Catalyst 3550 Multilayer Switch
Software Configuration Guide
Cisco IOS Release 12.1(8)EA1
February 2002
Corporate Headquarters
Cisco Systems, Inc. 170 West Tasman Drive
San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000
800 553-NETS (6387) Fax: 408 526-4100
Customer Order Number: DOC-7811194=
Text Part Number: 78-11194-03
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of C alifornia.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
AccessPath, AtmDirector, Browse with Me, CCIP, CCSI, CD-PAC, CiscoLink, the Cisco Powered Network logo, Cisco Systems Networking Academy, the Cisco Systems Networking Academy logo, Cisco Unity, Fast Step, Follow Me Browsing, FormShare, FrameShare, IGX, Internet Quotient, IP/VC, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, MGX, the Networkers logo, ScriptBuilder, ScriptShare, SMARTnet, TransPath, Voice LAN, Wavelength Router, and WebViewer are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and Discover All That’s Possible are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, FastHub, FastSwitch, GigaStack, IOS, IP/TV, LightStream, MICA, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0110R)
Catalyst 3550 Multilayer Switch Software Configuration Guide
Copyright © 2002, Cisco Systems, Inc.
All rights reserved.
C O N T E N T S
|
|
Preface xxvii |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Audience xxvii |
|
|
|
|
|
|
|
|
|
|
||
|
|
Purpose |
xxvii |
|
|
|
|
|
|
|
|
|
|
|
|
|
Organization |
xxviii |
|
|
|
|
|
|
|
|
|
|
|
|
|
Conventions |
xxx |
|
|
|
|
|
|
|
|
|
|
|
|
|
Related Publications |
xxxi |
|
|
|
|
|
|
|
|
|||
|
|
Obtaining Documentation |
xxxi |
|
|
|
|
|
|
|
||||
|
|
World Wide Web |
xxxi |
|
|
|
|
|
|
|
|
|||
|
|
Documentation CD-ROM |
xxxi |
|
|
|
|
|
|
|||||
|
|
Ordering Documentation |
xxxii |
|
|
|
|
|
|
|||||
|
|
|
Documentation Feedback |
xxxii |
|
|
|
|
|
|||||
|
|
Obtaining Technical Assistance |
|
xxxii |
|
|
|
|
|
|||||
|
|
Cisco.com |
xxxiii |
|
|
|
|
|
|
|
|
|
|
|
|
|
Technical Assistance Center |
xxxiii |
|
|
|
|
|
||||||
|
|
|
Cisco TAC Web Site |
xxxiii |
|
|
|
|
|
|
||||
|
|
|
Cisco TAC Escalation Center |
xxxiv |
|
|
|
|
|
|||||
|
Overview |
|
|
|
|
|
|
|
|
|
|
|
|
|
C H A P T E R 1 |
1-1 |
|
|
|
|
|
|
|
|
|
|
|
||
|
|
Features |
1-1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Management Options |
1-5 |
|
|
|
|
|
|
|
|
|
||
|
|
Management Interface Options |
1-5 |
|
|
|
|
|
||||||
|
|
Advantages of Using CMS and Clustering Switches |
1-6 |
|
|
|
||||||||
|
|
Network Configuration Examples |
1-7 |
|
|
|
|
|
|
|||||
|
|
Design Concepts |
1-7 |
|
|
|
|
|
|
|
|
|
||
|
|
Small to Medium-Sized Network Using Mixed Switches |
1-11 |
|
|
|
||||||||
|
|
Large Network Using Only Catalyst 3550 Switches |
1-13 |
|
|
|
||||||||
|
|
Multidwelling Network Using Catalyst 3550 Switches |
1-14 |
|
|
|
||||||||
|
Using the Command-Line Interface |
|
|
|
|
|
|
|||||||
C H A P T E R 2 |
2-1 |
|
|
|
|
|
||||||||
|
|
IOS Command Modes |
2-1 |
|
|
|
|
|
|
|
|
|||
|
|
Getting Help |
2-3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Abbreviating Commands |
2-3 |
|
|
|
|
|
|
|
|
|||
|
|
Using no and default Forms of Commands 2-4 |
|
|
|
|
|
|||||||
|
|
|
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|||||
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
|
iii |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
|
|
|
|
Understanding CLI Messages |
2-4 |
|
|
|
|
||||
|
|
|
|
|
Using Command History |
2-5 |
|
|
|
|
|
|||
|
|
|
|
|
Changing the Command History Buffer Size 2-5 |
|||||||||
|
|
|
|
|
Recalling Commands |
2-5 |
|
|
|
|
|
|||
|
|
|
|
|
Disabling the Command History Feature |
2-5 |
|
|||||||
|
|
|
|
|
Using Editing Features 2-6 |
|
|
|
|
|
||||
|
|
|
|
|
Enabling and Disabling Editing Features |
2-6 |
|
|||||||
|
|
|
|
|
Editing Commands through Keystrokes |
2-6 |
|
|||||||
|
|
|
|
|
Editing Command Lines that Wrap |
2-8 |
|
|
||||||
|
|
|
|
|
Searching and Filtering Output of show and more Commands 2-8 |
|||||||||
|
|
|
|
|
Accessing the CLI |
2-9 |
|
|
|
|
|
|
||
|
|
Getting Started with CMS |
|
|
|
|
|
|
||||||
C H A P T E R 3 |
|
3-1 |
|
|
|
|
|
|||||||
|
|
|
|
|
Features |
3-2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Front Panel View |
3-4 |
|
|
|
|
|
|
||
|
|
|
|
|
Cluster Tree |
3-5 |
|
|
|
|
|
|
||
|
|
|
|
|
Front-Panel Images |
3-6 |
|
|
|
|
|
|||
|
|
|
|
|
|
Redundant Power System LED |
3-7 |
|
|
|||||
|
|
|
|
|
|
Port Modes and LEDs |
3-8 |
|
|
|
|
|||
|
|
|
|
|
|
VLAN Membership Modes |
3-9 |
|
|
|
||||
|
|
|
|
|
Topology View |
3-10 |
|
|
|
|
|
|
||
|
|
|
|
|
Topology Icons |
3-12 |
|
|
|
|
|
|
||
|
|
|
|
|
Device and Link Labels 3-13 |
|
|
|
|
|||||
|
|
|
|
|
Colors in the Topology View 3-14 |
|
|
|
||||||
|
|
|
|
|
Topology Display Options |
3-14 |
|
|
|
|||||
|
|
|
|
|
Menus and Toolbar |
3-15 |
|
|
|
|
|
|
||
|
|
|
|
|
Menu Bar |
3-15 |
|
|
|
|
|
|
||
|
|
|
|
|
Toolbar |
3-21 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Front Panel View Popup Menus |
3-22 |
|
|
||||||
|
|
|
|
|
|
Device Popup Menu |
3-22 |
|
|
|
|
|||
|
|
|
|
|
|
Port Popup Menu |
3-22 |
|
|
|
|
|||
|
|
|
|
|
Topology View Popup Menus |
3-23 |
|
|
|
|||||
|
|
|
|
|
|
Link Popup Menu |
3-23 |
|
|
|
|
|||
|
|
|
|
|
|
Device Popup Menus |
3-24 |
|
|
|
||||
|
|
|
|
|
Interaction Modes |
3-26 |
|
|
|
|
|
|
||
|
|
|
|
|
Guide Mode |
3-26 |
|
|
|
|
|
|
||
|
|
|
|
|
Expert Mode |
3-26 |
|
|
|
|
|
|
||
|
|
|
|
|
Wizards |
3-26 |
|
|
|
|
|
|
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|||||||
|
|
|
|
|
|
|
||||||||
|
iv |
|
|
|
|
|
|
|
|
|
|
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
Tool Tips 3-27 |
|
|
|
|
|
|
|
Online Help |
3-27 |
|
|
|
|
|
|
CMS Window Components |
3-28 |
|
||||
|
Host Name List |
3-28 |
|
|
|
||
|
Tabs, Lists, and Tables |
3-29 |
|
||||
|
Icons Used in Windows |
3-29 |
|
||||
|
Buttons |
3-29 |
|
|
|
|
|
|
Accessing CMS 3-30 |
|
|
|
|
||
|
Access Modes in CMS |
3-31 |
|
||||
|
HTTP Access to CMS |
|
3-31 |
|
|
||
|
Verifying Your Changes |
3-32 |
|
|
|||
|
Change Notification |
3-32 |
|
|
|||
|
Error Checking |
3-32 |
|
|
|
|
|
|
Saving Your Changes |
3-32 |
|
|
|
||
|
Using Different Versions of CMS |
3-33 |
|
||||
|
Where to Go Next |
3-33 |
|
|
|
|
|
|
Assigning the Switch IP Address and Default Gateway 4-1 |
||||||
C H A P T E R 4 |
|||||||
|
Understanding the Boot Process |
4-1 |
|
||||
|
Assigning Switch Information |
4-2 |
|
||||
|
Default Switch Information |
4-3 |
|
||||
|
Understanding DHCP-Based Autoconfiguration 4-3 |
||||||
|
DHCP Client Request Process |
4-4 |
|||||
|
Configuring the DHCP Server |
4-5 |
|||||
|
Configuring the TFTP Server |
4-5 |
|||||
|
Configuring the DNS |
4-6 |
|
||||
|
Configuring the Relay Device |
4-6 |
|||||
|
Obtaining Configuration Files |
4-7 |
|||||
|
Example Configuration |
4-8 |
|
Manually Assigning IP Information |
4-10 |
Checking and Saving the Running Configuration 4-10 |
|
Modifying the Startup Configuration |
4-12 |
Default Boot Configuration 4-12
Automatically Downloading a Configuration File 4-12
Specifying the Filename to Read and Write the System Configuration 4-13
|
Booting Manually 4-13 |
|
|
|
|
|
Booting a Specific Software Image |
4-14 |
|
|
|
|
Controlling Environment Variables |
4-15 |
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|||||
|
78-11194-03 |
|
|
v |
|
|
|
|
|
Contents
|
|
|
|
|
Scheduling a Reload of the Software Image |
4-17 |
|
|
|
|
||||
|
|
|
|
|
Configuring a Scheduled Reload 4-17 |
|
|
|
|
|
||||
|
|
|
|
|
Displaying Scheduled Reload Information |
4-18 |
|
|
|
|
||||
|
|
Clustering Switches |
|
|
|
|
|
|
|
|
|
|||
C H A P T E R 5 |
|
5-1 |
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
Understanding Switch Clusters |
5-2 |
|
|
|
|
|
|
||
|
|
|
|
|
Command Switch Characteristics |
5-2 |
|
|
|
|
|
|||
|
|
|
|
|
Standby Command Switch Characteristics |
5-3 |
|
|
|
|
||||
|
|
|
|
|
