Cisco WS-C4003 - Catalyst 4000 Chassis Switch, Catalyst 4000 Series, Catalyst 2948G, Catalyst 2980G Software Configuration Manual
Page 1
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Software Configuration Guide
Catalyst 4000 Family
Catalyst 2948G
Catalyst 2980G
Software Releases 6.3 and 6.4
Customer Order Number: DOC-7812647=
Text Part Number: 78-12647-02
Page 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS M ANUAL ARE SUBJECT TO CHA NGE WITHOUT NO TICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSI BILITY FOR THEIR APPLICA TION OF ANY PRODUCT S.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORT H IN THE INFORMATION PACKET T HAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP head er compressi on is an adap tation of a program developed by the Universi ty of Ca lifornia, Berk eley (UCB) as part of UCB ’s public
domain version of the UNIX operatin g system. All rights reserved . Copyri ght © 1981 , Rege nts of the Uni versity of Calif ornia.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THE SE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAI M ALL WARRANTIE S, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NO NINFRINGEM ENT OR ARISING FROM A COURS E OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING ,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE S.
This document is to be used in conjunction with the Software Configuration Guide and the Command Reference for your switch.
CCIP, the Cisco Arrow logo, the Cisco Powered Network mark, the Cisco System s Verified logo, Cisco Un ity, F ollow Me B rowsing, Form Share, iQ Break throu gh, iQ
Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet, TransPath, and Voice LAN are trademarks of Cisco
Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Discover All That’s Possible, The Fastest Way to Increase Your Internet Quotient, and iQuick St udy are
service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, C isco
IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Syst ems Capital, the Cisco Sy stems logo, Empo wering the Internet Generation, Enterprise/Solver, EtherChannel,
EtherSwitch, Fast Step , GigaS tack, Inte rnet Quo tien t, IOS , IP/ TV, Lig htStr eam, MGX, MI CA, the Ne twor ker s logo, Ne twork Reg istrar, Packet, PIX, Post-Routing,
Pre-Routing, RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems , Inc. and/or i ts
affiliates in the U.S. and certain other countries .
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (0208 R)
Software Configuration Gui de—Cata lyst 4000 F ami ly, Cataly st 2948 G, Cata lyst 2980 G, Rel eases 6.3 and 6.4
Copyright © 2000-2003, Cis co Sys tems, In c.
All rights reserved.
Page 3
iii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
CONTENTS
Preface xxiii
Audience xxiii
Organization xxiii
Related Documentation xxv
Conventions xxvi
Obtaining Documentation xxvii
World Wide Web xxvii
Documentation CD-ROM xxvii
Ordering Documentation xxvii
Documentat ion Feedback xxviii
Obtaining Technical Assistance xxviii
Cisco.com xxviii
Technical Assistance Center xxviii
Cisco TAC Web Site xxix
Cisco TAC Escalation Center xxix
PART
1 Getting Started
CHAPTER
1 Product Overview 1-1
Catalyst 4000 Family Switches 1-1
Catalyst 2948G Switch 1-2
Catalyst 2980G Switch 1-2
Supervisor Engine Software 1-3
CHAPTER
2 Using the Command-Line Interface 2-1
Overview of the Switch CLI 2-1
Accessing the Switch CLI 2-2
Accessing the CLI t hrough the Console Port 2-2
Accessing the CLI Through Telnet 2-2
Switch CLI Command Modes 2-3
Accessing Hel p 2-4
Command-Line Edit ing 2-5
History Substitution 2-5
Page 4
Contents
iv
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Abbreviating a Command 2-6
Completing a Partial Command 2-6
Scrolling Down a Li ne or a Screen 2-7
Using Command Aliases 2-7
Specifying Modules, Ports, and VLANs 2-7
Specifying MAC Addresses 2-8
Specifying IP Addresses, Host Names, and IP Aliases 2-8
ROM Monitor Command-Line Interface 2-9
Catalyst4003 Bootup Display Example 2-9
CHAPTER
3 Configuring the Switch IP Address and Default Gateway 3-1
Understanding the Switch Management Interfaces 3-1
Understanding Automatic IP Configuration 3-2
Automatic IP Configuration Overview 3-2
Understanding How DHCP Works 3-3
Understanding How RARP Works 3-4
Preparing to Configure the IP Address and Default Gateway 3-4
Default IP Address and Default Gateway Configur ation 3-5
Setting the In-Ba n d (s c0 ) Int e rfa c e IP Ad dr es s 3-5
Setting the Management Ethernet (me1) Interface IP Address 3-6
Configuring Default Gateways 3-7
Configuring the SLIP (sl0) Interface on the Console Port 3-8
Using DHCP or RARP to Obtain an IP Address Configuration 3-10
Renewing and Releasing a DHCP-Assigned IP Address 3-11
PART
2 Configuring Ethernet Switching
CHAPTER
4 Configuring Ethernet and Fast Ethernet Switching 4-1
Understanding How Ethernet Works 4-1
Ethernet Overview 4-1
Switching Frames Between Segments 4-2
Building the Address Table 4-2
Default Etherne t and Fast Ethernet Configuration 4-2
Configuring Ethernet and Fast Ethernet Ports 4-3
Setting the Port Name 4-3
Setting the Port Priority Level 4-4
Setting the Port Speed 4-4
Page 5
Contents
v
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Setting the Port Duplex Mode 4-5
Configuring a Ti meout Period for Ports in er rdisable State 4-6
Checking Connectivity 4-7
CHAPTER
5 Configuring Gigabit Ethernet Switching 5-1
Understanding How Gigabit Ethernet Works 5-1
Understanding How Gigabit Ethernet Flow Control Works 5-1
Flow-Control Overview 5-1
Sending and Receiving Pause Frames 5-2
Using Flow-Contr ol Keywords 5-2
Understanding How Port Negotiation Works 5-3
Understanding How Oversubscribed Gigabit Ethernet Works 5-3
Oversubscribed Gigabit Ethernet Overview 5-4
Oversubscribed Gigabit Ethernet Example 5-5
Default Gigabit Ethernet Configuration 5-6
Configuring Gigabit Ethernet 5-6
Setting the Port Name 5-7
Setting the Port Priority Level 5-7
Configuring Flow Control on Gigabit Ethernet Ports 5-8
Configuring Port Negotiation on Gigabit Ethernet Ports 5-8
Configuring a Ti meout Period for Ports in er rdisable State 5-9
Checking Connectivity 5-9
CHAPTER
6 Configuring Fast EtherChannel and Gigabit EtherChannel 6-1
Understanding How EtherChannel Works 6-1
EtherChannel Over view 6-2
Understanding Administrative Groups and EtherChannel IDs 6-2
Understanding the Port Aggregation Protocol 6-2
Understanding Frame Distribution 6-3
Default EtherCha nnel Configuration 6-4
Hardware Support for EtherChannel 6-4
EtherChannel Con figuration Guidelines an d Restrictions 6-4
Configuring EtherChannel 6-5
Creating an EtherChannel 6-5
Defining an EtherChannel Administrative Group 6-6
Setting the EtherChannel Spanning Tree Port Cost 6-7
Setting the EtherChannel Spanning Tree Port VLAN Cost 6-7
Removing an EtherChannel Bundle 6-8
Displaying EtherChannel Configuration Information 6-9
Page 6
Contents
vi
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Displaying Ethe rChannel Traffic Statistics 6-10
Displaying EtherChannel PAgP Statistics 6-11
EtherChannel Con figuration Examples 6-11
Four-Port Fast EtherChannel Configuration Example 6-11
Two-Port Gigabit EtherChannel Configuration Example 6-13
PART
3 Spanning Tree
CHAPTER
7 Configuring Spanning Tree 7-1
How Spanning Tree Protocols Work 7-1
How a Topology Is Created 7-2
How a Switch or Port Becomes the Root Switch or Root Port 7-3
How Bridge Prot oc o l Da ta Un it s W o rk 7-3
Spanning Tree Port States 7-4
Blocking State 7-5
Listening State 7-7
Learning State 7-8
Forwarding State 7-9
Disabled State 7-9
Understanding PVST+ and MISTP Modes 7-10
PVST+ Mode 7-11
MISTP Mode 7-11
MISTP-PVS T + M o de 7-11
Bridge Identifiers 7-12
MAC Address Allocation 7-12
MAC Address Reduction 7-12
Using PVST+ 7-12
Default PVST+ Confi guration 7-13
Configuring PVST+ Bridge ID Priority 7-13
Configuring PVST+ Port Cost 7-15
Configuring PVST+ Port Priority 7-15
Configuring PVST + Default Port Cost Mode 7-16
Configuring PVST + Port VLAN Cost 7-16
Configuring PVST+ Port VLAN Priority 7-17
Disabling the PVST+ Mode on a VLAN 7-18
Using MISTP-PVST+ or MISTP 7-18
Default MISTP Configuration 7-19
Enabling MIS T P-PVST+ or MISTP 7-19
Configuring a MISTP Instance 7-21
Page 7
Contents
vii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Configuring MISTP Bridge ID Priority 7-21
Configuring MISTP Port Cost 7-22
Configuring MISTP Port Priority 7-22
Configuring MISTP Port Instance Cost 7-23
Configuring MISTP Port Instance Priority 7-23
Enabling a MIS T P In st ance 7-24
Mapping VLANs to a MISTP Instance 7-25
Determining MISTP Ins tance—VLAN Mapping Conflicts 7-25
Unmapping VLANs from a MIST P Instance 7-26
Disabling MISTP-PVST+ or MISTP 7-26
Configuring a Root Switch 7-27
Configuring a Pr imary Root Switch 7-27
Configuring a Secondary Root Switch 7-28
Configuring a Root Switch to Improve Convergence 7-29
Using Root Guard—Preventing Switches from Becoming Root 7-30
Configuring Spanning Tree Timers 7-30
Configuring Hello Time 7-31
Configuring For w ard Delay Time 7-31
Configuring Maximum Aging Time 7-32
Understanding How BPDU Skewi ng Works 7-33
Configuring Spa nning Tree BPDU Skewing 7-33
CHAPTER
8 Configuring Spanning Tree PortFast, UplinkFast, and BackboneFast, and Loop Guard 8-1
Understanding How PortFast Works 8-1
Configuring PortFast 8-2
Enabling Spanning Tree PortFast 8-2
Disabling Spanning Tree PortFast 8-3
Understanding How PortFast BPDU Guard Works 8-3
Configuring PortFast BPDU Guard 8-3
Enabling PortFast BPDU Guard 8-4
Disabling PortFast BPDU Guard 8-5
Understanding How PortFast BPDU Filtering Works 8-6
Configuring PortFast BPDU Filtering 8-6
Enabling PortFast BPDU Filtering 8-6
Disabling Port Fast BPDU Filtering 8-7
Understanding How UplinkFast Works 8-8
Configuring Upl inkFast 8-9
Page 8
Contents
viii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Enabling UplinkFast 8-9
Disabling UplinkFast 8-10
Understanding How BackboneFast Works 8-11
Configuring BackboneFast 8-13
Enabling BackboneFast 8-13
Displaying BackboneFast Statistics 8-14
Disabling BackboneFast 8-14
Understanding How Loop Guard Works 8-15
Configuring Loop Guard 8-17
Enabling Loop Guard 8-17
Disabling Loop Guard 8-17
PART
4 Configuring VLANs and VLAN Trunks
CHAPTER
9 Configuring VTP 9-1
Understanding How VTP Wo rks 9-1
VTP Domain 9-2
VTP Modes 9-2
VTP Advertisements 9-2
VTP Version 2 9-3
VTP Pruning 9-3
Default VTP Confi guration 9-5
VTP Configuration Guidelines 9-5
Configuring VTP 9-5
Configuring a VTP Server 9-6
Configuring a VTP Client 9-6
Disabling VTP (VTP Transparent Mode) 9-7
Enabling VTP Version 2 9-7
Disabling VTP Vers ion 2 9-8
Configuring VTP Pruning 9-9
Disabling VTP Pruning 9-10
Monitoring VTP 9-10
CHAPTER
10 Configuring VLANs 10-1
Understanding How VLANs Work 10-1
VLAN Default Configuration 10-3
VLAN Configuration Guidelines 10-3
Configuring VLANs 10-3
Page 9
Contents
ix
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Creating or Modifying an Ethernet VLAN 10-4
Assigning Switch Ports to a VLAN 10-4
Mapping 802.1Q VLANs to ISL VLANs 10-5
Clearing 802.1Q-to-ISL VLAN Mappings 10-6
Deleting a VLAN 10-7
Configuring Private VLANs 10-7
Understanding How Private VLANs Work 10-7
Private VLAN Configuration Guidelines 10-9
Creating a Priv at e VLA N 10-10
Viewing the Port Capabi lity of a Private VLAN Port 10-13
Deleting a Priv at e VLA N 10-13
Deleting an Isolated or Community VLAN 10-14
Deleting a Private VLAN Mapping 10-14
CHAPTER
11 Configuring VLAN Trunks on Fast Ethernet and Gigabit Ethernet Ports 11-1
Understanding How VLAN Trunks Work 11-1
Trunking Overview 11-1
Trunking Modes and En capsulation Types 11-2
Trunking Support 11-4
802.1Q Trunk Restrictions 11-4
Default Trunk Configuration 11-5
Configuring a Trunk Link 11-5
Configuring an 802.1Q Trunk 11-5
Defining the Allo w e d V LA N s on a Tr un k 11-6
Disabling a Trunk Port 11-7
Example VLAN Trunk Configurations 11-7
802.1Q Trunk over Gigabit EtherChannel Lin k Example 11-8
Load-Sharing VLAN Traffic over Parallel Trunks Example 11-11
802.1Q Nonegotiate Trunk Configuration Example 11-18
Disabling VLAN 1 on a Tr unk Link 11-21
CHAPTER
12 Configuring Dynamic Port VLAN Membership with VMPS 12-1
Understanding How VMPS Works 12-1
VMPS and Dynamic Port Hard ware and Software Requirements 12-2
Default VMPS and Dynamic Port Configuration 12-2
Dynamic Port VLAN Membership and VMPS Configuration Guidelines 12-3
Page 10
Contents
x
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Configuring VMPS and Dynamic Port VLAN Membership 12-3
Creating the VMPS Database 12-3
Configuring VMPS 12-4
Configuring Dyna mic Ports on VMPS Clients 12-5
Configuring Static VLAN Port Membership 12-6
Troubleshooting VMPS and Dynamic Port VLAN Membership 12-6
Troubleshooting VMPS 12-6
Troubleshooting Dynamic Port VLAN Membership 12-7
Dynamic Port VLAN Membership with VMPS Configuration Examples 12-7
VMPS Databa se Co nfiguration Fi le Exa m p le 12-7
Dynamic Port VLAN Membership Configuration Example 12-8
Dynamic Port VLAN Membership with Auxiliary VLANs 12-10
Configuratio n Guidelines 12-11
Configuring Dynamic Port VLAN Membership with Auxiliary VLANs 12-11
CHAPTER
13 Configuring GVRP 13-1
Understanding How GVRP Works 13-1
GVRP Hardware and Software Requirements 13-1
Default GVRP Configuration 13-2
GVRP Configuration Guidelines 13-2
Configuring GVRP 13-2
Enabling GVRP Globally 13-3
Enabling GVRP on Individual 802.1Q Trunk Ports 13-3
Enabling GVRP Dynamic VLAN Creation 13-4
Configuring GVRP Registration 13-5
Setting GVRP Normal Registration 13-5
Setting GVRP Fixed Registration 13-5
Setting GVRP Forbidden Registration 13-5
Sending GVRP VLAN Declarations from Blocking Ports 13-6
Setting the GARP Timers 13-6
Displaying GVRP Sta tistics 13-7
Clearing GVRP Statistics 13-8
Disabling GVRP on In dividual 802.1Q Trunk Ports 13-8
Disabling GVRP Globally 13-8
Page 11
Contents
xi
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
PART
5 Directing and Filtering Traffic
CHAPTER
14 Configuring QoS 14-1
Understanding How QoS Works 14-1
Overview of QoS 14-1
QoS Terminology 14-2
Understanding Classification and Marking at the Ingress Port 14-3
Understanding Scheduling 14-3
Software Requirements 14-4
QoS Default Configuration 14-4
Configuring QoS 14-4
Enabling QoS Globally 14-5
Configuring th e Default CoS Value for the Switch 14-5
Reverting to the Default Switch CoS Value 14-5
Mapping CoS Values to Transmit Queues and Drop Thresholds 14-6
Reverting to the Default CoS-to-Transmit Queue and Drop Threshold Mapping 14-6
Displaying QoS Information 14-7
Reverting to QoS Defaults 14-7
Disabling QoS 14-7
CHAPTER
15 Configuring Multicast Services 15-1
Understanding How Multi casting Works 15-1
Understanding Multicasting and Multicast Services Operation 15-1
Joining a Multicast Group 15-2
Leaving a Multicast Group 15-2
Understanding GMRP Operation 15-3
Configuring CGMP 15-4
CGMP Hardware and Software Re qu ir ements 15-4
Default CGMP Configuration 15-4
Enabling CGMP 15-4
Enabling CGMP Fast-Leave Processing 15-5
Displaying Multicast Router Information 15-6
Displaying Multicast Group Information 15-7
Checking CGMP Statistics 15-7
Disabling CGMP Fast-Leave Processing 15-8
Disabling CGMP 15-8
Configuring GMRP 15-8
GMRP Software Requirements 15-9
Default GMRP Configuration 15-9
Page 12
Contents
xii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Enabling GMRP Globally 15-9
Enabling GMRP on Individual Switch Ports 15-10
Disabling GMRP on Individual Switch Ports 15-10
Enabling GMRP Forward-All Option 15-11
Disabling GMRP Forward-All Option 15-11
Configuring GMRP Registration 15-12
Setting Normal Regi stration Mode 15-12
Setting Fixed Registration Mode 15-12
Setting Forbidden Registration Mode 15-13
Setting the GARP Timers 15-13
Displaying GMRP Statistics 15-14
Clearing GMRP Statistics 15-15
Disabling GMRP on the Switch 15-15
Configuring Multicast Router Ports and Group Entries 15-16
Specifying Multicast Router Ports 15-16
Configuring Multicast Groups 15-16
Clearing Multic ast Router Ports 15-17
Clearing Multic ast Group Entries 15-17
CHAPTER
16 Configuring Port Security 16-1
Understanding How Port Security Works 16-1
Allowing Traffic Ba sed on the Host MAC Address 16-1
Restricting Traffic Based on the Host MAC Address 16-3
Port Security Configuration Guidelines 16-3
Configuring Port Security 16-3
Enabling Port Se cu ri ty 16-4
Specifying the Maximu m Nu mber of Secure MAC Addresses 16-4
Specifying the Port Security Age Time 16-5
Clearing MAC Addresses 16-5
Specifying Security Violation Action 16-6
Specifying Shutdown Time 16-6
Disabling Port Security 16-7
Restricting Traffic Based on Host MAC Address 16-7
Monitoring Po rt Security 16-8
CHAPTER
17 Configuring the IP Permit List 17-1
Understanding How the IP Permit List Works 17-1
IP Permit List Default Configuration 17-2
Configuring the IP Permit List 17-2
Page 13
Contents
xiii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Adding IP Addresses to the IP Permit List 17-2
Enabling IP Permi t List 17-3
Disabling the IP Permit List 17-4
Clearing an IP Permit List Entry 17-4
CHAPTER
18 Configuring Protocol Filtering 18-1
Understanding How Protocol Filtering Works 18-1
Default Protoco l Filtering Configuration 18-2
Configuring Protocol Filtering 18-2
Configuring Protocol Filtering 18-3
Disabling Protocol Filtering 18-3
PART
6 Monitoring and Managing the Switch
CHAPTER
19 Checking Port Status and Connectivity 19-1
Checking Module Status 19-1
Checking Port Status 19-2
Checking Port Capabilities 19-4
Using Telnet 19-5
Changing the Login Timer 19-6
Using Secure Shell Encryption for Telnet Sessions 19-6
Monitoring User Sessions 19-7
Using Ping 19-8
Understanding How Ping Works 19-8
Executing Ping 19-9
Using Layer 2 Tr ac e route 19-10
Usage Guidelines 19-10
Identifying a L ayer 2 Path 19-11
Using IP Traceroute 19-11
Understanding How IP Traceroute Works 19-11
Executing IP Traceroute 19-12
CHAPTER
20 Configuring CDP 20-1
Understanding How CDP Works 20-1
Default CDP Config uration 20-1
Configuring CDP 20-2
Page 14
Contents
xiv
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Setting the CDP Glob al Enable State 20-2
Setting the CDP Enable State on a Port 20-3
Setting the CDP Message Interval 20-4
Setting the CDP Holdtime 20-4
Displaying CDP Neighbor Information 20-4
CHAPTER
21 Using Switch TopN Reports 21-1
Understanding How Switch TopN Reports Works 21-1
Overview of Switch TopN Reports 21-1
Running Switch TopN Re ports without the Background Option 21-2
Running Switch TopN Re ports with the Background Option 21-2
Running and Viewing Switch To p N Rep o rt s 21-3
CHAPTER
22 Configuring UDLD 22-1
Understanding How UDLD Works 22-1
UDLD Software and Hardware Requirements 22-2
Default UDLD Configuration 22-3
Configuring UDLD 22-3
Enabling UDLD Globally 22-3
Enabling UDLD on Indi vidual Ports 22-4
Disabling UDLD on Individual Ports 22-4
Disabling UDLD Globally 22-4
Specifying the UDLD Message Interval 22-5
Enabling UDLD Aggressive Mode 22-5
Displaying the UDLD Configuration 22-6
CHAPTER
23 Configuring SNMP 23-1
SNMP Terminology 23-1
Understanding How SNMP Works 23-3
Secuirty Models and Levels 23-3
SNMP ifindex Persistence Feature 23-4
Understanding How SNMPv1 and SNMPv2c Work 23-4
SNMPv1 and SNMPv2c Default Configuration 23-5
Configuring SNMPv1 and SNMPv2c from an NMS 23-5
Configuring SNMPv1 and SNMPv2c from the CLI 23-6
Understanding SNMPv3 23-7
Benefits 23-7
SNMP Entity 23-7
Page 15
Contents
xv
