Catalyst 3550 Multilayer Switch
Software Configuration Guide
Cisco IOS Release 12.1(8)EA1
February 2002
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Customer Order Number: DOC-7811194=
Text Part Number: 78-11194-03
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOU T
NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE
PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONS IBILITY FOR THEIR
APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORT H IN THE INFORMATION
PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO
LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of
UCB’s public domain version of the UNIX op erating system. All righ ts reser ved. Copy right © 1981, Regent s of th e Univers ity of Californ ia.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED
“AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCL AIM ALL WARRANTI ES, EXPRESSE D OR IMPLIED,
INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR P URPOSE AND
NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL
DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROF ITS OR LOSS OR DAMAG E TO DATA ARISING OUT OF THE USE OR
INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
AccessPath, AtmDirector, Browse with Me, CCIP, CCSI, CD-PAC, CiscoLink, the Cisco Powered Network logo, Cisco Systems Netw ork ing Academy ,
the Cisco Systems Networking Academy logo, Cisco Unity, Fast Step, Follow Me Browsing, FormShare, FrameShare, IGX, Internet Quotie nt, IP/VC, iQ
Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, MGX, the Networkers logo, ScriptBuilder, ScriptShare, SMARTnet,
TransPath, Voice LAN, Wavelength Router, and WebViewer are trademarks of Cisco Systems, Inc.; Changi ng t he Way We Work, Live, Play, and Learn,
and Discover All That’s Possible are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP,
Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems
logo, Empowering the Internet Generat ion, Ent erprise/ Solver, Ether Channel, EtherSwi tch, Fast Hub, FastSwi tch, Gi gaStack, IOS, IP/T V, LightS tr eam,
MICA, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter,
and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a
partnership relationship between Cisco and any ot her company. (0110R)
Catalyst 3550 Multilayer Swi tch Softw are Configuration Guide
Copyright © 2002, Cisco Systems, I nc.
All rights reserved.
Preface xxvii
Audience xxvii
Purpose xxvii
Organization xxviii
Conventions xxx
Related Publications xxxi
Obtaining Documentation xxxi
World Wide Web xxxi
Documentation CD-ROM xxxi
Ordering Documentation xxxii
Documentat ion Feedback xxxii
Obtaining Technical Assistance xxxii
Cisco.com xxxiii
Technical Assistance Center xxxiii
Cisco TAC Web Site xxxiii
Cisco TAC Escalation Center xxxiv
CONTENTS
CHAPTER
CHAPTER
1 Overview 1-1
Features 1-1
Management Options 1-5
Management Interf ace Options 1-5
Advantage s of Us in g CMS and Cluster ing Switches 1-6
Network Configuration Examples 1-7
Design Concepts 1-7
Small to Medium-Sized Network Using Mixed Switches 1-11
Large Network Using Only Catalyst 3550 Switches 1-13
Multidwelling Network Using Catalyst 3550 Switches 1-14
2 Using the Command-Line Interface 2-1
IOS Command Modes 2-1
Getting Help 2-3
Abbreviating Commands 2-3
Using no and default Forms of Commands 2-4
78-11194-03
Catalyst 3550 Multilayer Switch Software Configuration Guide
iii
Contents
Understanding CLI Messages 2-4
Using Command History 2-5
Changing the Command Hi story Buffer Size 2-5
Recalling Commands 2-5
Disabling the Command History Feature 2-5
Using Editing Features 2-6
Enabling and Disa bling Editing Features 2-6
Editing Commands through Keystrokes 2-6
Editing Command Lines that Wrap 2-8
Searching and Filtering Output of sho w an d m or e Com ma nds 2-8
Accessing the CLI 2-9
CHAPTER
3 Getting Started with CMS 3-1
Features 3-2
Front Panel View 3-4
Cluster Tree 3-5
Front-Panel Ima ges 3-6
Redundant Power System LED 3-7
Port Modes and LEDs 3-8
VLAN Membership Modes 3-9
Topology View 3-10
Topology Icons 3-12
Device and Link Labe ls 3-13
Colors in the Topol ogy View 3-14
Topology Display Options 3-14
Menus and Toolbar 3-15
Menu Bar 3-15
Toolbar 3-21
Front Panel View Popup Menus 3-22
Device Popup Menu 3-22
Port Popup Menu 3-22
Topology View Popup Menus 3-23
Link Popup Menu 3-23
Device Popup Menus 3-24
iv
Interaction Modes 3-26
Guide Mode 3-26
Expert Mode 3-26
Wizards 3-26
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Tool Tips 3-27
Online Help 3-27
CMS Window Components 3-28
Host Name List 3-28
Tabs, Lists, and Tables 3-29
Icons Used in Windows 3-29
Buttons 3-29
Accessing CM S 3-30
Access Modes in CMS 3-31
HTTP Access to CMS 3-31
Verifying Your Changes 3-32
Change Notification 3-32
Error Checkin g 3-32
Saving Your Changes 3-32
Contents
CHAPTER
Using Different Versions of CMS 3-33
Where to Go Next 3-33
4 Assigning the Switch IP Address and Default Gateway 4-1
Understanding the Boot Process 4-1
Assigning Switch Information 4-2
Default Switch Information 4-3
Understanding DHCP-Based Autoconfiguration 4-3
DHCP Client Request Process 4-4
Configuring the DHCP Server 4-5
Configuring the TFTP Server 4-5
Configuring the DNS 4-6
Configuring the Relay Device 4-6
Obtaining Configuration Files 4-7
Example Con fi guration 4-8
Manually Assigning IP Information 4-10
Checking and Saving the Running Configuration 4-10
Modifying the S ta rtup Configurat ion 4-12
Default Boot Configuration 4-12
Automatically Downloading a Configuration File 4-12
Specifying the Filename to Read and Write the System Confi guration 4-13
Booting Manually 4-13
Booting a Specific Software Image 4-14
Controlling Environment Variables 4-15
78-11194-03
Catalyst 3550 Multilayer Switch Software Configuration Guide
v
Contents
Scheduling a Reload of the Software Image 4-17
Configuring a Scheduled Reload 4-17
Displaying Sched uled Reload Information 4-18
CHAPTER
5 Clustering Switches 5-1
Understanding Switch Clusters 5-2
Command Switch Characteristics 5-2
Standby Command Switch Characteristics 5-3
Candidate and Member Switches Characteristics 5-3
Planning a Switch Cluster 5-4
Automatic Discovery of Cluster Candidates and Members 5-4
Discovery th ro ug h CD P H op s 5-5
Discovery through Non-CDP-Capable and Noncluster-Capable Devices 5-6
