Cisco Systems 4948 User Manual

Data Sheet

Cisco Catalyst 4948 Series Switch

High-Performance, Rack-Optimized Server Switching

PRODUCT OVERVIEW

The Cisco® Catalyst® 4948 is a wire-speed, low-latency, Layer 2–4, 1 rack unit (RU) fixed-configuration switch for rack-optimized server switching.
Based on the proven Cisco Catalyst 4500 Series hardware and software architecture, the Cisco Catalyst 4948 Series offers exceptional performance
and reliability for low density, multilayer aggregation of high performance servers and workstations.

The Cisco Catalyst 4948 offers 48 ports of wire-speed 10/100/1000BASE-T with 4 alternative wired ports that can accommodate optional
1000BASE-X Small Form-Factor Pluggable (SFP) optics*. Exceptional reliability and serviceability are delivered with optional internal
AC or DC 1 + 1 hot-swappable power supplies and a hot-swappable fan tray with redundant fans (refer to Figures 1 and 2).

Figure 1. Cisco Catalyst 4948 Series Switch

Figure 2. Rear View of Cisco Catalyst 4948 with Dual Redundant Power Supplies and Removable Fan Tray

KEY FEATURES AND BENEFITS
Wire-Speed Performance for 10/1 00/1 000 Connectivity

The Cisco Catalyst 4948 delivers wire-speed throughput with low latency for data-intensive applications using a 96 Gbps switching fabric with a
72 Mpps forwarding rate in hardware for Layer 2–4 traffic. Switching performance is guaranteed regardless of the number of route entries or
Layer 3 and 4 services enabled. Hardware-based Cisco Express Forwarding routing architecture allows for increased scalability and performance.

* The Cisco Catalyst 4948 has 52 physical switching ports (48 10/100/1000 and 4 SFP) on the front panel. Up to 48 of these ports can be active at one time in

any combination.

All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

Page 1 of 1

Power Supply Redundancy for Nonstop Operation

The Cisco Catalyst 4948 provides reliability for critical applications with 1 + 1 redundant hot-swappable internal AC or DC power supplies. The
1 + 1 power supply design provides A-to-B failover when power supplies are connected to different circuits. AC and DC power supplies can be
mixed in the same unit for maximum deployment flexibility. The Cisco Catalyst 4948 also has a hot-swappable fan tray with four redundant fans
for additional serviceability and availability.

Robust Security

Multiple server communities can be securely established on a single Cisco Catalyst 4948. The switch can isolate different Layer 2 community traffic
simultaneously, while conserving IP address space. In an unlikely event that a server is compromised, the Cisco Catalyst 4948 can prevent man-in­the-middle and IP spoofing attacks to the rest of community with no change to the server configuration. Such attacks can be logged by the Cisco
Catalyst 4948 for auditing.

The Cisco Catalyst 4900 Series offers a rich set of integrated security features to proactively lock down your critical network infrastructure. It
reduces network security risks with a rich set of Network Admission Control (NAC) capabilities and 802.1x-based user authentication, authorization,
and accounting (AAA). The security policy enforcement is uncompromised with the wire-rate, dedicated access-control lists (ACLs) to fend off ever­increasing virus and security attacks. The Cisco Catalyst 4900 Series offers powerful, easy-to-use tools to effectively prevent untraceable man-in-the­middle attacks, control plane resource exhaustion, IP spoofing, and flooding attacks, without any change to the end-user or host configurations.
Secure remote access, file transfers, and network management are accomplished with the Secure Shell (SSH Version 1 and Version 2) Protocol,
Secure Copy Protocol (SCP), and Simple Network Management Protocol (SNMP) v3, respectively.

Network Admission Control (NAC) is a foundational component of the Cisco Self-Defending Network strategy, improving the network’s ability
to automatically identify, prevent, and respond to security threats. NAC enables the Cisco Catalyst switches to collaborate with third-party solutions
for security-policy compliance and enforcement before a host is permitted to access the network.

NAC performs posture validation at the Layer 2 network edge for hosts with or without 802.1x enabled. Vulnerable and noncompliant hosts can be
isolated, given reduced network access or directed to remediation servers based on organizational policy. By ensuring that every host complies with
security policy, organizations can significantly reduce the damage caused by infected hosts. NAC is available through standard software upgrades or
Cisco SMARTnet contracts on Cisco Catalyst switches.

