Catalyst 2950 and Catalyst 2955 Switch
Software Configuration Guide
Cisco IOS Release 12.1(22)EA5
July 2005
Corporate Headquarters
Cisco Systems, Inc. 170 West Tasman Drive
San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000
800 553-NETS (6387) Fax: 408 526-4100
Customer Order Number: DOC-7811380=
Text Part Number: 78-11380-12
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R)
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
Copyright © 2001–2005 Cisco Systems, Inc. All rights reserved.
C O N T E N T S
|
|
Preface xxvii |
|
|
|
|
|
|
|
|
|
|
|
|
|
Audience xxvii |
|
|
|
|
|
|
|
|
|
||
|
|
Purpose |
xxvii |
|
|
|
|
|
|
|
|
|
|
|
|
Conventions |
xxviii |
|
|
|
|
|
|
|
|
||
|
|
Related Publications |
xxix |
|
|
|
|
|
|
|
|||
|
|
Obtaining Documentation |
xxix |
|
|
|
|
|
|
||||
|
|
Cisco.com |
|
xxx |
|
|
|
|
|
|
|
|
|
|
|
Product Documentation DVD |
xxx |
|
|
|
|
|
|||||
|
|
Ordering Documentation xxx |
|
|
|
|
|
||||||
|
|
Documentation Feedback |
xxxi |
|
|
|
|
|
|
||||
|
|
Cisco Product Security Overview |
xxxi |
|
|
|
|
|
|||||
|
|
Reporting Security Problems in Cisco Products |
xxxi |
||||||||||
|
|
Obtaining Technical Assistance |
xxxii |
|
|
|
|
|
|||||
|
|
Cisco Technical Support & Documentation Website xxxii |
|||||||||||
|
|
Submitting a Service Request |
xxxiii |
|
|
|
|
|
|||||
|
|
Definitions of Service Request Severity |
xxxiii |
|
|
|
|
||||||
|
|
Obtaining Additional Publications and Information |
xxxiii |
||||||||||
|
Overview |
|
|
|
|
|
|
|
|
|
|
|
|
C H A P T E R 1 |
1-1 |
|
|
|
|
|
|
|
|
|
|
||
|
|
Features |
1-1 |
|
|
|
|
|
|
|
|
|
|
|
|
Ease of Use and Ease of Deployment |
1-2 |
|
|
|
|
||||||
|
|
Performance |
1-3 |
|
|
|
|
|
|
|
|||
|
|
Manageability |
1-4 |
|
|
|
|
|
|
|
|||
|
|
Redundancy |
1-5 |
|
|
|
|
|
|
|
|||
|
|
VLAN Support |
1-6 |
|
|
|
|
|
|
|
|||
|
|
Security |
1-6 |
|
|
|
|
|
|
|
|
||
|
|
Quality of Service and Class of Service |
1-7 |
|
|
|
|
||||||
|
|
Monitoring |
1-8 |
|
|
|
|
|
|
|
|
||
|
|
LRE Features (available only on Catalyst 2950 LRE switches) 1-8 |
|||||||||||
|
|
Management Options |
1-9 |
|
|
|
|
|
|
|
|||
|
|
Management Interface Options 1-9 |
|
|
|
|
|
||||||
|
|
Advantages of Using Network Assistant and Clustering Switches 1-10 |
|||||||||||
|
|
Network Configuration Examples |
1-11 |
|
|
|
|
|
|||||
|
|
Design Concepts for Using the Switch |
1-12 |
|
|
|
|
||||||
|
|
|
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|||
|
|
|
|
|
|
|
|
||||||
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
iii |
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
Small to Medium-Sized Network Configuration |
1-15 |
|
|
Collapsed Backbone and Switch Cluster Configuration |
1-16 |
||
Hotel Network Configuration |
1-17 |
|
|
Service-Provider Central-Office Configuration |
1-20 |
|
|
Large Campus Configuration |
1-21 |
|
|
Multidwelling Network Using Catalyst 2950 Switches |
1-22 |
||
Long-Distance, High-Bandwidth Transport Configuration |
1-24 |
|
|
|
|
|
Where to Go Next |
1-24 |
|
|
|
|
|
|
|
|
|
Using the Command-Line Interface |
|
|
|
|
|
||||||
C H A P T E R 2 |
|
2-1 |
|
|
|
|
|||||||
|
|
|
|
|
Cisco IOS Command Modes |
2-1 |
|
|
|
|
|
||
|
|
|
|
|
Getting Help 2-3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Abbreviating Commands |
2-4 |
|
|
|
|
|
|
|
|
|
|
|
|
Using no and default Forms of Commands |
|
2-4 |
|
|
||||
|
|
|
|
|
Understanding CLI Messages |
2-5 |
|
|
|
|
|
||
|
|
|
|
|
Using Command History |
2-5 |
|
|
|
|
|
|
|
|
|
|
|
|
Changing the Command History Buffer Size |
2-5 |
|
||||||
|
|
|
|
|
Recalling Commands |
2-6 |
|
|
|
|
|
||
|
|
|
|
|
Disabling the Command History Feature |
2-6 |
|
|
|||||
|
|
|
|
|
Using Editing Features |
2-6 |
|
|
|
|
|
|
|
|
|
|
|
|
Enabling and Disabling Editing Features |
2-6 |
|
|
|||||
|
|
|
|
|
Editing Commands through Keystrokes |
2-7 |
|
|
|||||
|
|
|
|
|
Editing Command Lines that Wrap |
2-8 |
|
|
|
||||
|
|
|
|
|
Searching and Filtering Output of show and more Commands 2-9 |
||||||||
|
|
|
|
|
Accessing the CLI |
2-9 |
|
|
|
|
|
|
|
|
|
Configuring Catalyst 2955 Switch Alarms |
|
|
|
||||||||
C H A P T E R 3 |
|
3-1 |
|
|
|||||||||
|
|
|
|
|
Understanding Catalyst 2955 Switch Alarms |
3-1 |
|
|
|||||
|
|
|
|
|
Global Status Monitoring Alarms 3-2 |
|
|
|
|||||
|
|
|
|
|
FCS Error Hysteresis Threshold |
3-2 |
|
|
|
|
|||
|
|
|
|
|
Port Status Monitoring Alarms |
3-3 |
|
|
|
|
|||
|
|
|
|
|
Triggering Alarm Options |
3-3 |
|
|
|
|
|
||
|
|
|
|
|
Configuring Catalyst 2955 Switch Alarms |
3-4 |
|
|
|||||
|
|
|
|
|
Default Catalyst 2955 Switch Alarm Configuration 3-4 |
||||||||
|
|
|
|
|
Configuring the Power Supply Alarm |
3-5 |
|
|
|||||
|
|
|
|
|
Setting the Power Mode |
3-5 |
|
|
|
|
|||
|
|
|
|
|
Setting the Power Supply Alarm Options |
3-5 |
|
||||||
|
|
|
|
|
Configuring the Switch Temperature Alarms |
3-6 |
|
||||||
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
||||||
|
|
|
|
|
|
|
|||||||
|
iv |
|
|
|
|
|
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
Setting a Secondary Temperature Threshold for the Switch 3-6 |
||||||
|
Associating the Temperature Alarms to a Relay |
3-7 |
|||||
|
Configuring the FCS Bit Error Rate Alarm |
3-7 |
|
|
|||
|
Setting the FCS Error Threshold |
3-8 |
|
|
|
||
|
Setting the FCS Error Hysteresis Threshold |
3-8 |
|
||||
|
Configuring Alarm Profiles |
3-9 |
|
|
|
|
|
|
Creating or Modifying an Alarm Profile |
3-9 |
|
|
|||
|
Attaching an Alarm Profile to a Specific Port |
3-10 |
|||||
|
Enabling SNMP Traps 3-11 |
|
|
|
|
|
|
|
Displaying Catalyst 2955 Switch Alarms Status |
3-11 |
|
|
|||
|
Assigning the Switch IP Address and Default Gateway |
|
|||||
C H A P T E R 4 |
4-1 |
||||||
|
Understanding the Boot Process |
4-1 |
|
|
|
|
|
|
Assigning Switch Information |
4-2 |
|
|
|
|
|
|
Default Switch Information |
4-3 |
|
|
|
|
|
|
Understanding DHCP-Based Autoconfiguration |
4-3 |
|
||||
|
DHCP Client Request Process |
4-4 |
|
|
|
||
|
Configuring DHCP-Based Autoconfiguration |
4-5 |
|
|
|||
|
DHCP Server Configuration Guidelines |
4-5 |
|
|
|||
|
Configuring the TFTP Server |
4-6 |
|
|
|
|
|
|
Configuring the DNS |
4-6 |
|
|
|
|
|
|
Configuring the Relay Device |
4-7 |
|
|
|
||
|
Obtaining Configuration Files |
4-8 |
|
|
|
||
|
Example Configuration |
4-9 |
|
|
|
|
|
|
Manually Assigning IP Information |
4-10 |
|
|
|
||
|
Checking and Saving the Running Configuration |
4-11 |
|
||||
|
Modifying the Startup Configuration 4-11 |
|
|
|
|
||
|
Default Boot Configuration |
4-12 |
|
|
|
|
|
|
Automatically Downloading a Configuration File |
4-12 |
|
||||
|
Specifying the Filename to Read and Write the System Configuration 4-12 |
||||||
|
Booting Manually 4-13 |
|
|
|
|
|
|
|
Booting a Specific Software Image |
4-13 |
|
|
|
||
|
Controlling Environment Variables |
4-14 |
|
|
|
||
|
Scheduling a Reload of the Software Image |
4-16 |
|
|
|||
|
Configuring a Scheduled Reload |
4-16 |
|
|
|
|
|
|
Displaying Scheduled Reload Information |
4-17 |
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
|
78-11380-12 |
v |
|
Contents
C H A P T E R 5 |
Configuring IE2100 CNS Agents |
5-1 |
|
|
Understanding IE2100 Series Configuration Registrar Software 5-1 |
||
|
CNS Configuration Service |
5-2 |
|
|
CNS Event Service 5-3 |
|
|
|
NameSpace Mapper |
5-3 |
|
|
What You Should Know About ConfigID, DeviceID, and Host Name 5-3 |
||
|
ConfigID |
5-3 |
|
|
DeviceID |
5-4 |
|
|
|
|
|
|
Host Name and DeviceID |
5-4 |
|
|
|
|
|
|||
|
|
|
|
|
Using Host Name, DeviceID, and ConfigID 5-4 |
|
|
|||||||
|
|
|
|
|
Understanding CNS Embedded Agents |
5-5 |
|
|
|
|||||
|
|
|
|
|
Initial Configuration |
5-5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Incremental (Partial) Configuration |
5-6 |
|
|
|
|||||
|
|
|
|
|
Synchronized Configuration |
5-6 |
|
|
|
|
|
|||
|
|
|
|
|
