Cisco 310, 312 User Manual

Cisco Catalyst Switch Module 3110 and

3012 for IBM BladeCenter Software

Configuration Guide

Cisco IOS Release 12.2(40)EX2 April 2008

Americas Headquarters

Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 527-0883

Text Part Number: OL-12189-01

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco StadiumVision, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn is a service mark; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0804R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

Preface xliii

Audience xliii

Purpose xliii

Conventions xliv

Related Publications xliv

Obtaining Documentation and Submitting a Service Request xlv

CHAPTER

1 Overview 1-1

Features 1-1

Deployment Features 1-3 Performance Features 1-4 Management Options 1-5 Manageability Features 1-6 Availability and Redundancy Features 1-7 VLAN Features 1-8 Security Features 1-9 QoS and CoS Features 1-10 Layer 3 Features 1-12 Monitoring Features 1-13

Default Settings After Initial Switch Configuration 1-14

Network Configuration Examples 1-16

Design Concepts for Using the Switch 1-16 Small to Medium-Sized Network 1-19

Where to Go Next 1-20

CHAPTER

OL-12189-01

2 Using the Command-Line Interface 2-1

Understanding Command Modes 2-1

Understanding the Help System 2-3

Understanding Abbreviated Commands 2-4

Understanding no and default Forms of Commands 2-4

Understanding CLI Error Messages 2-5

Using Configuration Logging 2-5

Using Command History 2-6

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

iii

Contents

Changing the Command History Buffer Size 2-6 Recalling Commands 2-6 Disabling the Command History Feature 2-7

Using Editing Features 2-7

Enabling and Disabling Editing Features 2-7 Editing Commands through Keystrokes 2-8 Editing Command Lines that Wrap 2-9

Searching and Filtering Output of show and more Commands 2-10

Accessing the CLI 2-10

Accessing the CLI through a Console Connection or through Telnet 2-11

CHAPTER

3 Assigning the Switch IP Address and Default Gateway 3-1

Understanding the Boot Process 3-1

Assigning Switch Information 3-2

Default Switch Information 3-3 Understanding DHCP-Based Autoconfiguration 3-3

DHCP Client Request Process 3-4

Configuring DHCP-Based Autoconfiguration 3-5

DHCP Server Configuration Guidelines 3-5 Configuring the TFTP Server 3-6 Configuring the DNS 3-6 Configuring the Relay Device 3-7 Obtaining Configuration Files 3-7 Example Configuration 3-8

Understanding DHCP-based Autoconfiguration and Image Update 3-10

DHCP Autoconfiguration 3-10 DHCP Auto-Image Update 3-10 Limitations and Restrictions 3-10

Configuring the DHCP Auto Configuration and Image Update Features 3-11

Configuring DHCP Autoconfiguration (Only Configuration File) 3-11 Configuring DHCP Auto-Image Update (Configuration File and Image) 3-12 Configuring the Client 3-13

Manually Assigning IP Information 3-14

Configuring Protected Mode 3-15

Understanding Protected Mode 3-15 Configuration Guidelines and Restrictions 3-16 Enabling Protected Mode 3-16

Checking and Saving the Running Configuration 3-17

Modifying the Startup Configuration 3-18

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Default Boot Configuration 3-18 Automatically Downloading a Configuration File 3-18 Specifying the Filename to Read and Write the System Configuration 3-18 Booting Manually 3-19 Booting a Specific Software Image 3-20 Controlling Environment Variables 3-21

Scheduling a Reload of the Software Image 3-23

Configuring a Scheduled Reload 3-23 Displaying Scheduled Reload Information 3-24

Contents

CHAPTER

4 Configuring Cisco IOS CNS Agents 4-1

Understanding Cisco Configuration Engine Software 4-1

Configuration Service 4-2 Event Service 4-3

NameSpace Mapper 4-3

What You Should Know About the CNS IDs and Device Hostnames 4-3

ConfigID 4-3 DeviceID 4-4 Hostname and DeviceID 4-4 Using Hostname, DeviceID, and ConfigID 4-4

Understanding Cisco IOS Agents 4-5

Initial Configuration 4-5 Incremental (Partial) Configuration 4-6 Synchronized Configuration 4-6

Configuring Cisco IOS Agents 4-6

Enabling Automated CNS Configuration 4-6 Enabling the CNS Event Agent 4-7 Enabling the Cisco IOS CNS Agent 4-9

Enabling an Initial Configuration 4-9 Enabling a Partial Configuration 4-13

CHAPTER

OL-12189-01

Displaying CNS Configuration 4-14

5 Managing Switch Stacks 5-1

Understanding Switch Stacks 5-1

Switch Stack Membership 5-3 Stack Master Election and Re-Election 5-6 Switch Stack Bridge ID and Router MAC Address 5-8 Stack Member Numbers 5-8 Stack Member Priority Values 5-9

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

Contents

Switch Stack Offline Configuration 5-9

Effects of Adding a Provisioned Switch to a Switch Stack 5-10 Effects of Replacing a Provisioned Switch in a Switch Stack 5-11

Effects of Removing a Provisioned Switch from a Switch Stack 5-11 Hardware Compatibility and SDM Mismatch Mode in Switch Stacks 5-11 Switch Stack Software Compatibility Recommendations 5-12 Stack Protocol Version Compatibility 5-12 Major Version Number Incompatibility Among Switches 5-12 Minor Version Number Incompatibility Among Switches 5-12

Understanding Auto-Upgrade and Auto-Advise 5-13

Auto-Upgrade and Auto-Advise Example Messages 5-14 Incompatible Software and Stack Member Image Upgrades 5-16 Switch Stack Configuration Files 5-16 Additional Considerations for System-Wide Configuration on Switch Stacks 5-17 Switch Stack Management Connectivity 5-17

Connectivity to the Switch Stack Through an IP Address 5-18

Connectivity to the Switch Stack Through an SSH Session 5-18

Connectivity to the Switch Stack Through Console Ports or Ethernet Management Ports 5-18

Connectivity to Specific Stack Members 5-18 Switch Stack Configuration Scenarios 5-19

CHAPTER

Configuring the Switch Stack 5-21

Default Switch Stack Configuration 5-21 Configuration Guidelines 5-21 Enabling Persistent MAC Address 5-22 Assigning Stack Member Information 5-24

