Gebruiksaanwijzing /service van het product WSC4500X16SFP van de fabrikant Cisco Systems
Ga naar pagina of 680
Corporate He adquarters Cisco System s, Inc . 170 West Ta sman Drive San Jos e, CA 95134 -1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Catalyst 450 0 Series S witc h Cisco IOS S of twa re Conf iguration Guide R ele ase 1 2.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCT S IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENT S, INFORMATI ON, AND RECOMMENDA TIONS IN T HIS MANUAL ARE BELIEVED TO BE ACCURATE BU T ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED.
iii Software Configuration Guide—Release 12.2(25)SG OL-7659-03 CONTENTS Preface xx iii Audienc e xxiii Organi zation xx iii Relat ed Do cume ntatio n xxv Conv enti ons xxvi Commands in Task Tab les xxvii Obtain ing Docu mentati on xxvi i Cisco.
Cont ent s iv Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Layer 3 Soft ware Fea tures 1-5 CEF 1-6 HSRP 1-6 IP Ro uting Prot ocols 1-6 Multica st Serv ices 1-8 Policy- Based Rou ti.
Content s v Software Configuration Guide—Release 12.2(25)SG OL-7659-03 CHAPTER 3 Configur ing the Switch for the Firs t Time 3-1 Defaul t Switch Conf igurat ion 3-1 Config urin g DHCP-Based Autoconf.
Cont ent s vi Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Deplo ying 10 -Gi gabit Et herne t and a Gi gabit Ethern et SFP Po rts 4-6 Config urin g Optional Interf ace Fea tures 4-.
Content s vii Software Configuration Guide—Release 12.2(25)SG OL-7659-03 CHAPTER 6 Configur ing Supervi sor Engine Redun dancy Using RPR and SSO 6-1 Underst anding Ci sco IOS NSF-Aware ness Suppo rt.
Cont ent s viii Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Network As sistant -Relate d Featu res and The ir Default s 9-4 Overvi ew of the CLI Co mmands 9-4 Insta lling N etwo r.
Content s ix Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Config urin g Ethernet Inte rfaces fo r Layer 2 Switchin g 11-5 Config urin g an Etherne t Inter face as a Layer 2 Trun k 11-6.
Cont ent s x Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 CHAPTER 14 Configur ing S TP Featur es 14-1 Overvi ew of Root Guar d 14-2 Enab ling R oot G uard 14-2 Overvi ew of Loop Gu.
Content s xi Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Underst andi ng Port-Ch annel In terface s 16-2 Underst anding How Et herCh annels Are Configur ed 16 -2 Underst anding Lo ad .
Cont ent s xii Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 CHAPTER 18 Configur ing 802 .1Q and Layer 2 Pr otocol Tunnel ing 18-1 Underst anding 80 2.1Q Tunnel ing 18-1 Config urin g 802.1Q Tun neli ng 18-4 802.1Q Tu nneling Configur atio n Guideline s 18-4 802.
Content s xiii Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Logica l Layer 3 VLAN Inter faces 22-2 Phys ical Lay er 3 Inter faces 22-2 Config uratio n Guidel ines 22-3 Confi guri ng Lo.
Cont ent s xiv Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Config urati on Exampl es 24-21 PIM Dense Mode Example 24-21 PIM S parse Mod e Exa mple 24 -21 BSR Confi guratio n Examp.
Content s xv Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Classi ficati on 27-6 Polici ng a nd Mar king 27-1 0 Mapping Ta bles 27-14 Queuein g and Sche duling 27-14 Packe t Modi ficati.
Cont ent s xvi Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 CHAPTER 29 Understa nding and Con figuring 802.1X Port-B ased Authent ication 29- 1 Underst anding 80 2.
Content s xvii Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Config urin g Port Secur ity on an I nterf ace 30-4 Config urin g Trunk Por t Securit y 30-7 Config urin g Port Secur ity Ag.
Cont ent s xviii Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Perfo rming Valid ation Chec ks 32-18 CHAPTER 33 Configur ing Network Secur ity with ACLs 33-1 Underst anding ACL s 33.
Content s xix Software Configuration Guide—Release 12.2(25)SG OL-7659-03 PVLAN Trun ks 34-2 PVLANs and VL AN ACL/QoS 34-2 How to Config ure PVL ANs 34-3 PVLAN Configu ration Guidel ines and Re stric.
Cont ent s xx Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Config urati on Scenar io 37-10 Verif ying a SPAN Conf igurat ion 37-10 CPU Port Sn iffing 37-10 Enca psulati on C onfigu.
Content s xxi Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Sample Net Flow Enabl ing Schemes 38-14 Sample Net Flow Aggreg ation Con figurat ions 38-14 Sample Net Flow Minimum Pr efix M.
Cont ent s xxii Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03.
xxiii Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Preface This pr eface d escribes w ho shoul d read this doc ument, how it is organize d, and its conv entions. The preface also tel ls you ho w to obtain Cisco d ocuments, as wel l as how to obtain te chnical a ssistanc e.
xxiv Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Preface Organizati on Chap te r 10 Understanding and Conf iguring VLANs, VTP , and VMPS Describe s ho w to configure VLA Ns, VTP , and VMPS.
xxv Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Pre face Relat ed Docume ntation Related Documentation The fo llowing publ ications are available for the Cat alyst 45 00 series switch.
xxvi Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Preface Conv ent ions – Securi ty Configuration Guide – Securi ty Command Refe r ence – Switching Servic es Configuration Gu.
xxvii Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Pre face Obtaining Documentat ion Cautions use the fol lo wing conv entions: Cautio n Mean s re a d e r b e c a re f u l . In this situation, you might do something that could resu lt in equipment dam age or loss of dat a.
xxvii i Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Preface Docum entation Fe edback Cisco Ma rketplace: http://www .cisco.com /go/marke tplace/ Ordering Docume ntation Beginning June 30 , 2005, register ed Cisco.
xxix Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Pre face Obtainin g Technica l Assistan ce http://www .cisco.com /go/psirt If you pref er to see advi sories an d notices as th ey are.
xxx Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Preface Obtain ing Technical Assista nce Cisco Tec hnical Support & Do cumentatio n Website The Ci sco T ech nical Support &.
xxxi Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Pre face Obtaining Additional Publications and Information Definitions of Servic e Re quest Severity T o ensure that all s ervice re quest s are repor ted in a stand ard for mat, Cisco has establish ed se ver ity def initio ns.
xxxii Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Preface Obtainin g Additi onal Publicat ions and Info rmation • Int ernet Pr otocol J ourn al is a quarterly jour nal publis he.
C HAPTER 1-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 1 Product Overview This chapte r provides an o vervi ew of Catalyst 450 0 series switches and includes the follo wing major se.
1-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 P roduct Overview Layer 2 Sof tware Featu res 802.1Q an d Layer 2 P rotocol Tu nneling 802.1 Q tunneli ng is a Q-in-Q techni que th at expands t he VLA N space by r etaggin g the ta gged pa ckets that enter the se rvice pro vider infrastru cture.
1-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 Product Overview Layer 2 Software Features MST all o ws you to build mu ltiple span ning trees ov er trun ks. Y ou can group an d associat e VLANs to spannin g tree inst ances.
1-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 P roduct Overview Layer 2 Sof tware Featu res • Spanning tree B ackbone Fast—Backbon eFast redu ces th e time needed for the span ning tre e to conv erge after a topo logy change caused by an indirec t link failure.
1-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 Product Overview Layer 3 Software Features VLANs A VLAN configures switche s and ro uters ac cording t o logic al, rath er tha n physical , topol ogies.
1-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 P roduct Overview Layer 3 Sof tware Featu res • Policy-Based Ro uting, p age 1-9 • Unidirect ional Link Routing, page 1-9 • VRF-lite, page 1-9 CEF Cisco Exp ress Forwarding (CEF) is an advanced Lay er 3 IP-sw itching t echnology .
1-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 Product Overview Layer 3 Software Features interface s and their metr ics is used in OSPF L SAs. As routers accumulate link-state informat ion, they use the shortest path first ( SPF) algorithm to cal cula te the shortest path to each node.
1-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 P roduct Overview Layer 3 Sof tware Featu res EIGRP saves bandwidth by send ing routin g updates o nly when rout ing informa tion chan ges. Th e updates contain information only about the lin k that chang ed, not the entir e routing table.
1-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 Product Overview Managem ent Featu res • Protocol Independent Multicas t (PIM)—PIM is protoco l-independent because it can l ev erage whichever unicast ro uting prot ocol is used to popul ate the un icast rout ing table, including EIGRP , OSPF , BGP , or static route.
1-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 P roduct Overview Managem ent Feat ures • NetFlow Statis tics, page 1-11 • Secure Shell, page 1-11 • Simple N etwork M.
1-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 Product Overview Managem ent Featu res NetFlow Statistics NetFlo w Statist ics is a global traf fi c monitoring feat ure that allo ws flo w-le vel monitoring of all IPv4-rout ed traffic throu gh the switch.
1-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 P roduct Overview Secu rit y Fea tur es Remote SP AN (RSP AN) is an e x tension of SP AN, whe re source po rts and destinat ion ports a re distrib uted acr oss multiple switches, allo wing remote monitor ing of multi ple switches across the netwo rk.
1-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 Product Overview Securi ty Featu res 802.1X Identity-Based Network Securi ty This sec urity feature consists of the follo wing: • 802.
1-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 P roduct Overview Secu rit y Fea tur es For informat ion on flood bloc king, see Chap ter 35, “Po rt Unicast a nd Multicas t Flood Blocki ng.
1-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 Product Overview Securi ty Featu res Storm Control Broadca st suppress ion is used to prevent LANs from be ing disrupt ed by a broadcast storm on one or more sw itch po rts.
1-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 P roduct Overview Secu rit y Fea tur es.
C HAPTER 2-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 2 Command-Line Interface s This chap ter de scribe s the CLIs you u se to conf igur e the Catalys t 4500 ser ies switch.
2-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 2 Command-Line In terfaces Access ing the Switch CL I T o access the switch th rough the console interfa ce, perf orm this .
2-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 Com mand-Line In terfaces Perf orming Co mmand-L ine Pro cessing This example shows how to open a T e lnet session to the switch: unix_host% telnet Switch_1 Trying 172.20.52.40.
2-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 2 Command-Line In terfaces Unders tanding Cisco IOS Comman d Modes Understandin g Cisco IOS Command Modes Note For compl et.
2-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 Com mand-Line In terfaces Getting a List of Commands and Syntax The Cisco IOS command interpreter , called the EXEC, int erprets and runs the c ommands you enter .
2-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 2 Command-Line In terfaces ROMMO M Command- Line Interface T o l ist keywords or argume nts, en ter a que stion ma rk in pla ce of a keyword or argument. Includ e a spac e before the qu estion m ark.
C HAPTER 3-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 3 Configuring the Switch for the First Time This chap ter descr ibes ho w to initially con fig ure a Cata lyst 4500 se ries switch.
3-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Configur ing DHCP-Bas ed Autoconf iguration Configuring DHCP-Based Autoco nfiguration These sections describe how to configure D HCP-ba sed autoc onfiguration.
3-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Configuring DHCP-Based Autoconfiguration server featur e on your switch for various lease optio ns associated wi th IP addresses.
3-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Configur ing DHCP-Bas ed Autoconf iguration Configuring the DHCP Server A switch can act a s both th e DHCP clie nt and t he DHCP serv er .
3-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Configuring DHCP-Based Autoconfiguration filename (if any) an d the foll o wing files: ne twork-conf g, ciscone t.cfg, ho stname .conf g, or hostnam e .
3-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Configur ing DHCP-Bas ed Autoconf iguration Figur e 3-2 Rela y Device Use d in A ut.
3-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Configuring DHCP-Based Autoconfiguration If the switch c annot read the network- confg , ciscon et.cf g, or t he hostna me file, it read s the router-con fg file.
3-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Conf igu rin g th e Swi tch DNS Ser ver Conf iguration The DNS server maps the TFT P server nam e mar its u to IP address 10.
3-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Config uring t he Swi tch Using Config uration Mod e to Configure Your Switch T o.
3-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Conf igu rin g th e Swi tch hostname Switch <.
3-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Config uring t he Swi tch <.
3-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Conf igu rin g th e Swi tch T o configur e a static route, perform this task: This exampl e shows how t o use the ip r oute command to co nf igure a stati c rout e to a works tatio n at IP address 171 .
3-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Controlling Access to Privileged EXEC Commands ip default-gateway 172.
3-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Controllin g Access to Privileged EXEC Com mands Using the en able pass word and e.
3-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Controlling Access to Privileged EXEC Commands For information on ho w to displa.
3-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Controllin g Access to Privileged EXEC Com mands Encrypt ion oc curs when t he curr ent configur ation is written o r when a pa ssword is configur ed.
3-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Controlling Access to Privileged EXEC Commands Changing the Default Pri vilege L.
3-18 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Recoveri ng a Lost Enable Pas sword This e xample shows h ow to display th e priv .
3-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Modif ying the S uperviso r Engin e Start up Configu rati on Understanding the ROM Monitor The ROM monitor (ROMMON) is inv oked at switc h bootup, reset, or when a fatal exception oc curs.
3-20 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Modifyin g the Supervis or Engine Startu p Configuration Modifying the Boot Field .
3-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Modif ying the S uperviso r Engin e Start up Configu rati on When the boot field.
3-22 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Modifyin g the Supervis or Engine Startu p Configuration Step 2 Ente r th e confi gure termin al comm and at the EX EC mode prompt (#) , as follows: Switch# configure terminal Enter configuration commands, one per line.
3-23 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Modif ying the S uperviso r Engin e Start up Configu rati on cisco Catalyst 4000 (MPC8240) processor (revision 3) with 262144K bytes of memory.
3-24 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Modifyin g the Supervis or Engine Startu p Configuration Configuring Flash Memory T o c onfigure y our switch to boo t from Flash m emory , perform the f ollowing pro cedure.
3-25 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Sw itch for the First T ime Resetting a Switch to Factory Default Settings Resetting a Switch to Fa ctory De.
3-26 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 Configuring the Switch for the First Time Resett ing a Switch to Fact ory Defau lt Settin gs.
C HAPTER 4-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 4 Configuring Interfaces This chapter describes ho w to conf igure interf aces for the Ca talyst 4 500 series switches. It also pro vides guideli nes, pr ocedure s, and configura tion examples .
4-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Using the interface Command • Slot numb er—The slot in which t he interfa ce modu le is i nstalled. Sl ots are numbered starti ng with 1, from to p to bo ttom.
4-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfa ces Using the interface Command Last input never, output never, output hang never Last clearing of ".
4-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Configur ing a Range of Interf aces Step 5 Foll ow ea ch interface c ommand with t he inte rface conf iguratio n command s your par ticular interfa ce require s.
