Page 1 Cisco ME 3800X and 3600X Switch Software Configuration Guide Cisco IOS Release 12.2(52)EY October 2010 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-23400-01...
Page 2 OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks.
Page 3: Table Of Contents
C H A P T E R Understanding Command Modes Understanding the Help System Understanding Abbreviated Commands Understanding no and default Forms of Commands Understanding CLI Error Messages Using Command History Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 4 Checking and Saving the Running Configuration 3-16 Modifying the Startup Configuration 3-17 Default Boot Configuration 3-18 Automatically Downloading a Configuration File 3-18 Specifying the Filename to Read and Write the System Configuration 3-18 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 5 Administering the Switch C H A P T E R Managing the System Time and Date Understanding the System Clock Understanding Network Time Protocol Configuring NTP Default NTP Configuration Configuring NTP Authentication Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 6 Disabling MAC Address Learning on a VLAN 5-28 Displaying Address Table Entries 5-29 Managing the ARP Table 5-30 Configuring Synchronous Ethernet C H A P T E R Understanding SyncE Reference Clocks Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 7 8-14 Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 8-16 Starting TACACS+ Accounting 8-16 Displaying the TACACS+ Configuration 8-17 Controlling Switch Access with RADIUS 8-17 Understanding RADIUS 8-17 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 8 Configuring the Switch for Secure Copy Protocol 8-39 Information About Secure Copy 8-40 Configuring Interfaces C H A P T E R Understanding Interface Types NNI Port Type Port-Based VLANs Switch Ports Access Ports Cisco ME 3800X and 3600X Switch Software Configuration Guide viii OL-23400-01...
Page 9 C H A P T E R Understanding VLANs 10-1 Supported VLANs 10-3 Normal-Range VLANs 10-3 Extended-Range VLANs 10-4 VLAN Port Membership Modes 10-4 UNI VLANs 10-4 Creating and Modifying VLANs 10-5 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 10 Configuring a Service Instance 11-10 Encapsulation Using a VLAN Range 11-10 Two Service Instances Joining the Same Bridge Domain 11-10 Bridge Domains and VLAN Encapsulation 11-11 Rewrite 11-11 Split Horizon 11-11 Hairpinning 11-12 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 11 Spanning-Tree Interface States 13-4 Blocking State 13-5 Listening State 13-6 Learning State 13-6 Forwarding State 13-6 Disabled State 13-6 How a Switch or Port Becomes the Root Switch or Root Port 13-7 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 12 Port Role Naming Change 14-6 Interoperation Between Legacy and Standard Switches 14-7 Detecting Unidirectional Link Failure 14-7 Interoperability with IEEE 802.1D STP 14-8 Understanding RSTP 14-8 Port Roles and the Active Topology 14-9 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 13 Configuring Optional Spanning-Tree Features 15-5 Default Optional Spanning-Tree Configuration 15-5 Optional Spanning-Tree Configuration Guidelines 15-5 Enabling Port Fast 15-5 Enabling BPDU Guard 15-6 Enabling BPDU Filtering 15-7 Enabling EtherChannel Guard 15-8 Cisco ME 3800X and 3600X Switch Software Configuration Guide xiii OL-23400-01...
Page 14 Configuring Flex Links 17-8 Configuring VLAN Load Balancing on Flex Links 17-10 Configuring the MAC Address-Table Move Update Feature 17-11 Monitoring Flex Links and the MAC Address-Table Move Update 17-13 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 15 Default Storm Control Configuration 19-3 Configuring Storm Control and Threshold Levels 19-3 Configuring Port Blocking 19-5 Default Port Blocking Configuration 19-5 Blocking Flooded Traffic on an Interface 19-5 Configuring EVC MAC Security 19-6 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 16 C H A P T E R Understanding UDLD 22-1 Modes of Operation 22-1 Methods to Detect Unidirectional Links 22-2 Configuring UDLD 22-3 Default UDLD Configuration 22-4 Configuration Guidelines 22-4 Enabling UDLD Globally 22-5 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 17 C H A P T E R Understanding SNMP 25-1 SNMP Versions 25-2 SNMP Manager Functions 25-3 SNMP Agent Functions 25-4 SNMP Community Strings 25-4 Using SNMP to Access MIB Variables 25-4 Cisco ME 3800X and 3600X Switch Software Configuration Guide xvii OL-23400-01...
Page 18 26-18 Applying an IPv4 ACL to a Terminal Line 26-18 Applying an IPv4 ACL to an Interface 26-19 Hardware and Software Treatment of IP ACLs 26-20 Troubleshooting ACLs 26-21 Cisco ME 3800X and 3600X Switch Software Configuration Guide xviii OL-23400-01...
Page 19 Classification Based on IP DSCP 27-7 CoS Mapping 27-8 Ingress Classification Based on QoS ACLs 27-9 Classification Based on QoS Groups 27-10 Classification Based on Discard Class 27-11 Classification Based on VLAN IDs 27-11 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 20 MPLS DiffServ Tunneling Modes 27-55 Attaching a Service Policy to an Interface or EFP 27-56 Displaying QoS Information 27-57 Configuring EtherChannels 28-1 C H A P T E R Understanding EtherChannels 28-1 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 21 Classless Routing 29-5 Configuring Address Resolution Methods 29-7 Define a Static ARP Cache 29-7 Set ARP Encapsulation 29-9 Enable Proxy ARP 29-9 Routing Assistance When IP Routing is Disabled 29-10 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 22 Configuring Basic EIGRP Parameters 29-36 Configuring EIGRP Interfaces 29-37 Configuring EIGRP Route Authentication 29-38 Configuring EIGRP Stub Routing 29-39 Monitoring and Maintaining EIGRP 29-40 Configuring BGP 29-41 Default BGP Configuration 29-43 Cisco ME 3800X and 3600X Switch Software Configuration Guide xxii OL-23400-01...
Page 23 Disabling BFD Echo Mode 29-79 Configuring Multi-VRF CE 29-80 Understanding Multi-VRF CE 29-80 Default Multi-VRF CE Configuration 29-82 Multi-VRF CE Configuration Guidelines 29-82 Configuring VRFs 29-83 Configuring VRF-Aware Services 29-84 Cisco ME 3800X and 3600X Switch Software Configuration Guide xxiii OL-23400-01...
Page 24 30-5 Enabling HSRP 30-6 Configuring HSRP Priority 30-7 Configuring MHSRP 30-9 Configuring HSRP Authentication and Timers 30-10 Enabling HSRP Support for ICMP Redirect Messages 30-11 Displaying HSRP Configurations 30-11 Cisco ME 3800X and 3600X Switch Software Configuration Guide xxiv OL-23400-01...
Page 25 Configuring Cisco IOS IP SLAs Operations 31-1 C H A P T E R Understanding Cisco IOS IP SLAs 31-1 Using Cisco IOS IP SLAs to Measure Network Performance 31-2 IP SLAs Responder and IP SLAs Control Protocol 31-3 Response Time Computation for IP SLAs...
Page 26 Multicast Forwarding and Reverse Path Check 33-7 Configuring IP Multicast Routing 33-8 Default Multicast Routing Configuration 33-8 Multicast Routing Configuration Guidelines 33-9 PIMv1 and PIMv2 Interoperability 33-9 Auto-RP and BSR Configuration Guidelines 33-10 Cisco ME 3800X and 3600X Switch Software Configuration Guide xxvi OL-23400-01...
Page 27 Changing the IGMP Query Timeout for IGMPv2 33-39 Changing the Maximum Query Response Time for IGMPv2 33-40 Configuring the Switch as a Statically Connected Member 33-41 Configuring Optional Multicast Routing Features 33-41 Cisco ME 3800X and 3600X Switch Software Configuration Guide xxvii OL-23400-01...
Page 28 34-19 Configuring MPLS Traffic Engineering and Fast Reroute 34-20 Default MPLS TE and Fast Reroute Configuration 34-20 MPLS TE and Fast Reroute Configuration Guidelines 34-20 Configuring MPLS TE 34-20 Cisco ME 3800X and 3600X Switch Software Configuration Guide xxviii OL-23400-01...
Page 29 MPLS OAM Configuration Guidelines 34-46 Using LSP Ping for LDP IPv4 FEC 34-46 Using LSP Traceroute for LDP IPv4 FEC 34-48 Using LSP Ping for Pseudowire (AToM VCCV) 34-49 Cisco ME 3800X and 3600X Switch Software Configuration Guide xxix OL-23400-01...
Page 30 Enabling All-System Diagnostics 35-13 Redirecting Debug and Error Message Output 35-14 Using the crashinfo File 35-14 Using On-Board Failure Logging 35-15 Understanding OBFL 35-15 Configuring OBFL 35-15 Displaying OBFL Information 35-16 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 31 A P P E N D I X MIB List Using FTP to Access the MIB Files Working with the Cisco IOS File System, Configuration Files, and Software Images A P P E N D I X Working with the Flash File System...
Page 32 Working with Software Images B-23 Image Location on the Switch B-23 tar File Format of Images on a Server or Cisco.com B-24 Copying Image Files By Using TFTP B-24 Preparing to Download or Upload an Image File By Using TFTP...
Page 33 Global Configuration Mode Interface Configuration Mode VLAN Commands Global Configuration Mode Global Configuration Mode VLAN Configuration Mode Other Unsupported Commands Privileged EXEC and User EXEC Mode Clear Commands Debug Commands Cisco ME 3800X and 3600X Switch Software Configuration Guide xxxiii OL-23400-01...
Page 34 Contents Show Commands C-10 Global Configuration Mode C-10 Interface Configuration Mode C-10 N D E X Cisco ME 3800X and 3600X Switch Software Configuration Guide xxxiv OL-23400-01...
Page 35 This guide does not describe system messages you might encounter or how to install your switch. For more information, see the Cisco ME 3800X and ME 3600X Switch System Message Guide for this release and the Cisco ME 3800X and ME 3600X Switch Hardware Installation Guide.
Page 36: Related Publications
Cisco ME 3800X and ME 3600X Switch Getting Started Guide • Installation Note for the Cisco ME 3800X and ME 3600X Switch Power Supply and Fan Modules • Regulatory Compliance and Safety Information for the Cisco ME 3800X and ME 3600X Switches...
Page 37: Obtaining Documentation And Submitting A Service Request
Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html...
Page 38 Preface Cisco ME 3800X and 3600X Switch Software Configuration Guide xxxviii OL-23400-01...
Page 39: Software Licenses And Features
Table 1-4 on page 1-10. To install a software image, see the switch release notes and the “Working with the Cisco IOS File System, Configuration Files, and Software Images” chapter in the software configuration guide. To install a software license, see the “Cisco IOS Software Activation Tasks and Commands” chapter in the Cisco IOS Software Activation Configuration Guide: http://www.cisco.com/en/US/docs/ios/csa/configuration/guide/12.4T/csa_book.html...
Page 40: Chapter 1 Overview
You must obtain authorization to use this feature and to download the cryptographic version of the software from Cisco.com. Other features require a specific license. For more information, see the release notes for this release.
Page 41: Management Options
Cisco Configuration Engine—The Cisco Configuration Engine is a network management device that • works with embedded Cisco IOS CNS Agents in the switch software. You can automate initial configurations and configuration updates by generating switch-specific configuration changes, sending them to the switch, executing the configuration change, and logging the results. For more information about using Cisco IOS agents, see Chapter 4, “Configuring Cisco IOS Configuration...
Page 42 • Network Time Protocol (NTP) for providing a consistent time stamp to all switches from an external source Cisco IOS File System (IFS) for providing a single interface to all file systems that the switch uses • • In-band management access for up to 16 simultaneous Telnet connections for multiple CLI-based...
Page 43: Availability Features
Support for up to 4094 VLANs for assigning users to VLANs associated with appropriate network • resources, traffic patterns, and bandwidth • Support for VLAN IDs in the full 1 to 4094 range allowed by the IEEE 802.1Q standard Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 44: Security Features
Extended MAC access control lists for defining security policies in the inbound direction on Layer 2 • interfaces VLAN ACLs (VLAN maps) for providing intra-VLAN security by filtering traffic based on • information in the MAC, IP, and TCP/UDP headers Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 45: Quality Of Service And Class Of Service Features
This release adds support for the 168-bit Triple Data Encryption Standard (3DES) and the 128-bit, 192-bit, and 256-bit Advanced Encryption Standard (AES) encryption algorithms to SNMPv3. Quality of Service and Class of Service Features Cisco modular quality of service (QoS) command-line (MQC) implementation • Three levels of hierarchical output queueing •...
Page 46: Layer 3 Features
Multiple VPN multi-VRF instances in customer edge devices to allow service providers to support • multiple VPNs and to overlap IP addresses between VPNs. • Support for MPLS traffic engineering and fast reroute link protection for rerouting LSP traffic around a failed link Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 47: Monitoring Features
MST, REP, Flex Links • Ethernet over MPLS (EoMPLS) • Synchronous Ethernet • Pseudowire redundancy • Multi VRF-CE (VRF-Lite) with service awareness (ARP, ping, SNMP, syslog, traceroute, FTP and TFTP) Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 48 128 K 256 K IPv4 routes 42 K 80 K 24 K 32 K IPv4 multicast groups and routes Layer 2 multicast entries Bridge domains ACL entries 16 K Cisco ME 3800X and 3600X Switch Software Configuration Guide 1-10 OL-23400-01...
Page 49: Where To Go Next
Before configuring the switch, review these sections for startup information: Chapter 2, “Using the Command-Line Interface” • Chapter 3, “Assigning the Switch IP Address and Default Gateway” • Chapter 4, “Configuring Cisco IOS Configuration Engine” • Cisco ME 3800X and 3600X Switch Software Configuration Guide 1-11 OL-23400-01...
Page 50 Chapter 1 Overview Where to Go Next Cisco ME 3800X and 3600X Switch Software Configuration Guide 1-12 OL-23400-01...
Page 51: Understanding Command Modes
C H A P T E R Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) and how to use it to configure your Cisco ME 3800X and 3600X switch. It contains these sections: Understanding Command Modes, page 2-1 •...
Page 52: C H A P T E R 2 Using The Command-Line Interface
To return to console command. privileged EXEC mode, press Ctrl-Z or enter end. For more detailed information on the command modes, see the command reference guide for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 53: Understanding The Help System
You need to enter only enough characters for the switch to recognize the command as unique. This example shows how to enter the show configuration privileged EXEC command in an abbreviated form: Switch# show conf Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 54: Understanding No And Default Forms Of Commands
You can customize this feature to suit your needs as described in these sections: Changing the Command History Buffer Size, page 2-5 (optional) • Recalling Commands, page 2-5 (optional) • • Disabling the Command History Feature, page 2-5 (optional) Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 55: Changing The Command History Buffer Size
To disable the feature during the current terminal session, enter the terminal no history privileged EXEC command. To disable command history for the line, enter the no history line configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 56: Using Editing Features
Recall commands from the buffer and Press Ctrl-Y. Recall the most recent entry in the buffer. paste them in the command line. The switch provides a buffer with the last ten items that you deleted. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 57 Press Ctrl-L or Ctrl-R. Redisplay the current command line. if the switch suddenly sends a message to your screen. 1. The arrow keys function only on ANSI-compatible terminals such as VT100s. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 58: Editing Command Lines That Wrap
Switch# show interfaces | include protocol Vlan1 is up, line protocol is up Vlan10 is up, line protocol is down GigabitEthernet0/1 is up, line protocol is down GigabitEthernet0/2 is up, line protocol is up Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 59: Accessing The Cli
8-36. The switch supports up to five simultaneous secure SSH sessions. After you connect through the console port, through a Telnet session or through an SSH session, the user EXEC prompt appears on the management station. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 60 Chapter 2 Using the Command-Line Interface Accessing the CLI Cisco ME 3800X and 3600X Switch Software Configuration Guide 2-10 OL-23400-01...
Page 61: Chapter 3 Assigning The Switch Ip Address And Default Gateway
This chapter describes how to create the initial switch configuration (for example, assigning the switch IP address and default gateway information) for the Cisco Metro Ethernet (ME) 3800X and 3600X switch by using a variety of automatic and manual methods. It also describes how to modify the switch startup configuration.
Page 62: Initial Configuration
If you do not know the image name on the flash memory, you can retrieve the name with this command: switch:dir flash: Directory of flash:/ -rwx 2072 <date> multiple-fs -rwx <date> private-config.text -rwx 3045 <date> config.text drwx <date> me380x-universal-mz.122-52.1.127.EY 16920593 bytes available (41011183 bytes used) Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 63: Assigning Switch Information
No IP address or subnet mask are defined. Default gateway No default gateway is defined. Enable secret password No password is defined. Hostname The factory-assigned default hostname is Switch. Telnet password No password is defined. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 64: Understanding Dhcp-Based Autoconfiguration
DHCP server. The formal request is broadcast so that all other DHCP servers that received the DHCPDISCOVER broadcast message from the client can reclaim the IP addresses that they offered to the client. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 65: Understanding Dhcp-Based Autoconfiguration And Image Update
The switch (or switches) downloading the new configuration and the new image can be blank (or only have a default factory configuration loaded). Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 66: Limitations And Restrictions
Configuring the TFTP Server, page 3-7 • Configuring the DNS, page 3-8 • Configuring the Relay Device, page 3-8 • • Obtaining Configuration Files, page 3-9 • Example Configuration, page 3-10 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 67: Dhcp Server Configuration Guidelines
The switch can act as a DHCP server. By default, the Cisco IOS DHCP server and relay agent features are enabled on your switch but are not configured. These features are not operational. If your DHCP server is a Cisco device, for additional information about configuring DHCP, see the “Configuring...
Page 68: Configuring The Dns
If the relay device is a Cisco router, enable IP routing (ip routing global configuration command), and configure helper addresses by using the ip helper-address interface configuration command.
Page 69: Obtaining Configuration Files
DHCP reply. If the hostname is not specified in the DHCP reply, the switch uses the default Switch as its hostname. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 70: Example Configuration
TFTP server name tftpserver or tftpserver or tftpserver or tftpserver or 10.0.0.3 10.0.0.3 10.0.0.3 10.0.0.3 Boot filename (configuration file) switcha-confg switchb-confg switchc-confg switchd-confg (optional) Hostname (optional) switcha switchb switchc switchd Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-10 OL-23400-01...
Page 71: Configuring The Dhcp Auto Configuration And Image Update Features
One switch acts as a DHCP and TFTP server. The client switch is configured to download either a new configuration file or a new configuration file and a new image file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-11...
Page 72: Configuring Dhcp Autoconfiguration (Only Configuration File)
Switch(dhcp-config)# network 10.10.10.0 255.255.255.0 Switch(dhcp-config)# bootfile config-boot.text Switch(dhcp-config)# default-router 10.10.10.1 Switch(dhcp-config)# option 150 10.10.10.1 Switch(dhcp-config)# exit Switch(config)# tftp-server flash:config-boot.text Switch(config)# interface gigabitethernet0/4 Switch(config-if)# no switchport Switch(config-if)# ip address 10.10.10.1 255.255.255.0 Switch(config-if)# end Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-12 OL-23400-01...
Page 73: Configuring Dhcp Auto-Image Update (Configuration File And Image)
Upload the tarfile for the new image to the switch. Step 10 exit Return to global configuration mode. Step 11 tftp-server flash:config.text Specify the Cisco IOS configuration file on the TFTP server. Step 12 tftp-server flash:imagename.tar Specify the image name on the TFTP server. Step 13 tftp-server flash:filename.txt...
Page 74: Configuring The Client
Private Config file: flash:/private-config.text Enable Break: Manual Boot: HELPER path-list: NVRAM/Config file buffer size: 32768 Timeout for Config Download: 300 seconds Config Download via DHCP: enabled (next boot: enabled) Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-14 OL-23400-01...
Page 75: Manually Assigning Ip Information
For information on setting the switch system name, protecting access to privileged EXEC commands, and setting time and calendar services, see Chapter 5, “Administering the Switch.” Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-15 OL-23400-01...
Page 76: Checking And Saving The Running Configuration
GigabitEthernet0/1 port-type nni interface GigabitEthernet0/2 port-type nni interface GigabitEthernet0/3 port-type nni <output truncated> port-type nni interface TenGigabitEthernet0/1 port-type nni interface TenGigabitEthernet0/2 port-type nni interface Vlan1 no ip address shutdown Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-16 OL-23400-01...
Page 77: Modifying The Startup Configuration
EXEC command. For more information about alternative locations from which to copy the configuration file, see Appendix B, “Working with the Cisco IOS File System, Configuration Files, and Software Images.” Modifying the Startup Configuration Default Boot Configuration, page 3-18 •...
Page 78: Default Boot Configuration
Specifying the Filename to Read and Write the System Configuration By default, the Cisco IOS software uses the file config.text to read and write a nonvolatile copy of the system configuration. However, you can specify a different filename, which will be loaded during the next boot cycle.
Page 79: Booting Manually
For filesystem:, use flash: for the system board flash device. For file-url, specify the path (directory) and the name of the bootable • image. Filenames and directory names are case sensitive. Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-19 OL-23400-01...
Page 80: Controlling Environment Variables
Many environment variables are predefined and have default values. Environment variables store two kinds of data: Data that controls code, which does not read the Cisco IOS configuration file. For example, the name • of a boot loader helper file, which extends or patches the functionality of the boot loader can be stored as an environment variable.
Page 81: Scheduling A Reload Of The Software Image
Scheduling a Reload of the Software Image You can change the settings of the environment variables by accessing the boot loader or by using Cisco IOS commands. Under normal circumstances, it is not necessary to alter the setting of the environment variables.
Page 82: Configuring A Scheduled Reload
Reload scheduled for 02:00:00 UTC Thu Jun 20 1996 (in 344 hours and 53 minutes) Proceed with reload? [confirm] To cancel a previously scheduled reload, use the reload cancel privileged EXEC command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-22 OL-23400-01...
Page 83: Displaying Scheduled Reload Information
EXEC command. It displays reload information including the time the reload is scheduled to occur and the reason for the reload (if it was specified when the reload was scheduled). Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-23 OL-23400-01...
Page 84 Chapter 3 Assigning the Switch IP Address and Default Gateway Scheduling a Reload of the Software Image Cisco ME 3800X and 3600X Switch Software Configuration Guide 3-24 OL-23400-01...
Page 85: Configuring Cisco Ios Configuration Engine
For complete configuration information for the Cisco Configuration Engine, go to Note http://www.cisco.com/en/US/products/sw/netmgtsw/ps4617/tsd_products_support_series_home.html For complete syntax and usage information for the commands used in this chapter, go to the Cisco IOS Network Management Command Reference, Release 12.4 at http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_book.html Understanding Cisco Configuration Engine Software, page 4-1 •...
Page 86: C H A P T E R 4 Configuring Cisco Ios Configuration Engine
(LDAP) URLs that reference the device-specific configuration information stored in a directory. The Cisco IOS agent can perform a syntax check on received configuration files and publish events to show the success or failure of the syntax check. The configuration agent can either apply configurations immediately or delay the application until receipt of a synchronization event from the configuration server.
Page 87: Event Service
Understanding Cisco Configuration Engine Software Event Service The Cisco Configuration Engine uses the Event Service for receipt and generation of configuration events. The event agent is on the switch and facilitates the communication between the switch and the event gateway on the Configuration Engine.
Page 88: Deviceid
Therefore, the DeviceID, as originated on the switch, must match the DeviceID of the corresponding switch definition in the Configuration Engine. The origin of the DeviceID is defined by the Cisco IOS hostname of the switch. However, the DeviceID variable and its usage reside within the event gateway adjacent to the switch.
Page 89: Understanding Cisco Ios Agents
Understanding Cisco IOS Agents The CNS event agent feature allows the switch to publish and subscribe to events on the event bus and works with the Cisco IOS agent. The Cisco IOS agent feature supports the switch by providing these features: •...
Page 90: Incremental (Partial) Configuration
NVRAM for use at the next reboot. Configuring Cisco IOS Agents The Cisco IOS agents embedded in the switch Cisco IOS software allow the switch to be connected and automatically configured as described in the “Enabling Automated CNS Configuration” section on page 4-6.
Page 91: Enabling The Cns Event Agent
One or more templates for each type of device, with the ConfigID of the device mapped to the template. Note For more information about running the setup program and creating templates on the Configuration Engine, see the Cisco Configuration Engine Installation and Setup Guide, 1.5 for Linux at http://www.cisco.com/en/US/docs/net_mgmt/configuration_engine/1.5/installation_linux/guide/setup_ 1.html Enabling the CNS Event Agent Note You must enable the CNS event agent on the switch before you enable the CNS configuration agent.
Page 92: Enabling The Cisco Ios Cns Agent
Switch(config)# cns event 10.180.1.27 keepalive 120 10 Enabling the Cisco IOS CNS Agent After enabling the CNS event agent, start the Cisco IOS CNS agent on the switch. You can enable the Cisco IOS agent with these commands: The cns config initial global configuration command enables the Cisco IOS agent and initiates an •...
Page 93: Enabling An Initial Configuration
Configuring Cisco IOS Agents • The cns config partial global configuration command enables the Cisco IOS agent and initiates a partial configuration on the switch. You can then use the Configuration Engine to remotely send incremental configurations to the switch.
Page 94 ID, enter an arbitrary text string for string string as the unique ID, or enter udi to set the unique device identifier (UDI) as the unique ID. Cisco ME 3800X and 3600X Switch Software Configuration Guide 4-10 OL-23400-01...
Page 95 Verify your entries. To disable the CNS Cisco IOS agent, use the no cns config initial {ip-address | hostname} global configuration command. This example shows how to configure an initial configuration on a remote switch when the switch configuration is unknown (the CNS Zero Touch feature).
Page 96: Enabling A Partial Configuration
RemoteSwitch(config)# cns id ethernet 0 ipaddress RemoteSwitch(config)# cns config initial 172.28.129.22 no-persist Enabling a Partial Configuration Beginning in privileged EXEC mode, follow these steps to enable the Cisco IOS agent and to initiate a partial configuration on the switch: Command...
Page 97: Upgrading Devices With Cisco Ios Image Agent
Confirm these prerequisites before upgrading one or more devices with image agent: • Determine where to store the Cisco IOS images on a file server to make the image available to the other networking devices. If the CNS Event Bus is to be used to store and distribute the images, the CNS event agent must be configured.
Page 98: Displaying Cns Configuration
Displaying CNS Configuration Command Purpose show cns config connections Displays the status of the CNS Cisco IOS agent connections. show cns config outstanding Displays information about incremental (partial) CNS configurations that have started but are not yet completed. show cns config stats Displays statistics about the Cisco IOS agent.
Page 99 You can manage the system time and date on your switch using automatic configuration, such as the Network Time Protocol (NTP), or manual configuration methods. For complete syntax and usage information for the commands used in this section, see the Cisco IOS Note Configuration Fundamentals Command Reference, Release 12.2.
Page 100: Administering The Switch
Cisco’s implementation of NTP does not support stratum 1 service; it is not possible to connect to a radio or atomic clock. We recommend that the time service for your network be derived from the public NTP servers available on the IP Internet.
Page 101: Configuring Ntp
Switch F Workstations If the network is isolated from the Internet, Cisco’s implementation of NTP allows a device to act as if it is synchronized through NTP, when in fact it has learned the time by using other means. Other devices then synchronize to that device through NTP.
Page 102: Default Ntp Configuration
The switch does not synchronize to a device unless both have one of these authentication keys, and the key number is specified by the ntp trusted-key key-number command. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 103: Configuring Ntp Associations
(meaning that only this switch synchronizes to the other device, and not the other way around). Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 104: Configuring Ntp Broadcast Service
However, in a LAN environment, NTP can be configured to use IP broadcast messages instead. This alternative reduces configuration complexity because each device can simply be configured to send or receive broadcast messages. However, the information flow is one-way only. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 105 Step 3 ntp broadcast client Enable the interface to receive NTP broadcast packets. By default, no interfaces receive NTP broadcast packets. Step 4 exit Return to global configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 106: Configuring Ntp Access Restrictions
NTP control queries and allows the switch to synchronize to the remote device. For access-list-number, enter a standard IP access list number from 1 to 99. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 107 99. However, the switch restricts access to allow only time requests from access list 42: Switch# configure terminal Switch(config)# ntp access-group peer 99 Switch(config)# ntp access-group serve-only 42 Switch(config)# access-list 99 permit 172.20.130.5 Switch(config)# access list 42 permit 172.20.130.6 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 108: Configuring The Source Ip Address For Ntp Packets
“Configuring NTP Associations” section on page 5-5. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-10 OL-23400-01...
Page 109: Displaying The Ntp Configuration
• show ntp status • For detailed information about the fields in these displays, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2. Configuring Time and Date Manually If no other source of time is available, you can manually configure the time and date after the system is restarted.
Page 110: Displaying The Time And Date Configuration
Atlantic Canada (AST) is UTC-3.5, where the 3 means 3 hours and .5 means 50 percent. In this case, the necessary command is clock timezone AST -3 30. To set the time to UTC, use the no clock timezone global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-12 OL-23400-01...
Page 111: Configuring Summer Time (Daylight Saving Time)
This example shows how to specify that summer time starts on the first Sunday in April at 02:00 and ends on the last Sunday in October at 02:00: Switch(config)# clock summer-time PDT recurring 1 Sunday April 2:00 last Sunday October 2:00 Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-13 OL-23400-01...
Page 112: Configuring A System Name And Prompt
A greater-than symbol [>] is appended. The prompt is updated whenever the system name changes. For complete syntax and usage information for the commands used in this section, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 and the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2.
Page 113: Default System Name And Prompt Configuration
Domain names are pieced together with periods (.) as the delimiting characters. For example, Cisco Systems is a commercial organization that IP identifies by a com domain name, so its domain name is cisco.com. A specific device in this domain, for example, the File Transfer Protocol (FTP) system is identified as ftp.cisco.com.
Page 114: Default Dns Configuration
Internet naming scheme (DNS). Step 5 Return to privileged EXEC mode. Step 6 show running-config Verify your entries. Step 7 copy running-config (Optional) Save your entries in the configuration file. startup-config Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-16 OL-23400-01...
Page 115: Displaying The Dns Configuration
If there is a period (.) in the hostname, the Cisco IOS software looks up the IP address without appending any default domain name to the hostname.
Page 116: Configuring A Message-Of-The-Day Login Banner
Unix> telnet 172.2.5.4 Trying 172.2.5.4... Connected to 172.2.5.4. Escape character is '^]'. This is a secure site. Only authorized users are allowed. For access, contact technical support. User Access Verification Password: Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-18 OL-23400-01...
Page 117: Configuring A Login Banner
For complete syntax and usage information for the commands used in this section, see the command Note reference for this release. • Building the Address Table, page 5-20 MAC Addresses and VLANs, page 5-20 • Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-19 OL-23400-01...
Page 118: Building The Address Table
Disabling MAC address learning on a VLAN could cause flooding in the network. See the “Disabling MAC Address Learning on a VLAN” section on page 5-28 for more information. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-20 OL-23400-01...
Page 119: Default Mac Address Table Configuration
(clear mac address-table dynamic interface interface-id), or remove all addresses on a specified VLAN (clear mac address-table dynamic vlan vlan-id). Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-21 OL-23400-01...
Page 120: Configuring Mac Address Change Notification Traps
Enable the switch to send MAC address change notification traps to the NMS. Step 4 mac address-table notification change Enable the MAC address change notification feature. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-22 OL-23400-01...
Page 121 Switch(config-if)# snmp trap mac-notification change added You can verify your settings by entering the show mac address-table notification change interface and the show mac address-table notification change privileged EXEC commands. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-23 OL-23400-01...
Page 122: Configuring Mac Address Move Notification Traps
Switch(config)# snmp-server host 172.20.10.10 traps private mac-notification Switch(config)# snmp-server enable traps mac-notification move Switch(config)# mac address-table notification mac-move You can verify your settings by entering the show mac address-table notification mac-move privileged EXEC commands. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-24 OL-23400-01...
Page 123: Configuring Mac Threshold Notification Traps