Configuring CNS Embedded Agents |
5-6 |
|
|
|
|
|
|||
|
|
|
|
|
Enabling Automated CNS Configuration |
5-6 |
|
|
||||||
|
|
|
|
|
Enabling the CNS Event Agent |
5-8 |
|
|
|
|
|
|||
|
|
|
|
|
Enabling the CNS Configuration Agent |
5-9 |
|
|
||||||
|
|
|
|
|
Enabling an Initial Configuration |
|
5-9 |
|
|
|
||||
|
|
|
|
|
Enabling a Partial Configuration |
|
5-12 |
|
|
|||||
|
|
|
|
|
Displaying CNS Configuration |
5-12 |
|
|
|
|
|
|
||
|
|
Clustering Switches |
|
|
|
|
|
|
|
|
|
|||
C H A P T E R 6 |
|
6-1 |
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
Understanding Switch Clusters |
6-1 |
|
|
|
|
|
|
||
|
|
|
|
|
Clustering Overview |
6-1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Cluster Command Switch Characteristics |
6-2 |
|
|
||||||
|
|
|
|
|
Standby Command Switch Characteristics |
6-2 |
|
|
||||||
|
|
|
|
|
Candidate Switch and Member Switch Characteristics |
6-3 |
|
|||||||
|
|
|
|
|
Using the CLI to Manage Switch Clusters |
|
6-4 |
|
|
|
||||
|
|
|
|
|
Catalyst 1900 and Catalyst 2820 CLI Considerations |
6-4 |
|
|||||||
|
|
|
|
|
Using SNMP to Manage Switch Clusters |
|
6-4 |
|
|
|
||||
|
|
Administering the Switch |
|
|
|
|
|
|
|
|
||||
C H A P T E R 7 |
|
7-1 |
|
|
|
|
|
|
|
|||||
|
|
|
|
|
Managing the System Time and Date |
7-1 |
|
|
|
|
||||
|
|
|
|
|
Understanding the System Clock |
7-1 |
|
|
|
|
||||
|
|
|
|
|
Understanding Network Time Protocol |
7-2 |
|
|
||||||
|
|
|
|
|
Configuring NTP |
7-3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default NTP Configuration |
7-4 |
|
|
|
|
|
|||
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
||||||
|
|
|
|
|
|
|
|
|||||||
|
vi |
|
|
|
|
|
|
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
|
Configuring NTP Authentication |
7-4 |
|
|
|
|
|
|
|
|||
|
|
Configuring NTP Associations |
7-5 |
|
|
|
|
|
|
|
|||
|
|
Configuring NTP Broadcast Service |
7-6 |
|
|
|
|
|
|
||||
|
|
Configuring NTP Access Restrictions |
7-8 |
|
|
|
|
|
|||||
|
|
Configuring the Source IP Address for NTP Packets |
7-10 |
|
|
|
|||||||
|
|
Displaying the NTP Configuration |
7-11 |
|
|
|
|
|
|
||||
|
|
Configuring Time and Date Manually |
7-11 |
|
|
|
|
|
|
||||
|
|
Setting the System Clock |
7-11 |
|
|
|
|
|
|
|
|
||
|
|
Displaying the Time and Date Configuration |
7-12 |
|
|
|
|
||||||
|
|
Configuring the Time Zone |
7-12 |
|
|
|
|
|
|
|
|
||
|
|
Configuring Summer Time (Daylight Saving Time) |
7-13 |
|
|
|
|||||||
|
|
Configuring a System Name and Prompt |
7-14 |
|
|
|
|
|
|
|
|||
|
|
Default System Name and Prompt Configuration |
7-15 |
|
|
|
|
||||||
|
|
Configuring a System Name |
7-15 |
|
|
|
|
|
|
|
|
||
|
|
Understanding DNS |
7-15 |
|
|
|
|
|
|
|
|
|
|
|
|
Default DNS Configuration |
7-16 |
|
|
|
|
|
|
|
|
||
|
|
Setting Up DNS |
7-16 |
|
|
|
|
|
|
|
|
|
|
|
|
Displaying the DNS Configuration |
7-17 |
|
|
|
|
|
|
||||
|
|
Creating a Banner 7-17 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default Banner Configuration |
7-17 |
|
|
|
|
|
|
|
|
||
|
|
Configuring a Message-of-the-Day Login Banner |
7-18 |
|
|
|
|
||||||
|
|
Configuring a Login Banner |
7-19 |
|
|
|
|
|
|
|
|
|
|
|
|
Managing the MAC Address Table 7-19 |
|
|
|
|
|
|
|
|
|||
|
|
Building the Address Table |
7-20 |
|
|
|
|
|
|
|
|
|
|
|
|
MAC Addresses and VLANs |
7-20 |
|
|
|
|
|
|
|
|
||
|
|
Default MAC Address Table Configuration |
7-21 |
|
|
|
|
|
|||||
|
|
Changing the Address Aging Time |
7-21 |
|
|
|
|
|
|
|
|||
|
|
Removing Dynamic Address Entries |
7-21 |
|
|
|
|
|
|
|
|||
|
|
Configuring MAC Address Notification Traps |
7-22 |
|
|
|
|
||||||
|
|
Adding and Removing Static Address Entries |
7-24 |
|
|
|
|
||||||
|
|
Configuring Unicast MAC Address Filtering |
7-25 |
|
|
|
|
|
|||||
|
|
Displaying Address Table Entries |
7-26 |
|
|
|
|
|
|
|
|||
|
|
Managing the ARP Table |
7-26 |
|
|
|
|
|
|
|
|
|
|
|
Configuring Switch-Based Authentication |
|
|
|
|
|
|
|
|||||
C H A P T E R 8 |
8-1 |
|
|
|
|
|
|
||||||
|
|
Preventing Unauthorized Access to Your Switch |
8-1 |
|
|
|
|
|
|||||
|
|
Protecting Access to Privileged EXEC Commands |
8-2 |
|
|
|
|
|
|||||
|
|
Default Password and Privilege Level Configuration |
8-2 |
|
|
|
|||||||
|
|
Setting or Changing a Static Enable Password |
8-3 |
|
|
|
|
||||||
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|||||||
|
|
|
|
||||||||||
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
vii |
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
|
|
Protecting Enable and Enable Secret Passwords with Encryption |
8-4 |
|
|
||||||||
|
|
|
Disabling Password Recovery |
8-5 |
|
|
|
|
|
|
|
|||
|
|
|
Setting a Telnet Password for a Terminal Line |
8-6 |
|
|
|
|||||||
|
|
|
Configuring Username and Password Pairs |
8-7 |
|
|
|
|
||||||
|
|
|
Configuring Multiple Privilege Levels |
8-8 |
|
|
|
|
|
|||||
|
|
|
Setting the Privilege Level for a Command |
8-8 |
|
|
|
|||||||
|
|
|
Changing the Default Privilege Level for Lines 8-9 |
|
|
|
||||||||
|
|
|
Logging into and Exiting a Privilege Level |
8-10 |
|
|
|
|||||||
|
|
|
Controlling Switch Access with TACACS+ |
8-10 |
|
|
|
|
||||||
|
|
|
Understanding TACACS+ |
8-10 |
|
|
|
|
|
|
|
|
||
|
|
|
TACACS+ Operation |
8-12 |
|
|
|
|
|
|
|
|
||
|
|
|
Configuring TACACS+ |
|
8-12 |
|
|
|
|
|
|
|
|
|
|
|
|
Default TACACS+ Configuration |
8-13 |
|
|
|
|
|
|||||
|
|
|
Identifying the TACACS+ Server Host and Setting the Authentication Key 8-13 |
|
|
|||||||||
|
|
|
Configuring TACACS+ Login Authentication |
8-14 |
|
|
|
|||||||
|
|
|
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services |
8-16 |
|
|||||||||
|
|
|
Starting TACACS+ Accounting |
|
8-17 |
|
|
|
|
|
||||
|
|
|
Displaying the TACACS+ Configuration 8-17 |
|
|
|
|
|||||||
|
|
|
Controlling Switch Access with RADIUS |
|
8-17 |
|
|
|
|
|
||||
|
|
|
Understanding RADIUS |
8-18 |
|
|
|
|
|
|
|
|
||
|
|
|
RADIUS Operation |
8-19 |
|
|
|
|
|
|
|
|
||
|
|
|
Configuring RADIUS |
8-20 |
|
|
|
|
|
|
|
|
||
|
|
|
Default RADIUS Configuration |
|
8-20 |
|
|
|
|
|
||||
|
|
|
Identifying the RADIUS Server Host |
8-20 |
|
|
|
|
||||||
|
|
|
Configuring RADIUS Login Authentication |
8-23 |
|
|
|
|||||||
|
|
|
Defining AAA Server Groups |
8-25 |
|
|
|
|
|
|||||
|
|
|
Configuring RADIUS Authorization for User Privileged Access and Network Services |
8-27 |
|
|||||||||
|
|
|
Starting RADIUS Accounting |
8-28 |
|
|
|
|
|
|||||
|
|
|
Configuring Settings for All RADIUS Servers |
8-29 |
|
|
|
|||||||
|
|
|
Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29 |
|
|
|||||||||
|
|
|
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-30 |
|
|
|||||||||
|
|
|
Displaying the RADIUS Configuration |
8-31 |
|
|
|
|
||||||
|
|
|
Configuring the Switch for Local Authentication and Authorization |
8-32 |
|
|
||||||||
|
|
|
Configuring the Switch for Secure Shell |
|
8-33 |
|
|
|
|
|
||||
|
|
|
Understanding SSH |
8-33 |
|
|
|
|
|
|
|
|
||
|
|
|
SSH Servers, Integrated Clients, and Supported Versions |
8-33 |
|
|
||||||||
|
|
|
Limitations |
8-34 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuring SSH |
8-34 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuration Guidelines |
8-34 |
|
|
|
|
|
|
||||
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|
||||||
|
|
|
|
|
|
|
|
|||||||
|
viii |
|
|
|
|
|
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
Cryptographic Software Image Guidelines 8-35
Setting Up the Switch to Run SSH
Configuring the SSH Server 8-36
|
Displaying the SSH Configuration and Status |
8-37 |
|
|
|
||||
|
Configuring the Switch for Secure Copy Protocol |
8-37 |
|
|
|
||||
|
Configuring IEEE 802.1x Port-Based Authentication 9-1 |
|
|
||||||
C H A P T E R 9 |
|
|
|||||||
|
Understanding IEEE 802.1x Port-Based Authentication |
9-1 |
|
|
|||||
|
Device Roles 9-2 |
|
|
|
|
|
|
|
|
|
Authentication Initiation and Message Exchange |
9-3 |
|