4-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfa ces Definin g and Using Interfa ce-Ra nge Macros This e xample sho ws how to reenable all Fast Et hernet .
4-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Deployin g 10-Gigabi t Ethernet and a Gigabit Ethernet SFP Port s T o d efine an interface- range macr.
4-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfa ces Configuring Optional Interface Features When deployi ng a Catalyst 451 0R chassis, one of three configurati ons is supported : • Enab le the dual 10 -Gigabit Et hernet ports (X2 op tics) only .
4-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Configur ing Optiona l Interface F eatures Y ou can c onfigure the interfa ce spee d and du plex mode pa ramete rs to auto and allow the Catalyst 4500 series swi tch to negotiate the interface speed and dup lex mode betwee n interface s.
4-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfa ces Configuring Optional Interface Features T o turn of f the port speed autone gotiation for Gigabit Eth.
4-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Configur ing Optiona l Interface F eatures Full-duplex, 100Mb/s ARP type: ARPA, ARP Timeout 04:00:00 .
4-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfa ces Configuring Optional Interface Features Each of the l ast three modul es has two non-blocking ports that ca n support jumb o frames. Other ports a re over-subscribed ports a nd cann ot suppo rt jumbo frame s.
4-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Configur ing Optiona l Interface F eatures Layer 3 and Lay er 2 Ether Chann els W it h Release Cis co IOS Rele ase 12.2 (25)EW and lat er rele ases, you can conf igure a ll the inter face s in an Ethe rChannel provided that they ha ve the same M TU.
4-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfa ces Understanding Online Insertion and Removal This exampl e shows ho w to verify the configurat ion: switch# show interface gigabitethernet 1/2 GigabitEthernet1/2 is administratively down, line protocol is down Hardware is C6k 1000Mb 802.
4-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Monito ring and Maint aining the In terface Monitorin g Interface an d Controller Status The Cisc o I.
4-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfa ces Monitoring and Maintaining the Interface Shutting Down and Rest arting an Interface Y o u can disab .
4-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Monito ring and Maint aining the In terface • logging event link-status use-g lobal - This is the d.
4-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfa ces Monitoring and Maintaining the Interface Result The fol lowing example disp lays a su mmary of the o.
4-18 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 4 Configuring Interfaces Monito ring and Maint aining the In terface 3d00h: %DTP-5-TRUNKPORTON: Port Gi1/4 has become dot1q tr.
C HAPTER 5-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 5 Checking Port Statu s and Connectivity This c hapter d escribes how to c heck swi tch port status an d conne ctivity on the Catalyst 45 00 seri es switch.
5-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 5 C hecking Port Sta tus and Connectivity Checking Interface s Statu s This e xample sho ws how to check m odule status for all mo dules on your switch: Switch# show module all Mod Ports Card Type Model Serial No.
5-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 5 Check ing Port Status and Connectivit y Displaying MAC Ad dresses Displaying MAC Addresses In additi on to displayi ng the MA.
5-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 5 C hecking Port Sta tus and Connectivity Checking Cable Status Usi ng TDR Overview W ith TD R, you c an check the sta tus .
5-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 5 Check ing Port Status and Connectivit y Using Tel net Guidelines The fol lo wing guidelin es apply t o the use of TDR: • If you conn ect a po rt undergoi ng a TDR test t o an Auto-M DIX en abled port , the TD R result mi ght be in valid.
5-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 5 C hecking Port Sta tus and Connectivity Changing the L ogout T imer Changing the Logo ut Timer The logout t imer aut omatic ally di sconnec ts a u ser from the sw itch w hen th e user is idle for lon ger th an the specif ied time .
5-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 5 Check ing Port Status and Connectivit y Using Ping This e xample s ho ws ho w to disc onnect an acti ve co nsole p ort sessio n and an acti ve T elnet session: Switch> disconnect console Console session disconnected.
5-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 5 C hecking Port Sta tus and Connectivity Using I P Trac eroute This exampl e shows ho w to ping a remo te host from nor mal executiv e mode: Switch# ping labsparc labsparc is alive Switch> ping 72.
5-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 5 Check ing Port Status and Connectivit y Using Layer 2 Tr aceroute Running IP Tracerou te T o trace the path that pack ets tak.
5-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 5 C hecking Port Sta tus and Connectivity Using La yer 2 Tra cerout e Note For more information ab out enabli ng CDP , see Chapter 19, “U nderstandin g and Con figuring CDP .
5-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 5 Check ing Port Status and Connectivit y Configuring ICMP These example s show how to use t he trac eroute mac a nd tracer oute mac ip commands t o display the physical pa th a packet takes t hrough the net work to reach its destinati on: Switch# traceroute mac 0000.
5-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 5 C hecking Port Sta tus and Connectivity Conf igu rin g IC MP T o e nable t he gene ration o f ICMP Protocol U nreac habl.
5-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 5 Check ing Port Status and Connectivit y Configuring ICMP Enabling IC MP Mask R eply M essages Occasi onall y , netw ork de vi ces mus t kn o w the subn et ma sk for a pa rtic ular subnet w ork in the internetw ork.
5-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 5 C hecking Port Sta tus and Connectivity Conf igu rin g IC MP.
C HAPTER 6-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 6 Configuring Supervisor E ngine Red undancy Using RPR and S SO Catalyst 4500 serie s switc hes allow a r edundant supervis or engine to take ov er i f the active supervisor engine fails.
6-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 6 Conf iguring Superv isor En gine Re dundancy Usi ng RPR and SSO Unders tanding Cisco IOS NSF -Awareness Support Understandin.
6-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 6 Conf iguring Supervisor Engi ne Redundanc y Using RPR and SSO Underst anding S uperviso r Engine R edundancy Ta b l e 6 - 1 lists the s uperv isor engi nes and Ca talyst 4500 ser ies switc hes that s upport N SF-awareness: In Release 12.
6-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 6 Conf iguring Superv isor En gine Re dundancy Usi ng RPR and SSO Unders tanding Superv isor Engine Red undancy When po wer is.
6-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 6 Conf iguring Supervisor Engi ne Redundanc y Using RPR and SSO Underst anding S uperviso r Engine R edundancy Because the re d.
6-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 6 Conf iguring Superv isor En gine Re dundancy Usi ng RPR and SSO Unders tanding Superv isor Engine Red undancy Sy nchronizat ion SSO is compat ible with th e following list of fea tures.
6-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 6 Conf iguring Supervisor Engi ne Redundanc y Using RPR and SSO Supervi sor Engi ne Redun dancy Gui delines a nd Restri ctions .
6-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 6 Conf iguring Superv isor En gine Re dundancy Usi ng RPR and SSO Configur ing Superviso r Engine Redu ndancy • Startin g with Cisco I OS Releas e 12.2, i f an unsupport ed cond ition is detec ted (s uch as when th e active supervisor engine is running Release 12.
6-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 6 Conf iguring Supervisor Engi ne Redundanc y Using RPR and SSO Confi guring S uperviso r Engin e Redunda ncy This e xample sho.
6-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 6 Conf iguring Superv isor En gine Re dundancy Usi ng RPR and SSO Configur ing Superviso r Engine Redu ndancy Redundancy Mode.
6-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 6 Conf iguring Supervisor Engi ne Redundanc y Using RPR and SSO Performing a Manual Switchover Note Con f igura tion chan ges made to the redundan t supervis or engine throu gh SNMP are not synchroniz ed to the redunda nt superv isor engine .
6-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 6 Conf iguring Superv isor En gine Re dundancy Usi ng RPR and SSO Performin g a Software Up grade T o p erform a manu al sw i.
6-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 6 Conf iguring Supervisor Engi ne Redundanc y Using RPR and SSO Performing a Software Upgrade To perform a software u pgrade, .
6-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 6 Conf iguring Superv isor En gine Re dundancy Usi ng RPR and SSO Manipul ating Bo otflash on t he Redundant Supervisor Eng i.
6-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 6 Conf iguring Supervisor Engi ne Redundanc y Using RPR and SSO Manipulating Bootflash on the Redundant Supervisor Engine Swit.
6-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 6 Conf iguring Superv isor En gine Re dundancy Usi ng RPR and SSO Manipul ating Bo otflash on t he Redundant Supervisor Eng i.
C HAPTER 7-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 7 Enviro nmental Mon itoring and Po wer Management Note Before reading this chapter , read the "Prepa ring for Installat ion” section of the Catalyst 4500 Series Installation Guide .
7-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Unders tanding En vironment al Monitori ng Using CLI Co mmands to Mo nitor your Enviro nment Use the show en vironmen t CLI co mmand to mon itor the system .
7-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement Power Management This se ction de scribes the power ma nage.
7-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement These po wer supplies are inc ompatible with Cata lyst 4500 serie s switches. Since Po wer ove r Ethe rnet (PoE) i s not su pported on the Catal yst 4948 switch , only a limit ed wattage is ne eded.
7-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement – 1400 W DC Servi ce Provider —Uses up to thre e lines (12.
7-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement Note On the Catalyst 45 10R switch, the 10 00 W A C pow er suppl y is not enough to support redund ant mode fo r all possible configuratio ns.
7-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement If you atte mpt to inse rt additio nal module s into your s.
7-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement M MAC addresses Hw Fw Sw Status --+--------------------------------+---+------------+----------------+--------- 1 005c.
7-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement The fol lowing example shows how to display t he curre nt power redun dancy mode. T he power supplies needed b y system: 1 indicates that the switch is in redundant mode.
7-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement The fol lowing example shows how to display t he curre nt power redun dancy mode. T he power supplie s needed b y system: 2 indicates that the switch is in combined mode.
7-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement Watts Used of System Power (12V) Mod Model currently out o.
7-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement Available Power for Cat alyst 4500 Series Switches Power Suppli es Ta b l e 7 - 3 lists the po wer a va ilable for use in the var ious Catalyst 4500 series switches po wer supplies.
7-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement Ke ep in mind the follo wing guidelines when using a 1400 W DC po wer supply with your Catalyst 4500 series switch: • The 140 0 W DC po wer supp ly works with a variety of DC so urces.
7-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement Special Considerations for the 1400 W DC SP Tri pl.
7-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement Power Summary Maximum (in Watts) Used Available ---------------------- ---- --------- System Power (12V) 140 1360 Inline Power (-50V) 0 1850 Backplane Power (3.
7-16 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement Power Managemen t for the Catalyst 4006 Switch The.
7-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement T o c hoose a 1+1 re dundancy con figuration, you must chang e the sys tem c onfiguration from the default 2+1 re dundancy m ode to 1 +1 red undancy mo de by us ing the power supplies r equir ed 1 comman d.
7-18 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement The following configu ration r equire s mor e powe.
7-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 7 Environmenta l Monitoring and Power Ma nagement Power Ma nagement The fo llo wing example shows ho w to display th e current power status of system comp onents and the power redunda ncy mode.
7-20 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 7 Envir onmental Mo nito ring an d Power Mana gement Power Man agement This exam ple shows how to power d o wn mod ule 6: Switch# configure terminal Enter configuration commands, one per line.
C HAPTER 8-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 8 Configuring Power over Ethernet Note Before reading this chap ter , r ead "Prepar ing for I nstallation” sec tion of the Catalyst 4500 Series Installation Guide .
8-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Configur ing Powe r over Et hernet Power Ma nagemen t Modes If your switc h has a module capa ble of providing PoE to end stations, you can set eac h interface on the module to automatic ally detect and ap ply PoE if the end station requires po wer .
8-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Conf iguring Power over Ethernet If you set a no n-PoE-cap able interf ace to automatical ly detect and ap ply po wer , an error me ssage indicates that the conf iguratio n is not valid.
8-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Configur ing Powe r over Et hernet Note Whe n manuall y configurin g the consum ption for powered devices , you need to accou nt for the power loss over the cable betw een the switc h and the powered device.
8-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Conf iguring Power over Ethernet This e xample sho ws ho w to set the PoE con sumption to 5000 milli watts for F ast Ethernet inte rface 4/ 1 regardless w hat is mandat ed by the 802.
8-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Configur ing Powe r over Et hernet When you use PoE modules wi th type 1/2 shiel ded twisted pair (STP) cab le configurations ( 90 and 125 meters), the m odules p erform th e same as with Category 5 c able for the I EEE 802 .
8-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Conf iguring Power over Ethernet This example sho ws how to display the operat ional status for a ll interfaces on modul e 3.
8-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Configur ing Powe r over Et hernet The 802 .3af-c ompliant PoE mo dules ca n consume up t o 20 W of PoE to power FPGAs and oth er hardw are componen ts on the m odule. Be su re to ad d at lea st 20 W t o your PoE requiremen ts for eac h 802.
8-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Conf iguring Power over Ethernet Switch# show power detail Power Fan Inline Supply Model No Type Status Sensor Status ------ .
8-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Configur ing Powe r over Et hernet Switch# show power inline g1/1 Module 1 Inline Power Supply: Available:158(w) Used:128(w).
8-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Conf iguring Power over Ethernet Gi2/3 auto on 11.5 10.2 CNU Platform n/a Gi2/4 auto on 11.5 10.2 CNU Platform n/a Gi2/5 auto off 0.0 0.0 n/a n/a Gi2/6 auto off 0.0 0.0 n/a n/a Gi2/7 auto off 0.
8-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-02 Chapter 8 Configur ing Powe r over Et hernet.
C HAPTER 9-1 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 9 Configuring Switche s with Web-Based Tools This chapte r descr ibes ho w to inst all Netw ork Assi stant on the works tation an d conf igure th e Catalyst 4500 (or 4900) series switch to comm unicate wit h Network Assistant .
9-2 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant • Installi ng Network Assist.
9-3 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant PWR-C45-1 400A C PWR-C45-2 800A .
9-4 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant Network Ass istant-Related Features an d Their De faults Ta b l e 2 lists th e Netwo rk Assistant-related con figurat ion parameters on a Catalyst 4500 series switch.
9-5 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant Installing Netw ork Assistant T o install Netw ork Assistant on your w orkstation, f ollo w these st eps: Step 1 Go to th is W eb address: http: //www .
9-6 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant If you plan t o use c lusteri .
9-7 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant In disc onnect m ode, N etwork A ssistant i s not c onnected to any d e vice , and it canno t manage a standa lone device or the com mand device o f a cluster .
9-8 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant Note For informati on on ho w to use Networ k Assistant, refer to Gettin g Started with Cisco Network Assistant , av ailable at the URL: http://www .
9-9 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant • Cisco Di scovery Protocol (CDP) version 2 is enable d (the de fault) - if you want the device to be autodisc overed.
9-10 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant Note Y ou can co nnect to a cl uster only via an IP addre ss. When you sel ect a name it is always for the community .
9-11 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant b. In the Communities win dow , select the name of the community to which you would lik e to add a device, and click Modif y .
