Catalyst 2950 And Catalyst 2955 Switch Software .

1y ago
8.19 MB
672 Pages
Last View : 4m ago
Last Download : 6m ago
Upload by : Emanuel Batten

Catalyst 2950 and Catalyst 2955 SwitchSoftware Configuration GuideCisco IOS Release 12.1(22)EA2November 2004Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USA 408 526-4000800 553-NETS (6387)Fax: 408 526-4100Customer Order Number: DOC-7811380 Text Part Number: 78-11380-11

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALLSTATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUTWARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THATSHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSEOR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s publicdomain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California.NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITHALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUTLIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OFDEALING, USAGE, OR TRADE PRACTICE.IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCOOR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.CCSP, the Cisco Square Bridge logo, Cisco Unity, Follow Me Browsing, FormShare, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work,Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco,the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation,Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ NetReadiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing,ProConnect, RateMUX, Registrar, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient,TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationshipbetween Cisco and any other company. (0406R)Catalyst 2950 and Catalyst 2955 Switch Software Configuration GuideCopyright 2001–2004 Cisco Systems, Inc. All rights reserved4

C O N T E N T xviiiRelated PublicationsxxixObtaining Documentation xxxOrdering Documentation xxxDocumentation FeedbackxxxObtaining Technical Assistance xxxCisco Technical Support Website xxxiSubmitting a Service Request xxxiDefinitions of Service Request Severity xxxiObtaining Additional Publications and InformationCHAPTER1Overviewxxxii1-1Features 1-1Ease of Use and Ease of Deployment 1-2Performance 1-3Manageability 1-4Redundancy 1-5VLAN Support 1-6Security 1-6Quality of Service and Class of Service 1-7Monitoring 1-8LRE Features (available only on Catalyst 2950 LRE switches)1-8Management Options 1-9Management Interface Options 1-9Advantages of Using Network Assistant and Clustering SwitchesNetwork Configuration Examples 1-11Design Concepts for Using the Switch 1-11Small to Medium-Sized Network Configuration 1-14Collapsed Backbone and Switch Cluster ConfigurationHotel Network Configuration 1-161-101-15Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11iii

ContentsService-Provider Central-Office Configuration 1-19Large Campus Configuration 1-20Multidwelling Network Using Catalyst 2950 Switches 1-21Long-Distance, High-Bandwidth Transport Configuration 1-23Where to Go NextCHAPTER21-23Using the Command-Line InterfaceCisco IOS Command ModesGetting Help2-12-12-3Abbreviating Commands2-4Using no and default Forms of CommandsUnderstanding CLI Messages2-42-5Using Command History 2-5Changing the Command History Buffer Size 2-5Recalling Commands 2-6Disabling the Command History Feature 2-6Using Editing Features 2-6Enabling and Disabling Editing Features 2-7Editing Commands through Keystrokes 2-7Editing Command Lines that Wrap 2-8Searching and Filtering Output of show and more CommandsAccessing the CLICHAPTER32-92-10Configuring Catalyst 2955 Switch Alarms3-1Understanding Catalyst 2955 Switch AlarmsGlobal Status Monitoring Alarms 3-2FCS Error Hysteresis Threshold 3-2Port Status Monitoring Alarms 3-3Triggering Alarm Options 3-33-1Configuring Catalyst 2955 Switch Alarms 3-4Default Catalyst 2955 Switch Alarm Configuration 3-4Configuring the Power Supply Alarm 3-5Setting the Power Mode 3-5Setting the Power Supply Alarm Options 3-5Configuring the Switch Temperature Alarms 3-6Setting a Secondary Temperature Threshold for the SwitchAssociating the Temperature Alarms to a Relay 3-73-6Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guideiv78-11380-11