Discovery through Di fferent VLANs 5-7
Discovery through the Same Management VLAN 5-8
Discovery through Di fferent Management VLANs 5-9
Discovery through Routed Ports 5-10
Discovery of Newly Installed Switches 5-11
HSRP and Standby Command Switches 5-12
Virtual IP Addres s es 5-13
Automatic Recovery of Cluster Configuration 5-13
Considerations for Cluster Standby Groups 5-14
IP Addresses 5-15
Host Names 5-16
Passwords 5-16
SNMP Community Strings 5-16
TACACS+ 5-17
Access Modes in CMS 5-17
LRE Profiles 5-17
Availability of Switch-Specific Features i n Switch Clusters 5-18
vi
Creating a Switch Cluster 5-18
Enabling a Command Switch 5-19
Adding Member Switches 5-20
Creating a Cluster Standby Group 5-22
Verifying a Switch Cl uster 5-24
Using the CLI to Manage Switch Clusters 5-25
Catalyst1900 and Catalyst2820 CLI Considerations 5-25
Using SNMP to Manage Sw itch Clusters 5-26
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Contents
CHAPTER
6 Administering the Switch 6-1
Preventing Unauthorized Access to Your Switch 6-1
Protecting Access to Privileged EXEC Commands 6-2
Default Password and Privilege Level Configuration 6-3
Setting or Changing a Static Enable Password 6-3
Protecting Enable and Enable Secret Passwords with Encryption 6-4
Disabling Password Recovery 6-5
Setting a Telnet Password for a Terminal Line 6-6
Configuring User name and Password Pairs 6-7
Configuring Multiple Privilege Levels 6-8
Setting the Priv ilege Level for a Command 6-8
Changing the Default Privilege Level for Lines 6-9
Logging into and Exiting a Privilege Level 6-10
Controlling Switch Access with TACACS+ 6-10
Understanding TACACS+ 6-10
TACACS+ Operation 6-12
Configuring TACACS+ 6-13
Default TACACS+ Confi guration 6-13
Identifying the TACACS+ Server Host and Setting the Authentication Key 6-13
Configuring TACACS+ Login Authentication 6-14
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 6-16
Starting TACACS+ Accounting 6-17
Displaying the TA CACS+ Configuration 6-17
78-11194-03
Controlling Switch Access with RADIUS 6-17
Understanding RADIUS 6-18
RADIUS Operation 6-19
Configuring RADIUS 6-19
Default RADIUS Configu ration 6-20
Identifying the RADI US Server Host 6-20
Configuring RADI US Login Authentication 6-23
Defining AAA Server Groups 6-24
Configuring RADIUS Authorization for User Privil eged Access and Network Services 6-26
Starting RADIUS Accounting 6-27
Configuring Set tings for All RADIUS Servers 6-28
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 6-28
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 6-29
Displaying the RADIUS Configuration 6-30
Configuring the Switch for Local Authentication and Authorization 6-31
Catalyst 3550 Multilayer Switch Software Configuration Guide
vii
Contents
Managing the System Time and Date 6-32
Understanding the System Clock 6-32
Understanding Network Time Protocol 6-32
Configuring NTP 6-34
Default NTP Config uration 6-35
Configuring NTP Authentication 6-35
Configuring NTP Associations 6-36
Configuring NTP Broadcast Service 6-37
Configuring NTP Ac cess Restrictions 6-38
Configuring the Source IP Address for NTP Packets 6-40
Displaying the NTP C onfiguration 6-41
Configuring Ti me and Date Manually 6-41
Setting the System Clock 6-42
Displaying the Time and Date Configuration 6-42
Configuring the Time Zone 6-43
Configuring Summer Time (Daylight Saving Time) 6-44
Configuring a System Name and Prompt 6-46
Default System Name and Prompt Configuration 6-46
Configuring a System Name 6-46
Configuring a System Prompt 6-47
Understanding DNS 6-47
Default DNS Configuration 6-48
Setting Up DNS 6-48
Displaying the DNS Configuration 6-49
Creating a Banner 6-49
Default Banner Con figuration 6-49
Configuring a Message-of-the-Day Login Banner 6-50
Configuring a Login Banner 6-51
Managing the MAC Address Table 6-51
Building the Address Table 6-52
MAC Addresses and VLANs 6-52
Default MAC Address Tab le Configuration 6-53
Changing the Addres s Aging Time 6-53
Removing Dynamic Address Entries 6-54
Configuring MAC Address Notification Traps 6-54
Adding and Removing Static Address Entries 6-56
Displaying Addre ss Table Entries 6-57
viii
Optimizing System Resources for User-Selected Features 6-57
Using the Templates 6-59
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Contents
CHAPTER
7 Configuring 802.1X Port-Based Authentication 7-1
Understanding 802.1X Port-Based Authentication 7-1
Device Roles 7-2
Authentication Initiation and Message Exchange 7-3
Ports in Authorized and Unauthorized States 7-4
Supported Topologies 7-4
Configuring 802.1X Authentication 7-5
Default 802.1X Configuration 7-6
802.1X Configur ation Guidelines 7-7
Enabling 802.1X Authentication 7-8
Configuring th e Switch-to-RADIUS-Server Communication 7-9
Enabling Periodic Re-Authentication 7-10
Manually Re-Authenticating a Client Connected to a Port 7-11
Changing the Quiet Period 7-11
Changing the Switch-to-Client Retransmission Time 7-12
Setting the Switch-to-Client Frame-Retransmission Number 7-13
Enabling Multiple Hosts 7-13
Resetting the 802.1X Configuration to the Default Values 7-14
CHAPTER
Displaying 802.1X Statistics and Status 7-14
8 Configuring Interface Characteristics 8-1
Understanding Interface Types 8-1
Port-Based VLANs 8-2
Switch Ports 8-2
Access Ports 8-2
Trunk Ports 8-3
EtherChannel Por t Groups 8-3
Switch Virtual Interfaces 8-4
Routed Ports 8-4
Connecting Interfaces 8-5
Using the Interface Command 8-6
Procedures for Configuring Interfaces 8-7
Configuring a Range of Interfaces 8-9
Configuring and Using Interface Range Macros 8-11
Configuring Layer 2 Interfaces 8-12
Default Layer 2 Ethernet Interface Configuration 8-13
Configuring Interface Speed and Duplex Mode 8-14
Configuration Guidelines 8-14
Setting the Interface Speed and Duplex Parameters 8-14
78-11194-03
Catalyst 3550 Multilayer Switch Software Configuration Guide
ix
Contents
Configuring IEEE 802.3X Flow Control 8-16
Adding a Descripti on for an Interface 8-17
Monitoring and Maintaining the Layer 2 Interface 8-18
Monitoring Interface and Controller Status 8-18
Clearing and Reset ting Interfaces and Counters 8-20
Shutting Down and Restarting the Interface 8-21
Configuring Layer 3 Interfaces 8-22
CHAPTER
9 Creating and Maintaining VLANs 9-1
Understanding VLANs 9-1
Number of Supported VLANs 9-2