Assigning a Stack Member Number 5-24

Setting the Stack Member Priority Value 5-25

Provisioning a New Member for a Switch Stack 5-25

Accessing the CLI of a Specific Stack Member 5-26

Displaying Switch Stack Information 5-27

6 Administering the Switch 6-1

Managing the System Time and Date 6-1

Understanding the System Clock 6-1 Understanding Network Time Protocol 6-2 Configuring NTP 6-3

Default NTP Configuration 6-4

Configuring NTP Authentication 6-4

Configuring NTP Associations 6-5

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Configuring NTP Broadcast Service 6-6 Configuring NTP Access Restrictions 6-8 Configuring the Source IP Address for NTP Packets 6-10 Displaying the NTP Configuration 6-11

Configuring Time and Date Manually 6-11

Setting the System Clock 6-11 Displaying the Time and Date Configuration 6-12 Configuring the Time Zone 6-12 Configuring Summer Time (Daylight Saving Time) 6-13

Configuring a System Name and Prompt 6-14

Default System Name and Prompt Configuration 6-15 Configuring a System Name 6-15 Understanding DNS 6-15

Default DNS Configuration 6-16 Setting Up DNS 6-16 Displaying the DNS Configuration 6-17

Contents

CHAPTER

Creating a Banner 6-17

Default Banner Configuration 6-17 Configuring a Message-of-the-Day Login Banner 6-18 Configuring a Login Banner 6-18

Managing the MAC Address Table 6-19

Building the Address Table 6-20 MAC Addresses and VLANs 6-20 MAC Addresses and Switch Stacks 6-20 Default MAC Address Table Configuration 6-21 Changing the Address Aging Time 6-21 Removing Dynamic Address Entries 6-22 Configuring MAC Address Notification Traps 6-22 Adding and Removing Static Address Entries 6-24 Configuring Unicast MAC Address Filtering 6-25 Displaying Address Table Entries 6-26

Managing the ARP Table 6-26

7 Configuring Switch-Based Authentication 7-1

OL-12189-01

Preventing Unauthorized Access to Your Switch 7-1

Protecting Access to Privileged EXEC Commands 7-2

Default Password and Privilege Level Configuration 7-2 Setting or Changing a Static Enable Password 7-3 Protecting Enable and Enable Secret Passwords with Encryption 7-3

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

vii

Contents

Disabling Password Recovery 7-5 Setting a Telnet Password for a Terminal Line 7-6 Configuring Username and Password Pairs 7-6 Configuring Multiple Privilege Levels 7-7

Setting the Privilege Level for a Command 7-8

Changing the Default Privilege Level for Lines 7-9

Logging into and Exiting a Privilege Level 7-9

Controlling Switch Access with TACACS+ 7-10

Understanding TACACS+ 7-10 TACACS+ Operation 7-12 Configuring TACACS+ 7-12

Default TACACS+ Configuration 7-13

Identifying the TACACS+ Server Host and Setting the Authentication Key 7-13

Configuring TACACS+ Login Authentication 7-14

Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 7-16

Starting TACACS+ Accounting 7-17 Displaying the TACACS+ Configuration 7-17

Controlling Switch Access with RADIUS 7-17

Understanding RADIUS 7-18 RADIUS Operation 7-19 Configuring RADIUS 7-19

Default RADIUS Configuration 7-20

Identifying the RADIUS Server Host 7-20

Configuring RADIUS Login Authentication 7-23

Defining AAA Server Groups 7-25

Configuring RADIUS Authorization for User Privileged Access and Network Services 7-27

Starting RADIUS Accounting 7-28

Configuring Settings for All RADIUS Servers 7-29

Configuring the Switch to Use Vendor-Specific RADIUS Attributes 7-29

Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 7-31 Displaying the RADIUS Configuration 7-31

Controlling Switch Access with Kerberos 7-32

Understanding Kerberos 7-32 Kerberos Operation 7-34

Authenticating to a Boundary Switch 7-34

Obtaining a TGT from a KDC 7-35

Authenticating to Network Services 7-35 Configuring Kerberos 7-35

viii

Configuring the Switch for Local Authentication and Authorization 7-36

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Configuring the Switch for Secure Shell 7-37

Understanding SSH 7-37

SSH Servers, Integrated Clients, and Supported Versions 7-38 Limitations 7-38

Configuring SSH 7-39

Configuration Guidelines 7-39 Setting Up the Switch to Run SSH 7-39 Configuring the SSH Server 7-40

Displaying the SSH Configuration and Status 7-41

Configuring the Switch for Secure Socket Layer HTTP 7-41

Understanding Secure HTTP Servers and Clients 7-42

Certificate Authority Trustpoints 7-42 CipherSuites 7-43

Configuring Secure HTTP Servers and Clients 7-44

Default SSL Configuration 7-44 SSL Configuration Guidelines 7-44 Configuring a CA Trustpoint 7-45 Configuring the Secure HTTP Server 7-45 Configuring the Secure HTTP Client 7-47

Displaying Secure HTTP Server and Client Status 7-48

Contents

CHAPTER

Configuring the Switch for Secure Copy Protocol 7-48

Information About Secure Copy 7-48

8 Configuring SDM Templates 8-1

Understanding the SDM Templates 8-1

Dual IPv4 and IPv6 SDM Templates 8-2 SDM Templates and Switch Stacks 8-3

Configuring the Switch SDM Template 8-4

Default SDM Template 8-4 SDM Template Configuration Guidelines 8-4 Setting the SDM Template 8-5

Displaying the SDM Templates 8-6

9 Configuring IEEE 802.1x Port-Based Authentication 9-1

Understanding IEEE 802.1x Port-Based Authentication 9-1

Device Roles 9-2 Authentication Process 9-3 Authentication Initiation and Message Exchange 9-5 Ports in Authorized and Unauthorized States 9-7