ContentsConfiguring the FCS Bit Error Rate Alarm 3-7Setting the FCS Error Threshold 3-8Setting the FCS Error Hysteresis Threshold 3-8Configuring Alarm Profiles 3-9Creating or Modifying an Alarm Profile 3-9Attaching an Alarm Profile to a Specific Port 3-10Enabling SNMP Traps 3-11Displaying Catalyst 2955 Switch Alarms StatusCHAPTER43-11Assigning the Switch IP Address and Default GatewayUnderstanding the Boot Process4-14-1Assigning Switch Information 4-2Default Switch Information 4-3Understanding DHCP-Based Autoconfiguration 4-3DHCP Client Request Process 4-4Configuring DHCP-Based Autoconfiguration 4-5DHCP Server Configuration Guidelines 4-5Configuring the TFTP Server 4-6Configuring the DNS 4-6Configuring the Relay Device 4-7Obtaining Configuration Files 4-7Example Configuration 4-8Manually Assigning IP Information 4-10Checking and Saving the Running Configuration4-11Modifying the Startup Configuration 4-11Default Boot Configuration 4-11Automatically Downloading a Configuration File 4-12Specifying the Filename to Read and Write the System ConfigurationBooting Manually 4-12Booting a Specific Software Image 4-13Controlling Environment Variables 4-144-12Scheduling a Reload of the Software Image 4-16Configuring a Scheduled Reload 4-16Displaying Scheduled Reload Information 4-17Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11v

ContentsCHAPTER5Configuring IE2100 CNS Agents5-1Understanding IE2100 Series Configuration Registrar Software 5-1CNS Configuration Service 5-2CNS Event Service 5-3NameSpace Mapper 5-3What You Should Know About ConfigID, DeviceID, and Host NameConfigID 5-3DeviceID 5-4Host Name and DeviceID 5-4Using Host Name, DeviceID, and ConfigID 5-45-3Understanding CNS Embedded Agents 5-5Initial Configuration 5-5Incremental (Partial) Configuration 5-6Synchronized Configuration 5-6Configuring CNS Embedded Agents 5-6Enabling Automated CNS Configuration 5-6Enabling the CNS Event Agent 5-8Enabling the CNS Configuration Agent 5-9Enabling an Initial Configuration 5-9Enabling a Partial Configuration 5-12Displaying CNS ConfigurationCHAPTER6Clustering Switches5-136-1Understanding Switch Clusters 6-1Clustering Overview 6-1Cluster Command Switch Characteristics 6-2Standby Command Switch Characteristics 6-2Candidate Switch and Member Switch CharacteristicsUsing the CLI to Manage Switch Clusters 6-4Catalyst 1900 and Catalyst 2820 CLI ConsiderationsUsing SNMP to Manage Switch ClustersCHAPTER7Administering the Switch6-36-46-47-1Managing the System Time and Date 7-1Understanding the System Clock 7-1Understanding Network Time Protocol 7-2Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guidevi78-11380-11

ContentsConfiguring NTP 7-3Default NTP Configuration 7-4Configuring NTP Authentication 7-4Configuring NTP Associations 7-5Configuring NTP Broadcast Service 7-6Configuring NTP Access Restrictions 7-8Configuring the Source IP Address for NTP Packets 7-10Displaying the NTP Configuration 7-10Configuring Time and Date Manually 7-11Setting the System Clock 7-11Displaying the Time and Date Configuration 7-12Configuring the Time Zone 7-12Configuring Summer Time (Daylight Saving Time) 7-13Configuring a System Name and Prompt 7-15Default System Name and Prompt ConfigurationConfiguring a System Name 7-15Configuring a System Prompt 7-16Understanding DNS 7-16Default DNS Configuration 7-17Setting Up DNS 7-17Displaying the DNS Configuration 7-18Creating a Banner 7-18Default Banner Configuration 7-18Configuring a Message-of-the-Day Login BannerConfiguring a Login Banner 7-207-157-19Managing the MAC Address Table 7-20Building the Address Table 7-21MAC Addresses and VLANs 7-21Default MAC Address Table Configuration 7-22Changing the Address Aging Time 7-22Removing Dynamic Address Entries 7-23Configuring MAC Address Notification Traps 7-23Adding and Removing Static Address Entries 7-25Configuring Unicast MAC Address Filtering 7-26Displaying Address Table Entries 7-27Managing the ARP Table7-27Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11vii