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Dispatcher 23-8
Message Processing Subsystem 23-8
Security Subsystem 23-9
Access Control Subsystem 23-9
Applications 23-9
Configuring SNMPv3 from an NMS 23-10
Configuring SNMPv3 from the CLI 23-10
Using CiscoWorks2000 23-13
CHAPTER
24 Configuring RMON 24-1
Understanding How RMON Works 24-1
Enabling RMON 24-2
Viewing RMON Data 24-2
Supported RMON and RMON2 MIB Objects 24-2
CHAPTER
25 Configuring SPAN and RSPAN 25-1
Understanding How SPAN and RSPAN Work 25-1
SPAN Session 25-1
Destination Por t 25-2
Source Port 25-2
Reflector Port 25-3
Ingress SPAN 25-3
Egress SPAN 25-3
VSPAN 25-3
Trunk VLAN Filtering 25-4
SPAN Traffic 25-4
SPAN and RSPAN Session Limit s 25-4
Configuring SPAN 25-4
Understanding How SPAN Works 25-4
SPAN Configuration Guidelines 25-5
Configuring SPAN 25-6
Configuring RSPAN 25-8
RSPAN Software and Hardware Requirements 25-8
Understanding How RSPAN Work 25-8
RSPAN Configuration Guidelines 25-9
Configuring RSPAN 25-10
Disabling RSPAN Sessions 25-13
RSPAN Configuration Examples 25-14
Page 16
Contents
xvi
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Configuring a Single RSPAN Session 25-14
Modifying an Active RSPAN Session 25-14
Adding RSPAN Source Ports in Intermediate Switches 25-15
PART
7 Administering the Switch
CHAPTER
26 Administering the Switch 26-1
Setting the System Name and System Prompt 26-1
Configuring a Sta tic System Name and Prompt 26-2
Setting a Static System Name 26-2
Setting a Static System Prompt 26-2
Clearing the System Name 26-3
Setting the System Contact and Location 26-3
Setting the System Clock 26-4
Creating a Login Banner 26-4
Configuring a Login Banner 26-4
Clearing the Login Banner 26-5
Defining and Using Command Aliases 26-5
Defining and Using IP Aliases 26-7
Configuring Permanent and Static ARP Entries 26-7
Configuring Static Routes 26-9
Scheduling a System Reset 26-10
Scheduling a Reset at a Specific Time 26-10
Scheduling a Reset Within a Specified Amount of Time 26-11
Power Management 26-11
Power Redundancy 26-12
Limitations of the 1+1 Redundancy Mode 26-12
Power Consumption of Modules 26-14
Setting the Power Budget 26-15
Generating System Status Reports for Tech Support 26-16
CHAPTER
27 Configuring Switch Acces s Using AAA 27-1
Understanding How Authentication Works 27-1
Authentication Overview 27-2
Understanding How Login Authentication Works 27-2
Understanding How Local Authentication Works 27-2
Understanding How TACACS+ Authentication Works 27-3
Page 17
Contents
xvii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Understanding How RADIUS Aut hentication Works 27-4
Understanding How Kerberos Authentication Works 27-4
Using Kerberized Login Procedure 27-6
Using a Non-Kerberi zed Login Procedure 27-6
Understanding How 802.1x Authentication Works 27-7
Traffic Contr ol 27-9
Authentication Server 27-9
802.1x Parameters Configurable on the Switch 27-9
Configuring Authentication 27-9
Authentication Default Configuration 27-10
Authentication Configuration Guidelines 27-11
Configuring Login Authentication 27-12
Setting Authentication Login Attempts on the Switch 27-12
Setting Authentication Login Attempts for Privileged Mode 27-13
Configuring Local Authentication 27-13
Enabling Loc al Authentica ti on 27-14
Setting the Login Password 27-14
Setting the Enable Password 27-15
Disabling Local Authentication 27-15
Recovering a Lost Password 27-16
Configuring TACACS+ Authentication 27-17
Specifying TACACS+ Servers 27-17
Enabling TACACS+ Authentication 27-18
Specifying the TACACS+ Key 27-19
Setting the TACACS+ Timeout Interval 27-19
Setting the TACACS+ Lo gin Attempts 27-20
Enabling TACACS+ Directed Request 27-20
Disabling TACACS+ Directed Request 27-21
Clearing TACACS+ Servers 27-21
Clearing the TACACS+ Key 27-22
Disabling TACACS+ Authentication 27-22
Configuring RADIUS Authentication 27-23
Specifying RADIUS Servers 27-23
Enabling RADIUS Authentication 27-24
Specifying the RADIUS Ke y 27-25
Setting the RADIUS Timeout Interval 27-26
Setting the RADIUS Retransmit Count 27-26
Setting the RADIUS Dead Ti me 27-27
Clearing RADIUS Servers 27-28
Page 18
Contents
xviii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Clearing the RADIUS Key 27-28
Disabling RADIUS Authentication 27-29
Configuring Kerberos Authentication 27-30
Enabling Kerberos 27-31
Defining the Kerberos Local-Realm 27-31
Specifying a Kerberos Server 27-32
Mapping a Kerberos Realm t o a Host Name or DNS Domain 27-33
Copying SRVTAB Files 27-33
Deleting an SRVTAB Ent ry 27-34
Enabling Credentials Forwarding 27-35
Disabling Credentials Forwarding 27-36
Defining a Priv ate DES Key 27-37
Encrypting a Telnet Session 27-37
Monitoring and Maintaining Kerberos 27-38
Configuring 802.1x Authentication 27-39
Enabling 802.1x Globally 27-39
Disabling 802.1x Globally 27-40
Enabling and Ini tializing 802.1x Authentication for Individual Ports 27-40
Setting and Enabl ing Automatic Reauthenti cation of the Supplicant 27-41
Manually Reauthenticating the Supplicant 27-42
Enabling Multiple Hosts 27-42
Disabling Multiple Hosts 27-42
Setting the Quiet Period 27-43
Setting the Authe n ticator-to-Supplic ant Retransmission Time for EAP-Request/Identi ty
Frames
27-43
Setting the Back- End Authenticator-to- S upplicant Retransmission Time for EAP-Request
Frames
27-43
Setting the B ack-End Aut henticator- to-Authent ication- Server Retran smission T ime for Trans port
Layer Packets
27-44
Setting the Back-End Authenticator-to-S upplicant Frame-Retransmission Number 27-44
Resetting the 802 .1x Configuration Para meters to the Default Values 27-45
Setting the Trace S everity 27-45
Using the show Commands 27-46
Authentication Example 27-47
Understanding How Authorization Works 27-49
Authorizatio n Overview 27-49
Authorizatio n Events 27-49
TACACS+ Primary Options and Fallback Options 27-49
TACACS+ Command Authorization 27-50
RADIUS Authorization 27-50
Page 19
Contents
xix
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Configuring Authorization 27-51
Authorizatio n Default Configuration 27-51
TACACS+ Authorization Configuration Gu idelines 27-51
Configuring TACACS+ Authorization 27-51
Enabling TACACS+ Authorization 27-52
Disabling TACACS+ Authorization 27-53
Authorizatio n Example 27-54
Understanding How Accounting Works 27-55
Accounting Overview 27-56
Accounting Events 27-56
Specifying When to Create Accounting Records 27-57
Specifying RADIUS Servers 27-57
Updating the Server 27-58
Suppressing Accounting 27-58
Configuring Accounting 27-58
Accounting Default Configuration 27-58
Accounting Configuration Guidelines 27-59
Configuring Accounting 27-59
Enabling Accounting 27-59
Disabling Accoun ting 27-61
Accounting Example 27-62
CHAPTER
28 Modifying the Switch Boot Configuration 28-1
Understanding How the Switch Boot Configuration Works 28-1
Understanding the Boot Process 28-1
Understanding the ROM Mo nitor 28-2
Understanding the Configuration Register 28-2
Understanding the BOOT Environment Variable 28-3
Understanding the CONFIG_FILE Environment Variable 28-3
Default Switch Boot Configuration 28-4
Setting the Configuration Register 28-4
Setting the Boot Field in the Configuration Register 28-4
Setting CONFIG_FILE Recurrence 28-5
Setting the Switch to Ignore the NVRAM Configuration 28-6
Setting the BOOT Environment Variable 28-7
Setting the BOOT Environment Variable 28-7
Clearing the BOOT Environment Variable Settings 28-7
Page 20
Contents
xx
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Setting and Clearing the CONFIG_FILE Environment Variable 28-8
Setting the Variable 28-8
Clearing the Variable Settings 28-8
Displaying the Switch Boot Configuration 28-9
CHAPTER
29 Working with System Software Images 29-1
Software Image Naming Conventions 29-1
Downloading System Software Images to the Switch UsingTFTP 29-1
Understanding How TFTP Software Image Downloads Work 29-2
Preparing to Downl oad an Image Using TFTP 29-2
Downloading Super visor Engine Images Using TFTP 29-2
Example TFTP Download Procedures 29-3
Uploading System Sof tware Images to a TFTP Server 29-5
Preparing to Upload an Image to a TFTP Server 29-5
Uploading Software Images to a TFTP Server 29-5
Downloading System Software Images to the Switch Using rcp 29-6
Understanding How rcp Software Image Downloads Work 29-6
Preparing to Downl oad an Image Using rcp 29-6
Downloading Super visor Engine Images Using rcp 29-6
Sample rcp Download Procedures 29-7
Uploading System Sof tware Images to an rcp Server 29-9
Preparing to Upload an Image to an rcp Server 29-9
Uploading Softwar e Images to an rcp Server 29-9
CHAPTER
30 Using the Flash File System 30-1
Using the Flash File System 30-1
Setting the Default Flash Device 30-1
Setting the Text File Configuration Mode 30-2
Listing the Files on a Flash Device 30-3
Displaying the Contents of a File on a Flash Device 30-4
Copying Files 30-4
Deleting Files 30-6
Restoring Deleted Files 30-7
Verifying a File Checksum 30-7
Page 21
Contents
xxi
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
CHAPTER
31 Working with Configuration Files 31-1
Guidelines for Creating and Using Configuration Files 31-1
Creating a Configuration File 31-2
Configuring the Switch Using a File in Flash Memory 31-2
Copying Configuration Files Using TFTP 31-3
Downloading Configuration Files from a TFTP S erver 31-3
Preparing to Downl o ad a Configuration File Using TFTP 31-4
Configuring the Switch Using a File on a TFTP Server 31-4
Uploading Configuration Files to a TFTP Server 31-5
Preparing to Upload a Configuration File to a TFTP Server 31-5
Uploading a Configuration File to a TFTP Server 31-5
Copying Configuration Files Using rcp 31-6
Downloading Configuration Files from an rcp Server 31-6
Preparing to Downl o ad a Configuration File Using rcp 31-6
Configuring the Switch Using a File on an rcp Server 31-6
Uploading Configuration Files to an rcp Server 31-7
Preparing to Upload a Configuration File to an rcp Server 31-7
Uploading a Configuration File to an rcp Server 31-7
Clearing the Configuration 31-8
CHAPTER
32 Configuring Switch Acceleration 32-1
Understanding Switch Acceleration 32-1
Switch Acceleration Configuration Modes 32-2
Configuring Switch Acceleration 32-3
Displaying Switch Acceleration Information 32-3
Backplane Channel Module 32-3
CHAPTER
33 Configuring System Message Logging 33-1
Understanding How System Message Logging Works 33-1
System Log Message Format 33-3
Default System Message Logging Configuration 33-4
Configuring System Message Logging 33-4
Configuring Session Logging Settings 33-4
Configuring the System Message Logging Levels 33-5
Changing the Loggi ng Timestamp Enable State 33-6
Specifying the Logging Buffer Size 33-6
Configuring the syslog Daemon on a UNIX syslog Se rver 33-7
Configuring syslog Servers 33-7
Page 22
Contents
xxii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Displaying the Lo gging Configuration 33-8
Displaying System Me ssages 33-9
CHAPTER
34 Configuring DNS 34-1
Understanding How DNS Works 34-1
DNS Default Co nf ig ur ation 34-1
Configuring DNS 34-2
Setting Up and Enabling DNS 34-2
Clearing a DNS Server 34-3
Clearing the DNS Domain Name 34-3
Disabling DNS 34-3
CHAPTER
35 Configuring NTP 35-1
Understanding How NTP Works 35-1
Default NTP Config uration 35-2
Configuring NTP 35-2
Configuring NTP i n Broadcast-Client Mode 35-3
Configuring NTP i n Client Mode 35-3
Configuring Authentication in Client Mode 35-4
Setting the Time Zone 35-5
Enabling the Daylight Saving Time Adjustment 35-5
Disabling the Daylight Saving Time Adjustment 35-7
Clearing the Ti m e Zo ne 35-7
Clearing NTP Servers 35-7
Disabling NTP 35-8
PART
8 Appendix
APPENDIX
A Acronyms A-1
INDEX
Page 23
xxiii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Preface
This preface describes t he intende d audien ce for this manual , how it is organized, the do cument
conventions, and how to obtain additional documenta ion and tec hnical supp ort.
Audience
This guide is for experien ced network adminis trato rs who are re sponsibl e for configurin g and
maintaining Catalyst enterprise LAN switches.
Organization
The major sections of this guide are as follows:
Chapter Title Description
Part 1—Getting Started
Chapter 1 Product Overview Presents an over vie w o f the Cataly st enterpr ise LAN
switches.
Chapter 2 Using the Comma nd- Line
Interface
Describes how to use the different com mand-lin e
interfaces (CLIs).
Chapter 3 Configuring the Switch IP
Address and Default Gateway
Describes how to perform a baseline configuration of
the switch.
Part 2—Configuring Ethernet Switching
Chapter 4 Configuring Ethernet and Fast
Ethernet Switc hing
Describes how to configure Ether ne t and Fast
Ethernet switching on the switch.
Chapter 5 Configuring Gigabit Ethernet
Switching
Describes how to configure Gigabit Ethern et
switching on the switch.
Chapter 6 Configuring Fast EtherChannel
and Gigabit Et h erCha nnel
Describes how to configure Fast EtherChannel and
Gigabit EtherChanne l po rt bundl es.
Page 24
xxiv
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Preface
Organization
Part 3—Spanning Tree
Chapter 7 Configuring Spanning Tree Describes how to configure the Sp an ning Tree
Protocol and explains how spanning tree works.
Chapter 8 Configuring Spanning Tree
PortFast, UplinkFast, and
BackboneFast, and Loop Guard
Describes how to configure the span ning t ree
PortFast, UplinkFast, and BackboneFast features.
Part 4—Configuring VLANs and VLAN Trunks
Chapter 9 Configuring VTP Describes how to configure VLAN Trunk Protocol
(VTP) on the switch.
Chapter 10 Configuring VLA Ns Describes how to configure VLANs and private
VLANs on the switch.
Chapter 11 Configuring VLA N Trunks on
Fast Ethernet and G igabi t
Ethernet Po rts
Describes how to configure Inter-Switch Link ( ISL )
and IEEE 802.1Q VLAN trunks on Fast Ethernet and
Gigabit Ethernet p orts.
Chapter 12 Configuring Dyna mic Port
VLAN Membership with VMPS
Describes how to configure VLAN Membership
Policy Server (VMPS) and dy namic po rts o n the
switch.
Chapter 13 Configuring GVR P Describes how to configure GARP VLAN
Registration Protocol (GVR P) on the sw itch.
Part 5—Directing and Filtering Traffic
Chapter 14 Configuring QoS Describes how to configure quality of service (QoS).
Chapter 15 Configuring Multicast Services Describes how to configure Cisco Group
Management Protocol (CGMP), Internet Group
Management Protocol (IGMP) snooping, and GARP
Multicast Registratio n Pr otoc ol ( GMR P) o n the
switch.
Chapter 16 Configuring Port Secur ity Describes how to configure po rt s ecur ity on the
switch.
Chapter 17 Configuring the IP Permit List Describes how to configure IP permit list on the
switch.
Chapter 18 Configuring Protocol Filtering Describes how to configure protocol filtering on
Ethernet, Fast Ethernet, and Gigabit Ethernet ports.
Part 6—Monitoring and Managing the Switch
Chapter 19 Checking Port Status and
Connectivity
Describes how to display information about modules
and switch ports and how to check connectivity using
ping, Telnet, and IP traceroute.
Chapter 20 Configuring CDP Describes how to configure Cisco Discovery
Protocol (CDP) on the switch.
Chapter 21 Using Switch TopN Reports Describes how to generate swi tch TopN reports on
the switch.
Chapter 22 Configuring UDL D Describes how to configure the UniDirectional Link
Detection (UDLD) protocol on the switch.
Chapter 23 Configuring SNMP Describes how to configure the Si mple Networ k
Management Protocol (SNMP) on the switch.
Chapter Title Description
Page 25
xxv
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Preface
Related Documentation
Related Documentation
The following publications are available for the Catalyst enterprise LAN switches:
• Catalyst 4000 Family Installation Guide
• Catalyst 4912G Installation Guide
• Catalyst 2948 G and 2980G In stallatio n Guide
• Quick Software Configuration—Catal yst 5000 Family, 4000 Family, 2926G Serie s, 2948G, and
2980G Switches
• Command Reference—Catalyst 4000 Family, Catalyst 2948G, and Catalyst 298 0G Swi tches
• Layer 3 Switching Soft ware Configuration Guide—Catalyst 5000 Family, 4000 Family,
2926G Series, 292 6 Series, 2948G, an d 298 0G Sw itche s
• System Message Guide—Catalyst 6000 Family, 5000 Family, 4000 Family, 2926G Seri es, 2 948G,
and 2980G Switches
• Release Notes for Catalyst 4000 Family Supervisor Engine Sof tware Release 6 .x
Chapter 24 Configuring RMO N Describes how to configure Remote Monitoring
(RMON) on the switch.
Chapter 25 Configuring SPAN and RSPAN Describes how to configure the Switc h Port Analyzer
(SPAN) on the switch.
Part 7—Administering the Switch
Chapter 26 Administering the Switch Describes how to set the system name, create a login
banner, and perform other administrative tasks on the
switch.
Chapter 27 Configuring Switch Acces s
Using AAA
Describes how to configure local and TACACS+
authentication on the switch.
Chapter 28 Modifying the Switch Boot
Configuration
Describes how to modify the switch boot
configuration, includ ing the BO OT environment
variable and the configuration registe r.
Chapter 29 Working with System Software
Images
Describes how to download and upload system
software images.
Chapter 30 Using the Flash File System Describes how to work with the Flash file system
available on some switch platforms.
Chapter 31 Working with Configuration
Files
Describes how to create, download, and upload
switch configuration files.
Chapter 32 Configuring Switch
Acceleration
Describes the Backpla ne Channel module and the
switch acceleration feature.
Chapter 33 Configuring Syste m Message
Logging
Describes how to configure system message logging
(syslog) on the swit ch.
Chapter 34 Configuring DNS Describes how to configure Domain Name System
(DNS) on the switch.
Chapter 35 Configuring NTP Describes how to configure Network Time Protocol
(NTP) on the switch.
Chapter Title Description
Page 26
xxvi
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Preface
Conventions
Conventions
Throughout this publication, these conventions are used when referring to switch platforms:
• Catalyst enterprise LAN switches—Refers to the Catalyst 4000 family, Catalyst 2948G, and
Catalyst 2980G switches.
• Catalyst 4000 family switches—Refers to t he C ata lyst 4003, Catalyst 4 006 , and C atalyst 4912G
switches.
Command descriptions use these conventions:
Screen examples use these conventions:
boldface font Commands and keywords a re i n boldface.
italic font Arguments for which you supply values are in ita li cs.
[ ] Elements in square brackets are optional.
{x | y | z} Alternative keywords are grouped in braces and separa ted by vertical
bars.
[x | y | z] Optional alternative keywords are grouped in brackets and separated by
vertical bars.
string A nonquoted set of chara cters. Do no t use quo tation m arks a ro und th e
string or the string will include the quotation marks.
screen font Terminal sessions and information the system displays are in screen
font.
boldface screen font Information you must enter is in boldface screen font .
italic screen font Arguments for which you supply values are in italic screen fo nt.
^ The symbol ^ represents the key labeled Control—for example, the key
combination ^D in a screen display means hold down the Control key
while you press the D key.
< > Nonprinting charact ers, such as pa sswords are in angle brackets.
[ ] Default responses to system prompts are in square brackets.