Candidate and Member Switches Characteristics |
5-3 |
|
|
||||||
|
|
|
|
|
Planning a Switch Cluster |
5-4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Automatic Discovery of Cluster Candidates and Members |
5-4 |
|
|||||||
|
|
|
|
|
Discovery through CDP Hops |
5-5 |
|
|
|
|
|
|||
|
|
|
|
|
Discovery through Non-CDP-Capable and Noncluster-Capable Devices 5-6 |
|||||||||
|
|
|
|
|
Discovery through Different VLANs |
5-7 |
|
|
|
|
||||
|
|
|
|
|
Discovery through the Same Management VLAN |
5-8 |
|
|
||||||
|
|
|
|
|
Discovery through Different Management VLANs |
5-9 |
|
|
||||||
|
|
|
|
|
Discovery through Routed Ports |
5-10 |
|
|
|
|
||||
|
|
|
|
|
Discovery of Newly Installed Switches 5-11 |
|
|
|
|
|||||
|
|
|
|
|
HSRP and Standby Command Switches |
5-12 |
|
|
|
|
||||
|
|
|
|
|
Virtual IP Addresses 5-13 |
|
|
|
|
|
|
|||
|
|
|
|
|
Automatic Recovery of Cluster Configuration |
5-13 |
|
|
||||||
|
|
|
|
|
Considerations for Cluster Standby Groups |
5-14 |
|
|
|
|||||
|
|
|
|
|
IP Addresses |
5-15 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Host Names |
5-16 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Passwords |
5-16 |
|
|
|
|
|
|
|
|
|
|
|
|
|
SNMP Community Strings |
5-16 |
|
|
|
|
|
|
||
|
|
|
|
|
TACACS+ 5-17 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Access Modes in CMS |
5-17 |
|
|
|
|
|
|
||
|
|
|
|
|
LRE Profiles |
5-17 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Availability of Switch-Specific Features in Switch Clusters |
5-18 |
|
|||||||
|
|
|
|
|
Creating a Switch Cluster |
5-18 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Enabling a Command Switch |
5-19 |
|
|
|
|
|
|
||
|
|
|
|
|
Adding Member Switches |
5-20 |
|
|
|
|
|
|
||
|
|
|
|
|
Creating a Cluster Standby Group |
5-22 |
|
|
|
|
|
|||
|
|
|
|
|
Verifying a Switch Cluster |
5-24 |
|
|
|
|
|
|
||
|
|
|
|
|
Using the CLI to Manage Switch Clusters 5-25 |
|
|
|
|
|||||
|
|
|
|
|
Catalyst 1900 and Catalyst 2820 CLI Considerations |
5-25 |
|
|
||||||
|
|
|
|
|
Using SNMP to Manage Switch Clusters |
5-26 |
|
|
|
|
||||
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|||||
|
vi |
|
|
|
|
|
|
|
|
|
|
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
C H A P T E R 6 |
Administering the Switch 6-1 |
|
|
Preventing Unauthorized Access to Your Switch |
6-1 |
|
Protecting Access to Privileged EXEC Commands |
6-2 |
|
Default Password and Privilege Level Configuration 6-3 |
|
|
Setting or Changing a Static Enable Password |
6-3 |
|
Protecting Enable and Enable Secret Passwords with Encryption 6-4 |
|
|
Disabling Password Recovery 6-5 |
|
|
Setting a Telnet Password for a Terminal Line |
6-6 |
|
Configuring Username and Password Pairs 6-7 |
|
|
Configuring Multiple Privilege Levels 6-8 |
|
|
Setting the Privilege Level for a Command |
6-8 |
|
|
|
|
||||
|
Changing the Default Privilege Level for Lines 6-9 |
|
|
|||||||
|
Logging into and Exiting a Privilege Level |
6-10 |
|
|
|
|
||||
|
Controlling Switch Access with TACACS+ |
|
6-10 |
|
|
|
|
|
||
|
Understanding TACACS+ 6-10 |
|
|
|
|
|
|
|
|
|
|
TACACS+ Operation |
6-12 |
|
|
|
|
|
|
|
|
|
Configuring TACACS+ |
6-13 |
|
|
|
|
|
|
|
|
|
Default TACACS+ Configuration |
6-13 |
|
|
|
|
|
|||
|
Identifying the TACACS+ Server Host and Setting the Authentication Key 6-13 |
|
|
|||||||
|
Configuring TACACS+ Login Authentication |
6-14 |
|
|
|
|
||||
|
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services |
6-16 |
|
|||||||
|
Starting TACACS+ Accounting |
|
6-17 |
|
|
|
|
|
||
|
Displaying the TACACS+ Configuration |
6-17 |
|
|
|
|
|
|||
|
Controlling Switch Access with RADIUS |
|
6-17 |
|
|
|
|
|
||
|
Understanding RADIUS |
6-18 |
|
|
|
|
|
|
|
|
|
RADIUS Operation 6-19 |
|
|
|
|
|
|
|
|
|
|
Configuring RADIUS |
6-19 |
|
|
|
|
|
|
|
|
|
Default RADIUS Configuration |
|
6-20 |
|
|
|
|
|
||
|
Identifying the RADIUS Server Host |
6-20 |
|
|
|
|
|
|||
|
Configuring RADIUS Login Authentication |
6-23 |
|
|
|
|
||||
|
Defining AAA Server Groups |
6-24 |
|
|
|
|
|
|
||
|
Configuring RADIUS Authorization for User Privileged Access and Network Services |
6-26 |
|
|||||||
|
Starting RADIUS Accounting |
6-27 |
|
|
|
|
|
|
||
|
Configuring Settings for All RADIUS Servers |
6-28 |
|
|
|
|
||||
|
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 6-28 |
|
|
|||||||
|
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 6-29 |
|
|
|||||||
|
Displaying the RADIUS Configuration |
|
6-30 |
|
|
|
|
|
||
|
Configuring the Switch for Local Authentication and Authorization 6-31 |
|
|
|||||||
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
||||
|
|
|
|
|
||||||
|
78-11194-03 |
|
|
|
|
|
|
|
vii |
|
|
|
|
|
|
|
|
|
|
Contents
|
|
|
Managing the System Time and Date |
|
6-32 |
|
|
|
|
|
||||
|
|
|
Understanding the System Clock |
|
6-32 |
|
|
|
|
|
||||
|
|
|
Understanding Network Time Protocol |
6-32 |
|
|
|
|
||||||
|
|
|
Configuring NTP |
6-34 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default NTP Configuration |
6-35 |
|
|
|
|
|
|
||||
|
|
|
Configuring NTP Authentication |
6-35 |
|
|
|
|
||||||
|
|
|
Configuring NTP Associations |
6-36 |
|
|
|
|
|
|||||
|
|
|
Configuring NTP Broadcast Service |
6-37 |
|
|
|
|||||||
|
|
|
Configuring NTP Access Restrictions |
6-38 |
|
|
|
|||||||
|
|
|
Configuring the Source IP Address for NTP Packets |
6-40 |
|
|||||||||
|
|
|
Displaying the NTP Configuration |
6-41 |
|
|
|
|
||||||
|
|
|
Configuring Time and Date Manually |
6-41 |
|
|
|
|
||||||
|
|
|
Setting the System Clock |
|
6-42 |
|
|
|
|
|
|
|||
|
|
|
Displaying the Time and Date Configuration |
6-42 |
|
|
||||||||
|
|
|
Configuring the Time Zone |
|
6-43 |
|
|
|
|
|
|
|||
|
|
|
Configuring Summer Time (Daylight Saving Time) |
6-44 |
|
|||||||||
|
|
|
Configuring a System Name and Prompt |
6-46 |
|
|
|
|
|
|||||
|
|
|
Default System Name and Prompt Configuration |
6-46 |
|
|
||||||||
|
|
|
Configuring a System Name |
6-46 |
|
|
|
|
|
|
||||
|
|
|
Configuring a System Prompt |
6-47 |
|
|
|
|
|
|
||||
|
|
|
Understanding DNS |
6-47 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default DNS Configuration |
|
6-48 |
|
|
|
|
|
|
|||
|
|
|
Setting Up DNS |
6-48 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Displaying the DNS Configuration |
6-49 |
|
|
|
|
||||||
|
|
|
Creating a Banner |
6-49 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default Banner Configuration |
6-49 |
|
|
|
|
|
|
||||
|
|
|
Configuring a Message-of-the-Day Login Banner |
6-50 |
|
|
||||||||
|
|
|
Configuring a Login Banner |
6-51 |
|
|
|
|
|
|
|
|||
|
|
|
Managing the MAC Address Table |
6-51 |
|
|
|
|
|
|
||||
|
|
|
Building the Address Table |
6-52 |
|
|
|
|
|
|
|
|||
|
|
|
MAC Addresses and VLANs |
6-52 |
|
|
|
|
|
|
||||
|
|
|
Default MAC Address Table Configuration |
|
6-53 |
|
|
|
||||||
|
|
|
Changing the Address Aging Time |
6-53 |
|
|
|
|
|
|||||
|
|
|
Removing Dynamic Address Entries |
6-54 |
|
|
|
|
|
|||||
|
|
|
Configuring MAC Address Notification Traps |
6-54 |
|
|
||||||||
|
|
|
Adding and Removing Static Address Entries |
6-56 |
|
|
||||||||
|
|
|
Displaying Address Table Entries |
6-57 |
|
|
|
|
|
|||||
|
|
|
Optimizing System Resources for User-Selected Features |
6-57 |
|
|||||||||
|
|
|
Using the Templates |
6-59 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
|
|
|
|
|
||||
|
viii |
|
|
|
|
|
|
|
|
|
|
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
C H A P T E R 7 |
Configuring 802.1X Port-Based Authentication |
7-1 |
|
Understanding 802.1X Port-Based Authentication |
7-1 |
|
Device Roles 7-2 |
|
|
Authentication Initiation and Message Exchange 7-3 |
|
|
Ports in Authorized and Unauthorized States |
7-4 |
|
Supported Topologies 7-4 |
|
Configuring 802.1X Authentication |
7-5 |
|
|
Default 802.1X Configuration 7-6 |
|
||
802.1X Configuration Guidelines |
7-7 |
|
|
Enabling 802.1X Authentication |
7-8 |
|
|
Configuring the Switch-to-RADIUS-Server Communication |
7-9 |