|
|||||
|
Ports in Authorized and Unauthorized States |
9-4 |
|
|
|
||||
|
IEEE 802.1x Accounting |
9-5 |
|
|
|
|
|
|
|
|
IEEE 802.1x Accounting Attribute-Value Pairs |
9-5 |
|
|
|
||||
|
IEEE 802.1x Host Mode |
9-6 |
|
|
|
|
|
|
|
|
Using IEEE 802.1x with Port Security |
|
9-7 |
|
|
|
|
|
|
|
Using IEEE 802.1x with Voice VLAN Ports |
9-8 |
|
|
|
||||
|
Using IEEE 802.1x with VLAN Assignment |
9-8 |
|
|
|
||||
|
Using IEEE 802.1x with Guest VLAN |
|
9-9 |
|
|
|
|
|
|
|
Using IEEE 802.1x with Wake-on-LAN |
9-10 |
|
|
|
|
|||
|
Unidirectional State |
9-10 |
|
|
|
|
|
|
|
|
Bidirectional State |
9-10 |
|
|
|
|
|
|
|
|
Configuring IEEE 802.1x Authentication |
9-11 |
|
|
|
|
|
||
|
Default IEEE 802.1x Configuration |
9-11 |
|
|
|
|
|
||
|
IEEE 802.1x Configuration Guidelines |
9-12 |
|
|
|
|
|||
|
Upgrading from a Previous Software Release |
9-13 |
|
|
|||||
|
Enabling IEEE 802.1x Authentication |
|
9-14 |
|
|
|
|
||
|
Configuring the Switch-to-RADIUS-Server Communication |
9-15 |
|||||||
|
Configuring IEEE 802.1x Authentication Using a RADIUS Server |
9-16 |
|||||||
|
Enabling Periodic Re-Authentication |
|
9-17 |
|
|
|
|
||
|
Manually Re-Authenticating a Client Connected to a Port |
9-18 |
|
||||||
|
Changing the Quiet Period |
9-18 |
|
|
|
|
|
|
|
|
Changing the Switch-to-Client Retransmission Time |
9-19 |
|
|
|||||
|
Setting the Switch-to-Client Frame-Retransmission Number |
9-19 |
|||||||
|
Configuring the Host Mode 9-20 |
|
|
|
|
|
|
|
|
|
Configuring a Guest VLAN |
9-21 |
|
|
|
|
|
|
|
|
Resetting the IEEE 802.1x Configuration to the Default Values |
9-22 |
|||||||
|
Configuring IEEE 802.1x Authentication |
9-23 |
|
|
|
|
|||
|
Configuring IEEE 802.1x Accounting |
|
9-24 |
|
|
|
|
|
Displaying IEEE 802.1x Statistics and Status |
9-25 |
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|
|||||
|
78-11380-12 |
|
|
ix |
|
|
|
|
|
Contents
C H A P T E R 10 |
Configuring Interface Characteristics |
10-1 |
|
|
|
|||
|
Understanding Interface Types |
10-1 |
|
|
|
|
||
|
Access Ports |
10-2 |
|
|
|
|
|
|
|
Trunk Ports |
10-2 |
|
|
|
|
|
|
|
Port-Based VLANs 10-3 |
|
|
|
|
|
|
|
|
EtherChannel Port Groups |
10-3 |
|
|
|
|
||
|
Connecting Interfaces 10-4 |
|
|
|
|
|
|
|
|
Using the Interface Command 10-4 |
|
|
|
|
|||
|
Procedures for Configuring Interfaces |
10-5 |
|
|
||||
|
Configuring a Range of Interfaces |
10-6 |
|
|
||||
|
Configuring and Using Interface-Range Macros |
10-7 |
||||||
|
Configuring Ethernet Interfaces |
10-9 |
|
|
|
|
||
|
Default Ethernet Interface Configuration |
10-9 |
|
|||||
|
Configuring Interface Speed and Duplex Mode |
10-10 |
||||||
|
Configuration Guidelines |
10-11 |
|
|
|
|||
|
Setting the Interface Speed and Duplex Parameters on a Non-LRE Switch Port 10-12 |
|||||||
|
Setting the Interface Speed and Duplex Parameters on an LRE Switch Port 10-13 |
|||||||
|
Configuring Media Types for Gigabit Ethernet Interfaces on LRE Switches 10-13 |
|||||||
|
Configuring IEEE 802.3z Flow Control on Gigabit Ethernet Ports 10-13 |
|||||||
|
Adding a Description for an Interface 10-15 |
|
|
|||||
|
Configuring Loopback Detection |
10-15 |
|
|
|
|||
|
Monitoring and Maintaining the Interfaces |
10-16 |
|
|||||
|
Monitoring Interface and Controller Status |
10-16 |
||||||
|
Clearing and Resetting Interfaces and Counters |
10-17 |
||||||
|
Shutting Down and Restarting the Interface |
10-17 |
||||||
|
Configuring Smartports Macros |
|
|
|
|
|
||
C H A P T E R 11 |
11-1 |
|
|
|
|
|||
|
Understanding Smartports Macros |
11-1 |
|
|
|
|||
|
Configuring Smartports Macros |
|
11-2 |
|
|
|
|
|
|
Default Smartports Macro Configuration |
11-2 |
|
|||||
|
Smartports Macro Configuration Guidelines |
11-3 |
||||||
|
Creating Smartports Macros |
|
11-4 |
|
|
|
||
|
Applying Smartports Macros |
|
11-5 |
|
|
|
||
|
Applying Cisco-Default Smartports Macros |
11-6 |
||||||
|
Displaying Smartports Macros |
11-8 |
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
|
x |
78-11380-12 |
|
|
|
Contents
C H A P T E R 12 |
Configuring LRE 12-1 |
|
|
|
|
|
Understanding LRE Features |
12-1 |
|
|
|
|
Ports on the Catalyst 2950 LRE Switches |
12-1 |
|||
|
LRE Links and LRE Profiles |
12-2 |
|
|
|
|
LRE Profiles |
12-2 |
|
|
|
|
LRE Sequences 12-5 |
|
|
||
|
CPE Ethernet Links |
12-6 |
|
|
|
|
LRE Link Monitor |
12-7 |
|
|
|
|
LRE Message Logging Process |
12-8 |
|
||
|
Configuring LRE Ports |
12-8 |
|
|
|
|
Default LRE Configuration |
12-9 |
|
|
|
|
Environmental Guidelines for LRE Links |
12-9 |
|||
|
Guidelines for Using LRE Profiles |
12-10 |
|
||
|
CPE Ethernet Link Guidelines 12-11 |
|
Guidelines for Configuring Cisco 575 LRE CPEs and 576 LRE 997 CPEs 12-11
|
Guidelines for Configuring Cisco 585 LRE CPEs |
12-12 |
|
|
|
||||||
|
Assigning a Global Profile to All LRE Ports |
12-12 |
|
|
|
|
|||||
|
Assigning a Profile to a Specific LRE Port |
12-13 |
|
|
|
|
|||||
|
Assigning a Global Sequence to All LRE Ports |
12-13 |
|
|
|
|
|||||
|
Assigning a Sequence to a Specific LRE Port |
12-14 |
|
|
|
|
|||||
|
Using Rate Selection to Automatically Assign Profiles |
12-14 |
|
|
|
||||||
|
Precedence |
12-15 |
|
|
|
|
|
|
|
|
|
|
Profile Locking |
12-15 |
|
|
|
|
|
|
|
|
|
|
Link Qualification and SNR Margins |
12-16 |
|
|
|
|
|||||
|
Configuring LRE Link Persistence |
12-19 |
|
|
|
|
|
|
|||
|
Configuring LRE Link Monitor 12-20 |
|
|
|
|
|
|
||||
|
Configuring LRE Interleave |
12-20 |
|
|
|
|
|
|
|
||
|
Configuring Upstream Power Back-Off 12-21 |
|
|
|
|
|
|||||
|
Configuring CPE Toggle |
12-22 |
|
|
|
|
|
|
|
||
|
Configuring Syslog Export |
12-23 |
|
|
|
|
|
|
|
||
|
Upgrading LRE Switch Firmware |
12-24 |
|
|
|
|
|
|
|||
|
Configuring for an LRE Upgrade |
12-24 |
|
|
|
|
|
|
|||
|
Performing an LRE Upgrade |
12-25 |
|
|
|
|
|
|
|||
|
Global Configuration of LRE Upgrades |
12-25 |
|
|
|
|
|||||
|
Controller Configuration of LRE Upgrades |
12-25 |
|
|
|
|
|||||
|
LRE Upgrade Details |
12-26 |
|
|
|
|
|
|
|
|
|
|
LRE Upgrade Example |
12-27 |
|
|
|
|
|
|
|
||
|
Displaying LRE Status |
12-27 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
||||
|
|
|
|
|
|||||||
|
78-11380-12 |
|
|
|
|
|
|
|
|
xi |
|
|
|
|
|
|
|
|
|
|
|
Contents
C H A P T E R 13 |
Configuring STP 13-1 |
|
|
|
Understanding Spanning-Tree Features |
13-1 |
|
|
STP Overview 13-2 |
|
|
|
Spanning-Tree Topology and BPDUs |
13-2 |
|
|
Bridge ID, Switch Priority, and Extended System ID 13-3 |
||
|
Spanning-Tree Interface States 13-4 |
||
|
Blocking State |
13-6 |
|
|
Listening State |
13-6 |
|
|
Learning State |
13-6 |
|
|
Forwarding State |
13-6 |
|
|
Disabled State |
13-7 |
|
How a Switch or Port Becomes the Root Switch or Root Port |
13-7 |
|||||
Spanning Tree and Redundant Connectivity |
13-8 |
|
|
|||
Spanning-Tree Address Management |
13-8 |
|
|
|||
Accelerated Aging to Retain Connectivity |
13-8 |
|
|
|||
Spanning-Tree Modes and Protocols |
13-9 |
|
|
|||
Supported Spanning-Tree Instances |
13-9 |
|
|
|
||
Spanning-Tree Interoperability and Backward Compatibility |
13-10 |
|||||
STP and IEEE 802.1Q Trunks |
13-10 |
|
|
|
|
|
Configuring Spanning-Tree Features |
13-11 |
|
|
|
||
Default Spanning-Tree Configuration |
13-11 |
|
|
|||
Spanning-Tree Configuration Guidelines |
13-12 |
|
|
|||
Changing the Spanning-Tree Mode |
13-13 |
|
|
|
||
Disabling Spanning Tree 13-14 |
|
|
|
|
|
|
Configuring the Root Switch |
13-14 |
|
|
|
|
|
Configuring a Secondary Root Switch |
13-16 |
|
|
|||
Configuring the Port Priority |
13-17 |
|
|
|
|
|
Configuring the Path Cost |
13-18 |
|
|
|
|
|
Configuring the Switch Priority of a VLAN |
13-20 |
|
|
|||
Configuring Spanning-Tree Timers |
13-20 |
|
|
|
||
Configuring the Hello Time |
13-21 |
|
|
|
||
Configuring the Forwarding-Delay Time for a VLAN |
13-22 |
|||||
Configuring the Maximum-Aging Time for a VLAN |
13-22 |
|
||||
