Cisco SF220-24 Administration Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. SF220-24
  6. Administration manual

Cisco SF220-24 Administration Manual

220 series
Hide thumbs Also See for SF220-24:
Table of Contents

Advertisement

Quick Links

ADMINISTRATION
GUIDE
Cisco 220 Series Smart Switches
Administration Guide Release 1.1.0.x
July 21, 2017

Advertisement

Table of Contents
loading

Related Manuals for Cisco SF220-24

Summary of Contents for Cisco SF220-24

  • Page 1 ADMINISTRATION GUIDE Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x July 21, 2017...
  • Page 2 Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.

  • Page 3: Table Of Contents

    Chapter 3: Administration: System Logs Configuring System Log Settings Configuring Remote Logging Settings Viewing Memory Logs Viewing RAM Memory Logs Viewing Flash Memory Logs Chapter 4: Administration: File Management Files and File Types Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 4 System Time Options Configuring System Time Configuring SNTP Server Time Range Absolute Time Range Periodic Time Range Chapter 7: Administration: Diagnostics Testing Copper Ports Viewing Optical Module Status Configuring Port and VLAN Mirroring Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 5 Chapter 9: Port Management Port Management Workflow Configuring Basic Port Settings Configuring Error Recovery Settings Loopback Detection How LBD Works Configuring Loopback Detection Default Settings and Configuration Interactions with Other Features Configuring LBD Workflow Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 6 Viewing VLAN Membership Configuring GVRP Configuring Voice VLAN Configuring Voice VLAN Properties Configuring Telephony OUI Adding Interfaces to Voice VLAN on Basis of OUIs Chapter 12: Spanning Tree Protocol STP Modes Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 7 Configuring MLD Snooping Querying IGMP/MLD IP Multicast Groups Configuring Multicast Router Ports Configuring Forward All Multicast Configuring Maximum IGMP and MLD Groups Configuring Multicast Filtering Configuring Multicast Filter Profiles Configuring Interface Filter Settings Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 8 Configuring Storm Control Configuring Port Security Configuring 802.1X 802.1X Parameters Workflow Defining 802.1X Properties Defining 802.1X Port Authentication Defining Host and Session Authentication Viewing Authenticated Hosts Configuring DoS Protection Secure Core Technology (SCT) Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 9 Configuring ARP Inspection Trusted Interfaces Viewing ARP Inspection Statistics Configuring ARP Inspection VLAN Settings Chapter 17: Access Control Access Control Lists Configuring MAC-based ACLs Configuring MAC-based ACEs Configuring IPv4-based ACLs Configuring IPv4-Based ACEs Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 10 Configuring Basic QoS Interface Settings Configuring QoS Advanced Mode Configuring Advanced QoS Global Settings Configuring Class Mapping QoS Policers Configuring Aggregate Policers Configuring QoS Policies Configuring Policy Class Maps Configuring Policy Binding Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 11 Configuring SNMP Views Configuring SNMP Groups Managing SNMP Users Configuring SNMP Communities Configuring SNMP Notification Recipients Configuring SNMPv1,2 Notification Recipients Configuring SNMPv3 Notification Recipients Appendix A: Where to Go From Here Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 12: Chapter 1: Getting Started

    Window Navigation Getting Started with the Web-based Interface The Cisco 220 switch can be accessed and managed by two methods; over your IP network by using the web-based interface, or by using the command-line interface through the console interface. Using the console interface requires Cisco 220 Series Smart Switches Command Line advanced user skills.

  • Page 13: Before You Begin

    Locate the IP address of the switch. STEP 3 a. The switch can be accessed and managed by Cisco network tools and services including the Cisco FindIT Network Discovery Utility which enables you to automatically discover all supported Cisco devices in the same local network segment as your computer.

  • Page 14: Http/Https

    When the login page appears, choose the language that you prefer to use in the STEP 7 web-based interface and enter the username and password. The default username is cisco and the default password is cisco. Both username and password are case sensitive. Click Log In.

  • Page 15: Changing The Administrative Password

    If you do not want to change the password, check Disable Password NOTE Strength Enforcement and click Apply. Click Apply. STEP 2 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 16: Logging Out

    When a timeout occurs or you intentionally log out of the switch, a message is displayed and the login page opens with a message indicating the logged-out state. After you log in, the application returns to the initial page. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 17: Quick Start Switch Configuration

    Summary page Port Statistics Status and Statistics > Interface page RMON Statistics Status and Statistics > RMON > Statistics page View Log Status and Statistics > View Log > RAM Memory page Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 18: Interface Naming Conventions

    Administration > Diagnostics > Port and VLAN Mirroring page There are two hot links on the Getting Started page that take you to Cisco web pages for more information. Clicking on the Support link takes you to the device product support page, and clicking on the Forums link takes you to the Cisco Support Community page.

  • Page 19: Window Navigation

    (English) cannot be deleted. Logout Click to log out of the web-based interface. About Click to display the switch name and device version number. Help Click to display the online help. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 20 Running Configuration. Click Close to return to the main page. Click Save to display the Copy/Save Configuration page and save the Running Configuration to the Startup Configuration file type on the switch. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 21 3. Click Apply to save the changes and click Close to return to the main page. Delete After selecting an entry in the table, click Delete to remove. Details Click to display the details associated with the entry selected. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 22 Click to see the statistics counters for all interfaces on Statistics a single page. View Interface Click to see the statistics counters for the selected Statistics interface on a single page. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 23: Chapter 2: Status And Statistics

    Refresh Rate—Select the time period that passes before the Ethernet statistics are refreshed. The available options are: No Refresh —Statistics are not refreshed. 15 sec —Statistics are refreshed every 15 seconds. 30 sec —Statistics are refreshed every 30 seconds. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 24 Select an interface and click View Interface Statistics to see the statistics counters for the selected interface on a single page. • Click Refresh to manually refresh the statistics counters for all interfaces. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 25: Viewing Etherlike Statistics

    Click Clear Interface Counters to clear the statistics counters for the selected STEP 3 interface. Click Refresh to manually refresh the statistics counters for the selected interface. STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 26: Viewing Tcam Utilization

    To view TCAM utilization, click Status and Statistics > TCAM Utilization. The following fields are displayed: • Maximum TCAM Entries—Maximum TCAM entries available. • In Use—Number of TCAM entries that are currently using. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 27: Viewing Fan Status And Temperature

    Status—Displays the status of the switch thermals. Operational Status —Displays OK when the thermal operates normally, or displays Fault when the thermal does not operate normally. Temperature Value —Displays the current temperature in Celsius. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 28 F (69 F (69 F (74 ° ° ° ° ° ° ° ° SF220-50P F (70 F (75 F (75 F (80 ° ° ° ° ° ° ° ° Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 29: Managing Rmon

    NOTE enabled on the switch. This section includes the following topics: • Viewing RMON Statistics • Configuring and Viewing RMON Histories • Configuring and Viewing RMON Events • Configuring RMON Alarms Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 30: Viewing Rmon Statistics

    RMON Multicast Packets Received—Number of good Multicast packets received. • RMON CRC & Align Errors—Number of CRC and Align errors that have occurred. • RMON Undersize Packets—Number of undersized packets (less than 64 octets) received. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 31 Click Refresh to manually refresh RMON statistics counters for the selected STEP 4 interface. Click View All Interfaces Statistics to view RMON statistics counters for all STEP 5 interfaces on a single page. The RMON Statistics Table displays the RMON Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 32: Configuring And Viewing Rmon Histories

    New History Entry—Displays the number of the history entry. • Source Interface—Select the port or LAG from where the history samples are to be taken. • Max No. of Samples to Keep—Enter the number of samples to store. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 33 FCS octets, but excluding framing bits. • Packets Received—Number of packets received, including bad packets, Multicast, and Broadcast packets. • Broadcast Packets—Number of good Broadcast packets received. This number does not include Multicast packets. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 34: Configuring And Viewing Rmon Events

