Cisco 2950 - Catalyst Switch, Catalyst 2955 Configuration Manual

Page 1
Corporate Headquarters
Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
Cisco IOS Release 12.1(20)EA2 May 2004
Customer Order Number: DOC-7811380= Text Part Number: 78-11380-10
Page 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS M ANUAL ARE SUBJECT TO CHA NGE WITHOUT NO TICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSI BILITY FOR THEIR APPLICA TION OF ANY PRODUCT S.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORT H IN THE INFORMATION PACKET T HAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP head er compressi on is an adap tation of a program developed by the Universi ty of Ca lifornia, Berk eley (UCB) as part of UCB ’s public domain version of the UNIX operatin g system. All rights reserved . Copyri ght © 1981 , Rege nts of the Uni versity of Calif ornia.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THE SE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAI M ALL WARRANTIE S, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NO NINFRINGEM ENT OR ARISING FROM A COURS E OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING , WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE S.
CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Network mark, Cisco Unity, Follow Me Browsing, FormShare, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generat ion, Ent erprise/ Solver , EtherChan nel, EtherFast, EtherSw itch , Fast Step, GigaDriv e, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0403 R)
Catalyst 2950 and Catalyst 295 5 Swit ch Software Configuration Gui de
Copyright © 2001–2004 Cisco Sy stems , Inc. Al l rights r eserved 4
Page 3
iii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CONTENTS
Preface xxix
Audience xxix Purpose xxix Conventions xxx Related Publications xxxi Obtaining Documentation xxxi
Cisco.com xxxi
Ordering Documentation xxxii Documentation Feedback xxxii Obtaining Technical Assistance xxxii
Cisco Technical S upport Website xxxiii
Submitting a Service Request xxxiii
Definitions of Service Request Severity xxxiii Obtaining Additional Publications and Information xxxiv
CHAPTER
1 Overview 1-1
Features 1-1 Management Options 1-8
Management Interf ace Options 1-8
Advantage s of Us in g CMS and Cluster ing Switches 1-9 Network Configuration Examples 1-10
Design Concepts for Using the Switch 1-10
Small to Medium-Sized Network Configuration 1-13
Collapsed Backbone and Switch Cluster Configuration 1-14
Hotel Network Confi guration 1-15
Service-Provider Central-Office Configuration 1-18
Large Campus Configuration 1-19
Multidwelling Network Using Catalyst 2950 Switches 1-20
Long-Distance, High-Bandwidth Transport Configuration 1-22 Where to Go Next 1-22
Page 4
Contents
iv
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CHAPTER
2 Using the Command-Line Interface 2-1
Cisco IOS Command Modes 2-1 Getting Help 2-3 Abbreviating Commands 2-4 Using no and default Forms of Commands 2-4 Understanding CLI Messages 2-5 Using Command History 2-5
Changing the Command Hi story Buffer Size 2-5 Recalling Commands 2-6 Disabling the Command History Feature 2-6
Using Editing Features 2-6
Enabling and Disa bling Editing Features 2-6 Editing Commands through Keystrokes 2-7
Editing Command Lines that Wrap 2-8 Searching and Filtering Output of show and more Commands 2-9 Accessing the CLI 2-9 Accessing the CLI from a Browser 2-10
CHAPTER
3 Configuring Catalyst 2955 Switch Alarms 3-1
Understanding Catalyst 2955 Switch Alarms 3-1
Global Status Monitoring Alarms 3-2
FCS Error Hysteres is Threshold 3-2
Port Status Monitoring Alarms 3-3
Triggering Alarm Options 3-3 Configuring Catalyst 2955 Switch Alarms 3-4
Default Catalyst2955 Switch Alarm Configura tion 3-4
Configuring the Power Supply Alarm 3-5
Setting the Power Mode 3-5 Setting the Power Su pply Alarm Options 3-5
Configuring th e Switch Temperature Alarms 3-6
Setting a Secondary Temperature Threshold for the Swi tch 3-6 Associatin g th e Te m p er ature Alarms to a R ela y 3-7
Configuring the FCS Bit Error Rate Alarm 3-7
Setting the FCS Err or Threshold 3-8 Setting the FCS Error Hysteresis Threshold 3-8
Page 5
Contents
v
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring Alarm Profiles 3-9
Creating or Modifyi ng an Alarm Profile 3-9 Attaching an Alarm Profile to a Specific Port 3-10
Enabling SNMP Traps 3-11
Displaying Cata lyst 2955 Switch Alarms Statu s 3-11
CHAPTER
4 Getting Started with CMS 4-1
Understanding CMS 4-1
Front Panel View 4-1 Topology View 4-2 CMS Menu Bar, Toolbar, and Fe ature Bar 4-2 Online Help 4-5 Configuration Modes 4-5
Guide Mode 4-5
Expert Mode 4-6 Wizards 4-6 Privilege Lev el s 4-7 Access to Olde r Sw itches in a Cluste r 4-7
Configuring CMS 4-7
CMS Requirements 4-8
Minimum Hardware Configurati on 4-8
Operating System and Browser Support 4-8
CMS Plug-In 4-9 Cross-Platform Considerations 4-9 HTTP Access to CMS 4-9
Specifying an HTTP Port (Nondefault Configuration Only) 4-10
Configuring an Authentication Method (Nondefault Configuration Only) 4-10
Displaying CMS 4-10
Launching CMS 4-10 Front Panel View 4-13 Topology View 4-14 CMS Icons 4-15
Where to Go Next 4-15
Page 6
Contents
vi
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CHAPTER
5 Assigning the Switch IP Address and Default Gateway 5-1
Understanding the Boot Process 5-1 Assigning Switch Information 5-2
Default Switch Information 5-3 Understanding DHCP-Based Autoconfiguration 5-3
DHCP Client Request Process 5-4
Configuring DHCP-Based Autoconfiguration 5-5
DHCP Server Configuration Guidelines 5-5 Configuring the TFTP Server 5-6 Configuring the DNS 5-7 Configuring the Relay Device 5-7 Obtaining Configuration Files 5-8 Example Configuration 5-9
Manually Assigning IP Information 5-10 Checking and Saving the Running Configuration 5-11 Modifying the S ta rtup Configurat ion 5-11
Default Boot Configuration 5-12
Automatically Downloading a Configuration File 5-12
Specifying the Filename to Read and Write the System Configuration 5-12
Booting Manually 5-13
Booting a Specific Software Image 5-13
Controlling Environment Variables 5-14 Scheduling a Reload of the Software Image 5-16
Configuring a Scheduled Reload 5-16
Displaying Sched uled Reload Information 5-17
CHAPTER
6 Configuring IE2100 CNS Agents 6-1
Understanding IE2100 Series Configuration Registrar Software 6-1
CNS Configuration Service 6-2
CNS Event Service 6-3
NameSpace M a pper 6-3
What You Should Know About ConfigID, DeviceID, and Host Name 6-3
ConfigID 6-3 DeviceID 6-4 Host Name and DeviceID 6-4 Using Host Name, DeviceID, and ConfigID 6-4
Page 7
Contents
vii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Understanding CNS Embedded Agents 6-5
Initial Configuration 6-5 Incremental (P ar tia l ) Co nf ig ur ation 6-6 Synchronized Configuration 6-6
Configuring CNS Embe dded Agents 6-6
Enabling Automate d CNS Configuration 6-6 Enabling the C NS Ev e nt Agent 6-8 Enabling the CNS Configuration Agent 6-9
Enabling an Initial Configuration 6-9 Enabling a Partial Configuration 6-12
Displaying CNS Configuration 6-13
CHAPTER
7 Clustering Switches 7-1
Understanding Switch Clusters 7-2
Command Switch Characteristics 7-3 Standby Command Switch Characteristics 7-3 Candidate Switch and Member Switch Characteristics 7-4
Planning a Sw itc h Cluster 7-5
Automatic Discove ry of Cluster Candidates and Members 7-5
Discovery th ro ug h CD P H op s 7-6 Discovery through Non-CDP-Capable and Noncluster-Capable Devices 7-7 Discovery through the Same Management VLAN 7-8 Discovery through Di fferent Management VLANs 7-9 Discovery of Newly Installed Switches 7-10
HSRP and Standby Command Switches 7-11
Virtual IP Addres s es 7-12 Other Considerations for Cluster Standby Groups 7-12
Automatic Recovery of Cluster Configuration 7-14 IP Addresses 7-14 Host Names 7-15 Passwords 7-15 SNMP Community Strings 7-15 TACACS+ and RADIUS 7-16 Access Modes in CMS 7-16 Management VLAN 7-16 LRE Profiles 7-17 Availability of Switch-Specific Features in Switch Clusters 7-17
Page 8
Contents
viii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Creating a Switch Cluster 7-18
Enabling a Command Switch 7-18 Adding Member Switches 7-19 Creating a Cluster Standby Group 7-21 Verifying a Switch Cl uster 7-22
Using the CLI to Manage Switch Clusters 7-23
Catalyst1900 and Catalyst2820 CLI Considerations 7-24
Using SNMP to Manage Sw itch Clusters 7-24
CHAPTER
8 Administering the Switch 8-1
Managing the System Time and Date 8-1
Understanding the System Clock 8-1 Understanding Network Time Protocol 8-2 Configuring NTP 8-3
Default NTP Config uration 8-4 Configuring NTP Authentication 8-4 Configuring NTP Associations 8-6 Configuring NTP Broadcast Service 8-7 Configuring NTP Ac cess Restrictions 8-8 Configuring the Source IP Address for NTP Packets 8-10 Displaying the NTP C onfiguration 8-11
Configuring Ti me and Date Manually 8-11
Setting the System Clock 8-12 Displaying the Time and Date Configuration 8-12 Configuring the Time Zone 8-13 Configuring Summer Time (Daylight Saving Time) 8-14
Configuring a System Name and Prompt 8-16
Default System Name and Prompt Configuration 8-16 Configuring a System Name 8-16 Configuring a System Prompt 8-17 Understanding DNS 8-17
Default DNS Configuration 8-18 Setting Up DNS 8-18 Displaying the DNS Configuration 8-19
Creating a Banner 8-19
Default Banner Con figuration 8-19 Configuring a Message-of-the-Day Login Banner 8-20 Configuring a Login Banner 8-21
Page 9
Contents
ix
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Managing the MAC Address Table 8-21
Building the Address Table 8-22 MAC Addresses and VLANs 8-22 Default MAC Address Tab le Configuration 8-23 Changing the Addres s Aging Time 8-23 Removing Dynamic Address Entries 8-24 Configuring MAC Address Notification Traps 8-24 Adding and Removing Static Address Entries 8-26 Configuring Unicast MAC Address Filtering 8-27 Displaying Addre ss Table Entries 8-28
Managing the ARP Table 8-28
CHAPTER
9 Configuring Switch-Based Authentication 9-1
Preventing Unauthorized Access to Your Switch 9-1 Protecting Access to Privileged EXEC Commands 9-2
Default Password and Privilege Level Configuration 9-2 Setting or Changing a Static Enable Password 9-3 Protecting Enable and Enable Secret Passwords with Encryption 9-4 Disabling Password Recovery 9-5 Setting a Telnet Password for a Terminal Line 9-6 Configuring User name and Password Pairs 9-7 Configuring Multiple Privilege Levels 9-8
Setting the Priv ilege Level for a Command 9-8
Changing the Default Privilege Level for Lines 9-9
Logging into and Exiting a Privilege Level 9-10
Controlling Switch Access with TACACS+ 9-10
Understanding TACACS+ 9-10 TACACS+ Operation 9-12 Configuring TACACS+ 9-12
Default TACACS+ Confi guration 9-13
Identifying the TACACS+ Server Host and Setting th e Authentication Key 9-13
Configuring TACACS+ Login Authentication 9-14
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 9-16
Starting TACACS+ Accounting 9-17 Displaying the TA CACS+ Configuration 9-17
Controlling Switch Access with RADIUS 9-18
Understanding RADIUS 9-18 RADIUS Operation 9-19
Page 10
Contents
x
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring RADIUS 9-20
Default RADIUS Configu ration 9-20 Identifying the RADIUS Server Host 9-21 Configuring RADI US Login Authentication 9-23 Defining AAA Server Groups 9-25 Configuring RADIUS Authorization for User Privileged Access and Network Services 9-27 Starting RADIUS Accounting 9-28 Configuring Set tings for All RADIUS Servers 9-29 Configuring the Switch to Use Vendor-Specific RADIUS Attributes 9-29 Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 9-30
Displaying the RADIUS Configuration 9-31 Configuring the Switch for Local Authentication and Authorization 9-32 Configuring the Switch for Secure Shell 9-33
Understanding SSH 9-33
SSH Servers, Integrated Clients, and Supported Versions 9-33 Limitations 9-34
Configuring SSH 9-34
Configuration Guidelines 9-34 Cryptographic Software Image Guidelines 9-35 Setting Up the Switch to Run SSH 9-35 Configuring the SSH Server 9-36
Displaying the SS H C onfiguration and Status 9-37
CHAPTER
10 Configuring 802.1x Port-Based Authentication 10-1
Understanding 80 2.1x Port-Based Authentication 10-1
Device Roles 10-2
Authentication Initiation and Message Exchange 10-3
Ports in Authorized and Unauthorized States 10-4
802.1x Accounting 10-5
Supported Topologies 10-5
Using 802.1x with Port Security 10-6
Using 802.1x with Voice VLAN Ports 10-7
Using 802.1x with VLAN Assignment 10-7
Using 802.1x with Guest VLAN 10-8 Configuring 802.1x Authentication 10-9
Default 802.1x Configuration 10-9
802.1x Configuration Guidelines 10-10
Upgrading from a Previous Software Release 10-11
Enabling 802.1x Authentication 10-11
Page 11
Contents
xi
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring th e Switch-to-RADIUS-Server Communic ation 10-13 Enabling Periodic Re-Authentication 10-14 Manually Re-Authenticating a Client Connected to a Port 10-15 Changing the Quiet Period 10-15 Changing the Switch-to-Client Retransmission Time 10-15 Setting the Switch-to-Client Frame-Retransmission Number 10-16 Configuring the Host Mode 10-17 Configuring a Guest VLAN 10-18 Resetting the 802.1x Configuration to the Default Values 10-18 Configuring 802.1x Authentication 10-19 Configuring 802.1x Accounting 10-20
Displaying 802.1x Statistics and Status 10-21
CHAPTER
11 Configuring Interface Characteristics 11-1
Understanding Interface Types 11-1
Access Ports 11-2 Trunk Ports 11-2 Port-Based VLANs 11-3 EtherChannel Por t Groups 11-3 Connecting Interfaces 11-4
Using the Interface Command 11-4
Procedures for Configuring Interfaces 11-5 Configuring a Range of Interfaces 11-5 Configuring and Using Interface-Range Macros 11-7
Configuring Ethernet Interfaces 11-8
Default Etherne t Interface Configuration 11-9 Configuring Interface Speed and Duplex Mode 11-10
Configuration Guidelines 11-10 Setting the Inte rface Speed and Duplex Parameters on a Non-LRE Switch Port 11-12
Setting the Interface Speed and Duplex Parameter s on an LRE Switch Port 11-12 Configuring Media Types for Gigabit Ethernet Interfaces on LRE Switches 11-13 Configuring IEEE 802.3z Flow Control on Giga bit Ethernet Ports 11-13 Adding a Description for an Interface 11-14
Monitoring and Maintaining the Interfaces 11-15
Monitoring Interface and Controller Status 11-15 Clearing and Reset ting Interfaces and Counters 11-16 Shutting Down and Restarting the Interface 11-17
Page 12
Contents
xii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CHAPTER
12 Configuring Smartports Macros 12-1
Understanding Smartports Macros 12-1 Configuring Smar tports Macros 12-2
Default Smartports Macro Configuration 12-2 Smartports Macro Con figuration Guidelines 12-3 Creating Smartports Macros 12-4 Applying Smartports Macros 12-5 Applying Cisco-default Smartports Macros 12-6
Displaying Smartports Macros 12-8
CHAPTER
13 Configuring LRE 13-1
Understanding LRE Features 13-1
Ports on the Cat alyst 2950 LRE Sw itc h es 13-1 LRE Links and LRE Profiles 13-2
LRE Profiles 13-2 LRE Sequences 13-5
CPE Ethernet Links 13-6 LRE Link Monitor 13-7 LRE Message Logging Pr ocess 13-8
Configuring LRE Ports 13-8
Default LRE Confi guration 13-9 Environmental Guidelines for LRE Links 13-9 Guidelines for Us ing LRE Profiles 13-10 CPE Ethernet Link Guidelines 13-11
Guidelines for Co nfiguring Cisco 575 LRE CPEs and 5 76 LRE 997 CPEs 13-11
Guidelines for Co nfiguring Cisco 585 LRE CPEs 13-12 Assigning a Global Profile to All LRE Ports 13-12 Assigning a Profile to a Specific LRE Port 13-13 Assigning a Global Sequence to All LRE Ports 13-13 Assigning a Sequence to a Speci f ic LR E Po rt 13-14 Using Rate Selection to Automatically Assign Profiles 13-14
Precedence 13-15
Profile Lockin g 13-15
Link Qualification and SNR Margins 13-16 Configuring LRE Link Persistence 13-19 Configuring LRE Link Monitor 13-20 Configuring LRE Interleave 13-20 Configuring Upst ream Power Back-Off 13-21
Page 13
Contents
xiii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring CPE Toggle 13-22 Configuring Syslog Export 13-22
Upgrading LRE Switch Firmware 13-23
Configuring for an LRE Upgrade 13-24 Performing an LRE Upgrade 13-24
Global Configuration of LRE Upgrades 13-25 Controller Configuration of LRE Upgrades 13-25
LRE Upgrade Details 13-26
LRE Upgrade Example 13-26
Displaying LRE Status 13-27
CHAPTER
14 Configuring STP 14-1
Understanding Spanning-Tree Features 14-1
STP Overview 14-2 Spanning-Tree To pology and BPDUs 14-3 Bridge ID, Switch Priority, and Extended System ID 14-4 Spanning-Tree I nterface States 14-4
Blocking State 14-6 Listening State 14-6 Learning State 14-6 Forwarding State 14-6
Disabled State 14-7 How a Switch or Port Becomes the Root Switch or Root Port 14-7 Spanning Tree and Redundant Connectivity 14-8 Spanning-Tree Add ress Management 14-8 Accelerated Aging to Retain Connectivity 14-8 Spanning-Tree Mode s and Protocols 14-9 Supported Spanning-Tree Instances 14-9 Spanning-Tree Interoperability and Backward Compatibility 14-10 STP and IEEE 802.1Q Tr unks 14-10
Configuring Spanning-Tree Features 14-11
Default Spanning -Tree Configuration 14-11 Spanning-Tree Configuration Guidelines 14-12 Changing the Spanning-Tree Mode 14-13 Disabling Spanning Tree 14-14 Configuring the Root Switch 14-14 Configuring a Secondary Root Switch 14-16 Configuring the Port Priority 14-17 Configuring the Path Cost 14-19
Page 14
Contents
xiv
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring the Switch Priority of a VLAN 14-20 Configuring Spanning-Tree Timers 14-21
Configuring the Hello Time 14-21 Configuring th e Forwarding-Delay Time for a VLAN 14-22 Configuring th e Maximum-Aging Time for a VLAN 14-22 Configuring Spanning Tree for Use in a Cascaded Stack 14-23
Displaying the Spanning-Tree Status 14-24
CHAPTER
15 Configuring MSTP 15-1
Understanding MSTP 15-2
Multiple Spanning-Tree Regions 15-2 IST, CIST, and CST 15-2
Operations Within an MST Region 15-3
Operations Betwee n MST Regions 15-3 Hop Count 15-4 Boundary Ports 15-5 Interoperability with 802.1D STP 15-5
Understanding RSTP 15-6
Port Roles and the Active Topology 15-6 Rapid Convergence 15-7 Synchronization of Port Roles 15-8 Bridge Protocol Data Unit Format and Processing 15-9
Processing Super ior BPDU Information 15-10
Processing Inferior BPDU Information 15-10 Topology Changes 15-10
Configuring MSTP Features 15-11
Default MSTP Config uration 15-12 MSTP Configuration Gui delines 15-12 Specifying the MST Region Configuration and Enabling MSTP 15-13 Configuring the Root Switch 15-14 Configuring a Sec ondary Root Switch 15-16 Configuring the Port Priority 15-17 Configuring the Path Cost 15-18 Configuring the Switch Priority 15-19 Configuring the Hello Time 15-19 Configuring th e Forwarding-Delay Time 15-20 Configuring th e Maximum-Aging Time 15-21 Configuring the Maximum-Hop Count 15-21
Page 15
Contents
xv
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Specifying the Link Type to Ensure Rapid Transitions 15-22 Restarting the Protocol Migration Process 15-22
Displaying the MST Configuration and Status 15-23
CHAPTER
16 Configuring Optional Spanning-Tree Features 16-1
Understanding Optional Spanning-Tree Features 16-1
Understanding Po rt Fast 16-2 Understanding BPD U Guard 16-2 Understanding BPDU Filtering 16-3 Understanding UplinkFast 16-3 Understanding Cross-Stack UplinkFast 16-5
How CSUF Works 16-5 Events that Cause Fast Convergence 16-7 Limitations 16-7
Connecting the Stack Ports 16-8 Understanding BackboneFast 16-9 Understanding EtherChannel Guard 16-11 Understanding Root Guard 16-11 Understanding Loop Guard 16-12
Configuring Optional Spanning-Tree Features 16-12
Default Optional Spanning-Tree Configuration 16-13 Optional Spanning-Tree Configuration Guidelines 16-13 Enabling Port Fast 16-13 Enabling BPDU Guard 16-14 Enabling BPDU Filtering 16-15 Enabling Uplink Fast for Use with Redundant Links 16-16 Enabling Cross-Stack UplinkFast 16-17 Enabling BackboneFast 16-18 Enabling EtherChannel Guard 16-18 Enabling Root Guard 16-19 Enabling Loop Guard 16-19
Displaying the Spanning-Tree Status 16-20
CHAPTER
17 Configuring VLANs 17-1
Understanding VLANs 17-1
Supported VLANs 17-2 VLAN Port Membership Modes 17-3
Page 16
Contents
xvi
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring Nor mal-Range VLANs 17-4
Token Ring VLANs 17-5 Normal-Range VLAN Configuration Guidelines 17-5 VLAN Configuration Mode Options 17-6
VLAN Configuration in config-vlan Mode 17-6
VLAN Configuration in VLAN Configuration Mode 17-6 Saving VLAN Configuration 17-7 Default Etherne t VLAN Configuration 17-7 Creating or Modifying an Ethernet VLAN 17-8 Deleting a VLAN 17-10 Assigning St at ic-Access Port s to a VLAN 17-11
Configuring Ext ended-Range VLANs 17-12
Default VLAN Configuration 17-12 Extended-Range VLAN Configuration Guidelines 17-12 Creating an Extended-Range VLAN 17-13
Displaying VLANs 17-14 Configuring VLAN Tr unks 17-15
Trunking Overview 17-15
802.1Q Configura tion Considerations 17-16 Default Layer 2 Ethernet Inte rfa c e VL A N Co nf ig uration 17-17 Configuring an Ethernet Interface as a Trunk Port 17-17