ContentsCHAPTER8Configuring Switch-Based Authentication8-1Preventing Unauthorized Access to Your Switch8-1Protecting Access to Privileged EXEC Commands 8-2Default Password and Privilege Level Configuration 8-2Setting or Changing a Static Enable Password 8-3Protecting Enable and Enable Secret Passwords with EncryptionDisabling Password Recovery 8-5Setting a Telnet Password for a Terminal Line 8-6Configuring Username and Password Pairs 8-7Configuring Multiple Privilege Levels 8-8Setting the Privilege Level for a Command 8-8Changing the Default Privilege Level for Lines 8-9Logging into and Exiting a Privilege Level 8-108-4Controlling Switch Access with TACACS 8-10Understanding TACACS 8-10TACACS Operation 8-12Configuring TACACS 8-12Default TACACS Configuration 8-13Identifying the TACACS Server Host and Setting the Authentication Key 8-13Configuring TACACS Login Authentication 8-14Configuring TACACS Authorization for Privileged EXEC Access and Network ServicesStarting TACACS Accounting 8-17Displaying the TACACS Configuration 8-178-16Controlling Switch Access with RADIUS 8-17Understanding RADIUS 8-18RADIUS Operation 8-19Configuring RADIUS 8-20Default RADIUS Configuration 8-20Identifying the RADIUS Server Host 8-20Configuring RADIUS Login Authentication 8-23Defining AAA Server Groups 8-25Configuring RADIUS Authorization for User Privileged Access and Network Services 8-27Starting RADIUS Accounting 8-28Configuring Settings for All RADIUS Servers 8-29Configuring the Switch to Use Vendor-Specific RADIUS Attributes 8-29Configuring the Switch for Vendor-Proprietary RADIUS Server Communication 8-30Displaying the RADIUS Configuration 8-31Configuring the Switch for Local Authentication and AuthorizationConfiguring the Switch for Secure Shell8-328-33Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guideviii78-11380-11

ContentsUnderstanding SSH 8-33SSH Servers, Integrated Clients, and Supported VersionsLimitations 8-34Configuring SSH 8-34Configuration Guidelines 8-34Cryptographic Software Image Guidelines 8-35Setting Up the Switch to Run SSH 8-35Configuring the SSH Server 8-36Displaying the SSH Configuration and Status 8-37CHAPTER9Configuring 802.1x Port-Based Authentication8-339-1Understanding 802.1x Port-Based Authentication 9-1Device Roles 9-2Authentication Initiation and Message Exchange 9-3Ports in Authorized and Unauthorized States 9-4802.1x Accounting 9-5802.1x Host Mode 9-5Using 802.1x with Port Security 9-6Using 802.1x with Voice VLAN Ports 9-7Using 802.1x with VLAN Assignment 9-7Using 802.1x with Guest VLAN 9-8Configuring 802.1x Authentication 9-9Default 802.1x Configuration 9-9802.1x Configuration Guidelines 9-10Upgrading from a Previous Software Release 9-11Enabling 802.1x Authentication 9-11Configuring the Switch-to-RADIUS-Server Communication 9-13Enabling Periodic Re-Authentication 9-14Manually Re-Authenticating a Client Connected to a Port 9-14Changing the Quiet Period 9-15Changing the Switch-to-Client Retransmission Time 9-15Setting the Switch-to-Client Frame-Retransmission Number 9-16Configuring the Host Mode 9-17Configuring a Guest VLAN 9-17Resetting the 802.1x Configuration to the Default Values 9-19Configuring 802.1x Authentication 9-19Configuring 802.1x Accounting 9-21Displaying 802.1x Statistics and Status9-22Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11ix