||
Enabling Periodic Re-Authentication 7-10 |
|
||
Manually Re-Authenticating a Client Connected to a Port |
7-11 |
||
Changing the Quiet Period |
7-11 |
|
|
Changing the Switch-to-Client Retransmission Time 7-12 |
|
||
Setting the Switch-to-Client Frame-Retransmission Number |
7-13 |
||
Enabling Multiple Hosts |
7-13 |
|
|
|
Resetting the 802.1X Configuration to the Default Values 7-14 |
|||||
|
Displaying 802.1X Statistics and Status |
7-14 |
|
|||
|
Configuring Interface Characteristics |
|
|
|||
C H A P T E R 8 |
8-1 |
|
||||
|
Understanding Interface Types |
8-1 |
|
|
||
|
Port-Based VLANs |
8-2 |
|
|
|
|
|
Switch Ports |
8-2 |
|
|
|
|
|
Access Ports |
8-2 |
|
|
|
|
|
Trunk Ports |
8-3 |
|
|
|
|
|
EtherChannel Port Groups |
8-3 |
|
|
||
|
Switch Virtual Interfaces |
8-4 |
|
|
||
|
Routed Ports |
8-4 |
|
|
|
|
|
Connecting Interfaces 8-5 |
|
|
|
||
|
Using the Interface Command |
8-6 |
|
|
||
|
Procedures for Configuring Interfaces 8-7 |
|
||||
|
Configuring a Range of Interfaces |
8-9 |
|
|||
|
Configuring and Using Interface Range Macros |
8-11 |
||||
|
Configuring Layer 2 Interfaces |
8-12 |
|
|
||
|
Default Layer 2 Ethernet Interface Configuration |
8-13 |
||||
|
Configuring Interface Speed and Duplex Mode |
8-14 |
|
Configuration Guidelines |
8-14 |
|
|
|
|
Setting the Interface Speed and Duplex Parameters 8-14 |
||||
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|
|||
|
78-11194-03 |
|
|
ix |
|
|
|
|
|
Contents
|
Configuring IEEE 802.3X Flow Control |
8-16 |
|
||||
|
Adding a Description for an Interface |
8-17 |
|
||||
|
Monitoring and Maintaining the Layer 2 Interface |
8-18 |
|||||
|
Monitoring Interface and Controller Status |
8-18 |
|||||
|
Clearing and Resetting Interfaces and Counters 8-20 |
||||||
|
Shutting Down and Restarting the Interface |
8-21 |
|||||
|
Configuring Layer 3 Interfaces 8-22 |
|
|
|
|||
|
Creating and Maintaining VLANs |
|
|
|
|
||
C H A P T E R 9 |
9-1 |
|
|
|
|||
|
Understanding VLANs |
9-1 |
|
|
|
|
|
|
Number of Supported VLANs |
9-2 |
|
|
|||
|
VLAN Port Membership Modes |
9-3 |
|
|
|||
|
Using the VLAN Trunking Protocol |
9-3 |
|
|
|||
|
The VTP Domain and VTP Modes |
9-4 |
|
|
|||
|
VTP Advertisements |
9-5 |
|
|
|
|
|
|
VTP Version 2 |
9-6 |
|
|
|
|
|
|
VTP Pruning |
9-6 |
|
|
|
|
|
|
|
|
Configuring VTP 9-8 |
|
|
|
|
|
|
|
|
|
|
Default VTP Configuration |
9-8 |
|
|
|
|||
|
|
|
VTP Configuration Guidelines |
9-8 |
|
|
|
|||
|
|
|
Configuring a VTP Server |
9-10 |
|
|
|
|||
|
|
|
Configuring a VTP Client |
9-11 |
|
|
|
|||
|
|
|
Disabling VTP (VTP Transparent Mode) |
9-11 |
|
|||||
|
|
|
Enabling VTP Version 2 |
9-12 |
|
|
|
|||
|
|
|
Enabling VTP Pruning |
9-13 |
|
|
|
|
||
|
|
|
Monitoring VTP |
9-13 |
|
|
|
|
|
|
|
|
|
VLANs in the VTP Database |
9-15 |
|
|
|
|
|
|
|
|
|
Token Ring VLANs |
9-15 |
|
|
|
|
|
|
|
|
|
Default VLAN Configuration |
9-15 |
|
|
|
|||
|
|
|
VLAN Configuration Guidelines |
9-16 |
|
|
|
|||
|
|
|
Configuring VLANs in the VTP Database |
9-17 |
|
|||||
|
|
|
Adding an Ethernet VLAN |
9-17 |
|
|
|
|||
|
|
|
Modifying an Ethernet VLAN |
9-18 |
|
|
|
|||
|
|
|
Deleting a VLAN from the Database |
9-18 |
|
|||||
|
|
|
Assigning Static-Access Ports to a VLAN |
9-19 |
|
|||||
|
|
|
Displaying VLANs in the VTP Database |
9-21 |
|
|||||
|
|
|
Understanding VLAN Trunks |
9-22 |
|
|
|
|
|
|
|
|
|
Trunking Overview |
9-22 |
|
|
|
|
|
|
|
|
|
Encapsulation Types |
9-23 |
|
|
|
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|||
|
|
|
|
|
|
|
||||
|
x |
|
|
|
|
|
|
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
Contents
802.1Q Configuration Considerations |
9-24 |
|
|
|
|
Default Layer 2 Ethernet Interface VLAN Configuration |
9-24 |
||||
Configuring an Ethernet Interface as a Trunk Port |
9-25 |
|
|||
Configuring a Trunk Port 9-25 |
|
|
|
|
|
Defining the Allowed VLANs on a Trunk |
9-27 |
|
|
||
Changing the Pruning-Eligible List |
9-28 |
|
|
|
|
Configuring the Native VLAN for Untagged Traffic |
9-29 |
||||
Load Sharing Using STP 9-29 |
|
|
|
|
|
Load Sharing Using STP Port Priorities |
9-30 |
|
|
||
Configuring STP Port Priorities and Load Sharing |
9-30 |
||||
Load Sharing Using STP Path Cost |
9-32 |
|
|
|
|
Configuring STP Path Costs and Load Sharing |
9-32 |
||||
Understanding VMPS 9-33 |
|
|
|
|
|
Dynamic Port VLAN Membership |
9-34 |
|
|
|
|
VMPS Database Configuration File |
9-34 |
|
|
|
|
VMPS Configuration Guidelines |
9-36 |
|
|
|
|
|
|
Default VMPS Configuration |
|
9-37 |
|
|
|
|
|
|
||
|
|
Configuring an Interface as a Layer 2 Dynamic Access Port |
9-37 |
|
|
|
||||||
|
|
Entering the IP Address of the VMPS |
9-37 |
|
|
|
|
|
||||
|
|
Configuring Dynamic Access Ports on VMPS Clients |
9-38 |
|
|
|
||||||
|
|
Reconfirming VLAN Memberships 9-39 |
|
|
|
|
|
|||||
|
|
Changing the Reconfirmation Interval |
9-39 |
|
|
|
|
|
||||
|
|
Changing the Retry Count |
9-39 |
|
|
|
|
|
|
|||
|
|
Administering and Monitoring the VMPS |
9-40 |
|
|
|
|
|
||||
|
|
Troubleshooting Dynamic Port VLAN Membership |
9-40 |
|
|
|
|
|||||
|
|
Dynamic Port VLAN Membership Configuration Example |
9-40 |
|
|
|
||||||
|
Configuring STP |
|
|
|
|
|
|
|
|
|
|
|
C H A P T E R 10 |
10-1 |
|
|
|
|
|
|
|
|
|
||
|
|
Understanding Basic STP Features |
10-1 |
|
|
|
|
|
|
|||
|
|
Supported STP Instances 10-2 |
|
|
|
|
|
|
||||
|
|
STP Overview 10-2 |
|
|
|
|
|
|
|
|
|
|
|
|
Bridge ID, Switch Priority, and Extended System ID |
10-3 |
|
|
|
|
|||||
|
|
Election of the Root Switch |
|
10-3 |
|
|
|
|
|
|
||
|
|
Bridge Protocol Data Units |
10-4 |
|
|
|
|
|
|
|||
|
|
STP Timers |
10-5 |
|
|
|
|
|
|
|
|
|
|
|
Creating the STP Topology |
10-5 |
|
|
|
|
|
|
|||
|
|
STP Interface States |
10-6 |
|
|
|
|
|
|
|
|
|
|
|
Blocking State |
10-7 |
|
|
|
|
|
|
|
|
|
|
|
Listening State |
10-7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|||
|
|
|
|
|
|
|
||||||
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
xi |
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
|
|
Learning State |
10-7 |
|
|
|
|
|
|
|
|
|
|
|
Forwarding State |
10-8 |
|
|
|
|
|
|
||
|
|
|
Disabled State |
10-8 |
|
|
|
|
|
|
|
|
|
|
|
STP Address Management |
|
10-8 |
|
|
|
|
|
||
|
|
|
STP and IEEE 802.1Q Trunks |
10-8 |
|
|
|
|
||||
|
|
|
VLAN-Bridge STP |
10-9 |
|
|
|
|
|
|
|
|
|
|
|
STP and Redundant Connectivity |
10-9 |
|
|
|
|||||
|
|
|
Accelerated Aging to Retain Connectivity |
10-10 |
|
|
||||||
|
|
|
Understanding Advanced STP Features |
|
10-10 |
|
|
|
||||
|
|
|
Understanding Port Fast |
10-10 |
|
|
|
|
|
|||
|
|
|
Understanding BPDU Guard |
10-11 |
|
|
|
|
||||
|
|
|
Understanding UplinkFast |
10-12 |
|
|
|
|
|
|||
|
|
|
Understanding Cross-Stack UplinkFast 10-13 |
|
|
|||||||
|
|
|
How CSUF Works |
10-14 |
|
|
|
|
|
|||
|
|
|
Events that Cause Fast Convergence |
10-15 |
|
|
||||||
|
|
|
Limitations |
10-16 |
|
|
|
|
|
|
|
|
|
|
|
Connecting the Stack Ports |
10-16 |
|
|
|
|||||
|
|
|
Understanding BackboneFast |
10-18 |
|
|
|
|
||||
|
|
|
Understanding Root Guard |
|
10-20 |
|
|
|
|
|||
|
|
|
Understanding EtherChannel Guard |
10-20 |
|
|
|
|||||
|
|
|
Configuring Basic STP Features |
|
10-21 |
|
|
|
|
|||
|
|
|
Default STP Configuration |
|
10-21 |
|
|
|
|
|
||
|
|
|
Disabling STP 10-22 |
|
|
|
|
|
|
|
|
|
|
|
|
Configuring the Root Switch |
10-22 |
|
|
|
|
||||
|
|
|
Configuring a Secondary Root Switch |
10-24 |
|
|
||||||
|
|
|
Configuring STP Port Priority |
10-26 |
|
|
|
|
||||
|
|
|
Configuring STP Path Cost |
|
10-27 |
|
|
|
|
|
||
|
|
|
Configuring the Switch Priority of a VLAN |
10-28 |
|
|
||||||
|
|
|
Configuring the Hello Time |
|
10-29 |
|
|
|
|
|||
|
|
|
Configuring the Forwarding-Delay Time for a VLAN |
10-29 |
|
|||||||
|
|
|
Configuring the Maximum-Aging Time for a VLAN |
10-30 |
|
|||||||
|
|
|
Configuring STP for Use in a Cascaded Stack 10-30 |
|
|
|||||||
|
|
|
Displaying STP Status |
10-31 |
|
|
|
|
|
|||
|
|
|
Configuring Advanced STP Features |
10-32 |
|
|
|
|||||
|
|
|
