Catalyst 2950 Desktop Switch Software
Configuration Guide
Cisco IOS Release 12.1(11)EA1
August 2002
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Customer Order Number: DOC-7811380=
Text Part Number: 78-11380-05
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS M ANUAL ARE SUBJECT TO CHA NGE WITHOUT NO TICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSI BILITY FOR THEIR APPLICA TION OF ANY PRODUCT S.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORT H IN THE INFORMATION PACKET T HAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP head er compressi on is an adap tation of a program developed by the Universi ty of Ca lifornia, Berk eley (UCB) as part of UCB ’s public
domain version of the UNIX operatin g system. All rights reserved . Copyri ght © 1981 , Rege nts of the Uni versity of Calif ornia.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THE SE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAI M ALL WARRANTIE S, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NO NINFRINGEM ENT OR ARISING FROM A COURS E OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING ,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE S.
CCIP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, Internet Quotient, iQ
Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet, TransPath, and Voice LAN are trademarks
of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All That’s Possible, The Fastest Way to Increase Your Internet Quotient, and iQuick Study are
service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS,
the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel,
EtherSwitch, Fast Step, GigaStack, IOS, IP/TV, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX,
Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other
countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (0206R)
Catalyst 2950 Desktop Switch Software Configuration Guide
Copyright © 2001-2002, Cis co Sys tems, In c.
All rights reserved.
Preface xxiii
Audience xxiii
Purpose xxiii
Organization xxiv
Conventions xxvi
Related Publications xxvii
Obtaining Documentation xxvii
World Wide Web xxvii
Documentation CD-ROM xxviii
Ordering Documentation xxviii
Documentat ion Feedback xxviii
Obtaining Technical Assistance xxviii
Cisco.com xxix
Technical Assistance Center xxix
Cisco TAC Website xxix
Cisco TAC Escalation Center xxx
CONTENTS
CHAPTER
1 Overview 1-1
Features 1-1
Management Options 1-5
Management Interf ace Options 1-6
Advantage s of Us in g CMS and Cluster ing Switches 1-6
Network Configuration Examples 1-7
Design Concepts for Using the Switch 1-7
Small to Medium-Sized Network Configuration 1-10
Collapsed Backbone and Switch Cluster Configuration 1-12
Large Campus Configuration 1-13
Multidwelling Network Using Catalyst 2950 Switches 1-14
Long-Distance, High-Bandwidth Transport Configuration 1-16
Where to Go Next 1-17
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
iii
Contents
CHAPTER
2 Using the Command-Line Interface 2-1
IOS Command Modes 2-1
Getting Help 2-3
Abbreviating Commands 2-3
Using no and default Forms of Commands 2-4
Understanding CLI Messages 2-4
Using Command History 2-5
Changing the Command Hi story Buffer Size 2-5
Recalling Commands 2-5
Disabling the Command History Feature 2-6
Using Editing Features 2-6
Enabling and Disa bling Editing Features 2-6
Editing Commands through Keystrokes 2-7
Editing Command Lines that Wrap 2-8
Searching and Filtering Output of show and more Commands 2-9
Accessing the CLI 2-9
Accessing the CLI from a Browser 2-10
CHAPTER
3 Getting Started with CMS 3-1
Features 3-2
Front Panel View 3-4
Cluster Tree 3-5
Front-Panel Ima ges 3-5
Redundant Power System LED 3-6
Port Modes and LEDs 3-7
VLAN Membership Modes 3-8
Topology View 3-9
Topology Icons 3-11
Device and Link Labe ls 3-12
Colors in the Topol ogy View 3-12
Topology Display Options 3-13
Menus and Toolbar 3-14
Menu Bar 3-14
Toolbar 3-19
Front Panel View Popup Menus 3-20
Device Popup Menu 3-20
Port Popup Menu 3-20
iv
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Topology View Popup Menus 3-21
Link Popup Menu 3-21
Device Popup Menus 3-22
Interaction Modes 3-23
Guide Mode 3-24
Expert Mode 3-24
Wizards 3-24
Tool Tips 3-25
Online Help 3-25
CMS Window Components 3-26
Host Name List 3-26
Tabs, Lists, and Tables 3-27
Icons Used in Windows 3-27
Buttons 3-27
Contents
CHAPTER
Accessing CM S 3-28
Access Modes in CMS 3-29
HTTP Access to CMS 3-29
Verifying Your Changes 3-30
Change Notification 3-30
Error Checkin g 3-30
Saving Your Configuration 3-30
Restoring Your Configuration 3-31
CMS Preferences 3-31
Using Different Versions of CMS 3-31
Where to Go Next 3-32
4 Assigning the Switch IP Address and Default Gateway 4-1
Understanding the Boot Process 4-1
Assigning Switch Information 4-2
Default Switch Information 4-3
Understanding DHCP-Based Autoconfiguration 4-3
DHCP Client Request Process 4-4
Configuring the DHCP Server 4-5
Configuring the TFTP Server 4-5
Configuring the DNS 4-6
Configuring the Relay Device 4-6
Obtaining Configuration Files 4-7
Example Con fi guration 4-8
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
v
Contents
Manually Assigning IP Information 4-10
Checking and Saving the Running Configuration 4-10
CHAPTER
5 Configuring IE2100 CNS Agents 5-1
Understanding IE2100 Series Configuration Registrar Software 5-1
CNS Configuration Service 5-2
CNS Event Service 5-3
NameSpace M a pper 5-3
What You Should Know About ConfigID, DeviceID, and Host Name 5-3
ConfigID 5-3
DeviceID 5-4
Host Name and DeviceID 5-4
Using Host Name, DeviceID, and ConfigID 5-4
Understanding CNS Embedded Agents 5-5
Initial Configuration 5-5
Incremental (P ar tial) Configurat ion 5-6
Synchronized Configuration 5-6
Configuring CNS Embe dded Agents 5-6
Enabling Automate d CNS Configuration 5-6
Enabling the CNS Event Agent 5-8
Enabling the CNS Configuration Agent 5-9
Enabling an Initial Configuration 5-9
Enabling a Partial Configuration 5-12
CHAPTER
vi
Displaying CNS Configuration 5-12
6 Clustering Switches 6-1
Understanding Switch Clusters 6-2
Command Switch Characteristics 6-3
Standby Command Switch Characteristics 6-3
Candidate Switch and Member Switch Characteristics 6-4
Planning a Switch Cluster 6-5
Automatic Discovery of Cluster Candidates and Members 6-5
Discovery th ro ug h CD P H op s 6-6
Discovery through Non-CDP-Capable and Noncluster-Capable Devices 6-8
Discovery through the Same Management VLAN 6-9
Discovery through Di fferent Management VLANs 6-10
Discovery of Newly Installed Switches 6-11
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
HSRP and Standby Command Switches 6-13
Virtual IP Addres s es 6-14
Other Considerations for Cluster Standby Groups 6-14
Automatic Recovery of Cluster Configuration 6-16
IP Addresses 6-16
Host Names 6-17
Passwords 6-17
SNMP Community Strings 6-17
TACACS+ and RADIUS 6-18
Access Modes in CMS 6-18
Management VLAN 6-19
LRE Profiles 6-19
Availability of Switch-Specific Features in Switch Clusters 6-20
Creating a Switch Cluster 6-20
Enabling a Command Switch 6-20
Adding Member Switches 6-21
Creating a Cluster Standby Group 6-23
Verifying a Switch Cl uster 6-25
Contents
CHAPTER
Using the CLI to Manage Switch Clusters 6-26
Catalyst1900 and Catalyst2820 CLI Considerations 6-26
Using SNMP to Manage Sw itch Clusters 6-27
7 Administering the Switch 7-1
Preventing Unauthorized Access to Your Switch 7-1
Protecting Access to Privileged EXEC Commands 7-2
Default Password and Privilege Level Configuration 7-2
Setting or Changing a Static Enable Password 7-3
Protecting Enable and Enable Secret Passwords with Encryption 7-4
Setting a Telnet Password for a Terminal Line 7-5
Configuring User name and Password Pairs 7-6
Configuring Multiple Privilege Lev e ls 7-7
Setting the Priv ilege Level for a Command 7-7
Changing the Default Privilege Level for Lines 7-8
Logging into and Exiting a Privilege Level 7-9
Controlling Switch Access with TACACS+ 7-9
Understanding TACACS+ 7-9
TACACS+ Operation 7-11
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
vii
Contents
Configuring TACACS+ 7-11
Default TACACS+ Confi guration 7-12
Identifying the TACACS+ Server Host and Setting th e Authentication Key 7-12
Configuring TACACS+ Login Authentication 7-13
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 7-15
Starting TACACS+ Accounting 7-16
Displaying the TA CACS+ Configuration 7-16
Controlling Switch Access with RADIUS 7-17
Understanding RADIUS 7-17
RADIUS Operation 7-18
Configuring RADIUS 7-19
Default RADIUS Configu ration 7-19
Identifying the RADIUS Server Host 7-19
Configuring RADI US Login Authentication 7-22
Defining AAA Server Groups 7-24
Configuring RADIUS Authorization for User Privileged Access and Network Services 7-26
Starting RADIUS Accounting 7-27
Configuring Set tings for All RADIUS Servers 7-28
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 7-28
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 7-29
Displaying the RADIUS Configuration 7-30
Configuring the Switch for Local Authenticat ion and Authorization 7-31
Managing the System Time and Date 7-32
Understanding the System Clock 7-32
Understanding Network Time Protocol 7-32
Configuring NTP 7-34
Default NTP Config uration 7-35
Configuring NTP Authentication 7-35
Configuring NTP Associations 7-36
Configuring NTP Broadcast Service 7-37
Configuring NTP Ac cess Restrictions 7-38
Configuring the Source IP Address for NTP Packets 7-40
Displaying the NTP C onfiguration 7-41
Configuring Ti me and Date Manually 7-41
Setting the System Clock 7-42
Displaying the Time and Date Configuration 7-42
Configuring the Time Zone 7-43
Configuring Summer Time (Daylight Saving Time) 7-44
viii
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Configuring a System Name and Prompt 7-46
Default System Name and Prompt Configuration 7-46
Configuring a System Name 7-46
Configuring a System Prompt 7-47
Understanding DNS 7-47
Default DNS Configuration 7-48
Setting Up DNS 7-48
Displaying the DNS Configuration 7-49
Creating a Banner 7-49
Default Banner Con figuration 7-49
Configuring a Message-of-the-Day Login Banner 7-50
Configuring a Login Banner 7-51
Managing the MAC Address Table 7-52
Building the Address Table 7-52
MAC Addresses and VLANs 7-53
Default MAC Address Tab le Configuration 7-53
Changing the Addres s Aging Time 7-53
Removing Dynamic Address Entries 7-54
Configuring MAC Address Notification Traps 7-54
Adding and Removing Static Address Entries 7-56
Adding and Removing Secure Addresses 7-57
Displaying Addre ss Table Entries 7-58
Contents
CHAPTER
Managing the ARP Table 7-59
8 Configuring 802.1X Port-Based Authentication 8-1
Understanding 802.1X Port-Based Authenticati on 8-1
Device Roles 8-2
Authentication Initiation and Message Exchange 8-3
Ports in Authorized and Unauthorized States 8-4
Supported Topologies 8-5
Configuring 802.1X Authentication 8-5
Default 802.1X Configuration 8-6
802.1X Configur ation Guidelines 8-7
Enabling 802.1X Authentication 8-8
Configuring th e Switch-to-RADIUS-Server Communication 8-9
Enabling Periodic Re-Authentication 8-10
Manually Re-Authenticating a Client Connected to a Port 8-11
Changing the Quiet Period 8-11
Changing the Switch-to-Client Retransmission Time 8-12
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
ix
Contents
Setting the Switch-to-Client Frame-Retransmission Number 8-13
Enabling Multiple Hosts 8-13
Resetting the 802 .1X Configuration to the Default Values 8-14
Displaying 802.1X Statistics and Status 8-14
CHAPTER
9 Configuring Interface Characteristics 9-1
Understanding Interface Types 9-1
Port-Based VLANs 9-1
Switch Ports 9-2
Access Ports 9-2
Trunk Ports 9-3
EtherChannel Por t Groups 9-3
Connecting Interfaces 9-3
Using the Interface Command 9-4
Procedures for Configuring Interfaces 9-5
Configuring a Range of Interfaces 9-6
Configuring and Using Interface Range Macros 9-8
Configuring Layer 2 Interfaces 9-9
Default Layer 2 Ethernet Interface Configuration 9-9
Configuring Interface Speed and Duplex Mode 9-10
Configuration Guidelines 9-11
Setting the Interface Speed and Duplex Parameters 9-11
Configuring IEEE 802.3X Flow Control on Gigabit Ethernet Ports 9-12
Adding a Descripti on for an Interface 9-13
CHAPTER
x
Monitoring and Maintaining the Interfaces 9-14
Monitoring Interface and Controller Status 9-14
Clearing and Reset ting Interfaces and Counte rs 9-16
Shutting Down and Restarting the Interface 9-17
10 Configuring STP 10-1
Understanding Spanning-Tree Features 10-1
STP Overview 10-2
Supported Spanning-Tree Instances 10-2
Bridge Protocol Data Units 10-2
Election of the Root Switch 10-3
Bridge ID, Switch Priority, and Extended System ID 10-4
Spanning-Tree Timers 10-4
Creating the Spanning-Tree Topology 10-5
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Spanning-Tree I nterface States 10-5
Blocking State 10-7
Listening State 10-7
Learning State 10-7
Forwarding State 10-7
Disabled State 10-8
Spanning-Tree Add ress Management 10-8
STP and IEEE 802.1Q Tr unks 10-8
Spanning Tree and Redundant Connectivity 10-8
Accelerated Aging to Retain Connectivity 10-9
Configuring Spanning-Tree Features 10-9
Default STP Confi guration 10-10
STP Configuration Guidelines 10-10
Disabling STP 10-12
Configuring the Root Switch 10-12
Configuring a Secondary Root Switch 10-14
Configuring the Port Priority 10-15
Configuring the Path Cost 10-16
Configuring the Switch Priority of a VLAN 10-18
Configuring the Hello Time 10-19
Configuring the Forwarding-Delay Time for a VLAN 10-19
Configuring th e Maximum-Aging Time for a VLAN 10-20
Configuring STP for Use in a Cascaded Stack 10-20
Contents
CHAPTER
78-11380-05
Displaying the Spanning-Tree Status 10-21
11 Configuring RSTP and MSTP 11-1
Understanding RSTP 11-2
Port Roles and the Active Topology 11-2
Rapid Convergence 11-3
Synchronization of Port Roles 11-4
Bridge Protocol Data Unit Format and Processing 11-5
Processing Super ior BPDU Information 11-6
Processing Inferior BPDU Information 11-6
Topology Changes 11-6
Understanding MSTP 11-7
Multiple Spanning-Tree Regions 11-7
IST, CIST, and CST 11-8
Operations Within an MST Region 11-8
Operations Betwee n MST Regions 11-9
Catalyst 2950 Desktop Switch Software Configuration Guide
xi
Contents
Hop Count 11-10
Boundary Ports 11-10
Interoperability with 802.1D STP 11-11
Configuring RSTP and MSTP Features 11-11
Default RSTP and MSTP Configuration 11-12
RSTP and MSTP Configuration Guidelines 11-12
Specifying the MST Region Configuration and Enabling MSTP 11-13
Configuring the Root Switch 11-14
Configuring a Sec ondary Root Switch 11-16
Configuring the Port Priority 11-17
Configuring the Path Cost 11-18
Configuring the Switch Priority 11-19
Configuring the Hello Time 11-19
Configuring th e Forwarding-Delay Time 11-20
Configuring th e Maximum-Aging Time 11-21
Configuring the Maximum-Hop Count 11-21
Specifying the Link Type to Ensure Rapid Transiti ons 11-22
Restarting the Protocol Migration Process 11-22
CHAPTER
Displaying the MST Configuration and Status 11-23
12 Configuring Optional Spanning-Tree Features 12-1
Understanding Optional Spanning-Tree Features 12-1
Understanding Port Fast 12-2
Understanding BPD U Guard 12-3
Understanding BPDU Filtering 12-3
Understanding UplinkFast 12-4
Understanding Cross-Stack UplinkFast 12-5
How CSUF Works 12-6
Events That Cause Fast Convergence 12-7
Limitations 12-8
Connecting the Stack Ports 12-8
Understanding BackboneFast 12-10
Understanding Root Guard 12-12
Understanding Loop Guard 12-13
Configuring Optional Spanning-Tree Features 12-13
Default Optional Spanning-Tree Configuration 12-14
Enabling Port Fast 12-14
Enabling BPDU Guard 12-15
Enabling BPDU Filtering 12-16
xii
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Enabling Uplink Fast for Use with Redundant Links 12-17
Enabling Cross-Stack UplinkFast 12-18
Enabling BackboneFast 12-19
Enabling Root Guard 12-19
Enabling Loop Guard 12-20
Displaying the Spanning-Tree Status 12-21
Contents
CHAPTER
13 Configuring VLANs 13-1
Understanding VLANs 13-1
Supported VLANs 13-2
VLAN Port Membership Modes 13-3
Configuring Nor mal-Range VLANs 13-4
Token Ring VLANs 13-5
Normal-Range VLAN Configuration Guidelines 13-5
VLAN Configuration Mode Options 13-6
VLAN Configuration in config-vlan Mode 13-6
VLAN Configuration in VLAN Configuration Mode 13-6
Saving VLAN Configuration 13-7
Default Ethernet VLAN Configuration 13-8
Creating or Modifying an Ethernet VLAN 13-8
Deleting a VLAN 13-10
Assigning Static-Access Ports to a VLAN 13-11
Configuring Extended-Range VLANs 13-12
Default VLAN Configuration 13-12
Extended-Range VLAN Configuration Guidelines 13-12
Creating an Extended-Range VLAN 13-13
78-11380-05
Displaying VLANs 13-14
Configuring VLAN Tr unks 13-15
Trunking Overview 13-15
802.1Q Configura tion Considerations 13-16
Default Layer 2 Ethernet Inte rfa c e VL A N Co nf ig ur ation 13-17
Configuring an Ethernet Interface as a Trunk Po rt 13-17
Interaction with Other Features 13-17
Configuring a Trunk Port 13-18
Defining the Allo w e d V LA N s on a Tr un k 13-19
Changing the Pruning-Eligible List 13-20
Configuring the Native VLAN for Untagged Traffic 13-20
Catalyst 2950 Desktop Switch Software Configuration Guide
xiii
Contents
Load Sharing Using STP 13-21
Load Sharing Using STP Port Priorities 13-21
Load Sharing Using STP Path Cost 13-23
Configuring VMPS 13-24
Understanding VMPS 13-25
Dynamic Port VLAN Membership 13-25
VMPS Databa se Co nfiguration Fi le 13-26
Default VMPS Configuration 13-27
VMPS Configu ra tion Guidelines 13-28
Configuring the VMPS Client 13-28
Entering the IP Address of the VMPS 13-28
Configuring Dynamic Access Ports on VMPS Clients 13-29
Reconfirming VLAN Memberships 13-30
Changing the Reconfirmation Interval 13-30
Changing the Retry Count 13-30
Monitoring the VMPS 13-31
Troubleshooting Dynamic Port VLAN Membership 13-31
VMPS Configuration Example 13-32
CHAPTER
14 Configuring VTP 14-1
Understanding VTP 14-1
The VTP Domain 14-2
VTP Modes 14-3
VTP Advertisements 14-3
VTP Version 2 14-4
VTP Pruning 14-4
Configuring VTP 14-6
Default VTP Confi guration 14-6
VTP Configuration Options 14-7
VTP Configuration in Global Configuration Modes 14-7
VTP Configuration in VLAN Configuration Mode 14-7
VTP Configuration Guidelines 14-8
Domain Names 14-8
Passwords 14-8
Upgrading from Previous Software Releases 14-8
VTP Version 14-9
Configuration Requirements 14-9
Configuring a VTP Server 14-9
Configuring a VTP Client 14-11
xiv
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Disabling VTP (VTP Transparent Mode) 14-12
Enabling VTP Version 2 14-13
Enabling VTP Pruning 14-14
Adding a VTP Client Switch to a VTP Domain 14-15
Monitoring VTP 14-16
Contents
CHAPTER
CHAPTER
15 Configuring Voice VLAN 15-1
Understanding Voice VLAN 15-1
Configuring Voi ce VLAN 15-2
Default Voice VLAN Configuration 15-2
Voice VLAN Configuration Guidelines 15-3
Configuring a Port to Connect to a Cisco7960 IP Phone 15-3
Configuring Ports to Carry Voice Traffic in 802.1Q Frames 15-4
Configuring Ports to Carry Voice Traffic in 802.1P Priority Tagged Frames 15-4
Overriding the CoS Priority of Incoming Data Frames 15-5
Configuring the IP Phone to Trust the CoS Priority of Incoming Data Frames 15-6
Displaying Voic e VLAN 15-6
16 Configuring IGMP Snooping and MVR 16-1
Understanding IGMP Snooping 16-1
Joining a Multicast Group 16-2
Leaving a Multicast Group 16-4
Immediate-Leave Processing 16-4
Configuring IGMP Snooping 16-5
Default IGMP Snoo ping Configuration 16-5
Enabling or Disabling IGMP Snooping 16-5
Setting the Snoopi ng Method 16-6
Configuring a Multicast Router Port 16-7
Configuring a Host Statically to Join a Group 16-8
Enabling IGMP Immedi ate-Leave Processing 16-9
78-11380-05
Displaying IGMP Sno oping Information 16-9
Understanding Multicast VLAN Registration 16-12
Using MVR in a Multicast Television Application 16-12
Configuring MV R 16-14
Default MVR Configuration 16-14
MVR Configuration Guidelines and Limitations 16-15
Configuring MVR Global Parameters 16-15
Configuring MVR Interfaces 16-16
Catalyst 2950 Desktop Switch Software Configuration Guide
xv
Contents
Displaying MVR Information 16-18
Configuring IGMP Filtering 16-19
Default IGMP Filtering Configuration 16-19
Configuring IGMP Profiles 16-20
Applying IGMP Profil es 16-21
Setting the Maximum Number of IGMP Groups 16-22
Displaying IGMP Filtering Configuration 16-23
CHAPTER
CHAPTER
17 Configuring Port-Based Traffic Control 17-1
Configuring Sto rm Control 17-1
Understanding Storm Control 17-1
Default Storm Control Configuration 17-2
Enabling Storm Control 17-2
Disabling Storm Control 17-3
Configuring Protected Ports 17-3
Configuring Port Security 17-4
Understanding Po rt Security 17-4
Secure MAC Addresses 17-5
Security Viol at ions 17-6
Default Port Security Configuration 17-6
Port Security Configuration Guidelines 17-7
Enabling and Configuring Port Security 17-7
Enabling and Confi guring Port Security Aging 17-10
Displaying Port -Based Traffic Control Settings 17-12
18 Configuring UDLD 18-1
xvi
Understanding UDLD 18-1
Configuring UDLD 18-3
Default UDLD Configuration 18-3
Enabling UDLD Globally 18-4
Enabling UDLD on an Inter face 18-4
Resetting an Interf ace Shut Down by UDLD 18-5
Displaying UDLD Status 18-6
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Contents
CHAPTER
CHAPTER
19 Configuring CDP 19-1
Understanding CDP 19-1
Configuring CDP 19-2
Default CDP Config uration 19-2
Configuring the CDP Characteristics 19-2
Disabling and Enabling CDP 19-3
Disabling and Enabling CDP on an Interface 19-4
