Cisco IE3010 User Manual
Cisco IE 3010 Switch Software
Configuration Guide
Cisco IOS Release 12.2(53)EZ
November 2010
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-23145-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at
www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the
document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
Cisco IE 3010 Switch Software Configuration Guide
Copyright © 2010 Cisco Systems, Inc. All rights reserved.
IMPLIED, INCLUDING, WITHOUT
CONTENTS
Preface xxxiii
Audience xxxiii
Purpose xxxiii
Conventions xxxiii
Related Publications xxxiv
Obtaining Documentation, Obtaining Support, and Security Guidelines xxxv
CHAPTER
CHAPTER
1 Overview 1-1
Features 1-1
Ease-of-Deployment and Ease-of-Use Features 1-2
Performance Features 1-2
Management Options 1-3
Manageability Features 1-4
Availability and Redundancy Features 1-5
VLAN Features 1-6
Security Features 1-6
QoS and CoS Features 1-9
Monitoring Features 1-10
Default Settings After Initial Switch Configuration 1-11
Network Configuration Examples 1-13
Design Concepts for Using the Switch 1-13
Where to Go Next 1-14
2 Using the Command-Line Interface 2-1
Understanding Command Modes 2-1
OL-23145-01
Understanding the Help System 2-3
Understanding Abbreviated Commands 2-4
Understanding no and default Forms of Commands 2-4
Understanding CLI Error Messages 2-5
Using Configuration Logging 2-5
Using Command History 2-6
Changing the Command History Buffer Size 2-6
Recalling Commands 2-6
Cisco IE 3010 Switch Software Configuration Guide
iii
Contents
Disabling the Command History Feature 2-7
Using Editing Features 2-7
Enabling and Disabling Editing Features 2-7
Editing Commands through Keystrokes 2-8
Editing Command Lines that Wrap 2-9
Searching and Filtering Output of show and more Commands 2-10
Accessing the CLI 2-10
Accessing the CLI through a Console Connection or through Telnet 2-10
CHAPTER
3 Assigning the Switch IP Address and Default Gateway 3-1
Understanding the Boot Process 3-1
Assigning Switch Information 3-3
Default Switch Information 3-3
Understanding DHCP-Based Autoconfiguration 3-3
DHCP Client Request Process 3-4
Understanding DHCP-based Autoconfiguration and Image Update 3-5
DHCP Autoconfiguration 3-5
DHCP Auto-Image Update 3-5
Limitations and Restrictions 3-6
Configuring DHCP-Based Autoconfiguration 3-6
DHCP Server Configuration Guidelines 3-6
Configuring the TFTP Server 3-7
Configuring the DNS 3-8
Configuring the Relay Device 3-8
Obtaining Configuration Files 3-9
Example Configuration 3-9
Configuring the DHCP Auto Configuration and Image Update Features 3-11
Configuring DHCP Autoconfiguration (Only Configuration File) 3-11
Configuring DHCP Auto-Image Update (Configuration File and Image) 3-12
Configuring the Client 3-13
Manually Assigning IP Information 3-14
iv
Checking and Saving the Running Configuration 3-15
Modifying the Startup Configuration 3-16
Default Boot Configuration 3-17
Automatically Downloading a Configuration File 3-17
Specifying the Filename to Read and Write the System Configuration 3-17
Booting Manually 3-18
Booting a Specific Software Image 3-19
Controlling Environment Variables 3-19
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Scheduling a Reload of the Software Image 3-21
Configuring a Scheduled Reload 3-21
Displaying Scheduled Reload Information 3-22
Contents
CHAPTER
4 Configuring Cisco IOS Configuration Engine 4-1
Understanding Cisco Configuration Engine Software 4-1
Configuration Service 4-2
Event Service 4-3
NameSpace Mapper 4-3
What You Should Know About the CNS IDs and Device Hostnames 4-3
ConfigID 4-3
DeviceID 4-4
Hostname and DeviceID 4-4
Using Hostname, DeviceID, and ConfigID 4-4
Understanding Cisco IOS Agents 4-5
Initial Configuration 4-5
Incremental (Partial) Configuration 4-6
Synchronized Configuration 4-6
Configuring Cisco IOS Agents 4-6
Enabling Automated CNS Configuration 4-6
Enabling the CNS Event Agent 4-7
Enabling the Cisco IOS CNS Agent 4-9
Enabling an Initial Configuration 4-9
Enabling a Partial Configuration 4-12
CHAPTER
OL-23145-01
Displaying CNS Configuration 4-13
5 Clustering Switches 5-1
Understanding Switch Clusters 5-1
Cluster Command Switch Characteristics 5-3
Standby Cluster Command Switch Characteristics 5-3
Candidate Switch and Cluster Member Switch Characteristics 5-3
Planning a Switch Cluster 5-4
Automatic Discovery of Cluster Candidates and Members 5-4
Discovery Through CDP Hops 5-5
Discovery Through Non-CDP-Capable and Noncluster-Capable Devices 5-6
Discovery Through Different VLANs 5-6
Discovery Through Different Management VLANs 5-7
Discovery of Newly Installed Switches 5-8
Virtual IP Addresses 5-9
Cisco IE 3010 Switch Software Configuration Guide
v
Contents
Other Considerations for Cluster Standby Groups 5-9
Automatic Recovery of Cluster Configuration 5-10
IP Addresses 5-11
Hostnames 5-11
Passwords 5-12
SNMP Community Strings 5-12
TACACS+ and RADIUS 5-12
LRE Profiles 5-13
Using the CLI to Manage Switch Clusters 5-13
Using SNMP to Manage Switch Clusters 5-14
CHAPTER
6 Administering the Switch 6-1
Managing the System Time and Date 6-1
Understanding the System Clock 6-1
Understanding Network Time Protocol 6-2
Configuring NTP 6-4
Default NTP Configuration 6-4
Configuring NTP Authentication 6-5
Configuring NTP Associations 6-6
Configuring NTP Broadcast Service 6-7
Configuring NTP Access Restrictions 6-8
Configuring the Source IP Address for NTP Packets 6-10
Displaying the NTP Configuration 6-11
Configuring Time and Date Manually 6-11