Configuring Spanning Tree for Use in a Cascaded Stack |
13-23 |
|||||
Displaying the Spanning-Tree Status |
13-24 |
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
|
xii |
78-11380-12 |
|
|
|
Contents
C H A P T E R 14 |
Configuring MSTP |
14-1 |
|
|
|
|
|
|
|
Understanding MSTP |
14-2 |
|
|
|
|
|
|
|
Multiple Spanning-Tree Regions |
14-2 |
|
|
||||
|
IST, CIST, and CST |
14-3 |
|
|
|
|
|
|
|
Operations Within an MST Region |
14-3 |
||||||
|
Operations Between MST Regions |
14-4 |
||||||
|
Hop Count |
14-5 |
|
|
|
|
|
|
|
Boundary Ports 14-5 |
|
|
|
|
|
||
|
Interoperability with IEEE 802.1D STP |
14-5 |
|
|||||
|
Understanding RSTP |
14-6 |
|
|
|
|
|
|
|
Port Roles and the Active Topology 14-6 |
|
||||||
|
Rapid Convergence 14-7 |
|
|
|
|
|
||
|
Synchronization of Port Roles |
|
14-8 |
|
|
|||
|
Bridge Protocol Data Unit Format and Processing 14-9 |
|||||||
|
Processing Superior BPDU Information |
14-10 |
||||||
|
Processing Inferior BPDU Information |
14-10 |
||||||
|
Topology Changes |
14-10 |
|
|
|
|
|
|
|
Configuring MSTP Features 14-11 |
|
|
|
|
|||
|
Default MSTP Configuration |
|
14-12 |
|
|
|||
|
MSTP Configuration Guidelines |
14-12 |
|
|
||||
|
Specifying the MST Region Configuration and Enabling MSTP 14-13 |
|||||||
|
Configuring the Root Switch |
|
14-14 |
|
|
|||
|
Configuring a Secondary Root Switch |
14-16 |
||||||
|
Configuring the Port Priority |
|
14-17 |
|
|
|||
|
Configuring the Path Cost |
14-18 |
|
|
||||
|
Configuring the Switch Priority |
|
14-19 |
|
|
|||
|
Configuring the Hello Time |
14-19 |
|
|
||||
|
Configuring the Forwarding-Delay Time |
14-20 |
||||||
|
Configuring the Maximum-Aging Time |
14-21 |
||||||
|
Configuring the Maximum-Hop Count |
14-21 |
|
|
Specifying the Link Type to Ensure Rapid Transitions 14-22 |
|||||
|
|
Restarting the Protocol Migration Process |
14-22 |
|
|
|
|
|
|
Displaying the MST Configuration and Status |
14-23 |
|
|
|
|
|
Configuring Optional Spanning-Tree Features |
|
|
|
|
||
C H A P T E R 15 |
15-1 |
|
|
|
|||
|
|
Understanding Optional Spanning-Tree Features |
15-1 |
|
|
|
|
|
|
Understanding Port Fast 15-2 |
|
|
|
|
|
|
|
Understanding BPDU Guard |
15-2 |
|
|
|
|
|
|
Understanding BPDU Filtering |
15-3 |
|
|
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
||
|
|
|
|||||
|
78-11380-12 |
|
|
|
|
xiii |
|
|
|
|
|
|
|
Contents
|
|
|
|
Understanding UplinkFast |
15-3 |
|
|
|
|
|
|||
|
|
|
|
Understanding Cross-Stack UplinkFast |
15-5 |
|
|
|
|||||
|
|
|
|
How CSUF Works |
15-6 |
|
|
|
|
|
|
||
|
|
|
|
Events that Cause Fast Convergence |
15-7 |
|
|
|
|||||
|
|
|
|
Limitations |
15-8 |
|
|
|
|
|
|
|
|
|
|
|
|
Connecting the Stack Ports |
15-8 |
|
|
|
|
||||
|
|
|
|
Understanding BackboneFast |
15-9 |
|
|
|
|
|
|||
|
|
|
|
Understanding EtherChannel Guard |
15-12 |
|
|
|
|||||
|
|
|
|
Understanding Root Guard |
15-12 |
|
|
|
|
|
|||
|
|
|
|
Understanding Loop Guard |
15-13 |
|
|
|
|
|
|||
|
|
|
|
Configuring Optional Spanning-Tree Features |
15-13 |
|
|
||||||
|
|
|
|
Default Optional Spanning-Tree Configuration |
15-14 |
|
|||||||
|
|
|
|
Optional Spanning-Tree Configuration Guidelines |
15-14 |
|
|||||||
|
|
|
|
Enabling Port Fast |
15-14 |
|
|
|
|
|
|
|
|
|
|
|
|
Enabling BPDU Guard |
15-15 |
|
|
|
|
|
|
||
|
|
|
|
Enabling BPDU Filtering 15-16 |
|
|
|
|
|
|
|||
|
|
|
|
Enabling UplinkFast for Use with Redundant Links |
15-17 |
|
|||||||
|
|
|
|
Enabling Cross-Stack UplinkFast |
15-18 |
|
|
|
|
||||
|
|
|
|
Enabling BackboneFast |
15-19 |
|
|
|
|
|
|
||
|
|
|
|
Enabling EtherChannel Guard |
15-20 |
|
|
|
|
|
|||
|
|
|
|
Enabling Root Guard |
15-21 |
|
|
|
|
|
|
|
|
|
|
|
|
Enabling Loop Guard |
15-21 |
|
|
|
|
|
|
|
|
|
|
|
|
Displaying the Spanning-Tree Status |
15-22 |
|
|
|
|
||||
|
Configuring VLANs 16-1 |
|
|
|
|
|
|
|
|
||||
C H A P T E R 16 |
|
|
|
|
|
|
|
|
|||||
|
|
|
|
Understanding VLANs |
16-1 |
|
|
|
|
|
|
|
|
|
|
|
|
Supported VLANs |
16-2 |
|
|
|
|
|
|
|
|
|
|
|
|
VLAN Port Membership Modes |
16-3 |
|
|
|
|
||||
|
|
|
|
Configuring Normal-Range VLANs |
16-4 |
|
|
|
|
|
|||
|
|
|
|
Token Ring VLANs |
16-5 |
|
|
|
|
|
|
|
|
|
|
|
|
Normal-Range VLAN Configuration Guidelines |
16-5 |
|
|||||||
|
|
|
|
VLAN Configuration Mode Options |
16-6 |
|
|
|
|||||
|
|
|
|
VLAN Configuration in config-vlan Mode |
16-6 |
|
|
||||||
|
|
|
|
VLAN Configuration in VLAN Configuration Mode 16-6 |
|||||||||
|
|
|
|
Saving VLAN Configuration |
16-7 |
|
|
|
|
|
|||
|
|
|
|
Default Ethernet VLAN Configuration |
16-7 |
|
|
|
|||||
|
|
|
|
Creating or Modifying an Ethernet VLAN |
16-8 |
|
|
|
|||||
|
|
|
|
Deleting a VLAN |
16-10 |
|
|
|
|
|
|
|
|
|
|
|
|
Assigning Static-Access Ports to a VLAN |
16-11 |
|
|
||||||
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
||||||
|
|
|
|
|
|
|
|||||||
|
xiv |
|
|
|
|
|
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
Configuring Extended-Range VLANs |
16-11 |
|
|
|
|
|||
Default VLAN Configuration 16-12 |
|
|
|
|
|
|||
Extended-Range VLAN Configuration Guidelines |
16-12 |
|
||||||
Creating an Extended-Range VLAN |
16-13 |
|
|
|
||||
Displaying VLANs |
16-14 |
|
|
|
|
|
|
|
Configuring VLAN Trunks |
16-14 |
|
|
|
|
|
|
|
Trunking Overview |
16-14 |
|
|
|
|
|
|
|
IEEE 802.1Q Configuration Considerations |
16-16 |
|
||||||
Default Layer 2 Ethernet Interface VLAN Configuration |
16-17 |
|||||||
Configuring an Ethernet Interface as a Trunk Port |
16-17 |
|
||||||
Interaction with Other Features |
16-17 |
|
|
|
||||
Configuring a Trunk Port |
16-18 |
|
|
|
|
|
||
Defining the Allowed VLANs on a Trunk |
16-19 |
|
||||||
Changing the Pruning-Eligible List |
16-20 |
|
|
|||||
Configuring the Native VLAN for Untagged Traffic |
16-20 |
|||||||
Load Sharing Using STP 16-21 |
|
|
|
|
|
|||
Load Sharing Using STP Port Priorities |
16-21 |
|
||||||
Load Sharing Using STP Path Cost |
16-23 |
|
|
|||||
Configuring VMPS |
16-24 |
|
|
|
|
|
|
|
Understanding VMPS |
16-25 |
|
|
|
|
|
|
|
Dynamic Port VLAN Membership |
|
16-25 |
|
|
|
|||
VMPS Database Configuration File |
16-26 |
|
|
|||||
Default VMPS Client Configuration |
16-26 |
|
|
|
||||
VMPS Configuration Guidelines |
16-26 |
|
|
|
|
|||
Configuring the VMPS Client |
16-27 |
|
|
|
|
|
Entering the IP Address of the VMPS |
16-27 |
Configuring Dynamic Access Ports on VMPS Clients 16-28 |
|
Reconfirming VLAN Memberships 16-28 |
|
Changing the Reconfirmation Interval |
16-29 |
Changing the Retry Count 16-29 |
|
|
Monitoring the VMPS 16-30 |
||
|
Troubleshooting Dynamic Port VLAN Membership 16-30 |
||
|
VMPS Configuration Example 16-31 |
||
|
Configuring VTP |
|
|
C H A P T E R 17 |
17-1 |
|
|
|
Understanding VTP |
17-1 |
|
|
The VTP Domain |
17-2 |
|
|
VTP Modes |
17-3 |
|
VTP Advertisements |
17-3 |
|
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|
|
|||
|
78-11380-12 |
|
|
xv |
|
|
|
|
|
Contents
|
|
|
|
VTP Version 2 |
17-4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
VTP Pruning |
17-4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuring VTP |
17-6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default VTP Configuration |
17-6 |
|
|
|
|
|
||||
|
|
|
|
VTP Configuration Options |
17-7 |
|
|
|
|
|
||||
|
|
|
|
VTP Configuration in Global Configuration Mode |
17-7 |
|
|
|||||||
|
|
|
|
VTP Configuration in VLAN Configuration Mode |
17-7 |
|
|
|||||||
|
|
|
|
VTP Configuration Guidelines 17-8 |
|
|
|
|
||||||
|
|
|
|
Domain Names |
17-8 |
|
|
|
|
|
|
|||
|
|
|
|
Passwords |
17-8 |
|
|
|
|
|
|
|
||
|
|
|
|
Upgrading from Previous Software Releases 17-8 |
|
|
||||||||
|
|
|
|
VTP Version |
17-9 |
|
|
|
|
|
|
|
||
|
|
|
|
Configuration Requirements |
17-9 |
|
|
|
|
|||||
|
|
|
|
Configuring a VTP Server |
|
17-9 |
|
|
|
|
|
|||
|
|
|
|
Configuring a VTP Client |
|
17-11 |
|
|
|
|
|
|||
|
|
|
|
Disabling VTP (VTP Transparent Mode) |
17-12 |
|
|
|
||||||
|
|
|
|
Enabling VTP Version 2 |