OL-12189-01

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

Contents

IEEE 802.1x Authentication and Switch Stacks 9-8 IEEE 802.1x Host Mode 9-8 IEEE 802.1x Accounting 9-9 IEEE 802.1x Accounting Attribute-Value Pairs 9-9 Using IEEE 802.1x Authentication with VLAN Assignment 9-10 Using IEEE 802.1x Authentication with Per-User ACLs 9-12 Using IEEE 802.1x Authentication with Guest VLAN 9-13 Using IEEE 802.1x Authentication with Restricted VLAN 9-14 Using IEEE 802.1x Authentication with Inaccessible Authentication Bypass 9-15 Using IEEE 802.1x Authentication with Voice VLAN Ports 9-16 Using IEEE 802.1x Authentication with Port Security 9-17 Using IEEE 802.1x Authentication with Wake-on-LAN 9-18 Using IEEE 802.1x Authentication with MAC Authentication Bypass 9-18 Network Admission Control Layer 2 IEEE 802.1x Validation 9-20 Using Multidomain Authentication 9-20 Using Web Authentication 9-21

Web Authentication with Automatic MAC Check 9-22

Configuring IEEE 802.1x Authentication 9-22

Default IEEE 802.1x Authentication Configuration 9-23 IEEE 802.1x Authentication Configuration Guidelines 9-24

IEEE 802.1x Authentication 9-24

VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication

Bypass 9-25

MAC Authentication Bypass 9-26 Configuring IEEE 802.1x Authentication 9-26 Configuring the Switch-to-RADIUS-Server Communication 9-28 Configuring the Host Mode 9-29 Configuring Periodic Re-Authentication 9-30 Manually Re-Authenticating a Client Connected to a Port 9-30 Changing the Quiet Period 9-31 Changing the Switch-to-Client Retransmission Time 9-31 Setting the Switch-to-Client Frame-Retransmission Number 9-32 Setting the Re-Authentication Number 9-32 Configuring IEEE 802.1x Accounting 9-33 Configuring a Guest VLAN 9-34 Configuring a Restricted VLAN 9-35 Configuring the Inaccessible Authentication Bypass Feature 9-37 Configuring IEEE 802.1x Authentication with WoL 9-39 Configuring MAC Authentication Bypass 9-40 Configuring NAC Layer 2 IEEE 802.1x Validation 9-41

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Configuring Web Authentication 9-42 Disabling IEEE 802.1x Authentication on the Port 9-44 Resetting the IEEE 802.1x Authentication Configuration to the Default Values 9-45

Displaying IEEE 802.1x Statistics and Status 9-45

Contents

CHAPTER

10 Configuring Interface Characteristics 10-1

Understanding Interface Types 10-1

Port-Based VLANs 10-2 Switch Ports 10-2

Access Ports 10-3 Trunk Ports 10-3

Tunnel Ports 10-4 Routed Ports 10-4 Switch Virtual Interfaces 10-5 EtherChannel Port Groups 10-5 10-Gigabit Ethernet Interfaces 10-6 Connecting Interfaces 10-6

Using Interface Configuration Mode 10-7

Procedures for Configuring Interfaces 10-8 Configuring a Range of Interfaces 10-9 Configuring and Using Interface Range Macros 10-10

Using the Internal Ethernet Management Port 10-12

Understanding the Internal Ethernet Management Port 10-12 Supported Features on the Ethernet Management Port 10-13 Layer 3 Routing Configuration Guidelines 10-14 Monitoring the Ethernet Management Port 10-14

OL-12189-01

Configuring Ethernet Interfaces 10-14

Default Ethernet Interface Configuration 10-15 Configuring Interface Speed and Duplex Mode 10-16

Speed and Duplex Configuration Guidelines 10-16

Setting the Interface Speed and Duplex Parameters 10-17 Configuring IEEE 802.3x Flow Control 10-18 Configuring Auto-MDIX on an Interface 10-19 Adding a Description for an Interface 10-20

Configuring Layer 3 Interfaces 10-20

Configuring the System MTU 10-22

Monitoring and Maintaining the Interfaces 10-24

Monitoring Interface Status 10-24 Clearing and Resetting Interfaces and Counters 10-25

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

Contents

Shutting Down and Restarting the Interface 10-25

CHAPTER

11 Configuring Smartports Macros 11-1

Understanding Smartports Macros 11-1

Configuring Smartports Macros 11-2

Default Smartports Macro Configuration 11-2 Smartports Macro Configuration Guidelines 11-3 Creating Smartports Macros 11-4 Applying Smartports Macros 11-5 Applying Cisco-Default Smartports Macros 11-6

Displaying Smartports Macros 11-8

12 Configuring VLANs 12-1

Understanding VLANs 12-1

Supported VLANs 12-2 VLAN Port Membership Modes 12-3

Configuring Normal-Range VLANs 12-4

Token Ring VLANs 12-6 Normal-Range VLAN Configuration Guidelines 12-6 VLAN Configuration Mode Options 12-7

VLAN Configuration in config-vlan Mode 12-7

VLAN Configuration in VLAN Database Configuration Mode 12-7 Saving VLAN Configuration 12-7 Default Ethernet VLAN Configuration 12-8 Creating or Modifying an Ethernet VLAN 12-9 Deleting a VLAN 12-10 Assigning Static-Access Ports to a VLAN 12-11

xii

Configuring Extended-Range VLANs 12-12

Default VLAN Configuration 12-12 Extended-Range VLAN Configuration Guidelines 12-13 Creating an Extended-Range VLAN 12-14 Creating an Extended-Range VLAN with an Internal VLAN ID 12-15

Displaying VLANs 12-16

Configuring VLAN Trunks 12-16

Trunking Overview 12-16

Encapsulation Types 12-19

IEEE 802.1Q Configuration Considerations 12-19 Default Layer 2 Ethernet Interface VLAN Configuration 12-20 Configuring an Ethernet Interface as a Trunk Port 12-20

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Interaction with Other Features 12-20 Configuring a Trunk Port 12-21 Defining the Allowed VLANs on a Trunk 12-22 Changing the Pruning-Eligible List 12-23 Configuring the Native VLAN for Untagged Traffic 12-24

Configuring Trunk Ports for Load Sharing 12-24

Load Sharing Using STP Port Priorities 12-25 Load Sharing Using STP Path Cost 12-27

Configuring VMPS 12-28

Understanding VMPS 12-28

Dynamic-Access Port VLAN Membership 12-29 Default VMPS Client Configuration 12-30 VMPS Configuration Guidelines 12-30 Configuring the VMPS Client 12-30

