com, pa[...]

B-21 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Working with Software Images Copying Imag e Files By Us ing TF TP Y ou can down load a switch image from a TFTP ser ver or upload the image from the switch to a TFTP server . Y[...]

B-22 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working wi th Software Imag es Preparing to Download or Uploa d an Image File By Using TFTP Before yo u beg in d ow nloa ding or up loa ding an im ag e fi le by using T FTP , do t h[...]

B-23 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Working with Software Images The down load a lgor ith m ver ifie s t hat the im ag e is app rop riat e for t he sw it ch m ode l a nd tha t e nou gh DRAM is prese nt, or it ab [...]

B-24 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working wi th Software Imag es Uploading an Image File By Using TFTP Y ou can u pload a n image f rom the swit ch to a TFTP server . Y ou can later d ownload th is image to the swit[...]

B-25 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Working with Software Images Copying Image Files By Using FTP Y ou can downlo ad a swit ch image fro m an FT P server or upl o ad the image from th e switc h to a n FTP server [...]

B-26 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working wi th Software Imag es Before yo u begin downl oading or uploading an image fi le by using FTP , do these tasks: • Ensur e that the swit ch has a route t o the FTP serve r[...]

B-27 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Working with Software Images The down load a lgor ith m ver ifie s t hat the im ag e is app rop riat e for t he sw it ch m ode l a nd tha t e nou gh DRAM is prese nt, or it ab [...]

B-28 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working wi th Software Imag es The algo rithm ins talls the downloaded image onto th e system board Flash d evice (f lash:). T he image is placed i nto a new directory named wit h t[...]

B-29 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Working with Software Images The archive upload-sw com mand bu ild s an im ag e fi le on the s erve r b y uploa ding the se f iles i n orde r: info, the IOS image, the HTML f i[...]

B-30 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working wi th Software Imag es For the RCP copy re qu est t o exec ute succ essfu lly , an acco unt mu st be de fi ne d on the netwo rk s er ver fo r the remote username. If the ser[...]

B-31 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Working with Software Images The down load a lgor ith m ver ifie s t hat the im ag e is app rop riat e for t he sw it ch m ode l a nd tha t e nou gh DRAM is prese nt, or it ab [...]

B-32 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working wi th Software Imag es If you spe cify t he /leave-old-sw , the existing files are not remov ed. If there is not enough roo m to install the new ima ge an keep the running i[...]

B-33 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix B Working with the IOS Fi le S ys te m, Configu rat ion Files, and Software Im ag es Working with Software Images The archive upload-sw privile ged EXEC c ommand build s an image file on the serv er by u ploading these file s in or der: info, the IOS im age, th[...]

B-34 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix B Working with the IOS File System, Configuration Files, an d S oftware Imag es Working wi th Software Imag es[...]

C-1 Catalyst 3550 Multilay e r Switch Software Configuration Guide 78-11194-03 APPENDIX C Unsupported CLI Commands This a ppend ix l ist s the unsu ppor ted com ma nd-l ine i nter face (CL I) c omma nds tha t are disp laye d w hen you en ter the questi on mark ( ?) at t he swit ch prompt . Th e unsup ported co mmand s are listed by softwa re fea tu[...]

C-2 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix C Unsupported C LI Comman ds FallBack Bridg ing FallBack Bridging Unsupporte d Privileged E XEC Commands clear bridg e [ bridge-g roup ] multicast [ ro ut e r-p o rt s | groups | counts ] [ gr ou p-address ] [ interfac e-unit ] [ counts ] clear vl an statistics [...]

C-3 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix C Unsupported CL I Comm ands HSRP bridge-gr oup brid ge-gr oup input-pattern-list access-list- number bridge-gr oup bri dge -gr oup input-type-l ist access-list-num ber bridge-gr oup bri dge -gr oup lat-compression bridge-gr oup bri dge -gr oup output-addr ess-l[...]

C-4 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix C Unsupported C LI Comman ds Interface Co nfiguration Com m an ds Interface Config uration Command s switchport br o adcast level swit c h po rt m u lt ic a st level switchpor t unicast level Note These comm ands wer e repl aced in IOS re lease 12 .1(8)EA1 by th[...]

C-5 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix C Unsupported CL I Comm ands IP Unicast Routing Unsupported Interface Configuration Commands frame-relay ip rtp header-compression [ acti ve | passive ] frame-relay map ip ip-add r ess dlci [ br oadcast ] compr ess frame-relay map ip ip-add r ess dlci rtp header[...]

C-6 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix C Unsupported C LI Comman ds IP Unicas t Rou ti ng ip ref lexive-list ip vrf route r bgp rou t e r e g p router -isis ro uter iso-igrp route r mobile rou t e r o d r rou t e r s t a t i c Unsupported Interface Configuration Commands ip accounting ip load-sharing[...]