9-12 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant Note If a de vice has mo re than one in terfa ce with an IP addr ess and sub net mask, you see more tha n one interf ace listed when you click in the cell.
9-13 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant Clustering Overvi ew A switc h cluster is a set of up to 16 conne cted, cluster -capable Ca talyst switch es that are mana ged as a single en tity .
9-14 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant Y ou can conf igure th e Ca talys t 45 00 se ries switc h t o supp ort a n ap propr iate numb er of VTY l ine s with the li ne vty configurat ion com mand.
9-15 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant Note CISC O-CLUSTER_M IB is not supported.
9-16 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant This exam ple shows how to co.
9-17 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant vtp mode transparent ! ! ! ! ! .
9-18 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant ! ! ! line con 0 password cna.
9-19 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Config uring an d Using the Netw ork Assistant This e xampl e shows how to con.
9-20 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing and Us ing the Netw ork Assist ant enable password cna ! no aaa .
9-21 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Configur ing Emb edded Cisc oView Su pport interface Vlan1 no ip address ! interface Vlan2 ip address 123.123.123.1 255.255.255.0 ! ip route 0.
9-22 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing Embedde d CiscoView Sup port Note Th e default pass word for accessing the switch web pa ge is the enab le-level password of the switch.
9-23 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Configur ing Emb edded Cisc oView Su pport Delete bootflash:cv/Cat4000IOS-4.0.sgz? [confirm]y Delete bootflash:cv/Cat4000IOS-4.0_ace.
9-24 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing Embedde d CiscoView Sup port 5 -rw- 9630880 Feb 27 2003 01:25:16 +00:00 kurt70.devtest-enh 6 -rw- 1173 Mar 19 2003 05:50:26 +00:00 post-2003.
9-25 Software Configuration Guide—Release 12.2(25)EWA OL-7659-03 Chapter 9 Conf iguring Switch es with Web-B ased Tools Configur ing Emb edded Cisc oView Su pport The fo llo wing example shows ho w .
9-26 Software Conf igurati on Guide—Rele ase 12.2(25)EW A OL-7659-03 Chapter 9 Configuring Switches with Web-Based Tools Configur ing Embedde d CiscoView Sup port.
C HAPTER 10-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 10 Understanding and Configuring VLANs, VTP, and VMPS This c hapter d escribes V LANs on C atalyst 4 500 seri es switch es. It also describe s how to enabl e the VLAN Trunking Pr otocol (VT P) and to configure t he Cata lyst 4500 series sw itch as a VMPS client.
10-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLANs Y o u can define one or many virt ual bridg es withi n a switch. Each virtual bridge yo u create i n the switch defines a new broadcast dom ain (VLAN) .
10-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLANs VLAN Configuration Guid elines an d Restrictio ns Follow these.
10-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLANs Configurable Norm al-Range VLAN Parameters Note Ethe rnet V LANs 1 and 1006 th rough 4094 use only default values.
10-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLANs Note VLANs support a number of parameters that ar e not discussed in detail in this secti on. For compl ete information , refer to the Catalyst 4500 Series Switc h Cisco IOS Command Refer enc e .
10-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLANs T o create a VLAN, per form this ta sk: When y ou creat e or m.
10-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLANs Configuring V LANs in VLAN Database Mode When the switch is in VTP serv er or transparent mode, you can config ure VLANs in the VLAN database mode.
10-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Trun king Protoc ol Assigning a Layer 2 LAN Interface to a VLAN A VLAN cr eated i n a managemen t domain re mains unused u ntil you assig n one or more LAN inte rface s to the VLAN.
10-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Trun king Pr otocol Understanding the VTP Do main A VTP do main i s made up of one or m ore in terconnec ted net work devices tha t shar e the same VT P domain name.
10-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Trun king Protoc ol The follo w ing global conf igura tion information is distrib u ted in VTP adv ertisements: • VLAN IDs (ISL and 802.
10-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Trun king Pr otocol Figure 10-2 shows a switched ne twork without VTP prun ing enab led. Interface 1 on Switc h 1 and Interface 2 on Sw itch 4 are assi gned to t he Re d VLAN.
10-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Trun king Protoc ol T o con f igure VTP pruning on a t runking LAN interface, use the switchport trunk pr uning vlan comm and.
10-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Trun king Pr otocol Configuring VTP The follo wing sec tions d.
10-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Trun king Protoc ol This exam ple shows how to ena ble VT P pr.
10-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Trun king Pr otocol This e x ample sho ws h ow to conf igu re the s witch a s a VT P serv er: Switch# configuration terminal Switch(config)# vtp mode server Setting device to VTP SERVER mode.
10-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Trun king Protoc ol VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80 Configuration last modified by 0.
10-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Me mbersh ip Policy Server This example shows ho w to display .
10-18 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Mem bership Policy Server VMPS uses a UD P port to listen t o VQP reque sts from client s, so, it is not ne cessary for VMPS clients to know if the VMPS reside s on a local or rem ote device on the network .
10-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Me mbersh ip Policy Server If a VLAN is alrea dy assig ned to .
10-20 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Mem bership Policy Server Illegal VMPS Client Requests T wo ex.
10-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Me mbersh ip Policy Server Default VMPS C lient Configurati on T ab le 10-4 shows the de fault VMPS a nd dyna mic port c onfiguration on clie nt switches.
10-22 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Mem bership Policy Server Switch# show vmps VQP Client Status: -------------------- VMPS VQP Version: 1 Reconfirm Interval: 60 min Server Retry Count: 3 VMPS domain server: 172.
10-23 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Me mbersh ip Policy Server Voice Port s If a VVID (voice VLAN ID) is configured on a dy namic acc ess port, the port can be long to both an access VLAN a nd a voice VLAN.
10-24 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Mem bership Policy Server Configur ing the R etry Int erval Y ou can set the number of times that th e VMPS client atte mpts to contact the VMPS bef ore querying the next server .
10-25 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Me mbersh ip Policy Server The fo llowing example shows how to.
10-26 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Mem bership Policy Server Dynamic Port VLAN Memb ership Con figuratio n Example Figure 10-4 on pa ge 10-26 shows a netw ork with a VMPS serv ers and VMPS client switches with dynamic po rts.
10-27 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Me mbersh ip Policy Server T wo topo logies ar e possib le. Figure 10-5 illustrate s a topology with one end station attached d irectly to a Catal yst 4500 seri es switch ope rating as a VMPS client .
10-28 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Mem bership Policy Server VQP Client Status: -------------------- VMPS VQP Version: 1 Reconfirm Interval: 60 min Server Retry Count: 3 VMPS domain server: 172.
10-29 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 0 Understanding an d Configuring VL ANs, VTP, and V MPS VLAN Me mbersh ip Policy Server VMPS Datab ase Config uration File Example This e xample sho ws a sample VMPS database con fig uration f ile as it appe ars on a VMPS serv er .
10-30 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 10 Understandi ng and C onfigur ing VLANs, VTP, and VMPS VLAN Mem bership Policy Server vmps-port-policies vlan-name Green device 198.92.30.32 port Fa0/9 vmps-port-policies vlan-name Purple device 198.
C HAPTER 11-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 11 Configuring Layer 2 Ethernet Interface s This cha pter descri bes how to use the comm and- line inter face (CLI) to co nfigure Fast Ethernet and Gigabit Eth ernet interf aces for Layer 2 switching on Cataly st 4500 series switches.
11-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 11 Configuring Layer 2 Ethernet Interfaces Overvi ew of Layer 2 Ethernet Switching Note With release 12.1(1 3)EW , the Ca talyst 4500 ser ies switches ca n handle packets of 1600 bytes, ra ther than tre at them as “o vers ized” and di scard th em.
11-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 1 Configuring Layer 2 Ethernet Int erfaces Overview of Layer 2 Ethernet Switching Understand ing VLAN Trunk s A trun k is a p oint-to -point link betw een on e or more Ethe rnet s witch i nterface s and an other n etworking de vice such as a r outer or a switch.
11-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 11 Configuring Layer 2 Ethernet Interfaces Default L ayer 2 Ethe rnet Interfa ce Configurati on Layer 2 Interfa ce Modes T ab le 11-2 lists the Laye r 2 interface mod es and descri bes how the y functi on on Ethernet interfaces.
11-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 1 Configuring Layer 2 Ethernet Int erfaces Layer 2 Interfa ce Configur ation Gui delines a nd Restri ctions Layer 2 Interf a.
11-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 11 Configuring Layer 2 Ethernet Interfaces Configur ing Ethern et Interface s for Laye r 2 Switching Configur ing an Eth ernet In terfac e as a Lay er 2 Trun k Note The default for Layer 2 interf aces is switchport mode dynamic auto .
11-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 1 Configuring Layer 2 Ethernet Int erfaces Configuring Ethernet Interfaces for Layer 2 Switching This e xampl e sho ws ho w to conf igure th e Fast E thern et interf ace 5/8 as an 802 .
11-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 11 Configuring Layer 2 Ethernet Interfaces Configur ing Ethern et Interface s for Laye r 2 Switching Port Vlans allowed an.
11-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 1 Configuring Layer 2 Ethernet Int erfaces Configuring Ethernet Interfaces for Layer 2 Switching Switch(config-if)# switchpo.
11-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 11 Configuring Layer 2 Ethernet Interfaces Configur ing Ethern et Interface s for Laye r 2 Switching This exam ple sh o ws how to verif y that the L ayer 2 c onfiguration was cleare d: Switch# show running-config interface fastethernet 5/6 Building configuration.
C HAPTER 12-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 12 Configuring SmartPort Ma cros This c hapter d escribes how to c onfigure and apply Sma rtPort m acros on your sw itch.
12-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 12 Config uring S martPor t Macro s Configuring Smart-Port Ma cros Configuring Smart-Port Macros Y ou can crea te a ne w SmartPo rt macro o r use an e xisting macro a s a template to create a n ew macro that is specif ic to your applica tion.
12-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 12 Configur ing SmartPort Macros Confi guring Smart -Port Mac ros # Recommended value for voice vlan (VVID) should not be 1 sw.
12-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 12 Config uring S martPor t Macro s Configuring Smart-Port Ma cros spanning-tree portfast spanning-tree bpduguard enable Smar.
12-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 12 Configur ing SmartPort Macros Confi guring Smart -Port Mac ros The no fo rm of th e macr o name global conf iguration co mmand only deletes the macr o definiti on. It does not affect th e configurati on of thos e interfaces on which the ma cro is al ready app lied.
12-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 12 Config uring S martPor t Macro s Configuring Smart-Port Ma cros switchport port-security # Ensure port-security age is gre.
12-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 12 Configur ing SmartPort Macros Confi guring Smart -Port Mac ros Fa2/9 cisco-phone ------------------------------------------.
12-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 12 Config uring S martPor t Macro s Displaying SmartPort Mac ros switchport trunk encapsulation dot1q # Define unique Native .
C HAPTER 13-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 13 Understanding and Configuring STP This chapt er describes how to configure the Span ning Tr ee Protoco l (STP) on a Catalyst 4500 serie s switch. It also provides guide lines, pro cedure s, and co nfiguration exampl es.
13-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Overvi ew of STP A spanning tree def ines a tree with a root switch and a loop-free path from t he root to all switches in the Layer 2 ne twork.
13-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Over view of STP STP MAC Address Allocati on A Catalyst 45 00 series switc h chassis has eithe r 64 or 1024 MAC addresses av ailable t o support software featur es lik e STP .
13-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Overvi ew of STP Election of th e Root Bridge For each VLAN, the swi tch w ith the h ighest bri dge priority (the l owest numerical priority v alue) is elect ed as the root bridge.
13-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Over view of STP Figur e 13 -1 Spannin g T ree T opology For example, assume t hat one port on Switch B is a fiber-optic link, and ano ther p ort on Switch B ( an unshiel ded twiste d-pair [UTP] link) i s the root po rt.
13-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Default STP Configuration STP and IE EE 802.1Q Trunks 802.1 Q VLAN tru nks impose som e limita tions on th e spanni ng tree st rategy for a net work.
13-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Configuring STP Configuring ST P The follo wing sect ions de scr ibe ho w to conf igur.
13-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Conf igu rin g STP T o e nable a spanning tree on a p er-VLAN basis, perform this t a.
13-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Configuring STP T o enable the ex tended system ID, perfor m this task: Note When you .
13-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Conf igu rin g STP Use the diameter ke yword t o speci fy the L ayer 2 networ k diam eter (the max imum n umber of b ridge hops bet ween a ny two end stat ions in the ne twork).
13-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Configuring STP Port 324 (FastEthernet6/4) of VLAN1 is blocking Port path cost 19, Port priority 128, Port Identifier 129.68. Designated root has priority 32768, address 0001.
13-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Conf igu rin g STP Configur ing a Se condar y Root S witch When you con figure a switch as the se condary ro ot, the spann ing tree bridg e priorit y is modified from the def ault v alue (32,768) to 16,384.
13-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Configuring STP Configuring STP Port Priority In the e v ent of a loop, a spa nning tree c onsiders port priori ty when selectin g an interf ace to put into th e forwarding state.
13-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Conf igu rin g STP This e xample shows how to display the det ails of the i nterf ac.
13-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Configuring STP This exa mple sh o ws how to c onfigure the spanning tree VLAN port p.
13-16 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Conf igu rin g STP This exampl e shows ho w to change the spanning tre e port cost o.
13-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Configuring STP T o configur e the spanning tree bridg e priority of a VLAN, perform .
13-18 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Conf igu rin g STP This exampl e shows ho w to verify the configurat ion: Switch# sh.
13-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Configuring STP T o configur e the spanning tree for ward delay time for a VLAN, perf.
13-20 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Conf igu rin g STP This exam ple sh o ws how to di sable spanning t ree o n VLAN 200.
13-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 3 Understanding an d Configuri ng STP Configuring STP The fo llowing exampl e shows how to verify the configur ation: Switc.
13-22 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 13 Understanding and Configuring STP Conf igu rin g STP.
C HAPTER 14-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 14 Configuring STP Features This chapter desc ribes the Spa nning T ree Protoc ol ( STP) feat ures supp orted on the Catalyst 4500 s erie s swit ches. It al so pro vides gu ideline s, pro cedures, and conf iguration e xampl es.
14-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 14 Configuring STP Features Overvi ew of Root Gu ard Overview of Root Guard Spanni ng T ree roo t guard for ces an inter face to beco me a design ated port, to protect the current roo t status and prevent surround ing sw itches fro m becom ing the root swi tch.
14-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 4 Configuring STP Featu res Over view o f Lo op Gu ard VLAN1002 FastEthernet3/2 Port Type Inconsistent VLAN1003 FastEthernet.
14-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 14 Configuring STP Features Enablin g Loop Guar d Follow these guideli nes wh en usin g loop guard : • Do not enable loop g uard on PortFast-ena bled or dynam ic VLAN ports.