!, # An exclamation point (!) or a po und sign (#) at the beginning of a line
of code indicates a comm ent l ine.
.
.
.
Indicates that screen outp ut not r elevant to the ex am pl e w a s removed to
save space and preserve clarity.
Page 27
xxvii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Preface
Obtaining Documentation
Notes use these conventions:
Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the
publication.
Cautions use these conventions:
Caution Means reader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Obtaining Documentation
These sections explain how to obtain docu mentation from Cisco Syste ms.
World Wide Web
You can access the m ost c urre nt C isco doc ume ntati on on t he World Wide Web at this U RL:
http://www.cisco.com
Translated documentation is available at this URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM
package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may
be more current than printed documentation. The CD-ROM package is available as a single unit or
through an annual subscription.
Ordering Documentation
You can order Cisco documentation i n these ways:
• Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from
the Networking Produ cts Market Pla ce:
http://www.cisco.com/cgi-bin/order/order_root.pl
• Re gistered Cisco.com users can order the Documentation CD-ROM through the online Subscription
Store:
http://www.cisco.com/go/subscription
• Nonregistered Cisco.com users can o rd er doc umen tat ion t h rough a loc a l acco unt r ep resen ta tive by
calling Cisco Systems Corpo rate Headqu arter s (Califo rnia, U.S.A. ) at 408 526-7208 or, elsewhere
in North America, by calli ng 800 55 3-NE TS (6387).
Page 28
xxviii
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Preface
Obtaining Technical As sistance
Documentation Feedback
You can submit comm ent s e lec tron ica ll y on C isco. com. I n the Cisc o Do cum e ntat ion ho me p ag e, c li ck
the Fax or Email option in the “Le ave Feedback” sec tion at th e bottom of the page .
You can e-mail your commen ts to bug-doc @cisco.c om.
You can submit your comments by mai l by using the respon se card behind th e front cover of your
document or by wri ting t o the fo llowing a ddress:
Cisco Systems
Attn: Document Resour ce Connec tion
170 West Tasman Drive
San Jose, CA 95134- 988 3
We appreciat e your co mmen ts.
Obtaining Technical Assistanc e
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can
obtain online documentation, troubleshooting tips, and sample configurations from online tools by using
the Cisco T ech nical Assistance Center (TA C) Web Site. Cisco.com re gistered user s hav e complete acces s
to the technical support resources on the Cisco TAC Web Site.
Cisco.com
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open
access to Cisco information, networking solutions, service s, pr ogram s, a nd resour ce s at any time , from
anywhere in the wor ld.
Cisco.com is a highly int egrated Interne t applicat ion and a powerf ul, easy- to-use t ool that prov ides a
broad range of f eat ures an d s er vices to hel p you w it h th ese tasks:
• Streamline business processes and improve productivity
• Resolve technical issues with online support
• Download and test softwar e pa ck ag es
• Order Cisco learning materials a nd merc handise
• Register for online skill assessment, training, and certification programs
If you want to obtain customized information and service, you can self-register on Cisco.com. To access
Cisco.com, go to this URL:
http://www.cisco.com
Technical Assistance Center
The Cisco Technical A ssistance Cen ter (TA C) is av ailable to all custo mers who n eed technica l assistance
with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC
Web Site an d th e Ci sco TAC Escalatio n C en te r.
Page 29
xxix
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Preface
Obtaining Technical Assistance
Cisco TAC inquiries are categorized according to the urgency of the i ssue:
• Priority level 4 (P4)—You need information or assis tanc e c once rnin g C isco produ ct ca pabi litie s,
product installation, or basi c product configuration.
• Priority level 3 (P3)—Your network performance is degraded. Network functio nality is no ticeabl y
impaired, but most business operations continue.
• Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects
of business operations. No workar oun d is available.
• Priority level 1 (P1)—Your production network is down, and a critical impact to business operations
will occur if se rv ice is n ot r esto re d qui ck ly. No workaround i s available.
The Cisco TAC resource that you choose is based on th e priorit y of the probl em and th e condit ions of
service cont rac ts , w h en appl ic ab le .
Cisco TAC Web Site
You can use the Cisco TAC Web Site to resolve P3 and P4 issues yourself, saving both cost and tim e.
The site provides around-the-clock access to online tools, knowledge bases, and software. To access the
Cisco TAC Web Site, go to th is U RL:
http://www.cisco.com/tac
All customers, partners, and resellers who have a valid Cisco service contract have complete access to
the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a
Cisco.com login I D a nd passwor d. If yo u have a valid servi ce con tra ct but do no t have a login ID or
password, go to this URL to register:
http://www.cisco.com/register/
If you are a Cisco.com registere d user, and you cannot resol ve your tech ni cal issues by using the Cisco
TAC Web Site, you can open a case online by using the TAC Case Open tool at this URL:
http://www.cisco.com/tac/caseopen
If you have Internet access, we recommend that you open P3 and P4 cases th rough the Cisco TAC
Web Site.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These
classifications are assigned when severe network degradation significantly impacts business operations.
When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer
automatically opens a case.
To obtain a d ire ct ory o f tol l-fr ee C i sco TAC telephone n umb er s for yo ur co untr y, go to this UR L:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support
services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network
Supported Account s (NSA ). W he n you c all t he ce nte r, please have available your serv ice agre eme nt
number and your product seri al number.
Page 30
xxx
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Preface
Obtaining Technical As sistance
Page 31
P
ART
1
Getting Started
Page 32
Page 33
CHAPTER
1-1
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
1
Product Overview
The Catalyst enterprise LAN switches facilitate the migration from traditional shared-hub LANs to
large-scale, fully integrated internetworks. These switches provide switched connections to individual
workstations, servers, LAN segments , backbone s, or other switches , using a variety of me dia.
This chapter consists of these sections:
• Catalyst 4000 Family Switches, page 1-1
• Catalyst 2948G Switch, page 1-2
• Catalyst 2980G Switch, page 1-2
• Supervisor Engine Software, page 1- 3
Catalyst 4000 Family Switches
Note For installation information and a complete description of the Catalyst 4000 family switch hardware,
refer to the Catalyst 4000 Family Installation Guide and the Catalyst 4912G Installation Gui de.
Table 1-1 describes the Catalyst 400 0 fami ly s witc hes.
Table 1-1 Catalyst 4000 Family Switches
Product Number Chassis Description
WS-C4003 Catalyst 4003
• Modular 3-slot chassis
• 12-Gbps backplane
• Optional redundant power supplies
Page 34
1-2
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 1 Product Overview
Catalyst 2948G Switch
Catalyst 2948G Switch
Note For installation information and a complete description of the Catalyst 2948G switch hardware, refer to
the Catalyst 2948G and 2980G In stall ation Gui de.
Table 1-2 describes the Catalyst 2948G switch.
Catalyst 2980G Switch
Note For installation information and a complete description of the Catalyst 2980G switch hardware, refer to
the Catalyst 2948G and 2980G In stall ation Gui de.
Table 1-3 describes the Catalyst 2980G switch.
WS-C4006 Catalyst 4006
• Modular 6-slot chassis
• 30-Gbps backplane
• Two power supplies, with optional third power supply
WS-C4912G Catalyst 4912G
• Fixed configuration switch
• 12-Gbps backplane
• Optional redundant power supplies
• 12 1000BASE-X (GBIC) Gigabi t Ethern et ports
Table 1-1 Catalyst 4000 Family Switches (continued)
Product Number Chassis Description
Table 1-2 Catalyst 2948G Switch
Product Number Chassis Description
WS-C2948G Catalyst 2948G
• Fixed configuration switch
• 12-Gbps backplane
• Optional redundant power supplies
• Two 1000BASE-X (GBIC) Gigabit Ethernet port s
• 48 10/100BASE-TX Fast Ethernet ports
Page 35
1-3
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 1 Product Overview
Supervisor Engine Software
Supervisor Engine Software
The supervisor engine s oftware is facto ry install ed on every supervisor eng ine modul e or
fixed-configuration switch. So me modu l es re quir e an a dd ition al soft ware i m ag e, w hic h is fac tory
installed on the module.
The Catalyst enterprise LAN switches share a command-line interface (CLI) with which you can
configure modules and port s on the switc hes. For more informa tion, see Chapter 2, “Using the
Command-Line Inte rface .” For descriptions of the available CLI commands, refer to the Command
Reference—Catalyst 4000 Family, Catalyst 2948G, and Cataly st 2 980G Swi tches .
Table 1-3 Catalyst 2980G Switch
Product Number Chassis Description
WS-C2980G Catalyst 2980G
• Fixed configuration switch
• 12-Gbps backplane
• Optional redundant power supplies
• Two 1000BASE-X (GBIC) Gigabit Etherne t po rts
• 80 10/100BASE-TX Fast Ethernet ports
Page 36
1-4
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 1 Product Overview
Supervisor Engine Software
Page 37
CHAPTER
2-1
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
2
Using the Command-Line Interface
This chapter describes the CLI that you use to configure the Catalyst enterprise LAN switches and
modules.
Note For descriptions of a ll switc h an d ROM monit or c om mands, r efe r to the C omma nd
Reference—Catalyst 4000 Family, Catalyst 2948G, and Cataly st 2 980G Swi tches . For descriptions of
the commands used to configure the Route Switch Module (RSM) and Route Switch Feature Card
(RSFC), refer to the Cisc o IOS soft ware comm and re ferenc e publica tions.
This chapter consists of these sections:
• Overview of the Sw it ch CL I, p age 2-1
• Accessing the Switch CLI, page 2-2
• Switch CLI Command Modes, page 2-3
• Accessing Help, page 2-4
• Command-Line Editing, page 2-5
• History Substitution, page 2-5
• Abbreviating a Command, page 2-6
• Completing a Partial Command, page 2-6
• Scrolling Down a Line or a Scree n, pag e 2-7
• Using Command Aliases, page 2-7
• Specifying Modules, Ports, and VL ANs, pag e 2-7
• Specifying MAC Addresses, page 2-8
• Specifying IP Addresses, Host Names, and IP Aliases, page 2-8
• ROM Monitor Command -Lin e Interfa ce, page 2-9
• Catalyst 400 3 B ootup Di spla y Exa mp le, page 2-9
Overview of the Switch CLI
The switch CLI is a basic command-line interpre ter, similar to the UNIX C shell. Switch commands are
not case sensitive. You can abbreviate commands and parameters as lon g as they contain enough lett ers
to be distinguis hed from a ny othe r curr en tly available com ma nd s or p aram eters.
Page 38
2-2
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Com m and-Line Interface
Accessing the Switch CLI
The Catalyst enterprise LAN switches are multimodule systems. Commands you enter from the CLI
might apply to the entire syste m or to a specific modul e, port, or V LAN.
You configure the switch using set and clear commands. Enter set commands to change switch
parameters. Use clear commands (or, in some cases, set commands) to overwrite or er as e co nfiguration
parameters. Use show commands to display the current configuration and to monitor the switch.
Accessing the Switch CLI
You can access the CLI t hrough the su pervi so r eng ine conso le por t or thr ough a Telnet session.
These sections describe how to access the switch CLI:
• Accessing the CLI through the Console Port, page 2-2
• Accessing the CLI Through Telnet, page 2-2
Accessing the CLI through the Console Port
To access the switch CLI th rough the console por t, you first must conne ct a console termi nal to the
console port through an EIA/TIA-232 (RS-232) cable. Make sure that the terminal is connected to the
switch and that the t erm ina l is on .
Note For complete information on how to connect a terminal to the supervisor engine console port, refer to
the hardware documentati on for you r switch.
To access the switch CLI through the console port, follow these steps:
Step 1 Connect to the superviso r engi ne console por t using the approp riate ap plicat ion or comm ands on the
terminal (for example, using a terminal emulation program on a PC or using the tip command on a UNIX
system).
Step 2 If the switch is not on, p ower up t he s wi tc h. Th e bo otup displ ay shou ld a ppe ar on the scre en ( see t h e
“Catalyst 4 003 Bo ot up D ispl ay E xa mple” sect ion on page 2-9). If the switch is already booted, press
Enter to see this display:
Cisco Systems, Inc. Console
Enter password:
After you successfully con nect to the s witch throu gh the c onsole port, you can ent er normal -mode
commands to m onit or the swi tch o r ent er pr ivileged mode to c ha nge th e co nfigur ati on . For more
information, see the “Switch CLI Command Modes” section on page 2-3.
Accessing the CLI Through Telnet
Before you can open a Telnet session to the switch, you must first set the IP address (and in some cases
the default gateway) for t he sw it ch. For in fo rmat ion ab out sett ing the I P addr ess a nd default gat eway,
see Chapter 3, “Configuri ng the Switch IP Addr ess and Defau lt Gateway.”
Page 39
2-3
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Command-Line Interface
Switch CLI Command Modes
Note For more information about using Telnet, see the “Using Telnet” section on page 19- 5.
To access the switch CLI from a remote host using Telnet, follow these steps:
Step 1 Make sure that the switch is on and is properly configured with an IP address and default gateway, if
necessary.
Step 2 Using the appropriate appl icati on or comma nd on your host syste m, Telnet to the switch using the IP
address or DNS host name of the switch. (You must configure DNS properly on the switch and on your
network name server in order to use DN S host name s. For more inform ation on DNS, see Chapter 34,
“Configuring DNS.”)
unix_host% telnet Catalyst_1
Trying 172.16.10.10...
Connected to Catalyst_1.
Escape character is '^]'.
Cisco Systems Console
Enter password:
After you successful ly c onne ct to t he s wit ch u sing Telnet, you can ent er nor mal- mode com ma nds to
monitor the switch or enter privileged mode to change the configuration. For more information, see the
“Switch CLI Co mma nd M od es” sec tion o n page 2-3.
Switch CLI Command Modes
The switch CLI supports two modes of opera tion:
• Normal (also called login or user mode)
• Privileged (also called enable mode).
Both modes are password protect ed. Use no rmal-m ode comma nds for syst em moni toring . Use
privileged-mode commands to change the system configuration.
Note For complete information on configuring passwords and controlling access to the switch, see Chapter 27,
“Configuring Switch Access Using AAA. ”
To enter normal command mode, follow these steps:
Step 1 Connect to the switch CLI through the console port or using Telnet (for more information, see the
“Accessing the Switch CLI” section on page 2-2).
Step 2 On a new switch, the normal-mode password is null. If you are connecting to a new switch, press Return
at the Enter Password p rompt . Oth erw ise, en te r th e norma l-m ode p assword for t h e switc h.
You will see the user level command-line prompt:
Enter Password: <normal_mode_password>
Console>
Page 40
2-4
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Com m and-Line Interface
Accessing Help
Step 3 To disconnect from the switch CLI, enter the exit command.
Console> exit
Session Disconnected...
Cisco Systems Console Fri Aug 27 1999, 16:14:41
Enter password:
Many commands (for exam ple, com ma nds tha t m odi fy t he con figurat ion) c an b e en ter ed on ly i n
privileged mode. To enter privileged comm and m ode , fo l low the se st ep s:
Step 1 From normal mo de , ente r th e enable comman d. On a n e w swi tch, th e privileged-mode password is null .
If you are conn ect ing to a new switch, pr es s Return at the Enter Password prompt. Otherwise, enter the
privileged-mode password fo r the swi tch.
Console> enable
Enter password: <privileged_mode_password>
Console> (enable)
Step 2 To exit privileged mode and return to normal mode, enter the disable command.
Console> (enable) disable
Console>
Accessing Help
Enter help or ? in normal or privileged mode to see the commands available in those modes. Command
usage, the help menu, and when appro priat e, param eter ra nges are provi ded if you en ter a comma nd
using the wrong nu mbe r of a rgumen ts or ina pp rop ria te argument s.
Additionally, appending ? to a c om mand di spla ys a li st of valid keywords and a rgumen ts f or the
command. Insert a space between the last parameter and the question mark (?). For example, eight
parameters are used by the set mls co mm an d. To see these parame ter s, en te r set mls ? at the privileged
prompt. The system d isplay s al l valid keywords and argume nts as follows:
Console> (enable) set ip ?
alias Set alias for IP Address
dns Set DNS information
fragmentation Set IP fragmentation enable/disable
http Set IP HTTP server information
permit Set IP Permit List
redirect Set ICMP redirect enable/disable
route Set IP routing table entry
unreachable Set ICMP unreachable messages
Console> (enable) set ip
Note The system repeats the c omman d you enter ed withou t the que stion mar k (?).
Page 41
2-5
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Command-Line Interface
Command-Line Editing
To use the par tia l-keyword-looku p fun ction , ente r ? to display a list of commands that begin with a
specific set of characters. Do not insert a space between the last letter of the variable and the question
mark (?). For exam pl e , en te r co? at the privileged prompt to display a list of commands that start with
co. The system displays all commands tha t begin with co as follows:
Console> (enable) co?
configure Configure system from network
copy Copy files between TFTP/RCP/module/flash devices
Console> (enable) co
Note The system repeats the c ommand you entere d without the questio n mark (?).
Command-Line Editing
The switch CLI supports a number of command line editing keystrokes. Table 2-1 lists the keystrokes
you can use when entering and editing switch commands.
History Substitution
The history buffer stores th e last 2 0 co mma nds t hat y ou en t ered du ring a t ermi n al sessio n. His to ry
substitution allows you to repeat these commands using the special abbreviated commands, similar to
those used o n t h e UNI X co mm an d li n e. Table 2-2 lists the history substitution commands.
Table 2-1 Command-Line Editing Keystrokes
Keystroke Function
Ctrl-A Jumps to the first character of the command line.
Ctrl-B or the Left Arrow key
1
1. The arrow keys function only on ANSI-compatible terminals, such as VT100s.
Moves the cursor bac k one ch arac ter.
Ctrl-C Escapes and terminates prompts and lengthy tasks.
Ctrl-D Deletes the character at the cursor.
Ctrl-E Jumps to the end of the current command line.
Ctrl-F or the Right Arrow key
1
Moves the cursor forward one character.
Ctrl-K Deletes from the cursor to the end of the command line.
Ctrl-L; Ctrl-R Repeats current command line on a new line.
Ctrl-N or the Down Arrow key
1
Enters next command line in the hist ory buffer.
Ctrl-P or the Up Arrow key
1
Enters previous command line in the history buffer.
Ctrl-U; Ctrl-X Deletes from the cursor to the beginning of the command line.
Ctrl-W Deletes last word typed.
Esc B Moves the curso r b ac kwa rd on e wor d.
Esc D Deletes from the cursor to the end of the word.
Esc F Moves the curso r f or war d o ne wor d.
Delete key or Backspace key Erases command-line mistakes; reenter command after use.
Page 42
2-6
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Com m and-Line Interface
Abbreviating a Command
Abbreviating a Command
You ca n abbreviate co mmand s and keywords to th e number of ch arac ters th at allow a uniqu e
abbreviation.
You ca n abbreviate the show comm and to sh. A fte r ente ring t he co mma nd a t t he s ystem p rom pt, pr ess
Return to execute the command.
Completing a Partial Command
The Tab key allows you to use the command-completion feature . When you ent er a uniq ue partia l
character string and press the Tab key, the system completes the command or keyword on the command
line.
For example, if you e nt er co and pr ess the Tab key, the system compl etes the c omman d as configure
because it is the only command that matches the criteria.
Table 2-2 History Substitution Commands
Command Function
Repeating recent commands:
!! Repeat the most rece nt comm and.
!-nn Repeat the nnth most recent command.
!n Repeat command n.
!aaa Repeat the command beginning with st ring aaa.
!?aaa Repeat the comma nd cont ai ning the str in g aaa.
To modify and repeat the most recent command:
^aaa^bbb Replace the st ring aaa with the string bbb in the most recent command.
To add a string to the end of a previous command and repeat it:
!!aaa Add string aaa to the end of the most recent command.
!n aaa Add string aaa to the end of c omman d n.
!aaa bbb Add string bbb to the end of the comma nd beginning wi th string aaa .
!?aaa bbb Add string bbb to the end of the comma nd conta ining the st ring aaa.
Page 43
2-7
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Command-Line Interface
Scrolling Down a Line or a Screen
Scrolling Down a Line or a Screen
When the output of a command fills more than one terminal screen, a ---More--- prompt is displayed at
the bottom of the screen. To view the next line or screen, perform these tasks:
Note The ---More--- prom pt is use d fo r any ou tput th at has mo re li nes th an c an be displ aye d o n th e ter min al
screen, includ ing show com man d ou t put.
Using Command Aliases
Aliases are not case sensitive; however, unlike regular commands, some aliases cannot be abbreviated.
Table 2-3 lists the switch CLI aliases that cannot be abbreviated.
Specifying Modules, Ports, and VLANs
Modules, ports, and VLANs are numbered sequentially, beginning with 1. The supervisor engine module
is module 1, re sidi ng i n slot 1.
To designate a specific module, use the module number. In most systems, the module number and the
slot number are the same.
On the fixed-configuration switches, there are two logical modules. On the Catalyst 4912G, the
Catalyst 2948G, an d th e Catal yst 2980G switches, t here are two m odu les but on ly o ne slot. Wh en you
enter configuration commands on these switches, you must refer to the module number, not the slot
number. For example, all of the user-configurable ports on these sw itches are logic ally on mo dule 2.