    This is performed as follows: • Events Page—Configures what happens when an alarm is triggered. This can be any combination of logs and traps. • Alarms Page—Configures the occurrences that trigger an alarm. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 35 Click Apply. The RMON event is added, and the Running Configuration is updated. STEP 4 Click Event Log Table to display the log of alarms that have occurred and that STEP 5 have been logged. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 36: Configuring Rmon Alarms

    Use the Alarms page to configure alarms and to bind them with events. Alarm counters can be monitored by either absolute values or changes (delta) in the counter values. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 37 —A falling counter value triggers the falling threshold alarm. Rising and Falling Alarm —Both a rising and falling counter values trigger the alarm. • Interval—Enter the alarm interval time in seconds. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 38 Managing RMON • Owner—Enter the name of the user or network management system that receives the alarm. Click Apply. The RMON alarm is added, and the Running Configuration is updated. STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 39: Chapter 3: Administration: System Logs

    The event severity levels are listed from the highest severity to the lowest severity: • Emergency—System is not usable. • Alert—Immediate action is needed. • Critical—System is in a critical condition. • Error—System is in error condition. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 40 Flash Memory Logging—Check Enable to enable flash memory logging and check the severity levels of the messages to be logged to flash memory. Click Apply. The global log settings are defined, and the Running Configuration is STEP 3 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 41: Configuring Remote Logging Settings

    Log in RAM (cleared during reboot). See Viewing RAM Memory Logs more information. • Log in flash memory (cleared only upon user command). See Viewing Flash Memory Logs for more information. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 42: Viewing Ram Memory Logs

    By default, the SYSLOG Alert Status icon appears and blinks when a SYSLOG STEP 3 message above the critical severity level is logged. To disable this alert icon blinking, click Disable Alert Icon Blinking. The SYSLOG Alert Status icon is no longer displayed. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 43: Viewing Flash Memory Logs

    • Log Index—Log entry number. • Log Time—Time when message was generated. • Severity—Event severity. • Description—Message text describing the event. Click Clear Logs to clear the log messages. STEP 2 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 44: Chapter 4: Administration: File Management

    Copying various types of configuration files internally on the switch. • Copying files to or from an external device, such as an external server. The possible methods of file transfer are: • Internal copy. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 45 You can copy the Mirror Configuration, Startup Configuration, or Running Configuration to the Backup Configuration. The Backup Configuration exists in flash and is preserved if the switch is rebooted. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 46: File Actions

    Save configuration files on the switch to a location on another device as described in the Download/Backup Configuration or Logs section. • Clear the Startup Configuration or Backup Configuration file types as described in the Configuration File Properties section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 47: Upgrade/Backup Firmware/Language

    The following methods for transferring files are supported: • HTTP/HTTPS that uses the facilities provided by the browser. • TFTP that requires a TFTP server. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 48 To replace the firmware image on the switch with a new version located on STEP 4 another device such as your local PC, enter the following information: • Transfer Method—Select via HTTP/HTTPS as the transfer method. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 49 Click Administration > File Management > Upgrade/Backup Firmware/ STEP 1 Language. To upload a language file from a TFTP server to the switch, enter the following STEP 2 information: • Transfer Method—Select via TFTP as the transfer method. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 50 File Type—Select Language File as the file type. • File Name—Click Browse to select a new language file located on another device such as your local PC. Click Apply. STEP 5 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 51: Active Image

    When restoring a configuration file to the Running Configuration, the imported file adds any configuration commands that do not exist in the old file and overwrites any parameter values in the existing configuration commands. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 52 Transfer Method—Select via HTTP/HTTPS as the transfer method. • Save Action—Select Download as the action. • File Name—Click Browse to select a source file. • Destination File Type—Select the configuration file type to be upgraded. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 53: Configuration File Properties

    • Transfer Method—Select via HTTP/HTTPS as the transfer method. • Save Action—Select Backup as the action. • Source File Type—Select the configuration file type to be stored. Click Apply. STEP 5 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 54: Copy/Save Configuration Files

    Use the Copy/Save Configuration page to copy or save one configuration file to another for backup purposes. The bottom of the page has a button, Disable Save Icon Blinking. Click to toggle between disable and enable. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 55 The Save Icon Blinking field indicates whether an icon blinks when there is STEP 4 unsaved data. To disable or enable this feature, click Disable Save Icon Blinking or Enable Save Icon Blinking. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 56: Dhcp Auto Configuration

    When DHCPv6 messages are received from the server. When DHCPv6 information is refreshed by the switch. After rebooting the switch when stateless DHCPv6 client is enabled. • When the DHCPv6 server packets contain the configuration filename option. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 57 IPv4 Management and Interface section. Use the DHCP Auto Configuration page to perform the following actions when the information is not provided in a DHCP message: • Enable the DHCP Auto Configuration feature. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 58 TFTP server that is currently using. • Last Auto Configuration File Name—Displays the name of the configuration file located on the TFTP server that is currently using. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 59 Administration: File Management DHCP Auto Configuration Click Apply. The DHCP Auto Configuration parameters are defined, and the STEP 3 Running Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 60: Chapter 5: Administration: General Information

    • Device Models • Viewing System Summary • Configuring System Settings • Configuring Console Settings • Rebooting the Switch • Defining Idle Session Timeout • Ping a Host • Using Traceroute Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 61: Device Models

    1 to 48 SF220-48P-K9-NA, and 2 special-purpose SF220-48P-K9-EU, combo ports (GE/SFP) SF220-48P-K9-UK, SF220-48P-K9-AU, SF220-48P-K9-CN Gigabit Ethernet SG220-26 24 GE copper ports SG220-26-K9-NA, and 2 special-purpose SG220-26-K9-EU, combo ports (GE/SFP) SG220-26-K9-UK, SG220-26-K9-AU, SG220-26-K9-BR, SG220-26-K9-AR Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 62 (-CN), indicating that these features are only applicable for their China SKUs. These features are noted in this guide. You can find the PID information of your switch from the System Summary page. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 63: Viewing System Summary

    Firmware Version (Active Image)—Version number of the active firmware image. • Firmware MD5 Checksum (Active Image)—MD5 checksum of the active firmware image. • Firmware Version (Non-active)—Version number of the non-active firmware image. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 64 You can click Detail to go to the Port Management > PoE > PoE NOTE Properties page to see more details about the PoE settings. Other Summary Information • Serial Number—Serial number. • PID VID—Part number and version ID. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 65: Configuring System Settings

    The banners defined on the web-based interface can also be NOTE activated on the command-line interfaces (Console, Telnet, and SSH). Click Apply. The system settings are modified, and the Running Configuration is STEP 4 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 66: Configuring Console Settings

    Click Administration > Reboot. STEP 1 Click Reboot to reboot the switch. Because any unsaved information in the STEP 2 Running Configuration is discarded when the switch is rebooted, you must click Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 67: Defining Idle Session Timeout

    Select the timeout for the session from the corresponding drop-down menu. The STEP 2 default value is 10 minutes. Click Apply. The idle session timeout settings are defined, and the Running STEP 3 Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 68: Ping A Host

    To use the Traceroute utility: Click Administration > Traceroute. STEP 1 Enter the following information: STEP 2 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 69 The Traceroute command terminates when the destination is reached or when this value is reached. To use the default value (30), select Use Default. Click Apply. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 70: Chapter 6: Administration: Time Settings

    This chapter describes how to configure the system time, time zone, and daylight savings time (DST). It includes the following topics: • System Time Options • Configuring System Time • Configuring SNTP Server • Time Range Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 71: System Time Options

    Check Enable next to the Main Clock Source (SNTP Servers) field to use the STEP 2 SNTP source to set the system clock. The system time is obtained from an SNTP Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 72 Selecting Recurring allows further customization of the start and stop of DST: • From—Enter the date when DST begins each year. Day—Day of the week on which DST begins every year. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 73: Configuring Sntp Server

