Cisco Systems 3750E инструкция обслуживания

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236

Идти на страницу of

Хорошее руководство по эксплуатации

Законодательство обязывает продавца передать покупателю, вместе с товаром, руководство по эксплуатации Cisco Systems 3750E. Отсутствие инструкции либо неправильная информация, переданная потребителю, составляют основание для рекламации в связи с несоответствием устройства с договором. В законодательстве допускается предоставлении руководства в другой, чем бумажная форме, что, в последнее время, часто используется, предоставляя графическую или электронную форму инструкции Cisco Systems 3750E или обучающее видео для пользователей. Условием остается четкая и понятная форма.

Что такое руководство?

Слово происходит от латинского "instructio", тоесть привести в порядок. Следовательно в инструкции Cisco Systems 3750E можно найти описание этапов поведения. Цель инструкции заключается в облегчении запуска, использования оборудования либо выполнения определенной деятельности. Инструкция является набором информации о предмете/услуге, подсказкой.

К сожалению немного пользователей находит время для чтения инструкций Cisco Systems 3750E, и хорошая инструкция позволяет не только узнать ряд дополнительных функций приобретенного устройства, но и позволяет избежать возникновения большинства поломок.

Из чего должно состоять идеальное руководство по эксплуатации?

Прежде всего в инструкции Cisco Systems 3750E должна находится:
- информация относительно технических данных устройства Cisco Systems 3750E
- название производителя и год производства оборудования Cisco Systems 3750E
- правила обслуживания, настройки и ухода за оборудованием Cisco Systems 3750E
- знаки безопасности и сертификаты, подтверждающие соответствие стандартам

Почему мы не читаем инструкций?

Как правило из-за нехватки времени и уверенности в отдельных функциональностях приобретенных устройств. К сожалению само подсоединение и запуск Cisco Systems 3750E это слишком мало. Инструкция заключает ряд отдельных указаний, касающихся функциональности, принципов безопасности, способов ухода (даже то, какие средства стоит использовать), возможных поломок Cisco Systems 3750E и способов решения проблем, возникающих во время использования. И наконец то, в инструкции можно найти адресные данные сайта Cisco Systems, в случае отсутствия эффективности предлагаемых решений. Сейчас очень большой популярностью пользуются инструкции в форме интересных анимаций или видео материалов, которое лучше, чем брошюра воспринимаются пользователем. Такой вид инструкции позволяет пользователю просмотреть весь фильм, не пропуская спецификацию и сложные технические описания Cisco Systems 3750E, как это часто бывает в случае бумажной версии.

Почему стоит читать инструкции?

Прежде всего здесь мы найдем ответы касательно конструкции, возможностей устройства Cisco Systems 3750E, использования отдельных аксессуаров и ряд информации, позволяющей вполне использовать все функции и упрощения.

После удачной покупки оборудования/устройства стоит посвятить несколько минут для ознакомления с каждой частью инструкции Cisco Systems 3750E. Сейчас их старательно готовят или переводят, чтобы они были не только понятными для пользователя, но и чтобы выполняли свою основную информационно-поддерживающую функцию.

Содержание руководства

  • Страница 1

    Americas Hea dquarters Cisc o Syst ems , Inc . 170 West Ta sman Driv e San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 527-0883 Catal yst 3750-E and 3560-E S w itc h S of tw are Conf iguration Guide Cisco IOS R elease 12.2(37 )SE May 2 0 07 Text Pa rt Nu mber: OL-9775- 02[...]

  • Страница 2

    THE SPECIFICATIONS AND INFORMATION REGARDING TH E PRODUCTS IN THIS MANUAL ARE SUBJE CT TO CHANGE WITHOUT NO TICE. ALL STATEMENT S, INFORMATI ON, AND RE COMMENDATIONS IN T HIS MANUAL ARE BELI EVED TO BE A CCURATE BUT ARE P RESENTED W ITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED. USERS MUST TA KE FULL RESPONSIBILITY FOR THEIR AP PLICATION OF ANY [...]

  • Страница 3

    iii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CONTENTS Preface xli ii Audienc e xliii Pur pose xliii Conv enti ons xliii Relat ed P ubl icatio ns xliv Obtain ing Documentati on, Obt aining Su pport, an d Security Guide lines xlvi CHAPTER 1 Overview 1- 1 Featur es 1-1 Deployme nt Feat ures 1-2 Perfor mance Features[...]

  • Страница 4

    Cont ents iv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Underst anding Abb r eviat ed Commands 2-4 Underst andi ng no and defa ult Fo rms of Commands 2-4 Underst andi ng CLI Erro r Messages 2- 5 Using Con figuration Lo gging 2-5 Using Comma nd History 2-6 Changin g the Command Histor y Buffer Si ze 2-6 Recall ing C[...]

  • Страница 5

    Content s v Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Schedul ing a Reload of the Software I mage 3-17 Config uring a Schedu led Reloa d 3-17 Displa ying Scheduled Reload I nformati on 3-18 CHAPTER 4 Configur ing Cisc o IOS CNS Agents 4-1 Underst andi ng Cisco Con figurat ion En gine Soft ware 4-1 Config uration S[...]

  • Страница 6

    Cont ents vi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Stack Pr otoco l Versio n Compatibi lity 5-11 Major V ersio n Num ber Inco mpat ibility Amo ng Sw itche s 5-11 Minor Ver sion Number Incompati bility Amon g Switches 5-11 Underst andi ng Auto-Upg rade and Auto-Advi se 5-12 Auto-Up grade and Auto-A dvise Exa mp[...]

  • Страница 7

    Content s vii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 HSRP and Sta ndby Cluster Comman d Switches 6-11 Virtua l IP Ad dress es 6-12 Other Considerati ons for Clu ster St andby Groups 6-12 Automa tic Recov ery of Cluste r Config uration 6-13 IP Ad dres ses 6-14 Hostname s 6-14 Passw or ds 6-15 SNMP Communi ty Str[...]

  • Страница 8

    Cont ents viii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Creati ng a Bann er 7-1 7 Defaul t Banner Configur ation 7-17 Config uring a Message -of-the -Day Login Banner 7-18 Config uring a Login B anner 7-19 Mana gin g the MA C Addr ess Ta ble 7-19 Buildi ng the Addres s Table 7-20 MAC Addresse s and VLANs 7-20 MAC[...]

  • Страница 9

    Content s ix Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring Multi ple Pr ivileg e Levels 9- 7 Setti ng the Pr ivileg e Level for a Command 9-8 Changin g the Def ault P rivil ege L evel f or L ines 9-9 Logg ing into and Exit ing a Pri vile ge Level 9-9 Contro lling Swi tch Access with TACACS+ 9-10 Underst a[...]

  • Страница 10

    Cont ents x Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring th e Swit ch for Secure S hell 9-37 Underst anding SSH 9-38 SSH Serv ers, Int egrat ed C lien ts, and Supp orte d V ers ions 9-38 Limita tions 9-39 Config uring SSH 9- 39 Config uration Guidel ines 9-39 Setti ng Up the Switc h to Run SSH 9-40 Confi[...]

  • Страница 11

    Content s xi Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Using IE EE 802.1x Auth enticat ion with Port S ecurit y 10-16 Using IE EE 802.1x Authent ication with Wake -on-LAN 10-17 Using IE EE 802.1x Authent ication with MAC Aut hentication Bypass 10-17 Netw ork A dmis sion Cont rol L ayer 2 IE EE 8 02.1x Va lidatio n[...]

  • Страница 12

    Cont ents xii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 CHAPTER 11 Configur ing I nterfac e Characterist ics 11-1 Underst andi ng Interf ace Typ es 11 -1 Port-B as ed V LANs 11-2 Switch Po rts 11-2 Access Po rts 11-3 Trunk Po rts 11-3 Tunnel Ports 11 -4 Routed Po rts 11- 4 Switch Vi rtua l Interf aces 11-5 EtherC [...]

  • Страница 13

    Content s xiii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring the Power Sup plies 11-37 Monit orin g and Ma inta inin g the In terf aces 11-38 Moni tori ng I nter face Stat us 11-38 Cleari ng and Re settin g Interfaces and Counte rs 11-39 Shutti ng Do wn and Restar ting the I nter face 11-4 0 CHAPTER 12 Co[...]

  • Страница 14

    Cont ents xiv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Trunki ng Ov erview 13-16 Encap sul atio n Typ es 13- 18 IEEE 802 .1Q Configurat ion Con siderat ions 13-19 Defau lt Lay er 2 Et herne t Inte rfac e VLAN Conf igura tion 13-19 Config uring an Etherne t Interface as a Trunk Po rt 13-1 9 Intera ctio n wit h O t[...]

  • Страница 15

    Content s xv Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring VTP 14 -6 Defaul t VTP Configurat ion 14-7 VTP Confi gurati on Options 14-7 VTP C onf igurat ion in Gl obal Con figur atio n Mo de 14-7 VTP Confi gurati on in VLA N Database Con figuration Mode 14-8 VTP Confi gura tion Guid elin es 14-8 Domain Nam[...]

  • Страница 16

    Cont ents xvi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring Private VLANs 16-6 Tasks for Co nfigur ing Priv ate VLAN s 16 -6 Defaul t Priv ate-VLAN Co nfigu ration 16-7 Privat e-VLAN C onfiguratio n Guide lines 16-7 Seco ndar y a nd Pr imar y VL AN C onf igur atio n 16-7 Priva te-V LAN Po rt Co nfigur ati[...]

  • Страница 17

    Content s xvii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Bridg e ID, Swi tch Pr iori ty, and Ex ten ded Sys tem ID 18-4 Spannin g-Tree Interf ace St ates 18-5 Blocki ng St ate 18-7 List ening Sta te 18-7 Learni ng St ate 18-7 Forw ardi ng S tat e 18-7 Disabl ed State 18-8 How a Sw itch o r Po rt B ecom es the Ro o[...]

  • Страница 18

    Cont ents xviii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 CHAPTER 19 Configur ing MST P 19-1 Underst anding MSTP 19-2 Multip le Sp anning- Tree Regions 19-2 IST, C IST , and CST 19-3 Operati ons Withi n an MST Region 19-3 Operati ons Betw een MST Reg ions 19-4 IEEE 802 .1s Ter minolog y 19-5 Hop Count 19-5 Boundar[...]

  • Страница 19

    Content s xix Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Specif ying t he Link Typ e to Ensu re Rapi d Transit ions 19-24 Designa ting the Ne ighbo r Type 19-25 Restar ting the Pr otocol Migration Proce ss 19-26 Displa ying t he MST Config uration and Status 19-26 CHAPTER 20 Configur ing Opti onal Spanning -Tree Fe[...]

  • Страница 20

    Cont ents xx Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring Flex Lin ks and MAC Addr ess-Table Move Upd ate 21-5 Config uration Guidel ines 21-5 Defau lt C onfig urat ion 21-5 Config uring Flex Lin ks and MAC Addr ess-Table Move Upd ate 21-6 Config uring Flex Lin ks 21-6 Config uring VLAN Load Bala ncing o[...]

  • Страница 21

    Content s xxi Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CHAPTER 23 Configur ing Dynami c ARP Inspectio n 23-1 Underst anding Dyn amic ARP Inspecti on 23 -1 Interf ace Tru st St ates and Netw or k Se curi ty 23-3 Rate Lim iting of ARP P ack ets 23-4 Relati ve Priority o f ARP ACLs and DHCP Sn ooping Entries 23-4 Lo[...]

  • Страница 22

    Cont ents xxii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Displa ying IGMP Snooping Inform ation 24-17 Unde rsta nding Mult icas t V LAN R egi strati on 24-18 Using MVR in a Mu ltica st Te levi sion Appl icat ion 24-19 Conf igurin g MVR 24-20 Defaul t MVR Configu r ation 24-2 0 MVR Conf iguration G uidelines a nd L[...]

  • Страница 23

    Content s xxiii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CHAPTER 26 Configur ing Port -Based Traf fic Control 26-1 Config uring Storm Contr ol 26-1 Underst anding St orm Contro l 26-1 Defaul t Storm Co ntrol Con figurat ion 26-3 Config uring Storm Contr ol and Threshol d Level s 26 -3 Config uring Prote cted Port[...]

  • Страница 24

    Cont ents xxiv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring LLDP and LLDP- MED 28- 3 Defau lt L LDP C onfig ura tion 28- 3 Config uring LLDP Char acteri stic s 28 -3 Disab ling an d En abli ng LL DP Glob ally 28-4 Disab ling an d Enab ling LL DP on an Inte rface 28-5 Config urin g LLDP-MED TLVs 28-6 Moni[...]

  • Страница 25

    Content s xxv Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring Local SPAN 30-1 1 SPAN Confi gurati on Guideli nes 30-11 Creati ng a Loca l SPAN S ession 30 -12 Creati ng a Loca l SPAN Sess ion and Con figuring Inco ming Traf fic 30- 14 Specif ying VL ANs to Filt er 30-1 5 Config uring RSPAN 30-16 RSPAN Confi[...]

  • Страница 26

    Cont ents xxvi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring UNIX Syslog Servers 32-12 Loggin g M essage s to a UNIX Sysl og Daemon 32-12 Config uring the UNIX Syst em Logging Facil ity 32-1 3 Displa ying the Loggin g Confi gurati on 32 -14 CHAPTER 33 Configur ing S NMP 33 -1 Unde rsta nding SNM P 33 -1 S[...]

  • Страница 27

    Content s xxvii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Creati ng a Numbered Extended ACL 34-11 Reseque ncing ACEs in an ACL 34-15 Creati ng Named St andard and Extend ed ACLs 34-15 Using Ti me Ranges with ACLs 34-1 7 Incl uding Comm en ts i n ACL s 34-19 Applyi ng an IPv4 ACL to a Terminal Line 34-19 Applyi ng [...]

  • Страница 28

    Cont ents xxvii i Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring IPv6 ACL s 35 -4 Defaul t IPv6 ACL Configur ation 35-4 Inter action wi th Othe r Feature s and Swit ches 35-4 Creati ng I Pv6 ACLs 35-5 Applyi ng an IPv6 ACL to an Inter face 35-8 Displa ying IPv 6 ACLs 35-9 CHAPTER 36 Configur ing Q oS 36-1 [...]

  • Страница 29

    Content s xxix Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Standar d QoS Configurat ion Gui delines 36-35 QoS ACL Guide lines 36-35 Applyi ng QoS on In terfac es 36- 35 Polici ng G uid elines 36-36 General QoS Guideli nes 36-36 Enabli ng QoS Global ly 36-37 Enabli ng VLAN-Based QoS on Physica l Port s 36-37 Config u[...]

  • Страница 30

    Cont ents xxx Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 CHAPTER 37 Configur ing E therCh annels and Link -State T r ackin g 37-1 Underst andi ng EtherCh annels 37-1 EtherC hannel Overview 37-2 Port-C ha nnel Int erface s 37 -4 Port Aggr egation Proto col 37- 5 PAgP Modes 37-6 PAgP Int eraction with Ot her Features[...]

  • Страница 31

    Content s xxxi Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring IP Addr essing 38-5 Defaul t Addressing Conf iguration 38-6 Assig nin g IP A ddre sses to N etw ork Inte rfaces 38-7 Use of Subn et Zero 38-7 Classl ess Rou ting 38-8 Config uring Address Res olution Meth ods 38-9 Define a St atic ARP Ca che 38 [...]

  • Страница 32

    Cont ents xxxii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Config uring Basic EIGR P Parame ters 38-39 Config uring EIGRP Int erfac es 38 -40 Config uring EIGRP Route Authen ticati on 38-41 EIGRP St ub Ro utin g 38-42 Monit orin g and Ma inta inin g EIGRP 38-4 3 Config uring BGP 38-43 Defaul t BGP Configurati on 38[...]

  • Страница 33

    Content s xxxii i Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring Policy- Based Routin g 38 -83 PBR Confi gurati on Guideli nes 38-84 Enab ling P BR 38-85 Filt ering Ro utin g Infor mat ion 38-87 Setti ng Passi ve Inter face s 38-87 Contro lling Advertisi ng and Processin g in Routi ng Updat es 38 -88 Filte[...]

  • Страница 34

    Cont ents xxxiv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 CHAPTER 40 Configur ing H SRP and Enhanced Ob ject Tracking 40-1 Unde rsta nding HSR P 40-1 Mult iple HSRP 40-3 HSRP and Sw itch St acks 40-4 Config uring HSRP 40 -4 Defaul t HSRP Configurat ion 40-5 HSRP Confi gurat ion Guid elines 40- 5 Enabli ng HSRP 40 [...]

  • Страница 35

    Content s xxxv Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CHAPTER 42 Configur ing I P Multic ast Routing 42-1 Underst andi ng Cisco’ s Implem entatio n of IP Multi cast Rout ing 42- 2 Underst andi ng IGMP 42-3 IGMP V ersio n 1 42-3 IGMP Ve rsio n 2 42-3 Underst andi ng PIM 42-4 PIM V ers ions 42-4 PIM Modes 42-4 [...]

  • Страница 36

    Cont ents xxxvi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Changin g the IGMP Query Ti meout f or IGMPv2 42-32 Changin g the Maximum Query Resp onse Ti me for IGMP v2 42-33 Config uring the Switch as a Statica lly Connected Memb er 42-33 Config uring Optional Multi cast Ro uting Fea tures 42-34 Enab ling C GM P S e[...]

  • Страница 37

    Content s xxxvi i Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Contro lling Source In forma tion that Your Switc h Origina tes 43-9 Redist ribu ting So urces 43-9 Filt ering So urc e-Act ive R eque st Mes sage s 43-11 Contro lling Source In forma tion that Your Switc h Forwar ds 43 -12 Using a Fi lter 43-12 Using TTL[...]

  • Страница 38

    Cont ents xxxvii i Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Recover i ng from Lo st Cluste r Member Connectiv ity 45-13 Preven ting Autonegoti ation Mis matches 45 -13 Troubl eshoo ting Power over Ether net Switch Ports 45-13 Disabl ed Port Caused by Powe r Loss 45-1 4 Disabl ed Port Caus ed by False Link Up 45-1[...]

  • Страница 39

    Content s xxxix Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Config uring Online Di agnosti cs 46-2 Schedul ing Onli ne Diagnos tics 46-2 Config uring Health- Monito ring Diag nostics 46-3 Running Online Diagnost ic Tes ts 46 -5 Starti ng O nlin e Diagno stic Tes ts 46 -5 Displa ying Online Diag nostic Te sts an d Te[...]

  • Страница 40

    Cont ents xl Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Cleari ng C onfigur ation Info rmation B-19 Clear ing th e Sta rtup Config urat ion Fi le B-20 Dele ting a Stor ed C onfigur ation File B-20 Work ing wit h Soft ware Images B-2 0 Image Loc ation on the Switch B-2 1 File Fo rmat of Imag es on a S erver o r Ci s[...]

  • Страница 41

    Content s xli Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 HSRP C-4 Unsuppor ted Global Conf igurati on Comman ds C-4 Unsuppor ted Interfac e Configur ati on Commands C-5 IGMP Snoopi ng Commands C-5 Unsuppor ted Global Conf igurati on Comman ds C-5 Inter face Comma nds C- 5 Unsuppor ted Privile ged EXEC Command s C-5[...]

  • Страница 42

    Cont ents xlii Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 RADIUS C-11 Unsuppor ted Global Conf igurati on Comman ds C-1 1 SNMP C-12 Unsuppor ted Global Conf igurati on Comman ds C-1 2 Spannin g Tree C-1 2 Unsuppor ted Global Conf igurati on Comman d C-12 Unsuppor ted Interfac e Configur ati on Command C-12 VLAN C-1[...]

  • Страница 43

    xliii Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Preface Audience This gui de is for the ne tworking p rofess ional ma naging the stan dalone Catalyst 3 750-E or 356 0-E swit ch or the Ca talyst 3750- E switch stack , referred t o as the switc h . Before using this g uide, you shou ld have experien ce workin g wi t[...]

  • Страница 44

    xliv Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Preface Related Publi cations • Brace s ({ }) grou p req uired choices, and verti cal bars ( | ) se para te the alternati ve e lements. • Brace s and ve rtical bar s within squar e brack ets ([{ | }]) mean a required choic e within an optional elemen t. Inter acti[...]

  • Страница 45

    xlv Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Pre face Relate d Publicati ons • Catalyst 3 750-E and 3 560-E Switch S ystem Me ssage Guide (no t orderabl e but a vailable on Cisco.com) • Cisco Softwar e Activatio n and Compatib ility Document (not or derabl e but av a ilab le on Ci sco.com ) • Device manage [...]

  • Страница 46

    xlvi Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Preface Obtainin g Docume ntation , Obtaining Sup port, and Se curity G uidelines Obtaining Do cumentation, Obtaining Support, and Security Guidelines For informat ion on obtai ning docu menta tion, obt aining sup port, provid ing docum entati on feedba ck, secu rity [...]

  • Страница 47

    C HAPTER 1-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 1 Overview This c hapter provides these topic s abou t the C ataly st 3750- E a nd 3560-E sw itch software : • Feat ures , page 1-1 • Defa ult Settin gs After I nitial Swi tch Configurati o n, page 1-13 • Network Configu ration E xamples, page 1-16 • Wh[...]

  • Страница 48

    1-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • IP services f eature set, which pr ovide s a richer set o f enterp rise-class inte lligent serv ices. It in cludes all IP base featur es plus full Layer 3 rou ting (IP unicast routing , IP multicast rou ting, and fallb ack bridging) [...]

  • Страница 49

    1-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features • An embe dded de vice mana ger GUI for conf igur ing an d monit orin g a singl e swit ch through a we b br ow s er. Fo r inf ormation about starting th e de vice manager , see the getting started guide. For more information about the devi[...]

  • Страница 50

    1-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • Switch clus tering t echnol ogy f or – Unif ied conf iguratio n, monitoring, au thenticatio n, and software upgr ade of multiple, cluste r-capable sw itches , regardles s of their ge ograp hic proxi mity and interco nnectio n medi [...]

  • Страница 51

    1-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features • IGMP sn oopin g queri er suppo rt to configure switch to ge nerate periodi c IG MP Gene ral Qu ery messages • Multica st Liste ner Disc overy (MLD) snooping to enabl e efficient distribution of IP V ersio n 6 (I Pv6) multicas t data t [...]

  • Страница 52

    1-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s Manageability Features These a re the manageab ility features : • CNS embe dded ag ents for au tomat ing switc h mana geme nt, conf iguration storag e, and del i ver y • DHCP fo r au tomat ing co nfiguration of sw itch i nform ation [...]

  • Страница 53

    1-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features Availabi lity and R edund ancy F eatures These a re the a vail ability an d redunda ncy f eatures: • HSRP for comm and switch a nd L ayer 3 route r re dundan cy • Automati c stack maste r re-e lection (fa ilover support) for replac ing s[...]

  • Страница 54

    1-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • Link-state tracking to mirr or the state of the p orts that carry upstr eam traf fic from co nnected hosts and server s and to allow the failover of the ser ver traff ic to an ope ratio nal link on an other Ci sco Ether net sw itc h [...]

  • Страница 55

    1-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features • Protected port op tion f or rest ricting the forwa rding of tra f fic to designa ted po rts on th e sam e switc h • Port security optio n for limiting and identi fying MA C addresses of the stations allo wed to access the port • VLAN[...]

  • Страница 56

    1-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • MA C authentication b ypass to authorize clie nts based on the client MA C address. • Network Ad mission Cont rol (NA C) feat ures : – N AC L ayer 2 IEEE 802.1x v alidation of the anti v irus cond ition or po stu r e of endpoint[...]

  • Страница 57

    1-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Features – T r usted boun dary for det ectin g the prese nce of a Cisco IP Phone , trustin g the CoS value recei ved, and ensur ing port s ecu rity • Policing – T r aff ic-policin g policie s on the switch por t for mana ging how much of the p[...]

  • Страница 58

    1-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Feature s • Polic y-based routing (PBR) for conf iguring defined polic ies for traf fic flo ws • Multiple VPN routing/forw arding (mu lti-VRF) instances in c u stomer edge d ev ices to allo w service provid ers to support multiple virtu al pr[...]

  • Страница 59

    1-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Default Settings After Initial Switch Configurat ion • Ability to moni tor the r eal-ti me power consum ption. On a pe r-PoE port basi s, the switch se nses the total power consum ption, polices the power usage, and reports t he power usage. Monit[...]

  • Страница 60

    1-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Default Set tings A fter Initial Sw itch Conf iguration If you do not co nfigure the switc h at all, t he switch operate s with the se default sett ings: • Default swi tch IP addre ss, subnet mask , and defaul t gateway is 0.0.0.0. For more in [...]

  • Страница 61

    1-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Default Settings After Initial Switch Configurat ion • VLANs – Defa ult VLAN is VLAN 1. F or more information , see Chapter 13 , “Configur ing VLAN s.” – VLAN tr unking settin g is d ynamic au to (DTP). F or more in formation, see Ch apter[...]

  • Страница 62

    1-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les • UDLD is di sabled . For more info rmat ion, see Chapt er 29, “Configur ing UDLD .” • SP AN and RSP A N are di sabled . For more inform ation , see Cha pter 30, “C onfiguring SP AN and RSP AN.” • R[...]

  • Страница 63

    1-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Bandwidt h alone is not the only c onsidera tion whe n designing you r network. As your netwo rk traffic profiles evolv e, con sider p roviding network se rvices that c an suppor t appl icati ons f or voice and data in[...]

  • Страница 64

    1-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Y o u can u se the switches and swit ch stacks to create the f ollo wing: • Cost- effective wiring closet ( Figure 1- 1 )—A cost- ef fectiv e w ay to con nect man y users to the wiri ng closet is to have a sw[...]

  • Страница 65

    1-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples For high-speed IP forwarding at th e distributio n layer, connect the switc hes in the acce ss layer to a Gigabit m ultilayer switch in the b ackbone, such as a Cataly st 4500 Gigabit switch or Cata lyst 6500 Gigabit s[...]

  • Страница 66

    1-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Figur e 1 -3 High-P erfor mance W or kgr oup (Gigabit-t o-the-Deskt op) • Redunda nt Gigabit backbone (Figure 1-4 )—Usi ng HSRP , you ca n create backup pa ths betwe en two Catalyst 3750-E m ultilayer Gi gabi[...]

  • Страница 67

    1-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -4 Redundant G igabi t Bac kbone • Serv er aggr e gation ( Figure 1-5 ) and Lin ux server cluste r ( Figure 1- 6 )—Y ou ca n use t he Catalyst 3560-E swit ches and Catalyst 37 50-E-o nly switch stac ks to[...]

  • Страница 68

    1-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Figu re 1 -5 Ser ver Aggregatio n 86931 Si Si Si Si Si Si Campus core Catalyst 6500 s witches Catalyst 4500 multila yer switches Catalyst 3750-E-only StackWise Plus s witch stacks Ser ver r acks 200857 Campus cor[...]

  • Страница 69

    1-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -6 Linux Serv er Cluster Small to M edium-Si zed Networ k Using Catalyst 3750-E and 3560-E Switches Figure 1-7 an d Figure 1-8 show a configuratio n for a net work of up t o 500 emp loyees . This net work use[...]

  • Страница 70

    1-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les When an end sta tion in one VL AN needs to communicate with an end s tation in anoth er VLAN, a rou ter or Laye r 3 switc h route s the traffic to the de stinatio n VL AN. In this network, the C atalyst 3750- E-o[...]

  • Страница 71

    1-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -8 Catalyst 3560-E S witches in a Collapsed Back bone Conf igur ation Gigabit ser vers 200860 Cisco 2600 or 3700 routers Catalyst 3560-E s witches Internet Cisco IP phones W orkstations running Cisco SoftPhon[...]

  • Страница 72

    1-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Large Ne twork Us ing Catalys t 3750 -E an d 3560-E S witc hes Switche s in the wiring close t hav e trad itionall y been only Layer 2 devices, but as network traff i c profiles e volve, switches in the wiring cl[...]

  • Страница 73

    1-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Figur e 1 -9 Catalyst 37 50-E Switc h Stac ks in Wiri ng Closets in a Bac kbone Configur ation Cisco 7x00 routers Catalyst 6500 multila yer switches Cisco IP Phones with workstations IEEE 802.3af-compliant powered de v[...]

  • Страница 74

    1-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Figur e 1 -1 0 Catalyst 35 60-E S witc hes in Wir ing Closets in a Bac kbone Conf iguration Cisco 7x00 routers Catalyst 6500 multila yer switches Catalyst 3560-E s witches Catalyst 3560-E s witches Cisco IP Phone[...]

  • Страница 75

    1-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Network Configuration Examples Multidwelling Network Usi n g Ca talyst 3750-E Switches A growing segmen t of residen tial a nd co mmer cial cu stome rs ar e requir ing h igh-spe ed acc ess t o Ether net metropolita n-area n etwork s (MANs). Figure 1[...]

  • Страница 76

    1-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Netwo rk Configura tion Examp les Figur e 1 -1 1 Catalys t 3750-E Sw itch es in a M AN Configu ration Long-Distan ce, High-Ba ndwidth T ransport C onfiguration Figure 1-12 shows a configur ation fo r sending 8 Gi gabits of data over a single fibe[...]

  • Страница 77

    1-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 Ov erview Where t o Go Next Figur e 1 -12 Long-Distanc e, High-Bandw idth T r ansp ort Con figur ation Where to Go Next Before conf iguring the switch, re view these secti ons for startup infor mation: • Chapter 2, “U sing the Co mmand -Line I nterface”[...]

  • Страница 78

    1-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 1 Over vi ew Where to Go Nex t[...]

  • Страница 79

    C HAPTER 2-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 2 Using the Command-Line Interface This c hapte r descr ibes t he Cisc o IOS comm and-li ne in terface ( CLI) and how to use it to configure your standa lone Cataly st 3750-E or 35 60-E switc h and to a Cataly st 3750-E swit ch stack, referred to as the switch [...]

  • Страница 80

    2-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Underst anding Com mand M odes Ta b l e 2 - 1 describes the ma in comm and mod es, how to access ea ch one, t he prompt you see in th at mode , and how to exit the mode. Th e exampl es in the tab le use the h ostname Switch .[...]

  • Страница 81

    2-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Understa nding th e Help Syst em For more detail ed info rmat ion on the command mode s, see the c omma nd refe rence g uide for th is rel ease. Understandin g the Help Syste m Y ou can enter a quest ion mark (?) at th e syst[...]

  • Страница 82

    2-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Underst anding A bbreviated Co mmand s Understandin g Abbreviated Commands Y o u need to enter only enough char acte rs for the sw itch t o rec ognize the c omma nd a s unique . This e xample sho ws ho w to enter th e show co[...]

  • Страница 83

    2-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Understanding CLI Error Messages Understandin g CLI Error Messages Ta b l e 2 - 3 lists some error message s that you mi ght e ncounte r whi le using the C LI to configure your switch. Using Configuratio n Logging Y o u can l[...]

  • Страница 84

    2-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Usin g Comma nd His tor y Using Command History The software provides a histor y or rec ord of comma nds that you have enter ed. The co mman d history feature is particular ly useful for recal ling long or comple x commands o[...]

  • Страница 85

    2-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Using Edit ing Featu res Disabling th e Comman d Histor y Featu re The comma nd history featur e is autom atically enabled. Y ou can disable it for t h e curre nt termin al sessi on or for the comman d line. The se proc edure[...]

  • Страница 86

    2-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Using E diting Feature s Editing C ommands throu gh Keystrok es Ta b l e 2 - 5 sh ows th e ke ystrokes that you ne ed to edit comm and lines. These ke ystroke s are option al. T able 2-5 Editing Comma nds thr ough Ke ystr ok [...]

  • Страница 87

    2-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Using Edit ing Featu res Editing C ommand Lines that Wrap Y o u can use a wrapa round feature for commands t hat extend beyond a singl e line on th e screen . When the cursor reaches the right mar gin, the command line shifts[...]

  • Страница 88

    2-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Searching and Filterin g Output of show and more Commands Use lin e wrapping with th e comman d histo ry featu re to recal l and modif y previous comp lex command entries. F or information a b out recallin g pre vious comman[...]

  • Страница 89

    2-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 Using the Comma nd-Line In terface Acce ssi ng th e C LI Accessing the CLI throu gh a Co nsole Conn ection or through Telnet Before yo u can acce ss the CLI, you must connect a t ermin al or a PC to the switch c onsole or c onnect a PC to the Ethe rnet m anag[...]

  • Страница 90

    2-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 Using the Comman d-Line Interface Access ing the CLI[...]

  • Страница 91

    C HAPTER 3-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 3 Assigning the Switch IP Address and Default Gateway This chap ter de scribe s ho w to creat e the initi al switch co nf igurati on (for ex ample, as sign ing the IP address an d default gateway informa tion) by using a variety of au tomati c and manua l metho[...]

  • Страница 92

    3-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion The nor mal b oot p rocess involv es the opera tion of the boot lo ader software, which perfo rms the se acti vities: • Performs lo w-lev el CPU initialization. It init[...]

  • Страница 93

    3-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information Note Stac k me mbers r etain their IP ad dress wh en yo u re move them f rom a sw itch st ack. T o avoid a c onflict by ha ving two devices with the same IP add ress in your[...]

  • Страница 94

    3-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion W i th DHCP-b ased autoc onfiguration , no DHCP clie nt-sid e configuration is needed on your switc h. Howe ver, you need to configure the DHC P server f or various leas [...]

  • Страница 95

    3-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information The DHCP serv er sends the client a DHCPN AK denial broad cast message, which means tha t the of fered configurati on param eters have not been assign ed, tha t an error ha [...]

  • Страница 96

    3-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion If you do no t conf igure the DHCP server with the lea se options d escribed pre viously , it re plies to clien t requests wit h only those par ameters t hat are configur[...]

  • Страница 97

    3-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information Configuring the Relay Device Y o u must configur e a relay device, also referr ed to as a re l a y a g e n t , when a swit ch send s broa dcast pack ets th at requ ire a r e[...]

  • Страница 98

    3-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion • The IP a d dress and the conf iguration f ilename is reser ved f or th e switch, b ut the TFT P serv er address i s not provided in the DH CP reply (o ne-file read me[...]

  • Страница 99

    3-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Assigning Switch Information Ta b l e 3 - 2 sho ws the conf iguration of the res erv ed leases o n the DHCP serv er . DNS Ser ver Conf iguration The DNS server ma ps the TF TP se rver name tftpserver t [...]

  • Страница 100

    3-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Assign ing Swi tch In format ion • It re ads its host t able by i ndexing i ts IP a ddress 10.0.0 .21 t o its hostnam e (swi tcha). • It reads the configuratio n file that cor responds t o its hostn[...]

  • Страница 101

    3-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Checki ng and Savi ng the Running C onfigu r ation Checking and Sa ving the Running Configuratio n Y o u can chec k the configur ation settings you e ntered or changes yo u made by enter ing this pri v[...]

  • Страница 102

    3-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Modifyin g the Startup Conf iguration Modifying the Start up Configuration These sec tions descr ibe how to modify th e switch st artup co nfiguration: • Def aul t Bo ot Con fi guratio n, pa ge 3-12 ?[...]

  • Страница 103

    3-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Modify ing the Start up Confi gurat ion Note On C atal yst 3750- E swi tches, this command only works pr operly from a standa lone switch. Beginn ing in pri vileged EXEC mode, follo w these steps to sp[...]

  • Страница 104

    3-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Modifyin g the Startup Conf iguration T o d isab le ma nual b ooting, u se the no boot manual g lobal c onfiguration c ommand . Booting a Specific Software Image By default, the switch attempts to autom[...]

  • Страница 105

    3-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Modify ing the Start up Confi gurat ion T o return to the default setting, use the no boot system globa l configurat ion c ommand. Controlling Environment Variables W ith a n ormall y op erati ng swi t[...]

  • Страница 106

    3-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Modifyin g the Startup Conf iguration Note For c omplete s yntax and u sage in forma tion fo r the boot loader command s and en vironment variab les, see the c omman d refere nce fo r this rel ease. Ta [...]

  • Страница 107

    3-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 Assigni ng the Swi tch IP Addr ess an d Defa ult Gate way Scheduling a Reload of the Software Image When t he swit ch is c onne cted to a PC through the Ethern et ma nageme nt port , yo u can download or upload a conf iguration f ile to the bo ot loader by us[...]

  • Страница 108

    3-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 3 Assigni ng the Switch IP Addr ess and Default Gat eway Scheduli ng a Reload of the Software Image Note Use the at keyw ord on ly if the swit ch system clock has be en set (throu gh Networ k T ime Protocol (NTP), t he hardwa r e calen dar , or manually ). Th[...]

  • Страница 109

    C HAPTER 4-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 4 Configuring Cisco IOS CNS Age nts This chapt er descr ibes how to configure the Cisco IO S CNS agents on the Catal yst 3750-E and 3560-E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch and to a C [...]

  • Страница 110

    4-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Underst anding Cisco Configurat ion Engin e Software Figur e 4-1 Configur ation Engine Ar chit ectur al Ove rview These sect ions co ntain this co nceptu al in forma tion: • Configuration Servi ce, page 4-2 • Event Se[...]

  • Страница 111

    4-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Understanding Cisco Configuration Engine Software Event Servic e The Ci sco C onfiguration Engine uses t he Event Se rvice for re ceipt and g enerat ion of configurat ion e vents. The e vent agent is on the switch and facilita[...]

  • Страница 112

    4-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Underst anding Cisco Configurat ion Engin e Software DeviceID Each co nfigured swit ch parti cipati ng on the ev ent bus has a un ique DeviceID, w hich is ana logous to the switch source ad dress so that the switch can be[...]

  • Страница 113

    4-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Understa nding Ci sco IOS Age nts Understandin g Cisco IOS Agents The CNS e vent ag ent featu re allo ws the switch to publish an d subscr ibe to e vents on th e e vent b u s and works with the Cisc o IOS agent. Th e Cisco IOS[...]

  • Страница 114

    4-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Configuring Cisco IOS Agents Incremental (Partial) Configur ation After t he ne twork i s runn ing, new serv ices c an b e adde d by usi ng the Cisco IOS a gent. Increm ent al (partia l) co nfigurations can be sent to the[...]

  • Страница 115

    4-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Configuring Cisco IOS Agents Note For more informatio n about running the setup program and creating templ ates on the Config uration Engine , see the Cisc o Configuration En gine I nstallat ion and Setup Guide, 1. 5 for Li nu[...]

  • Страница 116

    4-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Configuring Cisco IOS Agents Enabling th e CNS Ev ent Agent Note Y ou mu st ena ble the CNS e vent ag ent on the s witch b efore you en able th e CNS co nf iguratio n agen t. Beginn ing in pri vileged EXEC mode, follo w t[...]

  • Страница 117

    4-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Configuring Cisco IOS Agents Enabling th e Cisco IOS C NS Agent After enabling th e CNS e vent age nt, start t h e Cisco IOS CNS agent on the switch. Y ou can e nable the Cisco IOS ag ent with the se comman ds: • The cns con[...]

  • Страница 118

    4-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Configuring Cisco IOS Agents Step 7 cn s id inte rface num { dns-rev erse | ipaddress | mac-addr ess } [ ev en t ] or cns id { hardware -serial | hostname | string string } [ eve n t ] Set th e uniqu e Even tID or Config[...]

  • Страница 119

    4-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 Conf iguring Cisco IOS CNS Agents Configuring Cisco IOS Agents T o disab le th e CNS C isco IO S agent , us e the no cns conf ig initial { ip-address | hostname } global configurati on c ommand. This e xample sho ws h o w to conf igure an initial conf igurati[...]

  • Страница 120

    4-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 4 Config uring C isco IO S CNS Agent s Displaying CNS Con figuration Displaying CNS Configuration Y o u can use the privileged EXE C command s in Ta b l e 4 - 2 to di splay CN S configuratio n infor mation. T able 4-2 Displayi ng CNS Configuratio n Comma nd P[...]

  • Страница 121

    C HAPTER 5-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 5 Managing Switch Stacks This chapt er provid es the concept s and proced ures to man age Ca talyst 3750 -E swit ch stack s. Note For c omplete s yntax and u sage in forma tion fo r the command s used in th is cha pter , see the co mmand refere nce fo r th is r[...]

  • Страница 122

    5-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks – A mixed software stac k with only Ca talyst 3750-E switch es support ing differen t feat ures or only Catalyst 3750 swi tches support ing di f ferent featu res as st ack m embers. For example, a Cat al[...]

  • Страница 123

    5-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks T o ma nage switch stac ks, you sho uld under stand: • These conce pts on how swit ch stac ks ar e formed : – Switch Stack M embers hip, page 5 -3 – Stack Mast er Electi on and Re-Ele ction, pa ge 5-5 ?[...]

  • Страница 124

    5-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Note M ake sure that you power off t he swi tches th at you add to or re move from the switc h stack. After ad ding or re moving sta ck memb ers, m ake sure th at the sw itch stack is ope rating at full ba[...]