On modules that have user-configurable ports, the left-most port is always port 1. To designate a specific
port on a spec ific mod ul e, t h e co mm and s y ntax i s mod_n um/ port_n um. Fo r exam ple, 3/1 specifies
module 3, port 1. On the Catalyst 4912G, the Catalyst 2948G, and the Catalyst 2980G switches, th e
left-most switch port is numbered 2/1 instead of 1/1 because logically the ports are located on module 2.
Task Keystrokes
To scroll down one line Press the Return key
To scroll down one screen Press the Spacebar
To quit from the More mode Press the q key
Table 2-3 Switch CLI Command Aliases
Alias Command
?help
batch configure
di show
exit quit
logout quit
Page 44
2-8
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Com m and-Line Interface
Specifying MAC Addresses
With many commands, you can enter lists o f por ts. To specify a range of por t s, use a co mma- s epar at ed
list (do not insert spaces) to specify individual ports or a hyphen (-) between the port numbers to specify
a range of ports. Hyphen s take preced ence over commas .
Table 2-4 shows examples of how to designate ports and po rt r an ges.
VLANs are identif ie d using the VLAN ID, a singl e nu mb er ass ociated with the VLAN. To specify a list
of VLANs, use a comma-se para ted lis t (do not i nsert spa ces) t o specif y in dividual VLANs or a hyphen
(-) between the VLAN numbers to specify a range of VLANs.
Table 2-5 shows examples of how to designate VLANs a nd V L AN ra nges.
Specifying MAC Addresses
Some commands r equi re y ou to s pec ify a Me dia A ccess C ont ro l (M AC) address, whi ch m ust be
designated in a standa rd for mat. T he MAC address form at m ust be six h exadec imal num bers se para ted
by hyphens, as shown in the following example:
00-00-0c-24-d2-fe
Specifying IP Addresses, Host Names, and IP Aliases
Some commands require an IP address, IP host n ame, or IP alias. The IP address f ormat is 32 bits, written
in dotted decimal format, as shown in the following example:
172.16.10.1
If DNS is configured pr operl y on t he sw it ch, you can us e IP host na me s inste ad o f I P a dd resses . For
information on configuring DNS, see Chapter 34, “Configuring DNS.”
You can al so configure IP alia ses on the swit ch, which you can use in pla ce of IP addre sses. IP alias es
can be used for most commands that use an IP address, except for commands that define the IP address
or IP alias. For information on using IP aliases, see t he “Defining and Using IP Aliases” section on
page 26-7.
Table 2-4 Designating Ports and Port Ranges
Example Function
2/1 Specifies port 1 on module 2
3/4-8 Specifies ports 4, 5, 6, 7, and 8 on module 3
5/2,5/4,6/10 Specifies ports 2 and 4 on mod ule 5 and port 10 on module 6
3/1-2,4/8 Specifies ports 1 and 2 on mod ule 3 and port 8 on module 4
Table 2-5 Designating VLANs and VLAN Ranges
Example Function
10 Specifies VLAN 10
5,10,15 Specifies VLANs 5, 1 0, a nd 15
10-50,500 Specifies VLA Ns 10 t hroug h 50, inc lusive, and V LAN 500
Page 45
2-9
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Command-Line Interface
ROM Monitor Command-Line Interface
ROM Monitor Command-Line Interface
The ROM monitor is a ROM-based program that executes when the switch is powered on, reset, or when
a fatal exception occurs. The system enters ROM monitor mode if the nonvolatile RAM (NVRAM)
configuration is corrupte d, if the switch does not fin d a valid system image or if the configurati on register
is set to enter ROM mon itor mode. From the R OM monitor mode, y ou can load a system image manuall y
from Flash mem ory o r th e ne twork in te rface (m e1 ).
You can en ter ROM monitor mo de by pressing Ctrl-C within the first 5 seconds of startup.
Once you are in ROM monitor mode, the prompt changes to rommon>. Enter the ? command to see the
available ROM monitor commands.
Note For complete descriptions of all ROM monitor co mmands, re fer to th e Command
Reference—Catalyst 4000 Family, Catalyst 2948G, and Cataly st 2 980G Swi tches .
Catalyst 4003 Bootup Display Example
This example shows the bootup d ispl ay of a C ata lyst 40 03 swi tch. T he dis play on the Cat alyst 4912G,
the Catalyst 2948G, and the Catalyst 2980G switches will be similar.
WS-X4012 bootrom version 4.5(1), built on 1999.03.29 21:04:04
H/W Revisions: Meteor: 4 Comet: 8 Board: 2
Supervisor MAC addresses: 00:d0:58:70:a1:00 through 00:d0:58:70:a4:ff (1024 addr
esses)
Installed memory: 32 MB
Testing LEDs.... done!
The system will autoboot in 5 seconds.
Type control-C to prevent autobooting.
rommon 1 >
The system will now begin autobooting.
Autobooting image: "bootflash:cat4000.5-1-1a.bin"
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCC############################
Starting Off-line Diagnostics
Mapping in TempFs
Board type is WS-X4012
DiagBootMode value is "post"
Loading diagnostics...
Power-on-self-test for Module 1: WS-X4012
Status: (. = Pass, F = Fail)
processor: . cpu sdram: . temperature sensor: .
enet console port: . nvram: . switch sram: .
switch registers: . switch port 0: . switch port 1: .
switch port 2: . switch port 3: . switch port 4: .
switch port 5: . switch port 6: . switch port 7: .
switch port 8: . switch port 9: . switch port 10: .
switch port 11: . switch bandwidth: .
Module 1 Passed
Power-on-self-test for Module 2: WS-X4148
Port status: (. = Pass, F = Fail)
1: . 2: . 3: . 4: . 5: . 6: . 7: . 8: .
9: . 10: . 11: . 12: . 13: . 14: . 15: . 16: .
17: . 18: . 19: . 20: . 21: . 22: . 23: . 24: .
Page 46
2-10
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 2 Using the Com m and-Line Interface
Catalyst4003 Bootup Display Example
25: . 26: . 27: . 28: . 29: . 30: . 31: . 32: .
33: . 34: . 35: . 36: . 37: . 38: . 39: . 40: .
41: . 42: . 43: . 44: . 45: . 46: . 47: . 48: .
Module 2 Passed
Power-on-self-test for Module 3: WS-X4306
Port status: (. = Pass, F = Fail, ? = no GBIC)
1: . 2: . 3: . 4: ? 5: ? 6: ?
Module 3 Passed
Exiting Off-line Diagnostics
IP address for Catalyst not configured
BOOTP/DHCP will commence after the ports are online
Ports are coming online ...
Cisco Systems, Inc. Console
Enter password:
1999 Aug 12 14:34:05 %SYS-5-MOD_OK:Module 1 is online
1999 Aug 12 14:34:08 %SYS-5-MOD_OK:Module 3 is online
1999 Aug 12 14:34:11 %SYS-5-MOD_OK:Module 2 is online
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
Sending RARP request with address 00:d0:58:70:a4:ff
Sending BOOTP request with address: 00:d0:58:70:a4:ff
No bootp or rarp response received
Note The system only initiates DHCP/BOOTP and Re verse Address Resolution Protocol (RARP) requests at
startup when the sc0 interface IP address is set to 0.0.0.0. For more information, see the “Using DHCP
or RARP to Obtain an IP Address Configuration” section on page 3-10.
Page 47
CHAPTER
3-1
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
3
Configuring the Switch IP Address and Default
Gateway
This chapter describes how to configure the IP address, subnet mask, and default gateway on the Catalyst
enterprise LAN switches.
Note For complete syntax and usage information for the commands used in this chapter, refer to the Command
Reference—Catalyst 4000 Family, Catalyst 2948G, and Cataly st 2 980G Swi tches .
This chapter consists of these sections:
• Understanding the Switch Management Interfac es, page 3-1
• Understanding Automatic IP Configurat ion , page 3-2
• Preparing to Configure the IP Address and Default Gateway, page 3-4
• Default IP Address and Default Gateway Configuration, page 3-5
• Setting the In-Band (sc0) Interface IP Address, page 3-5
• Setting the Management Ethernet (me1) Interface IP Address, page 3-6
• Configuring Default Gateways, page 3-7
• Configuring the SLIP (sl0) Interface on the Console Port, page 3-8
• Using DHCP or RARP to Obtain an IP Address Configuration, page 3-10
• Renewing and Releasing a DHCP-Assigned IP Addr ess, pa ge 3- 11
Understanding the Switch Management Interfaces
The Catalyst 4000 family, the Catalyst 2948G, and the Catalyst 2980G switches have three management
interfaces:
• In-band interface (sc0)
• SLIP interface (s10)
• Management Ethernet interface (me1)
The in-band (sc0) management interface is connected to the switching fabric and participates in all of
the functions of a no rma l sw itch p ort, such as spann i ng t ree, Cisco D iscovery Prot ocol (CD P), and
VLAN membership. Th e out- of-band ma nageme nt interfa ces (me1 and sl0) ar e not co nnected t o the
switching fabric and do not parti cipate in any of these funct ions.
Page 48
3-2
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch IP Address and Default Gateway
Understanding Automat ic IP Configuration
When you configure the IP address, subnet mask, and broadcast address (and, on the sc0 interface,
VLAN membership) of the sc0 or me1 int erface, you can ac cess the switch through Telnet or SNMP.
When you configure the SLIP (sl0 ) i nte rface , you c a n ope n a poi nt- to-po i nt c onn ect ion to t he sw itch
through the con sol e po rt from a works ta tion.
All IP traffic generated by the switch (for example, a Telnet session opened from the switch to a host) is
forwarded according to the ent ries in the switch IP routing ta ble. For inte rsubnetwork co mmunication to
occur, you must configure at least one default gateway for the sc0 or me1 interface. The switch IP routing
table is used to forward traffic originating on t h e switch only, not for forwarding tr affic sent by d evices
connected to the switch.
Because sc0 and me1 are two distin ct inter faces, they pote ntiall y can have duplicate IP ad dresses or
overlapping subnets. Therefore, when you enter a command that causes sc0 and me1 to have the same
IP address or occu py t he sa me subn et, the sw itch so ftware br ings one o f the int erfac es down.
In most cases, the switch softw are brings dow n the sc0 int erfac e after you con fir m the chang e. However,
when the switch boo ts wi th the IP add ress 0 .0. 0.0 c on figured on bot h t he sc 0 and me 1 in ter faces, t he
me1 interface is broug ht d own to a llow BOOTP and RARP requ est s to b roadc ast out the sc 0 inter face.
Note When the switch boots with the IP ad dress 0.0 .0.0 configured on both the sc 0 and me1 interfaces , the
me1 interface is automatically brought down by the switch software. You are not asked to confirm the
change, and no consol e messages or t raps are ge nerated i n this case.
Duplicate IP addresses an d equal subn ets ar e allowed on the sc0 and me1 inte rfaces provide d that on e
of the interfaces is configur ed down. Non-equ al subnet s are no t allowed (for examp le, sc0 with IP
address 10.1.1.1 and subne t mask 255.0 .0.0 and me 1 with IP addre ss 10.1.1.2 a nd subnet ma sk
255.255.255.0).
Understanding Automatic IP Configuration
These sections describe how the switch can obtain its IP configuration automatically:
• Automatic IP Configuration Overview, page 3-2
• Understanding How DHCP Works, page 3-3
• Understanding How RARP Works, page 3-4
Automatic IP Configuration Overview
The switch can obtain its IP co nfiguration aut omatica lly using one of the fol lowing protocols:
• Dynamic Host Configuration Protocol (DHCP)
• Reverse Address Resol ution Pro toc ol ( RARP)
The switch makes DHCP and RARP requests only if the sc 0 interface I P a ddress is se t to 0.0 .0.0 when
the switch boots up. This add ress is the d efaul t for a n e w switch or a switch wh ose conf ig uration file has
been cleared using t he clea r config all command. DHCP and RARP requests are only broadcast out the
sc0 interface.
Page 49
3-3
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch I P Address and Default Gateway
Understanding Automatic IP Configuration
Note If the CONFIG_FILE environment variable is set, all configuration files are processed before the swi tch
determines whether to broadcast DHCP and RARP requests. For more information about the
CONFIG_FILE environment variable, see Cha pte r 28, “Modifying t he Swi tch Boot Co nfiguration. ”
If both the sc0 and me 1 i nter faces ar e un configur ed (I P a ddre ss 0. 0.0. 0), the me 1 in terfa ce i s brough t
down to allow the switch to broadcast requ ests on t he sc0 inter face. If the me 1 interface is configured
and the sc0 interface is not , req uests ar e n ot sen t. Simi larly, if the sc0 interface is not conf ig u red but the
interface is configured down, requests are not sent.
Understanding How DHCP Works
In software release 5. 2 and lat er, the switch can obtain an IP ad dress an d other IP con figuration
information using DHCP.
There are three methods for obt ainin g an IP ad dress fr om the DHCP ser ver:
• Manual allocation—The network administrator maps the switch MAC address to an IP address at
the DHCP server.
• Automa tic allocation—The swit ch obtains an IP addre ss when it fi rst contacts the DHCP serv er . The
address is permanently assigned to the switch.
• Dynamic allocation—The switch obtains a “leased” IP address for a specified period of time. The
IP address is revoked at the e nd of t his per iod, and t he sw itch su rrend er s the addre ss. The swi tch
must request another IP addre ss.
In addition to the sc0 interfac e IP addr ess, the sw itch can obt ain the sub net mask, broadca st address,
default gateway address, as we ll as ot h er i nfo rma tion . DHC P-l earn ed values a re not used i f
user-configured values are pre se nt.
The switch broadcasts a DHCPDISCOVER message one to ten seconds after all of the switch ports are
online. The switch always requests an infinite lease time in the DHCPDISCOVER message.
If a DHCP or Bootstrap Prot ocol (BOOTP) server respond s to the re qu est, the sw itch t akes ap pro pria te
action. If a DHCPOFFER message is received from a DCHP server, the switch processes all supported
options contained in the message. Table 3-1 shows the supported DHCP options. Other options specified
in the DHCPOFFER message are ignored.
Table 3-1 Supported DHCP Options
Code Option
1 Subnet mask
2Time offset
3 Router
6 Domain name server
12 Host name
15 Domain name
28 Broadcast addr ess
33 Static route
42 NTP servers
Page 50
3-4
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch IP Address and Default Gateway
Preparing to Configure th e IP Address and Default Gateway
If a BOOTP response is received from a BOOTP server, the switch sets the in-band (sc0) interface IP
address to the address specified in the BOOTP response.
If no DHCPOFFER message or BOOTP response is received in reply, the switch rebroadcasts the request
using an exponential backoff algorithm (the amount of time between requests i ncreases exponentially).
If no response is received after ten minutes, the sc0 interface IP address remains set to 0.0.0.0 (provided
that RARP requests fail as well).
If you reset or power cycle a sw it ch w ith a D HCP- or B OOTP-obtained IP add re ss, t he i nf ormat ion
learned from DHCP or BOOTP is retained. At boot up, the switch attempts to renew the lease on the IP
address. If no reply is received, the switch retains the current IP address.
Understanding How RARP Works
With RARP, you map t he sw itch Medi a A cce ss Con trol ( MAC) address to an IP addr ess on t he RA R P
server. The switch retrieves its IP address from the server automatically when it boots up.
The switch broadcasts 10 RARP requests after all of the switch ports are online. If a response is received,
the switch sets the in-band (sc0) interface IP address to the address specified in the RARP response.
If no reply is received, the sc0 interface IP address remains set to 0.0.0.0 (provided that DHCP requests
fail as well).
If you reset or power cycle a swi tch wi th a R ARP -obt aine d IP ad dre ss, the inf or matio n le a rned fro m
RARP is retained.
Preparing to Configure the IP Addre ss and Default Gat eway
Before you configure the switch IP address and default gateway, obtain the following information, as
appropriate:
• IP address for the switch (sc0 and me1 interfaces only)
• Subnet mask/number of subnet bits (sc0 and me1 interfaces only)
• (Optional) Broadcast address (sc0 and me1 interfaces only)
• VLAN membership (sc0 interface only)
• SLIP and SLIP destination addresses (sl0 interface only)
• Interface connection type:
–
In-band (sc0) i nte rface
Configure this interface when assigning an IP address, subnet mask, and VLAN to the in-band
management interface on the sw itch.
51 IP address lease time
52 Option overload
61 Client-identifier
66 TFTP server name
Table 3-1 Supported DHCP Options (continued)
Code Option
Page 51
3-5
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch I P Address and Default Gateway
Default IP Address and Default Gateway Configuration
–
Out-of-band management Ethernet (me1) interface
Configure this interface when assign ing an IP addr ess and subn et mask to the out -of-b and
management Ethern et inter face on the switc h.
–
SLIP (sl0) interface
Configure this interface when setting up a point-to-point SLIP connection between a terminal
and the switch .
Default IP Address and Default Gatewa y Configuration
Table 3-2 shows the default IP address and defaul t ga teway configurati on.
Setting the In-Band (sc0) Interface IP Address
Before you can Telnet to the switch or use Simple Network Management Proto col (SNMP) to man age
the switch, you must assign an IP address to either the in-band (sc0) logical interface or the management
Ethernet (me1 ) inte rface .
You can specify the subnet mask (netmask) using the number of subnet bits or usi ng the subnet mask in
dotted decimal forma t.
To set the IP address and VLAN membership of the in-band (sc0) management interface, perform this
task in privileged mode:
Table 3-2 Switch IP Address and Default Gateway Default Configuration
Feature Default Value
In-band (sc0) interfac e
• IP address, subnet mask, and broadcast address set to
0.0.0.0
• Assigned to VLAN 1
Management Ethe rn et ( me1) int erfac e IP address, subnet mask , and bro adca st addr es s set to
0.0.0.0
Default gateway address Set to 0.0.0.0 with a metric of 0
SLIP (sl0) interface
• IP address and SLIP destination address set to 0.0.0.0
• SLIP for the console port is not active (set to detach)
Task Command
Step 1
Assign an IP address, subnet mask (or number of
subnet bits), and (optio nal) broa dcast addr ess to
the in-band ( sc0) in ter face.
set interf ace sc0 [ip_addr[/netmask] [broadcast]]
Step 2
Assign the in-band interface to the proper VLAN
(make sure the VLAN is associated with the
network to which the IP address belong s).
set interface sc0 [vlan]
Step 3
If necessary, bring the interface up. set interface sc0 up
Step 4
Verify the interface configuration. show interface
Page 52
3-6
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch IP Address and Default Gateway
Setting the Management Ethernet (me1) Interface IP Ad dress
This example shows how to assign an IP ad dress, spe cify t he nu mbe r of sub ne t bit s, and speci fy t he
VLAN assignment for the in-band (sc0) interface:
Console> (enable) set interface sc0 172.20.52.124/29
Interface sc0 IP address and netmask set.
Console> (enable) set interface sc0 5
Interface sc0 vlan set.
Console> (enable)
This example shows how to specify the VLAN assignment, assign an IP address, specify the subnet mask
in dotted decimal format, and verify the configuration:
Console> (enable) set interface sc0 5 172.20.52.124/255.255.255.248
Interface sc0 vlan set, IP address and netmask set.
Console> (enable) show interface
sl0: flags=51<UP,POINTOPOINT,RUNNING>
slip 0.0.0.0 dest 0.0.0.0
sc0: flags=63<UP,BROADCAST,RUNNING>
vlan 5 inet 172.20.52.124 netmask 255.255.255.248 broadcast 172.20.52.17
Console> (enable)
Setting the Management Ethernet (me1) Interf ace IP Address
Before you can Telnet to the switch or use SNMP to mana ge th e swi tc h, you m ust a ssign a n I P addre ss
to either the in-band (sc0) logical interface or the management Ethernet (me1) interface. The me1
interface is present only on the C ata lyst 4000 family, Catalyst 2948G, and Ca talyst 2980G switches.
You can specify the subnet mask (netmask) using the number of subnet bits or usi ng the subnet mask in
dotted decimal forma t.
To set the management Ethernet (me1) interface IP address, perform this task in privileged mode:
This example shows how to assign an IP address and subne t mask to the man agemen t Eth ernet (m e1)
interface and how to verify the interface configuration:
Console> (enable) set interface me1 172.20.52.12/255.255.255.224
Interface me1 IP address and netmask set.
Console> (enable) show interface
sl0: flags=51<UP,POINTOPOINT,RUNNING>
slip 0.0.0.0 dest 0.0.0.0
sc0: flags=63<UP,BROADCAST,RUNNING>
vlan 1 inet 0.0.0.0 netmask 0.0.0.0 broadcast 0.0.0.0
me1: flags=63<UP,BROADCAST,RUNNING>
inet 172.20.52.12 netmask 255.255.255.224 broadcast 172.20.52.31
Console> (enable)
Task Command
Step 1
Assign an IP address and su bnet m ask to the
management E the rnet ( me1) i nte rface.
set interface me1 [ip_addr[/netmas k]]
Step 2
If necessary, bring the interface up. set interface me1 up
Step 3
Verify the interface configuration. show interface
Page 53
3-7
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch I P Address and Default Gateway
Configuring Default Gateways
Configuring Default Gateways
The supervisor engine sends IP packets destined for other IP subnets to the default gateway (typic ally a
router interface in the same network or subnet as the switch IP address). The switch does not use the IP
routing table to forward traffic from connected devices, only IP traffic generated by the switch itself (for
example, Telnet, TFTP, and ping).