ContentsCHAPTER10Configuring Interface Characteristics10-1Understanding Interface Types 10-1Access Ports 10-2Trunk Ports 10-2Port-Based VLANs 10-3EtherChannel Port Groups 10-3Connecting Interfaces 10-4Using the Interface Command 10-4Procedures for Configuring Interfaces 10-5Configuring a Range of Interfaces 10-5Configuring and Using Interface-Range Macros10-7Configuring Ethernet Interfaces 10-9Default Ethernet Interface Configuration 10-9Configuring Interface Speed and Duplex Mode 10-10Configuration Guidelines 10-11Setting the Interface Speed and Duplex Parameters on a Non-LRE Switch Port 10-12Setting the Interface Speed and Duplex Parameters on an LRE Switch Port 10-13Configuring Media Types for Gigabit Ethernet Interfaces on LRE Switches 10-13Configuring IEEE 802.3z Flow Control on Gigabit Ethernet Ports 10-13Adding a Description for an Interface 10-15Monitoring and Maintaining the Interfaces 10-15Monitoring Interface and Controller Status 10-16Clearing and Resetting Interfaces and Counters 10-17Shutting Down and Restarting the Interface 10-17CHAPTER11Configuring Smartports Macros11-1Understanding Smartports Macros11-1Configuring Smartports Macros 11-2Default Smartports Macro Configuration 11-2Smartports Macro Configuration Guidelines 11-3Creating Smartports Macros 11-4Applying Smartports Macros 11-5Applying Cisco-Default Smartports Macros 11-6Displaying Smartports Macros11-8Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guidex78-11380-11

ContentsCHAPTER12Configuring LRE12-1Understanding LRE Features 12-1Ports on the Catalyst 2950 LRE SwitchesLRE Links and LRE Profiles 12-2LRE Profiles 12-2LRE Sequences 12-5CPE Ethernet Links 12-6LRE Link Monitor 12-7LRE Message Logging Process 12-812-1Configuring LRE Ports 12-8Default LRE Configuration 12-9Environmental Guidelines for LRE Links 12-9Guidelines for Using LRE Profiles 12-10CPE Ethernet Link Guidelines 12-11Guidelines for Configuring Cisco 575 LRE CPEs and 576 LRE 997 CPEsGuidelines for Configuring Cisco 585 LRE CPEs 12-12Assigning a Global Profile to All LRE Ports 12-12Assigning a Profile to a Specific LRE Port 12-13Assigning a Global Sequence to All LRE Ports 12-13Assigning a Sequence to a Specific LRE Port 12-14Using Rate Selection to Automatically Assign Profiles 12-14Precedence 12-15Profile Locking 12-15Link Qualification and SNR Margins 12-16Configuring LRE Link Persistence 12-19Configuring LRE Link Monitor 12-20Configuring LRE Interleave 12-20Configuring Upstream Power Back-Off 12-21Configuring CPE Toggle 12-22Configuring Syslog Export 12-2212-11Upgrading LRE Switch Firmware 12-23Configuring for an LRE Upgrade 12-24Performing an LRE Upgrade 12-24Global Configuration of LRE Upgrades 12-25Controller Configuration of LRE Upgrades 12-25LRE Upgrade Details 12-26LRE Upgrade Example 12-27Displaying LRE Status12-27Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11xi

ContentsCHAPTER13Configuring STP13-1Understanding Spanning-Tree Features 13-1STP Overview 13-2Spanning-Tree Topology and BPDUs 13-2Bridge ID, Switch Priority, and Extended System ID 13-3Spanning-Tree Interface States 13-4Blocking State 13-6Listening State 13-6Learning State 13-6Forwarding State 13-6Disabled State 13-7How a Switch or Port Becomes the Root Switch or Root Port 13-7Spanning Tree and Redundant Connectivity 13-8Spanning-Tree Address Management 13-8Accelerated Aging to Retain Connectivity 13-8Spanning-Tree Modes and Protocols 13-9Supported Spanning-Tree Instances 13-9Spanning-Tree Interoperability and Backward Compatibility 13-10STP and IEEE 802.1Q Trunks 13-10Configuring Spanning-Tree Features 13-10Default Spanning-Tree Configuration 13-11Spanning-Tree Configuration Guidelines 13-11Changing the Spanning-Tree Mode 13-12Disabling Spanning Tree 13-13Configuring the Root Switch 13-14Configuring a Secondary Root Switch 13-16Configuring the Port Priority 13-17Configuring the Path Cost 13-19Configuring the Switch Priority of a VLAN 13-20Configuring Spanning-Tree Timers 13-21Configuring the Hello Time 13-21Configuring the Forwarding-Delay Time for a VLAN 13-22Configuring the Maximum-Aging Time for a VLAN 13-22Configuring Spanning Tree for Use in a Cascaded Stack 13-23Displaying the Spanning-Tree Status13-24Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guidexii78-11380-11