Return to privileged EXEC mode. Step 7 show mac address-table notification threshold Verify your entries. show running-config Step 8 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-25 OL-23400-01...
Page 124: Adding And Removing Static Address Entries
You add a static address to the address table by specifying the destination MAC unicast address and the VLAN from which it is received. Packets received with this destination address are forwarded to the interface specified with the interface-id option. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-26 OL-23400-01...
Page 125: Configuring Unicast Mac Address Filtering
% Only unicast addresses can be configured to be dropped % CPU destined address cannot be configured as drop address • Packets that are forwarded to the CPU are also not supported. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-27 OL-23400-01...
Page 126: Disabling Mac Address Learning On A Vlan
MAC addresses. Before you disable MAC address learning be sure that you are familiar with the network topology and the switch system configuration. Disabling MAC address learning on a VLAN could cause flooding in the network. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-28 OL-23400-01...
Page 127: Displaying Address Table Entries
Displays MAC address table information for the specified MAC address. show mac address-table aging-time Displays the aging time in all VLANs or the specified VLAN. Cisco ME 3800X and 3600X Switch Software Configuration Guide 5-29 OL-23400-01...
Page 128: Managing The Arp Table
(represented by the arpa keyword) is enabled on the IP interface. ARP entries added manually to the table do not age and must be manually removed. For CLI procedures, see the Cisco IOS Release 12.2 documentation on Cisco.com. Cisco ME 3800X and 3600X Switch Software Configuration Guide...
Page 129: Chapter 6 Configuring Synchronous Ethernet
The switch SYNC LEDs show the status of the internal clock: locked (green), free run (off), or in a holdover state (amber). Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 130: Synce Timing Using Rep For Loop Prevention And Resiliency
In pure priority-based mode, there is a risk of timing loops if the network topology changes. You can use a REP workaround to avoid timing loops and to ensure timing resiliency. REP is a Cisco protocol used to control network loops, to respond to link failures, and to improve convergence time. See Chapter 16, “Configuring Resilient Ethernet Protocol.”...
Page 131 Priority 1 Priority 1 Data path Timing path Figure 6-2 shows a failure in the timing network, a broken link in the REP segment between Switch 4 and Router 1. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 132 The default time is 300 seconds. Configure wait-to-restore timeout by entering the network-clock-select wait-to-restore global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 133: Bits Interface
802.3 master port when 802.3 Clause 28 autonegotiation completes. On ME3600X-FS or ME3800X switches, SyncE is not supported on 1 Gigabit Ethernet copper SFPs • for the first release. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 134: Default Synce Configuration
For priority, the range is from 1 to 15, with 1 being the highest priority and 15 the lowest. • For port number: – Enter 0 for TenGigabitEthernet 0/1 – Enter 1 for TenGigabitEthernet 0/2 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 135: Configuring The Bits Interface
Enter global configuration mode. Step 2 network-clock-select option {option1 | option2} Configure the EEC option.: option1—Select E1 as the input clock rate. • • option2—Select T1 as the input clock rate Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 136 • – 0-133ft – 133-266ft – 266-399ft 399-533ft – 533-655ft – Step 5 controller BITS shutdown Shut down the BITS controller. Step 6 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 137: Selecting The Network Clock
Step 10 show network-clocks Verify the configuration. Step 11 copy running-config startup config (Optional) Save your entries in the switch startup configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 138: Configuring Rep For The Synce Network
The range is 0 to 720 seconds. The default is 300 seconds. Note This command is valid only when SyncE is configured with the REP workaround. Cisco ME 3800X and 3600X Switch Software Configuration Guide 6-10 OL-23400-01...
Page 139: Monitoring Synce
Output Clock Generated from T4 DPLL T4 DPLL Lock Status : Locked System Clock Selected Ref: Te0/2 T4 DPLL Selected Ref: Te0/1 System Clock (T0 DPLL) Info: Priority Source Type --------------------------------------------------------------- Te0/2 SYNCE Cisco ME 3800X and 3600X Switch Software Configuration Guide 6-11 OL-23400-01...
Page 140 Measured offset freq for input Te0/1 is +0.0ppm (3.8 ppm resolution) Measured offset freq for input Te0/2 is +0.0ppm (3.8 ppm resolution) Measured offset freq for current path (T4 DPLL) is +0.0ppm Cisco ME 3800X and 3600X Switch Software Configuration Guide 6-12 OL-23400-01...
Page 141: Configuring The Switch External Alarms
A triggered alarm also turns on the LED display (the LED is normally off, meaning no alarm). See the Cisco ME-3800X and ME 3600X Hardware Installation Guide for information about the LEDs.
Page 142: Configuring Switch Alarms
To see the alarm configuration and status, enter the show env alarm-contact privileged EXEC command. For more detailed information about the alarm commands, see the command reference for this release. Note The switch supports the CISCO-ENTITY-ALARM-MIB for these alarms. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 143 Description: door sensor Severity: major Trigger: closed ALARM CONTACT 3 Status: not asserted Description: flood sensor Severity: critical Trigger: closed ALARM CONTACT 4 Status: not asserted Description: Severity: critical Trigger: closed Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 144 Chapter 7 Configuring the Switch External Alarms Configuring Switch Alarms Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 145: Configuring Switch-Based Authentication
C H A P T E R Configuring Switch-Based Authentication This chapter describes how to configure switch-based authentication on the Cisco ME 3800X and ME 3600X switch. Preventing Unauthorized Access to Your Switch, page 8-1 • Protecting Access to Privileged EXEC Commands, page 8-2 •...
Page 146: C H A P T E R 8 Configuring Switch-Based Authentication
Password protection restricts access to a network or network device. Privilege levels define what commands users can enter after they have logged into a network device. For complete syntax and usage information for the commands used in this section, see the Cisco IOS Note Security Command Reference, Release 12.4.
Page 147: Setting Or Changing A Static Enable Password
We recommend that you use the enable secret command because it uses an improved encryption algorithm. If you configure the enable secret command, it takes precedence over the enable password command; the two commands cannot be in effect simultaneously. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 148: Protecting Access To Privileged Exec Commands
To remove a password and level, use the no enable password [level level] or no enable secret [level level] global configuration command. To disable password encryption, use the no service password-encryption global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 149: Disabling Password Recovery
Disable password recovery. This setting is saved in an area of the flash memory that is accessible by the boot loader and the Cisco IOS image, but it is not part of the file system and is not accessible by any user.
Page 150: Setting A Telnet Password For A Terminal Line
If you have defined privilege levels, you can also assign a specific privilege level (with associated rights and privileges) to each username and password pair. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 151: Configuring Multiple Privilege Levels
Configuring Multiple Privilege Levels By default, the Cisco IOS software has two modes of password security: user EXEC and privileged EXEC. You can configure up to 16 hierarchical levels of commands for each mode. By configuring multiple passwords, you can allow different sets of users to have access to specified commands.
Page 152: Setting The Privilege Level For A Command
This example shows how to set the configure command to privilege level 14 and define SecretPswd14 as the password users must enter to use level 14 commands: Switch(config)# privilege exec level 14 configure Switch(config)# enable password level 14 SecretPswd14 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 153: Changing The Default Privilege Level For Lines
Log in to a specified privilege level. For level, the range is 0 to 15. Step 2 disable level Exit to a specified privilege level. For level, the range is 0 to 15. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 154: Controlling Switch Access With Tacacs
TACACS+ is facilitated through authentication, authorization, accounting (AAA) and can be enabled only through AAA commands. For complete syntax and usage information for the commands used in this section, see the Cisco IOS Note Security Command Reference, Release 12.2.
Page 155 TACACS+ daemon are encrypted. You need a system running the TACACS+ daemon software to use TACACS+ on your switch. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-11 OL-23400-01...
Page 156: Tacacs+ Operation
The aaa authorization console global configuration command that allows you to enable AAA and TACACS+ to work on the console port. For information about the command, see the Cisco IOS Security Command Reference, Release 12.2: http://www.cisco.com/en/US/docs/ios/12_2/security/command/reference/fsecur_r.html Cisco ME 3800X and 3600X Switch Software Configuration Guide...
Page 157: Default Tacacs+ Configuration
TACACS+ daemon. You must configure the same key on the TACACS+ daemon for encryption to be successful. Step 3 aaa new-model Enable AAA. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-13 OL-23400-01...
Page 158: Configuring Tacacs+ Login Authentication
Beginning in privileged EXEC mode, follow these steps to configure login authentication: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 aaa new-model Enable AAA. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-14 OL-23400-01...
Page 159 {default | list-name} method1 [method2...] global configuration command. To either disable TACACS+ authentication for logins or to return to the default value, use the no login authentication {default | list-name} line configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-15 OL-23400-01...
Page 160: Configuring Tacacs+ Authorization For Privileged Exec Access And Network Services
TACACS+ security server in the form of accounting records. Each accounting record contains accounting attribute-value (AV) pairs and is stored on the security server. This data can then be analyzed for network management, client billing, or auditing. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-16 OL-23400-01...
Page 161: Displaying The Tacacs+ Configuration
RADIUS is facilitated through AAA and can be enabled only through AAA commands. Note For complete syntax and usage information for the commands used in this section, see the Cisco IOS Security Command Reference, Release 12.2. These sections contain this configuration information: Understanding RADIUS, page 8-17 •...
Page 162 • Switch-to-switch or router-to-router situations. RADIUS does not provide two-way authentication. RADIUS can be used to authenticate from one device to a non-Cisco device if the non-Cisco device requires authentication. Networks using a variety of services. RADIUS generally binds a user to one service model.
Page 163: Radius Operation
• Starting RADIUS Accounting, page 8-27 (optional) • Configuring Settings for All RADIUS Servers, page 8-28 (optional) Configuring the Switch to Use Vendor-Specific RADIUS Attributes, page 8-28 (optional) • Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-19 OL-23400-01...
Page 164: Default Radius Configuration
You can configure the switch to use AAA server groups to group existing server hosts for authentication. For more information, see the “Defining AAA Server Groups” section on page 8-24. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-20 OL-23400-01...
Page 165 Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. To remove the specified RADIUS server, use the no radius-server host hostname | ip-address global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-21 OL-23400-01...
Page 166: Configuring Radius Login Authentication
Beginning in privileged EXEC mode, follow these steps to configure login authentication. This procedure is required. Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 aaa new-model Enable AAA. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-22 OL-23400-01...
Page 167 – Step 4 line [console | tty | vty] line-number Enter line configuration mode, and configure the lines to which you want [ending-line-number] to apply the authentication list. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-23 OL-23400-01...
Page 168: Defining Aaa Server Groups
You use the server group server configuration command to associate a particular server with a defined group server. You can either identify the server by its IP address or identify multiple host instances or entries by using the optional auth-port and acct-port keywords. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-24 OL-23400-01...
Page 169 Repeat this step for each RADIUS server in the AAA server group. Each server in the group must be previously defined in Step 2. Step 6 Return to privileged EXEC mode. Step 7 show running-config Verify your entries. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-25 OL-23400-01...
Page 170: Configuring Radius Authorization For User Privileged Access And Network Services
EXEC access and network services: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 aaa authorization network radius Configure the switch for user RADIUS authorization for all network-related service requests. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-26 OL-23400-01...
Page 171: Starting Radius Accounting
(AV) pairs and is stored on the security server. This data can then be analyzed for network management, client billing, or auditing. Beginning in privileged EXEC mode, follow these steps to enable RADIUS accounting for each Cisco IOS privilege level and for network services:...
Page 172: Configuring Settings For All Radius Servers
1, which is named cisco-avpair. The value is a string with this format: protocol : attribute sep value * Protocol is a value of the Cisco protocol attribute for a particular type of authorization. Attribute and value are an appropriate attribute-value (AV) pair defined in the Cisco TACACS+ specification, and sep is = for mandatory attributes and is * for optional attributes.
Page 173: Configuring The Switch For Vendor-Proprietary Radius Server Communication
Although an IETF draft standard for RADIUS specifies a method for communicating vendor-proprietary information between the switch and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way. Cisco IOS software supports a subset of vendor-proprietary RADIUS attributes.
Page 174: Configuring Radius Server Load Balancing
Configuring RADIUS Server Load Balancing This feature allows access and authentication requests to be evenly across all RADIUS servers in a server group. For more information, see the “RADIUS Server Load Balancing” chapter of the “Cisco IOS Security Configuration Guide”, Release 12.2: http://www.ciscosystems.com/en/US/docs/ios/12_2sb/feature/guide/sbrdldbl.html...
Page 175: Controlling Switch Access With Kerberos
Note A Kerberos server can be a Cisco ME switch that is configured as a network security server and that can authenticate users by using the Kerberos protocol. The Kerberos credential scheme uses a process called single logon. This process authenticates a user once and then allows secure authentication (without encrypting another password) wherever that user credential is accepted.
Page 176 A daemon that is running on a network host. Users and network services register their identity with the Kerberos server. Network services query the Kerberos server to authenticate to other network services. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-32 OL-23400-01...
Page 177: Kerberos Operation
4. SRVTAB = server table Kerberos Operation A Kerberos server can be a Cisco ME switch that is configured as a network security server and that can authenticate remote users by using the Kerberos protocol. Although you can customize Kerberos in a number of ways, remote users attempting to access network services must pass through three layers of security before they can access network services.
Page 178: Obtaining A Tgt From A Kdc
The Kerberos realm name must be in all uppercase characters. Note A Kerberos server can be a Cisco ME switch that is configured as a network security server and that can authenticate users by using the Kerberos protocol. To set up a Kerberos-authenticated server-client system, follow these steps: Configure the KDC by using Kerberos commands.
Page 179: Configuring The Switch For Local Authentication And Authorization
Configure the switch to use the Kerberos protocol. For instructions, see the “Kerberos Configuration Task List” section in the “Security Server Protocols” chapter of the Cisco IOS Security Configuration Guide, Release 12.2, at this URL: http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfkerb.html Configuring the Switch for Local Authentication and...
Page 180: Configuring The Switch For Secure Shell
You can use an SSH client to connect to a switch running the SSH server. The SSH server works with the SSH client supported in this release and with non-Cisco SSH clients. The SSH client also works with the SSH server supported in this release and with non-Cisco SSH servers.
Page 181: Limitations
Setting Up the Switch to Run SSH Follow these steps to set up your switch to run SSH: Download the cryptographic software image from Cisco.com. This step is required. For more information, see the release notes for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide...
Page 182: Configuring The Ssh Server
If you do not enter this command or do not specify a keyword, the SSH server selects the latest SSH version supported by the SSH client. For example, if the SSH client supports SSHv1 and SSHv2, the SSH server selects SSHv2. Cisco ME 3800X and 3600X Switch Software Configuration Guide 8-38 OL-23400-01...
Page 183: Displaying The Ssh Configuration And Status
Shows the status of the SSH server. For more information about these commands, see the “Secure Shell Commands” section in the “Other Security Features” chapter of the Cisco IOS Security Command Reference, Cisco IOS Release 12.2, at this URL: http://www.cisco.com/en/US/docs/ios/12_2/security/command/reference/fsecur_r.html...
Page 184: Information About Secure Copy
(AAA) authorization be configured so the router can determine whether the user has the correct privilege level. A user who has appropriate authorization can use SCP to copy any file in the Cisco IOS File System •...
Page 185: Understanding Interface Types
C H A P T E R Configuring Interfaces This chapter defines the types of interfaces on the Cisco ME 3800X and ME 3600X switches and describes how to configure them. Understanding Interface Types, page 9-1 • Using Interface Configuration Mode, page 9-6 •...
Page 186: Chapter 9 Configuring Interface
Understanding Interface Types NNI Port Type All Cisco ME 3800X and 3600X ports are network node interfaces (NNIs), which are typically connected to a router or to another switch. The default status for an NNI is administratively up to allow a service provider remote access to the switch during initial configuration.
Page 187: Access Ports
For more information about IP unicast and multicast routing and routing protocols, see Chapter 29, “Configuring IP Unicast Routing” Chapter 33, “Configuring IP Multicast Routing.” Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 188: Ethernet Management Port
Exceptions are the Cisco Discovery Protocol (CDP), Link Aggregation Control Protocol (LACP), and the Port Aggregation Protocol (PAgP), which operate only on physical NNI or ENI ports.
Page 189: Ethernet Flow Points
However, only IP Version 4 packets with Ethernet II encapsulation can be routed in hardware. The switch routes only IP traffic. When IP routing Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 190: Using Interface Configuration Mode
• Type—Gigabit Ethernet (gigabitethernet or gi) for 10/100/1000 Mb/s Ethernet ports, or small form-factor pluggable (SFP) module Gigabit Ethernet interfaces. Module number—The module or slot number on the switch (always 0 on the Cisco ME switch). • • Port number—The interface number on the switch. The port numbers always begin at 1, starting with the leftmost port when facing the front of the switch, for example, gigabitethernet 0/1.
Page 191: Configuring A Range Of Interfaces
Verify the configuration of the interfaces in the range. Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. When using the interface range global configuration command, note these guidelines: Valid entries for port-range: • Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 192: Configuring And Using Interface Range Macros
Before you can use the macro keyword in the interface range macro global configuration command string, you must use the define interface-range global configuration command to define the macro. Beginning in privileged EXEC mode, follow these steps to define an interface range macro: Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 193 This example shows how to define an interface-range named enet_list to include ports 1 and 2 and to verify the macro configuration: Switch# configure terminal Switch(config)# define interface-range enet_list gigabitethernet0/1 - 2 Switch(config)# end Switch# show running-config | include define define interface-range enet_list GigabitEthernet0/1 - 2 Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 194: Using The Ethernet Management Port
Note When connecting a PC to the Ethernet management port, you must assign an IP address. Connect the Ethernet management port to the PC as shown in Figure 9-2. Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-10 OL-23400-01...
Page 195 Configure route filters to avoid routes between the Ethernet management port and the network ports and to prevent the loops. Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-11...
Page 196: Supported Features On The Ethernet Management Port
To display the link status, use the show interfaces gigabitethernet 0 privileged EXEC command. TFTP and the Ethernet Management Port Use the commands in Table 1 when using TFTP to download or upload a configuration file to the boot loader. Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-12 OL-23400-01...
Page 197: Configuring Ethernet Interfaces
Loads and boots an executable image from the TFTP server and enters the command-line interface. For more details, see the command reference for this release. copy tftp:/source-file-url Copies a Cisco IOS image from the TFTP server to the specified filesystem:/destination-file- location. For more details, see the command reference for this release.
Page 198: Configuring Interface Speed And Duplex Mode
You cannot configure speed on SFP module ports or on 10 Gigabit Ethernet ports, but you can • configure speed to not negotiate (nonegotiate) if connected to a device that does not support autonegotiation. Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-14 OL-23400-01...
Page 199: Setting The Interface Speed And Duplex Parameters
Beginning in privileged EXEC mode, follow these steps to set the speed and duplex mode for a physical interface. Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface-id Specify the physical interface to be configured, and enter interface configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-15 OL-23400-01...
Page 200 You can configure the duplex setting when the speed is set to auto. This command is not available on 10 GigabitEthernet ports or on SFP module ports with these exceptions: If a Cisco 1000BASE-T SFP module is inserted, you can • configure duplex to auto or to full.
Page 201: Configuring Ieee 802.3X Flow Control
To disable IEEE 802.3x flow control, use the flowcontrol receive off interface configuration command. This example shows how to enable IEEE 802.3x flow control on a port: Switch# configure terminal Switch(config)# interface gigabitethernet0/1 Switch(config-if)# flowcontrol receive on Switch(config-if)# end Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-17 OL-23400-01...
Page 202: Configuring Auto-Mdix On An Interface
Auto-MDIX is supported on all 10/100 and 10/100/1000 Mb/s interfaces and on Cisco 10/100/1000 BASE-T/TX SFP module interfaces. It is not supported on 1000 BASE-SX or -LX SFP module interfaces.
Page 203: Adding A Description For An Interface
For information about assigning Layer 2 ports to VLANs, see Chapter 10, “Configuring VLANs.” • Routed ports: Routed ports are physical ports configured to be in Layer 3 mode by using the no switchport interface configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-19 OL-23400-01...
Page 204 This example shows how to configure a port as a routed port and to assign it an IP address: Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabitethernet0/2 Switch(config-if)# no switchport Switch(config-if)# ip address 192.20.135.21 255.255.255.0 Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-20 OL-23400-01...
Page 205: Configuring The Interface Mtu
(You can display the full list of show commands by using the show ? command at the privileged EXEC prompt.) These commands are fully described in the Cisco IOS Interface Command Reference, Release 12.2. Cisco ME 3800X and 3600X Switch Software Configuration Guide...
Page 206 • table show port-type [eni | nni | uni] Display interface type information for the Cisco ME switch. The only valid type is nni. Other keywords show no output. show running-config interface [interface-id] Display the running configuration in RAM for the interface.
Page 207: Clearing And Resetting Interfaces And Counters
Use the no shutdown interface configuration command to enable an interface. To verify that an interface is disabled, enter the show interfaces privileged EXEC command. A disabled interface is shown as administratively down in the display. Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-23 OL-23400-01...
Page 208 Chapter 9 Configuring Interfaces Monitoring and Maintaining the Interfaces Cisco ME 3800X and 3600X Switch Software Configuration Guide 9-24 OL-23400-01...
Page 209: Configuring Vlans
This chapter describes how to configure normal-range VLANs (VLAN IDs 1 to 1005) and extended-range VLANs (VLAN IDs 1006 to 4094) on the Cisco ME 3800X and ME 3600X switch. It includes information about VLAN membership modes, VLAN configuration modes, and VLAN trunks.
Page 210: Chapter 10 Configuring Vlan
This section includes these topics: Supported VLANs, page 10-3 • Normal-Range VLANs, page 10-3 • Extended-Range VLANs, page 10-4 • VLAN Port Membership Modes, page 10-4 • • UNI VLANs, page 10-4 Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-2 OL-23400-01...
Page 211: Supported Vlans
Bridge identification number for TrBRF VLANs • Ring number for FDDI and TrCRF VLANs • Parent VLAN number for TrCRF VLANs Spanning Tree Protocol (STP) type for TrCRF VLANs • Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-3 OL-23400-01...
Page 212: Extended-Range Vlans
“Managing the MAC Address Table” section on page 5-19. UNI VLANs The Cisco ME 3800X and 3600X have commands for configuring user network interface (UNI) VLANs to isolate traffic between some ports on a switch. Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-4...
Page 213: Creating And Modifying Vlans
IDs 1006 to 4094) are not saved in the VLAN database. VLAN name VLANxxxx, where xxxx No range represents four numeric digits (including leading zeros) equal to the VLAN ID number Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-5 OL-23400-01...
Page 214: Vlan Configuration Guidelines
(based on encapsulation criteria), while VLAN membership is determined by the VLAN tag in the packet. For more information about bridge domains, see Chapter 11, “Configuring Ethernet Virtual Connections (EVCs).” Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-6 OL-23400-01...
Page 215: Creating Or Modifying An Ethernet Vlan
When you delete a VLAN, any ports assigned to that VLAN become inactive. They remain associated Caution with the VLAN (and thus inactive) until you assign them to a new VLAN. Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-7 OL-23400-01...
Page 216: Assigning Static-Access Ports To A Vlan
This example shows how to configure a port as an access port in VLAN 2: Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabithernet0/1 Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan 2 Switch(config-if)# end Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-8 OL-23400-01...
Page 217: Displaying Vlans
If you do not intend to trunk across links, use the switchport mode access interface configuration • command to disable trunking. • To enable trunking, use the switchport mode trunk interface configuration command to change the interface to a trunk. Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-9 OL-23400-01...
Page 218: Ieee 802.1Q Configuration Considerations
VLAN allowed on the trunks. Non-Cisco devices might support one spanning-tree instance for all VLANs. When you connect a Cisco switch to a non-Cisco device through an IEEE 802.1Q trunk, the Cisco switch combines the spanning-tree instance of the VLAN of the trunk with the spanning-tree instance of the non-Cisco IEEE 802.1Q switch.
Page 219: Configuring An Ethernet Interface As A Trunk Port
To reset all trunking characteristics of a trunking interface to the defaults, use the no switchport trunk interface configuration command. To disable trunking, use the switchport mode access interface configuration command to configure the port as a static-access port. Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-11 OL-23400-01...
Page 220: Defining The Allowed Vlans On A Trunk
VLANs from the allowed list. VLAN 1 is the default VLAN on all trunk ports in all Cisco switches, and it has previously been a Note requirement that VLAN 1 always be enabled on every trunk link. The VLAN 1 minimization feature allows you to disable VLAN 1 on any individual VLAN trunk link so that no user traffic (including spanning-tree advertisements) is sent or received on VLAN 1.
Page 221: Configuring The Native Vlan For Untagged Traffic
Step 3 switchport trunk native vlan vlan-id Configure the VLAN that is sending and receiving untagged traffic on the trunk port. For vlan-id, the range is 1 to 4094. Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-13 OL-23400-01...
Page 222: Configuring Trunk Ports For Load Sharing
6. If the active trunk fails, the trunk with the lower priority takes over and carries the traffic for all of the VLANs. No duplication of traffic occurs over any trunk port. Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-14...
Page 223: Load Sharing Using Stp Path Cost
VLANs, blocking different ports for different VLANs. The VLANs keep the traffic separate and maintain redundancy in the event of a lost link. Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-15...
Page 224 Enter interface configuration mode for Trunk port 2. Step 15 spanning-tree vlan 8-10 cost 30 Set the spanning-tree path cost to 30 for VLANs 2 through 4. Step 16 exit Return to global configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-16 OL-23400-01...
Page 225 Follow the same steps on Switch B to configure the trunk port for Trunk 1 with a path cost of 30 for VLANs 2 through 4, and configure the trunk port for Trunk 2 with a path cost of 30 for VLANs 8 through Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-17...
Page 226 Chapter 10 Configuring VLANs Configuring VLAN Trunks Cisco ME 3800X and 3600X Switch Software Configuration Guide 10-18 OL-23400-01...
Page 227: Chapter 11 Configuring Ethernet Virtual Connections (Evcs)
Supported EVC Features, page 11-2 • Understanding EVC Features, page 11-3 Configuring EFPs, page 11-8 • Configuring Other Features on EFPs, page 11-15 • Monitoring EVC, page 11-29 • Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-1 OL-23400-01...
Page 228: Supported Evc Features
QoS aware EVC/EFP per service instance These Layer 2 port-based features can run with EVC configured on the port: PAGP • LACP • UDLD • • LLDP • • MSTP Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-2 OL-23400-01...
Page 229: Understanding Evc Features
EVC name, but you must enter ethernet. Different EFPs can share the same name when they correspond to the same EVC. EFPs are tied to a global EVC through the common name. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-3...
Page 230: Encapsulation
VLAN tag • After you have entered an encapsulation method, these keyword options are available in service instance configuration mode: bridge-domain—Configures a bridge domain • rewrite—Configures Ethernet rewrite criteria • Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-4 OL-23400-01...
Page 231 The encapsulation must match the packet on the wire to determine filtering criteria. On the wire refers to packets ingressing the switch before any rewrites and to packets egressing the switch after all rewrites. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-5 OL-23400-01...
Page 232: Bridge Domains
16 members in split horizon group 2 in the same bridge domain. We recommend that you add split horizon groups in numerical order to maximize the number of service instances that can belong to a group. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-6 OL-23400-01...
Page 233: Rewrite Operations
Because of the egress rewrite limitation, if an EFP has a pop 2 rewrite operation at ingress, no other EFP in the same bridge domain can have a rewrite operation. See the “Global Rewrite Operation Limitation on a Switch” section on page 11-14. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-7 OL-23400-01...
Page 234: Configuring Efps
When an EFP encapsulation is the default (matching or allowing all ingress frames), you cannot • configure any other encapsulation on an EFP on the same port and bridge-domain as the default encapsulation. There can be only one default encapsulation per port. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-8 OL-23400-01...
Page 235: Creating Service Instances
EFPs in the same bridge domain but not in the same split-horizon group. You must configure encapsulation before the Note bridge-domain keyword is available. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-9 OL-23400-01...
Page 236: Configuration Examples
Switch (config-if)# service instance 1 Ethernet Switch (config-if-srv)# encapsulation dot1q 10 Switch (config-if-srv)# bridge-domain 10 Switch (config)# interface gigabitethernet0/2 Switch (config-if)# service instance 1 Ethernet Switch (config-if-srv)# encapsulation dot1q 10 Switch (config-if-srv)# bridge-domain 10 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-10 OL-23400-01...
Page 237: Bridge Domains And Vlan Encapsulation
Switch (config-if)# service instance 2 Ethernet Switch (config-if-srv)# encapsulation dot1q 99 Switch (config-if-srv)# rewrite ingress pop 1 symmetric Switch (config-if-srv)# bridge-domain 8000 split-horizon group 1 Switch (config)# interface gigabitethernet0/2 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-11 OL-23400-01...
Page 238: Hairpinning
Switch (config-if-srv)# bridge-domain 19 Switch (config)# interface gigabitethernet0/3 Switch (config-if)# service instance 3 Ethernet Switch (config-if-srv)# encapsulation dot1q 10 second-dot1q 20 Switch (config-if-srv)# rewrite ingress pop 1 symmetric Switch (config-if-srv)# bridge-domain 19 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-12 OL-23400-01...
Page 239: Examples Of Unsupported Configurations
Matching etype ipv4 in service instance 2 is a subset of service instance 1 etype match all (the default when not specified). Switch (config)# interface gigabitethernet 0/1 Switch (config-if)# switchport mode trunk Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-13 OL-23400-01...
Page 240: Global Rewrite Operation Limitation On A Switch
1 to second-dot1q 30 encapsulation of service instance 2. Switch (config-if)# service instance 1 Ethernet Switch (config-if-srv)# encapsulation dot1q 10 second-dot1q 20 Switch (config-if-srv)# rewrite ingress pop 1 symmetric Switch (config-if-srv)# bridge-domain 2 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-14 OL-23400-01...