Note In some cases, you might want to configure static IP routes in addition to default gateways. For
information on configuring st atic rout es, see th e “Configuri ng Static Rout es” secti on on page 26-9.
You can define up to three default IP gateways. Use the primary keyword to make a gateway the primary
gateway. If you do not specify a pr imary de fault gateway, the first gateway configured is the primary
gateway. If more than one gateway is designated as primary, the last primary gateway configured is the
primary default gateway.
The switch sends all of f-netw ork IP tr af f ic to the p rimary def ault g ate w ay. If connectivity to the primary
gateway is lost, the switch attempts to use the backup gateways in the order they were configured. The
switch sends periodic ping me ssages to de termine whe ther eac h default gateway is up or down. If
connectivity to the primary gateway is restored, the switch resumes sending traffic to the primary.
If both the in-band (sc0) and management Ethernet (me1) interfaces are configured when you specify
default gate w ays when , then the swi tch so ftw are au tomatical ly dete rmines t hrough which interf ace each
default gateway can be reached.
To specify on e or m ore d efault gateways, pe rform t h is t ask i n privileged m od e:
To remove default gateway entries, perform one of these tasks in privileged mode:
This example shows how to configure three default gateways on the switch and how to verify the default
gateway configuration:
Console> (enable) set ip route default 10.1.1.10
Route added.
Console> (enable) set ip route default 10.1.1.20
Route added.
Console> (enable) set ip route default 10.1.1.1 primary
Route added.
Console> (enable) show ip route
Fragmentation Redirect Unreachable
Task Command
Step 1
Configure a default IP gateway address for the
switch.
set ip route default gateway [metric] [primary]
Step 2
(Optional) Configure additional default gateways
for the switch.
set ip route default gateway [metric] [primary]
Step 3
Verify that the default gateways appear correctly
in the IP routing table.
show ip route
Task Command
Clear an individual default gateway entry. clear ip route default gateway
Clear all default gateways and static routes. clear ip route all
Page 54
3-8
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch IP Address and Default Gateway
Configuring the SLIP (sl0) Interface on the Console Port
------------- -------- ----------enabled enabled enabled
The primary gateway: 10.1.1.1
Destination Gateway RouteMask Flags Use Interface
--------------- --------------- ---------- ----- -------- --------default 10.1.1.1 0x0 UG 6 sc0
default 10.1.1.20 0x0 G 0 sc0
default 10.1.1.10 0x0 G 0 sc0
10.0.0.0 10.1.1.100 0xff000000 U 75 sc0
default default 0xff000000 UH 0 sl0
Console> (enable)
This example shows how to configure two default gateways on a Catalyst 4000 family, Catalyst 2948G,
or Catalyst 298 0G sw it ch, w ith one de fault ga teway reac habl e t hr ou gh th e sc0 i nte rface and on e
reachable through th e me1 int erface:
Console> (enable) show interface
sl0: flags=50<DOWN,POINTOPOINT,RUNNING>
slip 0.0.0.0 dest 0.0.0.0
sc0: flags=63<UP,BROADCAST,RUNNING>
vlan 5 inet 172.20.52.38 netmask 255.255.255.240 broadcast 172.20.52.47
me1: flags=63<UP,BROADCAST,RUNNING>
inet 10.1.1.100 netmask 255.255.255.0 broadcast 10.1.1.255
Console> (enable) set ip route default 172.20.52.33
Route added.
Console> (enable) set ip route default 10.1.1.1
Route added.
Console> (enable) show ip route
Fragmentation Redirect Unreachable
------------- -------- ----------enabled enabled enabled
The primary gateway: 172.20.52.33
Destination Gateway RouteMask Flags Use Interface
--------------- --------------- ---------- ----- -------- --------default 10.1.1.1 0x0 G 0 me1
default 172.20.52.33 0x0 UG 12 sc0
172.20.52.32 4000-2 0xfffffff0 U 180 sc0
10.1.1.0 10.1.1.100 0xffffff00 U 22 me1
Console> (enable)
Configuring the SLIP (sl0) Interface on the Co nsole Port
Use the SLIP (sl0) interface for point-to-point SLIP connections between the switch and an IP host.
Caution You must use the console port for the SLIP connection. When the SLIP connection is enabled and SLIP
is attached on the console port, an EIA/TIA-232 terminal cannot connect through the console port. If you
are connected to the switch CLI throu gh the console por t and you ente r the slip attach command , you
will lose the console por t conn ect ion. Use Telnet to access the switch, ente r privileged mode , an d en ter
the slip detach command to restore the conso le port conn ect ion.
Page 55
3-9
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch I P Address and Default Gateway
Configuring the SLIP (sl0) Interface on the Console Port
To enable and attach SLIP on the console port, perform this task:
To disable SLI P on t he c on sole po rt, pe rf orm t his t ask:
This example shows how to co nfigure SLIP on t he con sol e po rt and verify t he c on figurati on:
sparc20% telnet 172.20.52.38
Trying 172.20.52.38 ...
Connected to 172.20.52.38.
Escape character is '^]'.
Cisco Systems, Inc. Console
Enter password:
Console> enable
Enter password:
Console> (enable) set interface sl0 10.1.1.1 10.1.1.2
Interface sl0 slip and destination address set.
Console> (enable) show interface
sl0: flags=51<UP,POINTOPOINT,RUNNING>
slip 10.1.1.1 dest 10.1.1.2
sc0: flags=63<UP,BROADCAST,RUNNING>
vlan 522 inet 172.20.52.38 netmask 255.255.255.240 broadcast 172.20.52.7
me1: flags=62<DOWN,BROADCAST,RUNNING>
inet 10.1.1.100 netmask 255.255.255.0 broadcast 10.1.1.255
Console> (enable) slip attach
Console Port now running SLIP.
Console> (enable) slip detach
SLIP detached on Console port.
Console> (enable)
Task Command
Step 1
Access the switch from a remot e ho st with Te lne t. telnet {host_name | ip_addr}
Step 2
Enter privileged mode on the switch. enable
Step 3
Set the console port SLIP address and the
destination address of the attached host.
set interface sl0 slip_addr dest_addr
Step 4
Verify the SLIP interface configuration. show interface
Step 5
Enable SLIP for the console port. slip attach
Task Command
Step 1
Access the switch from a remot e ho st with Te lne t. telnet {host_name | ip_addr}
Step 2
Enter privileged mode on the switch. enable
Step 3
Disable SLIP for the console port. slip detach
Page 56
3-10
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch IP Address and Default Gateway
Using DHCP or RARP to Obtain an IP Address Configurat io n
Using DHCP or RARP to Obtain an IP Address Configuration
Note For complete informatio n o n how the switch uses DHCP or RARP to obta in its IP con figuration, see the
“Understanding A utom ati c I P Co nfigurat ion” s ectio n on pa ge 3-2.
To use DHCP or R A RP to obta in an IP addr ess for th e switch, pe rfor m this ta sk:
This example shows the switch broadcasting a DHCP request, receiving a DHCP offer, and configuring
the IP address and other IP parame ters acc ording to the conte nts of the DH CP offer:
Console> (enable) Sending RARP request with address 00:90:0c:5a:8f:ff
Sending DHCP packet with address: 00:90:0c:5a:8f:ff
dhcpoffer
Sending DHCP packet with address: 00:90:0c:5a:8f:ff
Timezone set to '', offset from UTC is 7 hours 58 minutes
Timezone set to '', offset from UTC is 7 hours 58 minutes
172.16.30.32 added to DNS server table as primary server.
172.16.31.32 added to DNS server table as backup server.
172.16.32.32 added to DNS server table as backup server.
NTP server 172.16.25.253 added
NTP server 172.16.25.252 added
%MGMT-5-DHCP_S:Assigned IP address 172.20.25.244 from DHCP Server 172.20.25.254
Task Command
Step 1
Make sure there is a DHC P, BOOTP, o r RARP
server on the netwo rk.
—
Step 2
Obtain the last address in the MAC address range
for module 1 (the supervisor engine). This address
is displayed under the MAC-Address(es) heading.
(With DHCP, this step is necessary only if using
the manual allocation method.)
show module
Step 3
Add an entry for each switch in the DHCP,
BOOTP, or RAR P ser ver co nfigur ati on , mapp i ng
the MAC address of the switch to the IP
configuration information for the switch. (With
DHCP, this step is necessary only if using the
manual or automatic allocation methods.)
—
Step 4
Set the sc0 interface IP address to 0.0.0.0. set interface sc0 0.0.0.0
Step 5
Reset the switch. The switch broadcasts DHCP
and RARP requests only when th e switch boots
up.
reset system
Step 6
When the switch reboots, confirm that the sc0
interface IP add re ss, subn et ma sk, and br oadc ast
address are set correctly.
show interface
Step 7
For DHCP, confirm that other opt ions (suc h as
default gateway addre ss) ar e set c orrec tly.
show ip route
Page 57
3-11
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch I P Address and Default Gateway
Renewing and Releasing a DHCP-Assigned IP Address
Console> (enable) show interface
sl0: flags=51<UP,POINTOPOINT,RUNNING>
slip 0.0.0.0 dest 0.0.0.0
sc0: flags=63<UP,BROADCAST,RUNNING>
vlan 1 inet 172.20.25.244 netmask 255.255.255.0 broadcast 172.20.25.255
dhcp server: 172.20.25.254
Console>
Renewing and Releasing a DHCP-Assigned IP Address
If you are using D HCP f or IP ad dress assig nme nt, yo u ca n perfo rm e ither o f th ese ta sks:
• Renew—Renew the lease on a DHCP-assigned IP a ddr ess
• Release—Release the lease on a DHCP-assigned IP address
To renew or release a DHCP-assigned IP address on the in-band (sc0) management interface, perform
one of these tasks in privileged mode:
This example shows how to renew the lease on a DHCP-assigned IP address:
Console> (enable) set interface sc0 dhcp renew
Renewing IP address...
Console> (enable) Sending DHCP packet with address: 00:90:0c:5a:8f:ff
<...output truncated...>
This example shows how to release the lease on a DHCP-assigned IP address:
Console> (enable) set interface sc0 dhcp release
Releasing IP address...
Console> (enable) Sending DHCP packet with address: 00:90:0c:5a:8f:ff
Done
Console> (enable)
Task Command
Renew the lease on a DHCP-assigned IP address. set interface sc0 dhcp renew
Release the lease on a DHC P-assigned IP address. set interface sc0 dhcp release
Page 58
3-12
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 3 Configuring the Switch IP Address and Default Gateway
Renewing and Releasing a DHCP-Assigned IP Address
Page 59
P
ART
2
Configuring Ethernet Switc hing
Page 60
Page 61
CHAPTER
4-1
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
4
Configuring Ethernet and Fast Ethernet Switching
This chapter descr ibes ho w to con f igure Eth ern et and Fa st Eth erne t switch ing on th e Catalys t enterpr ise
LAN switches. The configuration tasks in this chapter apply to Ethernet and Fast Ethernet switch ports
on switching modules and fixed-configurat ion switche s, as well as to superviso r engine Fast Ethernet
uplink ports.
Note For complete informati on on insta lling C atalyst 4000 family Fast Ether net mo dules, re fer to the
Catalyst 4000 Family Installation Guide.
Note For complete syntax and usage information for the commands used in this chapter, refer to the Command
Reference—Catalyst 4000 Family, Catalyst 2948G, and Cataly st 2 980G Swi tches .
This chapter consists of these sections:
• Understanding How Ethernet Works, page 4-1
• Default Ethernet and Fast Ethernet Configuration, page 4-2
• Configuring Ethernet and Fast Ethernet Ports, page 4-3
Understanding How Ethernet Works
These sections describe how Ethernet switching works on the Catalyst enterprise LAN switches:
• Ethernet Overview, page 4-1
• Switching Frames Between Segments, page 4-2
• Building the Address Table, page 4-2
Ethernet Overview
The Catalyst enterprise LAN switches support simultaneous, parallel conversations between Ethernet
segments. Switched connections between Ethernet segments last only for the duration of the packet. New
connections can be ma de be tween d ifferent s egments fo r the next pac ket.
Page 62
4-2
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 4 Configuring Ethernet and Fast Ethernet Switching
Default Ethernet and Fast E thernet Configuration
The Catalyst enterprise LAN switches solve congestion problems caused by high-bandwidth devices and
a large number of users by assigning each device (for example, a server) to its own 10-, 100-, or
1000-Mbps segment. Because each Ethernet port on the switch represents a separate Ethernet segment,
servers in a properly configured switched environment achieve full access to the bandwidth.
Because the major bottleneck in Ethernet networks is usually due to collisions, an effective solution is
full-duplex communication, an option for each port on the switches (Gigabit Ethernet ports only support
full duplex). Normally, Ethernet operates in half-duplex mode, which means that stations can either
receive or transmit. In fu ll-dupl ex mode, two stat ion s c an t rans mi t a nd rec eive at the sa me tim e. W he n
packets can flow in both direction s simult aneousl y, effective Ethernet bandwidth for Ethernet por ts is
20 Mbps, for Fast Ethernet por ts it is 200 Mbps, and for Gigabi t Etherne t ports it is 2 Gbps.
Switching Frames Between Segments
Each Ethernet port on the switch can connect to a single workstation or server, or to a hub through which
workstations or servers connect to the network.
Ports on a typical Ethernet hub all connect to a common backplane within the hub, and the bandwidth of
the network is shared by all devices attached to the hub. If two stations establish a session that uses a
significant level of bandwidth, the net work p erfor manc e of a ll ot her sta tion s a ttac hed to t he hub is
degraded.
To reduce degrada tion, th e C ata lyst e nte rpr ise LAN switc hes t rea t eac h port as a n individual segme nt.
When stations on different ports need to communicate, the switch forwards frames from one port to the
other at wire speed to ensure that each session receives the full bandwidth available.
To switch frames between ports efficiently, the switch maintains an address table. When a frame enters
the switch, it associates the Media Access Control (MAC) address of the sending station with the port
on which it was received.
Building the Address Table
The switch build s the addr ess tab le b y usin g the so urce addres s of th e frames received. When the switch
receives a frame fo r a destination address not yet listed in its addres s table, it floods the frame to all ports
of the same virtual LAN (VLAN) except the port that received the frame. When the destination station
replies, the switch adds its relevant source address and port ID to the address table. The switch then
forwards subsequent fra mes to a single port with out flood ing to all port s.
The address t ab le can store at least 16 , 00 0 address entries wi thou t flo o di ng any entries. Th e s w itch uses
an aging mechanism, defined by a configurable aging timer, so if an address remains inactive for a
specified number of se cond s, it is rem oved from t h e ad dre ss table .
Default Ethernet and Fast Ethern et Configu ration
Table 4-1 lists the Ethernet and Fast Ethernet default configuration.
Table 4-1 Ethernet and Fast Ethernet Default Configuration
Feature Default Value
Port enable state All ports are enabled
Port name None
Page 63
4-3
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 4 Configuring Ethernet and Fast Ethernet Switching
Configuring Ethernet and Fast Ether net Ports
Configuring Ethernet and Fast Eth ernet Po rts
These sections describe how to configure Ethernet and Fast Ether net switchin g ports on the Cat alyst
enterprise LAN switches:
• Setting the Port Name, page 4-3
• Setting the Port Priority Level, page 4-4
• Setting the Port Speed, page 4-4
• Setting the Port Duplex Mode, page 4-5
• Configuring a Timeout Period for Ports in errd is able Stat e, p age 4- 6
• Checking Connectivity, page 4-7
Note For information on configuring Fast EtherChannel, see Chapter 6, “Configu ring Fast EtherC hannel and
Gigabit EtherChanne l.”
Setting the Port Name
You can assi gn names t o the ports on Ethernet and Fast Etherne t modules to fac ilitat e switch
administration.
To assign a name to a port, perform this task in privileged mode:
This examp l e s hows how to set the name for port s 1/1 and 1/2 and how to verify that th e po rt names are
configured corre ctly :
Console> (enable) set port name 1/1 Router Connection
Port 1/1 name set.
Port prior ity No rmal
Duplex mode
• Autonegotiate speed and duplex for 10/100-Mbps Fast
Ethernet ports
• Autonegotiate duplex for 100-Mbps Fas t Et h erne t por ts
Native VLAN VLAN 1
Spanning tree port cost
• Port cost of 100 for 10-Mbps E ther ne t po rts
• Port cost of 19 for 10/100- Mb ps Fast E the rnet p orts
• Port cost of 19 for 100-Mbps Fast Ethernet ports
Fast EtherChannel Disabled on all Fast E ther net port s ( auto m ode )
Table 4-1 Ethernet and Fast Ethernet Default Configuration (continued)
Feature Default Value
Task Command
Step 1
Assign a name to a port. set port name mod_num/po rt_nu m [name_string]
Step 2
Verify that the port name is configured. show port [mod_num[/port_num]]
Page 64
4-4
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 4 Configuring Ethernet and Fast Ethernet Switching
Configuring Ethernet and F ast Ethernet Ports
Console> (enable) set port name 1/2 Server Link
Port 1/2 name set.
Console> (enable) show port 1
Port Name Status Vlan Level Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ----------- 1/1 Router Connection connected trunk normal half 100 100BaseTX
1/2 Server Link connected trunk normal half 100 100BaseTX
<...output truncated...>
Last-Time-Cleared
-------------------------Tue Jun 16 1998, 16:25:57
Console> (enable)
Setting the Port Priority Level
You can co nfigure the pr iority level of each port. Whe n ports request a ccess to the switchin g bus
simultaneously, the switch uses port priority level to determine the order in which to give ports access.
To set the port priority level, perform this task in privileged mode:
This example sho ws ho w to set the port prior ity le v el to high for port 1/1 and ve rify th at the p ort priority
is configured correctly:
Console> (enable) set port level 1/1 high
Port 1/1 level set to high.
Console> (enable) show port 1
Port Name Status Vlan Level Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ----------- 1/1 Router Connection connected trunk high half 100 100BaseTX
1/2 Server Link connected trunk normal half 100 100BaseTX
<...output truncated...>
Last-Time-Cleared
-------------------------Tue Jun 16 1998, 16:25:57
Console> (enable)
Setting the Port Speed
You can configure the port speed on 10/100-Mbps Fast Ethernet modules. Use the auto keywor d to ha v e
the port autonegot iate spee d and dupl ex mode w ith t he ne ighb ori n g port .
Caution Make sure the device on the other e nd o f the li nk is also co nfigured for a utonegoti atio n or a por t spe ed
or duplex mismatch will result.
Task Command
Step 1
Configure the priority level for a port. set port level mod_num/port_num
{normal | high}
Step 2
Verify that port priority level is configured correctly. show port [mo d_num [/port_num]]
Page 65
4-5
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 4 Configuring Ethernet and Fast Ethernet Switching
Configuring Ethernet and Fast Ether net Ports
Note If the port speed is set to auto on a 10/100-Mbps Fast Ethernet p ort, both spee d and dup lex are
autonegotiated.
To set the por t spe e d for a 1 0/100 -M bps port , perf orm thi s task in privileged m ode :
This example shows how to set the port speed to 100 Mbps on port 2/2:
Console> (enable) set port speed 2/2 100
Port 2/2 speed set to 100 Mbps.
Console> (enable)
This example shows how to make port 2/1 autonegotiate spee d and duplex wit h the neighb or port :
Console> (enable) set port speed 2/1 auto
Port 2/1 speed set to auto-sensing mode.
Console> (enable)
Setting the Port Duplex Mode
You can set the port duplex mode to ful l or half dupl ex for Ethernet and Fast Ether net ports .
Note If the port speed is set to auto on a 10/100-Mbps Fast Ethernet p ort, both spee d and dup lex are
autonegotiated. You cannot change the du plex m ode o f por ts configur ed for a utonegot ia tio n. For
information on enabl ing and di sabling aut onegotiati on on 10/100 Fast Ethe rnet por ts, see the “Se tti ng
the Port Speed” section on page 4-4.
To set the dup l ex mode of a p ort , pe rf or m th is ta sk in pr ivileged mod e:
This example shows how to set th e dup l ex mode to ha lf d uplex o n p ort 2/1:
Console> (enable) set port duplex 2/1 half
Port 2/1 set to half-duplex.
Console> (enable)
Task Command
Step 1
Set the port speed of a 10/100-Mbps Fast Ethernet
port.
set port speed mod num/port num {10 | 100 |
auto}
Step 2
Verify that the speed of the port is configured
correctly.
show port [mod_num[/por t_num]]
Task Command
Step 1
Set the duplex mode of a port. set port duplex mod num/port num {full | half}
Step 2
Veri fy tha t t he d upl ex mode of the po rt is
configured correctly.
show port [mod_num[/por t_num]]
Page 66
4-6
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 4 Configuring Ethernet and Fast Ethernet Switching
Configuring Ethernet and F ast Ethernet Ports
Configuring a Timeout Period for Ports in errdisable State
A port is in errdisable state if it is enabled in NVRAM, but disabled at runtime by any process. For
example, if UniDirectiona l Lin k Dete ction (UDLD) detec ts a u nidir ec tiona l lin k, the p ort sh ut s down at
runtime. However, because the NVRAM configuration for the port is enabled (you have not disabled the
port), the port status is shown as errdisable.