Setting the System Clock 6-11
Displaying the Time and Date Configuration 6-12
Configuring the Time Zone 6-12
Configuring Summer Time (Daylight Saving Time) 6-13
Configuring a System Name and Prompt 6-14
Default System Name and Prompt Configuration 6-15
Configuring a System Name 6-15
Understanding DNS 6-15
Default DNS Configuration 6-16
Setting Up DNS 6-16
Displaying the DNS Configuration 6-17
vi
Creating a Banner 6-17
Default Banner Configuration 6-17
Configuring a Message-of-the-Day Login Banner 6-18
Configuring a Login Banner 6-19
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Managing the MAC Address Table 6-19
Building the Address Table 6-20
MAC Addresses and VLANs 6-20
Default MAC Address Table Configuration 6-21
Changing the Address Aging Time 6-21
Removing Dynamic Address Entries 6-22
Configuring MAC Address Change Notification Traps 6-22
Configuring MAC Address Move Notification Traps 6-24
Configuring MAC Threshold Notification Traps 6-25
Adding and Removing Static Address Entries 6-26
Configuring Unicast MAC Address Filtering 6-27
Disabling MAC Address Learning on a VLAN 6-28
Displaying Address Table Entries 6-30
Managing the ARP Table 6-30
Contents
CHAPTER
7 Configuring the Switch Alarms 7-1
Understanding IE 3010 Switch Alarms 7-1
Global Status Monitoring Alarms 7-2
FCS Error Hysteresis Threshold 7-2
Port Status Monitoring Alarms 7-2
Triggering Alarm Options 7-3
Configuring IE 3010 External Alarms 7-4
Configuring IE 3010 Switch Alarms 7-6
Default Switch Alarm Configuration 7-6
Configuring the Power Supply Alarms 7-6
Configuring the Switch Temperature Alarms 7-7
Setting the Primary Temperature Threshold for the Switch 7-7
Setting a Secondary Temperature Threshold for the Switch 7-8
Associating the Temperature Alarms to a Relay 7-9
Configuring the FCS Bit Error Rate Alarm 7-10
Setting the FCS Error Threshold 7-10
Setting the FCS Error Hysteresis Threshold 7-10
Configuring Alarm Profiles 7-11
Creating or Modifying an Alarm Profile 7-11
Attaching an Alarm Profile to a Specific Port 7-12
Enabling SNMP Traps 7-13
OL-23145-01
Displaying IE 3010 Switch Alarms Status 7-13
Cisco IE 3010 Switch Software Configuration Guide
vii
Contents
CHAPTER
CHAPTER
8 Configuring SDM Templates 8-1
Understanding the SDM Templates 8-1
Configuring the Switch SDM Template 8-2
SDM Template Configuration Guidelines 8-2
Setting the SDM Template 8-3
Displaying the SDM Templates 8-4
9 Configuring Switch-Based Authentication 9-1
Preventing Unauthorized Access to Your Switch 9-1
Protecting Access to Privileged EXEC Commands 9-2
Default Password and Privilege Level Configuration 9-3
Setting or Changing a Static Enable Password 9-3
Protecting Enable and Enable Secret Passwords with Encryption 9-4
Disabling Password Recovery 9-5
Setting a Telnet Password for a Terminal Line 9-6
Configuring Username and Password Pairs 9-7
Configuring Multiple Privilege Levels 9-8
Setting the Privilege Level for a Command 9-8
Changing the Default Privilege Level for Lines 9-9
Logging into and Exiting a Privilege Level 9-10
Controlling Switch Access with TACACS+ 9-10
Understanding TACACS+ 9-10
TACACS+ Operation 9-12
Configuring TACACS+ 9-13
Default TACACS+ Configuration 9-13
Identifying the TACACS+ Server Host and Setting the Authentication Key 9-13
Configuring TACACS+ Login Authentication 9-14
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 9-16
Starting TACACS+ Accounting 9-17
Establishing a Session with a Router if the AAA Server is Unreachable 9-18
Displaying the TACACS+ Configuration 9-18
Controlling Switch Access with RADIUS 9-18
Understanding RADIUS 9-18
RADIUS Operation 9-20
RADIUS Change of Authorization 9-20
Overview 9-21
Change-of-Authorization Requests 9-21
CoA Request Response Code 9-22
CoA Request Commands 9-24
viii
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Configuring RADIUS 9-27
Default RADIUS Configuration 9-27
Identifying the RADIUS Server Host 9-28
Configuring RADIUS Login Authentication 9-30
Defining AAA Server Groups 9-32
Configuring RADIUS Authorization for User Privileged Access and Network Services 9-34
Starting RADIUS Accounting 9-35
Establishing a Session with a Router if the AAA Server is Unreachable 9-36
Configuring Settings for All RADIUS Servers 9-36
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 9-36
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 9-38
Configuring CoA on the Switch 9-39
Monitoring and Troubleshooting CoA Functionality 9-40
Configuring RADIUS Server Load Balancing 9-40
Displaying the RADIUS Configuration 9-40
Contents
Controlling Switch Access with Kerberos 9-40
Understanding Kerberos 9-41
Kerberos Operation 9-43
Authenticating to a Boundary Switch 9-43
Obtaining a TGT from a KDC 9-43
Authenticating to Network Services 9-44
Configuring Kerberos 9-44
Configuring the Switch for Local Authentication and Authorization 9-44
Configuring the Switch for Secure Shell 9-45
Understanding SSH 9-46
SSH Servers, Integrated Clients, and Supported Versions 9-46
Limitations 9-46
Configuring SSH 9-47
Configuration Guidelines 9-47
Setting Up the Switch to Run SSH 9-47
Configuring the SSH Server 9-48
Displaying the SSH Configuration and Status 9-49
Configuring the Switch for Secure Socket Layer HTTP 9-50
Understanding Secure HTTP Servers and Clients 9-51
Certificate Authority Trustpoints 9-51
CipherSuites 9-52
Configuring Secure HTTP Servers and Clients 9-53
Default SSL Configuration 9-53
SSL Configuration Guidelines 9-53
OL-23145-01
Cisco IE 3010 Switch Software Configuration Guide