Comprehensive Management

The Cisco Catalyst 4948 includes a single, dedicated 10/100 console port and a single, dedicated 10/100 management port for offline disaster
recovery. Remote in-band management is available with SNMP, Telnet client, BOOTP, and Trivial File Transfer Protocol (TFTP). Support for
local or remote out-of-band management is delivered through a terminal or modem attached to the console interface. The management port helps
enable the Cisco Catalyst 4948 to reload a new image from a TFTP server within seconds.

The Cisco Catalyst 4948 delivers a comprehensive set of management tools to provide the visibility and control required for server switching.
Managed with Cisco Works solutions and embedded Cisco View, the Cisco Catalyst 4948 can be configured and managed to deliver device, VLAN,
traffic, and policy management. These Web-based management tools offer numerous services, including software deployment and quick isolation of
error conditions.

SOFTWARE CONFIGURATION OPTIONS

Table 1 gives descriptions of the software configuration options for the Cisco Catalyst 4948.

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.

© 2006 Cisco Systems, Inc. All rights reserved.

Page 2 of 16

Table 1. Descriptions of Software Configuration Options for Cisco Catalyst 4948

Software Image Description

IP Base Image

Enterprise Services Image

TECHNICAL SPECIFICATIONS
Performance and Switching Specifications

• 96 Gbps nonblocking switch fabric

• 72 Mpps Layer 2 Forwarding (hardware)

• 72 Mpps Layer 3 and 4 forwarding—IP routing, Cisco Express Forwarding-based (hardware)

• Layer 2–4 hardware-based switch engine (application-specific integrated circuit [ASIC]-based)

• Unicast and multicast routing entries: 32,000

• Support for 2048 active VLANs and 4096 VLAN IDs per switch

• Layer 2 multicast addresses: 16,384

• MAC addresses: 32,768

• Policers: 512 ingress and 512 egress

• ACL or quality-of-service (QoS) entries: 32,000

• Uplinks: 4 alternatively wired SFP ports with (Gigabit EtherChannel) support

• Latency: 6 microseconds for 64-byte packets

• Switched virtual interfaces (SVIs): 2048

• STP instances: 1500

• Internet Group Management Protocol (IGMP) snooping entries: 8000

Standard Layer 3 image, including Routing Information Protocol Version 1 (RIPv1), RIPv2, static routes,
EIGRP stub.

Enhanced Layer 3 image, including Open Shortest Path First (OSPF), Intermediate System-to-Intermediate System
(IS-IS), and Enhanced Interior Gateway Routing Protocol (EIGRP), Border Gateway Protocol (BGP), Appletalk, and
Internetwork Packet Exchange (IPX). Also includes all IP Base Image features.

Layer 2 Features

• Layer 2 hardware forwarding at 72 Mpps

• Layer 2 switch ports and VLAN trunks

• IEEE 802. 1Q VLAN encapsulation

• Inter-Switch Link (ISL) VLAN encapsulation

• Dynamic Trunking Protocol (DTP)

• VLAN Trunking Protocol (VTP) and VTP domains

• Per-VLAN Spanning Tree Protocol (PVST+) and Per-VLAN Rapid Spanning Tree Protocol (PVRST)

• Spanning-tree PortFast and PortFast guard

• Spanning-tree UplinkFast and BackboneFast

• 802.1s

• 802.1w

• Spanning-tree root guard

• Cisco Discovery Protocol

• IGMP snooping v1, v2, and v3

• 802.3ad

• Cisco EtherChannel® technology, Cisco Fast EtherChannel technology, and Cisco Gigabit EtherChannel technology support

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.

© 2006 Cisco Systems, Inc. All rights reserved.