ContentsCHAPTER14Configuring MSTP14-1Understanding MSTP 14-2Multiple Spanning-Tree Regions 14-2IST, CIST, and CST 14-2Operations Within an MST Region 14-3Operations Between MST Regions 14-3Hop Count 14-4Boundary Ports 14-5Interoperability with 802.1D STP 14-5Understanding RSTP 14-6Port Roles and the Active Topology 14-6Rapid Convergence 14-7Synchronization of Port Roles 14-8Bridge Protocol Data Unit Format and Processing 14-9Processing Superior BPDU Information 14-10Processing Inferior BPDU Information 14-10Topology Changes 14-10Configuring MSTP Features 14-11Default MSTP Configuration 14-12MSTP Configuration Guidelines 14-12Specifying the MST Region Configuration and Enabling MSTPConfiguring the Root Switch 14-14Configuring a Secondary Root Switch 14-16Configuring the Port Priority 14-17Configuring the Path Cost 14-18Configuring the Switch Priority 14-19Configuring the Hello Time 14-19Configuring the Forwarding-Delay Time 14-20Configuring the Maximum-Aging Time 14-21Configuring the Maximum-Hop Count 14-21Specifying the Link Type to Ensure Rapid Transitions 14-22Restarting the Protocol Migration Process 14-22Displaying the MST Configuration and StatusCHAPTER15Configuring Optional Spanning-Tree FeaturesUnderstanding Optional Spanning-Tree FeaturesUnderstanding Port Fast 15-2Understanding BPDU Guard 15-2Understanding BPDU Filtering 15-314-1314-2315-115-1Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11xiii

ContentsUnderstanding UplinkFast 15-3Understanding Cross-Stack UplinkFast 15-5How CSUF Works 15-6Events that Cause Fast Convergence 15-7Limitations 15-8Connecting the Stack Ports 15-8Understanding BackboneFast 15-9Understanding EtherChannel Guard 15-11Understanding Root Guard 15-12Understanding Loop Guard 15-13Configuring Optional Spanning-Tree Features 15-13Default Optional Spanning-Tree Configuration 15-14Optional Spanning-Tree Configuration Guidelines 15-14Enabling Port Fast 15-14Enabling BPDU Guard 15-15Enabling BPDU Filtering 15-16Enabling UplinkFast for Use with Redundant Links 15-17Enabling Cross-Stack UplinkFast 15-18Enabling BackboneFast 15-19Enabling EtherChannel Guard 15-19Enabling Root Guard 15-20Enabling Loop Guard 15-20Displaying the Spanning-Tree StatusCHAPTER16Configuring VLANs15-2116-1Understanding VLANs 16-1Supported VLANs 16-2VLAN Port Membership Modes16-3Configuring Normal-Range VLANs 16-4Token Ring VLANs 16-5Normal-Range VLAN Configuration Guidelines 16-5VLAN Configuration Mode Options 16-6VLAN Configuration in config-vlan Mode 16-6VLAN Configuration in VLAN Configuration ModeSaving VLAN Configuration 16-7Default Ethernet VLAN Configuration 16-7Creating or Modifying an Ethernet VLAN 16-8Deleting a VLAN 16-10Assigning Static-Access Ports to a VLAN 16-1116-6Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guidexiv78-11380-11

ContentsConfiguring Extended-Range VLANs 16-11Default VLAN Configuration 16-12Extended-Range VLAN Configuration GuidelinesCreating an Extended-Range VLAN 16-13Displaying VLANs16-1216-14Configuring VLAN Trunks 16-14Trunking Overview 16-14802.1Q Configuration Considerations 16-16Default Layer 2 Ethernet Interface VLAN Configuration 16-16Configuring an Ethernet Interface as a Trunk Port 16-17Interaction with Other Features 16-17Configuring a Trunk Port 16-18Defining the Allowed VLANs on a Trunk 16-18Changing the Pruning-Eligible List 16-20Configuring the Native VLAN for Untagged Traffic 16-20Load Sharing Using STP 16-21Load Sharing Using STP Port Priorities 16-21Load Sharing Using STP Path Cost 16-23Configuring VMPS 16-24Understanding VMPS 16-25Dynamic Port VLAN Membership 16-25VMPS Database Configuration File 16-26Default VMPS Client Configuration 16-26VMPS Configuration Guidelines 16-26Configuring the VMPS Client 16-27Entering the IP Address of the VMPS 16-27Configuring Dynamic Access Ports on VMPS Clients 16-28Reconfirming VLAN Memberships 16-28Changing the Reconfirmation Interval 16-29Changing the Retry Count 16-29Monitoring the VMPS 16-30Troubleshooting Dynamic Port VLAN Membership 16-30VMPS Configuration Example 16-31CHAPTER17Configuring VTP17-1Understanding VTP 17-1The VTP Domain 17-2VTP Modes 17-3VTP Advertisements 17-3Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11xv