Monitoring and Maintaining CDP 19-5
20 Configuring SPAN and RSPAN 20-1
Understanding SPAN and RSPAN 20-1
SPAN and RSPAN Concepts and Terminology 20-3
SPAN Session 20-3
Traffic Types 20-3
Source Port 20-4
Destination Por t 20-4
Reflector Port 20-4
SPAN Traffic 20-5
SPAN and RSPAN Interaction with Other Features 20-5
SPAN and RSPAN Session Limit s 20-6
Default SPAN and RSPAN Configuration 20-6
Configuring SPAN 20-7
SPAN Configuration Guidelines 20-7
Creating a SPAN Session and Specifying Ports to Monitor 20-7
Removing Ports from a SPAN Se ss io n 20-9
Configuring RSPAN 20-10
RSPAN Configuration Guidelines 20-10
Creating an RSPAN Session 20-11
Creating an RSPAN Destination Session 20-12
Removing Ports from an RSPAN Se s sion 20-13
Displaying SPAN and RSPAN Status 20-14
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
xvii
Contents
CHAPTER
CHAPTER
21 Configuring RMON 21-1
Understanding RMON 21-1
Configuring RMON 21-2
Default RMON Configuration 21-3
Configuring RMON Alarms and Events 21-3
Configuring RMON Col lection on an Interface 21-5
Displaying RMON Status 21-6
22 Configuring System Message Logging 22-1
Understanding System Message Logging 22-1
Configuring System Message Logging 22-2
System Log Message Format 22-2
Default System Message Logging Configuration 22-3
Disabling and Enabling Message Logging 22-4
Setting the Message D isplay Destination Device 22-4
Synchronizing Log Messages 22-6
Enabling and Disabling Timestamps on Log Messages 22-7
Enabling and Disabling Sequence Numbers in Log Messages 22-8
Defining the Message Severity Level 22-8
Limiting Syslog Messages Sent to the History Table and to SNMP 22-10
Configuring UNIX Syslog Servers 22-10
Logging Messages to a UNIX Syslog Daemon 22-11
Configuring the UNIX System Logging Facility 22-11
CHAPTER
xviii
Displaying the Lo gging Configuration 22-12
23 Configuring SNMP 23-1
Understanding SNMP 23-1
SNMP Versions 23-2
SNMP Manager Functions 23-3
SNMP Agent Fu nc ti on s 23-3
SNMP Community Strings 23-4
Using SNMP to Access MIB Variables 23-4
SNMP Notifications 23-5
Configuring SNMP 23-5
Default SNMP Configuration 23-6
SNMP Configuration Guidelines 23-6
Disabling the SNMP Agent 23-7
Configuring Commun ity Strings 23-7
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Configuring SNMP Groups and Users 23-8
Configuring SNMP Notifications 23-10
Setting the Agent Contact and Location Informat ion 23-13
Limiting TFTP Servers Used Through SNMP 23-13
SNMP Exampl es 23-14
Displaying SNMP Status 23-15
Contents
CHAPTER
24 Configuring Network Security with ACLs 24-1
Understanding ACLs 24-2
Handling Fragmented and Unfragmented Traffic 24-3
Understanding Access Control Parameters 24-4
Guidelines for Applying ACLs to Physical Interfaces 24-6
Configuring ACLs 24-6
Unsupported Features 24-7
Creating Standard and Extended IP ACLs 24-7
ACL Numbers 24-8
Creating a Numbered Standard ACL 24-9
Creating a Numbered Extended ACL 24-10
Creating Named Standard and Extended ACLs 24-13
Applying Time Ranges to ACLs 24-15
Including Comments About Entries in ACLs 24-17
Creating Named MAC Extended ACLs 24-18
Creating MAC Access Groups 24-19
Applying ACLs to Ter m inal Lines or Physical Interfaces 24-20
Applying AC Ls to a Te rm i nal Line 24-20
Applying ACLs to a Physical Interface 24-21
78-11380-05
Displaying ACL Information 24-21
Displaying ACLs 24-22
Displaying Access Groups 24-23
Examples for Compiling ACLs 24-23
Numbered ACL Examples 24-25
Extended ACL Examples 24-25
Named ACL Example 24-25
Commented IP AC L En tr y Exa m ples 24-25
Catalyst 2950 Desktop Switch Software Configuration Guide
xix
Contents
CHAPTER
25 Configuring QoS 25-1
Understanding QoS 25-2
Basic QoS Model 25-3
Classification 25-4
Classification Based on QoS ACLs 25-5
Classification Based on Class Maps and Policy Maps 25-6
Policing and Marking 25-6
Mapping Tables 25-7
Queueing and Scheduling 25-7
How Class of Service Works 25-7
Port Priority 25-8
Port Scheduling 25-8
CoS and WRR 25-8
Configuring QoS 25-9
Default QoS Config uration 25-9
Configuratio n Guidelines 25-10
Configuring Classification Using Port Trust States 25-10
Configuring the Trust State on Ports within the Q oS Domain 25-11
Configuring the CoS Value for an Interface 25-13
Configuring Trusted Boundary 25-13
Enabling Pass-Through Mode 25-15
Configuring a QoS Policy 25-16
Classifying Tr affic by Using ACLs 25-16
Classifying Tr affic by Using Class Maps 25-20
Classifying, Policing, and Marking Traffic by Using Policy Maps 25-21
Configuring CoS Map s 25-24
Configuring the CoS-to-DSCP Map 25-25
Configuring the DSCP-to-CoS Map 25-26
Configuring CoS an d WRR 25-27
Configuring CoS Pr iority Queues 25-27
Configuring WR R 25-27
xx
Displaying QoS Information 25-28
QoS Configuration Examples 25-29
QoS Configuratio n for the Existing Wiring Closet 25-30
QoS Configuration for the Intelligent Wiring Closet 25-30
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Contents
CHAPTER
CHAPTER
26 Configuring EtherChannels 26-1
Understanding EtherChannels 26-1
Understanding Po rt-Channel Interfaces 26-2
Understanding the Port Aggregation Protocol 26-3
PAgP Modes 26-4
Physical Learners and Aggregate-Port Learners 26-5
PAgP Interaction with Other Features 26-5
Understanding Load Balancing and Forwarding Methods 26-5
Configuring EtherChannels 26-7
Default EtherCha nnel Configuration 26-7
EtherChannel Con figuration Guidelines 26-8
Configuring Layer 2 EtherChannels 26-8
Configuring EtherChannel Load Balancing 26-10
Configuring the PAgP Learn Method and Priority 26-11
Displaying EtherChannel and PAgP Status 26-11
27 Troubleshooting 27-1
Using Recovery Procedures 27-1
Recovering from Corrupted Software 27-2
Recovering from a Lost or Forgotten Password 27-2
Recovering from a Command Switch Failure 27-4
Replacing a Failed Command Switch with a Cluster Member 27-5
Replacing a Failed Command Switch with Another Switch 27-6
Recovering from Lost Member Connectivity 27-7
APPENDIX
I
NDEX
78-11380-05
Preventing Auton egotiation Mismatches 27-8
GBIC Module Security and Identification 27-8
Using Debug Commands 27-8
Enabling Debuggi ng on a Specific Feature 27-9
Enabling All-System Diagnostics 27-9
Redirecting Debu g and Error Message Output 27-10
Using the crashinfo File 27-10
A Supported MIBs A-1
MIB List A-1
Using FTP to Access th e MI B Files A-2
Catalyst 2950 Desktop Switch Software Configuration Guide
xxi
Contents
xxii
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Audience
Preface
The Catalyst 2 950 Desktop Switch Software Configuration G uide i s for t he n etwor k mana ger
responsible for configuring the Catalyst 2950 switches, hereafter referred to as the switches. Before
using this guide, you should be familiar with the concepts and terminology of Ethernet and local area
networking.
Purpose
This guide provides inf orma tio n abo ut con figuring and trou bl eshoo ting a sw it ch o r switc h cluste rs. I t
includes descript ion s o f th e ma nage ment in terfa ce opt ions a nd th e fea ture s su ppo rte d by t he s wit ch
software. The switch is supported by either the standard software image (SI) or the enhanced software image
(EI). The EI provides a richer set of features, including access control lists (ACLs), enhanced quality of
service (QoS) features, extended-range VLANs, and Remote Switch Port Analy zer (RSPAN).
The EI supports these switches:
• Catalyst 2950C-24
• Catalyst 2950G-12-EI
• Catalyst 2950G-24-EI
• Catalyst 2950G-24-EI-DC
• Catalyst 2950G-48-EI
• Catalyst 2950T-24
The SI supports these switches:
• Catalyst 2950-12
• Catalyst 2950-24
• Catalyst 2950SX-24
Use this guide with other documents for information about these topics:
78-11380-05
• Requirements—This guide assumes that you have met the hardware and software requirements and
cluster compatibility requirements described in the release notes.
• Start-up information—This guide assumes that you have assigned switch IP info rmati on and
passwords by using the setup program descri bed in the rele ase notes .
Catalyst 2950 Desktop Switch Software Configuration Guide
xxiii
Organization
Preface
• Cluster Management Sui te (CMS) i nformat ion—This guide provides an overview of the CMS
web-based, switch mana geme nt int erface. For inf orm ation a bout CMS r e quireme nts an d the
procedures for browser and plug-in configuration and accessing CMS, refer to the release notes. For
CMS field-level window descriptions and procedures, re fer to the CM S online hel p.
• Cluster configuration—This guide provides inform ation a bout planni ng for, creating, and
maintaining switch clusters. Because configuring switch clusters is most easily performed through
CMS, this guide does not provide the command-line interface (CLI) procedures. For the cluster
commands, refer to the comm and re ferenc e for th is releas e.
• CLI command information—This guide provides an overview for using the CLI. For complete
syntax and usage inform ation about the commands t hat have been specifically cr eate d or chang ed
for the switches, re fer to th e comm and ref erence for this re lease .
This guide does not descri be system message s you might enc ounter or how to install your switch. For
more inform ation, refer to the Catalyst 2950 Desktop Switch System Message Guide for this release and
to the Catalyst 2950 Desktop Sw itch Ha rdware Installation Guide .
Note This guide does not repe at the conc epts and CLI proce dures provided in the st andar d Cisco IOS
Release 12.1 docume ntation . For informa tion ab out the stan dard IO S Releas e 12.1 co mmands, re fer to
the IOS documen tation se t available fro m t he Ci sco.c om ho me p ag e at Service and Support >
T echni cal Documents. On t he Cisco Produ ct Documentation hom e page, select Release 12.1 from the Ci sco
IOS Software drop-down list.
Organization
This guide is organized into these chapters:
Chapter 1, “Ove rv i ew,” lists the software features of this release and provides examples of how the
switch can be deployed in a network.
Chapter 2, “Using the Command-Line Interface,” describes how to access the command modes, use the
CLI, and describes CLI messa ges that you migh t receive. It also describes how to get help, abbr eviate
commands, use no and default forms of commands, use command history and editing features, and how
to search and filter the output of show and more commands.
Chapter 3, “Getting Started with CMS,” describes the CMS web-based , switch ma nagement interface.
For information about configuring your web browser and accessing CMS, refer to the release notes. For
field-level descriptions of all CMS wi ndows and pr oc edure s f or usi ng t h e CM S wi ndows, refer to the
online help.
Chapter 4, “Assigning the Switch IP Address and Default Gateway,” describes how to create the initial
switch configuration (for example, assign the switch IP address and default gateway information) by
using a variety of automatic and manua l metho ds.
Chapter 5, “Configuring IE2100 CNS Agents,” describes how to conf igure Cisco I ntelligence Engine 2 100
(IE2100) Series Cisco Networking Services (CNS) embedded agents on your switch. By using the
IE2100 Series Configuration Registrar network management application, you can automate initial
configurations and conf iguration upd ates by generatin g switch-specific con figuration changes, sending t hem
to the switch, executing the configuration change, and logging the results.
Chapter 6, “Clust ering Switches,” describes switch c luster s and the cons ider ation s for creat ing and
maintaining them. The online help provides the CMS procedures for configuring switch clusters.
Configuring switch cl usters is mo st e asily pe rfo rmed t hroug h C MS; th eref or e, CL I pr ocedu re s are not
provided. Cluster comman ds are de scribed in the Ca tal yst 295 0 De skto p S witch Comm an d Re ference.
xxiv
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Preface
Organization
Chapter 7, “Administering the Switch,” describes how to perform one-time operations to administer your
switch. It describes how to prevent unauthorized access to your switch th rough the use of pa sswords,
privilege levels, the Terminal Access Controller Access Control System Plus (TACACS+), and the
Remote Authenticati on Dial-In U ser Serv ice (RADIUS) . It als o describ es ho w to set the sy stem date and
time, set system name and pro mpt, crea te a login banne r, and how to manage the MAC address and
Address Resolution Protocol (ARP) tables.
Chapter 8, “Configuring 802.1X Port-Based Authentication,” d escri bes how to configu re 80 2.1X
port-based authenti ca tion to prevent unauthorized devices (clients) from gaining access to the network.
As LANs extend t o hote ls, air por ts , and c or por ate lob bi es , in sec ure environme nts cou l d b e cr ea te d.
Chapter 9, “Configuring Interface Characteristics,” defines the types of interfaces on the switch. It
describes the interface global configuration command and provides procedures for configuring physical
interfaces.
Chapter 10, “Configuring STP,” describes how to configure the Spanning Tree Protocol (STP) on your
switch.
Chapter 11, “Configuring RSTP and MSTP,” describes how to configure the Cisco implementation o f
the IEEE 802.1W Rapid STP (RSTP) and the IEEE 802.1S Multiple STP (MSTP) on your switch. RSTP
provides rapid convergence, and M STP en ab les VLA Ns t o be g rou pe d in to a sp an ning- tre e i nstan ce .
Chapter 12, “Configuring Optional Spanning-Tree Features,” describes how to configure optional
spanning-tree featur es that can be used when you r switc h is running the per-VLAN spann ing-tr ee
(PVST) or the MS TP.
Chapter 13, “Configuring VLANs,” describes how to create and maintain VLANs. It includes
information about t he V LAN data base , VLAN c onfiguration m ode s, ext ende d-r ange VLA Ns , V LAN
trunks, and the VLAN Membership Policy Server (VMPS).
Chapter 14, “Configuring VTP,” describes how to use the VLA N Trunking Pro toco l (VT P) VLA N
database for managin g V LANs. I t inc ludes V T P cha racteri stic s and c onfiguration .
Chapter 15, “Configuring Voice VLAN,” describes how to configure voice VLANs on the switch for a
connection to an IP phone.
Chapter 16, “Configuring IGMP Snooping and MV R,” describes how to configure Intern et Group
Management Protocol (IGMP) snooping. It also describes Multicast VLAN Registration (MVR), a local
IGMP snooping feature av ailable on the switch, and how to use IGMP fi ltering to control multicast group
membership.
Chapter 17, “Configuring Port-Based Traffic Control,” describes how to reduce traffic storms by setting
broadcast, multicast, and unicast storm-control threshold levels; how to protect ports from receiving
traffic from other ports on a switch; how to configure port security by using secure MAC addresses; and
how to set the aging time for all secure addresses.
Chapter 19, “Configuring CDP,” describes how to con figure C isco Di scovery Prot ocol (CD P) on you r
switch.
Chapter 20, “Configuring SPAN and RSPAN,” describes how to configure Switched Port Analyzer
(SPAN) and Remot e SPAN (RSPAN), which sel ect n e twork t r affic for analy si s by a ne twor k ana lyz er
such as a SwitchProbe device or other Remote Monitoring (RMON) probe.
Chapter 21, “Configuring RMON,” describes how to configure remote monitoring (RMON). The
RMON feature, which is used with the Simple Network Management Protocol (SNMP) agent in the
switch, means that you can monitor all the traffic flowing among switches on all connected LAN
segments.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
xxv
Conventions
Preface
Chapter 22, “Configuring System Message Logging,” describes how to configure syst em messa ge
logging. It describes the message format and how to change the message display destination device, limit
the type of message s sent , c onfigure t he U NIX ser ver sy slog daem on, and define t he U NIX syste m
logging facility and timestamp messages.
Chapter 23, “Configuring SNMP,” describes how to configure the Simp le Networ k Ma nage ment
Protocol (SNMP). It describes how to configure community strings, enable trap managers and traps, set
the agent contact and location information, and how to limit TFTP servers used through SNMP.
Chapter 24, “Configuring Network Security with ACLs,” describes how to configure network security
by using access control list s ( ACLs).
Chapter 25, “Configuring QoS,” describes how to configure quality of service (QoS) on your switch.
With this feature, you can provide pre ferent ial tre atmen t to certa in types t raffic.
Chapter 26, “Configur ing Ether Chann els,” describes how to bundle a set of individual ports into a single
logical link on the interfaces.
Chapter 27, “Troubleshooting,” describes how to identify and resolve software problems related to the
IOS software.
Appendix A, “Supported MIBs,” lists the supported MIBs for this release and how to use FTP to access
the MIB files.
Conventions
This guide uses these conventions to convey instructions and information:
Command descriptions use these conventions:
Interactive examples use these conventions:
Notes, cautions, and tips use these conventions and symbols:
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in
this manual.
• Commands and keywords are in boldface text.
• Arguments for which you supply values are in italic.
• Square brackets ([ ]) indicate optional elements.
• Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.
• Braces and vertical bars wi thin square b rackets ([{ | }] ) indicate a requir ed choice within an o ptional
element.
• Terminal sessions and system displays are in screen font.
• Information you ent er is in b oldface sc reen f ont .
• Nonprinting charac ters, such as passwords or t abs, ar e in angl e brackets (< >) .
xxvi
Caution Means re ader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Preface
Tip Means the following will help you solve a problem. The tips information might not be troubleshootin g
or even an action, but cou ld b e use ful i nfo rmat ion.
Related Publications
These documents provide complete information about the switch and are available from this
Cisco.com site:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/index.htm
You can order printed copies of documents with a D OC-xxxxxx= number from the Cisco.com sites and
from the telephone numbers listed in the “Obtaining Docu me nta tio n” se ction on p age x xvii.
• Release Notes for the Catalyst 2950 Switch (not orderable but is available on Cisco.com)
Note Switch requirements and procedures for initial configurations and software upgrades tend to change and
therefore appear only in the release note s . Before installing, configuring, or upgrading the switch, refer
to the release notes on Cisco.com for the latest information.
Related Publications
• Catalyst 2950 D esktop Sw itch Softw are Configuration Guide (ord er nu mbe r D OC -7811 380= )
• Catalyst 2950 D esktop Sw itch Comm and Refe rence (or der n um ber D OC -781 1381 =)
• Catalyst 2950 Desktop Switch System Message Guide (order num ber DOC-781 4233= )
• Catalyst 2950 Desktop Switch Hardware Installation Guide (order number DOC-7811157=)
• Catalyst GigaStack Gigabit Interface Converter Hardware Installation Guide
(order number DOC-786460=)
• CWDM Passive Optical System Installation Note (not orderable but is available on Cisco.com)
• 1000BASE-T GBIC Installation Notes (not or derable but is available on Cisco.c om)
Obtaining Documentation
These sections explain how to obtain docu mentation from Cisco Syste ms.
World Wide Web
You can access t he m ost c ur rent C isc o doc um ent ation on the World Wide Web at this URL :
http://www.cisco.com
Translated documentation is available at this URL:
78-11380-05
http://www.cisco.com/public/countries_languages.shtml
Catalyst 2950 Desktop Switch Software Configuration Guide
xxvii
Obtaining Technical As sistance
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM
package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may
be more current than printed documentation. The CD-ROM package is available as a single unit or
through an annual subscription.
Ordering Documentation
You can order Cisco documen tation in th ese ways:
• Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from
the Networking Produ cts Market Pla ce:
http://www.cisco.com/cgi-bin/order/order_root.pl
• Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription
Store:
http://www.cisco.com/go/subscription
Preface
• Nonregistered Cisco.co m u ser s can o rd er docum en tati on th rou gh a l oc al ac count r epre sen tative by
calling Cisco Systems Corpo rate Headqu arter s (Califo rnia, U.S.A. ) at 408 526-7208 or, elsewhere
in North America, by calli ng 800 55 3-NE TS (6387).
Documentation Feedback
If you are reading Cisco product documentation on the World Wide W eb, you can send us your comments
by completing the online sur vey. When you display the docume nt listing for this pla tform, click Giv e Us
Your Feedback. After you display the survey, select the manual that you wish to comment on. Click
Submit to send your comments to the Cisc o document ation gro up.
You can e-mail your comm ents t o bug-doc@c isco.co m.
To submit you r co mme nts by ma il, u se th e r esponse ca rd behi nd the fro nt c over of your d oc um ent, o r
write to the following address:
Cisco Systems
Attn: Document Resour ce Connec tion
170 West Tasman Drive
San Jose, CA 95134- 988 3
We apprec iate yo ur comm en ts.