Page 241: Configuring Other Features On Efps
Switch (config)# interface port-channel 4 Switch (config-if)# switchport mode trunk Switch (config-if)# switchport allowed vlan none Switch (config-if)# service instance 2 ethernet Switch (config-if-srv)# encapsulation dot1q 20 Switch (config-if-srv)# bridge-domain 2 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-15 OL-23400-01...
Page 242: Efps And Layer 2 Protocols
You can configure dynamic address aging time per VLAN by entering the mac address-table aging time [0 | 10-1000000] bridge-domain bridge-id. The range is in seconds. An aging time of 0 means that the address aging is disabled. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-16 OL-23400-01...
Page 243: Configuring Ieee 802.1Q Tunneling And Layer 2 Protocol Tunneling Using Efps
Frame Check address EtherType Sequence Original Ethernet frame Len/Etype Data IEE 802.1Q frame from Etype Len/Etype Data customer network Etype Etype Len/Etype Data Double-tagged frame in service provider infrastructure Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-17 OL-23400-01...
Page 244 Switch (config-if-srv)# bridge-domain 5000 Switch (config)# interface gigabitethernet0/2 Switch (config-if)# service instance 2 Ethernet Switch (config-if-srv)# encapsulation dot1q 30 Switch (config-if-srv)# rewrite ingress pop 1 symmetric Switch (config-if-srv)# bridge-domain 5000 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-18 OL-23400-01...
Page 245 For double tagged (S-VLAN = 30, C-VLAN = 1 to 100) packets coming in from the provider network, the trunk port implicitly pops the outer S-VLAN (30) and forwards the packet on that bridge-domain. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-19...
Page 246 Switch (config-if)# switchport mode trunk Switch (config-if)# service instance 10 Ethernet Switch (config-if-srv)# encapsulation dot1q 20 second dot1q 30 Switch (config-if-srv)# rewrite ingress tag pop 2 symmetric Switch (config-if-srv)# bridge-domain 10 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-20 OL-23400-01...
Page 247: Layer 2 Protocol Tunneling
STP must run properly, and every VLAN should build a proper spanning tree that includes the local site and all remote sites across the service-provider network. Cisco Discovery Protocol (CDP) must discover neighboring Cisco devices from local and remote sites.
Page 248 • spanning tree based on parameters from all sites and not just from the local site. • CDP discovers and shows information about the other Cisco devices connected through the service-provider network. • VTP provides consistent VLAN configuration throughout the customer network, propagating to all switches through the service provider that support VTP.
Page 249 Switch (config)# interface gigabitethernet0/2 Switch (config)# switchport mode trunk Switch (config)# switchport trunk allowed vlan none Switch (config-if)# service instance 10 Ethernet Switch (config-if-srv)# encapsulation untagged, dot1q 200 second-dot1q 300 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-23 OL-23400-01...
Page 250: Efps And Ethernet Over Multiprotocol Layer Switching (Eompls)
This is an example of configuring bridge-domain routing with two tags: Switch (config)# interface gigabitethernet0/2 Switch (config)# switchport mode trunk Switch (config)# switchport trunk allowed vlan none Switch (config-if)# service instance 1 Ethernet Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-24 OL-23400-01...
Page 251: Efps And Switchport Mac Addresses
Switch (config-if-srv)# bridge-domain 20 Switch (config-if-srv)# exit Switch (config-if)# service instance 2 Ethernet Switch (config-if-srv)# encapsulation dot1q 2001 Switch (config-if-srv)# rewrite ingress tag pop 1 symmetric Switch (config-if-srv)# bridge-domain 30 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-25 OL-23400-01...
Page 252 10. On egress, the rewrite operation results in a VLAN tag (encapsulation dot1q 10) to be pushed (added), and the packet egresses on the EFP with a single tag (VLAN l0). Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-26 OL-23400-01...
Page 253 10. At egress on the switchport, the native VLAN or access VLAN matches the bridge-domain, and the packet is sent out as untagged. Figure 11-9 Figure 11-12 show traffic between a switchport and an EFP with no rewrite. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-27 OL-23400-01...
Page 254 EFP with no rewrite, there is an encapsulation mismatch because the bridged packet is untagged and the encapsulation is dot1q 10. Therefore, the packet is dropped. The same scenario applies when the switchport trunk is configured with the access VLAN ID or native VLAN ID. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-28 OL-23400-01...
Page 255: Efps And Mstp
EFP ID and interface, only data pertaining to that particular EFP is displayed. interface interface-id] {[detail] | [stats]} If you specify only an interface ID, data is displayed for all EFPs on the interface. Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-29 OL-23400-01...
Page 256 Encapsulation: dot1q 10 vlan protocol type 0x8100 Interface Dot1q Tunnel Ethertype: 0x8100 State: Up EFP Statistics: Pkts In Bytes In Pkts Out Bytes Out 15408 97150 6994800 EFP Microblocks: **************** Microblock type: Bridge-domain Bridge-domain: 10 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-30 OL-23400-01...
Page 257 This is an example of output from the show mac-address table count command: Switch# show mac address-table count bridge-domain 10 Mac Entries for BD --------------------------- Dynamic Address Count : 20 Static Address Count Total Mac Addresses : 20 Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-31 OL-23400-01...
Page 258 Chapter 11 Configuring Ethernet Virtual Connections (EVCs) Monitoring EVC Cisco ME 3800X and 3600X Switch Software Configuration Guide 11-32 OL-23400-01...
Page 259: Configuring Command Macros
C H A P T E R Configuring Command Macros This chapter describes how to configure and apply command macros on the Cisco ME 3800X and ME 3600X switch. For complete syntax and usage information for the commands used in this chapter, see the command reference for this release.
Page 260: Chapter 12 Configuring Command Macro
When you apply a macro to a user network interface (UNI) or enhanced network interface (ENI), you must first enable the port. UNIs and ENIs are disabled by default. Cisco ME 3800X and 3600X Switch Software Configuration Guide 12-2 OL-23400-01...
Page 261: Creating Command Macros
MAC addresses and also includes two help string keywords by using # macro keywords: Switch(config)# macro name test switchport access vlan $VLANID switchport port-security maximum $MAX #macro keywords $VLANID $MAX Cisco ME 3800X and 3600X Switch Software Configuration Guide 12-3 OL-23400-01...
Page 262: Applying Command Macros
Step 10 show parser macro description Verify that the macro is applied to the interface. [interface interface-id] Step 11 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 12-4 OL-23400-01...
Page 263: Displaying Command Macros
Displays a specific macro. show parser macro brief Displays the configured macro names. show parser macro description [interface Displays the macro description for all interfaces or for a specified interface-id] interface. Cisco ME 3800X and 3600X Switch Software Configuration Guide 12-5 OL-23400-01...
Page 264 Chapter 12 Configuring Command Macros Displaying Command Macros Cisco ME 3800X and 3600X Switch Software Configuration Guide 12-6 OL-23400-01...
Page 265: Configuring Stp
This chapter describes how to configure the Spanning Tree Protocol (STP) on port-based VLANs on the Cisco ME 3800X and ME 3600X switch. The switch can use the per-VLAN spanning-tree plus (PVST+) protocol based on the IEEE 802.1D standard and Cisco proprietary extensions, or the rapid per-VLAN spanning-tree plus (rapid-PVST+) protocol based on the IEEE 802.1w standard.
Page 266: Chapter 13 Configuring Stp
The stable, active spanning-tree topology of a switched network is controlled by these elements: • The unique bridge ID (switch priority and MAC address) associated with each VLAN on each switch. The spanning-tree path cost to the root switch. • Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-2 OL-23400-01...
Page 267: Bridge Id, Switch Priority, And Extended System Id
When the switches in a network are powered up, each functions as the root switch. Each switch sends a configuration BPDU through all of its ports, or on the Cisco ME switch, only through the STP-enabled ports. The BPDUs communicate and compute the spanning-tree topology. Each configuration BPDU...
Page 268: Spanning-Tree Interface States
• From blocking to listening or to disabled • From listening to learning or to disabled From learning to forwarding or to disabled • From forwarding to disabled • Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-4 OL-23400-01...
Page 269: Blocking State
An interface in the blocking state performs these functions: • Discards frames received on the interface • Discards frames switched from another interface for forwarding Does not learn addresses • Receives BPDUs • Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-5 OL-23400-01...
Page 270: Listening State
A disabled interface performs these functions: Discards frames received on the interface • Discards frames switched from another interface for forwarding • • Does not learn addresses • Does not receive BPDUs Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-6 OL-23400-01...
Page 271: How A Switch Or Port Becomes The Root Switch Or Root Port
If the speeds are the same, the port priority and port ID are added together, and spanning tree disables the link with the lowest value. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-7...
Page 272: Spanning-Tree Address Management
A spanning-tree reconfiguration on one VLAN can cause the dynamic addresses learned on that VLAN to be subject to accelerated aging. Dynamic addresses on other VLANs can be unaffected and remain subject to the aging interval entered for the switch. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-8 OL-23400-01...
Page 273: Spanning-Tree Modes And Protocols
IEEE 802.1w standard. This is the default spanning-tree mode for the Cisco ME switch NNIs. Rapid PVST+ is compatible with PVST+. To provide rapid convergence, the rapid PVST+ immediately deletes dynamically learned MAC address entries on a per-port basis upon receiving a topology change.
Page 274: Spanning-Tree Interoperability And Backward Compatibility
VLAN allowed on the trunks. When you connect a Cisco switch to a non-Cisco device through an IEEE 802.1Q trunk, the Cisco switch uses PVST+ to provide spanning-tree interoperability. If rapid PVST+ is enabled, the switch uses it instead of PVST+.
Page 275: Default Spanning-Tree Configuration
VLAN, and use the spanning-tree vlan vlan-id global configuration command to enable spanning tree on the desired VLAN. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-11 OL-23400-01...
Page 276: Changing The Spanning-Tree Mode
Select pvst to enable PVST+. • Select mst to enable MSTP (and RSTP). For more configuration steps, see Chapter 14, “Configuring MSTP.” • Select rapid-pvst to enable rapid PVST+ (the default setting). Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-12 OL-23400-01...
Page 277: Disabling Spanning Tree
Step 1 configure terminal Enter global configuration mode. Step 2 no spanning-tree vlan vlan-id For vlan-id, the range is 1 to 4094. Step 3 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-13 OL-23400-01...
Page 278: Configuring The Root Switch
After configuring the switch as the root switch, we recommend that you avoid manually configuring the Note hello time, forward-delay time, and maximum-age time through the spanning-tree vlan vlan-id hello-time, spanning-tree vlan vlan-id forward-time, and the spanning-tree vlan vlan-id max-age global configuration commands. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-14 OL-23400-01...
Page 279: Configuring A Secondary Root Switch
You can execute this command on more than one switch to configure multiple backup root switches. Use the same network diameter and hello-time values that you used when you configured the primary root switch with the spanning-tree vlan vlan-id root primary global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-15 OL-23400-01...
Page 280: Configuring Port Priority
(higher numerical values) to ones that you want selected last. If all spanning-tree ports have the same priority value, spanning tree puts the port with the lowest interface number in the forwarding state and blocks the other interfaces. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-16 OL-23400-01...
Page 281 For information on how to configure load sharing on trunk ports by using spanning-tree port priorities, see the “Configuring Trunk Ports for Load Sharing” section on page 10-14. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-17 OL-23400-01...
Page 282: Configuring Path Cost
The show spanning-tree interface interface-id privileged EXEC command displays information only Note for ports that are in a link-up operative state. Otherwise, you can use the show running-config privileged EXEC command to confirm the configuration. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-18 OL-23400-01...
Page 283: Configuring The Switch Priority Of A Vlan
Step 5 copy running-config startup-config (Optional) Save your entries in the configuration file. To return to the default setting, use the no spanning-tree vlan vlan-id priority global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-19 OL-23400-01...
Page 284: Configuring Spanning-Tree Timers
Step 5 copy running-config startup-config (Optional) Save your entries in the configuration file. To return to the default setting, use the no spanning-tree vlan vlan-id hello-time global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-20 OL-23400-01...
Page 285: Configuring The Forwarding-Delay Time For A Vlan
Step 5 copy running-config startup-config (Optional) Save your entries in the configuration file. To return to the default setting, use the no spanning-tree vlan vlan-id max-age global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-21 OL-23400-01...
Page 286: Displaying The Spanning-Tree Status
You can clear spanning-tree counters by using the clear spanning-tree [interface interface-id] privileged EXEC command. For information about other keywords for the show spanning-tree privileged EXEC command, see the command reference for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide 13-22 OL-23400-01...
Page 287: Chapter 14 Configuring Mstp
This chapter describes how to configure the Cisco implementation of the IEEE 802.1s Multiple STP (MSTP) on the Cisco ME 3800X and ME 3600X switch. STP is enabled by default on switch ports. The multiple spanning-tree (MST) implementation is a pre-standard implementation. It is based on the Note draft version of the IEEE standard.
Page 288: Understanding Mstp
BPDUs. Because the MSTP BPDU carries information for all instances, the number of BPDUs that need to be processed by a switch to support multiple spanning-tree instances is significantly reduced. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-2 OL-23400-01...
Page 289: Operations Within An Mst Region
IST master. The MST region appears as a virtual switch to adjacent STP switches and MST regions. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-3...
Page 290 VLAN cost, port VLAN priority) can be configured on both the CST instance and the MST instance. MSTP switches use Version 3 RSTP BPDUs or 802.1D STP BPDUs to communicate with legacy IEEE 802.1D switches. MSTP switches use MSTP BPDUs to communicate with MSTP switches. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-4 OL-23400-01...
Page 291: Ieee 802.1S Terminology
Understanding MSTP IEEE 802.1s Terminology Some MST naming conventions used in Cisco’s prestandard implementation have been changed to identify some internal or regional parameters. These parameters are significant only within an MST region, as opposed to external parameters that are relevant to the whole network. Because the CIST is the only spanning-tree instance that spans the whole network, only the CIST parameters require the external rather than the internal or regional qualifiers.
Page 292: Boundary Ports
The primary change from the Cisco prestandard implementation is that a designated port is not defined as boundary, unless it is running in an STP-compatible mode.
Page 293: Interoperation Between Legacy And Standard Switches
Detecting Unidirectional Link Failure This feature is not yet present in the IEEE MST standard, but it is included in this Cisco IOS release. The software checks the consistency of the port role and state in the received BPDUs to detect unidirectional link failures that could cause bridging loops.
Page 294: Interoperability With Ieee 802.1D Stp
• Synchronization of Port Roles, page 14-11 • Bridge Protocol Data Unit Format and Processing, page 14-12 For configuration information, see the “Configuring MSTP Features” section on page 14-14. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-8 OL-23400-01...
Page 295: Port Roles And The Active Topology
Disabled Disabled Discarding To be consistent with Cisco STP implementations, this guide documents the port state as blocking instead of discarding. Designated ports start in the listening state. Rapid Convergence The RSTP provides for rapid recovery of connectivity following the failure of a switch, a switch port, or a LAN.
Page 296 Note On the Cisco ME switch, these ports are always NNIs or STP-enabled ENIs. As shown in Figure 14-4, Switch A is connected to Switch B through a point-to-point link, and all of the ports are in the blocking state.
Page 297: Synchronization Of Port Roles
When the switches connected by a point-to-point link are in agreement about their port roles, the RSTP immediately transitions the port states to forwarding. The sequence of events is shown in Figure 14-5. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-11 OL-23400-01...
Page 298: Bridge Protocol Data Unit Format And Processing
The sending switch sets the agreement flag in the RSTP BPDU to accept the previous proposal. The port role in the agreement message is always set to the root port. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-12...
Page 299: Processing Superior Bpdu Information
(excluding the port on which it is received). The switch starts the TC-while timer for all such ports and flushes the information learned on them. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-13 OL-23400-01...
Page 300: Configuring Mstp Features
Default Setting Spanning-tree mode Rapid PVST+ (PVST+ and MSTP are disabled). Switch priority (configurable on a per-CIST port basis) 32768. Spanning-tree port priority (configurable on a per-CIST port basis) 128. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-14 OL-23400-01...
Page 301: Mstp Configuration Guidelines
Partitioning the network into a large number of regions is not recommended. However, if this • situation is unavoidable, we recommend that you partition the switched LAN into smaller LANs interconnected by routers or non-Layer 2 devices. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-15 OL-23400-01...
Page 302: Specifying The Mst Region Configuration And Enabling Mstp
Step 9 Return to privileged EXEC mode. Step 10 show running-config Verify your entries. Step 11 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-16 OL-23400-01...
Page 303: Configuring The Root Switch
The root switch for each spanning-tree instance should be a backbone or distribution switch. Do not configure an access switch as the spanning-tree primary root. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-17 OL-23400-01...
Page 304: Configuring A Secondary Root Switch
You can execute this command on more than one switch to configure multiple backup root switches. Use the same network diameter and hello-time values that you used when you configured the primary root switch with the spanning-tree mst instance-id root primary global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-18 OL-23400-01...
Page 305: Configuring Port Priority
(higher numerical values) that you want selected last. If all interfaces have the same priority value, the MSTP puts the interface with the lowest interface number in the forwarding state and blocks the other interfaces. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-19 OL-23400-01...
Page 306 Otherwise, you can use the show running-config interface privileged EXEC command to confirm the configuration. To return the interface to its default setting, use the no spanning-tree mst instance-id port-priority interface configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-20 OL-23400-01...
Page 307: Configuring Path Cost
Return to privileged EXEC mode. Step 5 show spanning-tree mst interface interface-id Verify your entries. show spanning-tree mst instance-id Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-21 OL-23400-01...
Page 308: Configuring The Switch Priority
(Optional) Save your entries in the configuration file. To return the switch to its default setting, use the no spanning-tree mst instance-id priority global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-22 OL-23400-01...
Page 309: Mstp And Ethernet Flow Points (Efps)
To return the switch to its default setting, use the no spanning-tree mst hello-time global configuration command. Configuring the Forwarding-Delay Time Beginning in privileged EXEC mode, follow these steps to configure the forwarding-delay time for all MST instances. This procedure is optional. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-23 OL-23400-01...
Page 310: Configuring The Maximum-Aging Time
To return the switch to its default setting, use the no spanning-tree mst max-age global configuration command. Configuring the Maximum-Hop Count Beginning in privileged EXEC mode, follow these steps to configure the maximum-hop count for all MST instances. This procedure is optional. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-24 OL-23400-01...
Page 311: Specifying The Link Type To Ensure Rapid Transitions
Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. To return the port to its default setting, use the no spanning-tree link-type interface configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-25 OL-23400-01...
Page 312: Designating The Neighbor Type
EXEC command. To restart the protocol migration process on a specific interface, use the clear spanning-tree detected-protocols interface interface-id privileged EXEC command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-26 OL-23400-01...
Page 313: Displaying The Mst Configuration And Status
Displays MST information for the specified interface. For information about other keywords for the show spanning-tree privileged EXEC command, see the command reference for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-27 OL-23400-01...
Page 314 Chapter 14 Configuring MSTP Displaying the MST Configuration and Status Cisco ME 3800X and 3600X Switch Software Configuration Guide 14-28 OL-23400-01...
Page 315: Configuring Optional Spanning-Tree Features
C H A P T E R Configuring Optional Spanning-Tree Features This chapter describes how to configure optional spanning-tree features on the Cisco ME 3800X and ME 3600X switch. You can configure all of these features when your switch is running per-VLAN spanning-tree plus (PVST+).
Page 316: C H A P T E R 15 Configuring Optional Spanning-Tree Features
At the interface level, you enable BPDU guard on any STP port by using the spanning-tree bpduguard enable interface configuration command without also enabling the Port Fast feature. When the STP port receives a BPDU, it is put in the error-disabled state. Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-2 OL-23400-01...
Page 317: Understanding Bpdu Filtering
(blocked) state to prevent the customer’s switch from becoming the root switch or being in the path to the root. Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-3 OL-23400-01...
Page 318: Understanding Loop Guard
When the switch is operating in MST mode, BPDUs are not sent on nonboundary ports only if the interface is blocked by loop guard in all MST instances. On a boundary port, loop guard blocks the interface in all MST instances. Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-4 OL-23400-01...
Page 319: Configuring Optional Spanning-Tree Features
You can enable this feature if your switch is running PVST+, rapid PVST+, or MSTP. Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-5 OL-23400-01...
Page 320: Enabling Bpdu Guard
Use the BPDU guard feature in a service-provider network to prevent an access port from participating in the spanning tree. Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-6 OL-23400-01...
Page 321: Enabling Bpdu Filtering
Configure Port Fast only on STP ports that connect to end stations; otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operation. Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-7 OL-23400-01...
Page 322: Enabling Etherchannel Guard
Beginning in privileged EXEC mode, follow these steps to enable EtherChannel guard. This procedure is optional. Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 spanning-tree etherchannel guard misconfig Enable EtherChannel guard. Step 3 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-8 OL-23400-01...
Page 323: Enabling Root Guard
Loop guard operates only on STP ports that are considered point-to-point by the spanning tree. You cannot enable both loop guard and root guard at the same time. Note Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-9 OL-23400-01...
Page 324: Displaying The Spanning-Tree Status
You can clear spanning-tree counters by using the clear spanning-tree [interface interface-id] privileged EXEC command. For information about other keywords for the show spanning-tree privileged EXEC command, see the command reference for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide 15-10 OL-23400-01...
Page 325: Chapter 16 Configuring Resilient Ethernet Protocol
C H A P T E R Configuring Resilient Ethernet Protocol This chapter describes how to use Resilient Ethernet Protocol (REP) on the Cisco ME 3800X and ME 3600X switch. REP is a Cisco proprietary protocol that provides an alternative to Spanning Tree Protocol (STP) to control network loops, to respond to link failures, and to improve convergence time.
Page 326 In case of a link failure, the alternate ports are unblocked as quickly as possible. When the failed link comes back up, a logically blocked port per VLAN is selected with minimal disruption to the network. Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-2 OL-23400-01...
Page 327: Link Integrity
When a segment port is coming up, its LSL starts sending packets that include the segment ID and the port ID. The port is declared operational after it performs a three-way handshake with a neighbor in the same segment. Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-3 OL-23400-01...
Page 328: Fast Convergence
By default, REP packets are sent to a BPDU class MAC address. The packets can also be sent to the Cisco multicast address, which is used only to send blocked port advertisement (BPA) messages when there is a failure in the segment. The packets are dropped by devices not running REP.
Page 329 If you change an edge port to a regular segment port, the existing VLAN load balancing status does not change. Configuring a new edge port might cause a new topology configuration. Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-5...
Page 330: Spanning Tree Interaction
Configuring the REP Administrative VLAN, page 16-8 • Configuring REP Interfaces, page 16-9 • • Setting Manual Preemption for VLAN Load Balancing, page 16-13 • Configuring SNMP Traps for REP, page 16-13 Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-6 OL-23400-01...
Page 331: Default Rep Configuration
REP interfaces come up and remain in a blocked state until notified that it is safe to unblock. You need to be aware of this to avoid sudden connection losses. Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-7...
Page 332: Configuring The Rep Administrative Vlan
REP sends all LSL PDUs in untagged frames on the native VLAN. The BPA message sent to the Cisco multicast address is sent on the administration VLAN, which is VLAN 1 by default. You can configure how long a REP interface remains up without receiving a hello from a neighbor.
Page 333: Configuring Rep Interfaces
Layer 2 interface or a port channel (logical interface). The port-channel range is 1 to 26. Step 3 switchport mode trunk Configure the interface as a Layer 2 trunk port. Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-9 OL-23400-01...
Page 334 STCNs. • Enter segment id-list to identify one or more segments to receive STCNs. The range is 1 to 1024. • Enter stp to send STCNs to STP networks. Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-10 OL-23400-01...
Page 335 920 to 10000 ms in 40-ms increments; the default is 5000 ms (5 seconds). Note If the neighbor device is not running Cisco IOS Release 12.2()SE or later, it will only accept values from 3000 to 10000 ms in 500 ms increments.
Page 336 Switch (conf-if)# rep block port 4 vlan 100-200 Switch (conf-if)# end Figure 16-5 Example of VLAN Blocking Primary edge port E1 blocks all VLANs except VLANs 100-200 Alternate port (offset 4) blocks VLANs 100-200 Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-12 OL-23400-01...
Page 337: Setting Manual Preemption For Vlan Load Balancing
To remove the trap, enter the no snmp mib rep trap-rate global configuration command. This example configures the switch to send REP traps at a rate of 10 per second: Switch(config)# snmp mib rep trap-rate 10 Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-13 OL-23400-01...
Page 338: Monitoring Rep
[segment segment_id] Displays REP topology information for a segment [archive] [detail] or for all segments, including the primary and secondary edge ports in the segment. Cisco ME 3800X and 3600X Switch Software Configuration Guide 16-14 OL-23400-01...
Page 339 Address-Table Move Update Feature This chapter describes how to configure Flex Links, a pair of interfaces on the Cisco ME 3800X and ME 3600X switch that are used to provide a mutual backup. It also describes how to configure the MAC address-table move update feature, also referred to as the Flex Links bidirectional fast convergence feature.
Page 340: Understanding Flex Links And The Mac Address-Table Move Update
This way, apart from providing the redundancy, this Flex Link pair can be used for load balancing. Also, Flex Link VLAN load-balancing does not impose any restrictions on uplink switches. Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-2 OL-23400-01...
Page 341: C H A P T E R 17 Configuring Flex Links And The Mac Address-Table Move Update Feature
When the backup link starts forwarding, to achieve faster convergence of multicast data, the downstream switch immediately sends proxy reports for all the learned groups on this port without waiting for a general query. Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-3 OL-23400-01...
Page 342: Leaking Igmp Reports
This output shows a querier for VLANs 1 and 401, with their queries reaching the switch through GigabitEthernet 0/11: Switch# show ip igmp snooping querier Vlan IP Address IGMP Version Port ------------------------------------------------------------- 1.1.1.1 Gi0/11 41.41.41.1 Gi0/11 Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-4 OL-23400-01...
Page 343 This is output for the show ip igmp snooping mrouter command for VLAN 1 and 401: Switch# show ip igmp snooping mrouter Vlan ports ---- ----- Gi0/11(dynamic), Gi0/12(dynamic) Gi0/11(dynamic), Gi0/12(dynamic) Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-5 OL-23400-01...
Page 344: Mac Address-Table Move Update
100 milliseconds (ms). The PC is directly connected to switch A, and the connection status does not change. Switch A does not need to update the PC entry in the MAC address table. Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-6...
Page 345: Configuring Flex Links And Mac Address-Table Move Update
The preemption mode is off. The preemption delay is 35 seconds. Flex Link VLAN load-balancing is not configured. The MAC address-table move update feature is not configured on the switch. Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-7 OL-23400-01...
Page 346: Configuration Guidelines
Flex Link pair with the interface. When one link is forwarding traffic, the other interface is in standby mode. Step 4 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-8 OL-23400-01...
Page 347 Return to privileged EXEC mode. Step 7 show interface [interface-id] switchport backup Verify the configuration. Step 8 copy running-config startup config (Optional) Save your entries in the switch startup configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-9 OL-23400-01...
Page 348: Configuring Vlan Load Balancing On Flex Links
0/6 forwards traffic for VLANs 1 to 50. Switch# show interfaces switchport backup Switch Backup Interface Pairs: Active Interface Backup Interface State ------------------------------------------------------------------------ GigabitEthernet0/6 GigabitEthernet0/8 Active Up/Backup Standby Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-10 OL-23400-01...
Page 349: Configuring The Mac Address-Table Move Update Feature
Mac Address Move Update Vlan : auto Configuring the MAC Address-Table Move Update Feature Configuring a switch to send MAC address-table move updates • Configuring a switch to get MAC address-table move updates • Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-11 OL-23400-01...
Page 350 Rcv packet count : 5 Rcv conforming packet count : 5 Rcv invalid packet count : 0 Rcv packet count this min : 0 Rcv threshold exceed count : 0 Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-12 OL-23400-01...
Page 351: Monitoring Flex Links And The Mac Address-Table Move Update
Flex Links configured on the switch and the state of each active and backup interface (up or standby mode). show mac address-table move update Displays the MAC address-table move update information on the switch. Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-13 OL-23400-01...
Page 352 Chapter 17 Configuring Flex Links and the MAC Address-Table Move Update Feature Monitoring Flex Links and the MAC Address-Table Move Update Cisco ME 3800X and 3600X Switch Software Configuration Guide 17-14 OL-23400-01...
Page 353: Configuring Igmp Snooping
For complete syntax and usage information for the commands used in this chapter, see the switch Note command reference for this release and the “IP Multicast Routing Commands” section in the Cisco IOS IP Command Reference, Volume 3 of 3:Multicast, Release 12.2.
Page 354: Chapter 18 Configuring Igmp Snooping
An IGMPv3 switch can receive messages from and forward messages to a device running the Source Specific Multicast (SSM) feature. For more information about source-specific multicast with IGMPv3 and IGMP, see this URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/dtssm5t.htm Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-2 OL-23400-01...
Page 355 The information in the table tells the switching engine to send frames addressed to the 224.1.2.3 multicast IP address that are not IGMP packets to the router and to the host that has joined the group. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-3...
Page 356: Leaving A Multicast Group
When the switch receives a leave message from a host, it sends a group-specific query to learn if any other devices connected to that interface are interested in traffic for the specific multicast group. The Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-4...
Page 357: Immediate Leave
IGMPv2, and IGMPv3 reports for a group to the multicast devices. If you disable IGMP report suppression, all IGMP reports are forwarded to the multicast routers. For configuration steps, see the “Disabling IGMP Report Suppression” section on page 18-12. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-5 OL-23400-01...
Page 358: Configuring Igmp Snooping
Beginning in privileged EXEC mode, follow these steps to globally enable IGMP snooping on the switch: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 ip igmp snooping Globally enable IGMP snooping in all existing VLAN interfaces. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-6 OL-23400-01...
Page 359: Configuring A Multicast Router Port
[vlan vlan-id] Verify that IGMP snooping is enabled on the VLAN interface. Step 5 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-7 OL-23400-01...
Page 360: Configuring A Host Statically To Join A Group