Configuring Port Fast |
10-32 |
|
|
|
|
|
|
||
|
|
|
Configuring BPDU Guard |
10-33 |
|
|
|
|
|
|||
|
|
|
Configuring UplinkFast for Use with Redundant Links |
10-34 |
|
|||||||
|
|
|
Configuring Cross-Stack UplinkFast |
10-35 |
|
|
|
|||||
|
|
|
Configuring BackboneFast |
|
10-36 |
|
|
|
|
|
||
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|||||
|
xii |
|
|
|
|
|
|
|
|
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
|
Configuring Root Guard |
10-36 |
|
|
|
|
|
|
|
|
|
|
|
Enabling EtherChannel Guard |
10-37 |
|
|
|
|
|
|
|||
|
Configuring IGMP Snooping and MVR |
|
|
|
|
|
|
|||||
C H A P T E R 11 |
11-1 |
|
|
|
|
|
||||||
|
|
Understanding IGMP Snooping |
11-1 |
|
|
|
|
|
|
|
||
|
|
Joining a Multicast Group |
11-2 |
|
|
|
|
|
|
|
||
|
|
Leaving a Multicast Group |
11-4 |
|
|
|
|
|
|
|
||
|
|
Immediate-Leave Processing |
|
11-4 |
|
|
|
|
|
|
|
|
|
|
Configuring IGMP Snooping |
11-5 |
|
|
|
|
|
|
|
|
|
|
|
Default IGMP Snooping Configuration |
11-5 |
|
|
|
|
|||||
|
|
Enabling or Disabling IGMP Snooping |
11-5 |
|
|
|
|
|||||
|
|
Setting the Snooping Method |
11-6 |
|
|
|
|
|
|
|||
|
|
Configuring a Multicast Router Port |
|
11-7 |
|
|
|
|
|
|||
|
|
Configuring a Host Statically to Join a Group |
11-8 |
|
|
|
||||||
|
|
Enabling IGMP Immediate-Leave Processing |
11-9 |
|
|
|
||||||
|
|
Displaying IGMP Snooping Information |
11-9 |
|
|
|
|
|
||||
|
|
Understanding Multicast VLAN Registration |
11-12 |
|
|
|
||||||
|
|
Using MVR in a Multicast Television Application 11-12 |
||||||||||
|
|
Configuring MVR 11-14 |
|
|
|
|
|
|
|
|
|
|
|
|
Configuration Guidelines and Limitations |
11-14 |
|
|
|
||||||
|
|
Default MVR Configuration |
11-15 |
|
|
|
|
|
|
|
||
|
|
Configuring MVR Global Parameters |
11-15 |
|
|
|
|
|||||
|
|
Configuring MVR Interfaces |
11-16 |
|
|
|
|
|
|
|
||
|
|
Displaying MVR Information |
11-18 |
|
|
|
|
|
|
|
|
|
|
|
Configuring IGMP Filtering |
11-20 |
|
|
|
|
|
|
|
|
|
|
|
Default IGMP Filtering Configuration |
11-20 |
|
|
|
|
|||||
|
|
Configuring IGMP Profiles |
11-20 |
|
|
|
|
|
|
|
||
|
|
Applying IGMP Profiles |
11-22 |
|
|
|
|
|
|
|
|
|
|
|
Setting the Maximum Number of IGMP Groups |
11-23 |
|
|
|
||||||
|
|
Displaying IGMP Filtering Configuration |
|
11-24 |
|
|
|
|
||||
|
Configuring Port-Based Traffic Control |
|
|
|
|
|
|
|||||
C H A P T E R 12 |
12-1 |
|
|
|
|
|
||||||
|
|
Configuring Storm Control |
12-1 |
|
|
|
|
|
|
|
|
|
|
|
Understanding Storm Control |
12-1 |
|
|
|
|
|
|
|
||
|
|
Default Storm Control Configuration |
|
12-3 |
|
|
|
|
||||
|
|
Enabling Storm Control |
12-3 |
|
|
|
|
|
|
|
|
|
|
|
Disabling Storm Control |
12-4 |
|
|
|
|
|
|
|
|
|
|
|
Configuring Protected Ports |
12-5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
||||
|
|
|
|
|
|
|||||||
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
xiii |
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
Configuring Port Blocking |
12-6 |
|
|
|
|
||||
|
Blocking Flooded Traffic on an Interface |
12-6 |
||||||||
|
Resuming Normal Forwarding on a Port |
12-7 |
|
|||||||
|
Configuring Port Security |
12-8 |
|
|
|
|
||||
|
Understanding Port Security |
12-8 |
|
|
|
|||||
|
Default Port Security Configuration |
12-9 |
|
|||||||
|
Configuration Guidelines |
12-9 |
|
|
|
|||||
|
Enabling and Configuring Port Security |
12-9 |
|
|||||||
|
Displaying Port-Based Traffic Control Settings |
12-11 |
||||||||
|
Configuring CDP |
|
|
|
|
|
|
|
|
|
C H A P T E R 13 |
13-1 |
|
|
|
|
|
|
|
|
|
|
Understanding CDP |
13-1 |
|
|
|
|
|
|
||
|
Configuring CDP |
13-2 |
|
|
|
|
|
|
|
|
|
Default CDP Configuration |
13-2 |
|
|
|
|||||
|
Configuring the CDP Characteristics |
13-2 |
|
|||||||
|
Disabling and Enabling CDP |
13-3 |
|
|
|
|||||
|
Disabling and Enabling CDP on an Interface |
13-4 |
||||||||
|
Monitoring and Maintaining CDP |
13-5 |
|
|
|
|||||
|
Configuring UDLD |
|
|
|
|
|
|
|
|
|
C H A P T E R 14 |
14-1 |
|
|
|
|
|
|
|
||
|
Understanding UDLD |
|
14-1 |
|
|
|
|
|
||
|
Configuring UDLD |
14-3 |
|
|
|
|
|
|
||
|
Default UDLD Configuration |
14-3 |
|
|
|
|||||
|
Enabling UDLD Globally |
14-3 |
|
|
|
|
||||
|
Enabling UDLD on an Interface |
14-4 |
|
|
||||||
|
Resetting an Interface Shut Down by UDLD |
14-4 |
||||||||
|
Displaying UDLD Status |
14-5 |
|
|
|
|
|
|||
|
Configuring SPAN |
|
|
|
|
|
|
|
|
|
C H A P T E R 15 |
15-1 |
|
|
|
|
|
|
|
||
|
Understanding SPAN |
15-1 |
|
|
|
|
|
|||
|
SPAN Concepts and Terminology |
15-2 |
|
|
||||||
|
SPAN Session |
|
15-2 |
|
|
|
|
|
||
|
Traffic Types |
15-3 |
|
|
|
|
|
|||
|
Source Port |
|
15-4 |
|
|
|
|
|
||
|
Destination Port |
15-4 |
|
|
|
|
||||
|
VLAN-Based SPAN |
15-5 |
|
|
|
|
||||
|
SPAN Traffic |
15-5 |
|
|
|
|
|
|
|
|
SPAN Interaction with Other Features |
15-5 |
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|
|
|
|
xiv |
|
|
78-11194-03 |
|
|
|
|
|
Contents
|
Configuring SPAN |
15-6 |
|
|
|
|
|
|
|
Default SPAN Configuration |
15-7 |
|
|
|
|||
|
SPAN Configuration Guidelines |
15-7 |
|
|
|
|||
|
Creating a SPAN Session and Specifying Ports to Monitor |
15-8 |
||||||
|
Removing Ports from a SPAN Session |
15-10 |
|
|
||||
|
Specifying VLANs to Monitor |
15-11 |
|
|
|
|||
|
Specifying VLANs to Filter |
15-12 |
|
|
|
|
||
|
Displaying SPAN Status |
15-13 |
|
|
|
|
|
|
|
Configuring RMON |
|
|
|
|
|
|
|
C H A P T E R 16 |
16-1 |
|
|
|
|
|
|
|
|
Understanding RMON |
16-1 |
|
|
|
|
|
|
|
Configuring RMON |
16-2 |
|
|
|
|
|
|
|
Default RMON Configuration |
16-3 |
|
|
|
|||
|
Configuring RMON Alarms and Events |
16-3 |
|
|
||||
|
Configuring RMON Collection on an Interface 16-5 |
|
||||||
|
Displaying RMON Status |
16-6 |
|
|
|
|
|
|
|
Configuring System Message Logging |
|
|
|
||||
C H A P T E R 17 |
17-1 |
|
|
|||||
|
Understanding System Message Logging |
17-1 |
|
|
||||
|
Configuring System Message Logging |
17-2 |
|
|
||||
|
System Log Message Format |
17-2 |
|
|
|
|||
|
Default System Message Logging Configuration |
17-3 |
|
|||||
|
Disabling and Enabling Message Logging 17-4 |
|
|
|||||
|
Setting the Message Display Destination Device |
17-4 |
|
|||||
|
Synchronizing Log Messages |
17-6 |
|
|
|
|||
|
Enabling and Disabling Timestamps on Log Messages 17-7 |
|||||||
|
Enabling and Disabling Sequence Numbers in Log Messages |
17-8 |
||||||
|
Defining the Message Severity Level |
17-8 |
|
|
Limiting Syslog Messages Sent to the History Table and to SNMP 17-10
Configuring UNIX Syslog Servers |
17-10 |
|
Logging Messages to a UNIX Syslog Daemon |
17-11 |
|
Configuring the UNIX System Logging Facility |
17-11 |
|
Displaying the Logging Configuration |
17-12 |
|
Catalyst 3550 Multilayer Switch Software Configuration Guide
|
78-11194-03 |
xv |
|
Contents
C H A P T E R 18 |
Configuring SNMP 18-1 |
|
|
|
|
|
|
|
|
|
Understanding SNMP |
18-1 |
|
|
|
|
|
|
|
|
SNMP Versions |
18-2 |
|
|
|
|
|
|
|
|
SNMP Manager Functions |
|
18-2 |
|
|
|
|
||
|
SNMP Agent Functions |
18-3 |
|
|
|
|
|||
|
SNMP Community Strings |
|
18-3 |
|
|
|
|
||
|
Using SNMP to Access MIB Variables |
18-3 |
|
|
|||||
|
Configuring SNMP |
18-4 |
|
|
|
|
|
|
|
|
Default SNMP Configuration |
18-4 |
|
|
|
|
|||
|
Disabling the SNMP Agent |
18-5 |
|
|
|
|
|||
|
Configuring Community Strings 18-5 |
|
|
|
|
||||
|
Configuring Trap Managers and Enabling Traps |
18-7 |
|||||||
|
Setting the Agent Contact and Location Information |
18-9 |
|||||||
|
Limiting TFTP Servers Used Through SNMP |
18-9 |
|
|
|||||
|
SNMP Examples |
18-10 |
|
|
|
|
|
|
|
|
Displaying SNMP Status |
18-10 |
|
|
|
|
|
||
|
Configuring Network Security with ACLs |
|
|
|
|||||
C H A P T E R 19 |
19-1 |
|
|
||||||
|
Understanding ACLs |
19-1 |
|
|
|
|
|
|
|
|
Supported ACLs |
19-2 |
|
|
|
|
|
|
|
|
Router ACLs |
19-2 |
|
|
|
|
|
|
|
|
VLAN Maps |
19-3 |
|
|
|
|
|
|
|
|
Handling Fragmented and Unfragmented Traffic |
19-4 |
|||||||
|
Configuring Router ACLs |
19-5 |
|
|
|
|
|
||
|
Hardware and Software Handling of Router ACLs |
|
19-5 |
||||||
|
Unsupported Features |