    SNTP Server Port—Enter the UDP port number to be specified in the SNTP message headers. By default, the port number is the well-known IANA value of 123. Click Apply. The SNTP server is added, and the Running Configuration is updated. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 74: Time Range

    (see Configuring Ports and Configuring LAG Settings) • Limit PoE operation to a specified period. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 75: Absolute Time Range

    Select the absolute time range to which to add the periodic range. STEP 2 To add a new periodic time range, click Add. STEP 3 Enter the following fields: STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 76 Periodic Ending Time—Enter the date and time that the Time Range ends on a periodic basis. Click Apply. STEP 5 Click Time Range to access the Absolute Time Range. STEP 6 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 77: Chapter 7: Administration: Diagnostics

    Select a port on which to run the copper test. STEP 2 Click Copper Test. STEP 3 The following fields for the test are displayed: • Test Results—Summary of the test results. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 78: Viewing Optical Module Status

    10 km. • MGBSX1—1000BASE-SX SFP transceiver, for multimode fiber, 850 nm wavelength, supports up to 550 m. • MGBT1: 1000BASE-T SFP transceiver for category 5 copper wire, supports up to 100 m. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 79: Configuring Port And Vlan Mirroring

    (destination) port. If more data is sent to the analyzer port than it can support, some data might be lost. The RSPAN VLAN feature is only applicable for the China switch models. NOTE Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 80 The options are: Rx Only—Port mirroring on incoming packets. Tx Only—Port mirroring on outgoing packets. Tx and Rx—Port mirroring on both incoming and outgoing packets. N/A—Traffic from this port is not mirrored. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 81 Destination Port—Select the analyzer port to where packets are copied. • Allow Ingress Packets—Check Enable to allow the destination port to send or receive normal packets. Click Apply. The Running Configuration is updated. STEP 9 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 82: Viewing Cpu Utilization

    Select the Refresh Rate (time period in seconds) that passes before the statistics STEP 3 are refreshed. A new sample is created for each time period. STEP 4 Click Apply. STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 83: Chapter 8: Administration: Discovery

    When Bonjour Discovery is disabled, the switch stops any service type advertisements and does not respond to requests for service from network management applications. By default, Bonjour is enabled on all interfaces that are members of the Management VLAN. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 84: Lldp And Cdp

    Configuration is updated. LLDP and CDP Link Layer Discovery Protocol (LLDP) and Cisco Discovery Protocol (CDP) are link layer protocols for directly connected LLDP and CDP-capable neighbors to advertise themselves and their capabilities to each other. By default, the switch...

  • Page 85: Configuring Lldp

    Information Base (MIB). The network management system models the topology of the network by querying these MIB databases. LLDP is a link layer protocol. By default, the switch terminates and processes all incoming LLDP packets as required by the protocol. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 86 Neighbors Information section. • View LLDP statistics of each port as described in the Viewing LLDP Statistics section. • View LLDP overloading information as described in the Viewing LLDP Overloading section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 87: Configuring Lldp Properties

    LLDP MED Fast Start mechanism is initialized. This occurs when a new endpoint device links to the switch. Refer the Configuring LLDP MED Network Policy section for more details. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 88: Configuring Lldp Port Settings

    System Description—Description of the network entity (in alphanumeric format). This includes the system's name and versions of the hardware, operating system, and networking software supported by the switch. The value equals the sysDescr object. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 89: Configuring Lldp Med Network Policy

    LLDP packets to the attached LLDP media endpoint device. The media endpoint device should send its traffic as specified in the network policy that it receives. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 90 VLAN ID—Enter the VLAN ID to which the traffic should be sent. • VLAN Tag—Select whether the traffic is Tagged or Untagged. • User Priority—Select the traffic priority applied to traffic defined by this network policy. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 91: Configuring Lldp Med Port Settings

    Location Coordinate—Enter the coordinate location to be published by LLDP. • Location Civic Address—Enter the civic address to be published by LLDP. • Location (ECS) ELIN—Enter the Emergency Call Service (ECS) ELIN location to be published by LLDP. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 92: Viewing Lldp Port Status

    LLDP MED Status—Where LLDP MED is enabled or disabled on the port. • Local PoE—(Only applicable for PoE models) Local PoE information advertised. • Remote PoE—(Only applicable for PoE models) PoE information advertised by the neighbor. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 93: Viewing Lldp Local Information

    • Port ID Subtype—Type of the port identifier that is shown. • Port ID—Identifier of port. • Port Description—Information about the port, including manufacturer, product name, and hardware and software versions. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 94 Aggregation Capability—Indicates whether the interface can be aggregated. • Aggregation Status—Indicates whether the interface is aggregated. • Aggregation Port ID—Advertised aggregated interface ID. MED Details • Capabilities Supported—MED capabilities supported on the port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 95 Tagged —Indicates the network policy is defined for tagged VLANs. Untagged —Indicates the network policy is defined for untagged VLANs. • User Priority—Network policy user priority. • DSCP—Network policy DSCP. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 96: Viewing Lldp Neighbors Information

    Click Detail to display the details of LLDP port status in a table. STEP 3 Click Refresh to refresh the data in the LLDP Neighbor table. STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 97: Viewing Lldp Statistics

    PDU size supported by a port. The LLDP Overloading page displays the number of bytes of LLDP/LLDP MED information, the number of available bytes for additional LLDP information, and the overloading status of each port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 98 Size (Bytes) —Total LLDP MED network policies packets byte size. Status —If the LLDP MED network policies packets were sent, or if they were overloaded. • LLDP MED Expanded Power via MDI Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 99 • Total Total (Bytes) —Total number of bytes of LLDP information in each packet. Available Bytes Left —Total number of available bytes left for additional LLDP information in each packet. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 100: Configuring Cdp

    Administration: Discovery Configuring CDP Configuring CDP Similar to LLDP, Cisco Discovery Protocol (CDP) is a link layer protocol for directly connected neighbors to advertise themselves and their capabilities to each other. Unlike LLDP, CDP is a Cisco proprietary protocol. This section describes how to configure CDP and includes the following topics: •...
  • Page 101 This means that the duplex information in the incoming frame does not match what the local device is advertising. Click Apply. The CDP properties are defined, and the Running Configuration is STEP 3 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 102: Configuring Cdp Port Settings

    Syslog Duplex Mismatch—Check Enable to send a SYSLOG message when duplex information mismatch is detected. This means that the duplex information in the incoming frame does not match what the local device is advertising. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 103: Viewing Cdp Local Information

    —Information about the software release on which the device is running. • Platform TLV Platform —Identifier of platform advertised in the platform TLV. • Native VLAN TLV Native VLAN —The native VLAN identifier advertised in the native VLAN TLV. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 104 TLV is received with a Request-ID field which is different from the last- received set (or when the first value is received). The interface transitions to Down. Available Power —(Only applicable for PoE models) Amount of power consumed by port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 105: Displaying Cdp Neighbor Information

    • Local Interface—Interface number of port through which frame arrived. • Advertisement Version—Version of CDP. • Time to Live—Time interval (in seconds) after which the information for this neighbor is deleted. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 106: Viewing Cdp Statistics

    Packets Received—Displays the counters for various types of packets received per interface. Version 1 —Number of CDP version 1 packets received. Version 2 —Number of CDP version 2 packets received. Total —Total number of CDP packets received. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 107 Click Clear All Interfaces Counters to clear the CDP statistics counters for all STEP 3 interfaces. Click Refresh to refresh the CDP statistics counters. STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 108: Chapter 9: Port Management

    By default, all LAGs are empty. Configure the Ethernet parameters, such as speed and auto-negotiation for the STEP 4 LAGs on the LAG Settings page, as described in the Configuring LAG Settings section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 109: Configuring Basic Port Settings