Entering the IP Address of the VMPS 12-31

Configuring Dynamic-Access Ports on VMPS Clients 12-31

Reconfirming VLAN Memberships 12-32

Changing the Reconfirmation Interval 12-32

Changing the Retry Count 12-32 Monitoring the VMPS 12-33 Troubleshooting Dynamic-Access Port VLAN Membership 12-33 VMPS Configuration Example 12-34

Contents

CHAPTER

OL-12189-01

13 Configuring VTP 13-1

Understanding VTP 13-1

The VTP Domain 13-2 VTP Modes 13-3 VTP Advertisements 13-3 VTP Version 2 13-4 VTP Pruning 13-4 VTP and Switch Stacks 13-6

Configuring VTP 13-6

Default VTP Configuration 13-7 VTP Configuration Options 13-7

VTP Configuration in Global Configuration Mode 13-7

VTP Configuration in VLAN Database Configuration Mode 13-8 VTP Configuration Guidelines 13-8

Domain Names 13-8

Passwords 13-8

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

xiii

Contents

VTP Version 13-9

Configuration Requirements 13-9 Configuring a VTP Server 13-9 Configuring a VTP Client 13-11 Disabling VTP (VTP Transparent Mode) 13-12 Enabling VTP Version 2 13-13 Enabling VTP Pruning 13-14 Adding a VTP Client Switch to a VTP Domain 13-14

Monitoring VTP 13-16

CHAPTER

14 Configuring Voice VLAN 14-1

Understanding Voice VLAN 14-1

Cisco IP Phone Voice Traffic 14-2 Cisco IP Phone Data Traffic 14-2

Configuring Voice VLAN 14-3

Default Voice VLAN Configuration 14-3 Voice VLAN Configuration Guidelines 14-3 Configuring a Port Connected to a Cisco 7960 IP Phone 14-4

Configuring Cisco IP Phone Voice Traffic 14-5

Configuring the Priority of Incoming Data Frames 14-6

Displaying Voice VLAN 14-7

15 Configuring Private VLANs 15-1

Understanding Private VLANs 15-1

IP Addressing Scheme with Private VLANs 15-3 Private VLANs across Multiple Switches 15-4 Private-VLAN Interaction with Other Features 15-4

Private VLANs and Unicast, Broadcast, and Multicast Traffic 15-5

Private VLANs and SVIs 15-5

Private VLANs and Switch Stacks 15-5

xiv

Configuring Private VLANs 15-6

Tasks for Configuring Private VLANs 15-6 Default Private-VLAN Configuration 15-6 Private-VLAN Configuration Guidelines 15-7

Secondary and Primary VLAN Configuration 15-7

Private-VLAN Port Configuration 15-8

Limitations with Other Features 15-9 Configuring and Associating VLANs in a Private VLAN 15-10 Configuring a Layer 2 Interface as a Private-VLAN Host Port 15-11

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port 15-13 Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface 15-14

Monitoring Private VLANs 15-15

Contents

CHAPTER

16 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling 16-1

Understanding IEEE 802.1Q Tunneling 16-1

Configuring IEEE 802.1Q Tunneling 16-4

Default IEEE 802.1Q Tunneling Configuration 16-4 IEEE 802.1Q Tunneling Configuration Guidelines 16-4

Native VLANs 16-4

System MTU 16-5 IEEE 802.1Q Tunneling and Other Features 16-6 Configuring an IEEE 802.1Q Tunneling Port 16-6

Understanding Layer 2 Protocol Tunneling 16-7

Configuring Layer 2 Protocol Tunneling 16-10

Default Layer 2 Protocol Tunneling Configuration 16-11 Layer 2 Protocol Tunneling Configuration Guidelines 16-12 Configuring Layer 2 Protocol Tunneling 16-13 Configuring Layer 2 Tunneling for EtherChannels 16-14

Configuring the SP Edge Switch 16-14

Configuring the Customer Switch 16-16

Monitoring and Maintaining Tunneling Status 16-18

CHAPTER

OL-12189-01

17 Configuring STP 17-1

Understanding Spanning-Tree Features 17-1

STP Overview 17-2 Spanning-Tree Topology and BPDUs 17-3 Bridge ID, Switch Priority, and Extended System ID 17-4 Spanning-Tree Interface States 17-5

Blocking State 17-6

Listening State 17-7

Learning State 17-7

Forwarding State 17-7

Disabled State 17-7 How a Switch or Port Becomes the Root Switch or Root Port 17-8 Spanning Tree and Redundant Connectivity 17-8 Spanning-Tree Address Management 17-9 Accelerated Aging to Retain Connectivity 17-9 Spanning-Tree Modes and Protocols 17-10

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

Contents

Supported Spanning-Tree Instances 17-10 Spanning-Tree Interoperability and Backward Compatibility 17-11 STP and IEEE 802.1Q Trunks 17-11 VLAN-Bridge Spanning Tree 17-11 Spanning Tree and Switch Stacks 17-12

Configuring Spanning-Tree Features 17-12

Default Spanning-Tree Configuration 17-13 Spanning-Tree Configuration Guidelines 17-13 Changing the Spanning-Tree Mode. 17-15 Disabling Spanning Tree 17-16 Configuring the Root Switch 17-16 Configuring a Secondary Root Switch 17-18 Configuring Port Priority 17-18 Configuring Path Cost 17-20 Configuring the Switch Priority of a VLAN 17-21 Configuring Spanning-Tree Timers 17-22

Configuring the Hello Time 17-22 Configuring the Forwarding-Delay Time for a VLAN 17-23 Configuring the Maximum-Aging Time for a VLAN 17-23 Configuring the Transmit Hold-Count 17-24

CHAPTER

Displaying the Spanning-Tree Status 17-24

18 Configuring MSTP 18-1

Understanding MSTP 18-2

Multiple Spanning-Tree Regions 18-2 IST, CIST, and CST 18-3

Operations Within an MST Region 18-3 Operations Between MST Regions 18-4

IEEE 802.1s Terminology 18-5 Hop Count 18-5 Boundary Ports 18-6 IEEE 802.1s Implementation 18-6

Port Role Naming Change 18-7

Interoperation Between Legacy and Standard Switches 18-7

Detecting Unidirectional Link Failure 18-8 MSTP and Switch Stacks 18-8 Interoperability with IEEE 802.1D STP 18-9