Obtaining Technical Assistanc e
xxviii
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can
obtain online documentation, troubleshooting tips, and sample configurations from online tools by using
the Cisco T ech nical Assistance Center (TA C) W eb Site. Cisco.com r egistered u sers hav e complete ac cess
to the technical support resources on the Cisco TAC Web Site.
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Preface
Cisco.com
Obtaining Technical Assistance
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open
access to Cisco information, networking solutions, service s, pr ogram s, a nd resour ce s at any time , from
anywhere in the wor ld.
Cisco.com is a highly int egrated In ternet a pplicat ion and a powerful , easy- to-use t ool that provi des a
broad range of f eat ures an d s er vices to hel p you w it h th ese tasks:
• Streamline business processes and improve productivity
• Resolve technical issues with online support
• Download and te st so ft war e pa ck ag es
• Order Cisco learning m ateri als and me rcha ndise
• Register for online skill assessment, training, and certification programs
If you want to obtain customized information and service, you can self-register on Cisco.com. To access
Cisco.com, go to this URL:
http://www.cisco.com
Technical Assistance Center
The Cisco Technical Assistan ce Center ( TAC) is av ailab le to all c ustomers who need technica l assistan ce
with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC
Web S i te an d t h e C is co TAC Escalation Cen ter.
Cisco TAC inquiries are categorized accordi ng to the urgency of the issue :
• Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities,
product installation, or basi c product configuration.
• Priority level 3 (P3)—Your network performance is degraded. Ne twork functio nality i s noticeab ly
impaired, but most business operations continue.
• Priority level 2 (P2)—Your production network is severely degraded, affecting signi ficant aspect s
of business operations. No workar oun d is available.
• Priority leve l 1 (P1)—Your production network is down, and a critical impact to business operations
will occur if se rv ice is n ot r esto re d qui ck ly. No workaround i s available.
The Cisco TAC resource that you choose is ba sed on the prio rity of th e proble m and the co nditions of
service cont rac ts , w h en appl ic ab le .
Cisco TAC Website
You can use the Cisco TAC Web Site to resolve P3 and P4 issues yourself, saving both cost and time.
The site provides around-the-clock access to online tools, knowledge bases, and software. To access the
Cisco TAC Web Site, go to t his URL:
http://www.cisco.com/tac
78-11380-05
All customers, partners, and resellers who have a valid Cisco service contract have complete access to
the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a
Cisco.com login I D a nd passwor d. If yo u have a valid servi ce con tra ct but do no t have a login ID or
password, go to this URL to register:
http://www.cisco.com/register/
Catalyst 2950 Desktop Switch Software Configuration Guide
xxix
Obtaining Technical As sistance
If you are a Cisco.com registere d user, and you cannot resol ve your tech ni cal issues by using the Cisco
TAC Web Site, you can open a case onl ine by using the TAC Case Open too l at this URL :
http://www.cisco.com/tac/caseopen
If you have Internet access, we recommend that you open P3 and P4 cases through t he Cisco TAC
Web Site.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These
classifications are assigned when severe network degradation significantly impacts business operations.
When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer
automatically opens a case.
To obtain a d ir ect or y of t oll- free C isco TAC telephone numbers for yo ur co unt ry, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the le v el of Cisco suppor t
services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network
Supported Accounts (NSA). When you call the center, please have available your service agreement
number and your product se rial numbe r.
Preface
xxx
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Features
CHAPTER
1
Overview
This chapter provides these topics about the Catalyst 2950 switch software:
• Features, page 1-1
• Management Options, page 1-5
• Network Configuration Examp les, page 1-7
• Where to Go Next, page 1-17
The Catalyst 2950 software supports the switches listed in the “Purpose” section on page xxiii and in the
release notes. This section describes the features supported in this release:
Note Some features require that you have the enhanced software image (EI) installed on your switch. For a
list of the switches that support the EI, see the “Purpose” section on page xxiii, or refer to the release
notes for this release.
Ease of Use and Ease of Deployment
• Cluster Management Sui te (C MS) sof tware for si mplif y ing switc h and sw itch c luste r ma nag eme nt
through a web browser, such as Netscape Communicator or Microsoft Internet Explorer, from
anywhere in your intranet
• Switch clusterin g te ch nology u sed wi th CM S for
–
Unified configuration, monitoring, authentication, and software upgrade of multiple switches
(refer to the release notes for a list of eligible cluster members).
–
Automatic discovery of candidate switches and creation of clusters of up to 16 switches that can
be managed throug h a s in gle IP ad dre ss.
–
Extended discovery of cluster candidates that are not directly connected to the command switch.
• Hot Standby Router Prot ocol (H SRP) for c om mand- swi tch re du ndancy. The redundant c omm and
switches used f or HS RP m ust have comp atibl e so ft ware re le ases.
Note See the “Advantages of Using CMS and Clustering Switches” section on page 1- 6. Refer to the
release notes fo r th e CM S, clust er ha rdware , sof t ware, and br owser req ui reme nts.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
1-1
Features
Chapter 1 Overview
Performance
• Autosensing of speed o n t he 10/100 and 10/100/1000 ports and autonegotiation of duplex mode on
the 10/100 ports f or optim izing ba nd width
• IEEE 802.3X fl ow control on G iga bit Eth erne t po rts o pe ratin g i n fu l l-dup lex mo de
• Fast EtherChannel and Gigabit EtherCh annel for enh anced fault toleranc e and for provid ing up
to 2 Gbps of bandwidth between switches, routers, and servers
• Support for frames larger t han 1500 bytes. The Catalys t 2950G-12-EI, 2950G-24-EI, 2950G-24-EI-D C,
and 2950G-48-EI switches running Cisco IOS Release 12.1(6)EA2 or later support frame sizes from
1500 to 1530 bytes
• Per-port broadcast storm control for pr eventing faulty end stations fr om degradin g overall system
performance with broadcast storms
• Port Aggregation Protocol (PAgP) for automatic creation of Ether Chann el links
• Internet Group Manage ment Protoc ol (IGMP) snoo ping suppor t to limit floo ding of IP multi cast
traffic
• Multicast VLAN registration (MVR) to continuously send multicast streams in a multicast VLAN
while isolating the streams from subscriber VLANs for bandwidth and security reasons
• IGMP filtering for con trolling th e set of mu lticast grou ps to which hosts on a swit ch port ca n belong
• Protected port (private VLAN edge port) option for restricting the forwarding of traffic to designated
ports on the same switch
• Dynamic address l ear ning fo r en hance d secu ri ty
Manageability
• Cisco Intelligence E ngine 2 100 (IE 210 0) Ser ies Ci sco N etwork ing Ser vices (CN S) em bedd ed
agents for automating swit ch ma nage ment , con figurati on stor age a nd de livery (available only with
the EI)
• Dynamic Host Configuration Protocol (DHCP)-based autoconfiguration for automatically
configuring the switch duri ng startup wit h IP addre ss informa tion an d a configurati on file that it
receives during DHCP-base d au t oconfigur ati on
Note DHCP replaces the Bootstrap Protocol (BOOTP) feature autoconfiguration to ensure retrieval of
configuration files by unicast TFTP messages. BOOTP is available in earlier software releases
for this switch.
• Address Resolution Protocol (ARP) for identifying a switch through its IP address and its
corresponding MAC addre ss
• Cisco Discovery Protocol (CDP ) version s 1 a nd 2 for net work to pology di scovery an d ma pping
between the switc h and o t her C is co devices on t he n etwor k
• Network Time Protocol (NTP) for providing a consistent timestamp to all switches from an external
source
• Directed unicast requests to a Trivial File Transfer Protocol (TFTP) server for obtaining software
upgrades from a TFTP se rver
• Default configuration storag e in Flash me mory to ens ure tha t the switc h can be conn ecte d to a
network and can forward traffic with minim al user int erventio n
1-2
• In-band management acc ess through a CMS web -based session
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 1 Overview
Features
• In-band management access through up to 16 simultaneous Telnet connections for multiple
command-line in terfa ce ( CL I)- base d sessi ons over t he ne twor k
• In-band management access through Simple Network Management Protocol (SNMP) versions 1, 2c,
and 3 get and set request s
• Out-of-band management access through the switch console port to a directly-attached terminal or
to a remote te rm inal t hro ugh a se ria l c onn ect ion an d a mod em
Note For additional descriptions of the management interfaces, see the “Manage ment Opt ions”
section on page 1-5.
Redundancy
• HSRP for comman d-swi tc h red und an cy
• UniDirectional l ink det ect ion (UD LD) on al l E ther net po rts f or de tec ti ng an d disab l ing
unidirectional link s on fiber-optic int erfac es c a used by in cor rec t fiber-optic wir ing or po rt faul ts
• IEEE 802.1D Spanning Tree Protocol (ST P) for red undant back bone co nnectio ns and loo p-free
networks. STP has these features:
–
Per-VLAN Spanning Tree (PVST) for balancing load across VLANs
–
UplinkFast, cross-stack UplinkFast, and BackboneFast for fast convergence after a
spanning-tree top ology c han ge a nd fo r ac hieving loa d b alanc ing be twee n r edund an t uplin ks,
including Gigabit uplinks and cross-stac k Gigabit upl inks
• IEEE 802.1S Multi ple ST P ( MSTP) fo r grou ping V LANs in to a span ni ng-t ree i nsta nce, and
providing for multiple forwarding paths for data traffic and load balancing (available only with
the EI)
• IEEE 802.1W Rapid STP (RSTP) for rap id convergence of the spanning tree by immediatel y
transitioning root and desi gnate d ports to the fo rwarding state (available only with the EI)
• Optional spanni ng-tr ee fe atur e s available:
–
Port Fast for eliminating the forw arding delay by enablin g a port to immediately transition fro m
the blocking state to the fo rwarding state
–
BPDU guard for shutting down Port Fast-enabled ports tha t receive BPDUs
–
BPDU filtering for preventing a Por t Fas t-enab led po rt f rom se nd ing or rece iving BPDU s
–
Root guard for preventing sw itches outside the network core from becoming the spanning-tree
root
–
Loop guard for preventing alternate or root ports from becoming designat ed ports because of a
failure that leads to a unidirectional link
Note The switch supports up to 64 spanni ng-tre e inst ances .
78-11380-05
VLAN Support
• The switches support 250 po rt-base d VLAN s for assig ning users to VLA Ns associ ated with
appropriate network resourc es, tra ffic patterns, and ban dwidth
Note The Catalyst 2950-12, Catalyst 2950-24, and Catalyst 295 0SX-24 switch es support only 64
port-based VLANs.
Catalyst 2950 Desktop Switch Software Configuration Guide
1-3
Features
Chapter 1 Overview
• The switch supports up t o 4094 VLA N IDs to all o w se rvice pro v ider netw orks t o suppor t the numb er of
VLANs allowed by the IEEE 802.1Q standard (available only with the EI)
• IEEE 802.1Q trunking protocol on all ports for network moves, adds, and changes; management and
control of broadcast and multicast traffic; and network security by establishing VLAN groups for
high-security user s an d n etwor k re sour ces
• VLAN Membership Policy Server (VMPS) fo r dynam ic VLAN mem bership
• VLAN Trunking Protocol (VTP) pruni ng for re duci ng net work tra ffic by restricting floode d tra ffic
to links destined for stations receiving the traffic
• Dynamic Trunking Protocol ( DTP ) fo r negotiat ing trun king on a link be twee n two d evices and fo r
negotiating the type of trunking encapsulation (802.1Q) to be used
• Voice VLAN for creating subne ts for voice traffic from Cisco IP Phone s
Security
• Bridge protocol d ata u nit (B PDU) guar d for shut ting dow n a Por t Fa st-co nfig ured por t w hen an
invalid configuration occurs
• Protected port option for restricting the forwarding of traffic to designated ports on the same switch
• Password-protected access (read-only and read-write access) to management interfaces (CMS and
CLI) for protec tio n ag ain st un au th oriz ed c on figurat ion ch an ges
• Port security option for limiting and identifying MAC addresses of the stations allowed to access
the port
• Port security aging to set the aging time for secure addresses on a port
• Multilevel security for a choice of security level, notification, and resulting actions
• MAC-based port-level security for res trict ing the use of a sw it ch po rt to a spec ific group of so ur ce
addresses and preventing switch access from unauthorized stations (available only with the EI)
• Terminal Access Controller Access Control System Plus (TACACS+), a proprietary feature for
managing network securi ty thro ugh a TACACS server
• IEEE 802.1X port-based authentication t o prevent unauthorized devices from gai ning access to the
network
• Standard and extended IP access co ntrol lists (ACLs) for defining secur ity polici es (available only
with the EI)
Quality of Service and Class of Service
• Classification
–
IP Differentiated Services Code Point (IP DSCP) and class of service (CoS) marking priorities
on a per-port basis fo r p ro tec tin g th e perfo rm an ce o f missi on- cri tica l a ppli cati ons (only
available with the EI)
–
Flow-based packet classification (classification based on information in the MAC, IP, and
TCP/UDP headers) for high-performance quality of service at the network edge, allowing for
differentiated service levels for different types of network traffic and for prioritizing
mission-critical traffic in the network (only available in the EI)
–
Support for IEEE 80 2.1 P Co S sc hedul ing for cl assificatio n and pr efe rent ial treat ment of
high-priority voice traffic
–
Trusted boundary (detect the presenc e of a Cisco IP phone, trust th e CoS value received, and
ensure port security. If the IP phone is not detect ed, disab le the t rusted se tting on the port and
prevent misuse of a high-prio rit y q ueue .)
1-4
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 1 Overview
Management Options
• Policing
–
Traffic-policing policies on the switc h port fo r all ocati ng the a m ount of the port bandw idth to
a specific traffic flow
–
Policing traffic flows to restrict specific applications or traffic flows to metered, predefined
rates
–
Up to 60 policers on ingress Gigabit-c apable Eth ernet po rts
Up to six policers on ingress 10/100 ports
Granularity of 1 Mbps on 10/10 0 ports and 8 Mbps on 10/100/ 1000 ports
–
Out-of-profile markdown for packets that exceed bandwidth utilization limits
Note Policing is available only in the EI.
• Egress Poli ci ng a nd S che du lin g of Egr ess Queu es—Four egress queues on all switch ports. Support
for strict prior ity a nd weig ht ed ro und -r obin (WR R) CoS polic ies
Monitoring
• Switch LEDs that provide visual port and switch status
• Switched Port A na lyz er (SPAN) and Remote SPAN (RSPAN) for tra ffic monitori ng on any po rt or
VLAN
Note RSPAN is available only in the EI.
• Four groups (history, statistics, alarms, and events) of embedded remote monitoring (RMON) agents
for network monitoring and traffic analysis
• MAC address notification for tracking the MAC addresses that the switch has learne d or removed
• Syslog facility for logging system messages about authentication or authorization errors, resource
issues, and time-out events
Management Options
The switches are desig ned for plug-and-play operation: you only need to assign basic IP informat ion to
the switch and connect it t o the othe r devices in you r ne twork . If yo u have specific network needs , yo u
can config ur e a nd m oni tor the switch—on an individual basis or as part of a switch cluster—through its
various management interfaces.
This section discusses these topics:
• Management Interface Option s, page 1-6
• Advantages of Using CMS and Clustering Switches, page 1-6
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
1-5
Management Options
Management Interface Options
You can configure and monitor ind ividual switches a nd switch clust ers by using these interface s:
• CMS—CMS is a grap hic al use r int erface tha t c an be laun ch ed from a nywhere in yo ur network
through a web browser suc h as N etsc ape Commu nica tor or M ic roso ft Int erne t E xplor er. CMS is
already installed on the switc h. U sing CM S, you c an c onfigure an d mon itor a st anda lon e switc h, a
specific cluster member, or an entire switch cluster. You can also display network topolo gies to
gather link information and display switch images to modify switch and port level settings.
For more information about CMS, see Chapter 3, “Getting Started with CMS.”
• CLI—The switch IOS CLI software is enh anced to suppo rt desktop- switchi ng feature s. You can
configure and monitor the switch and switch cluster members from the CLI. Y ou can access the CLI
either by connecting your management station directly to the switch console port or by using Telnet
from a remote management sta tion.
For more information about the CLI, see Chapter 2, “Using the Comm an d-Li ne I nter face. ”
• IE2100—Cisco Intelligence Engine 2100 Series Configuration Registrar is a network management
device that works with embedded CNS Agents in the switch software. You can automate initial
configurations and configurat ion up da tes by gene rati ng sw it ch-sp ec ific con figurat ion ch an ges ,
sending them to the switch, executing the configuration change, and logging the results.
For more informati on abou t IE21 00, se e Ch apter 5, “Configuring IE2100 CNS A gent s.”
Chapter 1 Overview
• SNMP—SNMP provides a means to monitor and control the switch and switch cluster members.
You can manage sw it ch c onfigura tio n set tings, p erfor ma nce, an d se cu rit y an d c oll ect st ati stics by
using SNMP managem ent ap pl icati ons such as Cisc oWorks2000 LAN Managemen t Suit e ( LMS)
and HP OpenView.
You can manage the switch from an SNMP-compatible management station that is running
platforms such as HP OpenView or SunNet Manager. The switch supports a comprehensive set of
MIB extensions and four RMON groups.
For more information about using SNMP, see the Chapter 23, “Configuring SNMP.”
Advantages of Using CMS and Cl uste ring Switc hes
Using CMS and switch clusters can simplify and minimize your configuration and monitoring tasks. Y ou
can use Cisco switch cluster ing techno logy to manage up to 16 i nterc onnect ed and suppo rted C atalyst
switches through one IP add ress as if they were a single entity. This can conserve IP addresses if you
have a limited number of them. CMS is the easiest int erface to use and makes switch and switch cluster
management accessible to author ized users fro m any PC on your network.
By using switch clusters a nd CMS, you c an:
• Manage and monitor interconnected Catalyst switches (refer to the release notes for a list of
supported switches), regardless of their geographic proximity and interconnection media, including
Ethernet, Fast Ether net , Fast Ethe rCh annel , Ci sco G igaStac k G igabit I nte rface Co nverter (GBIC),
Gigabit Ethernet, and Giga bit EtherCh annel co nnec tions.
• Accomplish multiple conf iguration tasks from a single CMS window without needing to remembe r
CLI commands to accomplish specific tasks.
1-6
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 1 Overview
Network Configuration Examples
• Apply actions from CMS to multiple ports and multiple switches at the same time to avoid
re-entering the same co mmands for e ach individual por t or switch . Here are som e examples of
globally setting and mana ging multip le ports and sw itches:
–
Port configuration such a s spe ed an d d uplex set tin gs
–
Port and console port secur ity settin gs
–
NTP, STP, VLAN, and quality of service (QoS) configurations
–
Inventory and statistic reporti ng and li nk and sw it ch-l evel monitori ng and trou bles hoot ing
–
Group software u pgrade s
• Vi ew a topology of interconnected devices to identify existing switch clusters an d eli gible switc h es
that can join a cluster. You can also use the topo logy to qui ckly ident ify link i nform ation bet ween
switches.
• Monitor real-time status of a sw itch o r mul tip le swit ch es f rom t he LED s on the f ro nt-p anel images.
The system, redundant power system (RPS), and port LED colors on the images are similar to those
on the physical L EDs.
• Use an interactive mode that takes you step-by -step throu gh configurin g complex feat ures such as
VLANs, ACLs, and QoS.
• Use a wizard that prompts you to provide the minimum required inform ation to configure complex
features such as QoS priorities for video traffic, priority levels for data applications, and security.
For more information about CMS, see Chapter 3, “Getting Started with CMS.” For more information
about switch clusters, see Chapter 6, “Clustering Switches.”
Network Configuration Examples
This section provide s network co nfigurati on conc ept s and i ncl udes examples of usin g t he s wit ch t o
create dedicated network segments and interconnecting the segments through Fast Ethernet and Gigabit
Ethernet connec tions.
Design Concepts for Using the Switch
As your network u sers c om pete for ne twork b an dwi dth, it t akes lon ge r to send a nd rec eive data. Whe n
you configure your net work, co nside r the ba nd wid th r eq uired by your n etwork u ser s a nd the re lative
priority of the network applications they use.
Table 1-1 desc ribes wh at can cause network pe rform ance to degrade and how you can configur e your
network to increase the bandwidt h available to your network users.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
1-7
Network Configuration Ex am ples
Table 1-1 Increasing Network Performance
Network Demands Suggested Design Methods
Too many users on a singl e network segment
and a growing number of users accessing the
Internet
• Increased power of new PCs,
workstations, and servers
• High demand f rom n etwor ked
applications (such as e-mail with large
attached files) and from
bandwidth-intensive applicatio ns ( such
as multimedia)
• Create smaller network segments so that fewer users share the
bandwidth, and use V L ANs and I P subne ts t o pla ce the ne twork
resources in the same logical network as the users who access those
resources most.
• Use full-duplex operation between the switch and its connected
workstatio n s.
• Connect global resources—such as servers and routers to which network
users require equal access—directly to the Fast Et herne t or G iga bit
Ethernet switch ports so that they have their own Fast Ethernet or Gigabit
Ethernet segmen t.
• Use the Fast EtherChannel or Gigabit EtherChannel feature between the
switch and its connected servers and routers.
Chapter 1 Overview
Bandwidth alone is not th e only conside ration w hen desig ning your ne twork. As your net work traffic
profiles evolve, consider providing network services that can support applications such as voice and data
integration and security.
Table 1-2 desc ribes some net work demands and how you can meet those de mand s.
Table 1-2 Providing Networ k Service s
Network Deman ds Suggested Des ign Metho ds
High demand f or mul tim ed ia support
High demand for protecting mission-critical
applications
• Use IGMP and MVR to efficiently forward multicast traffic.
• Use VLANs and protecte d ports to provide sec urity and port isola tion.
• Use VLAN trunks, cross-stack UplinkFast, and BackboneFast for
traffic-load balancing on the uplink ports so that the uplink port with a
lower relative port cost is selected to carry the VLAN traffic.
An evolving demand for I P t el ephony
• Use QoS to prioritize applications such as IP telephony during
congestion and to help control bo th delay an d jitter w ithin the n etwork.