17-13 |
|
|
|
|
|
||||
|
|
|
|
Enabling VTP Pruning |
17-14 |
|
|
|
|
|
||||
|
|
|
|
Adding a VTP Client Switch to a VTP Domain 17-15 |
|
|
|
|||||||
|
|
|
|
Monitoring VTP |
17-16 |
|
|
|
|
|
|
|
|
|
|
Configuring Voice VLAN |
|
|
|
|
|
|
|
|
|||||
C H A P T E R 18 |
18-1 |
|
|
|
|
|
|
|
||||||
|
|
|
|
Understanding Voice VLAN |
18-1 |
|
|
|
|
|
||||
|
|
|
|
Configuring Voice VLAN |
18-2 |
|
|
|
|
|
|
|||
|
|
|
|
Default Voice VLAN Configuration |
18-2 |
|
|
|
||||||
|
|
|
|
Voice VLAN Configuration Guidelines |
18-3 |
|
|
|
||||||
|
|
|
|
Configuring a Port to Connect to a Cisco 7960 IP Phone |
18-3 |
|
|
|||||||
|
|
|
|
Configuring Ports to Carry Voice Traffic in IEEE 802.1Q Frames 18-4 |
|
|
||||||||
|
|
|
|
Configuring Ports to Carry Voice Traffic in IEEE 802.1p Priority-Tagged Frames |
18-4 |
|
||||||||
|
|
|
|
Overriding the CoS Priority of Incoming Data Frames 18-5 |
|
|
||||||||
|
|
|
|
Configuring the IP Phone to Trust the CoS Priority of Incoming Data Frames |
18-6 |
|
||||||||
|
|
|
|
Displaying Voice VLAN |
|
18-6 |
|
|
|
|
|
|
|
|
|
Configuring DHCP Features |
|
|
|
|
|
|
|||||||
C H A P T E R 19 |
19-1 |
|
|
|
|
|
||||||||
|
|
|
|
Understanding DHCP Features |
|
19-1 |
|
|
|
|
|
|||
|
|
|
|
DHCP Server |
19-2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
DHCP Relay Agent |
19-2 |
|
|
|
|
|
|
|
||
|
|
|
|
DHCP Snooping |
19-2 |
|
|
|
|
|
|
|
||
|
|
|
|
Option-82 Data Insertion |
|
19-3 |
|
|
|
|
|
|||
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|||||||
|
|
|
|
|
|
|
||||||||
|
xvi |
|
|
|
|
|
|
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
|
Configuring DHCP Features |
19-5 |
|
|
|
|
|
|
|
||
|
|
Default DHCP Configuration |
19-6 |
|
|
|
|
|
|
|
||
|
|
DHCP Snooping Configuration Guidelines 19-6 |
||||||||||
|
|
Configuring the DHCP Server |
19-7 |
|
|
|
|
|
|
|||
|
|
Enabling DHCP Snooping and Option 82 |
19-7 |
|
|
|
|
|||||
|
|
Displaying DHCP Information |
19-8 |
|
|
|
|
|
|
|
||
|
Configuring IGMP Snooping and MVR |
|
|
|
|
|
|
|||||
C H A P T E R 20 |
20-1 |
|
|
|
|
|
||||||
|
|
Understanding IGMP Snooping |
20-2 |
|
|
|
|
|
|
|
||
|
|
IGMP Versions |
20-2 |
|
|
|
|
|
|
|
|
|
|
|
Joining a Multicast Group |
20-3 |
|
|
|
|
|
|
|
||
|
|
Leaving a Multicast Group |
20-5 |
|
|
|
|
|
|
|
||
|
|
Immediate-Leave Processing |
20-5 |
|
|
|
|
|
|
|||
|
|
IGMP Configurable-Leave Timer |
20-5 |
|
|
|
|
|
||||
|
|
IGMP Leave Timer Guidelines |
|
20-6 |
|
|
|
|
||||
|
|
IGMP Report Suppression |
20-6 |
|
|
|
|
|
|
|
||
|
|
IGMP Snooping Querier Configuration Guidelines and Restrictions 20-6 |
||||||||||
|
|
Source-Only Networks |
20-7 |
|
|
|
|
|
|
|
||
|
|
Configuring IGMP Snooping |
20-7 |
|
|
|
|
|
|
|
||
|
|
Default IGMP Snooping Configuration |
20-8 |
|
|
|
|
|||||
|
|
Enabling or Disabling IGMP Snooping |
20-8 |
|
|
|
|
|||||
|
|
Setting the Snooping Method 20-9 |
|
|
|
|
|
|
||||
|
|
Configuring a Multicast Router Port |
20-10 |
|
|
|
|
|||||
|
|
Configuring a Host Statically to Join a Group |
20-10 |
|
|
|
||||||
|
|
Enabling IGMP Immediate-Leave Processing |
20-11 |
|
|
|
||||||
|
|
Configuring the IGMP Leave Timer |
|
20-12 |
|
|
|
|
||||
|
|
Disabling IGMP Report Suppression |
20-12 |
|
|
|
|
|||||
|
|
Disabling IP Multicast-Source-Only Learning |
20-13 |
|
|
|
||||||
|
|
Configuring the Aging Time |
20-14 |
|
|
|
|
|
|
|||
|
|
Configuring the IGMP Snooping Querier |
20-14 |
|
|
|
||||||
|
|
Displaying IGMP Snooping Information |
|
20-15 |
|
|
|
|
||||
|
|
Understanding Multicast VLAN Registration |
20-16 |
|
|
|
||||||
|
|
Using MVR in a Multicast Television Application 20-17 |
||||||||||
|
|
Configuring MVR |
20-19 |
|
|
|
|
|
|
|
|
|
|
|
Default MVR Configuration |
20-19 |
|
|
|
|
|
|
|
||
|
|
MVR Configuration Guidelines and Limitations |
20-19 |
|
|
|
||||||
|
|
Configuring MVR Global Parameters |
20-20 |
|
|
|
|
|||||
|
|
Configuring MVR Interfaces |
20-21 |
|
|
|
|
|
|
|||
|
|
Displaying MVR Information |
20-22 |
|
|
|
|
|
|
|
||
|
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
||||
|
|
|
|
|
|
|||||||
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
xvii |
|
|
|
|
|
|
|
|
|
|
|
|
Contents
Configuring IGMP Filtering and Throttling 20-23 |
|
Default IGMP Filtering and Throttling Configuration 20-23 |
|
Configuring IGMP Profiles |
20-24 |
Applying IGMP Profiles |
20-25 |
|
|
|
|
Setting the Maximum Number of IGMP Groups |
20-26 |
|
||||||||
|
|
|
|
Configuring the IGMP Throttling Action |
20-26 |
|
|
|||||||
|
|
|
|
Displaying IGMP Filtering and Throttling Configuration |
20-28 |
|
||||||||
|
Configuring Port-Based Traffic Control |
|
|
|
|
|
||||||||
C H A P T E R 21 |
21-1 |
|
|
|
|
|||||||||
|
|
|
|
Configuring Storm Control |
|
21-1 |
|
|
|
|
|
|
||
|
|
|
|
Understanding Storm Control |
21-1 |
|
|
|
|
|
||||
|
|
|
|
Default Storm Control Configuration |
21-2 |
|
|
|
||||||
|
|
|
|
Configuring Storm Control and Threshold Levels |
21-2 |
|
||||||||
|
|
|
|
Configuring Protected Ports |
|
21-4 |
|
|
|
|
|
|
||
|
|
|
|
Configuring Port Blocking |
|
21-5 |
|
|
|
|
|
|
||
|
|
|
|
Blocking Flooded Traffic on an Interface |
21-5 |
|
|
|||||||
|
|
|
|
Resuming Normal Forwarding on a Port |
21-6 |
|
|
|
||||||
|
|
|
|
Configuring Port Security |
|
21-6 |
|
|
|
|
|
|
||
|
|
|
|
Understanding Port Security |
21-6 |
|
|
|
|
|
||||
|
|
|
|
Secure MAC Addresses |
21-6 |
|
|
|
|
|
||||
|
|
|
|
Security Violations |
|
21-7 |
|
|
|
|
|
|
||
|
|
|
|
Default Port Security Configuration |
21-8 |
|
|
|
||||||
|
|
|
|
Port Security Configuration Guidelines |
21-8 |
|
|
|
||||||
|
|
|
|
Enabling and Configuring Port Security |
21-9 |
|
|
|
||||||
|
|
|
|
Enabling and Configuring Port Security Aging |
21-11 |
|
||||||||
|
|
|
|
Displaying Port-Based Traffic Control Settings 21-13 |
|
|
||||||||
|
Configuring UDLD |
|
|
|
|
|
|
|
|
|
|
|||
C H A P T E R 22 |
22-1 |
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
Understanding UDLD 22-1 |
|
|
|
|
|
|
|
|
||
|
|
|
|
Modes of Operation |
22-1 |
|
|
|
|
|
|
|||
|
|
|
|
Methods to Detect Unidirectional Links |
22-2 |
|
|
|
||||||
|
|
|
|
Configuring UDLD |
22-4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default UDLD Configuration |
22-4 |
|
|
|
|
|
||||
|
|
|
|
Configuration Guidelines |
22-4 |
|
|
|
|
|
||||
|
|
|
|
Enabling UDLD Globally |
22-5 |
|
|
|
|
|
|
|||
|
|
|
|
Enabling UDLD on an Interface |
22-6 |
|
|
|
|
|||||
|
|
|
|
Resetting an Interface Shut Down by UDLD |
22-6 |
|
||||||||
|
|
|
|
Displaying UDLD Status |
22-7 |
|
|
|
|
|
|
|||
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|||||||
|
|
|
|
|
|
|
||||||||
|
xviii |
|
|
|
|
|
|
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
C H A P T E R 23 |
Configuring CDP 23-1 |
|
|
|
|
|
Understanding CDP |
23-1 |
|
|
|
|
Configuring CDP |
23-2 |
|
|
|
|
Default CDP Configuration |
23-2 |
|
||
|
Configuring the CDP Characteristics 23-2 |
|
|||
|
Disabling and Enabling CDP |
23-3 |
|
||
|
Disabling and Enabling CDP on an Interface |
23-4 |
|||
|
Monitoring and Maintaining CDP |
23-5 |
|
||
|
Configuring SPAN and RSPAN 24-1 |
|
|||
C H A P T E R 24 |
|
||||
|
Understanding SPAN and RSPAN |
24-1 |
|
||
|
SPAN and RSPAN Concepts and Terminology |
24-3 |
|||
|
SPAN Session |
24-3 |
|
|
|
|
Traffic Types |
24-3 |
|
|
|
|
Source Port |
24-4 |
|
|
|
|
Destination Port 24-4 |
|
|
||
|
Reflector Port |
24-5 |
|
|
|
|
SPAN Traffic |
24-5 |
|
|
|
SPAN and RSPAN Interaction with Other Features 24-6 |
|||
|
SPAN and RSPAN Session Limits |
24-7 |
|
|
|
Default SPAN and RSPAN Configuration |
24-7 |
||
|
Configuring SPAN |
24-7 |
|
|
|
SPAN Configuration Guidelines |
24-7 |
|
|
|
Creating a SPAN Session and Specifying Ports to Monitor 24-8 |
|||
|
Creating a SPAN Session and Enabling Ingress Traffic 24-9 |
|||
|
Removing Ports from a SPAN Session |
24-11 |
||
|