14-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 4 Configuring STP Featu res Overview of PortFast This exampl e shows ho w to verify the previous configurat ion of port 4/4 .
14-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 14 Configuring STP Features Enablin g PortFast Note Because the purpose of PortF ast is to minimize the time that acce ss ports must wait for spanning tree to conv erge, it is most effectiv e when used on access por ts.
14-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 4 Configuring STP Featu res Overview of BPDU Guard Overview of BPDU Guard Spannin g T ree BPDU g uard shuts do wn PortFas t-conf igu red interf aces that recei v e BPDUs, rath er than putting th em into the spanning tree blocking state.
14-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 14 Configuring STP Features Overv iew of Po rtFas t BPDU Filterin g Overview of PortFast BPDU Filtering Cisco IOS Release 12.
14-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 4 Configuring STP Featu res Enabling PortFa st BPDU Filtering This e xampl e sho ws ho w to ve rify the BPDU conf iguration .
14-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 14 Configuring STP Features Overvi ew of Up linkFast Overview of UplinkFast Note Up linkFast is most usef ul in wiri ng-close t switche s. This fea ture mig ht not b e useful fo r other types of application s.
14-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 4 Configuring STP Featu res Enabl ing U plinkF ast Enabling Uplink Fast UplinkFast inc reases the br idge priority t o 49,152 and ad ds 3000 to the span ning tree port cost of all interf aces on the switch, making it unli kely that the switch will be come the root switch.
14-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 14 Configuring STP Features Overvi ew of Ba ckboneFas t VLAN15 VLAN1002 Gi5/7(fwd) VLAN1003 Gi5/7(fwd) VLAN1004 Gi5/7(fwd) VLAN1005 Gi5/7(fwd) Switch# Overview of BackboneFast BackboneF ast is a complem entary techno logy to UplinkF ast.
14-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 4 Configuring STP Featu res Overview of Ba ckboneFast Figur e 14 -4 Bac kboneF ast Be for e Indirec t Link F ailur e Nex t, assume that L1 fails. Switc h A and Switch B, the switches dire ctly connected to this se gment, instantly kno w that the link is down.
14-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 14 Configuring STP Features Overvi ew of Ba ckboneFas t Figur e 14- 5 Bac kboneF ast a ft er Indir ect L ink F ailure If .
14-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 4 Configuring STP Featu res Enabl ing Backbone Fast Enabling Back boneFast Note For Back boneFast to work, you must ena ble it on all switches in the ne twork. Backbone Fast is supported for use wi th third-par ty switches but it is not supporte d on T oken Ring V LANs.
14-16 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 14 Configuring STP Features Enablin g Backbone Fast 5 vlans 0 0 0 11 11 BackboneFast statistics ----------------------- N.
C HAPTER 15-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 15 Understanding and Configuring Multiple Spanning Trees Thi s chapt er de scri bes ho w to co nf igur e the IEEE 80 2.1 s Mult iple S pann ing T ree (MS T) pro tocol on th e Catalyst 450 0 series switch.
15-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 15 Understandi ng and C onfigur ing Multi ple Spa nning Tr ees Overvi ew of MST IEEE 802.1 s MST MST e xtends the IEEE 802.1w r apid spann ing tree (RST) algo rithm to multiple span ning trees.
15-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 5 Understandin g and Configuri ng Multiple Spanning Tre es Overview of MS T – MST switches ope rate as if MA C reduct ion is enabled. – For pri v ate VL ANs (PVLANs), you must map a sec ondary VL AN to the same insta nce as th e primar y .
15-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 15 Understandi ng and C onfigur ing Multi ple Spa nning Tr ees Overvi ew of MST RSTP Port States The por t sta te cont rols the forward ing and learni ng proc esses an d provides the values o f disca rding, learnin g, and forwarding .
15-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 5 Understandin g and Configuri ng Multiple Spanning Tre es Overview of MS T T o STP run ning in the SST region, an MST regio.
15-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 15 Understandi ng and C onfigur ing Multi ple Spa nning Tr ees Overvi ew of MST MST BPDU s contain th e MST conf iguration ID and the checksu m.
15-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 5 Understandin g and Configuri ng Multiple Spanning Tre es Overview of MS T IST Master The IST master of an MST regio n is the bridge with the lo west bridge iden tif ier and the least path cost to the CST roo t.
15-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 15 Understandi ng and C onfigur ing Multi ple Spa nning Tr ees MST Config uration Rest rictions and Guidelines MST-to-PVS.
15-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 5 Understandin g and Configuri ng Multiple Spanning Tre es Config uring MS T Configuring MST The follo wing sec tions descr .
15-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 15 Understandi ng and C onfigur ing Multi ple Spa nning Tr ees Conf igu rin g MST Switch(config-mst)# show current Curre.
15-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 5 Understandin g and Configuri ng Multiple Spanning Tre es Config uring MS T Configuring MST In st ance Parame ters T o con.
15-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 15 Understandi ng and C onfigur ing Multi ple Spa nning Tr ees Conf igu rin g MST Configuring MST Inst an ce Port Parame.
15-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 5 Understandin g and Configuri ng Multiple Spanning Tre es Config uring MS T Displaying MST Configurations T o display MST .
15-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 15 Understandi ng and C onfigur ing Multi ple Spa nning Tr ees Conf igu rin g MST Switch# show spanning-tree mst 1 ###### MST01 vlans mapped: 1-10 Bridge address 00d0.00b8.
15-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 5 Understandin g and Configuri ng Multiple Spanning Tre es Config uring MS T FastEthernet4/48 of MST01 is boundary forwarding Port info port id 128.240 priority 128 cost 200000 Designated root address 00d0.
15-16 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 15 Understandi ng and C onfigur ing Multi ple Spa nning Tr ees Conf igu rin g MST.
C HAPTER 16-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 16 Understanding and Con figuring EtherChannel This cha pter descri bes how to use the comm and- line inter face (CLI) to co nfigure EtherC hannel on the Catalyst 4500 serie s switc h Laye r 2 or Layer 3 i nterface s.
16-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 16 Understa nding and C onfigur ing Ethe rChannel Overvi ew of EtherCh annel Note The network de vice to which a Catalyst 4500 seri es switch is connected may impose its o wn limits on the numb er of interf aces in an Eth erChann el.
16-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 6 Understanding an d Configuri ng EtherChan nel Overview of E therChan nel Understanding Manual Ether Channel Configuration Manual ly configur ed Et herChann el por ts do no t exchan ge Et herChann el pro tocol pa ckets.
16-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 16 Understa nding and C onfigur ing Ethe rChannel Overvi ew of EtherCh annel The proto col learn s the capab ilities of LAN port gr oups dynamica lly and inf orms the oth er LAN po rts.
16-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 6 Understanding an d Configuri ng EtherChan nel Ether Channel C onfigur ation Gui deli nes and Restr icti ons Understand ing Lo ad Balancin g Ether Channel c an balanc e the tra ff ic load across t he links in the ch annel.
16-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 16 Understa nding and C onfigur ing Ethe rChannel Configur ing EtherChann el • After yo u configur e an Ethe rChan nel, any.
16-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 6 Understanding an d Configuri ng EtherChan nel Config uring E therC hannel T o cr eate a po rt-channe l interface for a Lay.
16-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 16 Understa nding and C onfigur ing Ethe rChannel Configur ing EtherChann el This exam ple shows how to configure Fast Ethern.
16-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 6 Understanding an d Configuri ng EtherChan nel Config uring E therC hannel Partner's information: Partner Partner Partner Partner Group Port Name Device ID Port Age Flags Cap.
16-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 16 Understa nding and C onfigur ing Ethe rChannel Configur ing EtherChann el T o conf igur e Layer 2 Ethernet inter fa ces a.
16-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 6 Understanding an d Configuri ng EtherChan nel Config uring E therC hannel Switch# show interfaces fastethernet 5/6 etherc.
16-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 16 Understa nding and C onfigur ing Ethe rChannel Configur ing EtherChann el T o configur e the LA CP system priority and sy.
16-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 6 Understanding an d Configuri ng EtherChan nel Config uring E therC hannel The lo ad-ba lanci ng k eyw ords are: • src-m.
16-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 16 Understa nding and C onfigur ing Ethe rChannel Configur ing EtherChann el Remov ing an Ethe rChann el If you rem ove an EtherChanne l, the me mber ports ar e shut down and removed from the Chan nel group .
C HAPTER 17-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 17 Configuring IGMP Sno oping and Filtering This cha pter descr ibes how to configure Intern et Grou p Manageme nt Protoco l (IGMP) snoo ping on the Catalyst 4500 serie s switc h.
17-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Overview of IGMP Snoopi ng In co ntrast to IGMPv1 a nd IGM Pv2, I GMPv3 sn ooping p rovides imme diate- leave processin g by default.
17-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Over view of IG MP Sno opi ng Immediate-Le ave Proces sing IGMP sn oopin g immed.
17-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Configuring IGMP Snooping T o det ermine whether or not EHT is enabl ed on a VLAN , use the show ip igmp snoop vlan command.
17-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Configuring IGMP Snooping Enabling IGM P Snoopin g T o ena ble IGMP snoo ping gl.
17-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Configuring IGMP Snooping This exam ple sh o ws how to ena ble I GMP snoo ping.
17-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Configuring IGMP Snooping This exam ple shows how to co nfigure IP IG MP snoopi .
17-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Configuring IGMP Snooping This example shows how to enable IGMP i mmediat e-le.
17-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Configuring IGMP Snooping Suppressing Mu lticast Flooding An IGMP snooping-en abled switch will flo od multicast traf f ic to all ports in a VLAN when a spanning-tree T opolo gy Change Notification (TCN) is receiv ed.
17-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Configuring IGMP Snooping While in “ multicast flooding mode ,” IP mu lticast tra ff ic is deli vered to all ports in th e VLAN, an d not restr icted to tho se ports on which mult icast grou p members hav e been detected .
17-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Displaying IGMP Snooping Information This e xample shows how to modi fy the swi.
17-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Displaying IGMP Snooping Information Displaying Querier Information T o displ.
17-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Displaying IGMP Snooping Information 40.40.40.5/224.10.10.10Fa2/1 20.20.20.20 00:39:42 00:09:17 - 40.40.40.6/224.10.10.10 Fa2/1 20.
17-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Displaying IGMP Snooping Information This example sho ws how to display the host type s and ports of a group in VL AN 1: Switch# show ip igmp snooping groups vlan 10 226.
17-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Displaying IGMP Snooping Information T o display multicast router interf aces, .
17-16 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Conf igu ring I GMP Filt eri ng This exam ple shows how to di splay IG MP sno.
17-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Con fig ur ing IGMP Filt er ing Default IGMP Filte ring Configuration T ab le 17-2 shows the def ault IGMP f iltering conf iguration.
17-18 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Conf igu ring I GMP Filt eri ng T o delete a prof ile, use t he no ip ig mp pro f ile pr ofile number gl obal co nfiguration co mman d.
17-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Con fig ur ing IGMP Filt er ing T o remov e a prof ile from an inter face, use the no ip igmp fil ter command .
17-20 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Displaying IGMP Filtering Conf iguration T o remov e the maximum group limitatio n and return to the defaul t of no maximum, use the no ip igmp max-groups comman d.
17-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 7 Configuring IGMP Snoopi ng and Filterin g Displaying IGMP Filt ering Con figurat ion This is a n exampl e of the show run.
17-22 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 17 Co nfiguring IGMP Snooping and Filtering Displaying IGMP Filtering Conf iguration.
C HAPTER 18-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 18 Configuring 802.1Q and Laye r 2 Protocol Tunneling V irtual pri v ate ne tworks (VPNs) pro vide en terprise-scale connecti.
18-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 18 Configuri ng 802.1Q and Lay er 2 Protoc ol Tunneling Unders tanding 802 .1Q Tunnelin g A port configured to suppo rt 802. 1Q tunne ling is called a tunne l port. When you con f igure tunne ling, you assi gn a tu nnel port to a VLAN ID that i s dedica ted to tunneli ng.
18-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 8 Configuring 80 2.1Q and La yer 2 Pro tocol Tunn eling Understan ding 802.
18-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 18 Configuri ng 802.1Q and Lay er 2 Protoc ol Tunneling Configur ing 802.1 Q Tunneli ng Configuring 802.1Q Tunneling These sections descri be 802.1 Q tunnel ing configu ration: • 802.
18-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 8 Configuring 80 2.1Q and La yer 2 Pro tocol Tunn eling Configur ing 802.1Q Tun neling Figur e 1 8-3 P ot ential P roblem with 802 .1Q T unneling and Native VL ANs System MTU The defa ult syste m MTU for traff ic on the Cata lyst 4500 se ries sw itch is 1500 bytes.
18-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 18 Configuri ng 802.1Q and Lay er 2 Protoc ol Tunneling Configur ing 802.1 Q Tunneli ng • Ether Channel port groups are compatibl e with tunne l ports as long as the 802.1Q co nfiguration is consist ent wi thin an Ether Channel p ort gro up.
18-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 8 Configuring 80 2.1Q and La yer 2 Pro tocol Tunn eling Underst anding Laye r 2 Protoco l Tunnel ing This exampl e shows ho w to configure an interfac e as a tunnel port, enab le taggi ng of native VLAN pack ets, and v erif y the conf iguration.
18-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 18 Configuri ng 802.1Q and Lay er 2 Protoc ol Tunneling Unders tanding La yer 2 Protoc ol Tunneling Customer A ’ s Site .
18-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 8 Configuring 80 2.1Q and La yer 2 Pro tocol Tunn eling Configu ring Laye r 2 Protoco l Tunnel ing Configuring Laye r 2 Prot.
18-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 18 Configuri ng 802.1Q and Lay er 2 Protoc ol Tunneling Configur ing Layer 2 Prot ocol Tunne ling Layer 2 Protocol Tun ne.
18-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 8 Configuring 80 2.1Q and La yer 2 Pro tocol Tunn eling Configu ring Laye r 2 Protoco l Tunnel ing Use the no l2protocol-tunnel [ cdp | stp | vtp ] int erface c onfiguration c ommand to di sable pr otocol tunnel ing for one of th e Layer 2 pro tocols or for a ll three .
18-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 18 Configuri ng 802.1Q and Lay er 2 Protoc ol Tunneling Monito ring and Maint aining Tunnel ing Status Switch(config-if)#.
C HAPTER 19-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 19 Understanding and Configuring CDP This c hapter d escribes how to c onfigure Cisco Discovery Prot ocol (CD P) on the Catal yst 4500 se ries switch. It also provides guide lines, pro cedure s, and co nfiguration exampl es.
19-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapte r 19 Understa nding and C onfigur ing CDP Conf igu rin g CD P Configuring CDP The follo wing sectio ns describe ho w to con.