  • Страница 125

    5-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Figur e 5-2 A dding a S tandalone S witch t o a Switc h Stack Stack Mas ter Election an d Re-Ele ction The st ack mast er is ele cted or re-e lecte d based on one of t hese fact ors and in the ord er list ed:[...]

  • Страница 126

    5-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks A stack ma ster ret ains its role unless one of thes e ev ents occurs: • The switch stack is reset. * • The stack master is remov ed from the switch stack. • The stac k master is reset or powered off[...]

  • Страница 127

    5-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Stack member s in the same switc h stac k canno t have the sam e stac k me mber n umber. Every stack member , including a standalone switch, ret ains its member number until you manually chan ge the number or[...]

  • Страница 128

    5-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Switch Stack Offline Configuration Y o u can use the offline configurati on featu re to pr ovision ( to supply a configu ration to ) a new switc h before it joins the swi tch stack . Y ou c an configure in[...]

  • Страница 129

    5-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks If you add a prov isioned switch that is a dif f erent type than specif ied in the provisioned co nf iguration to a po wered-do wn switch stack and then apply po wer, the switch stack rejects the (no w incorr[...]

  • Страница 130

    5-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Note If the switch stack does not contain a pro v isioned co nf iguration for a ne w switch, the switc h joins the stack wi th the d efault interface c onfigurati on. The switch st ack the n add s to its [...]

  • Страница 131

    5-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks For more infor mation, see the “Stack Protoc ol V e rsion Compa tibility” section on pa ge 5-11 a nd the Cisco Softwar e Activation and Compatibilit y Document on Cisco.com. For informat ion about mixed [...]

  • Страница 132

    5-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Understanding Auto-Upgrade and Auto- Advise When the software detects mismatc h ed softwa re and t ries to upg rade the switch in V M mode, tw o soft ware pr ocesses are in volv ed: automatic up grade and[...]

  • Страница 133

    5-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Y o u can use the archi ve-do wnload-sw /al low-featur e-upgrade privileged EXEC c omman d to allo w installing an differ ent softw are image. Auto-Upgrade and Auto-Advise Example Messages When you add a swi[...]

  • Страница 134

    5-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks *Mar 11 20:36:15.038:%IMAGEMGR-6-AUTO_COPY_SW:extracting c3750e-universal-mz.122-0.0.313.SE/c3750e-universal-mz.122-35.SE2 (4945851 bytes) *Mar 11 20:36:15.038:%IMAGEMGR-6-AUTO_COPY_SW:extracting c3750e-u[...]

  • Страница 135

    5-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Note Auto-advise and auto-co py iden tify which image s are running b y examin ing the info f ile and b y search ing the dire ctory structure on the swit ch stac k. If you downloa d your image by usi ng the [...]

  • Страница 136

    5-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Y o u back up and re store the st ack configurat ion in the same way as you would for a standa lone switc h configurati on. For more info rmation a bout file systems and configur ation files, see Appe ndi[...]

  • Страница 137

    5-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Connectivity to the Switch Stack Thr ough an IP Address The switch stack is managed thro ugh a single IP ad dress. The IP addr ess is a system-lev el setting and is not specif ic to the stac k master or to a[...]

  • Страница 138

    5-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Underst anding Swit ch Stacks Switch Stac k Configuratio n Scen arios Ta b l e 5 - 2 pr ovides s witch s tack conf iguration sce narios. Mos t of th e scenar ios assume th at at leas t tw o switch es are connect ed through their Stack[...]

  • Страница 139

    5-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Understanding Switch Stacks Stack mast er elect ion sp ecific al ly d ete rm ined by the cryptog raphic soft ware i mage an d the IP base featur e se t Assuming that all stack members hav e the same priority v alue: 1. Make sure tha t [...]

  • Страница 140

    5-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Conf igurin g the Sw itch Stack Configuring the Switch Stack These sec tions co ntain this co nfiguration in format ion: • Default Swi tch Stack Con f igura tion, page 5-20 • Enablin g Persis tent M A C Addre ss, page 5-20 • Ass[...]

  • Страница 141

    5-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Configuring the Switch Stack • If you e nter a time delay of 1 to 60 minu tes, the stac k MA C addr ess of the previous stac k maste r is used unt il the configur ed tim e peri od expires or until you enter the no stack-ma c persiste[...]

  • Страница 142

    5-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Conf igurin g the Sw itch Stack WARNING: Administrators must make sure that the old stack-mac does WARNING: not appear elsewhere in this network domain. If it does, WARNING: user traffic may be blackholed. Switch(config) # end Switch#[...]

  • Страница 143

    5-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Configuring the Switch Stack Beginn ing in pri vilege d EXEC mode, follo w th ese steps to assign a priori ty valu e to a stack member: This proc edure is option al. Provisioning a New Member for a Switch Stack Note This task is av ail[...]

  • Страница 144

    5-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Access ing the CLI of a Specif ic Stack Memb er T o remo ve pro visione d informa tion an d to a voi d recei ving an error messa ge, remo v e the sp ecif ied switch from the stac k before you use the no form o f this c omm and . This [...]

  • Страница 145

    5-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 5 Managing Swi tch Stacks Displaying Switch Stack Information sho w swit ch st ack- por ts Displays port information for the entir e switch stack. show swi tch s tack-ring activity [ detail ] Displays the number of fram es per stack member that ar e sent to the[...]

  • Страница 146

    5-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 5 Mana ging Switch Stacks Displaying Switch Stack Inf ormation[...]

  • Страница 147

    C HAPTER 6-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 6 Clustering Switches This chap ter pro vides the con cepts and p rocedu res to cr eate an d manage Cataly st 37 50-E and 3 560-E swit ch cl u ster s. Un les s ot her wis e no ted, th e ter m switch ref ers to a stan dalone swit ch and t o a switc h stack. Y o [...]

  • Страница 148

    6-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Underst anding Swit ch Clusters In a switch cluster , 1 switch must be the cluster command switch and up to 15 othe r switches can be cluster member switch es . The tot al numbe r of switche s in a cluste r cannot excee d 16 switc hes. Th[...]

  • Страница 149

    6-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Understanding Switch Clusters Cluster Command Switc h Characteristics A cluster co mmand switch must me et these req uirements : • It is running Cisco IOS Release 12.2(35)SE 2 or later . • It has an IP address . • It has Cisco Disc o[...]

  • Страница 150

    6-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Candidate Switch and Cluster Me mber Switch Characteristics Candid ate swi tches are cluster-capable swi tches and sw itch stacks t hat hav e not yet be en added to a cluster . Cluster member switches are switch[...]

  • Страница 151

    6-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er Automatic Disco very of Clus ter Candid ates and M embers The clust er com mand swit ch uses Cisc o Discovery Protoc ol (CDP) to discover cluste r member sw itches, candi date switc hes, n eighborin g switch c [...]

  • Страница 152

    6-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster In Figure 6-1 , the cl uster com mand sw itch ha s ports assigne d to VL ANs 16 and 62. The CDP hop count is three. The clu ster command switch di scov e rs switches 11, 12, 13, and 14 because the y are within t[...]

  • Страница 153

    6-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er Figure 6-2 sh o ws that the cluste r command switch disco ve rs the switch that is co nnected to a third-p arty hub . Ho wev er , the cluster co mmand switch does not di scov er the switch that is connected to [...]

  • Страница 154

    6-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Figur e 6-3 Discov ery Throug h Dif f erent VLANs Discovery Through Different M anagement VLANs Catalyst 296 0, Catalyst 297 0, Catalyst 355 0, Catalys t 3560, Cataly st 3560-E, Cataly st 3750, or Catalyst 3750-[...]

  • Страница 155

    6-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er Figur e 6-4 Discov ery Throug h Dif f erent M anage ment VLANs with a Layer 3 Clust er Command Sw i tc h Discovery Through Routed Ports If the c luster comma nd switc h has a r outed port (RP) configured , it d[...]

  • Страница 156

    6-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Figur e 6-5 Disco very Thr ough Rou ted P o r ts Discovery of Newly Installed Switches T o jo in a cluster, the ne w , out -of-the -box switc h must be conne cted to the clust er throu gh one of its acce ss por[...]

  • Страница 157

    6-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er HSRP and S tandby Cluster Command Switches The switc h supports H ot Standby Router Prot ocol (HSRP) so that you can configur e a group of standby cluste r comm and switche s. Be cause a clust er co mman d s w[...]

  • Страница 158

    6-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Virtual IP Addresses Y o u need t o assign a unique vi rtual IP add ress and gr oup num ber and na me to the clus ter stand by group. This info rmatio n must b e conf igured on a speci f ic VLAN or ro uted port[...]

  • Страница 159

    6-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er • All stan dby-group memb ers must be member s of the clus ter . Note There is no limit to t he numbe r of switc hes that yo u can assi gn as stan dby cluster c omman d switches. Howe ver , the total number [...]

  • Страница 160

    6-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Automatic d iscov ery has these lim itations: • This limitation applies only to cluste r s that hav e Catalyst 2950, Cata lyst 2960, Catalyst 2970, Catalyst 355 0, Catalyst 356 0, Catalyst 356 0-E, Catalyst 3[...]

  • Страница 161

    6-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er If a sw itch join s a clus ter and it do es not have a hostname , the c luster c ommand switch a ppen ds a uniq ue member num ber to it s o wn hostname and assigns it sequenti ally as e ach switch jo ins the c[...]

  • Страница 162

    6-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Planning a Sw itch Cluster Switch Clus ters and Sw itch Stacks A switc h cluster can ha ve one or more Catal yst 3750-E switch stac ks. Each switc h stack can ac t as the clust er command s witch or a s a singl e cluster mem ber . Ta b l[...]

  • Страница 163

    6-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Planni ng a Swi tch Clust er These ar e conside rati ons to keep in mind whe n you have switch stacks in switch c luster s: • If the cluster comm and switch is not a Catalyst 3750-E switch or switc h stack and a new stac k master is e l[...]

  • Страница 164

    6-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Using the CLI to Ma nage Swit ch Clusters Using the CLI to Manage Swit ch Clusters Y o u can co nfigure cluster me mber switch es from the CLI by first logg ing into th e clus ter comma nd switch. En ter the r command user E XEC co mmand[...]

  • Страница 165

    6-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 6 Clus tering Switches Using SNMP to Manag e Swit ch Clust ers Using SNMP to Manage Switc h Clusters When you first power on the sw itch, SN MP is en abled i f you e nter the IP infor matio n by using the setup program and accep t its p ropose d configura tion.[...]

  • Страница 166

    6-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 6 Clusteri ng Switches Using SNMP to Ma nage Sw itch Clusters[...]

  • Страница 167

    C HAPTER 7-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 7 Administering the Switch This chapt er desc ribes how to perfor m one- time opera tions to a dministe r the Catal yst 3750- E or 3560-E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch and to a C a[...]

  • Страница 168

    7-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date The sy stem c lock ca n then be set from these s ource s: • NTP • Manual configurat ion The sy stem c lock can pro vide tim e to these s ervices: • User show comman ds • Logging and de buggi[...]

  • Страница 169

    7-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Figure 7-1 shows a ty pical netw ork exam ple using NTP . Switch A is the NT P master , with Switch es B, C, and D configured in NTP server mod e, in server associa tion with Switc h A. Switch [...]

  • Страница 170

    7-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date These sec tions co ntain this co nfiguration in format ion: • Def aul t NT P Conf igurati on, pag e 7- 4 • Conf iguring NTP Authen tication, page 7-4 • Configuring NT P Associati ons, pa ge 7-[...]

  • Страница 171

    7-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te T o disab le N TP auth en tica tio n, use th e no ntp authenticate global co nfigurati on comma nd. T o remove an auth enticatio n k ey , use the no ntp authe nticatio n-k ey number glob al co [...]

  • Страница 172

    7-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date Beginning in privileged EXE C mode, foll ow these s teps to form a n NTP associa tion with a nother device: Y o u need to co nfigure only one en d of an assoc iation; t he other de vice can a utomat[...]

  • Страница 173

    7-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te The switc h can send or re ceive NTP broadcast packets on an interface -by-inte rface basis if there is an NTP broa dcast ser ver , such as a router , broad casting time infor mation on the net[...]

  • Страница 174

    7-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date T o di sable a n inte rface fro m rece iving NTP broadc ast p ackets, use the no ntp broadcast client in terfa ce configurat ion c omma nd. T o ch ange t he estimat ed r ound-tr ip de lay to the def[...]

  • Страница 175

    7-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te The ac cess group keywords are sc anned i n thi s ord er , from leas t restri ctive to most r estrict iv e: 1. peer —Allo ws time requests and NTP control queries and al low s the switch to s[...]

  • Страница 176

    7-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date Disabling N TP Serv ices on a S pecific Interface NTP service s are enabled on all interfa ces b y default. Beg i n ni n g i n pr ivi l eg ed E X E C mo de , fo l low t h es e s te p s t o d is ab [...]

  • Страница 177

    7-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Displaying the NTP Config uration Y o u can use two privileged EXEC c omman ds to display NTP inform ation: • show ntp associations [ detail ] • show ntp status For detailed informat ion a[...]

  • Страница 178

    7-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the Syste m Time and Date Displaying the Time and Dat e Configuration T o display the time and date conf iguration, use the show clock [ det ail ] pri vileged EXEC comm and. The system clock keeps an authoritative fla g tha[...]

  • Страница 179

    7-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng th e S ystem Tim e an d Da te Configuring Summer Time (Daylight Saving Time) Beginn ing in pri vileged EXEC mode, follo w these steps to confi gure summer time (day light sa ving time) in ar eas wher e it starts and ends o[...]

  • Страница 180

    7-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Configur ing a System Nam e and Prom pt Beginning in privileged EX EC mode, fol low these steps if summ er tim e in your area do es not foll ow a recurr ing patt ern (con figure the exact da te and tim e of the next summe r time ev e[...]

  • Страница 181

    7-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Confi guring a S ystem Name an d Prompt For complete syntax a nd usage information for th e comman ds used in this se ction, see the Cisc o IOS Configuration Fund amen tals Com mand Reference, Relea se 12.2 a nd the Cisc o IOS I P Co[...]

  • Страница 182

    7-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Configur ing a System Nam e and Prom pt T o kee p track of domain n ames, IP h as defined the conc ept of a domain n ame s erver , which hol ds a cac he (or dat abase) of na mes map ped to IP a ddresses. T o map domain names to IP ad[...]

  • Страница 183

    7-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Creat ing a Bann er If you u se t he switc h IP ad dress a s its hostnam e, the IP a ddress i s used and no DNS query oc curs. I f you configure a ho stname that contai ns no periods (. ), a period fol lowed by the de fault domain na[...]

  • Страница 184

    7-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Creating a Banner Configurin g a Mess age-of-the -Day Log in Bann er Y ou can create a single or multiline m essage banner that appears on the scr een when som eone logs in to the switch. Beginning in privileged EX EC mode, fol low t[...]

  • Страница 185

    7-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng the MA C A ddr ess T able Configurin g a Login B anner Y o u can co nfigure a l ogin banner to be di splayed on all c onnec ted t erminal s. This banner appe ars aft er the M O T D bann er a nd befo re the logi n pro mpt. [...]

  • Страница 186

    7-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the MAC A ddress Tab le These sec tions co ntain this co nfiguration in format ion: • Building the Ad dress T able, pa ge 7-20 • MA C Addre sses and VLA Ns, page 7- 20 • MA C Addr esses and Sw itch Sta cks, pa ge 7- 2[...]

  • Страница 187

    7-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng the MA C A ddr ess T able When pr iv ate VLAN s are co nfigured , ad dress le arnin g dep ends on the t ype of MAC addres s: • Dynami c MA C addresses lea rned in one VLA N of a pri vate VLAN ar e replicate d in the asso[...]

  • Страница 188

    7-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the MAC A ddress Tab le Beginn ing in pr i vilege d EXEC m ode, follo w these st eps to co nf igure the d ynamic a ddress table aging time: T o return to the def ault v alue, use the no mac address- table aging-time global [...]

  • Страница 189

    7-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng the MA C A ddr ess T able Beginning i n privileged EX EC mo de, fol low these s teps t o configure t he sw itch to send MA C addr ess notif ication traps to an NMS host: Command Purpos e Step 1 configur e terminal Enter gl[...]

  • Страница 190

    7-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the MAC A ddress Tab le T o di sable the sw itch from se nding MAC address notificat ion traps, use the no snmp-serv er enable traps mac-notification global con f igura tion co mman d. T o di sable th e MA C address not ifi[...]

  • Страница 191

    7-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Mana gi ng the MA C A ddr ess T able Beginning i n privileged EX EC mo de, follo w th ese steps to add a static addr ess: T o remove st atic en tri es fr om t he addr es s ta ble, u se the no mac addre ss-table static mac-addr vlan v[...]

  • Страница 192

    7-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the MAC A ddress Tab le • If you add a uni cast MA C address as a static address a nd conf igure unicast MA C address f iltering, the switc h eithe r adds the MA C addre ss as a stat ic addres s or drop s pack ets with th[...]

  • Страница 193

    7-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 7 Administer ing the Switch Managi ng the ARP Table Displaying A ddress Table Entries Y o u can displa y the MAC address table by using one or more of the privileged EXE C command s describe d in Ta b l e 7 - 4 : Managing the ARP Ta ble T o communic ate with a [...]

  • Страница 194

    7-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 7 Administering the Switch Managin g the ARP Table[...]

  • Страница 195

    C HAPTER 8-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 8 Configuring SDM Templates This chapter descr ibes ho w to conf igure the Switc h Database Managem ent (SDM) template s on the Catalyst 3 750-E or 3 560-E sw itch. Un less othe rwise n oted, t he te rm switch refe rs to a Ca talyst 3750-E or 3560- E stan dalo [...]

  • Страница 196

    8-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 8 Configuring SDM Templates Underst anding th e SDM Templ ates The f irst e ight ro ws in the tables (un icast MA C addresses thr ough security A CEs) represent ap proximate hardw are boundaries set wh en a template is selecte d. If a section of a hardw are res[...]

  • Страница 197

    8-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 8 Conf iguring SDM Te mplates Underst anding the SDM Templa tes SDM Template s and Switch St acks In a C atalyst 37 50-E- only or a m ixed hardware switch stack, a ll s tack m embers must u se the same SD M desktop template that is stored on the stack master . W[...]

  • Страница 198

    8-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 8 Configuring SDM Templates Conf igurin g the Sw itch SDM Temp lat e 2d23h:%SDM-6-MISMATCH_ADVISE:compatible desktop SDM template: 2d23h:%SDM-6-MISMATCH_ADVISE: 2d23h:%SDM-6-MISMATCH_ADVISE: "sdm prefer vlan desktop" 2d23h:%SDM-6-MISMATCH_ADVISE: &quo[...]

  • Страница 199

    8-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 8 Conf iguring SDM Te mplates Configuring the Switch SDM Template Setting the SDM Template Beginn ing in pri vileged EXEC mode, follo w these step s to use the SDM template to maximi ze feature usage: After the syste m reboots, you can use the show sdm pr efer p[...]

  • Страница 200

    8-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 8 Configuring SDM Templates Display ing the SDM Templates number of qos aces: 0.5K number of security aces: 1K On next reload, template will be “desktop vlan” template. T o return to the default tem plate, use the no sdm prefer global c onfigurat ion co mma[...]

  • Страница 201

    8-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 8 Conf iguring SDM Te mplates Displaying the SDM Templ ates This is an e xample of ou tput fr om the sho w sdm prefer dual-ipv4-and-ipv6 routing comm and ente red on a de sktop swi tch: Switch# show sdm prefer dual-ipv4-and-ipv6 routing The current template is &[...]

  • Страница 202

    8-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 8 Configuring SDM Templates Display ing the SDM Templates[...]

  • Страница 203

    C HAPTER 9-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 9 Configuring Switch-Based Authentication This chapt er descr ibes how to configure switch-b ased aut henticat ion on the Ca talyst 3750-E or 3560- E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch [...]

  • Страница 204

    9-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds • If you want t o use usernam e and password pairs, but you want to st ore them c entral ly on a ser ver instead o f locall y , you can st ore th em in a dat abase on a[...]

  • Страница 205

    9-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s Setting o r Changin g a Static Enab le Pa ssword The en able password control s access to the privileged EXEC mode. Beginning in privileged EXE C mode, follo w thes[...]

  • Страница 206

    9-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Be ginnin g in pri vileged EXE C mode, follo w these step s to conf igure encryp tion for en able and enab le secr et pas swords : If bo th the e nable and enable secre t[...]

  • Страница 207

    9-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s This exampl e shows ho w to configure th e encr ypted password $1$F aD0$X yti5Rk ls3Loy xzS8 for pri v ileg e le vel 2: Switch(config)# enable secret level 2 5 $1$F[...]

  • Страница 208

    9-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Setting a Telnet P assword for a Te rminal L ine When you power-up your switch for the first ti me, a n au tomat ic setup prog ram runs to as sign IP inform ation and t o[...]

  • Страница 209

    9-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s Beginn ing in pri vileged EXEC mode, follo w these steps to establish a usernam e-based authentic ation system that re quests a logi n usernam e and a password: T o[...]

  • Страница 210

    9-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Protecting A ccess to Privileged EXE C Comman ds Setting the Privil ege Level for a Command Beginn ing in pri vile ged EXEC mode, follo w these steps to set the pri v ileg e le vel f or a command mode: When y ou set a c[...]

  • Страница 211

    9-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Prote cti ng Ac cess to Pri vile ged EXEC Comm and s Changing the Default Pri vilege Level fo r Lines Beginn ing in pri vileged EXEC mode, fo llo w these steps to chan ge the defaul t pri vilege le vel for a line: Use[...]

  • Страница 212

    9-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ Controlling Switch Access with TACACS+ This sec tion describe s ho w to enable an d conf igure T erminal Access C ontrol ler Access Control System Plus (T A CA CS+), which prov[...]

  • Страница 213

    9-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ Figur e 9-1 T ypical T ACA CS+ Networ k Configur ation T A CA CS+, a d minist ered through the AA A secu rity s ervices, can p rovid e thes e ser vices: • Authent ication— P[...]

  • Страница 214

    9-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ TACACS+ Ope ration When a use r attempts a sim ple ASCII login by authenticating to a switch u sing T ACA CS+, this proc ess occurs: 1. When th e conne ction is esta blished, t[...]

  • Страница 215

    9-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ • Configuring T A CACS+ Authoriz ation f or Privileged EXEC Acces s and Network Services, page 9-16 • Startin g T A CA C S+ Accoun ting, pa ge 9-17 Default TACAC S+ Configur[...]

  • Страница 216

    9-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ T o remo ve th e specif ied T A CA CS+ serv er name or address, us e the no tacac s-server host hostname global configurat ion comm and. T o remove a server grou p from the con[...]

  • Страница 217

    9-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with TACACS+ T o disa ble AAA, use the no aaa new-model global configurat ion comma nd. T o disa ble A AA authenti cation, use th e no aaa auth entica tion log in { default | list-name } m e[...]

  • Страница 218

    9-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controlling Sw itch Acce ss with TACA CS+ Note T o se cure the switch for HTT P acce ss b y using AAA meth ods, you must con fi gure t he switch with th e ip htt p au thenti cati on aaa glo bal c onfiguration com mand.[...]

  • Страница 219

    9-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Starting TACACS+ Accounting The AA A acco unting fe ature tr acks the s ervices that users a r e a ccessi ng an d the amoun t of n etwor k resources th at the y are consum ing. W[...]

  • Страница 220

    9-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Understanding RADIUS RADIUS is a distr ibuted clie nt/ser ver system that secures netw orks against u nauthori zed access . RADIUS c lients run on sup ported Ci sco route rs an [...]

  • Страница 221

    9-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Figur e 9-2 T ran s itioning fr om RADIUS t o T A CACS+ Services RADIUS Operation When a user attem pts to log in and auth enticate to a switch that is a ccess controlled by a RA[...]

  • Страница 222

    9-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Configuring RADIUS This se ction describe s how to c onfigure your switch to su pport R ADIUS. At a mini mum, y ou mus t identify t he host or host s that ru n the RA DIUS serve[...]

  • Страница 223

    9-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Y ou identify RADIUS security ser vers b y their hostname or IP a ddress, hostname and specif ic UDP port numbers, or their I P addre ss and specific UD P port num bers. The comb[...]

  • Страница 224

    9-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Beginn ing in pri vileg ed EXEC mode, follo w these steps to conf igure per - serve r RADIUS server comm unicatio n. This pr oced ure is requi red. Comma nd Purpos e Step 1 conf[...]

  • Страница 225

    9-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o remov e the specif ied RADIUS serve r, use the no radius-serv er host hostname | ip- address global configurati on c ommand. This exam ple sh ow s ho w to conf igur e one R A[...]

  • Страница 226

    9-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Step 3 aaa authent ication log in { default | list-name } method1 [ meth od2... ] Create a logi n authen tica tion meth od list. • T o create a def ault list that is used when[...]

  • Страница 227

    9-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o disa ble AAA, use the no aaa new-model global configurat ion comma nd. T o disa ble A AA authenti cation, use th e no aaa auth entica tion log in { default | list-name } m et[...]

  • Страница 228

    9-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS Beginning i n privileged E XEC mo de, follow these steps to d efine the AAA server g roup an d assoc iate a particu lar RADI US server with it : Comma nd Purpos e Step 1 conf ig[...]

  • Страница 229

    9-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS T o remov e the specif ied RADIUS serve r, use the no radius-serv er host hostname | ip- address global configurati on comm and. T o remove a server group fro m the configurat io[...]

  • Страница 230

    9-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS T o disable author ization, u se the no aaa authorizat ion { net work | exec } method1 global configurat ion comm and. Starting RADIUS Accountin g The AAA acco unti ng featu re [...]

  • Страница 231

    9-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with RADIUS Configuring Settings for All RADIUS S ervers Beginning i n privileged EX EC mo de, fol low these s teps t o configure g lobal commun icatio n setti ngs between the switch and all[...]

  • Страница 232

    9-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch A ccess w ith RADIUS This e xample sho ws how to pro vide a u ser logg ing in fr om a swit ch with immed iate ac cess to p ri v ile ged EXEC co mmands : cisco-avpair= ”shell:priv-lvl=15“ This e [...]

  • Страница 233

    9-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with Kerberos As ment ioned ea rlier, to configure RAD IUS (w hether vendor-proprie tary or IETF dr aft-c omplia nt), yo u must specif y the host ru nning the RADIUS se rver daemon an d the [...]

  • Страница 234

    9-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch Acce ss wit h Kerberos Y ou must obtain auth orization to use this feat u re and t o do wnload th e cryptograp hic softw are f iles from Cisco. com.For mo re info rmation , see the re lease no tes f[...]

  • Страница 235

    9-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with Kerberos This soft ware rel ease sup port s Kerberos 5, w hich a llows organizatio ns that are alr eady using Kerberos 5 to use the same K erberos authenticatio n database on the KDC th[...]

  • Страница 236

    9-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Controllin g Switch Acce ss wit h Kerberos Kerberos Operation A Kerberos server can be a C atalyst 3750-E or 3560- E switch tha t is configured as a ne twork secu rity server and that can a uthent icate rem ote us ers [...]

  • Страница 237

    9-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Controlling Switch Access with Kerberos 4. The KDC send s an encryp ted TGT that includes the user ide ntity to the swi tch. 5. The switch attem pts to decrypt the TGT b y using the passw ord that the use r entered. [...]

  • Страница 238

    9-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Configur ing the Switc h for Lo cal Authe ntication a nd Authori zation Note A Kerbero s server can be a Cat alyst 3750-E or 3560-E sw itch that is configured as a net work securit y serv er and that can authe nticate [...]

  • Страница 239

    9-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell T o disa ble AAA, use the no aaa new-model global configurat ion c omma nd. T o disabl e au thoriza tion, use the no aaa autho rization { network | exec } method1 globa l confi[...]

  • Страница 240

    9-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g the Sw itch for Sec ure Shel l For SSH configuration examples, se e the “SSH Configura tion Ex amples ” secti on in the “C onfiguring Secure Shell” se ction in the “Other Security Fe atures” c[...]

  • Страница 241

    9-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell SSH also supports these user authen tication methods: • T A CA CS+ (for m ore inf orma tion, see the “Controlling Switch Acc ess with T A CA CS+” section on page 9-10 ) ?[...]

  • Страница 242

    9-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g the Sw itch for Sec ure Shel l • When genera ting the RSA key pair , the message No dom ain specif ied might appear . If it does, you must c onfigure an IP d omain name by usi ng the ip dom a in- nam e [...]

  • Страница 243

    9-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Shell Configuring the SSH Server Beginn ing in pri vileged EXEC mode, follo w these steps to confi gure the SSH serv er: T o return to th e def ault SSH c ontrol par ameters, u se th[...]

  • Страница 244

    9-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g th e Sw itch for Sec ure Sock et L a ye r HTTP For more infor mation ab out these com mands, see th e “ Secure She ll Commands ” se ction in the “Other Securit y Features ” chapte r of the Cisc o [...]

  • Страница 245

    9-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP When a conn ecti on attempt is made, the HTTPS server provid es a secure connect ion by issuing a certif ied X.509v3 certif icate, obtained from a specif ied CA tru[...]

  • Страница 246

    9-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g th e Sw itch for Sec ure Sock et L a ye r HTTP CipherSuit es A CipherSuite spe cifi es the encryption alg orithm and the dige st algorithm to use on a SSL con nection. When conne cting to the HTTPS server[...]

  • Страница 247

    9-45 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP SSL Configuration Guid elines When SSL is used in a switch cluster , the SSL session terminates at the clu ster commander . C luster member switches must run standa[...]

  • Страница 248

    9-46 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g th e Sw itch for Sec ure Sock et L a ye r HTTP Use the no crypto ca tr ustpo int nam e global conf ig uration command to d elete all id entity info rmation and ce rtifica tes as soci at ed wit h the C A. [...]

  • Страница 249

    9-47 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Socket Layer HTTP Use th e no ip http server global configu ration c ommand to disabl e the standa rd HTT P server . Us e the no ip http secur e-serv er global co nfigurati on co mma[...]

  • Страница 250

    9-48 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g the Sw itch for Sec ure Copy Proto col Use the no ip http client secur e-trustpo int nam e to remov e a client trustpoi nt conf iguration. Use the no ip http client sec ur e-ciphersuite to remov e a previ[...]

  • Страница 251

    9-49 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 9 Configuring Sw itch-Ba sed Auth entication Configuring the Switch for Secure Copy P rotocol Information Abo ut Secure Copy T o c onfigure Se cure Copy feat ure, y ou shou ld u nderstand thes e conc epts . The beha vior of SCP is si milar to that of re mote co[...]

  • Страница 252

    9-50 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 9 Configuring Switch-Based Authentication Conf igurin g the Sw itch for Sec ure Copy Proto col[...]

  • Страница 253

    C HAPTER 10-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 10 Configuring IEEE 802.1x Port-Based Auth entic ation This c hapte r descr ibes h ow to con figure IEEE 802.1x port- based authe ntic ation on the Ca talyst 3750-E or 3560-E sw itch. IEEE 802 .1x authe nticat ion prevents unauthoriz ed devices (clients) from [...]

  • Страница 254

    10-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation • IEEE 8 02.1x Host Mo de, pag e 10-8 • IEEE 8 02.1x Accou nting, pa ge 10-9 • IEEE 802. 1x Accou nting Att ribute-V alue Pairs, pag e 10-9 [...]

  • Страница 255

    10-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion • Au thenticati on server —per forms th e act ual a uthenti cation of t he clien t. The authentic ation serv er v alidates the ident ity of th [...]

  • Страница 256

    10-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation Figure 10-2 shows the authentication process. If Multi Do main Authen tication (MD A) is enabled on a port, this flo w can be u sed with some exce[...]

  • Страница 257

    10-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion The Session- T imeout RADIUS attrib ute (Attribu te[27]) spec ifie s the time after which re-auth enticatio n occurs. The T ermination- Action RADI[...]

  • Страница 258

    10-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation Figur e 1 0-3 Messag e Ex chan ge If IEEE 802.1 x authentica tion times out while wai ting f or an EAPOL message exchan ge and MA C authenti catio[...]

  • Страница 259

    10-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion Ports in Au thorized and Un authorized S tates During IEEE 802.1x authen tication, depe n ding on the switch por t state, the switch can grant a cl[...]

  • Страница 260

    10-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation If IP connecti vity to the RADIUS serv er is interrupt ed becau se the swit ch that was co nnected to the serv er is rem ove d or fails , these e [...]

  • Страница 261

    10-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion IEEE 802.1 x Acco unting The IEEE 802.1x st andard de fines ho w users ar e author ized an d authenti cate d for networ k access but does not keep [...]

  • Страница 262

    10-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation Y o u can view the A V pairs th at are be ing sen t by the switch by enteri ng the debug radius account ing pri vileged EXEC comman d. Fo r more [...]

  • Страница 263

    10-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion If an IEEE 802. 1x por t is a uthent icate d an d put in t he RAD IUS server-assigned VL AN, a ny chan ge to the port acc ess VLAN config urat ion[...]

  • Страница 264

    10-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation Y o u can use the Filt er-Id attribute to spec ify an inbou nd or outboun d A CL that is alread y configured on the swit ch. The at trib ute cont[...]

  • Страница 265

    10-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion Any number of IEEE 802 .1x-inca pable clie nts are allo wed acces s when the switc h port is mov ed to the guest VL AN. I f an IEEE 802.1x -capab [...]

  • Страница 266

    10-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation After a p ort mo ves to the restr icted VL AN, a sim ulated EAP success message is sent t o the clie nt. This prev ents c lients from indefinite [...]

  • Страница 267

    10-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion Inaccessible au thenticatio n bypass interac ts with these features: • Guest VLAN—Inacce ssible auth entication bypass is comp atible wi th gu[...]

  • Страница 268

    10-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation In single-hos t mode, only the IP phone is allowe d on the voice VLAN. In multiple- hosts mode, additional clients can send t r af fi c on the v [...]

  • Страница 269

    10-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion • When an IEE E 802.1x cl ient logs off, the port chang es to an unauthe nticat ed state , and all dynami c entrie s in the s ecure host t able [...]

  • Страница 270

    10-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation frame with a user name and pa ssword bas ed on the M A C addre ss. If authori zation succee ds, the sw itch grants the client access to the netwo[...]

  • Страница 271

    10-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Underst anding I EEE 802.1x Port-Base d Auth enticat ion Network Admission Control La yer 2 IEEE 802. 1x Validation The switc h supports t he Network A dmission Control (N AC) Layer 2 IEEE 802.1x validat[...]

  • Страница 272

    10-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Underst andin g IEEE 802. 1x Port-Ba sed Au thentic ation • Until a device is autho rized, th e port drops i ts traff ic. Non-Ci sco IP phone s or voice devices are allo wed into both t h e data and v [...]

  • Страница 273

    10-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Note The pr oxyacl entry determines the ty pe of al lo wed network ac cess. For more infor mation, see the “Configuring W eb Authent ication” sect ion on pag[...]

  • Страница 274

    10-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Default IEEE 802.1x Auth entication Co nfiguration T ab le 10-2 shows the def a ult IEEE 802.1x au thenticatio n config uration. T able 1 0-2 Def ault IEEE 802.[...]

  • Страница 275

    10-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication IEEE 802.1x Authenticatio n Configur atio n Guidelines These sec tion has configu ration gui delines fo r these featur es: • IEEE 8 02.1x Authe nticati on, pag[...]

  • Страница 276

    10-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n – Ether Channel port —Do not con figure a p ort t hat i s an active or a no t-yet -active membe r of an Ether Channel as an IEEE 802. 1x port . If you try t[...]

  • Страница 277

    10-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication – Y o u can co nfigure the ina ccessi ble aut henti cation bypass fe ature a nd the rest ricted VLAN on an IEEE 802.1x port. If the switch tries to re-authenti[...]

  • Страница 278

    10-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Beginning i n privileged E XEC mo de, follow these s teps to con figure IEEE 802.1 x por t-based authenti cation: Configuring the Sw itch-to-RADIUS-Serv er Comm[...]

  • Страница 279

    10-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Beginning i n privileged EX EC m ode, fo llow these steps to con figure the RADIU S server pa ramet ers on the switc h. This p rocedure is require d. T o delete [...]

  • Страница 280

    10-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Configuring the Host Mode Beginn ing in pri vileg ed EXEC mode, follo w these steps to allo w multiple hosts (client s) on an IEEE 802. 1x-au thorize d port tha[...]

  • Страница 281

    10-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Configuring Periodic Re-Authentication Y o u can ena ble perio dic IEE E 802.1 x client re-auth entica tion an d specify how often it oc curs. If yo u do not spe[...]

  • Страница 282

    10-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Changing the Quiet P eriod When the swi tch canno t authentic ate the c lient, the swi tch remains idle for a set period o f time and then tries agai n. The dot[...]

  • Страница 283

    10-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication T o return to the defaul t retransmission time, use th e no dot 1x time out tx-peri od interface co nfig uration comm and. This e xample sho ws how to set 60 as [...]

  • Страница 284

    10-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Setting th e Re-Aut hentication Number Y ou can also ch ange th e number o f times that the switch restarts the authentic ation pr ocess before the port chan ge[...]

  • Страница 285

    10-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Note Y ou must co nfigure the RAD IUS ser ver to perform accounti ng tasks, such as l ogging s tart, stop , and interim-upd ate messages and time stamps. T o tur[...]

  • Страница 286

    10-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n T o disab le and rem o ve th e guest VLAN, use the no dot1x guest- vlan interface co nf igurat ion comman d. The port returns to the unau thorized state. This e[...]

  • Страница 287

    10-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication T o disabl e and remo ve the re strict ed VLAN, us e the no dot1x auth-fail vlan interface co nfigurati on comm and. Th e port retur ns to the una utho rized sta[...]

  • Страница 288

    10-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n T o return to the default v alue, use the no dot1 x au th-fail max-a ttemp ts interface con fig uration comm and. This exam pl e sh ows how to set 2 as the numb[...]

  • Страница 289

    10-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Step 4 radius-se rver host ip- ad dress [acct- port udp-port ] [ auth-por t udp-port ][ test username name [ idle-time ti me ] [ ignor e-acct- port ] [ ignore-au[...]

  • Страница 290

    10-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n T o return to th e RADIUS serv er def ault setting s, use th e no radius-ser ver dead-cri teria , the no radius-serv er deadtime , and the no radius-server host[...]

  • Страница 291

    10-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication T o d isab le IE EE 80 2.1x auth entic atio n with W oL, us e th e no dot1x control-dir ection interface configurati on c ommand. This e xample sho w s ho w to e[...]

  • Страница 292

    10-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Configuring NAC Layer 2 IEEE 802.1x Validation Y o u can configure N A C La yer 2 IEEE 802.1x validation, which i s also referre d to as IEEE 802.1x authenti ca[...]

  • Страница 293

    10-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication Configuring Web Authentication Beginn ing in pri vileged EXEC mode, fo llo w these steps to conf igure authentica tion, authorizat io n, accoun ting ( AAA) a nd [...]

  • Страница 294

    10-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Configur ing IEEE 80 2.1x Authen ticatio n Beginn ing in pri vileged EXEC mode, fo llo w these steps to conf igure a port to use web authentica tion: This example shows ho w to con figure only web authen[...]

  • Страница 295

    10-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 0 Configuring IEEE 80 2.1x Port-B ased Authe ntication Configur ing IEEE 802. 1x Authent ication This e xample sh ow s ho w to conf igure IEEE 802.1 x authen tication with web authenti cation as a fallb ack method . Switch(config) configure terminal Switch(c[...]

  • Страница 296

    10-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 10 Configuring IEEE 802.1 x Port-Ba sed Authen tication Displaying IEEE 802.1x St atistics and St atus This exampl e shows how to disab le IEEE 802.1x au thent icatio n on the port : Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# no dot1x p[...]

  • Страница 297

    C HAPTER 11-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 11 Configuring Interface Cha racteristics This c hapter d efines the types of i nterface s on th e Ca talyst 3750-E o r 3560 -E swi tch and descr ibes how to conf igure them. Unle ss otherwise noted, the term switc h refers to a Catal yst 3750 -E or 3560 -E st[...]

  • Страница 298

    11-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes • EtherC hannel Po rt Gro ups, pag e 11 -5 • 10-Gigabi t Et hernet I nterfac es, page 11-6 • Po wer ov er Ethernet Ports, page 11-6 • Connecti ng Int erfaces, pa ge 11- 11 • Et[...]

  • Страница 299

    11-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Configure switch ports by using t he switchport interface c onfi guration comman ds. Use th e switchpor t comm and with no keywords to put an interface th at is in La yer 3 mode i n[...]

  • Страница 300

    11-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes is in the all owed list for a trunk port, the trunk port a u tomatically b ecomes a member of that VLAN a n d traffic is forwarde d to and f rom t he trunk p ort for tha t VL AN. I f VTP[...]