C-7 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-11194-03 Append ix C Unsupported CL I Comm ands MSDP MSDP Unsupporte d Privileged E XEC Co mmands show access-expression show except ion show lo cati on show pm LINE show smf [ interface-id ] show s ubs cr i ber-policy [ po licy -number ] show template [ template-name ] Unsupporte[...]

C-8 Catalyst 3550 Multila yer Switch Software Conf iguration Guide 78-11194-03 Appendix C Unsupported C LI Comman ds RADIUS[...]

IN- 1 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 INDEX Numerics 802.1 Q and trunk ports 8-3 config urati on limitat ions 9-24 enca psul ation 9-22, 9-24 nati ve VLAN for u ntagge d traffi c 9-29 802.1 Q trunk mode 3-9 802.1 X See port -based auth entication 802.3 Z flow con trol 8-16 A abbrev iati ng comm ands 2-3 AB[...]

Index IN-2 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 ACLs (continued) host keywor d 19-12 IP applyi ng t o int erfa ce 19-18 crea ting 19-6 fragme nts a nd Q oS guide line s 20-20 implici t deny 19-9, 19-13, 19-15 implicit m asks 19-9 matc hing cri teria 19-3, 19-7 named 19-14 options and QoS gui deline s 20- 20 und[...]

Index IN- 3 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 aggreg ate policing 1-4 aging, ac celerating 10-10 aging tim e acceler ated for STP 10-10, 10-29 bridge table for fallback bridgi ng 26-6 MAC a ddr ess t abl e 6-53 maximu m for STP 10-18, 10-30 alarm s, RM ON 16-3 allowed-V LAN list 9-27 altern ate routes, IGRP [...]

Index IN-4 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 banners config uring login 6-51 mess age- of-t he-da y login 6-50 default conf igur ati on 6- 49 when disp laye d 6-49 binding cl uster gro up and HSR P group 23-9 blocking pac ke ts 12-6 booting boot loa der, f unctio n of 4-2 boot pr ocess 4-1 manually 4-13 spe [...]

Index IN- 5 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 Cisco Disc overy Pr otocol See CDP Cisco Exp ress For war ding See CEF Cisco Group Man agement Protoco l See CGMP Cisc o T echn i ca l A ssi st a nce C en ter xxxiii CiscoWorks 200 0 1-6, 18-3 classless routing 22-8 class maps for Qo S config uring 20-30 describe[...]

Index IN-6 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 CMS (continued) displaying system message s 3-19 error ch ecking 3-32 featu res 3-2 Front Panel images 3-6 Front Pane l vie w 3-4 interactio n modes 3-26 menu ba r 3-15 privi lege level 3-31 requir ements 3-30 saving co nfig uration ch ange s 3-32 toolbar 3-21 too[...]

Index IN- 7 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 config urati on files clearin g the startup co nfigura tion B-19 creating using a text editor B- 10 default n ame 4-12 deleting a stor ed conf igur ati on B-1 9 describe d B-8 dow nloa ding automatically 4- 12 prep aring B-10, B-13, B-16 reasons for B-8 using FTP[...]

Index IN-8 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 default configuration (c ontinued) EtherC hannel 21-7 fallback br idging 26-3 HSRP 23-3 IGMP 24-31 IGMP f ilt eri ng 11-20 IGMP sn oopin g 11-5 IGRP 22-30 initial switc h information 4-3 IP addressi ng, IP routing 22-4 IP multica st routing 24-13 Layer 2 int erfac[...]

Index IN- 9 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 Disqual ificati on Code option 3-25 Distance Ve ctor Multicast Routin g Protocol See DVMRP distan ce-v ec tor pr otoc ols 22-2 distribu te-list com mand 22-62 DNS and D HCP-base d auto configu ration 4-6 default conf igur ati on 6- 48 displaying t he c on figur a[...]

Index IN- 10 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 DVMRP (continued) support fo r 1-5 tunnel s config uring 24-46 displaying ne ighbor i nform ation 24-49 dynami c access mode 3-9 dynami c access po rts char act eris tics 9-3 config uring 9-38 defined 8-2 limit on nu mb er of host s 9-40 dynami c addresse s See [...]

Index IN-11 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 EtherChannel (cont inued) Layer 3 int erface 22-3 load balancin g 21-5, 21-13 logical int erfaces, described 21-2 number of int erfac es per 21-1 overvi ew 21-1 PAgP aggreg ate-port lea r ners 21-5 compatibilit y with Catalyst 1900 21-14 displaying sta tus 21-16 [...]

Index IN- 12 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 fallback bridging (continued) STP disabli ng on an interf ace 26-12 forwar d-dela y inter val 26-10 hello BPDU interval 26-10 interfac e priorit y 26-8 maximu m-idle i nterval 26-11 path cost 26-9 switch p riority 26-8 VLAN-brid ge STP 26-1, 26-2 support fo r 1-[...]