19-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 1 9 Understanding an d Configuring CD P Config uring C DP Enabling C DP on an Interface T o enable CDP on an interfac e, perfo.
19-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapte r 19 Understa nding and C onfigur ing CDP Conf igu rin g CD P This exam ple shows how to cl ear the C DP coun ter configur .
C HAPTER 20-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 20 Configuring UDLD This chap ter describ es ho w to conf igure th e UniDirection al Link Dete ction (UDLD ) and Unidirec tional Ether net on the Cata lyst 4500 series sw itch.
20-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 20 Configuring UDLD Default U DLD Configurat ion The swi tch period ically transmits UDLD pac kets to nei ghbor devices on i nterface s with UDL D enab led.
20-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 0 Configuring UDL D Configuring UDLD on the Switch Enabling UDL D Globally T o enable UDLD globa lly on all f iber-opti c in.
20-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 20 Configuring UDLD Conf igu rin g UDLD on t he Swit ch Disabling UDLD on Fi ber-Optic Interfaces T o disable UDLD on indi.
C HAPTER 21-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 21 Configuring Unidirection al Ethernet This cha pter descr ibes how to configure Unidire ctiona l Ethernet on the Catalyst 4.
21-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 21 Configuring Unidirectional Ethernet Configur ing Unidirec tional Ethe rnet T o enable Unidirectio nal Ethernet, perform.
21-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 1 Configuring Un idirectiona l Ethernet Configuring Unidirec tional Ethernet This e xample sho ws how to disable U nidirectional E thernet on Gigabit Ethernet interfac e 1/1: Switch# configure terminal Enter configuration commands, one per line.
21-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 21 Configuring Unidirectional Ethernet Configur ing Unidirec tional Ethe rnet.
C HAPTER 22-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 22 Configuring Layer 3 Interfaces This chapte r describes the Layer 3 interf aces on a Catalyst 4500 serie s switch. It also pro vides guideli nes, proc edures , and configurat ion examples .
22-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 22 Configu ring Layer 3 Int erface s Overvi ew of Laye r 3 Interfac es Logical La yer 3 VL AN Interfa ces The logica l Layer 3 VLAN inter faces pr ovide lo gical routin g interf aces to VL ANs on Layer 2 switches.
22-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 2 Configuring Layer 3 Interfaces Confi guration Gu ideli nes Configuration Gui delines A Cataly st 4500 series switch supp orts AppleT alk routing and IP X routing.
22-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 22 Configu ring Layer 3 Int erface s Configur ing Physical Lay er 3 Interfac es This exampl e uses the show in terfac es comm .
22-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 2 Configuring Layer 3 Interfaces Configuring Physical Layer 3 Interfaces T o configur e physical Layer 3 interfaces, perform.
22-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 22 Configu ring Layer 3 Int erface s Configur ing Physical Lay er 3 Interfac es.
C HAPTER 23-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 23 Configuring Cisco Expre ss Forwarding This chapter d escribes Cisco Expr ess Forwarding (CEF) on the Ca talyst 4500 series switch. It a lso provides g uide lines, p rocedur es, and example s to co nfigure t his fea ture.
23-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 23 Configuring Cisc o Express For warding Overvi ew of CEF CEF provides the fol lowing benefits: • Improves perform ance over the cach ing scheme s of multila yer switche s, which of ten flush t he entir e cache when inf ormation ch anges in the ro uting ta bles.
23-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 3 Configuring Cisco Expre ss Forwa rding Catalyst 4500 Series Switch Implementation of CEF Adjacency Types That Require Spec.
23-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 23 Configuring Cisc o Express For warding Cataly st 4500 Series Switch Im plementat ion of CEF Figur e 23-1 L ogical L2/L3 Switc h Compon ents The In tegrated Switch ing Engine performs int er-VLAN routin g on logical La yer 3 interface s with the ASIC hard ware .
23-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 3 Configuring Cisco Expre ss Forwa rding Catalyst 4500 Series Switch Implementation of CEF Figur e 23 -2 Har dwar e and Sof twar e Switc hing Com ponents The In tegrated Switchi ng Engine perf orms inter-VLA N routing in har dware.
23-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 23 Configuring Cisc o Express For warding CEF Configura tion Restric tions Load Balancing The Cat alyst 4500 se ries switch supports load balanci ng for rout ing packets in the Integrated Switching Engine har dware.
23-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 3 Configuring Cisco Expre ss Forwa rding Config uring C EF Configuring Load Balancing for CEF CEF load balanci ng is b ased .
23-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 23 Configuring Cisc o Express For warding Monito ring and Maint aining CEF For more informa tion on load sharing, refer to the Configuri ng Cisco Express F orwar ding module of the Cisco IOS documentation at this URL: http://www .
23-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 3 Configuring Cisco Expre ss Forwa rding Monitoring and Maintaining CEF This exam ple shows how to di splay IP un icast st a.
23-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 23 Configuring Cisc o Express For warding Monito ring and Maint aining CEF.
C HAPTER 24-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 24 Understanding and Configur ing IP Multicast This chapter descr ibes IP multicast routing on the Catalyst 4500 series switch . It also provides procedu res and e xampl es to configure IP mu lticast rou ting.
24-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Overvi ew of IP Mu lticast At the othe r end of the IP com municat ion spec trum is an I P broa dcast, where a sou rce hos t send s pack ets to all h osts on a network segment.
24-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Overview of IP Multicast Figur e 24- 1 IP Multicast Rou ting Pr ot ocols Int.
24-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Overvi ew of IP Mu lticast IGMP Snooping and CGMP IGMP sn ooping i s used for mu lticast ing in a Layer 2 switch ing environment .
24-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Overview of IP Multicast Figur e 24- 2 Logical V iew of L ay er 2 and L ay e.
24-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Overvi ew of IP Mu lticast The Cat alyst 4500 ser ies switch pe rforms La yer 3 routing and Layer 2 bri dging at the sam e time.
24-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Overview of IP Multicast If VLAN 1 con tains 1/ 1 and 1 /2, V LAN 2 contains 2/1 and 2/2, and VL AN 3 co ntain s 3/1 a nd 3/2, the MET chain for this route would contain these switch ports: (1/1,1/2 ,2/1,2/2 ,3/1, and 3/2).
24-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Overvi ew of IP Mu lticast Output i nterf ace lists a re stored in the m ulticast e xpansion table (MET). The MET has room for up to 32,000 output inte rface li sts.
24-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Overview of IP Multicast Hardw are r outes o ccur whe n the In te grated Switching Engin e hardwa re fo rward s all re plicas o f a pack et.
24-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Overvi ew of IP Mu lticast Figur e 24- 6 Redundant Mu lticast Rout er Configur ation i n a St ub Netw or k In this kind of t opology , onl y Router A, the PIM designat ed router (P IM DR), forwa rds data to the common VL AN.
24-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Overview of IP Multicast Multicast Forwarding Informa tion Base The Mult ic.
24-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Con figur ing IP Mult icas t Rou ting Note When PIM-SM routing is in use, the MFIB rou te might include an interface lik e in this ex ample: PimT unnel [1.
24-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Configuring IP Multicast Routing Default Configur ation in IP MUlticast Routing T ab le 24-1 shows the IP multic ast default conf igurat ion.
24-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Con figur ing IP Mult icas t Rou ting When the swit ch populat es the multica st routing t able, dense-m ode inter faces are always added to the tabl e.
24-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Monitoring and Maintaining IP Multicast Routing When an interfac e is treat.
24-16 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Mon itor ing an d Mai ntain ing IP Mult ica st Rou ting Displaying the Multicast Routing Table The follo win g is sample output from th e show ip mr oute command fo r a router operat ing in den se mode.
24-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Monitoring and Maintaining IP Multicast Routing (*, 224.2.127.253), 00:58:18/00:02:00, RP 171.69.10.13, flags: SJC (*, 224.1.127.
24-18 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Mon itor ing an d Mai ntain ing IP Mult ica st Rou ting Group: 224.2.201.241, Source count: 36, Group pkt count: 54152 RP-tree: 7/0/108/0 Source: 13.
24-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Monitoring and Maintaining IP Multicast Routing The follo wing is sample output from the show ip mf ib comm and.
24-20 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Mon itor ing an d Mai ntain ing IP Mult ica st Rou ting Displaying PIM Sta.
24-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 4 Understanding an d Configuri ng IP Multica st Config urati on Examp les Configuration E xamples The follo wing sectio ns .
24-22 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 24 Understanding and Configuring IP Mu lticast Configur ation Examp les.
C HAPTER 25-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 25 Configuring Policy-Based Routing This c hapter d escribes the tasks f or configuri ng policy-base d routin g (PBR) on a r .
25-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 25 Configuring Policy-Based Routing Overview of Policy-B ased Routing PBR allo ws you to perform the follo wing task s: • Classify t raff ic b ased on e xtended access list c riteria.
25-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 5 Configuring Policy-B ased Routing Policy- Based Routi ng Confi guratio n Task List Policy-Based Routing Configuration Task List T o config ure PBR, perform the tasks described in the follo wing sections.
25-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 25 Configuring Policy-Based Routing Policy- Based Routin g Configurati on Task List The set comman ds can be used i n conjun ctio n with eac h othe r . These command s are e valu ated i n the order sh own in Step 3 in the previous task ta ble.
25-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 5 Configuring Policy-B ased Routing Policy-Based Routing Configuration Examples Enabling L ocal PBR Pa ckets th at are generat ed by the router are not normally p olicy -rout ed.
25-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 25 Configuring Policy-Based Routing Policy-Ba sed Routing Conf iguration Ex amples ! route-map equal-access permit 10 match ip address 1 set ip default next-hop 6.6.6.6 route-map equal-access permit 20 match ip address 2 set ip default next-hop 7.
C HAPTER 26-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 26 Configuring VRF-lite V irt ual Priv a te Networks (V PNs) provide a secu re way for custome rs to share bandw idth over an ISP backbon e network . A VPN is a collect ion of site s sharing a co mmon rout ing table.
26-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 26 Configuring VR F-lite Unders tanding VRF-lite Understandin g VRF-lite VRF-lite is a feature that enabl es a service provid er to supp ort two or more VPNs, where IP addresses can be overlapped among the VP Ns.
26-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 26 Configur ing VRF-lite Default VRF-lite Configuration This is the packet-fo rwarding proce ss in a VRF-lite CE-enabled netwo rk as sho wn in Figu re 26-1 : • When the CE re ceives a packet from a VPN, it looks up th e routin g table based on the input inter face.
26-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 26 Configuring VR F-lite VRF-lite Config uration Gui delines VRF-lite Configuration Guidelines Consider these points when configuring VRF in yo ur net work: • A switch with VRF-lite is shared b y multiple customers, and all customers hav e their o wn routing tables.
26-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 26 Configur ing VRF-lite Configuring VRFs Configuring VRFs T o configur e one or more VRFs, perform this task: Note For comple.
26-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 26 Configuring VR F-lite Configuring BGP PE t o CE Routing Session s T o configure OSPF in the VPN, perform this task: Use.
26-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 26 Configur ing VRF-lite VRF-li te Confi guratio n Exam ple Use the no router bgp autonomo us-syste m-number global configurat ion co mmand t o dele te the BGP routing pro cess.
26-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 26 Configuring VR F-lite VRF-lite Config uration Exam ple Configuring Switch S8 On swit ch S8, enable routing and c onfigure VRF . Switch# configure terminal Enter configuration commands, one per line.
26-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 26 Configur ing VRF-lite VRF-li te Confi guratio n Exam ple Switch(config)# interface Vlan118 Switch(config-if)# ip vrf forwarding v12 Switch(config-if)# ip address 118.0.0.8 255.
26-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 26 Configuring VR F-lite VRF-lite Config uration Exam ple Configuring Switch S11 Conf igure S11 to connect to CE: Switch# configure terminal Enter configuration commands, one per line.
26-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 26 Configur ing VRF-lite Displaying VRF-lite Status Router(config)# router bgp 100 Router(config-router)# address-family ipv4 vrf v2 Router(config-router-af)# neighbor 83.0.0.8 remote-as 800 Router(config-router-af)# neighbor 83.
26-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 26 Configuring VR F-lite Displaying VRF-lite Status.
C HAPTER 27-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 27 Configuring Quality of Service This chapte r describes ho w to conf igure quality of service (QoS) b y using automatic QoS (au to-QoS) comman ds or by using standa rd QoS comma nds on a Cata lyst 45 00 series swit ch.
27-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Overvi ew of Qo S • Pa cket Modi fica tion, p age 27-16 • Per Port Per VLAN QoS, page 27.
27-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Overview of QoS Figur e 27 -1 QoS Classificatio n Lay ers in F ram es and P ack ets All sw.
27-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Overvi ew of Qo S Layer 2 802 .1Q fram e headers have a 2-byte T ag Control Informati on field that carri es the CoS v alue in the three most signif icant bits, which are called the User Priority bits.
27-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Overview of QoS • Classification is the selec tion of traf f ic to be marked .
27-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Overvi ew of Qo S • Schedul ing servi ces the four egre ss (transm it) queu es base d on th e sharing and sha ping conf iguration of the eg ress (transmit) port.
27-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Overview of QoS • Perform t he classificati on based on a configure d IP standard or extend ed ACL, which examines various fields in the IP head er .
27-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Overvi ew of Qo S Figur e 27 -3 Cla ssification Flow chart Ye s Ye s Ye s No No No No No No No No No Ye s Ye s Ye s Ye s Ye s Ye s Read interface configuration f or classification.
27-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Overview of QoS Classification Based on QoS ACLs A pack et can be cl assif ied fo r QoS us.
27-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Overvi ew of Qo S Y o u create a c lass map by using the class-map glo bal configur ation c ommand. When you en ter the class-map c omman d, the switch ent ers the class- map configur ation mode .
27-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Overview of QoS When configuri ng policing and policers, keep these item s in mind: • For IP pac kets, only the le ngth of the I P paylo ad (the total le ngth field in the IP heade r) is u sed by the polic er for pol icing comp utation .
27-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Overvi ew of Qo S Figur e 27 -4 P olicing and M ar king Fl ow ch art Star t Use QoS policy .
27-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Overview of QoS Internal DSCP V alues The foll owin g sections describe the internal DSCP.
27-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Overvi ew of Qo S Mapping T ables During Qo S processing, the switch re presents t he prior.
27-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Overview of QoS Sharing Link Bandwidth Among Transmit Queues The fo ur transmi t queues f or a tran smit port share th e av ailable link ba ndwidth of that tr ansmit por t.
27-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Overvi ew of Qo S Packet Modification A packet is cla ssif ied, policed, a nd queued to provid e QoS. Packet modificati ons can occu r during this process: • For IP packe ts, classi fic ation in volv es assi gning a DSCP to the pa cket.