  • Страница 301

    11-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Switch Virtual Interfaces A switch virtual i n terf ace (SVI ) represe nts a VL AN of swi tch po rts as one interf ace to the r outing or bridging f unctio n in the sys tem. Onl y o[...]

  • Страница 302

    11-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes When you c onfigure an Et herCha nnel, you cr eate a port -chan nel lo gical inte rface an d assign a n inte rface to the Ethe rCha nnel. For Layer 3 in terface s, you manua lly crea te [...]

  • Страница 303

    11-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es power mode. T he p owered device first boots up i n low-power mode, c onsume s less than 7 W , and negotiates to obtain en ough power to oper ate in high -power mode. The device cha[...]

  • Страница 304

    11-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes the request is granted, the switch upda tes the po wer budget . If the r equest is denie d, the switch ensures that power to t he p ort is tur ned o ff, generates a sysl og messag e, and[...]

  • Страница 305

    11-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Ho we ver , if the power ed-de vice IEEE cla ss is greater than the maxim um wattage , the switch does not supply power to it. If the swit ch learns throu gh CDP messages th at the [...]

  • Страница 306

    11-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes Maximum Power Allocation ( Cutoff P ower) on a PoE Port When po wer polici ng is enab led, t he switch determines o ne of the these v alues as the cutof f po wer on the PoE port in this[...]

  • Страница 307

    11-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Because t he swit ch suppor ts interna l power supplie s and the Cisco Redun dant Power System 2300 ( also referred to as the RPS 2300), the total amount of po wer a v ailable for [...]

  • Страница 308

    11-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes • The ro uting f u nction can be en abled on all SVIs an d rout ed por ts. The swi tch routes on ly IP traf fic . When IP r outing protoc ol para meters a nd a ddress co nfigurati on [...]

  • Страница 309

    11-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Unde rsta ndi ng In ter face Typ es Figur e 1 1 -3 Connecting a Switch Stac k t o a PC By default , the Ethern et m anagem ent po rt is e nable d. Th e swit ch ca nnot rou te pac kets from the E therne t manage ment [...]

  • Страница 310

    11-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Underst anding In terface Ty pes In Figure 11 -4 , if the Ethern et mana gement p ort and th e netw ork port s are associa ted with the same routi n g proc ess, the ro utes are pr opag ated as follo ws: • The routes [...]

  • Страница 311

    11-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Using Interface Configuration Mode Use the commands in T able 1 1-2 when using TFT P to download or upl oad a configur ation f ile to the boot loader . Using Interface Con figuration Mode The swit ch supports th ese [...]

  • Страница 312

    11-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Using I nterface Configu ration Mode • Port num ber—T he int erface numb er on t he switch. The 10 /100/10 00 po rt n umber s always b egin at 1, starting with the far left po rt when fac ing the front of the switc[...]

  • Страница 313

    11-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Using Interface Configuration Mode Step 3 Foll ow each interface command with the inte rface conf iguration commands that the interface requires. The co mman ds that you enter define the pro toco ls and appl icati on[...]

  • Страница 314

    11-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Using I nterface Configu ration Mode When usin g the interf ace range global configurat ion comm and, no te th ese guide lines : • V alid entries for port- rang e : – vlan vlan -ID - vlan-I D , where the VLAN ID is[...]

  • Страница 315

    11-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Using Interface Configuration Mode Configur ing and Using Interf ace Range Mac ros Y ou can crea te an inte rface range macro to a utomatic ally select a range of inte rface s for confi g uratio n. Befo re you can us[...]

  • Страница 316

    11-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s • The VLAN inter faces must ha ve been co nf igured with the interf ace vlan command . The show running-conf ig privileged E XEC c omman d di splays th e co nfigured VLAN inte rface[...]

  • Страница 317

    11-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces Default Ethernet Inte rface C onfigur ation T ab le 11-3 shows the Ethern et interface default c onfigurat ion, i ncluding some feat ures th at ap ply only to Layer 2 inter faces. F [...]

  • Страница 318

    11-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s Configuring In terface Sp eed and Du plex M ode Ether net i nterfaces on the switch oper ate a t 10, 100, 1000, or 10,0 00 M b/s a nd in eithe r fu ll- or half-d uplex mode. In full-d[...]

  • Страница 319

    11-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces • If one inte rface suppo rts au tonegotiati on and the other e nd does no t, configure dup lex and spee d on both i nterface s; do not use the auto setting on the sup ported side [...]

  • Страница 320

    11-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s Use the no spee d and no duplex interfa ce conf iguration command s to return the interf ace to the def ault speed and duple x settings (autonegot iate). T o return all interf ace set[...]

  • Страница 321

    11-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces T o disa ble flo w cont rol, use the flowcont rol r ecei ve off interface co nfiguration c omman d. This exampl e shows ho w to turn on flow contro l on a port: Switch# configure ter[...]

  • Страница 322

    11-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s T o disa ble a uto-MDIX, use the no mdix auto in terface con figurati on co mman d. This e xample sho ws ho w to enab le auto-MD IX on a port: Switch# configure terminal Switch(config[...]

  • Страница 323

    11-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces For informa tion ab out the outp ut of the show power in line user EXEC comm and, se e the comma nd refere nce for t his rele ase. For more informa tion ab out PoE- rel ated co mmand[...]

  • Страница 324

    11-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s Cautio n Y ou shou ld car efully plan your switch power budget, ena ble the power mo nitorin g feat ure, a nd ma ke certai n not to oversubscribe the power supply . Note When you manu[...]

  • Страница 325

    11-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Config uring Etherne t Interfaces T o return to the default setting, use the no power inl ine consumption def ault interfac e conf iguration comm and. For informa tion ab out the outp ut of the show power in line con[...]

  • Страница 326

    11-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Ethern et Interface s T o di sable poli cing of the re al-tim e power consumptio n, use the no power inline police interface configurati on comm and. T o disable erro r recovery for PoE error-disable d cau[...]

  • Страница 327

    11-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Configur ing Layer 3 Interf aces Switch# show interfaces gigabitethernet1/0/2 description Interface Status Protocol Description Gi1/0/2 admin down down Connects to Marketing Configuring E thernet M anagement P orts T[...]

  • Страница 328

    11-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing Layer 3 Interfaces • If the sw itch is notified by VLAN Trunking Pro tocol (VT P) of a new VLAN, it sends a me ssage tha t there a re not e nough hardware resourc es av ailable a nd shu ts down the VL AN[...]

  • Страница 329

    11-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Confi guring t he Syste m MTU Configuring the System MTU The d efault ma ximum t ransmi ssion uni t (MTU) s ize for fram es re ceived and sent on all i nterfaces o n the switch or sw itch stack is 1500 bytes. Y ou ca[...]

  • Страница 330

    11-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Conf igurin g th e Syst em MTU The upp er limit of t he system ro uting MT U v alue is based on the swit ch or switc h stack co nfiguration and refer s to either th e currently applied system MT U or the system jumbo M[...]

  • Страница 331

    11-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Configur ing the Cisc o Redunda nt Power System 2300 If you e nter a v alue th at is outsid e the a llo wed ra nge for th e specif ic type of interfa ce, the v alue is not acce pted. This example shows ho w to set th[...]

  • Страница 332

    11-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Configur ing the Cisco Red undant Pow er System 230 0 • Y o u can co nfigure the pr iority o f an RPS 2300 port fro m 1 to 6. Specify ing a value of 1 assigns the port a nd its connec ted d evices the h ighest priori[...]

  • Страница 333

    11-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Configuring the Power Supplies T o return to the RPS 2300 default settings, use these co mmands: • T o re turn to the de fault name se tting (no na me is co nfigured), use th e power r ps switch-number port rps-por[...]

  • Страница 334

    11-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Monito ring and Mai ntainin g the Interfac es For more infor mati on about usin g the power supply user E XEC comman d, see the comman d re ference for th is re lease . Monitoring and Main taining the In terfaces These[...]

  • Страница 335

    11-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 1 Configuring Interfac e Charact eristics Monitoring and Maintaining the Interfaces Clearing and Resetting In terfaces and Counters T ab le 11-7 lists the pri vilege d EXEC mode clear comman ds that you can us e to clear co unters and reset interf aces. T o [...]

  • Страница 336

    11-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 11 Configuring Interface Characteristics Monito ring and Mai ntainin g the Interfac es Shutting Down and Restarting the Interface Shutting d ow n an i nterfac e disable s all fu nctions o n the spe cifi ed interf ace and marks the inter face as unav ailable o[...]

  • Страница 337

    C HAPTER 12-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 12 Configuring Smartports Macro s This cha pter descr ibes how to configure and appl y Smartp orts mac ros on the Ca talyst 3750-E or 35 60-E switch. Note For c omplete s yntax and u sage in forma tion fo r the command s used in th is cha pter , see the co mma[...]

  • Страница 338

    12-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 12 Configuri ng Smart ports Mac ros Configuring Smartpor ts Macros Cisco also provid es a collection of prete sted, Cisco-recomme nded baseline conf iguration templates for Catalyst switc hes. The onli ne reference g uide temp lates pro vide the CLI co mmands [...]

  • Страница 339

    12-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 12 Configur ing Smartpor ts Macros Config uring Smartp orts Mac ros Smartports Mac ro Con figuration Guidelines Follow these guideli nes when configuring ma cros on your sw itch: • When crea ting a macro , do not use the exit or end comm ands or change th e c[...]

  • Страница 340

    12-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 12 Configuri ng Smart ports Mac ros Configuring Smartpor ts Macros Foll ow th ese guidelines when you apply a Cisco-d efault Smartp orts macro on an interf ace: • Display all macr os on the switch by using the show pa rser ma cro user EXE C comm and. Dis pla[...]

  • Страница 341

    12-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 12 Configur ing Smartpor ts Macros Config uring Smartp orts Mac ros Applying Smar tports Ma cros Beginning i n privileged E XEC mo de, follow these s teps to app ly a Smartpor ts mac ro: Y o u can dele te a globa l macr o-applie d configurati on on a swit ch on[...]

  • Страница 342

    12-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 12 Configuri ng Smart ports Mac ros Configuring Smartpor ts Macros This exam ple sh ows how to app ly th e user-cre ated m acro c alle d snmp , to set the ho stname address to test- server , and to set the IP prec edence valu e to 7 : Switch(config)# macro glo[...]

  • Страница 343

    12-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 12 Configur ing Smartpor ts Macros Config uring Smartp orts Mac ros Y o u can dele te a globa l macr o-applie d configurati on on a swit ch only by ente ring the no vers ion of each comm and th at is in t he macro. Y ou can delete a m acro-a pplie d co nfigurat[...]

  • Страница 344

    12-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 12 Configuri ng Smart ports Mac ros Displaying Smartpor ts Macros Displaying Smartports Macros T o display th e Smartpo rts macros , use one o r more of the p ri v ile ged EXE C commands in T a ble 12-2 . T able 12-2 Commands for Displ aying Smar tports Macr o[...]

  • Страница 345

    C HAPTER 13-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 13 Configuring VLANs This c hapter describ es how to c onfigure norm al- range VL ANs (V LAN IDs 1 t o 100 5) and extended-ra nge VLAN s (VLA N IDs 1006 to 4094) on th e Ca talyst 3750-E and 3560- E sw itch. I t include s info rmation about VLA N member ship m[...]

  • Страница 346

    13-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Underst anding VL ANs Note Be fore you create VLANs , you mu st deci de wh ether to use V LAN Trunking Pr otocol (V TP) to maint ain global VL AN configurat ion for you r network. For more informa tion on VTP , see Chapt er 14, “Configur[...]

  • Страница 347

    13-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Unde rsta ndin g VLAN s Supporte d VLANs The swi tch suppor ts VLANs in VT P client, serv er , and transpar ent mod es. VLANs a re identif ied by a number fr om 1 to 4094. VLAN ID s 1002 throu gh 1005 a re reserved for T oken Ring a nd FDD[...]

  • Страница 348

    13-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Normal- Range VLA Ns For more de tailed definitions of acce ss and tru nk mo des and their f unctions, see T a ble 13-4 on page 13-1 8 . When a port belongs to a VLAN , the switch l earns and ma nages the add resses associated[...]

  • Страница 349

    13-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns Cautio n Y ou can cause inconsistenc y in the VLAN d atabase if you attempt to manually delete th e vlan.dat file. If you wa nt to modi fy the V LAN c onfiguration, use the comma nds descr ibed i n thes[...]

  • Страница 350

    13-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Normal- Range VLA Ns Token Rin g VLANs Although the switch does not s upport T o ken Ring connec tions, a remot e device such as a Catalyst 5000 series switch with T oken Rin g con nection s could be ma naged from o ne of the [...]

  • Страница 351

    13-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns VLAN Configuration Mode Options Y o u can c onfigure nor mal-rang e VL ANs (wi th VLAN IDs 1 t o 1005) by using the se two configu ration modes: • VLAN Configur ation in config-vlan M ode, page 13 -7 [...]

  • Страница 352

    13-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Normal- Range VLA Ns When you save VLAN and VTP infor mation (i ncluding extended-r ange VLAN configurat ion informatio n) in the star tup conf iguration f ile and re boot the switch, the swit ch configurat io n is selec ted a[...]

  • Страница 353

    13-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns Creating or Modifyin g an Et hernet VLAN Each E therne t VLA N in the VLAN d ataba se has a uni que, 4- digit I D tha t ca n be a nu mber fr om 1 to 1001. V LAN IDs 1002 to 1005 are re served for T oken[...]

  • Страница 354

    13-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Normal- Range VLA Ns Y o u can also c reate or mod ify Ethe rnet VLANs by using the VLAN database co nfiguration mo de. Note VLA N data base configurati on mode doe s not sup port RSP AN VLA N configura tion o r extended- ran[...]

  • Страница 355

    13-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Config uri ng Nor mal-R ang e VLA Ns Cautio n When you delete a VLAN, a ny por ts assigned to that VLAN be come inac tiv e. They r emain associ ated with th e VLAN ( and thus inacti ve) until you assign them to a ne w VLAN. Beginn ing in [...]

  • Страница 356

    13-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Extend ed-Range VLANs T o return an interfac e to its defaul t configu ration, use the default interface in terface-id interfa ce configurati on c ommand. This example shows ho w to configure a port as an access port in VLAN [...]

  • Страница 357

    13-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Conf iguri ng Ext end ed-R ange VL ANs Extended -Ran ge VLAN C onfiguration G uidelines Foll ow th ese guidelines when cr eating exte n ded-range VLA Ns: • T o a dd an extended-ra nge VLAN, y ou mu st use th e vl an vlan-id globa l conf[...]

  • Страница 358

    13-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing Extend ed-Range VLANs Creating an E xtended-Ra nge VL AN Y o u cr eate an exten ded-r ange VLAN in g loba l configur ation mode by ente ring the vlan glob al configurati on comm and with a VLAN ID from 1006 to 4094. Th is com[...]

  • Страница 359

    13-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Conf iguri ng Ext end ed-R ange VL ANs This e xample shows how to c reate a ne w ex tended-ra nge VLAN w ith all d efault charac teristics, e nter config-vlan mode , an d sav e th e new VLAN in th e swit ch start up configu ration file : [...]

  • Страница 360

    13-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Displa ying VL ANs Displaying VLANs Use the show vlan privi leged EXEC command to display a list of all VLA Ns on the switch, including extended -range V LANs. Th e displa y includ es VLAN status, port s, and co nfiguration inform ation .[...]

  • Страница 361

    13-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s Figure 13-2 shows a network of swit ches that are conn ected by ISL trunks. Figur e 13-2 Switc hes in an ISL T runk ing En vir onment Y o u can configure a trunk o n a single Ether net i nterface or o n an Ethe[...]

  • Страница 362

    13-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks Encapsulation Type s T ab le 13-5 lists the Et hernet trunk enca psulat ion types and keyw ords. Note Th e switch doe s not support La yer 3 trunk s; you canno t configure subint erfaces or use the encapsulation [...]

  • Страница 363

    13-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s IEEE 802.1Q Configuration Considerations The IE EE 8 02.1Q t runks i mpose these limita tions o n the trun king stra tegy for a network: • In a ne twork of Cisco switch es conne cted through IEEE 802.1 Q trun[...]

  • Страница 364

    13-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks • Changing t he Pruning-Elig ible List, page 13- 22 • Conf iguring the Nati ve VLAN for Unta gged T raff ic, page 13-23 Note By default, an interfa ce is in Layer 2 mode. The de fault mode for Layer 2 interfa[...]

  • Страница 365

    13-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s T o return an interfac e to its defaul t configu ration, use the default interface in terface-id interfa ce configurat ion com mand. T o reset all tru nking cha rac teris tics of a trunk ing in terface t o the [...]

  • Страница 366

    13-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks T o re duce t he risk o f spann ing-tree loo ps or storm s, you c an disa ble VLA N 1 on any in dividual VLAN trunk port by removin g VLAN 1 from t he allowed list. Whe n you remove VLAN 1 from a trunk port , the[...]

  • Страница 367

    13-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s Beginn ing in pri vileg ed EXEC mode, follo w these steps to remov e VLANs from the pruning- eligible list on a trunk por t: T o r etur n to th e de fault pruni ng-e ligibl e list o f al l VLAN s, us e the no s[...]

  • Страница 368

    13-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks T o return to the defau lt nati ve VL AN, VLAN 1, use the no switchport trunk nativ e vlan inte r face configurati on c ommand. If a pack et has a VL AN ID th at is t h e sa me as the out going p ort n ati ve VLA[...]

  • Страница 369

    13-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s In thi s way , Trunk 1 c arries traffic for V LANs 8 thr ough 1 0, and T runk 2 car ries tra ff i c fo r VLA Ns 3 through 6. If the a cti ve trunk f ails, the tr unk with the lo wer priority tak es ov er and ca[...]

  • Страница 370

    13-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configur ing VLAN Tr unks Load Sharing Using STP Path C ost Y o u can configure pa rallel trunks to share VLAN traffic by setting di fferent path costs on a trunk and associ ating the path costs wit h dif feren t sets of VLANs, blockin g [...]

  • Страница 371

    13-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Confi guri ng V LAN Trunk s Figur e 13-4 Load-Shar ing T run ks with T ra f fic Distr ibuted b y P ath Cost Beginn ing in pri vile ged EXEC mode, follo w these steps to conf igure the netw ork sho wn in Figure 13 -4 : 90573 Switch A Switc[...]

  • Страница 372

    13-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configuring VMPS Configuring VMPS The VLA N Quer y Protocol (V QP) is u sed to suppor t dynami c-ac cess ports , which are not perma nently assigne d to a VLAN, but gi ve VLAN assign ments base d on the MAC source addresses se en on the p[...]

  • Страница 373

    13-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Configuring VMPS Dynamic-Access Port VLAN M embership A dynamic -access port can belo ng to only one VL AN with an ID from 1 to 4094. Wh en the link comes up, the switch does not for ward traf fic to or from this port unt il the VMPS prov[...]

  • Страница 374

    13-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configuring VMPS • IEEE 802. 1x ports ca nnot be c onfigured as dy namic-a ccess ports. If you try to ena ble IEEE 802.1x on a dyna mic-a ccess ( VQP) por t, an e rror message appears , and IEEE 802 .1x i s not enab led. If you try to c[...]

  • Страница 375

    13-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Configuring VMPS Note Y ou must have IP connectivity to the VMPS for dynam ic-acc ess ports to work. Y ou can test for IP connec tivity b y pinging th e IP address of t he VMPS and verifyin g that you get a response . Configuring Dynamic-[...]

  • Страница 376

    13-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configuring VMPS Changing the Reconfirmation In terval VMPS clients perio dically r econf irm the VLAN member ship inf ormation recei ved fro m the VMPS.Y ou can se t the numb er of m inute s afte r wh ich rec onfirmation occ urs. If you [...]

  • Страница 377

    13-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 3 Configuring VLANs Configuring VMPS Monitoring the VMPS Y ou can displ ay inform ation ab out the VM PS by usin g the sho w vmps pri vileged EXEC co mmand. The switch displays this information about the VMPS: • VMPS VQP V ersion—the ver sion of VQP used[...]

  • Страница 378

    13-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 13 Configuring VLANs Configuring VMPS • End stations are connected to the clien ts, Switch B and Switch I. • The dat abase con figuration file is store d on the TFTP server with th e IP address 172. 20.22 .7. Figur e 13-5 Dynami c P or t VLAN Membe rship [...]

  • Страница 379

    C HAPTER 14-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 14 Configuring VTP This c hapter describ es how to us e t he VLA N Trunking Prot ocol ( VTP) a nd the VLAN databa se fo r managing VLANs wi th the Catalyst 3750-E or 35 60-E sw itch. Unl ess otherwis e noted, t he term switch refers to a Catalyst 3750-E or 3 5[...]

  • Страница 380

    14-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Underst anding VTP The swi tch suppo rts 1005 VLA Ns, but the numbe r of r outed po rts, SVIs, and othe r configured feat ures af fects the u sage of the switch hardw are. If the switch is n otifie d by VTP of a ne w VLAN a nd the swit ch is[...]

  • Страница 381

    14-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Underst anding VT P For domain nam e and p assword configuration gui delines, see t he “VTP Conf iguration Guidel ines” section on page 14-8 . VTP Mode s Y o u can configur e a suppor ted switch or sw itch stack t o be in one of the V TP[...]

  • Страница 382

    14-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Underst anding VTP VTP adv ertiseme nts distrib ute this global domain i nformation: • VTP domain na me • VTP configurati on revision number • Update id entity an d updat e timestam p • MD5 diges t VLAN conf iguration, including maxi[...]

  • Страница 383

    14-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Underst anding VT P VTP pruni ng blocks unn eeded floo ded traffic to VLANs on tr unk ports th at are i nclude d in the pruning -elig ible list. Only VLA Ns incl uded in the pruning -el igible l ist can be prun ed. By de fault, VLANs 2 thr o[...]

  • Страница 384

    14-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP Enab ling VT P prun ing on a V TP server e nable s prun ing for the e ntire m anagem ent d omain. Mak ing VLANs pru ning-eligible or pruning-i neligible af fects prun ing eligibility for th ose VLANs on th at trunk only (no[...]

  • Страница 385

    14-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP Default VTP Configuration T ab le 14-2 shows the def ault VTP conf iguration. VTP Configuration Options Y o u can configure VTP by using these co nfiguration mo des. • VTP Configura tion in Global Configuration Mode , page [...]

  • Страница 386

    14-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP VTP Configuration in VLAN Database Configuration Mode Y o u can configure al l VTP param eters in VLA N database con figuration mod e, which you access by ent erin g th e vlan database p rivileged EXEC comma nd. For more in[...]

  • Страница 387

    14-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP VTP Ve rsi on Foll ow these guidelines w hen decidin g which VTP v ersion to implem ent: • All switches in a VTP domain must run the same VTP versi on. • A VTP V ersion 2 -capa ble switch c a n operate in the same VTP dom[...]

  • Страница 388

    14-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP When you con figure a domain na me, it cannot be rem oved; you can only rea ssign a switc h to a different domain. T o r eturn the sw itch to a no-passwor d stat e, u se the no vtp password global co nfigurati on comman d.[...]

  • Страница 389

    14-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP This exam ple sh ows ho w to use VLAN databa se configu ration m ode to configure t he swit ch as a V TP serv er with th e domain name eng_group and the password mypassw or d : Switch# vlan database Switch(vlan)# vtp server [...]

  • Страница 390

    14-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP Use the no vtp mode global co nfigurati on comma nd to retu rn the switc h to VTP server mo de. T o return the swi tch to a no- password sta te, u se t he no vtp password pr ivileged EX EC c ommand. Wh en y ou configure a [...]

  • Страница 391

    14-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP Note Y ou can also c onfigure VTP tra nsparent mod e by using the vlan d ata base privileged EXEC comm and to enter VLAN datab ase conf iguration mod e and by ente ring the vtp transparent command, simila r to the seco nd pr[...]

  • Страница 392

    14-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Conf igurin g VTP Enabling V TP Prunin g Pruning inc reases available bandwi dth by restric ting flood ed traffic to those trunk lin ks that the traff i c must use to acces s the destinat ion devices. Y ou can onl y enabl e VTP prun ing on [...]

  • Страница 393

    14-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 14 Configur ing VTP Configuring VTP Beginning i n privileged E XEC mo de, follow these steps to ver ify an d res et the VTP configurati on revision number on a switch befor e adding it to a VTP domain: Y ou can also ch ange the VTP domain na me by enterin g th[...]

  • Страница 394

    14-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 14 Configuring VTP Monito ring VTP Monitoring VTP Y o u mon itor VT P by displayin g VT P configuratio n infor mation: the domain name, the c urrent V TP revision, and the n umber of VLAN s. Y ou ca n also displa y stat istics about the advertis emen ts se nt[...]

  • Страница 395

    C HAPTER 15-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 15 Configuring Voic e VLAN This c hapter describ es how to c onfigure the voice V LAN fea ture on the Cata lyst 37 50-E or 3560- E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch and to a Catal y s[...]

  • Страница 396

    15-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 15 Configuring Voice V LAN Underst anding Voice VL AN Figure 15-1 shows one way to conne ct a Cisco 7960 IP Phon e. Figur e 15-1 Cisco 79 60 IP Phone Connect ed to a Sw itch Cisco IP Phone Voice Traffic Y ou can conf igur e an access po rt with an atta ched Ci[...]

  • Страница 397

    15-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 5 Configuring Voice VLA N Configuring Voice VLAN Note Un tagged traffic from th e device a ttache d to t he Cisco I P Phone passes t hrou gh the phone unc hanged, regardless of the tr ust stat e of t he acce ss port on the phone. Configuring Vo ice VLAN These[...]

  • Страница 398

    15-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 15 Configuring Voice V LAN Configuring Voice VLAN • The Port Fast featu re is automati cally enabled wh en v oice VLAN is c o nf igured . When y ou disa ble v oice VLAN , the Po rt F a st featu re is n ot automatic ally disabled. • If the Cisc o IP Phon e [...]

  • Страница 399

    15-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 5 Configuring Voice VLA N Configuring Voice VLAN Configuring Cisco IP Phone V oice Traffic Y o u can c onfigure a po rt conn ecte d to the Cisco IP Phon e to se nd CDP pa ckets to th e phon e to c onfigure the wa y in whic h the phone send s vo ice traf fic. [...]

  • Страница 400

    15-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 15 Configuring Voice V LAN Configuring Voice VLAN This example shows ho w to configure a port connected to a Cisco IP Phone to use the CoS value to classify inco ming traf fic, to use I EEE 802.1p prior ity tagging for v oice traf fi c, and to use the def ault[...]

  • Страница 401

    15-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 5 Configuring Voice VLA N Displaying Voice VLAN This exa mple sh ows ho w to c onfigure a port c onnec ted to a Cisco IP Pho ne to not change t he priorit y of frame s rece i ved from t he PC or the attached de vice: Switch# configure terminal Enter configura[...]

  • Страница 402

    15-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 15 Configuring Voice V LAN Displa ying Vo ice VLA N[...]

  • Страница 403

    C HAPTER 16-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 16 Configuring Private VLANs This c hapter d escrib es how to configu re private VLANs on the C ataly st 3750- E or 3560-E switch. Unless otherw ise noted, the term switch refers to a Catalyst 3750-E or 3 560-E stan dalone switch and to a Cataly st 3750-E swit[...]

  • Страница 404

    16-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Underst anding Priva te VLANs Figu re 16-1 Priv a te-VL AN Doma in Ther e are two ty pes o f second ary VLA Ns: • Isol ated VLA Ns—Ports within an iso lated VL AN cann ot comm unicate with ea ch oth er at t h e Layer 2 level. ?[...]

  • Страница 405

    16-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Unde rsta ndin g Priva te VLAN s Primary an d second ary VLANs ha ve these char acter istics: • Primary VLAN—A pri v ate VLAN h as only one primar y VLAN. Ev ery por t in a p ri v ate VLAN is a member of the prim ary VLAN. T h[...]

  • Страница 406

    16-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Underst anding Priva te VLANs Private VLANs across Multiple Switches As with regula r VLANs, pri vate VLAN s can span multiple switches. A trunk port carries the primar y VLAN a nd seco ndary VLANs to a n eighbor ing sw itch. T he [...]

  • Страница 407

    16-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Unde rsta ndin g Priva te VLAN s Y o u should also se e the “Se condar y and Prima ry VLAN Co nfiguration” section on page 16- 7 under the “Pri v ate-VLAN Conf iguration G u idelines” sect ion. Private VLANs and Unicast , [...]

  • Страница 408

    16-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s Private VLANs and Swi tch Stacks Pri vate VLANs can operat e within the switc h stack, and pri vate -VLAN por ts can resid e on dif feren t stack members. Howe ver , some changes to the switch stack can [...]

  • Страница 409

    16-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Conf igurin g Priva te VLAN s Step 5 If inter-VLA N routing will be u sed, co nfigure the pr imary SVI , and ma p secondar y VLAN s to the primary . See th e “Map ping Seconda ry V LANs to a Pri mary V LA N Laye r 3 VL AN Int er[...]

  • Страница 410

    16-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s • W e recomme nd that you prune th e pri vate VLANs from the trunks on de vices that carry no tra ff ic in the p ri v ate VLANs. • Y ou can apply di fferen t quali ty of serv ice (QoS) co nf iguratio[...]

  • Страница 411

    16-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Conf igurin g Priva te VLAN s • Do not configu re ports that bel ong to a P A gP or L A CP E therCha nnel a s priv a te-V LAN port s. Whi le a po rt is part o f the priv ate-V LAN co nfigurati on, any Et herC hannel c onfigurati[...]

  • Страница 412

    16-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s Note Dyn amic MA C address es lear ned in on e VLAN of a pri vat e VLAN are re plicat ed in the associ ated VLANs. F or example , a MAC address lear ned in a sec ondary VL AN is replicate d in th e prim[...]

  • Страница 413

    16-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Conf igurin g Priva te VLAN s When you as sociat e seconda ry VLANs with a prim ary VLA N, note this s yntax info rmation : • The seco ndary_ vlan_lis t paramete r canno t conta in spaces . It can co ntain multiple comm a-sep a[...]

  • Страница 414

    16-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s Configur ing a Lay er 2 Inter face a s a Priv ate-VLAN Host Port Beginning i n privileged E XEC mode, follow these ste ps to c onfigure a Laye r 2 i nterface as a priv a te-VLA N host port and to assoc [...]

  • Страница 415

    16-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Conf igurin g Priva te VLAN s Configur ing a Layer 2 Inter face a s a Priv ate-VLAN Prom iscuous Port Beginning i n privileged E XEC mode, follow these ste ps to c onfigure a Laye r 2 i nterface as a priv a te-VLA N prom iscu ous[...]

  • Страница 416

    16-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Configur ing Private VLAN s Mapping S econd ary VLAN s to a Primary VLAN Layer 3 VLAN Interfa ce If the p ri vate VL AN will be used f or inter -VLAN routing , you con fig ure an S VI for th e primar y VLAN and map sec ondar y VLA[...]

  • Страница 417

    16-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 6 Configuring Private VLA Ns Monitoring Private VLANs Monitoring Private VLANs T ab le 16-1 shows the pri vileged EXE C commands for monitori ng pri v ate-VLAN acti vity . This i s an exampl e of t he o utput from the show vlan private-vlan comm and: Switch([...]

  • Страница 418

    16-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 16 Configuring Private VLANs Monito ring Private VL ANs[...]

  • Страница 419

    C HAPTER 17-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 17 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling V irtual pri v ate netw orks (VPNs) pro vide enter prise-scale connecti vity on a shared infras tructure, ofte n Etherne t-based, w ith the sam e securi ty , prio ritization , reliabili ty , and managea[...]

  • Страница 420

    17-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Underst andin g IEEE 802. 1Q Tunnel ing tagge d packets. A port co nfigured to support IEEE 8 02.1Q tunnel ing is called a tunnel port . When you configure tunn eling, you assign a t unnel port t o a V[...]

  • Страница 421

    17-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Understand ing IEEE 802.1Q Tunnel ing Figur e 17 -2 Or iginal (Nor mal), IEEE 802 .1Q, and Dou ble-T agged Ether net P ack et For mats When the pack et enters the trunk port of the service- prov ider[...]

  • Страница 422

    17-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing IEEE 80 2.1Q Tunn eling Configuring IEE E 802.1Q Tunneling These sec tions co ntain this co nfiguration in format ion: • Default IE EE 802.1Q T u nneling Configu ration, pa ge 17-4 • I[...]

  • Страница 423

    17-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configur ing IEEE 802.1Q Tunnel ing These are some wa ys to solv e this problem: • Use ISL tru nks betw een core switches i n the servi ce-prov ider networ k. Althoug h custo mer interfaces connec [...]

  • Страница 424

    17-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing IEEE 80 2.1Q Tunn eling For example, the switch su pports a maximu m fram e size of 149 6 bytes with one of the se co nfigurations: • The sw itch ha s a sy stem jum bo M TU value of 1500[...]

  • Страница 425

    17-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configur ing IEEE 802.1Q Tunnel ing Configur ing an IEEE 80 2.1Q Tunneli n g Port Beginning i n privileged E XEC mo de, follow these steps to con figure a port a s an IEEE 80 2.1Q tunne l port: Use t[...]

  • Страница 426

    17-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Underst andin g Layer 2 Pro tocol Tunneling Understandin g Layer 2 Protocol Tunnelin g Cust omers a t dif feren t sit es conn ected acr oss a se rvice-pro vider ne twork ne ed to us e v arious Layer 2 [...]

  • Страница 427

    17-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Understan ding Layer 2 Protoco l Tunnel ing Figur e 17 -4 Lay er 2 Pr ot ocol T unneling Figur e 17 -5 Lay er 2 Networ k T opolog y without Proper Con ve r gence In an SP network , you ca n use L aye[...]

  • Страница 428

    17-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing Layer 2 Protocol Tu nneling For exam ple, in Figur e 17-6 , Customer A has two switc hes in the same VLAN that are connected through the SP network. When th e network tun nels PDUs , swit[...]

  • Страница 429

    17-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configu r ing Laye r 2 Protoco l Tunnel ing See Figure 17-4 , with Customer X and C ustom er Y in acc ess VLANs 30 and 4 0, res pecti vel y . Asymmetric lin ks connect th e customers in Site 1 to ed[...]

  • Страница 430

    17-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing Layer 2 Protocol Tu nneling Layer 2 Protoco l Tunneling C onfigura tion Guide lines These are some co nfigurati on gu ideline s and ope rating c harac teristi cs of L ayer 2 prot ocol tun[...]

  • Страница 431

    17-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configu r ing Laye r 2 Protoco l Tunnel ing Configuring L ayer 2 P rotocol Tu nneling Beginning in privileged EXEC mo de, fol low these steps to con figure a port for La yer 2 proto col tunneli ng: [...]

  • Страница 432

    17-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing Layer 2 Protocol Tu nneling Use the no l2protocol-tunnel [ cdp | stp | vtp ] int erface configurat ion com mand t o disa ble pr otocol tunnel ing for one of the Laye r 2 protoco ls or for[...]

  • Страница 433

    17-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configu r ing Laye r 2 Protoco l Tunnel ing Use the no l2pr otocol-tunnel [ po int-to-point [ pag p | lacp | udld ]] inter face conf iguration co mmand to disable po int-t o-point protoco l tunneli [...]

  • Страница 434

    17-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Configur ing Layer 2 Protocol Tu nneling Configuring the Customer Sw itch After conf iguring the SP edge switch, begin in pri vileged EXEC mode and follo w these steps to configure a c ustomer switch [...]

  • Страница 435

    17-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 1 7 Configuring IEEE 80 2.1Q and L ayer 2 Protocol Tunnelin g Configu r ing Laye r 2 Protoco l Tunnel ing Switch(config-if)# l2protocol-tunnel drop-threshold point-to-point pagp 1000 Switch(config-if)# exit Switch(config)# interface gigabitethernet1/0/3 Switch[...]

  • Страница 436

    17-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 17 Configuring IEEE 802.1Q and Layer 2 Protocol T unneling Monito ring and Mai ntaining Tun neling Sta tus Monitoring and Main taining Tunneling Status T ab le 17-2 shows the pri vileged EXE C commands for monitori ng and maintaining IEEE 802.1Q and Lay er 2 [...]

  • Страница 437

    C HAPTER 18-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 18 Configuring STP This chapt er desc ribes how to configure the Sp anni ng T ree Protoc ol (STP) on port-ba sed VLANs on the Catalyst 3750-E or 3560-E switch. The swi tch can u se ei ther the per-VLAN spa nning-t ree plus ( PVST+ ) protocol based on the IEE E[...]

  • Страница 438

    18-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures • Spanning -T ree Mode s an d Protoc ols, pa ge 18-1 0 • Supporte d Spanning -Tree Instances, pa ge 18-1 0 • Spanning- T ree Interop erability and Backw ard Compatibi lity , page 18-11 • STP a[...]

  • Страница 439

    18-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures Spannin g-Tr ee Topo logy an d BPDUs The stable, ac tiv e sp anning-t ree topolog y of a switched network is controlled by these elements: • The uni que bridge ID (sw itch p rior ity and MAC address)[...]

  • Страница 440

    18-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures Only one outgoin g port on the stack root switc h is selected as the root port. The remaining switch es in the stack become its designated switch es (Switch 2 and Switch 3) as sho wn in Figure 1 8-1 o[...]

  • Страница 441

    18-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures The swi tch sup ports t he IEEE 802.1t spanni ng-tre e extension s, and some of t he bits pr eviously used for the switch prior ity are no w used as the VLAN identif ier . The result is that fe wer MAC[...]

  • Страница 442

    18-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures • From le arning t o fo rwarding o r to disable d • From for warding to d isabled Figure 18-2 illustrates ho w an interface mo ves through the states. Figur e 18-2 Spannin g-T r ee Inte rf ace Sta[...]

  • Страница 443

    18-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures Blocking State A Layer 2 interf ace in the blockin g state does not particip ate in fram e forw arding. Af ter initi alization, a BPDU is sent to each swi tch interfac e. A switch initial ly functions [...]

  • Страница 444

    18-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures Disabled State A Laye r 2 int erface in th e disab led state do es not parti cipa te in frame forwar ding or in the span ning tree. An interf ace in the disabled state is nonoperational. A dis abled i[...]

  • Страница 445

    18-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures Spanning Tree and Redun dant Conn ectiv ity Y o u can cr eate a redunda nt back bone w ith spa nning t ree by co nnecting two switc h inte rfaces to anot her device or to two different devices, as show[...]

  • Страница 446

    18-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Underst anding Spa nning- Tree Fea tures Becau se each V LAN is a sepa rate sp anning -tre e instan ce, the switc h accelerates aging o n a per - VLAN basis . A spanni ng-tree rec onf iguration on one VLAN can ca use the dynami c address es[...]

  • Страница 447

    18-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Unders tanding Spanni ng-Tree Feat ures Spanning-Tree Interoperability and Backward Compatibility T ab le 18-2 lists the inter operability and compatibility among the s upported s panning-tree mo des in a network. In a mi xed MSTP and PV ST[...]

  • Страница 448

    18-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures individual VL AN spa nning tre es to pr ev ent lo ops from f ormi ng if the re are multip le con necti ons among VLANs . It also prevents the individual spanning trees from the VLAN s being bridged fro [...]

  • Страница 449

    18-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures • Conf iguring th e Switch Priority of a VLAN, page 18- 21 (optional) • Conf igur ing Sp annin g-T ree T imer s, page 18 -22 (optional ) Default Span ning-T ree Configur ation T ab le 18-3 shows the[...]

  • Страница 450

    18-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures Cautio n Switches that are not running spanning tre e still forwar d BPDUs that they rece iv e so that the other switche s on the V LA N that have a run ning span ning -tree in stance can b reak l oops.[...]

  • Страница 451

    18-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Changing the Spa nning-Tree M ode. The sw itch s upports th ree spanning -tree mo des: PV ST+, rapi d PVST+, or MS TP . By defau lt, the switch runs th e PVST+ protocol . Beginning in privileged EXEC mo[...]

  • Страница 452

    18-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures Disabling Sp anning Tree Spanning tree is enab led by defau lt on V LAN 1 and on all newly crea ted VL ANs up to the spannin g-tree limit specif ied in the “ Suppor ted Spann ing-Tree Instances” sec[...]

  • Страница 453

    18-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Note Th e ro ot swit ch fo r eac h span ning -tree instan ce shou ld be a ba ckbone or di stribution switch . Do not conf igure an acces s switch as the span ning -tre e primar y root. Use the diameter [...]

  • Страница 454

    18-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures Configur ing a Secondar y Root Switch When you con figure a switch as the secondary root, the switc h priori ty is modified from t he default value (32768 ) to 28672. Th e switc h is then l ikely to bec[...]