    To update the settings of a port, select the desired port and click Edit. STEP 5 Enter the following information: STEP 6 • Interface—Select the port to be modified. • Port Description—Enter the port user-defined name or comment. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 110 Operational Duplex Mode—Displays the port’s current duplex mode that is the result of negotiation. • Auto Advertisement Speed—Select the speed capability to be advertised by the port. The options are: All Speed—All port speed settings can be accepted. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 111 Packets received from protected ports can be forwarded only to unprotected egress ports. Protected port filtering rules are also applied to packets that are forwarded by software, such as snooping applications. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 112: Configuring Error Recovery Settings

    BPDU Guard —Check Enable to enable the timer to recover from the BPDU Guard cause. Broadcast Flood —Check Enable to enable the timer to recover from the Broadcast flood cause. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 113: Loopback Detection

    Network managers can define a Detection Interval that sets the time interval between LBD packets. The following loop cases can be detected by the Loopback Detection protocol: • Shorted wire—Port that loop backs all receiving traffic. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 114: How Lbd Works

    Loopback detection is not enabled by default. Detection interval is 30 seconds. Interactions with Other Features If STP is enabled on a port on which Loopback Detection is enabled, the port must be in STP forwarding state. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 115: Configuring Lbd Workflow

    STEP 6 Select Enable in the Loopback Detection State field for the port or LAG selected. STEP 7 Click Apply to save the configuration to the Running Configuration file. STEP 8 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 116: Configuring Link Aggregation

    Traffic load balancing over the active member ports of a LAG is managed by a hash-based distribution function that distributes Unicast and Multicast traffic based on Layer 2 packet header information. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 117: Lag Management

    All the ports in the LAG must have the same 802.1p priority. By default, ports are not members of a LAG and are not candidates to become part of a LAG. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 118: Static And Dynamic Lag Workflow

    STEP 1 In the Load Balance Algorithm area, select one of the following load balancing STEP 2 algorithms: • MAC Address—Performs load balancing by source and destination MAC addresses on all packets. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 119: Configuring Lag Settings

    LAG—Select the LAG to be configured. • LAG Type—Displays the port type that comprises the LAG. • Description—Enter the name of the LAG. • Administrative Status—Set the LAG to operational (Up) or nonoperational (Down). Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 120 Flow Control on the LAG. • Current Flow Control—Displays the current Flow Control setting. • Protected Port—Check Enable to make the LAG a protected port for Layer 2 isolation. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 121: Configuring Lacp

    If the port LACP priority of the link is lower than that of the currently active link members, and the number of active members is already at the maximum number, the link becomes inactive, and placed in standby mode. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 122 Click Apply. The LACP system priority is defined, and the Running Configuration is STEP 3 updated. To edit the LACP settings for a specific port, select the desired port, and click Edit. STEP 4 Enter the following information: STEP 5 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 123: Configuring Energy Efficient Ethernet

    Ethernet on the port, or uncheck to disable it on the port. Click Apply. The Energy Efficient Ethernet is enabled or disabled on the port, and STEP 3 the Running Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 124 Port Management Configuring Energy Efficient Ethernet Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 125: Chapter 10: Power Over Ethernet

    802.3at SG220-50P 375 Watts 1 to 48 802.3at SF220-28MP 375 Watts 1 to 24 802.3at The switch should be connected only to PoE networks without routing to the CAUTION outside plant. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 126: Poe On The Switch

    Eliminates the need to run 110/220 V AC power to all devices on a wired LAN. • Removes the necessity for placing all network devices next to power sources. • Eliminates the need to deploy double cabling systems in an enterprise significantly decreasing installation costs. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 127 There are two factors to consider in the PoE feature: • The amount of power that the PSE can supply • The amount of power that the PD is actually attempting to consume You can decide the following: Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 128: Configuring Poe Properties

    These settings are entered in advance. When the PD actually connects and is consuming power, it might consume much less than the maximum power allowed. Power is disabled during power-on reboot, initialization, and system configuration to ensure that PDs are not damaged. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 129 Allocated Power—Displays the amount of power allocated for the PoE ports. • Available Power—Nominal power minus the amount of allocated power. Click Apply. The PoE properties are defined, and the Running Configuration is STEP 3 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 130: Configuring Poe Port Settings

    • Administrative Power Allocation—If the power mode is Power Limit, enter the maximum amount of power in milliwatts allocated to the port. The default is 30,000 mW. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 131 Signatures are the means by which the powered device identifies itself to the PSE. Signatures are generated during powered device detection, classification, or maintenance. Click Apply. The PoE port settings are defined, and the Running Configuration is STEP 4 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 132 Power over Ethernet Configuring PoE Port Settings Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 133: Chapter 11: Managing Vlans

    A port in VLAN Access mode can be part of only one VLAN. If it is in General or Trunk mode, the port can be part of one or more VLANs. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 134 GVRP information exchanged by devices. A VLAN can be static or dynamic (from GVRP), but not both. For more information about GVRP, refer to the Configuring GVRP section. Some VLANs can have additional roles, including: Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 135: Configuring Default Vlan

    VLAN. The default VLAN has the following characteristics: • Distinct, nonstatic, and non-dynamic, and all ports are untagged members by default. • Cannot be deleted. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 136: Creating Vlans

    Each VLAN must be configured with a unique VID (VLAN ID) with a value from 1 to 4094. The switch reserves VID 4095 as the Discard VLAN. All packets classified to the Discard VLAN are discarded at ingress, and are never forwarded to a port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 137: Configuring Interface's Vlan Settings

    To configure the interface’s VLAN settings: Click VLAN Management > Interface Settings. STEP 1 Select an interface type (Port or LAG), and click Go. STEP 2 Select a port or LAG, and click Edit. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 138 Ingress filtering can be disabled or enabled on general ports. It is always enabled on access ports and trunk ports. • Uplink—(Available in Trunk mode) Check Enable to set the interface as an uplink port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 139: Configuring Port To Vlan

    PVID—Check to set the PVID of the interface to the VID of the VLAN. PVID is a per-port setting. Click Apply. The interfaces are assigned to the VLAN, the Running STEP 4 Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 140: Viewing Vlan Membership

    Operational VLANs—Displays all VLANs of which the interface is currently a member. • LAG—If the interface selected is Port, displays the LAG in which it is a member. Select a port, and click Join VLAN. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 141 VLAN membership. Click Apply. The settings are modified, and the Running Configuration is updated. STEP 5 To see the administrative and operational VLANs on an interface, click Details. STEP 6 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 142: Configuring Gvrp

    VLANs are not created. • GVRP Registration—Displays the VLAN registration mode on the interface. To define the GVRP settings for an interface, select the desired interface and click STEP 5 Edit. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 143: Configuring Voice Vlan

    Ethernet MAC address. For more information about Telephony OUI, see the Configuring Telephony OUI section. • Auto Voice VLAN—In Auto Voice VLAN mode, the voice VLAN can be either the default voice VLAN or manually configured. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 144 Add an interface to the voice VLAN on the basis of the OUI identifier and to configure the OUI QoS mode of voice VLAN as described in the Adding Interfaces to Voice VLAN on Basis of OUIs section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 145: Configuring Voice Vlan Properties

    VLAN. The OUI Global table can hold up to 16 OUIs. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 146 Click Apply. The OUI is added, and the Running Configuration is updated. STEP 6 Click Restore Default OUI to delete all user-created OUIs, and leave only the STEP 7 default OUIs in the table. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 147: Adding Interfaces To Voice Vlan On Basis Of Ouis

    Manual —Manually assigned to the voice VLAN. • Telephony OUI QoS Mode—Select one of the following options: Telephony Source MAC Address —QoS attributes are applied only on packets from IP phones. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 148 —QoS attributes are applied only on all packets that are classified to the voice VLAN. Click Apply. The Telephony OUI interface settings are defined, and the Running STEP 4 Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 149: Chapter 12: Spanning Tree Protocol

    STP provides a tree topology for any arrangement of switches and interconnecting links, creating a unique path between end stations on a network, eliminating loops. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 150: Configuring Stp Status And Global Settings