Index IN-13 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 FTP (continued) image fi les deleting old i mage B- 28 dow nloa ding B-26 prep aring the server B-25 uploadin g B-28 G GBICs 1000BASE -L X/LH modul e 1-9 1000BASE -SX m odu le 1-9 1000BASE -T modul e 1-9 1000BASE -ZX modul e 1-9 GigaStac k 1-9 get-bulk -requ est [...]

Index IN- 14 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 I ICMP redirec t messages 22-15 support fo r 1-5 time exce eded messages 27-12 tracer oute an d 27-12 unreach able m essages 19-5 unreach ables and ACL s 19-6 ICMP ping exec uting 27-11 overvi ew 27-11 ICMP Route r Discover y Protocol See IRDP icons clu ster t r[...]

Index IN-15 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 IGMP snooping (c ontinued) Immedi ate Leave 11-4 method 11-6 monitoring 11- 9 support fo r 1-2 VLAN c onfi gur ation 11-6 IGP 22-35 IGRP advertisements 22- 30 altern ate routes 22-31 config uring 22-32 default conf igur ati on 22- 30 describe d 22-30 exte rior ro[...]

Index IN- 16 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 IP addresses candi dat e o r me mb er 5-3, 5-15 classes of 22-5 clust er access 5-2 comm an d sw it ch 5-2, 5-13, 5-15 default conf igur ati on 22- 4 for IP routi ng 22-4 MAC address association 22-10 monitori ng 22-21 redunda nt c luste rs 5-13 standby comm a n[...]

Index IN-17 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 IP multicast routing ( continued) MBO NE deleting sdr cache en tries 24-58 describe d 24-39 displaying sdr ca che 24-59 enab ling sdr l istener supp ort 24-39 limiting DVMRP rou tes advertised 24-53 limiting sdr cache entry lifeti me 24-39 SAP pack ets for confer[...]

Index IN- 18 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 IP unicast routing (continued) protoc ols distan ce-v ect or 22-2 dynam ic 22-2 link-state 22-2 proxy ARP 22-10 redistribu tion 22-57 rever se address resolutio n 22-10 routed po rt s 22-3 static routing 22-2 steps to config ure 22-3 subnet ma sk 22-5 subnet zer[...]

Index IN-19 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 M MAC a ddr esses aging tim e 6-53 and VLAN association 6-52 building the address tab le 6-52 default conf igur ati on 6- 53 displaying 6-57 dynam ic lear ning 6-52 removi ng 6-54 in ACLs 19-28 IP address association 22-10 static adding 6-56 char acte rist ics of[...]

Index IN- 20 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 mirror in g tr af fic fo r an al ys is 15-1 misma tches, a utonegotiat ion 27-10 Mod e butt on 3-8 modes acces s to CMS 3-31 port 3-8 VLAN port memb ership 3-9 Modify bu tto n 3-29 module s, GBIC 1000BASE -LX/LH 1-9 1000BASE -SX 1-9 1000BASE -T 1-9 1000BASE -ZX [...]

Index IN-21 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 MSDP (continued) source-ac tive messa ges caching 25-6 clearin g cache entries 25-19 defined 25-2 filtering f rom a peer 25-11 filtering i n coming 25-14 filtering to a peer 25-12 limiting data with TTL 25-14 monitoring 25- 19 restr icting advert ised sources 25-[...]

Index IN- 22 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 NTP (continued) restr icting acc ess creatin g an access g roup 6-39 disabling NT P services pe r interfac e 6-40 source IP add ress, config uring 6-40 stratum 6-32 support fo r 1-2 synchroniz ing devic es 6-36 time services 6-33 synchroniz ing 6-32 O OK butto n[...]

Index IN-23 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 PIM default conf igur ati on 24- 13 dense m ode (S,G) nota tion 24-6 graft message s 24-6 overvi ew 24-5 pruning a nd SPT 24-5 rendezvou s p oint ( RP), d escribe d 24-7 RPF lookups 24-10 displaying ne ighb ors 24-59 enab lin g a mod e 24-16 neighbo r discovery a[...]

Index IN- 24 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 port -base d authen tica tion (cont inued ) EAP-response/iden tity frame 7-3 enab lin g 802.1X a u thenticati o n 7-8 period ic re-authe nticat ion 7-10 enca psul ation 7-2 initiation and message ex change 7-3 method lists 7-8 ports author izatio n state and dot[...]

Index IN-25 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 pr otect ed p orts 1-3, 12-5 protoc ol-depe ndent mo dules, EI GRP 22-47 Protocol-In dependent Multicast Proto col See PIM proxy ARP config uring 22-13 definition 22-10 with IP routi ng disabled 22-14 prun ing, V TP enab lin g 9-13 enab ling o n a port 9-28 exam [...]