IGMP Version 2 leave message on that port. You should only use the Immediate-Leave feature when there is a single receiver present on every port in the VLAN. Immediate Leave is supported only on IGMP Version 2 hosts. Note Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-8 OL-23400-01...
Page 361: Configuring The Igmp Leave Timer
Return to privileged EXEC mode. Step 5 show ip igmp snooping (Optional) Display the configured IGMP leave time. Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-9 OL-23400-01...
Page 362: Configuring Tcn-Related Commands
When the router receives this special leave, it immediately Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-10...
Page 363: Disabling Multicast Flooding During A Tcn Event
Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. To re-enable multicast flooding on an interface, use the ip igmp snooping tcn flood interface configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-11 OL-23400-01...
Page 364: Disabling Igmp Report Suppression
• command options instead of the actual entries. dynamic—Display entries learned through IGMP snooping. • user—Display only the user-configured multicast entries. • Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-12 OL-23400-01...
Page 365: Configuring Igmp Filtering And Throttling
It does not control general IGMP queries. IGMP filtering has no relationship with the function that directs the forwarding of IP multicast traffic. The filtering feature operates in the same manner whether IGMP or MVR is used to forward the multicast traffic. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-13 OL-23400-01...
Page 366: Default Igmp Filtering And Throttling Configuration
Specifies that matching addresses are denied; this is the default. • exit: Exits from igmp-profile configuration mode. • • no: Negates a command or returns to its defaults. • permit: Specifies that matching addresses are permitted. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-14 OL-23400-01...
Page 367: Applying Igmp Profiles
IGMP profiles to routed ports or SVIs. You cannot apply profiles to ports that belong to an EtherChannel port group. You can apply a profile to multiple interfaces, but each interface can have only one profile applied to it. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-15 OL-23400-01...
Page 368: Setting The Maximum Number Of Igmp Groups
Step 4 Return to privileged EXEC mode. Step 5 show running-config interface Verify the configuration. interface-id Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-16 OL-23400-01...
Page 369: Configuring The Igmp Throttling Action
• replace—Replace the existing group with the new group for which • the IGMP report was received. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-17 OL-23400-01...
Page 370: Displaying Igmp Filtering And Throttling Configuration
Displays the configuration of the specified interface or the configuration of all interfaces interface-id] on the switch, including (if configured) the maximum number of IGMP groups to which an interface can belong and the IGMP profile applied to the interface. Cisco ME 3800X and 3600X Switch Software Configuration Guide 18-18 OL-23400-01...
Page 371: Configuring Traffic Control
C H A P T E R Configuring Traffic Control This chapter describes how to configure the traffic control features on the Cisco ME 3800X and ME 3600X switch. For complete syntax and usage information for the commands used in this chapter, see the command Note reference for this release.
Page 372 When the storm control threshold for multicast traffic is reached, all multicast traffic except control Note traffic, such as bridge protocol data unit (BDPU) and Cisco Discovery Protocol (CDP) frames, are blocked. However, the switch does not differentiate between routing updates, such as OSPF, and regular multicast data traffic, so both types of traffic are blocked.
Page 373: C H A P T E R 19 Configuring Traffic Control
Enter global configuration mode. Step 2 interface interface-id Specify the type and number of the physical interface to configure, for example gigabitethernet0/1, and enter interface configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-3 OL-23400-01...
Page 374 If you do not enter a traffic type, broadcast storm control settings are displayed. Step 7 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-4 OL-23400-01...
Page 375: Configuring Port Blocking
You cannon configure port blocking on an interface that has a service instance configured. Note Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-5 OL-23400-01...
Page 376: Configuring Evc Mac Security
EFP attempts to access another secure EFP, a violation is flagged. These sections contain this conceptual and configuration information: • Understanding MAC Security, page 19-7 • Default EVC MAC Security Configuration, page 19-8 Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-6 OL-23400-01...
Page 377: Understanding Mac Security
MAC address is not in the address table attempts to access the EFP. • An address learned or configured on one secure EFP is seen on another secure EFP in the same bridge domain. Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-7 OL-23400-01...
Page 378: Default Evc Mac Security Configuration
Violation mode Shutdown. The service instance shuts down when the maximum number of secure MAC addresses is exceeded. MAC security aging Disabled. Aging time is 0. Static aging is disabled. Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-8 OL-23400-01...
Page 379: Mac Address Security Guidelines
EFP is allowed because no violation occurs. Enabling and Configuring EVC MAC Security For detailed information about the commands, see the Cisco IOS Carrier Ethernet Command Reference http://www.cisco.com/en/US/docs/ios/cether/command/reference/ce_book.html Beginning in privileged EXEC mode, follow these steps to configure MAC security on an EFP:...
Page 380 MAC addresses or increase the number of maximum allowable addresses. An SNMP trap is sent, a syslog message is logged, and the violation counter increments. Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-10 OL-23400-01...
Page 381 Switch (config-if-srv)# mac security sticky Switch (config-if-srv)# end You can verify the previous commands by entering the show ethernet service instance number interface interface-id mac security privileged EXEC command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-11 OL-23400-01...
Page 382: Displaying Traffic Control Settings
Displays storm control suppression levels set on all interfaces or the multicast | unicast] specified interface for the specified traffic type or for broadcast traffic if no traffic type is entered. Cisco ME 3800X and 3600X Switch Software Configuration Guide 19-12 OL-23400-01...
Page 383: Chapter 20 Configuring Cdp
Monitoring and Maintaining CDP, page 20-5 Understanding CDP CDP is a device discovery protocol that runs over Layer 2 (the data link layer) on all Cisco-manufactured devices (routers, bridges, access servers, and switches) and allows network management applications to discover Cisco devices that are neighbors of already known devices. With CDP, network management applications can learn the device type and the Simple Network Management Protocol (SNMP) agent address of neighboring devices running lower-layer, transparent protocols.
Page 384: Default Cdp Configuration
The range is 10 to 255 seconds; the default is 180 seconds. Step 4 cdp advertise-v2 (Optional) Configure CDP to send Version-2 advertisements. This is the default state. Step 5 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 20-2 OL-23400-01...
Page 385: Disabling And Enabling Cdp
20-5. Disabling and Enabling CDP CDP is enabled by default. Cisco devices (such as Cisco IP Phones) regularly exchange CDP messages with connected devices. Note Disabling CDP can interrupt device connectivity. Beginning in privileged EXEC mode, follow these steps to globally disable the CDP device discovery...
Page 386: Disabling And Enabling Cdp On An Interface
See the “Configuring Ethernet Virtual Connections (EVCs)” chapter for more information on EFPs. Cisco ME 3800X and 3600X Switch Software Configuration Guide 20-4 OL-23400-01...
Page 387: Monitoring And Maintaining Cdp
You can limit the display to neighbors of a specific interface or expand the display to provide more detailed information. show cdp traffic Display CDP counters, including the number of packets sent and received and checksum errors. Cisco ME 3800X and 3600X Switch Software Configuration Guide 20-5 OL-23400-01...
Page 388 Chapter 20 Configuring CDP Monitoring and Maintaining CDP Cisco ME 3800X and 3600X Switch Software Configuration Guide 20-6 OL-23400-01...
Page 389: Chapter 21 Configuring Lldp And Lldp-Med
• Understanding LLDP The Cisco Discovery Protocol (CDP) is a device discovery protocol that runs over Layer 2 (the data link layer) on all Cisco-manufactured devices (routers, bridges, access servers, and switches). CDP allows network management applications to automatically discover and learn about other Cisco devices connected to the network.
Page 390: Understanding Lldp-Med
– Civic location information Provides the civic address information and postal information. Examples of civic location information are street address, road name, and postal community name information. Cisco ME 3800X and 3600X Switch Software Configuration Guide 21-2 OL-23400-01...
Page 391: Configuring Lldp And Lldp-Med
You can configure the frequency of LLDP updates, the amount of time to hold the information before discarding it, and the initialization delay time. You can also select the LLDP and LLDP-MED TLVs to be sent and received. Cisco ME 3800X and 3600X Switch Software Configuration Guide 21-3 OL-23400-01...
Page 392: Disabling And Enabling Lldp Globally
Beginning in privileged EXEC mode, follow these steps to globally disable LLDP: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 no lldp run Disable LLDP. Step 3 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 21-4 OL-23400-01...
Page 393: Disabling And Enabling Lldp On An Interface
Specify the interface on which you are enabling LLDP, and enter interface configuration mode. Step 3 lldp transmit LLDP packets are sent on the interface. Step 4 lldp receive LLDP packets are received on the interface. Cisco ME 3800X and 3600X Switch Software Configuration Guide 21-5 OL-23400-01...
Page 394: Configuring Lldp-Med Tlvs
Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface-id Specify the interface on which you are configuring an LLDP-MED TLV, and enter interface configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 21-6 OL-23400-01...
Page 395: Lldp And Ethernet Flow Points (Efps)
[interface-id] Display information about interfaces where LLDP is enabled. You can limit the display to the interface about which you want information. Cisco ME 3800X and 3600X Switch Software Configuration Guide 21-7 OL-23400-01...
Page 396 You can limit the display to neighbors of a specific interface or expand the display to provide more detailed information. show lldp traffic Display LLDP counters, including the number of packets sent and received, number of packets discarded, and number of unrecognized TLVs. Cisco ME 3800X and 3600X Switch Software Configuration Guide 21-8 OL-23400-01...
Page 397: Chapter 22 Configuring Udld
A unidirectional link occurs whenever traffic sent by a local device is received by its neighbor but traffic from the neighbor is not received by the local device. Cisco ME 3800X and 3600X Switch Software Configuration Guide 22-1 OL-23400-01...
Page 398: Methods To Detect Unidirectional Links
Because this behavior is the same on all UDLD neighbors, the sender of the echoes expects to receive an echo in reply. Cisco ME 3800X and 3600X Switch Software Configuration Guide 22-2 OL-23400-01...
Page 399: Configuring Udld
Enabling UDLD Globally, page 22-5 Enabling UDLD on an Interface, page 22-5 • Resetting an Interface Disabled by UDLD, page 22-6 • UDLD and Ethernet Flow Points (EFPs), page 22-6 • Cisco ME 3800X and 3600X Switch Software Configuration Guide 22-3 OL-23400-01...
Page 400: Default Udld Configuration
Caution Loop guard works only on point-to-point links. We recommend that each end of the link has a directly connected device that is running STP. Cisco ME 3800X and 3600X Switch Software Configuration Guide 22-4 OL-23400-01...
Page 401: Enabling Udld Globally
UDLD on a port: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface-id Specify the port to be enabled for UDLD, and enter interface configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 22-5 OL-23400-01...
Page 402: Resetting An Interface Disabled By Udld
See the “Configuring Ethernet Virtual Connections (EVCs)” chapter for more information on EFPs. Cisco ME 3800X and 3600X Switch Software Configuration Guide 22-6 OL-23400-01...
Page 403: Displaying Udld Status
To display the UDLD status for the specified port or for all ports, use the show udld [interface-id] privileged EXEC command. For detailed information about the fields in the command output, see the command reference for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide 22-7 OL-23400-01...
Page 404 Chapter 22 Configuring UDLD Displaying UDLD Status Cisco ME 3800X and 3600X Switch Software Configuration Guide 22-8 OL-23400-01...
Page 405: Configuring Rmon
C H A P T E R Configuring RMON This chapter describes how to configure Remote Network Monitoring (RMON) on the Cisco ME 3800X and ME 3600X switch. RMON is a standard monitoring specification that defines a set of statistics and functions that can be exchanged between RMON-compliant console systems and network probes.
Page 406: Chapter 23 Configuring Rmon
Because switches supported by this software release use hardware counters for RMON data processing, the monitoring is more efficient, and little processing power is required. Note 64-bit counters are not supported for RMON alarms. Cisco ME 3800X and 3600X Switch Software Configuration Guide 23-2 OL-23400-01...
Page 407: Configuring Rmon
(Optional) For event-number, specify the event number to trigger when the rising or falling threshold exceeds its limit. • (Optional) For owner string, specify the owner of the alarm. Cisco ME 3800X and 3600X Switch Software Configuration Guide 23-3 OL-23400-01...
Page 408 This example also generates an SNMP trap when the event is triggered. Switch(config)# rmon event 1 log trap eventtrap description "High ifOutErrors" owner jjones Cisco ME 3800X and 3600X Switch Software Configuration Guide 23-4 OL-23400-01...
Page 409: Collecting Group History Statistics On An Interface
This procedure is optional. Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface-id Specify the interface on which to collect statistics, and enter interface configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 23-5 OL-23400-01...
Page 410: Displaying Rmon Status
Displays the RMON statistics table. For information about the fields in these displays, see the “System Management Commands” section in the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2. Cisco ME 3800X and 3600X Switch Software Configuration Guide 23-6...
Page 411: Configuring System Message Logging
C H A P T E R Configuring System Message Logging This chapter describes how to configure system message logging on the Cisco ME 3800X and ME 3600X switch. For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS Note Configuration Fundamentals Command Reference, Release 12.2.
Page 412: Configuring System Message Logging
(long uptime) facility The facility to which the message refers (for example, SNMP, SYS, and so forth). For a list of supported facilities, see Table 24-4 on page 24-13. Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-2 OL-23400-01...
Page 413: Default System Message Logging Configuration
Message logging is enabled by default. It must be enabled to send messages to any destination other than the console. When enabled, log messages are sent to a logging process, which logs messages to designated locations asynchronously to the processes that generated the messages. Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-3 OL-23400-01...
Page 414: Setting The Message Display Destination Device
EXEC command to view the free processor memory on the switch. However, this value is the maximum available, and the buffer size should not be set to this amount. Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-4 OL-23400-01...
Page 415: Synchronizing Log Messages
Unsolicited messages and debug command output appears on the console after the prompt for user input Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-5...
Page 416 (Optional) Save your entries in the configuration file. To disable synchronization of unsolicited messages and debug output, use the no logging synchronous [level severity-level | all] [limit number-of-buffers] line configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-6 OL-23400-01...
Page 417: Enabling And Disabling Time Stamps On Log Messages
Enable sequence numbers. Step 3 Return to privileged EXEC mode. Step 4 show running-config Verify your entries. Step 5 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-7 OL-23400-01...
Page 418: Defining The Message Severity Level
To disable logging to syslog servers, use the no logging trap global configuration command. Table 24-3 describes the level keywords. It also lists the corresponding UNIX syslog definitions from the most severe level to the least severe level. Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-8 OL-23400-01...
Page 419: Limiting Syslog Messages Sent To The History Table And To Snmp
Change the default level of syslog messages stored in the history file and sent to the SNMP server. Table 24-3 on page 24-9 for a list of level keywords. By default, warnings, errors, critical, alerts, and emergencies messages are sent. Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-9 OL-23400-01...
Page 420: Enabling The Configuration-Change Logger
[end-number] | statistics} [provisioning] privileged EXEC command to display the complete configuration log or the log for specified parameters. The default is that configuration logging is disabled. For information about the commands, see the Cisco IOS Configuration Fundamentals and Network Management Command Reference, Release 12.4 at this URL: http://www.cisco.com/en/US/docs/ios/fundamentals/configuration/guide/12_4/cf_12_4_book.html...
Page 421: Configuring Unix Syslog Servers
Add a line such as the following to the file /etc/syslog.conf: Step 1 cisco.log local7.debug /usr/adm/logs/ Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-11 OL-23400-01...
Page 422: Configuring The Unix System Logging Facility
IP address. To disable logging to syslog servers, enter the no logging trap global configuration command. Table 24-4 lists the UNIX system facilities supported by the software. For more information about these facilities, consult the operator’s manual for your UNIX operating system. Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-12 OL-23400-01...
Page 423: Displaying The Logging Configuration
Displaying the Logging Configuration To display the logging configuration and the contents of the log buffer, use the show logging privileged EXEC command. For information about the fields in this display, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2.
Page 424 Chapter 24 Configuring System Message Logging Displaying the Logging Configuration Cisco ME 3800X and 3600X Switch Software Configuration Guide 24-14 OL-23400-01...
Page 425: Configuring Snmp
Cisco IOS Network Management Command Reference, Release 12.4 from the Cisco.com page at this URL: http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_book.html For commands for MIB bulk statistics data collection and process MIB configuration, see the Cisco IOS Commands Master List, Release 12.4, at this URL: http://www.cisco.com/en/US/products/ps6350/products_product_indices_list.html •...
Page 426: Chapter 25 Configuring Snmp
A combination of the security level and the security model determine which security mechanism is used when handling an SNMP packet. Available security models are SNMPv1, SNMPv2C, and SNMPv3. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-2 OL-23400-01...
Page 427: Snmp Manager Functions
1. With this operation, an SNMP manager does not need to know the exact variable name. A sequential search is performed to find the needed variable from within a table. 2. The get-bulk command only works with SNMPv2 or later. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-3 OL-23400-01...
Page 428: Snmp Agent Functions
SNMP Network Get-request, Get-next-request, Network device Get-bulk, Set-request Get-response, traps SNMP Agent SNMP Manager For information on supported MIBs and how to access them, see Appendix A, “Supported MIBs.” Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-4 OL-23400-01...
Page 429: Snmp Notifications
Physical (such as Gigabit Ethernet or SFP -module interfaces) 10000–14500 Null 14501 1. SVI = switch virtual interface 2. SFP = small form-factor pluggable Note The switch might not use sequential values within a range. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-5 OL-23400-01...
Page 430: Mib Data Collection And Transfer
Limiting TFTP Servers Used Through SNMP, page 25-17 • Configuring MIB Data Collection and Transfer, page 25-18 • Configuring the Cisco Process MIB CPU Threshold Table, page 25-20 • • Configuring MIB Data Collection and Transfer, page 25-18 Cisco ME 3800X and 3600X Switch Software Configuration Guide...
Page 431: Default Snmp Configuration
Modifying the group's notify view affects all users associated with that group. See the Cisco IOS Configuration Fundamentals Command Reference for information about when you should configure notify views.
Page 432: Disabling The Snmp Agent
The no snmp-server global configuration command disables all running versions (Version 1, Version 2C, and Version 3) on the device. No specific Cisco IOS command exists to enable SNMP. The first snmp-server global configuration command that you enter enables all versions of SNMP.
Page 433 To disable access for an SNMP community, set the community string for that community to the null string (do not enter a value for the community string). To remove a specific community string, use the no snmp-server community string global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-9 OL-23400-01...
Page 434: Configuring Snmp Groups And Users
If you select remote, specify the ip-address of the device that • contains the remote copy of SNMP and the optional User Datagram Protocol (UDP) port to use for storing data on the remote device. The default is 162. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-10 OL-23400-01...
Page 435 • (Optional) Enter access access-list with a string (not to exceed 64 characters) that is the name of the access list. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-11 OL-23400-01...
Page 436: Configuring Snmp Notifications
A trap manager is a management station that receives and processes traps. Traps are system alerts that the switch generates when certain events occur. By default, no trap manager is defined, and no traps are sent. Switches can have an unlimited number of trap managers. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-12 OL-23400-01...
Page 437 Generates a trap for Open Shortest Path First (OSPF) changes. You can enable any or all of these traps: Cisco specific, errors, link-state advertisement, rate limit, retransmit, and state changes. Generates a trap for Protocol-Independent Multicast (PIM) changes. You can enable any or all of these traps: invalid PIM messages, neighbor changes, and rendezvous point (RP)-mapping changes.
Page 438 Step 4 snmp-server group groupname {v1 | Configure an SNMP group. v2c | v3 {auth | noauth | priv}} [read readview] [write writeview] [notify notifyview] [access access-list] Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-14 OL-23400-01...
Page 439 1000; the default is 30 seconds. Step 10 Return to privileged EXEC mode. Step 11 show running-config Verify your entries. Step 12 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-15 OL-23400-01...
Page 440: Setting The Cpu Threshold Notification Types And Values
To display SNMPv3 information about auth | noauth | priv mode configuration, you must enter the show snmp user privileged EXEC command. Step 5 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-16 OL-23400-01...
Page 441: Setting The Agent Contact And Location Information
Place ones in the bit positions that you want to ignore. Recall that the access list is always terminated by an implicit deny statement for everything. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-17 OL-23400-01...
Page 442: Configuring Mib Data Collection And Transfer
Enter an interface interface-id to specify an interface ID • instead of an instance OID. • Enter oid oid to specify an instance OID for the schema. Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-18 OL-23400-01...
Page 443 (Optional) Specify how long the bulk-statistics file should be kept in system memory. The valid range is 0 to 20000 minutes; the default is 0 (the file is deleted immediately after a successful transfer). Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-19 OL-23400-01...
Page 444: Configuring The Cisco Process Mib Cpu Threshold Table
Configuring the Cisco Process MIB CPU Threshold Table You can use the CLI to configure the Cisco Process MIB CPU threshold table. For commands for configuring the Cisco Process MIB CPU threshold table, see the Cisco IOS Note Commands Master List, Release 12.4, at this URL at this URL: http://www.cisco.com/en/US/products/ps6350/products_product_indices_list.html...
Page 445: Snmp Examples
Switch(config)# snmp-server host cisco.com version 2c public This example shows how to send Entity MIB traps to the host cisco.com. The community string is restricted. The first line enables the switch to send Entity MIB traps in addition to any traps previously enabled.
Page 446 Configuring SNMP Configuring SNMP Switch(config)# snmp-server host cisco.com restricted entity This example shows how to enable the switch to send all traps to the host myhost.cisco.com using the community string public: Switch(config)# snmp-server enable traps Switch(config)# snmp-server host myhost.cisco.com public...
Page 447: Displaying Snmp Status
EXEC command. You also can use the other privileged EXEC commands in Table 25-6 to display SNMP information. For information about the fields in the displays, see the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2. Table 25-6 Commands for Displaying SNMP Information...
Page 448 Chapter 25 Configuring SNMP Displaying SNMP Status Cisco ME 3800X and 3600X Switch Software Configuration Guide 25-24 OL-23400-01...
Page 449: Understanding Acls
C H A P T E R Configuring Network Security with ACLs This chapter describes how to configure network security on the Cisco ME 3800X and 3600X switch by using access control lists (ACLs), which are also referred to in commands and tables as access lists.
Page 450: Supported Acls
When both an input port ACL and a VLAN map are applied, incoming packets received on ports • with a port ACL applied are filtered by the port ACL. Other packets are filtered by the VLAN map Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-2 OL-23400-01...
Page 451: C H A P T E R 26 Configuring Network Security With Acls
Layer 2 input would allow Host A to access the Human Resources network, but prevent Host B from accessing the same network. Port ACLs can only be applied to Layer 2 interfaces in the inbound direction. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-3 OL-23400-01...
Page 452: Router Acls
• Standard IP access lists use source addresses for matching operations. • Extended IP access lists use source and destination addresses and optional protocol type information for matching operations. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-4 OL-23400-01...
Page 453: Vlan Maps
Layer 4 information, such as TCP or UDP port numbers, ICMP type and code, and so on. All other fragments are missing this information. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-5...
Page 454: Configuring Ipv4 Acls
ACEs were checking different hosts. Configuring IPv4 ACLs Configuring IP v4ACLs on the switch is the same as configuring IPv4 ACLs on other Cisco switches and routers. The process is briefly described here. For more detailed information on configuring ACLs, see the “Configuring IP Services”...
Page 455: Creating Standard And Extended Ipv4 Acls
Resequencing ACEs in an ACL, page 26-14 • Creating Named Standard and Extended ACLs, page 26-14 • • Using Time Ranges with ACLs, page 26-16 • Including Comments in ACLs, page 26-18 Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-7 OL-23400-01...
Page 456: Ipv4 Access List Numbers
Because routing is done in hardware and logging is done in software, if a large number of packets match a permit or deny ACE containing a log keyword, the software might not be able to match the hardware processing rate, and not all packets will be logged. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-8 OL-23400-01...
Page 457: Creating A Numbered Standard Acl
With standard access lists, if you omit the mask from an associated IP host address ACL specification, 0.0.0.0 is assumed to be the mask. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-9 OL-23400-01...
Page 458: Creating A Numbered Extended Acl
For more details on the specific keywords for each protocol, see these command references: • Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services, Release 12.2 • Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2 •...
Page 459 DSCP value specified by a number • from 0 to 63, or use the question mark (?) to see a list of available values. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-11 OL-23400-01...
Page 460 TCP port. To see TCP port names, use the ? or see the “Configuring IP Services” section in the “IP Addressing and Services” chapter of the Cisco IOS IP Configuration Guide, Release 12.2. Use only TCP port numbers or names when filtering TCP.
Page 461 ICMP message type and code name. To see a list of ICMP message type names and code names, use the ?, or see the “Configuring IP Services” section of the Cisco IOS IP Configuration Guide, Release 12.2. Step access-list access-list-number (Optional) Define an extended IGMP access list and the access conditions.
Page 462: Resequencing Aces In An Acl
Define a standard IPv4 access list using a name, and enter access-list configuration mode. The name can be a number from 1 to 99. Note Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-14 OL-23400-01...
Page 463 After you create an ACL, any additions are placed at the end of the list. You cannot selectively add ACL entries to a specific ACL. However, you can use no permit and no deny access-list configuration mode commands to remove entries from a named ACL. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-15 OL-23400-01...
Page 464: Using Time Ranges With Acls
Assign a meaningful name (for example, workhours) to the time range to be created, and enter time-range configuration mode. The name cannot contain a space or quotation mark and must begin with a letter. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-16 OL-23400-01...
Page 465 Switch# show ip access-lists Extended IP access list deny_access 10 deny tcp any any time-range new_year_day_2006 (inactive) Extended IP access list may_access 10 permit tcp any any time-range workhours (inactive) Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-17 OL-23400-01...
Page 466: Including Comments In Acls
The range is from 0 to 16. Step 3 access-class access-list-number Restrict incoming and outgoing connections between a particular virtual {in | out} terminal line (into a device) and the addresses in an access list. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-18 OL-23400-01...
Page 467: Applying An Ipv4 Acl To An Interface
Step 4 Return to privileged EXEC mode. Step 5 show running-config Display the access list configuration. Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-19 OL-23400-01...
Page 468: Hardware And Software Treatment Of Ip Acls
If router ACL configuration cannot be applied in hardware, packets arriving in a VLAN that must be routed are routed in software. If ACLs cause large numbers of packets to be sent to the CPU, the switch performance can be negatively affected. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-20 OL-23400-01...
Page 469: Troubleshooting Acls
5 60 permit tcp source source-wildcard destination destination-wildcard range 15 160 permit tcp source source-wildcard destination destination-wildcard range 115 1660 Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-21 OL-23400-01...
Page 470: Ipv4 Acl Configuration Examples
This section provides examples of configuring and applying IPv4 ACLs. For detailed information about compiling ACLs, see the Cisco IOS Security Configuration Guide, Release 12.2 and to the Configuring IP Services” section in the “IP Addressing and Services” chapter of the Cisco IOS IP Configuration Guide, Release 12.2.
Page 471: Numbered Acls
Internet. However, you do not want IP hosts to be able to form TCP connections to hosts on your network, except to the mail (SMTP) port of a dedicated mail host. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-23...
Page 472: Named Acls
6:00 p.m (18:00). The example allows UDP traffic only on Saturday and Sunday from noon to 8:00 p.m. (20:00). Switch(config)# time-range no-http Switch(config)# periodic weekdays 8:00 to 18:00 Switch(config)# time-range udp-yes Switch(config)# periodic weekend 12:00 to 20:00 Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-24 OL-23400-01...
Page 473: Commented Ip Acl Entries
Console logging: level debugging, 37 messages logged Monitor logging: level debugging, 0 messages logged Buffer logging: level debugging, 37 messages logged File logging: disabled Trap logging: level debugging, 39 message lines logged Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-25 OL-23400-01...
Page 474: Creating Named Mac Extended Acls
You cannot apply named MAC extended ACLs to Layer 3 interfaces or to Layer 2 interfaces configured with service instances. For more information about the supported non-IP protocols in the mac access-list extended command, see the command reference for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-26 OL-23400-01...
Page 475 Switch(config-ext-macl)# deny any any decnet-iv Switch(config-ext-macl)# permit any any Switch(config-ext-macl)# end Switch # show access-lists Extended MAC access list mac1 10 deny any any decnet-iv 20 permit any any Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-27 OL-23400-01...
Page 476: Applying A Mac Acl To A Layer 2 Interface
ACL to an interface, the switch acts as if the ACL has not been applied and permits all packets. Remember this behavior if you use undefined ACLs for network security. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-28...
Page 477: Configuring Vlan Maps
A packet that comes into the switch is tested against the first entry in the VLAN map. If it matches, the action specified for that part of the VLAN map is taken. If there is no match, the packet is tested against the next entry in the map. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-29 OL-23400-01...
Page 478: Creating A Vlan Map
Use the no vlan access-map name number global configuration command to delete a single sequence entry from within the map. Use the no action access-map configuration command to enforce the default action, which is to forward. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-30 OL-23400-01...
Page 479: Examples Of Acls And Vlan Maps
Switch(config-ext-nacl)# permit tcp any any Switch(config-ext-nacl)# exit Switch(config)# vlan access-map drop-ip-default 10 Switch(config-access-map)# match ip address 101 Switch(config-access-map)# action forward Switch(config-access-map)# exit Switch(config)# vlan access-map drop-ip-default 20 Switch(config-access-map)# match ip address igmp-match Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-31 OL-23400-01...
Page 480 Drop all other MAC packets Switch(config)# vlan access-map drop-all-default 10 Switch(config-access-map)# match ip address tcp-match Switch(config-access-map)# action forward Switch(config-access-map)# exit Switch(config)# vlan access-map drop-all-default 20 Switch(config-access-map)# match mac address good-hosts Switch(config-access-map)# action forward Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-32 OL-23400-01...
Page 481: Applying A Vlan Map To A Vlan
Host X to Host Y is eventually being routed by Switch B, a Layer 3 switch with routing enabled. Traffic from Host X to Host Y can be access-controlled at the traffic entry point, Switch A. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-33...
Page 482: Denying Access To A Server On Another Vlan