After a port goes into errdisable state, the port has to be manually reenabled. The errdisable timeout
feature allows you to configure a timeout period for ports in errdisable state; the ports are reenabled
automatically eliminating the need to manually reenable all the errdisabled ports.
A port enters errdisable state for the following reasons (these appear as configuration options with the
set errdisable-timeout enable command):
• Channel misconfiguration
• Duplex mismatch
• BPDU port-guard
• UDLD
• Other
You ca n enab le or di sable er rd isabl e time out for eac h of the a bove listed reas ons. Po rts th at ar e in
errdisable state beca use of rea son s othe r tha n t he first four re aso ns have an errdi sa ble cause of “othe r.”
If you specify “other,” all ports that have been put in errdisable state because of causes other than the
first four reasons are enabled for errdisable timeout.
This feature is disabled by default. The default interval for enabling a port is 300 seconds. The allowable
interval range is 30 to 86400 seconds (30 sec onds to 24 hours) .
This example shows how to enable errdisable the timeout for BPDU guard causes:
Console> (enable) set errdisable-timeout enable bpdu-guard
Successfully enabled errdisable-timeout for bpdu-guard.
Console> (enable)
This example shows how to set the errdisable timeout interval to 450 seconds:
Console> (enable) set errdisable-timeout interval 450
Successfully set errdisable timeout to 450 seconds.
Console>(enable)
This example shows how to display the errdisable timeout configuration:
Console> (enable) show errdisable-timeout
ErrDisable Reason Timeout Status
------------------- -----------bpdu-guard Enable
channel-misconfig Disable
duplex-mismatch Enable
udld Enable
other Disable
Interval: 300 seconds
Ports that will be enabled at the next timeout:
Port ErrDisable Reason
----- ---------------- 3/1 udld
3/8 bpdu-guard
6/5 udld
7/24 duplex-mismatch
Console> (enable)
Page 67
4-7
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 4 Configuring Ethernet and Fast Ethernet Switching
Configuring Ethernet and Fast Ether net Ports
Checking Connectivity
Note For more detailed informa tion on ch ecking connect ivity, see Chapter 19, “Che cking Port Status and
Connectivity.”
Use the ping and traceroute commands to test connectivity out Ethernet or Fast Ethernet ports.
To check connectivity out a por t, perfo rm this task in privileged mode :
This example shows how to ping a remote host and how to trace the hop-by-hop path of packets through
the network using tr acerou te:
Console> (enable) ping somehost
somehost is alive
Console> (enable) traceroute somehost
traceroute to somehost.company.com (10.1.2.3), 30 hops max, 40 byte packets
1 engineering-1.company.com (173.31.192.206) 2 ms 1 ms 1 ms
2 engineering-2.company.com (173.31.196.204) 2 ms 3 ms 2 ms
3 gateway_a.company.com (173.16.1.201) 6 ms 3 ms 3 ms
4 somehost.company.com (10.1.2.3) 3 ms * 2 ms
Console> (enable)
Task Command
Step 1
Ping a remote host that is located out the port you
want to test.
ping [-s] hos t [packet_size] [ packet_count]
Step 2
Trace the hop-by-hop route of pac kets from the
switch to a remote host locate d out the port you
want to test.
traceroute host
Step 3
If the host is unresponsive, check the IP address
and default gateway configured on the switch.
show interface
show ip route
Page 68
4-8
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 4 Configuring Ethernet and Fast Ethernet Switching
Configuring Ethernet and F ast Ethernet Ports
Page 69
CHAPTER
5-1
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
5
Configuring Gigabit Ethernet Switching
This chapter describes how to configure Gigabit Ethernet switching on the Catalyst enterprise LAN
switches. The configuration tasks in this chapter apply to Gigabit Ethernet switching modules,
fixed-configuration switches, and up lin k port s on t he sup ervi sor eng ine.
Note For complete syntax and usage information for the commands used in this chapter, refer to the Command
Reference—Catalyst 4000 Family, Catalyst 2948G, and Cataly st 2 980G Swi tches .
This chapter consists of these sections:
• Understanding How Gigabit Ethernet Works, page 5-1
• Default Gigabit Ethernet Configuration, page 5-6
• Configuring Gigabit Ethernet, page 5-6
Understanding How Gigabit Ethernet Works
These sections descri be how Gigabit Ethern et works:
• Understanding How Gigabit Ethernet Flow Control Works, page 5-1
• Understanding How Port Negotiation Wor ks, page 5-3
• Understanding How Oversubscribed Gigabit Ethernet Works, page 5-3
Understanding How Gigabit Et he rnet F low C ontr ol Works
These sections descri be how flow control works:
• Flow-Control Overview, page 5-1
• Sending and Receiving Pause Frames, page 5-2
• Using Flow-Control Keywords, page 5-2
Flow-Control Overview
Flow-control is a feature that Gigabit Ethernet ports use to inhibit the transmission of incoming packets.
If a buffer on a Gigabit E thernet port runs out of space, the port transmits a special packet that requests
remote ports to delay sending packets for a period of time. This special packet is called a pause frame.
Page 70
5-2
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Understanding How Gi gabit Ethernet Works
Sending and Receiving Pause Frames
All Catalyst Gigabit Ethernet port s can receive and process pause frames from other devices. However,
not all Catalyst Gigabit Ethernet ports can transmit pause frames to other devices.
Table 5-1 identifies the Catalyst Gigabit Ethernet switches, modules, and ports that can transmit pause
frames to other devices.
Using Flow-Control Keywords
Table 5-2 describes guidelines for using different configurations of the send and rec eive keywords with
the set port flowcontrol command.
Table 5-1 Send Capability by Switch Type, Module, and Ports
Switch Type Module Ports Send
Catalyst 4000 A ll mod ules except WS-X441 8-G B,
WS-X4412-2GB-T, and
WS-X4416-2GB-TX
All ports except for the
oversubscribed ports listed below
No
Catalyst 4000 WS-X44 18-GB Uplink ports (1–2) No
Catalyst 4000 WS-X 4418- G B Oversubscribed ports (3–18) Yes
Catalyst 4000 WS-X44 12-2GB- T Uplink ports (13–14) No
Catalyst 4000 WS-X 4412- 2G B-T Oversubscrib ed port s (1–1 2) Ye s
Catalyst 2948G All ports All ports No
Catalyst 2980 All modules All ports No
Tabl e 5 -2
Send and Receive Keyword Configurations
Configuration Description
send on Enables a local port to send pause frames to a remote port. Use send on when a
remote port is set to receive on or receive des ired.
send off Prevents a local port from se nding pause fram es to a remote po rt. Use send off when
a remote port is set to receive off or receive desired .
send desired Indicates pr ef er en ce to send pause frames, b u t au ton egotiates flow co ntr o l. You can
use send desired when a remote port is set to receive on, receive off, or receive
desired.
receive on Enables a local po rt to pr oces s pa use fra me s t hat a remo te por t se nds. U se rec eive
on when a remote port is set to send on or send desired.
receive off Prevents a local port from pro cessi ng paus e fr am es . Us e receive off when a remote
port is set to send off or send desired.
receive
desired
Indicates preferenc e to process pa use frame s, but aut onegotia tes flow co ntrol. You
can use receive desired when a remote port is set to send on, send off, or send
desired.
Page 71
5-3
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Understanding How Gigabit Ethernet Works
Understanding How Port Negotiation Works
Caution Unli ke autonegotiat ion with 10/ 100 Fast Ethern et, Gi gabit Ethe rnet por t negotiation does not involve
negotiating port speed. You cannot disable port negotiation on Gigabit Ethernet ports using the set port
speed command.
Note Port negotiation is not support ed on 1000BASE-T Gi gabit Ethe rnet por ts.
With Gigabit Ethernet ports, port negotia tion is used to exchange flow-contr ol parameters, remote fault
information, and duplex information (even though Cisco Gigabit Ethernet ports only support full-duplex
mode). With Gigabit Ethernet ports, you configure port negotiation usi ng the set port negot iati on
command. Gigabit Ethern et port negoti ation is enab led by default.
The ports on both ends of a Gigabit Ethernet link must have the same setting. The link will not come up
if the ports at each end of the link a re set incons istentl y (port negot iation en abled on one port and
disabled on the othe r). Table 5-3 shows the four possible port negotia tion configurat ions for a Gigabi t
Ethernet link and the re sulting lin k status for each configurati on.
Note On 1000BASE-T Gigabit Ethernet ports, you cannot configure speed or dup lex mode. At th is time,
1000BASE-T ports only oper ate i n the defau lt c on figurati on whe re t he sp ee d is 1000 and d upl ex mode
is full. Y ou cannot disable autonegotiation at this time. On a 1000BASE-T port, you can configure flow
control and enable or disa ble a por t . To determine which feature s a 100 0BASE-T Gigab it Et hern et por t
supports, enter the show port capabilities mod_num command.
Understanding How Oversubscribed Gigabit Ethernet Works
These sections de scri be how the Ca taly st 4000 family oversubscribed G iga bit Eth erne t mo dule s work:
• Oversubscribed Gigabit Ethernet Overvi ew, page 5-4
• Oversubscribed Gigabit Ethernet Ex ampl e, pag e 5-5
Table 5-3 Gigabit Ethernet Port Negotiation Configuration and Possible Link States
Port Negotiation Stat e Link Status
Near End
1
1. Near End refers to the local Gigabit EtherChannel module port.
Far End
2
2. Far End refers to the remote port at the other end of the Gigabit link.
Near End Far End
Off Off Up Up
On On Up Up
OffOnUpDown
On Off Down Up
Page 72
5-4
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Understanding How Gi gabit Ethernet Works
Oversubscribed Gigabit Ethernet Overview
The Catalyst 4000 family Gigabit Ethernet modules provide a network-backbone connection for multiple
servers or high-end workstations . The following modul es are suppo rted:
• WS-X4412-2GB-T
This 1000BASE-T 14-port mo dule pr ovides 2 d edic ated up lin k m odu le port s (GB IC) a nd
12 oversubscribed ports (possi ble blo ckin g).
• WS-X4418-GB
This 1000BASE-X 18-port module provides 2 de dicated uplink mod ule ports (G BIC) and
16 oversubscribed ports (possi ble blo ckin g).
On all modules, each uplink module port has 1-Gbps dedicated bandwidth. These ports typically connect
to the network backbone.
Table 5-4 lists the uplink module port IDs for each module.
On all modules, the oversubscri bed po rts a re s egmen ted into gro ups of f our po rts e ach . Ea ch g rou p o f
four ports shares 1 Gbps of band widt h. The average band wid th that clie nts an d se rvers need to con ne ct
to ports in the sam e gr oup shoul d not exceed 1 G bps.
Table 5-5 shows how the oversubscribed ports are grouped for mo dule W S-44 12-2G B-TX .
Table 5-6 shows how the oversubscribed ports are grouped for mo dule W S -4418- 2G B.
The oversubscribed Giga bit E ther net port s are desig ned f or end- stat ion conn ec tions. We do not
recommend connecting these ports to switches or routers.
Each group of four oversubscribed ports has a buffer for incoming frames to allow connected devices to
transmit traffic simultaneously. Because the inbound buffer is small, the default (and recomme nded)
flow-control configuration fo r the oversubscrib ed ports is receive desi red and transmit on.
You can bundle m ul tip le oversubscr ibed p ort s in to a Gigabi t E ther Cha nn el lin k t o c onn ec t to
channel-capable servers. Bundling multiple oversubscribed ports in the same port group increases the
total available bandwidth and provides redundancy with quick failover for links to servers and hosts that
support the Port Aggregation Protocol (PAgP).
Table 5-4 Uplink Port Module IDs for Gigabit Ethernet Modules
Module Port ID
WS-X4412-2GB-T 13 14
WS-X4418-GB 1 2
Table 5-5 Oversubscribed Port Groupings for Module WS-4412-2GB-TX
1 2 3 4 5 6 7 8 9 10 11 12
Uplink Ports
13 14
Table 5-6 Oversubscribed Port Groupings for Module WS-4418-2GB
Uplink Ports
1 2
3 5 7 9
46 810
11 13 15 17
12 14 16 18
Page 73
5-5
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Understanding How Gigabit Ethernet Works
Oversubscribed Gigabit Ethernet Example
Figure 5-1 shows an example of how the 18-port server switching module (WS-X4418-GB) can connect
multiple network servers a nd hig h-e nd wor ksta tion s to t he G igab it Eth er net net work ba ckbo ne . The se
configurations are sh own:
• Server A, equipped with channel- and trunk-capable network interface cards (NICs), connects to the
switch through a four-port Gigabit EtherCh annel trun k link. Two ports are in one oversubscribed
port group and t wo ar e in a no ther. The switch ca n burst up to 2-Gb ps b an dwi dth in e ach dir ect ion
while averaging 250 Mbps per co nnec ted port (1 Gbps total ).
• Servers B and C, also with channel- and trunk-capable NICs, share the oversubscribed port groups
used by Server A. Each server has one port in each oversubscribed port group and can burst up to
2 Gbps of traffic over channeled connections to and from the switch while maintaining an average
of 250 Mbps per c onnec te d p ort (50 0 M bp s tot al ) in e ach dir ect ion.
• Server D is the only device connected to the oversubscribed port group and can use th e full 1-Gbps
bandwidth.
• Workstations 1 th rough 4 are high-end workstations. Each connects to a port in one oversubscribed
port group. Each workstation can burst up to 1-Gbps bandwidth while averaging 250 Mbps in each
direction.
• The network backbone connection is through a two-port Gigabit EtherChannel trunk link providing
2-Gbps bandwidth.
Figure 5-1 Example Server Switching Network Topology
T
H
I
S
A
S
S
E
M
B
L
Y
C
O
N
T
A
I
N
S
E
L
E
C
T
R
O
S
T
A
T
I
C
-
S
E
N
S
I
T
I
V
E
D
E
V
I
C
E
S
C
A
U
T
I
O
N
0%
100%
Network
backbone
Gigabit
EtherChannel
bundles
Backbone
switch
Server
A
Server
B
Server
C
Workstation 1
Workstation 2
Workstation 3
Workstation 4
Server
D
18069
Page 74
5-6
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Default Gigabit Ethernet Configuration
Default Gigabit Ethernet Configuration
Table 5-7 shows the Gigabit Ethernet default co nfigurati on.
Configuring Gigabit Ethernet
These sections describe how to config ure Gigabit Ethernet switching ports on the Catalyst enterprise
LAN switches:
• Setting the Port Name, page 5-7
• Setting the Port Priority Level, page 5-7
• Configuring Flow Control on Gigabit Ethernet Ports, page 5-8
• Configuring Port Negotiation on Gigabit Ethernet Ports, page 5-8
• Configuring a Timeout Period for Ports in errd is able Stat e, p age 5- 9
• Checking Connectivity, page 5-9
Note For information on configuring Gigabit Ethe rChan nel, see Chapter 6, “Configuring Fast EtherChannel
and Gigabit EtherCha nnel. ”
Table 5-7 Gigabit Ethernet Default Configuration
Feature Default Value
Port enable state All ports are enabled
Port name None
Port prior ity Normal
Duplex mode Full duplex
Flow control
• Oversubscribed Gigabit Ethernet ports (ports 3–18 on WS-X4418-GB):
Flow control set to desired for receive (Rx) and on for transmit (Tx )
• All others: Flow control set to off for receive (Rx) and desired for
transmit (Tx)
Port negotiation Enabled
Spanning Tree Protocol Enabled for VLAN 1
Native VLAN VLAN 1
Spanning tree port cost 4
Gigabit EtherChannel Disabled on all Gigabit Ethernet ports (auto mode)
Page 75
5-7
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Configuring Gigabit Ethernet
Setting the Port Name
You can assi gn names t o the ports on Gigabit Eth ernet mo dules to facil itate switc h admini strati on.
To assign a name to a port, perform this task in privileged mode:
This examp l e s hows how to set the name for port s 2/1 and 2/2 and how to verify that th e po rt names are
configured corre ctly :
Console> (enable) set port name 2/1 Backbone Connection
Port 2/1 name set.
Console> (enable) set port name 2/2 Wiring Closet
Port 2/2 name set.
Console> (enable) show port 2
Port Name Status Vlan Level Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ----------- 2/1 Backbone Connectio connected trunk normal full 1000 1000BASESX
2/2 Wiring Closet notconnect 1 normal full 1000 1000BASESX
<...output truncated...>
Last-Time-Cleared
-------------------------Tue Dec 22 1998, 13:42:04
Console> (enable)
Setting the Port Priority Level
You can configure the priority level for each port. When two ports simultaneously request access to the
switching bus, the switch uses the priority level to determine the order in which the ports
get access.
To set the port priority level, perform this task in privileged mode:
This example sho ws ho w to set the port prior ity le v el to high for port 2/1 and ve rify th at the p ort priority
is configured correctly:
Console> (enable) set port level 2/1 high
Port 2/1 level set to high.
Console> (enable) show port 2/1
Port Name Status Vlan Level Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ----------- 2/1 Backbone Connectio connected trunk high full 1000 1000BASESX
Task Command
Step 1
Assign a name to a port. set port name mod_num/po rt_nu m [name_string]
Step 2
Verify that the port name is configured. show port [mod_num[/port_num]]
Task Command
Step 1
Configure the priority level for a port. set port level mod_num/port_num
{normal | high}
Step 2
Verify that the port priority level is configured
correctly.
show port [mod_num[/por t_num]]
Page 76
5-8
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Configuring Gigabit Eth ernet
<...output truncated...>
Last-Time-Cleared
-------------------------Tue Dec 22 1998, 13:42:04
Console> (enable)
Configuring Flow Control on Gigabit Ethernet Ports
To configure flow contr ol o n a Giga bit Et herne t po rt , pe rf orm t h is t ask i n privileged m od e:
This example shows how to turn transmit and receive flow control on and how to verify the flow-control
configuration:
Console> (enable) set port flowcontrol send 2/1 on
Port 2/1 flow control send administration status set to on
(port will send flowcontrol to far end)
Console> (enable) set port flowcontrol receive 2/1 on
Port 2/1 flow control receive administration status set to on
(port will require far end to send flowcontrol)
Console> (enable) show port flowcontrol 2/1
Port Send FlowControl Receive FlowControl RxPause TxPause Unsupported
admin oper admin oper opcodes
----- -------- -------- -------- -------- ------- ------- ---------- 2/1 on on on on 0 0 0
Console> (enable)
Configuring Port Negotiation on Gigabit Ethernet Ports
Note You canno t configure port negotiati on on 1000BASE-T Gigab it Ether net ports in this relea se.
To enable port negotiation on a 1000BASE-X Gigabit Ethernet port, perform this task in privileged
mode:
This example shows how to enable port negotiation and verify the configuration:
Console> (enable) set port negotiation 2/1 enable
Port 2/1 negotiation enabled
Console> (enable) show port negotiation 2/1
Port Link Negotiation
Task Command
Step 1
Set the flow-control par ame ters on a G igab i t
Ethernet port .
set port flowcontrol {receive | send}
mod_num/port_num {of f | on | de s ired}
Step 2
Verify the flow-control configuration. show port flowcon trol
Task Command
Step 1
Enable Gigabit Eth ernet por t negotiatio n. set port ne gotiati on mod_num/port_num enable
Step 2
Verify the port negotiation configuration. show port negotiation [mod_num/p ort_nu m]
Page 77
5-9
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Configuring Gigabit Ethernet
----- --------------- 2/1 enabled
Console> (enable)
To disable port negotia tion on a 1000 BASE-X Gigabit Ethern et por t, perfo rm this task i n privileged
mode:
This example shows how to di sabl e port negoti atio n a nd verify the configura tion:
Console> (enable) set port negotiation 2/1 disable
Port 2/1 negotiation disabled
Console> (enable) show port negotiation 2/1
Port Link Negotiation
----- --------------- 2/1 disabled
Console> (enable)
Configuring a Timeout Period for Ports in errdisable State
For information on configuring a timeout period for ports in errdisable state, see Chapter 4, “Configuring
Ethernet and Fast Ethernet Swi tching. ”
Checking Connectivity
Note For more detailed informa tion on ch ecking connect ivity, see Chapter 19, “Che cking Port Status and
Connectivity.”
Use the ping and traceroute commands to test connectivity out Gigabit Ethernet ports.
To check connectivity out a por t, perfo rm this task in privileged mode :
Task Command
Step 1
Disable Gigabit Ethe rnet por t negotiatio n. set port negotiation mod_num/port_num disable
Step 2
Verify the port negotiation configuration. show port negotiation [mod_num/p ort_nu m]
Task Command
Step 1
Ping a remote host that is located out the port you
want to test.
ping [-s] hos t [packet_size] [ packet_count]
Step 2
Trace the hop-by-hop route of pac kets from the
switch to a remote host locate d out the port you
want to test.
traceroute host
Step 3
If the host is unresponsive, check the IP address
and default gateway configured on the switch.
show interface
show ip route
Page 78
5-10
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 5 Configuring Gigabit Ethernet Switching
Configuring Gigabit Eth ernet
This example shows how to ping a remote host and how to trace the hop-by-hop path of packets through
the network using tr acerou te:
Console> (enable) ping somehost
somehost is alive
Console> (enable) traceroute somehost
traceroute to somehost.company.com (10.1.2.3), 30 hops max, 40 byte packets
1 engineering-1.company.com (173.31.192.206) 2 ms 1 ms 1 ms
2 engineering-2.company.com (173.31.196.204) 2 ms 3 ms 2 ms
3 gateway_a.company.com (173.16.1.201) 6 ms 3 ms 3 ms
4 somehost.company.com (10.1.2.3) 3 ms * 2 ms
Console> (enable)
Page 79
CHAPTER
6-1
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
6
Configuring Fast EtherChannel and Gigabit
EtherChannel
This chapter desc rib es how to c onfigure Fast Et her Cha nnel and Gi gab it Et her Cha nnel port bundles o n
the Catalyst enterp rise LAN swi tches. The configuration tasks in this chapter apply to F ast E thern et an d
Gigabit Ethernet switch ports on sw itching modules an d fixed-configuration switche s, as well as t o
supervisor engine Fast Ethernet and Gigabit Et hernet uplink po rts.