Understanding RSTP 18-9

Port Roles and the Active Topology 18-9

xvi

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Rapid Convergence 18-10 Synchronization of Port Roles 18-11 Bridge Protocol Data Unit Format and Processing 18-12

Processing Superior BPDU Information 18-13 Processing Inferior BPDU Information 18-13

Topology Changes 18-13

Configuring MSTP Features 18-14

Default MSTP Configuration 18-15 MSTP Configuration Guidelines 18-15 Specifying the MST Region Configuration and Enabling MSTP 18-16 Configuring the Root Switch 18-17 Configuring a Secondary Root Switch 18-19 Configuring Port Priority 18-20 Configuring Path Cost 18-21 Configuring the Switch Priority 18-22 Configuring the Hello Time 18-22 Configuring the Forwarding-Delay Time 18-23 Configuring the Maximum-Aging Time 18-24 Configuring the Maximum-Hop Count 18-24 Specifying the Link Type to Ensure Rapid Transitions 18-24 Designating the Neighbor Type 18-25 Restarting the Protocol Migration Process 18-26

Contents

CHAPTER

Displaying the MST Configuration and Status 18-26

19 Configuring Optional Spanning-Tree Features 19-1

Understanding Optional Spanning-Tree Features 19-1

Understanding Port Fast 19-2 Understanding BPDU Guard 19-2 Understanding BPDU Filtering 19-3 Understanding UplinkFast 19-3 Understanding Cross-Stack UplinkFast 19-5

How CSUF Works 19-6

Events that Cause Fast Convergence 19-7 Understanding BackboneFast 19-7 Understanding EtherChannel Guard 19-10 Understanding Root Guard 19-10 Understanding Loop Guard 19-11

Configuring Optional Spanning-Tree Features 19-11

Default Optional Spanning-Tree Configuration 19-12

OL-12189-01

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

xvii

Contents

Optional Spanning-Tree Configuration Guidelines 19-12 Enabling Port Fast 19-12 Enabling BPDU Guard 19-13 Enabling BPDU Filtering 19-14 Enabling UplinkFast for Use with Redundant Links 19-15 Enabling Cross-Stack UplinkFast 19-16 Enabling BackboneFast 19-16 Enabling EtherChannel Guard 19-17 Enabling Root Guard 19-18 Enabling Loop Guard 19-18

Displaying the Spanning-Tree Status 19-19

CHAPTER

20 Configuring Flex Links and the MAC Address-Table Move Update Feature 20-1

Understanding Flex Links and the MAC Address-Table Move Update 20-1

Flex Links 20-1 VLAN Flex Link Load Balancing and Support 20-2 MAC Address-Table Move Update 20-3

Configuring Flex Links and MAC Address-Table Move Update 20-4

Configuration Guidelines 20-5 Default Configuration 20-5 Configuring Flex Links 20-6 Configuring VLAN Load Balancing on Flex Links 20-8 Configuring the MAC Address-Table Move Update Feature 20-9

Monitoring Flex Links and the MAC Address-Table Move Update Information 20-11

21 Configuring DHCP Features and IP Source Guard 21-1

Understanding DHCP Features 21-1

DHCP Server 21-2 DHCP Relay Agent 21-2 DHCP Snooping 21-2 Option-82 Data Insertion 21-3 Cisco IOS DHCP Server Database 21-6 DHCP Snooping Binding Database 21-6 DHCP Snooping and Switch Stacks 21-8

xviii

Configuring DHCP Features 21-8

Default DHCP Configuration 21-8 DHCP Snooping Configuration Guidelines 21-9 Configuring the DHCP Server 21-10 DHCP Server and Switch Stacks 21-10

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Configuring the DHCP Relay Agent 21-11 Specifying the Packet Forwarding Address 21-11 Enabling DHCP Snooping and Option 82 21-12 Enabling DHCP Snooping on Private VLANs 21-14 Enabling the Cisco IOS DHCP Server Database 21-14 Enabling the DHCP Snooping Binding Database Agent 21-14

Displaying DHCP Snooping Information 21-15

Understanding IP Source Guard 21-16

Source IP Address Filtering 21-16 Source IP and MAC Address Filtering 21-17

Configuring IP Source Guard 21-17

Default IP Source Guard Configuration 21-17 IP Source Guard Configuration Guidelines 21-17 Enabling IP Source Guard 21-18

Displaying IP Source Guard Information 21-19

Contents

CHAPTER

22 Configuring Dynamic ARP Inspection 22-1

Understanding Dynamic ARP Inspection 22-1

Interface Trust States and Network Security 22-3 Rate Limiting of ARP Packets 22-4 Relative Priority of ARP ACLs and DHCP Snooping Entries 22-4 Logging of Dropped Packets 22-5

Configuring Dynamic ARP Inspection 22-5

Default Dynamic ARP Inspection Configuration 22-5 Dynamic ARP Inspection Configuration Guidelines 22-6 Configuring Dynamic ARP Inspection in DHCP Environments 22-7 Configuring ARP ACLs for Non-DHCP Environments 22-8 Limiting the Rate of Incoming ARP Packets 22-10 Performing Validation Checks 22-11 Configuring the Log Buffer 22-12

Displaying Dynamic ARP Inspection Information 22-14

23 Configuring IGMP Snooping and MVR 23-1

Understanding IGMP Snooping 23-2

IGMP Versions 23-3 Joining a Multicast Group 23-3 Leaving a Multicast Group 23-5 Immediate Leave 23-6 IGMP Configurable-Leave Timer 23-6

OL-12189-01

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

xix

Contents

IGMP Report Suppression 23-6 IGMP Snooping and Switch Stacks 23-7

Configuring IGMP Snooping 23-7

Default IGMP Snooping Configuration 23-7 Enabling or Disabling IGMP Snooping 23-8 Setting the Snooping Method 23-9 Configuring a Multicast Router Port 23-10 Configuring a Blade Server Statically to Join a Group 23-10 Enabling IGMP Immediate Leave 23-11 Configuring the IGMP Leave Timer 23-12 Configuring TCN-Related Commands 23-12

Controlling the Multicast Flooding Time After a TCN Event 23-13 Recovering from Flood Mode 23-13

Disabling Multicast Flooding During a TCN Event 23-14 Configuring the IGMP Snooping Querier 23-14 Disabling IGMP Report Suppression 23-16