(see Figure 26-5): Hosts in subnet 10.1.2.0/8 in VLAN 20 should not have access. • Hosts 10.1.1.4 and 10.1.1.8 in VLAN 10 should not have access. • Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-34 OL-23400-01...
Page 483: Using Vlan Maps With Router Acls
When you use router ACLs with VLAN maps, packets that require logging on the router ACLs are not Note logged if they are denied by a VLAN map. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-35 OL-23400-01...
Page 484: Vlan Maps And Router Acl Configuration Guidelines
If you need to specify the full-flow mode and the ACL contains both IP ACEs and TCP/UDP/ICMP ACEs with Layer 4 information, put the Layer 4 ACEs at the end of the list. This gives priority to the filtering of traffic based on IP addresses. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-36 OL-23400-01...
Page 485: Examples Of Router Acls And Vlan Maps Applied To Vlans
ACLs are applied on routed packets. For routed packets, the ACLs are applied in this order: VLAN map for input VLAN Input router ACL Output router ACL VLAN map for output VLAN Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-37 OL-23400-01...
Page 486: Acls And Multicast Packets
Applying ACLs on Multicast Packets Input Output VLAN 10 router router VLAN 20 Frame Host A Host B (VLAN 10) (VLAN 20) Routing function Host C (VLAN 10) VLAN 10 VLAN 20 Packet Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-38 OL-23400-01...
Page 487: Displaying Ipv4 Acl Configuration
Shows information about all VLAN access-maps or the specified access map. show vlan filter [access-map name | vlan vlan-id] Shows information about all VLAN filters or about a specified VLAN or VLAN access map. Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-39 OL-23400-01...
Page 488 Chapter 26 Configuring Network Security with ACLs Displaying IPv4 ACL Configuration Cisco ME 3800X and 3600X Switch Software Configuration Guide 26-40 OL-23400-01...
Page 489: Configuring Qos
Configuring QoS, page 27-24 • Displaying QoS Information, page 27-57 For more information about Cisco IOS MQC commands, see the “Cisco IOS Quality of Service Solutions Command Reference:” http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_book.html For complete syntax and usage information for the platform-specific commands used in this chapter, see the command reference for this release.
Page 490: Understanding Qos
See the “Congestion Avoidance and Queuing” section on page 27-15. This section includes information about these topics: Modular QoS CLI Configuration, page 27-3 • Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-2 OL-23400-01...
Page 491: Chapter 27 Configuring Qo
A traffic class—Use the class policy-map configuration command to enter the name of the traffic • class used to classify traffic to the specified policy, and enter policy-map class configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-3 OL-23400-01...
Page 492: Hierarchical Qos
Modify the traffic class by setting Layer 2 and Layer 3 QoS fields by using the set commands. Configure scheduling by using the bandwidth or the priority command. – Configure traffic shaping by using the shape command. – Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-4 OL-23400-01...
Page 493: Classification
DSCP values are backward-compatible with IP precedence values. IP precedence values range from 0 to 7. DSCP values range from 0 to 63. MPLS EXP values range from 0 to 7. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-5 OL-23400-01...
Page 494: The Match Command
The match-all keyword is supported only for outer and inner VLAN, or outer and inner CoS matches Note for QinQ packets and is rejected for all other mutually exclusive match criteria. You can configure only one match entry in a match-all class map Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-6 OL-23400-01...
Page 495: Classification Based On Layer 2 Cos
AF classes: AF11-13 (the highest), AF21-23, AF31-33, and AF41-43 (the lowest). Each AF class could be allocated a specific amount of buffer space and drop probabilities, specified by Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-7 OL-23400-01...
Page 496: Cos Mapping
S-VLAN-ID. For example, in 802.1Q tunnels, entering a set cos command changes only the CoS value of the outer tag of the encapsulated packet. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-8...
Page 497: Ingress Classification Based On Qos Acls
“Using ACLs to Classify Traffic” section on page 27-28 for more specific information. When you define a class map with the ACL, you can add the class to a policy. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-9 OL-23400-01...
Page 498: Classification Based On Qos Groups
EXP bits, but the packet remains unmodified. You match the EXP bits on input, set a QoS group, and then match that QoS group on output to obtain the required QoS behavior. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-10 OL-23400-01...
Page 499: Classification Based On Discard Class
MPLS experimental field. The IP header remains available for the customer’s use, and the QoS of an IP packet is not changed as the packet travels through the MPLS network. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-11...
Page 500 On output, the match is performed on the final packet after all label operations are performed. See the “Configuring MPLS and EoMPLS QoS” section on page 27-53. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-12 OL-23400-01...
Page 501: Policing
(conform-action) and above the limits (exceed-action). If you do not specify burst size (bc), the system calculates an appropriate burst size value. The calculated value is appropriate for most applications. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-13 OL-23400-01...
Page 502: Marking
QoS domain so that other QoS functions can use the marking information to judge the relative and absolute importance of the packet. The marking function can use information from the policing function or directly from the classification function. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-14 OL-23400-01...
Page 503: Congestion Avoidance And Queuing
600 microseconds. Traffic up to 400 microseconds can be queued at the 40-percent threshold, up to 600 microseconds at the 60-percent threshold, and up to 1000 microseconds at the 100-percent threshold. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-15 OL-23400-01...
Page 504 A large buffer (queue limit) can better accommodate bursty traffic without packet loss, but at the • cost of increased latency. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-16 OL-23400-01...
Page 505: Congestion Management And Scheduling
These sections contain additional information about scheduling: • Traffic Shaping, page 27-18 Class-Based Weighted Fair Queuing, page 27-19 • Priority Queuing, page 27-20 • Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-17 OL-23400-01...
Page 506: Traffic Shaping
This is an example of a parent-child configuration: Switch(config)# policy-map parent Switch(config-pmap)# class class-default Switch(config-pmap-c)# shape average 50000000 Switch(config-pmap-c)# service-policy child Switch(config-pmap-c)# exit Switch(config-pmap)# exit Switch(config)# interface gigabitthernet0/1 Switch(config-if)# service-policy output parent Switch(config-if)# exit Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-18 OL-23400-01...
Page 507: Class-Based Weighted Fair Queuing
The total bandwidth that you can allocate between peer classes is 100 percent. Note You cannot configure bandwidth as percentage of remaining bandwidth when priority is configured for another class in the output policy map. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-19 OL-23400-01...
Page 508: Priority Queuing
Input policies and output policies have the same basic structure but differ in the characteristics that they regulate. Figure 27-8 shows the relationship of input and output policies. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-20 OL-23400-01...
Page 509: Input Policy Maps
IP ACLs, IPv4 DSCP or Precedence, MPLS Match any (only) Queuing Tail drop (queue-limit) or weighted tail drop Class level based on outer CoS, IPv4 DSCP or precedence, MPLS EXP, QoS group or discard class Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-21 OL-23400-01...
Page 510 You can attach an output policy map to any or all targets on the switch. The switch supports configuration and attachment of a unique output policy map for each port or service instance. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-22...
Page 511: Qos Treatment For Performance-Monitoring Protocols
There are no limitations on the configurations of bandwidth, priority, or shaping. QoS Treatment for Performance-Monitoring Protocols QoS is not configurable for Cisco IP service level agreements (IP SLA) probes or for traffic to the CPU. QoS treatment is set by default.
Page 512: Configuring Qos
You cannot attach a service policy to an EFP that belongs to a port channel interface. When a configured policer rate, policer burst-size, or queue-rate cannot be achieved in hardware • within 1 percent, the configuration is rejected. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-24 OL-23400-01...
Page 513: Configuring Input Policy Maps
Configuring Input Policy Maps Configuring Input Class Maps, page 27-26 • Using ACLs to Classify Traffic, page 27-28 • Configuring Class-Based Marking, page 27-32 • • Configuring Policing, page 27-34 Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-25 OL-23400-01...
Page 514: Configuring Input Class Maps
• (Optional) Use the match-any keyword to perform a logical OR of all matching statements under this class map. One or more match criteria must be matched. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-26 OL-23400-01...
Page 515 (Optional) Save your entries in the configuration file. Use the no form of the appropriate command to delete an existing class map or remove a match criterion. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-27...
Page 516: Using Acls To Classify Traffic
“Creating IP Standard ACLs” section on page 27-29 • “Creating IP Extended ACLs” section on page 27-29 • “Creating Layer 2 MAC ACLs” section on page 27-31 • Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-28 OL-23400-01...
Page 517 For source and destination address, the supported entries are ip-address, any, or host. • For match criteria, the supported keywords are dscp or tos. You can also specify a time-range. • Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-29 OL-23400-01...
Page 518 To delete an access list, use the no access-list access-list-number global configuration command. This example shows how to create an ACL that permits IP traffic from any source to any destination that has the DSCP value set to 32: Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-30 OL-23400-01...
Page 519 This example shows how to create a Layer 2 MAC ACL with a permit statement that allows traffic from the host with MAC address 0001.0000.0001 to the host with MAC address 0002.0000.0001. Switch(config)# mac access-list extended maclist1 Switch(config-ext-macl)# permit 0001.0000.0001 0.0.0 0002.0000.0001 0.0.0 Switch(config-ext-macl)# exit Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-31 OL-23400-01...
Page 520: Configuring Class-Based Marking
Enter a class-map name, or class-default to match all unclassified packets, and class-default} enter policy-map class configuration mode. If you enter a class-map name, you must have already created the class map by using the class-map global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-32 OL-23400-01...
Page 521 Interface or EFP” section on page 27-56. Use the no form of the appropriate command to delete a policy map or remove an assigned CoS, DSCP, MPLS, precedence, or QoS-group value. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-33 OL-23400-01...
Page 522: Configuring Policing
Step 3 policy-map policy-map-name Create a policy map by entering the policy map name, and enter policy-map configuration mode. By default, no policy maps are defined. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-34 OL-23400-01...
Page 523 If configuring multiple actions, press ENTER after the police command, and enter policy-map class police configuration mode (config-pmap-c-police) mode to specify the actions to take. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-35 OL-23400-01...
Page 524 If you are configuring a single action for conformed and exceeded packets, Note you can specify them in the same line. If configuring multiple actions, press ENTER after the conform-action command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-36 OL-23400-01...
Page 525 Switch(config-cmap)# match cos 4 Switch(config-cmap)# exit Switch(config)# policy-map video-policy Switch(config-pmap)# class video-class Switch(config-pmap-c)# police 10000000 10000 Switch(config-pmap-c)# exit Switch(config-pmap)# exit Switch(config)# interface gigabitethernet0/1 Switch(config-if)# service-policy input video-policy Switch(config-if)# exit Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-37 OL-23400-01...
Page 526 Step 3 policy-map policy-map-name Create a policy map by entering the policy map name, and enter policy-map configuration mode. By default, no class maps are defined. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-38 OL-23400-01...
Page 527 If configuring multiple actions, press ENTER after the police command, and enter policy-map class police configuration mode (config-pmap-c-police) mode to specify the actions to take. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-39 OL-23400-01...
Page 528 Step 6 Return to privileged EXEC mode. Step 7 show policy-map Verify your entries. [policy-map-name] Step 8 copy running-config (Optional) Save your entries in the configuration file. startup-config Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-40 OL-23400-01...
Page 529: Configuring Output Policy Maps
VLAN IDs. You define match criterion with one or more match statements entered in the class-map configuration mode. In an output policy, the match criteria acts on the packet on the wire after any VLAN rewrite mapping operations on egress. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-41 OL-23400-01...
Page 530 Note (match statement) except to match outer and inner 802.1Q VLAN tag of QinQ packets using match vlan and match vlan inner or match cos and match cos inner. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-42 OL-23400-01...
Page 531 (Optional) Save your entries in the configuration file. startup-config Use the no form of the appropriate command to delete an existing class map or remove a match criterion. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-43 OL-23400-01...
Page 532: Configuring Class-Based-Weighted Fair Queuing
Create a policy map by entering the policy map name, and enter policy-map configuration mode. Step 3 class {class-map-name | class-default} Enter a child class-map name or class-default to match all unclassified packets, and enter policy-map class configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-44 OL-23400-01...
Page 533 CIR rates. If the CIR rate of a class is configured as 0, that class is not eligible for any excess bandwidth and, as a result, receives no bandwidth. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-45...
Page 534 Switch(config-cmap)# match cos 2 Switch(config-cmap)# exit Switch(config)# policy-map phb Switch(config-pmap)# class phb Switch(config-pmap-c)# bandwidth 1000 Switch(config-pmap-c)# exit Switch(config-pmap)# exit Switch(config)# policy-map vlan Switch(config-pmap)# class vlan Switch(config-pmap-c)# bandwidth 1000 Switch(config-pmap-c)# service-policy phb Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-46 OL-23400-01...
Page 535: Configuring Class-Based Shaping
50, 20, and 10 Mb/s of the available port bandwidth. Switch(config)# policy-map out-policy Switch(config-pmap)# class classout1 Switch(config-pmap-c)# shape average 50000000 Switch(config-pmap-c)# exit Switch(config-pmap)# class classout2 Switch(config-pmap-c)# shape average 20000000 Switch(config-pmap-c)# exit Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-47 OL-23400-01...
Page 536: Configuring Port Shaping
90 Mb/s, allocated according to the out-policy policy map configured in the previous example. Switch(config)# policy-map out-policy-parent Switch(config-pmap)# class class-default Switch(config-pmap-c)# shape average 90000000 Switch(config-pmap-c)# service-policy out-policy Switch(config-pmap-c)# exit Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-48 OL-23400-01...
Page 537: Configuring Class-Based Priority Queuing
Use the no form of the appropriate command to delete an existing policy map or class map or to cancel strict priority queuing for the priority class or the bandwidth setting for the other classes. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-49...
Page 538: Configuring Weighted Tail Drop
If you enter class-default, you can omit Step 4. Step 4 bandwidth {rate | percent value | remaining Configure a scheduling action for the traffic class. percent value} shape average {target bps | percent value} priority Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-50 OL-23400-01...
Page 539 48000 (48 K) bytes because the interface cannot handle the excess burst. This example shows a policy map with a specified bandwidth and queue size. Traffic that is not DSCP 30 or 10 is assigned a qu Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-51 OL-23400-01...
Page 540: Hierarchical Policy Maps Configuration Examples
Switch(config-pmap)# class cos1 Switch(config-pmap-c)# shape average 1000 Switch(config-pmap-c)# exit Switch(config-pmap)# class cos2 Switch(config-pmap-c)# shape average 2000 Switch(config-pmap-c)# exit Switch(config-pmap)# exit Switch(config)# policy-map vlan Switch(config-pmap)# class vlan1 Switch(config-pmap-c)# shape average 5000 Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-52 OL-23400-01...
Page 541: Configuring Mpls And Eompls Qos
IP Precedence bits into the EXP bits of the virtual-connection and tunnel labels. You can change the default behavior for VLAN- or port-based EoMPLS by applying a hierarchical QoS policy. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-53...
Page 542: Mpls Qos Configuration Guidelines
Specify the name of the traffic policy to configure, and enter policy-map configuration mode. Step 6 class class-name Specify the name of the predefined traffic class configured with the class-map command, and enter policy-map class configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-54 OL-23400-01...
Page 543: Mpls Diffserv Tunneling Modes
The switch supports three tunnelling modes: uniform mode • short-pipe mode • pipe mode • For additional information, see “MPLS DiffServ Tunneling Modes” at this URL: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftdtmode.html Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-55 OL-23400-01...
Page 544: Attaching A Service Policy To An Interface Or Efp
Enter global configuration mode. Step 2 interface interface-id Specify the port to attach to the policy map, and enter interface configuration mode. Valid interfaces are physical ports. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-56 OL-23400-01...
Page 545: Displaying Qos Information
Display QoS policy map information for policy maps attached to EFP service instances. show running-config Display the configured class maps, policy maps, table maps, and aggregate policers. Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-57 OL-23400-01...
Page 546 Output Queue: Tail Packets Drop: 0 Tail Bytes Drop: 0 Class-map: class-default (match-any) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: any Cisco ME 3800X and 3600X Switch Software Configuration Guide 27-58 OL-23400-01...
Page 547: Configuring Etherchannels
C H A P T E R Configuring EtherChannels This chapter describes how to configure EtherChannels on Layer 2 and Layer 3 ports on the Cisco ME 3800X and ME 3600X switch. EtherChannel provides fault-tolerant high-speed links between switches, routers, and servers. You can use it to increase the bandwidth between the wiring closets and the data center, and you can deploy it anywhere in the network where bottlenecks are likely to occur.
Page 548: C H A P T E R 28 Configuring Etherchannels
The local port is put into an independent state and continues to carry data traffic as would any other single link. The port configuration does not change, but the port does not participate in the EtherChannel. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-2 OL-23400-01...
Page 549: Port-Channel Interfaces
Figure 28-2 Relationship of Physical Ports, Logical Port Channels, and Channel Groups Logical port-channel Channel-group binding Physical ports Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-3 OL-23400-01...
Page 550: Port Aggregation Protocol
EtherChannel, apply the configuration commands to the port-channel interface. Port Aggregation Protocol The Port Aggregation Protocol (PAgP) is a Cisco-proprietary protocol that can be run only on Cisco switches and on those switches licensed by vendors to support PAgP. PAgP facilitates the automatic creation of EtherChannels by exchanging PAgP packets between Ethernet ports.
Page 551: Pagp Interaction With Other Features
Link Aggregation Control Protocol The LACP is defined in IEEE 802.3ad standard and enables Cisco switches to manage Ethernet channels between switches that conform to the standard. LACP facilitates the automatic creation of EtherChannels by exchanging LACP packets between Ethernet ports.
Page 552: Lacp Interaction With Other Features
Therefore, to provide load balancing, packets from different hosts use different ports in the channel, but packets from the same host use the same port in the channel. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-6 OL-23400-01...
Page 553 MAC address, using the destination-MAC address always chooses the same link in the channel. Using source addresses or IP addresses might result in better load balancing. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-7...
Page 554: Configuring Etherchannels
Note to all the physical ports assigned to the port-channel interface, and configuration changes applied to the physical port affect only the port to which you apply the configuration. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-8 OL-23400-01...
Page 555: Default Etherchannel Configuration
Do not configure an EtherChannel in both the PAgP and LACP modes. EtherChannel groups running • PAgP and LACP can coexist on the same switch. Individual EtherChannel groups can run either PAgP or LACP, but they cannot interoperate. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-9 OL-23400-01...
Page 556: Configuring Layer 2 Etherchannels
If you configure the port as a static-access port, assign it to only one VLAN. The range is 1 to 4094. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-10 OL-23400-01...
Page 557 Verify your entries. Step 7 copy running-config startup-config (Optional) Save your entries in the configuration file. To remove a port from the EtherChannel group, use the no channel-group interface configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-11 OL-23400-01...
Page 558: Configuring Layer 3 Etherchannels
(Optional) Save your entries in the configuration file. Step 7 Assign an Ethernet port to the Layer 3 EtherChannel. For more information, see the “Configuring the Physical Interfaces” section on page 28-13. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-12 OL-23400-01...
Page 559: Configuring The Physical Interfaces
Step 3 no ip address Ensure that there is no IP address assigned to the physical port. Step 4 no switchport Put the port into Layer 3 mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-13 OL-23400-01...
Page 560 “LACP Modes” section on page 28-5. Step 6 Return to privileged EXEC mode. Step 7 show running-config Verify your entries. Step 8 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-14 OL-23400-01...
Page 561: Configuring Etherchannel Load Balancing
Step 5 copy running-config startup-config (Optional) Save your entries in the configuration file. To return EtherChannel load balancing to the default configuration, use the no port-channel load-balance global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-15 OL-23400-01...
Page 562: Configuring The Pagp Learn Method And Priority
PAgP interoperability with devices that only support address learning by physical ports. When the link partner to the switch is a physical learner, we recommend that you configure the Cisco ME switch as a physical-port learner by using the pagp learn-method physical-port interface configuration command.
Page 563: Configuring Lacp Hot-Standby Ports
In priority comparisons, numerically lower values have higher priority. The priority decides which ports should be put in standby mode when there is a hardware limitation that prevents all compatible ports from aggregating. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-17 OL-23400-01...
Page 564: Configuring The Lacp System Priority
EtherChannel are put in the hot-standby state and are used only if one of the channeled ports fails. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-18...
Page 565: Etherchannels And Ethernet Flow Points (Efps)
Switch (config-if)# switchport trunk allowed vlan none Switch (config-if)# service instance 1 Ethernet Switch (config-if-srv)# encapsulation untagged Switch (config-if-srv)# l2protocol peer lacp Switch (config-if-srv)# bridge-domain 10 Switch (config-if-srv)# end Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-19 OL-23400-01...
Page 566: Displaying Etherchannel, Pagp, And Lacp Status
You can clear LACP channel-group information and traffic counters by using the clear lacp {channel-group-number counters | counters} privileged EXEC command. For detailed information about the fields in the displays, see the command reference for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide 28-20 OL-23400-01...
Page 567: Configuring Ip Unicast Routing
C H A P T E R Configuring IP Unicast Routing This chapter describes how to configure IP Version 4 (IPv4) unicast routing on the Cisco ME 3800X and ME 3600X switch. For more detailed IPv4 unicast configuration information, see the Cisco IOS IP Configuration Guide, Release 12.2 For complete syntax and usage information for the commands used...
Page 568: Chapter 29 Configuring Ip Unicast Routing
Steps for Configuring Routing By default, IPv4 routing is disabled on the switch, and you must enable it before routing can take place. For detailed IP routing configuration information, see the Cisco IOS IP Configuration Guide, Release 12.2 In the following procedures, the specified interface must be one of these Layer 3 interfaces: •...
Page 569: Configuring Ip Addressing
Timeout: 14400 seconds (4 hours). IP broadcast address 255.255.255.255 (all ones). IP classless routing Enabled. IP default gateway Disabled. IP directed broadcast Disabled (all IP directed broadcasts are dropped). Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-3 OL-23400-01...
Page 570: Assigning Ip Addresses To Network Interfaces
Remove the interface from Layer 2 configuration mode (if it is a physical interface). Step 4 ip address ip-address subnet-mask Configure the IP address and IP subnet mask. Step 5 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-4 OL-23400-01...
Page 571: Use Of Subnet Zero
If you disable classless routing and a router receives packets destined for a subnet of a network with no network default route, the router discards the packet. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-5 OL-23400-01...
Page 572 Beginning in privileged EXEC mode, follow these steps to disable classless routing: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 no ip classless Disable classless routing behavior. Step 3 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-6 OL-23400-01...
Page 573: Configuring Address Resolution Methods
RARP requires a RARP server on the same network segment as the router interface. Use the ip rarp-server address interface configuration command to identify the server. For more information on RARP, see the Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.2.
Page 574 To remove an entry from the ARP cache, use the no arp ip-address hardware-address type global configuration command. To remove all nonstatic entries from the ARP cache, use the clear arp-cache privileged EXEC command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-8 OL-23400-01...
Page 575: Set Arp Encapsulation
Verify the configuration on the interface or all interfaces. Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. To disable proxy ARP on the interface, use the no ip proxy-arp interface configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-9 OL-23400-01...
Page 576: Routing Assistance When Ip Routing Is Disabled
IRDP allows hosts to locate routers. When operating as a client, the switch generates router discovery packets. When operating as a host, the switch receives router discovery packets. The switch can also Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-10...
Page 577 Use the no ip irdp interface configuration command to disable IRDP routing. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-11 OL-23400-01...
Page 578: Configuring Broadcast Packet Handling
When an access list is specified, only IP packets permitted by the access list are eligible to be translated. Step 4 exit Return to global configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-12 OL-23400-01...
Page 579: Forwarding Udp Broadcast Packets And Protocols
By default, both UDP and ND forwarding are enabled if a helper address has been defined for an interface. The description for the ip forward-protocol interface configuration command in the Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services, Release 12.2 lists the ports that are forwarded by default if you do not specify any UDP ports.
Page 580: Establishing An Ip Broadcast Address
Packets that are forwarded to a single network address using the IP helper-address mechanism can be flooded. Only one copy of the packet is sent on each network segment. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-14 OL-23400-01...
Page 581 Verify your entry. Step 5 copy running-config startup-config (Optional) Save your entry in the configuration file. To disable this feature, use the no ip forward-protocol turbo-flood global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-15 OL-23400-01...
Page 582: Monitoring And Maintaining Ip Addressing
Beginning in privileged EXEC mode, follow these steps to enable IP routing: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 ip routing Enable IP routing. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-16 OL-23400-01...
Page 583: Configuring Rip
Specify an IP routing protocol. This step might include other commands, such as specifying the networks to route with the network (RIP) router configuration command. For information on specific protocols, see sections later in this chapter and to the Cisco IOS IP Configuration Guide, Release 12.2. Step 4 Return to privileged EXEC mode.
Page 584: Default Rip Configuration
To configure RIP, you enable RIP routing for a network and optionally configure other parameters. On the Cisco ME switch, RIP configuration commands are ignored until you configure the network number. Cisco ME 3800X and 3600X Switch Software Configuration Guide...
Page 585 By default, packets in a multiple-packet RIP update have no delay added between packets. If you are sending packets to a lower-speed device, you can add an interpacket delay in the range of 8 to 50 milliseconds. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-19 OL-23400-01...
Page 586: Configuring Rip Authentication
This feature can optimize communication among multiple routers when links are broken. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-20 OL-23400-01...
Page 587: Configuring Summary Addresses
Configuring RIP Note In general, Cisco does not recommend disabling split horizon unless you are certain that your application requires it to properly advertise routes. Beginning in privileged EXEC mode, follow these steps to disable split horizon on the interface:...
Page 588: Configuring Ospf
IP multicast when sending and receiving packets. This section briefly describes how to configure O SPF. For a complete description of the OSPF commands, see the “OSPF Commands” chapter of the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2.
Page 589: Default Ospf Configuration
(all routes from one area to another): 110. and dist3 (routes from other routing domains): 110. OSPF database filter Disabled. All outgoing link-state advertisements (LSAs) are flooded to the interface. IP OSPF name lookup Disabled. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-23 OL-23400-01...
Page 590: Nonstop Forwarding Awareness
Enabling OSPF requires that you create an OSPF routing process, specify the range of IP addresses to be associated with the routing process, and assign area IDs to be associated with that range. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-24...
Page 591: Configuring Ospf Interfaces
Step 4 ip ospf retransmit-interval seconds (Optional) Specify the number of seconds between link state advertisement transmissions. The range is 1 to 65535 seconds. The default is 5 seconds. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-25 OL-23400-01...
Page 592 (Optional) Save your entries in the configuration file. Use the no form of these commands to remove the configured parameter value or return to the default value. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-26 OL-23400-01...
Page 593: Configuring Ospf Network Types
Assigning a cost to a neighbor is optional. Configuring Network Types for OSPF Interfaces You can configure network interfaces as either broadcast or NBMA and as point-to point or point-to-multipoint, regardless of the default media type. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-27 OL-23400-01...
Page 594 (Optional) Save your entries in the configuration file. Use the no form of the ip ospf network command to return to the default network type for the media. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-28 OL-23400-01...
Page 595: Configuring Ospf Area Parameters
[process-id [area-id]] database Display lists of information related to the OSPF database for a specific router. Step 10 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-29 OL-23400-01...
Page 596: Configuring Other Ospf Parameters
Beginning in privileged EXEC mode, follow these steps to configure these OSPF parameters: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 router ospf process-id Enable OSPF routing, and enter router configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-30 OL-23400-01...
Page 597: Changing Lsa Group Pacing
If you have a very small database (40 to 100 LSAs), increasing the pacing interval to 10 to 20 minutes might benefit you slightly. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-31...
Page 598: Configuring A Loopback Interface
Verify your entries. Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. Use the no interface loopback 0 global configuration command to disable the loopback interface. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-32 OL-23400-01...
Page 599: Monitoring Ospf
Display OSPF-related virtual links information. Configuring EIGRP Enhanced IGRP (EIGRP) is a Cisco proprietary enhanced version of the IGRP. EIGRP uses the same distance vector algorithm and distance information as IGRP; however, the convergence properties and the operating efficiency of EIGRP are significantly improved.
Page 600 Configuring Basic EIGRP Parameters, page 29-36 • Configuring EIGRP Interfaces, page 29-37 • Configuring EIGRP Route Authentication, page 29-38 • • Configuring EIGRP Stub Routing, page 29-39 • Monitoring and Maintaining EIGRP, page 29-40 Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-34 OL-23400-01...
Page 601: Default Eigrp Configuration
Distributed proportionately to the ratios of the metrics. Variance 1 (equal-cost load balancing). 1. NSF = Nonstop Forwarding 2. EIGRP NSF awareness is enabled for IPv4 on switches running the metro IP access image. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-35 OL-23400-01...
Page 602: Nonstop Forwarding Awareness
(Optional) Disable automatic summarization of subnet routes into network-level routes. Step 8 ip summary-address eigrp (Optional) Configure a summary aggregate. autonomous-system-number address mask Step 9 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-36 OL-23400-01...
Page 603: Configuring Eigrp Interfaces
Display which interfaces EIGRP is active on and information about EIGRP relating to those interfaces. Step 10 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-37 OL-23400-01...