VLAN Port Membership Modes 9-3
Using the VLAN Trunki ng Protocol 9-3
The VTP Domain and VTP Modes 9-4
VTP Advertisements 9-5
VTP Version 2 9-6
VTP Pruning 9-6
Configuring VTP 9-8
Default VTP Confi guration 9-8
VTP Configuration Guidelines 9-8
Configuring a VTP Server 9-10
Configuring a VTP Client 9-11
Disabling VTP (VTP Transparent Mode) 9-11
Enabling VTP Version 2 9-12
Enabling VTP Pruning 9-13
Monitoring VTP 9-13
VLANs in the VTP Database 9-15
Token Ring VLANs 9-15
Default VLAN Configuration 9-15
VLAN Configuration Guidelines 9-16
Configuring VLANs in the VTP Database 9-17
Adding an Ethernet VLAN 9-17
Modifying an Ethernet VLAN 9-18
Deleting a VLAN from th e Database 9-18
Assigning St at ic-Access Port s to a VLAN 9-19
Displaying VLANs in the VTP Database 9-21
Understanding VLAN Trunks 9-22
Trunking Overview 9-22
Encapsulat io n Ty pes 9-23
Catalyst 3550 Multilayer Switch Software Configuration Guide
x
78-11194-03
802.1Q Configura tion Considerations 9-24
Default Layer 2 Ethernet Inte rfa c e VL A N Co nf ig ur ation 9-24
Configuring an Ethernet Interface as a Trunk Port 9-25
Configuring a Trunk Port 9-25
Defining the Allo w e d V LA N s on a Tr un k 9-27
Changing the Pruning-Eligible List 9-28
Configuring the Native VLAN for Untagged Traffi c 9-29
Load Sharing Using STP 9-29
Load Sharing Using STP Port Priorities 9-30
Configuring STP Port Priorities and Load Sharing 9-30
Load Sharing Using STP Path Cost 9-32
Configuring STP Path Costs and Load Sharing 9-32
Understanding VMPS 9-33
Dynamic Port VLAN Membership 9-34
VMPS Databa se Co nfiguration Fi le 9-34
VMPS Configuration Guidelines 9-36
Default VMPS Configuration 9-37
Configuring an I nterface as a Layer 2 Dynamic Access Port 9-37
Entering the IP Address of the VMPS 9-37
Configuring Dynamic Access Ports on VMPS Clients 9-38
Reconfirming VLAN Memberships 9-39
Changing the Reconfirmation Interval 9-39
Changing the Retry Count 9-39
Administering and Monitoring the VMPS 9-40
Troubleshooting Dynamic Port VLAN Membership 9-40
Dynamic Port VLAN Membershi p Configuration Example 9-40
Contents
CHAPTER
78-11194-03
10 Configuring STP 10-1
Understanding Basic STP Features 10-1
Supported STP Instances 10-2
STP Overview 10-2
Bridge ID, Switch Priority, and Extended System ID 10-3
Election of the Root Switch 10-3
Bridge Protocol Data Units 10-4
STP Timers 10-5
Creating the STP Top ology 10-5
STP Interface States 10-6
Blocking State 10-7
Listening State 10-7
Catalyst 3550 Multilayer Switch Software Configuration Guide
xi
Contents
Learning State 10-7
Forwarding State 10-8
Disabled State 10-8
STP Address Management 10-8
STP and IEEE 802.1Q Tr unks 10-8
VLAN-Bridge STP 10-9
STP and Redundant Connectivity 10-9
Accelerated Aging to Retain Connectivity 10-10
Understanding Advanced STP Features 10-10
Understanding Port Fast 10-10
Understanding BPD U Guard 10-11
Understanding UplinkFast 10-12
Understanding Cross-Stack UplinkFast 10-13
How CSUF Works 10-14
Events that Cause Fast Convergence 10-15
Limitations 10-16
Connecting the Stack Ports 10-16
Understanding BackboneFast 10-18
Understanding Root Guard 10-20
Understanding EtherChannel Guard 10-20
Configuring Basic STP Features 10-21
Default STP Confi guration 10-21
Disabling STP 10-22
Configuring the Root Switch 10-22
Configuring a Sec ondary Root Switch 10-24
Configuring STP Port Priority 10-26
Configuring STP Path Cost 10-27
Configuring the Switch Priority of a VLAN 10-28
Configuring the Hello Time 10-29
Configuring th e Forwarding-Delay Time for a VLAN 10-29
Configuring th e Maximum-Aging Time for a VLAN 10-30
Configuring STP for Use in a Cascaded Stack 10-30
Displaying STP Status 10-31
Configuring Advanced STP Features 10-32
Configuring Port Fast 10-32
Configuring BPDU Gu ard 10-33
Configuring Upl inkFast for Use with Redundant Links 10-34
Configuring Cross-Stack UplinkFast 10-35
Configuring BackboneFast 10-36
xii
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Configuring Root Guard 10-36
Enabling EtherChannel Guard 10-37
Contents
CHAPTER
11 Configuring IGMP Snooping and MVR 11-1
Understanding IGMP Snooping 11-1
Joining a Multicast Group 11-2
Leaving a Multicast Group 11-4
Immediate-Leave Processing 11-4
Configuring IGMP Snooping 11-5
Default IGMP Snoo ping Configuration 11-5
Enabling or Disabling IGMP Snooping 11-5
Setting the Snoopi ng Method 11-6
Configuring a Multicast Router Port 11-7
Configuring a Host Statically to Join a Group 11-8
Enabling IGMP Immedi ate-Leave Processing 11-9
Displaying IGMP Sno oping Information 11-9
Understanding Multicast VLAN Registration 11-12
Using MVR in a Multicast Television Application 11-12
Configuring MV R 11-14
Configuration Guidelines and Limitations 11-14
Default MVR Configuration 11-15
Configuring MVR Global Parameters 11-15
Configuring MVR Interfaces 11-16
CHAPTER
78-11194-03
Displaying MVR Information 11-18
Configuring IGMP Filtering 11-20
Default IGMP Filtering Configuration 11-20
Configuring IGMP Profiles 11-20
Applying IGMP Profil es 11-22
Setting the Maximum Number of IGMP Groups 11-23
Displaying IGMP Filtering Configuration 11-24
12 Configuring Port-Based Traffic Control 12-1
Configuring Sto rm Control 12-1
Understanding Storm Control 12-1
Default Storm Control Configuration 12-3
Enabling Storm Control 12-3
Disabling Storm Control 12-4
Configuring Protected Ports 12-5
Catalyst 3550 Multilayer Switch Software Configuration Guide
xiii
Contents
Configuring Port Blocking 12-6
Blocking Floode d Traffic on an Interface 12-6
Resuming Normal Forwarding on a Port 12-7
Configuring Port Security 12-8
Understanding Po rt Security 12-8
Default Port Security Configuration 12-9
Configuratio n Guidelines 12-9
Enabling and Configuring Port Security 12-9
Displaying Port -Based Traffic Control Settings 12-11
CHAPTER
CHAPTER
13 Configuring CDP 13-1
Understanding CDP 13-1
Configuring CDP 13-2
Default CDP Config uration 13-2
Configuring the CDP Characteristics 13-2
Disabling and Enabling CDP 13-3
Disabling and Enabling CDP on an Interface 13-4
Monitoring and Maintaining CDP 13-5
14 Configuring UDLD 14-1
Understanding UDLD 14-1
Configuring UDLD 14-3
Default UDLD Configuration 14-3
Enabling UDLD Globally 14-3
Enabling UDLD on an Interface 14-4
Resetting an Interf ace Shut Down by UDLD 14-4
Displaying UDLD Status 14-5
CHAPTER
xiv
