Sign In
Upload
Manuals
Brands
Cisco Manuals
Switch
WS-C3020
Cisco WS-C3020 Manuals
Manuals and User Guides for Cisco WS-C3020. We have
1
Cisco WS-C3020 manual available for free PDF download: Software Configuration Manual
Cisco WS-C3020 Software Configuration Manual (960 pages)
Catalyst Blade Switch for HP
Brand:
Cisco
| Category:
Switch
| Size: 9.66 MB
Table of Contents
Table of Contents
3
Related Publications
36
Obtaining Documentation and Submitting a Service Request
37
Features
39
Chapter 1 Overview
40
Ease-Of-Deployment and Ease-Of-Use Features
40
Performance Features
40
Management Options
41
Manageability Features
42
Availability and Redundancy Features
43
VLAN Features
44
Security Features
44
Qos and Cos Features
46
Layer 3 Features
47
Monitoring Features
48
Default Settings after Initial Switch Configuration
48
Design Concepts for Using the Switch
51
Where to Go Next
54
CHAPTER 2 Using the Command-Line Interface2-1
55
Understanding Command Modes
55
C H a P T E R 2 Using the Command-Line Interface
56
Understanding the Help System
57
Understanding Abbreviated Commands
58
Understanding no and Default Forms of Commands
58
Understanding CLI Error Messages
59
Using Configuration Logging
59
Using Command History
60
Changing the Command History Buffer Size
60
Recalling Commands
60
Disabling the Command History Feature
61
Using Editing Features
61
Enabling and Disabling Editing Features
61
Editing Commands through Keystrokes
61
Editing Command Lines that Wrap
63
Searching and Filtering Output of Show and more Commands
64
Accessing the CLI
64
Chapter 3 Assigning the Switch IP Address and Default Gateway
65
Understanding the Bootup Process
65
Assigning Switch Information
66
Default Switch Information
67
Understanding DHCP-Based Autoconfiguration
67
DHCP Client Request Process
68
Understanding DHCP-Based Autoconfiguration and Image Update
68
DHCP Auto-Image Update
69
DHCP Autoconfiguration
69
Limitations and Restrictions
69
Configuring DHCP-Based Autoconfiguration
70
Configuring the TFTP Server
70
DHCP Server Configuration Guidelines
70
Configuring the DNS
71
Configuring the Relay Device
71
Obtaining Configuration Files
72
Example Configuration
73
Configuring the DHCP Auto Configuration and Image Update Features
75
Configuring DHCP Autoconfiguration (Only Configuration File)
75
Configuring DHCP Auto-Image Update (Configuration File and Image)
76
Configuring the Client
77
Manually Assigning IP Information
78
Checking and Saving the Running Configuration
79
Modifying the Startup Configuration
81
Default Bootup Configuration
82
Automatically Downloading a Configuration File
82
Specifying the Filename to Read and Write the System Configuration
82
Booting up Manually
83
Booting up a Specific Software Image
83
Controlling Environment Variables
84
Scheduling a Reload of the Software Image
85
Configuring a Scheduled Reload
86
Displaying Scheduled Reload Information
87
Chapter 4 Configuring Cisco IOS CNS Agents
89
Understanding Cisco Configuration Engine Software
89
Chapter 4 Configuring Cisco IO CN Agent
90
Configuration Service
90
Event Service
91
Namespace Mapper
91
What You Should Know about the CNS Ids and Device Hostnames
91
Configid
91
Deviceid
92
Hostname and Deviceid
92
Using Hostname, Deviceid, and Configid
92
Understanding Cisco IOS Agents
93
Initial Configuration
93
Incremental (Partial) Configuration
94
Synchronized Configuration
94
Configuring Cisco IOS Agents
94
Enabling Automated CNS Configuration
94
Enabling the CNS Event Agent
96
Enabling the Cisco IOS CNS Agent
97
Enabling an Initial Configuration
97
Enabling a Partial Configuration
101
Displaying CNS Configuration
102
CHAPTER 5 Administering the Switch
104
Managing the System Time and Date
104
Understanding Network Time Protocol
104
Configuring NTP
105
Configuring NTP Authentication
106
Default NTP Configuration
106
Configuring NTP Associations
107
Configuring NTP Broadcast Service
108
Configuring NTP Access Restrictions
110
Configuring the Source IP Address for NTP Packets
112
Displaying the NTP Configuration
113
Configuring Time and Date Manually
113
Setting the System Clock
113
Displaying the Time and Date Configuration
114
Configuring the Time Zone
114
Configuring Summer Time (Daylight Saving Time)
115
Configuring a System Name and Prompt
116
Default System Name and Prompt Configuration
117
Configuring a System Name
117
Understanding DNS
117
Default DNS Configuration
118
Setting up DNS
118
Displaying the DNS Configuration
119
Creating a Banner
119
Default Banner Configuration
119
Configuring a Message-Of-The-Day Login Banner
120
Configuring a Login Banner
121
Managing the MAC Address Table
121
Building the Address Table
122
MAC Addresses and Vlans
122
Default MAC Address Table Configuration
123
Changing the Address Aging Time
123
Removing Dynamic Address Entries
124
Configuring MAC Address Notification Traps
124
Adding and Removing Static Address Entries
126
Configuring Unicast MAC Address Filtering
127
Displaying Address Table Entries
128
Managing the ARP Table
129
Chapter 6 Configuring SDM Templates
131
Understanding the SDM Templates
131
Dual Ipv4 and Ipv6 SDM Templates
132
Configuring the Switch SDM Template
133
Default SDM Template
133
SDM Template Configuration Guidelines
134
Setting the SDM Template
134
Displaying the SDM Templates
135
CHAPTER 7 Configuring Switch-Based Authentication
137
Preventing Unauthorized Access to Your Switch
137
C H a P T E R 7 Configuring Switch-Based Authentication
138
Protecting Access to Privileged EXEC Commands
138
Default Password and Privilege Level Configuration
138
Setting or Changing a Static Enable Password
139
Protecting Enable and Enable Secret Passwords with Encryption