Page 604: Configuring Eigrp Route Authentication
(Optional) Save your entries in the configuration file. Use the no forms of these commands to disable the feature or to return the setting to the default value. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-38 OL-23400-01...
Page 605: Configuring Eigrp Stub Routing
For more information about EIGRP stub routing, see “Configuring EIGRP Stub Routing” part of the Cisco IOS IP Configuration Guide, Volume 2 of 3: Routing Protocols, Release 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Configuration Guides.
Page 606: Monitoring And Maintaining Eigrp
You can delete neighbors from the neighbor table. You can also display various EIGRP routing statistics. Table 29-8 lists the privileged EXEC commands for deleting neighbors and displaying statistics. For explanations of fields in the resulting display, see the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2. Table 29-8...
Page 607: Configuring Bgp
You can find detailed information about BGP in Internet Routing Architectures, published by Cisco Press, and in the “Configuring BGP” chapter in the Cisco IOS IP and IP Routing Configuration Guide. For details about BGP commands and keywords, see the “IP Routing Protocols” part of the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2.
Page 608 AS-level policy decisions. A router or switch running Cisco IOS does not select or use an IBGP route unless it has a route available to the next-hop router and it has received synchronization from an IGP (unless IGP synchronization is disabled).
Page 609: Default Bgp Configuration
Distribute list In (filter networks received in updates): Disabled. • Out (suppress networks from being advertised in updates): Disabled. • Internal route redistribution Disabled. IP prefix list None defined. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-43 OL-23400-01...
Page 610 Keepalive: 60 seconds; holdtime: 180 seconds. 1. NSF = Nonstop Forwarding 2. BGP NSF Awareness can be enabled for IPv4 on switches with the metro IP access image by enabling Graceful Restart. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-44 OL-23400-01...
Page 611: Nonstop Forwarding Awareness
1 to 65535, with 64512 to 65535 designated as private autonomous numbers. Step 4 network network-number [mask network-mask] Configure a network as local to this AS, and enter it in the BGP [route-map route-map-name] table. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-45 OL-23400-01...
Page 612 These examples show how to configure BGP on the routers in Figure 29-5. Router A: Switch(config)# router bgp 100 Switch(config-router)# neighbor 129.213.1.1 remote-as 200 Router B: Switch(config)# router bgp 200 Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-46 OL-23400-01...
Page 613: Managing Routing Policy Changes
EIGRP, which also use the network command to specify where to send updates. For detailed descriptions of BGP configuration, see the “IP Routing Protocols” part of the Cisco IOS IP Configuration Guide, Release 12.2. For details about specific commands, see the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2.
Page 614: Configuring Bgp Decision Attributes
IP routing table. If BGP multipath support is enabled and the EBGP paths are learned from the same neighboring autonomous systems, multiple paths are installed in the IP routing Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-48...
Page 615 Prefer the path with the largest weight (a Cisco proprietary parameter). The weight attribute is local to the router and not propagated in routing updates. By default, the weight attribute is 32768 for paths that the router originates and zero for other paths.
Page 616: Configuring Bgp Filtering With Route Maps
Redistribute Routing Information” section on page 29-97 for more information about route maps. Each route map has a name that identifies the route map (map tag) and an optional sequence number. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-50 OL-23400-01...
Page 617: Configuring Bgp Filtering By Neighbor
Purpose Step 1 configure terminal Enter global configuration mode. Step 2 router bgp autonomous-system Enable a BGP routing process, assign it an AS number, and enter router configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-51 OL-23400-01...
Page 618: Configuring Prefix Lists For Bgp Filtering
BGP autonomous system paths. Each filter is an access list based on regular expressions. (See the “Regular Expressions” appendix in the Cisco IOS Dial Technologies Command Reference, Release 12.2 for more information on forming regular expressions.) To use this method, define an autonomous system path access list, and apply it to updates to and from particular neighbors.
Page 619: Configuring Bgp Community Filtering
COMMUNITIES attribute. A community is a group of destinations that share some common attribute. Each destination can belong to multiple communities. AS administrators can define to which communities a destination belongs. By default, all destinations belong to the general Internet Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-53 OL-23400-01...
Page 620 (Optional) Display and parse BGP communities in the format AA:NN. A BGP community is displayed in a two-part format 2 bytes long. The Cisco default community format is in the format NNAA. In the most recent RFC for BGP, a community takes the form AA:NN, where the first part is the AS number and the second part is a 2-byte number.
Page 621: Configuring Bgp Neighbors And Peer Groups
(Optional) Allow BGP sessions, even when the neighbor is not ebgp-multihop on a directly connected segment. The multihop session is not established if the only route to the multihop peer’s address is the default route (0.0.0.0). Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-55 OL-23400-01...
Page 622 To disable an existing BGP neighbor or neighbor peer group, use the neighbor shutdown router configuration command. To enable a previously existing neighbor or neighbor peer group that had been disabled, use the no neighbor shutdown router configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-56 OL-23400-01...
Page 623: Configuring Aggregate Addresses
IBGP peers. Specifically, the next hop, MED, and local preference information is preserved. You can then use a single IGP for all of the autonomous systems. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-57 OL-23400-01...
Page 624: Configuring Bgp Route Reflectors
ID so that a route reflector can recognize updates from route reflectors in the same cluster. All the route reflectors serving a cluster should be fully meshed and should have identical sets of client and nonclient peers. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-58 OL-23400-01...
Page 625: Configuring Route Dampening
Step 7 show ip bgp dampened-paths (Optional) Display the dampened routes, including the time remaining before they are suppressed. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-59 OL-23400-01...
Page 626: Monitoring And Maintaining Bgp
Table 29-8 lists the privileged EXEC commands for clearing and displaying BGP. For explanations of the display fields, see the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2. Table 29-11 IP BGP Clear and Show Commands...
Page 627: Configuring Iso Clns Routing
DECnet, ISO CLNS and XNS Configuration Guide, Release 12.2. For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS Apollo Domain, Banyan VINES, DECnet, ISO CLNS and XNS Command Reference, Release 12.2, use the IOS command reference master index, or search online.
Page 628: Configuring Is-Is Dynamic Routing
For IS-IS multiarea routing, you can configure only one process to perform Level 2 routing, although you can define up to 29 Level 1 areas for each Cisco unit. If Level 2 routing is configured on any process, all additional processes are automatically configured as Level 1. You can configure this process to perform Level 1 routing at the same time.
Page 629: Nonstop Forwarding Awareness
To enable IS-IS, you specify a name and NET for each routing process. You then enable IS-IS routing on the interface and specify the area for each instance of the routing process. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-63...
Page 630 This example shows how to configure three routers to run conventional IS-IS as an IP routing protocol. In conventional IS-IS, all routers act as Level 1 and Level 2 routers (by default). Router A Switch(config)# clns routing Switch(config)# router isis Switch(config-router)# net 49.0001.0000.0000.000a.00 Switch(config-router)# exit Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-64 OL-23400-01...
Page 631: Configuring Is-Is Global Parameters
If a link in the network has a maximum transmission unit (MTU) size of less than 1500 bytes, you can lower the LSP MTU so that routing will still occur. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-65...
Page 632 The range is from 1 to 65535 seconds. The default is 1200 seconds (20 minutes). After the specified time interval, the LSP packet is deleted. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-66 OL-23400-01...
Page 633 Use the no area-password or no domain-password router configuration command to disable passwords. To disable LSP MTU settings, use the no lsp mtu router configuration command. To return Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-67 OL-23400-01...
Page 634: Configuring Is-Is Interface Parameters
0 to 63. The default is 10. If no level is entered, the default is to apply to both Level 1 and Level 2 routers. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-68 OL-23400-01...
Page 635 Verify your entries. Step 14 copy running-config startup-config (Optional) Save your entries in the configuration file. To return to the default settings, use the no forms of the commands. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-69 OL-23400-01...
Page 636: Monitoring And Maintaining Is-Is
EXEC commands for clearing and displaying ISO CLNS and IS-IS routing. For explanations of the display fields, see the Cisco IOS Apollo Domain, Banyan VINES, DECnet, ISO CLNS and XNS Command Reference, Release 12.2, use the Cisco IOS command reference master index, or search online.
Page 637: Configuring Bfd
OSPF process breaks the OSPF neighbor relationship (4). If an alternative path is available, the routers start converging on it. Figure 29-7 Breaking an OSPF Neighbor Relationship OSPF neighbors OSPF OSPF BFD neighbors 172.16.10.2 172.16.10.1 Router A Router B 172.18.0.1 172.17.0.1 Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-71 OL-23400-01...
Page 638: Default Bfd Configuration
Cisco Express Forwarding (CEF) is enabled (the default) on participating switches. For more detailed configuration, see the Bidirectional Forwarding Detection feature module at this URL: http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fs_bfd.html For details on the commands, use the Master Index to the Cisco IOS Command List for Release 12.4. at this URL: http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_book.html These sections describe configuring BFD: •...
Page 639: Default Bfd Configuration Guidelines
See the IP routing documentation in this chapter or in the Cisco IOS IP Configuration Guide, Release 12.2, for information on configuring fast convergence. We recommend that you configure the BFD interval parameters on an interface before configuring the Note routing protocol commands, especially when using EIGRP.
Page 640: Enabling Bfd Routing Protocol Clients
When you start BFD sessions for OSPF, OSPF must be running on all participating devices.You can enable BFD support for OSPF by enabling it globally on all OSPF interfaces or by enabling it on one or more interfaces. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-74 OL-23400-01...
Page 641 Specify an OSPF process, and enter router configuration mode. Step 3 exit Return to global configuration mode. Step 4 interface interface-id Specify an interface, and enter interface configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-75 OL-23400-01...
Page 642: Configuring Bfd For Is-Is
To disable IS-IS BFD on all interfaces, enter the no bfd all-interfaces router configuration command. To disable it on the specified interface, enter the no isis bfd or the isis bfd disable interface configuration command on the interface. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-76 OL-23400-01...
Page 643: Configuring Bfd For Bgp
Beginning in privileged EXEC mode, follow these steps to enable BGP BFD: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 router bgp as-tag Specify a BGP autonomous system, and enter router configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-77 OL-23400-01...
Page 644: Configuring Bfd For Eigrp
HSRP supports BFD by default; it is globally enabled on all interfaces. If HSRP support has been manually disabled, you can reenable it in interface or global configuration mode. All participating devices must have HSRP enabled and CEF enabled (the default). Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-78 OL-23400-01...
Page 645: Disabling Bfd Echo Mode
[milliseconds] (Optional) Configure a BFD slow-timer value. The range is from 1000 to 30000 milliseconds. The default is 1000 milliseconds. Step 6 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-79 OL-23400-01...
Page 646: Configuring Multi-Vrf Ce
• link to one or more provider edge routers. The CE device advertises the site local routes to the router and learns the remote VPN routes from it. The Cisco ME 3400 switch can be a CE. • Provider edge (PE) routers exchange routing information with CE devices by using static routing or a routing protocol such as BGP, RIPv2, OSPF, or EIGRP.
Page 647 VPN service, for example, small companies. In this case, multi-VRF CE support is required in the Cisco ME switches. Because multi-VRF CE is a Layer 3 feature, each interface in a VRF must be a Layer 3 interface.
Page 648: Default Multi-Vrf Ce Configuration
Multi-VRF CE lets multiple customers share the same physical link between the PE and the CE. • Trunk ports with multiple VLANs separate packets among customers. Each customer has its own VLAN. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-82 OL-23400-01...
Page 649: Configuring Vrfs
Beginning in privileged EXEC mode, follow these steps to configure one or more VRFs. For complete syntax and usage information for the commands, refer to the switch command reference for this release and the Cisco IOS Switching Services Command Reference, Release 12.2. Command...
Page 650: Configuring Vrf-Aware Services
VRF in the system can be specified for a VRF-aware service. VRF-Aware services are implemented in platform-independent modules. VRF means multiple routing instances in Cisco IOS. Each platform has its own limit on the number of VRFs it supports. VRF-aware services have the following characteristics: •...
Page 651: User Interface For Arp
Beginning in privileged EXEC mode, follow these steps to configure VRF-aware services for ARP. For complete syntax and usage information for the commands, refer to the switch command reference for this release and the Cisco IOS Switching Services Command Reference, Release 12.2. Command...
Page 652: User Interface For Syslog
Beginning in privileged EXEC mode, follow these steps to configure VRF-aware services for Syslog. For complete syntax and usage information for the commands, refer to the switch command reference for this release and the Cisco IOS Switching Services Command Reference, Release 12.2. Command...
Page 653: Configuring A Vpn Routing Session
Set the switch to redistribute information from the BGP network to the autonomous-system-number subnets OSPF network. Step 5 network network-number area area-id Define a network address and mask on which OSPF runs and the area ID for that network address. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-87 OL-23400-01...
Page 654: Configuring Bgp Pe To Ce Routing Sessions
29-8. OSPF is the protocol used in VPN1, VPN2, and the global network. BGP is used in the CE to PE connections. The examples following the illustration show how to configure a Cisco ME 3400 switch as CE Switch A, and the VRF configuration for customer switches D and F. Commands for configuring CE Switch C and the other customer switches are not included but would be similar.
Page 655 Switch(config-if)# ip address 8.8.1.8 255.255.255.0 Switch(config-if)# exit Switch(config)# interface loopback2 Switch(config-if)# ip vrf forwarding v12 Switch(config-if)# ip address 8.8.2.8 255.255.255.0 Switch(config-if)# exit Switch(config)# interface gigabitethernet0/5 Switch(config-if)# switchport trunk encapsulation dot1q Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-89 OL-23400-01...
Page 656 Switch(config-router-af)# redistribute ospf 2 match internal Switch(config-router-af)# neighbor 83.0.0.3 remote-as 100 Switch(config-router-af)# neighbor 83.0.0.3 activate Switch(config-router-af)# network 8.8.2.0 mask 255.255.255.0 Switch(config-router-af)# exit Switch(config-router)# address-family ipv4 vrf vl1 Switch(config-router-af)# redistribute ospf 1 match internal Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-90 OL-23400-01...
Page 657 Router(config-vrf)# rd 100:1 Router(config-vrf)# route-target export 100:1 Router(config-vrf)# route-target import 100:1 Router(config-vrf)# exit Router(config)# ip vrf v2 Router(config-vrf)# rd 100:2 Router(config-vrf)# route-target export 100:2 Router(config-vrf)# route-target import 100:2 Router(config-vrf)# exit Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-91 OL-23400-01...
Page 658: Displaying Multi-Vrf Ce Status
[brief | detail | interfaces] [vrf-name] Display information about the defined VRF instances. For more information about the information in the displays, refer to the Cisco IOS Switching Services Command Reference, Release 12.2. Cisco ME 3800X and 3600X Switch Software Configuration Guide...
Page 659: Configuring Protocol-Independent Features
• Configuring Cisco Express Forwarding Cisco Express Forwarding (CEF) is a Layer 3 IP switching technology used to optimize network performance. CEF implements an advanced IP look-up and forwarding algorithm to deliver maximum Layer 3 switching performance. CEF is less CPU-intensive than fast switching route caching, allowing more CPU processing power to be dedicated to packet forwarding.
Page 660: Configuring The Number Of Equal-Cost Routing Paths
The range is from 1 to 8; the default is 4 for most IP routing protocols, but only 1 for BGP. Step 4 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-94 OL-23400-01...
Page 661: Configuring Static Unicast Routes
Table 29-16 Dynamic Routing Protocol Default Administrative Distances Route Source Default Distance Connected interface Static route Enhanced IRGP summary route External BGP Internal Enhanced IGRP IGRP OSPF Internal BGP Unknown Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-95 OL-23400-01...
Page 662: Specifying Default Routes And Networks
The system periodically scans its routing table to choose the optimal default network as its default route. In IGRP networks, there might be several candidate networks for the system default. Cisco routers use administrative distance and metric information to set the default route or the gateway of last resort.
Page 663: Using Route Maps To Redistribute Routing Information
The switch supports the continue clause for outbound policies. For more information about using the route map continue clause, see the BGP Route-Map Continue Support for an Outbound Policy feature guide for Cisco IOS Release 12.4(4)T at this URL: http://www.cisco.com/en/US/products/ps6441/products_feature_guides_list.html...
Page 664 EIGRP external routes. Step 12 set dampening halflife reuse suppress Set BGP route dampening factors. max-suppress-time Step 13 set local-preference value Assign a value to a local BGP path. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-98 OL-23400-01...
Page 665 To delete an entry, use the no route-map map tag global configuration command or the no match or no set route-map configuration commands. You can distribute routes from one routing domain into another and control route distribution. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-99 OL-23400-01...
Page 666: Filtering Routing Information
Filtering Routing Information You can filter routing protocol information by performing the tasks described in this section. Note When routes are redistributed between OSPF processes, no OSPF metrics are preserved. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-100 OL-23400-01...
Page 667: Setting Passive Interfaces
You can also use a distribute-list router configuration command to avoid processing certain routes listed in incoming updates. (This feature does not apply to OSPF.) Beginning in privileged EXEC mode, follow these steps to control the advertising or processing of routing updates: Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-101 OL-23400-01...
Page 668: Filtering Sources Of Routing Information
Return to privileged EXEC mode. Step 5 show ip protocols Display the default administrative distance for a specified routing process. Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-102 OL-23400-01...
Page 669: Managing Authentication Keys
Display authentication key information. Step 9 copy running-config startup-config (Optional) Save your entries in the configuration file. To remove the key chain, use the no key chain name-of-chain global configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-103 OL-23400-01...
Page 670: Monitoring And Maintaining The Ip Network
Display supernets. show ip cache Display the routing table used to switch IP traffic. show route-map [map-name] Display all route maps configured or only the one specified. Cisco ME 3800X and 3600X Switch Software Configuration Guide 29-104 OL-23400-01...
Page 671: Chapter 30 Configuring Hsrp
C H A P T E R Configuring HSRP This chapter describes how to use Hot Standby Router Protocol (HSRP) on the Cisco ME 3800X and ME 3600X switch to provide routing redundancy for routing IP traffic without being dependent on the availability of any single router.
Page 672 Host C’s segment that need to communicate with users on Host B’s segment and also continues to perform its normal function of handling packets between the Host A segment and Host B. Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-2 OL-23400-01...
Page 673: Hsrp Versions
– HSRPv1 uses the multicast address 224.0.0.2 to send hello packets, which can conflict with Cisco Group Management Protocol (CGMP) leave processing. You cannot enable HSRPv1 and CGMP at the same time; they are mutually exclusive. HSRPv2—Version 2 of the HSRP has these features: •...
Page 674: Multiple Hsrp
Active router for group 2 Standby router for group 2 Standby router for group 1 Router A Router B 10.0.0.1 10.0.0.2 Client 1 Client 2 Client 3 Client 4 Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-4 OL-23400-01...
Page 675: Configuring Hsrp
Layer 3 EtherChannels” section on page 28-12. All Layer 3 interfaces must have IP addresses assigned to them. See the “Configuring Layer 3 • Interfaces” section on page 9-19. Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-5 OL-23400-01...
Page 676: Enabling Hsrp
IP addresses are compared and the higher IP address is the active router, with the next highest as the standby router. Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-6 OL-23400-01...
Page 677: Configuring Hsrp Priority
When multiple tracked interfaces are down and interface-priority values have been configured, the • configured priority decrements are cumulative. If tracked interfaces that were not configured with priority values fail, the default decrement is 10, and it is noncumulative. Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-7 OL-23400-01...
Page 678 The default value is 10. Step 6 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-8 OL-23400-01...
Page 679: Configuring Mhsrp
Switch(config)# interface gigabitethernet0/1 Switch(config-if)# no switchport Switch(config-if)# ip address 10.0.0.2 255.255.255.0 Switch(config-if)# standby 1 ip 10.0.0.3 Switch(config-if)# standby 1 preempt Switch(config-if)# standby 2 ip 10.0.0.4 Switch(config-if)# standby 2 priority 110 Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-9 OL-23400-01...
Page 680: Configuring Hsrp Authentication And Timers
Use the no standby [group-number] authentication string interface configuration command to delete an authentication string. Use the no standby [group-number] timers hellotime holdtime interface configuration command to restore timers to their default values. Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-10 OL-23400-01...
Page 681: Enabling Hsrp Support For Icmp Redirect Messages
HSRP group. If a host is redirected by ICMP to the real MAC address of a router and that router later fails, packets from the host are lost. For more information, see the Cisco IOS IP Configuration Guide, Release 12.2. Displaying HSRP Configurations...
Page 682 Next hello sent in 00:00:02.262 Hot standby IP address is 172.20.138.51 configured Active router is local Standby router is unknown expired Standby virtual mac address is 0000.0c07.ac64 Name is test Cisco ME 3800X and 3600X Switch Software Configuration Guide 30-12 OL-23400-01...
Page 683: Configuring Cisco Ios Ip Slas Operations
Cisco IOS IP SLAs generates and analyzes traffic either between Cisco IOS devices or from a Cisco IOS device to a remote IP device such as a network application server. Measurements provided by the various Cisco IOS IP SLAs operations can be used for troubleshooting, for problem analysis, and for designing network topologies.
Page 684: Using Cisco Ios Ip Slas To Measure Network Performance
Configuring Cisco IOS IP SLAs Operations Understanding Cisco IOS IP SLAs Because Cisco IP SLAs is Layer 2 transport independent, you can configure end-to-end operations over disparate networks to best reflect the metrics that an end user is likely to experience. IP SLAs collects a...
Page 685: C H A P T E R 31 Configuring Cisco Ios Ip Slas Operations
IP SLAs Responder and IP SLAs Control Protocol The IP SLAs responder is a component embedded in the destination Cisco device that allows the system to anticipate and respond to IP SLAs request packets. The responder provides accurate measurements without the need for dedicated probes.
Page 686: Response Time Computation For Ip Slas
The IP SLAs responder can be a Cisco IOS Layer 2, responder-configurable switch, such as a Catalyst 2960 or Cisco ME 2400 switch or a Cisco ME 3400 switch running the metro base image. The responder does not need to support full IP SLAs functionality.
Page 687: Ip Slas Operation Scheduling
IP SLAs operation or a group of operations at one time. You can schedule several IP SLAs operations by using a single command through the Cisco IOS CLI or the CISCO RTTMON-MIB. Scheduling the operations to run at evenly distributed times allows you to control the amount of IP SLAs monitoring traffic.
Page 688: Configuring Ip Slas Operations
UDP jitter operation, which requires a responder, and configuring ICMP echo operation, which does not require a responder. For details about configuring other operations, see he Cisco IOS IP SLAs Configuration Guide at this URL: http://www.cisco.com/en/US/docs/ios/ipsla/configuration/guide/12_4t/sla_12_4t_book.html...
Page 689: Configuring The Ip Slas Responder
The IP SLAs responder is available only on Cisco IOS software-based devices, including some Layer 2 switches that do not support full IP SLAs functionality, such as the Catalyst 2960 or the Cisco ME 2400 switch or a Cisco ME 3400 switch running the metro base image. Beginning in privileged EXEC mode,...
Page 690: Analyzing Ip Service Levels By Using The Udp Jitter Operation
Beginning in privileged EXEC mode, follow these steps to configure UDP jitter operation on the source device: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 ip sla operation-number Create an IP SLAs operation, and enter IP SLAs configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 31-8 OL-23400-01...
Page 691 The range is 0 to 2073600 seconds, the default is 0 seconds (never ages out). (Optional) recurring—Set the operation to automatically run every day. • Cisco ME 3800X and 3600X Switch Software Configuration Guide 31-9 OL-23400-01...
Page 692: Analyzing Ip Service Levels By Using The Icmp Echo Operation
Analyzing IP Service Levels by Using the ICMP Echo Operation The ICMP echo operation measures end-to-end response time between a Cisco device and any devices using IP. Response time is computed by measuring the time taken between sending an ICMP echo request message to the destination and receiving an ICMP echo reply.
Page 693 0 to 2073600 seconds; the default is 0 seconds (never ages out). (Optional) recurring—Set the operation to automatically run every day. • Step 7 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 31-11 OL-23400-01...
Page 694: Monitoring Ip Slas Operations
History Filter Type: None Enhanced History: Monitoring IP SLAs Operations Use the User EXEC or Privileged EXEC commands in Table 31-1 to display IP SLAs operations configuration and results. Cisco ME 3800X and 3600X Switch Software Configuration Guide 31-12 OL-23400-01...
Page 695 Display information about the IP SLAs responder. show ip sla statistics [entry-number | aggregated | details] Display current or aggregated operational status and statistics. Cisco ME 3800X and 3600X Switch Software Configuration Guide 31-13 OL-23400-01...
Page 696 Chapter 31 Configuring Cisco IOS IP SLAs Operations Monitoring IP SLAs Operations Cisco ME 3800X and 3600X Switch Software Configuration Guide 31-14 OL-23400-01...
Page 697: Configuring Ethernet Oam, Cfm, And E-Lmi
Ethernet Operations, Administration, and Maintenance (OAM) is a protocol for installing, monitoring, and troubleshooting Ethernet networks to increase management capability within the context of the overall Ethernet infrastructure. The Cisco ME 3800X and ME 3600X switch supports IEEE 802.1ag Connectivity Fault Management (CFM), Ethernet Local Management Interface (E-LMI), and IEEE 802.3ah Ethernet OAM discovery, link monitoring, remote fault detection, and remote loopback.
Page 698: C H A P T E R 32 Configuring Ethernet Oam, Cfm, And E-Lmi
Maintenance levels of nesting domains should be communicated among the administrating organizations. CFM exchanges messages and performs operations on a per-domain basis. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-2 OL-23400-01...
Page 699: Maintenance Associations And Maintenance Points
CFM messages within these boundaries. Outward facing or Down MEPs communicate through the wire side (connected to the port). Inward facing or Up MEPs communicate through the relay function side, not the wire side. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-3 OL-23400-01...
Page 700: Cfm Messages
MEPs that allow MEPs to discover other MEPs within a domain and allow MIPs to discover MEPs. CC messages are configured to a domain or VLAN. Enter the continuity-check Ethernet service configuration command to enable CCM. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-4 OL-23400-01...
Page 701: Crosscheck Function And Static Remote Meps
VLAN exist at a higher level without any MEPs configured. You can display the configuration error list, which is informational only, by entering the show ethernet cfm errors configuration privileged EXEC command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-5 OL-23400-01...
Page 702: Ip Slas Support For Cfm
A port can be configured as a flow point (MIP/MEP), a transparent port, or disabled (CFM disabled). By default, ports are transparent ports until configured as MEP, MIP, or disabled. There are no MEPs or MIPs configured. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-6 OL-23400-01...
Page 703: Ethernet Cfm Configuration Guidelines
The range is from 1 to 4095; the default is 100 lines. • (Optional) For hold-time, enter the maximum cache hold time in minutes. The range is from 1 to 65535; the default is 100 minutes. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-7 OL-23400-01...
Page 704 1 second, 10 seconds, 1 minute and 10 minutes. The default is 10 seconds. Note Because faster CCM rates are more CPU-intensive, we do not recommend configuring a large number of MEPs running at 100 ms intervals. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-8 OL-23400-01...
Page 705 The MIP level range is 0 to 7. This step is not required if you have entered the Note ethernet cfm mip auto-create global configuration command or the mip auto-create ethernet-cfm or ethernet-cfm-srv configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-9 OL-23400-01...
Page 706: Configuring Ethernet Cfm Crosscheck
Define a CFM domain, set the domain level, and enter ethernet-cfm configuration mode for the domain. The maintenance level number range is 0 to 7. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-10 OL-23400-01...
Page 707: Configuring Static Remote Mep
Define a CFM domain, set the domain level, and enter ethernet-cfm configuration mode for the domain. The maintenance level number range is 0 to 7. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-11 OL-23400-01...
Page 708 (Optional) Save your entries in the configuration file. Use the no form of each command to remove a configuration or to return to the default settings. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-12 OL-23400-01...
Page 709: Configuring A Port Mep
Step 9 exit Return to ethernet-cfm configuration mode. Step 10 exit Return to global configuration mode. Step 11 interface interface-id Identify the port MEP interface and enter interface configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-13 OL-23400-01...
Page 710: Configuring Snmp Traps
(Optional) Save your entries in the configuration file. Use the no form of each command to remove a configuration or to return to the default settings. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-14 OL-23400-01...
Page 711: Configuring Fault Alarms
VLAN ID or IDs as a VLAN-ID (1 to 4094), a range of VLAN-IDs separated by a hyphen, or a series of VLAN IDs separated by comma. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-15 OL-23400-01...
Page 712: Configuring Ip Slas Cfm Operation
For more information about configuring IP SLAs Ethernet operation, see the IP SLAs for Metro-Ethernet feature module at this URL: http://www.cisco.com/en/US/docs/ios/12_2sr/12_2srb/feature/guide/sr_meth.html For detailed information about configuring IP SLAs operations, see the Cisco IOS IP SLAs Configuration Guide, Release 12.4T at this URL: http://www.cisco.com/en/US/docs/ios/ipsla/configuration/guide/12_4t/sla_12_4t_book.html For detailed information about IP SLAs commands, see the command reference at this URL: http://www.cisco.com/en/US/docs/ios/ipsla/command/reference/sla_book.html...
Page 713 SLAs operation waits for a response from its request packet. The range is 0 to 604800000; the default value is 5000. Step 12 exit Return to global configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-17 OL-23400-01...
Page 714: Configuring An Ip Slas Operation With Endpoint Discovery
Enter global configuration mode. Step 2 ip sla ethernet-monitor operation-number Begin configuration of an IP SLAs automatic Ethernet operation, and enter IP SLAs Ethernet monitor configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-18 OL-23400-01...
Page 715 IP SLAs operation waits for a response from its request packet. The range is 0 to 604800000; the default value is 5000. Step 10 exit Return to global configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-19 OL-23400-01...
Page 716: Managing And Displaying Ethernet Cfm Information
Clear a SMEP out of AIS defect condition. interface-id clear ethernet cfm error Clear all CFM error conditions, including AIS. You can use the privileged EXEC commands in Table 32-2 to display Ethernet CFM information. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-20 OL-23400-01...
Page 717 Level: 3 Direction: Up Vlan: 7 Interface: Gi0/3 CC-Status: Enabled CC Loss Threshold: 3 MAC: 0021.d7ef.0700 LCK-Status: Enabled LCK Period: 60000(ms) LCK Expiry Threshold: 3.5 Level to transmit LCK: Default Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-21 OL-23400-01...
Page 718: Understanding The Ethernet Oam Protocol
CPU must poll error counters frequently, the number of required CPU cycles is proportional to the number of interfaces that must be polled. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-22...
Page 719: Oam Features
They do not go beyond a single hop and have a maximum transmission rate of 10 OAM PDUs per second. Message types are information, event notification, loopback control, or vendor-specific OAM PDUs. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-23 OL-23400-01...
Page 720: Setting Up And Configuring Ethernet Oam