  • Страница 455

    18-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Note If your switch is a m ember of a switch stack, you mu st us e the spanning-tree [ vlan vlan-id ] cost cost interfac e configurati on comma nd instea d of the spanning-tree [ vlan vla n-id ] port-pr[...]

  • Страница 456

    18-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures T o return to the default setting, use the no spanning-tree [ vlan vlan-id ] port-pr iori ty interf ace configurati on c ommand. For inf ormati on o n how to co nfigure l oad sh aring on trun k port s b[...]

  • Страница 457

    18-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Note Th e show spanning-tree inter face interface- id privileged EXEC comma nd displays in format ion only for ports that ar e in a link-up op erati ve sta te. Otherw ise, you can use the show runni ng-[...]

  • Страница 458

    18-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Configur ing Spannin g-Tree Feat ures Configuring S pannin g-Tree Timers T ab le 18-4 descr ibes the timer s that af fect the en tire spanning -tree p erfor mance. The sectio ns that follo w pro vide the conf iguration steps. Configuring th[...]

  • Страница 459

    18-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 18 Configur ing STP Confi guring Spanni ng-Tree Feat ures Configuring the Forwarding -Delay Time fo r a VLAN Beginning i n privileged E XEC mode, follow these ste ps to c onfigure t he forwarding -del ay ti me for a VLAN. Th is proc edure is opt ional . T o re[...]

  • Страница 460

    18-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 18 Configuring STP Displaying the Spannin g-Tree Stat us Configuring the Transmit Hold -Count Y o u can configure the BPDU burst size by changing th e transm it hold coun t v alue . Note Changing this parameter to a hi gher va lu e can hav e a significant imp[...]

  • Страница 461

    C HAPTER 19-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 19 Configuring MSTP This c hapter describ es how to c onfigure the Cisco imple mentat ion of the I EEE 802 .1s Multiple STP (MS TP) on t he Cat alyst 3 750-E or 3560- E switch. Note The multiple spanning-tree (MST) implementation is based on the IEEE 802.1s st[...]

  • Страница 462

    19-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding MST P • Configuring M STP Fea tures, p age 19-14 • Display ing the MST Configura tion and Statu s, page 19-26 Understandin g MSTP MSTP , which uses RSTP for ra pid con vergence, en ables VLA Ns to be group ed into a spann[...]

  • Страница 463

    19-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Unde rsta ndi ng M STP IST, CIST, an d CST Unlik e PVST+ and rapid PVST+ in whi ch all the spann ing-t ree inst ances are in depend ent, the MST P establishes and maintains tw o types of sp anning trees: • An interna l spanning tree (IST)[...]

  • Страница 464

    19-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding MST P For correct operatio n, all switch es in the MST region m ust agree on the sam e CIST regi onal root. Theref ore, any two switches in the regi on only sync hronize their port roles for an MST insta nce if th ey conv erg[...]

  • Страница 465

    19-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Unde rsta ndi ng M STP MSTP switch es use V ersion 3 R STP BPDUs o r IEEE 8 02.1D STP BPD Us to com municate wi th legacy IEEE 8 02.1D sw itches . MST P switch es use M STP BPD Us to commun icate with MSTP switches . IEEE 802.1s Terminology[...]

  • Страница 466

    19-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding MST P The messa ge-age and maxim um-ag e info rmati on in the RST P portion of the BPDU re main th e same through out the region, and the sam e values are propagated by the regi on designat ed ports at t he boundary . Bounda [...]

  • Страница 467

    19-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Unde rsta ndi ng M STP Port Role Naming Change The bo undary role is no lo nger in the f inal MST standar d, b u t this boundary c oncept is maintained in Cisco’ s implemen tation. Howe ver , an MST instan ce por t at a bound ary of the r[...]

  • Страница 468

    19-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding MST P Detecting Unidirect ional Link Failure This fea ture is not yet pr esent in the IEEE MST st andard, but it is included in th is Cisco IOS rele ase. The sof tware chec ks the c onsis tency of the port ro le an d stat e i[...]

  • Страница 469

    19-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Understa nding RST P Interoperability with IEEE 802.1D STP A switch r unning M STP supp orts a built-in pr otocol migrat ion mecha nism that enable s it to i nteroper ate with legacy IEEE 802.1D switche s. If this switc h receives a legac y[...]

  • Страница 470

    19-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding RSTP • Backup po rt—A cts as a backup for t he path p rovided by a de sign ated po rt toward the le av es of the spannin g tree . A ba ckup port can exist only when t wo port s are c onne cted in a lo opback by a point-t[...]

  • Страница 471

    19-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Understa nding RST P After recei ving Sw itch B’ s agreemen t message, Switc h A also immediately tran sitions its designat ed port to the forwar ding state. No lo ops i n the n etw ork a re for med b ecause Switch B blocked al l of it s[...]

  • Страница 472

    19-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Underst anding RSTP If a designa ted port is in the forwarding state and is not con figu red as an edge port, it transitions to th e blocking state when the R STP forces it t o sync hroniz e with new root informa tion. In g eneral, when th[...]

  • Страница 473

    19-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Understa nding RST P The sending switch sets the proposal flag in the RSTP BPDU to propose itself as the d esignated switch on that LAN. The p ort role in the proposa l message is alway s set to the designated port. The send ing switch set[...]

  • Страница 474

    19-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es • Notificati on—Un like IE EE 802. 1D, which u ses TCN BPDUs, the RSTP d oes n ot us e them . Ho we ver , for IEEE 802.1D interoperability , an RSTP switch processes an d generates TCN BPDUs. • Ackno wledg[...]

  • Страница 475

    19-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res Default MSTP Configuration T ab le 19-4 shows the default M STP c onfiguration . For informat ion about the suppor ted numbe r of spanni ng-tree instan ces, see the “Supp orted Spanning -T ree In stance s” s[...]

  • Страница 476

    19-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es • VTP propa gation of the MST co nfiguration i s not suppo rted. Howev er , you can manu ally c onfigure the MS T co nfiguration (region n ame , revision num ber, and VLA N-to-in stance mappi ng) o n each swit[...]

  • Страница 477

    19-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res T o r etur n to th e defa ult M ST region c onfigurati on, u se th e no spanning-tree mst configurat ion global conf iguratio n command. T o return to the def ault VLAN- to-instanc e map, use the no instance ins[...]

  • Страница 478

    19-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es T o conf igure a s witch t o beco me the root, use the spanning-tr ee mst instance- id root gl obal configurati on c ommand to m odify t he sw itch priori ty from the default value (32768) to a sign ificantly lo[...]

  • Страница 479

    19-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res T o return the switch to it s default setting, use the no spanning- tree mst instance-id ro o t gl obal configurati on c ommand. Configur ing a Secondar y Root Switch When you con figure a swit ch wit h the exte[...]

  • Страница 480

    19-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es Configuring Port Priority If a l oop occur s, the MST P uses the p ort pr iority when selecting an interf ace to put into th e forw arding state. Y ou can assig n higher p riority v alues (l o wer num erical va [...]

  • Страница 481

    19-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res T o return the interface to it s default setting , use the no spanning- tree mst insta nce-id port-priority interf ace c onfig uration co mmand. Configuring Path Cost The MSTP path cost def ault v alue is deriv [...]

  • Страница 482

    19-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es Configuring the Switch Priority Y ou can conf igure the switch priorit y and make it more lik ely that a standalo ne switch or a switch in the stack will be c hosen as the root switch. Note Exercis e care when u[...]

  • Страница 483

    19-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure the hell o time for all MST instances. This pro cedure is optional. T o return the sw itch to its d efault se tting, use the no spanning-tre[...]

  • Страница 484

    19-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Configur ing MSTP Featur es Configuring the Maxi mum-Aging Time Beginn ing in p ri vileg ed EXEC mode, fo llo w these s teps to conf ig ure the maximum-agi ng time f or all MST inst ance s. This procedure is optio nal. T o return the switc[...]

  • Страница 485

    19-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 19 Configur ing MSTP Confi guring MSTP Featu res By default, the link type is c ontrol led from the duplex mode of the i nterface: a full-d uplex port is conside red t o have a poin t-to-poi nt co nnecti on; a half- duplex por t is c onsi dered to have a share[...]

  • Страница 486

    19-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 19 Configuring MSTP Displaying the MST Configu ration and Stat us Restarting the Protocol Mi gration Proce ss A switch r unning M STP supp orts a built-in pr otocol migrat ion mecha nism that enable s it to i nteroper ate with legacy IEEE 802.1D switche s. If[...]

  • Страница 487

    C HAPTER 20-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 20 Configuring Optional Spannin g-Tree Features This c hapter describ es how to c onfigure op tional spannin g-tree featur es on the C ataly st 3750- E or 3560-E sw itch. Y ou can configure a ll of these fe ature s when your sw itch is runni ng the pe r -VLA N[...]

  • Страница 488

    20-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures Understand ing Port Fa st Port Fast immedia tely br ings an inte rface configured as an acces s or trunk port to the forward ing state from a blocki ng sta te, b[...]

  • Страница 489

    20-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Unders tandin g Optional Spanni ng-Tree Fe atures At the interf ace le vel, you en able BPDU guard on an y port b y using the spanning-tr ee bpduguard enab le interface conf iguration command with out also e nab[...]

  • Страница 490

    20-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures Figu re 20-2 Switches in a Hi erarchical Ne twork If a switch loses co nnectivity , it begins using t he alterna te path s as soon as the span ning tree selec ts[...]

  • Страница 491

    20-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Unders tandin g Optional Spanni ng-Tree Fe atures Figur e 20-3 UplinkF ast Exam ple Befor e Dir ect Link F ailur e If Switch C detects a lin k failure on the currently act i ve link L2 on the root port (a dir e [...]

  • Страница 492

    20-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures How CSUF Work s CSUF ensures that one link in the stack is elected as the path to the root. As shown in Figure 20-5 , the stack- root po rt on Sw itch 1 provide [...]

  • Страница 493

    20-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Unders tandin g Optional Spanni ng-Tree Fe atures Each switch in the stac k decides if the sending switch is a better choice than itself to be the stack root of this span ning- tree inst ance b y compar ing the [...]

  • Страница 494

    20-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures Backbon eFast, w hich is e nable d by us ing th e spanning-tree backbonefast global c onfiguratio n comm and, star ts when a ro ot port or bl ocked inter face on[...]

  • Страница 495

    20-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Unders tandin g Optional Spanni ng-Tree Fe atures If lin k L 1 fails as sh own in Figu re 20-7 , Switch C cannot detect this f ailure bec ause it is not co nnected direct ly to link L1. Ho wev er , because Switc[...]

  • Страница 496

    20-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Underst anding O ptional Sp anning-Tre e Feat ures Understand ing Ethe rCha nnel Gua rd Y o u can use EtherC hannel guard to detect an Ethe rChan nel mi sconfigurati on betwe en the switch a nd a connect ed devi[...]

  • Страница 497

    20-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Confi guring Opt ional Spanni ng-Tree Fe atures Figu re 20-9 R oot G ua rd in a Se rvi ce- Provider Network Understand ing Loop Guard Y o u can use loo p gua rd to prevent al ternate or root po rts from becom i[...]

  • Страница 498

    20-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Configur ing Opti onal Spanni ng-Tree Features • Enab ling B ackbone Fast, page 20-1 6 (optional) • Ena bling Ether Channel Guard, page 20-17 (optional) • Enab ling Root Guar d, page 20-1 8 (opt iona l) ?[...]

  • Страница 499

    20-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Confi guring Opt ional Spanni ng-Tree Fe atures Y o u can enab le th is fea ture if your switch is r unning PVST+, rapi d PVST+, or MSTP . Beginn ing in pri vile ged EXEC mode, follo w these steps to enable Por[...]

  • Страница 500

    20-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Configur ing Opti onal Spanni ng-Tree Features The BPDU guard fe ature pr ovides a secur e respon se to in valid configurati ons becau se you m ust manual ly put the por t ba ck in serv ice. Use t he BPDU gua rd[...]

  • Страница 501

    20-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Confi guring Opt ional Spanni ng-Tree Fe atures Y o u can also use the spanning-tree bpduf ilter enable inte rface conf iguration com mand to enable BPDU fil tering on any interf ace without also en abling the [...]

  • Страница 502

    20-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Configur ing Opti onal Spanni ng-Tree Features Beginn ing in pri vileged EXEC mode, follo w these steps to enable UplinkF ast and CSUF . This procedu re is optional. When UplinkF ast is enabled, the switc h prio[...]

  • Страница 503

    20-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Confi guring Opt ional Spanni ng-Tree Fe atures Note If you use Backbon eFast, you m ust enabl e it o n all switch es in th e ne twork. B ackboneFast is no t supported on T oken Ring VLAN s. This featur e is su[...]

  • Страница 504

    20-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Configur ing Opti onal Spanni ng-Tree Features Enabling R oot Guard Root gu ard e nable d on an int erface applie s to all th e VLA Ns to whi ch th e int erface belongs . Do not enable t h e root guard on interf[...]

  • Страница 505

    20-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 0 Configuring Op tional Spa nning-Tree Features Display ing the Spanning -Tree Status T o g lobal ly dis able lo op gua rd, use the no spanning-tree loopguard default global configuratio n command. Y ou can o verride the settin g of the no spanning-tr ee loo[...]

  • Страница 506

    20-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 20 Configuring Optional Span ning-Tree Features Displaying the Spannin g-Tree Stat us[...]

  • Страница 507

    C HAPTER 21-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 21 Configuring Flex Link s and the MAC Address-Table Move Update Feature This chapte r describes ho w to conf igure Fle x Links, a pair of inter faces on the Cataly st 3750-E or 3560-E sw itch that provide a mutua l backup. It also descr ibes how to configure [...]

  • Страница 508

    21-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Underst andin g Flex Links and the M AC Addr ess-Tabl e Mov e Update Y o u configure Flex Link s on one Layer 2 interface (the activ e link) by assign ing anothe r Layer 2 interf ace [...]

  • Страница 509

    21-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Understan ding Flex Links a n d the MAC Addr ess-Table Mo ve Update Figur e 21 -2 VLAN Flex Links Load Balancing Configu ratio n Examp le MAC Addr ess-Ta ble Move Up date The MAC add[...]

  • Страница 510

    21-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Underst andin g Flex Links and the M AC Addr ess-Tabl e Mov e Update switch C l earns the MAC address of the PC on p ort 4. Switch C upda tes the MA C addr ess ta ble, includi ng the [...]

  • Страница 511

    21-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Config uring Fl ex Links an d MAC Address- Table Mo ve Update Configuring Flex Links and MAC Address-Tab le Move Update These se ctions conta in this i nformation: • Configuration [...]

  • Страница 512

    21-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Configur ing Flex L inks and MA C Addr ess-Tabl e Move Update Configuring Flex Links and MAC Address-Tab le Move Update This section contain s this information: • Configuring Flex L[...]

  • Страница 513

    21-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Config uring Fl ex Links an d MAC Address- Table Mo ve Update Beginning in int erface configur ation mode , follow these steps t o configure a pree mption scheme for a pair of Flex L[...]

  • Страница 514

    21-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Configur ing Flex L inks and MA C Addr ess-Tabl e Move Update Configuring V LAN Load Ba lancing on Flex Lin ks Beginning in privileged EXEC mo de, follow these steps t o configure VLA[...]

  • Страница 515

    21-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Config uring Fl ex Links an d MAC Address- Table Mo ve Update When a Flex Link in terface com es up, VL ANs pre ferred on t his interfa ce ar e blocked on the peer interf ace a nd mo[...]

  • Страница 516

    21-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Configur ing Flex L inks and MA C Addr ess-Tabl e Move Update T o di sable th e MA C address- table move update featur e, use t he no mac address-table move update transmit interfac [...]

  • Страница 517

    21-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 1 Configuring Fl ex Links an d the MAC A ddress-Ta ble Mo ve Update Featu re Monitor ing Flex Links and the MAC Address- Table Move Upd ate T o di sable th e MA C address- table move update featur e, use t he no mac address-table move update rec e ive c onfi[...]

  • Страница 518

    21-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 21 Configurin g Flex Link s and the MAC Addr ess-Tabl e Move Update Feature Monito ring Flex L inks and t he MAC Addr ess-T able Move Updat e[...]

  • Страница 519

    C HAPTER 22-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 22 Configuring DHCP Features and IP Source Guard This c hapter describ es how to c onfigure DH CP snoop ing an d th e option -82 da ta inse rtion feat ures on the Cataly st 3750-E or 356 0-E switc h. It also desc ribes how to configure the IP source guard fea [...]

  • Страница 520

    22-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Underst anding DHCP F eatures For information a bout the DHCP c lient, see t he “ Configuring DHC P ” section of the “ IP Addressing and Services ” section of the C isco IOS IP C onfiguration Guide, [...]

  • Страница 521

    22-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Understa nding DHCP Fe atures The s witch drops a DH CP pack et when on e of t hese situa tions occurs : • A pack et from a DHCP serv er, such as a DHCPOFFER, DHCP A CK, DHCPN AK, or DHCP LEASEQU ER Y p acke[...]

  • Страница 522

    22-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Underst anding DHCP F eatures Figure 22-1 is an exam ple of a metropo litan Ethern et networ k in which a centraliz ed DHCP server assign s IP addr esses to sub scribe rs connec ted to the sw itch at the acc[...]

  • Страница 523

    22-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Understa nding DHCP Fe atures • Remote-ID suboptio n fields – Suboption t ype – Length of th e subo ption type – Remote-ID typ e – Leng th o f t he remo te -ID typ e In the port f ield of th e circu [...]

  • Страница 524

    22-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Underst anding DHCP F eatures The values fo r these fields in the packets chan ge from t he default values when you c onfigure the remote-I D and circu it-ID subo ptions: • Circuit-ID subop tion f ields ?[...]

  • Страница 525

    22-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Understa nding DHCP Fe atures Each da tabase en try ( binding ) has an IP addr ess, an ass ociated MA C address, the lea se time (in hexa d ecimal format ), the interfa ce to which the bindin g applies, and th[...]

  • Страница 526

    22-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Configur ing DHCP Fe atures DHCP Snoop ing and Switch Sta cks DHCP sn oopin g is manage d on the st ack mas ter . When a ne w switch joi n s the stac k, the swit ch recei ves the DHCP snooping conf iguration[...]

  • Страница 527

    22-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Config uring DHC P Featu res DHCP Snooping Config uration Guidelines These ar e the configur ation guidelin es for DHCP snoo ping. • Y o u must globall y enable DHCP snooping on the switch. • DHCP snooping[...]

  • Страница 528

    22-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Configur ing DHCP Fe atures • Before conf iguring the DHCP rel ay agent on your switch, make su re to conf igure the de vice that is acti ng as the D HCP ser ver . For example , you must spec ify the I P [...]

  • Страница 529

    22-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Config uring DHC P Featu res Configuring the DHCP Relay Agent Beginn ing in pri vileged EXEC mode, follo w these steps to enable the DHCP relay agen t on the switch: T o disabl e the DHCP s erv er and relay a[...]

  • Страница 530

    22-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Configur ing DHCP Fe atures T o remo ve the D HCP pac ket forw ardin g addr ess, u se th e no ip helper -addr ess addr ess in terfa ce configurati on c ommand. Enabling DHC P Snoo ping and Op tion 82 Beginn[...]

  • Страница 531

    22-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Config uring DHC P Featu res T o disab le DHCP snoopi ng, use the no ip dhcp snooping global configurat ion comm and. T o disab le DHCP snoo ping o n a VLAN or range of VLA Ns, use the no ip dhcp snooping vla[...]

  • Страница 532

    22-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Configur ing DHCP Fe atures Switch(config)# interface gigabitethernet2/0/1 Switch(config-if)# ip dhcp snooping limit rate 100 Enabling DHC P Snoo ping on Priva te VLANs Y o u can en able D HCP sno oping on [...]

  • Страница 533

    22-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Display ing DHCP Sno oping In formation T o s top u sing the da tabas e ag ent a nd bindi ng files, use the no ip dhcp snooping database global configurati on c ommand. T o rese t the t imeou t or de lay valu[...]

  • Страница 534

    22-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Underst anding IP So urce Gu ard Note If DHCP snooping is enabled and an in terface ch anges to the do wn state, the switch does not delete th e static ally co nfigured bind ings. Understandin g IP Source G[...]

  • Страница 535

    22-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Confi guri ng IP S our ce G uard Source IP and MA C Address Filtering When IP s ource guard is enabl ed with th is option , IP tra ff ic is f ilter ed bas ed on the s ource IP and MA C addr esses. The s witch[...]

  • Страница 536

    22-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Conf igurin g IP S our ce Gu ard • When configur ing IP source guard on i nterfac es on whic h a priv a te VLAN is configured , port securit y is not supporte d. • IP source gua rd is n ot su pported on[...]

  • Страница 537

    22-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 2 Configuring DH CP Features and IP Source G uard Displaying IP Source Guard Information This exam ple sh ows how to enable IP so urce guard with source IP an d MAC f ilter ing on VLAN s 10 and 11: Switch# configure terminal Enter configuration commands, one[...]

  • Страница 538

    22-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 22 Configuri ng DHCP Features and I P Sour ce Guard Display ing IP Source G uard Info rmation[...]

  • Страница 539

    C HAPTER 23-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 23 Configuring Dynamic ARP Insp ection This chapt er desc ribes how to configure dynam ic Addr ess Resolu tion Proto col inspec tion ( dynami c ARP inspection) on the Catalyst 3750-E or 3560-E switc h. This feature helps pre vent malicious atta cks on the swit[...]

  • Страница 540

    23-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Underst anding D ynamic ARP I nspection Figur e 23-1 ARP Cache P oisoning Hosts A, B, and C are connected to the switch on interfaces A, B and C, all of which are on the same subnet. Their IP and MAC address es are shown i[...]

  • Страница 541

    23-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Understa nding Dynami c ARP Inspect ion Y o u can configure dynamic ARP inspec tion to drop ARP packets when the IP addre sses in the pac kets are i n valid or when the M A C addr esses in the body of t he ARP pac kets [...]

  • Страница 542

    23-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Underst anding D ynamic ARP I nspection Dynamic ARP i nspectio n ensure s that h osts (on untrust ed in terfaces) connec ted t o a sw itch run ning dynami c ARP inspect ion do not po ison the ARP ca ches of other hosts in [...]

  • Страница 543

    23-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion Logging o f Dropped Packet s When th e switch d rops a p acke t, it pl aces an entry in the log b uffe r and th en gener ates syst em mess ages on a ra te-controlle d basis. Afte r[...]

  • Страница 544

    23-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Configur ing Dynam ic ARP Insp ection Dynamic ARP In spectio n Configuratio n Guidelin es These are the dynam ic ARP inspec tion con figu ration guidel in es: • Dynamic ARP inspectio n is an ingre ss security feat ure; i[...]

  • Страница 545

    23-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion • The operati ng rate for the p ort channe l is cumulati ve across all the physical p orts within the c hannel. For ex ample, if y ou conf igure the port ch annel with an ARP rat[...]

  • Страница 546

    23-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Configur ing Dynam ic ARP Insp ection T o di sable dy namic ARP insp ecti on, use the no ip arp inspec tion vlan vlan-range g lobal c onfigurati on command. T o return th e inter faces to an untrusted state, u se the no ip[...]

  • Страница 547

    23-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure an ARP AC L on Switch A. This procedu re is requir ed in non-DH CP environments. Command Purp ose Step 1 co n[...]

  • Страница 548

    23-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Configur ing Dynam ic ARP Insp ection T o remov e the ARP A CL, use the no arp access-li st global configurat ion comma nd. T o remove the ARP A CL attach ed to a V LAN, use the no ip arp inspection f ilter a rp-acl- name[...]

  • Страница 549

    23-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion For configurat ion gui delines f or ra te limit ing tr unk port s and E therCha nnel ports, see the “Dynamic AR P Inspecti on Configuration G uidelin es” sectio n on page 23-6[...]

  • Страница 550

    23-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Configur ing Dynam ic ARP Insp ection Be ginnin g in pri vileged EXE C mode, fo llo w these st eps to perf orm specif ic chec ks on inco ming ARP packet s. This procedur e is optional. T o di sable ch ecki ng, use the no [...]

  • Страница 551

    23-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Config uring Dyna mic ARP I nspect ion If the log b uffer o verf low s, it means that a log e vent does not f it into the log buf fer , and the display for the show ip arp inspection l og privileged EXEC comma nd is af[...]

  • Страница 552

    23-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Display ing Dyna mic ARP Insp ectio n Informat ion T o return to the default log b uffer settin gs, use the no ip arp inspectio n log-buf fer { ent ries | logs } global configurati on com mand. T o return to the de fault [...]

  • Страница 553

    23-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 3 Configuring Dy namic ARP In spectio n Displaying Dynamic ARP Inspection Information T o clear or display dynamic ARP inspec tion statistics, use the pri vile ged EXEC commands in T ab le 23-3 : For t he show ip arp inspec tion statis tics c omma nd, th e s[...]

  • Страница 554

    23-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 23 Configuring Dynamic ARP Inspection Display ing Dyna mic ARP Insp ectio n Informat ion[...]

  • Страница 555

    C HAPTER 24-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 24 Configuring IGMP Sno oping and MVR This cha pter descr ibes how to configure Int ernet Group Ma nageme nt Proto col (IGMP) snooping on the Catalyst 375 0-E or 3 560-E switch, includ ing an appli cation of loc al IGMP sno oping, Mu lticast VL AN Registration[...]

  • Страница 556

    24-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Underst anding IG MP Snoo ping Understandin g IGMP Snooping Layer 2 switches can use IGMP snooping to constra in the flooding of multic ast traf f ic by dynamically conf iguring Layer 2 inter faces so that multicast tr[...]

  • Страница 557

    24-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Underst andin g IGMP Sn ooping IGMP Versions The sw itch supports IGM P V ersion 1, IGM P V ersion 2, and IGMP V ersion 3. The se version s are interope rable on th e sw itch. For exam ple, if IG MP snoo ping i s enabl ed[...]

  • Страница 558

    24-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Underst anding IG MP Snoo ping Figur e 24-1 Initial IGM P Join M essag e Router A sends a genera l quer y to th e switch , which forwar ds the qu ery to ports 2 t hroug h 5, whi ch are all members of the same VLAN. Hos[...]

  • Страница 559

    24-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Underst andin g IGMP Sn ooping If anothe r ho st (for example, Host 4 ) send s an unsolici ted IGM P jo in message for t he sam e group ( Figure 24 -2 ), the CPU receives that message a nd adds the por t numb er of Host 4[...]

  • Страница 560

    24-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Underst anding IG MP Snoo ping Immediat e Leave Immedi ate Leave is only support ed on IGM P V er sion 2 hosts. The swi tch uses IG MP snoop ing Imme diate Leave to remove from the forwar ding ta ble an inte rface that[...]

  • Страница 561

    24-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping IGMP Snoop ing and Switch Sta cks IGMP snooping functions across th e switch stack ; that is, IGMP con trol inf ormation from one swit ch is distrib uted to all switches in the stack. ( See Chap [...]

  • Страница 562

    24-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping Enabling or Dis abling IGMP Sn ooping By default, IGM P snoopin g is global ly enab led on the swi tch. When gl oball y enab led or disable d, it is also enabled or disa bled in all existin g [...]

  • Страница 563

    24-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Setting th e Snoo ping M ethod Multicast -capable ro uter port s are added to the forw arding table for e very Layer 2 multic ast entry . The switch learn s of such port s through one of these me[...]

  • Страница 564

    24-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping This example shows ho w to configure IGMP sno oping to use CGMP packets as t he learni ng method : Switch# configure terminal Switch(config)# ip igmp snooping vlan 1 mrouter learn cgmp Switch[...]

  • Страница 565

    24-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configuring a Host Sta tically to Join a Group Hosts or La yer 2 port s normall y join m ulticast groups dyna mically , but yo u can also sta tically configure a host on an in terface . Beginn i[...]

  • Страница 566

    24-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping T o disabl e IGMP Immed iate Lea ve on a VLA N, use the no ip igmp snooping vlan vlan-i d immediate-lea ve glo bal c onfiguration com mand. This exam ple sh ows how to enable IG MP Imme diate[...]

  • Страница 567

    24-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configur ing TCN-Related Com mands These secti ons descr ibe how t o con trol fl ooded mult icast t raffic during a TCN ev ent: • Controlling the Multic ast Flooding T ime After a TCN Ev ent, [...]

  • Страница 568

    24-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping Beginn ing in pri vileged EXEC mode, follo w these steps to enable the switch to send the gl obal lea ve message whether or not it is the span ning-t ree ro ot: T o return to th e def ault qu[...]

  • Страница 569

    24-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Snooping Configuring th e IGMP S nooping Qu erier Follow these guideli nes wh en configuring t he IGMP snoo ping queri er: • Conf igure the VLAN in glob al conf iguration mode. • Conf igure an IP a d[...]

  • Страница 570

    24-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Configuring IGMP Snooping This exam ple sh ows how to set th e IGM P snoop ing q uerier s ource add ress to 10.0.0. 64: Switch# configure terminal Switch(config)# ip igmp snooping querier 10.0.0.64 Switch(config)# end[...]

  • Страница 571

    24-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Displaying IGMP Snooping Information Displaying IGMP Sn ooping Information Y o u can displa y IGMP snoopi ng inf ormat ion f or dyn amica lly le arned and st atica lly con figured rou ter ports and V LAN interfac es. Y o[...]

  • Страница 572

    24-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Underst anding Mu lticas t VLAN Regi stratio n For more inform ation abou t the keywords and option s in these comm ands, see the c ommand refe rence for th is re lease . Understandin g Multicast VLAN Regist ration Mu[...]

  • Страница 573

    24-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Understanding Multicast VLAN Registration Using MVR in a M ulticast Television Application In a multicast tel ev ision applica tion, a PC or a tele vision with a set-top box can re cei ve the multicast stream. Mult ip le[...]

  • Страница 574

    24-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Conf igurin g MVR When a subscriber chan ges channels or turns of f the tele v ision, the set-to p box sends an IGMP leav e message for t he multica st stream . The swi tch CPU sends a MAC-based general qu ery throu g[...]

  • Страница 575

    24-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring MVR MVR Configuratio n Gu idelin es and Limitatio ns Foll ow these guidelines whe n conf iguring MVR: • Receiver ports can onl y be acc ess ports; th ey cannot be trunk ports. Receiv er port s on a switc h [...]

  • Страница 576

    24-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Conf igurin g MVR T o return the switch to its defa ult settings, use the no mvr [ mode | group ip-ad dress | querytime | vlan ] global configurat ion comm ands. This e xample sho ws ho w to enable MVR, con fig ure th[...]

  • Страница 577

    24-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring MVR T o return the interfa ce to its default setti n gs, use the no mvr [ ty pe | immediate | vlan vlan-i d | gro up ] interf ace c onfig uration co mmands. This exam ple sh ows how to co nfigure a port a s a[...]

  • Страница 578

    24-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Disp lay ing MVR In fo rmat ion Displaying MVR Information Y ou can display MVR informatio n for the switch o r for a specif ied in terface. Beg inning in pri vile ged EXEC mode, use th e comm ands in Ta b l e 2 4 - 6[...]

  • Страница 579

    24-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling IGMP f iltering is applicab le only to the dynamic lea rning of IP multicast group add resses, not static configurat ion. W ith the IGMP thro ttling feat ure, yo u can set t he m[...]

  • Страница 580

    24-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Con figur ing IGM P Fil te ring and Thro ttli ng • permit : Spec ifie s that m atching addr esses are p ermitted. • rang e : Specif ies a ra nge of IP add ress es for the pr of ile. Y ou can en ter a singl e IP ad[...]

  • Страница 581

    24-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Configuring IGMP Filtering and Throttling Switch# show ip igmp profile 4 IGMP Profile 4 permit range 229.9.9.0 229.9.9.0 Applying IGMP Profil es T o c ontro l acc ess as d efined in an IGM P profile, u se th e ip igmp fi[...]

  • Страница 582

    24-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Con figur ing IGM P Fil te ring and Thro ttli ng Beginning in privileged EX EC mo de, fol low these steps to se t the m aximum nu mber o f IGMP gr oups in the forw arding tabl e: T o remov e the maximu m group limita [...]

  • Страница 583

    24-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 4 Configuring IGMP Sno oping and M VR Displaying IGMP Filtering and Throttling Configuration Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure the thr ottling action when the maxim um numbe r of entrie s is in the f orwarding table : T o[...]

  • Страница 584

    24-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 24 Configu ring IG MP Snoop ing and MV R Displaying IGMP Filterin g and Thro ttling Configu ration[...]

  • Страница 585

    C HAPTER 25-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 25 Configuring IPv6 MLD Snooping Y ou can use Multicast Listener Disc ov ery (M LD) snoopin g to ena ble ef ficien t distrib ution of IP V ersion 6 ( IPv6) multicast data to clients and routers in a switched netw ork on the Catalyst 3750-E or 3560- E sw itch. [...]

  • Страница 586

    25-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Underst anding ML D Snoopin g MLD is a protoco l used b y IPv6 multica st routers to disco ver the pre sence of multic ast listeners ( nodes wishing to re cei ve IPv6 multi cast pack ets) on t he links th at a re dire ctly atta[...]

  • Страница 587

    25-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Unde rsta ndi ng MLD Snoo ping MLD Mess ages MLDv1 sup ports three ty pes of message s: • Listen er Querie s are the equ i v alent of IGM Pv2 quer ies and are ei ther General Quer ies or Multicast -Address-Spec ific Queries [...]

  • Страница 588

    25-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Underst anding ML D Snoopin g Multicast Rou ter Disc overy Like IG MP sn ooping, MLD s noopi ng perfo rms m ultica st r outer d iscovery , with these char acter istics: • Ports c onfigured by a user never age out. • Dynamic[...]

  • Страница 589

    25-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Configuring IPv6 MLD Snooping The numbe r of MASQs ge nerated is configured by using the ipv6 mld sno oping last-listener -query count global con figuration co mmand . The de fault numb er is 2. The MASQ i s sent to the IPv6 m[...]

  • Страница 590

    25-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Configur ing IPv6 MLD Snoo ping Default MLD S noopi ng Configuration T ab le 25-1 shows the default ML D sno oping configu ration. MLD Snoo ping Co nfig uration Guidelines When configur ing MLD snoopi ng, c onsider the se guid [...]

  • Страница 591

    25-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Configuring IPv6 MLD Snooping Enabling o r Disab ling MLD Sn ooping By default, IPv6 M LD sno oping i s globa lly d isabled on the switch and e nabled on al l VLAN s. When MLD snoop ing is glob ally disa bled, it is also disab[...]

  • Страница 592

    25-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Configur ing IPv6 MLD Snoo ping Configuring a Sta tic Multicast Group Hosts or La yer 2 port s normal ly join m ulticast groups dyna micall y , but you can also sta tically configure an IPv6 mu lticast addre ss and membe r port[...]

  • Страница 593

    25-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Configuring IPv6 MLD Snooping Beginn ing in pri vileged EXEC mode, follo w these steps to add a multicast rou ter port to a VLAN: T o remov e a multic ast router por t from the VLAN, u se the no ipv6 mld snooping vlan vl an-i [...]

  • Страница 594

    25-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Configur ing IPv6 MLD Snoo ping Configur ing MLD Snooping Queries When Imme diate Le ave i s not en abled an d a port rece iv es an MLD Done message , the swit ch generat es MASQs on th e port and sends them to the I Pv6 multi[...]

  • Страница 595

    25-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 5 Configuring IPv6 M LD Snooping Displaying MLD Snooping Information This exam ple sh ows ho w to set the MLD sn oopi ng globa l robustness variab le to 3: Switch# configure terminal Switch(config)# ipv6 mld snooping robustness-variable 3 Switch(config)# exi[...]

  • Страница 596

    25-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 25 Configuring IPv6 MLD Snooping Display ing MLD Sn ooping Inf ormation T a ble 25-2 Commands for Displ aying MLD Snoopi ng Inf or mation Comma nd Purpos e show ipv6 ml d snooping [ vlan vlan-id ] Display t he MLD snoopi ng configurat ion informa tion fo r al[...]

  • Страница 597

    C HAPTER 26-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 26 Configuring Port-Base d Traffic Control This chap ter de scribe s ho w to conf igure the por t-base d traf fic contro l featur es on the Catalys t 3750- E or 3560- E sw itch. Unl ess oth erwise noted, the te rm switch refers to a Cataly st 3750- E or 3560-E[...]

  • Страница 598

    26-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Storm Control Storm cont rol use s one of th ese meth ods to measu re t raf f ic acti v ity: • Bandwidth as a perc entage of the tot al av ailable bandwidth of the port that can be used b y the broadca s[...]

  • Страница 599

    26-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Config uring Storm Cont rol Y o u use the storm-control in terfa ce conf iguration comm ands to set the threshold v alue for eac h traf fic type. Default Storm Control Configuration By default, unicast, broad cast, a[...]

  • Страница 600

    26-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Storm Control Step 3 sto rm- contr ol { broadc ast | multic ast | unicast } le vel { le vel [ level-low ] | bps bps [ bps-low ] | pps pps [ pps-low ]} Configure broa dcast, m ultica st, or unica st storm c[...]

  • Страница 601

    26-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Configuring Protected Ports T o disabl e stor m contro l, use the no storm-contro l { broadcast | multicast | unicast } level interface configurati on c ommand. This exa mple shows how to ena ble un icast stor m c on[...]

  • Страница 602

    26-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configur ing Port Block ing Prot ected P ort Con figuration Guidelines Y o u can co nfigure prote cted ports on a physic al int erface (fo r example, Gigabi t Ether net port 1) or an Ether Channel group (for example, [...]

  • Страница 603

    26-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity Default Port Blocki ng Configuration The default is to not b lock flooding o f unknown multicast and u nicast traff ic out o f a port, but to flood these pac kets to a ll ports. Blocking [...]

  • Страница 604

    26-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security These sect ions co ntain this co ncept ual and con figuratio n in format ion: • Understa nding Po rt Sec urity , page 2 6-8 • Default Por t Security C onfiguration , page 26-10 • Port S[...]

  • Страница 605

    26-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity If st icky lear ning is d isab led, the stic ky se cure M A C addr esse s ar e co nv erted to dyn am ic sec ure addresse s and a re rem oved from th e ru nning c onfiguratio n. The maxi m[...]

  • Страница 606

    26-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security Default Port Security Configuration T ab le 26-2 shows the def ault port security con figurat io n for an interfac e. Port Secu rity Con figuration Guidelines Foll ow these g uidelines whe n[...]

  • Страница 607

    26-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity • A secu re p ort ca nnot be a priv ate-V LAN p ort. • When y ou enab le por t secu rity on an i nterface t h at i s also config ured w ith a v oice VLAN, s et t he maxim um allowed [...]

  • Страница 608

    26-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security Enabling a nd Con figuring Port S ecurity Beginn ing in pri vileged EXE C mode, follo w these steps to restrict input to an interface b y limiting and identify ing MA C addresses of the stat[...]

  • Страница 609

    26-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity Step 7 switchport port-security violation { protec t | r estrict | shutdown | shutdown vlan } (Optiona l) Set the vi olatio n mode, the action to be taken when a sec urity violatio n is [...]

  • Страница 610

    26-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security Step 8 switchport port-security [ mac-addre ss mac-address [ vlan { vlan-id | { access | voice }}] (Optional) Ent er a secure MA C address for the interface . Y ou can use this comman d to e[...]

  • Страница 611

    26-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity T o return the in terface to the def ault conditi o n as not a secure port, use the no switchport port-security interf ace conf iguration com mand. If you enter this co mmand when sticky[...]

  • Страница 612

    26-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Configuring Port Security Switch(config-if)# switchport port-security mac-address 0000.0000.0003 Switch(config-if)# switchport port-security mac-address sticky 0000.0000.0001 vlan voice Switch(config-if)# switchport [...]

  • Страница 613

    26-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 6 Configuring Port-B ased Traff ic Control Conf iguring Po rt Secur ity T o di sable port se curity agi ng for all sec ure addr esses on a port, use the no switchport port-security aging tim e interfac e conf iguratio n comma n d. T o di sabl e aging for onl[...]

  • Страница 614

    26-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 26 C onfiguring Port-Based Traffic Control Displaying Port-Base d Traffic Cont rol Settings Switch(config-if)# switchport mode private-vlan promiscuous Switch(config-if)# switchport port-security maximum 288 Switch(config-if)# switchport port-security Switch([...]

  • Страница 615

    C HAPTER 27-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 27 Configuring CDP This c hapter d escrib es how to configure Cisco Discovery Prot ocol ( CDP) o n the Catalyst 3750-E or 3560- E sw itch. Unl ess oth erwise noted, the te rm switch refers to a Cataly st 3750- E or 3560-E standalo ne swit ch and to a Catalyst [...]

  • Страница 616

    27-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 27 Co nfigu ring CD P Conf igurin g CDP CDP and Switch Stacks A switch stack ap pears as a single s witch in the netw ork. Theref ore, CDP dis cov ers the switc h stack , not the individual stack mem bers. Th e switch stac k sends CDP message s to neighbor in[...]