Page 3 of 16

• Port Aggregation Protocol (PAgP)

• Unidirectional Link Detection Protocol (UDLD) and aggressive UDLD on the SFP ports

• Q-in-Q in hardware

• Layer 2 protocol tunneling

• Jumbo frames on all ports (up to 9216 bytes)

• Baby giants (up to 1600 bytes)

• Hardware-based storm control (formally known as broadcast and multicast suppression)

• Community private VLANs (PVLANs)

• Forced 10/100 autonegotiation

• Web Content Communication Protocol Version 2 Layer 2 Redirect

• Private VLAN Promiscuous Trunk

Layer 3 Features

• Hardware-based IP Cisco Express Forwarding routing at 72 Mpps

• Static IP routing

• IP routing protocols: EIGRP, OSPF, RIP, RIP2

• BGPv4 and Multicast Border Gateway Protocol (MBGP)

• Hot Standby Router Protocol (HSRP)

• Software routing of IPX and AppleTalk

• IS-IS routing protocol

• IGMPv1, v2, and v3

• IGMP filtering on access and trunk ports

• IP Multicast routing protocols (Protocol Independent Multicast [PIM], Source Specific Multicast [S SM], and Distance Vector

• Multicast Routing Protocol [DVMRP])

• Pragmatic General Multicast (PGM)

• Cisco Group Management Protocol (GMP) server

• Full Internet Control Message Protocol (ICMP) support

• ICMP Router Discovery Protocol

• Policy-based routing (PBR)

• Virtual Route Forwarding-lite (VRF-lite)

• IPv6 software switching support

• OSPF fast convergence

• EIGRP stub

• Virtual Router Redundancy Protocol (VRRP)

Sophisticated QoS and Traffic Management

• Per-port QoS configuration

• Per-port per VLAN QoS

• Support for four queues per port in hardware

• Strict priority queuing

• IP differentiated services code point (DSCP) and IP Precedence

• Classification and marking based on IP type of service (ToS) or DSCP

• Classification and marking based on full Layer 3 and 4 headers (IP only)

• Input and output policing based on Layer 3 and 4 headers (IP only)

© 2006 Cisco Systems, Inc. All rights reserved.

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.

Page 4 of 16

• Support for 512 policers on ingress and 512 policers on egress configured as aggregate or individual

• Shaping and sharing output queue management

• Dynamic Buffer Limiting (DBL): Advanced congestion avoidance

• No performance penalty for granular QoS functions

Predictable Performance

• 96 Gbps switching fabric

• Layer 2 hardware forwarding at 72 Mpps

• Layer 3 hardware-based IP Cisco Express Forwarding routing at 72 Mpps

• Layer 4 TCP or User Datagram Protocol (UDP) hardware-based filtering at 72 Mpps

• No performance penalty with advanced Layer 3 and 4 services enabled

• Software-based learning at a sustained rate of 500 hosts per second

• Support for 32,768 MAC addresses

• Support for 32,000 entries in routing table (shared between unicast and multicast)

• Support for 512 ingress policers and 512 egress policers

• Support for 32,000 ACL and QoS entries

• Scalability to 2048 virtual ports (VLAN port instances)

• Scalability to 8000 IGMP snooping entries

• Scalability to 1500 STP instances

• Bandwidth aggregation up to 16 Gbps through Cisco Gigabit EtherChannel technology

• Hardware-based wire-speed multicast management

• Hardware-based wire-speed ACLs

Comprehensive Management

• Manageable through CiscoWorks Windows network-management software on a per-port and per-switch basis, providing a common management

interface for Cisco routers, switches, and hubs

• Manageable through Cisco Network Assistant

• SNMPv1, v2, and v3 instrumentation, delivering comprehensive in-band management

• Command-line interface (CLI)-based management console to provide detailed out-of-band management

• Remote Monitoring (RMON) software agent to support four RMON groups (history, statistics, alarms, and events) for enhanced traffic

management, monitoring, and analysis

• Support for all nine RMON groups through the use of a Cisco SwitchProbe® analyzer (Switched Port Analyzer [SPAN]) port, which permits

traffic monitoring of a single port, a group of ports, or the entire switch from a single network analyzer or RMON probe

• Analysis support, including ingress port, egress port, and VLAN SPAN

• Layer 2 traceroute

• Remote SPAN (RSPAN)

• Smartports macros

• SPAN ACL filtering

• Dynamic Host Configuration Protocol (DHCP) client autoconfiguration

• IfIndex persistence

• HTTPS

• Time Domain Reflectometry (TDR)

• MAC Address Notification

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.

© 2006 Cisco Systems, Inc. All rights reserved.

Page 5 of 16