ix
Contents
Configuring a CA Trustpoint 9-54
Configuring the Secure HTTP Server 9-55
Configuring the Secure HTTP Client 9-56
Displaying Secure HTTP Server and Client Status 9-57
Configuring the Switch for Secure Copy Protocol 9-57
Information About Secure Copy 9-58
CHAPTER
10 Configuring IEEE 802.1x Port-Based Authentication 10-1
Understanding IEEE 802.1x Port-Based Authentication 10-1
Device Roles 10-2
Authentication Process 10-3
Authentication Initiation and Message Exchange 10-5
Authentication Manager 10-7
Port-Based Authentication Methods 10-7
Per-User ACLs and Filter-Ids 10-8
Authentication Manager CLI Commands 10-9
Ports in Authorized and Unauthorized States 10-10
802.1x Host Mode 10-11
Multidomain Authentication 10-12
802.1x Multiple Authentication Mode 10-13
MAC Move 10-13
MAC Replace 10-14
802.1x Accounting 10-14
802.1x Accounting Attribute-Value Pairs 10-15
802.1x Readiness Check 10-16
802.1x Authentication with VLAN Assignment 10-16
Using 802.1x Authentication with Per-User ACLs 10-17
802.1x Authentication with Downloadable ACLs and Redirect URLs 10-18
Cisco Secure ACS and Attribute-Value Pairs for the Redirect URL 10-20
Cisco Secure ACS and Attribute-Value Pairs for Downloadable ACLs 10-20
VLAN ID-based MAC Authentication 10-20
802.1x Authentication with Guest VLAN 10-21
802.1x Authentication with Restricted VLAN 10-22
802.1x Authentication with Inaccessible Authentication Bypass 10-23
Support on Multiple-Authentication Ports 10-23
Authentication Results 10-23
Feature Interactions 10-24
802.1x Authentication with Voice VLAN Ports 10-24
802.1x Authentication with Port Security 10-25
Cisco IE 3010 Switch Software Configuration Guide
x
OL-23145-01
802.1x Authentication with Wake-on-LAN 10-26
802.1x Authentication with MAC Authentication Bypass 10-26
802.1x User Distribution 10-28
802.1x User Distribution Configuration Guidelines 10-28
Network Admission Control Layer 2 802.1x Validation 10-29
Flexible Authentication Ordering 10-29
Open1x Authentication 10-29
Using Voice Aware 802.1x Security 10-30
802.1x Supplicant and Authenticator Switches with Network Edge Access Topology (NEAT) 10-30
Guidelines 10-31
Using IEEE 802.1x Authentication with ACLs and the RADIUS Filter-Id Attribute 10-31
Common Session ID 10-32
Configuring 802.1x Authentication 10-33
Default 802.1x Authentication Configuration 10-34
802.1x Authentication Configuration Guidelines 10-35
802.1x Authentication 10-35
VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication
Bypass 10-36
MAC Authentication Bypass 10-37
Maximum Number of Allowed Devices Per Port 10-37
Configuring 802.1x Readiness Check 10-37
Configuring Voice Aware 802.1x Security 10-38
Configuring 802.1x Violation Modes 10-39
Configuring 802.1x Authentication 10-40
Configuring the Switch-to-RADIUS-Server Communication 10-42
Configuring the Host Mode 10-43
Configuring Periodic Re-Authentication 10-44
Manually Re-Authenticating a Client Connected to a Port 10-45
Changing the Quiet Period 10-46
Changing the Switch-to-Client Retransmission Time 10-46
Setting the Switch-to-Client Frame-Retransmission Number 10-47
Setting the Re-Authentication Number 10-48
Enabling MAC Move 10-48
Enabling MAC Replace 10-49
Configuring 802.1x Accounting 10-50
Configuring a Guest VLAN 10-51
Configuring a Restricted VLAN 10-52
Configuring the Inaccessible Authentication Bypass Feature 10-54
Configuring 802.1x Authentication with WoL 10-56
Configuring MAC Authentication Bypass 10-57
Contents
OL-23145-01
Cisco IE 3010 Switch Software Configuration Guide
xi
Contents
Configuring 802.1x User Distribution 10-58
Configuring NAC Layer 2 802.1x Validation 10-59
Configuring an Authenticator and a Supplicant Switch with NEAT 10-60
Configuring NEAT with Auto Smartports Macros 10-61
Configuring 802.1x Authentication with Downloadable ACLs and Redirect URLs 10-61
Configuring Downloadable ACLs 10-62
Configuring a Downloadable Policy 10-62
Configuring VLAN ID-based MAC Authentication 10-64
Configuring Flexible Authentication Ordering 10-64
Configuring Open1x 10-65
Disabling 802.1x Authentication on the Port 10-65
Resetting the 802.1x Authentication Configuration to the Default Values 10-66
Displaying 802.1x Statistics and Status 10-67
CHAPTER
11 Configuring Web-Based Authentication 11-1
Understanding Web-Based Authentication 11-1
Device Roles 11-2
Host Detection 11-2
Session Creation 11-2
Authentication Process 11-3
Local Web Authentication Banner 11-3
Web Authentication Customizable Web Pages 11-5
Guidelines 11-5
Web-based Authentication Interactions with Other Features 11-7
Port Security 11-7
LAN Port IP 11-7
Gateway IP 11-7
ACLs 11-7
Context-Based Access Control 11-8
802.1x Authentication 11-8
EtherChannel 11-8
Configuring Web-Based Authentication 11-9
Default Web-Based Authentication Configuration 11-9
Web-Based Authentication Configuration Guidelines and Restrictions 11-9
Web-Based Authentication Configuration Task List 11-10
Configuring the Authentication Rule and Interfaces 11-10
Configuring AAA Authentication 11-11
Configuring Switch-to-RADIUS-Server Communication 11-11
Configuring the HTTP Server 11-13
xii
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Customizing the Authentication Proxy Web Pages 11-13
Specifying a Redirection URL for Successful Login 11-15
Configuring an AAA Fail Policy 11-15
Configuring the Web-Based Authentication Parameters 11-16
Configuring a Web Authentication Local Banner 11-16
Removing Web-Based Authentication Cache Entries 11-17