Enter global configuration mode. Step 2 interface interface-id Define an interface to configure as an OAM interface, and enter interface configuration mode. Step 3 ethernet oam Enable Ethernet OAM on the interface. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-24 OL-23400-01...
Page 721: Enabling Ethernet Oam Remote Loopback
Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface-id Define an interface to configure as an OAM interface, and enter interface configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-25 OL-23400-01...
Page 722: Configuring Ethernet Oam Link Monitoring
Enable the interface to support link monitoring. This is the default. You need to enter this command only if it has been disabled by previously entering the no ethernet oam link-monitor supported command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-26 OL-23400-01...
Page 723 Enter window frames to set the a polling window size • in number of frames. The range is 1 to 65535; each value is a multiple of 10000 frames. The default is 1000. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-27 OL-23400-01...
Page 724 {low-frames}} | window milliseconds} command is visible on the switch and you are allowed to enter it, but it is not supported.Enter the no form of the commands to disable the configuration. Use the no form of each command to disable the threshold setting. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-28 OL-23400-01...
Page 725: Configuring Ethernet Oam Remote Failure Indications
CRS errors, and symbol-period errors and thresholds. You can also set the template to put the interface in error-disabled state if any high thresholds are exceeded. These steps are optional and can be performed in any sequence or repeated to configure different options. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-29 OL-23400-01...
Page 726 65535. It must be lower than the high threshold. • Enter window symbols to set the window size (in number of symbols) of the polling period. The range is 1 to 65535 symbols. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-30 OL-23400-01...
Page 727 Enter window frames to set the a polling window size • in number of frames. The range is 100 to 9000; each value is a multiple of 100 milliseconds. The default is 1000. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-31 OL-23400-01...
Page 728: Displaying Ethernet Oam Protocol Information
OAM protocol, such as CFM, that runs within the provider network to collect OAM status. CFM runs at the provider maintenance level (UPE to UPE with up MEPs at the UNI). Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-32...
Page 729: Configuring E-Lmi
EtherChannel. You cannot configure E-LMI on VLAN interfaces. • You must enter the ethernet lmi ce global configuration command to enable the switch or interface • in customer-edge mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-33 OL-23400-01...
Page 730: Enabling E-Lmi
Use the no ethernet lmi global configuration command to globally disable E-LMI. Use the no form of the ethernet lmi interface configuration command with keywords to disable E-LMI on the interface or to return the timers to the default settings. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-34 OL-23400-01...
Page 731: Customer-Edge Device Configuration
CFM responds to the notification by sending a port status of Remote_Excessive_Errors in the Port Status TLV. The local port is set into loopback mode. • Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-35 OL-23400-01...
Page 732: Enabling Ethernet Oam
You must configure CFM and Ethernet OAM between the customer edge and the provider edge switch. Customer-edge switch 1 (CE1) configuration: Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-36 OL-23400-01...
Page 733 PE switch shows as Test and the remote CE switch goes into error-disable mode. Switch# ethernet oam remote-loopback start interface gigabitEthernet 0/1 This is a intrusive loopback. Therefore, while you test Ethernet OAM MAC connectivity, Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-37 OL-23400-01...
Page 734 Gi1/1/1 blue Total Remote MEPs: 1 In addition, if you shut down the CE1 interface that connects to PE1, the remote PE2 port will show a PortState of Down. Cisco ME 3800X and 3600X Switch Software Configuration Guide 32-38 OL-23400-01...
Page 735: Chapter 33 Configuring Ip Multicast Routing
Note For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS IP Command Reference, Volume 3 of 3: Multicast, Release 12.2. Understanding Cisco’s Implementation of IP Multicast Routing, page 33-1 •...
Page 736: Understanding Igmp
According to IPv4 multicast standards, the MAC destination multicast address begins with 0100:5e and is appended by the last 23 bits of the IP address. On the Cisco ME switch, if the multicast packet does not match the switch multicast address, the packets are treated in this way: If the packet has a multicast IP address and a unicast MAC address, the packet is forwarded in •...
Page 737: Igmp Version 1
RP compares to multiple active RPs for the same group in PIMv1. A bootstrap router (BSR) provides a fault-tolerant, automated RP discovery and distribution • mechanism that enables routers and multilayer switches to dynamically learn the group-to-RP mappings. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-3 OL-23400-01...
Page 738: Pim Modes
Prune messages are sent up the distribution tree to prune multicast group traffic. This action permits branches of the shared tree or SPT that were created with explicit join messages to be torn down when they are no longer needed. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-4 OL-23400-01...
Page 739: Pim Stub Routing
Hosts that are not directly connected to a downstream router can then join a multicast group sourced from an upstream network. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-5...
Page 740: Auto-Rp
This proprietary feature eliminates the need to manually configure the RP information in every router and multilayer switch in the network. For Auto-RP to work, you configure a Cisco router or multilayer switch as the mapping agent. It uses IP multicast to learn which routers or switches in the network are possible candidate RPs to receive candidate RP announcements.
Page 741: Multicast Forwarding And Reverse Path Check
Fast Ethernet 0/1 Fast Ethernet 0/2 Table 33-1 Routing Table Example for an RPF Check Network Port 151.10.0.0/16 Gigabit Ethernet 0/1 198.14.32.0/32 Fast Ethernet 0/1 204.1.16.0/24 Fast Ethernet 0/2 Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-7 OL-23400-01...
Page 742: Configuring Ip Multicast Routing
Multicast routing Disabled on all interfaces. PIM version Version 2. PIM mode No mode is defined. PIM RP address None configured. PIM domain border Disabled. PIM multicast boundary None. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-8 OL-23400-01...
Page 743: Multicast Routing Configuration Guidelines
PIMv2 BSR. However, Auto-RP is a standalone protocol, separate from PIMv1, and is a proprietary Cisco protocol. PIMv2 is a standards track protocol in the IETF. We recommend that you use PIMv2. The BSR mechanism interoperates with Auto-RP on Cisco routers and multilayer switches.
Page 744: Auto-Rp And Bsr Configuration Guidelines
If you have a network that includes non-Cisco routers, configure the Auto-RP mapping agent and • the BSR on a Cisco PIMv2 router or multilayer switch. Ensure that no PIMv1 device is on the path between the BSR and a non-Cisco PIMv2 router.
Page 745 PIM version, use the no ip pim version interface configuration command. To disable PIM on an interface, use the no ip pim interface configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-11 OL-23400-01...
Page 746: Configuring Pim Stub Routing
33-1: Switch(config)# ip multicast-routing distributed Switch(config)# interface GigabitEthernet0/25 Switch(config-if)# no switchport Switch(config-if)# ip address 3.1.1.2 255.255.255.0 Switch(config-if)# ip pim sparse-dense-mode Switch(config-if)# exit Switch(config)# interface vlan100 Switch(config-if)# ip pim passive Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-12 OL-23400-01...
Page 747: Configuring Source-Specific Multicast
SSM is a datagram delivery model that best supports one-to-many applications, also known as broadcast applications. SSM is a core networking technology for the Cisco implementation of IP multicast solutions targeted for audio and video broadcast application environments. The switch supports these...
Page 748: How Ssm Differs From Internet Standard Multicast
Configuring IP Multicast Routing Configuring IP Multicast Routing To run SSM with IGMPv3, SSM must be supported in the Cisco IOS router, the host where the application is running, and the application itself. How SSM Differs from Internet Standard Multicast The current IP multicast infrastructure in the Internet and many enterprise intranets is based on the PIM-SM protocol and Multicast Source Discovery Protocol (MSDP).
Page 749: Igmpv3 Host Signalling
Address Management Restrictions Address management is still necessary to some degree when SSM is used with Layer 2 switching mechanisms. Cisco Group Management Protocol (CGMP), IGMP snooping, or Router-Port Group Management Protocol (RGMP) support only group-specific filtering, not (S, G) channel-specific filtering.
Page 750: Configuring Ssm
SSM mapping to leverage SSM for video delivery to legacy STBs that do not support IGMPv3 or for applications that do not use the IGMPv3 host stack. This section covers these topics: Configuration Guidelines and Restrictions, page 33-17 • SSM Mapping Overview, page 33-17 • Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-16 OL-23400-01...
Page 751: Configuration Guidelines And Restrictions
• to a running DNS server. If you do not already have a DNS server running, you need to install one. You can use a product such as Cisco Network Registrar. SSM mapping restrictions: The SSM mapping feature does not have all the benefits of full SSM. Because SSM mapping takes •...
Page 752 TV channel. Thus, the server-side switchover mechanism ensures that only one of the servers is actively sending video traffic for the TV channel. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-18 OL-23400-01...
Page 753: Configuring Ssm Mapping
SSM mappings, if required. Step 6 Return to privileged EXEC mode. Step 7 show running-config Verify your entries. Step 8 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-19 OL-23400-01...
Page 754 DNS servers for redundancy, if required. Step 7 Return to privileged EXEC mode. Step 8 show running-config Verify your entries. Step 9 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-20 OL-23400-01...
Page 755: Monitoring Ssm Mapping
Display the IGMP packets received and sent and IGMP host-related events. Go to this URL to see SSM mapping monitoring examples: http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtssmma.html Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-21 OL-23400-01...
Page 756: Configuring A Rendezvous Point
(Optional) The override keyword means that if there is a conflict • between the RP configured with this command and one learned by Auto-RP or BSR, the RP configured with this command prevails. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-22 OL-23400-01...
Page 757: Configuring Auto-Rp
Switch(config)# access-list 1 permit 225.2.2.2 0.0.0.0 Switch(config)# ip pim rp-address 147.106.6.22 1 Configuring Auto-RP Auto-RP uses IP multicast to automate the distribution of group-to-RP mappings to all Cisco routers and multilayer switches in a PIM network. It has these benefits: •...
Page 758 1 to 99. If no access list is configured, the RP is used for all groups. • For interval seconds, specify how often the announcement messages must be sent. The default is 60 seconds. The range is 1 to 16383. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-24 OL-23400-01...
Page 759 In those routers or multilayer switches already configured with the ip pim accept-rp command, you must enter the command again to accept the newly advertised RP. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-25 OL-23400-01...
Page 760 If more than one mapping agent is used, the filters must be consistent across all mapping agents to ensure that no conflicts occur in the Group-to-RP mapping information. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-26 OL-23400-01...
Page 761: Configuring Pimv2 Bsr
These sections describe how to set up BSR in your PIMv2 network: • Defining the PIM Domain Border, page 33-28 (optional) • Defining the IP Multicast Boundary, page 33-29 (optional) Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-27 OL-23400-01...
Page 762 Configure the ip pim bsr-border ip pim bsr-border command on command on this interface. this interface. messages messages Neighboring Neighboring Layer 3 Layer 3 PIMv2 domain PIMv2 domain switch switch Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-28 OL-23400-01...
Page 763 You can configure one or more candidate BSRs. The devices serving as candidate BSRs should have good connectivity to other devices and be in the backbone portion of the network. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-29...
Page 764 IP multicast address space or a portion of it. Candidate RPs send candidate RP advertisements to the BSR. When deciding which devices should be RPs, consider these options: • In a network of Cisco routers and multilayer switches where only Auto-RP is used, any device can be configured as an RP. •...
Page 765: Using Auto-Rp And A Bsr
Switch(config)# access-list 4 permit 239.0.0.0 0.255.255.255 Using Auto-RP and a BSR If there are only Cisco devices in you network (no routers from other vendors), there is no need to configure a BSR. Configure Auto-RP in a network that is running both PIMv1 and PIMv2.
Page 766: Monitoring The Rp Mapping Information
• to display RPs. (Optional) Use the mapping keyword to display all group-to-RP mappings • of which the Cisco device is aware (either configured or learned from Auto-RP). Step 2 show ip pim rp-hash group On a PIMv2 router or multilayer switch, confirm that the same RP is the one that a PIMv1 system chooses.
Page 767: Configuring Advanced Pim Features
By default, reception of the first data packet prompts Router C to send a join message toward the source. When Router C receives data on (S,G), it sends a prune message for the source up the shared tree. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-33 OL-23400-01...
Page 768: Delaying The Use Of Pim Shortest-Path Tree
Place ones in the bit positions that you want to ignore. Recall that the access list is always terminated by an implicit deny statement for everything. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-34 OL-23400-01...
Page 769: Modifying The Pim Router-Query Message Interval
Step 4 Return to privileged EXEC mode. Step 5 show ip igmp interface [interface-id] Verify your entries. Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-35 OL-23400-01...
Page 770: Configuring Optional Igmp Features
Caution traffic for the group address. Beginning in privileged EXEC mode, follow these steps to configure the switch to be a member of a group. This procedure is optional. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-36 OL-23400-01...
Page 771: Controlling Access To Ip Multicast Groups
By default, all groups are allowed on an interface. For access-list-number, specify an IP standard access list number. The range is 1 to 99. Step 4 exit Return to global configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-37 OL-23400-01...
Page 772: Changing The Igmp Version
If you change to Version 1, you cannot configure the ip igmp Note query-interval or the ip igmp query-max-response-time interface configuration commands. Step 4 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-38 OL-23400-01...
Page 773: Modifying The Igmp Host-Query Message Interval
By default, the switch waits twice the query interval controlled by the ip igmp query-interval interface configuration command. After that time, if the switch has received no queries, it becomes the querier. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-39 OL-23400-01...
Page 774: Changing The Maximum Query Response Time For Igmpv2
Verify your entries. Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file. To return to the default setting, use the no ip igmp query-max-response-time interface configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-40 OL-23400-01...
Page 775: Configuring The Switch As A Statically Connected Member
The MBONE Session Directory Version 2 (sdr) tool provides this information. This freeware application can be downloaded from several sites on the World Wide Web, one of which is http://www.video.ja.net/mice/index.html. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-41 OL-23400-01...
Page 776: Enabling Sdr Listener Support
To return to the default setting, use the no ip sdr cache-timeout global configuration command. To delete the entire cache, use the clear ip sdr privileged EXEC command. To display the session directory cache, use the show ip sdr privileged EXEC command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-42 OL-23400-01...
Page 777: Configuring An Ip Multicast Boundary
The IANA has designated the multicast address range 239.0.0.0 to 239.255.255.255 as the administratively-scoped addresses. This range of addresses can then be reused in domains administered by different organizations. The addresses would be considered local, not globally unique. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-43 OL-23400-01...
Page 778: Monitoring And Maintaining Ip Multicast Routing
You can remove all contents of a particular cache, table, or database. Clearing a cache, table, or database might be necessary when the contents of the particular structure are or suspected to be invalid. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-44...
Page 779: Displaying System And Network Statistics
Display how the switch is doing Reverse-Path Forwarding (that is, from the unicast routing table or static mroutes). show ip sdr [group | “session-name” | detail] Display the Session Directory Protocol Version 2 cache. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-45 OL-23400-01...
Page 780: Monitoring Ip Multicast Routing
Display IP multicast packet rate and loss information. mtrace source [destination] [group] Trace the path from a source to a destination branch for a multicast distribution tree for a given group. Cisco ME 3800X and 3600X Switch Software Configuration Guide 33-46 OL-23400-01...
Page 781: Chapter 34 Configuring Mpls, Mpls Vpn, Mpls Oam, And Eompls
This chapter describes how to configure multiprotocol label switching (MPLS) and Ethernet over MPLS (EoMPLS) on the Cisco ME 3800X and ME 3600X switches. MPLS is a packet-switching technology that integrates link layer (Layer 2) switching with network layer (Layer 3) routing. With MPLS, data is transferred over any combination of Layer 2 technologies, using any Layer 3 protocol, with increased scalability.
Page 782: Understanding Mpls Services
“Configuring Ethernet Virtual Connections • (EVCs)” chapter. • For information about configuring H-VPLS on Cisco 7600 routers, see the “Configuring Multiprotocol Label Switching on the Optical Services Modules” section in the OSM Configuration Note, 12.2SX at: http://www.cisco.com/en/US/docs/routers/7600/install_config/12.2SR_OSM_config/mpls_ps368_ TSD_Products_Module_Configuration_Guide_Chapter.html#wp1423607 Understanding MPLS Services...
Page 783 The ME 3800X and ME 3600X switches perform these operations: • Push The ingress switch adds one or more labels. • The egress switch removes a label and forwards the packet. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-3 OL-23400-01...
Page 784: Understanding Mpls Vpns
VPN and prevents packets that are outside a VPN from being forwarded to a router within the VPN. Based on the routing information stored in the VRF IP routing table and the VRF Cisco Express Forwarding table, packets are forwarded to their destinations.
Page 785 Each VPN contains customer devices attached to the customer-edge (CE) devices. The customer devices use VPNs to exchange information between devices, and the provider routers (P) are not aware of the VPNs. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-5 OL-23400-01...
Page 786: Distribution Of Vpn Routing Information
VPN are learned only by other members of that VPN, which enables members of the VPN to communicate with each other. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-6...
Page 787: Configuring Mpls Vpns
CEF, see the “Configuring Cisco Express Forwarding” section on page 29-93. The switch supports MPLS forwarding on the following interfaces: • – Routed ports – SVIs – Routed EtherChannels Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-7 OL-23400-01...
Page 788: Enabling Mpls
MPLS. Use the no mpls ip global configuration command to disable MPLS on the switch. Use the no mpls label protocol ldp global configuration command to disable LDP. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-8 OL-23400-01...
Page 789: Defining Vpns
Use the no ip vrf vrf-name global configuration command to delete a VRF and remove interfaces from it. Use the no ip vrf forwarding interface configuration command to remove an interface from a VRF. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-9...
Page 790: Configuring Bgp Routing Sessions
(Optional) unicast—Specify VPNv4 unicast address prefixes. Step 4 neighbor ip-address activate Activate the advertisement of the IPv4 address family. Step 5 neighbor ip address send-community extended Step 6 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-10 OL-23400-01...
Page 791: Configuring Provider-Edge-To-Customer-Edge Routing Sessions
BGP Provider-Edge-to-Customer-Edge Configuration Beginning in privileged EXEC mode, follow these steps on the provider-edge router to configure a provider-edge-to-customer-edge (PE-to-CE) routing session in a provider network that uses BGP: Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-11 OL-23400-01...
Page 792: Ospf Provider-Edge-To-Customer-Edge Configuration
[metric-type {1 | 2}] Step 8 router bgp as-number Redistribute OSPF routes in MBGP. address-family ipv4 [unicast] vrf vrf-name redistribute ospf process-id [match {internal | external 1 | external 2}] Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-12 OL-23400-01...
Page 793: Ripv2 Provider-Edge-To-Customer-Edge Routing Sessions
Display the IP routing table associated with a VRF instance. Step 15 copy running-config startup-config (Optional) Save your entries in the configuration file. Use the no router rip global configuration command to disable RIP routing. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-13 OL-23400-01...
Page 794: Configuring Static Route Provider-Edge-To-Customer-Edge Routing Sessions
The network statement is used to identify which interfaces • to include in EIGRP. The VRF must be configured with addresses that fall within the wildcard-mask range of the network statement. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-14 OL-23400-01...
Page 795: Packet Flow In An Mpls Vpn
Step 2 Step 2 destination: CE2 VPN A, site 1 IP destination: Label N 16.2.1.1 destination: PE3 16.2/16 Label 42 VPN A, site 2 destination: CE2 IP destination: 16.2.1.1 Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-15 OL-23400-01...
Page 796: Sample Configurations
Vlan100 ip vrf forwarding A ip address 100.1.1.1 255.255.255.0 This example shows a Layer 3 VPN configured using non-switchport port mode: Switch# show run interface g0/24 interface GigabitEthernet0/24 Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-16 OL-23400-01...
Page 797: Understanding Mpls Traffic Engineering And Fast Reroute
LSP resource requirements and available network resources such as bandwidth. Available resources are flooded via extensions to the link-state based IGP. For more information on MPLS TE, see this URL: http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/12_4/mp_12_4_book.html Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-17 OL-23400-01...
Page 798: Mpls Te Fast Reroute
Link protection is also referred to as next hop (N-Hop) protection because the new route terminates • at the next hop beyond the LSP failure. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-18 OL-23400-01...
Page 799: Mpls Te Primary And Backup Autotunnel
Backup autotunnel enables a router to dynamically build backup tunnels when they are needed so • that you do not need to configure them manually. To configure backup autotunnel, enter the mpls traffic-eng auto-tunnel backup router configuration command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-19 OL-23400-01...
Page 800: Configuring Mpls Traffic Engineering And Fast Reroute
Appendix C, “Unsupported Commands in Cisco IOS Release 12.2(52)EY.” • To configure MPLS traffic engineering and fast reroute, the network must be running IP Cisco Express Forwarding (CEF) and MPLS and support at least one of these protocols: OSPF or IS-IS.
Page 801: Configuring An Mpls Te Tunnel
Step 14 next-address A.B.C.E Specify the next IP address in the explicit path. Step 15 next-address A.B.C.F Specify the second IP address in the explicit path. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-21 OL-23400-01...
Page 802: Configuring The Routing Protocol For Mpls Te
For information about the commands for MPLS TE fast reroute, see this URL: http://www.cisco.com/en/US/docs/ios/mpls/command/reference/mp_book.html Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-22 OL-23400-01...
Page 803 Enter the no tunnel mode mpls traffic-eng global configuration command to disable MPLS traffic engineering or the no ip explicit-path global configuration command to remove the IP explicit path configuration. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-23 OL-23400-01...
Page 804: Configuring A Protected Link To Use A Backup Tunnel
200 ms. Step 6 ip rsvp signalling hello Enable Hello signalling on the interface. Step 7 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-24 OL-23400-01...
Page 805: Configuring Primary And Backup Autotunnels
Step 8 Return to privileged EXEC mode. Step 9 show interface tunnel tunnel-num Verify the configuration. Step 10 copy running-config startup-config (Optional) Save your entries in the configuration file. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-25 OL-23400-01...
Page 806: Understanding Eompls
The ingress PE router receives an Ethernet frame and encapsulates the packet by removing the preamble, the start of frame delimiter (SFD), and the frame check sequence (FCS). The rest of the packet header is not changed. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-26 OL-23400-01...
Page 807: Interaction With Other Features
At the egress port, an MPLS tag is added to the frame header before it is mapped to a virtual connection and forwarded to the next MPLS PE (PE2). Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-27...
Page 808: Eompls And Layer 2 Tunneling
Switch(config)# interface GigabitEthernet0/24 Switch(config-if)# switchport trunk allowed vlan none Switch(config-if)# switchport mode trunk Switch(config-if)# no keepalive Switch(config-if)# service instance 1 ethernet Switch(config-if)# encapsulation untagged Switch(config-if)# l2protocol tunnel cdp Switch(config-if)# bridge-domain 102 Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-28 OL-23400-01...
Page 809: Eompls And Q In Q
Packets sent from the remote PE have an outer VLAN with any VLAN number and VLAN 11. The outer VLAN number is popped at this PE, and the packets are sent out from EFP 1 with VLAN 11. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-29...
Page 810: Eompls And Qos
This section includes this information about configuring EoMPLS on a switch used as a provider-edge router: Default EoMPLS Configuration, page 34-31 • EoMPLS Configuration Guidelines, page 34-31 • Configuring EoMPLS, page 34-31 • Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-30 OL-23400-01...
Page 811: Default Eompls Configuration
You configure VLAN-based EoMPLS on a VLAN interface. When VLAN-based EoMPLS is enabled, the switch associates the tunnel and virtual-connection labels based on the VLAN ID. You use the same commands to enable port-based EoMPLS. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-31 OL-23400-01...
Page 812 Switch(config-if)# xconnect 20.20.20.20 123 encapsulation mpls Enter these commands on the PE2 switch: Switch(config)# interface loopback0 Switch(config-if)# ip address 20.20.20.20 255.255.255.255 Switch(config-if)# exit Switch(config)# interface vlan 4 Switch(config-if)# xconnect 10.10.10.10 123 encapsulation mpls Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-32 OL-23400-01...
Page 813: Configuring The Pseudowire Using Pseudowire Class
Targeted Hello: 51.51.51.51(LDP Id) -> 2.2.2.2 Status TLV support (local/remote) : enabled/unknown (no remote binding) Label/status state machine : local standby, AC-ready, LnuRnd Last local dataplane status rcvd: no fault Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-33 OL-23400-01...
Page 814: Configuring L2Vpn Interworking
Create a pseudowire class with the specified name and enter pseudowire class configuration mode. Step 3 encapsulation mpls Specify tunneling encapsulation. For AToM, the encapsulation type is mpls. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-34 OL-23400-01...
Page 815: Eompls And Evc
Switch(config-if) encapsulation dot1q 12 Switch(config-if) bridge-domain 100 Switch(config-if) service instance 2 ethernet Switch(config-if) description case 101 Switch(config-if) encapsulation dot1q 13 Switch(config-if) rewrite ingress tag pop 1 symmetric Switch(config-if) bridge-domain 100 Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-35 OL-23400-01...
Page 816: Packet Flow In An Eompls Network
When switch PE2 is configured with the EoMPLS tunnel, it also establishes a targeted LDP session to advertise the virtual-connection label it associated to the VC ID. This establishes an EoMPLS tunnel between switch PE1 and switch PE2. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-36 OL-23400-01...
Page 817: Configuring L2Vpn Pseudowire Redundancy
This feature provides the ability to recover from a failure of either the remote provider edge (PE) router or of the link between the PE and customer edge (CE) routers. For more information see this URL: http://www.cisco.com/en/US/docs/ios/wan/configuration/guide/wan_l2vpn_pw_red_ps6441_TSD_Pro ducts_Configuration_Guide_Chapter.html Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-37 OL-23400-01...
Page 818: Configuration Guidelines
Forcing a Manual Switchover to the Backup Pseudowire VC, page 34-40 • Monitoring L2VPN Pseudowire Redundancy, page 34-40 • Configuration Guidelines Follow these guidelines when configuring L2 VPN pseudowire redundancy: Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-38 OL-23400-01...
Page 819: Configuring Pseudowire Redundancy
The range is 0 to 180 seconds; the default is 0. If you enter never, the switchback to the primary • pseudowire never occurs. Step 6 Return to privileged EXEC mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-39 OL-23400-01...
Page 820: Forcing A Manual Switchover To The Backup Pseudowire Vc
Display detailed or summary information about the active virtual connections that are enabled to route Layer 2 packets on a provider-edge device. show vfi vfi-name Display information about a VPLS VFI. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-40 OL-23400-01...
Page 821: Support For H-Vpls
With no direct connections, H-VPLS allows the customer switches from PE1 to connect to customer switches connected to PE2. Figure 34-8 H-VPLS Configuration Example Control plane Directed LDP PE-CLE PE-POP PE-POP PE-CLE Data plane 802.1Q tunnel MPLS EoMPLS 802.1Q Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-41 OL-23400-01...
Page 822: Understanding Mpls Oam
For a list of commands that are visible in the CLI help, but not supported on the switch, see Appendix C, “Unsupported Commands in Cisco IOS Release 12.2(52)EY.” Beginning with Cisco IOS Release 12.2(40)SE, the switch supports these additional keywords for the ping mpls and traceroute mpls privileged EXEC commands to support RFC4379: Entering the dsmap keyword with the ttl keyword to the ping command allows you configure a •...
Page 823: Lsp Ping
To allow interoperability between these IETF RFC 4379 drafts, the revision keyword was added to enable Cisco IOS releases to support the existing draft changes and any changes from future versions of the IETF LSP Ping draft. The switch supports revision 2 and RFC 4329 Compliant.
Page 824: Lsp Traceroute
BGP next-hop provider-edge routers and creates individual IP SLAs LSP ping operations for each applicable BGP next-hop neighbor. For more information on configuring the LSP Health Monitor, go to this URL: http://www.cisco.com/en/US/docs/ios/ipsla/configuration/guide/sla_lsp_mon_autodisc.html Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-44 OL-23400-01...
Page 825: Lsp Tree Trace And Ip Slas Ecmp Tree Trace
Default MPLS OAM Configuration MPLS OAM LSP ping and traceroute are not configured. The IP SLAs MPLS LSP Health Monitor is not configured. The mpls oam global configuration command is enabled. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-45 OL-23400-01...
Page 826: Mpls Oam Configuration Guidelines
5 times. [flags fec] (Optional) reply dscp dscp-value—Specify a specific class of service • (CoS) in an echo reply by providing a differentiated services code point (DSCP) value. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-46 OL-23400-01...
Page 827 (Optional) flags fec—Request FEC stack checking at the transit router. • This is an example of an LSP ping: Switch# ping mpls ipv4 10.131.159.251/32 destination 127.0.0.1 127.0.0.2 0.0.0.1 repeat 2 sweep 1450 1475 25 Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-47 OL-23400-01...
Page 828: Using Lsp Traceroute For Ldp Ipv4 Fec
(Optional) output interface interface-id—Specify the output interface for the echo request. • (Optional) nexthop ip-address—Force packets to go through the specified next-hop address. (Optional) flags fec—Request FEC stack checking at the transit • router. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-48 OL-23400-01...
Page 829: Using Lsp Ping For Pseudowire (Atom Vccv)
The range is from 40 to 18024. The default is 100. (Optional) sweep minimum maximum size-increment —Send a • number of packets of different sizes. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-49 OL-23400-01...
Page 830: Configuring Ip Slas Mpls Ping And Traceroute
For more details about IP SLAs operations, see Chapter 34, “Configuring MPLS, MPLS VPN, MPLS OAM, and EoMPLS.” For detailed information about IP SLAs commands, see the command reference at this URL: http://www.cisco.com/en/US/docs/ios/ipsla/command/reference/sla_book.html Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-50 OL-23400-01...
Page 831: Configuring The Ip Slas Lsp Health Monitor
(Optional) Add an explicit null label to all echo request packets of an IP SLAs operation. Step 8 lsp-selector ip-address (Optional) Specify the local host IP address used to select the IP SLAs operation LSP. The default is 127.0.0.1. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-51 OL-23400-01...
Page 832 Exit IP SLAs MPLS LSP monitor path discover configuration mode and return to auto IP SLA MPLS parameter configuration mode. Step 19 exit Exit auto IP SLA MPLS parameter configuration mode and returns to global configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-52 OL-23400-01...
Page 833 Step 25 copy running-config startup-config (Optional) Save your entries in the configuration file. Step 26 show ip sla mpls-lsp-monitor summary Display a summary of IP SLAs LSP MPLS status. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-53 OL-23400-01...
Page 834: Manually Configuring Ip Slas Mpls Lsp Ping Or Traceroute
The range is 0 to 7; the default value is 0. Step 5 request-data-size bytes (Optional) Specify the protocol data size for an IP SLAs request packet. The range is 100 to 1500; the default is 100 bytes. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-54 OL-23400-01...
Page 835 Step 15 copy running-config startup-config (Optional) Save your entries in the configuration file. Step 16 show ip sla statistics [operation-number] Display the statistics of a scheduled LSP monitoring operation. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-55 OL-23400-01...
Page 836: Using Lsp Tree Trace
• (Optional) reply dscp dscp-value—Specify a specific class of interface-id [nexthop ip-address]] [flags service (CoS) in an echo reply by providing a differentiated services fec] code point (DSCP) value. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-56 OL-23400-01...