• Use switches that support at least two q ueues per por t to priorit ize vo ice
and data traffic as eithe r high- or low-prior ity, based on 802.1 P /Q.
A growing demand for us ing exi sti ng
infrastructure t o transpor t data and voice from
• Use the Catalyst 2900 LRE XL switches to provide up to 15 Mb of IP
connectivity over existing infrastructure (existing telephone lines).
a home or off ice to th e Internet or an intr anet at
higher speeds
1-8
Figure 1-1 shows configuration examples of using the Catalyst switches to create these networks:
• Cost-effective wiring closet—A cost-effective way to connect many users to the wiring closet is to
connect up to nine Catalyst 2900 XL, Catalyst 2950, Catalyst 3500 XL, and Catalyst 3550 switches
through GigaStack G BIC c on nect ions. W he n y ou use a stac k of Ca talyst 295 0G -48 sw it ches, y ou
can connect up to 432 users. To pr eserv e switch connecti vit y if on e switch in the stack fails, connec t
the bottom switch to the top switch to create a GigaStack loopback, and enable cross-stack
UplinkFast on the cross-st ack Gi gabit upli nks .
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 1 Overview
Network Configuration Examples
You can create backup pat hs by using Fast Et hernet , Gigab it, Fast EtherCha nnel, or Gigabit
EtherChannel links. Using Gigabit modules on t wo of the switches, you can have redundant uplink
connections to a Gi gabi t ba ck bone sw itch suc h as t he Ca tal yst 35 50-12G s witc h. If o ne of the
redundant connection s fails, the other ca n serve as a backup pat h. You can configure the stack
members and the Catalyst 3550-12G switch as a switch cluster to manage them through a single IP
address.
• High-performance workgroup—For users who require high-speed access to network resources, use
Gigabit modules to connec t the switches directly to a backbone switch in a star co nfiguration. Each
switch in this configuration provides users with a dedicated 1-Gbps connection to network resources
in the backbone. Compare this with the switches in a GigaStack configuration, where the 1-Gbps
connection is share d among th e swi tch es. With the high spe ed uplink t o the dist ribution se rver, the
user can efficiently obt ain and store d ata f rom ser vers. Us ing t hese Gi gabi t m odule s a lso pr ovides
flexibility in media and distance options:
–
1000BASE-T GBIC: copper c onnec ti ons of up t o 328 f eet ( 100 m ete rs)
–
1000BASE-SX GBIC: fiber conne ctio ns o f up t o 1 804 feet (550 met ers)
–
1000BASE-LX/LH GBIC: fibe r con ne cti ons of u p t o 32 ,808 feet (10 ki lom e ters)
–
1000BASE-ZX GBIC: fiber con ne ctions of u p to 32 8,0 84 feet (100 kil omet ers)
–
GigaStack GBIC mo dule for c reati ng a 1 -Gbps st ack configur ation of u p to nine supp orte d
switches. The GigaStack GBIC supports one full-duplex link (in a point-to-point configuration)
or up to nine half-duplex links (in a st ack configur ation ) to other Gi gabit Ethe rnet devices.
Using the required Cisco proprietary signaling and cabling, the GigaStack GBIC-to-GigaStack
GBIC connection ca nnot excee d 3 feet (1 me ter).
• Redundant Gigabit back bon e—Using HSRP, you can create backup paths between
Catalyst 3550-12T-L3 switches. To enhance network reliability and load balancing for different
VLANs and subnets, you can connect the Catalyst 2 950 switches, again in a star configuration, to
two backbone switches. If one of the backbone switches fails, the second backbone switch preserves
connectivity between the sw itches an d network re sources.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
1-9
Network Configuration Ex am ples
Figure 1-1 Example Configurations
Chapter 1 Overview
Catalyst 2950 switch
Cost-Effective
Wiring Closet
High-Performance
Workgroup
Catalyst 3500 XL, and Catalyst 3550 cluster
Catalyst 3550-12T or
Catalyst 3550-12G switch
Si
Catalyst 3550-12T or
Catalyst 3550-12G switch
Si
Catalyst 2900 XL, Catalyst 2950,
Catalyst 3550-12T or
Catalyst 3550-12G switch
1-Gbps HSRP
Catalyst 2900 XL,
Catalyst 2950,
Catalyst 3500 XL,
and Catalyst 3550
GigaStack cluster
Gigabit
server
Si
Redundant Gigabit
Backbone
Catalyst 2900 XL, Catalyst 2950,
Catalyst 3500 XL, and Catalyst 3550 cluster
Small to Medium-Sized Network Configuration
Figure 1-2 shows a configurat ion for a n etwor k th at ha s up t o 250 u ser s. Us ers i n this networ k requi re
e-mail, file-sharing, database, and Internet access.
You optimize network perfor manc e by placing worksta tions on th e same logica l segment as the servers
they access most often. This divides the network into smaller segments (or workgroups) and reduces the
amount of traffic that tr avels over a networ k back bon e, the reby i ncre asin g t he ba ndwi dth available to
each user and improving server response time.
Catalyst 2950 Desktop Switch Software Configuration Guide
1-10
60992
78-11380-05
Chapter 1 Overview
Network Configuration Examples
A network backbone is a high-bandwi dth conne ction (suc h as Fast Ethern et or Gigabit Ethernet ) that
interconnects segments and network resources. It is re qu i re d i f nu me r ou s s eg me n ts re q ui re ac ce s s t o th e
servers. The Catalyst 2900 XL, Catalyst 2950, Catalyst 3500 XL, and Catalyst 3550 switches in this
network are connect ed through a GigaStack GBIC on each switch to form a 1-Gbps network backbone.
This GigaStack c an a lso be configur ed a s a switc h cl uste r, with pri mary and sec on dary c omm and
switches for redu ndant cl uste r ma na geme nt.
Workstations are connected directly to the 10/100 switch ports for their own 10- or 100-Mbps access to
network resources (such as web and mail servers). When a workstation is configured for full-duplex
operation, it receives up to 200 Mbps of dedicated ba ndwidth fr om the switch .
Servers are connected to the G BIC module ports on the sw itches, allowing 1-Gbp s throughput to users
when needed. When the switch and server ports are configured for full-duplex operation, the links
provide 2 Gbps of band w idth . For ne tworks tha t do n ot req uire G igab it perf orm an ce f ro m a ser ver,
connect the server to a Fast Ethernet or Fast EtherChannel switch port.
Connecting a router to a Fast Eth ernet swi tch port pro vides mu ltiple, s imultan eous acces s to the Intern et
through one l ine.
Figure 1-2 Small to Medium-Sized Network Configuration
Cisco 2600 router
Catalyst 2900 XL,
Catalyst 2950,
Catalyst 3550, and
Catalyst 3500 XL
GigaStack cluster
100 Mbps
(200 Mbps full duplex)
Single workstations
Gigabit
server
1 Gbps
(2 Gbps full duplex)
Gigabit
server
10/100 Mbps
(20/200 Mbps full duplex)
60993
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
1-11
Network Configuration Ex am ples
Collapsed Backbone and Switch Cluster Configuration
Figure 1-3 shows a con figurati on for a n etwork of ap pro xima te ly 50 0 employees. This ne twor k us es a
collapsed backbone an d switc h clusters. A collapse d back bone has hig h-ban dwidth upl inks from a ll
segments and subnetworks to a single device, such as a Gigabit switch, that serves as a single point for
monitoring and c ontro llin g th e network. You can use a Catalyst 3550-12T-L3 swit ch, as shown, or a
Catalyst 3508G XL switch to crea te a G igab it back bone . A C atal yst 3550-12T-L3 ba ckbo ne swi tch
provides the benefits of inter-VLAN routing and allows the router to focus on WAN access.
The workgroups are created by cl ustering all the Catalyst switches e xcept the Catalyst 4908G-L3 switch.
Using CMS and Cisco switc h cl uste ring techn ol ogy, you can group the switche s in to mul tiple clust ers,
as shown, or into a single cluster. You can manage a cluster through the IP address of its active and
standby command switche s, regardless of the geog raphic locati on of the cluster members.
This network uses VLANs t o segme nt the network logically int o well-defined broadcast groups and for
security management. Data a nd multimedia tr af fic a re conf igured on th e same VLAN. Voice traff ic from
the Cisco IP Phone s ar e co nfigured on se pa rate voice VL AN IDs (V VIDs ). You can have up to
four VVIDs per wiring closet. If data, multimedia, and v oice traff ic are assigned to the same VLAN, only
one VLAN can be configured pe r wiring cl oset. For any switch port connec ted to Cisco IP Phones,
802.1P/Q QoS gives forwarding priority to voice traffic over data traffic.
Grouping serve rs in a centralized location prov ides benef its such as security and easier mainte nance. The
Gigabit connections to a server farm provide the workgroups fu ll access to the network resources (such
as a call-processing server running Cisco CallManager software, a DHCP server, or an IP/TV multicast
server).
Chapter 1 Overview
Cisco IP Phones are connected—usin g sta nd ard s trai ght -thr oug h, t wiste d-p air cab le with RJ- 45
connectors—to the 10/100 inline-power ports on the Catalyst 3524-PWR XL switches and to the
10/100 ports on the Catalyst 2950 switches. These multiservice switch ports automatically detect if an
IP phone is connected . Cisc o Cal lMa nage r con tr ols c all pr oc essin g, r outi ng, a nd I P pho ne fe atu re s an d
configuration. Users with workstations running Cisco SoftPhone software can place, receive, and control
calls from their PCs. Using Cisco I P Phone s, Cisc o CallMan ager software, and Cisco SoftPho ne
software integrates tel ephony a nd IP ne tworks, a nd the IP n etwork supp orts both voice and d ata .
Each 10/100 inline-power port on the Catalyst 3524-PWR XL switches provides –48 VDC power to the
Cisco IP Phone. The IP pho ne can receive redundan t power when it also is conn ected to a n AC power
source. IP phones n ot c on necte d to the C atal yst 3524-PWR XL switc hes rec eive power from an AC
power source.
1-12
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 1 Overview
Figure 1-3 Collapsed Backbone and Switch Cluster Configuration
Gigabit
servers
Cisco
CallManager
Catalyst 3550-12T or
Catalyst 3550-12G switch
Network Configuration Examples
(2 Gbps full duplex)
Catalyst 2950, 2900 XL,
3550, and 3500 XL
GigaStack cluster
Workstations running
Cisco SoftPhone software
1 Gbps
GigaStack cluster
Catalyst
2950,
2900 XL,
3550, and
3500 XL
Si
IP IP IP
Cisco IP Phones
Cisco 2600 router
200 Mbps
Fast EtherChannel
(400-Mbps full-duplex
Fast EtherChannel)
Catalyst
3524-PWR XL
GigaStack cluster
IP
IP
Cisco
IP Phones
60994
Large Campus Configuration
Figure 1-4 shows a confi gur atio n fo r a n etwork of more than 1000 users. Because it can ag gr e gate up to
130 Gigabit connections, a Catalyst 6500 multilayer switch is used as the backbone switch.
You can use the wo rkg roup co nfigurat ions shown in previous exa mple s to c reate workg rou ps with
Gigabit uplinks to the Catalyst 6500 switch. For example, you can use switch clusters that have a mix of
Catalyst 2950 switc hes .
The Catalyst 650 0 sw itc h p rovides the workgr oups w it h Giga bit acce ss to c ore r esour ce s:
• Cisco 7000 series router for access to the WAN and the Internet.
• Server farm that incl udes a cal l-pr ocessi ng se rver ru nnin g C isco Cal lMana ger soft ware. Ci sco
CallManager controls call proc essing, ro uting, and IP phone fea tures an d configurati on.
• Cisco Access gateway (such as Cisco Access Digital Trunk Gateway or Cisco Access Analog Trunk
Gateway) that connects the IP network to the Public Switched Telephone Network (PSTN) or to
users in an IP telephony network.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
1-13
Network Configuration Ex am ples
Figure 1-4 Large Campus Configuration
Chapter 1 Overview
WAN
Cisco
CallManager
Catalyst 2950, 2900 XL,
3500 XL, and 3550
GigaStack cluster
Servers
Catalyst
6500 switch
Cisco 7200
or 7500 router
Cisco access
gateway
1 Gbps
(2 Gbps
full duplex)
IP telephony
network or
PSTN
Catalyst
3524-PWR XL
GigaStack cluster
IP
IP
Cisco IP Phones
IP IP IP
Workstations running
Cisco SoftPhone software
Cisco IP Phones
Multidwelling Network Using Catalyst 2950 Switches
A growing segment of residential and commercial customers are requiring high-speed access to Ethernet
metropolitan-area netwo rks (MANs). Figure 1-5 shows a co nfigur ation for a Gig abit Ethe rnet MAN ring
using Catalyst 3550 multilayer switches as aggregation switches in the mini-point-of-presence (POP)
location. These sw itch es ar e conn ec ted thr oug h 1000 BASE-X GBIC po rts.
The resident switches can be Catalyst 2950 switches, providing customers with high-speed connections
to the MAN. Catalyst 2912-LRE or 2924-LRE XL Layer 2-only switches also can be used as residential
switches for customers requiring connectivity through existing telephone lines. The Catalyst 2912-LRE
or 2924-LRE XL switches can then connect to another residential switch or to an aggregation switch.
For more information about the LRE switches, refer to the Catalyst 2900 Series XL Hardware
Installa ti o n G u id e.
60995
1-14
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 1 Overview
Network Configuration Examples
All ports on the residential Cata lyst 2950 switc hes (and Ca talyst 2912-L RE XL or 2924- LRE XL
switches if they are i nclu de d) ar e c onfigured as 802. 1Q tr unk s wi th p rote cte d port and STP ro ot g ua rd
features enabled. The protected port feature provides security and isolation between ports on the switch,
ensuring that subscriber s cannot view packets de stined for ot her subscr ibers. STP roo t guard prevents
unauthorized devices from be comi ng t h e STP roo t sw itch. Al l p orts have IGMP snoopi ng or CG MP
enabled for multicast traffic management. ACLs on the uplink ports to the aggregating Catalyst 3550
multilayer switches provide security and bandwidth management.
The aggregating switches and routers provide services such as those described in the previous examples,
“Small to Medium-Si zed Network Configuration” and “L arge Camp us Configuration.”
Figure 1-5 Catalyst 2950 Switches in a MAN Configuration
Cisco 12000
Gigabit switch routers
Catalyst 6500
switches
Catalyst 3550
multilayer
switches
Si
Catalyst
switches
Set-top box
Si Si
Si Si
Si Si
Si
Service
Provider
POP
Mini-POP
Gigabit MAN
Residential
location
Residential
gateway (hub)
78-11380-05
TV
Set-top box
PC
50833
TV
Catalyst 2950 Desktop Switch Software Configuration Guide
1-15
Network Configuration Ex am ples
Long-Distance, High-Bandwidth Transport Configuration
Note To use the fea ture de scr ibed in thi s se ctio n, yo u m ust have the E I i nstall ed on you r s witc h.
Figure 1-6 shows a configuration for transporting Gigabits of data from one location to an off-site
backup facility over a single fiber-optic cable. The Catalyst switches have Coarse Wave Division
Multiplexer (CWDM) fiber-optic GBIC modules installed. The CWDM GBIC modules can connect to
distances of up to 393,701 feet (74.5 miles or 120 kilometers). Depending on the CWDM GBIC module,
data is sent at wavelengths from 1470 to 1610 nanomet ers (nm ). The high er the wavelength, the farth er
the transmission can travel. A common wavelength for long-distanc e transmission s is 1550 nm.
Up to eight CW DM GB IC modul es , w ith any co mbi n ation of wavelengths, c an c onn ect to a Cisc o
CWDM Passive Optical System. It combines (or multiplexes) the different CWDM wavelengths,
allowing them to trav el simulta neously on the same fib er-opt ic cable. The Cisco CWDM Passi v e Optical
System on the receiving end separates (or demultiplexes) the different wavelengths.
Using CWDM technology with the switche s translates t o farther data tra nsmissio n and an increa sed
bandwidth capacity (up to 8 Gbp s) on a single fiber-optic cable.
Chapter 1 Overview
For more information about the CWDM GBIC modules and CWDM Passive Optical System, refer to the
CWDM Passive Optical System Installation Note.
Figure 1-6 Long-Distance, High-Bandwidth Transport Configuration
8 Gbps
CWDM
OADM
modules
Eight
1-Gbps
connections
Catalyst 2900 XL,
Catalyst 2950,
Catalyst 3500 XL, and
Catalyst 3550 switches
Access layer
CWDM
OADM
modules
Catalyst 4000
multilayer
switches
Aggregation layer
74089
1-16
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 1 Overview
Where to Go Next
Before configuring the switch, review these sections for start up information:
• Chapter 2, “Usi ng the Com mand- Line Inte rface”
• Chapter 3, “Getting Started with CMS”
• Chapter 4, “Assigning the Switch IP Add ress a nd D efault G ateway”
• Chapter 5, “Configuri ng IE2100 CNS Age nts”
Where to Go Next
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
1-17
Where to Go Next
Chapter 1 Overview
1-18
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
CHAPTER
2
Using the Command-Line Interface
This chapter d escri b es t he IO S co mman d-l ine int erfa ce (C LI) t hat you ca n u se to con figure your
switches. It contains these sections:
• IOS Command Modes, page 2-1
• Getting Help, page 2-3
• Abbreviating Commands, page 2- 3
• Using no and default Forms of Commands , page 2-4
• Understanding CLI Mess ages , pa ge 2-4
• Using Command History, page 2-5
• Using Editing Features, page 2-6
• Searching and Filtering Output of show and more Commands, page 2-9
• Accessing the CLI, page 2-9
IOS Command Modes
The Cisco IOS user interface is divided into many different modes. The commands available to you
depend on which mode you are curre ntl y in. En ter a ques tion ma rk (? ) at the system prom pt to ob tain a
list of commands available for each command mode.
When you start a sessio n on the swi tch, you b egin in us er mo de, o ften c alle d user EX EC m ode . Onl y a
limited subset of the commands are available in user EXEC mode. For example, most of the user EXEC
commands are one -time comm ands, s uch as show commands, which show the current configuration
status, and cle ar commands, which clear counters or interfaces. The user EXEC commands are not saved
when the switch reboots.
To have access to all commands, you must enter privileged EXEC mode. Normally, you must enter a
password to enter privileged EXE C m od e. Fr om this mode , you c an en ter any privileged E XEC
command or enter glob al co nfigurati on mode.
Using the configurat ion m odes ( gl ob al, i nte rface , and l ine ), y ou ca n ma ke ch ang es to the ru nning
configuration. If you save the configuration, these commands are stored and used when the switch
reboots. To access the various configuration modes, you must sta rt at glo bal c onfigura tion mo de . Fro m
global configuration mo de, you can enter inte rface con figuration mod e and line configurati on mode.
Table 2-1 describes the main command modes, ho w to access each on e, the prompt you s ee in that mode, and
how to exit the mode. The examples in the table use the host name Switch.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
2-1
Chapter 2 Using the Command-Line Interfac e
IOS Command Modes
Table 2-1 Command Mode Summary
Mode Access Method Prompt Exit Method About This Mode
User EXEC Begin a session with
your switch.
Privileged EXEC While in user EXEC
mode, enter the
enable command.
Global configuration While in privileged
EXEC mode, en ter
the configure
command.
Config-vlan While in global
configuration mode,
enter the
vlanvlan-id
command.
VLAN configuration While in privileged
EXEC mode, en ter
the vlan database
command.
Interface
configuration
While in global
configuration mode,
enter the interface
command (with a
specific interface).
Line configuration While in global
configuration mode,
specify a line with
the line vty or line
console command.
Switch>
Switch#
Switch(config)#
Switch(config-vlan)#
Switch(vlan)#
Switch(config-if)#
Switch(config-line)#
Enter logout or quit. Use this mode to
• Change terminal
settings.
• Perform basic tests.
• Display system
information.
Enter disable to exit. Use this mode to verify
commands that you have
entered. Use a password to
protect access to this mode.
To exit to privileged
EXEC mode, enter
exit or end, or press
Use this mode to configure
parameters that apply to the
entire switch.
Ctrl-Z.
To exit to global
configuration mode,
enter the exit
command.
To return to
privileged EXEC
mode, press Ctrl-Z or
enter end.
To exit to privileged
EXEC mode, enter
exit.
Use this mode to configure
VLAN parameters. When
VTP mode is transparent,
you can crea te
extended-range VLANs
(VLAN IDs greater than
1005) and save
configurations in the switch
startup configuration file.
Use this mode to configure
VLAN parameters for
VLANs 1 to 10 05 i n the
VLAN database.
To exit to global
configuration mode,
enter exit.
To return to
privileged EXEC
mode, press Ctrl-Z or
enter end.
Use this mode to configure
parameters for t he Et hern et
interfaces.
To configure multiple
interfaces with the same
parameters, see the
“Configuring a Range of
Interfaces” section on
page 9-6.
To exit to global
configuration mode,
enter exit.
Use this mode to configure
parameters for t he t erm ina l
line.
To return to
privileged EXEC
mode, press Ctrl-Z or
enter end.
2-2
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 2 Using the Comm and-Line Interface
Getting Help
You can enter a question mark (?) at the system prom p t to di s play a lis t of co mm an d s a vailable for each
command mode. You can also obtain a list of associated keywords and arguments for any command, as
shown in Table 2-2.
Tabl e 2-2 Hel p Sum mary
Command Purpose
help Obtain a brief descript ion of the help syst em in any comman d mode.
abbreviated-command-en try? Obtain a list of commands that begin with a parti cular characte r string .
For example:
Switch# di?
dir disable disconnect
abbreviated-command-en try<Tab> Complete a partial command name.
For example:
Switch# sh conf<tab>
Switch# show configuration
? List all comma nds available for a part ic ular c omma nd mo de.
For example:
Switch> ?
command ? List the associated keywords for a command.
For example:
Switch> show ?
command keyword ? List the associ ated a rguments for a keyword.
Getting Help
For example:
Switch(config)# cdp holdtime ?