Displaying Web-Based Authentication Status 11-17
Contents
CHAPTER
12 Configuring Interface Characteristics 12-1
Understanding Interface Types 12-1
Port-Based VLANs 12-2
Switch Ports 12-2
Access Ports 12-2
Trunk Ports 12-3
EtherChannel Port Groups 12-3
Dual-Purpose Uplink Ports 12-4
Power over Ethernet Ports 12-4
Supported Protocols and Standards 12-4
Powered-Device Detection and Initial Power Allocation 12-5
Power Management Modes 12-6
Power Monitoring and Power Policing 12-7
Connecting Interfaces 12-9
Using Interface Configuration Mode 12-9
Procedures for Configuring Interfaces 12-10
Configuring a Range of Interfaces 12-10
Configuring and Using Interface Range Macros 12-12
OL-23145-01
Configuring Ethernet Interfaces 12-14
Default Ethernet Interface Configuration 12-14
Setting the Type of a Dual-Purpose Uplink Port 12-15
Configuring Interface Speed and Duplex Mode 12-16
Speed and Duplex Configuration Guidelines 12-17
Setting the Interface Speed and Duplex Parameters 12-17
Configuring IEEE 802.3x Flow Control 12-18
Configuring Auto-MDIX on an Interface 12-19
Configuring a Power Management Mode on a PoE Port 12-20
Budgeting Power for Devices Connected to a PoE Port 12-22
Adding a Description for an Interface 12-23
Configuring Layer 3 Interfaces 12-24
Configuring the System MTU 12-24
Cisco IE 3010 Switch Software Configuration Guide
xiii
Contents
Monitoring and Maintaining the Interfaces 12-26
Monitoring Interface Status 12-26
Clearing and Resetting Interfaces and Counters 12-27
Shutting Down and Restarting the Interface 12-27
CHAPTER
CHAPTER
13 Configuring Smartports Macros 13-1
Understanding Smartports Macros 13-1
Configuring Smartports Macros 13-1
Default Smartports Configuration 13-1
Smartports Configuration Guidelines 13-2
Applying Smartports Macros 13-3
Displaying Smartports Macros 13-5
14 Configuring VLANs 14-1
Understanding VLANs 14-1
Supported VLANs 14-2
VLAN Port Membership Modes 14-3
Configuring Normal-Range VLANs 14-4
Token Ring VLANs 14-5
Normal-Range VLAN Configuration Guidelines 14-5
Configuring Normal-Range VLANs 14-6
Default Ethernet VLAN Configuration 14-6
Creating or Modifying an Ethernet VLAN 14-7
Deleting a VLAN 14-8
Assigning Static-Access Ports to a VLAN 14-9
xiv
Configuring Extended-Range VLANs 14-10
Default VLAN Configuration 14-10
Extended-Range VLAN Configuration Guidelines 14-10
Creating an Extended-Range VLAN 14-11
Creating an Extended-Range VLAN with an Internal VLAN ID 14-12
Displaying VLANs 14-13
Configuring VLAN Trunks 14-14
Trunking Overview 14-14
IEEE 802.1Q Configuration Considerations 14-15
Default Layer 2 Ethernet Interface VLAN Configuration 14-16
Configuring an Ethernet Interface as a Trunk Port 14-16
Interaction with Other Features 14-16
Configuring a Trunk Port 14-17
Defining the Allowed VLANs on a Trunk 14-18
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Changing the Pruning-Eligible List 14-19
Configuring the Native VLAN for Untagged Traffic 14-19
Configuring Trunk Ports for Load Sharing 14-20
Load Sharing Using STP Port Priorities 14-20
Load Sharing Using STP Path Cost 14-22
Configuring VMPS 14-23
Understanding VMPS 14-24
Dynamic-Access Port VLAN Membership 14-24
Default VMPS Client Configuration 14-25
VMPS Configuration Guidelines 14-25
Configuring the VMPS Client 14-26
Entering the IP Address of the VMPS 14-26
Configuring Dynamic-Access Ports on VMPS Clients 14-26
Reconfirming VLAN Memberships 14-27
Changing the Reconfirmation Interval 14-27
Changing the Retry Count 14-28
Monitoring the VMPS 14-28
Troubleshooting Dynamic-Access Port VLAN Membership 14-29
VMPS Configuration Example 14-29
Contents
CHAPTER
15 Configuring VTP 15-1
Understanding VTP 15-1
The VTP Domain 15-2
VTP Modes 15-3
VTP Advertisements 15-3
VTP Version 2 15-4
VTP Version 3 15-4
VTP Pruning 15-5
Configuring VTP 15-7
Default VTP Configuration 15-7
VTP Configuration Guidelines 15-8
Domain Names 15-8
Passwords 15-8
VTP Version 15-9
Configuration Requirements 15-10
Configuring VTP Mode 15-10
Configuring a VTP Version 3 Password 15-12
Configuring a VTP Version 3 Primary Server 15-13
Enabling the VTP Version 15-13
OL-23145-01
Cisco IE 3010 Switch Software Configuration Guide
xv
Contents
Enabling VTP Pruning 15-14
Configuring VTP on a Per-Port Basis 15-15
Adding a VTP Client Switch to a VTP Domain 15-15
Monitoring VTP 15-16
CHAPTER
CHAPTER
16 Configuring Voice VLAN 16-1
Understanding Voice VLAN 16-1
Cisco IP Phone Voice Traffic 16-2
Cisco IP Phone Data Traffic 16-2
Configuring Voice VLAN 16-3
Default Voice VLAN Configuration 16-3
Voice VLAN Configuration Guidelines 16-3
Configuring a Port Connected to a Cisco 7960 IP Phone 16-4
Configuring Cisco IP Phone Voice Traffic 16-5
Configuring the Priority of Incoming Data Frames 16-6
Displaying Voice VLAN 16-6
17 Configuring STP 17-1
Understanding Spanning-Tree Features 17-1
STP Overview 17-2
Spanning-Tree Topology and BPDUs 17-3
Bridge ID, Switch Priority, and Extended System ID 17-4
Spanning-Tree Interface States 17-4
Blocking State 17-5
Listening State 17-6
Learning State 17-6
Forwarding State 17-6
Disabled State 17-7
How a Switch or Port Becomes the Root Switch or Root Port 17-7
Spanning Tree and Redundant Connectivity 17-8
Spanning-Tree Address Management 17-8
Accelerated Aging to Retain Connectivity 17-8
Spanning-Tree Modes and Protocols 17-9
Supported Spanning-Tree Instances 17-9
Spanning-Tree Interoperability and Backward Compatibility 17-10
STP and IEEE 802.1Q Trunks 17-10
VLAN-Bridge Spanning Tree 17-10
xvi