15 Configuring SPAN 15-1
Understanding SPA N 15-1
SPAN Concepts and Terminology 15-2
SPAN Session 15-2
Traffic Types 15-3
Source Port 15-4
Destination Por t 15-4
VLAN-Based SPAN 15-5
SPAN Traffic 15-5
SPAN Interaction with Other Features 15-5
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Configuring SPAN 15-6
Default SPAN Config uration 15-7
SPAN Configuration Guidelines 15-7
Creating a SPAN Session and Specifying Ports to Monitor 15-8
Removing Ports from a SPAN Se ss io n 15-10
Specifying VLANs to Monitor 15-11
Specifying VLANs to Filter 15-12
Displaying SPAN Status 15-13
Contents
CHAPTER
CHAPTER
16 Configuring RMON 16-1
Understanding RMON 16-1
Configuring RMON 16-2
Default RMON Configuration 16-3
Configuring RMON Alarms and Events 16-3
Configuring RMON Col lection on an Interface 16-5
Displaying RMON Status 16-6
17 Configuring System Message Logging 17-1
Understanding System Message Logging 17-1
Configuring System Message Logging 17-2
System Log Message Format 17-2
Default System Message Logging Configuration 17-3
Disabling and Enabling Message Logging 17-4
Setting the Message D isplay Destination Device 17-4
Synchronizing Log Messages 17-6
Enabling and Disa bling Timestamps on Log Messages 17-7
Enabling and Disabling Sequence Numbers in Log Messag es 17-8
Defining the Message Severity Level 17-8
Limiting Syslog Messages Sent to the History Table and to SNMP 17-10
Configuring UNIX Syslog Servers 17-10
Logging Messages to a UNIX Syslog Daemon 17-11
Configuring the UNIX System Logging Facility 17-11
78-11194-03
Displaying the Lo gging Configuration 17-12
Catalyst 3550 Multilayer Switch Software Configuration Guide
xv
Contents
CHAPTER
CHAPTER
18 Configuring SNMP 18-1
Understanding SNMP 18-1
SNMP Versions 18-2
SNMP Manager Functions 18-2
SNMP Agent Fu nc ti on s 18-3
SNMP Community Strings 18-3
Using SNMP to Access MIB Variables 18-3
Configuring SNMP 18-4
Default SNMP Configuration 18-4
Disabling the SNMP Agent 18-5
Configuring Commun ity Strings 18-5
Configuring Trap Managers and Enabling Traps 18-7
Setting the Agent Co ntact and Location Information 18-9
Limiting TFTP Servers Used Through SNMP 18-9
SNMP Exampl es 18-10
Displaying SNMP Status 18-10
19 Configuring Network Security with ACLs 19-1
Understanding ACLs 19-1
Supported ACLs 19-2
Router ACLs 19-2
VLAN Maps 19-3
Handling Fragmented and Unfragmented Traffic 19-4
Configuring Router ACLs 19-5
Hardware and Software Handling of Router ACLs 19-5
Unsupported Features 19-6
Creating Standard and Extended IP ACLs 19-6
Access List Numbers 19-7
Creating a Numbered Standard ACL 19-8
Creating a Numbered Extended ACL 19-9
Creating Named Standard and Extended ACLs 19-14
Applying Time Ranges to ACLs 19-15
Including Comments About Entries in ACLs 19-18
Applying the ACL to an Int erface or Terminal Line 19-18
Displaying ACLs and Access Groups 19-20
ACL Configuration Examples 19-22
Numbered ACLs 19-24
Extended ACLs 19-24
Named ACLs 19-24
xvi
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Time Range Applied to an IP ACL 19-25
Commented IP ACL Entries 19-25
ACL Logging 19-26
Configuring VLAN Map s 19-27
VLAN Map Configuration Guidelines 19-28
Creating Named MAC Extended ACLs 19-28
Creating a VLAN Map 19-30
Examples of ACLs and VLAN Maps 19-30
Applying a VLAN Map to a VLAN 19-32
Displaying VLAN Map Information 19-33
Using VLAN Maps in Your Netwo rk 19-33
Wiring Closet Configuration 19-34
Denying Access to a Server on Another VLAN 19-35
Using VLAN Maps with Router ACLs 19-36
Guidelines 19-36
Determining if the ACL Configuration Fits in Hardware 19-37
Examples of Router ACLs an d VLAN Maps Applied to VLANs 19-39
ACLs and Switched Packets 19-39
ACLs and Bridged Packets 19-40
ACLs and Routed Packets 19-41
ACLs and Multicast Packets 19-42
Contents
CHAPTER
20 Configuring QoS 20-1
Understanding QoS 20-1
Basic QoS Model 20-3
Classification 20-4
Classification Based on QoS ACLs 20-7
Classification Based on Class Maps and Policy Maps 20-7
Policing and Marking 20-8
Mapping Tables 20-11
Queueing and Scheduling 20-12
Queueing and Scheduling on Gigabit-Capable Ports 20-12
Queueing and Scheduling on 10/100 Ethernet Ports 20-15
Packet Modific a tion 20-17
Configuring QoS 20-18
Default QoS Config uration 20-18
Configuration Guidelines 20-20
Enabling QoS Globally 20-21
Configuring Classification Using Port Trust States 20-21
78-11194-03
Catalyst 3550 Multilayer Switch Software Configuration Guide
xvii
Contents
Configuring the Trust State on Ports within the QoS Domain 20-22
Configuring the CoS Value for an Interface 20-24
Configuring th e DSCP Trust State on a Port Bordering Another QoS Domain 20-25
Configuring a QoS Policy 20-26
Classifying Tr affic by Using ACLs 20-27
Classifying Tr affic by Using Class Maps 20-30
Classifying, Policing, and Marking Traffic by Using Policy Maps 20-32
Classifying, Policing, and Marking Traffic by Using Aggregate Policers 20-37
Configuring DSCP Maps 20-39
Configuring the CoS-to-DSCP Map 20-39
Configuring the IP-Precedence-to-DSCP Map 20-40
Configuring the Policed-DSCP Map 20-41
Configuring the DSCP-to-CoS Map 20-42
Configuring th e DSCP-to-DSCP-Mutation Map 20-43
Configuring Egress Queues on Gigabit-Capable Ethernet Ports 20-44
Mapping CoS Values to Select Egress Queues 20-45
Configuring the Egress Queue Size Ratios 20-46
Configuring Tai l-Drop Threshold Percentages 20-47
Configuring WRED Drop Thresholds Percentages 20-48
Configuring the Egress Expedite Queue 20-50
Allocating Bandwidth among Egress Queues 20-50
Configuring Egress Queues on 10/100 Ethernet Ports 20-51
Mapping CoS Values to Select Egress Queues 20-52
Configuring th e Mi nimum-Reserve Levels 20-53
Configuring the Egress Expedite Queue 20-54
Allocating Bandwidth among Egress Queues 20-54
CHAPTER
xviii
Displaying QoS Information 20-56
QoS Configuration Examples 20-56
QoS Configuration for the Common Wiring Closet 20-57
QoS Configuration for the Intelligent Wiring Closet 20-58
QoS Configuration for the Distribution Layer 20-59
21 Configuring EtherChannel 21-1
Understanding EtherChannel 21-1
Understanding Po rt-Channel Interfaces 21-2
Understanding th e Port Aggregation Protocol 21-3
PAgP Modes 21-4
Physical Learners and Aggregate-Port Learners 21-5
PAgP Interaction with Other Features 21-5