19-6 |
|
|
|
|
|
||
|
Creating Standard and Extended IP ACLs |
19-6 |
|
|
|||||
|
Access List Numbers |
19-7 |
|
|
|
|
|||
|
Creating a Numbered Standard ACL |
19-8 |
|
|
|||||
|
Creating a Numbered Extended ACL |
19-9 |
|
|
|||||
|
Creating Named Standard and Extended ACLs |
19-14 |
|||||||
|
Applying Time Ranges to ACLs |
19-15 |
|
|
|
||||
|
Including Comments About Entries in ACLs |
19-18 |
|||||||
|
Applying the ACL to an Interface or Terminal Line |
|
19-18 |
||||||
|
Displaying ACLs and Access Groups |
19-20 |
|
|
|||||
|
ACL Configuration Examples |
19-22 |
|
|
|
|
|||
|
Numbered ACLs |
19-24 |
|
|
|
|
|
||
|
Extended ACLs |
19-24 |
|
|
|
|
|
|
|
|
Named ACLs |
19-24 |
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
||
|
|
|
|||
|
xvi |
|
|
78-11194-03 |
|
|
|
|
|
Contents
Time Range Applied to an IP ACL 19-25
Commented IP ACL Entries 19-25
ACL Logging 19-26
Configuring VLAN Maps |
19-27 |
|
VLAN Map Configuration Guidelines |
19-28 |
|
Creating Named MAC Extended ACLs |
19-28 |
|
Creating a VLAN Map |
19-30 |
|
|
Examples of ACLs and VLAN Maps |
19-30 |
|
||||
|
Applying a VLAN Map to a VLAN |
|
19-32 |
|
|
||
|
Displaying VLAN Map Information |
19-33 |
|
||||
|
Using VLAN Maps in Your Network |
19-33 |
|
||||
|
Wiring Closet Configuration |
|
19-34 |
|
|
||
|
Denying Access to a Server on Another VLAN 19-35 |
|
|||||
|
Using VLAN Maps with Router ACLs |
19-36 |
|
|
|||
|
Guidelines |
19-36 |
|
|
|
|
|
|
Determining if the ACL Configuration Fits in Hardware 19-37 |
||||||
|
Examples of Router ACLs and VLAN Maps Applied to VLANs |
19-39 |
|||||
|
ACLs and Switched Packets |
|
19-39 |
|
|
||
|
ACLs and Bridged Packets |
19-40 |
|
|
|||
|
ACLs and Routed Packets |
19-41 |
|
|
|||
|
ACLs and Multicast Packets |
|
19-42 |
|
|
||
|
Configuring QoS |
|
|
|
|
|
|
C H A P T E R 20 |
20-1 |
|
|
|
|
|
|
|
Understanding QoS |
20-1 |
|
|
|
|
|
|
Basic QoS Model |
20-3 |
|
|
|
|
|
|
Classification 20-4 |
|
|
|
|
||
|
Classification Based on QoS ACLs |
20-7 |
|
||||
|
Classification Based on Class Maps and Policy Maps |
20-7 |
|||||
|
Policing and Marking 20-8 |
|
|
|
|
||
|
Mapping Tables |
20-11 |
|
|
|
|
|
Queueing and Scheduling |
20-12 |
|
|
|
|
|
|
Queueing and Scheduling on Gigabit-Capable Ports |
20-12 |
|
|
|
||
|
Queueing and Scheduling on 10/100 Ethernet Ports |
20-15 |
|
|
|
||
|
Packet Modification |
20-17 |
|
|
|
|
|
|
Configuring QoS 20-18 |
|
|
|
|
|
|
|
Default QoS Configuration |
20-18 |
|
|
|
|
|
|
Configuration Guidelines |
20-20 |
|
|
|
|
|
|
Enabling QoS Globally |
20-21 |
|
|
|
|
|
|
Configuring Classification Using Port Trust States 20-21 |
|
|
|
|
||
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|
|
|
||||
|
78-11194-03 |
|
|
|
|
xvii |
|
|
|
|
|
|
|
Contents
Configuring the Trust State on Ports within the QoS Domain 20-22 |
|||
Configuring the CoS Value for an Interface |
20-24 |
||
Configuring the DSCP Trust State on a Port Bordering Another QoS Domain 20-25 |
|||
Configuring a QoS Policy |
20-26 |
|
|
Classifying Traffic by Using ACLs |
20-27 |
|
|
Classifying Traffic by Using Class Maps 20-30 |
|||
Classifying, Policing, and Marking Traffic by Using Policy Maps 20-32 |
|||
Classifying, Policing, and Marking Traffic by Using Aggregate Policers 20-37 |
|||
Configuring DSCP Maps |
20-39 |
|
|
Configuring the CoS-to-DSCP Map |
20-39 |
|
|
Configuring the IP-Precedence-to-DSCP Map |
20-40 |
||
Configuring the Policed-DSCP Map |
20-41 |
|
|
Configuring the DSCP-to-CoS Map |
20-42 |
|
|
|
|
|
|
Configuring the DSCP-to-DSCP-Mutation Map |
|
20-43 |
|
||||
|
|
|
|
|
Configuring Egress Queues on Gigabit-Capable Ethernet Ports 20-44 |
|||||||
|
|
|
|
|
Mapping CoS Values to Select Egress Queues |
|
20-45 |
|
||||
|
|
|
|
|
Configuring the Egress Queue Size Ratios |
20-46 |
|
|||||
|
|
|
|
|
Configuring Tail-Drop Threshold Percentages |
20-47 |
|
|||||
|
|
|
|
|
Configuring WRED Drop Thresholds Percentages |
20-48 |
|
|||||
|
|
|
|
|
Configuring the Egress Expedite Queue |
20-50 |
|
|
|
|||
|
|
|
|
|
Allocating Bandwidth among Egress Queues |
20-50 |
|
|||||
|
|
|
|
|
Configuring Egress Queues on 10/100 Ethernet Ports |
20-51 |
|
|||||
|
|
|
|
|
Mapping CoS Values to Select Egress Queues |
|
20-52 |
|
||||
|
|
|
|
|
Configuring the Minimum-Reserve Levels |
20-53 |
|
|||||
|
|
|
|
|
Configuring the Egress Expedite Queue |
20-54 |
|
|
|
|||
|
|
|
|
|
Allocating Bandwidth among Egress Queues |
20-54 |
|
|||||
|
|
|
|
|
Displaying QoS Information |
20-56 |
|
|
|
|
|
|
|
|
|
|
|
QoS Configuration Examples |
20-56 |
|
|
|
|
|
|
|
|
|
|
|
QoS Configuration for the Common Wiring Closet |
20-57 |
|
|||||
|
|
|
|
|
QoS Configuration for the Intelligent Wiring Closet |
|
20-58 |
|
||||
|
|
|
|
|
QoS Configuration for the Distribution Layer |
20-59 |
|
|
|
|||
|
|
Configuring EtherChannel |
|
|
|
|
|
|
||||
C H A P T E R 21 |
|
21-1 |
|
|
|
|
|
|||||
|
|
|
|
|
Understanding EtherChannel |
21-1 |
|
|
|
|
|
|
|
|
|
|
|
Understanding Port-Channel Interfaces |
21-2 |
|
|
|
|
||
|
|
|
|
|
Understanding the Port Aggregation Protocol |
21-3 |
|
|
|
|||
|
|
|
|
|
PAgP Modes |
21-4 |
|
|
|
|
|
|
|
|
|
|
|
Physical Learners and Aggregate-Port Learners |
|
21-5 |
|
||||
|
|
|
|
|
PAgP Interaction with Other Features |
21-5 |
|
|
|
|||
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|||
|
|
|
|
|
|
|
|
|
||||
|
xviii |
|
|
|
|
|
|
|
|
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
|
|
Contents
Understanding Load Balancing and Forwarding Methods 21-5 |
|
Configuring EtherChannel 21-7 |
|
Default EtherChannel Configuration |
21-7 |
EtherChannel Configuration Guidelines 21-8 |
|
Configuring Layer 2 EtherChannels |
21-9 |
Configuring Layer 3 EtherChannels |
21-11 |
|
|
Creating Port-Channel Logical Interfaces 21-11 |
|||||||||||
|
|
Configuring the Physical Interfaces |
21-12 |
|
|
|
|
||||||
|
|
Configuring EtherChannel Load Balancing |
21-13 |
|
|
|
|||||||
|
|
Configuring the PAgP Learn Method and Priority |
21-14 |
|
|
|
|||||||
|
|
Displaying EtherChannel and PAgP Status |
21-16 |
|
|
|
|
||||||
|
Configuring IP Unicast Routing |
|
|
|
|
|
|
|
|
||||
C H A P T E R 22 |
22-1 |
|
|
|
|
|
|
|
|||||
|
|
Understanding Routing |
22-2 |
|
|
|
|
|
|
|
|
||
|
|
Steps for Configuring Routing |
22-3 |
|
|
|
|
|
|
|
|||
|
|
Configuring IP Addressing |
|
22-4 |
|
|
|
|
|
|
|
||
|
|
Default Addressing Configuration |
22-4 |
|
|
|
|
|
|
||||
|
|
Assigning IP Addresses to Network Interfaces |
22-5 |
|
|
|
|||||||
|
|
Use of Subnet Zero |
22-8 |
|
|
|
|
|
|
|
|||
|
|
Classless Routing |
22-8 |
|
|
|
|
|
|
|
|||
|
|
Configuring Address Resolution Methods |
22-10 |
|
|
|
|
||||||
|
|
Define a Static ARP Cache |
22-11 |
|
|
|
|
|
|
||||
|
|
Set ARP Encapsulation |
22-12 |
|
|
|
|
|
|
||||
|
|
Enable Proxy ARP |
22-13 |
|
|
|
|
|
|
|
|||
|
|
Routing Assistance When IP Routing is Disabled |
22-14 |
|
|
|
|||||||
|
|
Proxy ARP |
22-14 |
|
|
|
|
|
|
|
|
|
|
|
|
Default Gateway |
|
22-15 |
|
|
|
|
|
|
|
||
|
|
ICMP Router Discovery Protocol (IRDP) |
22-15 |
|
|
|
|||||||
|
|
Configuring Broadcast Packet Handling |
22-17 |
|
|
|
|
||||||
|
|
Enabling Directed Broadcast-to-Physical Broadcast Translation 22-17 |
|||||||||||
|
|
Forwarding UDP Broadcast Packets and Protocols 22-18 |
|||||||||||
|
|
Establishing an IP Broadcast Address |
22-20 |
|
|
|
|||||||
|
|
Flooding IP Broadcasts |
22-20 |
|
|
|
|
|
|
||||
|
|
Monitoring and Maintaining IP Addressing |
22-21 |
|
|
|
|||||||
|
|
Enabling IP Routing |
22-24 |
|
|
|
|
|
|
|
|
|
|
|
|
Configuring RIP 22-25 |
|
|
|
|
|
|
|
|
|
|
|
|
|
RIP Authentication |
22-28 |
|
|
|
|
|
|
|
|
||
|
|
Summary Addresses and Split Horizon |
22-28 |
|
|
|
|
||||||
|
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|||
|
|
|
|
|
|
|
|
||||||
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
xix |
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
Configuring IGRP |
22-30 |
|
|
|
|