    In the Global Settings area, enter the following information: STEP 2 • Spanning Tree State—Enable or disable STP on the switch. • STP Loopback Guard—Select to enable Loopback Guard on the device. • STP Operation Mode—Select the STP mode. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 151 Root Port—The port that offers the lowest cost path from this bridge to the Root Bridge. (This is significant when the bridge is not the root.) • Root Path Cost—The cost of the path from this bridge to the root. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 152: Configuring Stp Interface Settings

    BPDU Filter—If enabled, the interface will not send and receive BPDU messages. • Path Cost—Select User Defined to enter the port contribution to the root path cost, or select Use Default to use the default cost generated by the system. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 153: Configuring Rstp Interface Settings

    Use the RSTP Interface Settings page to configure RSTP per port. Any configuration that is done on this page is active when the global STP mode is set to RSTP or MSTP. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 154 Backup ports also occur when a LAN has two or more connections connected to a shared segment. Disabled—The port is not participating in Spanning Tree. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 155: Configuring Multiple Spanning Tree

    Set the STP operation mode to MSTP as described in the Configuring STP STEP 1 Status and Global Settings section. Define global MSTP parameters as described in the Configuring MSTP STEP 2 Properties section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 156: Configuring Mstp Properties

    STEP 2 • Region Name—Enter the MSTP region name. • Revision—Enter an unsigned 16-bit number that identifies the revision of the current MSTP configuration. The field range is from 0 to 65535. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 157: Mapping Vlans To Mst Instance

    Action—Select either Add or Remove to map or remove the VLANs to or from the MSTP instance. Click Apply. The VLAN-to-MSTP instance mapping is defined, and the Running STEP 4 Configuration file is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 158: Configuring Mstp Instance Settings

    To configure the MSTP interface settings: Click Spanning Tree > MSTP Interface Settings. STEP 1 Select an MSTP instance and the interface type (Port or LAG) and click Go. STEP 2 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 159 LAN to the Root Bridge for the MST instance. Alternate—The port provides an alternate path to the root device from the root interface. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 160 Ports with a lower cost are less likely to be blocked if STP detects loops. • Remaining Hops—Displays the hops remaining to the next destination. Click Apply. The Running Configuration is updated. STEP 5 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 161: Chapter 13: Mac Address Tables

    MAC address that is not found in the tables, they are transmitted or broadcast to all ports on the relevant VLAN. Such frames are referred to as unknown Unicast frames. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 162: Configuring Static Mac Addresses

    Delete on Timeout—The MAC address is deleted when aging occurs. Secure—The MAC address is secure when the port is in classic locked mode. Click Apply. The static MAC address is added, and the Running Configuration is STEP 4 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 163: Configuring Static Mac Address Filter

    For example, if you entered 300 seconds, the aging time is between 300 and 599 seconds. Click Apply. The aging time is defined, and the Running Configuration is updated. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 164: Querying Dynamic Mac Addresses

    Table Sort Key drop-down menu, and click Go. The address table will be sorted by VLAN ID, MAC address, or interface. Click Clear Table to delete all dynamic MAC addresses. STEP 5 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 165: Configuring Reserved Mac Addresses

    Bridge—Forwards the packet to all VLAN members. Discard—Deletes the packet. Peer—Drops or deals with the packet depending on the protocol. Click Apply. The MAC address is reserved, and the Running Configuration is STEP 4 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 166: Chapter 14: Multicast Forwarding

    The data is sent only to relevant ports. Forwarding the data only to the relevant ports conserves bandwidth and host resources on links. For Multicast forwarding to work across IP subnets, nodes, and routers must be Multicast-capable. A Multicast-capable node must be able to: Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 167 Multicast information that each port should receive. The Multicast groups and their receiving ports can be configured statically or learned dynamically using IGMP or Multicast Listener Discovery (MLD) protocols snooping. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 168 Each IPv4 Multicast address is in the address range 224.0.0.0 to 239.255.255.255. • The IPv6 Multicast address is FF00:/8. • To map an IP Multicast group address to an Layer 2 Multicast address: Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 169: Configuring Multicast Properties

    Unknown Multicast Action—Choose how to deal with unknown Multicast frames. The possible options are: Drop —Drops unknown Multicast frames. Flood —Floods unknown Multicast frames. Forward to Router Port —Forwards unknown Multicast frames to Mrouter port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 170: Configuring Ip Multicast Group Addresses

    STEP 6 • Static—Attaches the port to the Multicast group as a static member. • None—Indicates that the port is not currently a member of this Multicast group on this VLAN. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 171: Configuring Igmp Snooping

    There should be only one IGMP querier in a Layer 2 multicast domain. The switch supports standards-based IGMP querier election when more than one IGMP querier is present in the domain. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 172 Query Interval—Enter the interval between the general queries to be used if this switch is the elected querier. • Query Max Response Interval—Enter the delay used to calculate the maximum response code inserted into the periodic general queries. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 173: Configuring Mld Snooping

    Multicast groups. The switch does not support MLD querier. The switch supports two MLD Snooping versions: • MLDv1 Snooping detects MLDv1 control packets, and sets up traffic bridging, based on IPv6 destination Multicast addresses. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 174 Multicast traffic. The switch performs MLD Snooping only when MLD Snooping is enabled globally and on the VLAN. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 175: Querying Igmp/Mld Ip Multicast Groups

    VLAN ID equals to—Enter the VLAN ID to query. • IP Version equals to—Select either Version 4 or Version 6. • IP Multicast Group Address equals to—Enter the IP Multicast group address to query. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 176: Configuring Multicast Router Ports

    Click Go. The interfaces matching the query criteria are displayed. STEP 3 For each interface, select its association type. The options are: STEP 4 • Static—The port is statically configured as a Multicast router port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 177: Configuring Forward All Multicast

    Forbidden—The port cannot receive any registered Multicast streams, even if IGMP/MLD snooping designated the port to join a Multicast group. • None—The port is not currently a Forward All port. Click Apply. The Running Configuration is updated. STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 178: Configuring Maximum Igmp And Mld Groups

    IP group range, and assign the profile to an interface. The Multicast filter settings will be applied to the selected interface. This section includes the following topics: • Configuring Multicast Filter Profiles Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 179: Configuring Multicast Filter Profiles

    STEP 1 Select the IP version and the interface type (Port and LAG), and click Go. STEP 2 Select an interface and click Edit. STEP 3 Enter the following information: STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 180 Filter Profile Index—If enabled, select the Multicast filter profile to be applied. The Multicast filter settings defined in the profile are applied to the interface. Click Apply. The Running Configuration is updated. STEP 5 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 181: Chapter 15: Ip Configuration

    If the ARP response shows that the IPv4 address is in use, the switch sends a DHCPDECLINE message to the offering DHCP server, and sends another DHCPDISCOVER packet that restarts the process. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 182 IP address must be defined and known. The default configuration of the switch is to use its factory default IP address of 192.168.1.254. The switch IP address can be manually configured. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 183: Ipv4 Management And Interface

    Operational Default Gateway—Displays the current default gateway IP address. If the switch is not configured with a default gateway, it cannot NOTE communicate with other devices that are not in the same IP subnet. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 184: Ipv6 Management And Interface

    IPv6 Address—Enter the IPv6 address of the switch. • Prefix_Length—Enter the length of the global IPv6 prefix of the switch. • IPv6 Gateway—Enter the link local IPv6 address of the default router. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 185: Configuring Domain Name System

    IP addresses through the use of one or more configured DNS servers. This section describes how to define DNS servers and includes the following topics: • Configuring General DNS Settings • Viewing Static and Dynamic DNS Servers • Configuring Host Mapping Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 186: Configuring General Dns Settings

    Preference—Select the preference value for the DNS server. Each server has a preference value, a lower value means a higher chance of being used. Click Apply. The DNS server is defined, and the Running Configuration is updated. STEP 8 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 187: Viewing Static And Dynamic Dns Servers

    The following fields are displayed: • Host Name—User-defined host name or fully-qualified name. • IP Address—The host IP address. • IP Version—IP version of the host IP address. • Type—Static entry to the cache. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 188 IP Address (es)—Enter a single address or up to eight associated IP addresses (IPv4 or IPv6). Click Apply. The host mapping is added, and the Running Configuration is STEP 4 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 189: Chapter 16: Configuring Security

    Configuring Security The Cisco 220 switch handles various types of security, such as permission to administer the switch, protection from attacks directed at the switch CPU, access control of end-users to the network through the switch, protection from other network users (prevent the attacks that pass through, but are not directed at, the switch).