Interaction with Other Features 17-18 Configuring a Trunk Port 17-18 Defining the Allo w e d V LA N s on a Tr un k 17-19 Changing the Pruning-Eligible List 17-20 Configuring the Native VLAN for Untagged Traffic 17-21
Load Sharing Using STP 17-22
Load Sharing Using STP Port Priorities 17-22 Load Sharing Using STP Path Cost 17-24
Configuring VMPS 17-25
Understanding VMPS 17-25
Dynamic Port VLAN Membership 17-26
VMPS Databa se Co nfiguration Fi le 17-26 Default VMPS Client Configuration 17-27 VMPS Configu ra tion Guidelines 17-27
Page 17
Contents
xvii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring the VMPS Client 17-28
Entering the IP Address of the VMPS 17-28 Configuring Dynamic Access Ports on VMPS Clients 17-28 Reconfirming VLAN Memberships 17-29 Changing the Reconfirmation Interval 17-29
Changing the Retry Count 17-30 Monitoring the VMPS 17-30 Troubleshooting Dynamic Port VLAN Membership 17-31 VMPS Configuration Example 17-31
CHAPTER
18 Configuring VTP 18-1
Understanding VTP 18-1
The VTP Domain 18-2 VTP Modes 18-3 VTP Advertisements 18-3 VTP Version 2 18-4 VTP Pruning 18-4
Configuring VTP 18-6
Default VTP Confi guration 18-6 VTP Configuration Options 18-7
VTP Configuration in Global Configuration Mode 18-7
VTP Configuration in VLAN Configuration Mode 18-7 VTP Configuration Guidelines 18-8
Domain Names 18-8
Passwords 18-8
Upgrading from Pr evious Softwa re Re le ases 18-8
VTP Version 18-9
Configuration Requirements 18-9 Configuring a VTP Server 18-9 Configuring a VTP Client 18-11 Disabling VTP (VTP Transparent Mode) 18-12 Enabling VTP Version 2 18-13 Enabling VTP Pruning 18-14 Adding a VTP Client Switch to a VTP Domain 18-14
Monitoring VTP 18-16
Page 18
Contents
xviii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CHAPTER
19 Configuring Voice VLAN 19-1
Understanding Voice VLAN 19-1 Configuring Voi ce VLAN 19-2
Default Voice VLAN Configuration 19-2 Voice VLAN Config uration Guidelines 19-3 Configuring a Port to Connect to a Cisco7960 IP Phone 19-3
Configuring Ports to Carry Voice Traffic in 802.1Q Frames 19-4 Configuring Ports to Carry Voice Traffic in 802.1p Priority-Tagged Frames 19-4 Overriding the CoS Priority of Incoming Data Frames 19-5 Configuring the IP Phone to Trust the CoS Priority of Incoming Data Frames 19-6
Displaying Voic e VLAN 19-6
CHAPTER
20 Configuring DHCP Features 20-1
Understanding DHCP Features 20-1
DHCP Server 20-2 DHCP Relay Agent 20-2 DHCP Snooping 20-2 Option-82 Data Insertion 20-3
Configuring DHCP Features 20-5
Default DHCP Config uration 20-5 DHCP Snooping Configuration Guidelines 20-6 Configuring the DHCP Server 20-6 Enabling DHCP Snoopi ng and Option 82 20-7
Displaying DHCP In formation 20-8
Displaying a Binding Table 20-8 Displaying the DHCP Snooping Configuration 20-8
CHAPTER
21 Configuring IGMP Snooping and MVR 21-1
Understanding IGMP Snooping 21-1
IGMP Versions 21-2 Joining a Multicast Group 21-3 Leaving a Multicast Group 21-4 Immediate-Leave Processing 21-5 IGMP Report Suppression 21-5 Source-Only Networks 21-5
Page 19
Contents
xix
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring IGMP Snooping 21-6
Default IGMP Snoo ping Configuration 21-6 Enabling or Disabling IGMP Snooping 21-7 Setting the Snoopi ng Method 21-8 Configuring a Multicast Router Port 21-9 Configuring a Host Statically to Join a Group 21-10 Enabling IGMP Immedi ate-Leave Processing 21-10 Disabling IGMP Report Suppression 21-11 Disabling IP Multicast-Source-Only Learning 21-11 Configuring the Aging Time 21-12
Displaying IGMP Sno oping Information 21-13 Understanding Multicast VLAN Registration 21-14
Using MVR in a Multicast Television Application 21-15
Configuring MV R 21-17
Default MVR Configuration 21-17 MVR Configuration Guidelines and Limitations 21-17 Configuring MVR Global Parameters 21-18 Configuring MVR Interfaces 21-19
Displaying MVR Information 21-21 Configuring IG M P Fi lt ering and Throttling 21-21
Default IGMP Filtering and Throttling Configuration 21-22 Configuring IGMP Profiles 21-22 Applying IGMP Profil es 21-24 Setting the Maximum Number of IGMP Groups 21-25 Configuring the IGMP Throttling Action 21-25
Displaying IGMP Filtering and Throttling Configuration 21-27
CHAPTER
22 Configuring Port-Based Traffic Control 22-1
Configuring Sto rm Control 22-1
Understanding Storm Control 22-2 Default Storm Control Configuration 22-2 Enabling Storm Control 22-2 Disabling Storm Control 22-4
Configuring Protected Ports 22-4 Configuring Port Blocking 22-5
Blocking Flooded Traffic on an Interface 22-5 Resuming Normal Forwarding on a Port 22-6
Page 20
Contents
xx
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Configuring Port Security 22-7
Understanding Po rt Security 22-7
Secure MAC Addresses 22-7
Security Viol at ions 22-8 Default Port Security Configuration 22-9 Port Security Configuration Guidelines 22-9 Enabling and Configuring Port Security 22-10 Enabling and Confi guring Port Security Aging 22-12
Displaying Port -Based Traffic Control Setti ngs 22-13
CHAPTER
23 Configuring UDLD 23-1
Understanding UDLD 23-1
Modes of Operation 23-1 Methods to Detect Unidirectional Links 23-2
Configuring UDLD 23-4
Default UDLD Configuration 23-4 Configuratio n Guidelines 23-4 Enabling UDLD Globally 23-5 Enabling UDLD on an Interface 23-5 Resetting an Interf ace Shut Down by UDLD 23-6
Displaying UDLD Status 23-7
CHAPTER
24 Configuring CDP 24-1
Understanding CDP 24-1 Configuring CDP 24-2
Default CDP Config uration 24-2 Configuring the CDP Characteristics 24-2 Disabling and Enabling CDP 24-3 Disabling and Enabling CDP on an Interface 24-4
Monitoring and Maintaining CDP 24-5
Page 21
Contents
xxi
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CHAPTER
25 Configuring SPAN and RSPAN 25-1
Understanding SPAN and RSPAN 25-1
SPAN and RSP A N Conc ep t s and Terminolog y 25-3
SPAN Session 25-3 Traffic Types 25-3 Source Port 25-4 Destination Por t 25-4 Reflector Port 25-5
SPAN Traffic 25-5 SPAN and RSPAN Interaction with Other Features 25-5 SPAN and RSPAN Session Limits 25-6 Default SPAN and RSPAN Configuration 25-7
Configuring SPAN 25-7
SPAN Configuration Guidelines 25-7 Creating a SPAN Session and Specifying Ports to Monitor 25-8 Creating a SPAN Session and Enabling Ingress Traffic 25-9 Removing Ports from a SPAN Se ss io n 25-11
Configuring RSPAN 25-12
RSPAN Configuration Guidelines 25-12 Configuring a VLAN as an RSPAN VLAN 25-13 Creating an RSPAN Source Session 25-13 Creating an RSPAN Destination Session 25-15 Removing Ports from an RSPAN Se s sion 25-16
Displaying SPAN and RSPAN Status 25-17
CHAPTER
26 Configuring RMON 26-1
Understanding RMON 26-1 Configuring RMON 26-2
Default RMON Configuration 26-3 Configuring RMON Alarms and Events 26-3 Configuring RMON Col lection on an Interface 26-5
Displaying RMON Status 26-6
Page 22
Contents
xxii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CHAPTER
27 Configuring System Message Logging 27-1
Understanding System Message Logging 27-1 Configuring System Message Logging 27-2
System Log Message Format 27-2 Default System Message Logging Configuration 27-3 Disabling and Enabling Message Logging 27-4 Setting the Message D isplay Destination Device 27-4 Synchronizing Log Messages 27-6 Enabling and Disabling Timestamps on Log Messages 27-7 Enabling and Disabling Sequence Numbers in Log Messages 27-8 Defining the Message Severity Level 27-8 Limiting Syslog Messages Sent to the History Table and to SNMP 27-10 Configuring UNIX Syslog Servers 27-11
Logging Messages to a UNIX Syslog Daemon 27-11 Configuring the UNIX System Logging Facility 27-11
Displaying the Lo gging Configuration 27-13
CHAPTER
28 Configuring SNMP 28-1
Understanding SNMP 28-1
SNMP Versions 28-2 SNMP Manager Functions 28-3 SNMP Agent Fu nc ti on s 28-4 SNMP Community Strings 28-4 Using SNMP to Access MIB Variables 28-4 SNMP Notifications 28-5
Configuring SNMP 28-5
Default SNMP Configuration 28-6 SNMP Configuration Guidelines 28-6 Disabling the SNMP Agent 28-7 Configuring Commun ity Strings 28-7 Configuring SNMP Gro ups and Users 28-9 Configuring SNMP Not ifications 28-11 Setting the Agent Co ntact and Location Information 28-14 Limiting TFTP Servers Used Through SNMP 28-14 SNMP Exampl es 28-15
Displaying SNMP Status 28-16
Page 23
Contents
xxiii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CHAPTER
29 Configuring Network Security with ACLs 29-1
Understanding ACLs 29-2
Handling Fragmented and Unfragmented Traffic 29-3 Understanding Access Control Parameters 29-4 Guidelines for Applying ACLs to Physical Inte rfaces 29-5
Configuring ACLs 29-6
Unsupported Features 29-7 Creating Standard and Extended IP ACLs 29-7
ACL Numbers 29-8
Creating a Numbered Standard ACL 29-9
Creating a Numbered Extended ACL 29-10
Creating Named Standard and Extended ACLs 29-13
Applying Time Ranges to ACLs 29-15
Including Comments About Entries in ACLs 29-17 Creating Named MAC Extended ACLs 29-18 Creating MAC Access Groups 29-19
Applying ACLs to Ter m inal Lines or Physical Interf aces 29-19
Applying AC Ls to a Te rm i nal Line 29-20 Applying ACLs to a Physical Interface 29-20
Displaying ACL Information 29-21
Displaying ACLs 29-21 Displaying Access Groups 29-22
Examples for Compiling ACLs 29-23
Numbered ACL Examples 29-25 Extended ACL Examples 29-25 Named ACL Example 29-25 Commented IP AC L En tr y Exa m ples 29-25
CHAPTER
30 Configuring QoS 30-1
Understanding QoS 30-2
Basic QoS Model 30-4 Classification 30-5
Classification Based on QoS ACLs 30-5
Classification Based on Class Maps and Policy Maps 30-6 Policing and Marking 30-7 Mapping Tables 30-8
Page 24
Contents
xxiv
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Queueing and Scheduling 30-8
How Class of Service Works 30-8 Port Priority 30-8 Port Scheduling 30-8 Egress CoS Queues 30-9
Configuring Auto-QoS 30-9
Generated Auto-QoS Configuration 30-10 Effects of Auto-QoS on the Configuration 30-13 Configuratio n Guidelines 30-13 Upgrading from a Previous Software Release 30-14
Enabling Auto-QoS for VoIP 30-14 Displaying Auto- Q oS Information 30-15 Auto-QoS Configuration Example 30-16 Configuring Standard QoS 30-18
Default Standard QoS Configuration 30-18
Configuratio n Guidelines 30-19
Configuring Classification Using Port Trust States 30-20
Configuring the Trust State on Ports within the Q oS Domain 30-20 Configuring the CoS Value for an Interface 30-23 Configuring Trusted Boundary 30-23 Enabling Pass-Through Mode 30-25
Configuring a QoS Policy 30-26
Classifying Tr affic by Using ACLs 30-27 Classifying Tr affic by Using Class Maps 30-30 Classifying, Policing, and Marking Traffic by Usi ng Policy Maps 30-31
Configuring CoS Map s 30-34
Configuring the CoS-to-DSCP Map 30-35 Configuring the DSCP-to-CoS Map 30-36
Configuring the Egress Queues 30-37
Configuring CoS Pr iority Queues 30-37 Configuring WR R Priority 30-38
Enabling the Expedite Queue and Configuring WRR Priority 30-38 Displaying Standard QoS Information 30-39 Standard QoS Configuration Examples 30-39
QoS Configuratio n for the Existing Wiring Closet 30-40 QoS Configuration for the Intelligent Wiring Closet 30-41
Page 25
Contents
xxv
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
CHAPTER
31 Configuring EtherChannels 31-1
Understanding EtherChannels 31-1
Understanding Po rt-Channel Interfaces 31-2 Understanding the Port Aggregation Protocol and Link Aggregation Protocol 31-3
PAgP and LACP Modes 31-4 Physical Learners and Aggregate-Port Learners 31-5 PAgP and LACP Interaction with Other Features 31-6
Understanding Load Balancing and Forwarding Meth ods 31-6
Configuring EtherChannels 31-7
Default EtherCha nnel Configuration 31-8 EtherChannel Con figuration Guidelines 31-8 Configuring Layer 2 EtherChannels 31-9 Configuring EtherChannel Load Balancin g 31-11 Configuring the PAgP Learn Method and Priority 31-12 Configuring the LACP Port Priority 31-12 Configuring Hot Standby Ports 31-13 Configuring the LACP System Priority 31-13
Displaying EtherChannel, PAgP, and LACP Status 31-14
CHAPTER
32 Troubleshooting 32-1
Using Recovery Procedures 32-1
Recovering from Corrupted Software 32-2 Recovering from Lost or Forgotten Passwords on Non-LRE Catalyst 2950 Switches 32-2 Recovering from Lo st or Forgotten Passwords on Catalyst 2950 LRE Switches 32-4
Password Recovery with Password Recovery Enabled 32-5
Procedure with Password Recovery Disabled 32-6 Recovering from Lost or Forgotten Passwords on Catalyst 2955 Switches 32-8 Recovering from a Command Switch Failure 32-10
Replacing a Failed Command Switch with a Cluster Member 32-11
Replacing a Failed Command Switch with Another Switch 32-12 Recovering from Lost Member Connectivity 32-14
Preventing Auton egotiation Mismatches 32-14 GBIC and SFP Module Secur ity and Identification 32-14 Diagnosing Connec tivity Problems 32-15
Using Ping 32-15
Understanding Ping 32-15
Executing Ping 32-15
Page 26
Contents
xxvi
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Using Layer 2 Tr ac e route 32-16
Understanding Layer 2 Traceroute 32-16 Usage Guidelines 32-17
Displaying the Ph ysical Path 32-18 Diagnosing LRE Connection Problems 32-18 Using Debug Commands 32-19
Enabling Debuggi ng on a Specific Feature 32-20 Enabling All-System Diagnostics 32-20 Redirecting Debu g and Error Message Output 32-21
Using the debug auto qos Command 32-21 Using the show controllers Commands 32-22 Using the crashinfo File 32-23
APPENDIX
A Supported MIBs A-1
MIB List A-1 Using FTP to Access th e MI B Files A-3
APPENDIX
B Working with the Cisco IOS File Syst em, Configuration Files, and Software I ma ges B-1
Working with th e Fl ash File System B-1
Displaying Available File Systems B-2
Setting the Default File System B-3
Displaying Information about Files on a File System B-3
Changing Directo ries and Displaying the Working Directory B-4
Creating and Removing Directories B-4
Copying Files B-5
Deleting Files B-5
Creating, Displaying, and Extracting tar Files B-6
Creating a tar File B-6 Displaying the Co ntents of a tar File B-7 Extracting a ta r Fil e B-7
Displaying the Contents of a File B-8 Working with Configuration Files B-8
Guidelines for Creating and Using Configuration Files B-9
Configuration File Types and Location B-10
Creating a Configuration File By Using a Text Editor B-10
Copying Configuration Files By Using TFTP B-10
Preparing to Download or Upload a Configuration File By Using TFTP B-11 Downloading the Con figuration File By Using TFTP B-11 Uploading the Configuration File By Using TFTP B-12
Page 27
Contents
xxvii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Copying Configuration Files By Using FTP B-12
Preparing to Download or Upload a Configuration File By Using FTP B-13 Downloading a Configuration File By Using FTP B-13 Uploading a Confi guration File By Using FTP B-14
Copying Configuration Files By Using RCP B-15
Preparing to Download or Upload a Configuration File By Using RCP B-16 Downloading a Configuration File By Using RCP B-17 Uploading a Confi guration File By Using RCP B-18
Clearing Configuration Information B-19
Clearing the St a rtu p Co nfiguration Fi le B-19 Deleting a Stored Configuration File B-19
Working with So ft w a re Ima g es B-19
Image Location on the Switch B-20 tar File Format of Images on a Server or Cisco.com B-20 Copying Image Files By Using TFTP B-21
Preparing to Downl oad or Upload an Image File By Using TFTP B-21 Downloading an Image File By Using TFTP B-22 Uploading an Image Fi le By Using TFTP B-23
Copying Image Files By Using FTP B-24
Preparing to Downl oad or Upload an Image File By Using FTP B-24 Downloading an Image File By Using FTP B-25 Uploading an Image Fi le By Using FTP B-27
Copying Image Files By Using RCP B-28
Preparing to Downl oad or Upload an Image File By Using RCP B-28 Downloading an Image File By Using RCP B-29 Uploading an Image File By Using RCP B-31
I
NDEX
Page 28
Contents
xxviii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Page 29
xxix
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Preface
Audience
This guide is for the networking professional man aging the Catalyst 2950 and 2955 switches, hereafte r referred to as the switches. Before using this guide, you should have experience working with the Cisco IOS and be familiar with the concepts and terminology of Ethernet and local area networking.
Purpose
This guide provide s t he infor ma ti on you ne e d to configu re soft ware fea ture s o n y our swi tch . Th e Catalyst 2950 switch is supported by either the standard software image (SI) or the enhan ced software image (EI). The Catalyst 2955 and Catalyst 2950 Long-R each Ethernet (LRE) switches are supported only by the EI.
The EI provides a richer set of features, including access control lists (ACLs), enhanced quality of service (QoS) features, extended-range VLANs, Remote Switched Port Analyzer (RSPAN), and unicast MAC address filtering. The cryptographic EI provides support for the Secure Shell Protocol (SSP). For a list of switches that support the SI and the EI, see Table 1-1 in Chapter 1, “Overview.”
The Catalyst 2955 switch also supports an additional set of features that are described in Chapter 3,
“Configuring Catalyst 2955 Switch Alarms. ” The switch has facilities to process alarms related to the
temperature, power supply cond itions, and status of the Ethern et ports. Use this guide with other documents for information about these topics:
Requirements—This guide assumes that you have met the hardware and software requirements and
cluster compatibility requirements described in the release notes.
Start-up information —This guid e assume s that you have assigned switch IP informat ion and
passwords by using the browser setup pro gra m des cr ibed in t he swit ch ha rd ware insta ll ation g uide .
Cluster Management Suit e (CMS) info rmation— This gui de provides an overview of the CMS
web-based, switch mana geme nt int erface. For inf ormat ion a bout CMS r equi reme nts an d the procedures for browser and plug-in configuration and accessing CMS, refer to the release notes. For CMS field-level window descriptions and procedures, re fer to th e CMS online he lp.
Cluster configuration—Thi s guide provid es inform ation abou t planning for, creating, and
maintaining switch clusters. Because configuring switch clusters is most easily performed through CMS, this guide does not provide the command-line interface (CLI) procedures. For the cluster commands, refer to the comm and re ferenc e for th is releas e.
CLI command information—This guide provides an overview for using the CLI. For complete
syntax and usage information about the commands that have been specifically created or changed for the switches, re fer to th e comm and ref erence for this re lease .
Page 30
xxx
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Preface
Conventions
This guide provides procedures for using the commands that have been created or changed for use with the switch. It does not provide detailed information about these commands. For detailed information about these comm ands , refer t o the co mman d refere nce for this rel ease .
This guide does not repe at the conc epts and CLI proce dures provided in the st andar d Cisco IOS Release 12.1 docume ntation . For informati on about th e standa rd Cisco IOS Relea se 12.1 com mands, refer to the Cisco IOS documentation set available from the Cisco.com home page at Service and Support > Technical Documents. On the Cisco Product Documentation home page, select Release 12.1 from the Cisco IOS Software drop-down list.
This guide does not descri be system message s you might enc ounter or how to install your switch. For this information, refer to the system message guide for this release and to the hardware installation guide.
Conventions
This publication use s the se conventions to co nvey instructions a nd info rmat ion: Command descriptions use these conventions:
Commands and keywords are in boldface text.
Arguments for which you supply values are in italic.
Square brackets ([ ]) mean optional elements.
Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.
Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional
element.
Interactive examples use these conventions:
Terminal sessions and system displays are in screen font.
Information you ent er is in b oldface sc reen f ont .
Nonprinting charac ters, such as passwords or t abs, ar e in angl e brackets (< >) .
Notes, cautions, and timesavers use these conventions and symbols:
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in
this manual.
Caution Means re ader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Page 31
xxxi
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Preface
Related Publications
Related Publications
These documents provide complete in for ma tion abo ut the switc h and are a vailable from this Cisco.com site:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/index.htm
You can order printed copi es of documents with a DOC-xxxxxx= number from the Cisco.com sites an d from the telephone numbers listed in the “Obtaining Documentation” se ction on page xxxi.