139
Disabling Password Recovery
141
Setting a Telnet Password for a Terminal Line
142
Configuring Username and Password Pairs
142
Configuring Multiple Privilege Levels
143
Setting the Privilege Level for a Command
144
Changing the Default Privilege Level for Lines
145
Logging into and Exiting a Privilege Level
145
Controlling Switch Access with TACACS
146
Understanding TACACS
146
TACACS+ Operation
148
Configuring TACACS
148
Default TACACS+ Configuration
149
Identifying the TACACS+ Server Host and Setting the Authentication Key
149
Configuring TACACS+ Login Authentication
150
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services
152
Starting TACACS+ Accounting
153
Displaying the TACACS+ Configuration
153
Controlling Switch Access with RADIUS
153
Understanding RADIUS
154
RADIUS Operation
155
Configuring RADIUS
156
Default RADIUS Configuration
156
Identifying the RADIUS Server Host
156
Configuring RADIUS Login Authentication
159
Defining AAA Server Groups
161
Configuring RADIUS Authorization for User Privileged Access and Network Services
163
Starting RADIUS Accounting
164
Configuring Settings for All RADIUS Servers
165
Configuring the Switch to Use Vendor-Specific RADIUS Attributes
165
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication
167
Displaying the RADIUS Configuration
167
Controlling Switch Access with Kerberos
168
Understanding Kerberos
168
Kerberos Operation
170
Authenticating to a Boundary Switch
170
Obtaining a TGT from a KDC
171
Authenticating to Network Services
171
Configuring Kerberos
171
Configuring the Switch for Local Authentication and Authorization
172
Configuring the Switch for Secure Shell
173
Understanding SSH
173
SSH Servers, Integrated Clients, and Supported Versions
173
Limitations
174
Configuring SSH
174
Configuration Guidelines
174
Setting up the Switch to Run SSH
175
Configuring the SSH Server
176
Displaying the SSH Configuration and Status
177
Configuring the Switch for Secure Socket Layer HTTP
177
Understanding Secure HTTP Servers and Clients
177
Certificate Authority Trustpoints
178
Ciphersuites
179
Configuring Secure HTTP Servers and Clients
180
Default SSL Configuration
180
SSL Configuration Guidelines
180
Configuring a CA Trustpoint
180
Configuring the Secure HTTP Server
181
Configuring the Secure HTTP Client
183
Displaying Secure HTTP Server and Client Status
183
Configuring the Switch for Secure Copy Protocol
184
Information about Secure Copy
184
CHAPTER 8 Configuring IEEE 802.1X Port-Based Authentication8-1
185
Understanding IEEE 802.1X Port-Based Authentication
185
C H a P T E R 8 Configuring IEEE 802.1X Port-Based Authentication
186
Configuring IEEE 802.1X Authentication
186
Device Roles
186
Authentication Process
187
Authentication Initiation and Message Exchange
189
Ports in Authorized and Unauthorized States
191
IEEE 802.1X Host Mode
191
IEEE 802.1X Accounting Attribute-Value Pairs
192
IEEE 802.1X Accounting
192
Using 802.1X Readiness Check
193
Using IEEE 802.1X Authentication with VLAN Assignment
194
Using IEEE 802.1X Authentication with Per-User Acls
195
Using IEEE 802.1X Authentication with Guest VLAN
196
Using IEEE 802.1X Authentication with Restricted VLAN
197
Using IEEE 802.1X Authentication with Inaccessible Authentication Bypass
198
Using IEEE 802.1X Authentication with Voice VLAN Ports
199
Using IEEE 802.1X Authentication with Port Security
199
Using IEEE 802.1X Authentication with Wake-On-LAN
200
Using IEEE 802.1X Authentication with MAC Authentication Bypass
201
Network Admission Control Layer 2 IEEE 802.1X Validation
202
Using Web Authentication
202
Web Authentication with Automatic MAC Check
203
Configuring IEEE 802.1X Authentication
203
Default IEEE 802.1X Authentication Configuration
204
IEEE 802.1X Authentication Configuration Guidelines
205
IEEE 802.1X Authentication
205
VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass
206
MAC Authentication Bypass
207
Configuring 802.1X Readiness Check
207
Configuring IEEE 802.1X Authentication
209
Configuring the Switch-To-RADIUS-Server Communication
210
Configuring the Host Mode
212
Configuring Periodic Re-Authentication
212
Manually Re-Authenticating a Client Connected to a Port
213
Changing the Quiet Period
213
Changing the Switch-To-Client Retransmission Time
214
Setting the Switch-To-Client Frame-Retransmission Number
215
Setting the Re-Authentication Number
215
Configuring IEEE 802.1X Accounting
216
Configuring a Guest VLAN
217
Configuring a Restricted VLAN
218
Configuring the Inaccessible Authentication Bypass Feature
219
Configuring IEEE 802.1X Authentication with Wol
222
Configuring MAC Authentication Bypass
222
Configuring NAC Layer 2 IEEE 802.1X Validation
223
Configuring Web Authentication
224
Disabling IEEE 802.1X Authentication on the Port
227
Resetting the IEEE 802.1X Authentication Configuration to the Default Values
227
Displaying IEEE 802.1X Statistics and Status
228
CHAPTER 9 Configuring Interface Characteristics9-1
229
Understanding Interface Types
229
C H a P T E R 9 Configuring Interface Characteristics
230
Port-Based Vlans
230
Switch Ports
230
Routed Ports
232
Etherchannel Port Groups
233
Switch Virtual Interfaces
233
Connecting Interfaces
234
Dual-Purpose Uplink Ports
234
Management-Only Interface
235
Understanding Interface Types
230
Access Ports
231
Internal Gigabit Ethernet Ports
231
Trunk Ports
231
Tunnel Ports
232
Using Interface Configuration Mode
235
Procedures for Configuring Interfaces
236
Configuring a Range of Interfaces
237
Configuring and Using Interface Range Macros
238
Configuring Ethernet Interfaces
240
Default Ethernet Interface Configuration
240