Configuring Spanning-Tree Features 17-11
Default Spanning-Tree Configuration 17-11
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Spanning-Tree Configuration Guidelines 17-12
Changing the Spanning-Tree Mode. 17-13
Disabling Spanning Tree 17-14
Configuring the Root Switch 17-14
Configuring a Secondary Root Switch 17-16
Configuring Port Priority 17-16
Configuring Path Cost 17-18
Configuring the Switch Priority of a VLAN 17-19
Configuring Spanning-Tree Timers 17-20
Configuring the Hello Time 17-20
Configuring the Forwarding-Delay Time for a VLAN 17-21
Configuring the Maximum-Aging Time for a VLAN 17-21
Configuring the Transmit Hold-Count 17-22
Displaying the Spanning-Tree Status 17-22
Contents
CHAPTER
18 Configuring MSTP 18-1
Understanding MSTP 18-2
Multiple Spanning-Tree Regions 18-2
IST, CIST, and CST 18-2
Operations Within an MST Region 18-3
Operations Between MST Regions 18-3
IEEE 802.1s Terminology 18-5
Hop Count 18-5
Boundary Ports 18-6
IEEE 802.1s Implementation 18-6
Port Role Naming Change 18-6
Interoperation Between Legacy and Standard Switches 18-7
Detecting Unidirectional Link Failure 18-7
Interoperability with IEEE 802.1D STP 18-8
Understanding RSTP 18-8
Port Roles and the Active Topology 18-9
Rapid Convergence 18-9
Synchronization of Port Roles 18-11
Bridge Protocol Data Unit Format and Processing 18-12
Processing Superior BPDU Information 18-12
Processing Inferior BPDU Information 18-13
Topology Changes 18-13
OL-23145-01
Configuring MSTP Features 18-13
Default MSTP Configuration 18-14
Cisco IE 3010 Switch Software Configuration Guide
xvii
Contents
MSTP Configuration Guidelines 18-14
Specifying the MST Region Configuration and Enabling MSTP 18-15
Configuring the Root Switch 18-17
Configuring a Secondary Root Switch 18-18
Configuring Port Priority 18-19
Configuring Path Cost 18-20
Configuring the Switch Priority 18-21
Configuring the Hello Time 18-22
Configuring the Forwarding-Delay Time 18-23
Configuring the Maximum-Aging Time 18-23
Configuring the Maximum-Hop Count 18-24
Specifying the Link Type to Ensure Rapid Transitions 18-24
Designating the Neighbor Type 18-25
Restarting the Protocol Migration Process 18-25
Displaying the MST Configuration and Status 18-26
CHAPTER
19 Configuring Optional Spanning-Tree Features 19-1
Understanding Optional Spanning-Tree Features 19-1
Understanding Port Fast 19-2
Understanding BPDU Guard 19-2
Understanding BPDU Filtering 19-3
Understanding UplinkFast 19-3
Understanding BackboneFast 19-5
Understanding EtherChannel Guard 19-7
Understanding Root Guard 19-8
Understanding Loop Guard 19-9
Configuring Optional Spanning-Tree Features 19-9
Default Optional Spanning-Tree Configuration 19-9
Optional Spanning-Tree Configuration Guidelines 19-10
Enabling Port Fast 19-10
Enabling BPDU Guard 19-11
Enabling BPDU Filtering 19-12
Enabling UplinkFast for Use with Redundant Links 19-13
Enabling BackboneFast 19-13
Enabling EtherChannel Guard 19-14
Enabling Root Guard 19-15
Enabling Loop Guard 19-15
xviii
Displaying the Spanning-Tree Status 19-16
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Contents
CHAPTER
20 Configuring Flex Links and the MAC Address-Table Move Update Feature 20-1
Understanding Flex Links and the MAC Address-Table Move Update 20-1
Flex Links 20-1
VLAN Flex Link Load Balancing and Support 20-2
Flex Link Multicast Fast Convergence 20-3
Learning the Other Flex Link Port as the mrouter Port 20-3
Generating IGMP Reports 20-3
Leaking IGMP Reports 20-4
Configuration Examples 20-4
MAC Address-Table Move Update 20-6
Configuring Flex Links and the MAC Address-Table Move Update 20-7
Default Configuration 20-7
Configuration Guidelines 20-8
Configuring Flex Links 20-8
Configuring VLAN Load Balancing on Flex Links 20-10
Configuring the MAC Address-Table Move Update Feature 20-12
Monitoring Flex Links and the MAC Address-Table Move Update 20-14
CHAPTER
21 Configuring DHCP Features and IP Source Guard Features 21-1
Understanding DHCP Snooping 21-1
DHCP Server 21-2
DHCP Relay Agent 21-2
DHCP Snooping 21-2
Option-82 Data Insertion 21-4
Cisco IOS DHCP Server Database 21-7
DHCP Snooping Binding Database 21-7
Configuring DHCP Snooping 21-8
Default DHCP Snooping Configuration 21-9
DHCP Snooping Configuration Guidelines 21-9
Configuring the DHCP Relay Agent 21-11
Specifying the Packet Forwarding Address 21-11
Enabling DHCP Snooping and Option 82 21-12
Enabling the Cisco IOS DHCP Server Database 21-14
Enabling the DHCP Snooping Binding Database Agent 21-14
Displaying DHCP Snooping Information 21-15
Understanding IP Source Guard 21-15
Source IP Address Filtering 21-16
Source IP and MAC Address Filtering 21-16
IP Source Guard for Static Hosts 21-16
OL-23145-01
Cisco IE 3010 Switch Software Configuration Guide
xix
Contents
Configuring IP Source Guard 21-17
Default IP Source Guard Configuration 21-17
IP Source Guard Configuration Guidelines 21-17
Enabling IP Source Guard 21-18
Configuring IP Source Guard for Static Hosts 21-19
Configuring IP Source Guard for Static Hosts on a Layer 2 Access Port 21-19
Configuring IP Source Guard for Static Hosts on a Private VLAN Host Port 21-24
Displaying IP Source Guard Information 21-26
Understanding DHCP Server Port-Based Address Allocation 21-26
Configuring DHCP Server Port-Based Address Allocation 21-26
Default Port-Based Address Allocation Configuration 21-27
Port-Based Address Allocation Configuration Guidelines 21-27
Enabling DHCP Server Port-Based Address Allocation 21-27
Displaying DHCP Server Port-Based Address Allocation 21-29