  • Страница 617

    27-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 7 Configuring CDP Config uring CDP Use the no form of the CDP commands to return to the de fault settings . This e xample sho ws how to confi gure CDP charac teristic s. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdtime 120 [...]

  • Страница 618

    27-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 27 Co nfigu ring CD P Conf igurin g CDP This example shows how to enable CDP if it has been di sabled. Switch# configure terminal Switch(config)# cdp run Switch(config)# end Disabling an d Enab ling CDP on a n Interfac e CDP is enabled by def ault on all supp[...]

  • Страница 619

    27-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 7 Configuring CDP Monitoring and Maintaining CDP Monitoring and Maintaining CDP T o m onito r and m aintai n CDP on your device, per form one or mor e of these tasks, begi nning in privileged EXEC mode . Command Description clear cdp counters Reset the traf f[...]

  • Страница 620

    27-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 27 Co nfigu ring CD P Monito ring and Mai ntainin g CDP[...]

  • Страница 621

    CH A P T E R 28-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 28 Configuring LLDP and LLDP-MED This c hapter describ es how to c onfigure the L ink La yer D iscovery Protoc ol (LL DP) an d LLDP Media Endpoin t Discovery ( LLDP-M ED) on the Cata lyst 3 750-E or 3560-E switc h. Unl ess ot herwis e note d, the term swit[...]

  • Страница 622

    28-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 8 Configur ing LLDP an d LLDP-MED Underst anding L LDP and LLDP- MED LLDP sup ports a set of att ributes tha t it uses to discover neighbo r devices. The se at trib ut es co nt a in t ype , length, and v alue descriptions and are referred to as TL Vs. LL DP [...]

  • Страница 623

    28-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 8 Configuring LL DP and LLD P-MED Config uring LLDP and LLDP-MED Note LL DP and LLD P-MED cannot operat e simultane ously in a network. By de fault, a network device send s only L LDP pack ets unt il it recei ves LLD P-MED packets f rom an end point de vice. [...]

  • Страница 624

    28-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 8 Configur ing LLDP an d LLDP-MED Configur ing LLDP a nd LLDP-M ED Use the no form of each of the LL DP commands to return to the de fault setting. This e xample sho ws ho w to conf igure LLD P character istics. Switch# configure terminal Switch(config)# lld[...]

  • Страница 625

    28-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 8 Configuring LL DP and LLD P-MED Config uring LLDP and LLDP-MED This exam ple sh ows how to disab le LL DP . Switch# configure terminal Switch(config)# no lldp run Switch(config)# end This exampl e sh ows how to enabl e L LDP . Switch# configure terminal Swi[...]

  • Страница 626

    28-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 8 Configur ing LLDP an d LLDP-MED Configur ing LLDP a nd LLDP-M ED Configurin g LLDP-M ED TL Vs By def ault, the switch only sends LLDP packets u ntil it recei ve s LLDP-MED p ackets f rom the end device. The device conti nues to send L LDP-M ED pa ckets un [...]

  • Страница 627

    28-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 8 Configuring LL DP and LLD P-MED Monitoring and Maintaining LLDP and LLDP-MED Monitoring and Main taining LLDP an d LLDP-MED T o mon itor and mainta in LLDP a nd LLD P-MED on you r device, perfo rm one or more of these tasks , beginning in pr i vileged E XEC[...]

  • Страница 628

    28-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 2 8 Configur ing LLDP an d LLDP-MED Monito ring and Ma intainin g LLDP and LLDP-M ED[...]

  • Страница 629

    C HAPTER 29-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 29 Configuring UDLD This c hapter descri bes how to c onfigure t he Un iDirec tional Link D etect ion (U DLD) protoc ol on t he Catalyst 3750-E or 356 0-E sw itch. Unl ess otherw ise note d, the term switch refers t o a Cat alyst 375 0-E or 3560- E stan dalo n[...]

  • Страница 630

    29-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 29 Configuring UDLD Underst andin g UDLD A unidirectio nal link occurs wh ene ve r traff ic sent by a local de vice is recei ved by its neighbor but traf fic from the neighb or is not recei ved by the lo cal de vice. In norm al mode, UDL D detect s a unidirec [...]

  • Страница 631

    29-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 9 Configuring UD LD Configur ing UDLD • Ev ent-dr i ven detect ion and ec hoing UDLD re lies on echo ing a s its detectio n mechan ism. Whene ver a U DLD de vice le arns ab out a n e w neighb or or receives a resynchro nizat ion requ est from an out-of -syn[...]

  • Страница 632

    29-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 29 Configuring UDLD Conf igu rin g UDLD • Ena bling UDLD on an Inter fa ce, pa ge 29-6 • Resetti ng an Inte rface Disab led by UDLD, pa ge 29-6 Default UDLD Configuration T ab le 29-1 shows the default U DLD configurati on. Configuratio n Guidelines These [...]

  • Страница 633

    29-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 9 Configuring UD LD Configur ing UDLD Enabling UDL D Globally Beginn ing in pri vileged EXEC mode, follo w these steps to enable UDLD in the aggr essiv e or normal mode a nd to se t th e co nfigurable m essag e time r on all fiber-optic p orts on the switch a[...]

  • Страница 634

    29-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 29 Configuring UDLD Conf igu rin g UDLD Enabling UDL D on an Inte rface Beginn ing in p ri vileg ed EXEC mode, fo llo w thes e steps ei ther to enable U DLD in t he aggressi ve or normal m ode o r to d isable U DLD on a po rt: Resetting an Interface Disabled b[...]

  • Страница 635

    29-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 2 9 Configuring UD LD Displaying UDLD Status Displaying UDLD Status T o display th e UDLD stat us for the specif ied port or for all port s, use the show udld [ interface-id ] pri vileged EXEC comman d. For detaile d informat ion about the f ields in the comman[...]

  • Страница 636

    29-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 29 Configuring UDLD Displa ying U DLD Sta tus[...]

  • Страница 637

    C HAPTER 30-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 30 Configuring SPAN and RSPAN This chap ter de scribe s ho w to conf igure Switched Port Analyze r (SP AN) an d Remote SP AN (RSP AN) on the Cataly st 3750-E or 35 60-E switc h. Unless other wise note d, the term switc h refers to a Catalyst 375 0-E or 3560-E [...]

  • Страница 638

    30-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N These sect ions co ntain this co nceptu al in forma tion: • Local SP AN, page 30-2 • Remo te SP AN, page 30-3 • SP AN and RSP AN Conce pts and T erminology , page 30 -4 • SP AN and RSP AN Int[...]

  • Страница 639

    30-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understandi ng SPAN and R SPAN Figur e 30-2 Example o f Local SP AN Configu ration on a S witch Stac k Remote S PAN RSP AN su pports s ource ports, source VLANs, and destina tion port s on different swi tches (or different switch s[...]

  • Страница 640

    30-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N Figur e 30-3 Example o f RSP AN Co nfigur ation SPAN and RS PAN Conc epts a nd Terminology This secti on descri bes conce pts an d terminology associat ed with SP A N and RSP AN co nfiguration. SPAN [...]

  • Страница 641

    30-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understandi ng SPAN and R SPAN An RSP AN source session is ver y similar to a lo cal SP AN sessi on, ex cept for where the pack et stream is directe d . In an R SP AN source session, SP AN packe ts are rela beled with the RSP AN VL[...]

  • Страница 642

    30-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N • T r ans mit (T x) SP A N—Th e goal of tr ansmi t (or egress) SP AN is to monit or as mu ch as poss ible a ll the p ackets sent by the so urce i n terf ace after al l modif ication and p rocess [...]

  • Страница 643

    30-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understandi ng SPAN and R SPAN A sourc e port has th ese ch arac te ristic s: • It can be m onitored in multiple SP AN sessions. • Each s ource port can be configu red wit h a direc tion (i ngress, egress, o r both) to monit or[...]

  • Страница 644

    30-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understan ding SPAN and RSPA N Destination Port Each local SP AN session o r RSP AN destination session must have a destination port (also called a monitoring port ) th at rece iv es a copy of traffic from the sour ce port s or VL[...]

  • Страница 645

    30-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Understandi ng SPAN and R SPAN RSPAN V LAN The RSP AN VLAN carr ies SP AN traff ic between RSP AN sourc e and d estination se ssions. It has these special ch aracter istics: • All traf fi c in th e RSP AN VLAN is al wa ys flood e[...]

  • Страница 646

    30-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN A physical port tha t belongs to an Ethe rChannel group can be con figured as a SP AN source port and still be a part of the Eth erChannel . In this case, data from the physic al port is monitor ed as i[...]

  • Страница 647

    30-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN Default SPAN and R SPAN Configura tion T ab le 30-1 shows the default SP AN and R SP AN configuration . Configuring Local SPAN These sec tions co ntain this co nfiguration info rmat ion: • SP AN Co [...]

  • Страница 648

    30-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN • Y o u can limi t SP AN traff ic to specific VLAN s by using the filter vlan keyword. I f a tr unk po rt is being monitored , only traff ic on the VLANs specif ied with this ke yword is monito red. B[...]

  • Страница 649

    30-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN T o delete a SP AN session, use the no monitor session se ssion_numb er globa l configura tion comm and. T o r emove a source or d estinati on port or VL AN fr om the SP AN session, use the no mo nito[...]

  • Страница 650

    30-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN This example shows how to remov e any e xisting configuration on SP A N session 2, configure SP AN session 2 to moni tor rec eiv e d traff ic on all ports belo nging to VLA Ns 1 throug h 3, and sen d it[...]

  • Страница 651

    30-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN T o delete a SP AN session, use the no monitor session se ssion_numb er globa l configura tion comm and. T o r emove a source or d estinati on port or VL AN fr om the SP AN session, use the no mo nito[...]

  • Страница 652

    30-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o monitor all VLANs on the trunk port, use the no monitor session sessi on_num ber filt er glob al configurati on c ommand. This example shows how to remov e any e xisting configuration on SP A N sess[...]

  • Страница 653

    30-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN • Y ou can apply a n output A CL to RSP AN traff ic to select i vely f ilter or m onitor specifi c packe ts. Specify these A CLs on the RSP AN VLAN in the RSP AN source switch es. • For RSP AN con[...]

  • Страница 654

    30-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o remo ve the remo te SP AN c haracteristi c from a VLAN an d con ver t it ba ck to a normal VLAN, us e the no r e mote-s pan VLAN co nfigurati on comm and. This exam ple sh ows how to crea te RSP AN [...]

  • Страница 655

    30-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN T o delete a SP AN session, use the no monitor session sess ion_numbe r glob al configur ation c omma nd. T o rem ove a source port or VLAN fro m the SP AN sess ion, use the no monitor session sessio [...]

  • Страница 656

    30-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN session, use the no monitor session se ssion_numb er globa l configura tion comm and. T o r emove a destinat ion por t from the SP AN session, use the no monitor session session_num b[...]

  • Страница 657

    30-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Conf igur ing SPAN an d RSPAN T o delete an RSP AN session, use the no monitor session session_number global configuration comman d. T o remove a destinati on port from the RSP AN session, use t he no monitor se ssion session_num [...]

  • Страница 658

    30-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Specifying VLANs to Filter Beginning in privileged EXEC mo de, follow these steps to con figure the RSP AN source session to limit RSP AN source traf f ic to specif ic VLANs: T o monitor all VLANs on th[...]

  • Страница 659

    30-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Displa ying SPAN an d RSPA N Status Displaying SPAN and RSPAN Status T o display the current SP AN or RSP AN conf iguration, use the show monitor user EXEC co mmand . Y o u can also use the show running-conf ig pri vileged EXE C c[...]

  • Страница 660

    30-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 30 Configuring SPAN and RSPAN Display ing SPAN and RSPAN Status[...]

  • Страница 661

    C HAPTER 31-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 31 Configuring RMON This ch apt er descri bes how to configure Remote Network Monit oring ( RMON) on the Ca talyst 3750 -E or 3560- E sw itch. Unl ess oth erwis e noted, the t erm switch refers to a Catalyst 3750- E or 3560-E standalo ne swit ch and to a Catal[...]

  • Страница 662

    31-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 31 Configuring RM ON Conf igu rin g RMON Figur e 31 -1 Remote Mo nito r ing Ex ample The switc h supports these RM ON groups (defined in RFC 1757) : • Statistics ( RMON group 1)—Collects E thernet statistic s (includi ng Fast Ethernet and Giga bit Ethern e[...]

  • Страница 663

    31-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 31 Configur ing RMON Confi guring R MON Default RMON Configuration RMON is disa bled by default ; no alarms or events are configur ed. Configuring R MON Alarms a nd Events Y o u can configure you r swit ch for RMO N by using the c omma nd-li ne int erface (CLI [...]

  • Страница 664

    31-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 31 Configuring RM ON Conf igu rin g RMON T o disable an alarm, use the no rmon al arm number glo bal con figuration c omma nd on ea ch ala rm you configured . Y ou ca nnot di sable at on ce al l the a larms that yo u con figured. T o disa ble a n event, use th[...]

  • Страница 665

    31-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 31 Configur ing RMON Confi guring R MON Collectin g Group Hist ory St atistics on an Interface Y o u must first configure RM ON a larms and events to display colle ction i nforma tion. Beginning i n privileged E XEC mo de, follow these s teps to coll ect group [...]

  • Страница 666

    31-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 31 Configuring RM ON Displa ying R MON Sta tus T o disa ble t he coll ection o f gr oup E thern et sta tistics, use the no rmon collection stats inde x i nterf ace configurati on c ommand. This e x ample sho ws how to collec t RMON statistic s for the o wner r[...]

  • Страница 667

    C HAPTER 32-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 32 Configuring System Message Logg ing This c hapter d escrib es how to configure system me ssage l ogging on the Catal yst 3750 -E or 3560-E swit ch. Unless othe rwise not ed, the term switch refers to a Catalyst 3750 -E or 35 60-E standa lone swi tch and to [...]

  • Страница 668

    32-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging Y ou can access logg ed system messages by usin g the switch co mmand- line inter face (C LI) or by sav ing them to a properly configured syslog server . The switch software sa ves [...]

  • Страница 669

    32-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng T ab le 32-1 describes the elemen ts of syslog messages . This exam ple sh o ws a p artial s witch system m essage for a stack master and a stack member (hos tname Switc h-2 ): 00:0[...]

  • Страница 670

    32-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging *Mar 1 18:46:11: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) 18:47:02: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36) *Mar 1 18:48:50.483 UTC: %[...]

  • Страница 671

    32-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng Disabling the loggin g process ca n slo w do wn the switch beca use a proce ss must wai t until the messages are writte n to the console b efore c ontinuing. When the loggin g proce[...]

  • Страница 672

    32-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging The logging buffered g loba l configur ation comm and c opies l ogging messa ges to a n inte rnal buffer . T he b uf fer is circular , so ne wer messages o verwri te older message s[...]

  • Страница 673

    32-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng Beginning i n privileged EX EC mo de, fol low these s teps t o configure s ynchr onous log ging . This procedur e is optional. T o disa ble synch ronizat ion of unsolic ited messa g[...]

  • Страница 674

    32-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging Enabling a nd Disab ling Time S tamps on Log M essages By default, log message s are not time-stam ped. Beginning in privileged EXEC mo de, follow these steps to enab le time-st amp[...]

  • Страница 675

    32-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng T o di sable seq uenc e numbers, use the no service seque nce-numbers global co nfiguration c omman d. This example shows part of a logging displa y with seque nce numbe rs enabl ed[...]

  • Страница 676

    32-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging T ab le 32-3 descr ibes the le vel keywords. It a lso lists the cor respo nding U NIX s yslog definition s from the most se vere le vel to the least se ve re le vel. The sof tware [...]

  • Страница 677

    32-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng Beginn ing in p ri vilege d EXEC m ode, follo w these st eps to ch ange the lev el and history table si ze defaults. T his proc edure i s option al. When the histor y table is full[...]

  • Страница 678

    32-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Configur ing System Message L ogging Beginning i n privileged E XEC mo de, follow these s teps to enabl e con figuration loggin g: This e xample sho ws how to enable the conf iguration -change logger an d to set the n[...]

  • Страница 679

    32-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 2 Configuring Syste m Message L ogging Config uring S ystem Mess age Loggi ng Log in as r oot, and perf orm the se steps: Note Som e recent versi ons of UNIX sysl og daemons no longer accept by default syslo g packets from th e networ k. If this is the case [...]

  • Страница 680

    32-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 3 2 Configur ing Syste m Message Logg ing Display ing the Log ging Confi guration T o remo ve a sys log serv er , use the no logging host global configuratio n comma nd, and sp ecify the syslog server IP address. T o disa bl e loggi ng to syslog ser vers, ent[...]

  • Страница 681

    C HAPTER 33-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 33 Configuring SNMP This chapt er describ es ho w to configure the Simpl e Network Manage ment Proto col (SNMP) on th e Catalyst 3750-E or 356 0-E sw itch. Unl ess otherw ise note d, the term switch refers to a Cata lyst 375 0-E or 3560- E stan dalo ne swit ch[...]

  • Страница 682

    33-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Underst anding SNM P These sect ions co ntain this co nceptu al in forma tion: • SNMP V e rsions, pa ge 33-2 • SNMP Manage r Functions, page 33-3 • SNMP Agent Functions, pa ge 33-4 • SNM P Co mmuni ty Str ings , p age 33- 4 • Usi[...]

  • Страница 683

    33-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Understanding SNMP T ab le 33-1 identif ies the charac teristics of the diff erent combina tions of security models and le vels. Y o u must configure t he SNMP age nt to use the SNMP versio n supporte d by the manageme nt stati on. Because [...]

  • Страница 684

    33-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Underst anding SNM P SNMP Agen t Fun ctions The SNMP a gent respond s to SNMP manager requests as follows: • Get a MIB v a riable—Th e SNMP agent be gins this function in response to a requ est from the NMS. The agen t retri ev es the [...]

  • Страница 685

    33-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Understanding SNMP As shown in Figur e 33-1 , the S NMP agen t gather s data f rom the MIB. Th e agent c an send tr aps, o r notification of c ertain events, to the SNMP ma nager, which receives and processes th e traps. Traps alert the SNM[...]

  • Страница 686

    33-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP SNMP ifIndex MIB Object Values In an NMS, the IF-MIB g ener ates and a ssigns an inte rface index (if Index) obje ct value th at is a unique number gre ater than zero to ident ify a physica l or a logica l interfac e. Wh[...]

  • Страница 687

    33-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP Default SNMP Configuration T ab le 33-4 shows the default SNM P configurat ion. SNMP Config ura tion Guidelines If the swi tch star ts and the wit ch star tup conf iguration h as at least o ne snmp-server global configurati[...]

  • Страница 688

    33-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP in v alid, and you ne ed to r econfigure SN MP users by usi ng the snm p-se rver user usern ame global configurati on comm and. Similar restri ction s requi re the reco nfiguration of com munity string s when the engi ne[...]

  • Страница 689

    33-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP Beginning in privileged EXEC mod e, foll ow these steps to configure a co mmuni ty string on the switch: Note T o disabl e acce ss for an SNM P commu nity , set the commu nity string for that co mmuni ty to t he nu ll strin[...]

  • Страница 690

    33-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP This example shows how to assign the string co ma cces s to SNMP , to allo w read-onl y access, and to spec ify that IP acc ess list 4 can use the comm unity s tring to gain acc ess to the switch SNMP agent: Switch(conf[...]

  • Страница 691

    33-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP Step 3 snmp -server group gr oupnam e { v1 | v2c | v3 { auth | noauth | priv }} [ rea d re a d v i e w ] [ write writevi ew ] [ notify notifyvie w ] [ ac cess access -list ] Configure a ne w SNMP gro up on the remote devic[...]

  • Страница 692

    33-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP Configuring SNMP Notifications A trap manag er is a mana gement sta tion that re cei ves and pro cesses tr aps. T raps are sy stem aler ts that the switc h gener ates whe n cert ain events occu r . By de fault, no trap [...]

  • Страница 693

    33-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP cluster Gener ates a tr ap when the clu ster conf iguration chan ges. conf ig Gener ates a trap fo r SNMP conf iguration chang es. copy-co nf ig Gene rates a trap for SNMP copy co nfiguration ch anges. entity Gen erates a [...]

  • Страница 694

    33-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP Note Th ough visi ble in the command -line help str ings, t he cpu [ thresho ld ] keyword is not suppo rted on the Catalyst 37 50-E swi tch. Thoug h visible in the comm and- line help stri ngs, the cpu [ threshold ], fr[...]

  • Страница 695

    33-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Configuring SNMP The snmp-ser ver hos t comman d speci fies wh ich ho sts rec ei ve the no tif ications. T he snmp-serv er enab le trap command global ly enables the mech anism for the speci f ied notif ication (f or trap s and informs ). [...]

  • Страница 696

    33-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Conf igurin g SNMP Limiting TFTP Server s Used Thr ough SNM P Beginning i n privileged E XEC mo de, follow these s teps to lim it the TFTP servers u sed f or saving a nd loading c onfig uration f iles through SNMP to th e serv ers specif [...]

  • Страница 697

    33-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 33 Configur ing SNMP Disp la yin g S NM P S tatu s This e xample sho ws how to allow re ad-only access for all objec ts to members of access list 4 that use the coma ccess communi ty string. No other SNMP mana gers have access to any objects. SNMP Authentic at[...]

  • Страница 698

    33-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 33 Co nfiguring SNMP Displaying SNMP Status[...]

  • Страница 699

    C HAPTER 34-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 34 Configuring Network Security with ACLs This c hapter d escrib es how to configure network se curity on t he Cata lyst 37 50-E or 3560- E sw itch by using ac cess cont rol lists (A CLs), which in comm ands and tab les are also refe rred to as acce ss lists .[...]

  • Страница 700

    34-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Underst andin g ACLs Y o u configure acce ss lists on a rout er or Layer 3 swit ch to provide basic security fo r your networ k. If you do not c onfigure A CLs, al l packets pa ssing throug h the s witch co uld be allo[...]

  • Страница 701

    34-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Unde rsta ndi ng AC Ls • When an output router A CL and input p ort A CL ex ist in an SVI, incomin g pack ets recei ved on the ports to which a por t A CL is applied are f iltered by the por t A CL. Outgoing routed[...]

  • Страница 702

    34-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Underst andin g ACLs Figur e 34-1 Using A CLs to Contr ol T raff ic to a Netw ork When you apply a port A CL to a trunk port, the A C L filte rs traf f ic o n all VLANs present on the trunk port. When you apply a po rt[...]

  • Страница 703

    34-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Unde rsta ndi ng AC Ls As w ith p ort A C Ls, the swi tch exam ines ACLs asso cia ted wit h feat ures co nfigured on a given inte rface. Howe ver, router ACLs are suppo rted in both direc tions. A s pa ckets en ter t[...]

  • Страница 704

    34-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Underst andin g ACLs • Den y A CEs that check La yer 4 informatio n ne ver match a fragmen t unless th e fragme nt contains Layer 4 infor mati on. Consid er acc ess list 10 2, co nfi gured with these command s, ap pl[...]

  • Страница 705

    34-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Stack memb ers perfor m these ACL functions: • The y recei ve the A CL informat ion from the master switc h and program their har dwar e. • The y act as standby swit ches, r eady t o tak e o[...]

  • Страница 706

    34-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Creating Stan dard and Exten ded IPv4 AC Ls This sec tion describ es IP ACLs. An ACL is a seque ntial collect ion of perm it and de ny condi tions. O ne by one, the switch tes ts pack ets again[...]

  • Страница 707

    34-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Note In addit ion to n umber ed standa rd and ex tended A CLs, you c an also creat e standa rd an d ext ended named IP A CLs by u sing th e sup ported numbers. That is, t he nam e of a standa rd[...]

  • Страница 708

    34-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Creating a Numbered Standard ACL Beginning in privileged EX EC mode, fol low these steps t o create a nu mbered st anda rd A C L: Use th e no access-list access-list- number g lobal co nf igur[...]

  • Страница 709

    34-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs The switch alwa ys re writes the order of standard a ccess lists so that entrie s with host matches and en tries with mat ches having a do n’t car e mask of 0.0.0.0 are mov ed to the top of t[...]

  • Страница 710

    34-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Beginn ing in pri vileged EXEC mode, follo w these steps to create an ex tended A CL: Command Purpo se Step 1 co nfi g ure terminal Enter glob al configura tion mo de. Step 2a a ccess-list ac [...]

  • Страница 711

    34-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs or access-list access- list-num ber { deny | permit } pr ot ocol any any [ prec edence pr ecedence ] [ tos tos ] [ fragmen ts ] [ log ] [ log-input ] [ time-r ange ti me-range-na me ] [ dscp ds[...]

  • Страница 712

    34-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Use the no access- list acc ess-list-number gl obal conf iguration comm and to delete the entire access list. Y o u canno t de lete in dividual ACEs from n umber ed a ccess l ists. This e x am[...]

  • Страница 713

    34-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs After c reating a numbered e xtended A CL, you can a pply it to terminal lin es (see th e “ Applying an IPv4 A CL to a T ermina l Line” s ecti on on pa ge 34-19 ), to interf aces (see the ?[...]

  • Страница 714

    34-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Beginning in privileged EXEC mo de, fol low these steps to crea te a stan dard A CL using na mes: T o remo ve a name d stand ard A CL, use th e no ip access-list standard name gl obal configu [...]

  • Страница 715

    34-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs When you ar e creat ing standa rd extende d A C Ls, reme mber tha t, by default, the end of the A CL contai ns an implicit de ny statement f or everything if it did no t find a mat ch befor e r[...]

  • Страница 716

    34-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Beginning i n privileged E XEC mo de, follow these steps to con figure a time- range parame ter fo r an AC L : Repeat the steps if you ha ve multiple items tha t you want in ef fect at dif fer[...]

  • Страница 717

    34-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs This exampl e uses name d A C Ls to perm it and deny the sa me traffic. Switch(config)# ip access-list extended deny_access Switch(config-ext-nacl)# deny tcp any any time-range new_year_day_200[...]

  • Страница 718

    34-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Beginning i n privileged EXEC mode, fo llow these st eps to restrict incom ing and outgoi ng conne ction s betwee n a virtual term inal line and th e ad dresses i n a n A CL: T o remo ve an A [...]

  • Страница 719

    34-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Beginn ing in p ri vilege d EXEC m ode, follo w these st eps to co ntrol acce ss to an interf ace: T o remo ve th e specif ied access gro up, use the no ip access-g roup { access-list-n umber |[...]

  • Страница 720

    34-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Hardware and Softw are Treatment of IP ACLs A CL pro cessing i s prima rily accomp lished in hardware, but require s for warding of some traffic flows to the CPU for sof tware proce ssing. If [...]

  • Страница 721

    34-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Use rout er ACLs to do this in one of two ways: • Crea te a stan dard ACL, and filter tr aff ic com ing to th e server from Port 1. • Create an ex tended A CL, and filte r traf fic coming f[...]

  • Страница 722

    34-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs Numbered ACLs In this e xample, net work 36.0.0.0 is a Class A netw ork whose seco nd octet spec ifie s a subnet; that is, its subnet ma sk is 255.2 55.0.0 . The thi rd and fou rth oct ets of [...]

  • Страница 723

    34-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring IPv4 ACLs Named ACLs Thi s e xampl e crea tes a standa rd A CL name d internet_f ilter an d an exten ded ACL name d marketing _gr oup . The internet_filter A CL allows all traffic from the sour ce ad dre[...]

  • Страница 724

    34-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Conf igu ring I Pv4 ACLs In this ex ampl e of a number ed A CL, the W inter and Sm ith work stations are not al lowed t o bro wse the web: Switch(config)# access-list 100 remark Do not allow Winter to browse the web S[...]

  • Страница 725

    34-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Creat ing N ame d MAC Ext end ed AC Ls This i s a an exam ple of a lo g for an ext ended A CL: 01:24:23:%SEC-6-IPACCESSLOGDP:list ext1 permitted icmp 10.1.1.15 -> 10.1.1.61 (0/0), 1 packet 01:25:14:%SEC-6-IPACCES[...]

  • Страница 726

    34-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Creating Nam ed MAC Ext ended ACL s Use the no mac access-list extended name glob al conf iguration comma nd to delete th e entire ACL. Y ou can a lso d elete individual ACEs from nam ed MAC extende d A CLs. This exam[...]

  • Страница 727

    34-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring VLAN Maps • A Laye r 2 interf ace can ha ve only one MA C access list. If you appl y a MA C acc ess list to a Lay er 2 interface that has a MA C A CL configu red, t he new ACL replaces the pr e viousl [...]

  • Страница 728

    34-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Configur ing VLAN M aps T o c reat e a V LAN m ap and appl y it t o one o r mor e VLA Ns, perform th ese steps: Step 1 Create th e standa rd or extende d IPv4 A CLs or name d MAC e xt ended ACLs that you want to appl [...]

  • Страница 729

    34-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring VLAN Maps • When a f r ame is L ayer -2 fo rwar ded within a pri vate VLA N, the same VLA N map is applie d at th e ingress side and at t he egress side. Wh en a frame is route d from insi de a private[...]

  • Страница 730

    34-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Configur ing VLAN M aps Examples of ACLs and VLAN Maps Thes e exam ples sho w ho w to create A CLs and VLAN maps th at for speci fic purpos es. Example 1 This example shows how to creat e an ACL and a VLAN map to de n[...]

  • Страница 731

    34-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring VLAN Maps Example 3 In thi s example, the V LAN map has a d efault a ction of drop for MAC packets an d a default a ction o f forw ard for IP pack ets. Used wit h MA C exten ded acc ess list s good-hosts[...]

  • Страница 732

    34-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Configur ing VLAN M aps Applying a VLAN Map to a VLAN Beginning in privileged EXEC mode, fo llow these steps to app ly a VL AN map to one or more VL ANs: T o remo ve the VL AN map, use th e no vlan f ilter m apname vl[...]

  • Страница 733

    34-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Configuring VLAN Maps Figur e 34-4 Wir ing Closet Configur ation If you do not want HTT P traff i c switched fr om Host X to Host Y , yo u can configure a VLA N map on Switch A to dr op all HT TP traffic from Host X[...]

  • Страница 734

    34-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Using VL AN Ma ps wi th Rout er AC Ls Figur e 34-5 Den y Access t o a Server on Anothe r a VLAN This exam ple sh ows how to deny acce ss to a server on anoth er VLA N by cre ating t he VLAN m ap SER V ER 1 that denies[...]

  • Страница 735

    34-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Using VLAN Maps with Router ACLs Note When you use ro uter A CLs with VLA N maps, pack ets that requir e logging o n the rou ter A CLs are not logged if the y are de nied b y a VLAN map. If the VLAN map h as a matc [...]

  • Страница 736

    34-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Using VL AN Ma ps wi th Rout er AC Ls Examples o f Router ACLs a nd VLA N Maps App lied to VL ANs This sec tion gives examples of a pply ing route r A C Ls and V LAN m aps to a VLAN for switc hed, bri dged, routed, an[...]

  • Страница 737

    34-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Using VLAN Maps with Router ACLs Figur e 34-7 Applying A CLs on Br idged P ack ets ACLs and Routed Packe ts Figure 34-8 sho ws ho w A CLs are applied on r outed pack ets. F or rout ed pack ets, the A CLs are applie [...]

  • Страница 738

    34-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Display ing IPv4 AC L Configu ration ACLs and Multicast Pa ckets Figure 34-9 shows ho w A CLs are ap plied on pa ckets that are replicated fo r IP multica sting. A multica st packet being rout ed has two di ff erent k[...]

  • Страница 739

    34-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 4 Configuring Netw ork Securit y with ACLs Displaying IPv4 ACL Configu ration Y ou can also d isplay i nformation a bout VLAN access ma ps or VLAN filte rs. Use t h e pri vileged EXEC comm ands in Ta b l e 3 4 - 3 to display VLA N map inf ormation. show ip i[...]

  • Страница 740

    34-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 34 Configuring Network Security with ACLs Display ing IPv4 AC L Configu ration[...]

  • Страница 741

    C HAPTER 35-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 35 Configuring IPv6 ACLs When the switch is running the adv anced IP services feature set, y ou can f ilter IP V ersion 6 (IPv6) traf fic by cre ating IPv6 access control lists (A CLs) and applying them to interf aces similarly to the way that you crea te and [...]

  • Страница 742

    35-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Underst andin g IPv6 ACL s Understandin g IPv6 ACLs A swit ch runnin g the advanced IP servi ces fe ature set su pports two types o f IPv6 A CLs: • IPv6 rout er ACLs are suppor ted on outboun d or inbound traffic on Lay er 3 interf[...]

  • Страница 743

    35-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 5 Configuring IPv 6 ACLs Understanding IPv6 ACLs Supporte d ACL F eatures IPv6 A CLs on the switch hav e these characteristics: • Fragme nted frame s (t he fragments keyword as in IPv4) are supporte d. • The sa me sta tistics su pport ed in IPv4 a re supp[...]

  • Страница 744

    35-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Conf igu ring I Pv6 ACLs If a ne w switch tak es ove r as stack master , it distrib utes the AC L conf iguration to all stac k members. The memb er switch es sync up the configu ration dis tributed by the new stack mast er and flush [...]

  • Страница 745

    35-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 5 Configuring IPv 6 ACLs Configuring IPv6 ACLs • If the hard ware me mory is full, for an y additio nal conf igured A CLs, pack ets are forw arded to the CPU, an d th e A C Ls ar e ap plied in sof tware. • The imple menta tion of IPv6 A CLs on Cataly st 3[...]

  • Страница 746

    35-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Conf igu ring I Pv6 ACLs Step 3a { deny | permit } pr o tocol { source-ipv6-pref ix / p r efix-length | any | host sour ce-ipv 6-address } [ operator [ port- number ]] { destination-ipv6 -pr efix / pref i x-le ngth | any | host desti[...]

  • Страница 747

    35-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 5 Configuring IPv 6 ACLs Configuring IPv6 ACLs Step 3b { deny | permit } tc p { source-ipv6-pref ix / p r efix-length | any | host sour ce-ipv 6-address } [ operator [ port- number ]] { destination-ipv6 - pr ef ix / pref ix-leng th | any | host destination-ip[...]

  • Страница 748

    35-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Conf igu ring I Pv6 ACLs Use the no { deny | permit } IPv 6 access- list configur ation commands wi th keywords to remove the deny or permit conditio ns from the specif ied access list. This example configures the IPv6 a ccess list n[...]

  • Страница 749

    35-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 5 Configuring IPv 6 ACLs Displaying IPv6 ACLs Use the no ipv6 traf fic-f ilter access-list-name interface con f igurat ion comm and to remo ve an acce ss list f rom an interf ace. This example shows how to ap ply the acc ess list Cisco to outbound tr affi c o[...]

  • Страница 750

    35-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapte r 35 Configuri ng IPv6 ACLs Displa ying I Pv6 ACL s[...]

  • Страница 751

    C HAPTER 36-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 36 Configuring QoS This chapte r describes ho w to conf igure quality of service (QoS) b y using automat ic QoS (auto-QoS) comman ds or by using standa rd QoS c ommand s on t he Catalyst 3750-E or 3 560-E swi tch. With QoS, you can p rov ide prefe rential tr e[...]

  • Страница 752

    36-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Understandin g QoS T ypically , networks operate on a best-ef fort deli very basis, wh ich mean s that a ll traf fic ha s equal priority and an equ al chance of being deli vere d in a timely manner . When cong estion [...]

  • Страница 753

    36-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Figur e 36-1 QoS Class ificatio n Lay ers in F rames and P ack ets All swi tches and ro uters that a ccess the Inte rnet rely on the cla ss inf ormation to pro vide the sam e forwar ding treatm ent to pack ets with t he[...]

  • Страница 754

    36-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Figure 36-2 sh o ws the basic QoS model. Ac tions at the ingress port incl ude classifying traff ic, policing, markin g, qu eueing , an d s chedul ing: • Classifying a distinct p ath for a pack et by associati n g i[...]

  • Страница 755

    36-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Classification Classification is the pro cess of distingu ishing one kind of traffic from anothe r by e xamin ing the fields in the packe t. Classif ication is enabled only if QoS is globally enabled on the switch . By [...]

  • Страница 756

    36-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS After cla ssification, th e pac ket is sent to the polic ing, marki ng, and the ing ress queue ing and schedul ing stag es. Figur e 36-3 Classific ation Flo wch art 86834 Generate the DSCP based on IP precedence in pa[...]

  • Страница 757

    36-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Classification Based on QoS ACLs Y o u can u se IP st andard , IP exten ded, or Laye r 2 MAC A C Ls to de fine a group of pa ckets wit h the same char act eris tics ( class ). In the QoS conte xt, the permit and deny ac[...]

  • Страница 758

    36-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS The po licy map can cont ain the police and polic e aggregate policy- map cla ss configurati on com mand s, which def ine the polic er , the bandwidth li m itation s of the tra ff ic, and the action to take if the lim[...]

  • Страница 759

    36-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Policing on Physical Ports In policy m aps o n physic al por ts, y ou can create these types of pol icers: • Indi vidual—QoS applies the bandwid th limits spe cif ied in th e policer separately to eac h matched traf[...]

  • Страница 760

    36-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Figur e 36-4 P olicing and Mar king Flo wch art o n Ph ysical P orts Policing on SVIs Note Be fore configuring a hi erarc hical pol icy map with ind i vidua l policers on an SVI, you must en able VLAN-based QoS on th[...]

  • Страница 761

    36-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS When co nf iguring polic ing on an SVI, yo u can cr eate a nd conf igure a hie rarchic al polic y map with the se two le vels: • VLAN le ve l—Create this primary le vel by conf iguring class maps and classes that s[...]

  • Страница 762

    36-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Mapping T ables During Qo S processing, the switc h represe nts the pri ority of a ll traff ic (inclu ding non- IP traff ic) with a n QoS label base d on the DSCP or CoS value from the classification st age: • Duri[...]

  • Страница 763

    36-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Queuein g and S chedulin g Overview The swi tch has queue s at specif ic points to help pre vent con gestion as s ho wn in Figure 36-6 and Figure 36-7 . Figur e 36-6 Ingr ess and Egr ess Queue Lo cation on Catalyst 375[...]

  • Страница 764

    36-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Weighted Tail Drop Both the in gress an d e gress qu eues use an enhan ced ve rsion of the tail-dr op cong estion -a voidance mecha nism ca lled weight ed ta il dr op (WTD ). WT D is impleme nted o n que ues t o mana[...]

  • Страница 765

    36-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS In shar ed mod e, the queues share th e band width am ong th em ac cordi ng to the configured weight s. The bandwidt h is guarante ed at t his level but not limit ed to i t. For example , if a queue i s emp ty and n o [...]

  • Страница 766

    36-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Figur e 36-1 0 Queueing an d Scheduling Fl ow char t for In gress P orts on Cataly st 3560-E S witches Note SRR services the prior ity queue for its conf igured share before servicing the other queue. The switch supp[...]

  • Страница 767

    36-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS dscp1... dscp8 } or the mls qos srr -queue input cos-map queue qu eue- id { cos1.. .cos8 | thr eshold thr eshold-i d cos1.. .cos8 } global conf iguration command. Y o u c an d is p l ay t he D S C P in p u t q u eu e t[...]

  • Страница 768

    36-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS Queueing and Scheduling on Egress Que ues Figure 36-11 and Figure 36-12 show the queue ing and sched uling flowchart s for egress ports. Note If the ex pedite q ueue is en abled, SRR se rvices it u ntil it is empty b[...]

  • Страница 769

    36-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS Figur e 36-12 Q ueueing an d Sc heduling Fl ow char t f or Egr ess P orts on C atalyst 3560-E S w itche s Each por t supports fo ur egress queue s, one of w hich (queue 1) can be the egress expedite queue . The se queu[...]

  • Страница 770

    36-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Underst andin g QoS b uf fers) or not empty (free b uffer s). If the queu e is not o ver- limit, the switc h can alloca te bu f fer space from t he r eserved poo l or f rom th e co mmon pool (if it is n ot emp ty). I f th ere a re no fr[...]

  • Страница 771

    36-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Unde rsta ndi ng QoS WTD Thresh olds Y o u can assig n each pa cket tha t fl ows through th e switc h to a que ue and to a thresho ld. Spe cifically , you map D SCP or C oS values to an egress queu e an d ma p DSCP or CoS values to a thres[...]

  • Страница 772

    36-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS • During policing , IP and non-I P packets ca n have another DS CP assigned to them ( if they are out of prof ile and the polic er spec ifies a ma rkdow n DSCP). Onc e again, the DSCP in the pa cket is not modi[...]

  • Страница 773

    36-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS Generated Auto-QoS Configuration By def ault, auto -QoS is di sabled on all ports. When au to-QoS is enabled , it use s the ing ress pa ck et label to c ategorize traf fic, to assign pack et labels, and to configure t [...]