<10-255> Length of time (in sec) that receiver must keep this packet
Abbreviating Commands
You have to enter only enou gh cha ra cters for the switc h to re cogn ize the comma nd as u niqu e. T his
example shows how to enter the show configuration privileged EXEC command:
Switch# show conf
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
2-3
Using no and default Forms of Com m ands
Using no and default Forms of Commands
Almost e ver y conf igu ration co mmand a lso ha s a no form. In ge neral , use the no form to disable a feature
or function or reverse th e a c tio n of a co mm an d. For exam pl e, t he no shutdown interface c onfigura tion
command reverses the shutdown of an interface. Use the command without the keyword no to re-enable
a disabled feature or to enable a feature t hat is di sabled by default .
Configuration commands can also have a default form. The default form of a command returns the
command setting to its default. Most commands are disabled by default, so the default form is the same
as the no form. However , some c ommands are enable d by def ault and ha ve v ariables set to certain def ault
values. In thes e case s, th e default command enables the command and sets variables to their default
values.
Understanding CLI Messages
Table 2-3 l ist s so me e rror me ssage s tha t y ou migh t e ncoun ter w hile using t he C LI to co nfigure you r
switch.
Chapter 2 Using the Command-Line Interfac e
Table 2-3 Common CLI Error Messages
Error Message Meaning How to Get Help
% Ambiguous command:
"show con"
% Incomplete command.
% Invalid input detected
at ‘^’ marker.
You did not enter enough characters
for your switch to recognize the
command.
You did not enter all the keywords or
values required by this command.
You entered t h e comm an d
incorrectly. The caret (^) marks the
point of the error.
Re-enter the command followed by a question mark (?)
with a space between the command and the question
mark.
The possible keywords that y ou can en ter wi th the
command are displayed.
Re-enter the command followed by a question mark (?)
with a space between the command and the question
mark.
The possible keywords that y ou can en ter wi th the
command are displayed.
Enter a question mark (?) to display all the commands
that are available in this command mode.
The possible keywords that y ou can en ter wi th the
command are displayed.
2-4
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 2 Using the Comm and-Line Interface
Using Command History
The IOS provides a history or reco rd of comma nds that you have entered. Th is featu re is particu larly
useful for recalling long or complex commands or entries, including access lists. You can customize the
command history fea ture to suit y our n eeds as desc ribe d in the se se c tions:
• Changing the Command History Buffer Size, page 2-5
• Recalling Commands, page 2-5
• Disabling the Comm and Histo ry Feat ure, pa ge 2-6
Changing the Command History Buffer Size
By default, the switch records ten command lines in its history buffer. Beginning in privileged EXEC
mode, enter this command to change the number of command lines that the switch records during the
current terminal session:
Switch# terminal history [size number-of-lines]
The range is from 0 to 256.
Using Command History
Beginning in line configur ati on mode , en ter thi s co mmand to c onfigure t he nu mb er of com ma nd l ine s
the switch records for all sessions on a particular line:
Switch(config-line)# history [size number-of-lines]
The range is from 0 to 256.
Recalling Commands
To recall comm ands from t he history buffer, perform one of the actions liste d in Table 2-4:
Table 2-4 Recalling Commands
1
Action
Press Ctrl-P or the up arrow key. Recall commands in t he hi stor y buffer, beginning with the most rec ent c omma nd.
Press Ctrl-N or the down arrow key. Return to more recent command s in the histo ry buffer after recalling comma nds
show history While in privileged EXEC mode, list the last several commands that you just
1. The arrow keys function only on ANSI-compatible terminals such as VT100s.
Result
Repeat the key sequence to recall successively older commands.
with Ctrl-P or the up arrow key. Repeat the key sequence to recall succ essively
more recent comm ands .
entered. The nu mb er of c om ma nds th at a re di spla yed i s de term ine d by the se ttin g
of the terminal history global configurati on com ma nd an d hi s tory line
configuration comm and.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
2-5
Using Editing Features
Disabling the Command History Feature
The command history feature is automatically enabled.
To disable the feature during the current terminal session, enter the terminal no history privileged
EXEC command.
To disable command history for the line, enter the no history line configuration comman d.
Using Editing Features
This section describes th e editin g featur es that can he lp you manip ulate the command line. It con tains
these sections:
• Enabling and Disabling Editing Features, page 2-6
• Editing Commands th rou gh Keystrokes, page 2 -7
• Editing Comman d Li nes t hat W rap, page 2 -8
Chapter 2 Using the Command-Line Interfac e
Enabling and Disabling Editing Features
Although enhan ced ed iting m ode is au to mat ical ly e na ble d, you c a n disab le it.
To re-enable the enhanced editing mode for the current terminal session, enter this command in
privileged EXEC mode:
Switch# terminal editing
To reconfigure a specific line to have enhanced editing mode, enter this command in line configuration
mode:
Switch(config-line)# editing
To globally disable enhanced editing mode, enter this command in line configuration mode:
Switch(config-line)# no editing
2-6
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 2 Using the Comm and-Line Interface
Editing Commands through Keystrokes
Table 2-5 shows the keystrokes that you need to edit command lines.
Table 2-5 Editing Commands through Keystrokes
Using Editing Features
Capability Keystroke
Move around the command line to
make changes or correc tions.
Press Ctrl-B, or pres s th e
left arrow key.
Press Ctrl-F, or press the
right arrow key.
Press Ctrl-A. Move the cursor to t he b eginn ing of the com ma nd lin e.
Press Ctrl-E. Move the cursor to the end of the command line.
Press Esc B. Move the cursor back one word.
Press Esc F. Move the cursor forward one word.
Press Ctrl-T. Transpose the character to the left of the cursor with the
Recall commands from th e buffer a nd
Press Ctrl-Y. Recall the most recent entry in the buffer.
paste them in the comman d line . The
switch provides a bu f fer with the last
ten items that you deleted.
Press Esc Y. Recall the next buffer entry.
Delete entries if you make a mistake
or change your mind .
Press the Delete or
Backspace key.
Press Ctrl-D. Delete the ch ar ac ter a t t he cu rsor.
Press Ctrl-K. Delete all characters from the cursor to the end of the
Press Ctrl-U or Ctrl-X. Delete all characters from the cursor to the beginning of
Press Ctrl-W. Delete the word to the left of the cursor.
Press Esc D. Delete from the cursor to the end of the word.
Capitalize or lowercase words or
Press Esc C. Capitalize at the cursor.
capitalize a set of letters.
Press Esc L. Change the word at the cursor to lowercase.
Press Esc U. Capitalize letters from the cursor to the end of the word.
Designate a part ic ula r keystroke as
Press Ctrl-V or Esc Q.
an executab le command, per haps as a
shortcut.
1
Purpose
Move the cursor back one char acter.
Move the cursor forward one character.
character located at the cursor.
The buffer contains only the last 10 items tha t you have
deleted or cut. If you press Esc Y more than ten times, you
cycle to the first buffer entry.
Erase the character to the left of the cursor.
command line.
the command lin e.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
2-7
Using Editing Features
Table 2-5 Editing Commands through Keystrokes (continued)
Chapter 2 Using the Command-Line Interfac e
Capability Keystroke
Scroll down a line or screen on
Press the Return key. Scroll down one line.
1
displays that are longer than the
terminal screen can display.
Note The More prompt is used for
any output that has mo re
lines than can b e di spla yed
on the terminal screen,
including show command
output. You can use the
Return and Space bar
keystrokes whenever you see
the More prompt .
Press the Space bar. Scroll down one scre en .
Redisplay the current command line
Press Ctrl-L or Ctrl-R. Redisplay the current command line.
if the switch sudde nly sends a
message to your screen.
1. The arrow keys function only on ANSI-compatible terminals such as VT100s.
Editing Command Lines that Wrap
Purpose
You can use a wra pa round f eat ure for com ma nds tha t extend b eyond a si ngle line o n the sc reen . W he n
the cursor reaches the right margin, the command line shifts ten spaces to the left. You cannot see the
first ten characters of the line, but you can scrol l back a nd check t he syntax a t the beginning of t he
command.
T o scroll back to the be ginning of the command entry, press Ctrl-B or the left arrow key repeatedly. You
can also press Ctrl-A to immediately m ove to t he begi nn ing o f th e l ine .
Note The arrow keys function only on ANSI-co mpati ble termi nals such as VT100 s.
In this example, the access-list global configuration command entry extends beyond one line. When the
cursor first reaches the en d of the line, the line is shifted ten spaces to the left and redisplaye d. The dollar
sign ($) sho ws t hat th e line has been scrol led to the left. Each time th e curs or reaches the end of the line,
the line is again shifted ten spaces to the left.
Switch(config)# access-list 101 permit tcp 131.108.2.5 255.255.255.0 131.108.1
Switch(config)# $ 101 permit tcp 131.108.2.5 255.255.255.0 131.108.1.20 255.25
Switch(config)# $t tcp 131.108.2.5 255.255.255.0 131.108.1.20 255.255.255.0 eq
Switch(config)# $108.2.5 255.255.255.0 131.108.1.20 255.255.255.0 eq 45
After you complete the entry, press Ctrl-A to check the comple te synt ax before pressi ng the Return key
to execute t he co mm an d. Th e d o llar sig n ( $ ) ap pears at the end of the line to show that the line has been
scrolled to the right:
Switch(config)# access-list 101 permit tcp 131.108.2.5 255.255.255.0 131.108.1$
The software assumes you have a terminal screen that is 80 columns wide. If you have a width other than
that, use the terminal width privileged EXEC co mman d to set the wi dth of y our t ermi n al.
2-8
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 2 Using the Comm and-Line Interface
Searching and Filtering Output of show and more Commands
Use line wrapping wit h the comm and hi story fea ture to rec all and modi fy previous comp lex comman d
entries. For info rmation a bout rec alling pr e vious command entries, see th e “Editing Commands through
Keystrokes” section on page 2-7.
Searching and Filtering Output of show and more Commands
You can search and filte r the output f or show and more commands. This is useful when you need to sort
through large amou nts o f outpu t or i f you want to exclu de ou tput th at y ou do no t ne ed t o see.
To use this functionality, enter a show or more command followed by the pipe character (|), one of the
keywords begin, include, or exclude, and an expression that you want to se arch f or or filter out:
command | {begin | include | exclude} regular-expression
Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output
are not displayed, but the lines tha t contain Output are displayed.
This example shows how to include in the output display only lines wher e the expression protocol
appears:
Switch# show interfaces | include protocol
Vlan1 is up, line protocol is up
Vlan10 is up, line protocol is down
GigabitEthernet0/1 is up, line protocol is down
GigabitEthernet0/2 is up, line protocol is up
Accessing the CLI
Before you can access the CLI, you need to connect a terminal or PC to the switch console port and
power on the switch as described in the hardware installation guide that shipped with your switch. Then,
to understand the b oot pro cess a nd the opt ions available for assigni ng IP inf ormat ion , see Chapter 4,
“Assigning the Switch IP Address and Default Gateway.”
If your switch is a lre ad y configure d, you ca n acc ess the C LI t hr ough a l o cal conso le co nne ctio n o r
through a remote Telnet session, but your switch must first be configured for th is type of acc ess. For
more information, see the “Setting a Telnet Password for a Terminal Line” section on page 7-5.
You can establish a connection with the switch in one of two ways:
• Connecting the swi tch cons ol e por t to a mana geme nt stat ion or dia l-up m odem. For in for ma tion
about connecting to the console port, refer to the switch hardware installation guide.
• Using any Telnet TC P/IP pack ag e fr om a rem ot e ma nage ment station. T he sw it ch m ust h ave
network connectivity with the Telnet client, and the switch must have an enable secret password
configured.
For information about configuring the switch for Telnet access, see the “Setting a Telnet Password
for a Terminal Line” section on page 7-5. The switch supports up to 16 simultaneous Telnet sessions.
Changes made by one Telnet user are reflected in all other Telnet sessions.
After you connect through th e co nsole port or th rough a Telnet session, the user E XEC pro mpt ap pear s
on the management station.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
2-9
Accessing the CLI from a Browser
Accessing the CLI from a Browser
This procedure assume s you have met the software requir ements (in cludin g browser and Java plug-in
configurations) and have assigned IP information and a Telnet password to the switch or command
switch, as described in the release notes.
To access the CLI from a web browser, follow these steps:
Step 1 Start one of the supported browsers.
Step 2 In the URL field, enter the IP address of the command switch.
Step 3 When the Cisco Systems Access page appears, click Telnet to start a Telnet session.
You can also access the CLI by clicking Monitor the router- HTML ac cess to the com mand l ine
interface from the Cisco Systems Access page. For information about the Cisco Systems Access page,
see the “Accessing CMS” section in the release notes.
Step 4 Enter the switch password.
The user EXEC prompt appears on the management station.
Chapter 2 Using the Command-Line Interfac e
Note Copies of the CMS pages that you display are saved in your browser memory cache until you exit the
browser session. A password is not re quired t o re displa y the se p ag es, inc lud ing th e Cisco Sy stem s
Access page. You can access the CLI by clicking Web Console - HTML access to the command line
interface from a cached copy of the Cisco Systems Access page. To prevent unauthorized access to CMS
and the CLI, exit your browser to end the browser session.
2-10
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
CHAPTER
Getting Started with CMS
This chapter provides these topics about the Cluster Management Suite (CMS) software:
• Features, page 3-2
• Front Panel View, page 3-4
• Topology View, page 3 -9
• Menus and Toolbar, page 3-14
• Interaction Modes, page 3-23
• Wizards, page 3-24
• Online Help, page 3-25
• CMS Window Components, page 3-26
• Accessing CMS, page 3-28
• Verifying Your Changes , page 3- 30
• Saving Your Configuration, pag e 3- 30
3
• Restoring Your Configurat ion , pa ge 3- 31
• CMS Prefer ence s, pa ge 3 -31
• Using Different Versions of CM S, page 3-31
• Where to Go Next, page 3-32
Note • For system requirements and for browser and Java plug-in configuration pr ocedu res, refe r to the
release notes.
• For procedures for using CMS, refer to the online help.
Note This chapter describ es CM S on the C ata lyst 2 950 sw itch es. Re fer to the appr opr iate sw itch
documentation for descriptions of the web-based management software used on other Catalyst switches.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-1
Features
Features
Chapter 3 Getting Started with CMS
CMS provides th ese fe atures (Figure 3-1) for managing sw itch cl usters and ind ividual swi tches fr om
Web browsers such as Ne tscape Communi cato r or Micros oft Intern et Ex plorer:
• Two views of your network that can be display ed at the same time:
–
The Front Panel view displays the front- panel i mage of a spec ific switch or t he front- panel
images of all switches in a cluster. From this view, you can select multiple ports or multiple
switches and configure them with the same settings.
When CMS is launched from a comma nd switch, the Front Panel view displays the front-panel
images of all switches in the cluster. When CMS is launched from a noncommand switch, the
Front Panel view displays only the front panel of the specific switch.
Note CMS from a standalone switch or fr om a no ncom mand sw itch is re fer red t o a s Device
Manager (also referred to as Switch Manager). Device Manager is for configuring an
individual switch. When you select Device Manager for a specific switch in the cluster,
you launch a separate CMS session. The Device Manage r inter face can vary between
the Catalyst switch platforms.
–
The Topology view displays a network map that uses icons that represent switch clusters, cluster
members, cluster candidates, n eighbor ing de vic es that are not eligi ble to join a cluster, and link
types. From this vie w , you can se lect multiple switches and conf igure them to run with the same
settings. You can also display link information in the form of link reports and link graphs.
This view is available only whe n CMS i s la unche d from a com ma nd sw itch.
• Menus and toolbar t o ac cess c onfiguration and m anage ment opti on s:
–
The menu bar provides the compl ete list of op tions for mana ging a singl e switch and swit ch
clusters .
–
The toolbar provides buttons for co mmonly use d switch and cluste r configurati on option s and
information windows such as legends and online help.
–
The port popup menu, in the Front Panel view, provides options specific for configuring and
monitoring switch ports.
–
The device popup me nu, i n e ith er the Front Panel o r th e Topology views, provides switch and
cluster configuration and monitoring options.
–
The candidate, member, and link popup menus provide options for configuring and monitoring
devices and links in the Topology view.
The toolbar and popup menus provide quick ways to access frequ ently used menu-bar opt ions.
• Tools to simplify configuration tasks:
–
Interactive modes—guide mode and expert mode—that control the presentation of some
complex configuration option s
3-2
–
Wizards that require minimal information from you to configure some complex features
–
Comprehensive online hel p t ha t pr ovides h ig h-level co ncep ts and pr oced ure s f or perf orm ing
tasks from the window
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
• Two levels of access to the configuration options: read-write access for users allowed to change
switch settings; read-only access for users allowed to only view switch settings
• Consistent set of G UI c ompon en ts (s uch a s tabs, butt ons , dro p-d own lists , t abl es, a nd so on) f or a
uniform approach t o viewing a nd se tt ing c on figuration pa rame ter s
Figure 3-1 CMS Features
Features
Toolbar
Menu bar
cluster1
Move the cursor over
the icon to display the
tool tip. For example,
the button displays
the legend of icons
and color codes.
Click Guide or
Expert interaction
mode to change how
some configuration
options will be
presented to you.
65282
78-11380-05
Front Panel view of
the cluster.
Topology view of
the cluster.
Catalyst 2950 Desktop Switch Software Configuration Guide
65717
3-3
Front Panel View
Front Panel View
When CMS is launched from a command swi tch, the Fron t Panel view displays the fr ont-p anel im ages
of all switches in the cluster (Figure 3-2). W he n C MS i s la unche d fro m a stan da lone o r n oncom mand
member switch, the Front Panel view displays only the front pane l of the speci fic switch (Figu re 3- 3).
Figure 3-2 Front Panel View from a Command Switch
Chapter 3 Getting Started with CMS
cluster1
Cluster tree.
10.1.1.2
Right-click a member
switch image to display
the device pop-up
menu, and select an
option to view or change
system-related settings.
Right-click the
command switch
image to display the
cluster pop-up menu,
and select a cluster-
related option.
65718
3-4
Figure 3-3 Front Panel View from a Standalone Switch
2950-24
Left-click the Mode
button to change
the meaning of the
port LEDs.
Catalyst 2950 Desktop Switch Software Configuration Guide
2950-24
LEDs display the
current port mode
and the status of the
switch and
connected RPS.
Right-click a port to
display the port pop-up
menu, and select an
option to view or change
port-related settings.
Press Ctrl, and then
left-click ports to select
multiple ports. The color
of the port LED reflects
port or link status.
65719
78-11380-05
Chapter 3 Getting Star ted with CMS
Cluster Tree
The cluster tree (Figure 3-2) appears in the left f rame of the Front Pan el vie w a nd sho ws the name o f the
cluster and a list of its members. The sequence of the cluster-tree icons (Figure 3-4) mirror the sequence
of the front-pan el image s. You can change the sequ ence b y selecti ng View > Arrange Front Panel . The
colors of the devices in the cluster tree show the status of the devices (Table 3-1).
If you want to configure switch or cluster settings on one or more switches, select the appropriate
front-panel ima ges.
• To select a fr ont-p anel im age, cl ick ei ther th e cluste r-tree icon or t he corre spon ding front-p an el
• To select multiple front-panel images, press the Ctrl key, and left-click the cluster-tree icons or the
If the cluster has many switches, you might need to scroll down the window to display the rest of the
front-panel image s. In stea d of scrol ling, you c an click a n icon in the cluste r tree , and CM S then scro lls
and displays the co rre spondi n g f ront -pane l i mage .
Figure 3-4 Cluster-Tree Icons
Front Panel View
image. The front-panel image is then highlighted with a yellow outline.
front-panel images. To deselect an icon or image, press the Ctrl key, and le ft-click the icon or image.
Table 3-1 Cluster Tree Icon Colors
Color Device S tat us
Green Switch is operating normally.
Y el lo w The internal fan of the switch is not operating, or the switch is re cei ving po wer from an RPS.
Red Switc h is not po wered up, has lost po wer, or the command switch is unable to communicate
Front-Panel Images
You can manage the switch fro m a remote sta tion by using the fron t-pane l images . The front -panel
images are updated b ased on t he ne twor k pol ling in terval tha t you se t f rom CMS > Preferences.
This section includes descriptions of the LED images. Similar descriptions of the switch LEDs are
provided in the switch hardware installation guide.
Note The Preferences window is available if your switch access level is read-only. For more information about
the read-only access mode, see the “Access Modes in CMS ” section on page 3-29.
with the member switch.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-5
Front Panel View
Chapter 3 Getting Started with CMS
Figure 3-5 shows the port icons as they appear in the front-panel images. To select a port, click the port
on the front-panel image. The port is then highlighted with a yellow outline. To select multiple ports,
you can:
• Press the left mouse button, drag the pointer over the group of ports that you want to select, and then
release the mouse button.
• Press the Ctrl key, and click the ports that you want to select.
• Right-click a port, a nd se lect Select All Ports from the port popup menu.
Figure 3-5 Port Icons
Table 3-2 desc ribes the co lors repr esentin g the wavelengths on the CWDM GB IC module s. For port
status LED infor ma tion, se e t he “Port Modes and LEDs” section on page 3-7.
Table 3-2 Port Icon Colors for the CWDM GBIC Module Ports
Wavelength Color
1470 nanometer s ( nm) Gray
1490 nm Violet
1510 nm Blue
1530 nm Green
1550 nm Yellow
1570 nm Orange
1590 nm Red
1610 nm Brown
Redundant Power System LED
The Redundant Power System (RPS) LED shows the RPS status (Table 3-3). Certain switches in the
switch cluster use a specific RPS model:
• Cisco RPS 300 (mode l PWR3 00-AC-RPS-N1)—Catalyst 2900 LRE XL, Catalyst 2950,
Catalyst 3524-PWR XL, and Catalyst 3550 switche s
3-6
• Cisco RPS 600 (mode l PWR6 00- AC-RPS)—Cataly st 2900 XL and Catalyst 3 500 X L switches,
except the Catalyst 2900 LRE XL and Catalyst 3524-PWR XL switches
Refer to the appropriate swi tch hardwa re docume ntat ion for RPS desc riptions spe cific for the swi tch.
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Front Panel View
Tabl e 3-3 RPS LED
Color RPS Status
Black (off) RPS is off or is not installed.
Green RPS is connected and operational.
Blinking green RPS is provid ing power to another sw itch in the st ack.
Amber RPS is connected but not functioning.