Configuring RSPAN |
24-12 |
|
|
|
RSPAN Configuration Guidelines |
24-12 |
|
|
|
Configuring a VLAN as an RSPAN VLAN |
24-13 |
||
|
Creating an RSPAN Source Session 24-14 |
|||
|
Creating an RSPAN Destination Session |
24-15 |
||
|
Removing Ports from an RSPAN Session |
24-16 |
||
|
Displaying SPAN and RSPAN Status |
24-17 |
|
|
|
Configuring RMON |
|
|
|
C H A P T E R 25 |
25-1 |
|
|
|
|
Understanding RMON 25-1 |
|
|
|
|
Configuring RMON |
25-2 |
|
|
|
Default RMON Configuration |
25-3 |
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|
|||||
|
78-11380-12 |
|
|
xix |
|
|
|
|
|
Contents
|
Configuring RMON Alarms and Events |
25-3 |
|
||
|
Configuring RMON Collection on an Interface 25-5 |
||||
|
Displaying RMON Status 25-6 |
|
|
|
|
|
Configuring System Message Logging |
|
|
||
C H A P T E R 26 |
26-1 |
|
|||
|
Understanding System Message Logging |
26-1 |
|
||
|
Configuring System Message Logging |
26-2 |
|
||
|
System Log Message Format |
26-2 |
|
|
|
|
Default System Message Logging Configuration |
26-3 |
|||
|
Disabling and Enabling Message Logging 26-4 |
|
|||
|
Setting the Message Display Destination Device |
26-4 |
|||
|
Synchronizing Log Messages |
26-6 |
|
|
|
|
Enabling and Disabling Timestamps on Log Messages 26-7 |
||||
|
Enabling and Disabling Sequence Numbers in Log Messages 26-8 |
||||
|
Defining the Message Severity Level |
26-8 |
|
|
|
|
|
Limiting Syslog Messages Sent to the History Table and to SNMP 26-9 |
||||||
|
|
|
|
Configuring UNIX Syslog Servers |
26-10 |
|
|
|||
|
|
|
|
Logging Messages to a UNIX Syslog Daemon |
26-11 |
|
||||
|
|
|
|
Configuring the UNIX System Logging Facility |
26-11 |
|
||||
|
|
|
|
Displaying the Logging Configuration |
26-12 |
|
|
|||
|
Configuring SNMP 27-1 |
|
|
|
|
|
||||
C H A P T E R 27 |
|
|
|
|
|
|||||
|
|
|
|
Understanding SNMP |
27-1 |
|
|
|
|
|
|
|
|
|
SNMP Versions |
27-2 |
|
|
|
|
|
|
|
|
|
SNMP Manager Functions |
27-3 |
|
|
|
|
|
|
|
|
|
SNMP Agent Functions 27-4 |
|
|
|
|
||
|
|
|
|
SNMP Community Strings |
27-4 |
|
|
|
|
|
|
|
|
|
Using SNMP to Access MIB Variables |
27-4 |
|
|
|||
|
|
|
|
SNMP Notifications 27-5 |
|
|
|
|
|
|
|
|
|
|
Configuring SNMP |
27-6 |
|
|
|
|
|
|
|
|
|
Default SNMP Configuration |
27-6 |
|
|
|
||
|
|
|
|
SNMP Configuration Guidelines |
27-6 |
|
|
|
||
|
|
|
|
Disabling the SNMP Agent |
27-7 |
|
|
|
|
|
|
|
|
|
Configuring Community Strings |
27-8 |
|
|
|
||
|
|
|
|
Configuring SNMP Groups and Users |
27-9 |
|
|
|||
|
|
|
|
Configuring SNMP Notifications |
27-11 |
|
|
|
||
|
|
|
|
Setting the Agent Contact and Location Information |
27-14 |
|
||||
|
|
|
|
Limiting TFTP Servers Used Through SNMP 27-14 |
|
|
||||
|
|
|
|
SNMP Examples |
27-15 |
|
|
|
|
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
||||
|
|
|
|
|
|
|||||
|
xx |
|
|
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
Contents
|
|
Displaying SNMP Status |
27-16 |
|
|
|
|
|
|
|
|||
|
Configuring Network Security with ACLs |
|
|
|
|
|
|
||||||
C H A P T E R 28 |
28-1 |
|
|
|
|
|
|||||||
|
|
Understanding ACLs |
|
28-2 |
|
|
|
|
|
|
|
|
|
|
|
Handling Fragmented and Unfragmented Traffic |
28-3 |
|
|
|
|||||||
|
|
Understanding Access Control Parameters |
28-4 |
|
|
|
|
|
|||||
|
|
Guidelines for Applying ACLs to Physical Interfaces |
28-6 |
|
|
|
|||||||
|
|
Configuring ACLs |
28-6 |
|
|
|
|
|
|
|
|
|
|
|
|
Unsupported Features |
28-7 |
|
|
|
|
|
|
|
|||
|
|
Creating Standard and Extended IP ACLs |
28-7 |
|
|
|
|
|
|||||
|
|
ACL Numbers 28-8 |
|
|
|
|
|
|
|
|
|||
|
|
Creating a Numbered Standard ACL |
28-8 |
|
|
|
|
|
|||||
|
|
Creating a Numbered Extended ACL |
28-10 |
|
|
|
|
|
|||||
|
|
Creating Named Standard and Extended ACLs |
28-13 |
|
|
|
|||||||
|
|
Applying Time Ranges to ACLs |
28-14 |
|
|
|
|
|
|
||||
|
|
Including Comments About Entries in ACLs |
28-16 |
|
|
|
|||||||
|
|
Creating Named MAC Extended ACLs |
28-17 |
|
|
|
|
|
|||||
|
|
Creating MAC Access Groups 28-18 |
|
|
|
|
|
|
|
||||
|
|
Applying ACLs to Terminal Lines or Physical Interfaces |
|
28-18 |
|
|
|
||||||
|
|
Applying ACLs to a Terminal Line 28-19 |
|
|
|
|
|
|
|||||
|
|
Applying ACLs to a Physical Interface |
28-20 |
|
|
|
|
|
|||||
|
|
Displaying ACL Information |
28-20 |
|
|
|
|
|
|
|
|||
|
|
Displaying ACLs |
28-20 |
|
|
|
|
|
|
|
|
||
|
|
Displaying Access Groups |
28-22 |
|
|
|
|
|
|
|
|||
|
|
Examples for Compiling ACLs |
28-23 |
|
|
|
|
|
|
|
|||
|
|
Numbered ACL Examples |
28-24 |
|
|
|
|
|
|
|
|||
|
|
Extended ACL Examples |
28-24 |
|
|
|
|
|
|
|
|||
|
|
Named ACL Example |
28-24 |
|
|
|
|
|
|
|
|||
|
|
Commented IP ACL Entry Examples |
28-25 |
|
|
|
|
|
|
||||
|
Configuring QoS 29-1 |
|
|
|
|
|
|
|
|
|
|
||
C H A P T E R 29 |
|
|
|
|
|
|
|
|
|
|
|||
|
|
Understanding QoS |
|
29-2 |
|
|
|
|
|
|
|
|
|
|
|
Basic QoS Model |
29-4 |
|
|
|
|
|
|
|
|
||
|
|
Classification |
29-5 |
|
|
|
|
|
|
|
|
|
|
|
|
Classification Based on QoS ACLs 29-5 |
|
|
|
|
|
||||||
|
|
Classification Based on Class Maps and Policy Maps 29-6 |
|||||||||||
|
|
Policing and Marking |
29-7 |
|
|
|
|
|
|
|
|||
|
|
Mapping Tables |
29-8 |
|
|
|
|
|
|
|
|
|
|
|
|
Queueing and Scheduling |
29-8 |
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
||||
|
|
|
|
|
|
|
|||||||
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
xxi |
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
How Class of Service Works |
29-8 |
||||
Port Priority |
29-8 |
|
|
|
|
Port Scheduling |
29-9 |
|
|
||
Egress CoS Queues |
29-9 |
|
|||
Configuring Auto-QoS |
29-10 |
|
|
|
|
Generated Auto-QoS Configuration |
29-10 |
||||
Effects of Auto-QoS on the Configuration 29-12 |
|||||
Configuration Guidelines |
29-13 |
|
|||
Upgrading from a Previous Software Release 29-13 |
|||||
Enabling Auto-QoS for VoIP |
29-14 |
|
|||
Displaying Auto-QoS Information |
29-15 |
||||
Auto-QoS Configuration Example |
29-15 |
||||
Configuring Standard QoS |
29-18 |
|
|
|
|
|
|
Default Standard QoS Configuration |
29-18 |
|
|
|
|
|||
|
|
|
|
Configuration Guidelines |
29-19 |
|
|
|
|
|
|
|
|
|
|
|
Configuring Classification Using Port Trust States |
29-20 |
|
|
|||||
|
|
|
|
Configuring the Trust State on Ports within the QoS Domain |
29-20 |
|
||||||
|
|
|
|
Configuring the CoS Value for an Interface |
29-22 |
|
|
|||||
|
|
|
|
Configuring Trusted Boundary |
29-23 |
|
|
|
|
|||
|
|
|
|
Enabling Pass-Through Mode |
29-25 |
|
|
|
|
|||
|
|
|
|
Configuring a QoS Policy |
29-26 |
|
|
|
|
|
|
|
|
|
|
|
Classifying Traffic by Using ACLs |
29-27 |
|
|
|
|
|||
|
|
|
|
Classifying Traffic by Using Class Maps |
29-30 |
|
|
|||||
|
|
|
|
Classifying, Policing, and Marking Traffic by Using Policy Maps 29-31 |
||||||||
|
|
|
|
Configuring CoS Maps |
29-34 |
|
|
|
|
|
|
|
|
|
|
|
Configuring the CoS-to-DSCP Map |
29-35 |
|
|
|
|
|||
|
|
|
|
Configuring the DSCP-to-CoS Map |
29-36 |
|
|
|
|
|||
|
|
|
|
Configuring the Egress Queues |
29-37 |
|
|
|
|
|
||
|
|
|
|
Configuring CoS Priority Queues |
29-37 |
|
|
|
|
|||
|
|
|
|
Configuring WRR Priority |
29-38 |
|
|
|
|
|
||
|
|
|
|
Enabling the Expedite Queue and Configuring WRR Priority |
29-38 |
|
||||||
|
|
|
|
Displaying Standard QoS Information |
|
29-39 |
|
|
|
|
||
|
|
|
|
Standard QoS Configuration Examples |
29-39 |
|
|
|
|
|||
|
|
|
|
QoS Configuration for the Existing Wiring Closet |
29-40 |
|
|
|||||
|
|
|
|
QoS Configuration for the Intelligent Wiring Closet |
29-41 |
|
|
|||||
|
Configuring EtherChannels 30-1 |
|
|
|
|
|
|
|
||||
C H A P T E R 30 |
|
|
|
|
|
|
|
|||||
|
|
|
|
Understanding EtherChannels |
30-1 |
|
|
|
|
|
|
|
|
|
|
|
Understanding Port-Channel Interfaces |
30-2 |
|
|
|
|
|||
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|||||
|
xxii |
|
|
|
|
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
|
|
Contents
Understanding the Port Aggregation Protocol and Link Aggregation Protocol 30-3 |