27-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Configuring Auto-QoS The inte rnal IP DSCP is used t o determi ne the tr ansmit queu e to wh ich the p acket is enqueue d on the transmi ssion interf ace.
27-18 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g Aut o-Q oS interf ace is set t o trust the cos label recei ved in the p acket, if the inter face is conf igured as Layer 2. (The classif ication is set to trust DSCP if the interface is conf igured as Layer 3.
27-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Configuring Auto-QoS • T o take adv antage of the au to-QoS d efaul ts, do no t conf igur e any standard -QoS comm ands b efore enter ing the au to-QoS comm ands.
27-20 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g Aut o-Q oS This e xample sho ws ho w to e nable auto -QoS and to trust the c.
27-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Configuring Auto-QoS Auto-QoS Confi guration Ex ample This se ction de scribes how you coul d impleme nt auto -QoS in a networ k, as sh o wn in Figure 27 -5 .
27-22 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g Aut o-Q oS T o config ure the switch at the edge of the Qo S domain to prior.
27-23 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Configuring QoS Before configur ing QoS, you must have a thorough unde rstandi ng of these item s: • The type s of applicat ions used and the traff ic patte rns on your network .
27-24 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS CoS t o DSCP map (DSCP set from C oS va lues) CoS 0 = DSCP 0 CoS 1 = DSC.
27-25 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Configuratio n Guidelines Before beginni ng the QoS configura tion, you.
27-26 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS Configuring a Trusted Bou ndary to Ens ure Port Secu rity In a t ypical network, you conn ect a C isco IP phone t o a swi tch po rt as di scussed i n Cha pter 28, “Configuri ng V o ice Interfac es.
27-27 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Enabling Dynamic Buffer Limiting T o enable DBL globall y on the switch.
27-28 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS In effect, if you apply a single a ggregate pol icer t o port s and V LA.
27-29 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS This e xample sho ws how to create a named aggre gate policer with a 10 Mbps rate limit and a 1-MB b urst size that transmits conf orming traf f ic and marks do wn out-of-pro file traf fic.
27-30 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS • policy-map —Enter the policy-map command to de fin e the follo win.
27-31 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Note Any Inpu t or O utput po licy that uses a cla ss map with t he match ip pr ecedence or match ip dscp class- map com mands, re quires that th e port on wh ich the pac ke t is recei ved, be conf igured to trust dscp .
27-32 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS Creating a Policy Map T o create a policy map, perfor m this task: Confi.
27-33 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS When configur ing the policy-m ap class D BL state, no te the following: • Any class tha t uses a name d aggr egate policer must have the same DBL configurat ion to wor k.
27-34 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS • The v alid range of v alues for the burst paramete r is as fol lo ws.
27-35 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS This exampl e shows ho w to verify the configurat ion: Switch# show pol.
27-36 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS Configuring User Ba sed Rate Limiting User Based Rate Limiting (UBRL) adopts microflow policing capability to dynamically learn traf fic flo ws and rate limit each uniqu e flow to an individ ual rate.
27-37 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Switch# show class-map c1 Class Map match-all c1 (id 2) Match flow ip s.
27-38 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS Example 4 Assume the re are tw o acti ve flo ws on th e Fa st Ethernet in terface 6/1 with destination addresses of 192.1 68.
27-39 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Switch(config)# policy-map p1 Switch(config-pmap)# class c1 Switch(conf.
27-40 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS Y ou can conf igure hierar chical police rs with th e service -policy policy-map config comma nd.
27-41 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS The fo llowing exampl e shows how to verify the configur ation: Switch#.
27-42 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS Example 1 Figure 27-6 di splays a sample topology for configuring PV QoS. The t runk port gi3/1 i s comprised of multiple VLANs (101 and 102 ).
27-43 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Police 100m 16k conform transmit exceed drop Interface Gigabit 3/1 Swit.
27-44 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS Class-map: class-default (match-any) 0 packets Match: any 0 packets poli.
27-45 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS This exam ple sh o ws how to disable QoS on i nterface VLAN 5: Switch# configure terminal Enter configuration commands, one per line.
27-46 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS This exampl e shows ho w to verify the configurat ion: Switch# show qos .
27-47 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Configuring the CoS Va lue for an Interface QoS assigns the CoS va lue .
27-48 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS This example shows how to configure the DSCP 5 as the defau lt on Fast Ethern et interfa ce 5/24: Switch# configure terminal Enter configuration commands, one per line.
27-49 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS This exam ple shows how to map D SCP val ues to transit que ue 2. Switch# configure terminal Enter configuration commands, one per line.
27-50 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS This example shows how to configure the bandw idth of 1 Mbps on tra nsmit queue 2 . Switch# configure terminal Enter configuration commands, one per line.
27-51 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS This exampl e shows ho w to configure tran smit queue 3 to high prio rity . Switch# configure terminal Enter configuration commands, one per line.
27-52 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS This exa mple shows ho w to modify and display the CoS-to-DSCP map: Swit.
27-53 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 7 Configuring Qu ality of Service Conf iguring Q oS Note In the abov e polic ed-DSCP map, the marked -do wn DSCP v alues ar e sho wn in the bo dy of the matrix .
27-54 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 27 Configuring Quality of Service Conf igu rin g QoS Dscp-cos map: d1 : d2 0 1 2 3 4 5 6 7 8 9 ------------------------------.
C HAPTER 28-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 28 Configuring Voic e Interfaces This chapte r describes ho w to config ure voice interface s for the Catalyst 4500 series switches.
28-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 28 Config uring V oice Int erface s Configuring a Port to Connect to a Cisco 7960 IP Phone Figur e 28 -1 Cisco 79 60 IP Phone.
28-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 8 Configuring Voice Inte rfaces Configuring Voice Ports for Voice and Data Traffic T o co nfigure a port to rec eiv e voice .
28-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapt er 28 Config uring V oice Int erface s Overridin g the CoS Priority of Incoming Fr ames Unknown unicast blocked: disabled Unknow.
C HAPTER 29-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 29 Understanding and Configuring 802.1X Port-Based Authentication This cha pter describ es ho w to con f igure IEEE 802.1 X port-based au thentic ation to prevent unauthori zed client devices from gaini ng acces s to the net work.
29-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication Unders tanding 802.1X Port-Based A uthenticatio n • Authentic ation Initiat ion and Message Ex change, page 29-3 • Ports in Aut horized an d Unauthor ized Stat es, page 29- 4 • Using 802 .
29-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication Understandi ng 802.
29-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication Unders tanding 802.
29-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication Understandi ng 802.
29-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication Unders tanding 802.
29-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication Understandi ng 802.1X Port- Based Authent ication Usage Guidelines for Using 802.1X Authentica tion with Guest VLANs on Windows-XP Hosts The usage guidelines fo r using 802.
29-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication Unders tanding 802.
29-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication Understandi ng 802.1X Port- Based Authent ication These examples de scribe t he inte raction b etween 802.
29-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication Unders tanding 802.1X Port-Based A uthenticatio n Note The supplicant on the po rt detects t hat its sessi on has been terminat ed and attem pts to in itiate a ne w session.
29-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication Understandi ng 802.1X Port- Based Authent ication article at th e URL: http://www .microsoft.c om/technet/tree view/def ault.
29-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication Unders tanding 802.1X Port-Based A uthenticatio n Because R ADIUS uses th e unreliabl e transport protocol UDP , accou nting messag es may be lost due to poor net work con ditions.
29-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication How to Configure 802.1X • When 802.1 X is configured on a por t, you cannot connect mu ltiple IP -phones to a Cata lyst 4500 series switch through a hub .
29-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication How to Co nfigu re 80 2.1X • Configuring RADIU S-Provided Sessio n T i meouts, pa ge 29-19 ( optional ) • Configuring 802.
29-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication How to Configure 802.1X 802.1X Co nfigur ation Guidelines This secti on describe s the guidel ines for configuri ng 802.
29-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication How to Co nfigu re 80 2.1X Enabling 802.1X Authentication T o e nable 802. 1X port-ba sed auth enticat ion, you first mu st enable 802 .
29-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication How to Configure 802.1X T o disa ble A AA, use t he no aaa new-model global configur ation comma nd. T o disa ble 80 2.
29-18 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication How to Co nfigu re 80 2.
29-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication How to Configure 802.1X Refer to the f ollowing Cisco I OS securi ty docum entati on for in format ion on how to configure AA A system acc ounting: • http://www .
29-20 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication How to Co nfigu re 80 2.
29-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication How to Configure 802.1X Note When a port is p ut into a guest VLAN, i t is automatically place d into multihost mode, and an unlimit ed number of ho sts can conn ect throug h the port.
29-22 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication How to Co nfigu re 80 2.
29-23 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication How to Configure 802.
29-24 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication How to Co nfigu re 80 2.1X Configuring 802.1X with Voice VLAN T o enable 802.1X with v oice VLA N feature, perf orm this task: This exam ple sh o ws how to enable 8 02.
29-25 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication How to Configure 802.1X T o disable periodic re authentica tion, use the no dot1x re-authentic ation inter face configurat ion command.
29-26 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication How to Co nfigu re 80 2.1X T o return to the default quie t-period, use the no dot1x timeout quiet-period configuration command.
29-27 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 2 9 Understanding an d Configuri ng 802.1X Port-B ased Authe ntication How to Configure 802.
29-28 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 29 Understandi ng and C onfigur ing 802.1X P ort-Bas ed Authent ication Display ing 802.
C HAPTER 30-1 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 30 Configuring Port Security and Trunk Port Secu rity This chapte r describes ho w to config ure port security and trunk port secur ity on the Catalyst 4500 series swit ch. It pro vides guideli nes, pr ocedure s, and con fig urati on exam ples.
30-2 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapte r 30 Configuri ng Por t Secur ity an d Trunk Port S ecurit y Overview of Port Secur ity • Y o u can allow the port to dy namical ly configure secu re MA C addresse s with the MAC addresses of connect ed de vices.
30-3 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapter 3 0 Configuring Port Secur ity and Trunk Por t Security Default Port Secu rity Con figurat ion Y ou can also custo mize the t.
30-4 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapte r 30 Configuri ng Por t Secur ity an d Trunk Port S ecurit y Configuring Port Security • A sec ure po rt and static MA C a ddress conf igur ation f or an interf ace a re mutual ly e x clusi ve.
30-5 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapter 3 0 Configuring Port Secur ity and Trunk Por t Security Configur ing P ort Securit y • T o return the interf ace to the defa ult condition as nonsecure port , use the no switchport port -security com mand.
30-6 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapte r 30 Configuri ng Por t Secur ity an d Trunk Port S ecurit y Configuring Port Security • T o re turn the viola tion mode to the default con dition (shut down mode), use the no switchport port-security violation { re st ri ct | shutdown } command.
30-7 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapter 3 0 Configuring Port Secur ity and Trunk Por t Security Configur ing P ort Securit y ------------------------------------------------------------------------ Vlan Mac Address Type Ports Remaining Age (mins) ---- ----------- ---- ----- ------------- 1 0000.
30-8 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapte r 30 Configuri ng Por t Secur ity an d Trunk Port S ecurit y Configuring Port Security Y ou can co nfigure various port securit y related par ameter s on a per -port pe r -VLA N basis.
30-9 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapter 3 0 Configuring Port Secur ity and Trunk Por t Security Configur ing P ort Securit y Switch# show port-security interface g1/.
30-10 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapte r 30 Configuri ng Por t Secur ity an d Trunk Port S ecurit y Configuring Port Security T o configur e port security agin g, p.
30-11 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapter 3 0 Configuring Port Secur ity and Trunk Por t Security Displaying Port Security Settings Displaying Port Security Settings Use th e show port-sec urity command to display por t-security sett ings for an interfa ce or for the switch.
30-12 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapte r 30 Configuri ng Por t Secur ity an d Trunk Port S ecurit y Displaying Port Security Settings Aging Type : Absolute SecureSt.
30-13 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapter 3 0 Configuring Port Secur ity and Trunk Por t Security Displaying Port Security Settings This exam ple sh o ws how to display al l secu re MA C a ddresses configured on inte rface g 1/1 with aging inform ation fo r each add ress.
30-14 Software Configuration Guide—Release 12.2(25)EWA OL-6850-03 Chapte r 30 Configuri ng Por t Secur ity an d Trunk Port S ecurit y Displaying Port Security Settings.
C HAPTER 31-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 31 Configuring DHCP Snooping and IP Sourc e Guard This c hapter desc ribes how to co nfigure Dyna mic Host Configuration Pr otocol ( DHCP) sn ooping and IP Source Gu ard on Catalyst 4 500 series switches.
31-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 31 Configur ing DHCP Snoopi ng and IP Source Gua rd Overview of DHCP Sno oping Note In order to enable DHCP snooping on a VLAN , you must enable DHCP snooping on the switch. Y o u can configure DHCP sno oping for sw itches and VLANs.
31-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 1 Configuring DHCP Sno oping and IP So urce Guard Confi guring DHCP Snoopi ng on the S witch is possible because th e lease tim e might ind icate an e x pired ti me.
31-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 31 Configur ing DHCP Snoopi ng and IP Source Gua rd Configuring DHCP Snooping on the Switch If you want to cha nge the default configurat ion values, see th e “Enabling D HCP Snooping” section.
31-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 1 Configuring DHCP Sno oping and IP So urce Guard Confi guring DHCP Snoopi ng on the S witch This example shows how to enable DHCP snoo ping on VLAN s 10 through 10 0: Switch# configure terminal Enter configuration commands, one per line.
31-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 31 Configur ing DHCP Snoopi ng and IP Source Gua rd Configuring DHCP Snooping on the Switch Enabling DHC P Snoopin g on Private V LAN DHCP sno oping c an be enabl ed on pr iv ate VLA Ns, wh ich provide isolati on betwee n Layer 2 ports within the same VLAN.
31-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 1 Configuring DHCP Sno oping and IP So urce Guard Confi guring DHCP Snoopi ng on the S witch Configuration Examples fo r the Database Age nt The following example s show how to use the above co mmand s.
31-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 31 Configur ing DHCP Snoopi ng and IP Source Gua rd Configuring DHCP Snooping on the Switch DHCP sn oopin g binding s are ke yed on the MA C address and VLAN co mbina tion.
31-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 1 Configuring DHCP Sno oping and IP So urce Guard Confi guring DHCP Snoopi ng on the S witch Switch# renew ip dhcp snoop data tftp://10.1.1.1/directory/file Loading directory/file from 10.
31-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 31 Configur ing DHCP Snoopi ng and IP Source Gua rd Display ing DHCP Snoopi ng Informatio n This exam ple sh o ws how to ma n.
31-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 1 Configuring DHCP Sno oping and IP So urce Guard Over view o f IP S our ce Gu ard Displaying th e DHCP S nooping Config uration This exam ple shows how to displa y the DHCP snooping configuratio n for a switch.