Load Balancing and Traffic Distribution Control 22-31 |
|||||
Split Horizon |
22-34 |
|
|
|
|
Configuring OSPF |
22-35 |
|
|
|
|
OSPF Interface Parameters |
22-38 |
|
|
||
OSPF Area Parameters 22-39 |
|
|
|||
Other OSPF Behavior Parameters |
22-41 |
|
|||
Change LSA Group Pacing |
22-43 |
|
|
||
Loopback Interface |
22-43 |
|
|
|
|
Monitoring OSPF |
22-44 |
|
|
|
|
Configuring EIGRP |
22-46 |
|
|
|
|
EIGRP Router Mode Commands 22-48 |
|
||||
EIGRP Interface Mode Commands |
22-49 |
||||
Configure EIGRP Route Authentication 22-50 |
|||||
Monitoring and Maintaining EIGRP |
22-51 |
||||
Configuring Protocol-Independent Features |
22-53 |
||||
Configuring Cisco Express Forwarding |
22-53 |
||||
Configuring the Number of Equal-Cost Routing Paths 22-54 |
|||||
Configuring Static Routes |
22-55 |
|
|
||
Specifying Default Routes |
22-56 |
|
|
||
Specifying a Default Network |
22-56 |
||||
Redistributing Routing Information |
22-57 |
||||
Filtering Routing Information |
22-61 |
|
|
Setting Passive Interfaces |
22-61 |
|
|
Controlling Advertising and Processing in Routing Updates 22-62 |
||
|
Filtering Sources of Routing Information 22-62 |
||
|
Managing Authentication Keys |
22-63 |
|
|
Monitoring and Maintaining the IP Network 22-64 |
||
|
Configuring HSRP |
|
|
C H A P T E R 23 |
23-1 |
|
|
|
Understanding HSRP 23-1 |
|
|
|
Configuring HSRP |
23-3 |
|
Default HSRP Configuration 23-4
Enabling HSRP 23-4
Configuring HSRP Group Attributes 23-6
Configuring HSRP Priority 23-6
|
|
|
Configuring HSRP Authentication and Timers |
23-8 |
|
|
|
|
Configuring HSRP Groups and Clustering 23-9 |
|
|
|
|
|
Displaying HSRP Configurations 23-10 |
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|
|
|
|
xx |
|
|
78-11194-03 |
|
|
|
|
|
Contents
C H A P T E R 24 |
Configuring IP Multicast Routing |
24-1 |
|
|
|
|
|
|
|
||||
|
|
Cisco Implementation of IP Multicast Routing |
24-2 |
|
|
|
|
||||||
|
|
Understanding IGMP |
|
24-3 |
|
|
|
|
|
|
|
|
|
|
|
IGMP Version 1 |
|
24-3 |
|
|
|
|
|
|
|
|
|
|
|
IGMP Version 2 |
|
24-4 |
|
|
|
|
|
|
|
|
|
|
|
Understanding PIM |
24-5 |
|
|
|
|
|
|
|
|
|
|
|
|
PIM Versions |
24-5 |
|
|
|
|
|
|
|
|
|
|
|
|
PIM Modes 24-5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Auto-RP 24-8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Bootstrap Router |
24-8 |
|
|
|
|
|
|
|
|
||
|
|
Multicast Forwarding and Reverse Path Check |
24-9 |
|
|
|
|||||||
|
|
Neighbor Discovery 24-10 |
|
|
|
|
|
|
|
|
|||
|
|
Understanding DVMRP |
24-11 |
|
|
|
|
|
|
|
|
||
|
|
DVMRP Neighbor Discovery |
24-11 |
|
|
|
|
|
|
||||
|
|
DVMRP Route Table |
24-11 |
|
|
|
|
|
|
|
|
||
|
|
DVMRP Source Distribution Tree |
24-11 |
|
|
|
|
|
|||||
|
|
Understanding CGMP |
24-11 |
|
|
|
|
|
|
|
|
||
|
|
Joining a Group with CGMP |
24-12 |
|
|
|
|
|
|
||||
|
|
Leaving a Group with CGMP |
24-13 |
|
|
|
|
|
|
||||
|
|
Configuring IP Multicast Routing |
24-13 |
|
|
|
|
|
|
|
|||
|
|
Default Multicast Routing Configuration |
24-13 |
|
|
|
|
||||||
|
|
Multicast Routing Configuration Guidelines |
24-14 |
|
|
|
|
||||||
|
|
PIMv1 and PIMv2 Interoperability |
|
24-14 |
|
|
|
|
|
||||
|
|
Auto-RP and BSR Configuration Guidelines 24-15 |
|||||||||||
|
|
Configuring Basic Multicast Routing |
24-15 |
|
|
|
|
|
|||||
|
|
Configuring a Rendezvous Point |
24-17 |
|
|
|
|
|
|
||||
|
|
Manually Assigning an RP to Multicast Groups |
24-17 |
|
|
|
|||||||
|
|
Configuring Auto-RP |
24-18 |
|
|
|
|
|
|
|
|
||
|
|
Configuring PIMv2 BSR |
24-22 |
|
|
|
|
|
|
|
|||
|
|
Using Auto-RP and a BSR |
24-27 |
|
|
|
|
|
|
|
|
||
|
|
Monitoring the RP Mapping Information |
24-27 |
|
|
|
|
||||||
|
|
Troubleshooting PIMv1 and PIMv2 Interoperability Problems 24-28 |
|||||||||||
|
|
Configuring Advanced PIM Features |
24-28 |
|
|
|
|
|
|
||||
|
|
Understanding PIM Shared Tree and Source Tree |
24-28 |
|
|
|
|||||||
|
|
Delaying the Use of PIM Shortest-Path Tree |
24-29 |
|
|
|
|
||||||
|
|
Modifying the PIM Router-Query Message Interval |
24-30 |
|
|
|
|||||||
|
|
Configuring Optional IGMP Features |
24-31 |
|
|
|
|
|
|
||||
|
|
Default IGMP Configuration |
24-31 |
|
|
|
|
|
|
|
|||
|
|
Changing the IGMP Version |
24-32 |
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
||||
|
|
|
|
|
|
|
|||||||
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
xxi |
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
|
|
|
|
Changing the IGMP Query Timeout for IGMPv2 |
24-32 |
|
|
||||||
|
|
|
|
|
Changing the Maximum Query Response Time for IGMPv2 |
24-33 |
|
|||||||
|
|
|
|
|
Configuring the Multilayer Switch as a Member of a Group |
24-34 |
|
|||||||
|
|
|
|
|
Controlling Access to IP Multicast Groups |
24-35 |
|
|
|
|||||
|
|
|
|
|
Modifying the IGMP Host-Query Message Interval |
24-36 |
|
|
||||||
|
|
|
|
|
Configuring the Multilayer Switch as a Statically Connected Member 24-36 |
|||||||||
|
|
|
|
|
Configuring Optional Multicast Routing Features |
|
24-37 |
|
|
|
||||
|
|
|
|
|
Enabling CGMP Server Support |
|
24-38 |
|
|
|
|
|
|
|
|
|
|
|
|
Configuring sdr Listener Support |
24-39 |
|
|
|
|
|
|
||
|
|
|
|
|
Enabling sdr Listener Support |
24-39 |
|
|
|
|
|
|||
|
|
|
|
|
Limiting How Long an sdr Cache Entry Exists |
24-39 |
|
|
||||||
|
|
|
|
|
Configuring the TTL Threshold |
24-40 |
|
|
|
|
|
|
||
|
|
|
|
|
Configuring an IP Multicast Boundary |
24-42 |
|
|
|
|
||||
|
|
|
|
|
Configuring Basic DVMRP Interoperability Features |
24-43 |
|
|
||||||
|
|
|
|
|
Configuring DVMRP Interoperability 24-44 |
|
|
|
|
|
||||
|
|
|
|
|
Controlling Unicast Route Advertisements |
24-44 |
|
|
|
|||||
|
|
|
|
|
Configuring a DVMRP Tunnel |
24-46 |
|
|
|
|
|
|
||
|
|
|
|
|
Advertising Network 0.0.0.0 to DVMRP Neighbors |
24-48 |
|
|
||||||
|
|
|
|
|
Responding to mrinfo Requests |
|
24-49 |
|
|
|
|
|
|
|
|
|
|
|
|
Configuring Advanced DVMRP Interoperability Features |
24-50 |
|
|
||||||
|
|
|
|
|
Enabling DVMRP Unicast Routing |
24-50 |
|
|
|
|
|
|||
|
|
|
|
|
Rejecting a DVMRP Nonpruning Neighbor |
24-51 |
|
|
|
|||||
|
|
|
|
|
Controlling Route Exchanges |
24-53 |
|
|
|
|
|
|
||
|
|
|
|
|
Limiting the Number of DVMRP Routes Advertised 24-53 |
|||||||||
|
|
|
|
|
Changing the DVMRP Route Threshold |
24-54 |
|
|
|
|||||
|
|
|
|
|
Configuring a DVMRP Summary Address |
24-54 |
|
|
||||||
|
|
|
|
|
Disabling DVMRP Autosummarization |
24-56 |
|
|
|
|||||
|
|
|
|
|
Adding a Metric Offset to the DVMRP Route |
24-56 |
|
|
||||||
|
|
|
|
|
Monitoring and Maintaining IP Multicast Routing |
|
24-57 |
|
|
|||||
|
|
|
|
|
Clearing Caches, Tables, and Databases |
24-58 |
|
|
|
|||||
|
|
|
|
|
Displaying System and Network Statistics |
24-58 |
|
|
|
|||||
|
|
|
|
|
Monitoring IP Multicast Routing |
24-59 |
|
|
|
|
|
|
||
|
|
Configuring MSDP 25-1 |
|
|
|
|
|
|
|
|
||||
C H A P T E R 25 |
|
|
|
|
|
|
|
|
|
|||||
|
|
|
|
|
Understanding MSDP |
25-1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
MSDP Operation |
25-2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
MSDP Benefits |
25-3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuring MSDP |
25-4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default MSDP Configuration |
25-4 |
|
|
|
|
|
|
||
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
|
|
|
|
|
||||
|
xxii |
|
|
|
|
|
|
|
|
|
|
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
Configuring a Default MSDP Peer |
25-4 |
|
|
Caching Source-Active State |
25-6 |
|
|
Requesting Source Information from an MSDP Peer 25-8 |
|
||
Controlling Source Information that Your Switch Originates |
25-8 |
||
Redistributing Sources |
25-9 |
|
|
Filtering Source-Active Request Messages 25-11 |
|
||
Controlling Source Information that Your Switch Forwards |
25-12 |
||
Using a Filter 25-12 |
|
|
|
Using TTL to Limit the Multicast Data Sent in SA Messages 25-14 |
|||
Controlling Source Information that Your Switch Receives |
25-14 |
||
Configuring an MSDP Mesh Group |
25-16 |
|
|
Shutting Down an MSDP Peer |
25-16 |
|