|
PAgP and LACP Modes 30-4 |
|
Physical Learners and Aggregate-Port Learners |
30-5 |
PAgP and LACP Interaction with Other Features |
30-6 |
|
|
Understanding Load Balancing and Forwarding Methods |
30-6 |
|
|
|
|
|||||||
|
|
Configuring EtherChannels |
30-7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Default EtherChannel Configuration |
30-8 |
|
|
|
|
|
|
|
||||
|
|
EtherChannel Configuration Guidelines |
30-8 |
|
|
|
|
|
|
|||||
|
|
Configuring Layer 2 EtherChannels |
30-9 |
|
|
|
|
|
|
|
||||
|
|
Configuring EtherChannel Load Balancing |
30-11 |
|
|
|
|
|
|
|||||
|
|
Configuring the PAgP Learn Method and Priority |
30-12 |
|
|
|
|
|
||||||
|
|
Configuring the LACP Port Priority |
30-12 |
|
|
|
|
|
|
|
||||
|
|
Configuring Hot Standby Ports |
30-13 |
|
|
|
|
|
|
|
|
|||
|
|
Configuring the LACP System Priority |
30-13 |
|
|
|
|
|
|
|||||
|
|
Displaying EtherChannel, PAgP, and LACP Status |
30-14 |
|
|
|
|
|
||||||
|
Troubleshooting |
|
|
|
|
|
|
|
|
|
|
|
|
|
C H A P T E R 31 |
31-1 |
|
|
|
|
|
|
|
|
|
|
|
||
|
|
Using Recovery Procedures |
31-1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Recovering from a Software Failure |
31-2 |
|
|
|
|
|
|
|
||||
|
|
Recovering from Lost or Forgotten Passwords on Non-LRE Catalyst 2950 Switches 31-2 |
||||||||||||
|
|
Recovering from Lost or Forgotten Passwords on Catalyst 2950 LRE Switches 31-4 |
||||||||||||
|
|
Password Recovery with Password Recovery Enabled |
31-5 |
|
|
|
|
|||||||
|
|
Procedure with Password Recovery Disabled |
31-6 |
|
|
|
|
|
||||||
|
|
Recovering from Lost or Forgotten Passwords on Catalyst 2955 Switches 31-8 |
||||||||||||
|
|
Recovering from a Command Switch Failure |
31-10 |
|
|
|
|
|
||||||
|
|
Replacing a Failed Command Switch with a Cluster Member |
31-10 |
|
|
|
||||||||
|
|
Replacing a Failed Command Switch with Another Switch |
31-12 |
|
|
|
||||||||
|
|
Recovering from Lost Member Connectivity |
31-13 |
|
|
|
|
|
|
|||||
|
|
Preventing Autonegotiation Mismatches |
|
31-14 |
|
|
|
|
|
|
|
|||
|
|
GBIC and SFP Module Security and Identification |
31-14 |
|
|
|
|
|
||||||
|
|
Diagnosing Connectivity Problems |
31-14 |
|
|
|
|
|
|
|
|
|||
|
|
Using Ping |
31-15 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Understanding Ping |
31-15 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Executing Ping 31-15 |
|
|
|
|
|
|
|
|
|
|
||
|
|
Using Layer 2 Traceroute |
31-16 |
|
|
|
|
|
|
|
|
|
||
|
|
Understanding Layer 2 Traceroute |
31-16 |
|
|
|
|
|
|
|||||
|
|
Usage Guidelines |
31-16 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Displaying the Physical Path |
31-17 |
|
|
|
|
|
|
|
||||
|
|
Diagnosing LRE Connection Problems |
31-18 |
|
|
|
|
|
|
|
||||
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|||||||
|
|
|
|
|
||||||||||
|
78-11380-12 |
|
|
|
|
|
|
|
|
|
|
|
xxiii |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Contents
|
|
Using Debug Commands |
31-19 |
|
|
|
|
|
Enabling Debugging on a Specific Feature 31-20 |
||||
|
|
Enabling All-System Diagnostics |
31-20 |
|||
|
|
Redirecting Debug and Error Message Output 31-20 |
||||
|
|
Using the debug auto qos Command |
31-21 |
|||
|
|
Using the show controllers Commands |
|
31-22 |
||
|
|
Using the crashinfo File |
31-22 |
|
|
|
|
|
Supported MIBs A-1 |
|
|
|
|
A P P E N D I X |
A |
|
|
|
|
|
|
|
MIB List A-1 |
|
|
|
|
|
|
Using FTP to Access the MIB Files A-3 |
|
|||
|
|
Working with the Cisco IOS File System, Configuration Files, and Software Images B-1 |
||||
A P P E N D I X |
B |
|||||
|
|
Working with the Flash File System |
B-1 |
|||
|
|
Displaying Available File Systems |
|
B-2 |
||
|
|
Setting the Default File System |
B-3 |
|||
|
|
Displaying Information about Files on a File System B-3 |
||||
|
|
Changing Directories and Displaying the Working Directory B-4 |
||||
|
|
Creating and Removing Directories |
B-4 |
|||
|
|
Copying Files |
B-5 |
|
|
|
|
|
Deleting Files |
B-5 |
|
|
|
|
|
|
Creating, Displaying, and Extracting tar Files B-6 |
|
|
|
||
|
|
|
Creating a tar File |
B-6 |
|
|
|
|
|
|
|
Displaying the Contents of a tar File |
B-7 |
|
|
|
|
|
|
|
Extracting a tar File |
B-7 |
|
|
|
|
|
|
|
Displaying the Contents of a File B-8 |
|
|
|
|
|
|
|
|
Working with Configuration Files B-8 |
|
|
|
|
|
|
|
|
Guidelines for Creating and Using Configuration Files |
B-9 |
|
|
||
|
|
|
Configuration File Types and Location B-10 |
|
|
|
||
|
|
|
Creating a Configuration File By Using a Text Editor |
B-10 |
|
|
||
|
|
|
Copying Configuration Files By Using TFTP |
B-10 |
|
|
|
|
|
|
|
Preparing to Download or Upload a Configuration File By Using TFTP |
B-10 |
||||
|
|
|
Downloading the Configuration File By Using TFTP B-11 |
|
|
|||
|
|
|
Uploading the Configuration File By Using TFTP |
B-12 |
|
|
||
|
|
|
Copying Configuration Files By Using FTP |
B-12 |
|
|
|
|
|
|
|
Preparing to Download or Upload a Configuration File By Using FTP |
B-13 |
||||
|
|
|
Downloading a Configuration File By Using FTP |
B-13 |
|
|
||
|
|
|
Uploading a Configuration File By Using FTP B-14 |
|
|
|||
|
|
|
Copying Configuration Files By Using RCP |
B-15 |
|
|
|
|
|
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|
|
|
|
|
|
|
|
||
|
xxiv |
|
|
|
|
|
78-11380-12 |
|
|
|
|
|
|
|
|
Contents
Preparing to Download or Upload a Configuration File By Using RCP B-16
Downloading a Configuration File By Using RCP
Uploading a Configuration File By Using RCP
Clearing Configuration Information B-19
Clearing the Startup Configuration File
Deleting a Stored Configuration File
Working with Software Images
Image Location on the Switch B-20
tar File Format of Images on a Server or Cisco.com
Copying Image Files By Using TFTP B-21
Preparing to Download or Upload an Image File By Using TFTP
Downloading an Image File By Using TFTP
Uploading an Image File By Using TFTP
Copying Image Files By Using FTP B-24
Preparing to Download or Upload an Image File By Using FTP
Downloading an Image File By Using FTP
Uploading an Image File By Using FTP
Copying Image Files By Using RCP B-28
Preparing to Download or Upload an Image File By Using RCP
Downloading an Image File By Using RCP
Uploading an Image File By Using RCP
I N D E X
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
|
78-11380-12 |
xxv |
|
Contents
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
|
xxvi |
78-11380-12 |
|
|
|
This guide is for the networking professional managing the Catalyst 2950 and 2955 switches, hereafter referred to as the switches. Before using this guide, you should have experience working with the Cisco IOS and be familiar with the concepts and terminology of Ethernet and local area networking.
This guide provides the information you need to configure software features on your switch. The Catalyst 2950 switch is supported by either the standard software image (SI) or the enhanced software image (EI). The Catalyst 2955 and Catalyst 2950 Long-Reach Ethernet (LRE) switches are supported only by the EI.
The EI provides a richer set of features, including access control lists (ACLs), enhanced quality of service (QoS) features, extended-range VLANs, Remote Switched Port Analyzer (RSPAN), and unicast MAC address filtering. The cryptographic EI provides support for the Secure Shell Protocol (SSP). For a list of switches that support the SI and the EI, see Table 1-1 in Chapter 1, “Overview.”
The Catalyst 2955 switch also supports an additional set of features that are described in Chapter 3, “Configuring Catalyst 2955 Switch Alarms.” The switch has facilities to process alarms related to the temperature, power supply conditions, and status of the Ethernet ports.
Use this guide with other documents for information about these topics:
•Requirements—This guide assumes that you have met the hardware and software requirements and cluster compatibility requirements described in the release notes.