Index IN- 26 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 QoS (continued) mappin g tabl es CoS-to-DSCP 20-39 CoS-to-egr ess-queue 20-45 displaying 20-56 DSCP-to-CoS 20-42 DSCP-t o-DSC P-mut ation 20-43 DSCP-to- thresho ld 20-47 IP-pr ecedence-to -DSCP 20-40 policed-DSCP 20-41 types of 20-11 mar ked-d own actio ns 20-35[...]

Index IN-27 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 RADIUS (cont inued) config uring accoun ting 6-27 authenti cation 6-23 author izat ion 6-26 communi cation , global 6- 21, 6-28 comm unication , per-se rver 6-20, 6-21 multiple UDP por ts 6-20 default conf igur ati on 6- 20 definin g AAA server groups 6-24 displa[...]

Index IN- 28 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 RFC (continued) 1253, OSPF 22-35 1305, NTP 6-32 1587, NSSAs 22 -35 1757, RMO N 16-2 1901, SNMPv 2C 18-2 1902 to 19 07, SN MPv2 18-2 2236, IP mu lticast an d IGMP 11-2 RIP advertisements 22- 25 authenti cation 22-28 config uring 22-26 default conf igur ati on 22-[...]

Index IN-29 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 show inte rfaces comma nd 8-15, 8-17 show running -conf ig command displaying A CLs 19- 19, 19-30, 19-32 interfac e descripti on in 8-17 shutdow n comma nd on int erf ac es 8-21 Sim ple Netw ork Ma nageme nt Pr otocol See SNMP SNAP 13-1 SNMP acce ssing MIB variab[...]

Index IN- 30 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 standby comm a nd sw itch config uring 5-22 conside rations 5-14 defined 5-2 priority 5-12 requir ements 5-3 virtual IP add re ss 5-13 See also c lust er sta ndb y grou p a nd H SRP standby gr oup , cl uste r See cluste r standby group and HSRP stan dby ip co mm[...]

Index IN-31 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 STP (continued) EtherC hanne l g ua rd describe d 10-20 enab lin g 10-37 exten ded s y st em I D affec ts on ro ot sw itch 10-23 affec ts on the sec ond ary r oot sw itch 10-24 overvi ew 10-3 unexpec ted b ehavio r 10-23 featu res 1-3 interface stat e, blocking t[...]

Index IN- 32 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 switch pr io rity, ST P 10-28 switch software features 1-1 switch v irtual in terface See SVI syslog See system me ssage loggin g system clock config uring daylight sav ing time 6-44 manually 6-42 summ er t ime 6-44 time z ones 6-43 displayin g the time and date[...]

Index IN-33 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 tail drop describe d 20-13 support fo r 1-4 tar fi les crea ting B-6 displaying the c ontent s of B-6 extractin g B-7 image fi le format B-2 0 techni cal assist ance Cisco.com xxxiii TAC xxxii i TAC web site xxxiii toll-fr ee tel ephone num bers xx xiv Telne t nu[...]

Index IN- 34 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 troublesh ooting connec tiv ity probl ems 27-11 detectin g Ether Channe l m isco nfi gu ratio ns 10-37 unidirectio nal links 14-1 determinin g packet disposition 27-15 displaying c rash infor mation 27-17 PIMv1 and PIMv2 inter operability proble ms 24-28 show fo[...]

Index IN-35 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 uploadin g config urati on files prep aring B-10, B-13, B-16 reasons for B-8 using FTP B-15 using RC P B-18 using T FTP B- 12 image fi les prep aring B-22, B-25, B-29 reasons for B-19 using FTP B-28 using RC P B-32 using T FTP B- 24 URLs, Ci sco xxxi User D ata g[...]

Index IN- 36 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03 VLANs (con tinued) native, c on figur ing 9-29 number supp orted 1-3, 9-2 port m embe rship mode s 9-3 static-access ports 9-18, 9-19 STP and 802.1Q trunks 10-8 supported 9-2 Token R in g 9-15 VLAN-brid ge STP 10-9, 26-1 VTP database and 9-15 VTP modes 9-4 VLAN [...]

Index IN-37 Catalyst 3550 Multilayer Switch Software C onfigurati on Guide 78-11194-03 VTP (continued) version 2 config urati on guidelin es 9-9 disabling 9-12 enab lin g 9-12 overvi ew 9-6 VLAN para meters 9-15 VTP moni toring 9-13 VTP pruning 1-3 VVIDs 1-8 W web-base d ma nag eme nt so ftw are See CMS Weighte d R andom Ear ly D et ecti on See WRE[...]

Index IN- 38 Catalyst 3550 Multilayer Switch Software Conf iguration Guide 78-1119 4-03[...]