ContentsVTP Version 2 17-4VTP Pruning 17-4Configuring VTP 17-6Default VTP Configuration 17-6VTP Configuration Options 17-7VTP Configuration in Global Configuration Mode 17-7VTP Configuration in VLAN Configuration Mode 17-7VTP Configuration Guidelines 17-8Domain Names 17-8Passwords 17-8Upgrading from Previous Software Releases 17-8VTP Version 17-9Configuration Requirements 17-9Configuring a VTP Server 17-9Configuring a VTP Client 17-11Disabling VTP (VTP Transparent Mode) 17-12Enabling VTP Version 2 17-13Enabling VTP Pruning 17-14Adding a VTP Client Switch to a VTP Domain 17-14Monitoring VTPCHAPTER1817-15Configuring Voice VLAN18-1Understanding Voice VLAN18-1Configuring Voice VLAN 18-2Default Voice VLAN Configuration 18-2Voice VLAN Configuration Guidelines 18-3Configuring a Port to Connect to a Cisco 7960 IP Phone 18-3Configuring Ports to Carry Voice Traffic in 802.1Q Frames 18-4Configuring Ports to Carry Voice Traffic in 802.1p Priority-Tagged Frames 18-4Overriding the CoS Priority of Incoming Data Frames 18-5Configuring the IP Phone to Trust the CoS Priority of Incoming Data Frames 18-5Displaying Voice VLANCHAPTER19Configuring DHCP Features18-619-1Understanding DHCP Features 19-1DHCP Server 19-2DHCP Relay Agent 19-2DHCP Snooping 19-2Option-82 Data Insertion 19-3Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guidexvi78-11380-11

ContentsConfiguring DHCP Features 19-5Default DHCP Configuration 19-5DHCP Snooping Configuration Guidelines 19-6Configuring the DHCP Server 19-6Enabling DHCP Snooping and Option 82 19-6Displaying DHCP InformationCHAPTER2019-8Configuring IGMP Snooping and MVR20-1Understanding IGMP Snooping 20-2IGMP Versions 20-2Joining a Multicast Group 20-3Leaving a Multicast Group 20-5Immediate-Leave Processing 20-5IGMP Report Suppression 20-5Source-Only Networks 20-6Configuring IGMP Snooping 20-6Default IGMP Snooping Configuration 20-7Enabling or Disabling IGMP Snooping 20-7Setting the Snooping Method 20-8Configuring a Multicast Router Port 20-9Configuring a Host Statically to Join a Group 20-10Enabling IGMP Immediate-Leave Processing 20-10Disabling IGMP Report Suppression 20-11Disabling IP Multicast-Source-Only Learning 20-11Configuring the Aging Time 20-12Displaying IGMP Snooping Information20-13Understanding Multicast VLAN Registration 20-14Using MVR in a Multicast Television ApplicationConfiguring MVR 20-17Default MVR Configuration 20-17MVR Configuration Guidelines and LimitationsConfiguring MVR Global Parameters 20-18Configuring MVR Interfaces 20-19Displaying MVR Information20-1520-1720-21Configuring IGMP Filtering and Throttling 20-21Default IGMP Filtering and Throttling ConfigurationConfiguring IGMP Profiles 20-2220-22Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11xvii