  • Страница 774

    36-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS trust the QoS label recei ved in the pack et. When a Cisco IP Phone is absent, the ingress classif icati on is set to not trust the QoS label i n the packe t. The switch c onfi gures ingress and e gress queues on[...]

  • Страница 775

    36-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS The switch au tomatical ly maps DSCP v alues to an ingress queue and t o a thre shol d ID. Switch(config)# no mls qos srr-queue input dscp-map Switch(config)# mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 1[...]

  • Страница 776

    36-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS The sw itch a utoma tically configures the egress queue buf fer sizes . It configur es the bandwi dth an d th e SRR m ode (sha ped or shared) on the egress queues ma pped to the por t. Switch(config)# mls qos que[...]

  • Страница 777

    36-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS Effects of Auto-QoS on the Configuration When auto- QoS is en abled, the au to qos v oip interface co nfiguration c omman d and the ge nerate d configurati on are add ed to the ru nning configuratio n. The swi tch appl[...]

  • Страница 778

    36-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS • T o t ake advantage of th e auto- QoS default s, you sho uld ena ble auto- QoS befor e you configu re other QoS com mands. I f necessar y , you can fine-tune the QoS configurat ion, but we r ecomme nd tha t y[...]

  • Страница 779

    36-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS T o display the QoS commands that are automatic ally generated when auto-QoS is enabl ed or disabled, enter the deb ug auto qos pr ivileged EXEC comm and befor e enabling auto -QoS. For more informa tion, see th e debu[...]

  • Страница 780

    36-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Conf igurin g Auto-Q oS Auto-QoS Confi guration Example This se ction describe s how you co uld im pleme nt auto- QoS in a ne twork, as shown in Fi gur e 36-14 . For optimum QoS perfo rmance, enab le auto-QoS on all the de vices in the [...]

  • Страница 781

    36-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Configuring Auto-QoS Note Y ou shou ld not configure a ny standard QoS com mands before enteri ng the a uto-Qo S com mands. Y ou can fine-t une th e Qo S configura tion, but w e rec ommend tha t you d o so o nly after the a uto-Q oS conf i[...]

  • Страница 782

    36-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Displa ying A uto-QoS I nform ation Displaying Auto-Q oS Information T o display the initial auto-Q oS conf iguration, use the show auto qos [ interface [ interface- id ]] privileged EXEC comm and. T o displ ay any use r ch anges to tha[...]

  • Страница 783

    36-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Default Standard QoS Configuration QoS is disa bled. Ther e is no conce pt of tru sted or untru sted por ts be cause the packet s are not m odified (the CoS, DSCP , and IP preceden ce v alues in the pack et are n[...]

  • Страница 784

    36-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Default Egress Queue Configur ation T ab le 36-9 shows the default egre ss queue con figuration for ea ch qu eue-set when QoS is ena bled. All ports a re map ped to qu eue-se t 1. T he po rt ban dwidt h lim it[...]

  • Страница 785

    36-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Default Mapping Table Conf iguration The default CoS-to-DSCP map is sho wn in T able 36- 12 on page 3 6-63 . The default IP-pre cedenc e-to-D SCP map is shown in T able 36-13 on page 3 6-64 . The de fault DSCP- t[...]

  • Страница 786

    36-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS • Follow these gu ideline s wh en c onfiguring pol icy maps on p hysical p orts or SVIs: – Y o u cannot apply the same pol icy map to a physical port and to an SVI. – If VLAN -based QoS is configured on [...]

  • Страница 787

    36-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS • A switch that is r unning t he IP se rvices f eature s et suppo rts QoS D SCP and IP preced ence matc hing in polic y-based routing (PBR) r oute maps wi th these limitations: – Y o u cannot apply QoS DSC P [...]

  • Страница 788

    36-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Use the no mls qos vla n-based interface configura tion co mmand to disable VLAN-b ased QoS on the physical por t. Configuring Classification Using Port Trust States These sec tions descr ibe how to classify i[...]

  • Страница 789

    36-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Figu re 36-15 Port T rusted St ates w ithin the Qo S Do mai n Beginn ing in pr i vilege d EXEC m ode, follo w these st eps to co nfi gure the p ort to tr ust the classif icati on of the traf fic that it re cei ve[...]

  • Страница 790

    36-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o return a port to its untrusted state, use the no mls qos trust inte rface c onfigura tion comm and. For informatio n on ho w to chan ge the d efault Co S v alue, see the “C onf iguring the CoS V alue for[...]

  • Страница 791

    36-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS T o return to th e defa u lt setting, use the no mls qos cos { def ault- cos | ov erride } interface co nfiguration comm and. Configuring a Truste d Boundary to Ensure Port Securit y In a t ypica l network , you [...]

  • Страница 792

    36-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS W i th the t ruste d setti ng, you also can use the trusted bounda ry fea ture to prevent misuse o f a high-pr iority qu eue if a user bypasses the tel ephone a nd conne cts the PC di rectly to t he switch. W [...]

  • Страница 793

    36-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS If D SCP t rans par ency is en able d by u sin g the no mls qos rewrite ip dscp command, the swit ch does not modify the DSCP field in the incoming pa cket, and the DSCP field in the outgoin g packet is the same [...]

  • Страница 794

    36-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Figur e 36-16 DSCP -T r ust ed Stat e on a P or t Bor derin g Another Q oS Domain Beginn ing in pr i vilege d EXEC m ode, follo w these st eps to co nf igure the DSCP- trusted stat e on a port and modi fy the [...]

  • Страница 795

    36-45 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS T o return a port to its non-trusted state , use the no mls qos trust interfa ce conf iguration co mmand. T o return to the d efault D SC P-to-DSCP-m utation m ap v alues, us e the no mls qos map dscp-mutation ds[...]

  • Страница 796

    36-46 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Classifying Traffic by Using ACLs Y o u can classi fy IP tra ff i c by using IP sta ndard or IP extend ed ACLs; you can cla ssify non-I P traffic by usin g Layer 2 MA C A CLs. Beginn ing in pri vileged EXEC mo[...]

  • Страница 797

    36-47 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginn ing in pri vileged EXEC mode, follo w these steps to create an IP extended A CL for IP traff ic: T o delete an acc ess list , use the no access-list access-list- number globa l configurat ion comma nd. Thi[...]

  • Страница 798

    36-48 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginning in privileged EXEC mod e, follow these st eps to c reate a L ayer 2 M A C ACL for non-IP t raff ic: T o delete an acc ess list , use the no mac acce ss-list ex tended ac cess-list-name global configu[...]

  • Страница 799

    36-49 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Classifying Traffic by Using Class Ma ps Y o u use the class-map global conf iguration co mmand to name and to isolate a s pecif ic tra f fi c flow (or class) f rom all o ther traf fic. The cla ss map def ines th[...]

  • Страница 800

    36-50 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o delete an existin g polic y map, use the no policy-map poli cy-ma p-nam e globa l configuratio n comm and. T o delete an existing cla ss map, use th e no class- map [ match-all | match-any ] class-map-na m[...]

  • Страница 801

    36-51 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Classifying, Policing, and Marking Traff ic on Physical Ports by Using Policy Maps Y o u can co nfigure a nonhier arch ical pol icy map on a physica l port that sp ecifies which traff ic class to act on. Actions [...]

  • Страница 802

    36-52 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginning in privileged EX EC mode, fol low these steps t o create a no nhiera rchic al policy map: Command Purpose Step 1 conf igur e terminal E nter g lobal configuration mode . Step 2 class-map [ match-all [...]

  • Страница 803

    36-53 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Step 5 trust [ cos | dscp | ip-pr ecedence ] Configure the t rust state, w hich QoS uses to gene rate a CoS-ba sed or DSCP-based QoS lab el. Note This co mmand is mutuall y exclusi ve with the set com mand withi [...]

  • Страница 804

    36-54 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o delete an existin g polic y map, use the no policy-map poli cy-ma p-nam e globa l configuratio n comm and. T o delete an existing cla ss map, use th e no class c lass-map-name pol icy-map configurat ion co[...]

  • Страница 805

    36-55 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Switch(config-ext-mac)# exit Switch(config)# class-map macclass1 Switch(config-cmap)# match access-group maclist1 Switch(config-cmap)# exit Switch(config)# policy-map macpolicy1 Switch(config-pmap)# class macclas[...]

  • Страница 806

    36-56 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS • The hi erarchic al policy m ap is attached to th e SVI and af fects al l traf fic b elongin g to th e VLAN. The action s specif ied in the VLAN-l e vel p olicy map af fect the traf fi c belong ing to the S[...]

  • Страница 807

    36-57 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Step 3 match { acce ss-group acl-index-or-name | ip dscp dscp-list | ip prec edence ip-pr eceden ce-list } Def ine the match crite rion to classify traf fic. By defau lt, no matc h cr iterion is de fined. Only o [...]

  • Страница 808

    36-58 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Step 10 policy-map policy- map-nam e Create an inte r face -le vel polic y map b y entering the policy -map name, and en ter po licy-ma p con figuration mode. By defau lt, no pol icy maps are defined, and n o [...]

  • Страница 809

    36-59 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Step 17 trust [ cos | dscp | ip-pr ecedence ] Configure the t rust state, w hich QoS uses to gene rate a CoS-ba sed or DSCP-based QoS lab el. Note This co mmand is mutuall y exclusi ve with the set com mand withi[...]

  • Страница 810

    36-60 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o delete an existin g polic y map, use the no policy-map poli cy-ma p-nam e globa l configuration comm and. T o delete an existing cla ss map, use th e no cl ass class-map-na me policy-map c onfiguration com[...]

  • Страница 811

    36-61 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Switch(config-pmap-c)# exit Switch(config-pmap)# class-map cm-2 Switch(config-pmap-c)# match ip dscp 2 Switch(config-pmap-c)# service-policy port-plcmap-1 Switch(config-pmap)# exit Switch(config-pmap)# class-map [...]

  • Страница 812

    36-62 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o r emove the specified a ggregate pol icer from a pol icy map, use th e no police agg reg ate aggr egate-polic er-name policy m ap configu ratio n mode. T o delete an aggregate pol icer and it s parame ters[...]

  • Страница 813

    36-63 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Switch(config-pmap-c)# trust dscp Switch(config-pmap-c)# police aggregate transmit1 Switch(config-pmap-c)# exit Switch(config-pmap)# class ipclass2 Switch(config-pmap-c)# set dscp 56 Switch(config-pmap-c)# police[...]

  • Страница 814

    36-64 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginn ing in pr iv ilege d EXEC mode, follo w these steps to modify t he CoS-to-DSCP map . This procedur e is optional. T o return to the defau lt map, use the no mls qos cos-dscp global configuration com man[...]

  • Страница 815

    36-65 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginn ing in pr i vilege d EXEC m ode, follo w these st eps to mo dify the I P-precede nce-to-DSCP ma p. This proc edure is option al. T o return to the defau lt map, use the no mls qos i p-prec-dscp global con [...]

  • Страница 816

    36-66 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o return to the defau lt map, use the no mls qos policed- dscp glob al conf iguration comman d. This exam ple sh ows ho w to map DSCP 50 to 57 t o a ma rked-down DSCP value of 0: Switch(config)# mls qos map [...]

  • Страница 817

    36-67 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginning in privileged EXEC mo de, foll ow these s teps to modif y the DSCP-to- CoS map. This procedur e is optional. T o return to the defau lt map, use the no mls qos dscp-cos global c onfiguration com mand. T[...]

  • Страница 818

    36-68 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginning in privileged EXEC mo de, foll ow these steps to mod ify the DSCP-t o-DS CP-mutati on map . This proc edure is option al. T o return to the defau lt map, use the no mls qos dscp-mutation dscp-m utati[...]

  • Страница 819

    36-69 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Note In the above DSCP-to- DSCP-m utati on map, t he mutat ed values are shown in the bod y of the matrix. Th e d1 colum n specif ies the most-signif icant digit o f the or iginal DSCP; th e d2 ro w specif ies th[...]

  • Страница 820

    36-70 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Mapping DSCP or CoS Values to an Ingress Queue and Setting WTD Thresholds Y ou can prioritize traf fic b y placing pack ets with particul ar DSCPs or CoSs into certain queues and adjusting the queue thr eshold[...]

  • Страница 821

    36-71 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS This exampl e shows ho w to map DSCP values 0 to 6 to ingres s queue 1 an d to thresh old 1 with a dro p thresho ld of 50 p ercent. It m aps DSC P values 20 to 2 6 to in gress queu e 1 a nd to th reshold 2 with a[...]

  • Страница 822

    36-72 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginn ing in pri vileg ed EXEC mode, follo w these steps to allocate bandwid th between the ingress queues. This p rocedur e i s optio nal. T o return to the default setting, use the no mls qos srr - queue in[...]

  • Страница 823

    36-73 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginning in privileged EXEC mod e, follow these steps to configure the pri ority queue. T his proc edure is optional. T o return to the default setting, use the no mls qos srr - queue input priority-queue queue-[...]

  • Страница 824

    36-74 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS These sec tions co ntain this co nfiguration in format ion: • Configuration Gu idelines, page 36-74 • Alloca ting Buffer Space to and Setti ng WTD Thre sholds for an Egress Q ueue-Set , page 36- 74 (option[...]

  • Страница 825

    36-75 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginning i n privileged EXEC mode, follow these steps to configure the me mory al loca tion and to drop thresholds for a queue-se t. This procedure is optional. Comma nd Purpos e Step 1 conf igur e terminal Ente[...]

  • Страница 826

    36-76 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS T o return to the default setting, use the no mls qos queue-set output qset-id bu f f e r s global conf iguratio n command. T o return to the defa ult WTD threshold percen tages, use the no mls qos queue-set o[...]

  • Страница 827

    36-77 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Beginning in privileged EXE C mode, follow thes e st eps to map DSCP or CoS values to an egress queu e and to a thr eshold ID . This procedur e is optio nal. T o r eturn to th e defaul t DSCP output queu e thre s[...]

  • Страница 828

    36-78 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Configuring SRR Sh aped Weights on Egress Queues Y ou can spec ify ho w much of t he av ailable bandwi dth is allo cated to each queue. The r atio of the weig hts is the ra tio of frequen cy i n which the SR R[...]

  • Страница 829

    36-79 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Confi guring Standa rd QoS Configuring SRR Sh ared Weights on Egress Queues In shar ed mod e, the queues share th e band width am ong th em ac cordi ng to the configured weight s. The bandwidth is gu aranteed at this le vel b ut not limite[...]

  • Страница 830

    36-80 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Configur ing Standar d QoS Beginn ing in pri vileged EXEC mode, follo w these steps to enable the e gress e xpedite queue. This procedur e is optional. T o dis able the egres s expedi te qu eue, us e th e no priority-queue out interface[...]

  • Страница 831

    36-81 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 6 Configuring Qo S Displaying Standard QoS Information T o return to the default setting, use the no srr -queue band width limit interface configura tion comm and. This exam ple sh ows how to limit the ba ndwid th on a port to 8 0 per cent: Switch(config)# i[...]

  • Страница 832

    36-82 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 36 Conf igur ing Q oS Display ing Standar d QoS Inform ation show policy- map [ polic y-map- name [ clas s class-m ap-name ]] Display QoS po licy maps, w hich define cla ssification cri teria fo r inco ming traffic. Note Do not use the show policy-map interf[...]

  • Страница 833

    C HAPTER 37-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 37 Configuring EtherC hannels and Link-State Tracking This cha pter descri bes how to configure EtherCha nnels on La yer 2 an d Layer 3 ports on t he Catalyst 3750-E o r 3560-E switch . Ethe rChanne l provides fault-tole rant h igh-spe ed links betwee n switch[...]

  • Страница 834

    37-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels • Load -Balan cing and Forwarding Meth ods, page 3 7-8 • EtherCha nnel and Switch Stacks, page 37-10 EtherChann el Overview An Ethe rChan nel c onsists o f indiv[...]

  • Страница 835

    37-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Understa nding Et herChann els Y o u can configure an Ether Chann el in one of these mode s: Port Aggregati on Protoco l (P AgP), Link Aggregation C ontro l Prot ocol (L ACP), or On. C onfigure bo th ends [...]

  • Страница 836

    37-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels Figur e 37 -3 Cros s-Stac k EtherChannel Port-Chan nel Interfaces When you cre ate an E therCha nnel , a po rt-cha nnel logi cal i nterfa ce is inv o lved: • W ith[...]

  • Страница 837

    37-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Understa nding Et herChann els Figur e 37 -4 Relationship of P h ysical P orts, Logica l Por t Channels, and Channel Gr oups After y ou conf igure an Eth erCha nnel, conf iguration change s appli ed to the[...]

  • Страница 838

    37-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels PAgP Modes T ab le 37-1 shows the user-configurab le Ethe rChan nel P A gP mo des f or the channel-group interfa ce configurati on c ommand. Switch por ts exchange P[...]

  • Страница 839

    37-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Understa nding Et herChann els P AgP sends an d receives P A gP PDUs only fr om ports th at are up an d hav e P AgP ena bled for the auto or desira ble m ode. Link Aggreg ation Control Pro tocol The LACP i[...]

  • Страница 840

    37-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels In Lay er 2 EtherC hannels , the first port in th e ch annel that c omes up provide s its MAC addre ss to the Ether Channel . If this por t is rem oved from the bund[...]

  • Страница 841

    37-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Understa nding Et herChann els W ith source -IP address- based forwardin g, when pa ckets are fo rwarded t o an Ether Channel , they are distributed acros s the port s in the Ethe rChanne l based on the so[...]

  • Страница 842

    37-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding Et herChan nels Figur e 37 -5 Load Distr ibution and F orwa rding Methods EtherChann el and S witc h Stack s If a stack mem ber that ha s ports part icipati ng in an Eth erChanne l[...]

  • Страница 843

    37-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels For more information about switch stack s, see Chapter 5, “ Managing Swi tch Stacks.” Configuring Eth erChannels These sec tions co ntain this co nfiguration info rmat ion:[...]

  • Страница 844

    37-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els EtherChann el Configuratio n Guidelin es If imp roper ly con figured, so me E therCha nnel ports are a utomati cally disa bled t o av oid n etwork loops and othe r pro[...]

  • Страница 845

    37-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels – An Ethe rChanne l suppor ts the same allowed range of VL ANs on all t he port s in a trunking Layer 2 EtherCh annel. I f the a llowed range of VL ANs is not th e sam e, the[...]

  • Страница 846

    37-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els T o r emove a p ort fr om t he Eth erCha nnel group, use the no channel-group interface configurat ion comm and. Step 4 channel- group c hann el-gr oup- number mo de {[...]

  • Страница 847

    37-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels This exam ple sh ows how to configure an Eth erChann el o n a si ngle swi tch in the st ack. I t assigns two ports as static-acce ss ports in VLAN 10 to channel 5 with the P Ag[...]

  • Страница 848

    37-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els Beginning in pr ivileged EXEC mod e, follow these st eps to crea te a port -channe l inter face for a Laye r 3 Ether Channel . Th is proc edure is re quir ed. T o remo[...]

  • Страница 849

    37-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels Step 5 channel- group c hann el-gr oup- number mo de { auto [ non- silent ] | desirable [ no n-silent ] | on } | { active | passive } Assign th e port to a ch annel gr oup, an [...]

  • Страница 850

    37-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els This example shows ho w to configure an Et herChann el. It assign s two ports to c hannel 5 w ith the LACP mode ac tive : Switch# configure terminal Switch(config)# in[...]

  • Страница 851

    37-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels T o r etu rn Eth erCha nnel l oad -balan cing to the de fault configurat ion, u se the no port-channel load-balanc e global con figurati on comm and. Configuring the PAgP Le ar[...]

  • Страница 852

    37-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els Beginning i n privileged EX EC mo de, fol low these s teps t o configure y our sw itch a s a P AgP physical- port lea rner a nd to a djust the p riority so th at the s[...]

  • Страница 853

    37-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Config uring EtherCh annels If you configure more than ei ght links for an EtherC hannel group, the software automa tical ly decide s which of th e hot-stand by ports to make active based on the LA CP pri[...]

  • Страница 854

    37-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing EtherChann els Configuring the LACP Port Pr iority By def ault, al l ports us e the same port pr iority . If the loca l system has a lo wer va lue for the syste m priority a nd the s[...]

  • Страница 855

    37-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Displaying EtherC hannel , PAgP, and LACP Sta tus Displaying EtherCh annel, PAgP, and LACP Status T o disp lay Eth erChanne l, P AgP , and LA CP sta tus in for matio n, use the pri vile ged EXEC c omman d[...]

  • Страница 856

    37-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Underst anding L ink-State Tracking When you e nable link-st ate track ing on the sw itch, the link states of the downstream ports are bound to the li nk state of one o r more of the upst ream p [...]

  • Страница 857

    37-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Configuring Link-State Tracking Figur e 37 -6 T ypical Link-Stat e T rac king Configur ation Configuring Link -State Tracking These sec tions descr ibe how to configure link-st ate trac king port s: • D[...]

  • Страница 858

    37-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing Link-S tate Tracki ng Default Link-Sta te Track ing Con figuratio n There are no li nk-stat e grou ps defined, and link-st ate tra cking is n ot ena bled f or a ny group. Link-State [...]

  • Страница 859

    37-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 3 7 Configuring EtherCh annels and Link-State Tra cking Configuring Link-State Tracking Switch(config-if)# interface gigabitethernet1/0/3 Switch(config-if)# link state group 1 downstream Switch(config-if)# interface gigabitethernet1/0/5 Switch(config-if)# link[...]

  • Страница 860

    37-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Ch apter 37 Conf igur ing Ethe rCha nne ls a nd Li nk- State Tra ckin g Configur ing Link-S tate Tracki ng[...]

  • Страница 861

    C HAPTER 38-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 38 Configuring IP Unicast Ro uting This chapt er describ es how to conf igure IP V ersion 4 (IPv 4) unicas t routing on the Catalyst 3750-E or 3560- E sw itch. Unl ess oth erwise noted, the te rm switch refers to a Cataly st 3750-E or 356 0-E standal one switc[...]

  • Страница 862

    38-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Underst anding IP Ro uting Note When configuring routing parameter s on the switch and to allocate system resourc es to maximize the number of un icast routes allowed, you ca n use the sdm pr efer r outing global c onfigurat i[...]

  • Страница 863

    38-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Unders tanding IP Routi ng Default ro uting refe rs to sendi ng traffic with a destination unknown to the route r to a default outle t or destinatio n. Static unicas t routi ng fo rwards pa ckets from pre deter mined ports t [...]

  • Страница 864

    38-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Underst anding IP Ro uting Stack memb ers per form these fun ction s: • The y act as routi n g standb y switches, rea dy to take o ver in case they are elec ted as the new s tack master if the stack master fails. • The y p[...]

  • Страница 865

    38-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Steps f or Co nfiguri ng Routing Steps for Configurin g Routing By default, IP ro uting is disabl ed on the sw itch, and yo u must enable it before rou ting ca n take place . For detailed IP routing co nf iguration in formati[...]

  • Страница 866

    38-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng • Configuring A ddress Re solutio n Met hods, page 38 -9 • Rout ing Assistan ce W hen I P Rout ing is Dis abled, page 38- 12 • Conf iguri ng Bro adca st Pack et Hand ling, pa ge 38-1 4 • [...]

  • Страница 867

    38-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Assigning IP Address es to Netwo rk Interface s An IP ad dress identi fie s a location to which IP pack ets ca n be s ent. Som e IP add resses are reser ved for special u ses an d ca nnot be used [...]

  • Страница 868

    38-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng Classless Routing By default, classless routing beha vior is enabled on the switch when it is confi g ured to route. W ith classle ss routing , if a route r receives packets for a subnet of a net[...]

  • Страница 869

    38-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Figur e 38-3 No IP Clas sless Ro uting T o p revent the swi tch f rom for warding packets destined for unre cogniz ed subne ts to the be st supe rnet route poss ible, you can disab le classl ess r[...]

  • Страница 870

    38-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng The swi tch can use these forms of address r esolutio n: • Address Resolut ion Protoc ol (ARP) i s used to associa te IP ad dress wi th MA C ad dresses. T aking a n IP addre ss as i nput, ARP [...]

  • Страница 871

    38-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing T o remove an entr y from t he ARP cach e, us e the no arp i p - a d d re s s h a rd w a re - a d d re s s t y p e global conf iguratio n command . T o remo ve all nons tatic ent ries from th e A[...]

  • Страница 872

    38-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng Enable Proxy ARP By default, the sw itch uses pro xy ARP to help hosts learn MA C address es of hosts on othe r networks or subnets. Beginning i n privileged EX EC mo de, fol low these s teps t [...]

  • Страница 873

    38-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Beginning i n privileged E XEC mo de, follow these steps to d efine a de fault gat ew ay (ro uter) when IP routing is disa bled: Use the no ip default-gateway global c onfigurat ion co mmand to d[...]

  • Страница 874

    38-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng If you chang e the maxadvertinterv al va l u e , th e holdtime and minadvertinterval v alues also cha nge, so it is importan t to f irst change the ma xadvertinte rval v alue , before ma nuall y[...]

  • Страница 875

    38-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Enabling Directed Broadcast-to- Physical Broadcast Translation By default, IP direct ed broadc asts are dr opped; th ey are not forwarde d. Drop ping IP-di rected broa dcast s makes router s less[...]

  • Страница 876

    38-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng Forwarding UDP Broadcast Packets and Prot ocols User Da tagram Prot ocol (U DP) is an IP host -to-host layer prot ocol, as is TCP . UDP provides a low-ov e rhead, conn ectionle ss session betw e[...]

  • Страница 877

    38-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring I P Address ing Establishing an IP Broadcast Address The mo st po pular IP broadc ast address (and the d efault) i s an add ress cons isting of al l ones (255.255 .255.2 55). Howe ver , the sw itch can b e co nf[...]

  • Страница 878

    38-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g IP Ad dr essi ng Beginning i n privileged EX EC mo de, fol low these s teps t o use the b ridging sp anni ng-tre e datab ase to flood U DP dat agram s: Use the no ip f orwa rd-protocol spanning-tree global co nf[...]

  • Страница 879

    38-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Enabli ng IP Unic ast Rout ing Enabling IP Uni cast Routing By default, the switch is in Layer 2 switching mode and IP routin g is disabled. T o use the Layer 3 capabiliti es of the switch, you must enable I P routing. Begin[...]

  • Страница 880

    38-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g RIP Switch(config-router)# network 10.0.0.0 Switch(config-router)# end Y o u can now set up parame ters for the selected routing prot ocols as de scribed in these sect ions: • Conf igur ing R IP , page 38-2 0 [...]

  • Страница 881

    38-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring RIP Default RIP Configuration T ab le 38-4 shows the default RIP conf iguration. Configuring Basic RIP Parameters T o con figure RIP , you enable RIP routing fo r a network and opt ionall y configure ot her param[...]

  • Страница 882

    38-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g RIP T o turn off the RIP rout ing process, use the no router rip global co nfigurati on comma nd. T o di splay the parame ters and cu rren t state of th e active routing pro tocol process , use the show ip proto[...]

  • Страница 883

    38-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring RIP Configuring RIP Authentication RIP V ersion 1 does not suppor t authe nticat ion. If you are se nding a nd re ceiving RIP V ersi on 2 p ackets, you can en able RIP authen tication o n an interf ace. The ke y [...]

  • Страница 884

    38-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g RIP Beginn ing in pri vileged EXEC mode, follo w these steps to set an inte rfac e to advertise a summa rized local IP address and to di sable split horizon on the interfa ce: T o disable IP summarization, use t[...]

  • Страница 885

    38-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF Beginning in privileged EX EC mode , foll ow these s teps to disable split horizon on t he in terface: T o enable the split horizon m echanis m, use the ip split -horizon i nter face configur ation co mman [...]

  • Страница 886

    38-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF These sec tions co ntain this co nfiguration in format ion: • Default OSPF Configuration, page 38-26 • Configuring Basic OSPF Paramete rs, page 38-29 • Configuring OSPF Interfa ces, page 38-29 • Confi[...]

  • Страница 887

    38-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF OSPF Nonstop Forwarding The switc h stack supp orts two levels of nonstop forwardin g (NSF): • OSPF NSF A warene ss, page 38-28 • OSPF NSF Capability , page 38-28 Distance OSPF dist1 (a ll rout es with [...]

  • Страница 888

    38-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF OSPF NSF Awareness The IP-services feature set suppor ts OSPF NSF A war eness supported for IPv4 . When the neighboring router is NSF-capabl e, the L ayer 3 switch co ntinue s to forward pac kets from the nei[...]

  • Страница 889

    38-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF Configuring Basic OSPF Parameters Enabling OSPF r equires that you creat e an OSPF routi ng process, specify the r ange of IP addresses to be asso ciated with the routing p roces s, and assig n area IDs to [...]

  • Страница 890

    38-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF Use the no form of thes e command s to remo ve the conf igured param eter valu e or retur n to the default value. Step 3 ip ospf cost (Opti onal) Explicitl y specify the cost of sending a packet on the interf[...]

  • Страница 891

    38-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF Configuring OSPF Area Parameters Y ou can option ally confi gure se veral OSPF a rea para meters. Th ese parameters include authentic ation for pa ssw ord-b ased pr otec tion aga inst unautho rized acc ess [...]

  • Страница 892

    38-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF Use the no form of thes e command s to remo ve the conf igured param eter valu e or to retu rn to the default value. Configuring Other OS PF Para meters Y ou can option ally confi gure other OSPF para meters [...]

  • Страница 893

    38-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Config uring OSPF Beginning in privile ged EXEC mode, follow the se steps to configure these OSPF parameter s: Command Purpose Step 1 conf igur e terminal E nter g lobal configuration mode . Step 2 router ospf pr oc ess-id E[...]

  • Страница 894

    38-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring OSPF Changing LSA Gro up Pa cing The OSPF LS A group pacing feature allows the router to group OSPF L SAs and pa ce the re freshing, check- sum ming , and agi ng f unctio ns for mo re efficient rout er us e. T his[...]

  • Страница 895

    38-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring EIGRP Monitoring OSPF Y ou can display specifi c statistics such as th e conten ts of IP r outing table s , caches, and database s. T ab le 38-6 lists some of the pr ivileged EXEC co mman ds for displ aying stati[...]

  • Страница 896

    38-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing EIGRP EIGRP of fers these f eatures: • Fast co n vergenc e. • Incr emen tal upd ate s when the s tate of a des tinat ion chang es, i nstea d of sen ding t he en tire c ontent s of the routi ng ta ble, m inimi[...]

  • Страница 897

    38-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring EIGRP • Configuring E IGRP Route Au thentic ation, page 3 8-41 • EIGRP Stub Routi ng, pag e 38-42 • Moni tor ing and Mai ntainin g EIGR P , page 38- 4 3 Note T o enab le EIGRP , the switc h or stack mas ter[...]

  • Страница 898

    38-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing EIGRP T o cr eate an EIG RP routin g process, yo u must enable EIGRP and asso ciat e networks . EIGRP sends updates to the interf aces in the specif ied networ ks. If you do not specify an interface netw o rk, it[...]

  • Страница 899

    38-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring EIGRP EIGRP N SF Capabili ty The Cat alyst 3750- E IP-se rvices fea ture set also suppor ts EIGRP NSF-c apabl e routing fo r IPv4 for better con ve rge nce and lo wer traf fic loss follo win g a stack master ch a[...]

  • Страница 900

    38-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing EIGRP Use the no forms of th ese comman ds to disa ble the featur e or retur n the sett ing to the de fault v alue. Configuring EIGRP Interfaces Other o ptiona l EIG RP para meter s can be co nfigured on an i nte[...]

  • Страница 901

    38-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring EIGRP Use the no forms of these co mmand s to disabl e the feat ure or re turn the sett ing to the defa ult v alue. Configuring E IGRP Ro ute Authentication EIGRP r oute a uthenti cation provides MD5 authen ticat[...]

  • Страница 902

    38-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing EIGRP Use the no forms of these commands to disable the feature or to return the setting to the default v alue. EIGRP Stub R outing The EIGRP stub routing featu re, av ailable in all featur e sets, reduces resour[...]

  • Страница 903

    38-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Figur e 38-4 EIGRP St ub Rout er Config urat ion For more inf ormation about E IGRP stub routing, see “Configu ring EIGRP St ub Rout ing” sect ion of the Cisco IO S IP Configuration Gui de, V olume 2 of 3[...]

  • Страница 904

    38-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP For details about BGP co mman ds and keywords, se e the “IP Ro uting Protocols” part of the Cis co IO S IP Com mand Re fer ence, V ol ume 2 of 3: Routi ng Protocols, Rele ase 12. 2 . For a lis t of BGP c[...]

  • Страница 905

    38-45 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP In BGP , ea ch rout e con sists of a n etwork number, a list of aut onomo us system s th at infor matio n has passed thr ough (the a utonomous syst em path ), and a list of oth er path attri butes . Th e prim[...]

  • Страница 906

    38-46 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP T a ble 38-9 Def ault BGP Configur ation Feature Default Setting Aggregat e addr ess Disabled: N one de fined. AS pa th acce ss list None defined. Au to s umm ar y Enab led. Bes t pat h • Th e rou ter cons[...]

  • Страница 907

    38-47 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Nonstop Forwarding Awareness The BGP NSF A wareness f eature is su pported f or IPv4 in the IP s ervices fea ture set . T o enable th is featu re with BGP ro uting, you need to en able Gr aceful Restart. When[...]

  • Страница 908

    38-48 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP neig hbor ing r out er duri ng the inte rval betw een t he pr imar y Rout e Process or (R P) in a r outer f aili ng a nd the backup RP taking over , or while the primar y RP is manua lly relo aded fo r a non[...]

  • Страница 909

    38-49 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Use the no route r bgp aut onomous-s ystem global co nfiguration comma nd to r emove a BGP AS. Use the no network network- number router configuration com mand to re move the network fr om the BGP tabl e. Use[...]

  • Страница 910

    38-50 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Router B: Switch(config)# router bgp 200 Switch(config-router)# neighbor 129.213.1.2 remote-as 100 Switch(config-router)# neighbor 175.220.1.2 remote-as 200 Router C: Switch(config)# router bgp 200 Switch(co[...]

  • Страница 911

    38-51 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP establi sh a TCP sessi on. A s oft re set al lows the dynam ic excha nge of route refresh request s and routing informa tion b etween B GP rout ers a nd th e subseq uent re-ad ver tisemen t of t h e res pecti[...]

  • Страница 912

    38-52 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Configuring BGP Decision Attributes When a BGP speak er receiv es updates from multiple autono mous systems that describe dif ferent paths to the sa me destination, it must ch oose the single best path for r[...]

  • Страница 913

    38-53 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Beginning i n privileged EX EC mo de, fol low these s teps t o configure s ome d ecision attr ibutes: Command Purp ose Step 1 co nfi g ure terminal Enter globa l configura tion mode . Step 2 r outer bgp auton[...]

  • Страница 914

    38-54 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Use the no form of ea ch com mand t o retu rn t o the defau lt stat e. Configuring BGP Filtering with Route Maps W i thin B GP , route maps can be used t o cont rol a nd to m odif y rou ting in forma tion an[...]

  • Страница 915

    38-55 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP path, comm unity , and network num bers. Auto nomous sys tem path mat ching re quires the match as-path access-lis t rou te-ma p command , commu nity based ma tching re quires the match community-list route- [...]

  • Страница 916

    38-56 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Configuring Prefix Lists for BGP Filtering Y ou can use p ref ix lists a s an alte rnati ve to acces s list s in man y BGP rou te fi ltering comman ds, inclu ding the neighbor distribute-list router configur[...]

  • Страница 917

    38-57 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP sequence number command; to reenabl e automatic generation, u se the ip pref ix-list sequence number command. T o clear the hit-co unt table of p ref ix list entrie s, use the c lear ip pr ef ix-list pri vile[...]

  • Страница 918

    38-58 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP Configur ing BGP Neighbors and Peer Grou ps Often m any BGP ne ighbo rs are configured wit h the same up date policie s (tha t is, the sa me out bound route ma ps, distribute lists, filter l ists, update sou[...]

  • Страница 919

    38-59 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Step 7 neighbor { ip-addre ss | pe er-gr oup -name } default-originate [ route-map ma p-name ] (Optional) Allo w a BGP speak er (t he local r outer) to send th e default r oute 0 .0.0.0 to a n eighbor for use[...]

  • Страница 920

    38-60 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP T o d isab le an existing B GP ne ighbor or nei ghbor peer g roup, use th e neighbor shutdown r outer configurat ion comm and. T o enab le a previous ly existing nei ghbo r or neighbo r peer gr oup that had [...]

  • Страница 921

    38-61 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP T o delete an aggre gate entry , use the no aggregate-addr ess addr ess mask rou ter configuration comma nd. T o retur n option s to the de faul t v alues, use the comm and with ke ywor ds. Configuring Routin[...]

  • Страница 922

    38-62 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Conf igurin g BGP When the ro ute refl ector recei ves an ad vert ised route, it tak es one of these act ions, dependi ng on the neighb or: • A route from an e xternal B GP speak er is adv e rtise d to all c lients and nonc[...]

  • Страница 923

    38-63 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring BGP Beginning i n privileged E XEC mo de, use thes e com mands t o configure BGP ro ute dampen ing: T o disa ble fla p dampenin g, use the no bgp dampening router co nfiguration c omman d withou t keywords. T o s[...]

  • Страница 924

    38-64 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Y o u can also en able t he logging of message s generate d when a BG P neighbo r resets , comes up, or goes down b y using the bgp log -neighbor changes router configur ation com mand. Configuring M[...]

  • Страница 925

    38-65 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE These se ctions conta in this i nformation: • Understan ding Multi-VRF CE, page 38-6 5 • Default Mu lti-VRF C E Configuration, pa ge 38-6 7 • Multi-VRF CE Conf iguration Guidelines, page 38- 67[...]

  • Страница 926

    38-66 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Figur e 38-6 Catalyst 37 50-E or 35 60-E Switc hes Acting as Multiple V irt ual CEs When the CE switc h recei ves a command to add a Lay er 3 interf ace to a VRF , it sets up th e appropriate mapping[...]

  • Страница 927

    38-67 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE T o conf igure VRF , you create a VRF table and specify the Layer 3 int erfac e associat ed with the VRF . Then configure th e rout ing pro toco ls in th e VPN and be tween t he CE and th e PE. BGP i[...]

  • Страница 928

    38-68 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE • A cust omer ca n use m ultip le VLA Ns as lon g as t hey do not overlap with t hose o f other custome rs. A customer’ s VLANs are mapped to a specific routing table ID that is used to iden tify[...]

  • Страница 929

    38-69 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE Use t he no ip vrf vrf-name global conf iguration command to delete a VRF and to remov e all interf aces from it. Use the no ip vrf f orwarding interface c onfig uration comm and to remo ve an interf[...]

  • Страница 930

    38-70 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Configuring BG P PE to CE Routing Sessions Beginning in privileged EX EC mode , foll ow these ste ps to con figure a BGP PE t o CE ro uting sessio n: Use the no r outer bgp autono mous-s ystem -numbe[...]

  • Страница 931

    38-71 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE Figur e 38-7 Multi-VRF CE Conf igur ation Exa mple Switch A Switch D VPN1 VPN2 CE1 Global network 208.0.0.0 F ast Ethernet 8 Gigabit Ethernet 1 101386 PE CE2 Switch E 108.0.0.0 F ast Ethernet 7 Switc[...]

  • Страница 932

    38-72 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Configur ing Switch A On Switch A, enable routing and conf igure VRF . Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# ip routing Switch(config[...]

  • Страница 933

    38-73 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Multi-VRF CE Switch(config)# interface vlan118 Switch(config-if)# ip vrf forwarding v12 Switch(config-if)# ip address 118.0.0.8 255.255.255.0 Switch(config-if)# exit Switch(config)# interface vlan208 Switch(confi[...]

  • Страница 934

    38-74 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configuring Mul ti-VRF CE Configur ing Switch F Switch F belon gs to V PN 2. C onfigure the conn ecti on to Sw itch A by using thes e co mmands. Switch# configure terminal Enter configuration commands, one per line. End with [...]

  • Страница 935

    38-75 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Configuring Unicast Reverse Path Forwarding Router(config)# router bgp 100 Router(config-router)# address-family ipv4 vrf v2 Router(config-router-af)# neighbor 83.0.0.8 remote-as 800 Router(config-router-af)# neighbor 83.0.0[...]

  • Страница 936

    38-76 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Configuring Proto col-Independent Features This secti on descri bes how to configure IP routing pro toco l-indepe nden t feature s. These featur es are av ailable on switche s run[...]

  • Страница 937

    38-77 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res The def ault conf ig uration is CEF or dCEF enabled on all Laye r 3 interface s . Entering the no ip route- cach e c ef int erface co nfiguration co mman d disab les CEF for tr a[...]