Release Notes for the Catalyst 2950 and Catalyst 2955 Switches (not orderable but is available on
Cisco.com)
Note Switch requirements and procedures for initial configurations and software upgrades tend to change and
therefore appear only in the release note s . Before installing, configuring, or upgrading the switch, refer to the release notes on Cisco.com for the latest information.
For information about the switch, refer to these documents:
Catalyst 2950 and C atal yst 29 55 Swit ch Sof tware Configuration Guid e (orde r number
DOC-7811380=)
Catalyst 2950 and C ataly st 29 55 Switch Co mma nd Reference (orde r nu mber DO C-78113 81=)
Catalyst 2950 and Cat alyst 2955 Swi tch Syste m Me ssage Guide (o rder number DOC-7814233=)
Catalyst 2950 Desktop Switch Hardware Installation Guide (order number DOC-7811157=)
Catalyst 2955 Hardware Installation Guide (order number D OC-7 8149 44= )
For information about rel ated produc ts, refe r to these document s:
Cluster Management Suite (CM S) online help (available only from the switc h CMS software)
Catalyst GigaStack Gigabit Interface Converter Hardware Installation Guide
(order number DOC-786460=)
CWDM Passive Optical System Installation Note (not orderab le but is available on Cisco.com)
1000BASE-T Gigabit Interface Converter Installation Notes (not orderable but is available on
Cisco.com)
Obtaining Documentation
Cisco documentatio n and a dd ition al lite rat ure a r e available on Cisc o.co m. Cisc o al so provide s s everal ways to obtain technical assista nce an d othe r techni cal re sour ces. Thes e secti ons explain how to obtain technical information from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
http://www.cisco.com
Page 32
xxxii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Preface
Documentation Feedback
You can access international Cisco websites at this URL:
http://www.cisco.com/public/countries_languages.shtml
Ordering Documentation
You can find instruc tio ns for or de ring do cu ment atio n a t t his U RL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco document ation in these ways:
Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from
the Ordering tool:
http://www.cisco.com/en/US/partner/ordering/index.shtml
Nonregistered Cisco.co m u ser s can o rd er docum en tati on th rou gh a l oc al ac count r epre sen tative by
calling Cisco Systems Corporate Headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
Documentation Feedback
You can send comments ab out technic al docum entati on to bug-doc@c isco.com. You can submit comment s by using the respon se card (i f presen t) behind t he front cover of your
document or by wri ting t o the fo llowing a ddress: Cisco Systems
Attn: Customer Docume nt Ordering 170 West Tasman Drive San Jose, CA 95134- 988 3
We apprec iate yo ur comm ents .
Obtaining Technical Assistanc e
For all customers, partners, resellers, and distributors who h old valid Cisco serv ice contra cts, Cisco Technical Support provides 24-hour-a-day, award-winning technic al assist anc e. T he C isco Technical Support Website on Cisco.com features extensive online support resources. In addition, Cisco Technical Assistance Center (TAC) engine er s provide t eleph one suppor t. I f y ou do n ot ho ld a valid Cisc o serv ice contract, contact your reseller.
Page 33
xxxiii
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Preface
Obtaining Technical Assistance
Cisco Technical Support Website
The Cisco Technical Support Website provides online docum ents a nd tools fo r tr oub lesho oti ng a nd resolving technical issues with Cisco products and technologies. The website is available 24 hours a day, 365 days a yea r at thi s UR L:
http://www.cisco.com/techsupport
Access to all tools on the Cisco Technical Support Website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this U R L:
http://tools.cisco.com/RPF/register/register.do
Submitting a Service Request
Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3 and S4 service requests are those in which your network is minimally impaired or for which you require product information. ) After you desc ribe you r situation, the TAC Service Reque st Tool automatically provides recommended solut ions. If yo ur issue is not resolved usin g the recomm ende d resource s, your service request will be assigned to a Cisco TAC engineer. The TAC Service Request Tool is located at this URL:
http://www.cisco.com/techsupport/servicerequest
For S1 or S2 service requests or if you do not have Internet access, contact the Cisco TAC b y telephone. (S1 or S2 service requests are t hose in whic h your prod uction net work is down or severely degraded.) Cisco TAC engine er s are a ssign ed im medi atel y to S1 and S2 servi ce req uest s to h elp k eep y our b u sines s operations running smoothly.
To open a servic e request by telephone, use one of the fo llowing number s: Asia-Pacific: +61 2 8446 7411 (Australia : 1 800 805 227)
EMEA: +32 2 704 55 55 USA: 1 800 553 2447
For a complete list of Cisco TAC contacts, go to this URL:
http://www.cisco.com/techsupport/contacts
Definitions of Service Request Severity
To ensure that all service requests are reported in a standard format, Cisco has established severity definitions.
Severity 1 (S1)—Your network is “down,” or there is a critical impact to your business operat ions. You and Cisco will commit all necessary resources around the clock to resolve the situation.
Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.
Severity 3 (S3)—Operational perform ance of your netwo rk is impair ed, but most business operatio ns remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.
Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is li ttle or no effect on you r business operations.
Page 34
xxxiv
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Preface
Obtaining Additiona l Publications and Informatio n
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
Cisco Marketplace provides a variety of Cisco books, reference guides, and logo merchandise. Visit
Cisco Marketplace, the company store, at this URL:
http://www.cisco.com/go/marketplace/
The Cisco Product Catalog describes the networking products offered by Cisco Systems, as well as
ordering and custome r support ser vices. Ac cess the Cisc o Product Ca talog at this URL:
http://cisco.com/univercd/cc/td/doc/pcat/
Cisco Press publishes a wide range of general networking , training and certif ication titles. Both ne w
and experienced users will benefit from these publications. For current Cisco Press titles and other information, go to Cisco Press at this URL:
http://www.ciscopress.com
Packet magazine is the Cisco Sy stems tech nical use r magazi ne for maximi zing Inte rnet an d
networking investments. Each quar ter, Packet delivers coverage of t he l ate st ind ust ry t rend s, technology breakthrough s, and Cisco product s and soluti ons, as well as networ k deployme nt and troubleshooting t ips, configu ratio n exa mp les, cust om er c a se studie s, ce rtificat ion an d tr aini n g information, and links to scores of in-depth online resources. You can acce ss Packet magazine at this URL:
http://www.cisco.com/packet
iQ Magazine is the quarterly pu bli cat ion fr om C isco System s desig ned t o hel p gr owing comp anies
learn how they can use tec hn ology to i n crea se revenue, stre a mline the ir business , and expand services. The publication identifies the challenges facing these companies and the technologies to help solve them, usin g rea l-worl d ca se st ud ies an d business st rategies t o he lp r eade rs make soun d technology investment decisions. You can acc ess iQ Magazin e at this URL:
http://www.cisco.com/go/iqmagazine
Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineeri ng
professionals involved in designing, developing, and ope ratin g p ubli c a nd pr ivate internets a nd intranets. You can access the Internet Protocol Journal at this URL:
http://www.cisco.com/ipj
World-cla ss networking training is available from Cisco. You can view current offerings at
this URL:
http://www.cisco.com/en/US/learning/index.html
Page 35
CHAPTER
1-1
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
1
Overview
This chapter provides the se topi cs a bou t the C ataly st 2950 and Catalyst 2955 switch so ftware:
Features, page 1-1
Management Options, page 1-8
Network Configuration Examp les, page 1-10
Where to Go Next, page 1-22
Note In this documen t, I P r ef ers t o IP versi on 4 (IPv 4). La ye r 3 I P version 6 (I Pv6) p ackets a re tr eat ed a s
non-IP packets.
Features
The switch software supports the switches listed in Table 1-1 and in the release notes.
Table 1-1 Switches Supported
Switch Software Image
Catalyst 2950-12 SI
1
Catalyst 2950-24 SI Catalyst 2950C-24 EI
2
Catalyst 2950G- 12-EI EI Catalyst 2950G- 24-EI EI Catalyst 2950G- 24-EI -DC EI Catalyst 2950G- 48-EI EI Catalyst 2950ST-8 LRE EI Catalyst 2950ST-24 LRE EI Catalyst 2950ST-24 LRE 997 EI Catalyst 2950SX-24 SI Catalyst 2950SX-48-SI SI Catalyst 2950T-24 EI Catalyst 2950T-48-SI SI
Page 36
1-2
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Features
Certain Cisco Long-Reach Ethernet (LRE) customer premises equipment (CPE) devices are not supported by certain Catalyst 2950 LRE switches. In Table 1-2, Yes means that the CPE is supported by the switch; No means that the CPE is not supported by the switch.
This section describes the features supported in this release:
Note Some features require that you have the EI installed on your switch. For a list of the switches that support
the EI, see Table 1-1, or refer to the release notes for this release.
Ease of Use and Ease of Deployment
Express Setup for qu ic kly configuring a switch for the first time with basi c IP information, contact
information, swit ch a nd Telnet passwords, and Si mpl e N etwork Ma nage ment Proto col (SNM P) information thro ugh a b rowser-based prog ra m
User-defined Smartports macros for creating custom switch configurations for simplified
deployment across the net work
Cluster Management Sui te (CMS) sof tware f or si mplify ing s wit ch a nd switch c lust er m anag em ent
through a web browser, such as Netscape Communicator or Microsoft Internet Explorer, from anywhere in your intranet
Switch clusterin g te ch nology us ed wi th CM S for
Unified configuration, monitoring, authentication, and software upgrade of multiple switches
(refer to the release notes for a list of eligible cluster members).
Automatic discovery of candidate switches and creation of clusters of up to 16 switches that can
be managed throug h a s in gle IP ad dre ss.
Extended discovery of cluster candidates that are not directly connected to the command switch.
Catalyst 2955C-12 EI Catalyst 2955S-12 EI Catalyst 2955T-12 EI
1. SI = standard soft wa re im ag e
2. EI = enhanced software image
Table 1-1 Switches Supported (continued)
Switch Software Image
Table 1-2 LRE Switch and CPE Compatibility Matrix
LRE Devices
Catalyst 2950ST-8 LRE switch
Catalyst 2950ST-24 LRE switch
Catalyst 2950ST-24 LRE 997 switch
Cisco 575 LRE CPE
Yes Yes No
Cisco 576 LRE 997 CPE
No No Yes
Cisco 585 LRE CPE
Yes Yes No
Page 37
1-3
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Features
Hot Standby Router Prot ocol (H SRP) for c om mand- swi tch re du ndancy. The redundant c omm and
switches used f or HS RP m ust have comp atibl e so ft ware re le ases.
Note See the “ Advantages of Using CMS and Clustering Switches” section on page 1-9. For the CMS,
software, and browser requirements and for the cluster hardware and software requirements, refer to the Chapter 4, “Getting Started with CMS,” and the release notes.
Performance
Autosensing of speed o n t he 10/100 and 10/100/1000 ports and autonegotiation of duplex mode on
the 10/100 ports f or optim izing ba nd width
IEEE 802.3x flow control on Gigabit Ethern et ports oper ating in ful l-duplex mode
Fast EtherChannel and Gigabit EtherCh annel fo r enhance d fault tolera nce and for providing up
to 2 Gbps of bandwidth between switches, routers, and servers
Support for frames la rger than 1 500 bytes. Th ese switc hes su ppo rt f ra me siz e s from 15 00 to
1530 bytes:
Catalyst 2950G-12 -EI, 29 50G- 24-EI, 2 950 G-24 -EI-D C, and 2950G-48-EI switches running Cisco IOS Release 1 2.1 (6)EA 2 or la ter
Catalyst 2950 LRE switch es
Catalyst 2955 switches
Port blocking on forwarding unknown unicast and multicast traffic (available only on the
Catalyst LRE swit che s and on the Cat aly st 2950G-12-EI, 2950G-24-EI, 29 50G-2 4-E I- DC, 2950G-48-EI, and 2955 switc hes)
Per-port broadcast storm control for pr eventing faulty end stations from degrading overall system
performance with broadcast storms
Port Aggregation Protocol (PAgP) and Link Aggregation Control Protocol (LACP) for automatic
creation of EtherCha nnel lin ks
Internet Group M ana geme nt Pr otoc ol ( IGM P) snoo ping fo r IG MP versions 1, 2 , and 3 t o limi t
flooding of IP multicast tra ffic
IGMP report suppression for sending only one IGMP repo rt per mult icast rout er query to th e
multicast devices (supported on ly for IGMP v1 or IGMPv2 queries)
Multicast VLAN registration (MVR) to continuously send multicast streams in a multicast VLAN
while isolating the streams from subscriber VLANs for bandwidth and security reasons
IGMP filtering for con trolling th e set of mu lticast grou ps to which hosts on a swit ch port ca n belong
IGMP throttling for configuring the action when the maximum number of entries is in the IGMP
forwarding table
Protected port (private VLAN edge port) option for restricting the forwarding of traffic to designated
ports on the same switch
Dynamic address l ear ning fo r en hance d secu ri ty
Manageability
Cisco Intelligence Engine 2100 (IE210 0) Series Cisc o Networking Ser vices (CN S) embedd ed
agents for automating swit ch ma nage ment , con figurati on stor age a nd de livery (available only with the EI)
DHCP-based auto co nfiguration fo r a uto matic ally c onfiguring t he sw itch du ring star tup w ith IP
address information a nd a configurat ion file that it re ceives during DH CP-based au toco nfiguration
Page 38
1-4
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Features
Note DHCP replaces the Bootstrap Protocol (BOOTP) feature autoconfiguration to ensure retrieval of
configuration files by unicast TFTP messages. BOOTP is available in earlier software releases for this switch.
DHCP server for automatic assignme nt of IP add resses a nd other DHCP op tions to IP hosts
(available only on the Catalyst 2955 switch)
Address Resolution Protocol (ARP) for identifying a switch through its IP address and its
corresponding MAC addre ss
Unicast MAC address filtering to drop packets with specific source or destination MAC addresses
(available only with the EI)
Cisco Discovery Protocol (CDP ) version s 1 a nd 2 for net work to pology di scovery an d ma pping
between the switc h and o t her C is co devices on t he n etwor k
Network Time Pr otocol (NTP) for prov iding a consistent time stamp to al l switches from an ex ternal
source
Directed unicast requests to a TFTP server for obtaining software upgrades from a TFTP server
Default configuration storage in flash memory to ensure that the switch can be connected to a
network and can forward traffic with minim al user int erventio n
In-band management acc ess through a CMS web -based session
In-band management ac cess thro ugh up to 16 simultaneous Telnet connections for multiple
command-line in terfa ce ( CL I)- base d sessi ons over t he ne twor k
In-band management ac cess thro ugh u p to 5 simult ane ous, e ncry pted Secu re Shel l ( SSH)
connections for m ult iple CLI -base d sess ions over the n etwork (only available in the enhanced cryptographic soft ware im age)
In-band management acc ess t hro ugh SN M P version s 1 , 2c, an d 3 get a nd set r eques ts
Out-of-band management access through the switch console port to a directly-attached terminal or
to a remote te rm inal t hro ugh a se ria l c onn ect ion an d a mod em
Note For additional descriptions of the management interfaces, see the “Management Options”
section on page 1-8.
Redundancy
HSRP for comman d-swi tc h red und an cy
UniDirectional Link Detection (UDLD) on all Ethernet ports for detecting and disabling
unidirectional link s on fiber-optic int erfac es ca used by i ncor re ct fiber-opti c w iring or po rt fa ults
IEEE 802.1D Spanning Tree Protocol (ST P) for red undant back bone co nnectio ns and loo p-free
networks. STP has these features:
Up to 64 spanni ng-tr ee inst an ces s uppo rte d
Per-VLAN spanning-tree plus (PVST+ ) for balanc ing load across VLANs
Rapid PVST+ for balancing load acro ss VLANs
UplinkFast, cross-stack UplinkFast, and BackboneFast for fast convergence after a
spanning-tree top ology c han ge a nd fo r ac hieving loa d b alanc ing be twee n r edund an t uplin ks,
including Gigabit uplinks and cross-stac k Gigabit upl inks
Page 39
1-5
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Features
IEEE 802.1s Multiple Span ning Tree Protocol (MSTP) for groupin g VLANs into a spannin g-tree
instance and for providing multip le forwardi ng paths for data traffic and load balanc ing and rap id per-VLAN Spanning-Tree plus (rapid-PVST+) ba sed on the IE EE 80 2.1w Rapid Spa nning Tree Protocol (RSTP) fo r rapi d convergence of the spa nning tre e by imm edi ate ly tr ans iti onin g roo t and designated ports to the for wardi ng state
Optional spanning-tree features available in the PVST+, rapid PVST+, and MSTP modes:
Port Fast for eliminating the forw arding delay by enablin g a port to immediately transition fro m the blocking state to the fo rwarding state
BPDU guard for shutting down Port Fast-enabled ports tha t receive BPDUs
BPDU filtering for preventing a Por t Fas t-enab led po rt f rom se nd ing or rece iving BPDU s
Root guard for preventing sw itches outside the network core from becoming the spanning-tree root
Loop guard for preventing alternate or root ports from becoming designat ed ports because of a failure that leads to a unidirectional link
VLAN Support
The switches support 250 po rt-base d VLAN s for assig ning users to VLA Ns associ ated with
appropriate network resourc es, tra ffic patterns, and ban dwidth
Note The Catalyst 2950-12, Catalyst 2950-24, Catalyst 2950SX-24, Catalyst 2950SX-48-SI, and
Catalyst 2950T-48-SI switches support only 64 port-based VLANs.
The switch supports up to 40 94 VLAN ID s to allo w service pr o vider net work s to sup port the n umber of
VLANs allowed by the IEEE 802.1Q standard (available only with the EI)
IEEE 802.1Q trunking protocol on all ports for network moves, adds, and changes; management and
control of broadcast and multicast traffic; and network security by establishing VLAN groups for high-security user s an d n etwor k re sour ces
VLAN Membership Policy Server (VMPS) fo r dynam ic VLAN mem bership
VLAN Trunking Protocol (VTP) pruni ng for re duci ng net work tra ffic by restricting floode d tra ffic
to links destined for stations receiving the traffic
Dynamic Trunking Protocol ( DTP ) fo r negotiat ing trun king on a link be twee n two d evices and fo r
negotiating the type of trunking encapsulation (802.1Q) to be used
Voice VLAN for creating subnets for voice traffic from Cisco IP Phones
VLAN 1 minim iza ti on t o r educ e the risk o f s pan ning -t ree loop s o r s to rms by allowing VL AN 1 to
be disabled on any individual VLAN trunk link . With this feature enabled, no user traffic is sent or received. The switch CPU continues to send and receive control protocol frames.
Security
Bridge protocol d ata u ni t (B PDU) g uard for sh utt ing down a Port Fast-con figured port whe n an
invalid configuration occurs
Protected port option for restricting the forwarding of traffic to designated ports on the same switch
Password-protected access (read-only and read-write access) to management interfaces (CMS and
CLI) for protection against unauthorized configuration changes
Port security option for limiting and identifying MAC addresses of the stations allowed to access
the port
Port security aging to set the aging time for secure addresses on a port
Page 40
1-6
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Features
DHCP snooping to filter untrusted DHCP messages between untru sted hosts a nd DHCP servers
(available only with the EI)
Multilevel security for a choice of security level, notification, and resulting actions
MAC-based port-level security for res trict ing the use of a sw it ch po rt to a spec ific group of so ur ce
addresses and preventing switch access from unauthorized stations (available only with the EI)
TACACS+, a proprietary feature for managing ne twork securi ty thro ugh a TACACS server
IEEE 802.1x port-base d authen ticatio n to prevent unauthori zed devices from gain ing access to the
network
802.1x accounting to trac k network usage
Standard and extended IP access co ntrol lists (ACLs) for defining secur ity polici es (available only
with the EI)
Quality of Service and Class of Service
Automatic QoS (auto-Qo S) to simplif y the deployme nt of existing QoS fe atures by classi fying
traffic and configuring egress que ues (only available in the EI)
Classification
IEEE 802.1p class of service (Co S) with fo ur priorit y queues on th e switch 10/10 0 and LRE
ports and eight priority queues on the Gigabit ports for prioritizing mission-critical and
time-sensitive traffic from data, voice, and telephony applications
IP Differentiated Services Code Point (IP DSC P) and (CoS) mark ing prio rities on a pe r-port
basis for protecting the per formance of m ission-critical applications (only available with the EI)
Flow-based packet classification (classification based on information in the MAC, IP, and
TCP/UDP headers) for high-performance quality of service at the network edge, allowing for
differentiated service levels for different types of network traffic and for prioritizing
mission-critical traffic in the network (only available in the EI)
Support for IEEE 802.1p CoS schedu ling for classification an d prefe rentia l treatmen t of
high-priority voice traffic
Trusted boundary (detect the prese nce of a Cis co IP Phone, tr ust the CoS value received, and
ensure port security. If the IP phone is not detect ed, disab le the t rusted se tting on the port and
prevent misuse of a high-prio rit y q ueue .)
Policing
Traffic-policing policies on the switch port for allocating the amount of the port bandwidth to
a specific traffic flow
Policing traffic flows to restrict specific applications or traffic flows to metered, predefined
rates
Up to 60 policers on ingress Gigabit-c apable Eth ernet po rts
Up to six policers on ingress 10/100 ports
Granularity of 1 Mbps on 10/10 0 ports and 8 Mbps on 10/100/ 1000 ports
Out-of-profile markdown for packets that exceed bandwidth utilization limits
Note Policing is available only in the EI.
Egress Policing and Scheduling of Egress Queues—Four egress queues on all switch ports. Support
for strict prior ity a nd weigh t ed round -r obin (WR R) CoS poli cies
Page 41
1-7
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Features
Monitoring
Switch LEDs that provide visual port and switch status
Switched Port A na lyz er (SPAN) and Remote SPAN (RSPAN) for traffic moni tori ng on any port or
VLAN
Note RSPAN is available only in the EI.