CHAPTER

Displaying IGMP Snooping Information 23-16

Understanding Multicast VLAN Registration 23-18

Using MVR in a Multicast Television Application 23-18

Configuring MVR 23-20

Default MVR Configuration 23-20 MVR Configuration Guidelines and Limitations 23-20 Configuring MVR Global Parameters 23-21 Configuring MVR Interfaces 23-22

Displaying MVR Information 23-24

Configuring IGMP Filtering and Throttling 23-24

Default IGMP Filtering and Throttling Configuration 23-25 Configuring IGMP Profiles 23-25 Applying IGMP Profiles 23-27 Setting the Maximum Number of IGMP Groups 23-27 Configuring the IGMP Throttling Action 23-28

Displaying IGMP Filtering and Throttling Configuration 23-29

24 Configuring IPv6 MLD Snooping 24-1

Understanding MLD Snooping 24-1

MLD Messages 24-2 MLD Queries 24-3 Multicast Client Aging Robustness 24-3 Multicast Router Discovery 24-4

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

MLD Reports 24-4 MLD Done Messages and Immediate-Leave 24-4 Topology Change Notification Processing 24-5 MLD Snooping in Switch Stacks 24-5

Configuring IPv6 MLD Snooping 24-5

Default MLD Snooping Configuration 24-6 MLD Snooping Configuration Guidelines 24-6 Enabling or Disabling MLD Snooping 24-7 Configuring a Static Multicast Group 24-8 Configuring a Multicast Router Port 24-9 Enabling MLD Immediate Leave 24-9 Configuring MLD Snooping Queries 24-10 Disabling MLD Listener Message Suppression 24-11

Displaying MLD Snooping Information 24-12

Contents

CHAPTER

25 Configuring Port-Based Traffic Control 25-1

Configuring Storm Control 25-1

Understanding Storm Control 25-1 Default Storm Control Configuration 25-3 Configuring Storm Control and Threshold Levels 25-3

Configuring Protected Ports 25-5

Default Protected Port Configuration 25-5 Protected Port Configuration Guidelines 25-6 Configuring a Protected Port 25-6

Configuring Port Blocking 25-6

Default Port Blocking Configuration 25-7 Blocking Flooded Traffic on an Interface 25-7

Configuring Port Security 25-7

Understanding Port Security 25-8

Secure MAC Addresses 25-8

Security Violations 25-9 Default Port Security Configuration 25-10 Port Security Configuration Guidelines 25-10 Enabling and Configuring Port Security 25-12 Enabling and Configuring Port Security Aging 25-16 Port Security and Switch Stacks 25-17 Port Security and Private VLANs 25-17

OL-12189-01

Displaying Port-Based Traffic Control Settings 25-18

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

xxi

Contents

CHAPTER

26 Configuring CDP 26-1

Understanding CDP 26-1

CDP and Switch Stacks 26-2

Configuring CDP 26-2

Default CDP Configuration 26-2 Configuring the CDP Characteristics 26-2 Disabling and Enabling CDP 26-3 Disabling and Enabling CDP on an Interface 26-4

Monitoring and Maintaining CDP 26-5

27 Configuring LLDP and LLDP-MED 27-1

Understanding LLDP and LLDP-MED 27-1

Understanding LLDP 27-1 Understanding LLDP-MED 27-2

Configuring LLDP and LLDP-MED 27-3

Default LLDP Configuration 27-3 Configuring LLDP Characteristics 27-4 Disabling and Enabling LLDP Globally 27-4 Disabling and Enabling LLDP on an Interface 27-5 Configuring LLDP-MED TLVs 27-6

CHAPTER

Monitoring and Maintaining LLDP and LLDP-MED 27-7

28 Configuring UDLD 28-1

Understanding UDLD 28-1

Modes of Operation 28-1 Methods to Detect Unidirectional Links 28-2

Configuring UDLD 28-3

Default UDLD Configuration 28-4 Configuration Guidelines 28-4 Enabling UDLD Globally 28-5 Enabling UDLD on an Interface 28-6 Resetting an Interface Disabled by UDLD 28-6

Displaying UDLD Status 28-7

29 Configuring SPAN and RSPAN 29-1

Understanding SPAN and RSPAN 29-1

Local SPAN 29-2 Remote SPAN 29-3

xxii

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

SPAN and RSPAN Concepts and Terminology 29-4

SPAN Sessions 29-4

Monitored Traffic 29-5

Source Ports 29-6

Source VLANs 29-7

VLAN Filtering 29-7

Destination Port 29-8

RSPAN VLAN 29-9 SPAN and RSPAN Interaction with Other Features 29-9 SPAN and RSPAN and Switch Stacks 29-10

Configuring SPAN and RSPAN 29-10

Default SPAN and RSPAN Configuration 29-11 Configuring Local SPAN 29-11

SPAN Configuration Guidelines 29-11

Creating a Local SPAN Session 29-12

Creating a Local SPAN Session and Configuring Incoming Traffic 29-14

Specifying VLANs to Filter 29-15 Configuring RSPAN 29-16

RSPAN Configuration Guidelines 29-16

Configuring a VLAN as an RSPAN VLAN 29-17

Creating an RSPAN Source Session 29-18

Specifying VLANs to Filter 29-19

Creating an RSPAN Destination Session 29-20

Creating an RSPAN Destination Session and Configuring Incoming Traffic 29-21

Contents

CHAPTER

OL-12189-01

Displaying SPAN and RSPAN Status 29-23

30 Configuring RMON 30-1

Understanding RMON 30-1

Configuring RMON 30-2

Default RMON Configuration 30-3 Configuring RMON Alarms and Events 30-3 Collecting Group History Statistics on an Interface 30-5 Collecting Group Ethernet Statistics on an Interface 30-5

Displaying RMON Status 30-6

31 Configuring System Message Logging 31-1

Understanding System Message Logging 31-1

Configuring System Message Logging 31-2

System Log Message Format 31-2

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

xxiii

Contents

Default System Message Logging Configuration 31-4 Disabling Message Logging 31-4 Setting the Message Display Destination Device 31-5 Synchronizing Log Messages 31-6 Enabling and Disabling Time Stamps on Log Messages 31-8 Enabling and Disabling Sequence Numbers in Log Messages 31-8 Defining the Message Severity Level 31-9 Limiting Syslog Messages Sent to the History Table and to SNMP 31-10 Enabling the Configuration-Change Logger 31-11 Configuring UNIX Syslog Servers 31-12