•Start-up information—This guide assumes that you have assigned switch IP information and passwords by using the browser setup program described in the switch hardware installation guide.
•Embedded device manager and Network Assistant graphical user interfaces (GUIs)—This guide does not provide detailed information on the GUIs. However, the concepts in this guide are applicable to the GUI user. For information about the device manager, see the switch online help. For information about Network Assistant, see the Getting Started with Cisco Network Assistant, available on Cisco.com.
•Cluster configuration—For information about planning for, creating, and maintaining switch clusters, see the Getting Started with Cisco Network Assistant, available on Cisco.com. For information about the clustering-related command-line interface (CLI) commands, see the command reference for this release.
|
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
|
|
|
|
|
|
|||
|
78-11380-12 |
|
|
xxvii |
|
|
|
|
|
Preface
•CLI command information—This guide provides an overview for using the CLI. For complete syntax and usage information about the commands that have been specifically created or changed for the switches, see the command reference for this release.
This guide provides procedures for using the commands that have been created or changed for use with the switch. It does not provide detailed information about these commands. For detailed information about these commands, see the command reference for this release.
This guide does not repeat the concepts and CLI procedures provided in the standard Cisco IOS Release 12.1 documentation. For information about the standard Cisco IOS Release 12.1 commands, see the Cisco IOS documentation set available from the Cisco.com home page at Service and Support > Technical Documents. On the Cisco Product Documentation home page, select Release 12.1 from the Cisco IOS Software drop-down list.
This guide does not describe system messages you might encounter or how to install your switch. For this information, see the system message guide for this release and to the hardware installation guide.
For documentation updates, see the release notes for this release.
Conventions
This publication uses these conventions to convey instructions and information:
Command descriptions use these conventions:
•Commands and keywords are in boldface text.
•Arguments for which you supply values are in italic.
•Square brackets ([ ]) mean optional elements.
•Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.
•Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional element.
Interactive examples use these conventions:
•Terminal sessions and system displays are in screen font.
•Information you enter is in boldface screen font.
•Nonprinting characters, such as passwords or tabs, are in angle brackets (< >). Notes, cautions, and timesavers use these conventions and symbols:
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in this manual.
Caution Means reader be careful. In this situation, you might do something that could result equipment damage or loss of data.
Timesaver Means the following will help you solve a problem. The tips information might not be troubleshooting or even an action, but could be useful information.
|
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide |
xxviii |
78-11380-12 |
Preface
Related Publications
These documents provide complete information about the switch and are available from this Cisco.com site:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/index.htm
You can order printed copies of documents with a DOC-xxxxxx= number from the Cisco.com sites and from the telephone numbers listed in the “Obtaining Documentation” section on page Boilerplate 1.
•Release Notes for the Catalyst 2950 and Catalyst 2955 Switches (not orderable but available on Cisco.com)
Note Switch requirements and procedures for initial configurations and software upgrades tend to change and therefore appear only in the release notes. Before installing, configuring, or upgrading the switch, see the release notes on Cisco.com for the latest information.
For information about the switch, see these documents:
•Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide (order number DOC-7811380=)
•Catalyst 2950 and Catalyst 2955 Switch Command Reference (order number DOC-7811381=)
•Catalyst 2950 and Catalyst 2955 Switch System Message Guide (order number DOC-7814233=)
•Device manager online help (available on the switch)
•Catalyst 2950 Switch Hardware Installation Guide (not orderable but available on Cisco.com)
•Catalyst 2950 Switch Getting Started Guide (order number DOC-1786521=)
•Regulatory Compliance and Safety Information for the Catalyst 2950 Switch (order number DOC-7816625=)
•Catalyst 2955 Switch Hardware Installation Guide (order number DOC-7814944=)
For information about related products, see these documents:
•Getting Started with Cisco Network Assistant (not orderable but available on Cisco.com)
•Release Notes for Cisco Network Assistant (not orderable but available on Cisco.com)
•Catalyst GigaStack Gigabit Interface Converter Hardware Installation Guide
(order number DOC-786460=)
•CWDM Passive Optical System Installation Note (not orderable but is available on Cisco.com)
•1000BASE-T Gigabit Interface Converter Installation Notes (not orderable but is available on Cisco.com)
•Cisco Small Form-Factor Pluggable Modules Installation Notes (order number DOC-7815160=)
•Cisco CWDM GBIC and CWDM SFP Installation Note (not orderable but available on Cisco.com)
Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
|
78-11380-12 |
xxix |
|
Preface
Obtaining Documentation
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/techsupport
You can access the Cisco website at this URL:
http://www.cisco.com
You can access international Cisco websites at this URL:
http://www.cisco.com/public/countries_languages.shtml
Cisco documentation and additional literature are available in the Product Documentation DVD package, which may have shipped with your product. The Product Documentation DVD is updated regularly and may be more current than printed documentation.
The Product Documentation DVD is a comprehensive library of technical product documentation on portable media. The DVD enables you to access multiple versions of hardware and software installation, configuration, and command guides for Cisco products and to view technical documentation in HTML. With the DVD, you have access to the same documentation that is found on the Cisco website without being connected to the Internet. Certain products also have .pdf versions of the documentation available.
The Product Documentation DVD is available as a single unit or as a subscription. Registered Cisco.com users (Cisco direct customers) can order a Product Documentation DVD (product number DOC-DOCDVD=) from the Ordering tool or Cisco Marketplace.
Cisco Ordering tool:
http://www.cisco.com/en/US/partner/ordering/
Cisco Marketplace:
http://www.cisco.com/go/marketplace/
Beginning June 30, 2005, registered Cisco.com users may order Cisco documentation at the Product Documentation Store in the Cisco Marketplace at this URL:
http://www.cisco.com/go/marketplace/
Cisco will continue to support documentation orders using the Ordering tool:
•Registered Cisco.com users (Cisco direct customers) can order documentation from the Ordering tool:
http://www.cisco.com/en/US/partner/ordering/
•Instructions for ordering documentation using the Ordering tool are at this URL: http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 1 800 553-NETS (6387).
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
|
xxx |
78-11380-12 |
|
|
|