Setting the Type of a Dual-Purpose Uplink Port
241
Configuring Interface Speed and Duplex Mode
243
Speed and Duplex Configuration Guidelines
243
Setting the Interface Speed and Duplex Parameters
244
Configuring IEEE 802.3X Flow Control
245
Configuring Auto-MDIX on an Interface
246
Adding a Description for an Interface
247
Configuring Layer 3 Interfaces
247
Configuring the System MTU
249
Monitoring and Maintaining the Interfaces
250
Monitoring Interface Status
251
Clearing and Resetting Interfaces and Counters
251
Shutting down and Restarting the Interface
252
Chapter 10 Configuring Smartports Macros
253
Understanding Smartports Macros
253
Configuring Smartports Macros
254
Default Smartports Macro Configuration
254
Smartports Macro Configuration Guidelines
255
Creating Smartports Macros
256
Applying Smartports Macros
257
Applying Cisco-Default Smartports Macros
258
Displaying Smartports Macros
260
Chapter 11 Configuring Vlans
261
Understanding Vlans
261
Supported Vlans
262
VLAN Port Membership Modes
263
Configuring Normal-Range Vlans
264
Token Ring Vlans
266
Normal-Range VLAN Configuration Guidelines
266
VLAN Configuration Mode Options
267
VLAN Configuration in Config-Vlan Mode
267
VLAN Configuration in VLAN Database Configuration Mode
267
Default Ethernet VLAN Configuration
268
Saving VLAN Configuration
267
Creating or Modifying an Ethernet VLAN
269
Deleting a VLAN
270
Assigning Static-Access Ports to a VLAN
271
Configuring Extended-Range Vlans
272
Default VLAN Configuration
272
Creating an Extended-Range VLAN
273
Extended-Range VLAN Configuration Guidelines
273
Creating an Extended-Range VLAN with an Internal VLAN ID
275
Configuring VLAN Trunks
276
Trunking Overview
276
Figure
277
Table
277
Encapsulation Types
278
Displaying Vlans
276
IEEE 802.1Q Configuration Considerations
279
Configuring VMPS
287
Dynamic-Access Port VLAN Membership
288
Understanding VMPS
288
Default VMPS Client Configuration
289
VMPS Configuration Guidelines
289
Configuring Dynamic-Access Ports on VMPS Clients
290
Configuring the VMPS Client
290
Entering the IP Address of the VMPS
290
Changing the Reconfirmation Interval
291
Reconfirming VLAN Memberships
291
Changing the Retry Count
292
Monitoring the VMPS
292
Troubleshooting Dynamic-Access Port VLAN Membership
293
VMPS Configuration Example
293
Configuring VTP
295
Understanding VTP
295
Configuring an Ethernet Interface as a Trunk Port
279
Interaction with Other Features
280
Configuring a Trunk Port
281
Defining the Allowed Vlans on a Trunk
282
Changing the Pruning-Eligible List
283
Configuring the Native VLAN for Untagged Traffic
283
Default Layer 2 Ethernet Interface VLAN Configuration
279
Configuring Trunk Ports for Load Sharing
284
Load Sharing Using STP Port Priorities
284
Load Sharing Using STP Path Cost
286
Chapter 12 Configuring VTP
296
The VTP Domain
296
VTP Modes
297
VTP Advertisements
297
VTP Version 2
298
VTP Pruning
298
Configuring VTP
298
Default VTP Configuration
300
VTP Configuration Options
301
VTP Configuration in Global Configuration Mode
301
VTP Configuration in VLAN Database Configuration Mode
301
VTP Configuration Guidelines
302
Domain Names
302
Passwords
302
VTP Version
302
Configuration Requirements
303
Configuring a VTP Server
303
Configuring a VTP Client
305
Disabling VTP (VTP Transparent Mode)
306
Enabling VTP Version 2
307
Enabling VTP Pruning
308
Monitoring VTP
310
Table
310
Adding a VTP Client Switch to a VTP Domain
308
Chapter 13 Configuring Voice VLAN
311
Understanding Voice VLAN
311
Cisco IP Phone Voice Traffic
312
Cisco IP Phone Data Traffic
312
Configuring Voice VLAN
313
Default Voice VLAN Configuration
313
Voice VLAN Configuration Guidelines
313
Configuring a Port Connected to a Cisco 7960 IP Phone
314
Configuring Cisco IP Phone Voice Traffic
314
Configuring the Priority of Incoming Data Frames
314
Displaying Voice VLAN
317
Chapter 14 Configuring Private Vlans
319
Understanding Private Vlans
319
IP Addressing Scheme with Private Vlans
321
Private Vlans Across Multiple Switches
322
Private-VLAN Interaction with Other Features
322
Private Vlans and Svis
323
Private Vlans and Unicast, Broadcast, and Multicast Traffic
323
Configuring Private Vlans
323
Tasks for Configuring Private Vlans
324
Default Private-VLAN Configuration
324
Private-VLAN Configuration Guidelines
324
Secondary and Primary VLAN Configuration
324
Limitations with Other Features
326
Private-VLAN Port Configuration
326
Configuring and Associating Vlans in a Private VLAN
327
Configuring a Layer 2 Interface as a Private-VLAN Host Port
329
Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port
330
Mapping Secondary Vlans to a Primary VLAN Layer 3 VLAN Interface
331
Monitoring Private Vlans
332
Chapter 15 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
333
Understanding IEEE 802.1Q Tunneling
333
Configuring IEEE 802.1Q Tunneling
336
Default IEEE 802.1Q Tunneling Configuration
336
IEEE 802.1Q Tunneling Configuration Guidelines
336
Native Vlans
336
System MTU
337
IEEE 802.1Q Tunneling and Other Features
338
Configuring an IEEE 802.1Q Tunneling Port
338
Understanding Layer 2 Protocol Tunneling
339
Configuring Layer 2 Protocol Tunneling
342
Default Layer 2 Protocol Tunneling Configuration
343
Layer 2 Protocol Tunneling Configuration Guidelines
344
Configuring Layer 2 Protocol Tunneling
345
Configuring Layer 2 Tunneling for Etherchannels
346
Configuring the SP Edge Switch
346
Configuring the Customer Switch
348
Monitoring and Maintaining Tunneling Status
350
Understanding Spanning-Tree Features
351
Configuring STP
352
Chapter 16 Configuring STP
352
STP Overview
352
Spanning-Tree Topology and Bpdus
353
Bridge ID, Switch Priority, and Extended System ID