Logging Messages to a UNIX Syslog Daemon 31-12 Configuring the UNIX System Logging Facility 31-13

Displaying the Logging Configuration 31-14

CHAPTER

32 Configuring SNMP 32-1

Understanding SNMP 32-1

SNMP Versions 32-2 SNMP Manager Functions 32-3 SNMP Agent Functions 32-4 SNMP Community Strings 32-4 Using SNMP to Access MIB Variables 32-4 SNMP Notifications 32-5 SNMP ifIndex MIB Object Values 32-5

Configuring SNMP 32-6

Default SNMP Configuration 32-6 SNMP Configuration Guidelines 32-6 Disabling the SNMP Agent 32-7 Configuring Community Strings 32-8 Configuring SNMP Groups and Users 32-9 Configuring SNMP Notifications 32-11 Setting the Agent Contact and Location Information 32-15 Limiting TFTP Servers Used Through SNMP 32-15 SNMP Examples 32-16

CHAPTER

xxiv

Displaying SNMP Status 32-17

34 Configuring Network Security with ACLs 34-1

Understanding ACLs 34-1

Supported ACLs 34-2

Port ACLs 34-3

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Router ACLs 34-4

VLAN Maps 34-5 Handling Fragmented and Unfragmented Traffic 34-5 ACLs and Switch Stacks 34-6

Configuring IPv4 ACLs 34-7

Creating Standard and Extended IPv4 ACLs 34-7

Access List Numbers 34-8

ACL Logging 34-9

Creating a Numbered Standard ACL 34-10

Creating a Numbered Extended ACL 34-11

Resequencing ACEs in an ACL 34-15

Creating Named Standard and Extended ACLs 34-15

Using Time Ranges with ACLs 34-17

Including Comments in ACLs 34-19 Applying an IPv4 ACL to a Terminal Line 34-19 Applying an IPv4 ACL to an Interface 34-20 Hardware and Software Treatment of IP ACLs 34-22 IPv4 ACL Configuration Examples 34-22

Numbered ACLs 34-24

Extended ACLs 34-24

Named ACLs 34-25

Time Range Applied to an IP ACL 34-25

Commented IP ACL Entries 34-25

ACL Logging 34-26

Contents

OL-12189-01

Creating Named MAC Extended ACLs 34-27

Applying a MAC ACL to a Layer 2 Interface 34-28

Configuring VLAN Maps 34-29

VLAN Map Configuration Guidelines 34-30 Creating a VLAN Map 34-31

Examples of ACLs and VLAN Maps 34-32 Applying a VLAN Map to a VLAN 34-34 Using VLAN Maps in Your Network 34-34

Denying Access to a Server on Another VLAN 34-34

Using VLAN Maps with Router ACLs 34-35

VLAN Maps and Router ACL Configuration Guidelines 34-35 Examples of Router ACLs and VLAN Maps Applied to VLANs 34-36

ACLs and Switched Packets 34-36

ACLs and Bridged Packets 34-37

ACLs and Routed Packets 34-38

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

xxv

Contents

ACLs and Multicast Packets 34-38

Displaying IPv4 ACL Configuration 34-39

CHAPTER

35 Configuring IPv6 ACLs 35-1

Supported IPv6 ACLs 35-2

Understanding IPv6 ACLs 35-2

Supported ACL Features 35-2 IPv6 ACL Limitations 35-3 IPv6 ACLs and Switch Stacks 35-4

Configuring IPv6 ACLs 35-4

Default IPv6 ACL Configuration 35-5 Interaction with Other Features and Switches 35-5 Creating IPv6 ACLs 35-5 Applying an IPv6 ACL to an Interface 35-8

Displaying IPv6 ACLs 35-9

36 Configuring QoS 36-1

Understanding QoS 36-2

Basic QoS Model 36-3 Classification 36-5

Classification Based on QoS ACLs 36-7 Classification Based on Class Maps and Policy Maps 36-7

Policing and Marking 36-8

Policing on Physical Ports 36-9

Policing on SVIs 36-10 Mapping Tables 36-12 Queueing and Scheduling Overview 36-13

Weighted Tail Drop 36-13

SRR Shaping and Sharing 36-14

Queueing and Scheduling on Ingress Queues 36-15

Queueing and Scheduling on Egress Queues 36-17 Packet Modification 36-19

xxvi

Configuring Auto-QoS 36-20

Generated Auto-QoS Configuration 36-21 Effects of Auto-QoS on the Configuration 36-25 Auto-QoS Configuration Guidelines 36-25 Enabling Auto-QoS for VoIP 36-26 Auto-QoS Configuration Example 36-27

Displaying Auto-QoS Information 36-29

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Configuring Standard QoS 36-29

Default Standard QoS Configuration 36-30

Default Ingress Queue Configuration 36-30 Default Egress Queue Configuration 36-31 Default Mapping Table Configuration 36-32

Standard QoS Configuration Guidelines 36-32

QoS ACL Guidelines 36-32 Applying QoS on Interfaces 36-32 Policing Guidelines 36-33

General QoS Guidelines 36-33 Enabling QoS Globally 36-34 Enabling VLAN-Based QoS on Physical Ports 36-34 Configuring Classification Using Port Trust States 36-35

Configuring the Trust State on Ports within the QoS Domain 36-35

Configuring the CoS Value for an Interface 36-37

Configuring a Trusted Boundary to Ensure Port Security 36-38

Enabling DSCP Transparency Mode 36-39

Configuring the DSCP Trust State on a Port Bordering Another QoS Domain 36-40 Configuring a QoS Policy 36-42

Classifying Traffic by Using ACLs 36-43

Classifying Traffic by Using Class Maps 36-46

Classifying, Policing, and Marking Traffic on Physical Ports by Using Policy Maps 36-48

Classifying, Policing, and Marking Traffic on SVIs by Using Hierarchical Policy Maps 36-52

Classifying, Policing, and Marking Traffic by Using Aggregate Policers 36-58 Configuring DSCP Maps 36-60