CHAPTER
CHAPTER
22 Configuring Dynamic ARP Inspection 22-1
Understanding Dynamic ARP Inspection 22-1
Interface Trust States and Network Security 22-3
Rate Limiting of ARP Packets 22-4
Relative Priority of ARP ACLs and DHCP Snooping Entries 22-4
Logging of Dropped Packets 22-4
Configuring Dynamic ARP Inspection 22-5
Default Dynamic ARP Inspection Configuration 22-5
Dynamic ARP Inspection Configuration Guidelines 22-5
Configuring Dynamic ARP Inspection in DHCP Environments 22-7
Configuring ARP ACLs for Non-DHCP Environments 22-8
Limiting the Rate of Incoming ARP Packets 22-10
Performing Validation Checks 22-11
Configuring the Log Buffer 22-12
Displaying Dynamic ARP Inspection Information 22-14
23 Configuring IGMP Snooping and MVR 23-1
Understanding IGMP Snooping 23-1
IGMP Versions 23-2
Joining a Multicast Group 23-3
Leaving a Multicast Group 23-5
Immediate Leave 23-5
IGMP Configurable-Leave Timer 23-5
IGMP Report Suppression 23-5
xx
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Configuring IGMP Snooping 23-6
Default IGMP Snooping Configuration 23-6
Enabling or Disabling IGMP Snooping 23-7
Setting the Snooping Method 23-8
Configuring a Multicast Router Port 23-9
Configuring a Host Statically to Join a Group 23-10
Enabling IGMP Immediate Leave 23-10
Configuring the IGMP Leave Timer 23-11
Configuring TCN-Related Commands 23-12
Controlling the Multicast Flooding Time After a TCN Event 23-12
Recovering from Flood Mode 23-12
Disabling Multicast Flooding During a TCN Event 23-13
Configuring the IGMP Snooping Querier 23-14
Disabling IGMP Report Suppression 23-15
Displaying IGMP Snooping Information 23-15
Contents
CHAPTER
Understanding Multicast VLAN Registration 23-17
Using MVR in a Multicast Television Application 23-17
Configuring MVR 23-19
Default MVR Configuration 23-19
MVR Configuration Guidelines and Limitations 23-19
Configuring MVR Global Parameters 23-20
Configuring MVR Interfaces 23-21
Displaying MVR Information 23-23
Configuring IGMP Filtering and Throttling 23-23
Default IGMP Filtering and Throttling Configuration 23-24
Configuring IGMP Profiles 23-24
Applying IGMP Profiles 23-26
Setting the Maximum Number of IGMP Groups 23-26
Configuring the IGMP Throttling Action 23-27
Displaying IGMP Filtering and Throttling Configuration 23-28
24 Configuring Port-Based Traffic Control 24-1
Configuring Storm Control 24-1
Understanding Storm Control 24-1
Default Storm Control Configuration 24-3
Configuring Storm Control and Threshold Levels 24-3
OL-23145-01
Configuring Protected Ports 24-5
Default Protected Port Configuration 24-5
Protected Port Configuration Guidelines 24-5
Cisco IE 3010 Switch Software Configuration Guide
xxi
Contents
Configuring a Protected Port 24-6
Configuring Port Blocking 24-6
Default Port Blocking Configuration 24-7
Blocking Flooded Traffic on an Interface 24-7
Configuring Port Security 24-7
Understanding Port Security 24-8
Secure MAC Addresses 24-8
Security Violations 24-9
Default Port Security Configuration 24-10
Port Security Configuration Guidelines 24-10
Enabling and Configuring Port Security 24-12
Enabling and Configuring Port Security Aging 24-16
Port Security and Private VLANs 24-17
Displaying Port-Based Traffic Control Settings 24-18
CHAPTER
CHAPTER
25 Configuring CDP 25-1
Understanding CDP 25-1
Configuring CDP 25-2
Default CDP Configuration 25-2
Configuring the CDP Characteristics 25-3
Disabling and Enabling CDP 25-3
Disabling and Enabling CDP on an Interface 25-4
Monitoring and Maintaining CDP 25-5
26 Configuring LLDP, LLDP-MED, and Wired Location Service 26-1
Understanding LLDP, LLDP-MED, and Wired Location Service 26-1
LLDP-MED 26-2
Wired Location Service 26-3
Configuring LLDP, LLDP-MED, and Wired Location Service 26-4
Default LLDP Configuration 26-4
Configuration Guidelines 26-5
Enabling LLDP 26-5
Configuring LLDP Characteristics 26-6
Configuring LLDP-MED TLVs 26-7
Configuring Network-Policy TLV 26-7
Configuring Location TLV and Wired Location Service 26-9
xxii
Monitoring and Maintaining LLDP, LLDP-MED, and Wired Location Service 26-10
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Contents
CHAPTER
CHAPTER
27 Configuring UDLD 27-1
Understanding UDLD 27-1
Modes of Operation 27-1
Methods to Detect Unidirectional Links 27-2
Configuring UDLD 27-3
Default UDLD Configuration 27-4
Configuration Guidelines 27-4
Enabling UDLD Globally 27-5
Enabling UDLD on an Interface 27-5
Resetting an Interface Disabled by UDLD 27-6
Displaying UDLD Status 27-6
28 Configuring SPAN and RSPAN 28-1
Understanding SPAN and RSPAN 28-1
Local SPAN 28-2
Remote SPAN 28-2
SPAN and RSPAN Concepts and Terminology 28-3
SPAN Sessions 28-3
Monitored Traffic 28-4
Source Ports 28-5
Source VLANs 28-6
VLAN Filtering 28-6
Destination Port 28-7
RSPAN VLAN 28-8
SPAN and RSPAN Interaction with Other Features 28-8
OL-23145-01
Configuring SPAN and RSPAN 28-9
Default SPAN and RSPAN Configuration 28-9
Configuring Local SPAN 28-10
SPAN Configuration Guidelines 28-10
Creating a Local SPAN Session 28-11
Creating a Local SPAN Session and Configuring Incoming Traffic 28-13
Specifying VLANs to Filter 28-14
Configuring RSPAN 28-15
RSPAN Configuration Guidelines 28-15
Configuring a VLAN as an RSPAN VLAN 28-16
Creating an RSPAN Source Session 28-17
Creating an RSPAN Destination Session 28-18
Creating an RSPAN Destination Session and Configuring Incoming Traffic 28-19
Specifying VLANs to Filter 28-21
Cisco IE 3010 Switch Software Configuration Guide
xxiii
Contents
Displaying SPAN and RSPAN Status 28-22