354
Spanning-Tree Interface States
354
Blocking State
355
Spanning-Tree Interface States
355
Forwarding State
356
Learning State
356
Listening State
356
Disabled State
357
How a Switch or Port Becomes the Root Switch or Root Port
357
Accelerated Aging to Retain Connectivity
358
Spanning Tree and Redundant Connectivity
358
Spanning-Tree Address Management
358
Spanning-Tree Modes and Protocols
359
Supported Spanning-Tree Instances
359
Configuring Spanning-Tree Features
360
Default Spanning-Tree Configuration
361
Spanning-Tree Configuration Guidelines
362
Changing the Spanning-Tree Mode
363
Configuring the Root Switch
364
Disabling Spanning Tree
364
Configuring a Secondary Root Switch
366
Configuring Port Priority
366
Configuring Path Cost
368
Configuring the Switch Priority of a VLAN
369
Configuring Spanning-Tree Timers
370
Configuring the Hello Time
370
Configuring the Forwarding-Delay Time for a VLAN
371
Configuring the Maximum-Aging Time for a VLAN
371
Configuring the Transmit Hold-Count
372
Spanning-Tree Interoperability and Backward Compatibility
360
STP and IEEE 802.1Q Trunks
360
Displaying the Spanning-Tree Status
372
Chapter 17 Configuring MSTP
373
Understanding MSTP
374
Multiple Spanning-Tree Regions
374
IST, CIST, and CST
375
Operations Within an MST Region
375
Operations between MST Regions
376
Hop Count
377
IEEE 802.1S Terminology
377
Boundary Ports
378
IEEE 802.1S Implementation
378
Port Role Naming Change
379
Interoperation between Legacy and Standard Switches
379
Detecting Unidirectional Link Failure
380
Interoperability with IEEE 802.1D STP
380
Understanding RSTP
380
For Configuration Information, See the "Configuring MSTP Features" Section on Page
381
Port Roles and the Active Topology
381
Rapid Convergence
382
Synchronization of Port Roles
383
Bridge Protocol Data Unit Format and Processing
384
Processing Inferior BPDU Information
385
Processing Superior BPDU Information
385
Topology Changes
385
Configuring MSTP Features
386
Default MSTP Configuration
386
MSTP Configuration Guidelines
387
Table
387
Specifying the MST Region Configuration and Enabling MSTP
388
Configuring the Root Switch
389
Configuring a Secondary Root Switch
390
Configuring Port Priority
391
Configuring Path Cost
392
Configuring the Switch Priority
393
Configuring the Hello Time
394
Configuring the Forwarding-Delay Time
395
Configuring the Maximum-Aging Time
395
Configuring the Maximum-Hop Count
396
Specifying the Link Type to Ensure Rapid Transitions
396
Designating the Neighbor Type
397
Restarting the Protocol Migration Process
397
Displaying the MST Configuration and Status
398
CHAPTER 18 Configuring Optional Spanning-Tree Features
399
Understanding Optional Spanning-Tree Features
399
Understanding Optional Spanning-Tree Features
400
Understanding Port Fast
400
Configuring Optional Spanning-Tree Features
400
Understanding BPDU Guard
400
Understanding BPDU Filtering
401
Understanding Uplinkfast
401
Understanding Backbonefast
403
Understanding Etherchannel Guard
405
Understanding Root Guard
406
Configuring Optional Spanning-Tree Features
407
Default Optional Spanning-Tree Configuration
407
Understanding Loop Guard
407
Enabling Port Fast
408
Optional Spanning-Tree Configuration Guidelines
408
Enabling BPDU Guard
409
Enabling BPDU Filtering
410
Enabling Uplinkfast for Use with Redundant Links
411
Enabling Backbonefast
411
Enabling Etherchannel Guard
412
Enabling Root Guard
413
Displaying the Spanning-Tree Status
414
Enabling Loop Guard
413
Chapter 19 Configuring Flex Links and the MAC Address-Table Move Update Feature
415
Understanding Flex Links and the MAC Address-Table Move Update
415
Flex Links
415
VLAN Flex Link Load Balancing and Support
416
MAC Address-Table Move Update
417
Configuring Flex Links and MAC Address-Table Move Update
418
Configuration Guidelines
419
Default Configuration
419
Configuring Flex Links
420
Configuring VLAN Load Balancing on Flex Links
421
Configuring Flex Links
422
Configuring the MAC Address-Table Move Update Feature
423
Monitoring Flex Links and the MAC Address-Table Move Update Information
425
CHAPTER 20 Configuring DHCP Features and IP Source Guard
427
Understanding DHCP Features
427
C H a P T E R 20 Configuring DHCP Features and IP Source Guard
428
DHCP Relay Agent
428
DHCP Server
428
DHCP Snooping
428
Option-82 Data Insertion
429
Understanding DHCP Features
429
Cisco IOS DHCP Server Database
432
DHCP Snooping Binding Database
432
Configuration Guidelines
433
Default DHCP Configuration
434
DHCP Snooping Configuration Guidelines
434
Configuring the DHCP Relay Agent
436
Configuring the DHCP Server
436
Specifying the Packet Forwarding Address
436
Enabling DHCP Snooping and Option 82
437
Enabling DHCP Snooping on Private Vlans
439
Enabling the Cisco IOS DHCP Server Database
439
Enabling the DHCP Snooping Binding Database Agent
440
Configuring DHCP Features
433
Displaying DHCP Snooping Information
441
Understanding IP Source Guard
441
Source IP Address Filtering
442
Source IP and MAC Address Filtering
442
Configuring IP Source Guard
442
Default IP Source Guard Configuration
442
IP Source Guard Configuration Guidelines
442
Enabling IP Source Guard
443
Displaying IP Source Guard Information
444
Chapter 21 Configuring Dynamic ARP Inspection
445
Understanding Dynamic ARP Inspection
445
Interface Trust States and Network Security
447
Rate Limiting of ARP Packets
448
Relative Priority of ARP Acls and DHCP Snooping Entries
448
Logging of Dropped Packets
448
Configuring Dynamic ARP Inspection
448
Default Dynamic ARP Inspection Configuration
449
Dynamic ARP Inspection Configuration Guidelines
450
Configuring Dynamic ARP Inspection in DHCP Environments