SPAN support of Intrusion Detection Systems (IDSs) to monitor , repel, and report netw ork secur ity
violations
Four groups (history, statistics, alarms, and events) of embedded remote monitoring (RMON) agents
for network monitoring and traffic analysis
MAC address notification for tracking the MAC addresses that the switch has learne d or removed
Syslog facility for logging system messages about authentication or authorization errors, resource
issues, and time-out events
Layer 2 traceroute t o identif y the physic al path that a packet takes from a sou rce device to a
destination device
Facilities for processing alarms related to temperat ure, power-supply condition s, and th e status of
the Ethernet ports (available only on the Catalyst 2955 switch)
LRE Features (available only on Catalyst 2950 LRE switches)
Data, voice, and video transmission through categorized and noncategorized unshielded twisted-pair
cable (Category 1, 2, and 3 structur ed and unstr ucture d cable , such as existing telephone lines) in multi-unit, multidwelling, and multitenant buildings
Up to 15 Mbps of bandw idth to remo te Ether net devices at dist ances o f up to 4921 feet
(1500 meters) on each switch LRE por t
Compliance with American Nation al Stan dar ds Institute ( ANSI ) a nd Eu ropean Telecommunicatio n
Standards Institute (ETSI) standards for spectral-mode compatibility with asymmetric digital subscriber line (ADSL), Integrated Services Digital Network (ISDN), and digital telephone networks
Configuration and monitoring of c onnec tions betwe en:
Switch LRE ports and the Ethernet ports on remote LRE customer premises equipment (CPE) devices, such as the C isco 575 LRE CPE or the Cisc o 585 LRE CPE
CPE Ethernet ports and remote Ethernet devices, such as a PC
Support for connecting to the pub lic switche d telephon e network (PSTN ) through pla in old
telephone service (POTS) splitters such as the Cisco LRE 48 POTS Splitter
Support for the rate selection, a utility that allows for automatic selection of transmission rates
through sequences
Support for Reed-Solomo n error cor rection
Support for a prote cte d po rt on C isco 58 5 C PE devices
Support for small form-factor pluggable (SFP) modules instead of Gigabit Interface Converter
(GBIC) modules
Support for configuring the interleave delay feature
Support for DC-input power and compliance with the VDSL 997 band plan on Cat al yst 2950ST-24
LRE 997 switches
Page 42
1-8
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Management Options
Upstream power back-off mechanism for normalization of the upstream receive power levels by
requiring the CPE de vices on shorter lines to transmit at a lower p ower le vel th an the CPEs on lo nger lines
Support for sending LRE debugging messa ges t o the L RE messa ge log ging pr ocess a nd t o the
system message logging process
Management Options
The switch is designed for plug-and-play operation: you only need to assign basic IP information to the switch and connect it to the othe r devices in your network. If you have specific network needs, you can configure and monito r t h e sw itch— on an i ndividual basis or as par t of a swit ch c lust er— thr oug h it s various management interfaces.
This section discusses these topics:
Management Interface Option s, page 1-8
Advantages of Using CMS and Clustering Switches, page 1-9
Management Interface Options
You can configure and monitor ind ividual switches and sw itch cluste rs by using these interfaces :
CMS—CMS is a graph ica l use r i nterfac e t hat c an be laun ch ed fr om a nywhere i n yo ur ne twork
through a web browser suc h as N etsc ape Commu nica tor or M ic roso ft Int erne t E xplor er. CMS is already installed on the switc h. U sing CM S, you c an c onfigure an d mon itor a st anda lon e switc h, a specific cluster member, or an entire switch cluster. You can also display network topologi es to gather link information and display switch images to modify switch and port level settings.
For more information about CMS, see Chapter 4, “Getting Started with CMS.”
CLI—The switch Cisco IOS CLI sof tware is enhanced to suppor t desktop-swi tching fe atures. You
can configu re an d m on ito r the switch and switch clus te r members from the CLI. You can access the CLI either by connecti ng your ma nage ment stati on di r ectly to the swit ch c onso le por t or by usin g Telnet or SSH from a remote management station.
For more information about the CLI, see Chapter 2, “Using the Comm an d-Li ne I nt erface. ”
IE2100—Cisco Intelli gence Engine 2100 Series Configuration Registrar is a network management
device that works with embedded CNS Agents in the switch software. You can automate initial configurations and configurat ion up da tes by gene rati ng sw it ch-sp ec ific con figurat ion ch an ges , sending them to the switch, executing the configuration change, and logging the results.
For more informati on abou t IE21 00, se e Ch ap ter 6, “Configuring IE2100 CNS Agents. ”
SNMP—SNMP provides a means to monitor and control the switch and switch cluster members.
You can manage sw it ch c onfigura tio n sett ings, p erfor ma nce, and se cu rity an d c olle ct st atis tics by using SNMP managem ent ap pl icati ons such as Cisc oWorks2000 LAN Managemen t Suit e ( LMS) and HP OpenView.
You can manage the switch from an SNMP-compatible management station that is running platforms such as HP OpenView or SunNet Manager. The switch supports a comprehensive set of MIB extensions and four RMON groups.
For more information about using SNMP, see the Chapter 28, “Configuring SNMP.”
Page 43
1-9
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Management Options
Advantages of Using CMS and Clustering Switches
Using CMS and switch clusters can simplify and minimize your configuration and monitoring tasks. Y ou can use Cisco switch cluster ing techno logy to manage up to 16 in tercon nected and support ed Cataly st switches through one IP address as if they were a single entity. This can conserve IP addresses if you have a limited number of them. CMS is the easiest int erface to use and makes switch and switch cluster management accessible to authorize d users from any PC on your ne twork.
By using switch clusters a nd CMS, you c an:
Manage and monitor interconnected Catalyst switches (refer to the release notes for a list of
supported switches), regardless of their geographic proximity and interconnection media, including Ethernet, Fast Ether net , Fast E the rCh annel , Ci sco G igaStac k G BIC , Gigabi t E ther net , and G iga bit EtherChannel con necti ons .
Accomplish multiple conf iguratio n tasks fr om a sing le CMS wind ow without needing to remember
CLI commands to accomplish specific tasks.
Apply actions from CMS to multiple ports and multiple switches at the same time to avoid
re-entering the same co mmands for e ach individual por t or switch . Here are som e examples of globally setting and mana ging multip le ports and sw itches:
Port configuration such a s spe ed an d d uplex set tin gs
Port and console port secur ity settin gs
NTP, STP, VLAN, and quality of service (QoS) configurations
Inventory and statistic reporti ng and li nk and sw it ch-l evel monitori ng and trou bles hoot ing
Group software u pgrade s
Vi ew a topology of interconnected devices to identify existing switch clusters an d eli gible switc hes
that can join a cluster. You can also use the topo logy to quick ly ident ify link i nform ation bet ween switches.
Monitor real-time status of a sw itch o r mul tip le swit ch es f rom t he LED s on the f ro nt-p anel images.
The system, redundant power system (RPS), and port LED colors on the images are similar to those on the physical L EDs.
Use an interactive mode that takes you step-by -step throu gh configurin g complex feat ures such as
VLANs, ACLs, and QoS.
Use a wizard that prompts you to provide the minimum required inform ation to configure complex
features such as QoS priorities for video traffic, priority levels for data applications, and security.
For more information about CMS, see Chapter 4, “Getting Started with CMS.” For more information about switch clusters, see Chapter 7, “Clustering Switches.”
Page 44
1-10
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Ex am ples
Network Configuration Examples
This section provide s network co nfigurati on conc ept s and i ncl udes examples of usin g t he s wit ch t o create dedicated network segments and interconnecting the segments through Fast Ethernet and Gigabit Ethernet connec tions.
“Design Concepts for Using the Switch” section on page 1-10
“Small to Medi um-Si zed Networ k Configuratio n” sect ion on pag e 1-13
“Collapsed Backbo ne and Switc h Cluster Configurat ion” section on page 1 -14
“Hotel Network Configuration” section on pa ge 1- 15
“Service-Provider Ce ntral -Office Configuration” se cti on on pa ge 1-18
“Large Campus Configuratio n” secti on on p age 1-19
“Multidwelling Network Using Catalyst 2950 Switches” section on page 1-20
“Long-Distance , High-Ba ndwidth Transport Co nfiguration” sect ion on page 1-22
Design Concepts for Using the Switch
As your network u sers c om pete for ne twork b an dwi dth, it t akes lon ge r to send a nd rec eive data. Whe n you configure your net work, co nside r the ba nd wid th r eq uired by your n etwork u s ers a nd the re lative priority of the network applications they use.
Table 1-3 describes what ca n cause netwo rk perform ance to degrade an d how you can configure you r
network to increase the bandwidt h available to your network users.
Bandwidth alone is not th e only conside ration w hen desig ning your ne twork. As your net work traffic profiles evolve, consider providing network services that can support applications such as voice and data integration and security.
Table 1-4 describes some network de mands and how you can meet those dema nds.
Table 1-3 Increasing Network Performance
Network Demands Suggested Design Methods
Too many users on a single ne twork segment and a growing number of users accessing the Internet
Create smaller network segments so that fewer users share the
bandwidth, and use V L ANs and I P subne ts t o pla ce the ne twork resources in the same logical network as the users who access those resources most.
Use full-duplex operation between the switch and its connected
workstatio n s.
Increased power of new PCs,
workstations, and servers
High demand f rom n etwor ked
applications (such as e-mail with large attached files) and from bandwidth-intensive applicatio ns ( such as multimedia)
Connect global resources—such as servers and routers to which network
users require equal access—directly to the Fast Ethernet or Gigabit Ethernet switch ports so that they have their own Fast Ethernet or Gigabit Ethernet segmen t.
Use the Fast EtherChannel or Gigabit EtherChannel feature between the
switch and its connected servers and routers.
Page 45
1-11
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Examples
Figure 1-1 shows configuration examples of using the Catalyst switches to create these networks:
Cost-effective wiring closet—A cost-effective way to connect many users to the wiring closet is to
connect up to nine Catalyst 2900 XL, Catalyst 2950, Catalyst 3500 XL, and Catalyst 3550 switches through GigaStack G BIC c on nect ions. W he n y ou use a stac k of Ca talyst 295 0G -48 sw it ches, y ou can connect up to 432 users. To pr eserv e switch connecti vit y if on e switch in the stack fails , connec t the bottom switch to the top switch to create a GigaStack loopback, and enable cross-stack UplinkFast on the cross-st ack Gi gabit upli nks .
You can create backup pat hs by using Fast Et hernet , Gigabit, Fast EtherCha nnel, or Gigabit EtherChannel links. Using Gigabit modules on t wo of the switches, you can have redundant uplink connections to a Gi gabi t ba ck bone sw itch suc h as t he Ca tal yst 35 50-12G s witc h. If o ne of the redundant connection s fails, the other ca n serve as a backup pat h. You can configure the stack members and the Catalyst 3550-12G switch as a switch cluster to manage them through a single IP address.
High-performance workgroup—For users who require high-speed access to network resources, use
Gigabit modules to connec t the switches directly to a backbone switch in a star co n figuration. Each switch in this configuration provides users with a dedicated 1-Gbps connection to network resources in the backbone. Compare this with the switches in a GigaStack configuration, where the 1-Gbps connection is share d among th e swi tch es. With the high spe ed uplink t o the dist ribution se rver, the user can efficiently obt ain and store d ata f rom ser vers. Us ing t hese Gi gabi t E ther net m odule s al so provides flexibility in media and distance options:
1000BASE-T GBIC: copper c onnec ti ons of up t o 328 f eet ( 100 m ete rs)
1000BASE-SX GBIC: fiber conne ctio ns o f up t o 1 804 feet (550 meters)
1000BASE-LX/LH GBIC: fibe r con ne cti ons of u p t o 32 ,808 feet (10 kilometers)
1000BASE-ZX GBIC: fiber con ne ctions of u p to 32 8,0 84 feet (100 kilometers)
Table 1-4 Providing Networ k Service s
Network Deman ds Suggested Des ign Metho ds
High demand f or mul tim ed ia support
Use IGMP and MVR to efficiently forward multicast traffic.
High demand for protecting mission-critical applications
Use VLANs and protecte d ports to provide sec urity and port isola tion.
Use VLAN trunks, cross-stack UplinkFast, and BackboneFast for
traffic-load balancing on the uplink ports so that the uplink port with a lower relative port cost is selected to carry the VLAN traffic.
An evolving demand for I P t el ephony
Use QoS to prioritize applications such as IP telephony during
congestion and to help control bo th delay and jitter with in the netw ork.
Use switches that support at least two q ueues per por t to priorit ize vo ice
and data traffic as eithe r high- or low-prior it y, based on 802.1p o r
802.1Q.
A growing demand for us ing exi sti ng infrastructure t o transpor t data and voice from a home or off ice to th e Internet or an intr anet at higher speeds
Use the Catalyst 2900 LRE XL or Catalyst 2950 LRE switches to
provide up to 15 Mb of IP connectivity over existing infrastructure (existing telephone lines).
Page 46
1-12
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Ex am ples
GigaStack GBIC mo dule for c reati ng a 1- Gbps st ack configur ation of u p to nine supp orted
switches. The GigaStack GBIC supports one full-duplex link (in a point-to-point configuration)
or up to nine half-duplex links (in a st ack configur ation ) to other Gi gabit Ethe rnet devices.
Using the required Cisco proprietary signaling and cabling, the GigaStack GBIC-to-GigaStack
GBIC connection ca nnot excee d 3 feet (1 me ter).
SFP modules: fiber and copper connections of up to 32,808 feet (10 kilometers) (supported only
on the Catalyst 2950 LRE switches)
Redundant Gigabit ba ckbon e— Us ing HS RP, you can create backup path s b etwee n
Catalyst 3550-12T-L3 switches. To enhance network reliability and load balancing for different VLANs and subnets, you can connect the Catalyst 2 950 switches, again in a star configuration, to two backbone switches. If one of the backbone switches fails, the second backbone switch preserves connectivity between the swi tches an d network re sources.
Figure 1-1 Example Configurations
Si
Si
Si
Catalyst 2900 XL, Catalyst 2950, Catalyst 3500 XL, and Catalyst 3550 GigaStack cluster
1-Gbps HSRP
60992
Catalyst 2950 switch
Cost-Effective Wiring Closet
High-Performance Workgroup
Redundant Gigabit Backbone
Catalyst 3550-12T or
Catalyst 3550-12G switch
Gigabit server
Catalyst 2900 XL, Catalyst 2950, Catalyst 2955,
Catalyst 3500 XL, and Catalyst 3550 cluster
Catalyst 3550-12T or
Catalyst 3550-12G switch
Catalyst 3550-12T or
Catalyst 3550-12G switch
Catalyst 2900 XL, Catalyst 2950, Catalyst 2955,
Catalyst 3500 XL, and Catalyst 3550 cluster
Page 47
1-13
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Examples
Small to Medium-Sized Network Configuration
Figure 1-2 shows a configura tion for a n etwor k th at ha s up t o 250 u s ers. U sers i n this net work requi re
e-mail, file-sharing, database, and Internet access. You optimize network performance by placing workstations on the same logical segment as the servers
they access most often. This divides the network into smaller segments (or workgroups) and reduces the amount of traffic that tr avels over a networ k back bon e, the reby i ncre asin g t he ba ndwi dth available to each user and improving server response time.
Figure 1-2 Small to Medium-Sized Network Configuration
A network backbone is a high-bandwi dth conne ction (suc h as Fast Ethern et or Gigabit Ethernet ) that interconnects segments and network resources. It is re qu ir e d i f n um e ro us s egm e nt s re qu ir e ac ce s s t o t h e servers. The Catalyst 2900 XL, Catalyst 2950, Catalyst 3500 XL, and Catalyst 3550 switches in this network are connect ed through a GigaStack GBIC on each switch to form a 1-Gbps network backbone. This GigaStack c an a lso be configur ed a s a switc h cl uste r, with pri mary and sec on dary c omm and switches for redu ndant cl uste r ma na geme nt.
Workstations are connected directly to the 10/100 switch ports for their own 10- or 100-Mbps access to network resources (such as web and mail servers). When a workstation is configured for full-duplex operation, it receives up to 200 Mbps of dedicated ba ndwidth fr om the switch .
100 Mbps (200 Mbps full duplex)
Single workstations
Gigabit server
60993
Cisco 2600 router
Gigabit server
10/100 Mbps (20/200 Mbps full duplex)
1 Gbps (2 Gbps full duplex)
Catalyst 2900 XL,
Catalyst 2950,
Catalyst 3550, and
Catalyst 3500 XL
GigaStack cluster
Page 48
1-14
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Ex am ples
Servers are connected to the G BIC module ports on the sw itches, allowing 1-Gbp s throughput to users when needed. When the switch and server ports are configured for full-duplex operation, the links provide 2 Gbps of band w idth . For ne tworks tha t do n ot requ ire Gi gab it perf orm ance f rom a ser ver, connect the server to a Fast Ethernet or Fast EtherChannel switch port.
Connecting a router to a Fast Eth ernet swi tch port pro vides mu ltiple, s imultan eous acces s to the Intern et through one l ine.
Collapsed Backbone and Switch Cluster Configuration
Figure 1-3 shows a con figurati on for a n etwork of ap pro xima te ly 50 0 employees. This network uses a
collapsed backbone an d switc h clusters. A collapse d back bone has hig h-ban dwidth upl inks from a ll segments and subnetworks to a single device, such as a Gigabit switch, that serves as a single point for monitoring and c ontro llin g th e network. You can use a Catalyst 3550-12T-L3 switch, as shown, or a Catalyst 3508G XL switch to create a Gigab it ba ckbone . A C ata lyst 3550-12T-L3 backbone swi tch provides the benefits of inter-VLAN routing and allows the router to focus on WAN access.
The workgroups are created by cl ustering all the Catalyst switches e xcept the Catalyst 4908G-L3 switch. Using CMS and Cisco switc h cl uste ring techn ol ogy, you can group the switche s in to mul tiple clust ers, as shown, or into a single cluster. You can manage a cluster through the IP address of its active and standby command switche s, regardless of the geog raphic locati on of the cluster members.
This network uses VLANs t o segme nt the network logically int o well-defined broadcast groups and for security management. Data a nd multimedia tr af fic a re conf igured on th e same VLAN. Voice traff ic from the Cisco IP Phone s ar e co nfigured on se pa rate voice VL AN IDs (V VIDs ). You can have up to four VVIDs per wiring closet. If data, multimedia, and v oice traff ic are assigned to the same VLAN, only one VLAN can be configured pe r wiring cl oset. For any switch port connec ted to Cisco IP Phones,
802.1p or 802.1Q QoS gives forwarding priority to voice traffic over data traffic. Grouping serve rs in a centralized location prov ides benef its such as security and easier mainte nance. The
Gigabit connections to a server farm provide the workgroups fu ll access to the network resources (such as a call-processing server running Cisco CallManager software, a DHCP server, or an IP/TV multicast server).
Cisco IP Phones are con necte d—usin g st and ard s traig ht-t hroug h, twist ed-p air cab le with RJ-45 connectors—to the 10/100 inline-power ports on the Catalyst 3550-24PWR switches and to the 10/100 ports on the Catalyst 2950 switches. These multiservice switch po rts automatically detec t any IP phones that are connected. Cisco CallMa nager con trols cal l processin g, routing, and IP phone fea tures and configuration. Users with workstation s runni ng Cisco Soft Phone software can place , receive, and control calls from their PCs. Using Cisco IP Phones, Cisco CallManager software, and Cisco SoftPhone software integrates tel ephony a nd IP ne tworks, a nd the IP n etwork supp orts both voice and d ata .
Each 10/100 inline-power port on the Catalyst 3550-24PWR switches provides –48 VDC power to the Cisco IP Phone. The IP pho ne can receive redundant power whe n it is also connec ted to an AC power source. IP phones not connected to the Catalyst 3550-24PWR switches receive power from an AC power source.
Page 49
1-15
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Examples
Figure 1-3 Collapsed Backbone and Switch Cluster Configuration
Hotel Network Configuration
Figure 1-4 shows Catalyst 2950ST-8 LRE and 2950ST - 24 LRE switches in a hotel network environment
with approximately 2 00 roo ms. T his ne twork i nclu des a PB X sw itchb oard, a r oute r, and high-spe e d servers.
Connected to the telephone line in each hotel room is an LRE CPE device, such as a Cisco LRE CPE device. The LRE CPE device pr ovides :
Two RJ-11 ports, one for connecting to the telephone jack on the wall and one for connecting to a
POTS telephone.
One or more RJ-45 Ethernet ports for connecting to devices such as a customer’s laptop, the room
IP phone, the television set-top box, or a room environmental control device. A Cisco 575 LRE CPE provides one Ethernet c onnect ion; a Cisco 585 LRE CPE provides four.
When connected to the CPE device, the Et hern et devices an d room tele phon e share the sa me telep hon e line.
IP IP IP
IP
Catalyst 3550-12T or Catalyst 3550-12G switch
200 Mbps Fast EtherChannel (400-Mbps full-duplex Fast EtherChannel)
Gigabit servers
Cisco CallManager
60994
Cisco 2600 router
1 Gbps
(2 Gbps full duplex)
Cisco
IP Phones
Cisco IP Phones
Workstations running
Cisco SoftPhone software
Catalyst
2950,
2900 XL,
3550, and
3500 XL
GigaStack cluster
Catalyst 3550-24PWR cluster
Catalyst 2950, 2900 XL,
3550, and 3500 XL
GigaStack cluster
IP
Si
Page 50
1-16
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Ex am ples
Note All telephones not directly connec ted to the ho tel room CPE de vic e require mi crof ilter s with a 300 -ohm
termination. Microfilters improve voice call quality when voice and data equipment are using the same telephone line. They also pre v ent nonf iltered tel ephone rings and nonf iltered t elephone transitions ( such as on-hook to o ff-hook) fr om i nte rru pti ng t he E th erne t c onn ect ion.
Through a patch panel, the t elep hone lin e f rom ea ch r oom connects to a nonhomologated POTS splitter, such as the Cisco LRE 48 POTS Splitter. The splitter routes data (high-frequency) and voice (low-frequency) traffic from the telephone line to a Catalyst 2950 LRE switch and digital private branch exchange (PBX). The PBX routes voice traffic to the PSTN.
If a PBX is not on-site, a homologated POTS splitter is required to connect directly to the PSTN.
Note Consult the regulations for connecting to the PSTN in your area.
If a connection to a phone network is not required at all, a splitter is not needed, and the switch can connect directly to t he pa tc h p anel .
Note Cisco LRE products can share lines with analog telephones, Integrated Services Digital Network (ISDN)
telephone network, and PBX switch es that use the 0 t o 70 0 kHz fr equency range.
Data to and from the room devices (such as e-mail for the laptop and IP multicast traffic for the television) are transferred through the LRE link, which is established betw een the CPE RJ-11 wall port and the LRE port on an LRE switch. The upstream and downstream rates on the LRE link are controlled by a profile configured on each LRE port. If the LRE switch was connected to the PSTN through a homologated POTS splitter, all LRE ports would use an ANS I-com pl ia nt L RE pr ofile name d LRE-998-15-4.