ContentsApplying IGMP Profiles 20-24Setting the Maximum Number of IGMP GroupsConfiguring the IGMP Throttling Action 20-2520-25Displaying IGMP Filtering and Throttling ConfigurationCHAPTER21Configuring Port-Based Traffic Control21-1Configuring Storm Control 21-1Understanding Storm Control 21-1Default Storm Control Configuration 21-2Configuring Storm Control and Threshold LevelsConfiguring Protected Ports20-2721-221-4Configuring Port Blocking 21-5Blocking Flooded Traffic on an Interface 21-5Resuming Normal Forwarding on a Port 21-6Configuring Port Security 21-6Understanding Port Security 21-6Secure MAC Addresses 21-6Security Violations 21-7Default Port Security Configuration 21-8Port Security Configuration Guidelines 21-8Enabling and Configuring Port Security 21-9Enabling and Configuring Port Security Aging 21-11Displaying Port-Based Traffic Control SettingsCHAPTER22Configuring UDLD21-1322-1Understanding UDLD 22-1Modes of Operation 22-1Methods to Detect Unidirectional Links22-2Configuring UDLD 22-4Default UDLD Configuration 22-4Configuration Guidelines 22-4Enabling UDLD Globally 22-5Enabling UDLD on an Interface 22-5Resetting an Interface Shut Down by UDLDDisplaying UDLD Status22-622-7Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guidexviii78-11380-11

ContentsCHAPTER23Configuring CDP23-1Understanding CDP23-1Configuring CDP 23-2Default CDP Configuration 23-2Configuring the CDP Characteristics 23-2Disabling and Enabling CDP 23-3Disabling and Enabling CDP on an InterfaceMonitoring and Maintaining CDPCHAPTER24Configuring SPAN and RSPAN23-423-524-1Understanding SPAN and RSPAN 24-1SPAN and RSPAN Concepts and Terminology 24-3SPAN Session 24-3Traffic Types 24-3Source Port 24-4Destination Port 24-4Reflector Port 24-4SPAN Traffic 24-5SPAN and RSPAN Interaction with Other Features 24-5SPAN and RSPAN Session Limits 24-6Default SPAN and RSPAN Configuration 24-7Configuring SPAN 24-7SPAN Configuration Guidelines 24-7Creating a SPAN Session and Specifying Ports to Monitor 24-8Creating a SPAN Session and Enabling Ingress Traffic 24-9Removing Ports from a SPAN Session 24-11Configuring RSPAN 24-12RSPAN Configuration Guidelines 24-12Configuring a VLAN as an RSPAN VLAN 24-13Creating an RSPAN Source Session 24-14Creating an RSPAN Destination Session 24-15Removing Ports from an RSPAN Session 24-16Displaying SPAN and RSPAN Status24-17Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11xix

ContentsCHAPTER25Configuring RMON25-1Understanding RMON25-1Configuring RMON 25-2Default RMON Configuration 25-3Configuring RMON Alarms and Events 25-3Configuring RMON Collection on an InterfaceDisplaying RMON StatusCHAPTER2625-525-6Configuring System Message Logging26-1Understanding System Message Logging26-1Configuring System Message Logging 26-2System Log Message Format 26-2Default System Message Logging Configuration 26-3Disabling and Enabling Message Logging 26-4Setting the Message Display Destination Device 26-4Synchronizing Log Messages 26-6Enabling and Disabling Timestamps on Log Messages 26-7Enabling and Disabling Sequence Numbers in Log Messages 26-8Defining the Message Severity Level 26-8Limiting Syslog Messages Sent to the History Table and to SNMP 26-10Configuring UNIX Syslog Servers 26-10Logging Messages to a UNIX Syslog Daemon 26-11Configuring the UNIX System Logging Facility 26-11Displaying the Logging ConfigurationCHAPTER27Configuring SNMP26-1227-1Understanding SNMP 27-1SNMP Versions 27-2SNMP Manager Functions 27-3SNMP Agent Functions 27-4SNMP Community Strings 27-4Using SNMP to Access MIB VariablesSNMP Notifications 27-527-4Configuring SNMP 27-5Default SNMP Configuration 27-6SNMP Configuration Guidelines 27-6Disabling the SNMP Agent 27-7Configuring Community Strings 27-7Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guidexx78-11380-11