CHAPTER
CHAPTER
29 Configuring RMON 29-1
Understanding RMON 29-1
Configuring RMON 29-2
Default RMON Configuration 29-3
Configuring RMON Alarms and Events 29-3
Collecting Group History Statistics on an Interface 29-5
Collecting Group Ethernet Statistics on an Interface 29-5
Displaying RMON Status 29-6
30 Configuring System Message Logging 30-1
Understanding System Message Logging 30-1
Configuring System Message Logging 30-2
System Log Message Format 30-2
Default System Message Logging Configuration 30-3
Disabling Message Logging 30-4
Setting the Message Display Destination Device 30-5
Synchronizing Log Messages 30-6
Enabling and Disabling Time Stamps on Log Messages 30-7
Enabling and Disabling Sequence Numbers in Log Messages 30-8
Defining the Message Severity Level 30-8
Limiting Syslog Messages Sent to the History Table and to SNMP 30-10
Enabling the Configuration-Change Logger 30-10
Configuring UNIX Syslog Servers 30-11
Logging Messages to a UNIX Syslog Daemon 30-12
Configuring the UNIX System Logging Facility 30-12
CHAPTER
xxiv
Displaying the Logging Configuration 30-13
31 Configuring SNMP 31-1
Understanding SNMP 31-1
SNMP Versions 31-2
SNMP Manager Functions 31-3
SNMP Agent Functions 31-4
SNMP Community Strings 31-4
Using SNMP to Access MIB Variables 31-4
SNMP Notifications 31-5
SNMP ifIndex MIB Object Values 31-5
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Configuring SNMP 31-6
Default SNMP Configuration 31-6
SNMP Configuration Guidelines 31-6
Disabling the SNMP Agent 31-7
Configuring Community Strings 31-8
Configuring SNMP Groups and Users 31-9
Configuring SNMP Notifications 31-11
Setting the CPU Threshold Notification Types and Values 31-15
Setting the Agent Contact and Location Information 31-16
Limiting TFTP Servers Used Through SNMP 31-16
SNMP Examples 31-17
Displaying SNMP Status 31-18
Contents
CHAPTER
32 Configuring Network Security with ACLs 32-1
Understanding ACLs 32-1
Supported ACLs 32-2
Handling Fragmented and Unfragmented Traffic 32-3
Configuring IPv4 ACLs 32-4
Creating Standard and Extended IPv4 ACLs 32-5
Access List Numbers 32-6
ACL Logging 32-6
Creating a Numbered Standard ACL 32-7
Creating a Numbered Extended ACL 32-8
Resequencing ACEs in an ACL 32-12
Creating Named Standard and Extended ACLs 32-12
Using Time Ranges with ACLs 32-14
Including Comments in ACLs 32-16
Applying an IPv4 ACL to a Terminal Line 32-17
Applying an IPv4 ACL to an Interface 32-17
Hardware and Software Treatment of IP ACLs 32-19
Troubleshooting ACLs 32-19
IPv4 ACL Configuration Examples 32-20
Numbered ACLs 32-22
Extended ACLs 32-22
Named ACLs 32-22
Time Range Applied to an IP ACL 32-23
Commented IP ACL Entries 32-23
ACL Logging 32-24
OL-23145-01
Creating Named MAC Extended ACLs 32-25
Cisco IE 3010 Switch Software Configuration Guide
xxv
Contents
Applying a MAC ACL to a Layer 2 Interface 32-26
Displaying IPv4 ACL Configuration 32-28
CHAPTER
33 Configuring QoS 33-1
Understanding QoS 33-1
Basic QoS Model 33-3
Classification 33-4
Classification Based on QoS ACLs 33-7
Classification Based on Class Maps and Policy Maps 33-7
Policing and Marking 33-8
Policing on Physical Ports 33-9
Policing on SVIs 33-10
Mapping Tables 33-12
Queueing and Scheduling Overview 33-13
Weighted Tail Drop 33-13
SRR Shaping and Sharing 33-14
Queueing and Scheduling on Ingress Queues 33-14
Queueing and Scheduling on Egress Queues 33-16
Packet Modification 33-18
Configuring Auto-QoS 33-18
Generated Auto-QoS Configuration 33-19
Effects of Auto-QoS on the Configuration 33-24
Auto-QoS Configuration Guidelines 33-24
Enabling Auto-QoS for VoIP 33-25
Auto-QoS Configuration Example 33-27
xxvi
Displaying Auto-QoS Information 33-28
Configuring Standard QoS 33-29
Default Standard QoS Configuration 33-29
Default Ingress Queue Configuration 33-30
Default Egress Queue Configuration 33-30
Default Mapping Table Configuration 33-31
Standard QoS Configuration Guidelines 33-32
QoS ACL Guidelines 33-32
Applying QoS on Interfaces 33-32
Policing Guidelines 33-33
General QoS Guidelines 33-33
Enabling QoS Globally 33-34
Enabling VLAN-Based QoS on Physical Ports 33-34
Configuring Classification Using Port Trust States 33-35
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Configuring the Trust State on Ports within the QoS Domain 33-35
Configuring the CoS Value for an Interface 33-37
Configuring a Trusted Boundary to Ensure Port Security 33-37
Enabling DSCP Transparency Mode 33-39
Configuring the DSCP Trust State on a Port Bordering Another QoS Domain 33-39
Configuring a QoS Policy 33-41
Classifying Traffic by Using ACLs 33-42
Classifying Traffic by Using Class Maps 33-45
Classifying, Policing, and Marking Traffic on Physical Ports by Using Policy Maps 33-47
Classifying, Policing, and Marking Traffic on SVIs by Using Hierarchical Policy Maps 33-51
Classifying, Policing, and Marking Traffic by Using Aggregate Policers 33-57
Configuring DSCP Maps 33-59
Configuring the CoS-to-DSCP Map 33-59
Configuring the IP-Precedence-to-DSCP Map 33-60
Configuring the Policed-DSCP Map 33-61
Configuring the DSCP-to-CoS Map 33-62
Configuring the DSCP-to-DSCP-Mutation Map 33-63
Configuring Ingress Queue Characteristics 33-65
Mapping DSCP or CoS Values to an Ingress Queue and Setting WTD Thresholds 33-65
Allocating Buffer Space Between the Ingress Queues 33-67
Allocating Bandwidth Between the Ingress Queues 33-67
Configuring the Ingress Priority Queue 33-68
Configuring Egress Queue Characteristics 33-69
Configuration Guidelines 33-70