  • Page 190: Configuring Users

    Configuring Users Configuring Users The default username/password is cisco/cisco. The first time that you log in with the default username and password, or when the current password expires, you are required to set a new password. Password complexity is enabled by default.

  • Page 191: Configuring Tacacs+ Servers

    TACACS+ server. If you enter the default key string here and a key string for an individual TACACS+ server, the key string configured for the individual TACACS+ server takes precedence. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 192 Authentication IP Port—Enter the port number through which the TACACS+ session occurs. The default is port 49. Click Apply. The TACACS+ server is added, and the Running Configuration is STEP 6 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 193: Configuring Radius Servers

    Configuration is updated. To add a RADIUS server, click Add. STEP 4 Enter the following information: STEP 5 • Server Definition—Select whether to specify the RADIUS server by IP address or name. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 194 All—RADIUS server is used for authenticating user that wants to administer the switch and for authentication in 802.1X access control. Click Apply. The RADIUS server is added, and the Running Configuration is STEP 6 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 195: Configuring Management Access Methods

    All of the above • Action—Permits or denies access to an interface or source address. • Interface—Which ports or LAGs are permitted to access or denied access to the web-based interface. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 196: Active Access Profile

    A caution message appears if you selected Console Only. If you continue, NOTE you are immediately disconnected from the web-based interface and can only access the switch through the console port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 197 Deny—Denies access to the switch if the user matches the settings in the profile. • Applies to Interface—Select the interface attached to the rule. The options are: All—Applies to all ports, VLANs, and LAGs. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 198: Configuring Profile Rules

    For example, you can limit access to the switch from all IP addresses except IP addresses that are allocated to the IT management center. In this way, the switch can still be managed and has gained another layer of security. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 199 Applies to Interface—Select the interface attached to the rule. The options are: All—Applies to all interfaces. User Defined—Applies only to a specific port or LAG. You need to select a port or LAG from the Interface drop-down menu. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 200: Configuring Password Complexity Rules

    Click Security > Password Strength. STEP 1 Enter the password aging parameters: STEP 2 • Password Aging—Check Enable to ask the user to change the password when the Password Aging Time expires. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 201 • The New Password Must Be Different than the User Name—If selected, the new password cannot be the same as the current username upon a password change. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 202: Configuring Management Access Authentication

    RADIUS servers. • TACACS+—User is authenticated on a TACACS+ server. You must have configured one or more TACACS+ servers. • None—User is allowed to access the switch without authentication. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 203: Configuring Tcp/Udp Services

    Remote Port—TCP port of the remote device that is requesting the service. • State—The state of the service. The optional values are: ESTABLISHED—The socket has an established connection. SYN_SENT—The socket is actively attempting to establish a connection. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 204 HTTPS Service—Check Enable to enable the HTTPS service, or uncheck to disable it. The default is enabled. • SNMP Service—Check Enable to enable the SNMP service, or uncheck to disable it. The default is disabled. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 205: Configuring Storm Control

    Click Apply. The storm control parameters are defined, and the Running STEP 3 Configuration is updated. To modify the storm control settings for a port, select the desired port and click STEP 4 Edit. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 206 Drop —Discard the frames received beyond the threshold. Shutdown —Shut down the port. Click Apply. The port’s storm control settings are modified, and the Running STEP 6 Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 207: Configuring Port Security

    Use the Port Security page to configure the security parameters for all ports, and to enable their modification. To configure port security: Click Security > Port Security. STEP 1 Select a port and click Edit. STEP 2 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 208 The switch enables traps when a packet is received on a locked interface. This is relevant for lock violations. Click Apply. Port security is modified, and the Running Configuration is updated. STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 209: Configuring 802.1X

    • Multi-Session 802.1X—Every device (supplicant) connecting to a port must be authenticated and authorized by the switch (authenticator) separately in a different 802.1x session. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 210: 802.1X Parameters Workflow

    The Guest VLAN cannot be used as the Voice VLAN and an unauthenticated VLAN. 802.1X Parameters Workflow Define the 802.1X parameters as follows: • Define 802.1X settings for each port by using the Edit Port Authentication page. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 211: Defining 802.1X Properties

    A port with 802.1x defined on it cannot become a member of a LAG. NOTE Click Security > 802.1X > Port Authentication. STEP 1 Select a port, and click Edit. STEP 2 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 212 VLAN attributes to be sent by the RADIUS server (as defined in RFC 3580): [64] Tunnel-Type = VLAN (type 13) [65] Tunnel-Medium-Type = 802 (type 6) [81] Tunnel-Private-Group-Id = VLAN ID Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 213 Supplicant Timeout-—Enter the number of seconds that lapses before EAP requests are resent to the supplicant. • Server Timeout—Enter the number of seconds that lapses before the switch resends a request to the authentication server. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 214: Defining Host And Session Authentication

    Host Authentication—Select one of the modes. These modes are described above in Defining Host and Session Authentication. The following fields are only relevant if you select Single in the Host NOTE Authentication field. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 215: Viewing Authenticated Hosts

    Session Time (DD:HH:MM:SS)—Amount of time that the supplicant was logged on the port. • Authentication Method—Method by which the last session was authenticated. • MAC Address—Displays the supplicant MAC address. • VLAN ID—Displays the supplicant VLAN ID. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 216: Configuring Dos Protection

    One method of resisting DoS attacks employed by the switch is the use of SCT. SCT is enabled by default on the switch and cannot be disabled. The Cisco device is an advanced device that handles management traffic, protocol traffic and snooping traffic, in addition to end-user (TCP) traffic. SCT ensures that the switch receives and processes management and protocol traffic, no matter how much total traffic is received.

  • Page 217: Configuring Dos Security Suite Settings

    DA Equals SA • ICMP Frag Packets • ICMP Ping Maximum Length • IPv6 Minimum Frag Length • Land • Null Scan • • Smurf Netmask • TCP Source Port Less 1024 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 218: Configuring Dos Interface Settings

    • IP Gratuitous ARPs Protection—Check Enable to enable the IP gratuitous ARP protection feature on the port, or uncheck to disable this feature on the port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 219: Configuring Syn Protection

    SYN and FIN flags are dropped on the ports that enabled DoS protection. • SYN Protection Mode—Select one of the following protection modes: Disable—The feature is disabled on the port. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 220: Configuring Dhcp Snooping

    Configuring DHCP Snooping on VLANs • Configuring DHCP Snooping Trusted Interfaces • Querying DHCP Snooping Binding Database • Viewing Option 82 Statistics • Configuring Option 82 Interface Settings • Configuring Option 82 Port CID Settings Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 221: Configuring Dhcp Snooping Properties

    Write Delay—Enter the duration in seconds for which the transfer should be delayed after the DHCP Snooping binding database changes. The default is 300 seconds. The range is from 15 to 86400 seconds. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 222: Configuring Dhcp Snooping On Vlans

    Select the interface type (Port or LAG), and click Go. STEP 2 Select an interface and click Edit. STEP 3 Enter the following information: STEP 4 • Trusted Interface—Select to trust or not trust the selected interface. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 223: Querying Dhcp Snooping Binding Database