Configuring the CoS-to-DSCP Map 36-60

Configuring the IP-Precedence-to-DSCP Map 36-61

Configuring the Policed-DSCP Map 36-62

Configuring the DSCP-to-CoS Map 36-63

Configuring the DSCP-to-DSCP-Mutation Map 36-64 Configuring Ingress Queue Characteristics 36-66

Mapping DSCP or CoS Values to an Ingress Queue and Setting WTD Thresholds 36-67

Allocating Buffer Space Between the Ingress Queues 36-68

Allocating Bandwidth Between the Ingress Queues 36-68

Configuring the Ingress Priority Queue 36-69 Configuring Egress Queue Characteristics 36-70

Configuration Guidelines 36-71

Allocating Buffer Space to and Setting WTD Thresholds for an Egress Queue-Set 36-71

Mapping DSCP or CoS Values to an Egress Queue and to a Threshold ID 36-73

Configuring SRR Shaped Weights on Egress Queues 36-75

Contents

OL-12189-01

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

xxvii

Contents

Configuring SRR Shared Weights on Egress Queues 36-76 Configuring the Egress Expedite Queue 36-76 Limiting the Bandwidth on an Egress Interface 36-77

Displaying Standard QoS Information 36-78

CHAPTER

37 Configuring EtherChannels and Link-State Tracking 37-1

Understanding EtherChannels 37-1

EtherChannel Overview 37-2 Port-Channel Interfaces 37-4 Port Aggregation Protocol 37-5

PAgP Modes 37-5 PAgP Interaction with Other Features 37-6

Link Aggregation Control Protocol 37-6

LACP Modes 37-6

LACP Interaction with Other Features 37-7 EtherChannel On Mode 37-7 Load-Balancing and Forwarding Methods 37-7 EtherChannel and Switch Stacks 37-9

Configuring EtherChannels 37-10

Default EtherChannel Configuration 37-10 EtherChannel Configuration Guidelines 37-11 Configuring Layer 2 EtherChannels 37-12 Configuring Layer 3 EtherChannels 37-14

Creating Port-Channel Logical Interfaces 37-14

Configuring the Physical Interfaces 37-15 Configuring EtherChannel Load-Balancing 37-17 Configuring the PAgP Learn Method and Priority 37-18 Configuring LACP Hot-Standby Ports 37-19

Configuring the LACP System Priority 37-20

Configuring the LACP Port Priority 37-21

xxviii

Displaying EtherChannel, PAgP, and LACP Status 37-22

Understanding Link-State Tracking 37-22

Configuring Link-State Tracking 37-24

Default Link-State Tracking Configuration 37-24 Link-State Tracking Configuration Guidelines 37-24 Configuring Link-State Tracking 37-25 Displaying Link-State Tracking Status 37-26

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

Contents

CHAPTER

38 Configuring IP Unicast Routing 38-1

Supported IPv4 Features 38-2

Understanding IP Routing 38-3

Types of Routing 38-3 IP Routing and Switch Stacks 38-4

Steps for Configuring Routing 38-6

Configuring IP Addressing 38-6

Default Addressing Configuration 38-7 Assigning IP Addresses to Network Interfaces 38-8

Use of Subnet Zero 38-8 Classless Routing 38-9

Configuring Address Resolution Methods 38-10

Define a Static ARP Cache 38-11 Set ARP Encapsulation 38-12 Enable Proxy ARP 38-13

Routing Assistance When IP Routing is Disabled 38-13

Proxy ARP 38-13 Default Gateway 38-13 ICMP Router Discovery Protocol (IRDP) 38-14

Configuring Broadcast Packet Handling 38-15

Enabling Directed Broadcast-to-Physical Broadcast Translation 38-16 Forwarding UDP Broadcast Packets and Protocols 38-17 Establishing an IP Broadcast Address 38-17 Flooding IP Broadcasts 38-18

Monitoring and Maintaining IP Addressing 38-19

OL-12189-01

Enabling IP Unicast Routing 38-20

Configuring RIP 38-21

Default RIP Configuration 38-22 Configuring Basic RIP Parameters 38-22 Configuring RIP Authentication 38-24 Configuring Summary Addresses and Split Horizon 38-24 Configuring Split Horizon 38-26

Configuring Stub Routing 38-26

Understanding PIM Stub Routing 38-26 Configuring PIM Stub Routing 38-27

PIM Stub Routing Configuration Guidelines 38-28

Enabling PIM Stub Routing 38-28 Understanding EIGRP Stub Routing 38-29 Configuring EIGRP Stub Routing 38-30

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

xxix

Contents

Configuring OSPF 38-31

Default OSPF Configuration 38-32

OSPF Nonstop Forwarding 38-33 Configuring Basic OSPF Parameters 38-35 Configuring OSPF Interfaces 38-35 Configuring OSPF Area Parameters 38-36 Configuring Other OSPF Parameters 38-38 Changing LSA Group Pacing 38-39 Configuring a Loopback Interface 38-40 Monitoring OSPF 38-40

Configuring EIGRP 38-41

Default EIGRP Configuration 38-43

EIGRP Nonstop Forwarding 38-44 Configuring Basic EIGRP Parameters 38-45 Configuring EIGRP Interfaces 38-46 Configuring EIGRP Route Authentication 38-47 Monitoring and Maintaining EIGRP 38-48

Configuring BGP 38-49

Default BGP Configuration 38-51

Nonstop Forwarding Awareness 38-53 Enabling BGP Routing 38-53 Managing Routing Policy Changes 38-56 Configuring BGP Decision Attributes 38-57 Configuring BGP Filtering with Route Maps 38-59 Configuring BGP Filtering by Neighbor 38-60 Configuring Prefix Lists for BGP Filtering 38-61 Configuring BGP Community Filtering 38-62 Configuring BGP Neighbors and Peer Groups 38-64 Configuring Aggregate Addresses 38-66 Configuring Routing Domain Confederations 38-66 Configuring BGP Route Reflectors 38-67 Configuring Route Dampening 38-68 Monitoring and Maintaining BGP 38-69

Configuring Multi-VRF CE 38-70

Understanding Multi-VRF CE 38-71 Default Multi-VRF CE Configuration 38-73 Multi-VRF CE Configuration Guidelines 38-73 Configuring VRFs 38-74 Configuring VRF-Aware Services 38-75

xxx

Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide

OL-12189-01

+ 1186 hidden pages

Cisco 310, 312 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

CONTENTS