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Understanding Load Balancing and Forwarding Methods 21-5
Configuring EtherChannel 21-7
Default EtherCha nnel Configuration 21-7
EtherChannel Con figuration Guidelines 21-8
Configuring Layer 2 EtherChannels 21-9
Configuring Layer 3 EtherChannels 21-11
Creating Port-Channel Logical Interfaces 21-11
Configuring the Physical Interfaces 21-12
Configuring EtherChannel Load Balancin g 21-13
Configuring the PAgP Learn Method and Priority 21-14
Displaying EtherChannel and PAgP Status 21-16
Contents
CHAPTER
22 Configuring IP Unicast Routing 22-1
Understanding Routing 22-2
Steps for Configuring Routing 22-3
Configuring IP Addressing 22-4
Default Addressi ng Configuration 22-4
Assigning IP Addresses to Network Interfaces 22-5
Use of Subnet Zero 22-8
Classless Routing 22-8
Configuring Address Resolution Methods 22-10
Define a Static ARP Cache 22-11
Set ARP Encapsulation 22-12
Enable Proxy AR P 22-13
Routing Assistance When IP Routing is Disabled 22-14
Proxy ARP 22-14
Default Gateway 22-15
ICMP Router Discovery Protocol (IRDP) 22-15
Configuring Broadcast Packet Handling 22-17
Enabling Directed Broadcast-to-Physical Broadcast Translation 22-17
Forwarding UDP Broadcast Packets and Protocols 22-18
Establishing an IP Broadcast Address 22-20
Flooding IP Broadcasts 22-20
Monitoring and Maintaining IP Addressing 22-21
78-11194-03
Enabling IP Routing 22-24
Configuring RIP 22-25
RIP Authentication 22-28
Summary Addresses and Split Horizon 22-28
Catalyst 3550 Multilayer Switch Software Configuration Guide
xix
Contents
Configuring IGRP 22-30
Load Balanci ng an d Traffic Distribution Cont ro l 22-31
Split Horizon 22-34
Configuring OSPF 22-35
OSPF Interface Parameters 22-38
OSPF Area Parameters 22-39
Other OSPF Behavior Parameters 22-41
Change LSA Group Pacing 22-43
Loopback Interface 22-43
Monitoring OSPF 22-44
Configuring EI GRP 22-46
EIGRP Router Mode Commands 22-48
EIGRP Interface Mode Commands 22-49
Configure EIGRP Ro ute Authentication 22-50
Monitoring and Maintaining EIGRP 22-51
CHAPTER
Configuring Protocol-Independent Features 22-53
Configuring Ci sco Express Forwarding 22-53
Configuring the Number of Equal-Cost Routing Paths 22-54
Configuring Static Routes 22-55
Specifying Default Routes 22-56
Specifying a Default Network 22-56
Redistributing Routing Information 22-57
Filtering Rou tin g Info r m at ion 22-61
Setting Passive Interfaces 22-61
Controlling Advertising and Processing in Routing Updates 22-62
Filtering Sources of Routing Information 22-62
Managing Authentication Keys 22-63
Monitoring and Maintaining the IP Network 22-64
23 Configuring HSRP 23-1
Understanding HSRP 23-1
Configuring HSRP 23-3
Default HSRP Configuration 23-4
Enabling HSRP 23-4
Configuring HSRP Group Attributes 23-6
Configuring HSRP Priority 23-6
Configuring HSRP Authentication and Timers 23-8
Configuring HSRP Groups and Clustering 23-9
xx
Displaying HSRP Configurations 23-10
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Contents
CHAPTER
24 Configuring IP Multicast Routing 24-1
Cisco Implementation of IP Multicast Routing 24-2
Understanding IGMP 24-3
IGMP Version 1 24-3
IGMP Version 2 24-4
Understanding PIM 24-5
PIM Versions 24-5
PIM Modes 24-5
Auto-RP 24-8
Bootstrap Router 24-8
Multicast Forwar ding and Reverse Path Check 24-9
Neighbor Discove ry 24-10
Understanding DVMRP 24-11
DVMRP Neighbor Discovery 24-11
DVMRP Route Table 24-11
DVMRP Source Distribution Tree 24-11
Understanding CGMP 24-11
Joining a Group with CGMP 24-12
Leaving a Group with CG MP 24-13
Configuring IP Multicast Routing 24-13
Default Multicast Routing Configuration 24-13
Multicast Routing Configuration Guidelines 24-14
PIMv1 and PIMv2 Interoperability 24-14
Auto-RP and BSR Configuration Guidelines 24-15
Configuring Basic Multicast Routing 24-15
Configuring a Rendezvous Point 24-17
Manually Assigning an RP to Multicast Groups 24-17
Configuring Auto-RP 24-18
Configuring PI Mv2 BSR 24-22
Using Auto-RP and a BSR 24-27
Monitoring the RP Mapping Information 24-27
Troubleshooting PIMv1 and PIMv2 Interoperability Problems 24-28
Configuring Adva nced PIM Features 24-28
Understanding PIM Shared Tree and Source Tree 24-28
Delaying the Use of PIM Shortest-Path Tree 24-29
Modifying the PIM Router-Query Message Interval 24-30
Configuring Opt ional IGMP Features 24-31
Default IGMP Configuration 24-31
Changing the IGMP Version 24-32
78-11194-03
Catalyst 3550 Multilayer Switch Software Configuration Guide
xxi
Contents
Changing the IGMP Query Timeout for IGMPv2 24-32
Changing the Maximum Que ry Response Time for IGMPv2 24-33
Configuring the Multilayer Switch as a Member of a Group 24-34
Controlling Access to IP Multicast Groups 24-35
Modifying the IGMP Host-Query Message Interval 24-36
Configuring the Multilayer Switch as a Statically Connected Member 24-36
Configuring Optional Multicast Routing Features 24-37
Enabling CGMP Server Support 24-38
Configuring sdr Listener Support 24-39
Enabling sdr Listener Support 24-39
Limiting How Long an sdr Cache Entry Exists 24-39
Configuring the TTL Threshold 24-40
Configuring an IP Multicast Boundary 24-42
Configuring Basic DVMRP Interoperability Features 24-43
Configuring DVMRP I nteroperability 24-44
Controlling Unicast Route Advertisements 24-44
Configuring a DVMRP Tu nnel 24-46
Advertising Network 0.0.0.0 to DVMRP Neighbors 24-48
Responding to mrinfo Requests 24-49
CHAPTER
Configuring Advanced DVMRP Interoperability Features 24-50
Enabling DVMRP Unicast Routing 24-50
Rejecting a DVMRP Nonpr uning Neighbor 24-51
Controlling Route Exchanges 24-53
Limiting the Number of DVMRP Routes Advertised 24-53
Changing the DVMRP Rout e Threshold 24-54
Configuring a DVMRP Su mmary Address 24-54
Disabling DVMRP Autosummarization 24-56
Adding a Metric Offset t o the DVMRP Route 24-56
Monitoring and Maintaining IP Multicast Routing 24-57
Clearing Caches, Tables, and Databases 24-58
Displaying System and Network Statistics 24-58
Monitoring IP Multicast Routing 24-59
25 Configuring MSDP 25-1
Understanding MSDP 25-1
MSDP Operation 25-2
MSDP Benefits 25-3
xxii
Configuring MSDP 25-4
Default MSDP Configuration 25-4
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Configuring a Def ault MSDP Peer 25-4
Caching Source-Active State 25-6
Requesting Sourc e Information from an MSDP Peer 25-8