451
Configuring ARP Acls for Non-DHCP Environments
452
Limiting the Rate of Incoming ARP Packets
454
Performing Validation Checks
456
Configuring the Log Buffer
457
Displaying Dynamic ARP Inspection Information
458
Chapter 22 Configuring IGMP Snooping and MVR
462
Understanding IGMP Snooping
462
IGMP Versions
463
Joining a Multicast Group
463
Leaving a Multicast Group
465
Immediate Leave
466
IGMP Configurable-Leave Timer
466
IGMP Report Suppression
466
Configuring IGMP Snooping
467
Enabling or Disabling IGMP Snooping
468
Setting the Snooping Method
468
Configuring a Multicast Router Port
469
Configuring a Blade Server Statically to Join a Group
470
Enabling IGMP Immediate Leave
471
Configuring the IGMP Leave Timer
471
Configuring TCN-Related Commands
472
Controlling the Multicast Flooding Time after a TCN Event
472
Recovering from Flood Mode
473
Disabling Multicast Flooding During a TCN Event
474
Configuring the IGMP Snooping Querier
474
Disabling IGMP Report Suppression
476
Displaying IGMP Snooping Information
476
Understanding Multicast VLAN Registration
477
Using MVR in a Multicast Television Application
478
Configuring MVR
480
Default MVR Configuration
480
MVR Configuration Guidelines and Limitations
480
Configuring MVR Global Parameters
481
Configuring MVR Interfaces
482
Displaying MVR Information
484
Configuring IGMP Filtering and Throttling
484
Default IGMP Filtering and Throttling Configuration
485
Configuring IGMP Profiles
485
Applying IGMP Profiles
487
Setting the Maximum Number of IGMP Groups
487
Configuring the IGMP Throttling Action
488
Displaying IGMP Filtering and Throttling Configuration
489
CHAPTER 23 Configuring Port-Based Traffic Control23-1
491
Configuring Storm Control
491
Understanding Storm Control
491
C H a P T E R 23 Configuring Port-Based Traffic Control
493
Default Storm Control Configuration
493
Configuring Storm Control and Threshold Levels
493
Configuring Small-Frame Arrival Rate
495
Configuring Protected Ports
496
Default Protected Port Configuration
497
Protected Port Configuration Guidelines
497
Configuring a Protected Port
497
Configuring Port Blocking
498
Default Port Blocking Configuration
498
Blocking Flooded Traffic on an Interface
498
Configuring Port Security
499
Understanding Port Security
499
Secure MAC Addresses
499
Security Violations
500
Default Port Security Configuration
501
Port Security Configuration Guidelines
501
Enabling and Configuring Port Security
503
Enabling and Configuring Port Security Aging
507
Port Security and Private Vlans
509
Displaying Port-Based Traffic Control Settings
510
Chapter 24 Configuring CDP
511
Understanding CDP
511
Configuring CDP
512
Default CDP Configuration
512
Configuring the CDP Characteristics
512
Disabling and Enabling CDP
513
Disabling and Enabling CDP on an Interface
514
Monitoring and Maintaining CDP
515
Chapter 25 Configuring LLDP and LLDP-MED
517
Understanding LLDP and LLDP-MED
517
Understanding LLDP
517
Understanding LLDP-MED
518
Configuring LLDP and LLDP-MED
519
Default LLDP Configuration
519
Configuring LLDP Characteristics
520
Disabling and Enabling LLDP Globally
521
Disabling and Enabling LLDP on an Interface
521
Configuring LLDP-MED Tlvs
522
Monitoring and Maintaining LLDP and LLDP-MED
523
Chapter 26 Configuring UDLD
525
Understanding UDLD
525
Modes of Operation
525
Methods to Detect Unidirectional Links
526
Configuring UDLD
527
Default UDLD Configuration
528
Configuration Guidelines
528
Enabling UDLD Globally
529
Enabling UDLD on an Interface
529
Resetting an Interface Disabled by UDLD
530
Displaying UDLD Status
530
Chapter 27 Configuring SPAN and RSPAN
531
Understanding SPAN and RSPAN
531
Local SPAN
532
Remote SPAN
532
SPAN and RSPAN Concepts and Terminology
533
SPAN Sessions
533
Monitored Traffic
534
Source Ports
535
Source Vlans
536
VLAN Filtering
536
Destination Port
537
Rspan Vlan
538
SPAN and RSPAN Interaction with Other Features
538
Configuring SPAN and RSPAN
539
Default SPAN and RSPAN Configuration
539
Configuring Local SPAN
540
SPAN Configuration Guidelines
540
Creating a Local SPAN Session
541
Creating a Local SPAN Session and Configuring Incoming Traffic
543
Specifying Vlans to Filter
544
Configuring RSPAN
545
RSPAN Configuration Guidelines
545
Configuring a VLAN as an RSPAN VLAN
546
Creating an RSPAN Source Session
547
Creating an RSPAN Destination Session
549
Creating an RSPAN Destination Session and Configuring Incoming Traffic
550
Specifying Vlans to Filter
552
Displaying SPAN and RSPAN Status
553
Chapter 28 Configuring RMON
555
Understanding RMON
555
Configuring RMON
556
Default RMON Configuration
557
Configuring RMON Alarms and Events
557
Collecting Group History Statistics on an Interface
559
Collecting Group Ethernet Statistics on an Interface
559
Displaying RMON Status
560
Chapter 29 Configuring System Message Logging
561
Understanding System Message Logging
561
Configuring System Message Logging
562
System Log Message Format
562
Default System Message Logging Configuration
563
Disabling Message Logging
564
Setting the Message Display Destination Device
565
Synchronizing Log Messages
566
Enabling and Disabling Time Stamps on Log Messages
567
Enabling and Disabling Sequence Numbers in Log Messages
568
Defining the Message Severity Level
568
Limiting Syslog Messages Sent to the History Table and to SNMP
570
Enabling the Configuration-Change Logger
570
Configuring UNIX Syslog Servers
572
Configuring the UNIX System Logging Facility
572
Logging Messages to a UNIX Syslog Daemon
572
Displaying the Logging Configuration
573
Chapter 30 Configuring SNMP
575
Understanding SNMP
575
SNMP Versions
576
SNMP Manager Functions
577