The RPS could be in standby mode. To put the RPS in Active mode, press the Standby/Active button on the
RPS, and the LED should turn gr een. If it does no t, one of thes e conditi ons could exist:
• One of the RPS power supplies could be down. Contact Cisco Systems.
• The RPS fan could have failed. Cont act C isco Systems.
Blinking amber Internal power supply of the swi tch is d own, and re dunda ncy is lo st. Th e sw itch is op erat ing on the R PS.
Port Modes and LEDs
The port modes ( Table 3-4) determine the ty pe of i nf orma tion d ispl ayed thr ough the port LE Ds. Whe n
you change port modes, the me anings of the port LED colors ( Table 3-5) a l so ch an ge.
Note The bandwidth utilization mode (UTIL LED) does not appear on the front-panel images. Select
Reports > Bandwidth Graphs to display the total bandwidth in use by the switch. Refer to the switch
hardware installation guide for information about using the UTIL LED.
To select or ch an ge a m ode , c lick t he M ode button u ntil the de sire d mo de L ED i s gree n.
Table 3-4 Port Modes
Mode LED Description
STAT Link status of the ports. De fault m od e.
DUPLX Duplex setting on the ports. The defaul t setting on the 10/100 ports is auto . The default setting
on the 10/100/1000 por ts is full.
SPEED Speed setting on the p orts. The d efault setti ng on t he 10/10 0 a nd 10 / 100/1 000 port s is au to.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-7
Chapter 3 Getting Started with CMS
Front Panel View
Table 3-5 Port LEDs
Port Mode Port LED Color Description
STAT Cyan (off) No link.
Green Link present.
Amber Link fault. Error frames can affect connectivity, and errors such as excessive
collisions, CRC errors, and alignment an d jabber errors are monitore d for a link-fault
indication.
Port is not forwardin g. Por t was di sabl ed by m an agem ent , by an a ddress viol at ion,
or by Spanning Tree Protocol (S TP).
Note After a port is reconfigured, the port LED can remain amber for up to
30 seconds as STP checks the switch for possib le loops.
Brown No link and port is administrat ively shut down.
DUPLX Cyan (off) Port is operating in half-d uplex mode.
Green Port is op erat ing i n full- dupl ex m od e.
SPEED Cyan (off) Port is operating at 10 Mbps (10/100 ports) or no link (10/100/1000 ports and GBIC
module ports).
Green Port i s op erat ing at 10 0 Mbps (10/100 ports) o r 100 0 M bp s ( GBIC mo dule port s).
Blinking green Port is op er ati ng a t 10 00 M bps (10 / 100/1 000 po rts).
VLAN Membership Modes
Ports in the Front Panel view are outlined by colors (Table 3-6) wh en y ou cl ick Highlight VLAN Port
Membership Modes on the Configure V LAN s tab on t he V LAN w indow
(VLAN > VLAN > Configure VLANs). The colors show the VLAN membership mode of each port.
The VLAN membe rship mode determ ines the kind of traffic the port carries and the number of VLANs
it can belong to. For m ore in forma ti on ab out th ese mod es, se e the “VLAN Port Membership Modes”
section on page 13-3 .
Note This feature is not supported on the Catalyst 1900 and Catalyst 2820 sw itches.
Table 3-6 VLAN Membership Modes
Mode Color
Static access Light green
Dynamic access Pink
802.1Q trunk Peach
Negotia te tr unk Wh ite
3-8
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Topology View
The Topology view displays how the devices within a switch cluster are connected and how the switch
cluster is con necte d to oth er cl uster s an d devices . Fr om t his vi ew, you can add and re move cluste r
members. This view provide s two levels of deta il of t h e ne twork topo l ogy:
• When you right-click a cluste r icon and selec t Expand Clust er, the Topology view displays the
switch cluster in detail. This view shows the command switch and member switches in a cluster. It
also shows candidate switches that can join the cluster. This view does not display the details of any
neighboring switch c luster s ( Figur e 3-6).
• When you right-click a command-switch icon and select Collapse Cluster, the cluster is collapsed
and represented by a single ico n. The vi ew shows how the cluster is connecte d to other clusters,
candidate switches, and devices that are not eligible to join the cluster (such as routers, access
points, IP phones, and so on) ( Fi gure 3-7).
Note The Topology vie w displays only the switch cluster and network neighborhood of the specific command
or member switch that you access. T o display a different switch cluster, you need to access the command
switch or member swit ch of th at clus ter.
Topology View
You can arrange the device icons i n this view. To move a device icon, click and drag the icon. To select
multiple device icons, you ca n eithe r:
• Press the left mouse button, drag the pointer over the group of device icons that you want to select,
and then releas e th e mouse button.
• Press the Ctrl key, and click the device icons that yo u want to se lect .
After selecting the icons, drag the icons to any area in the view.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-9
Topology View
Chapter 3 Getting Started with CMS
Figure 3-6 Expand Cluster View
Cluster members of
cluster1 and other
devices connected
to cluster1.
Right-click a
link icon to display
a link popup menu.
Figure 3-7 Collapse Cluster View
cluster1
Right-click a
device icon to display
a device popup menu.
65722
Neighboring cluster
connected to
cluster1.
Devices connected
to cluster1 that are
not eligible to join
the cluster.
3-10
65723
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Topology Icons
The Topology view and the cluster tree use the same set of device icons to represent clusters, command
and standby command switches, and membe r switches ( Figure 3-8). The Topology view also uses
additional icons to r epre sen t t hes e ty pes of nei ghbori n g d evices:
• Customer premises equipment (CPE) devices that are connected to Long-Reach Ethernet (LRE)
• Devices that are not eligible to join the cluster, such as Cisco IP phones, Cisco access points, and
• Devices that are identified as unknown devices, su ch as some Cisco devices and third-party devices
Tip Neighboring devices are only displayed if they are connected to cluster members. To display neighboring
devices in the To pology view, either add the switch to which they are connected to a cluster, or enable
that switch as a command switch.
Topology View
switches
Cisco Discovery Protocol (CDP)-capable hubs and rou ters
Note The System Switch Processor (SSP) card in the Cisco Integrated Communications System
(ICS) 7750 appears as a Layer 2 switch. SSP cards are not eligible to join switch clusters.
Note Candidate switches are d istinguished b y the color of their de vice label. De vice labels and their color s are
described in the “Colors in the Topology View” section on page 3-12.
T o sel ect a de vice, cl ick the icon. The icon is t hen highlight ed. To select multiple de vic es, you can e ither:
• Press the left mouse button, drag the pointer over the group of icons that you want to select, and then
release the mouse button.
• Press the Ctrl key, and click the icons that you want to select.
Figure 3-8 Topology-View Device Icons
78-11380-05
The Topology view also uses a set of link icon s ( Figure 3-9) to show the link type and status between
two devices. To select a link, click the li nk that you want to select . To select multiple lin ks, press the Ctrl
key, and click the links that you want to select.
Catalyst 2950 Desktop Switch Software Configuration Guide
3-11
Topology View
Chapter 3 Getting Started with CMS
Figure 3-9 Topology-View Link Icons
Device and Link Labels
The Topology view display s device and link infor mati on by using these l abels:
• Cluster and switch names
• Switch MAC and IP addresses
• Link type between th e devices
• Link speed and ID s o f th e inter faces on both ends of the link
When using these l abe ls, ke ep the se consid era tions in mi nd:
• The IP address displays only in the labels for the command switch and member switches.
• The label of a neighboring cluster icon only displays the IP address of the command-switch IP
address.
• The displayed link speeds ar e the ac tual link spee ds except on th e LRE link s, which di splay the
administratively assigned speed settings.
You can change th e l abe l se tting s f rom th e Topology Options wind ow, which is displayed by s elect ing
View > Topology Options.
Colors in the Topolo gy Vie w
The colors of the T opology view icons show the status of the devices and links (Table 3-7, Table 3-8, and
Table 3-9).
3-12
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Table 3-7 Device Icon Colors
Icon Color Color Meaning
Green The device is operating.
1
Yellow
1
Red
1. Available only on the cluster members.
Table 3-8 Single Link Icon Colors
Link Color Color Meaning
Green Active link
Red Down or blocked link
Topology View
The internal fan of the switch is not operating, or the switch is receiving power from an
RPS.
The device is not operating.
Table 3-9 Multiple Link Icon Colors
Link Color Color Meaning
Both green All links are active.
One green; one red At least one link is active, and at least one other link is do wn
Both red All li nks are d own or bloc ked.
The color of a device label shows the cluster membership of the device (Table 3-10).
Table 3-10 Device Label Colors
Label
Color Color Meaning
Green A cluster member, either a member switch or the command switch
Cyan A candidate switch that is eligible to join the cluster
Y ello w An unknown device or a de vice that is not eligible to join the cluster
Topology Display Options
You can set the type of informa tion displa yed in the Topology view by changing the settings in the
Topology Optio ns w ind ow. To display this wi ndow, select View > Topology Options. From this
window, you can select:
• Device icons that you want di splay ed i n or filtere d fr om the Topology View window
or blocked.
78-11380-05
• Interface IDs and Actua l Sp ee d values th at yo u want displa ye d in the L ink wi ndow
• Host Names, IP addresses, and MAC address label s that you want disp layed in the No de window
Catalyst 2950 Desktop Switch Software Configuration Guide
3-13
Menus and Toolbar
Menus and Toolbar
The configuration and mo nit oring op tion s for c onfiguring sw it ches an d s witc h cl uste rs ar e available
from menus and a toolbar.
Menu Bar
The menu bar provides the compl ete list of op tions for mana ging a singl e switch an d switch clust er.
Options displayed from the me nu bar can vary:
Note The menu-bar options on a Catalyst 2950 switch change depending on whether the switch is running the
enhanced software image (EI) or the standard image (SI). The footnotes in Table 3-11 list the options
available if the switch is running the EI.
• Access modes affect the av ailability of fea tures from CMS. The footnotes in Table 3-11 describe the
availability of an option based on your access mode in CMS: read-only (access level 1–14) and
read-write (ac cess level 15). For m ore i n forma tio n ab out h ow access m od es affect CMS , see th e
“Access Modes in CMS” section on page 3-29.
Chapter 3 Getting Started with CMS
• The option for en ab lin g a co mma nd swit ch is only available f rom a C MS sessio n laun ched fr om a
command-capable switch.
• Cluster management tasks, such as upgrading the software of groups of switches, are available only
from a CMS session launched from a comm and switc h.
• If you launch CMS from a specific switch, the menu bar displays the features supported only by that
switch.
• If you launch CM S f rom a co mm and sw it ch, the menu b ar disp lays the f eature s supp orte d on t he
switches in the cluster, with these exceptions:
–
If the command switch is a Layer 3 switch, such as a Catalyst 3550 switch, the menu bar
displays the features of all Layer 3 and Layer 2 switches in the cluster.
–
If the command switch is a Layer 2 switch, such as a Catalyst 2950 or Catalys t 3500 XL switch,
the menu bar displays the features of all Layer 2 switches in the cluster. The menu bar does not
display Layer 3 featur es even if the cluster has Catalyst 3550 Layer 3 membe r switche s.
3-14
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Note • We strongly recommend that the highest-end, command-capable switch in the cluster be the
command swit ch:
–
–
–
• Standby command switches must meet these requirements:
–
–
–
Menus and Toolbar
If your switch cluster has a Catalyst 3550 switch, that switch should be the command switch.
If your switch cluster has Catalyst 2900 XL, Catalyst 2950, and Catalyst 3500 XL switches, the
Catalyst 2950 sh ould be t he co mm an d swit ch.
If your switch cluster has Catalyst 1900, Catalyst 2820 , Catalyst 2900 XL, and
Catalyst 3500 XL switches, either the Catalyst 2900 XL or Catalyst 3500 XL should be the
command swit ch.
When the command switch is a Catalyst 3550 switch, all standby command switches must be
Catalyst 3550 switche s.
When the command switch is a Catalyst 2950 switch running Release 12.1(9)EA1 or later, all
standby command s witche s m ust b e Ca talyst 2950 switches ru nning Re le ase 12.1(9)EA1 or
later.
When the command switch is a Catalyst 2950 switch running Release 12.1(6)EA2 or later, all
standby command s witc hes m ust b e Catal yst 2950 switches runni ng Re le ase 1 2. 1(6 )EA2 or
later.
–
When the command switch is runni ng Rele ase 12.0(5)WC2 or earlier, the standby comman d
switches can be these swi tches: C ata lyst 2900 XL, Catalyst 2950, and Catalyst 3500 XL
switches.
We strongly recommend that the command switch and standby command switches are of the same
switch platform and that both are running the same level of software (SI or EI). In the event of a
failover, the standby command switc h must support the same configu ratio n a nd serv ice s tha t a re
running on the com ma nd sw it ch.
–
If you have a Catalyst 35 50 co mman d sw itc h, the st andby c om mand switc hes sh oul d be
Catalyst 3550 switche s.
–
If you have a Catalyst 29 50 co mman d sw itc h, the st andby c om mand switc hes sh oul d be
Catalyst 2950 switche s.
–
If you have a Catalyst 2900 XL or Catalyst 3500 XL command sw itch, the stand by command
switches should be Catalyst 2 900 X L and Catalyst 3500 XL switches.
Refer to the release notes for the Catalyst switches that can be part of a switch cluster.
Note Unless note d ot herw is e, Table 3-11 lists the menu-bar options available from a Catalyst 2950 command
switch when the cluster contains only Catalyst 2950 member switches. The menu bar of the command
switch displays all menu-bar options available from the cluster, including options from member switches
from other cluster-capable switch platforms.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-15
Chapter 3 Getting Started with CMS
Menus and Toolbar
Table 3-11 Menu Bar
Menu-Bar Options Task
CMS
Page Setup Set default docum en t pr in ter p rop er ties to be use d w hen pr int ing f ro m CMS.
Print Preview View the way the CMS window or help file will appear when printed.
Print Print a CMS window or help file.
Guide Mode/Expe rt Mo de
Preferences
Administration
IP Addresses
SNMP
System Time
HTTP Port
2
2
2
2
2
Users and Passwords Configure usernames an d pas s words f or privilege levels 0 to 15 .
Console Baud Rate
MAC Addresses
2
ARP
2
Save Configuration
Restore Configuration
Software Upg rade
System Reload
1
1
Event Notification Create notification IDs that generate e-mail notifications when system events occur.
Cluster
Cluster Manager
Create Cluster
Delete Cluster
Add to Cluster
3
1 4
1 5
1 5
Remove from Cluster
Standby Command Switches
Hop Count
Device
Device Manager
Host Name
STP
2 5
5
1
2
1
Select which interac tion mod e t o u se w hen you selec t a con figuration o pti on.
Set CMS display properties, such as polling in tervals, the def ault views to open at startup,
and the color of a dm inist ratively shutdown ports.
Configure IP information for a switc h.
Enable and disabl e Simple Ne twork Man ag emen t Pro toc ol ( SNMP), en ter co mm unit y
strings, and configure end sta tions as trap ma nagers.
Configure the system time or con figure the Networ k Time Protocol (N TP) .
Configure the Hypertext Transfer Protocol (HTT P) port nu mber.
2
Change the baud rate for the switch console port.
Enter dynamic, secure, and static addresses in a switch address table. You can also define
the forwarding behavior of static addresse s.
Display the device Ad dress Res ol ution Proto col (A RP) t abl e, a nd configure the ARP
cache timeout setting.
1
Save the configuration for the cluster or swi tch to Flash memory.
Restore the configuration file to one or more switches in the cluster.
Upgrade the software for the cluster or a switch.
Reboot the switch with the latest installed software.
Launch a CMS session from the member switch.
Designate a comman d switch, a nd name a clust er.
Delete a cluster.
Add a candidat e t o a clust er.
1 5
Remove a member from the cl uster.
2 5
Create a Hot Stand by Route r Proto col (HSRP) sta ndby gr oup t o pr ovide
command-switch redun dancy.
Enter the num ber of hop s away t hat a c om mand swi tch look s f or memb er s a nd fo r
candidate switches.
Launch Device Manager for a specific switch.
Change the host name of a switch.
Display and configure STP parameters for a switch.
3-16
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Menus and Toolbar
Table 3-11 Menu Bar (continued)
Menu-Bar Options Task
IGMP Snooping
802.1X
ACL
1
2 6
(guide mode available1)
Security Wizard
2
QoS
(guide mode available on som e
options
1
)
AVVID Wizards
Port
Port Settings
Port Search Search for a port through its de script ion.
Port Security
EtherChannels
2
SPAN
Protected Port
Flooding Control
VLAN
2
VLAN
(guide mode available1)
Management VLAN
2
VMPS
Voice VLAN
Reports
Inventory Display the device type, software version, IP addre ss, and other sw itch info rmat ion.
2
Enable and disable Intern et Group Manage ment Protoc ol (IGMP) snoo ping and IG MP
Immediate-Leave proc essing on the switch. Join or lea ve multicast grou ps, and configure
multicast routers.
Configure 802.1X authen ticat ion of devices as they are att ached to LAN ports in a
point-to-point infrastructure.
Create and maintain access control lists (ACLs), and attach ACLs to specific ports.
1 6
Filter certain traf fic, su ch as HTTP tr af fic, to certain ne tworks or de vic es. Restrict access
to servers, networks, or a ppli cat ion da ta from c ert ain net works o r d evices.
Display submenu options to enable and disable quality of service (QoS) and to conf igure
or modify these p aram eters :
• Trust settings
• Queues
• Maps
2 6
• Classes
• Policies
1
• Voice Wizard
• Video Wizard
• Data Wizard
2
1
2
Display and configure port para mete rs on a swi tch .
Enable port security on a port.
Group ports into logical units for high-speed links between switches.
2
2
2 6
(guide mode available1)
2 6
(guide mode available1)
1
—Configure a por t to sen d or rece ive voice traffic.
1
—Optimize m ul tipl e vi deo ser vers f or se nding v ideo tra ffic.
1
—Provide a higher priority to specific applications.
6
6
Enable Switched Port Analyzer (SPAN) port monitoring.
2
Configure a port to prevent it from receiving bridge d traffic from another port on the
same switch.
2
Block the normal floodi ng of unica st and multic ast packets, and enabl e the switch to
block packet storms.
Display VLAN me mber ship, a ssign po rts to V LAN s, a nd co nfigure 802.1 Q trun ks.
Display and configure t he V LA N Trunking Prot oco l (V TP ) for int ersw itch VLA N
membership.
2
Change the man agem e nt VLA N on the sw itch.
Configure the VLAN Membership Policy Server (VMPS).
2
Configure a port to use a v oice VLAN for voice traf fic, separating it fro m the VLANs for
data traffic.
6
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-17
Chapter 3 Getting Started with CMS
Menus and Toolbar
Table 3-11 Menu Bar (continued)
Menu-Bar Options Task
Port Statistics Display port statistics.
Bandwidth Graphs Display graphs that plot the t otal band width in use by the swit ch.
Link Graphs Display a graph showing th e bandw idt h bei ng use d f or t he se le cte d li nk .
Link Reports Display the link report for two connected devices. If one device is an unknown device or
a candidate, only the cluster-member side of the link displays.
Resource Monitor
System Messages Display the most recent system messages (IOS messages and switch-specific messages)
View
Refresh Update the views with the latest status.
Front Panel Display the Front Panel view.
Arrange Front Panel
Topology
5
Topology Options
Automatic Topology Layout
Save Topology Layout
Window
Help
Overview Obtain an overview of the CMS interface.
What’s New Obtain a des crip tio n of the new CMS f eat ures.
Help For Active Window Di s play the help for the active open window. This is the same as clicking He lp from the
Contents List all of the available online help topics.
Legend Display the legend that describe s the icons, lab els, and li nks.
About Display the CMS version number.
1. Not available in read-only mode. For more information about the read-only and read-write access modes, see the “Access Modes in CMS” section on
page 3-29.
2. Some options from this menu option are not available in read-only mode.
3. Available only from a Device Manager session on a cluster member.
4. Available only from a Device Manager session on a command-capable switch that is not a cluster member.
5. Available only from a cluster management session.
6. Available only from a switch running the EI.
6
Display masks for ACL and QoS po licy maps.
sent by the switch softwa re.
This option is available on the Catalyst 2950 or 3550 switches. It is not available from
the Catalyst 2900 XL and Catalyst 3500 XL switches. You can display the system
messages of the Catalyst 2900 XL and 3500 XL switches when they are in a cluster
where the comm an d swi tc h is a Cat alyst 2950 switch runn ing Relea se 12.1(6)EA2 or
later or a Catalyst 3550 switch running Re lease 12.1(8)EA1 or la ter. For more
information about system messages, refer to the switch system messa ge guide.
1 5
Rearrange the order in which switches appear in the Front Panel view.
Display the Topology view.
5
1 5
Select the informa tion to b e displa yed i n the Topology view.
5
Request CMS to rearrange th e topology la yout.
Save the presentation of the cluster icons that you arranged in the Topology view to Flash
memory.
List the open windows in your CMS session.
active window.
3-18
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Menus and Toolbar
Toolbar
The toolbar buttons display commonl y-used swit ch and cluster configuration opti ons and info rmation
window s such as le gends an d online h elp. Ho ver the cu rsor o ver an i con to disp lay the feature. Table 3-12
describes the toolbar opti ons, fro m left to right on the toolba r.
Table 3-12 Toolbar Buttons
Keyboard
Toolbar Option
Print Ctrl-P Print a CMS window or help file.
Preferences
Save Configuration
Software Upg ra de
Port Settings
VLAN
1
2
2
1
1
Inventory – Display the device type , the soft ware version, the IP add ress, and othe r
Refresh – Update the views with the latest status.
Front Panel – Display the Front Panel view.
Topology
Topology O ptions
3
3
Save Topology Layout
Legend – Display the legend that describes the icons, labels, and links.
Help For Active Window F1 key Display the help for the active open window. This is the same as clicking Help
1. Not available in read-only mode. For more information about the read-only and read-write access modes, see the “Access Mo de s in CMS” section
on page 3-29.
2. Some options from this menu option are not available in read-only mode.
3. Available only from a cluster-management session.
Shortcut Task
Ctrl-R Set CMS display properties, such as polling interv als, th e vie ws to open at CMS
startup, and the colo r of administ ratively shutdown ports.