Controlling Source Information that Your Switch Originates 25-8
Redistributing Sources 25-9
Filtering Sou rc e- A ctive Request M es s ag e s 25-11
Controlling Source Information that Your Switch Forwards 25-12
Using a Filter 25-12
Using TTL to Limit the Multicast Data Sent in SA Messages 25-14
Controlling Source Information that Your Switch Receives 25-14
Configuring an MSDP Mes h Group 25-16
Shutting Down an MSDP Peer 25-16
Including a Bordering PIM Dense-Mode Region in MSDP 25-17
Configuring an Originating Address other than the RP Address 25-18
Monitoring and Maintaining MSDP 25-19
Contents
CHAPTER
CHAPTER
26 Configuring Fallback Bridging 26-1
Understanding Fallback Bridging 26-1
Configuring Fallback Bridging 26-3
Default Fallback Bridging Configuration 26-3
Creating a Bridge Group 26-4
Preventing the Forwarding of Dynamically Learned Stations 26-5
Configuring the Bridge Table Aging Time 26-6
Filtering Fram e s by a Sp e cific MAC Addre ss 26-6
Adjusting Spanning-Tree Parameters 26-7
Changing the Switch Priority 26-8
Changing the Interface Priority 26-8
Assigning a Pa th Co st 26-9
Adjusting BPDU Intervals 26-10
Disabling the Spa nning Tree on an Interface 26-12
Monitoring and Maintaining the Network 26-12
27 Troubleshooting 27-1
Using Recovery Procedures 27-1
Recovering from Corrupted Software 27-2
Recovering from a Lost or Forgotten Password 27-3
Password Recovery with Password Recovery Enable d 27-3
Procedure with Password Recovery Disabled 27-5
78-11194-03
Catalyst 3550 Multilayer Switch Software Configuration Guide
xxiii
Contents
Recovering from a Command Switch Failure 27-7
Replacing a Failed Command Switch with a Cluster Member 27-7
Replacing a Failed Command Switch with Another Switch 27-9
Recovering from Lost Member Connectivity 27-10
Preventing Auton egotiation Mismatches 27-10
Diagnosing Connec tivity Problems 27-11
Understanding Ping 27-11
Executing Ping 27-11
Understanding IP Traceroute 27-12
Executing IP Traceroute 27-13
Using Debug Commands 27-14
Enabling Debuggi ng on a Specific Feature 27-14
Enabling All-System Diagnostics 27-15
Redirecting Debu g and Error Message Output 27-15
Using the show forward Command 27-15
APPENDIX
APPENDIX
Using the crashinfo File 27-17
A Supported MIBs A-1
MIB List A-1
Using FTP to Access th e MI B Files A-2
B Working with the IOS File System, Configuration Files, and Software Images B-1
Working with th e Fl ash File System B-1
Displaying Available File Systems B-2
Setting the Default File System B-3
Displaying Information about Files on a File System B-3
Changing Directo ries and Displaying the Working Directory B-3
Creating and Removing Directories B-4
Copying Files B-4
Deleting Files B-5
Creating, Displaying, and Extracting tar Files B-6
Creating a tar File B-6
Displaying the Co ntents of a tar File B-6
Extracting a ta r Fil e B-7
Displaying the Contents of a File B-8
xxiv
Working with Configuration Files B-8
Guidelines for Creating and Using Configuration Files B-9
Configuration File Types and Location B-9
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Creating a Configuration File By Using a Text Editor B-10
Copying Configuration Files By Using TFTP B-10
Preparing to Download or Upload a Configuration File By Using TFTP B-10
Downloading the Configuration File By Using TFTP B-11
Uploading the Configuration File By Using TFTP B-12
Copying Configuration Files By Using FTP B-12
Preparing to Download or Upload a Configuration File By Using FTP B-13
Downloading a Configuration File By Using FTP B-13
Uploading a Confi guration File By Using FTP B-15
Copying Configuration Files By Using RCP B-16
Preparing to Download or Upload a Configuration File By Using RCP B-16
Downloading a Configuration File By Using RCP B-17
Uploading a Confi guration File By Using RCP B-18
Clearing Configuration Information B-19
Clearing the St a rtu p Co nfiguration Fi le B-19
Deleting a Stored Configuration File B-19
Contents
APPENDIX
Working with So ft w a re Ima g es B-19
Image Location on the Switch B-20
tar File Format of Images on a Server or Cisco.com B-20
Copying Image Files By Using TFTP B-21
Preparing to Downl oad or Upload an Image File By Using TFTP B-22
Downloading an Image File By Using TFTP B-22
Uploading an Image Fi le By Using TFTP B-24
Copying Image Files By Using FTP B-25
Preparing to Downl oad or Upload an Image File By Using FTP B-25
Downloading an Image File By Using FTP B-26
Uploading an Image Fi le By Using FTP B-28
Copying Image Files By Using RCP B-29
Preparing to Downl oad or Upload an Image File By Using RCP B-29
Downloading an Image File By Using RCP B-30
Uploading an Image File By Using RCP B-32
C Unsupported CLI Commands C-1
Access Control Lists C-1
Unsupported Privileged EXEC Commands C-1
78-11194-03
ARP Commands C-1
Unsupported Global Configuration Commands C-1
Unsupported Interface Configuration Commands C-1
Catalyst 3550 Multilayer Switch Software Configuration Guide
xxv
Contents
FallBack Bridging C-2
Unsupported Privileged EXEC Commands C-2
Unsupported Global Configuration Commands C-2
Unsupported Interface Configuration Commands C-2
HSRP C-3
Unsupported Global Configuration Commands C-3
Unsupported Interface Configuration Commands C-3
Interface Configuration Commands C-4
IP Multicast Routing C-4
Unsupported Privileged EXEC Commands C-4
Unsupported Global Configuration Commands C-4
Unsupported Interface Configuration Commands C-5
IP Unicast Routing C-5
Unsupported Privileged EXEC or User EXEC Commands C-5
Unsupported Global Configuration Commands C-5
Unsupported Interface Configuration Commands C-6
Unsupported VPN Conf iguration Commands C-6
Unsupported VRF Configuration Commands C-6
Unsupported Route Map Commands C-6
I
NDEX
MSDP C-7
Unsupported Privileged EXEC Commands C-7
Unsupported Global Configuration Commands C-7
RADIUS C-7
Unsupported Global Configuration Commands C-7
xxvi
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Audience
Purpose
Preface
This guide is for the network ing profe ssional man aging the Ca talyst 355 0 switch, he reafter referred t o
as the switch or the multilayer switch. Before using this guide, you should have experience working with
the Cisco IOS and be familiar with the concepts and term inolo g y of Et hernet and local area networking.