The Catalyst 2950 LRE switches are cascaded through their 10/100/1000 switch ports. Each switch also has a 10/100/1000 connection to an aggregation sw itc h, such as a Ca taly st 3550- 12G s witc h. Th e aggregation switch can connect to these devices:
Accounting, billing, and provisioning servers
A router that provid es In tern et acc ess to th e pr emis es
You can manage the switches as a switch cluster and through the CMS. Y ou can also manage and monitor the individual CPE devices from the LRE switches to which they are connected. The Catalyst 2950 LRE switch ports suppor t t he s am e sof tware fe atur es as 10 /100 /1000 sw itch po rts. For exam ple, y ou can configure port-based VLANs on the LRE ports to provide individual port security and protected ports to further prevent unwanted br oa dcast s withi n the VL ANs.
Page 51
1-17
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Examples
Figure 1-4 Network Hotel Configuration
Cisco 575
LRE CPE
PSTN
PBX
Floor 3
Floor 4
Rooms
and
users
Rooms
and
users
Cisco
LRE 48
POTS
splitters
Cisco 2600 router
Servers
Catalyst 2950ST-8 LRE and 2950ST-24 LRE switches
Catalyst 2950 or
Catalyst 3550 switch
Patch panel
89514
POTS telephones
Laptop
Cisco 575
LRE CPE
Laptop
POTS telephones
Required microfilter
Required microfilter
Required
microfilter
Cisco 585 LRE CPE
IP
phone
Laptop
Environmental
controls
Required
microfilter
Set-top
box TV
IP
POTS telephone
POTS telephone
Cisco 585 LRE CPE
IP
phone
Laptop
Environmental
controls
Set-top
box
TV
IP
Page 52
1-18
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Ex am ples
Service-Provider Central-Office Configuration
Figure 1-5 shows the Catalyst 2950ST-24 LRE 997 switches in a service-provider central-office network
environment. The Catalyst 2950ST -24 LRE 997 switches have DC-input power supply and are compliant with the VDSL 997 band plan. The Catalyst 2950 LRE switches are located in a central office and are connected to the Cisco 576 LRE 997 CPE devices located in different buildings. The switches also connect to a Cisco 7500 ro uter.
You can use a POTS splitter to connect the switches to the CPE devices. The splitter routes data (high-frequency) to a Catal yst 2950 LRE switch and voice (low-freque ncy) traffic from the telephone line to a PSTN.
Connected to the telephon e line in each office is an Cisco 576 LRE 997 CPE device. The LRE CPE device provides:
Two RJ-11 ports, one for connecting to the telephone jack on the wall and one for connecting to a
POTS telephone.
One RJ-45 Ether net port f or connecti ng to de vices su ch as a cu stomer’ s laptop, the of fice ’ s IP ph one,
the television set-top box, or a office environmental control device. A Cisco 576 LRE 997 provides one Ethernet conne ction .
When connected to the CPE device, the Et hernet devices and office telephone share the same telephone line.
Note All telephones not directly connected to the office CPE device require microfilters with a 300-ohm
termination. Microfilters improve voice call quality when voice and data equipment are using the same telephone line. They also pre v ent nonf iltered tel ephone rings and nonf iltered t elephone transitions ( such as on-hook to o ff-hook) fr om i nte rru pti ng t he E th erne t c onn ect ion.
Note Cisco LRE products can share lines with analog telephones and Integrated Services Digital Network
(ISDN) telephone n etwor k that use the 0 to 120 kHz frequ en cy rang e.
Data to and from the office devices (such as e-mail for the laptop and IP multicast traffic for the television) are transferred through the LRE link, which is established betw een the CPE RJ-11 wall port and the LRE port on an LRE switch. The upstream and downstream rates on the LRE link are controlled by a profile configured on each LRE port.
The Catalyst 2950 LRE switches are cascaded through their 10/100/1000 switch ports. Each switch also has a 10/100/1000 connection to an aggregation swit ch, suc h as a Catal yst 35 50-12G s witc h or Cisco 7600 route r.
You can manage the switches as a switch cluster and through the CMS. Y ou can also manage and monitor the individual CPE devices from the LRE switches to which they are connected. The Catalyst 2950 LRE switch ports suppor t t he s am e sof tware fe atur es as 10 /100 /1000 sw itch po rts. For exam ple, y ou can configure port-based VLANs on the LRE ports to provide individual port security and protected ports to further prevent unwanted br oa dcast s withi n the VL ANs.
Page 53
1-19
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Examples
Figure 1-5 Service Provider Central Office Configuration
Large Campus Configuration
Figure 1-6 shows a confi gur atio n fo r a n etwork of more than 1000 users. Because it can ag gr e gate up to
130 Gigabit connections, a Catalyst 6500 multilayer switch is used as the backbone switch. You can use the wo rkgrou p co nfigurati ons shown in previous exa mple s to c reate workg rou ps with
Gigabit uplinks to the Catalyst 6500 switch. For example, you can use switch clusters that have a mix of Catalyst 2950 and Ca talyst 2955 sw itches.
The Catalyst 650 0 sw itc h p rovides the workgr oups w it h Giga bit acce ss to c ore r esour ce s:
Cisco 7000 series router for access to the WAN and the Internet.
Server farm that incl udes a cal l-pr ocessi ng se rver ru nnin g C isco Cal lMana ger soft ware. Ci sco
CallManager controls call proc essing, ro uting, and IP phone fea tures an d configurati on.
Cisco Access gateway (such as Cisco Access Digital Trunk Gateway or Cisco Access Analog Trunk
Gateway) that connects the IP network to the Public Switched Telephone Network (PSTN) or to users in an IP telephony network.
Cisco 576
LRE 997
POTS telephones
POTS
splitter
POTS
splitter
Laptop
Cisco router
7500
Central office
Copper twisted pair
Offices and users
89380
Required microfilter
Building 1
Building 2
Building 3
Building 4
Catalyst 2950ST-24
LRE 997 switches
(DC-input power)
Cisco 576 LRE 997 CPE
Page 54
1-20
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Ex am ples
Figure 1-6 Large Campus Configuration
Multidwelling Network Using Catalyst 2950 Switches
A growing segment of residential and commercial customers are requiring high-speed access to Ethernet metropolitan-area netwo rks (MANs). Figure 1-7 shows a co nfigur ation for a Gig abit Ethe rnet MAN ring using Catalyst 3550 multilayer switches as aggregation switches in the mini-point-of-presence (POP) location. These sw itch es ar e conn ec ted thr oug h 1000 BASE-X GBIC po rts.
The resident switches can be Catalyst 2950 switches, providing customers with high-speed connections to the MAN. Catalyst 2900 LRE XL or 2950 LRE Layer 2-only switches also can be used as residential switches for customers requiring connectivity through existing telephone lines. The Catalyst LRE switches can then connec t to another re sidenti al switch or to an a ggregation switch . For more information about t hese swit ches, re fer to th e Catalyst 2950 Desktop Switch Hardware Installation Guide.
Catalyst
6500 switch
Cisco access
gateway
Servers
Cisco
CallManager
Cisco 7200
or 7500 router
WAN
IP telephony
network or
PSTN
IP IP IP
IP
60995
Catalyst 3550-24PWR cluster
1 Gbps (2 Gbps full duplex)
IP
Cisco IP Phones
Cisco IP Phones
Workstations running
Cisco SoftPhone software
Catalyst 2950, 2900 XL,
3500 XL, and 3550
GigaStack cluster
Page 55
1-21
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Network Configuration Examples
All ports on the re siden tial Cat aly st 29 50 and 295 5 swi tc hes (and Cat aly st L RE swi tches if they ar e included) are configured as 802.1Q trunks with protected port and STP root guard features enabled. The protected port feat ure pr ovides securi ty and iso lati on betw een port s on the swit ch, ensur ing that subscribers canno t view packe ts de stine d f or ot her sub scr ibe rs. ST P ro ot g uard pr events unautho rized devices from becoming the STP r oot sw itch. All po rts h ave IGMP snoop in g or CG MP ena bled f or multicast traffic management. ACLs on the uplink ports to the aggregating Catalyst 3550 multilayer switches provide security and bandwidth management.
The aggregating switches and routers provide services such as those described in the previous examples, “Small to Medium-Si zed Network Configuration” and “La rge Campus Configuratio n.”
Figure 1-7 Catalyst 2950 Switches in a MAN Configuration
50833
Service Provider POP
Mini-POP Gigabit MAN
Residential location
Catalyst 3550
multilayer
switches
Catalyst
switches
Catalyst 6500
switches
Cisco 12000
Gigabit switch routers
Si Si
Si Si
Si Si
Si
Si
Residential gateway (hub)
Set-top box
TV
PC
Set-top box
TV
Page 56
1-22
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 1 Overview
Where to Go Next
Long-Distance, High-Bandwidth Transport Configuration
Note To use the fea ture de scr ibed in thi s sec tio n, yo u m ust have the EI in stall ed on you r s witc h.
Figure 1-8 shows a configuration for transport ing 8 Gigabits of data over a single fiber-optic cable. The
Catalyst switches have Coarse Wav e Division Multiplexer (CWDM) fiber-optic GBIC modules installed. Depending on the CWDM GBIC mo dule, da ta is sent at wavelengths from 147 0 nm to 1610 nm. Th e higher the wavelength, the fart her the tra nsm issi on ca n travel. A co mm on wavelength used fo r long-distance transmissions is 1550 nm.
The CWDM GBIC m od ules c onnec t to CWD M o pt ical add/ drop mu ltip lexer (OADM) mo dule s over distances of up to 393,701 feet (74.5 miles or 120 km). Th e CWDM OADM modules com bine (or multiplex) the different CWDM wavelengths, allowing them to travel simultaneously on the same fiber-optic cable. The CWDM OADM modules on the re ceiving end sepa rate (or demultiplex) the different wavelengths .
For more information about the CWDM GBIC modules and CWDM OADM modules, refer to the Cisco CWDM GBIC and CWDM SFP Instal lation Not e.
Figure 1-8 Long-Distance, High-Bandwidth Transport Configuration
Where to Go Next
Before configuring the switch, review these sections for start up information:
Chapter 2, “Using the Command-Line Interface”
Chapter 4, “Getting Started with CMS”
Chapter 5, “Assigning the Switch IP Address and Default Gateway”
Chapter 6, “Configuring IE21 00 CNS Agents”
95750
Access layer
Catalyst 4500
multilayer
switches
Eight
1-Gbps
connections
8 Gbps
Catalyst switches
CWDM
OADM
modules
CWDM
OADM
modules
Aggregation layer
Page 57
CHAPTER
2-1
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
2
Using the Command-Line Interface
This chapter desc ribe s the Cisc o IO S com ma nd-lin e int erface ( CL I) t hat you can use to con figure y our Catalyst 2950 and Catal yst 2955 switc hes. It co ntains these secti ons:
Cisco IOS Command Modes, page 2-1
Getting Help, page 2-3
Abbreviating Commands, page 2- 4
Using no and default Forms of Commands , page 2-4
Understanding CLI Mess ages , pa ge 2-5
Using Command History, page 2-5
Using Editing Features, page 2-6
Searching and Filtering Output of show and more Commands, page 2-9
Accessing the CLI, page 2-9
Cisco IOS Command Modes
The user interface is divided into ma ny different mode s. The co mman ds available to you depe nd on which mode you are curren tly in. Ent er a quest ion mark (?) at the system prompt to obta in a list of commands available for each comma nd mode .
When you start a sessio n on the swi tch, you b egin in us er mo de, o ften c alle d user EX EC m ode . Onl y a limited subset of the commands are available in user EXEC mode. For example, most of the user EXEC commands are one -time comm ands, s uch as show commands, which show the current configuration status, and cle ar commands, which clear counters or interfaces. The user EXEC commands are not saved when the switch reboots.
To have access to all commands, you must enter privileged EXEC mode. Normally, you must enter a password to enter privileged EXE C m od e. Fr om this mode , you c an en ter any privileged E XEC command or enter glob al co nfigurati on mode.
Using the configurat ion m odes ( gl ob al, i nte rface , and l ine ), y ou ca n ma ke ch ang es to the ru nning configuration. If you save the configuration, these commands are stored and used when the switch reboots. To access the various configuration modes, you must sta rt at glo bal c onfigura tion mo de . Fro m global configuration mo de, you can enter inte rface con figuration mod e and line configurati on mode.
Page 58
2-2
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Command-Line Interfac e
Cisco IOS Command Modes
Table 2-1 describes the main command modes, ho w to access each one, the p rompt you see in that mode, an d
how to exit the mode. The examples in the table use the host name Switch.
Table 2-1 Command Mode Summary
Mode Access Method Prompt Exit Method About This Mode
User EXEC Begin a session with
your switch.
Switch>
Enter logout or quit. Use this mode to
Change terminal
settings.
Perform basic tests.
Display system
information.
Privileged EXEC While in user EXEC
mode, enter the enable command.
Switch#
Enter disable to exit. Use this mode to verify
commands that you have entered. Use a password to protect access to this mode.
Global configuration While in privileged
EXEC mode, en ter the configure command.
Switch(config)#
To exit to privileged EXEC mode, enter
exit or end, or press Ctrl-Z.
Use this mode to configure parameters that apply to the entire switch.
Config-vlan While in global
configuration mode, enter the vlanvlan-id command.
Switch(config-vlan)#
To exit to global configuration mode, enter the exit command.
To return to privileged EXEC mode, press Ctrl-Z or enter end.
Use this mode to configure VLAN parameters. When VTP mode is transparent, you can crea te extended-range VLANs (VLAN IDs greater than
1005) and save configurations in the switch startup configuration file.
VLAN configuration While in privileged
EXEC mode, en ter the vlan database command.
Switch(vlan)#
To exit to privileged EXEC mode, enter exit.
Use this mode to configure VLAN parameters for VLANs 1 to 10 05 i n the VLAN database.
Page 59
2-3
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Comm and-Line Interface
Getting Help
Getting Help
You can enter a question mark (?) at the system pr om p t to d is p lay a lis t of co mm an d s available for each command mode. You can also obtain a list of associated keywords and arguments for any command, as shown in Table 2-2.
Interface configuration
While in global configuration mode, enter the interface command (with a specific interface).
Switch(config-if)#
To exit to global configuration mode, enter exit.
To return to privileged EXEC mode, press Ctrl-Z or enter end.
Use this mode to configure parameters for the switch interfaces and Lo ng- Re ach Ethernet (LRE) cu stome r premises equipmen t (CPE) device interfaces.
To configure multiple interfaces with the same parameters, see the
“Configuring a Range of Interfaces” section on page 11-5.
Line configuration While in global
configuration mode, specify a line with the line vty or line console command.
Switch(config-line)#
To exit to global configuration mode, enter exit.
To return to privileged EXEC mode, press Ctrl-Z or enter end.
Use this mode to configure parameters for t he t erm ina l line.
Table 2-1 Command Mode Summary (continued)
Mode Access Method Prompt Exit Method About This Mode
Tabl e 2 -2 Help Summ a ry
Command Purpose
help Obtain a brief descript ion of the help syst em in any comman d mode.
abbreviated-command-en try? Obtain a list of commands that begin with a parti cular characte r string .
For example:
Switch# di? dir disable disconnect
abbreviated-command-en try<Tab> Complete a partial command name.
For example:
Switch# sh conf<tab> Switch# show configuration
? List all comma nds available for a part ic ular c omma nd mo de.
For example:
Switch> ?
Page 60
2-4
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Command-Line Interfac e
Abbreviating Commands
Abbreviating Commands
You have to enter only e nou gh cha racte rs for the swit ch t o rec ogn ize t he co mma nd a s u nique . Thi s example shows how to enter th e show configuration privileged EXEC command:
Switch# show conf
Using no and default Forms of Commands
Almost e ver y conf igu ration co mmand a lso ha s a no form. In ge neral , use the no form to disable a feature or function or reverse th e a c tio n of a co mm an d. For exam pl e, t he no shutdown interface c onfigura tion command reverses the shutdown of an interface. Use the command without the keyword no to re-enable a disabled feature or to enable a feature t hat is di sabled by default .
Configuration commands can also have a default form. The default form of a command returns the command setting to its default. Most commands are disabled by default, so the default form is the same as the no form. However , some c ommands are enable d by def ault and ha ve v ariables set to certain def ault values. In thes e case s, th e default command enables the command and sets variables to their default values.
command ? List the associated keywords for a command.
For example:
Switch> show ?
command keyword ? List the associ ated a rguments for a keyword.
For example:
Switch(config)# cdp holdtime ? <10-255> Length of time (in sec) that receiver must keep this packet
Table 2-2 Help Summary (continued)
Command Purpose
Page 61
2-5
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Comm and-Line Interface
Understanding CLI Messages
Understanding CLI Messages
Table 2-3 lists some e rr or me ssage s tha t y ou migh t e nc ounte r w hil e usin g t he C LI to co nfigure your
switch.
Using Command History
The software provides a history or record of commands that you have entered. This feature is particularly useful for recalling long or complex commands or entries, including access lists. You can customize the command history fea ture to suit y our n eeds as desc ribe d in the se se c tions:
Changing the Command History Buffer Size, page 2-5
Recalling Commands, page 2-6
Disabling the Comm and Histo ry Feat ure, pa ge 2-6
Changing the Command History Buffer Size
By default, the switch records ten command lines in its history buffer. Beginning in privileged EXEC mode, enter this command to change the number of command lines that the switch records during the current terminal session:
Switch# terminal history [size number-of-lines]
The range is from 0 to 256. Beginning in line configur ati on mode , en ter thi s co mmand to c onfigure t he nu mb er of com ma nd l ine s
the switch records for all sessions on a particular line:
Switch(config-line)# history [size number-of-lines]
The range is from 0 to 256.
Table 2-3 Common CLI Error Messages
Error Message Meaning How to Get Help
% Ambiguous command: "show con"
You did not enter enough characters for your switch to recognize the command.
Re-enter the command followed by a question mark (?) with a space between the command and the question mark.
The possible keywords that y ou can en ter wi th the command appear.
% Incomplete command.
You did not enter all the keywords or values required by this command.
Re-enter the command followed by a question mark (?) with a space between the command and the question mark.
The possible keywords that y ou can en ter wi th the command appear.
% Invalid input detected at ‘^’ marker.
You entered th e comm and incorrectly. The caret (^) marks the point of the error.
Enter a question mark (?) to display all the commands that are available in this command mode.
The possible keywords that y ou can en ter wi th the command appear.
Page 62
2-6
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Command-Line Interfac e
Using Editing Features
Recalling Commands
To recall comm ands fro m the histor y buffer, perform one of the actions listed in Table 2-4:
Disabling the Command History Feature
The command history feature is automatically enabled. To disable the feature during the current terminal session, enter the terminal no history privileged
EXEC command. To disable command history for the line, enter the no history line configuration command.
Using Editing Features
This section describes th e editin g featur es that can he lp you manip ulate the command line. It con tains these sections:
Enabling and Disabling Editing Features, page 2-6
Editing Commands th rou gh Keystrokes, page 2 -7
Editing Comman d Li nes t hat W rap, page 2 -8
Enabling and Disabling Editing Features
Although enhan ced ed iting m ode is au to mat ical ly e na ble d, you c a n disab le it. To re-enable the enhanced editing mode for the current terminal session, enter this command in
privileged EXEC mode:
Switch# terminal editing
Table 2-4 Recalling Commands
Action
1
1. The arrow keys function only on ANSI-compatible terminals such as VT100s.
Result
Press Ctrl-P or the up arrow key. Recall commands in t he hi stor y buffer, beginning with the most rec ent c omma nd.
Repeat the key sequence to recall successively older commands.
Press Ctrl-N or the down arrow key. Return to more recent commands in the history buffer after recalling commands
with Ctrl-P or the up arrow key. Repeat the key sequence to recall succ essively more recent co mman ds.
show history While in privileged EXEC mode, list the last several commands that you just
entered. The number of commands that appear is determined by the setting of the terminal history global configurati on comm and and history line configuration command.
Page 63
2-7
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Comm and-Line Interface
Using Editing Features
To reconfigure a specific line to have enhanced editing mode, enter this command in line configuration mode:
Switch(config-line)# editing
To globally disable enhanced editing mode, enter this command in line configuration mode:
Switch(config-line)# no editing
Editing Commands through Keystrokes
Table 2-5 shows the keystrokes that you need to edit command lines.
Table 2-5 Editing Commands through Keystrokes
Capability Keystroke
1
Purpose
Move around the command line to make changes or correc tions.
Press Ctrl-B, or pres s th e left arrow key.
Move the cursor back one char acter.
Press Ctrl-F, or press the right arrow key.
Move the cursor forward one character.
Press Ctrl-A. Move the cursor to t he b eginn ing of the com ma nd lin e. Press Ctrl-E. Move the cursor to the end of the command line. Press Esc B. Move the cursor back one word. Press Esc F. Move the cursor forward one word. Press Ctrl-T. Transpose the character to the left of the cursor with the
character located at the cursor.
Recall commands from th e buffer a nd paste them in the comman d line . The switch provides a bu f fer with the last ten items that you deleted.
Press Ctrl-Y. Recall the most recent entry in the buffer. Press Esc Y. Recall the next buffer entry.
The buffer contains only the last 10 items tha t you have deleted or cut. If you press Esc Y more than ten times, you cycle to the first buffer entry.
Delete entries if you make a mistake or change your mind .
Press the Delete or Backspace key.
Erase the character to the left of the cursor.
Press Ctrl-D. Delete the ch ar ac ter a t t he cu rsor. Press Ctrl-K. Delete all characters from the cursor to the end of the
command line.
Press Ctrl-U or Ctrl-X. Delete all characters from the cursor to the beginning of
the command lin e.
Press Ctrl-W. Delete the word to the left of the cursor. Press Esc D. Delete from the cursor to the end of the word.
Capitalize or lowercase words or capitalize a set of letters.
Press Esc C. Capitalize at the cursor. Press Esc L. Change the word at the cursor to lowercase. Press Esc U. Capitalize letters from the cursor to the end of the word.
Designate a part ic ula r keystroke as an executab le command, per haps as a shortcut.
Press Ctrl-V or Esc Q.
Page 64
2-8
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Command-Line Interfac e
Using Editing Features
Editing Command Lines that Wrap
You can use a wra paro und f eat ure for com ma nds t ha t extend b eyond a singl e l ine o n the scre en . W hen the cursor reaches the right margin, the command line shifts ten spaces to the left. You cannot see the first ten characters of the line, but you can scrol l back a nd check t he syntax a t the beginning of t he command.