Note For complete informati on on insta lling Cata lyst 4000 fam ily Fast Ethern et and Giga bit Ethe rnet
modules, refer to the Catalyst 40 00 Family Installation Guide.
Note For complete syntax and usage information for the commands used in this chapter, refer to the Command
Reference—Catalyst 4000 Family, Catalyst 2948G, and Cataly st 2 980G Swi tches .
This chapter consists of these sections:
• Understanding How EtherChannel Works, page 6-1
• Default EtherChannel Configuration, page 6-4
• Hardware Support for EtherChanne l, pa ge 6- 4
• EtherChannel Configuration Guideli nes a nd Rest ric tions, pa ge 6 -4
• Configuring EtherChannel, page 6-5
• EtherChannel Configuration Example s, pa ge 6 -11
Understanding How EtherChannel Works
These sections describe how EtherChannel works:
• EtherChannel Overview, page 6-2
• Understanding Administrative Groups and E therC hann el ID s, pa ge 6- 2
• Understanding the Port Aggregation Protocol, page 6-2
• Understanding Frame Distribution, pa ge 6 -3
Page 80
6-2
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter6 Configuring Fast EtherChannel and Gigabit EtherChannel
Understanding How EtherCh annel Works
EtherChannel Overview
Fast EtherChannel and Gigabit EtherChan nel port bundles allow you to group multipl e Fast or Gigabit
Ethernet ports i nto a si ng le logica l t ran smi ssion pat h betwe en t he swit ch a nd a r oute r, host, or an other
switch.
Depending on your hardware, you can form an EtherChannel with up to eight compatibly configured Fast
or Gigabit Ethern et por ts on the swi tch. In a dditi on, on t h e Catal yst 4000 family swit che s, you can
configure an EtherChannel using ports from multiple mod ules. All ports in an EtherChannel must be the
same speed.
The switch distributes frames across the ports in an EtherChannel according to the source and destination
Media Access Control (MAC) addresses. If a port within an EtherChannel fails, traffic previously carried
over the failed port switches to the remaining port s within the EtherChannel . A trap is sent upon a failure
identifying the switch, the EtherChannel, and the failed link.
Both Fast and Gigabit EtherChannel bundles can be configured as trunk links. After a c hannel has been
formed, configuring any port in the channel as a trunk applies the configuration to all ports in the
channel. Identically configured trunk ports can be configured as an EtherChannel. For more information,
see the “EtherChannel Configuration Guidelines and Restrictions” section on page 6-4 and Chapter 11 ,
“Configuring VLAN Trunks on Fast Ethernet and Giga bit Etherne t Ports.”
Understanding Administrative Groups and EtherChannel IDs
Configuring an EtherChannel creates an admini strative group, designa ted by an integer betwe en 1 and
1024 inclusive, to which the EtherChannel be longs. You can assign an administrative group number
manually or let the system software assign the ne xt av ailable administrati v e group number automatically.
Forming an EtherCha nn el witho ut sp eci fyin g an ad mini str ative group nu mbe r c reat es a n ew
automatically numbered administrative group consisting of the ports you configure as an EtherChannel.
An administrative group can co ntai n a m ax imum of ei ght por ts.
You can de fine an EtherCha nnel ad minist rative group without for ming an Et herChan nel. Only ports
belonging to the sa m e ad mi nistra tive group ca n fo rm a sing le Ethe rC ha nnel t og ether.
In addition to the administ rative group number, each EtherChanne l is auto matica lly assigned a unique
EtherChannel ID. Use the show channel group
admin_group command to display the EtherChannel ID.
EtherChannel administrative group numbers are stored in NVRAM and remain the same after the switch
is reset or power cycled. EtherChannel IDs are not saved in NVRAM. The ID can change if the
EtherChannel is torn down a nd re negoti ated, o r if the switc h is re set or power cycle d.
Understanding the Port Aggregation Protocol
The Port Aggregation Pr otoc ol ( PAgP) facilitates the autom atic cre ation o f Fast E the rChann el an d
Gigabit EtherChannel li nks by exchanging pa ckets be twee n chann el- capa ble ports. The prot ocol learns
the capabilities of port groups dynamically and informs the neighboring ports.
After PAgP identifies correctly paired channel-capable links, it groups the ports into a channel. The
channel is then a dded to the spa nning t ree as a s ing le br id ge p ort . A g iven outbound b roa dca st or
multicast packet is transmitted out one port in the channel only, not out every port in the channel. In
addition, outbound bro adcas t and multic ast pac kets transm itted on one por t in a chan nel are bl ocked
from returning on any other port of the channe l.
Page 81
6-3
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 6 Configuring Fast Et herChannel and Gigabit EtherChannel
Understanding How Et herChannel Works
There are four user-configura ble chan nel mode s: on, off, auto, and desirable. PAgP packets are
exchanged only between ports in auto and desirable mode. Ports configured in on or off mode do not
exchange PAgP packets. The auto and desirable modes can be modified with the silent and non-silent
keywords. Table 6-1 describes each mode.
Both the auto and desirable modes allow ports to negotiate with connected ports to determine if they
can form a cha nnel , based o n c rite ria such a s po rt sp ee d, t r unkin g s tat e, n ative VLAN, a nd so on.
Ports can form an EtherChannel when they are in different channel modes as long as the modes are
compatible. For example:
• A port in desirable mode can form an Et herChan nel succe ssfull y with anot her port th at is in
desirable or auto mode.
• A port in auto mode can form an EtherChannel with anoth er port in desirable mode.
• A port in auto mode cannot form an EtherChannel with another port that is also in auto mode, since
neither port will initiate negotiation.
• A port in on mode can form a channel only with a port in on mode, because ports in on mode do not
exchange PAgP packets.
• A port in off mode will not form a channel with any port.
Understanding Frame Distribution
EtherChannel distributes frames ac ross the link s in a channel based on t he low-order bits of the sou rce
and destination Media Access Control (MAC) addresses of each frame. The frame distribution method
is not configurable.
Table 6-1 Channel Modes
Mode Description
on Forces the port to channel withou t negotiation . PAgP packets are not exchanged.
The port is channeling regardless of how the peer port is configured. If the peer port
is in on mode, a channel is formed. In any other mode, the peer port is placed in the
errdisable state due to a channel misconfiguration.
off Prevents the port from channeling. PAgP packets are not exchanged. The port is not
channeling r egardle ss o f how the pe er po rt i s co nfigured . No c ha nnel is for med .
auto Places a port int o a passive negotiatin g state , in whic h the por t r esponds to PAgP
packets it receives but does not initiate PAgP packet negotiation. A channel is
formed only with another po rt grou p in desirable mode. (Default)
desirable Places a port into an acti ve negotiating sta te, in which th e port initiates ne gotiations
with other ports by sending PAgP packets. A channel is formed with another por t
group in either desirable or auto mode.
Use the silent keyword when you are connecting to a “silent partner” (a device that
is not generating BPDUs or other traffic). An example of a silent partner is a traffic
generator that is not transmitting packets. Use this keyword with the auto or
desirable mode. If you do not specify silent or non-silent, silent is assumed.
Use the non-silent keyword when you are connecting to a device that will transmit
BPDUs or other traffic. Use t his keyword wit h t he aut o or desirable mode.
Page 82
6-4
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter6 Configuring Fast EtherChannel and Gigabit EtherChannel
Default EtherChannel Config uration
Default EtherChannel Configuration
Table 6-2 shows the Fast EtherChannel and Giga bit Eth erCha nnel d efault configura tio n.
Hardware Support for EtherChannel
EtherChannel suppo rt is hardware -dep endent . In genera l, you can u se the show port capabilities
command to d et ermine whether your hardware supports EtherChannel, and to confirm w hich ports you
can bundle into a sin gle Ethe r Channe l.
An EtherChannel bundle c an con sis t of any t wo to e ight port s. Po rts i n an E the rChan ne l bundle d o not
have to be continuous, and they do not have to be on the same module.
Due to the po rt I D ha nd ling by the span ni ng tree fe at ure, the m axim um sup por ted nu mber of c hanne ls
is 126 for a 6-slot chassis.
EtherChannel Configuration Guidelin es and Rest rictions
If improperly c on figured, so me E ther Chann el por ts are d isable d au toma tica lly to avoid network loops
and other problems. U se the fo llowing guidel ines to avoid configuration probl ems:
• Assign all ports in an EtherChannel to the same VLAN, or co nfigure them as trun k ports.
• If you configure the EtherChanne l as a trunk, configure the same trunk mode on all the port s in the
EtherChannel, on bo th ends of the li nk. Con figuring port s in an E t herCh anne l i n different trun k
modes can have unexpected re sults .
• Configure all ports in an EtherCha nnel to opera te at the same speed and dup lex mod e (f ull or h alf
duplex).
• If the EtherChannel is composed of trunk ports, you must configure the same allowed VLAN range
on all the ports. When the allowed VLAN range is not the same for all trunks in a channel, trunk
ports on which a particular VLAN is not allowed will drop the packets for that VLAN while ports
on which the VLAN is allowed will transmi t t he traffic. If the allowed VLAN range is not the same
on all ports in the channel, the ports do not form a channel when set to the auto or desirable mode
with the set port channel command.
• Conf igure all ports in an EtherChannel with the same GARP VLAN Registration Protocol (GVRP),
GARP Multicast Registration Protocol (GMRP), and quality of service (QoS) parameters.
• Do not configure the ports in an EtherChannel as dyn amic V LAN port s. You can adversely affect
switch performance.
• Make sure port security is disabl ed o n c hann ele d ports. I f you e nabl e po rt se c urity on a c ha nnel ed
port, the port shuts down when it re ceiv es packets with source addresses that do not match the s ecure
address of the port.
Table 6-2 Fast EtherChannel and Gigabit EtherChannel Default Configuration
Feature Default Value
Fast EtherChannel auto silent mode on all Fast E ther ne t po rts
Gigabit EtherCha nn el auto silent mode o n all Fast E ther net port s
Frame-distribution met ho d Source and destination M AC
Page 83
6-5
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 6 Configuring Fast Et herChannel and Gigabit EtherChannel
Configuring EtherChannel
• If you d isable a p ort i n a channe l, the sys tem consid ers t he p ort as a lin k f ailur e an d th e port’s traffic
is transferred to one or more of the remaining ports in the channel.
• Ensure that all ports in a channel have the same configuration on both ends of the channel.
Configuring EtherChannel
These sections describe how to configure an EtherCha nnel bundle:
• Creating an EtherChannel, page 6-5
• Defining an EtherChannel Administrative Group, page 6-6
• Setting the EtherChannel Spanning Tree Port Cost, page 6-7
• Setting the EtherChannel Spanning Tree Port VLAN Cost, page 6-7
• Removing an EtherChannel Bundle, pa ge 6 -8
• Displaying EtherChannel Configuration In for mat ion, page 6 -9
• Displaying EtherChannel Traffic Statistics, page 6-10
• Displaying EtherChannel PAgP Statistics, page 6-11
Creating an EtherChannel
You create an EtherChannel port bundle by specifying the ports in the channel and the channeling mode.
When you create an EtherCha nnel, an administ rative group number is assi gned auto matica lly if one i s
not already assigned to the specified ports. In addition, a channel ID is assigned.
The silent and non-silent keywords function only w ith t he auto a nd desirable modes.
To create an E the rCh annel port bundle, perf or m this tas k i n privileged mod e:
This example shows how to crea te an E the rChan nel bundle an d veri fy the con figura tion:
Console> (enable) set port channel 3/5-6 on
Port(s) 3/5-6 are assigned to admin group 57.
Port(s) 3/5-6 channel mode set to on.
Console> (enable) show port channel
Port Status Channel Admin Ch
Mode Group Id
----- ---------- -------------------- ----- ---- 3/5 connected on 57 835
3/6 connected on 57 835
----- ---------- -------------------- ----- -----
Task Command
Step 1
If you are unsure which ports you can configure as
an EtherChannel, veri fy the Ethe rChan nel
capabilities for the module or switch you are
configuring.
show port capabilities [mod_num[/po rt_nu m]]
Step 2
Create an EtherChanne l with the de sired por ts. set port channel port_list [ad min_group] mode
{on | off | desirable | auto} [silent | non-silent]
Step 3
Veri fy the Et herCh an nel configur ation . show port channel [p ort_list]
Page 84
6-6
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter6 Configuring Fast EtherChannel and Gigabit EtherChannel
Configuring EtherChannel
Port Device-ID Port-ID Platform
----- ------------------------------- ------------------------- --------------- 3/5 069003103(5500) 3/5 WS-C4000
3/6 069003103(5500) 3/6 WS-C4000
----- ------------------------------- ------------------------- ---------------Console> (enable)
Defining an EtherChannel Administrative Group
You can de fine an EtherCha nnel ad ministra tive group manually to identify groups of ports t hat are
allowed to form an Ethe rC hanne l bundl e t oget her. When you c re ate a n Ethe rC hanne l po rt bundle, an
administrative group is defined automatically. Administrative group membership is limited by hardware
restrictions.
The admin_group can be any value between 1 and 1024, incl usive.
Caution Modify ing the Eth erCha nnel admi nistrative group on conne cted port s causes the spec ified ports to be
removed from and then adde d to spa nn ing t ree ( that is, a spann in g tre e top ology c ha nge oc cu rs and t he
ports must enter listening and learnin g mode befor e returni ng to forwardi ng mode).
To define an Ether Cha nnel adm ini stra tive group, pe rf orm th is t ask i n privileged mode:
This example shows how to assign ports to an administrative group and verify the configura tion:
Console> (enable) set port channel 3/5-6 50
Port(s) 3/5-6 are assigned to admin group 50.
Console> (enable) show channel group 50
Admin Port Status Channel Channel
group Mode id
----- ----- ---------- -------------------- ------- 50 3/5 connected auto silent 0
50 3/6 connected auto silent 0
Admin Port Device-ID Port-ID Platform
group
----- ----- ------------------------------- ------------------------- --------- 50 3/5
50 3/6
Console> (enable)
Task Command
Step 1
Define the administrative group by specifying the
ports in the group.
set port channel port_list admin_group
Step 2
Veri fy the adm ini stra tive group co nfigurat ion. show channel group [admin_group]
Page 85
6-7
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 6 Configuring Fast Et herChannel and Gigabit EtherChannel
Configuring EtherChannel
Setting the Ethe rC hann e l Sp ann i ng Tr ee Po rt Cos t
To set the spanni n g tr ee po rt co st fo r an Eth er Chann el , perf or m th is tas k i n privileged mod e:
This example shows how to set the Et her Cha nnel port path cost for c hanne l I D 768:
Console> (enable) show channel group 20
Admin Port Status Channel Channel
group Mode id
----- ----- ---------- --------- ------- 20 1/1 notconnect on 768
20 1/2 connected on 768
Admin Port Device-ID Port-ID Platform
group
----- ----- ------------------------------- ------------------------- --------- 20 1/1
20 1/2 066510644(cat26-lnf(NET25)) 2/1 WS-C6009
Console> (enable)
Console> (enable) set channel cost 768 12
Port(s) 1/1,1/2 port path cost are updated to 31.
Channel 768 cost is set to 12.
Warning:channel cost may not be applicable if channel is broken.
Console> (enable)
Setting the Ethe rC hann el Span n ing Tr ee Po rt V LAN Cos t
The spanning tree por t VLAN c ost pr o vid es an a lternate cos t fo r som e of the VLANs in a tr unk chann el.
This provides load balancing of VLAN traffic accross multiple channels configured with trunking, as
some VLANs in the c han ne l ca n have port VL AN co st, a nd the rema ini ng VL AN S in the cha nne l have
port cost.
To set the spanning tree port VLAN cost for an EtherChannel, perform this task in privileged mode:
Task Command
Step 1
Determine the Ethe rCha nnel ID of the
EtherChannel for which yo u want to set the port
cost.
show channel group admin_group
Step 2
Set the spanning tree port cost for an
EtherChannel using the EtherChannel ID
obtained in Step 1.
set channel cost {channel_id | all} cost
Task Command
Step 1
Determine the Ethe rCha nnel ID of the
EtherChannel for which yo u want to set the port
VLAN cost.
show channel group admin_group
Step 2
Set the spanning tree port VLAN cost for an
EtherChannel using the EtherChannel ID
obtained in Step 1.
set channel vlancost {channel _id | all } cost
Page 86
6-8
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter6 Configuring Fast EtherChannel and Gigabit EtherChannel
Configuring EtherChannel
This example shows how to set the EtherChanne l VLAN co st for chan nel ID 768 :
Console> (enable) show channel group 20
Admin Port Status Channel Channel
group Mode id
----- ----- ---------- --------- ------- 20 1/1 notconnect on 768
20 1/2 connected on 768
Admin Port Device-ID Port-ID Platform
group
----- ----- ------------------------------- ------------------------- --------- 20 1/1
20 1/2 066510644(cat26-lnf(NET25)) 2/1 WS-C6009
Console> (enable)
Console> (enable) set channel vlancost 768 12
Channel 768 vlancost set to 12.
Console> (enable)
Removing an Et herC hann e l Bun dle
T o return a Fast EtherChannel or Gigabit EtherChannel bundle to its default configuration, perform this
task in privileged mode:
This example shows how to return a channel to its defau lt configurati on and how to verify the
configuration:
Console> (enable) set port channel 3/5-6 mode auto
Port(s) 3/5-6 channel mode set to auto.
Console> (enable) show port channel
No ports channelling
Console> (enable)
Task Command
Step 1
Return a channel to its def ault configuration (you
must perform this task on both sides of the
channel).
set port channel port_list mode auto
Step 2
Verify the configuration. show port channel [m o d_num[/port_num]]
Page 87
6-9
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 6 Configuring Fast Et herChannel and Gigabit EtherChannel
Configuring EtherChannel
Displaying EtherChannel Configuration Information
To display EtherChannel configuration information, perform one of these tasks in privileged mode:
This example shows how to displ ay E the rCh anne l co nfigurat ion i nform at ion by po rt:
Console> (enable) show port channel info
Switch Frame Distribution Method: mac both
Port Status Channel Admin Channel Speed Duplex Vlan
mode group id
----- ---------- -------------------- ----- ------- ----- ------ --- 3/5 connected on 56 835 a-100 a-full 1
3/6 connected on 56 835 a-100 a-full 1
----- ---------- -------------------- ----- ------- ----- ------ ----
Port ifIndex Oper-group Neighbor Oper-Distribution PortSecurity/
Oper-group Method Dynamic port
----- ------- ---------- ---------- ----------------- ------------ 3/5 377 1 mac both
3/6 377 1 mac both
----- ------- ---------- ---------- ----------------- -------------
Port Device-ID Port-ID Platform
----- ------------------------------- ------------------------- --------------- 3/5 069003103(5500) 3/5 WS-C4000
3/6 069003103(5500) 3/6 WS-C4000
----- ------------------------------- ------------------------- ----------------
Port Trunk-status Trunk-type Trunk-vlans
----- ------------ ------------- ---------------------------------------------- 3/5 not-trunking negotiate 1-1005
3/6 not-trunking negotiate 1-1005
----- ------------ ------------- -----------------------------------------------
Port Portvlancost-vlans
----- ------------------------------------------------------------------------- 3/5
3/6
----- --------------------------------------------------------------------------
Port Port Portfast Port Port
priority vlanpri vlanpri-vlans
----- -------- -------- ------- ----------------------------------------------- 3/5 32 disabled 0
3/6 32 disabled 0
----- -------- -------- ------- ------------------------------------------------
Port IP IPX Group
----- -------- -------- --------
Task Command
Display EtherCha nnel configu ratio n in for mat ion
by port.
show port channel [mod_num[/port_num]] info
[spantree | trunk | protocol | gmrp | gvrp | qos]
Display EtherCha nnel configu ratio n in for mat ion
by EtherChannel administra tive group.
show channel group [admin_group] info
[spantree | trunk | protocol | gmrp | gvrp | qos]
Display EtherCha nnel configu ratio n in for mat ion
by EtherChannel ID.
show channel [channel_id] info [spantree |
trunk | protocol | gmrp | gvrp | qos]
Page 88
6-10
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter6 Configuring Fast EtherChannel and Gigabit EtherChannel
Configuring EtherChannel
3/5 on auto-on auto-on
3/6 on auto-on auto-on
----- -------- -------- --------
Port GMRP GMRP GMRP
status registration forwardAll
----- -------- ------------ --------- 3/5 enabled normal disabled
3/6 enabled normal disabled
----- -------- ------------ ----------
Port GVRP GVRP GVRP
status registeration applicant
----- -------- ------------- -------- 3/5 disabled normal normal
3/6 disabled normal normal
----- -------- ------------- ---------
Port Qos-Tx Qos-Rx Qos-Trust Qos-DefCos
----- ------ ------ ------------ --------- 3/5 - - untrusted 0
3/6 - - untrusted 0
----- ------ ------ ------------ ----------
Console> (enable)
Displaying EtherChannel Traffic Statistics
To display EtherChannel traffic statistics, perform this task in privileged mode:
This example shows how to display EtherChannel traffic statistics information for EtherChannel ID 835:
Console> show channel 835 mac
Channel Rcv-Unicast Rcv-Multicast Rcv-Broadcast
-------- -------------------- -------------------- -------------------835 0 119200 0
Channel Xmit-Unicast Xmit-Multicast Xmit-Broadcast
-------- -------------------- -------------------- -------------------835 0 184171 0
Channel Rcv-Octet Xmit-Octet
-------- -------------------- -------------------835 11283708 14942104
Channel Dely-Exced MTU-Exced In-Discard Lrn-Discrd In-Lost Out-Lost
-------- ---------- ---------- ---------- ---------- ---------- ---------835 0 0 0 0 0 0
Console> (enable)
Task Command
Display EtherChannel traffic statistics. show channel [channel_id] mac
Page 89
6-11
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 6 Configuring Fast Et herChannel and Gigabit EtherChannel
EtherChannel Configuration Examples
Displaying EtherChannel PAgP Statistics
To display EtherChannel PAgP statistics, perform one of these tasks in privileged mode:
This example shows how to display EtherChannel PAgP statistics information by EtherChannel
administrative group:
Console> show channel group 58 statistics
Port Admin PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts PAgP Pkts
Group Transmitted Received InFlush RetnFlush OutFlush InError
----- ------- ----------- --------- --------- --------- --------- -------- 3/5 58 194 81 0 0 0 0
3/6 58 204 85 0 0 0 0
Console> (enable)
EtherChannel Configuration Examples
These sections contai n Fast and Gigabi t Ether Chann el configurat ion exampl es:
• Four-Port Fast EtherCha nnel Configuratio n E xamp le, page 6 -11
• Two-Port Gigabi t E ther Chann el Configu ratio n E xamp le, pa ge 6 -13
Note For examples of configuring VLAN trunks on Et herChann el port bundles, see the “Example VLAN
Trunk Configurations” section on page 1 1-7.