  • Страница 938

    38-78 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Even though the ro uter au tomat ically learns about an d configur es equal -cost ro utes, you can cont rol the maxim um number of para llel pat hs supporte d by an IP routing pro[...]

  • Страница 939

    38-79 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res Static route s that point to an inte rface a re adver tised through RIP , IGR P , and other dynami c rout ing protocol s, whe ther or n ot sta tic re d i st r i bu t e router con[...]

  • Страница 940

    38-80 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Use the no ip default-netw ork net work n umbe r global co nfiguration c omman d to remove the route . When default in format ion is passed th rough a dy namic ro uting pro tocol [...]

  • Страница 941

    38-81 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res Note Alth ough e ach of Steps 3 throug h 14 in the following se ction is opt ional, you m ust ente r at least one match rou te-ma p con figuration comm and a nd on e se t rout e-[...]

  • Страница 942

    38-82 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s T o delete an entry , use the no route-map map tag global c onfiguration c ommand or the no match or no set route- map co nf igur ation co mmands . Y o u can distri bute routes fr[...]

  • Страница 943

    38-83 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res Beginn ing in p ri vileg ed EXEC mode, fo llo w thes e steps to con trol route r edistrib ution. Note th at the keywords are the same as defined in th e previous proce dure. T o [...]

  • Страница 944

    38-84 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s W ith PBR, you clas sify tra f f ic using acc ess contr ol lists (A CLs) an d then mak e traf fic go through a dif ferent path. PBR is applied to in coming pac kets . All pack ets[...]

  • Страница 945

    38-85 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res • T o use PBR, you must first en able the routing tem plate by using the sdm pr efer ro uting glob al conf iguratio n command. PBR is not supported with the VLAN or def a ult t[...]

  • Страница 946

    38-86 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Beginn ing in pri vilege d EXEC mode, follo w th ese steps to c on f i g ur e PBR: Comma nd Purpos e Step 1 conf igur e terminal Enter global con figuration mod e. Step 2 route -m[...]

  • Страница 947

    38-87 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res Use the no ro ute-map map- tag g lobal configurat ion com mand or the no match or no set rout e-map conf iguratio n commands to delete an entry . Use the no ip policy ro ute-map [...]

  • Страница 948

    38-88 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Configur ing Protoco l-Indepen dent Feature s Use a net work monit oring privileged EXEC co mman d such as show ip ospf inte rface to v erify t he interfaces t hat you enab led as passive, or use the show ip interface privile[...]

  • Страница 949

    38-89 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Confi guring Proto col-Ind ependent Featu res router to inte lligen tly di scrimina te bet ween so urces of rout ing in format ion. Th e rou ter always picks th e route whose r outing pr otocol has t he lowest adm inistra ti[...]

  • Страница 950

    38-90 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Monito ring and Mai ntainin g the IP Networ k Beginning i n privileged EX EC mo de, fol low these s teps t o mana ge authe nticat ion keys: T o remo ve th e ke y chain, use the no key chain name-o f-chain gl obal co nfigurati[...]

  • Страница 951

    38-91 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 38 Configur ing IP Unicas t Routing Monitoring and Maintaining the IP Network show ip route supern ets-on ly Displa y supern ets. sho w ip ca che Display the routing ta ble used to switch IP traf fic . sho w rou te -ma p [ map-n ame ] Display all route maps co[...]

  • Страница 952

    38-92 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 38 Configuring IP Unicast Routing Monito ring and Mai ntainin g the IP Networ k[...]

  • Страница 953

    C HAPTER 39-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 39 Configuring IPv6 Unicast Routing Intern et Protoc ol V ersio n 6 ( IPv6) is the ne twork-la yer Int ernet Pr otocol intend ed t o repl ace V ersion 4 (IPv4) in the TCP/IP su ite of pro tocols. T his cha pter descr ibes how to configure IP v6 unicast routing[...]

  • Страница 954

    39-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Underst andin g IPv6 The arc hitecture of IPv6 allo ws e x isting IPv 4 users to transitio n easily to IPv6, a nd pro vides services such as end-t o-end sec uri ty , quality of service (QoS), and gl oball y unique ad dresses[...]

  • Страница 955

    39-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Understanding IPv6 For more inform ation about IPv6 address for mats, ad dress type s, and the IPv6 packet hea der , go to “Impl ementing Bas ic Conn ecti vity for IPv6 ” chapte r of the Cisco IOS IPv6 Configuration Lib[...]

  • Страница 956

    39-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Underst andin g IPv6 These addre sses are defined by a global routing prefix, a subne t ID , an d an i nterface ID. Cu rrent global unicast ad dress allo cation uses the range of addr esses that start wi th binary value 001 [...]

  • Страница 957

    39-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Understanding IPv6 A v alue of 135 in the T ype fiel d of the ICMP packet he ader identif ies a neighbor solicitation messag e. These me ssages are sent on the local link when a no de needs to dete rmine t he link-laye r ad[...]

  • Страница 958

    39-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Underst andin g IPv6 • DNS resolv er for AAAA ov er IPv4 transpor t • Cisco Disc overy Protocol (CDP) support for IPv6 addr esses For more informat io n about m anaging these applications with Cisc o IOS, see the “Mana[...]

  • Страница 959

    39-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Understanding IPv6 • Simp le Networ k Manageme nt Protoco l (SNMP) ov er IP v6 tr anspo rt • IPv 6 Ho t Sta ndb y Rout er Pr otoc ol (HSR P) • DHCPv6 • IPv6 pa ckets destined to site-lo cal addre sses • T unn elin[...]

  • Страница 960

    39-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Underst andin g IPv6 Note T o rout e IPv6 packets in a sta ck, all switche s in the stack should be running the adv anced IP s ervices featu re set . If a ne w switch become s the stac k master , the ne w master reco mpute s[...]

  • Страница 961

    39-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Understanding IPv6 SDM Templates T o allocate sys tem res ources fo r unicast route s, MA C addresse s, A CLs and oth er featur es, the switc h SDM templa tes priorit ize system resources to optimize support f or certai n f[...]

  • Страница 962

    39-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 Note An IPv4 rout e requi res only one hardwa re entry . Because of the h ardware com pressio n schem e used fo r IPv6, an IPv6 rout e can take mo re than one har dware entry , redu cing the nu mber of e[...]

  • Страница 963

    39-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Default IPv6 Configuration T ab le 39-2 shows the default I Pv6 co nfiguration . Configuring IPv6 Addressi ng and En abling IP v6 Rou ting This se ction de scribe s how to assi gn IPv6 addre sses to in [...]

  • Страница 964

    39-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 Beginning in privileged EXEC mode, foll ow these steps to assign an I Pv6 ad dress to a L ayer 3 interfac e and en able IPv6 ro uting: T o remo ve an IPv6 add ress fro m an interf ace, use the no ip v6 a[...]

  • Страница 965

    39-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 without arg uments. T o disable IPv6 pro cessing on a n interf ace th at has no t been e xplicitly conf igured with a n IPv6 ad dress, use the no ipv6 enable interface configurat ion comm and. T o globa[...]

  • Страница 966

    39-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 T o disa ble IPv 4 routing, use the no ip r outing global configurat ion c omman d. T o disable IPv 6 routi ng, use the no ipv6 unicast-routing globa l configurat ion c omma nd. T o rem ove an IPv4 addre[...]

  • Страница 967

    39-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Configuring IPv6 IC MP Rate Limiting IPv6 ICMP rate limitin g uses a token- bu cket algorith m for limiting the ra te at which IPv6 ICMP error messages are sent to the network. The int erv al between er[...]

  • Страница 968

    39-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 T o disa ble IP v6 CEF or distr ib uted CEF , use the no ipv6 cef or no ipv6 cef d istri buted glob al configurati on comm and. T o re enabl e IPv6 C EF or dCEF if it ha s been disabl ed, use the ipv6 ce[...]

  • Страница 969

    39-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Beginn ing in pri vileged EXEC mode, follo w these steps to conf igure an IPv6 static route: Comma nd Purpos e Step 1 conf igur e terminal Ente r global con figuration mod e. Step 2 ipv6 route ipv6-pr e[...]

  • Страница 970

    39-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 T o remo ve a co nf igured static rou te, use the no ipv6 route ipv6-pr ef ix/pr efix length { ipv6-add r ess | interface- id [ ipv6-add r ess ]} [ admi nist ra tive di stance ] glo bal co nfigurati on c[...]

  • Страница 971

    39-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Beginning in privileged EX EC mode , foll ow these re quired and optional steps t o configure I Pv6 RI P: T o di sable a RIP ro uting proce ss, use the no ipv6 rout er rip na me gl obal con figuration c[...]

  • Страница 972

    39-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Conf igu rin g IPv6 Configuring OSPF for IPv6 Open Shortest Path First (OSPF) is a link-state prot ocol for I P , which means that routi ng decisions are based o n th e stat es o f the links t hat conne ct th e sourc e and [...]

  • Страница 973

    39-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Confi guring I P v6 Beginn ing in pri vileged E XEC mode, follo w these r equired an d optional ste p s to conf igure IPv6 OSPF: Comma nd Purpose Step 1 conf igur e terminal Ente r global co nfigurati on mode . Step 2 ipv6[...]

  • Страница 974

    39-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Displa ying I Pv6 T o disable an OSPF r outing process, use the n o ipv6 router ospf pr ocess-id global configu ration command. T o disable the OSPF routin g process for a n interfa ce, use the no ipv6 ospf process-id area [...]

  • Страница 975

    39-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Displaying I Pv6 ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds <output truncated> This i s an exampl e of t he o utput from the show ipv6 cef pri vile ged E XEC co[...]

  • Страница 976

    39-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Displa ying I Pv6 This i s an exampl e of t he o utput from the show ipv6 neighbor pri v ileg ed EXE C comm and: Switch# show ipv6 neighbors IPv6 Address Age Link-layer Addr State Interface 3FFE:C000:0:7::777 - 0007.0007.00[...]

  • Страница 977

    39-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 39 Configur ing IPv6 Unicas t Routing Displaying I Pv6 ICMP statistics: Rcvd: 1 input, 0 checksum errors, 0 too short 0 unknown info type, 0 unknown error type unreach: 0 routing, 0 admin, 0 neighbor, 0 address, 0 port parameter: 0 error, 0 header, 0 option 0 [...]

  • Страница 978

    39-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 39 Configuring IPv6 Unicast Routing Displa ying I Pv6[...]

  • Страница 979

    C HAPTER 40-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 40 Configuring HSRP and Enhanced Objec t Tracking This c hapter d escrib es how to use Hot St andby Rout er Prot ocol (H SRP) on the Ca talyst 3750-E or 3560-E sw itch to provide routin g redund ancy for routin g IP traffic without bein g depen dent on th e av[...]

  • Страница 980

    40-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Underst anding HSRP Note Rou ters in an H SRP gro up ca n be a ny router interfac e tha t suppo rts HS RP , incl uding Ca talyst 3750-E or 3560-E rou ted port s and switch virtu al interfaces (SVIs) . HSRP p[...]

  • Страница 981

    40-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Unde rsta ndin g HS RP Figur e 40-1 T ypical HSRP Configur ation Multiple HSRP The switch sup ports Multiple H SRP (MHSRP), an extensio n of HSRP that allo ws load sharing betw een two or more HSRP gro ups. Y o[...]

  • Страница 982

    40-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configuring HSRP Figu re 40-2 M HSR P Load Sharing HSRP and S witch S tacks HSRP hello mess ages are g ener ated by th e s tack ma ste r . If an H SRP-a ctive stack m aste r fails , a flap i n the HSRP acti [...]

  • Страница 983

    40-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Configuring HSRP Default HSRP Configuration T ab le 40-1 shows the default HSRP conf iguration. HSRP Configuration Guidelines Foll ow these gui delines when conf iguring HSRP: • HSRP ca n be configured on a m[...]

  • Страница 984

    40-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configuring HSRP When th e standby ip comma nd is enabled on an interf ace and pr oxy A RP is en abled, if the interfa ce’ s Hot Standb y state is acti ve, prox y ARP reque s ts are ans wered us ing the Ho[...]

  • Страница 985

    40-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Configuring HSRP Configuring HSRP Priority The standby priority , st andby preempt , and standby track interfa ce configu ratio n com mands are al l used to set cha racteri stics f or finding active and stan db[...]

  • Страница 986

    40-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configuring HSRP Use the no standby [ gr o up-numbe r ] priority priority [ preempt [ delay delay ]] a nd no standby [ gr oup-num ber ] [ priority priority ] preempt [ delay delay ] interface co nfig uration[...]

  • Страница 987

    40-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Configuring HSRP This exam ple a ctiv a tes a port, sets an IP addre ss and a pri ority of 12 0 (high er tha n the default value), and waits for 30 0 second s (5 minutes ) before a ttempt ing to beco me the act[...]

  • Страница 988

    40-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configuring HSRP When conf iguring these a ttrib utes, fo llo w these g uidelines: • The aut hentica tion string i s sent unenc rypted in all HSRP message s. Y o u must configure the same authenti cation [...]

  • Страница 989

    40-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Disp laying H SRP Co nfig uratio ns This exampl e shows ho w to set the time rs on standby gro up 1 with the time betwe en hello packet s at 5 seconds an d the tim e after whi ch a rout er is consi dered down [...]

  • Страница 990

    40-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configur ing Enhance d Object Tracking This is a an exam ple of out put fro m t he show standby privileged EXEC comma nd, displa ying HSRP inform ation fo r two standby groups (gro up 1 and grou p 100): Swi[...]

  • Страница 991

    40-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Confi gurin g Enhan ced Objec t Track ing Configuring E nhanc ed Object Tra cking F eatures These sec tions descr ibe configur ing enha nced obj ect track ing: • T r ackin g Int erface Line-P rotocol or IP R[...]

  • Страница 992

    40-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configur ing Enhance d Object Tracking This e xample conf igures the track ing of an interf ace line -protoco l state and veri fies the conf iguration : Switch(config)# track 33 interface gigabitethernet 1/[...]

  • Страница 993

    40-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Confi gurin g Enhan ced Objec t Track ing Use the no track tra ck- number global conf iguration comman d to delete the track ed li st. This e xample con fig ures track list 4 w ith a Boolean AND e xpression th[...]

  • Страница 994

    40-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configur ing Enhance d Object Tracking Use the no tr ack track-number global conf iguration co mmand to delete the track ed list. The exampl e configur es track list 4 to track by wei ght thr eshold. If obj[...]

  • Страница 995

    40-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 40 Configur ing HSRP and En hanced Object Tracking Confi gurin g Enhan ced Objec t Track ing This e xample co nfig ures track ed list 4 with three obj ects and a specif ied percenta ges to measure the state of the list: Switch(config)# track 4 list threshold p[...]

  • Страница 996

    40-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 40 Configuri ng HSRP and En hance d Object Tr acking Configur ing Enhance d Object Tracking Configuring Other Tracking Char acteristics Y o u ca n also use th e en hanced ob ject t racki ng fo r trac king o ther c hara cteris tics. • Y ou can t rack th e re[...]

  • Страница 997

    C HAPTER 41-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 41 Configuring Web Cac he Services By Using WCCP This c hapter d escrib es how to configu re your Catalys t 375 0-E or 3560-E swi tch to redir ect tra ff i c to wide-ar ea appli cation en gines (suc h as the Cisco Cache Engine 550 ) by using the W eb Cache Com[...]

  • Страница 998

    41-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Understan ding WCCP WCCP enabl es supported Cisc o routers and sw itches to transp aren tly redirec t content re quests. With transpare nt redire ction, use rs do not have to configure the ir browsers to use a [...]

  • Страница 999

    41-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 41 Configur ing Web Cache Services By Using WCCP Understa nding WCCP WCCP Negotiation In the exchange of WCCP protocol messages , the design ated appl ication engi ne and the WCCP-enable d switch ne g otiate these item s: • Fo rwar ding method (the met hod by[...]

  • Страница 1000

    41-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Understan ding WCCP Y o u can configure up t o 8 service grou ps on a switch or sw itch stac k and up to 32 cli ents per servi ce group. WC CP mainta ins the pr iority o f the se rvice gr oup in t he group defi[...]

  • Страница 1001

    41-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 41 Configur ing Web Cache Services By Using WCCP Config uring WCCP Unsupporte d WCCP Features These WCCP features are not supporte d in this software release: • Packet redirect ion on an out bound int erface that is configured by using the ip wccp redir ect o[...]

  • Страница 1002

    41-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Configuring WCCP • The num ber of av ailable policy-based routing (PB R) labe ls are re duced as mor e interfac es are enabl ed for W CCP ingress r edirecti on. For ev ery int erface that supports ser vice gr[...]

  • Страница 1003

    41-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 41 Configur ing Web Cache Services By Using WCCP Config uring WCCP Comma nd Purpos e Step 1 conf igur e terminal Enter globa l configurati on mode. Step 2 ip wccp { w eb- cach e | service-number } [ group-addr ess groupaddr ess ] [ group-list access-list ] [ re[...]

  • Страница 1004

    41-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Configuring WCCP T o disa ble t he we b cach e serv ice, use t he no i p wccp web-cache global configurat ion comm and. T o disable inbound pac ket redir ection, use the no ip wccp web-cache r edirect in inter [...]

  • Страница 1005

    41-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 41 Configur ing Web Cache Services By Using WCCP Monitoring and Maintaining WCCP This e xample sho ws how to conf igure SVIs an d how to enable the web cache ser vice with a multica st group l ist. VL AN 29 9 is crea ted a nd configu red wi th an IP a ddress of[...]

  • Страница 1006

    41-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 41 Configuring Web Cache Ser vices By Using W CCP Monitorin g and Maintain ing WCCP show ip interface Displays st atus about a ny IP WCC P redir ection comm ands t hat a re conf igured on an interf ace; for exam ple, Web Cache Re direct is enabled / disab led[...]

  • Страница 1007

    C HAPTER 42-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 42 Configuring IP M ulticast R outing This chapter describes how to conf igure IP multicast ro uting on the Catalyst 3750-E or 3560-E switch. IP multica sting is a more e ffi cient w ay to use netw o rk resource s, especially for bandwidth- intensi ve services[...]

  • Страница 1008

    42-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Underst anding Cis co’s Im plementat ion of IP Mu lticast Rout ing Understandin g Cisco’s Imp lementation of IP Multic ast Routing The Cisco IOS softwa re supports these protocols to implem ent IP multica st routing: •[...]

  • Страница 1009

    42-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Understanding Cisco’s Implementation of IP Multicast Routing Understand ing IGMP T o participate in IP multicasting, multicast hosts, rou ters, and multil ayer switches must ha ve the IGMP operati ng. Thi s pro tocol de f[...]

  • Страница 1010

    42-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Underst anding Cis co’s Im plementat ion of IP Mu lticast Rout ing Understand ing PIM PIM is called pr otoc ol-in depen dent : regardle ss of the unic ast rout ing protoco ls used to pop ulate the unicast r outing table , [...]

  • Страница 1011

    42-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Understanding Cisco’s Implementation of IP Multicast Routing When a new receiv er on a previously prune d branch of t he tree joins a multica st group, th e PIM DM de vic e detect s the ne w receiv er and immedi ately sen[...]

  • Страница 1012

    42-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Underst anding Cis co’s Im plementat ion of IP Mu lticast Rout ing passive interfaces. On ly the non redun dant ac cess rout er topo logy is suppo rted by the PI M stub fe ature . By using a n onredunda nt t opology , th e[...]

  • Страница 1013

    42-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Understanding Cisco’s Implementation of IP Multicast Routing Bootstrap Route r PIMv2 BSR is another method to distrib ute group-to-RP mapping information to all PIM rou ters and multilaye r switches in the netwo rk. It el[...]

  • Страница 1014

    42-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Underst anding Cis co’s Im plementat ion of IP Mu lticast Rout ing Figu re 42-3 R PF Ch eck PIM use s both sour ce trees and RP-root ed shared trees to for war d datagr ams (desc ribed in the “PIM DM” sectio n on page [...]

  • Страница 1015

    42-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Multicast Routing and Switch Stacks D V MRP neig hbors build a route t able by periodi cally exch anging sour ce network ro uting info rmat ion in route-r eport messa ges. The rou ting in formatio n stored in the D V MRP ro[...]

  • Страница 1016

    42-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting • They do not build multic ast routing tables . Instead, the y use the multicast rout ing table that is distr ibu ted b y the stack master . Configuring IP Multicast Routing These se[...]

  • Страница 1017

    42-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing Note Th e PIM i mplement ation of on Ca talyst 3 750-E an d 3560- E swit ches i s the sam e as th at on Ca talyst 3750 and 3560 swit ches exce pt for the d ifferences su mmar ized in the Ci[...]

  • Страница 1018

    42-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting • Because boot strap messa ges are sen t hop-by-hop, a PIMv1 device pre vents these me ssages from reaching all routers and multilayer switches i n your n etwork. Therefor e, if y ou[...]

  • Страница 1019

    42-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing T o disable multicasting, use the no ip multicast-r outing distributed global configurat ion com mand. T o return to the def ault PIM vers ion, use the no ip pim version interfa ce configur[...]

  • Страница 1020

    42-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting T o di sable PIM stub rout ing on an in terface, use the no ip pim passive in terfa ce config uration command. Config uring a R endez vous Point Y ou must have an RP if the interface i[...]

  • Страница 1021

    42-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing T o remo ve an RP address , use the no ip pim rp-addres s ip-address [ access-list-numbe r ] [ overr ide ] global configurat ion comm and. This exampl e shows ho w to configure the ad dress[...]

  • Страница 1022

    42-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting Configuring Auto-RP Auto-RP us es IP multicast to automa te the distribution of group-to-R P mappings to all Cisco routers and multilaye r switches in a PIM network. It has these benef[...]

  • Страница 1023

    42-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing Command Purpose Step 1 show running-confi g V erify that a defaul t RP is alrea dy configured on all PIM devices and the RP in t he sparse-m ode net work. It was previously configured wi th[...]

  • Страница 1024

    42-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting T o r emove the PIM device configured as the cand idate RP , us e the no ip pim send-rp-announce interface- id global configu ration c omma nd. T o remove the sw itch as the RP-map pin[...]

  • Страница 1025

    42-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing T o remov e a filte r on incoming RP announcemen t messages, use the no ip pim rp-announce- f ilter rp-list acc ess-list-number [ gr oup-list access-list-number ] global c onfiguratio n com[...]

  • Страница 1026

    42-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting In thi s example , the mappi ng a gent a ccepts candi date RP annou ncem ents from o nly two devices, 172.1 6.5.1 a nd 172 .16.2 .1. The map ping a gent a ccepts candid ate RP annou nc[...]

  • Страница 1027

    42-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing Figur e 42-4 Constr ainin g PIMv2 BSR Me ssag es Defini ng the IP Multicast Bou ndary Y ou de fine a multicast boundary to prev ent Auto-RP messages from entering the PIM domain. Y ou cre a[...]

  • Страница 1028

    42-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting This e xample sho ws a portion of an IP multicast boundar y config uration that den ies Auto-RP inform ation: Switch(config)# access-list 1 deny 224.0.1.39 Switch(config)# access-list [...]

  • Страница 1029

    42-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring IP Multicast Routing Configur ing Can didate RPs Y o u can configure one or mor e candida te RPs. Similar to BSRs, the RPs should a lso have good connec tivity to other devices and be in the backbo ne porti on [...]

  • Страница 1030

    42-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing IP Mu ltic as t Rou ting This e x ample sho ws how to co nfigur e the swi tch to adver tise itself as a can didate RP to the BSR in its PIM domain . Standar d access list nu mber 4 sp ecif ies the group pref i[...]

  • Страница 1031

    42-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Confi guring Ad vanced PIM Fe atures Monitoring the RP Mapping Information T o monitor the RP mapping informatio n, use these commands in priv ilege d EXEC mode: • show i p pim bsr displays in formation about the elec te[...]

  • Страница 1032

    42-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced PIM Features Figur e 42-5 Shar ed T re e and Sour ce T r ee (Shor test-P ath T r ee) If the data rate warran ts, leaf rou ters (route rs with out any downstream conn ections) on t he shared tree can u[...]

  • Страница 1033

    42-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Confi guring Ad vanced PIM Fe atures Delaying the Use of PIM S hortest-Path Tree The ch ange from shar ed to s ource tr ee ha ppens w hen the first data pa cket arrives at the la st-h op router (Route r C in Figure 42- 5 )[...]

  • Страница 1034

    42-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing Op tiona l IGM P Fe atu res T o return to the default setting, use the no ip pim spt-thr eshold { kbps | infinity } global co nfiguration comm and. Modifying th e PIM R outer-Query Mes sage Interval PIM router[...]

  • Страница 1035

    42-29 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional IGMP Features • Modify ing the IGM P Host-Qu ery Messa ge Interval, page 42- 31 (o ptiona l) • Changin g the IGM P Query T i meout for IGMPv2, pa ge 42-32 (optional) • Changin g the Maxim um Que [...]

  • Страница 1036

    42-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing Op tiona l IGM P Fe atu res T o cancel m embersh ip in a gr oup, us e the no ip igmp join-group group-addr ess interf ace conf iguration comm and. This exam ple sh ows how to enable the switc h to j oin mu lti[...]

  • Страница 1037

    42-31 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional IGMP Features T o di sable gro ups on an inte rface, use the no ip igmp access-gr oup in terface co nf iguration comm and. This exampl e shows ho w to configure hosts at tache d to a port as abl e to j[...]

  • Страница 1038

    42-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Con figur ing Op tiona l IGM P Fe atu res The switch elect s a PIM designated router (DR) for the LAN (subnet). Th e DR is the router or multilayer switch wi th the highest I P address f or IGMPv2. For IGMPv1, the DR is ele[...]

  • Страница 1039

    42-33 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional IGMP Features T o return to the default setting, use the no ip igmp querier -timeout in terface c onfigura tion comm and. Changing the Max imum Query Resp onse Time for IG MPv2 If you are using IGMPv2 [...]

  • Страница 1040

    42-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Opti onal Multic ast Routing F eature s Beginn ing in p ri vilege d EXEC m ode, follo w these st eps to co nf igure the swi tch itself to be a statica lly connec ted mem ber of a gro up (and enable fast swi tch[...]

  • Страница 1041

    42-35 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional Multicast Routing Featu res T o disabl e CGMP on the interface, use th e no ip cgmp interfac e configuration comma nd. When multi ple Cisc o CGMP -capab le devices are co nnecte d to a switc hed networ[...]

  • Страница 1042

    42-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Opti onal Multic ast Routing F eature s Enabling sdr Listener Support By def ault, the switch doe s not listen to session directory adv ertisements. Beginn ing in pri vileged EXEC mode, follo w these steps to e[...]

  • Страница 1043

    42-37 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Optional Multicast Routing Featu res Configuring an IP Multicast Boundary Administrativ ely-scoped boundarie s can be used to li m it the forwarding of multicast traf fic outside of a domain or subdomain. This [...]

  • Страница 1044

    42-38 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Basi c DVMRP Inte roperab ility Feature s Beginning in pr i vileged EX EC mode, fo llow these step s to set up an admi nistra ti vely-sco ped boun dary . This proc edure is option al. T o r emove the bounda ry [...]

  • Страница 1045

    42-39 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Basic DVMRP Interoperability Features Configuring DVMR P Interoperability Cisco multicast routers and multila yer switches using PIM can interoperate with non-Cisco multicast router s tha t u se t he DVMRP . PI[...]

  • Страница 1046

    42-40 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Basi c DVMRP Inte roperab ility Feature s T o disabl e the metric o r route ma p, use the no ip dvmrp metric me tric [ lis t access-list-numbe r ] [[ pr otoc ol p ro cess-id ] | [ dvmrp ]] or the no ip dvmrp me[...]

  • Страница 1047

    42-41 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Basic DVMRP Interoperability Features Configurin g a DVMRP Tunne l The soft ware sup ports DVMRP tunne ls to th e MBO NE. Y ou can configure a D VMRP t unnel o n a ro uter or multilaye r switch if the other end[...]

  • Страница 1048

    42-42 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Basi c DVMRP Inte roperab ility Feature s T o disa ble t he f ilter , us e the no ip dvmrp acce pt-fi lt er access-list-n umber [ dist ance ] neighbor -list access-list -numbe r inte rface c onfigura tion comm [...]

  • Страница 1049

    42-43 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features Beginning i n privileged E XEC mo de, follow these s teps to advertis e networ k 0.0 .0.0 t o D VMRP neighb ors on an interfa ce. Th is proced ure is op tional. T o prev[...]

  • Страница 1050

    42-44 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Features These sec tions co ntain this co nfiguration in format ion: • Enab ling DVMRP Unic ast Rout ing, page 42 -44 (optional) • Rejectin g a D V MRP Nonpru ning Neig hb[...]

  • Страница 1051

    42-45 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features Rejectin g a DVM RP Nonp runing Ne ighbor By def ault, Cisco de vices accept a ll D VMRP neighbors as peers, re gardless of their D VMRP capabil ity . Howe ver, some non[...]

  • Страница 1052

    42-46 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Features Figur e 42-8 Rout er Rejects Nonpr uning D VMRP Neig hbor Note that the ip dvm rp reject-non -pru ners in terfa ce c onfig urati on co mman d prevents peer ing with n[...]

  • Страница 1053

    42-47 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features Controlling Rout e Exchanges These sec tions descr ibe how to tune the Cisco device ad vertisemen ts of D VMRP rout es: • Limiting the Number of D VMRP Routes A dverti[...]

  • Страница 1054

    42-48 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Features Beginning in privileged EXEC mo de, foll ow these s teps to chang e the threshol d number of rou tes tha t trigger the wa rning. This proce dure is op tional. T o ret[...]

  • Страница 1055

    42-49 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features Figur e 42-9 On Connect ed Unicast Rout es Are A dver tised b y Def ault ( Catalyst 3750 -E S witche s) Figu re 42-10 Only C onnec ted U nic ast R ou tes are Advertise d[...]

  • Страница 1056

    42-50 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Configur ing Advan ced DVM RP Interope rability Features Beginn ing in pri vileg ed EXEC mode, follo w these steps to customize the summariza tion of D VMRP routes if th e default cla ssful auto summari zation does not suit[...]

  • Страница 1057

    42-51 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Configuring Advanced DVMRP Interoperability Features T o r e-e nable auto su mmar izat ion, use the ip dvm rp auto-summary interf ace con fig urat ion comman d. Adding a Metric Offset to the DVMRP Route By default, the swi[...]

  • Страница 1058

    42-52 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Mon ito ring and Main tain ing IP M ultic as t Rou ting Monitoring and Maintainin g IP Mu lticast Routing These sections describe how to monitor and maintain IP multicast ro uting: • Clearin g Cach es, T ables, and Databa[...]

  • Страница 1059

    42-53 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 42 Configur ing IP Multic ast Routing Monitoring and Maintaining IP Multicast Routing Monitoring IP Multicast Routing Y o u can use the p rivileged EXEC comma nds in T able 42-6 to monitor I P multicas t routers, pac kets, and paths: show ip igmp groups [ grou[...]

  • Страница 1060

    42-54 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 42 Configuring IP Multicast Routing Mon ito ring and Main tain ing IP M ultic as t Rou ting[...]

  • Страница 1061

    C HAPTER 43-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 43 Configuring MSDP This ch apter de scribes ho w to conf igure the Mu lticast Sou rce Disco ve ry Proto col (MSDP) o n the Catalyst 375 0-E or 3560 -E switch . The MSDP co nnec ts multiple Prot ocol-I ndepend ent Mult icast sparse-m ode (PIM-S M) doma ins. MS[...]

  • Страница 1062

    43-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Underst anding MSD P The purpose of this topology is to hav e domains discove r multicast sources in other doma ins. If the multicast so urces are of interest to a d omain that h as recei vers, m ulticast data is deli vered o ver the norma[...]

  • Страница 1063

    43-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Understandi ng MSDP Figur e 43-1 MSDP Running Be tween RP Peers MSDP Benefits MSDP has these benef its: • It break s up the shared m ulticast d istrib ution tree. Y ou can m ake t he shared tree loc a l to your domain. Y our local members[...]

  • Страница 1064

    43-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Configuring MSDP These sec tions co ntain this co nfiguration in format ion: • Default MS DP Configurati on, page 43- 4 • Configuring a Default MSDP Peer, page 43-4 (r equire d) • Cachin g Source -Act i ve State, [...]

  • Страница 1065

    43-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Figur e 43-2 Def ault MSDP P eer Net wor k Beginning in pr i vileged EX EC mode , follow these step s to speci fy a default MSD P peer . This proce dure is required. ISP A PIM domain ISP C PIM domain SA Router A Switch B 10[...]

  • Страница 1066

    43-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP T o remov e the default peer , use the no ip msdp default-peer ip-ad dress | name gl obal con figuration comm and. This exam ple shows a partia l co nfiguration of Ro uter A and Ro uter C in F igure 4 3-2 . Each of thes[...]

  • Страница 1067

    43-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Beginn ing in pri vileg ed EXEC mode, follo w these steps to enable the cachin g of source/group pairs. This proc edure is option al. Note An alternati ve to this command is th e ip msdp sa-request global con figuration co [...]

  • Страница 1068

    43-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Requestin g Source Info rmation fro m an MSDP Peer Local RPs can send SA reque sts a nd get immedi ate r esponses f or al l active sources for a give n group . By default, the sw itch do es no t send any SA re quest mes[...]

  • Страница 1069

    43-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Controlling Source In formation that Your Switch Originates Y ou can contro l the m ulticast so urce informa tion that originat es with y our switch : • Sources you advertise (base d on your sour ces) • Receivers of sou[...]

  • Страница 1070

    43-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP T o remov e the f ilter , use the no ip msdp r edistribut e global configurati on com mand. Step 3 access-list access-list- number { deny | permit } sour ce [ so ur ce-wi ldcar d ] or access-list access-list- number { [...]

  • Страница 1071

    43-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Filtering Source- Active R equest Messages By default, only switches that are ca ching SA informatio n can respond to SA reque sts. By default, such a switch honor s all SA reque st messages fr om its MSDP peers and suppli[...]

  • Страница 1072

    43-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Controlling Source Informatio n that Your Switch Forwards By def ault, the switch for wards all SA me ssages it rec ei ves to all its MSDP pee rs. Ho we ver , you can prev ent o utgoin g messag es fr om bei ng for ward[...]

  • Страница 1073

    43-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP T o remov e the f ilter , use the no ip msdp sa-f ilter out { ip-a ddress | name } [ list a ccess-list-n umber ] [ ro ut e -m a p map- tag ] glo bal configur ation c omma nd. This e x ample sho ws how to allo w only (S,G) [...]

  • Страница 1074

    43-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Using TTL to Limit the Multicast Data Sent in SA Messages Y ou can use a TTL v alue to contro l what da ta is enca psulated in the f irst SA message f or e very sour ce. Only mu lticast pa ckets w ith an IP-header TTL [...]

  • Страница 1075

    43-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Beginn ing in pri vileged EXEC mode, follo w these steps to apply a f ilter . This procedu re is optional. T o remov e the f ilter , use the no ip msdp sa-f ilter in { ip-address | name } [ list access-list-number ] [ ro u[...]

  • Страница 1076

    43-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Config uring an MSDP M esh Gr oup An MSDP me sh group is a gro up of MSDP speakers that have fully meshed MS DP connec tivity among one anot her . Any SA mes sages re ceived from a peer in a mesh group are not forwa rd[...]

  • Страница 1077

    43-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Configuring MSDP Beginning in privileged EXEC mo de, f ollow these step s to shut down a peer . This procedur e is o ptional . T o bring th e peer back up, us e the no ip msdp shutdo wn { peer -name | peer address } glob al conf iguratio n[...]

  • Страница 1078

    43-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Conf igu rin g MSDP Note that the ip msdp originator -id global config uration command also identif ies an interf ace to be used a s the RP a ddress. If both the ip msdp border sa-address and the ip msdp originator -id gl obal configurat [...]

  • Страница 1079

    43-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 43 Configur ing MSDP Monitoring and Maintaining MSDP Monitoring and Maintaining MSDP T o mon itor MSD P SA messages , peers, stat e, or peer status, use one or more of the privileged EXEC comm ands in Ta b l e 4 3 - 1 : T o clear MSDP conne ctions, s tatist ic[...]

  • Страница 1080

    43-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 43 C onfiguring MSDP Monito ring and Mai ntaining MSD P[...]

  • Страница 1081

    C HAPTER 44-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 44 Configuring Fallbac k Bridging Thi s chapte r describe s ho w to conf igure fa llback bridging (VLAN brid ging ) on the C atal yst 3 750-E or 3560- E switc h. With fallback br idging , you can for ward non- IP packets t hat the switch does no t route betwee[...]

  • Страница 1082

    44-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Underst anding F allback B ridging A VLAN bridge domai n is represented with switch virtual interf aces (SVIs). A se t of SVIs and routed ports ( which do no t have any VLA Ns associa ted w ith th em) c an b e configured (gro u[...]

  • Страница 1083

    44-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Config uring Fa llback Br idging Figur e 44-1 F allback Br idging N etwor k Exam ple Fallback Brid ging an d Switch Sta cks When th e stack maste r fail s , a stac k me mber b ecomes th e ne w stack m aster b y using the el e[...]

  • Страница 1084

    44-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Configur ing Fall back Bridg ing Default Fallback Brid ging Configuratio n T ab le 44-1 shows the default fal lbac k bridg ing co nfiguration. Fallback Brid ging Co n figuration Guidelines Up to 32 br idge g roups ca n be confi[...]

  • Страница 1085

    44-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Config uring Fa llback Br idging Beginning i n privileged E XEC mo de, follow these steps to c reat e a br idge g roup a nd to ass ign an interf ace to it. This proced ure is required . T o remo ve a brid ge grou p, use the n[...]

  • Страница 1086

    44-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Configur ing Fall back Bridg ing This example shows ho w to crea te bridge group 10 and to speci fy that the V LAN-bri dge STP runs in the bridge gr oup. It defines a n SVI for VL AN 2 a nd assi gns it to the bridge grou p: Swi[...]

  • Страница 1087

    44-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Config uring Fa llback Br idging Changing the VLAN-Bri dge Spanning-Tree Priority Y o u can globa lly c onfigure the V LAN-bri dge spa nning -tree pri ority of a switch when it ties w ith anot her switch for the positio n as [...]

  • Страница 1088

    44-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Configur ing Fall back Bridg ing T o return to the defa ult setting, use th e no bridge-gro up bridge-gr oup priority inter face conf iguration comm and. This example shows ho w to change the priority t o 20 on a port in br idg[...]

  • Страница 1089

    44-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Config uring Fa llback Br idging Adjust ing BPDU Interv als Y o u can adju st BPDU intervals as desc ribed in the se section s: • Adjusting the Inte rv al betw een Hello B PDUs, pa ge 44-9 (optiona l) • Chan ging the Fo r[...]

  • Страница 1090

    44-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Configur ing Fall back Bridg ing Changing the Forward- Delay Inter val The forward- delay inter val is th e am ount of time sp ent li sten ing for top ology chan ge inf ormat ion a fter a po rt has been a ctiv ated f or sw itc[...]

  • Страница 1091

    44-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 4 Configuring Fal lback Bri dging Monitoring and Maintaining Fallback Bridging Disabling the Spanning Tree on an Inter face When a loop-f ree pa th exists betwe en any two switched sub networks , you can p rev ent BPDUs ge nerated in one switchi ng subnetw o[...]

  • Страница 1092

    44-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 44 Configuring Fallback Bridging Monito ring and Maintain ing Fa llback Br idgin g[...]

  • Страница 1093

    C HAPTER 45-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 45 Troubleshooting This chapter descr ibes ho w to identify and resolv e software probl ems related to the Cisco IOS software on the Cataly st 3750- E or 3560- E switc h. Dep ending on the natur e of t he pro blem, you can use the command-lin e interf ace (CLI[...]

  • Страница 1094

    45-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recovering f rom a Softwa re Failure • Using the show platform for ward C omman d, page 45- 23 • Using the c rashinfo Files, pa ge 45-25 • Using On-Boar d Failure Log ging, p age 45- 26 Recovering fro m a Software Failure Switch softw[...]

  • Страница 1095

    45-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recoveri ng from a Lost or For gotten P assword load_helper boot Step 7 Initial ize the flash f ile system: switch: flash_init Step 8 If you had se t the co nsole po rt spe ed to anything other than 9600, i t ha s been reset to tha t par ti[...]

  • Страница 1096

    45-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recoveri ng from a Los t or Forgotten Password Foll ow th e steps in this procedure if you ha ve forgotte n or lost the switch password. Step 1 Use one o f these m ethods to c o nnect a terminal or PC to the switc h: • Connect a terminal [...]

  • Страница 1097

    45-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recoveri ng from a Lost or For gotten P assword Procedure w ith Passw ord Recov ery Enabled If the pas sword- rec overy me chan ism i s en ab led, t his mes sage app ears: The system has been interrupted prior to initializing the flash file[...]