SNMP Agent Functions
578
SNMP Community Strings
578
Using SNMP to Access MIB Variables
578
SNMP Notifications
579
SNMP Ifindex MIB Object Values
579
Configuring SNMP
580
Default SNMP Configuration
580
SNMP Configuration Guidelines
580
Disabling the SNMP Agent
581
Configuring Community Strings
582
Configuring SNMP Groups and Users
583
Configuring SNMP Notifications
585
Setting the Agent Contact and Location Information
588
Limiting TFTP Servers Used through SNMP
589
SNMP Examples
590
Displaying SNMP Status
591
Chapter 31 Configuring Network Security with Acls
593
Understanding Acls
593
Supported Acls
594
Port Acls
595
Router Acls
596
VLAN Maps
597
Handling Fragmented and Unfragmented Traffic
597
Configuring Ipv4 Acls
598
Creating Standard and Extended Ipv4 Acls
599
Access List Numbers
600
ACL Logging
600
Creating a Numbered Standard ACL
601
Creating a Numbered Extended ACL
602
Creating Named Standard and Extended Acls
606
Resequencing Aces in an ACL
606
Using Time Ranges with Acls
608
Including Comments in Acls
610
Applying an Ipv4 ACL to a Terminal Line
610
Applying an Ipv4 ACL to an Interface
611
Hardware and Software Treatment of IP Acls
613
Ipv4 ACL Configuration Examples
613
Extended Acls
615
Named Acls
615
Numbered Acls
615
Commented IP ACL Entries
616
Time Range Applied to an IP ACL
616
ACL Logging
617
Creating Named MAC Extended Acls
618
Applying a MAC ACL to a Layer 2 Interface
619
Configuring VLAN Maps
620
VLAN Map Configuration Guidelines
621
Creating a VLAN Map
622
Examples of Acls and VLAN Maps
623
Applying a VLAN Map to a VLAN
625
Using VLAN Maps in Your Network
625
Wiring Closet Configuration
625
Denying Access to a Server on Another VLAN
627
Using VLAN Maps with Router Acls
628
VLAN Maps and Router ACL Configuration Guidelines
628
Examples of Router Acls and VLAN Maps Applied to Vlans
629
Acls and Switched Packets
629
Acls and Routed Packets
630
Displaying Ipv4 ACL Configuration
630
Chapter 32 Configuring Qos
633
Understanding Qos
634
Basic Qos Model
635
Classification
637
Classification Based on Class Maps and Policy Maps
639
Classification Based on Qos Acls
639
Policing and Marking
640
Policing on Physical Ports
641
Policing on Svis
642
Mapping Tables
644
Queueing and Scheduling Overview
645
Weighted Tail Drop
645
SRR Shaping and Sharing
646
Queueing and Scheduling on Ingress Queues
647
Queueing and Scheduling on Egress Queues
649
Packet Modification
651
Configuring Auto-Qos
652
Generated Auto-Qos Configuration
653
Effects of Auto-Qos on the Configuration
657
Auto-Qos Configuration Guidelines
657
Enabling Auto-Qos for Voip
658
Auto-Qos Configuration Example
660
Displaying Auto-Qos Information
662
Configuring Standard Qos
662
Default Standard Qos Configuration
663
Default Ingress Queue Configuration
663
Default Egress Queue Configuration
664
Default Mapping Table Configuration
665
Standard Qos Configuration Guidelines
665
Applying Qos on Interfaces
665
Qos ACL Guidelines
665
General Qos Guidelines
666
Policing Guidelines
666
Enabling Qos Globally
667
Enabling VLAN-Based Qos on Physical Ports
667
Configuring Classification Using Port Trust States
668
Configuring the Trust State on Ports Within the Qos Domain
668
Configuring a Trusted Boundary to Ensure Port Security
670
Configuring the Cos Value for an Interface
670
Configuring the DSCP Trust State on a Port Bordering Another Qos Domain
672
Enabling DSCP Transparency Mode
672
Configuring a Qos Policy
674
Classifying Traffic by Using Acls
675
Classifying Traffic by Using Class Maps
678
Classifying, Policing, and Marking Traffic on Physical Ports by Using Policy Maps
680
Classifying, Policing, and Marking Traffic on Svis by Using Hierarchical Policy Maps
684
Classifying, Policing, and Marking Traffic by Using Aggregate Policers
690
Configuring DSCP Maps
692
Configuring the Cos-To-DSCP Map
692
Configuring the IP-Precedence-To-DSCP Map
693
Configuring the Policed-DSCP Map
694
Configuring the DSCP-To-Cos Map
695
Configuring the DSCP-To-DSCP-Mutation Map
696
Configuring Ingress Queue Characteristics
698
Mapping DSCP or Cos Values to an Ingress Queue and Setting WTD Thresholds
698
Allocating Bandwidth between the Ingress Queues
700
Allocating Buffer Space between the Ingress Queues
700
Configuring the Ingress Priority Queue
701
Configuring Egress Queue Characteristics
702
Allocating Buffer Space to and Setting WTD Thresholds for an Egress Queue-Set
703
Configuration Guidelines
703
Mapping DSCP or Cos Values to an Egress Queue and to a Threshold ID
705
Configuring SRR Shaped Weights on Egress Queues
707
Configuring SRR Shared Weights on Egress Queues
708
Configuring the Egress Expedite Queue
709
Limiting the Bandwidth on an Egress Interface
709
Displaying Standard Qos Information
710
Chapter 33 Configuring Etherchannels and Layer 2 Trunk Failover
713
Understanding Etherchannels
713
Etherchannel Overview
714
Port-Channel Interfaces
715
Port Aggregation Protocol
716
Pagp Modes
716
Pagp Interaction with Other Features
717
Link Aggregation Control Protocol
717
LACP Modes
717
LACP Interaction with Other Features
718
Etherchannel on Mode
718
Load Balancing and Forwarding Methods
718
Configuring Etherchannels
720
Default Etherchannel Configuration
721
Etherchannel Configuration Guidelines
721
Configuring Layer 2 Etherchannels
722
Configuring Layer 3 Etherchannels
724
Configuring the Physical Interfaces
724
Creating Port-Channel Logical Interfaces
724
Configuring Etherchannel Load Balancing
727
Configuring the Pagp Learn Method and Priority
728
Configuring LACP Hot-Standby Ports
729
Configuring the LACP System Priority
730
Configuring the LACP Port Priority
731
Displaying Etherchannel, Pagp, and LACP Status