T o scroll back to the be ginning of the command entry, press Ctrl-B or the left arrow key repeatedly. You can also press Ctrl-A to immediately m ove to t he begi nn ing o f th e l ine .
Note The arrow keys function only on ANSI-co mpati ble termi nals such as VT100 s.
In this example, the access-list global configuration command entry extends beyond one line. When the cursor first reaches the en d of the line, the line is shifted ten spaces to the left and redisplaye d. The dollar sign ($) sho ws t hat th e line has been scrol led to the left. Each time th e curs or reaches the end of the line, the line is again shifted ten spaces to the left.
Switch(config)# access-list 101 permit tcp 131.108.2.5 255.255.255.0 131.108.1 Switch(config)# $ 101 permit tcp 131.108.2.5 255.255.255.0 131.108.1.20 255.25 Switch(config)# $t tcp 131.108.2.5 255.255.255.0 131.108.1.20 255.255.255.0 eq Switch(config)# $108.2.5 255.255.255.0 131.108.1.20 255.255.255.0 eq 45
After you complete the entry, press Ctrl-A to check the comple te synt ax before pressi ng the Return key to execute t he co mm an d. Th e d o llar sig n ( $ ) ap pears at the end of the line to show that the line has been scrolled to the right:
Switch(config)# access-list 101 permit tcp 131.108.2.5 255.255.255.0 131.108.1$
The software assumes you have a terminal screen that is 80 columns wide. If you have a width other than that, use the terminal width privileged EXEC comm an d to se t t he widt h of your t ermi nal .
Scroll down a line or screen on displays that are longer than the terminal screen can display.
Note The More prompt is used for
any output that has mo re lines than can b e di spla yed on the terminal screen, including show command output. You can use the Return and Space bar keystrokes whenever you see the More prompt .
Press the Return key. Scroll down one line. Press the Space bar. Scroll down one scre en .
Redisplay the current command line if the switch sudde nly sends a message to your screen.
Press Ctrl-L or Ctrl-R. Redisplay the current command line.
1. The arrow keys function only on ANSI-compatible terminals such as VT100s.
Table 2-5 Editing Commands through Keystrokes (continued)
Capability Keystroke
1
Purpose
Page 65
2-9
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Comm and-Line Interface
Searching and Filtering Output of show and more Commands
Use line wrapping wit h the comm and hi story fea ture to rec all and modi fy previous comp lex comman d entries. For info rmation a bout rec alling pr e vious command entries, see th e “E diti ng Comma nds t hroug h
Keystrokes” section on page 2-7.
Searching and Filtering Output of show and more Commands
You can search and filte r the ou tput for show and more commands. This is useful when you need to sort through large amou nts o f outpu t or i f you want to exclu de ou tput th at y ou do no t ne ed t o see.
To use this functionality, enter a show or more command followed by the pipe character (|), one of the keywords begin, include, or exclude, and an expression that you want to se arch f or or filter out:
command | {begin | include | exclude} regular-expression Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output
are not displayed, but the lines tha t contain Output appear. This example shows how to include in the output display only lines wher e the expression protocol
appears:
Switch# show interfaces | include protocol Vlan1 is up, line protocol is up Vlan10 is up, line protocol is down GigabitEthernet0/1 is up, line protocol is down GigabitEthernet0/2 is up, line protocol is up
Accessing the CLI
Before you can access the CLI, you need to connect a terminal or PC to the switch console port and power on the switch as described in the hardware installation guide that shipped with your switch. Then, to understand the b oot pro cess a nd the opt ions available for assigni ng IP inf ormat ion , see Chapter 5,
“Assigning the Switch IP Address and Default Gateway.”
If your switch is a lre ad y configure d, you ca n acc ess the C LI t hr ough a l o cal conso le co nne ctio n o r through a remote Telnet session, but your switch must first be configured for th is type of acc ess. For more information, see the “Setting a Telnet Password for a Terminal Line” section on page 9-6.
You can establish a connection with the switch by either
Connecting the swi tch cons ol e por t to a mana geme nt stat ion or dia l-up m odem. For in for ma tion
about connecting to the console port, refer to the switch hardware installation guide.
Using any Telnet TCP/IP or encrypted Secure Shell (SSH) package from a remote management
station. The switch must have network connectivity with the Telnet or SSH client, and the switch must have an enable secret password configured.
For information about configuring the switch for Telnet access, see the “Setting a Telnet Password
for a Terminal Line” section on page 9-6. The switch supports up to 16 simultaneous Telnet sessions.
Changes made by one Telnet user are reflected in all other Telnet sessions. For information about configuring the switch for SSH, see the “Configuring the Switch for Secure
Shell” section on page 9-33 . T he s witc h su pport s up to five simultaneous secu re SSH s ession s.
After you connect through the console port, or through a Telnet session, or through an SSH session, the user EXEC prompt appears on the management station.
Page 66
2-10
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 2 Using the Command-Line Interfac e
Accessing the CLI from a Browser
Accessing the CLI from a Browser
This procedure assume s that you have met the software requir ement s (includi ng browser and Java plug-in configurations) a nd have assigned I P i nf ormat ion a nd a Telnet password to t he sw it ch or command switc h, a s de scri bed i n the re lea se note s.
To access the CLI from a web browser, follow these steps:
Step 1 Star t one of the suppor ted browsers. Step 2 In the URL field, enter the IP address of the command switch. Step 3 When the Cisco Systems Access page appears, click Telnet to start a Telnet session. Step 4 Enter the switch password.
The user EXEC prompt appears on the management station.
Note Copies of the CMS pages that you display are saved in your browser memory cache until you exit the
browser session. A password is not re quired t o re displa y the se p ag es, inc lud ing th e Cisco Sy stem s Access page. You can access the CLI by clicking Web Console - HTML access to the command line interface from a cached copy of the Cisco Systems Access page. To prevent unauthorized access to CMS and the CLI, exit your browser to end the browser session.
Page 67
CHAPTER
3-1
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
3
Configuring Catalyst 2955 Switch Alarms
This section descri bes how to c onfigure t he d ifferent al arms fo r th e Cat alyst 295 5 swit ch.
Note The alarms described in this chapter are not available on the Catalyst 2950 switch.
For complete syntax and usage information for the commands used in this chapter, refer to the switch command refe re nce for thi s re lea se .
This chapter consists of these sections:
Understanding Catal yst 2 955 Switch A larms, page 3 -1
Configuring Catalyst 2955 Switc h Alarms, page 3-4
Displaying Catalyst 2955 Switch Alarms Status, page 3-11
Understanding Catalyst 2955 Switch Alarms
The Catalyst 295 5 sw itc h so ftware m onitor s sw itch c onditi ons on a per port or a swi tch basis. If the conditions present on the switch or port do not match the parameters set by the user, the switch software triggers an alarm or a sy stem message . By defau lt, the switch so ftware se nds the sy stem message s to a system message logging facility, or a syslog facility. You can also configure the switch to send Simple Network Management Protoc ol (SNMP) tr aps to an SNM P server. You can configure the switch to trigger an extern al a la rm device by using th e two inde pe nd ent ala rm re lay s (m ajor or min or) . For mo re information on ho w t o conf igu re the alarms, see the “Configuring Catalyst 2955 Switch Alarms” section
on page 3-4.
This section includes in format ion about th ese topi cs:
Global Status M onitor ing A larm s, page 3 -2
FCS Error Hysteresis Thre sho ld, page 3 -2
Port Status Monitoring Alarm s, page 3-3
Triggering Alarm Options, p ag e 3-3
Page 68
3-2
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Catalyst 2955 Switch Alarms
Understanding Catalyst 2955 Switch Alarms
Global Status Monitoring Alarms
The Catalyst 2955 switch contains facilities for processing alarms related to temperature and power supply conditions. These are referred to as global or facility alarms. Table 3-1 lists the three global alarms and the ir descr ip tions an d f unct ions.
FCS Error Hysteresis Threshold
The Ethernet standard calls for a maximum bit error rate of 10-8. In the Catalyst 2955 switch, the bit error rate configurable range is from 10
-6
to 10
-11
. The bit error rate input to the switch is a positive exponent.
If you want to configure the bit error rate of 10
-9
, then you enter the value 9 for the exponent. By default,
the FCS bit error rate is 10
-8
.
You can set the FCS error hysteresis threshold to pre vent the toggle of the alarm when the actual bit er ror rate fluctuates near the conf ig ured bit er ror rate. T he hyste resis thresho ld is def in ed as the ratio between the alarm clear threshold to the alarm set threshold, expressed as a percentage value.
For example, if the FCS bit error rate alarm value is configured to 10
–8
, that value is the alarm set
threshold. To set the alarm clear threshold at 5*10
-10
, the hysteresis, value h, is determined as follows:
h = alarm clear threshold / alarm set threshold h = 5*10
-10
/ 10-8 = 5*10-2 = 0.05 = 5 percent
The FCS hysteresis threshold is applied to all ports on the Catalyst 2955 switch. The allowable range is from 1 to 10 percent. The default value is 10 percent. See the “Configuring the FCS Bit Error Rate
Alarm” section on page 3-7 for more inform ati on .
Table 3-1 Catalyst 2955 Global Status Monitoring Alarms
Alarm Description
Power Supply Alarm The switch monitors dual DC power supply levels. If the system is configured to operate in a dual
power mode, an alarm triggers if a power supply fails or is missing. The alarm is automatically cleared when both power supplie s are pr esent or work ing. You can configure the power supply alarm to be connected to the hardware relays. For more information, see the “Configuring t he
Power Supply Alarm” section on page 3-5.
Temperature Alarms The switch contains a temperature sensor that monitors the environmental conditions inside the
switch. The sw itch c ontain s two alarm s that are ass ocia ted with te mper ature .
The primary alarm is e nabl ed auto ma tica lly to trigger both at a low tem p er ature ( -20
o
C) and a
high temperature ( 95
o
C) for the safe operation of the switch. It cannot be changed or disabled.
By default, the primary temperature alarm is associated with the major relay.
You can use the secon dary temp erature ala rm to trigg er an alar m when the s ystem temp eratur e
is greater than the configured temperature threshold. The lower threshold is configurable within the range of 40
o
C to the maximum t hres hold , 95oC. The secondary alarm is disabled by
default.
For more information, see the “Configuring the Switch Temperature Alarms” section on p age 3-6.
Page 69
3-3
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Cat alyst 2955 Switch Alarms
Understanding Catalyst 2955 Switch Alarms
Port Status Monitoring Alarms
The Catalyst 2955 switch can also monitor the status of the Ethernet ports and generate alarm messages based on the alarms listed in Table 3-2. To save user time and effort, the switch supports changing alarm configurations by using a lar m pro files. You can create a numb er of p rofiles a nd assi g n o ne of t hes e profiles to each Et her net por t.
Alarm profiles provide a mech an ism f or yo u t o e na ble or disa ble al arm co ndit ions fo r a por t and associate the alar m condi tions with one or both ala rm relays . You can also use alarm pr of iles to s et alarm conditions to send alarm traps to an SNMP server and system message s to a syslo g server. The alarm profile defaultPort is applied to all interfaces in the factory configuration (by default).
Note You can associate multi ple alar ms to one relay or one al arm to both re lays.
Table 3-2 lists the port status monitoring alarms and their descriptions and functions. Each fault
condition is assigned a severity level based on the Cisco IOS System Error Message Severity Level.
Triggering Alarm Options
The switch supports three methods for triggering alarms:
Configurable Relays
The switch is equipped with two independent alarm relays that can be triggered by alarms for global and port status condi tions . The rel ays can be configured to send a fault signal t o an external al arm device, such as a bell, light, or other signaling device. You can associate any alarm condition with either alarm relay or both relays. Each f ault condition is assigned a se ver ity lev el based on the Cisco IOS System Error Message Severity Level.
See the “Configuring Catalyst 2955 Switch Alarms” sec tion on page 3-4 for more information on configuring the relays .
Table 3-2 Catalyst 2955 Port Stat us Moni t oring Alarms
Alarm Description
Link Fault alarm The Catalyst 2955 sw itch gene rates a link faul t alarm w hen there ar e proble ms with a port
physical layer that cause unreliable data transmissio n. A typica l lin k fa ult co nditi on is loss of signal or clock. The link fault alarm is cleared automatically when the link fault condition is cleared. The severity for this alarm is error condition, level 3.
Port not Forwarding alarm The switch generates a port not f or w ar ding alarm when a port is no t fo r warding packets. This
alarm is cleared automatically when the port begins to forward packets. The severity for this alarm is warning, level 4.
Port is not Operating alarm The switch generates a port is not operating alarm when it finds that a port is in a failed state
during the startup self-test. When triggered, the port is not operating alarm is only cleared when the switch is restarted and the port is found to be opera tional. The se ve rity for this alar m is error condition, level 3.
FCS Bit Error Rate alarm The switch generates an FCS Bit Error Rate alarm when the actual FCS Bit Error Rat e is close
to the configured FCS Bit Er r or Rate . You can set the FCS bit error rate by using the interface configuration CLI for each of the por ts. See the “Configuring the FCS Bit Error Rate Alarm”
section on page 3-7 for more information. The sever ity for thi s alar m is error condition, leve l
3.
Page 70
3-4
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Catalyst 2955 Switch Alarms
Configurin g Catalyst 2955 Switch Alarms
SNMP Traps
SNMP is an application- lay er protocol that provides a message for m at fo r commu n ication between managers and ag ents . T he SN M P sy s tem c onsi sts of a n SN M P m an ag er, an SN MP ag en t, and a management informat ion base (M IB).
The snmp-se rver enabl e traps command can be m odified i n th e Cata lyst 2955 switch software to allow the user to send alarm traps to an SNMP server. You can use alarm profiles to set enviro nm en ta l or port st at us ala rm cond itio n s to sen d SNMP alar m tr ap s. See the “Enabling SNMP
Traps” section on page 3-11 for more information.
Syslog Mess ag es
You can use alarm profiles to send system messages to a syslog server. See the “Configuring
Catalyst 2955 Switch Alarms” sec tion on page 3-4 for more information.
Configuring Catalyst 2955 Switch Alarms
This section descri bes how to c onfigure t he Ca taly st 2955 switch alarms:
Default Catalyst 295 5 Swi tc h Ala rm Configurat ion, p ag e 3-4
Configuring the Power Supply Alarm, page 3-5
Configuring the Switch Temperature Alarms, page 3-6
Configuring the FCS Bit Error Rate Alarm, page 3-7
Configuring Alarm Profiles, page 3- 9
Enabling SNMP Traps, page 3-11
Default Catalyst 2955 Switch Alarm Configuration
Table 3-3 shows the default Catalyst 2955 switch alarms configuration.
Table 3-3 Default Catalyst 2955 Switch Alarm Configuration
Alarm Default Setting
Global Power Supply Ala rm Enabled in switch single power mode. No alarm.
In dual power supply mode, the default alarm notification is a system message to the console.
Primary Temperature Alarm Enabled for switch temperature range 95
0
C maximum to -20oC minimum.
The primary switch temperature alarm is associated with the major relay.
Secondary Temperature Alarm Disabled.
Port Link Fault Alarm Disabled on all interfaces.
Port not Forwarding Alarm Disabled on all interfaces. Port is not Operating Alarm E nabled on all interfaces. FCS Bit Error Rate Alarm Disabled on all interfaces.
Page 71
3-5
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Cat alyst 2955 Switch Alarms
Configuring Catalyst 2955 Switch Alarms
Configuring the Power Supply Alarm
This section desc ribes how to c onfigure the power suppl y ala rm o n y our swit ch. It c on tains thi s configuration information:
Setting the Power Mode, page 3-5
Setting the Power Supply Alarm Options, page 3-5
Setting the Power Mode
The Catalyst 2955 switch has two DC power inputs. By default, the system operates in the single power mode. You can use the power-supply dual global configuration comma nd t o set th e dual mode operation. In dua l-power mo de , a sec on d power s upply gives power to the swi tch if the pr imary power supply fails.
Beginning in privileged EXEC mode, follow these steps to set the switch to dual power mode operation:
Use the no power-supply dual command to disable this alarm by setting the switch back to single po wer mode operation .
Setting the Power Supply Alarm Options
Use the alarm facility power-supply global configuration comma nd to associa te the power supply alarm to a relay. You can also configure all alarms and traps associated with the power supply alarm to be sent to syslog and the SNMP server.
Beginning in privileged EXEC mode, follow these steps to associate the power supply alarm to a relay:
Command Purpose
Step 1
configure terminal Enter global con figuratio n m ode.
Step 2
power-supply dual Set the system to dual mode operation.
Step 3
end Return to privileged EXEC mode.
Step 4
show alarm settings Verify the configuration.
Step 5
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step 1
configure terminal Enter global con figuratio n m ode.
Step 2
alarm facility power-supply relay {major | minor}
Associate the power supply alarm to the major or minor relay.
Step 3
alarm facility power-supply notifies Configure sending power supply alarm traps to an SNMP server.
Step 4
alarm facility power-supply syslog C onfigure sendi ng power supply alarm traps to a syslog server.
Step 5
end Return to privileged EXEC mode.
Step 6
show alarm settings Verify the configuration.
Step 7
copy running-config startup-config (Optional) Save your entries in the configuration file.
Page 72
3-6
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Catalyst 2955 Switch Alarms
Configurin g Catalyst 2955 Switch Alarms
To disable sending the alarm to a relay, to syslog, or to an SNMP server, use the no alarm facility power-supply relay, no alarm facility power-supply notifies, or no alarm facility power-supply syslog global configuration comma nds.
Note Before you can use the notifies command to s end a l arm t r ap s to an S NMP server, you m ust first se t up
the SNMP server by using the snmp-server enable tra p s ala rm s glob al co nfiguration co mman d. See the “Enabling SNMP Traps” section on page 3-11.
This example sets the power-supply monitoring alarm to the minor relay.
Switch(config) # alarm facility power-supply relay minor
Configuring the Switch Temperature Alarms
The temperature thresholds fo r the pr imar y tempe rature alarm ca nnot be ch ange d, but you can ch ange the association of the primary temperature alarm from the major relay to the minor relay. You can also set a lower ma ximum t emperatur e threshold f or the secon dary temper ature al arm and asso ciate the alar m with either t he m a jor or mino r re lay.
This section desc ribe s how to c onfigure t he t emp er atur e a larms o n your sw itch . It c on tains t his configuration information:
Setting a Secondary Temperature Threshold for the Switch, page 3-6
Associating the Temperature Alarms to a Relay, page 3-7
Setting a Secondary Temperature Threshold for the Switch
In global configuration mod e, yo u c an use the alarm facility temperature secondary command to set a lower temperature threshold for the secondary temperature monitoring alarm. You can also use the alarm facility temperatur e secondary command to associat e the secon dary temper ature alarm t o either the major or minor alarm relay.
Beginning in privileged EXEC mode, follow these steps to set a lower temperature threshold:
Use the no alarm facility temperature secondary threshold global configuration comma nd to disab le the secondary temperature threshold alarm.
This example disables the secondary temperature alarm.
Switch(config) # no alarm facility temperature secondary 45
Command Purpose
Step 1
configure terminal E nte r globa l con figurat ion m od e.
Step 2
alarm facility temperature secondary threshold
Set the secondary temperature threshold value. Enter values from 40 to 95 to set threshold from 40
o
C to 95oC.
Step 3
end Return to privileged EX EC mode .
Step 4
show alarm settings Verify the configuration.
Step 5
copy running-config startup-config (Optional) Save your entries in the configuration file.
Page 73
3-7
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Cat alyst 2955 Switch Alarms
Configuring Catalyst 2955 Switch Alarms
Associating the Temperature Alarms to a Relay
By default, the primary temperature alarm is associated to the major relay. Y ou can use the alarm facility temperature command to associate the primary temperature alarm to the minor relay, to an SNMP trap,
to a syslog message, or to associate the secondary temperature alarm to the major or minor relay, an SNMP trap, or a syslog message.
Beginning in pr iv ilege d EXEC mode , follo w these s teps to asso ciate the s econdary tem peratu re alarm to a relay:
Note Before you can use the notifies command to s end a l arm t r ap s to an S NMP server, you m ust first se t up
the SNMP server by using the snmp-server enable tra p s ala rm s glob al co nfiguration co mman d. See the “Enabling SNMP Traps” section on page 3-11.
Use the no alarm facility temperature secondary to disable the second ar y te mp er atur e ala rm. This example sets the secondary temperature alarm to the minor relay, with a lower high temperature
threshold value of 45
o
C. All alarm and traps associated with this alarm will be sent to a syslog server
and an SNMP server.
Switch(config) # alarm facility temperature secondary 45 Switch(config) # alarm facility temperature secondary relay minor Switch(config) # alarm facility temperature secondary syslog Switch(config) # alarm facility temperature secondary notifies
This example sets the first (primary) temperature alarm to the major relay. All alarms and traps associated with this alarm will be sent to a syslog server.
Switch(config) # alarm facility temperature primary syslog Switch(config) # alarm facility temperature primary relay major
Configuring the FCS Bit Error Rate Alarm
This section descri bes how to configur e the FCS bit e rror ra te a lar m on you r swi tc h:
Setting the FCS Error Threshold, page 3-8
Setting the FCS Error Hysteresis Threshold, page 3-8
Command Purpose
Step 1
configure terminal Enter global con figuratio n m ode.
Step 2
alarm facility temperature {primary | secondary} r e lay {major | minor}
Associate the primary or secondary temperature alarm to a relay
Step 3
alarm facility temperature {primary | secondary} notifies
Configure sending pr ima ry or se conda r y te mp er atur e a larm tr ap s to an SNMP server.
Step 4
alarm facility temperature {primary | s ec ond ar y} sy sl og
Configure sending primary or secondary temperature alarm traps to a syslog server.
Step 5
end Return to privileged EXEC mode.
Step 6
show alarm settings Verify the configuration.
Step 7
copy running-config startup-config (Optional) Save your entries in the configuration file.
Page 74
3-8
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Catalyst 2955 Switch Alarms
Configurin g Catalyst 2955 Switch Alarms
Setting the FCS Error Threshold
The switch generates an FCS bit error rate alarm when the actual FCS bit error rate is close to the configured FCS bit error rate. Use the fcs-threshold interface configuration command to set the FCS error threshold.