  • Страница 1098

    45-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recoveri ng from a Los t or Forgotten Password Step 9 Copy the configurat ion file into me mory: Switch# copy flash: config.text system: running-config Source filename [config.text]? Destination filename [running-config]? Press Return in re[...]

  • Страница 1099

    45-7 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recoveri ng from a Lost or For gotten P assword Procedure w ith Password R ecovery Dis abled If the p assword-recovery mechanism is disabled, this m essage app ears: The password-recovery mechanism has been triggered, but is currently disab[...]

  • Страница 1100

    45-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Prev enting Switch S tac k Pr oblems Step 7 Change the password: Switch (config)# enable secret password The secre t passw ord can b e from 1 to 25 alph anumeric ch arac ters, can s tart with a numb er , is case sensitive, and allows spaces[...]

  • Страница 1101

    45-9 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recovering from a Command Switch Failure the switch curr ent- stac k-m ember -number r enumber new-stack-member-number globa l configurati on comm and to manua lly assign a stack membe r number . F o r more in format ion abou t stack me mbe[...]

  • Страница 1102

    45-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recoveri ng from a Com mand Switc h Failure Replacing a Failed Command Sw itch with a Clu ster M ember T o replac e a f ailed command switch with a command -capab le memb er in th e same cluster , follo w these steps: Step 1 Disconnec t th[...]

  • Страница 1103

    45-11 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recovering from a Command Switch Failure If this pro mpt does not app ear , enter enable , and press Return . En ter setup , and press Re turn to start the set up progra m. Step 11 Respond to the questions in the setup program. When p romp[...]

  • Страница 1104

    45-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Recoveri ng from a Com mand Switc h Failure At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Basic management[...]

  • Страница 1105

    45-13 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Recovering from Lost Cluster Member Connectivity Recovering fro m Lost Cluster Member Connecti vity Some conf igurations can pre ve nt the command switc h from maintaini ng contact with mem ber switches. If you are u nable to ma intain man[...]

  • Страница 1106

    45-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting SFP Module Secu rity and Ident ificatio n Disabled Port Caused b y Power L oss If a p owered device (such as a C isco IP Phone 7910) that is con nected to a Po E sw itch por t and is powered by an AC power source loses p ower from the AC p[...]

  • Страница 1107

    45-15 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Monito ring SFP Modul e Sta tus If the module is identified as a Cisco SFP module , but the system is unable to read v e ndor-data information to ve rify its ac curacy , an SFP module erro r message is generated. In this case, you sho uld [...]

  • Страница 1108

    45-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using P ing Executing Ping If you atte mpt to ping a host in a different IP subne twork, you m ust define a static rout e to the netwo rk or have IP rout ing c onfigured t o ro ute bet ween those su bnets . For mo re inf ormat ion, see Cha[...]

  • Страница 1109

    45-17 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using Layer 2 Tr aceroute Using Layer 2 Traceroute These se ctions conta in this i nformation: • Understa nding L ayer 2 Traceroute, page 45 -17 • Usag e Guide lines , pag e 45-17 • Display ing the Physica l Path, page 45-1 8 Underst[...]

  • Страница 1110

    45-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using I P Trac eroute • The tracerou te ma c i p com mand outp ut sh ows the Layer 2 path when th e spe cified source and destinat ion IP a ddres ses belon g to the sa me sub net. Wh en you s pecify the IP a ddresses, the s witch uses th[...]

  • Страница 1111

    45-19 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using IP Trace route of 1 or 0, it drops t he da tagram and se nds an I nterne t Cont rol M essage Prot ocol (ICMP) time-t o-live-exceeded messag e to the se nder . Tracerout e f inds th e address of t he first hop by e xami ning the so ur[...]

  • Страница 1112

    45-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Usin g TDR T o end a trace in progres s, enter the escape seq uence ( Ctrl-^ X by defa ult). Si multane ously pr ess a nd release th e Ctrl , Shift , and 6 keys and then p ress the X ke y . Using TDR These se ctions conta in this i nformat[...]

  • Страница 1113

    45-21 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using Debug C ommands When you run TDR, t he swit ch re ports a ccurate infor mation i f • The c able for th e Giga bit li nk i s a so lid-cor e cable . • The open-en ded cable is n ot te rmin ated. When you run TDR, the switch d oes n[...]

  • Страница 1114

    45-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using D ebug Command s All deb ug comm ands are en tered in pri vileged EXEC mode , and most deb ug comman ds take no arguments. For exampl e, begi nning i n privileged E XEC mode , en ter thi s com mand to en ab le the debugging for Switc[...]

  • Страница 1115

    45-23 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using the show platf orm forw ard Comma nd Note Be aware that the debuggin g destin ation yo u use affects system overhead . Logging messages to the console produces very high ov erhea d, wherea s logging me ssages to a vir tual term inal [...]

  • Страница 1116

    45-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using the s how platfo rm forward Co mmand Gi1/0/1 0005 0001.0001.0001 0002.0002.0002 ------------------------------------------ Packet 2 Lookup Key-Used Index-Hit A-Data OutptACL 50_0D020202_0D010101-00_40000014_000A0000 01FFE 03000000 Po[...]

  • Страница 1117

    45-25 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using the crash info Files This is an e xample of the out put when the pa cket comin g in on port 1 in VLAN 5 has a de stination MA C address s et to the rou ter MAC address in V LAN 5 and th e d estination IP add ress set to an IP address[...]

  • Страница 1118

    45-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using On-Board F ailure Lo gging fi le is created, you ca n use the rena m e pri v ileg ed EXEC comma nd to rename it, bu t the conten ts of the renamed f ile will n ot be di splayed b y the show stacks or the s how tech-support privileged[...]

  • Страница 1119

    45-27 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 5 Troubleshooti ng Using On-Board Failure Logging • Power ov e r Ether net (PoE )—Record of th e power consum ption of Po E port s on a sta ndalon e swit ch or a stac k member • T emperat ure—T emperat ure of a standa lone switch or a switc h stac k [...]

  • Страница 1120

    45-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapter 45 Troubleshoo ting Using On-Board F ailure Lo gging Displaying OBFL Information T o disp lay th e OBFL i nform ation, use one or more of t he pri vile ged EXEC com man ds in T able 45-3 : For more info rmat ion abou t using t he comm ands i n T able 45-3 and[...]

  • Страница 1121

    C HAPTER 46-1 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 46 Configuring Online Diagnostics This chapter de scribes how to co nfigure the online diagnost ics on the Catalyst 3750-E or 3560- E switch: Note For c omplete s yntax and u sage in forma tion fo r the command s used in th is cha pter , see the co mmand refer[...]

  • Страница 1122

    46-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 46 Config uring Onl ine Diagno stics Configur ing On line Dia gnostic s Configuring Onlin e Diagnostics Y o u must configure t he failur e threshold and the interval betwe en tests befo re enabl ing diagno stic monitoring. This section has this informatio n: [...]

  • Страница 1123

    46-3 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 6 Configuring On line Dia gnostics Configuring Online Diagnostics Th is ex am p l e s h ows h ow t o schedule diagnostic testing to o ccur weekly at a specif ic time on member switch 6 when this com mand is entere d on a C atalyst 3750-E st ack master: Switch[...]

  • Страница 1124

    46-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 46 Config uring Onl ine Diagno stics Configur ing On line Dia gnostic s T o disable diagnostic testi n g and return to the de fault sett ings, use these commands: Note Th e switch nu mber optio n is supported onl y on Catalys t 3750-E swit ches. • T o disab[...]

  • Страница 1125

    46-5 Catalyst 3750-E and 3560-E Switch Software C onfiguratio n Guide OL-9775-02 Chapter 4 6 Configuring On line Dia gnostics Runni ng Online Dia gnostic Tests • T o confi g ure the swit ch to not genera te a syslog message wh en the healt h -monitori ng test f ails, use the no diagnostic monitor syslog global conf igur ation c omma nd. • T o r[...]

  • Страница 1126

    46-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Chapt er 46 Config uring Onl ine Diagno stics Running O nline Di agnosti c Tests This exam ple sh ows ho w to start a diagno stic te st by usin g the test na me: Switch# diagnostic start switch 2 test TestInlinePwrCtlr Th i s ex am p l e s h ow s h ow t o st a rt all [...]

  • Страница 1127

    A- 1 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 APPENDIX A Supported MIBs This a ppend ix list s the supporte d ma nagement infor matio n base (MIBs) for t his rel ease on the Catalyst 375 0-E or 3560 -E switch. It con tains the se sections: • MIB List, pa ge A-1 • Usin g F TP to Acce ss th e M IB Fil es, page [...]

  • Страница 1128

    A- 2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendi x A Supported MI Bs MIB List • CISCO-I ETF-IP- FOR W ARDING-MIB (O nly with the adv anced IP serv ices featu re set) • CISCO- IGM P-FIL T ER-M IB • CISCO-IM A G E-MIB (Only Cataly st 3750-E stac k master feature set de tails are shown.) • CISCO IP-ST A[...]

  • Страница 1129

    A-3 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix A Supported M IBs MIB List • OLD-CISCO-C HASSIS-M IB (Partial support on Catal yst 3750-E switches; some obje cts reflect only th e stac k master .) • OLD-CISCO -FLASH-M IB (Supp orts only t he stack m aster in a Cataly st 3750-E sw itch stac k. Use CISCO[...]

  • Страница 1130

    A- 4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendi x A Supported MI Bs Using FTP to Acces s the MIB Files Using FTP to Access the MIB Files Y o u can get eac h MIB file by using this proced ure: Step 1 Make sure that you r FTP clie nt is in passiv e mode. Note Some FTP clie nts do n ot suppo rt passive mode. S[...]

  • Страница 1131

    B-1 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 APPENDIX B Working with the Cisco IOS File System, Configuration Files, an d Software Images This append ix descri bes how to m anipula te the Cat alyst 375 0-E or 3560-E swit ch fl ash file syste m, how to copy configurat ion files, and how to archive (uploa d and dow[...]

  • Страница 1132

    B-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith the Flash F ile System vie wed from the stack master, refers to the same file system as does flash: on stack member 3. Use the show f ile system s pri vileged EX[...]

  • Страница 1133

    B-3 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with the Flash File System 57409536 27306496 flash rw flash5: Setting the Def ault File System Y ou can specif y the fi le syst em or d irectory that t he system [...]

  • Страница 1134

    B-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith the Flash F ile System Displaying In formation ab ou t Files on a File System Y o u can view a list of t he conte nts o f a file system be fore manip ulating its[...]

  • Страница 1135

    B-5 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with the Flash File System Creating and Removi ng Directorie s Beginning i n privileged E XEC mode, follow th ese s teps to c rea te an d remove a d irect ory: T [...]

  • Страница 1136

    B-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith the Flash F ile System Some in valid combinat ions of source and dest inatio n exist. Specificall y , you cannot copy t hese comb inat ion s: • From a runni ng[...]

  • Страница 1137

    B-7 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with the Flash File System Beginn ing in pri vileged EXEC mode, follo w these steps to create a f ile, displ ay the contents, and e xtract it. Command Purpose Ste[...]

  • Страница 1138

    B-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith the Flash F ile System This e xample sho ws ho w to create a f ile. This comm and wri tes the conten ts of the new-configs director y on the loca l flash device [...]

  • Страница 1139

    B-9 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files service linenumber service udp-small-servers service pt-vty-logging ! <output truncated> Working with Configuration Files This sec [...]

  • Страница 1140

    B-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files Guidelines for Cr eating and Using Co nfiguration Files Creatin g configuratio n files can aid i n your switch con figuration. Configuratio[...]

  • Страница 1141

    B-11 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files Creating a Configuration File By Using a T ext Editor When cre ating a configura tion file, you must lis t comman ds logicall y so that [...]

  • Страница 1142

    B-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files • Ensure t hat the co nf iguratio n file to be do wnloaded is in the correct director y on the TFTP server (usually / tftpboot on a UNIX [...]

  • Страница 1143

    B-13 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files Step 3 Upload th e switch co nfiguration t o the TFTP server . Specif y the IP addre ss or hostnam e of the TFT P serv er and the de sti[...]

  • Страница 1144

    B-14 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files These sec tions co ntain this co nfiguration in format ion: • Preparin g to Downlo ad or Upload a Conf iguration File By Using FTP , page[...]

  • Страница 1145

    B-15 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files This exam ple shows how to copy a c onfiguration file named host1-c onfg from th e neta dmin1 directory on the remot e server w ith a n [...]

  • Страница 1146

    B-16 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files This exam ple shows how to copy t he running configura tion file na med switch2-conf g to the netadmin1 directo ry on the rem ote ho st wi [...]

  • Страница 1147

    B-17 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files The RC P requires a client t o send a re mote user name with each RCP requ est to a ser ver . When you c opy a conf iguration fil e from[...]

  • Страница 1148

    B-18 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working w ith Configurati on Files Downloading a Configura tion File By Using RCP Beginning in privileged EXEC mode , follow these steps to download a configuration file by u[...]

  • Страница 1149

    B-19 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Configuration Files Uploading a Configuration File By Using RCP Beginn ing in pr i vilege d EXEC m ode, follo w these step s to upload a conf iguration f il[...]

  • Страница 1150

    B-20 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es Clearing the Startup Con figuration File T o c lear the c ontent s of your startup configur ation, use the erase n vram: or the erase startup-[...]

  • Страница 1151

    B-21 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Y o u upload a swi tch image file to a TFT P , FTP , or RCP server for ba ckup purpo ses. Y ou can use t his uploaded image for futur e do w[...]

  • Страница 1152

    B-22 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es version_suffix:universal-mz.122-35.SE2 version_directory:c3750e-universal-mz.122-35.SE2 image_system_type_id:0x00000000 image_name:c3750e-univ[...]

  • Страница 1153

    B-23 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images These sec tions co ntain this co nfiguration info rmat ion: • Prepar ing to Do wnload or Upload an Image File By Using TFTP , pag e B-2 3 [...]

  • Страница 1154

    B-24 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es Beginning i n privileged EXE C mode , foll ow Steps 1 thr ough 3 to d ownload a n ew image from a TFTP serv er and to over write the existing [...]

  • Страница 1155

    B-25 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Note If the fla sh device has sufficient space t o hold t wo image s and you want to overwri te one of thes e image s with the same ve rsion[...]

  • Страница 1156

    B-26 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es Copying Imag e File s By Using FTP Y ou can do wnload a s witch im age fr om an FT P serv er or uploa d the image f rom the switch to an FTP s[...]

  • Страница 1157

    B-27 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Use the ip ftp username and ip f tp password comman ds to spec ify a use rname an d passwor d for all copie s. Incl ude the use rnam e in th[...]

  • Страница 1158

    B-28 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es The do wnload algorithm veri fies th at the image is appropria te for the switch model and that eno ugh DRAM is prese nt, or it abor ts the pr[...]

  • Страница 1159

    B-29 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Note If the fla sh device has sufficient space t o hold t wo image s and you want to overwri te one of thes e image s with the same ve rsion[...]

  • Страница 1160

    B-30 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es The archi ve upload-sw comman d builds an imag e file on the serv er by uploading these f iles in order: info, t he Cisco IOS im age, and the [...]

  • Страница 1161

    B-31 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Preparing to Download or Uploa d an Image File By Using RCP RCP provide s another metho d of do wnloading and u ploading image f iles betwee[...]

  • Страница 1162

    B-32 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es If the switch IP addre ss translates to Swit ch1.compa ny .com , the .rhosts file for User0 on the RCP server shou ld conta in this line: Swit[...]

  • Страница 1163

    B-33 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images Step 6 archiv e download-sw /allow-feature-upgrade [ /direc tory ] /overwrit e /relo ad tftp: [[ // location ] / dir e ctor y ] / image-name[...]

  • Страница 1164

    B-34 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es The do wnload algorithm veri fies th at the image is appropria te for the switch model and that eno ugh DRAM is prese nt, or it abor ts the pr[...]

  • Страница 1165

    B-35 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix B Working with th e Cisco IOS File Sy stem, Confi guration F iles, and Softwa re Image s Working with Software Images The archi ve upload-sw pri vileged EXEC comma nd build s an image file on th e server b y uploading these f iles in order: info, the Cisco I[...]

  • Страница 1166

    B-36 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix B W orking with the Cisco IOS File System, Co nfiguration Files, and Software Images Working wi th Soft ware Imag es Beginn ing in pri vileged EXEC mode from the stac k member that y ou want to upgrade, fo llo w these steps to copy the ru nning image file fro[...]

  • Страница 1167

    C-1 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 APPENDIX C Unsupported Co mmands in Cisco IOS Release 1 2.2(37 )SE This app endix lists so me of the command-line interf ace ( CLI) comm ands that a ppear when you enter the question m ark (?) at the Ca talyst 3750-E or 3560-E sw itch p rompt but are n ot sup ported in[...]

  • Страница 1168

    C-2 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E Archive Com mands Archive Commands Unsupporte d Privileged E XEC Commands ar chiv e conf ig sho w ar chiv e conf ig sho w ar chiv e log ARP Comma nds Unsupporte d Global Con figuratio n Commands arp i[...]

  • Страница 1169

    C-3 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE Fallback Bridging Fallback Bridg ing Unsupporte d Privileged E XEC Co mmands clear bridg e [ bridge- gr o up ] multicast [ router-ports | gr oups | counts ] [ gr ou p-address ] [ interfac e-unit ] [ co[...]

  • Страница 1170

    C-4 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E HSRP bridge-gr oup bridge-gr o up input-address-list access-list- number bridge-gr oup bridge-gr o up i nput-l at-servi ce-den y group-list bridge-gr oup bridge-gr o up i nput-l at-servi ce-per mit gr[...]

  • Страница 1171

    C-5 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE IGMP Sno oping Comma nds Unsupporte d Interface Configuration Commands mtu standby mac-refr esh seconds standby use-bia IGMP Snooping Comman ds Unsupporte d Global Con figuratio n Commands ip igmp snoo[...]

  • Страница 1172

    C-6 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E IP Multic ast Routi ng The debug ip mpacket [ detail ] [ access-l ist-numb er [ gr oup -name- or-addr ess ] command aff ects onl y packet s recei ved by the switch CPU. Because most multic ast p acket[...]

  • Страница 1173

    C-7 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE IP Unicast Routing IP Unicast Routing Unsupporte d Privileged E XEC or User EX EC Commands clear ip accounting [ checkpoint ] clear ip bgp addr e ss flap- statistics clear ip bgp pre f ix-list debug i [...]

  • Страница 1174

    C-8 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E IP Unicas t Routing Unsupporte d Interface Configuration Commands ip accounting ip load-sharing [ per -packet ] ip mtu bytes ip verify ip unnumbere d type num ber All ip securit y commands Unsupporte [...]

  • Страница 1175

    C-9 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE MAC Ad dress Comm ands set metr ic-ty pe i nternal set tag tag-valu e MAC Address Commands Unsupporte d Privileged E XEC Co mmands show mac-addr ess-table show mac-addr ess-table address show mac-addr [...]

  • Страница 1176

    C-10 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E MSDP Unsupporte d Global Con figuratio n Commands errdisab le rec ov ery cause unica st floo d l2protocol-tunnel global dr op-threshold ser vice compr e ss-conf ig stack-mac persistent timer (supp or[...]

  • Страница 1177

    C-11 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 Append ix C Unsupported Com mand s in Cisco IOS Release 12.2( 37)SE Network Address Translation (NAT) Commands Network Address Translation (NAT) Commands Unsupporte d Privileged E XEC Co mmands show ip nat statistics show ip nat translations QoS Unsupporte d Global Co[...]

  • Страница 1178

    C-12 Catalyst 3750- E and 3560-E Switch S oftware Configu ration Guide OL-9775-02 Appendix C Unsuppor ted Command s in Cisco IOS Relea se 12.2(37) S E SNMP SNMP Unsupporte d Global Con figuratio n Commands snmp-ser ver ena ble inf orms snmp-ser ver if index persist Spanning Tree Unsupporte d Global Con figuratio n Command spanning-tree pathcost met[...]

  • Страница 1179

    IN-1 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 INDEX Numerics 10-Gi gabit E thern et i nte rface s 11-6 A AAA dow n po licy, N AC La yer 2 I P val idatio n 1-10 abbrev iati ng comm ands 2-4 ABRs 38-25 AC (c omma nd sw itc h) 6-11 acces s-class comma nd 34-20 acces s contr ol entries See ACEs access-de nied r espon[...]

  • Страница 1180

    Index IN-2 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 ACLs (continued) IP crea ting 34-8 fragme nts and QoS gui deline s 36-35 implici t deny 34-10, 34-14, 34-17 implicit m asks 34-10 matc hing cri teria 34-8 undef ined 34-21 IPv4 applyi ng to inter faces 34-20 crea ting 34-8 matc hing cri teria 34-8 named 34-15 nu[...]

  • Страница 1181

    Inde x IN-3 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 addresses (continued) static adding a nd removi ng 7-24 defined 7-19 address resolution 7-27, 38-9 Add res s Re sol utio n Prot ocol See ARP adjace ncy table s, with CEF 38-76 adminis trative di stances defined 38-88 OSPF 38-32 rout ing protoc ol defa ult s 38-[...]

  • Страница 1182

    Index IN-4 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 automatic d iscovery conside rations beyond a non candid ate devi ce 6-8 bran d new swit ches 6-10 connect ivity 6-5 differe nt VLANs 6-7 manageme nt VLAN s 6-8 non-CDP- capabl e devic es 6-6 nonclus ter-ca pable dev ices 6-6 routed port s 6-9 in switch cluster [...]

  • Страница 1183

    Inde x IN-5 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 BGP (continued) route re flect ors 38-61 routin g domain c onfed erati on 38-61 routing session with multi-VRF CE 38-70 show comm ands 38-63 supernet s 38-60 support fo r 1-11 Version 4 38-45 binding cl uster gro up and HSR P group 40-11 binding d atabase addre[...]

  • Страница 1184

    Index IN-6 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 CDP and truste d bounda ry 36-42 automatic discover y in switch cluster s 6-5 config uring 27-2 default confi guration 27-2 defined w ith LLDP 28-1 describe d 27-1 disabling for r outing de vice 27-3 to 27-4 ena bling and disab ling on an interfa ce 27-4 on a sw[...]

  • Страница 1185

    Inde x IN-7 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 CLI (continued) erro r messag es 2-5 filtering c ommand output 2-10 getting help 2-3 history chan ging t he b uffer siz e 2-6 describe d 2-6 disabling 2-7 recal ling co mman ds 2-6 managing clust ers 6-18 no and defaul t form s of c ommand s 2-4 client mode, VT[...]

  • Страница 1186

    Index IN-8 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 commands, set ting privilege levels 9-8 comm and sw itc h acce ssing 6-12 active (AC) 6-11 config urati on confl icts 45-13 defined 6-2 passive ( PC) 6-11 password privilege levels 6-18 priority 6-11 recove ry from comm and-sw itc h failure 6-11, 45-9 from lost [...]

  • Страница 1187

    Inde x IN-9 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 console port, conn ecting to 2-11 conte nt-rout ing techn ology See WCCP convent ions comm and xl iii for ex amples xliv publicat ion xliii text xliii corrupt ed so ftware , re cover y step s wit h Xmode m 45-2 CoS in Layer 2 frames 36-2 override prior ity 15-6[...]

  • Страница 1188

    Index IN- 10 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 default configuration (c ontinued) HSRP 40-5 IEEE 8 02.1Q tunne ling 17-4 IGMP 42-29 IGMP f ilte ring 24-25 IGMP sn ooping 24-7, 25-6 IGMP throttling 24-25 initial switc h information 3-3 IP addressi ng, IP routing 38-6 IP multica st rout ing 42-10 IP source g[...]

  • Страница 1189

    Inde x IN- 11 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 DHCP Cisco IOS serve r database config uring 22-14 default confi guration 22-9 describe d 22-6 enab lin g relay ag ent 22-11 server 22-10 DHCP-b ased au toconf igurati o n client re quest message ex change 3-4 config uring client side 3-4 DNS 3-6 relay de vic[...]

  • Страница 1190

    Index IN- 12 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 DHCP snooping binding database (continued) describe d 22-6 displaying 22-15 binding e ntries 22-15 status and statistics 22-15 displaying st atus and statisti cs 22-15 enab lin g 22-14 ent ry 22-7 renewin g database 22 -15 resetting delay va lue 22-15 timeout [...]

  • Страница 1191

    Inde x IN- 13 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 dual p rotocol stacks config uring 39-13 IPv4 a nd IPv 6 39-9 SDM template s supporti ng 39-9 DVMRP autosummariza tion config uring a summ ary addre ss 42-48 disabling 42-50 connec ting PIM do main to DV MRP router 42-41 enabling unica st routing 42-44 intero[...]

  • Страница 1192

    Index IN- 14 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 dynamic ARP inspection (continued) interf ace tru st states 23-3 log buffer clearin g 23-15 config uring 23-12 displaying 23-15 logging of dro pped pa ckets, described 23-5 man-in-t he mi ddle at tack, de scribe d 23-2 networ k secur ity issue s and i nterfac [...]

  • Страница 1193

    Inde x IN- 15 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 EtherChannel (cont inued) config uring Layer 2 int erface s 37-13 Layer 3 phy sical inte rfaces 37-16 Layer 3 por t-chan nel log ical inte rfac es 37-15 default confi guration 37-11 describe d 37-2 displaying status 37-23 forwar ding met hods 37-8, 37-18 IEEE[...]

  • Страница 1194

    Index IN- 16 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 extended univer sal identifier See EUI Extensib le Authen ticat ion Protocol over LAN 10-1 ext erna l BGP See EBGP exter nal neighb ors, BGP 38-48 F Fa0 port See Ethern et ma nageme nt port failove r support 1-7 fallback br idging and pro tected po rts 44-4 br[...]

  • Страница 1195

    Inde x IN- 17 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 file system displaying ava ilable f ile syst ems B-2 displaying file in formation B-4 local file system nam es B-1 network fil e system names B- 5 setting the default B-3 filtering in a VLAN 34-29 IPv6 t raffi c 35-4, 35-8 non-IP tra ffic 34-27 show and mor e[...]

  • Страница 1196

    Index IN- 18 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 H hardwa re lim itatio ns an d Laye r 3 i nterf aces 11-31 hello time MSTP 19-22 STP 18-22 help, for th e command line 2-3 hierar chic al policy ma ps 36-8 config urati on guideli nes 36-35 config uring 36-55 describe d 36-11 history chan ging t he b uffer siz[...]

  • Страница 1197

    Inde x IN- 19 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 IEEE 8 02.1D See STP IEEE 8 02.1p 15-1 IEEE 8 02.1Q and trunk ports 11-3 config urati on limitat ions 13-19 enca psul ation 13-16 nati ve VLAN for u ntag ged traf fic 13-23 tunneling compatibilit y with other features 17-6 default s 17-4 describe d 17-1 tunne[...]

  • Страница 1198

    Index IN- 20 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 IGMP gr oups configurin g filtering 24-28 setting the maximum number 24-27 IGMP Imm ediate Leave config urati on guideli nes 24-12 describe d 24-6 enab lin g 24-11 IGMP pr ofile applyi ng 24- 27 config urati on mode 24-25 config uring 24-26 IGMP sn ooping and [...]

  • Страница 1199

    Inde x IN- 21 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 interf aces ran ge macro command 11-19 interfac e types 11-15 Interior Gatew ay Prot ocol See IGP internal BGP See IBGP internal neighb ors, BGP 38-48 internal power supplies See power suppl ies Int erne t Co ntro l Mes sage Protoc ol See ICMP Intern et Group[...]

  • Страница 1200

    Index IN- 22 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 IP multicast routing ( continued) bootstr ap r outer config urati on guideli nes 42-11 config uring c andidat e BSRs 42-22 config uring c andida te RPs 42-23 defining the I P multicast bound ary 42-21 defining the PI M do main b order 42-20 overvi ew 42-7 usin[...]

  • Страница 1201

    Inde x IN- 23 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 IP source gua rd and 802.1x 22-18 and DHCP sno oping 22-16 and Ethe rChan nels 22-18 and har dware entrie s 22-18 and port se curit y 22-17 and pr ivate VLANs 22-18 and rou ted ports 22-17 and trunk interf ace s 22-17 and VR F 22-18 binding c onfigu ration au[...]

  • Страница 1202

    Index IN- 24 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 IP unicast routing (continued) passive i nterf aces 38-87 protoc ols distan ce-v ect or 38-3 dynam ic 38-3 link-state 38-3 proxy ARP 38-10 redistribu tion 38-80 rever se addres s resolu tion 38-9 routed port s 38-5 static routing 38-3 steps to config ure 38-5 [...]

  • Страница 1203

    Inde x IN- 25 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 IRDP config uring 38-13 definition 38-13 support fo r 1-12 ISL and IPv6 39-3 and trunk ports 11-3 enca psul ation 1-8, 13-16 trunking w ith IEEE 802 .1 tunn eling 17-5 isolate d port 16-2 isolated VLANs 16-2, 16-3 J join messages, IGMP 24-3 K KDC describe d 9[...]

  • Страница 1204

    Index IN- 26 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 Layer 3 fe atures 1-11 Layer 3 int erface s assigning IP ad dresses to 38-7 assigning IPv4 a nd I Pv6 ad dresses to 39-13 assi gning I Pv6 ad dress es to 39-12 chan ging fr om L ayer 2 mode 38-7 types of 38-5 Layer 3 pa ckets, classifica tion meth ods 36-2 LDA[...]

  • Страница 1205

    Inde x IN- 27 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 M MAC a ddresses aging tim e 7-21 and VLAN association 7-20 building the address tab le 7-20 default confi guration 7-21 discoveri ng 7-27 displaying 7-27 displayi ng in the IP source bindin g table 22-19 dynam ic lear ning 7-20 removi ng 7-22 in ACLs 34-27 I[...]

  • Страница 1206

    Index IN- 28 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 MDA config urati on guideli nes 10-19 to 10-20 describe d 1-9, 10-19 exceptions with authentica tion process 10-4 member ship mod e, VLAN por t 13-3 member swit ch automatic d iscovery 6-5 defined 6-2 managing 6-18 passwords 6-14 recove ring fr om l ost co nne[...]

  • Страница 1207

    Inde x IN- 29 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 monitoring (continued) traffic suppr ession 26-18 tunneling 17-18 VLAN filters 34-41 maps 34-41 VLANs 13-16 VMPS 13-33 VTP 14-16 more 10-43 MSDP benefit s of 43-3 clearin g MSD P connecti ons and s tatisti cs 43-19 controllin g source information forwar ded b[...]

  • Страница 1208

    Index IN- 30 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 MSTP (continued) root switch 19-17 seco ndary r oot s witch 19-19 switch p riority 19-22 CST defined 19-3 operati ons betwee n regions 19-4 default confi guration 19-15 defau lt option al featur e config urat ion 20-12 displaying sta tus 19-26 enab ling th e m[...]

  • Страница 1209

    Inde x IN- 31 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 multi cast pack ets ACLs o n 34-40 blocking 26-7 multicas t router interface s, m onitoring 24-17, 25-12 multic ast rout er ports, a dding 24-10, 25-8 Multica st Source D iscovery Pr otocol See MSDP multicast sto rm 26-1 multicas t storm-con trol comman d 26-[...]

  • Страница 1210

    Index IN- 32 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 Network Assistant benefit s 1-2 describe d 1-5 dow nloa ding i mage fil es 1-3 gui de m ode 1-3 manageme nt options 1-3 managing switch stacks 5-2, 5-16 requir ements xli v upgradi ng a sw itch B-20 wizard s 1-3 network c onfigura tion ex ample s cost -effec t[...]

  • Страница 1211

    Inde x IN- 33 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 O OBFL config uring 45-27 describe d 45-26 displaying 45-28 object tracking, HSRP 40-17 offline c onfig uration fo r switc h stacks 5-8 on-board failur e logg ing See OBFL online diagno stics describe d 46-1 overvi ew 46-1 ru nnin g test s 46-5 Open Shortest [...]

  • Страница 1212

    Index IN- 34 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 percentage t h resholds in tracked lists 40-16 perform ance, netw ork design 1-16 perform ance f eatur es 1-4 persistent self -signed certif icate 9-43 per-V LAN span ning -tre e plu s See PVST+ PE to CE routin g, config uring 38-70 physica l ports 11-2 PIM de[...]

  • Страница 1213

    Inde x IN- 35 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 policy-b ased routi ng See PBR policy m aps for QoS char acte rist ics of 36-51 describe d 36-7 displaying 36-82 hierar chical 36- 8 hierar chical on SVIs config urati on guideli nes 36-35 config uring 36-55 describe d 36-11 nonhier archi cal on p hysic al po[...]

  • Страница 1214

    Index IN- 36 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 port -bas ed a uthe ntica tion (c ontin ued) port security and voic e VLAN 10-17 describe d 10-16 interactio ns 10-16 multiple-hosts mod e 10-8 resetting to defau lt values 10-44 stack ch an ges, ef fects of 10-7 statistics, displa ying 10-44 switch as proxy 1[...]

  • Страница 1215

    Inde x IN- 37 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 prefix lists, BGP 38-56 preven ting una uthorized access 9-1 primar y links 21-2 primar y VLAN s 16-1, 16-3 priority HSRP 40-7 overridi ng CoS 15-6 trusting CoS 15-6 privat e VL AN ed ge po rts See pr otect ed por ts privat e VL ANs across multiple switch es [...]

  • Страница 1216

    Index IN- 38 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 pru nin g- eli gib le list chan ging 13-22 for VT P prun ing 14-5 VLANs 14-14 PVST+ describe d 18-10 IEEE 802.1Q trunking inter operability 18-11 instances supported 18-10 Q QoS and MQC comm ands 36-1 auto-Q oS categor izing tra ffic 36-23 config urati on and [...]

  • Страница 1217

    Inde x IN- 39 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 QoS (continued) egres s queu es allocat ing buffer space 36-74 buffer alloca tion sche me, de scribed 36-19 config uring sh aped weig hts f or S RR 36-78 config uring sh ared we ights for SRR 36-79 describe d 36-4 displaying the t hreshol d map 36-77 flowch a[...]

  • Страница 1218

    Index IN- 40 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 QoS (continued) rewrites 36-21 support fo r 1-10 trust sta tes bordering anothe r do main 36-43 describe d 36-5 trusted de vice 36-41 within the domain 36-38 quality of service See QoS queries , IGMP 24-4 query so licit ation, I GMP 24-13 R RADIUS attributes v[...]

  • Страница 1219

    Inde x IN- 41 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 reliabl e tran sport protoc ol, EIG RP 38-36 reloadi ng software 3-17 Remote Authent ication Dial -In User Service See RADIUS Remote C opy Pro toco l See RCP Remote Networ k Monitoring See RMON Remote SPAN See RSPAN remote SPAN 30-3 report su ppressi on, IG M[...]

  • Страница 1220

    Index IN- 42 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 root gu ard describe d 20-10 enab lin g 20-18 support fo r 1-7 root switch MSTP 19-17 STP 18-16 route calcula tion timers, OSPF 38-32 route da mpenin g, BGP 38-62 route d packet s, ACLs on 34-39 routed port s config uring 38-5 defined 11-4 in switch cluster s [...]

  • Страница 1221

    Inde x IN- 43 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 RSTP (continued) interoper ability with IEEE 802.1D describe d 19-9 restar ting migr ation pr ocess 19-26 topolo gy chan ges 19-13 overvi ew 19-9 port roles describe d 19-9 synchroniz ed 19-11 proposal -agree ment handsh ake pr ocess 19-10 rapid co nverg ence[...]

  • Страница 1222

    Index IN- 44 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 show an d mor e co mman d out put, f ilteri ng 2-10 show c dp traffi c comman d 27-5 show clu ste r mem bers com mand 6-18 show confi gurat ion co mman d 11-30 show forw ard comma nd 45-23 show inte rfaces com mand 11-23, 11-30 show l2prot ocol comma nd 17-13,[...]

  • Страница 1223

    Inde x IN- 45 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 SNMP (continued) traps describe d 33-3, 33-5 differ ence s from infor ms 33-5 disabling 33-15 enab lin g 33-12 enabling MAC address notif ication 7-22 overvi ew 33-1, 33-5 types of 33-12 users 33-7, 33-10 version s suppo rted 33-2 SNMPv1 33-2 SNMPv2C 33-2 SNM[...]

  • Страница 1224

    Index IN- 46 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 SSH config uring 9-39 crypto graph ic softwa re image 9-37 describe d 1-6, 9-38 encryption methods 9-38 switch stac k conside rations 5-17, 9-38 user au thent icatio n meth ods, suppo rted 9-39 SSL config urati on guideli nes 9-45 conf iguring a s ecure HTT P [...]

  • Страница 1225

    Inde x IN- 47 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 stacks, switch (continued) copy ing an image fi le from one memb er to anothe r B-35 default confi guration 5-20 descript ion of 5-1 displayi ng inf ormati on of 5-24 enabling pe rsistent MAC addre ss timer 5-20 hardwar e comp atibility and SD M mismatch mode[...]

  • Страница 1226

    Index IN- 48 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 standby comma nd switc h config uring conside rations 6-12 defined 6-2 priority 6-11 requir ements 6-3 virtual IP a ddress 6-12 See also clus ter standb y grou p and H SRP standby group , clust er See cluste r standby group and HS RP stan dby ip comm and 40-5 [...]

  • Страница 1227

    Inde x IN- 49 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 STP (continued) BPDU mes sage ex change 18-3 config urati on guideli nes 18-13, 20-12 config uring forwar d-dela y time 18-23 hello time 18-22 maximu m aging tim e 18-23 path cost 18-20 port priority 18-18 root switch 18-16 seco ndary r oot s witch 18-18 span[...]

  • Страница 1228

    Index IN- 50 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 STP (continued) root switch config uring 18-16 effec ts of extended syst em ID 18-4, 18-16 elect ion 18-3 unexpec ted b ehavio r 18-16 shutdown Po rt Fast-enable d port 20-2 stack ch an ges, ef fects of 18-12 status, displaying 18-24 superior BPDU 18-3 timers,[...]

  • Страница 1229

    Inde x IN- 51 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 system message logging (continue d) syslog facility 1-13 time sta mps, enabli ng and disabli ng 32-8 UNIX sysl og serv ers configur ing the daemon 32-12 configurin g the logging facility 32-13 facilities su pported 32-14 system MTU and IEEE 802. 1Q tunnel ing[...]

  • Страница 1230

    Index IN- 52 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 time stamps in log messages 32-8 time z ones 7-12 TLVs defined 28-2 LLDP 28-2 LLDP -MED 28-2 Token R ing VLAN s support fo r 13-6 VTP support 14-4 ToS 1-10 tracer oute, Lay er 2 and AR P 45-18 and CD P 45-17 broa dcast tra ffic 45-17 describe d 45-17 IP addres[...]

  • Страница 1231

    Inde x IN- 53 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 trunks allowed-V LAN list 13-21 config uring 13-20, 13-25, 13-27 ISL 13-16 load sharing setting STP path costs 13-26 using STP port priori ties 13-24, 13-25 nati ve VLAN for u ntag ged traf fic 13-23 paralle l 13-26 pruning-el igible list 13-22 to non- DTP de[...]

  • Страница 1232

    Index IN- 54 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 univer sal softw are image crypto graph ic 1-1 featu re set advanc ed IP servic es 1-2 IP base 1-1 IP servi ces 1-2 noncrypt ogra phic 1-1 UNIX syslog servers daemon c onfigura tion 32-12 facilities su pported 32-14 message l ogging confi gurat ion 32-13 unrec[...]

  • Страница 1233

    Inde x IN- 55 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 VLAN M anagem ent Polic y Ser ver See VMPS VLAN map entr ies, orde r of 34-30 VLAN maps applyi ng 34-34 comm on uses for 34-34 config urati on guideli nes 34-30 config uring 34-29 crea ting 34-31 defined 34-2 deny ing acces s to a serve r exampl e 34-35 denyi[...]

  • Страница 1234

    Index IN- 56 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02 VMPS (continued) enteri ng server addr ess 13-30 mapping M AC ad dresse s to VLA Ns 13-28 monitori ng 13-33 reconf irmation i n terval , chan ging 13-32 reconfi rming mem bership 13-31 retry co unt, changi ng 13-32 voice-ov er-IP 15-1 voice VLAN Cisco 7 960 ph[...]

  • Страница 1235

    Inde x IN- 57 Catalyst 3750- E and 3560-E Switch Softwar e Configurati on Guide OL-9775-02 VTP (continued) monitoring 14- 16 passwords 14-8 pruning disabling 14-14 enab lin g 14-14 exam ples 14-5 overvi ew 14-4 support fo r 1-8 pruning-el ig ible l ist, chan ging 13-22 serv er mod e, co nfigur ing 14-9 statistics 14-16 support fo r 1-8 Token R ing [...]

  • Страница 1236

    Index IN- 58 Catalyst 3750-E an d 3560-E Swit ch Software Con figuration Guide OL-9775-02[...]