732
Understanding Layer 2 Trunk Failover
732
Configuring Layer 2 Trunk Failover
733
Default Layer 2 Trunk Failover Configuration
733
Configuring Layer 2 Trunk Failover
734
Layer 2 Trunk Failover Configuration Guidelines
734
Displaying Layer 2 Trunk Failover Status
735
Chapter 34 Configuring IP Unicast Routing
737
Understanding IP Routing
737
Types of Routing
738
Steps for Configuring Routing
739
Configuring IP Addressing
739
Default Addressing Configuration
740
Assigning IP Addresses to Network Interfaces
741
Use of Subnet Zero
741
Classless Routing
742
Configuring Address Resolution Methods
743
Define a Static ARP Cache
744
Enable Proxy ARP
745
Set ARP Encapsulation
745
Routing Assistance When IP Routing Is Disabled
746
Default Gateway
746
Proxy ARP
746
ICMP Router Discovery Protocol (IRDP)
747
Configuring Broadcast Packet Handling
748
Enabling Directed Broadcast-To-Physical Broadcast Translation
748
Forwarding UDP Broadcast Packets and Protocols
749
Establishing an IP Broadcast Address
750
Flooding IP Broadcasts
751
Monitoring and Maintaining IP Addressing
752
Enabling IP Unicast Routing
753
Configuring RIP
753
Default RIP Configuration
754
Configuring Basic RIP Parameters
755
Configuring RIP Authentication
756
Configuring Summary Addresses and Split Horizon
757
Configuring Split Horizon
758
Configuring Stub Routing
759
Understanding PIM Stub Routing
759
Configuring PIM Stub Routing
760
Enabling PIM Stub Routing
760
PIM Stub Routing Configuration Guidelines
760
Understanding EIGRP Stub Routing
762
Configuring EIGRP Stub Routing
763
Configuring Protocol-Independent Features
763
Configuring Cisco Express Forwarding
764
Configuring the Number of Equal-Cost Routing Paths
765
Configuring Static Unicast Routes
766
Specifying Default Routes and Networks
767
Using Route Maps to Redistribute Routing Information
767
Filtering Routing Information
770
Controlling Advertising and Processing in Routing Updates
770
Setting Passive Interfaces
770
Filtering Sources of Routing Information
771
Managing Authentication Keys
772
Monitoring and Maintaining the IP Network
773
Chapter 35 Configuring Ipv6 Host Functions
775
Understanding Ipv6
775
Ipv6 Addresses
776
Supported Ipv6 Unicast Host Features
777
128-Bit Wide Unicast Addresses
777
DNS for Ipv6
778
Icmpv6
778
Ipv6 Stateless Autoconfiguration and Duplicate Address Detection
778
Neighbor Discovery
778
Ipv6 Applications
783
Dual Ipv4 and Ipv6 Protocol Stacks
784
SNMP and Syslog over Ipv6
784
HTTP(S) over Ipv6
786
Dual Ipv4 and Ipv6 SDM Templates
786
Configuring Ipv6
787
Default Ipv6 Configuration
787
Configuring Ipv6 Addressing and Enabling Ipv6 Host
788
Configuring Ipv6 ICMP Rate Limiting
789
Configuring Static Routes for Ipv6
790
Displaying Ipv6
792
Chapter 36 Configuring Ipv6 MLD Snooping
795
Understanding MLD Snooping
795
MLD Messages
796
MLD Queries
797
Multicast Client Aging Robustness
797
Multicast Router Discovery
797
MLD Reports
798
MLD Done Messages and Immediate-Leave
798
Topology Change Notification Processing
799
Configuring Ipv6 MLD Snooping
799
Default MLD Snooping Configuration
799
MLD Snooping Configuration Guidelines
800
Enabling or Disabling MLD Snooping
800
Configuring a Static Multicast Group
802
Configuring a Multicast Router Port
802
Enabling MLD Immediate Leave
803
Configuring MLD Snooping Queries
804
Disabling MLD Listener Message Suppression
805
Displaying MLD Snooping Information
805
Chapter 37 Configuring Ipv6 Acls
807
Understanding Ipv6 Acls
807
Supported ACL Features
808
Ipv6 ACL Limitations
808
Configuring Ipv6 Acls
809
Default Ipv6 ACL Configuration
809
Interaction with Other Features
809
Creating Ipv6 Acls
810
Applying an Ipv6 ACL to an Interface
812
Displaying Ipv6 Acls
813
Chapter 38 Configuring HSRP and Enhanced Object Tracking
815
Understanding HSRP
815
Multiple HSRP
817
Configuring HSRP
818
Default HSRP Configuration
819
HSRP Configuration Guidelines
819
Enabling HSRP
819
Configuring HSRP Priority
820
Configuring MHSRP
823
Configuring HSRP Authentication and Timers
823
Enabling HSRP Support for ICMP Redirect Messages
825
Displaying HSRP Configurations
825
Configuring Enhanced Object Tracking
826
Understanding Enhanced Object Tracking
826
Configuring Enhanced Object Tracking Features
826
Configuring a Tracked List
827
Tracking Interface Line-Protocol or IP Routing State
827
Configuring HSRP Object Tracking
831
Configuring Other Tracking Characteristics
832
Monitoring Enhanced Object Tracking
832
Chapter 39 Configuring Cisco IOS IP Slas Operations
835
Understanding Cisco IOS IP Slas
835
Using Cisco IOS IP Slas to Measure Network Performance
837
IP Slas Responder and IP Slas Control Protocol
838
Response Time Computation for IP Slas
838
Configuring IP Slas Operations
839
Default Configuration
839
Configuration Guidelines
839
Configuring the IP Slas Responder
840
Monitoring IP Slas Operations
840
Chapter 40 Troubleshooting
841
Recovering from a Software Failure
842
Recovering from a Lost or Forgotten Password
843
Procedure with Password Recovery Enabled
844
Procedure with Password Recovery Disabled
846
Preventing Autonegotiation Mismatches
847
SFP Module Security and Identification
848
Monitoring SFP Module Status
848
Monitoring Temperature
849
Using Ping
849
Understanding Ping
849
Executing Ping
849
Using Layer 2 Traceroute
850
Understanding Layer 2 Traceroute
850
Usage Guidelines
851
Displaying the Physical Path
852
Using IP Traceroute
852
Understanding IP Traceroute
852
Executing IP Traceroute
853
Using TDR
854
Understanding TDR
854
Running TDR and Displaying the Results
854
Using Debug Commands
854
Enabling All-System Diagnostics
855
Enabling Debugging on a Specific Feature
855