|
Including a Bordering PIM Dense-Mode Region in MSDP 25-17 |
||||
|
Configuring an Originating Address other than the RP Address |
25-18 |
|||
|
Monitoring and Maintaining MSDP |
25-19 |
|
|
|
|
Configuring Fallback Bridging |
|
|
|
|
C H A P T E R 26 |
26-1 |
|
|
||
|
Understanding Fallback Bridging |
26-1 |
|
|
|
|
Configuring Fallback Bridging |
26-3 |
|
|
|
|
Default Fallback Bridging Configuration |
26-3 |
|
||
|
Creating a Bridge Group |
26-4 |
|
|
|
|
Preventing the Forwarding of Dynamically Learned Stations |
26-5 |
|||
|
Configuring the Bridge Table Aging Time |
26-6 |
|
||
|
Filtering Frames by a Specific MAC Address 26-6 |
|
|||
|
Adjusting Spanning-Tree Parameters 26-7 |
|
Changing the Switch Priority |
26-8 |
Changing the Interface Priority |
26-8 |
Assigning a Path Cost 26-9 |
|
Adjusting BPDU Intervals 26-10 |
|
|
Disabling the Spanning Tree on an Interface |
26-12 |
|
|
|
|
|
|
Monitoring and Maintaining the Network |
26-12 |
|
|
|
|
|
Troubleshooting 27-1 |
|
|
|
|
|
|
C H A P T E R 27 |
|
|
|
|
|
||
|
|
Using Recovery Procedures 27-1 |
|
|
|
|
|
|
|
Recovering from Corrupted Software |
27-2 |
|
|
|
|
|
|
Recovering from a Lost or Forgotten Password |
27-3 |
|
|
|
|
|
|
Password Recovery with Password Recovery Enabled 27-3 |
|||||
|
|
Procedure with Password Recovery Disabled |
27-5 |
|
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
||
|
|
|
|||||
|
78-11194-03 |
|
|
|
|
xxiii |
|
|
|
|
|
|
|
Contents
|
|
Recovering from a Command Switch Failure |
27-7 |
|
||||
|
|
Replacing a Failed Command Switch with a Cluster Member |
27-7 |
|||||
|
|
Replacing a Failed Command Switch with Another Switch |
27-9 |
|||||
|
|
Recovering from Lost Member Connectivity |
27-10 |
|
||||
|
|
Preventing Autonegotiation Mismatches |
27-10 |
|
|
|||
|
|
Diagnosing Connectivity Problems |
27-11 |
|
|
|||
|
|
Understanding Ping |
27-11 |
|
|
|
|
|
|
|
Executing Ping |
27-11 |
|
|
|
|
|
|
|
Understanding IP Traceroute |
27-12 |
|
|
|||
|
|
Executing IP Traceroute 27-13 |
|
|
|
|
||
|
|
Using Debug Commands |
27-14 |
|
|
|
|
|
|
|
Enabling Debugging on a Specific Feature |
27-14 |
|
||||
|
|
Enabling All-System Diagnostics 27-15 |
|
|
||||
|
|
Redirecting Debug and Error Message Output 27-15 |
|
|||||
|
|
Using the show forward Command |
27-15 |
|
|
|||
|
|
Using the crashinfo File |
27-17 |
|
|
|
|
|
|
|
Supported MIBs A-1 |
|
|
|
|
|
|
A P P E N D I X |
A |
|
|
|
|
|
|
|
|
|
MIB List A-1 |
|
|
|
|
|
|
|
|
Using FTP to Access the MIB Files |
A-2 |
|
|
|
||
|
|
Working with the IOS File System, Configuration Files, and Software Images B-1 |
||||||
A P P E N D I X |
B |
|||||||
|
|
Working with the Flash File System |
B-1 |
|
|
|||
|
|
Displaying Available File Systems |
B-2 |
|
|
|||
|
|
Setting the Default File System |
B-3 |
|
|
|||
|
|
Displaying Information about Files on a File System B-3 |
|
|||||
|
|
Changing Directories and Displaying the Working Directory B-3 |
|
|||||
|
|
Creating and Removing Directories |
B-4 |
|
|
|||
|
|
Copying Files |
B-4 |
|
|
|
|
|
|
|
Deleting Files |
B-5 |
|
|
|
|
|
Creating, Displaying, and Extracting tar Files |
B-6 |
Creating a tar File |
B-6 |
Displaying the Contents of a tar File B-6 |
|
Extracting a tar File |
B-7 |
Displaying the Contents of a File B-8 |
|
|
|
Working with Configuration Files B-8 |
|
|
|
|
|
Guidelines for Creating and Using Configuration Files |
B-9 |
|
|
|
|
Configuration File Types and Location B-9 |
|
|
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
|
|
|
|
|
|
xxiv |
|
|
78-11194-03 |
|
|
|
|
|
Contents
|
|
Creating a Configuration File By Using a Text Editor |
B-10 |
|
|
|
|
|
||||
|
|
Copying Configuration Files By Using TFTP |
B-10 |
|
|
|
|
|
|
|||
|
|
Preparing to Download or Upload a Configuration File By Using TFTP |
B-10 |
|||||||||
|
|
Downloading the Configuration File By Using TFTP B-11 |
|
|
|
|
|
|||||
|
|
Uploading the Configuration File By Using TFTP |
B-12 |
|
|
|
|
|
||||
|
|
Copying Configuration Files By Using FTP |
B-12 |
|
|
|
|
|
|
|
||
|
|
Preparing to Download or Upload a Configuration File By Using FTP |
B-13 |
|||||||||
|
|
Downloading a Configuration File By Using FTP |
B-13 |
|
|
|
|
|
||||
|
|
Uploading a Configuration File By Using FTP |
B-15 |
|
|
|
|
|
||||
|
|
Copying Configuration Files By Using RCP |
B-16 |
|
|
|
|
|
|
|||
|
|
Preparing to Download or Upload a Configuration File By Using RCP |
B-16 |
|||||||||
|
|
Downloading a Configuration File By Using RCP |
B-17 |
|
|
|
|
|
||||
|
|
Uploading a Configuration File By Using RCP |
B-18 |
|
|
|
|
|
||||
|
|
Clearing Configuration Information |
B-19 |
|
|
|
|
|
|
|
|
|
|
|
Clearing the Startup Configuration File |
B-19 |
|
|
|
|
|
|
|||
|
|
Deleting a Stored Configuration File |
B-19 |
|
|
|
|
|
|
|
||
|
|
Working with Software Images |
B-19 |
|
|
|
|
|
|
|
|
|
|
|
Image Location on the Switch |
B-20 |
|
|
|
|
|
|
|
|
|
|
|
tar File Format of Images on a Server or Cisco.com |
B-20 |
|
|
|
|
|
||||
|
|
Copying Image Files By Using TFTP |
B-21 |
|
|
|
|
|
|
|
|
|
|
|
Preparing to Download or Upload an Image File By Using TFTP |
B-22 |
|
|
|
|
|||||
|
|
Downloading an Image File By Using TFTP |
B-22 |
|
|
|
|
|
||||
|
|
Uploading an Image File By Using TFTP |
B-24 |
|
|
|
|
|
|
|||
|
|
Copying Image Files By Using FTP |
B-25 |
|
|
|
|
|
|
|
|
|
|
|
Preparing to Download or Upload an Image File By Using FTP |
B-25 |
|
|
|
|
|||||
|
|
Downloading an Image File By Using FTP |
B-26 |
|
|
|
|
|
||||
|
|
Uploading an Image File By Using FTP |
B-28 |
|
|
|
|
|
|
|||
|
|
Copying Image Files By Using RCP |
B-29 |
|
|
|
|
|
|
|
|
|
|
|
Preparing to Download or Upload an Image File By Using RCP |
B-29 |
|
|
|
|
|||||
|
|
Downloading an Image File By Using RCP |
B-30 |
|
|
|
|
|
||||
|
|
Uploading an Image File By Using RCP |
B-32 |
|
|
|
|
|
|
|||
|
Unsupported CLI Commands C-1 |
|
|
|
|
|
|
|
|
|
|
|
A P P E N D I X C |
|
|
|
|
|
|
|
|
|
|
||
|
|
Access Control Lists C-1 |
|
|
|
|
|
|
|
|
|
|
|
|
Unsupported Privileged EXEC Commands |
C-1 |
|
|
|
|
|
|
|
||
|
|
ARP Commands C-1 |
|
|
|
|
|
|
|
|
|
|
|
|
Unsupported Global Configuration Commands |
C-1 |
|
|
|
|
|
|
|||
|
|
Unsupported Interface Configuration Commands |
C-1 |
|
|
|
|
|
||||
|
|
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
|
|
|
||||||
|
|
|
|
|||||||||
|
78-11194-03 |
|
|
|
|
|
|
|
|
|
xxv |
|
|
|
|
|
|
|
|
|
|
|
|
Contents
FallBack Bridging |
C-2 |
|
|
|
Unsupported Privileged EXEC Commands |
C-2 |
|
||
Unsupported Global Configuration Commands |
C-2 |
|||
Unsupported Interface Configuration Commands |
C-2 |
|||
HSRP |
C-3 |
|
|
|
Unsupported Global Configuration Commands |
C-3 |
|||
Unsupported Interface Configuration Commands |
C-3 |
|||
Interface Configuration Commands C-4 |
|
|
||
IP Multicast Routing |
C-4 |
|
|
|
Unsupported Privileged EXEC Commands |
C-4 |
|
||
Unsupported Global Configuration Commands |
C-4 |
|||
Unsupported Interface Configuration Commands |
C-5 |
|||
IP Unicast Routing |
C-5 |
|
|
|
Unsupported Privileged EXEC or User EXEC Commands C-5 |
||||
Unsupported Global Configuration Commands |
C-5 |
|||
Unsupported Interface Configuration Commands |
C-6 |
|||
Unsupported VPN Configuration Commands |
C-6 |
|||
Unsupported VRF Configuration Commands |
C-6 |
|||
Unsupported Route Map Commands C-6 |
|
|
||
MSDP |
C-7 |
|
|
|
Unsupported Privileged EXEC Commands |
C-7 |
|
||
Unsupported Global Configuration Commands |
C-7 |
|||
RADIUS |
C-7 |
|
|
|
Unsupported Global Configuration Commands |
C-7 |
I N D E X
Catalyst 3550 Multilayer Switch Software Configuration Guide
|
xxvi |
78-11194-03 |
|
|
|
This guide is for the networking professional managing the Catalyst 3550 switch, hereafter referred to as the switch or the multilayer switch. Before using this guide, you should have experience working with the Cisco IOS and be familiar with the concepts and terminology of Ethernet and local area networking.