31-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 31 Configur ing DHCP Snoopi ng and IP Source Gua rd Configur ing IP Source Gua rd on the Switch Note When IP sour ce guard is enabled in IP and MA C filtering mode, the DHCP snoo ping option 82 must be enab led to ensure that the DHC P protocol works properly .
31-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 1 Configuring DHCP Sno oping and IP So urce Guard Displaying IP Source Guard Information Switch(config-if)# switchport trun.
31-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 31 Configur ing DHCP Snoopi ng and IP Source Gua rd Display ing IP Source Bin ding Informat ion • This ex ample sho ws disp.
31-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 1 Configuring DHCP Sno oping and IP So urce Guard Displaying IP Source Binding Information T able 31 -3 show ip sour ce bin.
31-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 31 Configur ing DHCP Snoopi ng and IP Source Gua rd Display ing IP Source Bin ding Informat ion.
C HAPTER 32-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 32 Understanding and Configuring Dynamic ARP Inspection This chap ter de scribe s ho w to conf igur e Dynamic ARP Inspect ion (D AI) on the Ca talyst 450 0 series switch.
32-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Overvi ew of Dynam ic ARP Insp ection ARP Cach e Poiso ning Y o u can att ack hosts, switches, and route rs connec ted to yo ur Layer 2 network by “ poisoning” their AR P cache s.
32-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Overview of Dyna mic ARP Insp ection Interface Trust State, Se curity Coverag e and Netw ork Configuration D AI associates a tru st state with each inte rf ace on th e syst em.
32-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Overvi ew of Dynam ic ARP Insp ection Relative P riority of St a.
32-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Config uring Dyna mic ARP Insp ection The rat e limit c onfiguration on a port c hannel is i ndepend ent of t he configurat ion on its physical po rts.
32-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Inspect ion For informa tion on how to.
32-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Config uring Dyna mic ARP Insp ection This exam ple shows how to configure dynami c ARP insp ection on Switc h A in V LAN 100.
32-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Inspect ion Gi3/39 Untrusted 15 1 Gi3/.
32-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Config uring Dyna mic ARP Insp ection Interface Trust State Rate (.
32-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Inspect ion Vlan ACL Logging DHCP Log.
32-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Config uring Dyna mic ARP Insp ection Step 3 Switch(config-arp)# permit ip host sender-ip mac host sender-mac [ log ] Permits ARP packets from the specif ied host (Host 2).
32-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Inspect ion T o remov e th e ARP A CL, us e the no arp access-list global configurat ion comma nd.
32-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Config uring Dyna mic ARP Insp ection Gi3/4 Untrusted 15 1 Gi3/5 .
32-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Inspect ion Configuring the Log Buffer When th e switch dr ops a pac ket, i t pl aces an en try in the lo g bu f fer and th en gener ates sys tem messag es on a ra te-controlle d basis.
32-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Config uring Dyna mic ARP Insp ection T o return to the default l og buf fer settings, use the no ip arp inspection log-b uffer global conf igurati on command.
32-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Inspect ion Limiting the Rate of Inco.
32-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Config uring Dyna mic ARP Insp ection T o return to the default rate- limit confi guration, use the no ip arp in spection li mit inter face configurati on comm and.
32-18 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Inspect ion Gi3/41 Untrusted 15 1 Gi3.
32-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 2 Understanding an d Configuring D ynamic A RP Inspection Config uring Dyna mic ARP Insp ection T o perfor m specif ic checks on inco ming ARP pa ckets, perfor m this task.
32-20 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapte r 32 Understan ding and Co nfigur ing Dynami c ARP Inspec tion Configur ing Dynam ic ARP Inspect ion Vlan ACL Logging DHCP Logging ---- ----------- ------------ 100 Deny Deny SwitchB# 1w2d: %SW_DAI-4-INVALID_ARP: 9 Invalid ARPs (Req) on Gi3/31, vlan 100.
C HAPTER 33-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 33 Configuring Network Security with ACLs This chapte r describes ho w to use access control lists (A CLs) to configure netw ork security on the Catalyst 4500 series switches.
33-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Unders tanding A CLs ACL Overview An A CL is a collec tion of sequen tial perm it and den y conditio ns that ap plies to pa ckets.
33-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Unde rsta ndin g ACL s Y o u can apply onl y one IP access list an d one MA C access list to a Layer 2 int erface. • VLAN A CLs or VLAN maps control the ac cess of all pack ets (bri dged and ro uted) .
33-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Unders tanding A CLs Figur e 33 -1 Using A CLs to Contr ol T ra ff ic t o a Netw or k Port ACLs Y o u can also appl y A C Ls to Layer 2 interface s on a switch.
33-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Hardware and Software ACL Support VLAN Maps VLAN maps can con trol the ac cess of all tr af fic in a VLAN.
33-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs TCAM Progra mming and ACL s Note Packets tha t requi re loggi ng are p rocessed in software .
33-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Layer 4 Operat ors in ACLs Switch# show platform hardware acl statistics utilizat.
33-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Layer 4 Opera tors in ACL s Restrictions for Laye r 4 Operatio ns Y ou can spec .
33-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Layer 4 Operat ors in ACLs Access li sts 101 and 102 use the following L ayer 4 o.
33-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Layer 4 Opera tors in ACL s Access lists 104 and 105 are identic al; established is shorthand for rst and ack .
33-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Configuring Unicast MAC Address Filtering Configuring Unicast MAC Address Filter.
33-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Configur ing VLAN Maps Y o u can use the no mac access-list extended name global configuration co mman d to delete the entire A CL.
33-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Configuring VLAN Maps Note Y ou ca nnot appl y a VLAN m ap to a V LAN on a switch th at has ACLs applied to L ayer 2 interfaces (po rt AC L s ) .
33-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Configur ing VLAN Maps Y o u can use the no vlan access-map name global config urat ion comm and to delete a map .
33-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Configuring VLAN Maps Example 2 In t his e xam ple, t he VLA N map i s conf igured to dro p IP p ack ets an d to f orwa rd MA C packe ts b y de fault .
33-16 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Configur ing VLAN Maps Example 4 In this example, the VLAN map i s configured to drop all packets (IP and non -IP).
33-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Configuring VLAN Maps Figur e 33- 3 Wir ing Clo set Configur ation For example, .
33-18 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Configur ing VLAN Maps Denying Access to a Server on Another VLAN Figure 33-4 shows ho w to restrict access to a serv er on an other VLAN.
33-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Displaying VLAN Access Map In formation Displaying VLAN Access Ma p Informa tion T o display in formation ab out VLAN a ccess maps o r VLAN filt ers, pe rform one of these ta sks.
33-20 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Using VL AN Ma ps with Router A CLs Guidelines for Using Rout er ACLs and VLAN M aps Use these guideli nes whe n yo u need to us e a ro uter ACL and a VLAN map o n th e same VLAN.
33-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Using VLAN Maps with Router ACLs Figur e 33 -5 Applying A CLs o n Switc hed P ack ets ACLs and Routed Packe ts Figure 33-6 sho ws ho w AC Ls ar e appl ied on route d pack ets.
33-22 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Configuring PACLs Figur e 33 -6 Applyin g ACLs on Rout ed P ack ets Configuring PACLs This section describes ho w to con figure P A CLs, which ar e used to co ntrol f iltering on Lay er 2 interf aces.
33-23 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Configuring PACLs PACL Config ura tion Guidelines Consider the f ollo wing guide.
33-24 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Configuring PACLs The foll ow ing ex ample sho ws ho w to conf igure the Extend.
33-25 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Configuring PACLs This exampl e shows ho w to merge and apply fe atures other th.
33-26 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Using PA CL with V LAN M aps and Router ACLs This exam ple sh o ws tha t the I .
33-27 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 3 Configuring Netw ork Security wit h ACLs Usin g PACL with VL AN M aps an d Ro uter AC Ls Scenar io 1: Host A is connect ed to an inte rface in VLAN 20, which has an SVI conf igured .
33-28 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 33 Configuring Network Security with ACLs Using PA CL with V LAN M aps and Router ACLs If the interfa ce acce ss group mode i s prefe r port, t hen on ly the input P A CL is applie d on th e ingr ess traf f ic from Host A.
C HAPTER 34-1 Software Configuration Guide—Release 12.2(25)SG OL-76590-03 34 Configuring Private VLANs This chapter descr ibes p ri v ate VL ANs (PVLANs ) on C atalys t 4500 se ries s witches . It a lso p rovid es restric tions, proc edures , and configurat ion example s.
34-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-76590-03 Chapter 34 Configuring Private VLANs Overvi ew of PVLANs Isol ated and c ommunity VLANs a re called s econd ary VLA Ns. Y ou can e x ten d PVLANs acr oss mu ltiple devices by trunking the pr imary , isol ated, and c ommunity VLA Ns to other de vices that sup port PVLANs.
34-3 Software Configuration Guide—Release 12.2(25)SG OL-76590-03 Chapter 3 4 Configuring Private VLA Ns How to Configure PVLANs When a p acket is transmitte d out of a PVLAN h ost or tr unk port , the pack et logica lly bel ongs to the primary VLAN .
34-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-76590-03 Chapter 34 Configuring Private VLANs How to Configure PVLAN s • Use only PVLAN comma nds to as sign ports to pri mary , isolated, or commun ity VLANs. Layer 2 int erfaces on prim ary , isol ated, or com munit y VLANs are inactiv e in PVLAN s.
34-5 Software Configuration Guide—Release 12.2(25)SG OL-76590-03 Chapter 3 4 Configuring Private VLA Ns How to Configure PVLANs • Y ou can apply di f feren t quality of service ( QoS) conf igurations to primary , isolat ed, and com munity VLANs. ( See Chapter 27 , “Configur ing Quality of Service.
34-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-76590-03 Chapter 34 Configuring Private VLANs How to Configure PVLAN s Primary Secondary Type Interfaces ------- --------- ---------------.
34-7 Software Configuration Guide—Release 12.2(25)SG OL-76590-03 Chapter 3 4 Configuring Private VLA Ns How to Configure PVLANs • Use the re mov e k eyword with a secondary_vlan_list to clear the asso ciat ion betw een secondar y VLANs and a primar y VLAN.
34-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-76590-03 Chapter 34 Configuring Private VLANs How to Configure PVLAN s • Use the re mov e k eyword with a secondary_vlan_list to cl ear th e mappi ng b etween se condary VLANs and the PVLA N promiscuous port.
34-9 Software Configuration Guide—Release 12.2(25)SG OL-76590-03 Chapter 3 4 Configuring Private VLA Ns How to Configure PVLANs This exampl e shows ho w to configure inter face FastEthernet 5/1 as a.
34-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-76590-03 Chapter 34 Configuring Private VLANs How to Configure PVLAN s This example shows how to configure inter face FastEthernet 5/ 1 a.
34-11 Software Configuration Guide—Release 12.2(25)SG OL-76590-03 Chapter 3 4 Configuring Private VLA Ns How to Configure PVLANs Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) .
34-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-76590-03 Chapter 34 Configuring Private VLANs How to Configure PVLAN s This example shows how to permit rou ting of secon dary VLAN in gr.
C HAPTER 35-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 35 Port Unicast and Multicast Flood Blocking This ch apter describe s how to configure mu lticas t and u nicast f lood bloc king on the Catal yst 4 500 se ries switch .
35-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 35 Port Unicast and Multicast Flood Blocking Configur ing Port Blocking Blocking Flooded Tra ffic on an Interface Note Th e int erface ca n be a physic al inte rface ( for examp le, G igabitE therne t 1/1) or an EtherCha nnel group (such as port-ch annel 5) .
35-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 5 Port Unicast and Mu lticast Fl ood Block ing Configuring Port Blocking Resu ming Normal F orwar ding on a P ort T o r esume normal fo rwardin g on a port, p erform t his task: Command Purpose Step 1 Switch# configure terminal E nters glo bal configura tion mode .
35-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 35 Port Unicast and Multicast Flood Blocking Configur ing Port Blocking.
C HAPTER 36-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 36 Configuring Storm Con trol This cha pter describ es ho w to configure port -based tra f fic contro l on the Catalyst 4500 se ries switch.
36-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 36 Config uring S torm Con trol Overview of Storm Cont rol Hardware -based Storm Co ntrol Implementation Broadca st suppr.
36-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 36 Configur ing Storm Control Enablin g Stor m Control Enabling Sto rm Control T o enable storm control, perform th is task: The following example shows how to enab le s torm contro l on i nterfac e.
36-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 36 Config uring S torm Con trol Disabling St orm Control Disabling Storm Control T o disable storm control, perform this task: The following example shows how t o dis able storm c ontr ol o n inte rface .
36-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 36 Configur ing Storm Control Displaying Stor m Control Speed: 1000 Duplex: full Trunk encap.
36-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 36 Config uring S torm Con trol Mult icas t Sto rm Con trol Note Use the show storm-control comman d to di splay t he configure d threshol ds and status of storm on an interf ace.
36-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 36 Configur ing Storm Control Multicast Storm Control The follo wing exa mple shows ho w to enable multic ast suppression on ports that ha ve broadcast suppr ession alre ady en abled: Switch# configuration terminal Enter configuration commands, one per line.
36-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapt er 36 Config uring S torm Con trol Mult icas t Sto rm Con trol.
C HAPTER 37-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 37 Configuring SPAN and RSPAN Thi s chapte r descr ibes ho w to con fi gure th e Switc hed Por t Anal yzer (S P AN) an d Remot e SP AN (RSP AN) on the Catalyst 4500 series switc hes.
37-2 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Overview of SPAN and RSPAN For SP AN configura tion, the source inter faces and the destination interf ace must be on the same switc h.
37-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Overview of SPAN and RSPAN SPAN and RS PAN Conc epts and T erminology This secti on describe s c.
37-4 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Overview of SPAN and RSPAN Some fe atures that c an cause a pac ket to be droppe d durin g r.
37-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Overview of SPAN and RSPAN Destination Port Each local SP AN session o r RSP AN destination session must have a destina tion port (also called a monitori ng port ) tha t receives a copy of traffic from t he source ports a nd VL ANs.
37-6 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring SPAN • Y ou cannot use f ilter VLANs in the sa me session wi th VLAN sourc es.
37-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring SPAN • Configuration Sce nario, pag e 37-10 • V eri fying a SP AN C onfiguration, page 37 -10 Note En tering SP A N configuration commands does not clear previously configur ed SP AN para meters.
37-8 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring SPAN Configuring S PAN Sources T o c onfigure th e source for a SP AN session, p.
37-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring SPAN Configuring SPAN Destinations T o conf igure the d estination for a SP AN sessi.
37-10 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN CPU Port Sniffing Configur ation Scen ario This exam ple sh o ws how to use the c ommands describe d in t his ch apter t o compl etely configure a nd unconfigure a span session.