    MAC Address—MAC address found during the query. • IP Address—IP address found during the query. • Interface—Interface connected to the address found during the query. • Type—IP address binding type. The possible values are: Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 224: Viewing Option 82 Statistics

    Invalid Drop—Total number of packets that are dropped due to invalid. Click Refresh to refresh the data in the table, or click Clear to clear all data in the STEP 3 table. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 225: Configuring Option 82 Interface Settings

    Enter the following information: STEP 3 • Interface—Select a port or a LAG. • VLAN Status—Check Enable to use circuit ID on a specific VLAN, or uncheck to use circuit ID on all VLANs. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 226: Configuring Ip Source Guard

    Enter the following information: STEP 4 • Interface—Select a port or LAG. • IP Source Guard—Check Enable to enable IP Source Guard on the interface, or uncheck to disable this feature on the interface. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 227: Querying Ip Source Binding Database

    —Indicates the IP address is a static IP address. • Lease Time—The amount of time that the IP address is active. IP addresses whose lease times are expired are deleted from the database. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 228: Configuring Dynamic Arp Inspection

    Interaction Between ARP Inspection and DHCP Snooping • Workflow to Configure ARP Inspection • Configuring ARP Inspection Properties • Configuring ARP Inspection Trusted Interfaces • Viewing ARP Inspection Statistics • Configuring ARP Inspection VLAN Settings Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 229: Arp Cache Poisoning

    Source MAC Address—Compares the packet’s source MAC address in the Ethernet header against the sender’s MAC address in the ARP request. This check is performed on both ARP requests and responses. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 230: Interaction Between Arp Inspection And Dhcp Snooping

    Configuring ARP Inspection Properties more details. Configure interfaces as ARP trusted or untrusted on the Security > ARP Inspection STEP 2 > Interface Settings page. See Configuring ARP Inspection Trusted Interfaces for more details. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 231: Configuring Arp Inspection Properties

    Allow all-zeros IP —If IP address validation is enabled, check Enable to allow 0.0.0.0 the IP address. Click Apply. The ARP Inspection properties are defined, and the Running STEP 3 Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 232: Configuring Arp Inspection Trusted Interfaces

    Rate Limit (pps)—Enter the maximum rate that is allowed on the interface. The range is 1 to 300 pps and the default is 15. Click Apply. The ARP Inspection trusted interfaces are defined, and the Running STEP 5 Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 233: Viewing Arp Inspection Statistics

    ARP Inspection list. If the addresses match, the packet passes through the interface. • If the switch does not find a matching IP address, but DHCP Snooping is enabled on the VLAN, the switch checks the DHCP Snooping database for Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 234 Select the VLANs from the Available VLANs column and add them to the Enabled STEP 2 VLANs column. Click Apply. ARP Inspection settings are applied on the selected VLANs, and the STEP 3 Running Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 235: Chapter 17: Access Control

    Access Control Lists • Configuring MAC-based ACLs • Configuring MAC-based ACEs • Configuring IPv4-based ACLs • Configuring IPv4-Based ACEs • Configuring IPv6-based ACLs • Configuring IPv6-based ACEs • Configuring ACL Binding Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 236: Access Control Lists

    To associate more than one ACL with a port, a policy with one or more class maps must be used (see Configuring QoS Policies in the Configuring QoS Advanced Mode section). Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 237 IPv6-based ACL on the IPv6-Based ACL page and the IPv6-Based ACE page. See Configuring IPv6-based ACLs Configuring IPv6-based ACEs for more details. Associate the ACL with interfaces on the ACL Binding page. See Configuring ACL STEP 2 Binding for more details. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 238: Configuring Mac-Based Acls

    Enter the name of the new ACL in the ACL Name field. ACL names are STEP 3 case-sensitive. Click Apply. The MAC-based ACL is added, and the Running Configuration is STEP 4 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 239: Configuring Mac-Based Aces

    User Defined to enter a destination address or a range of destination addresses. Destination MAC Address Value —Enter the MAC address to which the destination MAC address will be matched and its mask (if relevant). Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 240 —Enter the wildcard mask to be applied to the VPT tag. • Ethertype—Enter the frame Ethertype to be matched. Click Apply. The MAC-based ACE is defined, and the Running Configuration is STEP 5 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 241: Configuring Ipv4-Based Acls

    STEP 4 updated. Click IPv4-Based ACE Table. STEP 5 The IPv4-Based ACE page opens. You can view and/or add rules to this IPv4- based ACL. See Configuring IPv4-Based ACEs for more details. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 242: Configuring Ipv4-Based Aces

    Select from list—Select one of the following protocols from the drop- down menu: ICMP—Internet Control Message Protocol IP in IP—IP in IP encapsulation TCP—Transmission Control Protocol EGP—Exterior Gateway Protocol IGP—Interior Gateway Protocol UDP—User Datagram Protocol HMP—Host Mapping Protocol RDP—Reliable Datagram Protocol Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 243 Any—Match to all source ports. Single—Enter a single TCP/UDP source port to which packets are matched. This field is active only if TCP or UDP is selected from the Select from list drop-down menu. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 244 ICMP Code—The ICMP messages can have a code field that indicates how to handle the message. Select Any to accept all codes, or select User Defined to enter an ICMP code for filtering purposes. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 245: Configuring Ipv6-Based Acls

    Select an IPv6-based ACL, and click Go. All currently defined IPv6-based ACEs for STEP 2 the selected ACL are displayed. To add a rule (ACE) for the selected ACL, click Add. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 246 —Enter the prefix length of the source IP address. • Destination IP Address—Select Any if all destination address are acceptable, or select User Defined to enter a destination address or a range of destination addresses. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 247 ICMP—If the ACL is based on ICMP, select the ICMP message type that will be used for filtering purposes. The options are: Any (IP)—All message types are accepted. Select from list—Select the message type by name from the drop-down list. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 248: Configuring Acl Binding

    IPv4 ACL—IPv4-based ACLs that are bound to the interface (if any). • IPv6 ACL—IPv6-based ACLs that are bound to the interface (if any). To unbind all ACLs from an interface, select the interface, and click Clear. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 249 Click Apply. The ACL binding setting is modified, and the Running Configuration is STEP 6 updated. If no ACL is selected, the ACLs that are previously bound to the interface are NOTE unbound. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 250: Chapter 18: Quality Of Service

    ACL, and only traffic that meets the ACL criteria is subject to cost of service (CoS) or QoS classification. • Assignment to Hardware Queues—Assigns incoming packets to forwarding queues. Packets are sent to a particular queue for handling as a Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 251 When changing from QoS basic mode to QoS advanced mode, the QoS trust mode configuration in QoS basic mode is not retained. • When disabling QoS, the shaper and queue setting (WRR/SP bandwidth setting) are reset to default values. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 252: Workflow To Configure Qos Settings

    Remark the DSCP value for egress traffic from each queue as described in Mapping Queue to DSCP section. Enter bandwidth and rate limits: STEP 7 • Set ingress rate limit and egress shaping rate per port as described in the Configuring Bandwidth section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 253: Configuring Qos Properties

    (that do not have a VLAN tag). The range is 0 to 7. The default CoS value is applicable only if the switch is in QoS basic mode and CoS/802.1p is the trusted mode. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 254: Configuring Qos Queues

    WRR queues. After the SP queues have been emptied, traffic from the WRR queues is forwarded. (The relative portion from each WRR queue depends on its weight). Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 255: Mapping Cos/802.1P To A Queue

    802.1p priority will be the default CoS/802.1p priority assigned to the ingress ports. 802.1p Values Queue Notes (0 to 7, 7 being (8 queues, 8 being the highest) the highest priority) Background Best Effort Excellent Effort Critical Application LVS phone SIP Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 256 Click Apply. 802.1p priority values to queues are mapped, and the Running STEP 3 Configuration is updated. Click Restore Defaults to restore the CoS/802.1p to Queue mappings to factory STEP 4 defaults. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 257: Mapping Ip Precedence To Queue