Ctrl-S Save the configuration for the cluster or switch to Flash memory.
Ctrl-U Upgrade the software for the cluster or a switch.
– Display an d c onfigure port para met ers on a swi tc h.
– Display VLA N me m bership, assi gn port s to VL ANs, and c onfigure 80 2.1 Q
trunks.
information about a switch.
– Display the Topology view.
– Select the infor mat ion to b e di spla yed in t he Topology view.
2 3
– Save the presentation of the cluster icons that you arranged in the T opology view
to Flash memory.
from the active window.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-19
Menus and Toolbar
Front Panel View Popup Menus
These popup menus ar e available in the Fr ont Panel v iew.
Device Popup Menu
You can display al l swi tch and c luster configu ratio n wind ows from t he me nu ba r, or you ca n d isplay
commonly used configuration windows from the device popup menu (Table 3-13). T o display the device
popup menu, click the switc h icon from the cluste r tree or the front-pane l image its elf, and ri ght-cl ick.
Table 3-13 Device Popup Menu
Popup Menu Opt ion Task
Device Manager
Host Name
Delete Cluster
Remove from Cluster
Bandwidth Grap hs Display graphs that plo t t he t ota l b andw idt h in use.
Properties Display information about the device and port on either end o f the link and
1. Available from a cluster member switch but not from the command switch.
2. Not available in read-only mode. For more information about the read-only mode, see the “Access Modes in CMS” section
on page 3-29.
3. Available only from the command switch.
4. Available only from a cluster-management session.
1
2
2 3 4
2 4
Remove a member from the cluster.
Chapter 3 Getting Started with CMS
Launch Device Manager for the switch.
Change the name of the sw itch.
Delete a cluster.
the state of th e li n k.
Port Popup Menu
You can display all port configuration windows from the Port menu on the menu bar, or you can display
commonly used port configuration windows from the port popup menu (Table 3-14). To display the por t
popup menu, click a speci fic port image, an d right- click.
Table 3-14 Port Popup Menu
Popup Menu Opt ion Task
Port Settings
1
VLAN
1
Display and configure port setti ngs.
Define the VLAN mod e fo r a por t or po rts an d add po rts t o VLA Ns. Not
available for the Catalyst 1900 and Catalyst 2820 switches.
Port Security
Link Graphs
1 2
3
Enable port security on a port.
Display a graph showing the band width used by the selec ted link.
Select All Ports Select all ports on the switch for global configuration.
1. Some options from this menu option are not available in read-only mode.
2. Available on switches that support the Port Security feature.
3. Available only when there is an active link on the port (that is, the port LED is green when in port status mode).
3-20
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Topology View Popup Menus
These popup menus ar e available in t he Topology view.
Link Popup Menu
You can display reports and graph s for a spec ific link displayed in the Topology view (Table 3-15). To
display the link pop up menu, cl ick the link i con, and righ t -clic k.
Table 3-15 Link Popup Menu
Popup Menu Option Task
Link Report Display the link report for two connected devices. If one device is an unknown
Link Graph Display a graph showing the current bandwidth used by the selected link. You
Properties Display information about the device and port on either end of the link and the
Menus and Toolbar
device or a candidate, o nly the c lust er m embe r side of the li nk di sp lays.
can change the graph polling interval by selecting CMS > Preferences.
state of the link.
The Link Repo rt a nd L ink G raph opt ion s a re n ot availabl e if a t b oth en ds o f th e l ink ar e
• Candidate switches
• Catalyst 1900 and Ca talyst 2820 switches
• Devices that are not eligible to join the cluster
If multiple lin ks are co nfigured bet wee n two devices, wh en you c li ck t he link i con an d right- cli ck, t he
Multilink Content window appears (Figure 3-10). Click the link icon in this window, and right-click to
display the link popup menu spe cific for that lin k.
Figure 3-10 Multilink Decomposer Window
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-21
Menus and Toolbar
Device Popup Menus
Specific devices in the Topology view display a specific popup me nu:
• Cluster (Table 3-16)
• Command switch (Table 3-17)
• Member or st an dby co mm an d swi tch ( Table 3-18)
• Candidate switch with an IP address (Table 3-19)
• Candidate switch without an IP address (Table 3-20)
• Neighboring devices (Table 3-21)
Note The Device Manager optio n i n the se pop up m en us is available in r ead- only m od e o n Cat alyst 2900 XL
and Catalyst 3500 XL switches running Releas e 12 .0(5)WC2 a nd later. It is also available on
Catalyst 2950 swit ches ru nnin g R ele ase 12.1(6)EA2 and l ater an d on Ca talyst 3550 switch runn ing
Release 12.1(8)EA 1 or later. It is not available on the Catalyst 1900 and Catalyst 2820 switches.
To display a d evice p opup men u, c lick an ic on, a nd righ t-c lic k.
Chapter 3 Getting Started with CMS
Table 3-16 Device Popup Menu of a Cluster Icon
Popup Menu Opt ion Task
Expand cluster View a cluster-specific topology view.
Properties Display information about the device.
Table 3-17 Device Popup Menu of a Command-Switch Icon
Popup Menu Option Task
Collapse cluste r View the neighborhood outside a specific cluster.
Host Name
1
Change the host name of a switch.
Bandwidth Graphs Display graphs that plot the total bandwidth in use by the switch.
Properties Display information about the device.
1. Not available in read-only mode. For more information about the read-only and read-write access modes, see the “Access
Modes in CMS” section on page 3-29.
Table 3-18 Device Popup Menu of a Member or Standby Command-Switch Icon
Popup Menu Opt ion Task
Remove from Cluster
Host Name
1
Device Manager
1
Remove a member from the cluster.
Change the host name of a switch.
2
Launch Device Manage r for a swi tch .
Bandwidth Graphs Display graphs that plot the tot al bandw idth in us e by the switch.
Properties Display information about the device.
1. Available only from a cluster-management session.
2. Available from a cluster member switch but not from the command switch.
3-22
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Table 3-19 Device Popup Menu of a Candidate-Switch Icon (When the Candidate Switch Has an
Popup Menu Option Task
Add to Cluster
Device Manager
Properties Display information about the device.
1. Not available in read-only mode. For more information about the read-only and read-write access modes, see the “Access
Modes in CMS” section on page 3-29.
2. Available from a cluster member switch but not from the command switch.
Table 3-20 Device Popup Menu of a Candidate-Switch Icon (When the Candidate Switch Does Not
Popup Menu Opt ion Task
Add to Cluster
Properties Display information about the device.
1. Not available in read-only mode. For more information about the read-only and read-write access modes, see the “Access
Modes in CMS” section on page 3-29.
IPAddress)
1
2
Have an IP Address)
1
Add a candidat e t o a cl uste r.
Launch Device Mana ge r fo r a sw itch .
Add a candid at e to a c lus ter.
Interaction Modes
Table 3-21 Device Popup Menu of a Neighboring-Device Icon
Popup Menu Option Task
Device Manager
Disqualification Code Display the reason why the device could not join the cluster.
Properties Display in for mat ion abo ut t he device.
1. Available from a cluster member switch but not from the command switch.
Interaction Modes
You can change the int era c tion m ode of CM S to ei the r gu id e or expe rt m ode. Gui de mod e step s yo u
through each feature option an d provides info rmation ab out the paramete r. Expert mode displays a
configuration window in wh ich you co nfigure the f eat ur e opt ion s.
1
Access the web managem ent inter face of the device.
Note This option is available on Cisco access points, but not on Cisco IP
phones, hubs, route rs and o n u nknown d evices such as so me Cisco
devices and third-party devices.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-23
Wizards
Guide Mode
Note Guide mode is not available if your switch acc ess level is read-only. For more information about the
Chapter 3 Getting Started with CMS
read-only access mode, see the “Access Modes in CMS” section on page 3-29.
Guide mode is for users who want a step-by-step approach for completing a specific configuration task.
This mode is not available for all featur es. A menu- bar option t hat has a person icon mea ns that guid e
mode is available for that option.
When you click Guide Mode and then select a menu- bar option that supports guide m ode, CMS displays
a specific parameter of the feature with information about the parameter field. To configure the feature,
you provide the information that CMS requests in each step until you click Finish in the last step.
Clicking Cance l a t a ny time c loses a nd en ds th e co nfigurati on ta sk wi thou t a pply in g any c ha nges.
If Expert Mode is selected and you want to use guide m ode, yo u must clic k Guide Mode before
selecting an option from the menu bar, tool bar, or popup menu. If you change the interaction mode after
selecting a configuration option, the mode change does not take effect until you select another
configuration optio n.
Expert Mode
Wizards
Note Wizards are not available if your switch access level is read-only. For more information about the
Expert mode is for users who prefer to display all the parameter fields of a feature in a single CMS
window. Information about the parameter fields is available by clicking the Help button.
read-only access mode, see the “Access Modes in CMS” section on page 3-29.
Wizards simplify some configuration tasks on the switch. Similar to the guide mode, wizards provide a
step-by-step approa ch f or co mp leti ng a spe cific c onfigura tio n ta sk. U nli ke gui de m od e, a w iz ard d oe s
not prompt you to provi de i nforma ti on for al l o f the fea ture opt ions. In stead, it prompt s y ou to provide
minimal information an d then uses the default set tings of the remainin g options to set up default
configurations.
Wizards are not available for all features. A menu-bar option that has wizard means that selecting that
option launches t h e wi za rd for t h at f e atur e.
3-24
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Tool Tips
CMS displays a popup m essage wh en you move your mouse over the se devices:
• A yellow device icon in the c luste r tre e or in Topology view—A popup displays a fault me ssage,
• A red device icon in the c luste r tr ee o r in Topology view—A popup displa ys a message tha t the
If you move your mouse over a table column heading , a popup displa ys the fu ll headin g.
Online Help
CMS provides comprehensive online help to assist you i n under standing an d performi ng configurat ion
and monitoring tasks from the CM S windows (Figure 3 -11 ).
• Feature help, available from the menu ba r by selecting Help > Contents, provides background
Tool Tips
such as that the RPS is faulty or that the switch is unavailable because you are in read-only mode.
switch is down.
information and co ncepts on the feat ures.
• Dialog-specific help, available from Help on the CMS windows, provides procedures for
performing tasks.
• Index of help topic s.
• Glossary of terms used in the online help.
You can send us feedback about the in f orma tion pr ovided in the online help. Click Feedback to display
an online form. After completin g the form, click Submit to se nd your comments to Cisco. We appreciate
and value your comments.
Figure 3-11 Help Contents and Index
78-11380-05
Glossary of terms used in the online help.
Legend of icons and color codes.
Feature help, such as concepts.
Information about the CMS interface.
Catalyst 2950 Desktop Switch Software Configuration Guide
Enter the first
letters of the topic,
and click Find to
search the index.
Click Back and Forward to redisplay
previously displayed pages. Click
Feedback to send us your
comments about the online help.
3-25
65283
CMS Window Components
CMS Window Components
CMS windows consistently present configuration information. Figure 3-12 shows the components of a
typical CMS window.
Figure 3-12 CMS Window Components
Chapter 3 Getting Started with CMS
Host Name List
74796
OK saves your changes and
closes the window.
Modify displays a secondary
window from which you can
change settings.
Click a row to select it. Press Shift,
and left-click another row to select
contiguous multiple rows. Press Ctrl,
and left-click rows to select noncontiguous rows.
Click a tab to display more
information.
Apply saves your changes and leaves
the window open.
Refresh refreshes the window to display
the latest information.
Cancel closes the window without saving
the changes.
Help displays help for the window and the
menu of Help topics.
Select a cluster member from the
Host Name list to display its settings.
To display or change the configuration of a cluster member, you need to select the specific switch from
the Host Name drop-down list. The list appears in the configuration window of each feature and lists
only the cluster members that support that feature. For example, the Host Name list on the VLAN
3-26
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
window does not includ e Catal yst 1900 and Catalys t 2820 switches even though they ar e pa rt o f the
cluster. Similarly, the Host Name list on the LRE Profiles window only lists the LRE switches in the
cluster.
Tabs, Lists, and Tables
Some CMS windows have tabs that present different sets of information. Tabs are arranged like folder
headings across the top of the window. Click the tab to display its information.
Listed information can often be changed by selecting an item from a list. To change the information,
select one or more items , and c lick Modify. Changing multiple items is limited to those ite ms that apply
to at least one of the selections.
Some CMS windows present information in a table format. You can edit the information in these tables.
Note You can resize t he wi dth of th e co lumn s to di spla y th e co lumn he adi ngs , o r you c an h over your c urso r
over the heading to d isp lay a po pup desc ript ion of the co lumn.
CMS Window Components
Icons Used in Win dows
Some window have icons for sorting information in tables, for showing which cells in a table are
editable, and for displaying further information from Cisco.com (Figure 3-13).
Figure 3-13 Window Icons
Buttons
These are the most common buttons that you use to change the information in a CMS window:
• OK—Save any changes and close the window . If you made no changes, the window closes. If CMS
detects errors in your entry, the window remains open. For more information about error detection,
see the “Er ror Ch ecki ng ” se ction on page 3 -30.
• Apply—Save any changes made in the window and leave the window open. If you made no changes,
the Apply button is disabl ed.
78-11380-05
• Refresh—Update the CMS window with the latest status of the device. Unsaved changes are lost.
• Cancel—Do not save any changes made in the window and clo se the window.
• Help—Display procedure s on perfor ming tasks fro m the window.
• Modify—Disp lay the sec ondar y w ind ow for ch angi ng info rm ati on on t he se le cte d it em or it ems .
You usually select an item from a list or table and click Modify.
Catalyst 2950 Desktop Switch Software Configuration Guide
3-27
Accessing CMS
Accessing CMS
This section assumes the following:
• Y ou know the IP address and password of the command switch or a specific switch. This information
is either:
–
–
• You know your access privilege level to the switch.
• You hav e referr ed to the r elease no tes for sy stem re quiremen ts and ha v e follo wed th e proced ures for
installing the required Java plug-ins and configuring your browser.
Caution Copies of the CMS p ages you display are sa ved in your bro wser memory cache u ntil you exit the browser
session. A password is not required to redisplay these pages, including the Cisco Systems Access page.
You can access the CLI b y clicking Mo nitor the r outer - HTML ac cess to the command li ne interface
from a cached copy of the Cisco Systems Access page. To prevent unauthorized access to CMS and the
CLI, exit your browser to end the browser session.
Chapter 3 Getting Started with CMS
Assigned to the switch by following the setup program, as describ ed in the release notes.
Changed on the switch by following the information in the “Assigning Switch Information”
section on page 4-2 and “Preventing Unauthorize d Access to Your Switch” section on page 7-1.
Considerations f or a ssigni ng IP addr esses an d p asswords to a co mm an d s witc h and c luster
members are described in the “IP Addresses” section on page 6-16 and the “Passwords” section
on page 6-17.
Note If you have configured the Terminal Access Controlle r A ccess Co nt rol Syste m Plu s (TACACS+) or
Remote Authentication Dial-In User Service (RADIUS) feature on the switch, you can still access the
switch through CMS. For information about how inconsistent authentication configurations in switch
clusters can affect access through CMS, see the “TACACS+ and RADIUS” section on page 6-18.
To access CMS, follow these steps:
Step 1 Enter the switch IP address and your privilege level in the browser Location field (Netscape
Communicator) or Addre ss field (Micr osoft Inter net Ex plorer ). For example:
http://10.1.126.45:184/level/14/
where 10.1.126.45 is the switch IP address, 184 is the HTTP port, and level/1 4 is the privilege level.
You do not need to enter the HT TP port if the sw itch is u sing HTTP po rt 80 (the default) or ente r the
privilege level if you have read-write access to the switch (privilege level is 15). For information about
the HTTP port, see the “HTTP Access to CMS” section on page 3-29. For information about privilege
levels, see the “Access Modes in CMS” section on page 3-29 .
Step 2 When prompted for a username and password, enter only the switch enable password. CMS prompts you
a second time for a usernam e and password . Enter onl y the enabl e password agai n.
If you configure a loca l u ser na me a nd passwor d, m ake sure you en abl e i t by usin g t h e ip h tt p
authentication g lo bal configur ation c om mand. E nte r you r u ser na me a nd passwo rd when p rom pte d.
Step 3 Click Web Console.
If you access CM S from a st anda lon e or me mb er sw itch , D evice Manag er a ppea rs. I f you a cce ss CMS
from a command switch, you ca n display the Fron t Panel and Topology views.
3-28
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Access Modes in C MS
CMS provides two le v e ls of acce ss to the co nf igurat ion options: read-wr ite ac cess and read -only ac cess.
Privilege levels 0 to 15 are supported.
• Privilege level 15 provides you with read-write access to CMS.
• Privilege levels 1 to 14 provide you with read-only access to CMS. Any options in the CMS
windows, menu bar, toolbar, and popu p m enus t hat ch an ge t he switch or clust er co nfigurat ion a re
not shown in read-only mode.
• Privilege level 0 denies access to CMS.
If you do not include a privilege level when you access CMS, the switch verifies if you have
privilege-level 15. If you do not, you are denied ac cess to CMS. If you do have privilege-level 15, you
are granted read-write access. Therefore, you do not need to include the privilege level if it is 15.
Entering zero denies access to CMS. For more information about privilege levels, see the “Preventing
Unauthorized Access to Your Switch” section on page 7-1.
Note • If your cluster has these member switches run ning earlie r software re leases and if you have
read-only access to these memb er switches , some co nf iguration windo ws fo r those switch es dis play
incomplete information:
–
Catalyst 2900 X L o r C atal yst 3500 XL member swi tches ru nning Rel ease 12.0(5)WC2 or
earlier
Accessing CMS
–
Catalyst 2950 member sw itches runni ng Release 12.0(5)WC2 or earlier
–
Catalyst 3550 member sw itches run ning Releas e 12 .1(6)EA1 or ea rlier
For more information about this limitation, refer to the release notes.
• These switches do n ot su ppo rt r ead- only mo de on CM S:
–
Catalyst 1900 and Ca taly st 28 20
–
Catalyst 2900 XL switches with 4-MB CPU DRAM
In read-only mod e, th ese sw it ches a ppea r a s unavailable devices an d c anno t be c onfigure d from
CMS.
HTTP Access to CMS
CMS uses Hypertext Transfer Pro toc ol ( HTTP) , whi ch i s an i n- band for m of c omm unic atio n wi th the
switch through any one of its Ethern et port s and that allows switch ma nageme nt from a st andard w eb
browser. The default HTTP port is 80.
If you change the HTTP port, you mu st include the new port number w hen you enter the IP address in
the browser Location or Address field (for example, http://10.1.126.45:184 where 184 is the new HTTP
port number).
Do not disable o r otherw is e mi scon figure t he por t thro ugh w hic h your m an agem ent statio n i s
communicating w ith th e switc h. You might want to write down the p ort num ber to whi ch you are
connected. Change s to t he sw itch I P inf orm a tion sh oul d be d one w it h ca re.
For information about connecting to a switch port, refer to the switch hardware installation guide.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-29
Verifying Your Changes
Verifying Your Changes
CMS provides notification cues to help you track and confirm the changes you make.
Change Notification
A green border around a field or t abl e cel l mea ns tha t you ma de a n unsaved chan ge to the field or tabl e
cell. Previous information in that field or table cell is displayed in the window status bar. When you save
the changes or if you cancel the change, the green border disappears.
Error Checking
A red border around a field mean s that you en tered invalid data in the field. An erro r messag e also
displays in the window status bar. When you enter valid data in the field, a green border replaces the red
border until you either save or cancel the change.
If there is an error in communica ting with the switc h or if you mak e an error wh ile performing an action,
a message notifies you about the erro r.
Chapter 3 Getting Started with CMS
Saving Your Configuration
Note The Save Configuration option is not available if your switch access level is read-only. For more
information about the read-onl y access mo de, see th e “Access Modes in CMS” section on pag e 3-29.
Tip As you make cluster configuration ch ange s (except for ch anges to th e Topology view and in the
Preferences wind o w), ma ke su re th at you per iodically sa v e the configuration from the comm and switc h.
The configuration is saved on the c omma nd a nd me mb er sw it ches.
The front-panel images and CMS windows always display the running configuration of the switch.
When you make a configu ratio n cha ng e t o a s wit ch o r switc h cluste r, the change be co mes pa r t of the
running configuration. Th e c hang e d oes not automatically become part of the configuration file, which
is the startup configuration used each time the switch restarts. If you do not save your changes, they are
lost when the switch restarts.
Note Catalyst 1900 and Catalyst 2820 switches automatically save configuration changes to Flash memory as
they occur.
For CMS procedures for saving your swi tc h con figuratio n, re f er to th e on lin e he lp.
3-30
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 3 Getting Star ted with CMS
Restoring Your Configuration
After you save a switch configuration, you can restore the configuration to one or more switches for these
reasons:
• You made an in corre c t c hange to th e c ur rent runn in g configura tion a nd want t o r elo ad a saved
configuration.
• You need to reload a switch after a switch failure or power failure.
• You want to copy the configurat ion of a switc h to oth er swit ches.
For CMS procedures for restoring a sw itch configurati on, refe r to the online help.
CMS Preferences
When you exit from CMS, your CMS preferences are saved to your PC in a file called .cms_properties.
You can copy this file to other PCs. The file is store d in a default configuration dir ectory, such as
C:\Documents and Settings\username. If you cannot locate the CMS preferences file, select
Start > Search > For Files or Folders..., and search for .cms_properties.
Restoring Your Configuration
Note In previous CMS versions, the preferen ces were saved in Flash memory whe n you exited from CM S.
Using Different Versions of CMS
When managing switch clusters through CMS, remember that clusters can have a mix of switch models
using diffe rent IOS releases and that CMS in earl ier IOS release s and on dif ferent switch p latforms mi ght
look and function differently from CMS in this IOS release.
When you select Device > Device Manager for a c lus ter mem be r, a new browser session is laun ch ed ,
and the CMS version for that switch is displayed.
Here are examples of how CMS can differ betwee n IOS relea ses and swit ch platf orms:
• On Catalyst switches run ning Re le ase 12.0(5)WC2 or earlier or Rele ase 12.1(6)EA1 or earlier, the
CMS versions in those software releases might appear similar but are not the same as this release.