Four-Port Fast EtherChannel Configuration Example
This example configura tio n sh ows how to co nfigure a four-po rt Fast E t herCha nn el lin k b etw een two
switches. Figure 6-1 shows two switches connected t hroug h fou r 100BASE-TX Fast Eth erne t po rts.
Task Command
Display EtherCha nnel PAgP statistics by port. show port channel [mod_num[/port_ num]]
statistics
Display EtherCha nnel PAgP statistics by
EtherChannel admin istrative group.
show channel group [admin_group] statistics
Display EtherCha nnel PAgP statistics by
EtherChannel ID.
show channel [admin_group] statistics
Page 90
6-12
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter6 Configuring Fast EtherChannel and Gigabit EtherChannel
EtherChannel Configurati on Examples
Figure 6-1 Fast EtherChannel Port Bundle Example
Step 1 Make sure that all ports on Switch A and Switch B have the same port configuration , includi ng VLAN
membership, spee d, a nd du plex.
Switch_A> (enable) set vlan 50 1/1-4
VLAN 50 modified.
VLAN 1 modified.
VLAN Mod/Ports
---- ----------------------50 1/1-4
2/1-2
3/1-3
Switch_A> (enable) set port speed 1/1-4 100
Ports 1/1-4 transmission speed set to 100Mbps.
Switch_A> (enable) set port duplex 1/1-4 full
Ports 1/1-4 set to full-duplex.
Switch_A> (enable)
Switch_B> (enable) set vlan 50 3/1-4
VLAN 50 modified.
VLAN 1 modified.
VLAN Mod/Ports
---- ----------------------50 3/1-4
Switch_B> (enable) set port speed 3/1-4 100
Ports 3/1-4 transmission speed set to 100Mbps.
Switch_B> (enable) set port duplex 3/1-4 full
Ports 3/1-4 set to full-duplex.
Switch_B> (enable)
Step 2 Confirm the channeling status of the switches using the show port channel command.
Switch_A> (enable) show port channel
No ports channelling
Switch_A> (enable)
Switch_B> (enable) show port channel
No ports channelling
Switch_B> (enable)
Step 3 Configure the ports on Swi tch A to negotiate a Fast Et herCh an nel bundle wit h the nei ghbori ng swit ch.
This example assumes tha t t he n eigh bor ing por ts on Sw it ch B are in Ethe rCh anne l auto mode. The
system logging mes sag es provide in form ati on abou t the form a tio n o f th e Eth erCha nne l bundl e.
Switch_A> (enable) set port channel 1/1-4 desirable
Port(s) 1/1-4 channel mode set to desirable.
Switch_A> (enable) %PAGP-5-PORTFROMSTP:Port 1/1 left bridge port 1/1
%PAGP-5-PORTFROMSTP:Port 1/2 left bridge port 1/2
%PAGP-5-PORTFROMSTP:Port 1/3 left bridge port 1/3
Switch A
Switch B
1/1
1/2
1/3
1/4
3/1
3/2
3/3
3/4
Fast EtherChannel
port bundle
23923
Page 91
6-13
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 6 Configuring Fast Et herChannel and Gigabit EtherChannel
EtherChannel Configuration Examples
%PAGP-5-PORTFROMSTP:Port 1/4 left bridge port 1/4
%PAGP-5-PORTFROMSTP:Port 1/2 left bridge port 1/2
%PAGP-5-PORTFROMSTP:Port 1/3 left bridge port 1/3
%PAGP-5-PORTFROMSTP:Port 1/4 left bridge port 1/4
%PAGP-5-PORTTOSTP:Port 1/1 joined bridge port 1/1-4
%PAGP-5-PORTTOSTP:Port 1/2 joined bridge port 1/1-4
%PAGP-5-PORTTOSTP:Port 1/3 joined bridge port 1/1-4
%PAGP-5-PORTTOSTP:Port 1/4 joined bridge port 1/1-4
Switch_B> (enable) %PAGP-5-PORTFROMSTP:Port 3/1 left bridge port 3/1
%PAGP-5-PORTFROMSTP:Port 3/2 left bridge port 3/2
%PAGP-5-PORTFROMSTP:Port 3/3 left bridge port 3/3
%PAGP-5-PORTFROMSTP:Port 3/4 left bridge port 3/4
%PAGP-5-PORTFROMSTP:Port 3/2 left bridge port 3/1-4
%PAGP-5-PORTFROMSTP:Port 3/3 left bridge port 3/1-4
%PAGP-5-PORTFROMSTP:Port 3/4 left bridge port 3/1-4
%PAGP-5-PORTTOSTP:Port 3/1 joined bridge port 3/1-4
%PAGP-5-PORTTOSTP:Port 3/2 joined bridge port 3/1-4
%PAGP-5-PORTTOSTP:Port 3/3 joined bridge port 3/1-4
%PAGP-5-PORTTOSTP:Port 3/4 joined bridge port 3/1-4
Step 4 After the EtherC ha nne l bundle is negotia ted, ent er t he show port channel command to verify the
configuration.
Switch_A> (enable) show port channel
Port Status Channel Channel Neighbor Neighbor
mode status device port
----- ---------- --------- ----------- ------------------------- --------- 1/1 connected desirable channel WS-C4003 JAB023806(Sw 3/1
1/2 connected desirable channel WS-C4003 JAB023806(Sw 3/2
1/3 connected desirable channel WS-C4003 JAB023806(Sw 3/3
1/4 connected desirable channel WS-C4003 JAB023806(Sw 3/4
----- ---------- --------- ----------- ------------------------- ---------Switch_A> (enable)
Switch_B> (enable) show port channel
Port Status Channel Channel Neighbor Neighbor
mode status device port
----- ---------- --------- ----------- ------------------------- --------- 3/1 connected auto channel WS-C4012 009979082(Sw 1/1
3/2 connected auto channel WS-C4012 009979082(Sw 1/2
3/3 connected auto channel WS-C4012 009979082(Sw 1/3
3/4 connected auto channel WS-C4012 009979082(Sw 1/4
----- ---------- --------- ----------- ------------------------- ---------Switch_B> (enable)
Two-Port Gigabit EtherChannel Configuration Example
This example configuration shows how to configure a two-port Gigabit EtherChannel link between two
switches. Figure 6-2 shows two switches connected through four 1000BASE-SX Gigabit Ethernet ports.
Page 92
6-14
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter6 Configuring Fast EtherChannel and Gigabit EtherChannel
EtherChannel Configurati on Examples
Figure 6-2 Gigabit EtherChannel Port Bundle Example
Step 1 Make sure that all ports on Switch A and Switch B have the same port configuration, such as V LAN
membership.
Switch_A> (enable) set vlan 100 2/1-2
VLAN 100 modified.
VLAN 1 modified.
VLAN Mod/Ports
---- ----------------------100 2/1-2
Switch_A> (enable)
Switch_B> (enable) set vlan 100 3/1-2
VLAN 100 modified.
VLAN 1 modified.
VLAN Mod/Ports
---- ----------------------100 3/1-2
Switch_B> (enable)
Step 2 Confirm the channeling status of the switches using the show port channel command.
Switch_A> (enable) show port channel
No ports channelling
Switch_A> (enable)
Switch_B> (enable) show port channel
No ports channelling
Switch_B> (enable)
Step 3 Note that in this example, EtherChannel is configured on for all ports. If you configure ports on, you
must configure the ports on both ends of the Ethe rChann el bundle on. The switches will not negotiate
an EtherChannel port bundle au toma t ical ly i n on mod e. The system logging messa ges p rovide
information about the fo rmat ion of the Ethe rCh anne l bund le.
Switch_A> (enable) set port channel 2/1-2 on
Port(s) 2/1-2 channel mode set to on.
Switch_A> (enable) %PAGP-5-PORTFROMSTP:Port 2/1 left bridge port 2/1
%PAGP-5-PORTFROMSTP:Port 2/2 left bridge port 2/2
%PAGP-5-PORTTOSTP:Port 2/1 joined bridge port 2/1-2
%PAGP-5-PORTTOSTP:Port 2/2 joined bridge port 2/1-2
Switch_B> (enable) set port channel 3/1-2 on
Port(s) 3/1-2 channel mode set to on.
Switch_B> (enable) %PAGP-5-PORTFROMSTP:Port 3/1 left bridge port 3/1
%PAGP-5-PORTFROMSTP:Port 3/2 left bridge port 3/2
%PAGP-5-PORTTOSTP:Port 3/1 joined bridge port 3/1-2
%PAGP-5-PORTTOSTP:Port 3/2 joined bridge port 3/1-2
Switch A
Switch B
2/1
2/2
3/1
3/2
Gigabit EtherChannel
port bundle
23922
Page 93
6-15
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 6 Configuring Fast Et herChannel and Gigabit EtherChannel
EtherChannel Configuration Examples
Step 4 After the EtherC ha nne l bundle is negotia ted, ent er t he show port channel command to verify the
configuration. If you con figure on ly th e por ts on o ne si de o f the l ink on, t he show port channel
command will show that the ports are channeling, but no traffic will pass over the EtherChannel.
Spanning tree loops can occur, and eventually the switch will disable the incorrectly configured
EtherChannel.
Switch_A> (enable) show port channel
Port Status Channel Channel Neighbor Neighbor
mode status device port
----- ---------- --------- ----------- ------------------------- --------- 2/1 connected on channel WS-C4003 JAB023806LN( 3/1
2/2 connected on channel WS-C4003 JAB023806LN( 3/2
----- ---------- --------- ----------- ------------------------- ---------Switch_A> (enable)
Switch_B> (enable) show port channel
Port Status Channel Channel Neighbor Neighbor
mode status device port
----- ---------- --------- ----------- ------------------------- --------- 3/1 connected on channel WS-C4003 JAB023806JR( 2/1
3/2 connected on channel WS-C4003 JAB023806JR( 2/2
----- ---------- --------- ----------- ------------------------- ---------Switch_B> (enable)
Page 94
6-16
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter6 Configuring Fast EtherChannel and Gigabit EtherChannel
EtherChannel Configurati on Examples
Page 95
P
ART
3
Spanning Tree
Page 96
Page 97
CHAPTER
7-1
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
7
Configuring Spanning Tree
This chapter provides a brief overview of the IEEE 802.1D bri dge Spanni ng Tree Protocol (STP) an d
describes how to use and configure Cisc o’s proprietary Spann ing Tree Protocols, Per V LAN Spa nn ing
Tree + (PVST+), and Multi-Instance Spanning Tree Protocol (MISTP) on the Catalyst enterprise LAN
switches.
Note For information on configuring the span ning tre e PortFast, Upli nkFast, an d Backb one Fast featur es, see
Chapter 8, “Configuri ng Spa nnin g Tree PortFast, U pli nkFast, and B ac kbone Fast, a nd Lo op Gua rd.”
This chapter consists of these sections:
• How Spanning Tree Protocol s Work, page 7-1
• Understanding PVST+ and MISTP Modes, page 7-10
• Bridge Identifiers, page 7-12
• Using PVST+, page 7-12
• Using MISTP-PVST+ or MISTP, page 7-18
• Configuring a Root Switch, page 7-27
• Configuring Spanning Tree Timers, page 7-30
• Configuring Spanning Tree BPDU Skewing, page 7-33
Note For complete syntax and usage information for the commands used in this chapter, refer to the Command
Reference—Catalyst 4000 Family, Catalyst 2948G, and Cataly st 2 980G Swi tches .
How Spanning Tree Protocols Work
This section describes th e specific funct ions that ar e comm on to all span ning tree pro tocols. Ci sco’s
proprietary spanning tree protocols, PVST+ and MISTP, are based on the IEEE 802.1D STP. (See the
“Understanding PVST+ and M ISTP M odes” s ect ion on page 7-10 for information ab out PVST+ and
MISTP .) The 802.1D STP is a Layer 2 management protocol that provides path redundancy in a network
while preventing undesirable loops. All spanning tree protocols use an algorithm that calculates the best
loop-free path thr oug h th e ne twork.
Page 98
7-2
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter7 Configuring Spanning Tree
How Spanning Tree Protocols Work
The Spanning Tree Protocol (S TP) uses a distributed algori thm that selects one bridge of a redundantly
connected network as t h e roo t of a sp an ning tre e c onn ected a ctive topology. STP assigns role s to e ach
port depending on what the port’s function is in the active topology. Port roles are as follows:
• Root—A unique forwarding port elected for the spanni ng tree top ology
• Designated—A forwarding port e lec ted for every switch ed LA N segme nt
• Alternate—A blocked port providing an altern ate path to the roo t port in the spanning t ree
• Backup—A blocked port in a loopback configuration
Switches that have ports with these assigned roles are called root or designated switches. See the next
section, How a Topology Is Created.
In Ethernet net works , onl y on e ac tive path m a y exist b etwee n any two sta tio ns. M ult iple ac tive paths
between stations can cau se loops in the network . When loops occur, some switches recogni ze stati ons
on both sides of the switch. This situation causes the forwarding algorithm to malfunction allowing
duplicate frames to be forwa rded.
Spanning tree algorithms provide path redundancy by defining a tree that spans all of the switches in an
extended network and then forces certain redundant data paths into a standby (blocked) state. At regular
intervals the switches in the network send and receive spanning tree packets which they use to identify
the active path. If one network segment becomes unreachable, or if spanning tree costs change, the
spanning tree algorithm reconfigures the spanning tree topology and reestablishes the link by activating
a standby path.
Spanning tree operation is transparent to end stations, which do not detect whether they are connected
to a single LAN segment or a switched LAN of multiple segments.
How a Topology Is Crea ted
All switches in an extended LAN participating in a spanning tree gather information about other
switches in the n etwork throu gh a n excha nge o f data me ssag es kn own as bri dg e pr otoc ol d ata uni ts
(BPDUs). This exchange of messages results in the following actions:
• A unique root switch is elected for the spanning tr ee network t opology.
• A designated switch is elected for every switched LAN segment.
• Any loops in the switc hed network ar e elimi nated by placing redunda nt switch por ts in a back up
state; all paths that are not needed to reach the root switch from anywhere in the switched network
are placed in STP-blocked mode .
The topology of an active switched network is determined by the following:
• The unique switch identifier (MAC address of the switch) associated with each switch
• The path cost to the root associated with each switch port
• The port identifier (MAC address of the port) associated with each switch port
In a switched net work, the ro ot swi tc h is the logi ca l c enter of the sp an ning t ree topo logy. A spanning
tree protocol uses BPDUs to elect the r oot switch and root port for the switched network, as well as the
root port and d esign at ed por t fo r each sw it ched segme nt.
Page 99
7-3
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter 7 Configuring Spanning T ree
How Spanning Tree Protocols Work
How a Switch or Port Becomes the Root Switch or Root Port
If all switches in a network are enabled with default settings, the switch with the lowest MAC address
becomes the root switch. In the network shown in Figure 7-1, Switch A, with the lowest MAC address,
is the root switch. Howe ver, due to traffic patterns, number of forwarding ports, or line types, Switch A
might not be the ideal root switch. A switch can be forced to become the root switch by increasing the
priority (that is, lowering the priority number) on the preferred switch. This causes the spanning tree to
recalculate the to pology a nd ma ke the se lect ed swi tch the root switc h.
Figure 7-1 Configuring a Loop-Free Topology
You can al so change the prior ity of a por t in order to ma ke it the root port. When the span ning tree
topology is based on default parameters, the path between source and destination stations in a switched
network might not be ideal. The goal is to make the fastest link the root port, connecting higher-speed
links to a port t hat has a h ighe r num ber than t he cur ren t roo t po rt c a n ca use a r oot-p or t ch an ge .
For example, assume that a p ort on Swit ch B is a fiber-optic l ink. Al so, a nothe r port o n Swit ch B (a n
unshielded twisted- pair [UT P] link) i s the root po rt. Networ k traffic might be more efficient over the
high-speed fib er-optic link. By changing the Port Prior ity parameter f or the UTP p ort to a hig her priority
(lower numerical value) than the fiber-optic por t, the UTP por t become s the root port. You could also
accomplish this scenario b y changing th e Port Cost parame ter for the UT P port to a lo wer v alue t han that
of the fiber-optic port.
How Bridge Protocol Data Units Work
BPDUs contain configuration information about the transmitting switch and its ports, including switch
and port MAC addresses, switch priority, port priority, and port cost. Each configuration BPDU contains
this information:
• The unique identifier of the switch that the transmitting switch believes to be the root switch
• The cost of the path to the root from the transmitting port
• The identifier of the transmitting port
The switch sends configuration BPDUs to communicate and compute the spanning tree topology. A
MAC frame conveying a BPDU sends the switch group address to the destination address field. All
switches connected to the LAN on which the frame is transmitted receive the BPDU. BPDUs are not
directly forwarded b y the switch , but the receiving switch u ses th e infor ma tio n in the f ra me to c alcula t e
a BPDU, and if the topology changes, initiates a BPDU transmission.
S5688
DP
DP
RP DP
DP
RP
DP
RP = Root Port
DP = Designated Port
DP
RP
DP
DA
CB
Page 100
7-4
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
78-12647-02
Chapter7 Configuring Spanning Tree
How Spanning Tree Protocols Work
A BPDU exchange results in the following:
• One switch is elected as the root switch.
• The shortest distance to the root switch is calculated for each switch.
• A designated switch is selected: the switch that is closest to the root switch through which frames
will be forwarded to the roo t.
• A port for each switch is selec ted . This is the port that p ro v ides th e be st path from th e switch to the
root switch.
• Ports included in the STP are selected.
Calculating and Assigning Port Costs
By calculating and assigning the port cost of the switch ports, you can ensure that the shortest (lowest
cost) distance to the root switch is used to transmit data. You can calculate and assign lower path cost
values (port costs) to higher ban dwidt h ports by using ei ther the shor t metho d (which is the default ) or
the long method. T he sh ort meth od use s a 16-bi t fo rm at th at yiel ds values f ro m 1 to 65 535. T he lo ng
method uses a 32-bit form at that yie lds values in the range of 1 to 200,000, 000. For more i nformat ion
on setting the default cost mode, see the “Configuring the PVST+ Default Port Co st Mode ” se cti on on
page 8-29.
Note You should configure all switches in your network to use the same method for calculating port cost. The
short method is used to calculate the port cost unless you specify that the long method be used. You can
specify the calculation method using the CLI.
Calculating the Port Cost Using the Short Method
The IEEE 802.1 D spe c ification ass igns 1 6-b it (sho rt) de fault po rt cost values t o eac h p ort that is ba sed
on bandwidth. You can also manually assign port co sts betwee n 1–6553 5. The 16- bit values are only
used for ports tha t have not bee n spe cifically configur ed for p ort cost . Table 8-1 shows the default port
cost values that are assigned by the switch for each type of port when you use the short method to
calculate the port cost.
Table 7-1 Default Port Cost Values Using the Short Method
Port Speed Default Cost Value Default Range
10 Mbps 100 1 to 65535
100 Mbps 19 1 to 65535
1 Gbps 4 1 to 65535
Loading...