    The Ingress DSCP column displays the DSCP value in the incoming packet and its associated class. Select the traffic forwarding queue from the Output Queue drop-down menu to STEP 2 which the DSCP value is mapped. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 258: Mapping Queues To Cos/802.1P

    For each output queue, select the IP precedence to which egress traffic from the STEP 2 queue is remarked. Click Apply. The Running Configuration is updated. STEP 3 Click Restore Defaults to restore the queue to IP precedence mappings to factory STEP 4 defaults. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 259: Mapping Queue To Dscp

    Remark IP Precedence—Check Enable to remark the IP precedence for egress traffic on this port or LAG. • Remark DSCP—Check Enable to remark the DSCP value for egress traffic on this port or LAG. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 260: Configuring Bandwidth

    The switch limits all frames except for management frames. Any frames that are not limited are ignored in the rate calculations, meaning that their size is not included in the limit total. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 261: Configuring Vlan Rate Limit

    VLAN rate limit values will be applied on each of the devices independently. This feature requires that the switch is in QoS basic mode or in QoS advanced mode. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 262: Configuring Vlan Port Rate Limit

    • Interface—Enter an interface or a range of interfaces. The interfaces must be bound to the selected VLAN. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 263: Configuring Tcp Congestion Avoidance

    If there is any port that, as an exception, should not trust the incoming CoS mark, STEP 3 disable the QoS state on that port on the Interface Settings page, as described in Configuring Basic QoS Interface Settings section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 264: Configuring Basic Qos Trust Mode

    The actual mapping of the IP precedence to queue can be configured on the IP Precedence to Queue page. • CoS/802.1p-DSCP—Uses the trust CoS mode for non-IP traffic and trust DSCP mode for IP traffic. Click Apply. The Running Configuration is updated. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 265: Configuring Basic Qos Interface Settings

    A class map defines a flow with one or more associating ACLs. Packets that match only ACL rules (ACE) in a class map with Permit (forward) action are considered belonging to the same flow, and are subjected to the same Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 266 Select the trust mode for QoS advanced mode on the Global Settings page, as STEP 2 described in the Configuring Advanced QoS Global Settings section. Create ACLs as described in the Creating ACLs Workflow section. STEP 3 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 267: Configuring Advanced Qos Global Settings

    VLAN tag, or based on the per-port default CoS/802.1p value (if there is no VLAN tag on the incoming packet), the actual mapping of the VPT to queue can be configured on the CoS/802.1p to Queue page. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 268: Configuring Class Mapping

    If more complex sets of rules are needed, several class maps can be grouped into a super-group called a policy (see the Configuring QoS Policies section). Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 269: Qos Policers

    It can be done by using the ACLs in the class maps to match the desired traffic, and by using a policer to apply the QoS on the matching traffic. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 270: Configuring Aggregate Policers

    QoS to all of its flows in aggregation regardless of policies and ports. To define an aggregate policer: Click Quality of Service > QoS Advanced Mode > Aggregate Policer. STEP 1 Click Add. STEP 2 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 271: Configuring Qos Policies

    STEP 3 Click Apply. The QoS policy profile is added, and the Running Configuration is STEP 4 updated. Click Policy Class Map Table to display the Policy Class Maps page. STEP 5 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 272: Configuring Policy Class Maps

    Aggregate Policer—If Police Type is Aggregate, select a previously defined aggregate policer. • Ingress Committed Information Rate (CIR)—If Police Type is Single, enter the CIR in kbps. See the description in the Configuring Bandwidth section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 273: Configuring Policy Binding

    To view the policies bound to all interfaces, click Show Policy Binding Per Port. STEP 5 The Policy Binding Table displays the policy bound to each interface. Click Back to return to the previous page. STEP 6 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 274: Chapter 19: Snmp

    Configuring SNMP Notification Recipients SNMP Versions and Workflow The Cisco 220 switch functions as an SNMP agent and supports SNMP v1, v2, and v3. It also reports system events to trap receivers using the traps defined in the Management Information Base (MIB) that it supports.
  • Page 275 Configuring SNMP Views section. Define SNMP groups on the SNMP > Groups page, as described in the STEP 2 Configuring SNMP Groups section. The group can be associated with the specified SNMP view. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 276 The SNMP users can be associated with an SNMP group. Define the notification recipients on the SNMP > Notification Recipients SNMPv3 STEP 5 page as described in the Configuring SNMPv3 Notification Recipients section. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 277: Supported Mibs

    SNMP Supported MIBs Supported MIBs The following standard MIBs are supported by the Cisco 220 switch: • RFC1213 MIB-II • RFC1215 Generic-Traps MIB • RFC1493 (4188) Bridge MIB • RFC2618 RADIUS Client MIB • RFC2674 Bridge MIB Extension • RFC2737 Entity MIB •...

  • Page 278: Model Object Ids

    MAC address. The SNMP Engine ID must be unique for the administrative domain, so that no two devices in a network have the same Engine Local information is stored in four MIB variables that are read-only (snmpEngineId, snmpEngineBoots, snmpEngineTime, and snmpEngineMaxMessageSize). Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 279 Server IP Address/Name—Enter the IP address or domain name of the remote server that receives the traps. • Engine ID—Enter the Engine ID. Click Apply. The remote Engine ID is defined, and the Running Configuration is STEP 6 updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 280: Configuring Snmp Views

    Include In View—Check to include the selected MIBs in this view, or uncheck to exclude them. Click Apply. The SNMP view is defined, and the Running Configuration is updated. STEP 4 Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 281: Configuring Snmp Groups

    To add a new SNMP group, click Add. STEP 2 Enter the following information: STEP 3 • Group Name—Enter the new group name. • Security Model—Select the SNMP version (SNMPv1, SNMPv2, or SNMPv3) attached to the group. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 282: Managing Snmp Users

    An SNMP user is defined by the login credentials (username, passwords, and authentication method) and by the context and scope in which it operates by association with a group and an Engine ID. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 283 Privacy Password—Select Encrypted to enter an encrypted privacy password, or select Plaintext to enter the privacy password in plaintext format. The password that is used for generating a key by the DES method. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 284: Configuring Snmp Communities

    Admin) and, optionally, further qualify it for a specific view. By default, it applies to the entire MIB. If this option is selected, enter the following fields: Access Mode —Select the access rights of the community. The options are: Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 285: Configuring Snmp Notification Recipients

    An SNMP notification is a message sent from the switch to the SNMP management station indicating that a certain event has occurred, such as a link up/ down. This section describes how to configure SNMP notification recipients and includes the following topics: Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 286: Configuring Snmpv1,2 Notification Recipients

    Notification Version—Select the trap SNMP version. Either SNMPv1 or SNMPv2 may be used, with only a single version enabled at a single time. Click Apply. The SNMPv1,2 notification recipient is defined, and the Running STEP 4 Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 287: Configuring Snmpv3 Notification Recipients

    No Authentication —Indicates that the packet is neither authenticated nor encrypted. Authentication —Indicates that the packet is authenticated but not encrypted. Privacy —Indicates that the packet is both authenticated and encrypted. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...
  • Page 288 Authentication and Privacy on the Users page, the security level on this screen can be either No Authentication, or Authentication, or Privacy. Click Apply. The SNMPv3 notification recipient is defined, and the Running STEP 4 Configuration is updated. Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x...

  • Page 289: Appendix A: Where To Go From Here

    Where to Go From Here Cisco provides a wide range of resources to help you and your customer obtain the full benefits of the Cisco 220 Series Smart Switches. Cisco Support Community www.cisco.com/go/smallbizsupport Cisco Support and www.cisco.com/go/smallbizhelp Resources Phone Support Contacts www.cisco.com/en/US/support/...

This manual is also suitable for:

Sf220-24pSf220-48Sf220-48pSg220-26Sg220-26pSg220-50p ... Show all

Table of Contents