This guide provides the information you need to configure Layer 2 and Layer 3 software features on your
switch. The Catalyst 3550 switch is supported by either th e standard multilayer so ftware image ( SMI)
or the enhanced multilayer software image (EMI). The EMI provides a richer set of enterprise-class
features, including hardware-based IP unicast and multicast routing, inter-VLAN routing, routed access
control lists (ACL s), and the Hot Standby Router Protocol (HSRP). All Catalyst 3550 Gigabit Ethernet
switches are shipped with the EMI pre-installed. Catalyst 3550 Fast Ethernet switches are shipped with
either the SMI or the E MI pre-installed . After initial deployment, you can order the En hanced Multilay er
Software Image Upg rad e kit to u pgrad e Ca talyst 3550 Fa st E therne t sw it ches from ru nning the SMI t o
the EMI.
This guide provides procedures for using the commands that have been created or changed for use with
the Catalyst 3550 switch. It does not provide detailed information about these commands. For detailed
information about t hese co mman ds, refe r to the C atalyst 3550 Multilayer Switch Command Reference
for this release. For information about the standard IOS Release 12.1 commands, refer to the IOS
documentation set available from the Cisco.com home page at Service and Support > Technical
Documents. On the Cisco Product Documenta tio n hom e page , sel ect Release 12.1 from the Cisco IOS
Software drop-do wn li st.
This guide also inc lude s an ov er vie w of the C lus ter Man agem e nt Suit e ( CM S) w eb- ba sed, swit ch
management interface , which helps yo u create an d manage c lusters of switches . This guide doe s not
provide field-level descriptions of the CMS windows nor does it provide the procedures for configuring
switches and switch clus ters f rom CMS. For all CMS windo w d escript ion s and proc edur es, refe r to th e
CMS online help, which is integrated with the software image.
This guide does not describe system message s you might enc ounter or how to in stall your switch. For
more information , refe r to the Catalyst 3550 Multilayer Switch System Message Guide for thi s r ele ase
and to the Catalyst 3550 Multilayer Switch Hardware Installation Guide.
78-11194-03
Catalyst 3550 Multilayer Switch Software Configuration Guide
xxvii
Organization
Organization
This guide is organized into these chapters:
Chapter 1, “Overview,” lists the software features of this relea se and pro vides exa mples of how the
switch can be deployed in a network.
Chapter 2 , “Using the Command-Line Int erface,” describes how to access th e co mm an d mo des, use the
command-line interface (CLI), and describes CLI messages that you might receive. It also describes how
to get help, abbreviate commands, use no and default forms of commands, use c om mand hist ory a nd
editing features, and how to searc h and fil ter the output of show and more commands .
Chapter 3, “Getting Started with CMS,” describes the Cluster Ma nagement Suite (CMS) w eb-based,
switch management interfa ce. For inform ation on con figuring you r web brow ser and acce ssing CMS,
refer to the release notes. For fi eld-level descriptions of all CMS windows and procedures for usi ng the
CMS windows, refer to the online help.
Chapter 4, “Assigning the Switch IP Address and Default Gateway,” describes how to create the initial
switch configuration (for example, assign the switch IP address and default gateway information) by
using a variety of automatic and manua l methods. It also describes how to modify the switch start up
configuration.
Chapter 5, “Clustering Switches,” describes swi tch clus ters and the consid eratio ns for cr eating an d
maintaining them. The online help provides the CMS procedures for configuring switch clusters.
Configuring switch clu sters i s m ost easi ly p er forme d thro ugh CMS; the refo re, CL I pro cedur es a re n ot
provided. Cluster commands are described in the Catalyst 3550 Multilayer Switch Command Refer e n ce.
Preface
Chapter 6, “Administering the Switch,” describes how to perform one -time ope rations to administer
your switch. It describes how to prevent unaut horiz ed access to your sw itch through t he use of
passwords, privilege leve ls, the Terminal Access Controller Acce ss Control Sys tem Plus (TACACS+),
and the Remote Authentication Dia l -In User Ser vi ce ( RADI US). I t also d escrib es ho w to set th e sy stem
date and time, system name an d prompt, cr eate a logi n banne r, how to manage the MAC addres s table,
and how to opt imi ze sy st em r eso urce s f or user-sel ect ed f eat ures .
Chapter 7, “ Configur ing 802.1X Port-Base d Authent ication, ” desc ribes how to conf igure 802.1X
port-based authentication to prevent unauthori ze d devices (clients) from gaini ng access to the network.
As LANs exten d to ho tel s, air port s, an d cor por a te lo bbi es, i nsecu re envi r onmen ts c ould be c re at ed.
Chapter 8, “Configuring Interface Characteristics,” defines the types of Layer 2 and Layer 3 interfaces
on the switch. It describes the interface command and p rovi des pr oc ed ures for conf i guri ng phy sica l
interfaces.
Chapter 9, “Creating and Maintaining VLANs,” describes how to create and maintain VLANs. It
includes information about VLAN modes, the VLAN Trunking Protocol (VTP) database, and the VLAN
Membership Policy Server (VMPS).