For example, the Topology view in this release is not the same as the Topology view or Cluster View
in those earlier software releases.
• CMS on the Catalyst 1900 and Catalyst 2820 switches is referred to as Switch Manager. Cluster
management options are not available on these switches. This is the earliest version of CMS.
Refer to the documentation specific to the switch and its IOS release for descriptio ns of the CMS version
you are using.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
3-31
Where to Go Next
Where to Go Next
Before configuring the switch, refer to these places for start-up information:
• Switch release notes on Cisco.com:
–
CMS software requ ir eme nts
–
Procedures for running t he setup progr am
–
Procedures for browser configuration
–
Procedures for acc essing CMS
• Chapter 4, “Assigning the Switch IP Addre ss and Default Gateway”
• Chapter 7, “Administering the Switch”
The rest of this guide provides information about and CLI procedures for the software features supported
in this release. For CMS procedures and window descriptions, refer to the online help.
Chapter 3 Getting Started with CMS
3-32
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
CHAPTER
4
Assigning the Switch IP Address and Default Gateway
This chapter describes how to create the initial switch configuration (for example, assign the switch IP
address and default gateway informatio n) by using a variety of automa tic and ma nual meth ods.
Note For complete syntax an d usage info rmation for th e commands u sed in this chap ter , refer to the command
reference for thi s r ele ase.
This chapter consists of these sections:
• Understanding the Boot Process, pa ge 4-1
• Assigning Switch Infor mat ion, page 4-2
• Checking and Saving the Running Configuration , page 4-10
Understanding the Boot Process
Before you can assign switch information (IP address, subnet mask, default gateway, secret and Telnet
passwords, and so for th), you ne ed t o instal l a nd power on t he s wit ch a s descr ibed in the ha rdware
installation guide th at s hi pped w ith yo ur sw itch.
The normal boot pro cess i nvolves the operatio n of t he bo ot loa der sof tware, whi ch perfo rm s the se
activities:
• Performs low-le vel CPU initializa tion. It initializes th e CPU registers, which control where physical
memory is mapped, its quantity, its speed, and so forth.
• Performs power -on self-test (POST ) for the CPU subsystem. I t tests the CPU DRAM and the portion
of the Flash device that makes up the Flash file system.
• Initializes the Flash file system on the system board.
• Loads a default operating system software image into memory and boots the switch.
The boot loader provides a ccess to the Flash f ile system before th e operating system is lo aded. Normally,
the boot loader is used only to load, uncompress, and launch the operating system. After the boot loader
gives the operating system control of the CPU, the boot loader is not active until the next system reset
or power-on.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
4-1
Assigning Switch Information
The boot loader also provides trap-door access into the system if the operating system has problems
serious enough that it cann ot be used. The trap-doo r mech anism provid es enoug h access t o the system
so that if it is necessary, you can format the Flash file system, reinstall the operating system software
image by using the XM OD EM Pr otoc ol, re c over from a lo st or forgotte n pa ssword, an d finall y res tart
the operating system. For more information, see the “Recovering from Corrup ted So ftware” section on
page 27-2 and the “Recovering from a Lost or Forgotten Password” section on page 27-2.
Before you can assign switch information, make sure you have connected a PC or terminal to the console
port, and configured the PC or ter minal-e mulat ion software baud rate an d chara cter format to match
those of the switch console port. For more information, refer to the hardware installation guide that
shipped with your switch.
Assigning Switch Information
You can assign IP information through the switch setup program, through a Dynamic Host Configuration
Protocol (DHCP) server, or manually.
Use the switch setup program if you are a new user and want to be prompted for specific IP information.
With this program, you can also configure a host name and an enable secr et password. It gives you the
option of assigning a Telnet password (to provide security during remote management) and configuring
your switch as a command o r member s witch of a cluster or as a st andalone switch. F or more i nformation
about the setu p prog ram, r efe r to t he r ele as e note s o n C is co. com.
Use a DHCP server for centralized control and automatic assignment of IP information once the server
is configured.
Chapter 4 Assigning the Switch IP Address and Default Gateway
Note If you are using DHCP, do not respond to any of the questions in the setup program until the sw itch
receives the dynamically-assigned IP address and reads the configuration file.
Use the manual met hod of con figura tio n if y ou are a n expe rie nced u ser fam il iar w ith the swi tc h
configuration steps; o ther wise, use th e setup p ro gra m de scri bed e arl ier.
This section conta ins th is c onfiguratio n i nfor ma tion:
• Default Switch Informatio n, page 4-3
• Understanding DHCP-Based A utoconfigurat ion, page 4-3
• Manually Assigning I P In forma ti on, p age 4-1 0
4-2
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 4 Assigning the Switch IP Addres s and Default Gateway
Default Switch Information
Table 4-1 shows the default switch information.
Table 4-1 Default Switch Information
Feature Default Setting
IP address and subnet ma sk No IP address or su bnet m ask a re d efined.
Default gateway No default gateway is defined.
Enable secret password No password is defined.
Host name The factory-assigned default host name is Switch.
Telnet password No password is defined.
Cluster command switch functionality Disabled.
Cluster name No cluster name is d efined.
Understanding DHCP-Based Autoconfiguration
Assigning Switch Information
The DHCP provides configuration information to Internet hosts and internetworking devices. This
protocol consists of t wo comp onent s: on e f or d elivering co nfigurati on p aram ete rs fro m a DHC P ser ver
to a device and a mechanism for allocating network addresses to devices. DHCP is built on a
client-server model, in whic h designa ted DHCP servers allo cate net work address es and deliver
configuration param ete rs to d ynami cal ly co nfigured devices.
During DHCP-based autoconfigur ation, you r switch (DH CP client) is au tomatica lly configured at
startup with IP address info rmati on and a co nfiguration file.
With DHCP-based autoconfiguration, no DHCP client-sid e configurati on is needed on your switc h.
However , you need to configure the DHCP server for various lease options associated with IP addresses.
If you are using D HC P to rel ay t he c on figurati on file loca tio n o n the net work, you mig ht al so ne ed to
configure a Trivial File Transfer Protocol (TFTP) server and a Domain Name System (DNS) server.
The DHCP server can be on the same LAN or on a different LAN than the switch. If the DHCP server
is running on a di fferent LAN , yo u sh ould c onfigure a D HCP r ela y. A relay device forward s b roadc as t
traffic between two directly connect ed LAN s. A router does not fo rward broa dcast packet s, but it
forwards packets based on the destination IP address in the received packet.
DHCP-based autoconfiguration replaces the BOOTP client functionality on your switch.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
4-3
Assigning Switch Information
DHCP Client Request Process
When you boot your swi tch , t he D HCP c li ent is invoked and auto mat ical ly r eque sts configura tion
information from a DHCP server when the configuration file is not present on the switch.
Figure 4-1 shows the sequence of message s tha t are e xcha nged betw een the DHC P clien t and th e DHCP
server.
Figure 4-1 DHCP Client and Server Message Exchange
Switch A
The client, Switch A, broadcasts a DHCPDISCOVER message to locate a DHCP server. The DHCP
server offers configuration parameters (such as an IP address, subnet mask, gateway IP address, DNS IP
address, a lease for the IP address, and so forth) to the client in a DHCPOFFER unicast message.
DHCPDISCOVER (broadcast)
DHCPOFFER (unicast)
DHCPREQUEST (broadcast)
DHCPACK (unicast)
Chapter 4 Assigning the Switch IP Address and Default Gateway
DHCP server
51807
In a DHCPREQUEST br oadc ast me ssage , the cli ent ret urns a fo rm al r eque st f or the offered
configuration information to the DHCP server. The formal request is broadcast so that all other DHCP
servers that received the DHCPDISCOVER broadcast message from the client can reclaim the IP
addresses that they offered to the client.
The DHCP server confirms that the IP address has been allocated to the client by returning a DHCPACK
unicast message to the client. With this message, the client an d server are boun d, and the c lient use s
configuration information received from the server. The amount of information the switch receives
depends on how you configure the DHCP server. For more information, see the “Configuring the DHCP
Server” section on page 4-5.
If the configuration parameters sent to the client in the DHCPOFFER unicast message are invalid (a
configuration error e xi sts), the cli en t returns a DHCPDECL INE broa dcast messa ge to the DHCP server.
The DHCP server sends the client a DHCPN AK denial broadcast message, which mean s that the of fered
configuration parameters have not been assigned, that an error has occurred during the negotiation of the
parameters, or that the client has been slow in responding to the DHCPOFFER message (the DHCP
server assigned the par am eters t o an othe r cl ien t).
A DHCP client might receive offers from multiple DHCP or BOOTP servers and can accept any of the
offers; however, the client usually accepts the first offer it receives. The offer from the DHCP server is
not a guarantee that the IP address is allocated to the client; however, the server usually reserves the
address until the client has had a chance to formally request the address. If the switch accepts replies
from a BOOTP server and configures itself, the switch broadcasts, instead of unicasts, TFTP requests to
obtain the switch configurati on file.
4-4
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 4 Assigning the Switch IP Addres s and Default Gateway
Configuring the DHCP Server
You should configure the DHCP server with reserved leases that are bound to each switch by the switch
hardware address.
If you want the switch to recei ve IP address information, yo u must configure th e DHCP server with these
lease options:
• IP address of the client (requi red)
• Subnet mask of the client (requ ired)
• DNS server IP address (optional)
• Router IP address (d efaul t gat eway addres s t o be us ed by t he sw itch ) ( requ ir ed)
If you want the switch to receive the configuration file from a TFTP server, you must configure the
DHCP server with these lease options:
• TFTP server name (requ i red)
• Boot filename (the n ame of the con figurat ion file tha t the c lien t ne e ds) (r ec omme nde d)
• Host name (optiona l)
Depending on the settings of the DHCP server, the switch can receive IP address information, the
configuration file, or bot h.
Assigning Switch Information
If you do not configure the DHCP server w ith the leas e option s describe d earli er, it replies to client
requests with only those parameters that are configured. If the IP address and subnet mask are not in the
reply , the s witch is no t config ured. If th e router IP address o r TFTP ser ver name are not f ound, the swi tch
might send broadcast, instead of unicast, TFTP requests. Unavailability of other lease options does not
affect autoconfiguration .
The DHCP server can be on the same LAN or on a different LAN than the switch. If the DHCP server
is running on a di fferen t LAN , yo u shoul d configur e a DH CP r ela y. For more informat ion , see th e
“Configuring the Relay Device” section on page 4-6. If your DHCP server is a Cisco device, refer to the
“IP Addressing and Services” section in the Cisco IO S IP and IP Routi ng Configuration Guide f or
Release 12.1.
Configuring the TFTP Server
Based on the DHCP server configuration, the switch attempts to download one or more configuration
files from the TFTP server. If you configured the DHCP server to respond to the switch with all the
options required for IP connectivity to the TFTP server, and if you configured the DHCP server with a
TFTP server name, address, and configuration filename, the switch attempts to download the specified
configuration file from the specified TFTP server.
If you did not specify the configuration filename, the TFTP server, or if the configuration file could not
be downloaded, the switch attempts to download a configuration file by using various combinations of
filenames and TFTP serv er addresses. Th e file s include the specif ied conf igurati on file name (if any ) and
these files: network-config, cisconet.cfg, hostname.config, or hostname.cfg, whe re host nam e is the
switch’s current hostname. The TFTP server addresses used include the specified TFTP server address
(if any) and the broadcast add ress (255.2 55.255 .255).
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
4-5
Assigning Switch Information
For the switch to successfully download a configuration fi le, the TFTP server must contain one or more
configuration files in its b ase dire cto ry. The files can includ e thes e files:
• The configuration file named in the DHCP reply (t he actual sw itch co nfiguration file).
• The network-confg or the c isconet .cfg file (known as the defaul t configuration files).
• The router-confg or the cisc ortr.cfg file (These files contain comm ands com mon to all switche s.
If you specify the T FT P se rver na me i n the DH CP s erver-leas e da taba se, you m ust a lso co nfigure the
TFTP server name-to-IP-address mapping in the DNS-server database.
If the TFTP serve r to be used is on a dif ferent LAN f rom the switch, or if it is to be accessed b y the switch
through the broadcast addr ess (whic h occurs if the DHCP server respon se does not co ntain all t he
required information described earlier), a relay must be configured to forward the TFTP packets to the
TFTP server. For more information, see the “Configuring the Rela y Device” section on page 4-6. The
preferred solution is to configure the DHCP server with all the required information.
Configuring the DNS
The DHCP server uses the DNS server to resolve the TFTP server name to an IP address. You must
configure the TFTP ser ver n ame- to-I P addr e ss map on the D NS server. The TFTP server contai ns t he
configuration files for the switch.
Chapter 4 Assigning the Switch IP Address and Default Gateway
Normally, if the DHCP and TFTP servers are properly configured, these files are not accessed.)
You can configure the IP addresses of th e DNS servers in the lea se database of the DHCP server from
where the DHCP replies will retrie v e them. You can enter up to two DNS server I P addresses in the lea se
database.
The DNS server can be on the same or on a different LAN as the switch. If it is on a different LAN, the
switch must be able to access it through a router.
Configuring the Relay Device
You must configure a relay device when a switch sen ds broadca st packets that nee d to be responde d to
by a host on a different LAN. Examples of broadcast packets that the switch might send are DHCP , DNS,
and in some cas es, T FTP pa ckets. You must configure this relay device to f or ward r ece ived broadc ast
packets on an interface to the destination host.
If the relay device is a Ci sco ro ut er, enable I P rou ting (ip routing global configur ati on co mman d), an d
configure helper add resse s by using the ip helper-address interface configuration co mm an d.
For example, in Figure 4- 2, configure t he route r interfaces as follows:
On interface 1 0. 0.0 .2:
router(config-if)# ip helper-address 20.0.0.2
router(config-if)# ip helper-address 20.0.0.3
router(config-if)# ip helper-address 20.0.0.4
On interface 2 0. 0.0 .1
router(config-if)# ip helper-address 10.0.0.1
4-6
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 4 Assigning the Switch IP Addres s and Default Gateway
Figure 4-2 Relay Device Used in Autoconfiguration
Assigning Switch Information
Switch
(DHCP client)
10.0.0.1
20.0.0.2 20.0.0.3
DHCP server TFTP server DNS server
Obtaining Configuration Files
Depending on the availability of the IP address and the configuration filename in the DHCP reserved
lease, the switch obtains its configuration information in these ways:
• The IP address and the co n figuration filename i s res er ved for the switch and provi de d in t he DHCP
reply (one-file read method).
The switch rece ives its IP addres s, subn et mas k, TFTP server add res s, and th e configur ation
filename from the DHCP server. The switch sends a unicast message to the TFTP server to retrieve
the named configuration file from t he ba se d irec tor y o f th e se rver, and upon rec eip t, com pl etes its
boot-up process.
Cisco router
(Relay)
10.0.0.2
20.0.0.1
20.0.0.4
49068
• The IP address and the configuration filename is reserved for the switch, but the TFTP server
address is not provided in the DHCP reply (one-file read method).
The switch receives its IP address, subn et mask, and the configuratio n filename from t he DHCP
server. The switch sends a broadcast message to a TFTP server to retrieve the named configuration
file from the base di rec tory of the s erver, and upon rec eipt, c ompl ete s its boot -up pro cess.
• Only the IP address is reserved for the switch and provided in the DHCP reply. The configuration
filename is not provided (two-file read method).
The switch receives its IP address, subnet mask, and the TFTP server address from the DHCP server.
The switch sends a unicast message to the TFTP server to retrieve the network-confg or cisconet.cfg
default configur ation file. (If the netw ork-confg file cann ot be read, the switch reads the cisconet.cfg
file.)
The default configuration file contains th e host names-t o-IP-ad dress mappi ng for the switch. Th e
switch fills its host table with the informati on in the file and obtains its host name. If the host name
is not found in the file, the swi tc h us es t he h ost n ame in th e DHCP re ply. If the host na me i s n ot
specified in the DHCP reply, the switch uses the default Switch as its host name.
After obtaining its host name from the default config uration file or the DHCP reply, the switch reads
the configuration file that has the same name as its host name (hostname-confg or hostnam e.cfg,
depending on whether network-confg or cisconet.cfg was read earlier) from the TFTP server. If the
cisconet.cfg file is read, the filename of the host is truncated to eight characters.
If the switch ca nno t re ad t he ne twork- co nfg, ci scon et. cf g, or t he h ost name file, i t read s t he
router-confg file. If the switc h cannot rea d the rou ter-confg file, it re ads the ci scortr.cfg file.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
4-7
Assigning Switch Information
Note The switch broadcasts TFTP server requests if the TFTP server is not obtained from the DHCP replies,
if all attempts to read the configuration file through unicast transmissions fail, or if the TFTP server
name cannot be r eso lved t o an I P a ddr ess.
Example Configuration
Figure 4-3 shows a sample network for retrieving IP information by using DHCP-based autoconfiguration.
Figure 4-3 DHCP-Based Autoconfiguration Network Example
Chapter 4 Assigning the Switch IP Address and Default Gateway
Switch 1
00e0.9f1e.2001
Cisco router
10.0.0.10
DHCP server DNS server TFTP server
Switch 2
00e0.9f1e.2002
10.0.0.1
Switch 3
00e0.9f1e.2003
10.0.0.2 10.0.0.3
(maritsu)
Switch 4
00e0.9f1e.2004
49066
Table 4-2 shows the configuration of the reserved leases on the DHCP server.
Table 4-2 DHCP Server Configuration
Switch-1 Switch-2 Switch-3 Switch-4
Binding key
00e0.9f1e.2001 00e0.9f1e.2002 00e0.9f1e.2003 00e0.9f1e.2004
(hardware address)
IP ad dres s 10.0.0.21 10.0.0.22 10.0.0.23 10.0.0.24
Subn e t mask 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
Router address 10.0.0.10 1 0.0.0 .10 10.0.0.10 10.0.0.10
DNS server addre ss 10.0.0.2 10.0.0.2 10.0.0.2 10.0.0.2
TFTP server name maritsu or 10.0.0.3 m aritsu or 10.0. 0.3 maritsu or 10.0.0.3 maritsu or 10.0.0.3
Boot filename
switch1-confg switch2-confg swit ch3- co nfg switch4-confg
(configuration file)
(optional)
Host name (optional) switch1 switch2 switch3 switch4
4-8
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 4 Assigning the Switch IP Addres s and Default Gateway
DNS Server Configuration
The DNS server maps th e TFT P server nam e mar i tsu to IP address 10.0.0.3 .
TFTP Server Configuration (on UNIX)
The TFTP server base directory is set to /tftpserver/work/. This directory contains the network-confg file
used in the two-file read method. This file contains the host name to be assigned to the switch based on
its IP address. The base director y also conta ins a configurat ion file for each switc h (switch1-confg,
switch2-confg, and so forth) as shown in this display:
prompt> cd /tftpserver/work/
prompt> ls
network-confg
switch1-confg
switch2-confg
switch3-confg
switch4-confg
prompt> cat network-confg
ip host switch1 10.0.0.21
ip host switch2 10.0.0.22
ip host switch3 10.0.0.23
ip host switch4 10.0.0.24
Assigning Switch Information
DHCP Client Configuration
No configuration file is pres ent o n Sw itch 1 thr ough Sw itch 4.
Configuration Explanation
In Figure 4-3, Switch 1 reads its configuration file as follows:
• It obtains its I P add re ss 10 .0.0 .21 f rom th e D HC P ser ver.
• If no configuration filen ame is g iven in th e DHC P se rver re ply, Switch 1 read s t he n etwor k-co nfg
file from the base dire cto ry of t he T FT P se rver.
• It adds the contents of the network-confg file to its host table.
• It reads its host ta ble by indexing i ts I P a ddress 10 .0. 0.21 t o its host na me (swi tch1) .
• It reads the configu ratio n file that corresponds to its host name; for e x ampl e, it re ads switch1-confg
from the TFTP server.
Switches 2 through 4 r etr ieve their co nfiguration files and I P a ddresse s in the same way.
78-11380-05
Catalyst 2950 Desktop Switch Software Configuration Guide
4-9
Checking and Saving the Runnin g Configuration
Manually Assigning IP Information
Beginning in privileged EXEC mode, follow these steps to manually assign IP information to multiple
switched virtual int erfa ces ( SV Is) or po rts:
Command Purpose
Step 1
Step 2
Step 3
Step 4
Step 5
configure terminal Enter global configuration mod e.
interface vlan vlan-id Enter interface configuration mode, and enter the VLAN to which th e IP
information is a ssigne d. T he ran ge is 1 t o 4094 w h en the enh an ced
software image is installe d and 1 to 1001 wh en the stand ard soft ware
image is installed; do not enter leading zeros.
ip address ip-address subnet-mask Enter the IP address and subnet ma sk.
exit Return to global configur ation m ode.
ip default-gateway ip-address Ent er th e IP a ddress of the n ext-hop ro uter int erfa ce t hat is di rec tly
connected to the switch where a default gateway is being configured. The
default gateway receives IP packets w ith un re solved d estina ti on IP
addresses from the switch.
Once the default ga teway is configure d, the switch has co nnectivity t o the
remote networks with which a host needs to communicate.
Chapter 4 Assigning the Switch IP Address and Default Gateway
Note When your switch is config ured t o route with IP, it does not need
to have a default gateway set.
Step 6
Step 7
Step 8
end Return to privileged EXEC mode.
show running-config Verify your e ntri es.
copy running-config startup-config (Optional) Save your entries in the configurati on file.
To remove the switch IP address, use the no ip address interface configuratio n comma nd. If yo u are
removing the address through a Telnet session, your connection to the switch will be lo st. To remove the
default gateway address, us e t he no ip default-gateway global configura tion comma nd.
For information on setting the switch system name, protecting access to privileged EXEC commands,
and setting time and cale ndar ser vices, see Chapter 7, “Administering the Switch. ”
Checking and Saving the Running Configuratio n
You can check the configurati on sett ings you enter ed or chang es you mad e by entering th is privileged
EXEC command:
Switch# show running-config
Building configuration...
Current configuration : 2081 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log datetime
no service password-encryption
service sequence-numbers
4-10
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Loading...