Page 837: Configuring Ecmp Ip Slas Tree Trace
IP SLAs Health Monitor operation. Step 5 hours-or-statistics kept hours (Optional) Set the number of hours for which LSP discovery group statistics are maintained for an LSP Health Monitor operation. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-57 OL-23400-01...
Page 838 Exit IP SLAs MPLS LSP monitor path discover configuration mode and return to auto IP SLA MPLS parameter configuration mode. Step 13 exit Exit auto IP SLA MPLS parameter configuration mode and returns to global configuration mode. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-58 OL-23400-01...
Page 839 Step 17 Return to privileged EXEC mode. Step 18 show ip sla mpls-lsp-monitor configuration Show the configured LSP monitoring operations. [operation-number] Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-59 OL-23400-01...
Page 840: Monitoring And Maintaining Mpls And Eompls
Display the contents of the label information base (LIB). show mpls ldp discovery Display the status of the LDP discovery process. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-60 OL-23400-01...
Page 841 Display link information about MPLS traffic engineering link management. show mpls traffic-eng topology Display the MPLS traffic engineering global topology as currently known at a node. show mpls traffic-eng tunnel Display information about MPLS traffic-engineering tunnels. Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-61 OL-23400-01...
Page 842 Chapter 34 Configuring MPLS, MPLS VPN, MPLS OAM, and EoMPLS Monitoring and Maintaining MPLS and EoMPLS Cisco ME 3800X and 3600X Switch Software Configuration Guide 34-62 OL-23400-01...
Page 843: Chapter 35 Troubleshooting
C H A P T E R Troubleshooting This chapter describes how to identify and resolve software problems related to the Cisco IOS software on the Cisco ME 3800X and ME 3600X switch. You can use the command-line interface (CLI) to identify and solve problems.
Page 844: Recovering From A Lost Or Forgotten Password
Disabling password recovery provides configuration file security by preventing unauthorized users from accessing the configuration file. The Cisco ME switch boot loader uses break-key detection to stop the automatic boot sequence for the password recovery purpose. The break key character is different for each operating system.
Page 845: Procedure With Password Recovery Enabled
The switch file system appears: Directory of flash: drwx Mar 01 1993 22:30:48 image-name-mz.122-50-EX -rwx 5825 Mar 01 1993 22:31:59 config.text -rwx Mar 01 1993 02:21:30 vlan.dat Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-3 OL-23400-01...
Page 846 VLAN ID of the shutdown interface. With the switch in interface configuration mode, enter the no shutdown command. Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-4 OL-23400-01...
Page 847: Procedure With Password Recovery Disabled
The switch file system appears: Directory of flash: drwx Mar 01 1993 22:30:48 image-name-mz.122-50-SE 16128000 bytes total (10003456 bytes free) Boot the system: Step 4 Switch: boot Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-5 OL-23400-01...
Page 848: Preventing Autonegotiation Mismatches
• Let both ports autonegotiate both speed and duplex. Manually set the speed and duplex parameters for the ports on both ends of the connection. • Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-6 OL-23400-01...
Page 849: Sfp Module Security And Identification
If you are using a non-Cisco SFP module, remove the SFP module from the switch, and replace it with a Cisco module. After inserting a Cisco SFP module, use the errdisable recovery cause gbic-invalid global configuration command to verify the port status, and enter a time interval for recovering from the error-disabled state.
Page 850: Using Ping
To end a ping session, simultaneously press and release the Ctrl, Shift, and 6 keys, and then press the X key. Using Layer 2 Traceroute • Understanding Layer 2 Traceroute, page 9 • Layer 2 Traceroute Usage Guidelines, page 9 • Displaying the Physical Path, page 10 Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-8 OL-23400-01...
Page 851: Understanding Layer 2 Traceroute
Ports configured with service instances do not support Layer 2 traceroute. • Cisco Discovery Protocol (CDP) must be enabled on all the devices in the network. For Layer 2 • traceroute to function properly, do not disable CDP. CDP is enabled by default. If any devices in the physical path are transparent to CDP, the switch cannot identify the path through these devices.
Page 852: Displaying The Physical Path
When a host receives a datagram destined to itself containing a destination port number that is unused locally, it sends an ICMP Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-10...
Page 853: Executing Ip Traceroute
The probe timed out. Unknown packet type. Administratively unreachable. Usually, this output means that an access list is blocking traffic. Host unreachable. Network unreachable. Protocol unreachable. Source quench. Port unreachable. Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-11 OL-23400-01...
Page 854: Using Tdr
ITDR is supported only on the copper Ethernet 10/100/1000 ports. Using Debug Commands • Enabling Debugging on a Specific Feature, page 13 • Enabling All-System Diagnostics, page 13 • Redirecting Debug and Error Message Output, page 14 Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-12 OL-23400-01...
Page 855: Enabling Debugging On A Specific Feature
For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. It is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.
Page 856: Redirecting Debug And Error Message Output
Cisco IOS image to fail (crash). The switch writes the crash information to the console at the time of the failure, and the file is created the next time you boot the Cisco IOS image after the failure (instead of while the system is failing).
Page 857: Using On-Board Failure Logging
You should manually set the system clock, or configure it by using Network Time Protocol (NTP). When the switch is running, you can retrieve the OBFL data by using the show logging onboard privileged EXEC commands. If the switch fails, contact your Cisco technical support representative to find out how to retrieve the data.
Page 858: Displaying Obfl Information
Display the UDI information for a standalone switch and for all the connected FRU devices: the PID, the VID, and the serial number. show logging onboard message Display the hardware-related messages generated by a switch. Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-16 OL-23400-01...
Page 859 Current reset timestamp : 03/01/1993 00:05:43 Current slot Current uptime 0 years 0 weeks 2 days 6 hours 0 minutes -------------------------------------------------------------------------------- Reset Reason | Count -------------------------------------------------------------------------------- No historical data to display -------------------------------------------------------------------------------- Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-17 OL-23400-01...
Page 860 No historical data to display ------------------------------------------------------------------------------------------ For more information about using the commands in Table 35-2 and for examples of OBFL data, see the command reference for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide 35-18 OL-23400-01...
Page 861: Configuring Online Diagnostics Understanding Online Diagnostics
C H A P T E R Configuring Online Diagnostics This chapter describes how to configure the online diagnostics on the Cisco ME 3800X and ME 3600X switch. For complete syntax and usage information for the commands used in this chapter, see the command Note reference for this release.
Page 862: C H A P T E R 36 Configuring Online Diagnostics
This example shows how to schedule diagnostic testing for a specific day and time and verify the schedule: Switch(config)# diagnostic schedule test 1 on Dec 4 2008 10:22 Cisco ME 3800X and 3600X Switch Software Configuration Guide 36-2 OL-23400-01...
Page 863: Running Online Diagnostic Tests
After you configure diagnostic tests to run on the switch, use the diagnostic start privileged EXEC command to begin diagnostic testing. After starting the tests, you cannot stop the testing process. Note Cisco ME 3800X and 3600X Switch Software Configuration Guide 36-3 OL-23400-01...
Page 864: Displaying Online Diagnostic Tests And Results
This is an example of the output from the show diagnostic result command: Switch# show diagnostic result SerialNo : FOC1225U4CY Overall diagnostic result: PASS Test results: (. = Pass, F = Fail, U = Untested) Cisco ME 3800X and 3600X Switch Software Configuration Guide 36-4 OL-23400-01...
Page 865 POST: EMAC Loopback Tests : End, Status Passed For more examples of other show diagnostic command outputs, see the “Examples” section of the show diagnostic command in the command reference for this release. Cisco ME 3800X and 3600X Switch Software Configuration Guide 36-5 OL-23400-01...
Page 866 Chapter 36 Configuring Online Diagnostics Running Online Diagnostic Tests Cisco ME 3800X and 3600X Switch Software Configuration Guide 36-6 OL-23400-01...
Page 867: Appendix
SNMP message: configured community string @x. CISCO-CDP-MIB • CISCO-CLASS-BASED-QOS-MIB • CISCO-ENTITY-FRU-CONTROL-MIB • CISCO-ENTITY-SENSOR MIB • • CISCO-ETHER-CFM-MIB • CISCO-FLASH-MIB • CISCO-HSRP-MIB CISCO-IETF-PW-MIB • CISCO-IMAGE-MIB • CISCO-MEMORY-POOL-MIB • CISCO-NAC-NAD-MIB • • CISCO-PAE-MIB • CISCO-PAGP-MIB Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 868: Using Ftp To Access The Mib Files
RMON2-MIB • SNMPv2-MIB • TDR-MIB For information about MIB support for a specific Cisco product and release, go to the MIB Locator tool Note at this URL: http://tools.cisco.com/ITDIT/MIBS/MainServlet Using FTP to Access the MIB Files You can obtain each MIB file by using this procedure: Make sure that your FTP client is in passive mode.
Page 869 Appendix A Supported MIBs Using FTP to Access the MIB Files Step 6 Use the get MIB_filename command to obtain a copy of the MIB file. Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 870 Appendix A Supported MIBs Using FTP to Access the MIB Files Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 871: Appendix
Working with the Cisco IOS File System, Configuration Files, and Software Images This appendix describes how to manipulate the Cisco ME 3800X and ME 3600X switch flash file system, how to copy configuration files, and how to archive (upload and download) software images to a switch.
Page 872 Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with the Flash File System Displaying Available File Systems To display the available file systems on your switch, use the show file systems privileged EXEC command as shown in this example.
Page 873: A P P E N D I X B Working With The Cisco Ios File System, Configuration Files, And Software Images
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with the Flash File System Setting the Default File System You can specify the file system or directory that the system uses as the default file system by using the cd filesystem: privileged EXEC command.
Page 874: Creating And Removing Directories
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with the Flash File System Creating and Removing Directories Beginning in privileged EXEC mode, follow these steps to create and remove a directory: Command Purpose...
Page 875: Deleting Files
Secure Copy Protocol” section on page 8-39. Note For more information on how to configure and verify SCP, see the “Secure Copy ” chapter of the Cisco IOS Security Configuration Guide, Cisco IOS Release 12.4, at this URL: http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_secure_copy_ps6350 _TSD_Products_Configuration_Guide_Chapter.html Local writable file systems include flash:.
Page 876: Creating, Displaying, And Extracting Tar Files
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with the Flash File System Creating, Displaying, and Extracting tar Files You can create a tar file and write files into it, list the files in a tar file, and extract the files from a tar file as described in the next sections.
Page 877: Extracting A Tar File
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with the Flash File System • For the RCP, the syntax is rcp:[[//username@location]/directory]/tar-filename.tar For the TFTP, the syntax is • tftp:[[//location]/directory]/tar-filename.tar The tar-filename.tar is the tar file to display.
Page 878: Displaying The Contents Of A File
This section describes how to create, load, and maintain configuration files. Configuration files contain commands entered to customize the function of the Cisco IOS software. A way to create a basic configuration file is to use the setup program or to enter the setup privileged EXEC command.
Page 879: Guidelines For Creating And Using Configuration Files
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files • Copying Configuration Files By Using RCP, page B-15 • Clearing Configuration Information, page B-18 Replacing and Rolling Back Configurations, page B-19 •...
Page 880: Creating A Configuration File By Using A Text Editor
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files Creating a Configuration File By Using a Text Editor When creating a configuration file, you must list commands logically so that the system can respond appropriately.
Page 881: Downloading The Configuration File By Using Tftp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files • Ensure that the configuration file to be downloaded is in the correct directory on the TFTP server (usually /tftpboot on a UNIX workstation).
Page 882: Copying Configuration Files By Using Ftp
The FTP protocol requires a client to send a remote username and password on each FTP request to a server. When you copy a configuration file from the switch to a server by using FTP, the Cisco IOS software sends the first valid username in this list: •...
Page 883: Preparing To Download Or Upload A Configuration File By Using Ftp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files Preparing to Download or Upload a Configuration File By Using FTP Before you begin downloading or uploading a configuration file by using FTP, do these tasks: Ensure that the switch has a route to the FTP server.
Page 884: Uploading A Configuration File By Using Ftp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files This example shows how to copy a configuration file named host1-confg from the netadmin1 directory on the remote server with an IP address of 172.16.101.101 and to load and run those commands on the switch: Switch# copy ftp://netadmin1:mypass@172.16.101.101/host1-confg system:running-config...
Page 885: Copying Configuration Files By Using Rcp
The RCP requires a client to send a remote username with each RCP request to a server. When you copy a configuration file from the switch to a server, the Cisco IOS software sends the first valid username in this list: •...
Page 886: Preparing To Download Or Upload A Configuration File By Using Rcp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files • The remote username associated with the current TTY (terminal) process. For example, if the user is connected to the router through Telnet and was authenticated through the username command, the switch software sends the Telnet username as the remote username.
Page 887: Downloading A Configuration File By Using Rcp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files Downloading a Configuration File By Using RCP Beginning in privileged EXEC mode, follow these steps to download a configuration file by using RCP:...
Page 888: Uploading A Configuration File By Using Rcp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files Uploading a Configuration File By Using RCP Beginning in privileged EXEC mode, follow these steps to upload a configuration file by using RCP:...
Page 889: Clearing The Startup Configuration File
Replacing and Rolling Back Configurations The configuration replacement and rollback feature replaces the running configuration with any saved Cisco IOS configuration file. You can use the rollback function to roll back to a previous configuration. These sections contain this information: Understanding Configuration Replacement and Rollback, page B-19 •...
Page 890: Configuration Replacement And Rollback Guidelines
EXEC command displays information for all the configuration files saved in the configuration archive. The Cisco IOS configuration archive, in which the configuration files are stored and available for use with the configure replace command, is in any of these file systems: FTP, HTTP, RCP, TFTP.
Page 891: Configuring The Configuration Archive
When using the configure replace command, you must specify a saved configuration as the replacement configuration file for the running configuration. The replacement file must be a complete configuration generated by a Cisco IOS device (for example, a configuration generated by the copy running-config destination-url command).
Page 892: Performing A Configuration Replacement Or Rollback Operation
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Configuration Files Performing a Configuration Replacement or Rollback Operation Beginning in privileged EXEC mode, follow these steps to replace the running configuration file with a...
Page 893: Working With Software Images
Image Location on the Switch The Cisco IOS image is stored as a .bin file in a directory that shows the version number. A subdirectory contains the files needed for web management. The image is stored on the system board flash memory (flash:).
Page 894: Tar File Format Of Images On A Server Or Cisco.com
Cisco IOS image total_image_file_size Specifies the size of all the images (the Cisco IOS image and the web management files) in the tar file, which is an approximate measure of how much flash memory is required to hold them...
Page 895: Preparing To Download Or Upload An Image File By Using Tftp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images These sections contain this configuration information: • Preparing to Download or Upload an Image File By Using TFTP, page B-25 Downloading an Image File By Using TFTP, page B-26 •...
Page 896: Downloading An Image File By Using Tftp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images Downloading an Image File By Using TFTP You can download a new image file and replace the current image or keep the current image.
Page 897: Uploading An Image File By Using Tftp
The archive upload-sw privileged EXEC command builds an image file on the server by uploading these files in order: info, the Cisco IOS image, and the web management files. After these files are uploaded, the upload algorithm creates the tar file format.
Page 898: Preparing To Download Or Upload An Image File By Using Ftp
The FTP protocol requires a client to send a remote username and password on each FTP request to a server. When you copy an image file from the switch to a server by using FTP, the Cisco IOS software sends the first valid username in this list: The username specified in the archive download-sw or archive upload-sw privileged EXEC •...
Page 899: Downloading An Image File By Using Ftp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images • If you are accessing the switch through the console or a Telnet session and you do not have a valid username, make sure that the current FTP username is the one that you want to use for the FTP download.
Page 900 Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images Command Purpose Step 7 archive download-sw /overwrite /reload Download the image file from the FTP server to the switch, ftp:[[//username[:password]@location]/directory] and overwrite the current image.
Page 901: Uploading An Image File By Using Ftp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images The algorithm installs the downloaded image onto the system board flash device (flash:). The image is placed into a new directory named with the software version string, and the BOOT environment variable is updated to point to the newly installed image.
Page 902: Copying Image Files By Using Rcp
RCP requires a client to send a remote username on each RCP request to a server. When you copy an image from the switch to a server by using RCP, the Cisco IOS software sends the first valid username in this list: The username specified in the archive download-sw or archive upload-sw privileged EXEC •...
Page 903: Downloading An Image File By Using Rcp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images • The remote username associated with the current TTY (terminal) process. For example, if the user is connected to the router through Telnet and was authenticated through the username command, the switch software sends the Telnet username as the remote username.
Page 904 Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images Command Purpose Step 2 Log into the switch through the console port or a Telnet session. Step 3 configure terminal Enter global configuration mode.
Page 905: Uploading An Image File By Using Rcp
Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images Working with Software Images The download algorithm verifies that the image is appropriate for the switch model and that enough DRAM is present, or it aborts the process and reports an error. If you specify the /overwrite option, the download algorithm removes the existing image on the flash device whether or not it is the same as the new one, downloads the new image, and then reloads the software.
Page 906 The archive upload-sw privileged EXEC command builds an image file on the server by uploading these files in order: info, the Cisco IOS image, and the web management files. After these files are uploaded, the upload algorithm creates the tar file format.
Page 907: Appendix
This appendix lists some of the command-line interface (CLI) commands that appear when you enter the question mark (?) at the Cisco Metro Ethernet (ME) 3800X and ME 3600X switch prompt but are not supported in this release, either because they are not tested or because of switch hardware limitations.
Page 908: A P P E N D I X C Unsupported Commands In Cisco Ios Release 12.2(52)Ey
Interface Configuration Mode arp probe Hot Standby Routing Protocol (HSRP) Commands Global Configuration Mode interface Async interface BVI interface Dialer interface Group-Async interface Lex interface Virtual-Template interface Virtual-Tokenring Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 909: Interface Configuration Mode
Global Configuration Mode All ip dvmrp commands ip multicast-routing vrf vrf-name ip pim accept-rp ip pim register-rate-limit Interface Configuration Mode All ip dvmrp commands ip igmp helper-address ip-address Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 910: Global Configuration Mode
[load-interval seconds] [update-rate seconds]] ip flow-aggregation ip flow-cache ip flow-export ip gratuitous-arps ip local ip reflexive-list router iso-igrp router mobile router odr Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 911: Interface Configuration Mode
[interface-id..] set ip default next-hop ip-address [ip-address..] set ip destination ip-address mask set ip precedence value set ip qos-group set metric-type internal set origin set metric-type internal VPN Configuration Mode Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 912: Multiprotocol Label Switching (Mpls) Commands
Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 913: Routing Configuration Mode
| name [prefix-list list] (Because BGP/MBGP is not supported, use the ip msdp peer command instead of this command.) NetFlow Commands Global Configuration Mode ip flow-aggregation cache ip flow-cache entries Quality of Service (QoS) Commands Global Configuration Mode priority-list Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 914: Interface Configuration Mode
Simple Network Management Protocol (SNMP) Commands Global Configuration Mode snmp-server enable informs snmp-server ifindex persist Spanning Tree Commands Global Configuration Mode spanning-tree pathcost method {long | short} spanning-tree transmit hold-count Interface Configuration Mode spanning-tree stack-port Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 915: Vlan Commands
All clear ip dhcp snooping commands All clear ipv6 commands Debug Commands All debug dot1x commands All debug ip dhcp snooping commands debug ip verify source packet All debug platform commands Cisco ME 3800X and 3600X Switch Software Configuration Guide OL-23400-01...
Page 916: Show Commands
Interface Configuration Mode All dot1x commands All ip arp inspection commands All ip dhcp snooping commands ip sticky-arp ignore ip verify source [tracking | vlan] transmit-interface type number Cisco ME 3800X and 3600X Switch Software Configuration Guide C-10 OL-23400-01...
Page 917 26-37 named, IPv4 26-14 time ranges to 26-16 port 26-2 to an interface 26-19 precedence of 26-2 to QoS 27-9 27-9 classifying traffic for QoS 27-28 resequencing entries 26-14 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-1 OL-23400-01...
Page 918 ISO IGRP 29-61 adding and removing 5-26 defined 5-19 configuring 29-7 address resolution 5-30, 29-7 defined 1-4, 5-30, 29-7 Address Resolution Protocol encapsulation 29-9 See ARP static cache configuration 29-7 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-2 OL-23400-01...
Page 919 9-15 peers, configuring 29-55 mismatches 35-6 prefix filtering 29-52 autonomous system boundary routers resetting sessions 29-47 See ASBRs route dampening 29-59 autonomous systems, in BGP 29-45 route maps 29-50 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-3 OL-23400-01...
Page 920 20-1 BPDU guard disabling for routing device 20-3 to 20-4 described 15-2 enabling and disabling disabling 15-7 on an interface 20-4 enabling 15-6 on a switch 20-3 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-4 OL-23400-01...
Page 921 32-6 discard class 27-11 messages in packet headers 27-5 continuity check 32-5 per-port per VLAN 27-11 loopback 32-5 QoS group 27-10 traceroute 32-5 classless interdomain routing Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-5 OL-23400-01...
Page 922 B-19 clock priority creating using a text editor B-10 default name 3-18 Configuration Engine deleting a stored configuration B-19 configID, deviceID, hostname described configuration service downloading Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-6 OL-23400-01...
Page 923 PIM stub routing 33-12 MPLS 34-5 pseudowire redundancy 34-38 QoS class maps 27-26, 27-41 16-7 rollback and replacement B-20 data collection, bulk statistics 25-20 33-15 daylight saving time 5-13 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-7 OL-23400-01...
Page 924 MAC address-table move update 17-7 configuring MPLS 34-7 client side MPLS OAM 34-45 MPLS QoS 27-53 relay device MPLS TE and fast reroute 34-20 server side MSTP 14-14 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-8 OL-23400-01...
Page 925 DoM, displaying supported transceivers 9-22 editing features domain names, DNS 5-15 enabling and disabling Domain Name System keystrokes used See DNS wrapped lines domains, ISO IGRP routing 29-61 EIGRP downloading Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-9 OL-23400-01...
Page 926 34-60 displaying status 28-20 packet flow 34-36 interaction with other features 28-5 equal cost multipath tree trace learn method and priority configuration 28-16 See ECMP tree trace modes 28-4 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-10 OL-23400-01...
Page 927 13-3, 13-14 default configuration 32-24 external BGP discovery 32-23 See EBGP enabling 32-24, 32-36 external neighbors, BGP 29-45 features 32-23 link monitoring 32-23, 32-26 messages 32-23 protocol Fast Convergence 17-3 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-11 OL-23400-01...
Page 928 See Ethernet management port configuring VLAN load balancing 17-10 gigabitethernet0 port default configuration 17-7 See Ethernet management port description 17-1 global configuration mode link load balancing 17-2 global leave, IGMP 18-10 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-12 OL-23400-01...
Page 929 18-9 spoke connections 34-41 configuring the switch as a member of a group 33-36 statically connected member 33-41 controlling access to groups 33-37 IBGP 34-6 default configuration 33-36 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-13 OL-23400-01...
Page 930 18-14 interface configuration, REP 16-9 described 18-13 interface configuration mode monitoring 18-18 interfaces IGMP groups configuration guidelines, duplex and speed 9-14 configuring filtering 18-17 configuring Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-14 OL-23400-01...
Page 931 26-9, 26-13 configuration guidelines 33-10 implicit masks 26-9 configuring candidate BSRs 33-29 named 26-14 configuring candidate RPs 33-30 undefined 26-20 defining the IP multicast boundary 33-29 IP addresses Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-15 OL-23400-01...
Page 932 LSP ping 34-54 configuring PIMv2 BSR 33-27 manually configuring LSP traceroute 34-54 monitoring mapping information 33-32 measuring network performance 31-2 using Auto-RP and BSR 33-31 monitoring 31-12 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-16 OL-23400-01...
Page 933 29-10 area routing 29-61 networks 29-96 default configuration 29-62 routes 29-96 monitoring 29-70 routing 29-2 show commands 29-70 directed broadcasts 29-12 support for disabling 29-17 system routing 29-61 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-17 OL-23400-01...
Page 934 Leaking IGMP Reports 17-4 server 8-32 lightweight directory access protocol support for See LDAP switch as trusted third party 8-31 line configuration mode terms 8-32 Link Aggregation Control Protocol Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-18 OL-23400-01...
Page 935 5-21 with TACACS+ 8-14 in ACLs 26-26 login banners 5-17 IP address association 29-7 log messages static See system message logging adding 5-27 loop guard allowing 5-28, 5-29 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-19 OL-23400-01...
Page 936 EIGRP 29-40 manual preemption, REP, configuring 16-13 E-LMI 32-35 match command, QoS EoMPLS 34-60 for classification 27-3, 27-7 Ethernet CFM 32-20, 32-22 guidelines 27-26, 27-41 Ethernet OAM 32-32 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-20 OL-23400-01...
Page 937 MP-BGP 34-16 MPLS configuration guidelines 34-7 configuring 34-8 labels 34-4 default configuration 34-7 packet flow 34-15 experimental field 27-11 MPLS OAM fast link change detection 34-19 configuration guidelines 34-46 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-21 OL-23400-01...
Page 938 14-2 port priority 14-19 hop-count mechanism 14-5 root switch 14-17 14-2 secondary root switch 14-18 supported spanning-tree instances 14-2 switch priority 14-22 optional features supported overview 14-2 defined 14-3 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-22 OL-23400-01...
Page 939 29-88 nontrunking mode 10-10 configuration guidelines 29-82 normal-range VLANs configuring 29-82 characteristics 10-3 default configuration 29-82 configuring 10-5 defined 29-80 defined 10-1 displaying 29-92 no switchport command Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-23 OL-23400-01...
Page 940 32-33 packet classification client 32-23 defined 27-5 features 32-23 to organize traffic 27-2 sublayer 32-23 packet marking OAM PDUs 32-24 configuring 27-32 OAM protocol data units 32-22 defined 27-14 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-24 OL-23400-01...
Page 941 26-2 rendezvous point (RP), described 33-4 types of 26-3 RPF lookups 33-8 Port Aggregation Protocol displaying neighbors 33-45 See EtherChannel enabling a mode 33-11 port blocking 1-2, 19-5 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-25 OL-23400-01...
Page 942 16-4 described 13-9 primary links 17-2 instances supported 13-9 primary pseudowire 34-38 priority, HSRP 30-7 priority command for QoS scheduling 27-17 for strict priority queuing 27-20 basic model 27-2 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-26 OL-23400-01...
Page 943 27-9 RADIUS input policy maps 27-22 attributes IP packet classification 27-5 vendor-proprietary 8-29 marking, described 27-2 vendor-specific 8-28 match command 27-7 configuring output policy maps described 27-22 accounting 8-27 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-27 OL-23400-01...
Page 944 B-16 for timing loop prevention uploading B-18 manual preemption, configuring 16-13 image files monitoring 16-14 deleting old image B-35 neighbor offset numbers 16-4 downloading B-33 open segment 16-2 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-28 OL-23400-01...
Page 945 Reverse Address Resolution Protocol root switch See RARP MSTP 14-17 13-14 1112, IP multicast and IGMP 18-1 route calculation timers, OSPF 29-30 1157, SNMPv1 25-2 route dampening, BGP 29-59 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-29 OL-23400-01...
Page 946 11-3 synchronized 14-11 encapsulation 11-4 proposal-agreement handshake process 14-10 service-policy command rapid convergence attaching policy maps 27-4 described 14-9 using 27-56 edge ports and Port Fast 14-9 service-provider network Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-30 OL-23400-01...
Page 947 25-1, 25-4 disabling 25-8 16-13 and IP SLAs 31-2 types of 25-13 authentication level 25-11 users 25-7, 25-10 community strings versions supported 25-2 configuring 25-8 SNMPv1 25-2 overview 25-4 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-31 OL-23400-01...
Page 948 29-2 IGMP snooping 33-15 static SSM mapping 33-18, 33-19 IGMPv3 33-13 static traffic forwarding 33-21 IGMPv3 Host Signalling 33-15 static VLAN membership 10-2 IP address range 33-14 statistics Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-32 OL-23400-01...
Page 949 10-14 root switch 13-14 using path costs 10-15 secondary root switch 13-15 using port priorities 10-14 spanning-tree mode 13-12 loop guard switch priority 13-19 described 15-4 counters, clearing 13-22 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-33 OL-23400-01...
Page 950 SunNet Manager displaying the time and date 5-12 supernet 29-5 overview SVIs See also NTP and IP unicast routing 29-2 system message logging and router ACLs 26-4 default configuration 24-3 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-34 OL-23400-01...
Page 951 TACACS+ deleting B-27 accounting, defined 8-11 downloading B-26 authentication, defined 8-11 preparing the server B-25 authorization, defined 8-11 uploading B-27 configuring limiting access by servers 25-17 accounting 8-16 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-35 OL-23400-01...
Page 952 19-5 fragmented 26-5 unfragmented 26-5 traffic class, defined 27-3 UDLD traffic marking 27-14 configuration guidelines 22-4 traffic policies, elements in 27-3 default configuration 22-4 traffic shaping disabling Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-36 OL-23400-01...
Page 953 See UDLD Virtual Private Networks UNI isolated VLAN 10-5 See VPNs UNIX syslog servers virtual router 30-1, 30-2 daemon configuration 24-11 vlan.dat file 10-3 facilities supported 24-12 VLAN 1 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-37 OL-23400-01...
Page 954 MPLS 34-7 adding 10-7 routes 34-4, 34-6 aging dynamic addresses 13-8 allowed on trunk 10-12 configuration 34-9 and spanning-tree instances 10-3, 10-6 defining 29-82 configuration guidelines 10-6 elements 34-4 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-38 OL-23400-01...
Page 955 29-84 29-86 HSRP 29-85 ping 29-85 SNMP 29-85 syslog 29-86 tftp 29-86 traceroute 29-86 weighted tail drop See WTD configuring 27-50 described 27-15 support for xconnect command 34-39 Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-39 OL-23400-01...
Page 956 Index Cisco ME 3800X and 3600X Switch Software Configuration Guide IN-40 OL-23400-01...

This manual is also suitable for:

Me 3800x Me 3600x

Cisco 3845 - Security Bundle Router Software Manual

Table of Contents

Features

Chapter 1 Overview

Using the Command-Line Interface

CHAPTER 2 Using the Command-Line Interface2-1

Chapter 3 Assigning the Switch IP Address and Default Gateway

Configuring Dhcp-Based Autoconfiguration

Modifying the Startup Configuration

CHAPTER 4 Configuring Cisco IOS Configuration Engine

Chapter 5 Administering the Switch

Building the Address Table

Chapter 6 Configuring Synchronous Ethernet

CHAPTER 7 Configuring the Switch External Alarms

Configuring Switch-Based Authentication

CHAPTER 8 Configuring Switch-Based Authentication

Chapter 9 Configuring Interface

Chapter 10 Configuring VLAN

Creating and Modifying Vlans

Chapter 11 Configuring Ethernet Virtual Connections (Evcs)

Quick Links

Chapters

Troubleshooting

Related Manuals for Cisco 3845 - Security Bundle Router

Summary of Contents for Cisco 3845 - Security Bundle Router