37-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN CPU Port Sniffing T o conf igure CPU so urce snif f ing, perfor m this task: This e x ample sho.
37-12 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Encapsu lation Con figuration Encapsulatio n Configu ration When conf iguring a SP AN destination port , you can explic itly specify the encap sulation t ype used b y the po rt.
37-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Access List Filter ing This exam ple shows how to configure a desti nation p ort with 802.
37-14 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Packet Ty pe Filtering • No policing is allo wed on traf f ic ex iting SP AN ports.
37-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Confi guratio n Example There are two categories of packet filtering: packet-base d (good, e rror) or address-ba sed (unicast/mu lticast/broadca st).
37-16 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring RSPAN Configuring RSPAN This se ction desc ribes ho w to c onfigure RSP AN on y.
37-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring RSPAN Creating an R SPAN Sessio n First crea te an RSP AN VLAN that does not e xist for the RSP AN session in any of the switc hes that will participa te in RSP AN.
37-18 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring RSPAN This example shows how to clear any existing RSP AN co nfiguration fo r session 1, co nfigure RSP AN session 1 to monitor mult iple source interfaces, and conf igure t he destinatio n RSP AN VLAN.
37-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring RSPAN This exampl e shows ho w to configure VLA N 901 as the sourc e remote VLA N a.
37-20 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring RSPAN This examp le shows how to configure VLAN 901 as the source rem ote VLA N and how to configure t he destinati on port for ing ress traffic on VL AN 5 by us ing a sec urity d e vice that su pports 8 02.
37-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring RSPAN Removin g Ports from an RS PAN Session T o remove a port as an RSP AN source .
37-22 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring RSPAN Specifying VLANs to Monitor VLAN monitoring is similar to port monitoring.
37-23 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Configuring RSPAN This exam ple shows how to cle ar any existing configuration o n RSP A N sess.
37-24 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Display ing SPAN and RSP AN Status T o monitor all VLANs on the trunk port, use the no monito r session session_number filter vlan gl obal configurati on comm and.
37-25 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Displaying SPAN and RS PAN Sta tus Source VLANs: RX Only: None TX Only: None Both: None Source .
37-26 Software Conf igurati on Guide—Rele ase 12.2(25)S G OL-7659-03 Chapter 37 Configuring SPAN and RSPAN Display ing SPAN and RSP AN Status.
C HAPTER 38-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 38 Configuring NetFlow This c hapter desc ribes how to configure N etFlow Statistics on the Catalyst 4500 series swi tches. It also pro vides gu ideline s, pro cedure s, and con fig uration exam ples.
38-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 38 Configuri ng NetFlo w Overvie w of NetF low Stat istics Collecti on NetFlo w ex ports flo w information in UDP data grams in one of two formats.
38-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 8 Configuring NetFlow Overview of N etFlow Statistics Col lection Information Derive d from Hard ware Informati on a va ilab.
38-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 38 Configuri ng NetFlo w Overvie w of NetF low Stat istics Collecti on • source an d destination IP ad dresses • IP protoc.
38-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 8 Configuring NetFlow Overview of N etFlow Statistics Col lection Assigning the Input Interf ace and Input Related Inferred .
38-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 38 Configuri ng NetFlo w Config uring Ne tFlow St atisti cs Colle ction The follo w ing exa mple shows th e CLI output for a s.
38-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 8 Configuring NetFlow Configuring NetFlow S tatistics Col lection M MAC addresses Hw Fw Sw Status --+--------------------------------+---+------------+----------------+--------- 1 0001.
38-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 38 Configuri ng NetFlo w Config uring Ne tFlow St atisti cs Colle ction Configuring Switched/ Bridged IP Flows Netflow is defined as a co llectio n of routed IP flows crea ted and tra cked for all rout ed IP traffic.
38-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 8 Configuring NetFlow Configuring NetFlow S tatistics Col lection Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec) -------- Flows /Sec /Flow /Pkt /Sec /Flow /Flow SrcIf SrcIPaddress DstIf DstIPaddress Pr SrcP DstP Pkts Fa1 150.
38-10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 38 Configuri ng NetFlo w Config uring Ne tFlow St atisti cs Colle ction Configuring a n Aggregation Cache Aggre gation of NetFlo w Statistics is typic ally performed b y NetFlo w collection tools on management workstation s.
38-11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 8 Configuring NetFlow Configuring NetFlow S tatistics Col lection Configuring a NetFlow Mi nimum Prefix Mask for Ro uter-Ba.
38-12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 38 Configuri ng NetFlo w Config uring Ne tFlow St atisti cs Colle ction Configuring the Minimum M ask of a Source-Prefix Aggr.
38-13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 8 Configuring NetFlow NetFlow Statistics Collectio n Configuration Example NetFlow Statistics Collecti on Configura tion Example The follo wing example sho ws how to modify the conf iguration to ena ble NetFlo w switching.
38-14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 38 Configuri ng NetFlo w NetFlow Configurat ion Exa mples Gi6/2 30.20.1.10 Gi6/1 30.10.1.10 11 4001 4001 539K Gi6/2 30.20.1.11 Gi6/1 30.10.1.11 11 4001 4001 539K Gi6/2 30.20.1.
38-15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 8 Configuring NetFlow NetFlow Configuration Examples Autonomous System Configuration This exam ple shows how to co nfigure .
38-16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 38 Configuri ng NetFlo w NetFlow Configurat ion Exa mples Switch(config-flow-cache)# cache timeout active 45 Switch(config-flow-cache)# export destination 10.
C HAPTER 39-17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 39 Diagnostics on the Catalyst 4500 Sw itch Diagnostics te sts and v erif ies the f unctionality of the hardw are components of your system (chassis, supervi sor engi nes, modu les, and A SICs), wh ile your Catalyst 4500 ser ies switch is conne cted to a liv e networ k.
39-18 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 39 Diagnostics on the Catalyst 4500 Switch Troubleshooting with Online Diagnostics A faul ty linecard will occur if any of the follo wing conditions occur s.
39-19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 9 Diagnostics on the Ca talyst 45 00 Switch 1) linecard-online-diag --------------------> . The lineca rd passed online diagno stics either 1) wh en it was inser ted into the chassis th e last time or 2) when th e switch w as po wered u p (as repor ted by the " .
39-20 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 39 Diagnostics on the Catalyst 4500 Switch Sample POST Results For all the super visor engine s, POST perform s CPU, traffic, system, system me mory , and feature te sts.
39-21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 9 Diagnostics on the Ca talyst 45 00 Switch The fo llowing example shows the o utput fo r a WS-X 4516 supe rvisor engine: Switch# show diagnostic result module 2 detail module 2: Overall diagnostic result: PASS Test results: (.
39-22 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 39 Diagnostics on the Catalyst 4500 Switch Module 2 Passed __________________________________________________________________.
39-23 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 9 Diagnostics on the Ca talyst 45 00 Switch Potential false positives: 0 0 Ignored because of rx errors: 0 0 Ignored becaus.
39-24 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 39 Diagnostics on the Catalyst 4500 Switch Last test execution time ------------> Jul 19 2005 13:28:16 First test failure .
39-25 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 9 Diagnostics on the Ca talyst 45 00 Switch 2) packet-memory-bootup --------------------> U Error code -----------------.
39-26 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 39 Diagnostics on the Catalyst 4500 Switch Ignored during boot: 0 0 Ignored after writing hw stats: 0 0 Ignored on high gigap.
39-27 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 9 Diagnostics on the Ca talyst 45 00 Switch Local 10GE Port 62: U Local 10GE Port 63: U Port Traffic: L2 Serdes Loopback ... 0: . 1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: . 9: .
39-28 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 39 Diagnostics on the Catalyst 4500 Switch Last test failure time --------------> n/a Last test pass time ----------------.
39-29 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 3 9 Diagnostics on the Ca talyst 45 00 Switch T o evaluate if the hardware fa ilure is persi stent, yo u can power cycle t he super visor e ngine to rerun the POST tests.
39-30 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 Chapter 39 Diagnostics on the Catalyst 4500 Switch.
A- 1 Software Configuration Guide — Release 12.2(25 )SG OL-7659-03 APPEND IX A Acronyms and Abbreviations Ta b l e A - 1 de f ines the a cronyms and abbreviations use d in this publica tion.
A- 2 Software Configuration Guide — Release 12.2(25)SG OL-7659-03 Appendi x A Acronyms and Abbr eviation s CHAP C halleng e Hand shake Auth enticatio n Protoc ol CIR committe d information rate CIST.
A-3 Software Configuration Guide — Release 12.2(2 5)SG OL-7659-03 Append ix A Acronyms and Abbrev iations EAP Exte nsible Aut hentic ation Prot ocol EARL Enhanced A ddress Reco gnition Lo gic EEPR O.
A- 4 Software Configuration Guide — Release 12.2(25)SG OL-7659-03 Appendi x A Acronyms and Abbr eviation s LD A Local Direct or Acceler ation LCP L ink Control Prot ocol LEC LAN Emu lation Clie nt L.
A-5 Software Configuration Guide — Release 12.2(2 5)SG OL-7659-03 Append ix A Acronyms and Abbrev iations O AM Operation, Admin istration, and Main tenance ODM o rder de penden t merge OSI Open Sy s.
A- 6 Software Configuration Guide — Release 12.2(25)SG OL-7659-03 Appendi x A Acronyms and Abbr eviation s RPF reverse path fo rwarding RPR R oute Proc essor Red undancy RSP AN r emote SP AN RST res.
A-7 Software Configuration Guide — Release 12.2(2 5)SG OL-7659-03 Append ix A Acronyms and Abbrev iations TL V type-le ngth -v alue TTL T im e T o Li v e TVX v alid transmi ssion UDLD UniDir ection .
A- 8 Software Configuration Guide — Release 12.2(25)SG OL-7659-03 Appendi x A Acronyms and Abbr eviation s.
IN-1 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 INDEX Numerics 10/100 autone gotiatio n feat ure, f orced 4-8 10-G iga bit E thern et p ort deploy with Gigabit Ethernet SFP por ts 4-6 802.
Index IN-2 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 limitation s 33-4 processing 33-9 types suppo rted 33-2 acronym s, list of A- 1 active queu e mana gement 27-14 adding membe rs .
Inde x IN-3 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 burst rate 27-50 burst size 27-28 C cand idates automatic d iscovery 9-9 candida te switch, cluster defined 9-14 requir ements .
Index IN-4 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 CLI 9-14 passwords 9-10 comman d-line proce ssing 2-3 comm and mode s 2-5 comm ands listing 2-5 command switch, cluster requir e.
Inde x IN-5 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 and supp ort for 802.1X authentic ation 29-15 default setti ngs, erase commad 3-25 deploying 10-Gigabit Ethernet and a Gigabit .
Index IN-6 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 dynamic ARP inspection ARP cache poisoning 32-2 config uring ACLs for non- DHCP environmen ts 32-10 in DHCP environments 32-5 lo.
Inde x IN-7 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 port-chan nel interfa ces 16-2 port-ch annel load -balan ce command 16-12 ports, 802.
Index IN-8 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 See MST IEEE 8 02.1w See MST IEEE 8 02.3ad See LACP IGMP descript ion 24-3 enab ling 24-13 explicit host tracking 17-3, 17-8 imm.
Inde x IN-9 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 ip fl ow-aggreg ation cache destin ation-pr efix comm and 38-11 ip flow-ag gregatio n cache pref ix command 38-11 ip fl ow-aggr.
Index IN- 10 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 config uring MTU si zes for 4-12 ports a nd line cards tha t support 4-10 VLAN interfa ces 4-12 K keyboar d shortcuts 2-3 L l2.
Inde x IN- 11 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 building tables 11-2 convert dynami c to sticky secur e 30-2 displaying 5-3 displaying in DHCP snooping bin ding table 31-11 .
Index IN- 12 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 multi cast pa cket s blocking 35 -2 multicas t routers displaying ro uting tab les 24-16 flood su ppressio n 17-9 Multica st S.
Inde x IN- 13 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 support 1-8 non-IP traffi c filteri ng 33-11 non-RPF t raffic descript ion 24-9 in redund ant conf igurations (f igure) 24-10.
Index IN- 14 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 config uring p ower cons umptio n for sw itch 8-4 power co nsumption fo r powere d devices Intell igent Powe r Mana gement 8-5.
Inde x IN- 15 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 enab ling 14-8 overvi ew 14-8 port priority configurin g MST instances 15-12 config uring ST P 13-13 ports blocking 35-1 chec.
Index IN- 16 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 setting mode 34-12 protoc ol timers 13-4 provide r edge devic es 26--2 prun ing, VTP See VTP pruning pseudobrid ges descript ion 15-5 PVACL 31-11 PVID (port VLAN ID) and 802.1X with voice VLAN ports 29-12 PVLANs 802.
Inde x IN- 17 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 QoS ma ppi ng ta bles CoS-to-DSCP 27-51 DSCP-to-CoS 27-53 policed-DSCP 27-52 types 27-14 QoS mark ing descript ion 27-5 QoS p.
Index IN- 18 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 config uring 13-9 selecting in MST 15-2 root gu ard and MST 15-2 enab ling 14-2 overvi ew 14-2 route d packet s ACLs 33-21 rou.
Inde x IN- 19 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 show clu ster me mber s comma nd 9-14 show confi gurat ion comm and 4-10 show debug ging comman d 19-4 show envi ronment co m.
Index IN- 20 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 displaying sta tus 37-24 overvi ew 37-1 ses sio n lim its 37-6 SPAN destination ports 802.
Inde x IN- 21 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 accessin g the redunda nt 6-14 config uring 3-8 to 3-13 copying files to standb y 6-14 default configur ation 3-1 default gat.
Index IN- 22 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 See TDR time exce eded mess ages 5-8 timer See login tim er Token R ing media no t suppor ted (not e) 10-4, 10-10 TOS descript.
Inde x IN- 23 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 MST and 15-3 overvi ew 14-10 User Based Rate Limiting config uring 27-36 overvi ew 27-36 user EXE C mode 2-5 user sessions di.
Index IN- 24 Software Configuration Guide—Release 12.2(25)SG OL-7659-03 ente ring IP VMPS ad dress 10-21 reconfirm ation inte rval 10-24 reconfi rm VLA M membe rship 10-23 default configur ation 10-.
Een belangrijk punt na aankoop van elk apparaat Cisco Systems WSC4500X16SFP (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Cisco Systems WSC4500X16SFP heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Cisco Systems WSC4500X16SFP vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Cisco Systems WSC4500X16SFP leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Cisco Systems WSC4500X16SFP krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Cisco Systems WSC4500X16SFP bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Cisco Systems WSC4500X16SFP kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Cisco Systems WSC4500X16SFP . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.