Beginning in privileged EXEC mode, follow these steps to set the bit error rate value for a port:
Use the no fcs-threshold interface configuration command to return to the default FCS threshold value. This example shows how to set the FCS bit error ra te for a port to 10
-10
Switch# configure terminal Switch(config)# interface fastethernet0/1 Switch(config-if) # fcs-threshold 10
Setting the FCS Error Hysteresis Threshold
The hysteresis setting prevents the toggle of an alarm when the actual bit error rate fluctuates near the configured bit error rate. Use the alarm facility fcs-hysteresis global configuration command to set the FCS error hysteresis threshol d.
Note The FCS hysteresis threshold is applied to all ports of a Catalyst 2955 switch.
Beginning in privileged EXEC mo de , fol low these s teps t o s et the FCS err or hystere sis t hre shold fo r a switch:
Command Purpose
Step 1
configure terminal E nte r globa l con figurat ion m od e.
Step 2
interface interface-id Enter the interface to be co nfigured, and enter interface co nfiguration mode.
Step 3
fcs-threshold value Set the FC S error rate.
For value, the range is 6 t o 11 to se t a ma ximum bit error rate of 10
-6
to 10
-11
.
By default, the FCS bit error rate is 10
-8
.
Step 4
end Return to privileged EX EC mode .
Step 5
show fcs-threshold Verify the setting.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step 1
configure terminal E nte r globa l con figurat ion m od e.
Step 2
alarm facility fcs-hysteresis
percentage
Set the hysteresis percentage for the switch. For percentage, the range is 1 to 10. The default value is 10 percent.
Step 3
end Return to privileged EX EC mode .
Step 4
show running config Verify the configuration.
Step 5
copy running-config startup-config (Optional) Save your entries in the configuration file.
Page 75
3-9
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Cat alyst 2955 Switch Alarms
Configuring Catalyst 2955 Switch Alarms
Use the no alarm facility fcs-hysteresis command to set the FCS error hysteresis threshold to its default value.
Note The show running config command displays any FCS error hyst ere sis tha t i s not the de fault value.
This example shows how to set the FCS error hysteresis at 5 perc ent.
Switch(config) # alarm facility fcs-hysteresis 5
Configuring Alarm Profiles
This section descri bes how to c onfigure a lar m profile s on yo ur swi tch. I t c onta ins thi s configu ratio n information:
Creating or Modifyin g an Alarm Profile, page 3-9
Attaching an Alarm Profile to a Specific Port, page 3-10
Creating or Modifying an Alarm Profile
You can use the alarm profile global configuration command to create an alarm profile or to modify an existing profile. When y ou cr eat e a new al ar m pro file, non e of the al ar ms ar e e nabl ed .
Note The only alarm enabl ed in the defaultPort profile is the Port is not Operating alarm.
Beginning in privileged EXEC mode, follow these steps to create an alarm profile:
To delete an alarm profile, use the no alarm profile name glo bal configur ation command.
Command Purpose
Step 1
configure terminal Enter global con figuratio n m ode.
Step 2
alarm profile name Create the new profile or identify an existing profile, and then enter alarm
profile configuration mode.
Step 3
alarm alarm-id Add or modify alarm parameters for a specific alarm (see Table 3-4). T he
values are 1 to 4. You an enter more than one alarm ID separated by a space.
Step 4
notifies alarm-id (Optional) Configure t he a lar m to se nd a n SNMP tr ap t o an SN MP server.
Step 5
relay-major alarm-id relay-minor alarm-id
(Optional) Configure the alarm to send an alarm trap to the major relay. (Optional) Configur e t he a lar m to se nd an al arm t rap to t h e mino r r elay.
Step 6
syslog alarm-id (Optional) Configure the alarm to send an alarm trap to a syslog server.
Step 7
end Return to privileged EXEC mode.
Step 8
show alarm profile name Verify the configuration.
Step 9
copy running-config startup-config (Optional) Save your entries in the configuration file.
Page 76
3-10
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Catalyst 2955 Switch Alarms
Configurin g Catalyst 2955 Switch Alarms
This example creates or modifies the alarm profile fastE for the fastEthernetPort with link-down (alarmList ID 3) and an FCS error rate of 30 percent (alarmList ID 4) alarms enabled. The link-down alarm is connected to the minor relay, and the FCS error rate alarm is connected to the major relay. These alarms also send notifications to an SNMP server and send syste m me ssages to a syslog server.
Switch(config)# alarm profile fastE Switch(config-alarm- prof)# alarm 3 4 Switch(config-alarm- prof)# relay major 4 Switch(config-alarm- prof)# relay minor 3 Switch(config-alarm- prof)# notifies 3 4 Switch(config-alarm- prof)# syslog 3 4
Note Before you can use the notifies command to s end a l arm t r ap s to an S NMP server, you m ust first se t up
the SNMP server by using the snmp-server enable tra p s ala rm s glob al co nfiguration co mman d. See the “Enabling SNMP Traps” section on page 3-11.
Table 3-4 lists the alarmList IDs and their correspond in g ala rm de finitio ns. For a de scri pti on of t hes e
alarms, se e the “P ort Status Mo nitorin g Alarms ” section on pa ge 3 -3.
Attaching an Alarm Profile to a Specific Port
In interface configuration mode, you can use the alar m-profile command to attach a n ala rm p rofile to a specific port.
Beginning in privileged EXEC mode, follow these steps to attach an alarm profile to a port:
To detach an alarm profile from a specific port, use the no alarm-profile name interface configuration command.
This example attaches an alarm profile named fastE to a por t.
Switch(config)# interface fastethernet 0/2 Switch(config-if)# alarm profile fastE
Table 3-4 AlarmList ID Number Alarm Descriptions
AlarmList ID Alarm Description
1 Link fault 2 Port not forwarding 3 Port not operating 4 FCS error rate exceeds threshold
Command Purpose
Step 1
configure terminal E nte r globa l con figurat ion m od e.
Step 2
interface port interface Enter the number of the swit ch po rt to be co nfigured, a nd t he sw it ch e nte rs
interface configuration mode.
Step 3
alarm-profile name Attach the specified profile to the interface.
Step 4
end Return to privileged EX EC mode .
Step 5
show alarm profile Verify the configuration.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.
Page 77
3-11
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Cat alyst 2955 Switch Alarms
Displaying Catalyst2955 Switch Alarms Status
This example de t ach es an a l ar m pro file nam ed fastE from a port.
Switch(config)# interface FastEthernet 0/2 Switch(config-if)# no alarm profile fastE
Enabling SNMP Traps
Use the snmp-server enable tr aps alar ms global configuration command to enable the switch to send alarm traps.
Note Before using alarm profil es to set the switch to send SNMP a lar m trap notifications to an SNMP server,
you must first enable SNMP by using the snmp-s erver e nable traps alar ms gl obal con figurati on command.
Beginning in privileged EXEC mode, follow these steps to enable the switch to send alarm traps:
Displaying Catalyst 2955 Switch Alarms Status
To display the globa l a nd port al ar m st atus , use on e or mo re o f th e privileged E XEC c omm an ds in
Table 3-5:
Command Purpose
Step 1
configure terminal Enter global con figuratio n m ode.
Step 2
snmp-server enab le t ra ps a la rms Enable the switch to send SNMP traps.
Step 3
end Return to privileged EXEC mode.
Step 4
show alarm settings Verify the configuration.
Step 5
copy running-config startup-config (Optional) Save your entries in the configuration file.
Table 3-5 Commands for Displaying Global and Port Alarm Status
Command Purpose
show alarm description port Displays an alarm num ber and its text des cript ion. show alarm profile [name] Displays all alarm profiles in the system or a specified profile. show alarm settings Displays all global alarm settings in the switch. show env {all | power | temperature} Displays the status of environmental facilities on the Catalyst 2955 switch. show alarm status [critical | info | major |
minor]
Displays generated alarms in the switch.
Page 78
3-12
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 3 Configuring Catalyst 2955 Switch Alarms
Displaying Catalyst 2955 Switch Alarms Status
Page 79
CHAPTER
4-1
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
4
Getting Started with CMS
This chapter contains thes e sections tha t describe the Cluster Mana gement Suite (CMS) on the Catalyst 2950 or Catalyst 2955 switch:
“Understanding CMS” section on page 4-1
“Configuring CMS” section on page 4-7
“Displaying CMS” section on page 4-10
“Where to G o Next” se cti on on page 4-15
For a list of new CMS features in this release, select Help > What’s New? from the CM S me nu b ar. For information about cluste r configura tions a nd whi ch Catal yst switc he s can be co mm and swit ches or
member switches, refer to the release notes for this switch. Refer to the appropriate swit ch docum entati on for descrip tions of th e browser-based manage ment
software used on other Catalyst switches. For more information about CMS, refer to the online help.
Understanding CMS
CMS provides these features for managing sw itch clus ters and individual swi tches fro m web browsers such as Netscape Communicator or Microsoft Internet Explorer:
Front-panel and topology views of your network, as shown in Figure 4-7 on page 4-13 and
Figure 4-8 on p age 4-14, that can be displayed at the same time
A menu bar, a toolbar, and a fe atur e bar, as shown in Figur e 4-6 on page 4-13, to access
configuration and manageme nt options
Comprehensive online help that gives high-level concepts and procedures for performing CMS tasks
Interactive modes—guide mode, exper t mode, and wi zards—t hat con trol the pre senta tion of some
complex configuration option s
T wo le ve ls of access m odes to the con figurat ion option s: read-wr ite access fo r users who ca n change
switch settings and read-only access for users who can only view switch settings
Front Panel View
The Front Panel view displays the front-panel image of a specific set of switches in a cluster. From this view, you can select multiple ports or multiple switches and configure them with the same settings.
For more information, see the “Displaying CMS” section on page 4-10.
Page 80
4-2
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Started with CMS
Understanding CMS
Topology View
The Topology view displays a network map that uses icons representing switch clusters, t he comma nd switch, cluster members, cluster candidates, neighboring devices that are not eligible to join a cluster, and link types. You can also display link information in the form of link reports and link graphs.
For more information, see the “Displaying CMS” section on page 4-10.
CMS Menu Bar, Toolbar, and Feature Bar
The configuration and mo nit oring op tion s for c onfiguring sw it ches an d s witc h cl uste rs ar e available from the menu bar, the toolbar, and the feature bar.
The menu bar, shown in Figure 4-1, provides these options for managing CMS, navigating the
windows, and accessing online help:
CMS—Choose printing options, select interaction modes, display CMS preferences, install
CMS on your PC or worksta tio n, and show or hide the fe atur e bar.
Note CMS is downloaded to you r br owser each ti me y ou l aunc h C MS. You can increase the
speed at which CMS loads by permanently installing CMS on your PC or workstation. Select CMS > Installation and Distributions, and click Install. CMS will be installed locally and load faster the next time that you launch it.
Window—Choose from the currently open CMS wind ows.
Help—Launch the online help.
Figure 4-1 Menu Bar
The toolbar provides buttons for co mmonly use d switch and cluste r configurati on option s and information windows such as legends and on line help. Table 4-1 lists the toolbar options from left to right on the toolbar.
Table 4-1 Toolbar Buttons
Toolbar Option Icon Task
Print Print a CMS window or help file.
Preferences
1
Set CMS display properties, such as polling intervals, the views to open at CMS startup, and the color of administratively shutdown ports.
Save Configuration
2
Save the configuration of the cluster or a switch to Fla sh memory.
Software Upgrade
2
Upgrade the software for the cluster or a switch.
Page 81
4-3
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Star ted with CMS
Understanding CMS
The feature bar shows the features available for the devices in your cluster. By default, the feature
bar is in standard mode. In thi s mode, the feature bar is always visible, and you can re duce or increase the width of the feature bar. In autohide mode, the feature bar appears only when you move the cursor to the left edge of the CMS workspace.
To enable th e fe atur e bar, click CMS > Feature Bar, and select Standard Mode.
To hide the featur e bar, click CMS > Feature Bar, and select Autohide Mode.
Figure 4-2 shows the features available in a sample cluster.
Port Settings
1
Display and configure port parameters on a switch.
Smartports Device Macros
Display or configure Smartpo rts ma cros on a switc h.
Smartports Port Macros
Display or configure Smartpo rts ma cros on a por t.
VLAN
1
Display VLAN mem ber ship, assi gn port s to VLA Ns, a nd c han ge t he a dmi nist ratio n mode.
Inventory Display the device type, the software version, the IP address, and other information about a switch.
Refresh Update the views with the latest status.
Front Panel Display the Front Panel view.
Topology Display the Topology view.
Topology Options
Select the informa tion to be displ aye d in the Topology view.
Save Topology Layout
2
Save your arrangement of the cluster ico ns in the Topology view to Flash memory.
Legend Display the legend that describes the icons, labels, and links.
Help for Active Window
Display the help for the act ive, open window. You can also click Help from the active window or press the F1 key.
1. Not available in read-only mode. For more information about the read-only and read-write access modes, see the “Privilege Levels” section on page 4-7.
2. Some options from this menu option are not available in read-only mode.
Table 4-1 Toolbar Buttons (continued)
Toolbar Option Icon Task
Page 82
4-4
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Started with CMS
Understanding CMS
Figure 4-2 Features Tab and Search Tab
Note Only features supported by the devices in your cluster ar e displaye d in the featur e bar.
You can search for features that are available for your clus ter by clicking Search and entering a feature name, as shown in Fi gure 4-2.
Access modes affect the availability of features from CMS. Some CMS features are not available in read-only mode. For more informati o n about how access modes affect CMS, see the “Privilege Levels”
section on page 4-7.
1 Features tab 2 Search tab
Page 83
4-5
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Star ted with CMS
Understanding CMS
Online Help
CMS provides comprehensive online help to assist you i n under standing an d performi ng configurat ion and monitoring tasks from the CM S windows.
Online help is available for feature s that ar e supporte d by devices in your cluste r. Sometimes the information in a topi c dif fers f or dif feren t clust er member s. In the se cases, t he right pane contain s all th e versions of the topic, each labeled with the host names of the members it applies to.
Online help includes these features:
Feature-specific help that gives background information and concepts on the features
Dialog-specific help t hat gives proced ures for p erfor ming ta sks
An index of onli ne hel p topi cs
A glossary of terms used in the online help
You can send us feedback about th e inf orma tion pr ovided in the online help. Click Feedback to display an online form. Afte r comp le ti ng the fo rm, cli ck Submit to send your co mm en ts to Cis co Systems Inc . We apprec iate a nd value your co mmen ts.
Configuration Modes
You can change the CMS inter action mod e to eithe r expert or guid e mode. Ex pert mod e displays a configuration window in which you con figure the feat ure option s. Gui de mode t akes you through each feature option and provides information about the parameter.
Guide Mode
Guide mode is for users who want a step-by-step approach for completing a specific configuration task. This mode is not available for all features. A person icon appears next to fea tures that have guide mode available, as shown in Figure 4-3 .
When you click Guide Mod e a nd the n sel ect a fe atu re t hat su pport s it , CM S d ispl ays a sp eci fic parameter of that fe ature a nd informa tion ab out the pa ramet er. To configure the feat ure, you en ter the information in each step until you click Finish in the last step. Clicking Cancel at any time ends the configuration task wit hou t a pplyin g a ny cha nges.
You must click Guide before selecting an option from the menu bar, tool bar, or popup menu to l aunc h that feature in Guide M ode . I f you cha nge th e i nter act ion mo de a fte r s elect ing a configu rat ion o pti on, the mode change does not take effect until you select another configuration option.
Page 84
4-6
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Started with CMS
Understanding CMS
Figure 4-3 Guide Mode and Wizards
Guide mode is not available if your switch acc ess level is read-only. For more information about the read-only access mode, see the “Privilege Levels” section on pa ge 4-7.
Expert Mode
Expert mode is for users who prefer to display all the parameter fields of a feature in a single CMS window. You can vi ew informati on about the paramete r fields by clicking the Help button.
You must click Expert before selecting an option from the menu bar, tool bar, or popup menu to launch that feature in Expert Mode. If you ch ange the interacti on mode after selecting a configurati on option, the mode change does not take effect until you select another configuration option.
Wizards
Similar to guide m o de , wizards provide a step -by-step approach for co mp le tin g a s p ecific configur atio n task. Unlike guide mode, a w izard doe s not prompt you to provide inf ormatio n for all of t he feature options. Instead, it prompts you to prov ide minimal infor mation and then uses the def ault sett ings of the remaining options to set up default configurations.
When you select a f eat ure that has Wizard in the name, the wizard launches for that feature, as shown in
Figure 4-3 on page 4-6.
Wizar ds are not av ailable or fo r read-only acces s leve ls. For more infor mation about the read -only access mode, see the “Privilege Levels” section on page 4-7.
1 Guide mode icon 2 Wizards
116226
2
1
Page 85
4-7
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Star ted with CMS
Configuring CMS
Privilege Levels
CMS provides two le v e ls of acce ss to the co nf igurat ion options: read-wr ite ac cess and read -only ac cess. If you know your privilege level, you must specify it in the URL that you use t o access the c luster. For example, if your privilege level is 13, enter this URL:
http://ip_address/level/13 Privilege levels 0 to 15 are supported.
Privilege level 15 provides read-write access to CMS. This is the default.
Privilege levels 1 to 14 provide read-only access to CMS. Any options in the CMS windows, menu
bar, toolbar, and popup menus that change the switch or cluster configurat ion are not shown in read-only mode.
Privilege level 0 denies access to CMS.
If you do not spe cify a p rivilege level when you acce ss CMS, the swi tc h verifies w hethe r y ou have privilege level 15. If you do not, you ar e deni ed a cce ss to CMS. I f y ou do have privilege level 15, you are granted read-write access. Therefore, you do not need to include the privilege level if it is 15. Entering zero denies access to CMS.
Note You must have privilege level 15 to access CMS throug h a TACACS+ or RADIUS server.
For more information about privilege levels, see the “Preventing Unauthorized Access to Your Switch”
section on page 9-1 a nd the “Configuring M ultipl e Privilege Levels” section on page 9- 8.
Access to Older Switches in a Cluster
If your cluster has these memb er switch es running e arlier sof tware releas es and if you have read-only access to these member switches, some configuration windows for those switches display incomplete information:
Catalyst 2900 XL o r C atalyst 3500 X L me mb er sw itch es ru nni ng Ci sco IOS R ele ase 12. 0(5 )WC2
or earlier
Catalyst 2950 member switc hes r un ning Cisc o IO S Re lease 12 .0(5) WC2 or earl ier
For more information about this limitation, refer to the release notes. These switches do n ot su ppo rt r ead- only mo de on CM S:
Catalyst 1900 and Catalyst 2820 switches
Catalyst 2900 XL switches with 4-MB CPU DRAM
In read-only mod e, t hes e sw itc hes a ppea r as unavailable devices an d c anno t be c on figured from CM S.
Configuring CMS
This section con tains t hese topics th at descr ibe the req uirement s and conf iguratio n informa tion fo r CMS:
“CMS Requirements” secti on on page 4-8
“Cross-Platform Co nside rati ons” sec tion on page 4-9
“Launching CMS” se ctio n o n pag e 4-10
Page 86
4-8
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Started with CMS
Configuring CMS
CMS Requirements
This section desc ribe s th e hardwar e an d soft ware r eq uire ment s f or r unnin g CMS:
“Minimum Hardware Configur ation” sec tion on page 4-8
“Operating System and Browser Support” sec tion on page 4-8
“CMS Plug-In” section on pa ge 4- 9
“Specifying an HTT P Po rt ( N ondefau lt Configurat ion Onl y)” sect ion o n page 4-10
“Configuring an Aut hent ic ation M eth od (Non de fault Co nfigurati on Onl y)” se cti on on pa ge 4-10
Note The software requirements are automatic ally verifie d by the CMS Startup Report when you launch CMS.
For more information, see the “Launching CM S” sec tion on p ag e 4-10.
Minimum Hardware Configuration
The minimum PC requirement is a Pentium processor running at 233 MHz with 64 MB of DRAM. The minimum UNIX worksta tio n requ irem e nt is a Sun Ult ra 1 r unn ing a t 143 M Hz wit h 64 MB of D RA M.
Table 4-2 lists the minimum platforms for running CMS.
Operating System and Browser Support
You can access the CMS inter face b y usin g the operat ing syst ems and bro wser s listed in Table 4-3. CMS checks the browser version wh en st art ing a se ssion to e nsu re t hat th e browser is su ppo rte d.
Table 4-2 Minimum Hardware Configuration
OS Processor Speed DRAM Number of Colors Resolution Font Size
Windows NT 4.0
1
1. Service Pack 3 or higher is required.
Pentium 300 MHz 128 MB 65,536 1024 x 768 Small
Solaris 2.5.1 or higher
SPARC 333 MHz 128 MB Most colors for
applications
—Small (3)
Table 4-3 Supported Operating Sys tems and Browsers
Operating System Minimum Service Pack or Patch
Netscape Communicator
Microsoft Internet Explorer
1
1. Service Pack 1 or higher is required for Internet Explorer 5.5.
Windows 98 Seco nd Ed iti on 7.1 5.5 or 6.0 Windows NT 4.0 Service Pack 6 or later 7.1 5.5 or 6.0 Windows 2000 None 7.1 5.5 or 6.0 Windows XP None 7.1 5.5 or 6.0 Solaris 8 or later Sun-recommended pat ch cluster
for the OS and Motif libr ary patch 103461-24
7.0 Not supported
Page 87
4-9
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Star ted with CMS
Configuring CMS
CMS Plug-In
You need to install the CMS plug -in to run CMS with yo ur w eb browser. The plug-in is supporte d both in Windows environmen ts and on Solaris pl atform s. For more inform ation a bout the CMS plug- in, including the URL, refer to the "Software Compatibility" section in the release notes.
Note If you need to both upg rade y our web browser and i n stall t he C MS plug -in, yo u mu s t up grade y our
browser first. If you install the CMS plug-in and then upgrade your browser, the plug-in is not registered with the new browser.
The plug-in includes a consol e window that you can use to troubl eshoot CMS or to view the CLI commands from CMS. When CMS is running, press F2 to display or to hide the CMS console. Press F3 to display or to hide the CLI commands that CMS is sending.
Cross-Platform Considerations
When managing switch clusters through CMS, remember that clusters can have a mix of switch models using different Cisco IOS releases and that CMS in earlier Cisco IOS releases and on different switch platforms might look and functi on differently from CMS i n this Cisco IOS rele ase.
When you select Device > Device Manager for a cluster member, a new browser session launches, and the CMS version for tha t sw itch a ppea rs (Ca taly st 19 00 an d 2 820 swit ches on ly).