This guide provides the information you need to configure Layer 2 and Layer 3 software features on your switch. The Catalyst 3550 switch is supported by either the standard multilayer software image (SMI) or the enhanced multilayer software image (EMI). The EMI provides a richer set of enterprise-class features, including hardware-based IP unicast and multicast routing, inter-VLAN routing, routed access control lists (ACLs), and the Hot Standby Router Protocol (HSRP). All Catalyst 3550 Gigabit Ethernet switches are shipped with the EMI pre-installed. Catalyst 3550 Fast Ethernet switches are shipped with either the SMI or the EMI pre-installed. After initial deployment, you can order the Enhanced Multilayer Software Image Upgrade kit to upgrade Catalyst 3550 Fast Ethernet switches from running the SMI to the EMI.
This guide provides procedures for using the commands that have been created or changed for use with the Catalyst 3550 switch. It does not provide detailed information about these commands. For detailed information about these commands, refer to the Catalyst 3550 Multilayer Switch Command Reference for this release. For information about the standard IOS Release 12.1 commands, refer to the IOS documentation set available from the Cisco.com home page at Service and Support > Technical Documents. On the Cisco Product Documentation home page, select Release 12.1 from the Cisco IOS Software drop-down list.
This guide also includes an overview of the Cluster Management Suite (CMS) web-based, switch management interface, which helps you create and manage clusters of switches. This guide does not provide field-level descriptions of the CMS windows nor does it provide the procedures for configuring switches and switch clusters from CMS. For all CMS window descriptions and procedures, refer to the CMS online help, which is integrated with the software image.
This guide does not describe system messages you might encounter or how to install your switch. For more information, refer to the Catalyst 3550 Multilayer Switch System Message Guide for this release and to the Catalyst 3550 Multilayer Switch Hardware Installation Guide.
Catalyst 3550 Multilayer Switch Software Configuration Guide
|
78-11194-03 |
xxvii |
|
Preface
Organization
This guide is organized into these chapters:
Chapter 1, “Overview,” lists the software features of this release and provides examples of how the switch can be deployed in a network.
Chapter 2, “Using the Command-Line Interface,” describes how to access the command modes, use the command-line interface (CLI), and describes CLI messages that you might receive. It also describes how to get help, abbreviate commands, use no and default forms of commands, use command history and editing features, and how to search and filter the output of show and more commands.
Chapter 3, “Getting Started with CMS,” describes the Cluster Management Suite (CMS) web-based, switch management interface. For information on configuring your web browser and accessing CMS, refer to the release notes. For field-level descriptions of all CMS windows and procedures for using the CMS windows, refer to the online help.
Chapter 4, “Assigning the Switch IP Address and Default Gateway,” describes how to create the initial switch configuration (for example, assign the switch IP address and default gateway information) by using a variety of automatic and manual methods. It also describes how to modify the switch startup configuration.
Chapter 5, “Clustering Switches,” describes switch clusters and the considerations for creating and maintaining them. The online help provides the CMS procedures for configuring switch clusters. Configuring switch clusters is most easily performed through CMS; therefore, CLI procedures are not provided. Cluster commands are described in the Catalyst 3550 Multilayer Switch Command Reference.
Chapter 6, “Administering the Switch,” describes how to perform one-time operations to administer your switch. It describes how to prevent unauthorized access to your switch through the use of passwords, privilege levels, the Terminal Access Controller Access Control System Plus (TACACS+), and the Remote Authentication Dial-In User Service (RADIUS). It also describes how to set the system date and time, system name and prompt, create a login banner, how to manage the MAC address table, and how to optimize system resources for user-selected features.
Chapter 7, “Configuring 802.1X Port-Based Authentication,” describes how to configure 802.1X port-based authentication to prevent unauthorized devices (clients) from gaining access to the network. As LANs extend to hotels, airports, and corporate lobbies, insecure environments could be created.
Chapter 8, “Configuring Interface Characteristics,” defines the types of Layer 2 and Layer 3 interfaces on the switch. It describes the interface command and provides procedures for configuring physical interfaces.
Chapter 9, “Creating and Maintaining VLANs,” describes how to create and maintain VLANs. It includes information about VLAN modes, the VLAN Trunking Protocol (VTP) database, and the VLAN Membership Policy Server (VMPS).
Chapter 10, “Configuring STP,” describes how to configure basic and advanced spanning-tree features.
Chapter 11, “Configuring IGMP Snooping and MVR,” describes how to configure Layer 2 Internet Group Management Protocol (IGMP) snooping. It also describes Multicast VLAN Registration (MVR), a local IGMP snooping feature available on the switch, and how to use IGMP filtering to control multicast group membership.
Chapter 12, “Configuring Port-Based Traffic Control,” describes how to reduce traffic storms by setting broadcast, multicast, and unicast storm-control threshold levels; how to protect ports from receiving traffic from other ports on a switch; how to block unknown broadcast and unicast traffic; and how to configure port security using secure MAC addresses.
Chapter 13, “Configuring CDP,” describes how to configure Cisco Discovery Protocol (CDP) on your switch.
|
Catalyst 3550 Multilayer Switch Software Configuration Guide |
xxviii |
78-11194-03 |
Preface
Organization
Chapter 14, “Configuring UDLD,” describes how to configure the UniDirectional Link Detection (UDLD) feature. UDLD enables devices connected through fiber-optic or twisted-pair Ethernet cables to monitor the physical configuration of the cables and detect when a unidirectional link exists.
Chapter 15, “Configuring SPAN,” describes how to configure Switch Port Analyzer (SPAN), which selects network traffic for analysis by a network analyzer such as a SwitchProbe device or other Remote Monitoring (RMON) probe. SPAN mirrors traffic received or sent (or both) on a source port, or traffic received on one or more source ports or source VLANs, to a destination port.
Chapter 16, “Configuring RMON,” describes how to configure remote monitoring (RMON). The RMON feature, which is used with the Simple Network Management Protocol (SNMP) agent in the switch, means that you can monitor all the traffic flowing among switches on all connected LAN segments.
Chapter 17, “Configuring System Message Logging,” describes how to configure system message logging. It describes the message format, how to change the message display destination device, limit the type of messages sent, configure UNIX server syslog daemon and define the UNIX system logging facility, and timestamp messages.
Chapter 18, “Configuring SNMP,” describes how to configure the Simple Network Management Protocol (SNMP). It describes how to configure community strings, enable trap managers and traps, set the agent contact and location information, and how to limit TFTP servers used through SNMP.
Chapter 19, “Configuring Network Security with ACLs,” describes how to configure network security on your switch using two types of access control lists (ACLs), router ACLs and VLAN maps. It describes how to apply ACLs to interfaces and provides examples.
Chapter 20, “Configuring QoS,” describes how to configure quality of service (QoS) on your switch. With this feature, you can provide preferential treatment to certain types traffic.
Chapter 21, “Configuring EtherChannel,” describes how to bundle a set of individual ports into a single logical link on Layer 2 and Layer 3 interfaces.
Chapter 22, “Configuring IP Unicast Routing,” describes how to configuring IP unicast routing on your switch, including configuring IP addressing features, Routing Information Protocol (RIP), Interior Gateway Routing Protocol (IGRP), Open Shortest Path First (OSPF) protocol, and Enhanced IGRP (EIGRP). To use this feature, you must have the enhanced multilayer software image installed on your switch.
Chapter 23, “Configuring HSRP,” describes how to use Hot Standby Router Protocol (HSRP) to provide routing redundancy for routing IP traffic without depending on the availability of any single router. To use this feature, you must have the enhanced multilayer software image installed on your switch.
Chapter 24, “Configuring IP Multicast Routing,” how to configuring IP multicast routing. It describes how to use and configure the Internet Group Management Protocol (IGMP), Protocol-Independent Multicast (PIM) protocol, Cisco Group Management Protocol (CGMP) server functionality, and how to inter-operate between PIM and Distance Vector Multicast Routing Protocol (DVMRP) domains. To use this feature, you must have the enhanced multilayer software image installed on your switch.
Chapter 25, “Configuring MSDP,” describes how to configure the Multicast Source Discovery Protocol (MSDP), which is a mechanism to connect multiple PIM sparse-mode domains. To use this feature, you must have the enhanced multilayer software image installed on your switch.
Chapter 26, “Configuring Fallback Bridging,” describes how to configure fallback bridging on your switch. With fallback bridging, you can bridge non-IP protocols between VLAN bridge domains and routed ports. To use this feature, you must have the enhanced multilayer software image installed on your switch
Chapter 27, “Troubleshooting,” describes how to identify and resolve software problems related to the IOS software.
Catalyst 3550 Multilayer Switch Software Configuration Guide
|
78-11194-03 |
xxix |
|
Preface
Appendix A, “Supported MIBs,” lists the supported MIBs for this release and how to use FTP to access the MIB files.
Appendix B, “Working with the IOS File System, Configuration Files, and Software Images,” describes how to manipulate the Flash file system, how to copy configuration files, and how to archive (upload and download) software images.
Appendix C, “Unsupported CLI Commands,” lists the unsupported command-line interface (CLI) commands that are displayed when you enter the question mark (?) at the switch prompt. The unsupported commands are listed by software feature and command mode.
Conventions
This publication uses these conventions to convey instructions and information:
Command descriptions use these conventions:
•Commands and keywords are in boldface text.
•Arguments for which you supply values are in italic.
•Square brackets ([ ]) mean optional elements.
•Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.
•Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional element.
Interactive examples use these conventions:
•Terminal sessions and system displays are in screen font.
•Information you enter is in boldface screen font.
•Nonprinting characters, such as passwords or tabs, are in angle brackets (< >). Notes, cautions, and timesavers use these conventions and symbols:
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in this manual.
Caution Means reader be careful. In this situation, you might do something that could result equipment damage or loss of data.
Timesaver Means the following will help you solve a problem. The tips information might not be troubleshooting or even an action, but could be useful information.
Catalyst 3550 Multilayer Switch Software Configuration Guide
|
xxx |
78-11194-03 |
|
|
|