Allocating Buffer Space to and Setting WTD Thresholds for an Egress Queue-Set 33-70
Mapping DSCP or CoS Values to an Egress Queue and to a Threshold ID 33-72
Configuring SRR Shaped Weights on Egress Queues 33-73
Configuring SRR Shared Weights on Egress Queues 33-74
Configuring the Egress Expedite Queue 33-75
Limiting the Bandwidth on an Egress Interface 33-76
Contents
CHAPTER
OL-23145-01
Displaying Standard QoS Information 33-77
34 Configuring EtherChannels and Link-State Tracking 34-1
Understanding EtherChannels 34-1
EtherChannel Overview 34-2
Port-Channel Interfaces 34-3
Port Aggregation Protocol 34-4
PAgP Modes 34-4
PAgP Interaction with Virtual Switches and Dual-Active Detection 34-5
Cisco IE 3010 Switch Software Configuration Guide
xxvii
Contents
PAgP Interaction with Other Features 34-5
Link Aggregation Control Protocol 34-5
LACP Modes 34-6
LACP Interaction with Other Features 34-6
EtherChannel On Mode 34-6
Load Balancing and Forwarding Methods 34-7
Configuring EtherChannels 34-8
Default EtherChannel Configuration 34-9
EtherChannel Configuration Guidelines 34-9
Configuring Layer 2 EtherChannels 34-10
Configuring EtherChannel Load Balancing 34-13
Configuring the PAgP Learn Method and Priority 34-14
Configuring LACP Hot-Standby Ports 34-15
Configuring the LACP System Priority 34-16
Configuring the LACP Port Priority 34-16
CHAPTER
Displaying EtherChannel, PAgP, and LACP Status 34-17
Understanding Link-State Tracking 34-18
Configuring Link-State Tracking 34-20
Default Link-State Tracking Configuration 34-20
Link-State Tracking Configuration Guidelines 34-21
Configuring Link-State Tracking 34-21
Displaying Link-State Tracking Status 34-22
35 Configuring Cisco IOS IP SLAs Operations 35-1
Understanding Cisco IOS IP SLAs 35-1
Using Cisco IOS IP SLAs to Measure Network Performance 35-3
IP SLAs Responder and IP SLAs Control Protocol 35-4
Response Time Computation for IP SLAs 35-4
IP SLAs Operation Scheduling 35-5
IP SLAs Operation Threshold Monitoring 35-5
Configuring IP SLAs Operations 35-6
Default Configuration 35-6
Configuration Guidelines 35-6
Configuring the IP SLAs Responder 35-7
Analyzing IP Service Levels by Using the UDP Jitter Operation 35-8
Analyzing IP Service Levels by Using the ICMP Echo Operation 35-11
xxviii
Monitoring IP SLAs Operations 35-13
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Contents
CHAPTER
36 Troubleshooting 36-1
Recovering from a Software Failure 36-2
Recovering from a Lost or Forgotten Password 36-3
Recovering from Lost Cluster Member Connectivity 36-4
Preventing Autonegotiation Mismatches 36-4
Troubleshooting Power over Ethernet Switch Ports 36-5
Disabled Port Caused by Power Loss 36-5
Disabled Port Caused by False Link Up 36-5
SFP Module Security and Identification 36-5
Monitoring SFP Module Status 36-6
Using Ping 36-6
Understanding Ping 36-6
Using Layer 2 Traceroute 36-6
Understanding Layer 2 Traceroute 36-7
Usage Guidelines 36-7
Displaying the Physical Path 36-8
Using IP Traceroute 36-8
Understanding IP Traceroute 36-8
Executing IP Traceroute 36-9
Using TDR 36-10
Understanding TDR 36-10
Running TDR and Displaying the Results 36-10
Using Debug Commands 36-11
Enabling Debugging on a Specific Feature 36-11
Enabling All-System Diagnostics 36-12
Redirecting Debug and Error Message Output 36-12
Using the show platform forward Command 36-12
Using the crashinfo Files 36-14
Basic crashinfo Files 36-14
Extended crashinfo Files 36-14
Troubleshooting Tables 36-15
Troubleshooting CPU Utilization 36-15
Possible Symptoms of High CPU Utilization 36-15
Verifying the Problem and Cause 36-15
Troubleshooting Power over Ethernet (PoE) 36-17
OL-23145-01
Cisco IE 3010 Switch Software Configuration Guide
xxix
Contents
APPENDIX
APPENDIX
A Supported MIBs A-1
MIB List A-1
Using FTP to Access the MIB Files A-3
B Working with the Cisco IOS File System, Configuration Files, and Software Images B-1
Working with the Flash File System B-1
Displaying Available File Systems B-1
Detecting an Unsupported SD Flash Memory Card B-2
SD Flash Memory Card LED B-3
Setting the Default File System B-3
Displaying Information about Files on a File System B-4
Changing Directories and Displaying the Working Directory B-4
Creating and Removing Directories B-5
Copying Files B-5
Deleting Files B-6
Creating, Displaying, and Extracting tar Files B-6
Creating a tar File B-7
Displaying the Contents of a tar File B-7
Extracting a tar File B-8
Displaying the Contents of a File B-8
Working with Configuration Files B-9
Guidelines for Creating and Using Configuration Files B-9
Configuration File Types and Location n B-10
Creating a Configuration File By Using a Text Editor B-10
Copying Configuration Files By Using TFTP B-10
Preparing to Download or Upload a Configuration File B y Using TFTP B-10
Downloading the Configuration File By Using TFTP B-11
Uploading the Configuration File By Using TFTP B-12
Copying Configuration Files By Using FTP B-12
Preparing to Download or Upload a Configuration File By Using FTP B-13
Downloading a Configuration File By Using FTP B-13
Uploading a Configuration File By Using FTP B-14
Copying Configuration Files By Using RCP B-15
Preparing to Download or Upload a Configuration File By Using RCP B-16
Downloading a Configuration File By Using RCP B-17
Uploading a Configuration File By Using RCP B-18
Clearing Configuration Information B-18
Clearing the Startup Configuration File B-19
Deleting a Stored Configuration File B-19
xxx
Cisco IE 3010 Switch Software Configuration Guide
OL-23145-01
Loading...