Here are example s of h ow CMS can di ffer betw ee n Ci sco IOS rel ease s a nd swit ch pl at for ms:
The CMS versions in these softwa re relea ses might appea r to be simila r b ut the y are no t the same as
this release. For example, the T opology view in this release is not the same as the Topology view or the Cluster View in these earlier software releases.
Cisco IOS Release 12.0(5)WC2 or earlier
Cisco IOS Release 12.1(6)EA1 or earlier
Cisco IOS Release 12.2(18)SE or later
CMS on the Catalyst 1900 and Catalyst 2820 switches is referred to as Switch Manager. Cluster
management options are not available on these switches. This is the earliest version of CMS.
Refer to the documentation specific to the switch and its Cisco IOS release for descr iptio ns of the CMS version.
HTTP Access to CMS
CMS uses the HTTP protocol (the default is port 80) and the def ault method of authentication (the en able password) to communicate with the switch through any of its Ethernet ports and to allow switch management from a stan dard web browser.
If you have not configured a specific (nonde fault) H T TP port and a re usi n g the enab le pa ssword ( or n o password) for access to the switch, you can go to the “Displa ying CMS” se ction on page 4-10.
Page 88
4-10
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Started with CMS
Displaying CMS
Specifying an HTTP Port (Nondefault Configuration Only)
If you change the HTTP port, you mu st include the new port number when you ent er the IP address in the browser Location or Address field (for example, ht tp://1 0.1.1 26.45:18 4 wher e 184 is the new HTTP port number). Y ou should write down the port number to which you are connected. Use care when changing the switch IP information.
Configuring an Authentication Method (Nondefault Configuration Only)
If you are not using the default met hod of authe nticat ion (th e enabl e password), you need to co nfigure the HTTP server interface with the method of authentication used on the switch.
Beginning in privileged EXEC mode, follow these steps to configure the HTTP server interface:
After you have configured the HTTP server interface, display the switch home page, as described in the
“Launching CMS” se ctio n o n pag e 4-10.
Displaying CMS
This section provides th ese topi cs abou t di spla ying CM S:
“Launching CMS” se ctio n o n pag e 4-10 “Front Panel View” section on page 4-13 “Topology View” section on page 4-14
Launching CMS
To display the switch home page, follow these steps:
Step 1 Enter the switch IP address in the browser, and press Enter. Step 2 En ter yo ur use rnam e an d pa ssword whe n pro mpte d. I f no use rnam e is c onfigured o n y our swi tch (th e
default), enter only the enabl e password (if an enable password is configured ) in the pass word field.
Command Purpose
Step 1
configure terminal Enter global configurat ion mode .
Step 2
ip http authentication {enable | local | tacacs}
Configure the HTTP server interface for the type of authentication you want to use .
enable—E nable passwor d, which is th e default met hod of HTTP
server user authentication, is used.
local—Local user database, as defined on the Cisco router or access
server, is used.
tacacs—TACAC S se rver i s u s ed .
Step 3
end Return to privileged EXEC mode.
Step 4
show running-config Verify your entries.
Page 89
4-11
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Star ted with CMS
Displaying CMS
The switch home page app ears, as shown in Figure 4-4.
Figure 4-4 Switch Home Page
The switch home page has th ese tab s:
Express Setup—Opens the Exp ress Setup page
Note You can use Expr ess Setu p to a ssign an I P a ddr ess t o an u nco nfigured swi tch . For more
information, refer to the hardware installation guide.
Cluster Management Suite— Launc hes CMS
Tools—Accesse s d iagn ostic an d mon ito ring tool s, su ch a s Telnet, Extended Pin g, a nd the show
interfaces p rivileged
EXEC command
Help Resources—Provides links t o the Cisc o we bsite , techni cal doc umen t ation, and the C isco
Technical Assistance Center (TAC)
Step 3 Click Cluster Management Suite to launch the CMS i nterfa ce. T he CMS Sta rtup Repo rt runs a nd
verifies that your PC or workst at ion can co rre ct ly r un CMS.
Page 90
4-12
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Started with CMS
Displaying CMS
If you are running an unsupported operating system, web browser, CMS plug-in or Java plug-in, or if the plug-in is not enabled, the CM S Startup Repor t page ap pears, as shown in Figure 4-5.
Figure 4-5 CMS Startup Report
The CMS Startup Report has links that instruct you how to correctly configure your PC or workstat i on. If the CMS Startup Report appears, click the links, and follow the instructions to configure your PC or workstation.
Note If your PC or work stati on i s c orre ctly c onfigured for CM S, you do n ot se e t he C MS Star tup R ep ort.
Note If you are running Windows and need to both upgrade your web browser and inst all the CM S plug-in,
you must upgrade your browser first. If you install the CMS plug-in and then upgrade your browser, the plug-in is not registered with the new browser.
When your PC or workstation is correct ly configured , CMS launc hes.
Page 91
4-13
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Star ted with CMS
Displaying CMS
Front Panel View
When CMS is launched from a comma nd switch, you can displa y the Front Panel view by clicking the Front Panel button on the tool bar, as shown in Figure 4-6.
Figure 4-6 Toolbar
When CMS is launched from a noncommand switch, the CMS Front Panel view displays by default, and the front-panel image displays only the front panel of that switch.
The Front Panel view displays the front-panel image of the command switch and any other switches that were selected the last time the view was displayed.
You can choose and c onfigure t he s wit che s tha t appe a r in Front Panel view. You can drag the swit che s that appear and r e-ar ra nge t h em. You can right-click on a swit ch p or t t o co nfigure th at por t.
Figure 4-7 Front Panel View and Port Popup Menu
1 Front Panel view button 2 Topology view button
101011
1 2
1 Cluster tree 3 Checkboxes to show switches 2 Command switch 4 Port configuration popup menu
3 4
1
2
98674
Page 92
4-14
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Started with CMS
Displaying CMS
Note Figure 4-7 shows a cluster with a Catalyst 3550 swit ch as the command switc h. Refer to the re lease notes
for a list of switches that can be members of a cluster with a Catalyst 2950 or a Catalyst 2955 switch as the command switch.
Topology View
When CMS is launch ed f rom a com ma nd sw itch, th e Topology view appears by default. When you click the topology button on the t ool bar, the Topology view displays the command switch
(shown by the *CMD* label) and the devices that are connected to it, as shown in Figure 4-8. You can right-click on a switch or link ico n to display a me nu for that icon.
Figure 4-8 Topology View and Device Popup Menus
Note Figure 4-8 shows multipl e pop up me nu s. On ly o ne po pup men u at a t im e ap pear s in the CM S.
1 Link popup menu 3 Command switch popup me nu 2 Command switch 4 Cluster member popup menu
1 432
98675
Page 93
4-15
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Star ted with CMS
Where to Go Next
The Topology view shows how the devices within a switch cluster are connected and how the switch cluster is con necte d to oth er cl uster s an d devices . Fr om t his vi ew, you can add and re move cluste r members. This view provide s two levels of deta il of t h e ne twork topo l ogy:
Expand Cluster—Wh en you r ight -cl ick a c luste r icon a nd selec t Expand Cluster, the Topology
view displays the switch cluster in detail. This view shows the command switch and member switches in a cluster. It also shows candidate switches that can join the cluster. This view does not display the details of any neighbor ing switc h clusters
Collapse Cluster—Whe n you right -click a co mman d-switc h icon and sele ct Collapse Cluster, the
cluster is collapsed and represented by a single icon. The view shows how the cluster is connected to other clusters, candidate switches, and devices that are not eligible to join the cluster (such as routers, access po in ts, IP p hon es, a nd so on).
Note The Topology vie w displays only the switch cluster and network neighborhood of the specific command
or member switch that you access. T o display a different switch cluster, you need to access the command switch or member swit ch of th at clus ter.
CMS Icons
For a complete list of device and link icons available in CMS, select Help > Legend from the CMS menu bar.
Where to Go Next
See Chapter 7, “Clustering Switches,” for more informat ion a bou t com mand an d m ember swi tches.
See Chapter 8, “Administering the Switch,” for more information about administrative tasks.
Click Help > What’s New in the online help for a list of new CMS features in this release.
See the “Upgrading a Switch by Using CMS” section in the release notes for information about
upgrading your switch by using a TFTP ser ver
The rest of this guide provides information about the command-line interface (CLI) procedures for the software features suppor ted in th is release . For CMS proc edures an d win dow description s, refer t o the online help.
Page 94
4-16
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 4 Getting Started with CMS
Where to Go Next
Page 95
CHAPTER
5-1
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
5
Assigning the Switch IP Address and Default Gateway
This chapter describes how to create the initial switch configuration (for example, assign the switch IP address and defaul t gateway infor ma tion) fo r the Ca talyst 295 0 o r Cata lyst 2 955 sw itch by usin g a variety of automatic and manual methods. It also describes how to modify the switch startup configuration only o n th e Cata lyst 2950 L ong -Rea ch E ther net (LRE ) switc hes .
Note For complete syntax an d usage info rmation for th e commands u sed in this chap ter , refer to the command
reference for thi s r ele ase and t he Ci sco IOS IP and IP Routin g Comma nd Reference, Release 12.1.
This chapter consists of these sections:
Understanding the Boot Process, pa ge 5-1
Assigning Switch Infor mat ion, page 5-2
Checking and Saving the Running Configuration , page 5-11
Modifying the Startup Configu ration, pa ge 5-11 ( available only on the Catalyst 2950 LRE switch)
Scheduling a Reload of th e Software Imag e, page 5-16 (available only on the Catalyst 2950 LRE
switch)
Understanding the Boot Process
T o start your switch, you need to follow the p rocedures in the hardw are installation guide abou t installing and powering on the switch, and setting up the initial configuration (IP address, subnet mask, default gateway, secret a nd Telnet passwords, and so fo rth) of t he switc h.
The normal boot pro cess i nvolves the operatio n of t he bo ot loa der sof tware, whi ch perfo rm s the se activities:
Performs low-le vel CPU initializa tion. It initializes th e CPU registers, which control where physical
memory is mapped, its quantity, its speed, and so forth.
Performs power -on self-test (POST ) for the CPU subsystem. I t tests the CPU DRAM and the portion
of the flash device that makes up the flash file system.
Initializes the flash file system on the system board.
Loads a default operating system software image into memory and boots the switch.
Page 96
5-2
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 5 Assigning the Switch IP Address and Default Gateway
Assigning Switch Information
The boot loader p rovid es access t o the fla sh f ile syst em befo re the ope rating s ystem is lo aded. No rmally, the boot loader is used only to load, uncompress, and launch the operating system. After the boot loader gives the operating system control of the CPU, the boot loader is not active until the next system reset or power-on.
The boot loader also provides trap-door access into the system if the operating system has problems serious enough that it cann ot be used. The trap-doo r mech anism provid es enoug h access t o the system so that if it is necessary, you can format the flash file system, re-install the operating system software image by using the XM OD EM Pr otoc ol, re c over from a lo st or forgotte n pa ssword, an d finall y res tart the operating system. For more information, see the “Recovering from Corrupted So ftware” se ction on
page 32-2, th e “Recovering fr om L ost o r Forgotten Passwords o n N on -LRE Ca talys t 295 0 Switc he s” section on page 32-2 , the “Re covering from L ost or Forgotten Passwords on Cat al yst 2 950 L RE Switches” section on page 32-4, and the “Recovering from L ost or Forgotten Passwords o n Cata lyst 2955 Switches” section on page 32-8.
Before you can assign switch information, make sure you have connected a PC or terminal to the console port, and configured the PC or ter minal-e mulat ion software baud rate an d chara cter format to match these of the switch consol e port:
Baud rate default is 9600.
Data bits default is 8.
Stop bits default is 1.
Parity settings default is none.
Note If you are using Express Setup, do not co nnec t any devices to the switch before starting Expre ss Setup.
Refer to your switch hardware installation guide for more information.
Note The Catalyst 2955 sw itc hes do no t sup port Expr ess Setup.
Assigning Switch Information
You can assign IP informatio n through th e switch Ex press Setup program, through the command-line-i nterfa ce (CLI)- based setup progra m, throu gh a DHC P server, or manually by using the CLI. If you are an experienced user familiar with the switch configuration steps, manually configure the switch. Otherwise, use one of the set up pr ogr am s.
Note The Catalyst 2955 sw itc hes do no t sup port Expr ess Setup.
Non-LRE Catalyst 2950 switches running a release prior to Cisco IOS Release 12.1(14)EA1 and Catalyst 2950 LRE sw itch es ru nning a rele ase prior to Ci sco IOS Re le ase 12.1(19)EA1 do not support Express Setup.
Use the switch Express Setup or CLI -based set up progra m if you want to be prom pted for spe cific IP information. With these p rogra ms, you can a lso c onfigure a defaul t ga teway, a host name, and a switch (enable secret) password. You also have the option of assigning a Telnet password (to provide security during remote manageme nt) and enabl ing Simp le Network Mana gement Prot ocol (SNMP) . The
Page 97
5-3
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 5 Assigning the Switch IP Addres s and Default Gateway
Assigning Switch Information
CLI-based setup progra m also allows you to configur e you r switc h as a co mman d or me mber sw itc h of a cluster or as a standalone switch. For more inform ation about the E xpress Setup and CLI -based setup programs, refer to the hardware installation guide for your switch.
Use a DHCP server for centralized control and automatic assignment of IP information after the server is configured.
Note If you are using DHCP, do not respond to any of the questions in the setup program until the sw itch
receives the dynamically assigned IP address and reads the configuration file.
This section c onta ins this configura tio n inf orma tion:
Default Switch Informatio n, page 5-3
Understanding DHCP-Bas ed Autoconfigura tion, page 5-3
Configuring DHCP-Based Autoconfigurat ion, page 5-5
Manually Assigning I P In forma ti on, p ag e 5-1 0
Default Switch Information
Table 5-1 shows the default switch information.
Understanding DHCP-Based Autoconfiguration
DHCP provides configuratio n inf orm ati on to Int erne t hos ts a nd inter net worki ng devices. Thi s pr otoc ol consists of two components: one for delivering configuration parameters from a DHCP server to a device and a mechanism for allocating network addresses to devices. DHCP is built on a client-server model, in which designated DH CP s ervers a ll ocat e ne twork a dd resses a nd de liver configuration pa ram ete rs t o dynamically configured devices. The switch can act as both a DHCP client and a DHCP server.
Note The DHCP server feature is only available on Catalyst 2955 switches.
During DHCP-based autoconfigur ation, you r switch (DH CP client) is au tomatica lly configured at startup with IP address info rmati on and a co nfiguration file.
Table 5-1 Default Switch Information
Feature Default Setting
IP address and subnet ma sk No IP address or subnet mask are d efined. Default gateway No default gateway is defined. Enable secret password No password is defined. Host name The factory-assigned default host name is Switch. Telnet password No password is defined. Cluster command switch functionality Disabled. Cluster name No cluster name is d efined.
Page 98
5-4
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 5 Assigning the Switch IP Address and Default Gateway
Assigning Switch Information
With DHCP-based autoconfiguration, no DHCP client-sid e configurati on is needed on your switc h. However , you need to configure the DHCP server for various lease options associated with IP addresses. If you are using DHCP to relay the configurati on file location on th e network, you mi ght also nee d to configure a TFTP server and a Domai n Name S ystem (DNS) s erver.
The DHCP server for your switch can be on the same LAN or on a different LAN than the switch. If the DHCP server is runn ing o n a differen t LAN , you sh oul d c onfigure a D HC P rela y device be twe en y our switch and the DHCP server. A relay device forwards broa dc ast tra ffic between two dire ct ly con ne cted LANs. A router does not forward broadcast packets, but it forwards packets based on the destinat ion IP address in the received packet.
DHCP-based autoconfiguration replaces the BOOTP client functionality on your switch.
DHCP Client Request Process
When you boot your switch, the DHCP client is invoked and requests configuration information from a DHCP server when the configuration file is not present on the switch.
DHCP autoconfiguration does not occur under these conditions:
When a configuration file is pres ent an d the service config global configurati on c om mand is
disabled on the switc h.
When a configuration f ile is present and th e service config global configu ration command is enabled
on the switch. In this case, the switch broadcasts TFTP requests for the configuration file.
Figure 5-1 shows the sequence of message s tha t are e xcha nged betw een the DHC P clien t and th e DHCP
server.
Figure 5-1 DHCP Client and Server Message Exchange
The client, Switch A, broadcasts a DHCPDISCOVER message to locate a DHCP server. The DHCP server offers configuration parameters (such as an IP address, subnet mask, gateway IP address, DNS IP address, a lease for the IP address, and so forth) to the client in a DHCPOFFER unicast message.
In a DHCPREQUEST br oadc ast me ssage , the cli ent ret urns a fo rm al r eque st f or the offered configuration information to the DHCP server. The formal request is broadcast so that all other DHCP servers that received the DHCPDISCOVER broadcast message from the client can reclaim the IP addresses that they offered to the client.
The DHCP server confirms that the IP address has been allocated to the client by returning a DHCPACK unicast message to the client. With this message, the client an d server are boun d, and the c lient use s configuration information received from the server. The amount of information the switch receives depends on how you con figure the DHCP server. For more informa tion, see the “DHCP Server
Configuration Guidelines” sec tio n on pag e 5-5.
If the configuration parameters sent to the client in the DHCPOFFER unicast message are invalid (a configuration error e xi sts), the cli en t returns a DHCPDECL INE broa dcast messa ge to the DHCP server.
Switch A
DHCPACK (unicast)
DHCPREQUEST (broadcast)
DHCPOFFER (unicast)
DHCPDISCOVER (broadcast)
DHCP server
51807
Page 99
5-5
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 5 Assigning the Switch IP Addres s and Default Gateway
Assigning Switch Information
The DHCP server sends the client a DHCPN AK denial broadcast message, which mean s that the of fered configuration parameters have not been assigned, that an error has occurred during the negotiation of the parameters, or that the client has been slow in responding to the DHCPOFFER message (the DHCP server assigned the par am eters t o an othe r cl ien t).
A DHCP client might receive offers from multiple DHCP or BOOTP servers and can accept any of the offers; however, the client usually accepts the first offer it receives. The offer from the DHCP server is not a guarantee that the IP address is allocated to the client; however, the server usually reserves the address until the client has had a chance to formally request the address. If the switch accepts replies from a BOOTP server and configures itself, the switch broadcasts, instead of unicasts, TFTP requests to obtain the switch configurati on file.
Configuring DHCP-Based Autoconfiguration
These sections de scri be how to c on figure DH CP- based a utocon figurat ion.
DHCP Server Configuration Guidelines, page 5-5
Configuring the TFTP Se rver, page 5-6
Configuring the DNS, page 5-7
Configuring the Relay Device, page 5-7
Obtaining Configuration Fi les, pa ge 5-8
Example Configurati on, p ag e 5-9
If your DHCP server is a C is co device, o r i f yo u ar e configur ing the sw itch as a DH CP ser ver, refer to the “IP Addressing and Services” section in the Cisco IOS IP a nd IP R outi ng Co nfiguration Gui de f or Cisco IOS Release 12. 1 for additional information about configuring DHCP.
DHCP Server Configuration Guidelines
Follow these guidelines if you ar e configuri ng a device as a DHCP server: The switch can act as both the DH CP client and the DHCP server. By default, the Cisco IOS DHCP
server and relay agent features are enabled on your switch.
Note The DHCP server feature is only available on Catalyst 2955 switches.
You should configure the DHCP server with reserved leases that are bound to each switch by the switch hardware address.
If you want the switch to recei ve I P address information, yo u must config ure the DHCP server with the se lease options:
IP address of the client (requi red)
Subnet mask of the client (requ ired)
DNS server IP address (optional)
Router IP address (d efaul t gat eway addres s t o be us ed by t he sw itch ) ( requ ir ed)
Page 100
5-6
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 5 Assigning the Switch IP Address and Default Gateway
Assigning Switch Information
If you want the switch to receive the configuration file from a TFTP server, you must configure the DHCP server with these lease options:
TFTP server name (requ i red)
Boot filename (the n ame of the con figurat ion file tha t the c lien t ne e ds) (r ec omme nde d)
Host name (optiona l)
Depending on the settings of the DHCP server, the switch can receive IP address information, the configuration file, or bot h.
If you do not configure the DHCP server with the lease options described previously, it replies to client requests with only those parameters that are configured. If the IP address and subnet mask are not in the reply , the s witch is no t config ured. If th e router IP address o r TFTP serv er name are not fou nd, the switch might send broadcast, instead of unicast, TFTP requests. Unavailability of other lease options does not affect autoconfiguration .
Configuring the TFTP Server
Based on the DHCP server configuration, the switch attempts to download one or more configuration files from the TFTP server. If you configured the DHCP server to respond to the switch with all the options required for IP connectivity to the TFTP server, and if you configured the DHCP server with a TFTP server name, address, and configuration filename, the switch attempts to download the specified configuration file from the specified TFTP server.
If you did not specify the configuration filename, the TFTP server, or if the configuration file could not be downloaded, the switch attempts to download a configuration file by using various combinations of filenames and TFTP serv er addresses. Th e file s include the specif ied conf igurati on file name (if any ) and these files: network-config, cisconet.cfg, hostname.config, or hostname.cfg, wher e hostna me is the switch’s current hostname. The TFTP server addresses used include the specified TFTP server address (if any) and the broadcast add ress (255.2 55.255 .255).
For the switch to successfully download a configuration fi le, the TFTP server must contain one or more configuration files in its b ase dire cto ry. The files can includ e thes e files:
The configuration file named in the DHCP reply (t he actual sw itch co nfiguration file).
The network-confg or the c isconet .cfg file (known as the defaul t configuration files).
The router-confg or the cisc ortr.cfg file (These files contain comm ands com mon to all switche s.
Normally, if the DHCP and TFTP servers are properly configured, these files are not accessed.)
If you specify the T FT P se rver na me i n the DH CP s erver-leas e da taba se, you m ust a lso co nfigure the TFTP server name-to-IP-address mapping in the DNS-server database.
If the TFTP serve r to be used is on a dif ferent LAN f rom the switch, or if it is to be accessed b y the switch through the broadcast addr ess (whic h occurs if the DHCP server respon se does not co ntain all t he required informat ion de scri bed previou sly ), a re lay must be co nfigured to f orwa rd the TFTP packet s to the TFTP server . F or more informatio n, see the “Conf iguri ng the Rela y Devi ce” secti on on page 5-7. The preferred solution is to configure the DHCP server with all the required information.
Loading...