ContentsConfiguring SNMP Groups and Users 27-9Configuring SNMP Notifications 27-11Setting the Agent Contact and Location InformationLimiting TFTP Servers Used Through SNMP 27-14SNMP Examples 27-15Displaying SNMP StatusCHAPTER2827-1427-16Configuring Network Security with ACLs28-1Understanding ACLs 28-2Handling Fragmented and Unfragmented Traffic 28-3Understanding Access Control Parameters 28-4Guidelines for Applying ACLs to Physical Interfaces 28-5Configuring ACLs 28-6Unsupported Features 28-7Creating Standard and Extended IP ACLs 28-7ACL Numbers 28-8Creating a Numbered Standard ACL 28-9Creating a Numbered Extended ACL 28-10Creating Named Standard and Extended ACLs 28-13Applying Time Ranges to ACLs 28-15Including Comments About Entries in ACLs 28-17Creating Named MAC Extended ACLs 28-18Creating MAC Access Groups 28-19Applying ACLs to Terminal Lines or Physical InterfacesApplying ACLs to a Terminal Line 28-20Applying ACLs to a Physical Interface 28-2028-19Displaying ACL Information 28-21Displaying ACLs 28-21Displaying Access Groups 28-22Examples for Compiling ACLs 28-23Numbered ACL Examples 28-25Extended ACL Examples 28-25Named ACL Example 28-25Commented IP ACL Entry Examples28-25Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide78-11380-11xxi

ContentsCHAPTER29Configuring QoS29-1Understanding QoS 29-2Basic QoS Model 29-4Classifi

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide Cisco IOS Release 12.1(22)EA2 November 2004 Customer Order Number: DOC-7811380 Text Part Number: 78-11380-11. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL

Related Documents:

Cisco Catalyst 2950 &' * &' * Fast Ethernet Gigabit Ethernet Catalyst 2950 &' * &' * (Quality of Service QoS) (Multicast) LAN Catalyst 2950 Catalyst 3550 &' * IP &' * Catalyst 2950 Cisco Cluster Management Suite (CMS) Web & Catalyst &' * Cisco CMS &' * &' Cisco Catalyst 2950 &' &' Catalyst 2950G-48 -48 10/100 2 Gigabit (Gigabit Interface Converter, GBIC) Gigabit

Catalyst 2950 and Catalyst 2955 Switch Command Reference Cisco IOS Release 12.1(12c)EA1 . Number: DOC-7815304 Text Part Number: 78-15304-01. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL . Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork .

Catalyst 2950 and Catalyst 2955 Switch System Message Guide 78-14233-08 Preface Obtaining Documentation 1000BASE-T Gigabit Interface Converter Installation Notes (not orderable but is available on Installation Notes for the Catalyst Family Small-Form-Factor Pluggable Modules (order number DOC-7815160 ) Obtaining Documentation

Contents viii Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide 78-11380-12 Protecting Enable and Enable Secret Passwords with Encryption 8-4 Disabling Password Recovery 8-5 Setting a Telnet Password for a Terminal Line 8-6 Configuring Username and Password Pairs 8-7 Configuring Multiple Privilege Levels 8-8 Setting the Privilege Level for a Command 8-8

Command Reference Cisco IOS Release 12.1(22)EA11 January 2008 and Later Text Part Number: OL-10102-02 . show port-security 2-389 show rps 2-391 show running-config vlan 2-393 . Catalyst 2950 and Catalyst 2955 Switch Command Reference . .

Contents iv Catalyst 2950 and Catalyst 2955 Switch Command Reference 78-15304-01 access-list (IP standard) 2-6 auto qos voip 2-8 boot private-config-file 2-11 channel-group 2-12 channel-protocol 2-15 class 2-17 class-map 2-19 clear interface 2-21 clear lacp 2-22 clear mac address-table 2-23 clear pagp 2-25 clear port-security dynamic 2-2

Getting Started Guide Catalyst 2950 Switch Getting Started Guide INCLUDING LICENSE AND WARRANTY . refer to the Catalyst 2950 documentation on For system requirements, important notes, limitations, open and resolved bugs, and last-minute do

Asset management is therefore about aligning the way we manage our assets with our corporate objectives. In the case of Network Rail our principle aim is the delivery of our outputs in a safe and sustainable way, balancing life cycle costing with initial affordability. Our decision making always considers whole system and lifecycle costs and is subject to continual refinement from our .