Chapter 10, “Conf igur ing ST P,” describes how to configure basic and ad vance d spanni ng -tree fe ature s.
Chapter 11, “Configur ing IG MP Snoopi n g and M VR,” describes how to configure Layer 2 Internet
Group Management Protocol (IGMP) snooping. It also describes Multicast VLAN Registration (MVR),
a local IGMP snooping feature available on the switch, and how to use IGMP filtering to control
multicast group membership.
Chapter 12, “Configuring Port-Based Traffic Control,” describes how to reduce traffic storms by setting
broadcast, multicas t, and uni cast storm- control t hresho ld levels; ho w to protec t ports from rece iving
traffic from other ports on a switch; how to block unk nown broa dcast an d unicast tr affic; and how to
configure port securi ty using sec ure MAC addresses.
xxviii
Chapter 13, “C onfi guri ng CDP,” describes how to configure Cisc o Di scove ry Prot ocol ( CD P) on your
switch.
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Preface
Organization
Chapter 14, “C onfi gu ring UD LD,” describes how to configure the UniDirectional Link Detection
(UDLD) feature. UDLD enables devices connected through fiber-optic or twisted-pair Ethernet cables
to monitor the physical configuration of the cables and detect when a unidirectional link exists.
Chapter 15, “Con figu ri ng SPAN,” describes how to configure Switch Port Analyzer (SPAN), which
selects network tr aff ic for analys is by a networ k analyz er such as a SwitchPr obe dev ice or othe r Remote
Monitoring (RMO N) p rob e. SPAN mirrors traffic received or se nt (or bo t h) on a sou rce po rt, or tra ffic
received on one or more sourc e ports or sour ce VLANs, to a destinatio n port.
Chapter 16, “C onfi guri ng RMO N,” desc ribe s h ow to c onf igur e re mote m on itori ng (RM O N). The
RMON feature, which is used with the Simple Network Management Protocol (SNMP) agent in the
switch, means tha t yo u c an m on ito r al l the tr affic flow ing am on g swit ches on a ll conn ec ted LAN
segments.
Chapter 17, “Configu ring System Me ssage Loggi ng,” de scribe s how to config ure sy stem m essage
logging. It describes the mes sage for mat, how to change th e message display desti nation dev ice, limi t
the type of messages sent, con figur e UN IX ser ve r syslo g daem on and de fine the UNIX syst em l oggi ng
facility, and timestamp messages.
Chapter 18, “C onfi guri ng SNMP,” describes how to config ure the Sim ple Ne two rk Ma nage ment
Protocol (SNMP). It describes how to configure community strings, enable trap managers and traps, set
the agent contact and location information, and how to limit TFTP servers used through SNMP.
Chapter 19, “Configu ring Net work Sec urity wi th ACLs,” descr ibes how to c on figur e ne twork se cu rity
on your switch using two types of access control lists (ACLs), router ACLs and VLAN maps. It describes
how to apply ACLs to interfaces and provides examples.
Chapter 20, “C onfi gu ring QoS,” describes how to configure quality of service (QoS) on your switch.
With this feature, you can provide prefe rentia l treatm ent to certa in type s traffic.
Chapter 21, “Configuring EtherChannel,” describes how to bundle a set of individual ports into a single
logical link on Layer 2 and Layer 3 interfaces.
Chapter 22, “Configuring IP Unicast Routing,” describes how to configuring IP unicast routing on your
switch, including con fig uri ng IP ad dressi ng fea ture s, Ro utin g Inform a tion Pr otoc ol ( RIP) , Int erior
Gateway Routing Protocol (IGRP), Open Shortest Path First (OSPF) protocol, and Enhanced IGRP
(EIGRP). To use this feature, you must have the enhanced multilayer software image installed on your
switch.
Chapter 23, “Configuring HSRP,” describes how to use Hot Standby Router Protocol (HSRP) to provide
routing redundancy for routing IP traffic without depending on the availability of any single router. To
use this feature, you must hav e the enha nced mul tilaye r software image i nstalle d on your swit ch.
Chapter 24, “Configu ring IP Mul ticast Rou ting,” how to configuring IP multicast routing. It describes
how to use an d confi gu re t he Int erne t G r oup Man ag emen t Pro t ocol (I GMP) , Proto co l-Ind ep en dent
Multicast (PIM) protocol, Cisco Group Management Protocol (CGMP) server functionality, and how to
inter-operate between PIM and Distance Vector Multicast Routing Protocol (DVMRP) domains. To use
this feature, you must have the enhanced multilayer software image installed on your switch.
Chapter 25, “Configuring MSDP,” describes how to configure the Multicast Source Discovery Protocol
(MSDP), which is a mechanism to connect multiple PIM sparse-mode domains. To use this feature, you
must have the enhanced multilayer software image installed on your switch.
78-11194-03
Chapter 26, “Configu ring Fallbac k Bridging, ” descr ibe s ho w t o confi gu re f all bac k b ridg ing o n you r
switch. With fallback bridging, you can br idge non-I P protocols be tween VL AN bridge domains an d
routed ports. T o use t his feature, you must have the e nhanced multilayer softwa re image installed on your
switch
Chapter 27, “Troubleshooting,” describes how to identify and resolve software proble ms related t o the
IOS software.
Catalyst 3550 Multilayer Switch Software Configuration Guide
xxix
Conventions
Appendix A, “Supported MIBs,” lists the supported MIBs for this release and how t o use FT P to acc ess
the MIB files.
Appendix B, “Working with the IOS File System, Configuration Files, and Software Images,” describes
how to manipulate the Flash file system , how to copy con figurat ion file s, and how to arc hive (up load
and download) software i mages.
Appendix C, “U nsup port ed CL I Comma nds ,” lists the unsupported command-line interface (CLI)
commands that ar e displ aye d when yo u e nte r the qu esti on mar k ( ? ) at th e switc h pro mpt. T he
unsupported commands are listed by software feature and command mode.
Conventions
This publication uses these conventions to convey instructions and information:
Command descriptions use th ese con vent ions:
Preface
• Commands and keyw or ds ar e in bo ldface text.
• Arguments for which you supply val ues are in italic.
• Square brackets ([ ]) mean optional elements.
• Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.
• Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional
element.
Interactive ex am ples us e thes e conve ntions :
• Terminal sessions and system displays are in screen font.
• Information you ent er is in b oldface sc reen f ont .
• Nonprinting charac ters, such as passwor ds or tabs, ar e in angle bracke ts (< >).
Notes, cautions, and timesavers use these conventions and symbols:
Note Means reader take note. Notes contain he lpful sugg esti on s o r ref ere nces to m ate ria ls n ot c onta ine d
in this manual.
Caution Means read er be careful. In this situation, you might do something that could result equipment
damage or loss of data.
Timesaver Means the followin g will help you solv e a problem. The tips informa tion might not be
troubleshooting or e ven an a ction , but co uld be usefu l inf orm ati on.
xxx
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Loading...