Redirecting Debug and Error Message Output
856
Using the Show Platform Forward Command
856
Using the Crashinfo Files
858
Basic Crashinfo Files
858
Extended Crashinfo Files
859
Chapter 41 Configuring Online Diagnostics
861
Understanding How Online Diagnostics Work
861
Scheduling Online Diagnostics
862
Configuring Health-Monitoring Diagnostics
862
Running Online Diagnostic Tests
863
Starting Online Diagnostic Tests
863
Displaying Online Diagnostic Tests and Test Results
863
Appendix
865
Supported Mibs
865
MIB List
865
Appendix A Supported MIB
866
MIB List
866
Using FTP to Access the MIB Files
867
Using FTP to Access the MIB Files
868
Appendix
869
Working with the Cisco IOS File System, Configuration Files, and Software Images
869
Working with the Flash File System
869
Displaying Available File Systems
870
A P P E N D I X B Working with the Cisco IOS File System, Configuration Files, and Software Images
871
Setting the Default File System
871
Displaying Information about Files on a File System
871
Changing Directories and Displaying the Working Directory
871
Creating and Removing Directories
872
Copying Files
872
Deleting Files
873
Creating, Displaying, and Extracting Tar Files
873
Creating a Tar File
874
Displaying the Contents of a Tar File
874
Extracting a Tar File
876
Displaying the Contents of a File
876
Working with Configuration Files
877
Guidelines for Creating and Using Configuration Files
877
Configuration File Types and Location
877
Creating a Configuration File by Using a Text Editor
877
Copying Configuration Files by Using TFTP
877
Preparing to Download or Upload a Configuration File by Using TFTP
879
Downloading the Configuration File by Using TFTP
880
Uploading the Configuration File by Using TFTP
880
Copying Configuration Files by Using FTP
881
Downloading a Configuration File by Using FTP
881
Preparing to Download or Upload a Configuration File by Using FTP
881
Uploading a Configuration File by Using FTP
881
Copying Configuration Files by Using RCP
884
Downloading a Configuration File by Using RCP
884
Preparing to Download or Upload a Configuration File by Using RCP
884
Uploading a Configuration File by Using RCP
884
Clearing Configuration Information
887
Clearing the Startup Configuration File
887
Deleting a Stored Configuration File
887
Replacing and Rolling Back Configurations
888
Configuration Guidelines
888
Understanding Configuration Replacement and Rollback
888
Configuration Guidelines
889
Configuring the Configuration Archive
890
Performing a Configuration Replacement or Rollback Operation
890
Working with Software Images
891
Image Location on the Switch
892
Tar File Format of Images on a Server or Cisco.com
892
Copying Image Files by Using TFTP
893
Downloading an Image File by Using TFTP
894
Preparing to Download or Upload an Image File by Using TFTP
894
Copying Image Files by Using FTP
896
Uploading an Image File by Using TFTP
896
Downloading an Image File by Using FTP
897
Preparing to Download or Upload an Image File by Using FTP
897
Uploading an Image File by Using FTP
897
Copying Image Files by Using RCP
901
Downloading an Image File by Using RCP
901
Preparing to Download or Upload an Image File by Using RCP
901
Uploading an Image File by Using RCP
901
Appendix
907
Unsupported Commands in Cisco IOS Release 12.2(44)SE
907
Access Control Lists
907
Unsupported Privileged EXEC Commands
907
Unsupported Global Configuration Commands
907
Unsupported Route-Map Configuration Command
907
A P P E N D I X C Unsupported Commands in Cisco IOS Release 12.2(44)SE
908
Archive Commands
908
Unsupported Privileged EXEC Commands
908
ARP Commands
908
Unsupported Global Configuration Commands
908
Unsupported Interface Configuration Commands
908
Bootloader Commands
908
Unsupported User EXEC Command
908
Unsupported Global Configuration Command
908
Debug Commands
909
Unsupported Privileged EXEC Commands
909
Hsrp
909
Unsupported Global Configuration Commands
909
Unsupported Interface Configuration Commands
909
IGMP Snooping Commands
909
Unsupported Global Configuration Command
909
Interface Commands
910
Unsupported Global Configuration Command
910
Unsupported Interface Configuration Command
910
Unsupported Privileged EXEC Command
910
IP Unicast Routing
910
Unsupported Global Configuration Commands
910
Unsupported Privileged EXEC or User EXEC Commands
910
Unsupported Interface Configuration Commands
911
Unsupported Route Map Commands
911
MAC Address Commands
912
Unsupported Global Configuration Commands
912
Unsupported Privileged EXEC Commands
912
Miscellaneous
912
Unsupported Global Configuration Commands
913
Netflow Commands
913
Network Address Translation (NAT) Commands
913
Unsupported Privileged EXEC Commands
913
Qos
913
Unsupported Global Configuration Command
913
Unsupported Interface Configuration Commands
913
Unsupported Policy-Map Configuration Command
913
Radius
914
Unsupported Global Configuration Commands
914
Snmp
914
Spanning Tree
914
Unsupported Global Configuration Command
914
Unsupported Interface Configuration Command
914
Vlan
914
Unsupported User EXEC Commands
915
Vtp
915
Unsupported Privileged EXEC Command
915
I N D E X
917
Advertisement
Advertisement
Related Products
Cisco WS-C3750X-24T-L
Cisco WS-C3750E-48PD-EF - Catalyst 3750E 48-GIG 2-10GE
Cisco WS-C3750G-16TD-E - Catalyst 3750G-16TD - Switch
Cisco WS-C3560E48PDSF-RF - Catalyst 3560E-48PD-F Switch
Cisco WS-C3560X-48PF-S
Cisco WS-C3850-24U-L
Cisco WS-C3850--24P-S
Cisco WS-C3850-12X48UW-S
Cisco WS-C3850-48P-E
Cisco WS-C3850-12XS-E
Cisco Categories
Switch
IP Phone
Network Router
Wireless Access Point
Conference System
More Cisco Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL