Page 1 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide Cisco IOS Release 12.0(5)WC(1) April 2001 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100...
Page 2 LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
Page 3 Ordering Documentation Documentation Feedback Obtaining Technical Assistance xxii Cisco.com xxii Technical Assistance Center xxii Contacting TAC by Using the Cisco TAC Website xxiii Contacting TAC by Telephone xxiii Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 78-6511-05...
Page 4: Table Of Contents
Contents Overview C H A P T E R Features Management Options Management Interface Options Advantages of Using CMS and Clustering Switches Network Configuration Examples 1-10 Design Concepts for Using the Switch 1-10 Small to Medium-Sized Network Configuration 1-14 Collapsed Backbone and Switch Cluster Configuration 1-16 Large Campus Configuration 1-18...
Page 5 Contents Device Pop-Up Menu 2-28 Candidate, Member, and Link Pop-Up Menus 2-29 CMS Window Components 2-31 Host Name List 2-32 Tabs 2-32 Lists 2-32 Buttons 2-33 Online Help 2-33 Accessing CMS 2-35 Saving Configuration Changes 2-37 Using Different Versions of Web-Based Switch Management Software 2-38 Where to Go Next 2-38...
Page 6: Candidate And Cluster Member
Contents General Switch Administration C H A P T E R Basic IP Connectivity to the Switch Switch Software Releases Console Port Access Telnet Access to the CLI HTTP Access to CMS SNMP Network Management Platforms Using FTP to Access the MIB Files Using SNMP to Access MIB Variables Default Settings Clustering Switches...
Page 7: Verifying
Contents Creating a Switch Cluster 5-13 Designating and Enabling a Command Switch 5-14 Adding and Removing Cluster Members 5-14 Designating and Enabling Standby Command Switches 5-17 Verifying a Switch Cluster 5-19 Displaying an Inventory of the Clustered Switches 5-19 Displaying Link Information 5-20 Using the CLI to Manage Switch Clusters 5-21...
Page 8 Contents Configuring SNMP 6-18 Disabling and Enabling SNMP 6-18 Entering Community Strings 6-19 Adding Trap Managers 6-19 Configuring CDP 6-22 Configuring CDP for Extended Discovery 6-22 Configuring STP 6-24 Supported STP Instances 6-24 Using STP to Support Redundant Connectivity 6-25 Disabling STP 6-25 Accelerating Aging to Retain Connectivity...
Page 9 Contents Managing the ARP Table 6-45 Controlling IP Multicast Packets through CGMP 6-46 Enabling the Fast Leave Feature 6-47 Disabling the CGMP Fast Leave Feature 6-47 Changing the CGMP Router Hold-Time 6-48 Removing Multicast Groups 6-48 Configuring MVR 6-49 Using MVR in a Multicast Television Application 6-49 Configuration Guidelines and Limitations 6-51...
Page 10 Configuring Voice Ports 7-17 Preparing a Port for a Cisco 7960 IP Phone Connection 7-18 Configuring a Port to Connect to a Cisco 7960 IP Phone 7-18 Overriding the CoS Priority of Incoming Frames 7-19 Configuring Voice Ports to Carry Voice and Data Traffic on Different...
Page 11 Contents Configuring Inline Power on the Catalyst 3524-PWR Ports 7-21 Configuring the LRE Ports 7-22 LRE Links and LRE Profiles 7-22 LRE Ethernet Links 7-25 Assigning a Public Profile to All LRE Ports 7-27 Assigning a Private Profile to an LRE Port 7-28 Configuring VLANs C H A P T E R...
Page 12 Contents Configuring VTP 8-20 Configuring VTP Server Mode 8-21 Configuring VTP Client Mode 8-22 Disabling VTP (VTP Transparent Mode) 8-23 Enabling VTP Version 2 8-24 Disabling VTP Version 2 8-25 Enabling VTP Pruning 8-25 Monitoring VTP 8-26 VLANs in the VTP Database 8-27 Token Ring VLANs 8-27...
Page 13 Contents Load Sharing Using STP 8-46 Load Sharing Using STP Port Priorities 8-47 Configuring STP Port Priorities and Load Sharing 8-48 Load Sharing Using STP Path Cost 8-50 How the VMPS Works 8-52 Dynamic Port VLAN Membership 8-53 VMPS Database Configuration File 8-54 VMPS Configuration Guidelines 8-56...
Page 14: Cmp
Contents Recovery Procedures 9-13 Recovering from Lost Member Connectivity 9-13 Recovering from a Command Switch Failure 9-14 Replacing a Failed Command Switch with a Cluster Member 9-15 Replacing a Failed Command Switch with Another Switch 9-19 Recovering from a Failed Command Switch Without HSRP 9-22 Recovering from a Lost or Forgotten Password 9-22...
Page 15 This guide provides information about configuring and troubleshooting a switch or switch clusters. This guide also provides information about configuring the Cisco 575 Long-Reach Ethernet (LRE) customer premises equipment (CPE). It includes descriptions of the management interface options and the features supported by the switch software.
Page 16 This guide does not repeat the concepts and CLI procedures provided Note in the standard Cisco IOS Release 12.0 documentation. For switch features that use standard Cisco IOS Release 12.0 commands, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures.
Page 17 CMS windows and procedures for using the CMS windows. Chapter 3, “Getting Started with the CLI,” describes the basics for using the Cisco IOS CLI. Chapter 4, “General Switch Administration,” includes the switch-configuration...
Page 18 Preface Conventions Conventions This guide uses the following conventions to convey instructions and information: Command descriptions use these conventions: • Commands and keywords are in boldface text. Arguments for which you supply values are in italic. • • Square brackets ([ ]) indicate optional elements. Braces ({ }) group required choices, and vertical bars ( | ) separate the •...
Page 19: Related Publications
This product-specific CD contains only the Catalyst 2900 XL and Catalyst 3500 XL switch documents and related hardware documents. This CD is not the same as the Cisco Documentation CD-ROM, which contains the documentation for all Cisco products and is shipped with all Cisco products.
Page 20: Obtaining Documentation
(order number DOC-7811469=) Obtaining Documentation The following sections provide sources for obtaining documentation from Cisco Systems. World Wide Web You can access the most current Cisco documentation on the World Wide Web at the following sites: • http://www.cisco.com http://www-china.cisco.com •...
Page 21: Ordering Documentation
408 526-7208 or, in North America, by calling 800 553-NETS(6387). Documentation Feedback If you are reading Cisco product documentation on the World Wide Web, you can send us your comments by completing the online survey. When you display the document listing for this platform, click Give Us Your Feedback. If you are using the product-specific CD and you are connected to the Internet, click the pencil-and-paper icon in the toolbar to display the survey.
Page 22: Obtaining Technical Assistance
This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco. Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions,...
Page 23 P4—You need information or assistance on Cisco product capabilities, • product installation, or basic product configuration. In each of the above cases, use the Cisco TAC website to quickly find answers to your questions. To register for Cisco.com, go to the following website: http://www.cisco.com/register/...
Page 24 Preface Obtaining Technical Assistance Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide xxiv 78-6511-05...
Page 25: Overview
The Catalyst 2900 XL and Catalyst 3500 XL software supports the switches and modules listed in the Release Notes for the Catalyst 2900 Series XL and Catalyst 3500 Series XL Cisco IOS Release 12.0(5)WC(1). This software also supports the Cisco 575 Long-Reach Ethernet (LRE) customer premises equipment (CPE).
Page 26: Overview
4 Gbps of bandwidth between switches, routers, and servers • Per-port broadcast storm control for preventing faulty end stations from degrading overall system performance with broadcast storms Cisco Group Management Protocol (CGMP) for limiting multicast traffic to specified end stations • and reducing overall network traffic •...
Page 27 Address Resolution Protocol (ARP) for identifying a switch through its IP address and its • corresponding MAC address Cisco Discovery Protocol (CDP) versions 1 and 2 for network topology discovery and mapping • between the switch and other Cisco devices on the network Network Time Protocol (NTP) for providing a consistent timestamp to all switches from an •...
Page 28 Chapter 1 Overview Features Table 1-1 Features (continued) Redundancy HSRP for command switch redundancy • • UniDirectional link detection (UDLD) on all Ethernet ports for detecting and disabling unidirectional links on fiber-optic interfaces caused by incorrect fiber-optic wiring or port faults •...
Page 29 Gigabit ports for prioritizing mission-critical and time-sensitive traffic from data, voice, and telephony applications • Voice VLAN (VVID) for creating subnets for voice traffic from Cisco IP Phones Security Password-protected access (read-only and read-write access) to management interfaces (CMS and •...
Page 30 (POTS) splitters such as the Cisco LRE 48 POTS Splitter (PS-1M-LRE-48). For information about the Cisco 575 LRE CPE, refer to the Cisco 575 LRE CPE Hardware Installation Guide. For information about the nonhomologated Cisco LRE 48 POTS Splitter (PS-1M-LRE-48), refer to the Cisco LRE 48 POTS Splitter Installation Note.
Page 31: Management Options
Chapter 1 Overview Management Options Management Options The Catalyst 2900 XL and Catalyst 3500 XL switches are designed for plug-and-play operation: you only need to assign basic IP information to the switch and connect it to the other devices in your network. If you have specific network needs, you can configure and monitor the switch—on an individual basis or as part of a switch cluster—through its various management interfaces.
Page 32: Advantages Of Using Cms And Clustering Switches
Advantages of Using CMS and Clustering Switches Using CMS and switch clusters can simplify and minimize your configuration and monitoring tasks. You can use Cisco switch clustering technology to manage up to 16 interconnected supported Catalyst switches through one IP address as if they were a single entity.
Page 33 Chapter 1 Overview Management Options • Apply actions from CMS to multiple ports and multiple switches at the same time to avoid re-entering the same commands for each individual port or switch. Here are some examples of globally setting and managing multiple ports and switches: –...
Page 34: Network Configuration Examples
Chapter 1 Overview Network Configuration Examples Network Configuration Examples This section provides network configuration concepts and includes examples of using the switch to create dedicated network segments and interconnecting the segments through Fast Ethernet and Gigabit Ethernet connections. Design Concepts for Using the Switch As your network users compete for network bandwidth, it takes longer to send and receive data.
Page 35: Network Configuration Examples
Chapter 1 Overview Network Configuration Examples Bandwidth alone is not the only consideration when designing your network. As your network traffic profiles evolve, consider providing network services that can support applications such as voice and data integration and security. Table 1-3 describes some network demands and how you can meet those demands.
Page 36 Chapter 1 Overview Network Configuration Examples Figure 1-1 shows three configuration examples for using the Catalyst 2900 XL and Catalyst 3500 XL switches to create the following: • Cost-effective wiring closet—A cost-effective way to connect many users to the wiring closet is to connect up to nine Catalyst 2900 and Catalyst 3500 XL switches through GigaStack GBIC connections.
Page 37 Chapter 1 Overview Network Configuration Examples Figure 1-1 Example Configurations Catalyst 3548 XL switch Catalyst 2900 XL and Catalyst 3500 XL Cost-Effective GigaStack cluster Wiring Closet Catalyst 3508 XL or 4908G-L3 switch High-Performance Workgroup Catalyst 2900 XL and Catalyst 3500 XL cluster Catalyst 4908G-L3 switch Catalyst 4908G-L3 switch 1-Gbps HSRP...
Page 38: Small To Medium-Sized Network Configuration
Chapter 1 Overview Network Configuration Examples Small to Medium-Sized Network Configuration Figure 1-2 shows a configuration for a network that has up to 250 users. Users in this network require e-mail, file-sharing, database, and Internet access. You optimize network performance by placing workstations on the same logical segment as the servers they access most often.
Page 39 Chapter 1 Overview Network Configuration Examples Figure 1-2 Small to Medium-Sized Network Configuration Cisco 2600 router 100 Mbps (200 Mbps full duplex) Gigabit server 1 Gbps (2 Gbps full duplex) Catalyst 2900 XL Gigabit and Catalyst 3500 XL server GigaStack cluster...
Page 40: Collapsed Backbone And Switch Cluster Configuration
This network uses VLANs to segment the network logically into well-defined broadcast groups and for security management. Data and multimedia traffic are configured on the same VLAN. Voice traffic from the Cisco IP Phones are configured on separate VVIDs. You can have up to four VVIDs per wiring closet.
Page 41 Each 10/100 inline-power port on the Catalyst 3524-PWR XL switches provides –48 VDC power to the Cisco IP Phone. The IP phone can receive redundant power when it also is connected to an AC power source. IP phones not connected to the Catalyst 3524-PWR XL switches receive power from an AC power source.
Page 42: Large Campus Configuration
Catalyst 3500 XL switches. The Catalyst 6500 switch provides the workgroups with Gigabit access to core resources: Cisco 7000 series router for access to the WAN and the Internet. • • Server farm that includes a call-processing server running Cisco CallManager software.
Page 43 Catalyst Catalyst 2900 XL and 3500 XL 3524-PWR XL GigaStack cluster GigaStack cluster Cisco IP Phones Cisco IP Phones Workstations running power Cisco SoftPhone software source Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide...
Page 44: Hotel Network Configuration
200 rooms. This network includes a private branch exchange (PBX) switchboard, a router, and high-speed servers. Connected to the telephone line in each hotel room is a Cisco 575 LRE CPE, which provides both telephone and Ethernet connections. A room telephone connects to the CPE phone port.
Page 45 Chapter 1 Overview Network Configuration Examples The Catalyst 2900 LRE XL switches are cascaded through the 10/100 switch ports. Each switch also has a 10/100 connection to an aggregation switch, such as a Catalyst 3524 XL switch. The aggregation switch can connect to Accounting, billing, and provisioning servers.
Page 46 Floor 1 Patch panel Cisco Catalyst 2900 LRE XL switches LRE 48 POTS splitters Servers PSTN Catalyst 2900 XL Cisco 2600 router or Catalyst 3500 XL switch Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 1-22 78-6511-05...
Page 47: Multidwelling Configuration
Chapter 1 Overview Network Configuration Examples Multidwelling Configuration A growing segment of residential and commercial customers are requiring high-speed access to Ethernet metropolitan-area networks (MANs). Figure 1-6 shows a configuration for a Gigabit Ethernet MAN ring using Catalyst 6500 switches as aggregation switches in the mini-point-of-presence (POP) location. These switches are connected through 1000BASE-X GBIC ports.
Page 48: Multidwelling Configuration
Chapter 1 Overview Network Configuration Examples Figure 1-6 Multi-Dwelling Configuration Cisco 12000 Gigabit switch routers Service Provider Catalyst 6500 switches Catalyst 6500 multilayer switches Mini-POP Gigabit MAN Catalyst 2900 XL and Catalyst 3500 XL switches, including Catalyst 2900 LRE XL...
Page 49: Getting Started With Cms
C H A P T E R Getting Started with CMS This chapter describes the following features and interface components of the Cluster Management Suite (CMS) software: • Visual Switch Manager (VSM) and Cluster Manager • Cluster Builder and Cluster View •...
Page 50: Features
Chapter 2 Getting Started with CMS Features Features CMS consists of the following integrated set of Java-based applications for managing switch clusters and individual switches from a standard Web browser such as Netscape Communicator or Microsoft Internet Explorer: Cluster Manager and Visual Switch Manager (VSM)—Cluster Manager is the •...
Page 51: Cluster Manager And Vsm
Chapter 2 Getting Started with CMS Cluster Manager and VSM Cluster Manager and VSM Cluster Manager is the CMS application for configuring the port-, switch-, and cluster-level settings of the switches in a cluster. VSM is the application for configuring switch- and port-level settings for a single switch. To assist in your configuration and monitoring tasks, both applications provide the following features: A display of switch images...
Page 52 Chapter 2 Getting Started with CMS Cluster Manager and VSM Figure 2-1 Visual Switch Manager 10.1.126.45 10.1.126.45 Right-click a port to display the port pop-up menu, and select an option to change port-related settings. Press Ctrl, and then left-click ports to select multiple ports.
Page 53 Chapter 2 Getting Started with CMS Cluster Manager and VSM Figure 2-2 Cluster Manager 10.1.126.45 Cluster tree Select a switch from the cluster Right-click a switch to tree. The color of the switch display the device pop-up icon reflects switch status. menu, and select an option to change system-related settings.
Page 54: Cluster Tree
Chapter 2 Getting Started with CMS Cluster Manager and VSM Cluster Tree The cluster tree appears in the Cluster Manager left frame (Figure 2-2). It displays a list of the switches in a specific cluster. The sequence of the cluster tree icons mirrors the sequence of the switch front-panel images.
Page 55: Switch Images
Chapter 2 Getting Started with CMS Cluster Manager and VSM Switch Images Use the front-panel images for visual switch management from a remote station. The LEDs on these images are updated at user-configurable polling intervals, making them as useful as the LEDs on the actual switches themselves. To change the polling intervals, select System >...
Page 56: Redundant Power System Led
(model PWR600-AC-RPS). Refer to the appropriate switch documentation for RPS descriptions specific for the switch. Table 2-3 Cisco RPS 600 LED on the Catalyst 2900 XL and Catalyst 3500 XL Switches Except the Catalyst 2912 LRE, 2924-LRE, and 3524-PWR XL Switches Color...
Page 57: Port Modes And Leds
Chapter 2 Getting Started with CMS Cluster Manager and VSM Table 2-4 Cisco RPS 300 LED on the Catalyst 2912 LRE, 2924-LRE, and 3524-PWR XL Switches Color RPS Status Black (off) RPS is off or is not installed. Green RPS is connected and operational.
Page 58 Chapter 2 Getting Started with CMS Cluster Manager and VSM Table 2-5 Port Modes Mode LED Description STAT Ethernet link status of the 10/100, 100BASE-FX, or 1000BASE-X switch ports, or the Ethernet link status on the remote CPE. Default mode on all Catalyst 2900 XL and Catalyst 3500 XL switches except the Catalyst 2900 LRE XL switches.
Page 59 Chapter 2 Getting Started with CMS Cluster Manager and VSM Table 2-6, Table 2-7, and Table 2-8 explain how to interpret the port LED colors after you change the port mode. On the modular switches, the 1 or 2 LED is green when a module is installed. Refer to the module documentation for complete information.
Page 60: Lre Link
Green LRE link present on the LRE port. Port LED turns green in approximately 10 seconds after the LRE port detects a connection to a Cisco 575 LRE CPE. Amber LRE port on the switch and WALL port on the Cisco 575 LRE CPE unable to establish the rate defined by the assigned profile.
Page 61 Green Inline power is on. only) If the Cisco IP Phone is receiving power from an AC power source, the port LED is off even if the IP phone is connected to the switch port. The LED turns green only when the switch port is providing power.
Page 62: Menu Bars
Chapter 2 Getting Started with CMS Cluster Manager and VSM Menu Bars The VSM menu bar provides the options for configuring and monitoring a single switch. The Cluster Manager menu bar provides the options for configuring and monitoring a switch or a switch cluster. The menu bars (Figure 2-1 Figure...
Page 63: Menu Bars
Chapter 2 Getting Started with CMS Cluster Manager and VSM Table 2-9 VSM and Cluster Manager Menu Bars Menu Bar Options Task Cluster (VSM-specific) Cluster Command Enable a switch to act as the cluster command switch. Configuration Cluster Management Display Cluster Manager or Cluster Builder. Cluster (Cluster Manager-specific) Management VLAN Change the management VLAN for a cluster.
Page 64 VSM and Cluster Manager Menu Bars (continued) Menu Bar Options Task Device Cisco Group Management Enable and disable the CGMP and the CGMP Fast Leave feature on a Protocol (CGMP) switch. Spanning-Tree Protocol (STP) Display and configure STP parameters for a switch.
Page 65: Toolbar
Chapter 2 Getting Started with CMS Cluster Manager and VSM Toolbar The VSM and Cluster Manager toolbar (Figure 2-4) buttons display some switch- and cluster-level configuration windows. Hover the cursor over a button to display a pop-up description. From left to right on the toolbar, the following windows can be displayed: •...
Page 66: Port Pop-Up Menu
Chapter 2 Getting Started with CMS Cluster Manager and VSM Port Pop-Up Menu You can display all port configuration windows from the Port menu on the menu bar, or you can display a subset of the port configuration windows from the VSM and Cluster Manager port pop-up menu.
Page 67: Device Pop-Up Menu
Save the configuration on one or all of the cluster switches. System Reload Reboot the software on a switch or a cluster. Device Cisco Group Management Enable and disable CGMP and the CGMP Fast Leave feature on a Protocol (CGMP) switch.
Page 68 Chapter 2 Getting Started with CMS Cluster Manager and VSM Table 2-11 VSM and Cluster Manager Device Pop-up Menu (continued) Pop-up Menu Options Task Port Port Configuration Display and configure port parameters on a switch. Port Statistics Display the Ethernet and LRE link statistics. Port Search Search for a port through its description.
Page 69: Cluster View And Cluster Builder
Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Cluster View and Cluster Builder Cluster View (Figure 2-5) and Cluster Builder (Figure 2-6) are the CMS applications for displaying, creating, and modifying switch clusters. To assist in your cluster configuration and monitoring tasks, both applications provide the following features: Cluster View displays a high-level topology where clusters are collapsed and •...
Page 70 Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Figure 2-5 Cluster View Cluster is collapsed to a double-switch icon. Connected cluster. mcluster Status bar shows that Cluster View is displayed. Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 2-22 78-6511-05...
Page 71 Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Figure 2-6 Cluster Builder A switch icon with a crown indicates the command switch. Lines indicate the type of connection between two devices, such as lightning bolts are Gigastack GBIC connections.
Page 72: Topology
Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Topology The topology appears when you launch use Cluster View and Cluster Builder. It displays connected clusters, command switches, cluster members, candidate switches, and edge devices. From the topology, you can: Double-click a cluster icon (double-switch icon) to display cluster members.
Page 73 Chapter 2 Getting Started with CMS Cluster View and Cluster Builder The topology includes device labels, which are the switch cluster names, cluster member names, and MAC addresses (Figure 2-6). Table 2-13 describes the meanings of the label colors. You can toggle device labels by selecting View >...
Page 74: Menu Bar
Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Menu Bar The Cluster View and Cluster Builder menu bar provides the options for configuring and monitoring a switch cluster. Table 2-15 describes the Cluster View and Cluster Builder menu bar options and their function. Table 2-15 Cluster View and Cluster Builder Menu Menu Bar Options Task...
Page 75: Toolbar
Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Table 2-15 Cluster View and Cluster Builder Menu (continued) Menu Bar Options Task Options Save Layout Save the current arrangement in the topology. Save Configuration Save the current configuration of cluster members to Flash memory. Help Contents List all of the available online help topics.
Page 76: Device Pop-Up Menu
Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Figure 2-9 Cluster Builder and Cluster View Toolbar Move the cursor over the icon to display the tool tip. For example, the ? button displays Help Contents. Switch202 Device Pop-Up Menu Table 2-16 describes the menu options available when you right-click an icon in Cluster View.
Page 77: Candidate, Member, And Link Pop-Up Menus
Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Candidate, Member, and Link Pop-Up Menus Table 2-17 describes the menu options available when you right-click a candidate-switch icon in Cluster Builder. Table 2-17 Cluster Builder Candidate Pop-up Menu Menu Option Action Device Web Page Displays the device-management page for the device.
Page 78 Chapter 2 Getting Started with CMS Cluster View and Cluster Builder Table 2-19 describes the menu options available when you right-click a link in Cluster Builder. For more information about displaying link information, refer to the online help. Table 2-19 Cluster Builder Link Pop-up Menu Menu Option Action Link Graph...
Page 79: Cms Window Components
Chapter 2 Getting Started with CMS CMS Window Components CMS Window Components CMS windows use consistent techniques to present configuration information. Figure 2-10 shows the components of a typical CMS window. Figure 2-10 CMS Window Components Click a tab to display more information.
Page 80: Host Name List
Chapter 2 Getting Started with CMS CMS Window Components Host Name List The Host Name drop-down list (also referred to as the Device list) shows a list of cluster member names. To display or change the configuration of a specific switch in a cluster, select the switch name.
Page 81: Buttons
Help > Contents, and click Feedback to display a simple online form. After completing the form, click Submit to send your comments to Cisco. We appreciate and value your comments. Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide...
Page 82 Chapter 2 Getting Started with CMS CMS Window Components Figure 2-11 Help Contents Click Back and Forward to redisplay previously displayed pages. Click Feedback to send us your comments about the online help. Feature help. Enter the first letters of the topic, and click Find.
Page 83: Accessing Cms
Note until you exit the browser session. A password is not required to redisplay these pages, including the Cisco Systems Access page. You can access the CLI by clicking Web Console - HTML access to the command line interface from a cached copy of the Cisco Systems Access page. To prevent unauthorized access to CMS and the CLI, exit your browser to end the browser session.
Page 84: Accessing Cms
Address field (Microsoft Internet Explorer). Step 2 Enter your userid and the password at the prompt. The Cisco Systems Access page appears. Click Cluster Management Suite or Visual Switch Manager. Step 3 If you access CMS from a standalone or cluster member switch, VSM appears. If you access CMS from a command switch, Cluster Builder launches by default.
Page 85: Saving Configuration Changes
Chapter 2 Getting Started with CMS Saving Configuration Changes Saving Configuration Changes The front-panel images and CMS windows always display the running configuration of the switch. When you make a configuration change to a switch or switch cluster, the change becomes part of the running configuration. The change does not automatically become part of the config.txt file in Flash memory, which is the startup configuration used each time the switch restarts.
Page 86: Using Different Versions Of Web-Based Switch Management Software
Chapter 2 Getting Started with CMS Using Different Versions of Web-Based Switch Management Software Using Different Versions of Web-Based Switch Management Software Cluster command switches can manage a mixture of Catalyst desktop switches. However, certain models of the Catalyst desktop switches support different versions of web-based management software;...
Page 87: Getting Started With The Cli
Saving configuration changes • This switch software release is based on Cisco IOS Release 12.0(5). It has been enhanced to support a set of features for the Catalyst 2900 XL and Catalyst 3500 XL switches. This guide provides procedures for using only the commands that have been created or changed for these switches.
Page 88: Chapter 3 Getting Started With The Cli
Chapter 3 Getting Started with the CLI Command Usage Basics Command Usage Basics This section provides the following topics: • Accessing command modes Abbreviating commands • • Using the No and Default forms of commands Redisplaying a command • Getting help •...
Page 89 Chapter 3 Getting Started with the CLI Command Usage Basics Each command mode supports specific Cisco IOS commands. For example, the interface command is used only from global configuration mode. Table 3-1 describes how to access each mode, the prompt you see in that mode, and how to exit the mode.
Page 90: Abbreviating Commands
Chapter 3 Getting Started with the CLI Command Usage Basics Table 3-1 Command Modes Summary (continued) Modes Access Method Prompt Exit Method About This Mode Global Enter the configure To exit to Use this mode to switch(config)# configuration command while in privileged EXEC configure privileged EXEC...
Page 91: Using The No And Default Forms Of Commands
Chapter 3 Getting Started with the CLI Command Usage Basics Using the No and Default Forms of Commands Almost every configuration command has a no form. In general, use the no form • Disable a feature or function. Reset a command to its default values. •...
Page 92 Chapter 3 Getting Started with the CLI Command Usage Basics • abbreviated-command-entry<Tab>—Complete a partial command name. Note No space before tabbing. switch# sh conf<tab> switch# sh configuration • ? — List all commands available for a particular command mode. switch> ? command ?—List of command keywords.
Page 93: Command-Line Error Messages
Chapter 3 Getting Started with the CLI Command-Line Error Messages Command-Line Error Messages Table 3-2 lists some error messages that you might encounter while using the CLI. Table 3-2 Common CLI Error Messages Error Message Meaning How to Get Help You did not enter enough Reenter the command followed by a space % Ambiguous...
Page 94: Accessing The Cli
Chapter 3 Getting Started with the CLI Accessing the CLI Accessing the CLI The following procedure assumes you have already assigned IP information and password to the switch or command switch. You can assign this information to the switch in the following ways: Using the setup program, as described in the release notes •...
Page 95: Accessing The Cli From A Browser
Start one of the supported browsers. In the URL field, enter the IP address of the command switch. Step 2 When the Cisco Systems Access page appears, click Telnet to start a Telnet Step 3 session. You can also access the CLI by clicking Web Console - HTML access to the command line interface from the Cisco Systems Access page.
Page 96: Saving Configuration Changes
Refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference for complete descriptions of the switch commands. Refer to the Cisco IOS Release 12.0 documentation on Cisco.com for information about the standard Cisco IOS Release 12.0 commands.
Page 97: General Switch Administration
• Also refer to the release notes about switch upgrades. For information about the standard Cisco IOS Release 12.0 commands, refer to the Cisco IOS Release 12.0 documentation on Cisco.com. Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide...
Page 98: C H A P T E R 4 General Switch Administration
The switch software is regularly updated with new features and bug fixes, and you might want to upgrade your Catalyst 2900 XL and Catalyst 3500 XL with the latest software release. New software releases are posted on Cisco.com on the World Wide Web and are available through authorized resellers. Cisco also supplies a TFTP server that you can download from Cisco.com.
Page 99: Console Port Access
Chapter 4 General Switch Administration Console Port Access Console Port Access The switch console port provides switch access to a directly-attached terminal or PC or to a remote terminal or PC through a serial connection and a modem. For information about connecting to the switch console port, refer to the switch hardware installation guide.
Page 100: Telnet Access To The Cli
Chapter 4 General Switch Administration Telnet Access to the CLI Telnet Access to the CLI The following procedure assumes you have assigned IP information and a Telnet password to the switch or command switch, as described in the release notes. Information about accessing the CLI through a Telnet session is provided in the “Accessing the CLI”...
Page 101: Http Access To Cms
CMS • Installing the required Java plug-in Configuring your web browser • Displaying the Cisco Systems Access page • You can also refer to the “Accessing CMS” section on page 2-35. For information about connecting to a switch port, refer to the switch hardware installation guide.
Page 102: Snmp Network Management Platforms
Chapter 4 General Switch Administration SNMP Network Management Platforms SNMP Network Management Platforms You can manage switches by using an Simple Network Management Protocol (SNMP)-compatible management station running such platforms as HP OpenView or SunNet Manager. CiscoWorks2000 and CiscoView 5.0 are network-management applications you can use to configure, monitor, and troubleshoot Catalyst 2900 XL and Catalyst 3500 XL switches.
Page 103: Using Ftp To Access The Mib Files
General Switch Administration SNMP Network Management Platforms Using FTP to Access the MIB Files You can obtain each MIB file with the following procedure: Use FTP to access the server ftp.cisco.com. Step 1 Log in with the username anonymous. Step 2 Enter your e-mail username when prompted for the password.
Page 104 Chapter 4 General Switch Administration SNMP Network Management Platforms An example of an NMS is the CiscoWorks network management software. CiscoWorks2000 software uses the switch MIB variables to set device variables and to poll devices on the network for specific information. The results of a poll can be displayed as a graph and analyzed to troubleshoot internetworking problems, increase network performance, verify the configuration of devices, monitor traffic loads, and more.
Page 105: Default Settings
Chapter 4 General Switch Administration Default Settings Default Settings The switch is designed for plug-and-play operation, requiring only that you assign basic IP information to the switch and connect it to the other devices in your network. For information about assigning basic IP information to the switch, see “Basic IP Connectivity to the Switch”...
Page 106: Management Vlan
Switch IP address, 0.0.0.0 “Changing IP Information” section Cluster Manager subnet mask, and on page 6-2. System > IP default gateway Documentation set for Cisco IOS Management Release 12.0 on Cisco.com. Dynamic Host DHCP “Using DHCP-Based – Configuration Protocol client is Autoconfiguration”...
Page 107 Enabled “Managing the ARP Table” section Cluster Manager Protocol (ARP) on page 6-45. System > ARP Table Documentation set for Cisco IOS Release 12.0 on Cisco.com. System Time None “Setting the System Date and Time” Cluster Manager Management section on page 6-17.
Page 108 Chapter 4 General Switch Administration Default Settings Table 4-2 Default Settings and Where To Change Them (continued) Default Feature Setting Concepts and CLI Procedures CMS Option Performance Configuring a port None Chapter 7, “Configuring the Switch Cluster Manager Ports.” Port > Port Configuration and Device >...
Page 109: Network Port
7-6. Port > Flooding Control packets Cisco Group Enabled “Controlling IP Multicast Packets Cluster Manager Management Protocol through CGMP” section on Device > Cisco Group (CGMP) page 6-46. Management Protocol (CGMP) Multicast VLAN Disabled “Configuring MVR” section on –...
Page 110: Passwords
7-16. Port > Switch Port monitoring Analyzer (SPAN) Console, buffer, and Disabled – – file logging Documentation set for Cisco IOS Release 12.0 on Cisco.com. Remote monitoring Disabled “SNMP Network Management – (RMON) Platforms” section on page 4-6. Documentation set for Cisco IOS Release 12.0 on Cisco.com.
Page 111: Snmp Community Strings
Cluster Manager on page 5-10 “Entering System > SNMP Community Strings” section on Configuration page 6-19. Documentation set for Cisco IOS Release 12.0 on Cisco.com. Port security Disabled “Enabling Port Security” section on Cluster Manager page 7-14. Security > Port Security...
Page 112 Chapter 4 General Switch Administration Default Settings Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 4-16 78-6511-05...
Page 113: Clustering Switches
C H A P T E R Clustering Switches This chapter provides the following topics to help you get started with switch clustering: • Switch cluster overview • Planning a switch cluster • Creating a switch cluster Verifying a switch cluster •...
Page 114: Chapter 5 Clustering Switche
It is running Cisco IOS Release 12.0(5)XP or later. • It has an IP address. • It has Cisco Discovery Protocol (CDP) version 2 enabled (the default). • It is not a command or member switch of another cluster. •...
Page 115: Standby Command Switch Characteristics
There is no limit to the number of switches you assign to a standby group. To be eligible for a standby group, a switch must meet the following requirements: It is running Cisco IOS Release 12.0(5)XP or later. • •...
Page 116: Planning A Switch Cluster
Automatic Discovery of Cluster Candidates The switch uses Cisco Discovery Protocol (CDP) to discover and display candidate switches that can be added to a cluster. By using CDP, a switch can automatically discover switches in star or cascaded topologies that are up to three cluster-enabled devices away from the edge of the cluster.
Page 117: Standby Command Switches
Chapter 5 Clustering Switches Planning a Switch Cluster Standby Command Switches Because a command switch manages the forwarding of all communication and configuration information to all the cluster members, we strongly recommend that you configure a standby command switch to take over if the command switch fails.
Page 118 Chapter 5 Clustering Switches Planning a Switch Cluster Figure 5-1 A Cluster with a Standby Command Switch Command switch Standby command switch Cluster Management Suite HTTP 1900/2820 Catalyst 2900 and 3500 XL member switches member switches Figure 5-2 shows a network cabled to allow the standby switch to maintain management contact with the member switches if the cluster command switch fails.
Page 119 Chapter 5 Clustering Switches Planning a Switch Cluster To ensure that the standby command switch can take over the cluster if the primary command switch fails, the primary command switch continually forwards cluster configuration information to the standby command switch. Note The command switch forwards cluster configuration information to the standby switch but not device-configuration information.
Page 120: Ip Addresses
Chapter 5 Clustering Switches Planning a Switch Cluster IP Addresses Clustering switches conserves IP addresses if you have a limited number of them. If you plan to create switch clusters, you must assign IP information to a command switch. Through the command-switch IP address, you can manage and monitor up to 16 switches.
Page 121 Copies of the CMS pages you display are saved in your browser memory cache until you exit the browser session. A password is not required to redisplay these pages, including the Cisco Systems Access page. You can access the CLI by clicking Web Console - HTML access to the command line interface from a cached copy of the Cisco Systems Access page.
Page 122: Host Names
Chapter 5 Clustering Switches Planning a Switch Cluster Host Names You do not need to assign a host name to either a command switch or an eligible cluster member. However, a host name assigned to the command switch can help to more easily identify the switch cluster.
Page 123: Management Vlan
If your cluster includes members that are running a software release earlier than Cisco IOS Release 12.0(5)XP, you cannot change the management VLAN of the cluster. If your cluster includes member switches that are running Cisco IOS Release 12.0(5)XP, those members need to have the VLAN changed before using the Management VLAN window.
Page 124: Network Port
Chapter 5 Clustering Switches Planning a Switch Cluster You can change the management VLAN through a console connection without Caution interrupting the console connection. However, changing the management VLAN ends your CMS session. Restart your CMS session by entering the new IP address in the browser Location field (Netscape Communicator) or Address field (Microsoft Internet Explorer), as described in the release notes.
Page 125: Lre Profiles
Chapter 5 Clustering Switches Creating a Switch Cluster LRE Profiles A configuration conflict occurs if a switch cluster has LRE switches using both private and public profiles. If one LRE switch in a cluster is assigned a public profile, all LRE switches in that cluster must have that same public profile. Before you add an LRE switch to a cluster, make sure that you assign it the same public profile used by other LRE switches in the cluster.
Page 126: Designating And Enabling A Command Switch
Chapter 5 Clustering Switches Creating a Switch Cluster This section provides procedures for enabling a command switch and building a cluster. For procedures on connecting switches together, refer to the switch hardware installation guide. For procedures on assigning basic information to the command switch, refer to the release notes.
Page 127 Chapter 5 Clustering Switches Creating a Switch Cluster From the Cluster Builder topology, you can also add a candidate switch to a cluster. Display Cluster Builder, right-click the candidate icon, and from the pop-up menu, select Add to Cluster (Figure 5-4).
Page 128 Chapter 5 Clustering Switches Creating a Switch Cluster Figure 5-4 Cluster Builder Right-click a member switch to display the device pop-up menu, and select an option to display the Switch Manager, display switch information, or remove the switch from the cluster. Thin line indicates a connection to a candidate switch.
Page 129: Designating And Enabling Standby Command Switches
Chapter 5 Clustering Switches Creating a Switch Cluster Designating and Enabling Standby Command Switches To create a standby group, display Cluster Manager, and select Cluster > Standby Command Configuration to display the Standby Command Configuration window (Figure 5-5). Eligible switches are listed in the Candidates list according to an eligibility ranking.
Page 130 Chapter 5 Clustering Switches Creating a Switch Cluster Figure 5-5 Standby Command Configuration Switch205 nms-lab1 (CC) Active command Switch202.cisco.com Switch201 switch is at the top. Switch207 Standby command switches are listed below the active command switch. Must be valid IP...
Page 131: Verifying A Switch Cluster
Chapter 5 Clustering Switches Verifying a Switch Cluster Verifying a Switch Cluster You can display the switch cluster you have built by • Displaying an inventory of the switches in the cluster. Displaying the topology of the switch cluster and viewing link information. •...
Page 132: Displaying Link Information
Chapter 5 Clustering Switches Verifying a Switch Cluster Figure 5-6 Inventory Select column borders to widen column. IP addresses of cluster members. Software versions for cluster members. Displaying Link Information You can see how the cluster members are interconnected from Cluster Builder. It shows how the switches are connected and the type of connection between each device.
Page 133: Using The Cli To Manage Switch Clusters
Chapter 5 Clustering Switches Using the CLI to Manage Switch Clusters Using the CLI to Manage Switch Clusters You can configure member switches from the CLI by first logging in to the command switch. Enter the rcommand user EXEC command and the member switch number to start a Telnet session (through a console or Telnet connection) and to access the member switch CLI.
Page 134: Using Snmp To Manage Switch Clusters
Chapter 5 Clustering Switches Using SNMP to Manage Switch Clusters Using SNMP to Manage Switch Clusters You must enable SNMP for the Cluster Management reporting and graphing features to function properly. When you first power on the switch, SNMP is enabled if you enter the IP information by using the setup program and accept its proposed configuration.
Page 135 Chapter 5 Clustering Switches Using SNMP to Manage Switch Clusters Figure 5-7 SNMP Management for a Cluster SNMP Manager Command switch Trap 1, Trap 2, Trap 3 Member 1 Member 2 Member 3 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 5-23 78-6511-05...
Page 136 Chapter 5 Clustering Switches Using SNMP to Manage Switch Clusters Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 5-24 78-6511-05...
Page 137: Configuring The System
This chapter does not repeat the concepts and CLI procedures provided in the standard Cisco IOS Release 12.0 documentation. For switch features that use standard Cisco IOS Release 12.0 commands, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures.
Page 138: Changing Ip Information
Chapter 6 Configuring the System Changing IP Information Changing IP Information You can assign and change the IP information of your switch in the following ways: Using the setup program, as described in the release notes • • Manually assigning an IP address, as described in this section Using Dynamic Host Configuration Protocol (DHCP)-based •...
Page 139: Chapter 6 Configuring The System
Chapter 6 Configuring the System Changing IP Information Beginning in privileged EXEC mode, follow these steps to enter the IP information: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface vlan 1 Enter interface configuration mode, and enter the VLAN to which the IP information is assigned.
Page 140: Using Dhcp-Based Autoconfiguration
Chapter 6 Configuring the System Changing IP Information Using DHCP-Based Autoconfiguration The Dynamic Host Configuration Protocol (DHCP) provides configuration information to Internet hosts and internetworking devices. With DHCP-based autoconfiguration, your switch (DHCP client) can be automatically configured during bootup with IP address information and a configuration file that it receives during DHCP-based autoconfiguration.
Page 141: Dhcp Client Request Process
Chapter 6 Configuring the System Changing IP Information DHCP Client Request Process When you boot your switch, the DHCP client can be invoked and automatically request configuration information from a DHCP server under the following conditions: The configuration file is not present on the switch. •...
Page 142: Configuring The Dhcp Server
Chapter 6 Configuring the System Changing IP Information If the configuration parameters sent to the client in the DHCPOFFER unicast message by the DHCP server are invalid (a configuration error exists), the client returns a DHCPDECLINE broadcast message to the DHCP server. The DHCP server sends the client a DHCPNAK denial broadcast message, which means the offered configuration parameters have not been assigned, an error has occurred during the negotiation of the parameters, or the client has been slow in...
Page 143: Configuring The Tftp Server
6-9. You must also set up the TFTP server with the switch configuration files; for more information, see the next section. For CLI procedures, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures.
Page 144: Configuring The Domain Name And The Dns
Domain names are pieced together with periods (.) as the delimiting characters. For example, Cisco Systems is a commercial organization that IP identifies by a com domain name, so its domain name is cisco.com. A specific device in this domain, the File Transfer Protocol (FTP) system for example, is identified as ftp.cisco.com.
Page 145: Configuring The Relay Device
DNS, and TFTP servers and that broadcasts from the servers can reach the DHCP client. If the relay device is a Cisco router, you enable IP routing (ip routing global configuration command) and configure it with helper addresses by using the ip helper-address interface configuration command.
Page 146: Obtaining Configuration Files
DHCP server TFTP server DNS server For CLI procedures, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures. Obtaining Configuration Files Depending on the availability of the IP address and the configuration filename in...
Page 147 Chapter 6 Configuring the System Changing IP Information • Only the IP address is reserved for the switch and provided in the DHCP reply. The configuration filename is not provided (two-file read method). The switch receives its IP address and subnet mask from the DHCP server. It also receives a DNS server IP address and a TFTP server name.
Page 148: Example Configuration
Figure 6-3 DHCP-Based Autoconfiguration Network Example Switch 1 Switch 2 Switch 3 Switch 4 00e0.9f1e.2001 00e0.9f1e.2002 00e0.9f1e.2003 00e0.9f1e.2004 Cisco router 10.0.0.10 10.0.0.1 10.0.0.2 10.0.0.3 DHCP server DNS server TFTP server (maritsu) Table 6-1 shows the configuration of the reserved leases on the DHCP server.
Page 149 Chapter 6 Configuring the System Changing IP Information Table 6-1 DHCP Server Configuration Switch-1 Switch-2 Switch-3 Switch-4 Binding key 00e0.9f1e.2001 00e0.9f1e.2002 00e0.9f1e.2003 00e0.9f1e.2004 (hardware address) IP address 10.0.0.21 10.0.0.22 10.0.0.23 10.0.0.24 Subnet mask 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 Router address 10.0.0.10 10.0.0.10 10.0.0.10 10.0.0.10...
Page 150 Chapter 6 Configuring the System Changing IP Information DHCP Client Configuration No configuration file is present on Switch 1 through Switch 4. Configuration Explanation Figure 6-3, Switch 1 reads its configuration file as follows: It obtains its IP address 10.0.0.21 from the DHCP server. •...
Page 151: Changing The Password
Chapter 6 Configuring the System Changing the Password Changing the Password You can assign the password of your switch in the following ways: • Using the setup program, as described in the release notes Manually assigning a password, as described in this section •...
Page 152 “Recovering from a Lost or Forgotten Password” section on page 9-22. For CLI procedures, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures. Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide...
Page 153: Setting The System Date And Time
You can configure the switch to change to daylight saving time on a particular day every year, on a day that you enter, or not at all. For CLI procedures, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures.
Page 154: Enabling Ntp Authentication
SNMP is always enabled for Catalyst 1900 and Catalyst 2820 switches. For CLI procedures, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures. Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide...
Page 155: Entering Community Strings
Read-write (RW)—Requests accompanied by the string can display MIB-object information and set MIB objects. For CLI procedures, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures. Adding Trap Managers A trap manager is a management station that receives and processes traps. When you configure a trap manager, the community strings for each member switch must be unique.
Page 156 Chapter 6 Configuring the System Configuring SNMP Catalyst 1900 and Catalyst 2820 switches support up to four trap managers. When you configure community strings for these switches, limit the string length to 32 characters. When configuring traps on these switches, you cannot configure individual trap managers to receive specific traps.
Page 157 Chapter 6 Configuring the System Configuring SNMP Beginning in privileged EXEC mode, follow these steps to add a trap manager and a community string: Command Purpose Step 1 config terminal Enter global configuration mode. Step 2 snmp-server host Enter the trap manager IP address, the community string, 172.2.128.263 traps1 snmp and the traps to generate.
Page 158: Configuring Cdp
Configuring the System Configuring CDP Configuring CDP Use the Cisco IOS CLI and Cisco Discovery Protocol (CDP) to enable CDP for the switch, set global CDP parameters, and display information about neighboring Cisco devices. CDP enables the Cluster Management Suite to display a graphical view of the network.
Page 159 Chapter 6 Configuring the System Configuring CDP Figure 6-4 Discovering Cluster Candidates through CDP Undisclosed device displays as edge device Cluster command switch Catalyst 5000 series (CDP device 3 hops from Up to 7 hops that does not command switch from command switch support clustering) Beginning in privileged EXEC mode, follow these steps to configure the number...
Page 160: Configuring Stp
Chapter 6 Configuring the System Configuring STP Configuring STP Spanning Tree Protocol (STP) provides path redundancy while preventing undesirable loops in the network. Only one active path can exist between any two stations. STP calculates the best loop-free path throughout the network. Supported STP Instances You create an STP instance when you assign an interface to a VLAN.
Page 161: Using Stp To Support Redundant Connectivity
Chapter 6 Configuring the System Configuring STP switches in the VLAN; however, if you are running STP only on a minimal set of switches, an incautious change to the network that introduces another loop into the VLAN can result in a broadcast storm. If you have the default allowed list on the trunk ports of that switch, the new Note VLAN is carried on all trunk ports.
Page 162: Accelerating Aging To Retain Connectivity
Chapter 6 Configuring the System Configuring STP Beginning in privileged EXEC mode, follow these steps to disable STP: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 no spanning-tree vlan stp-list Disable STP on a VLAN. Step 3 Return to privileged EXEC mode.
Page 163 (IEEE) for Option 1 for Option 2 for Option 3 Hello Time Max Age Forwarding delay Figure 6-5 Gigabit Ethernet Clusters Catalyst 2900 Cisco 7000 and 3500 XL Catalyst 5000 series router switches switch Layer 3 Catalyst Catalyst Catalyst backbone...
Page 164: Configuring Redundant Links By Using Stp Uplinkfast
STP topology converges more slowly after a loss of connectivity. STP UplinkFast is a Cisco enhancement that accelerates the choice of a new root port when a link or switch fails or when STP reconfigures itself. The root port transitions to the forwarding state immediately without going through the listening and learning states, as it would with normal STP procedures.
Page 165 Chapter 6 Configuring the System Configuring STP Figure 6-6 Switches in a Hierarchical Network Backbone switches Root bridge 3500 XL 3500 XL Distribution switches 2900 XL 2900 XL 2900 XL 2900 XL 2900 XL 2900 XL 2900 XL Access switches Active link Blocked link Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide...
Page 166: Enabling Stp Uplinkfast
Chapter 6 Configuring the System Configuring STP Enabling STP UplinkFast When you enable UplinkFast, it is enabled for the entire switch and cannot be enabled for individual VLANs. Beginning in privileged EXEC mode, follow these steps to configure UplinkFast: Command Purpose Step 1 configure terminal...
Page 167: Configuring Cross-Stack Uplinkfast
Chapter 6 Configuring the System Configuring STP Configuring Cross-Stack UplinkFast Cross-stack UplinkFast (CSUF) provides a fast spanning-tree transition (fast convergence in less than 2 seconds under normal network conditions) across a stack of switches that use the GigaStack GBICs connected in a shared cascaded configuration (multidrop backbone).
Page 168 Chapter 6 Configuring the System Configuring STP Figure 6-7 Cross-Stack UplinkFast Topology Backbone Spanning tree root Link A Link B Link C (Root link) (Alternate (Alternate redundant redundant link) link) 100 or 1000 Mbps 100 or 1000 Mbps 100 or 1000 Mbps Alternate stack Alternate stack Stack root port...
Page 169: Events That Cause Fast Convergence
Chapter 6 Configuring the System Configuring STP The switch sending the fast-transition request needs to do a fast transition to the forwarding state of a port that it has chosen as the root port, and it must obtain an acknowledgement from each stack switch before performing the fast transition. Each switch in the stack determines if the sending switch is a better choice than itself to be the stack root of this STP instance by comparing STP root, cost, and bridge ID.
Page 170 Chapter 6 Configuring the System Configuring STP • A network reconfiguration causes a new port on the current stack root switch to be chosen as the stack root port. The fast transition might not occur if multiple events occur simultaneously. Note For example, if a stack member switch is powered down, and at the same time, a link connecting the stack root to the STP root comes back up, the normal STP...
Page 171: Limitations
Chapter 6 Configuring the System Configuring STP Limitations The following limitations apply to CSUF: CSUF uses the Gigastack GBIC and runs on all Catalyst 3500 XL switches • but only on modular Catalyst 2900 XL switches. Up to nine stack switches can be connected through their stack ports to the •...
Page 172 Chapter 6 Configuring the System Configuring STP Figure 6-8 GigaStack GBIC Connections and STP Convergence GigaStack GBIC connection for fast convergence Catalyst 3524 XL Catalyst 3508G XL Catalyst 3500 Catalyst 3500 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Catalyst 2924M XL...
Page 173: Configuring Cross-Stack Uplinkfast
Chapter 6 Configuring the System Configuring STP Configuring Cross-Stack UplinkFast Before enabling CSUF, make sure your stack switches are properly connected. For more information, see the “Connecting the Stack Ports” section on page 6-35. Beginning in privileged EXEC mode, follow these steps to enable CSUF: Command Purpose Step 1...
Page 174: Changing The Stp Parameters For A Vlan
Chapter 6 Configuring the System Configuring STP Changing the STP Parameters for a VLAN The root switch for each VLAN is the switch with the highest priority and transmits topology frames to other switches in the spanning tree. You can change the root parameters for the VLANs on a selected switch.
Page 175: Changing The Stp Implementation
Chapter 6 Configuring the System Configuring STP Changing the STP Implementation Beginning in privileged EXEC mode, follow these steps to change the STP implementation. The stp-list is the list of VLANs to which the STP command applies. Command Purpose Step 1 configure terminal Enter global configuration mode.
Page 176: Changing The Bpdu Message Interval
Chapter 6 Configuring the System Configuring STP Changing the BPDU Message Interval Beginning in privileged EXEC mode, follow these steps to change the BPDU message interval (max age time). The stp-list is the list of VLANs to which the STP command applies. Command Purpose Step 1...
Page 177: Changing The Forwarding Delay Time
Chapter 6 Configuring the System Configuring STP Changing the Forwarding Delay Time Beginning in privileged EXEC mode, follow these steps to change the forwarding delay time. The stp-list is the list of VLANs to which the STP command applies. Command Purpose Step 1 configure terminal...
Page 178: Enabling The Port Fast Feature
Chapter 6 Configuring the System Configuring STP Enabling the Port Fast Feature The Port Fast feature brings a port directly from a blocking state into a forwarding state. This feature is useful when a connected server or workstation times out because its port is going through the normal cycle of STP status changes.
Page 179: Changing The Path Cost
Chapter 6 Configuring the System Configuring STP Changing the Path Cost Beginning in privileged EXEC mode, follow these steps to change the path cost for STP calculations. The STP command applies to the stp-list. Command Purpose Step 1 configure terminal Enter global configuration mode.
Page 180: Configuring Stp Root Guard
Chapter 6 Configuring the System Configuring STP Configuring STP Root Guard The Layer 2 network of a service provider (SP) can include many connections to switches that are not owned by the SP. In such a topology, STP can reconfigure itself and select a customer switch as the STP root switch, as shown in Figure 6-9.
Page 181: Managing The Arp Table
Chapter 6 Configuring the System Managing the ARP Table Root guard enabled on a port applies to all the VLANs that the port belongs to. Each VLAN has its own instance of STP. Beginning in privileged EXEC mode, follow these steps to set root guard on a port: Command Purpose...
Page 182: Controlling Ip Multicast Packets Through Cgmp
Chapter 6 Configuring the System Controlling IP Multicast Packets through CGMP For CLI procedures, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures. Controlling IP Multicast Packets through CGMP CGMP reduces the unnecessary flooding of IP multicast packets by limiting the transmission of these packets to CGMP clients that request them.
Page 183: Enabling The Fast Leave Feature
Chapter 6 Configuring the System Controlling IP Multicast Packets through CGMP Enabling the Fast Leave Feature The CGMP Fast Leave feature reduces the delay when group members leave groups. When an end station requests to leave a CGMP group, the group remains enabled for that VLAN until all members have requested to leave.
Page 184: Changing The Cgmp Router Hold-Time
Chapter 6 Configuring the System Controlling IP Multicast Packets through CGMP Changing the CGMP Router Hold-Time The router hold-time is the number of seconds the switch waits before removing (aging) a router entry and ceasing to exchange messages with the router. If it is the last router entry in a VLAN, all CGMP groups on that VLAN are removed.
Page 185: Configuring Mvr
Chapter 6 Configuring the System Configuring MVR Configuring MVR Multicast VLAN Registration (MVR) is designed for applications using wide-scale deployment of multicast traffic (for example, broadcast of multiple television channels) across an Ethernet ring-based service provider network. MVR allows a subscriber on a port to subscribe and unsubscribe to a multicast stream on the network-wide multicast VLAN.
Page 186 VLAN still subscribing to this group, that set-top box must respond within the maximum response time. If the CPU does not receive a response, it eliminates the receiver port as a forwarding destination for this group. Figure 6-10 Multicast VLAN Registration Example Cisco router Multicast Catalyst server...
Page 187: Configuration Guidelines And Limitations
Chapter 6 Configuring the System Configuring MVR MVR eliminates the need to duplicate television-channel multicast traffic for subscribers in each VLAN. Multicast traffic for all channels is sent only once around the VLAN trunk—only on the multicast VLAN. Although the IGMP leave and join messages originate with a subscriber, they appear to be initiated by a port in the multicast VLAN rather than in the VLAN to which the subscriber port is assigned.
Page 188 Chapter 6 Configuring the System Configuring MVR The maximum number of mvr entries is determined by the switch hardware. Each MVR group represents a TV channel. Enter the mvr command to enable MVR. You do not need to reconfigure the MVR groups. The switch uses the MVR groups when you re-enable MVR.
Page 189: Setting Mvr Parameters
Chapter 6 Configuring the System Configuring MVR Setting MVR Parameters You do not need to set MVR parameters if you choose to use the default settings. If you do want to change the default parameters, you must do so before enabling MVR.
Page 190: Configuring Mvr
Chapter 6 Configuring the System Configuring MVR Configuring MVR Beginning in privileged EXEC mode, follow these steps to configure MVR: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 Enable MVR on the switch. Step 3 mvr group ip-address [count] Configure an IP multicast address on the switch or use the count parameter to configure a contiguous series of IP addresses.
Page 191 Chapter 6 Configuring the System Configuring MVR Command Purpose Step 6 mvr immediate (Optional) Enables the Immediate Leave feature of MVR on the port. Note This command applies only to receiver ports and should only be enabled on receiver ports to which a single receiver device is connected.
Page 192: Managing The Mac Address Tables
Chapter 6 Configuring the System Managing the MAC Address Tables Managing the MAC Address Tables You can manage the MAC address tables that the switch uses to forward traffic between ports. All MAC addresses in the address tables are associated with one or more ports.
Page 193: Changing The Address Aging Time
Chapter 6 Configuring the System Managing the MAC Address Tables Changing the Address Aging Time Dynamic addresses are source MAC addresses that the switch learns and then drops when they are not in use. The aging time parameter defines how long the switch retains unseen addresses in the table.
Page 194: Removing Dynamic Address Entries
Chapter 6 Configuring the System Managing the MAC Address Tables Removing Dynamic Address Entries Beginning in privileged EXEC mode, follow these steps to remove a dynamic address entry: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 no mac-address-table dynamic Enter the MAC address to be removed from dynamic MAC hw-addr...
Page 195: Removing Secure Addresses
Chapter 6 Configuring the System Managing the MAC Address Tables Removing Secure Addresses Beginning in privileged EXEC mode, follow these steps to remove a secure address: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 no mac-address-table secure Enter the secure MAC address, its associated port, and the hw-addr vlan vlan-id VLAN ID to be removed.
Page 196: Removing Static Addresses
Chapter 6 Configuring the System Managing the MAC Address Tables If the in-port-list and out-port-list parameters are all access ports in a single Note VLAN, you can omit the VLAN ID. In this case, the switch recognizes the VLAN as that associated with the in-port VLAN. Otherwise, you must supply the VLAN ID.
Page 197: Configuring Static Addresses For Etherchannel Port Groups
[AAA]) from a server. This section describes how TACACS+ works and how you can configure it. For complete syntax and usage information for the commands described in this chapter, refer to the Cisco IOS Release 12.0 Security Command Reference.
Page 198: Configuring The Tacacs+ Server Host
Chapter 6 Configuring the System Configuring TACACS+ The TACACS+ feature is disabled by default. However, you can enable and configure it by using the CLI. You can access the CLI through the console port or through Telnet. To prevent a lapse in security, you cannot configure TACACS+ through a network-management application.
Page 199 Chapter 6 Configuring the System Configuring TACACS+ Beginning in privileged EXEC mode, follow these steps to configure the TACACS+ server: Command Purpose Step 1 tacacs-server host name Define a TACACS+ host. [timeout integer] [key string] Entering the timeout and key parameters with this command overrides the global values that you can enter with the tacacs-server timeout (Step 3) and the tacacs-server key commands (Step 5).
Page 200: Configuring Login Authentication
Chapter 6 Configuring the System Configuring TACACS+ Configuring Login Authentication Beginning in privileged EXEC mode, follow these steps to configure login authentication by using AAA/TACACS+: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 aaa new-model Enable AAA/TACACS+. Step 3 aaa authentication login Enable authentication at login, and create one or more lists...
Page 201: Specifying Tacacs+ Authorization For Exec Access And Network Services
Network Services You can use the aaa authorization global configuration command with the tacacs+ keyword to set parameters that restrict a user’s network access to Cisco IOS privilege mode (EXEC access) and to network services such as Serial Line Internet Protocol (SLIP), Point-to-Point Protocol (PPP) with Network Control Protocols (NCPs), and AppleTalk Remote Access (ARA).
Page 202: Starting Tacacs+ Accounting
Return to privileged EXEC mode. Starting TACACS+ Accounting You use the aaa accounting command with the tacacs+ keyword to turn on TACACS+ accounting for each Cisco IOS privilege level and for network services. Beginning in privileged EXEC mode, follow these steps to enable TACACS+...
Page 203: Configuring A Switch For Local Aaa
Chapter 6 Configuring the System Configuring TACACS+ Configuring a Switch for Local AAA You can configure AAA to operate without a server by setting the switch to implement AAA in local mode. The switch then verifies authentication and authorization. No accounting is available in this configuration. Beginning in privileged EXEC mode, follow these steps to configure the switch for local AAA: Command...
Page 204 Chapter 6 Configuring the System Configuring TACACS+ Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 6-68 78-6511-05...
Page 205: Configuring The Switch Ports
This chapter does not repeat the concepts and CLI procedures provided in the standard Cisco IOS Release 12.0 documentation. For switch features that use standard Cisco IOS Release 12.0 commands, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures.
Page 206: Chapter 7 Configuring The Switch Port
Chapter 7 Configuring the Switch Ports Changing the Port Speed and Duplex Mode Changing the Port Speed and Duplex Mode If you reconfigure the port through which you are managing the switch, a Caution Spanning Tree Protocol (STP) reconfiguration could cause a temporary loss of connectivity.
Page 207: Setting Speed And Duplex Parameters
Chapter 7 Configuring the Switch Ports Changing the Port Speed and Duplex Mode Setting Speed and Duplex Parameters Beginning in privileged EXEC mode, follow these steps to set the speed and duplex parameters on a port: Command Purpose Step 1 configure terminal Enter global configuration mode.
Page 208: Configuring Flooding Controls
Chapter 7 Configuring the Switch Ports Configuring Flooding Controls Configuring Flooding Controls You can use the following flooding techniques to block the forwarding of unnecessary flooded traffic: Enable storm control for unicast, multicast, or broadcast packets • • Block the forwarding of unicast and broadcast packets on a per-port basis Flood all unknown packets to a network port (configured only by using CLI) •...
Page 209: Disabling Storm Control
Chapter 7 Configuring the Switch Ports Configuring Flooding Controls With the exception of the broadcast keyword, the following procedure could also be used to enable storm control for unicast or multicast packets. Beginning in privileged EXEC mode, follow these steps to enable broadcast-storm control.
Page 210: Blocking Flooded Traffic On A Port
Chapter 7 Configuring the Switch Ports Configuring Flooding Controls Blocking Flooded Traffic on a Port By default, the switch floods packets with unknown destination MAC addresses to all ports. Some configurations do not require flooding. For example, a port that has only manually assigned addresses has no unknown destinations, and flooding serves no purpose.
Page 211: Resuming Normal Forwarding On A Port
Chapter 7 Configuring the Switch Ports Configuring Flooding Controls Resuming Normal Forwarding on a Port Beginning in privileged EXEC mode, follow these steps to resume normal forwarding on a port: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface Enter interface configuration mode, and enter the port to...
Page 212: Disabling A Network Port
Chapter 7 Configuring the Switch Ports Configuring Flooding Controls Beginning in privileged EXEC mode, follow these steps to define a network port: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface Enter interface configuration mode, and enter the port to be configured.
Page 213: Configuring Unidirectional Link Detection
Chapter 7 Configuring the Switch Ports Configuring UniDirectional Link Detection Configuring UniDirectional Link Detection UniDirectional Link Detection (UDLD) is a Layer 2 protocol that detects and shuts down unidirectional links. You can configure UDLD on the entire switch or on an individual port.
Page 214: Creating Etherchannel Port Groups
Chapter 7 Configuring the Switch Ports Creating EtherChannel Port Groups Creating EtherChannel Port Groups Fast EtherChannel (FEC) and Gigabit EtherChannel port groups act as single, logical ports for high-bandwidth connections between switches or between switches and servers. Note You can create port groups of either Gigabit Ethernet ports or 100BASE-TX ports, but you cannot create a port group that has both port speeds.
Page 215: Port Group Restrictions On Static-Address Forwarding
FEC port group Catalyst 2900 XL Cisco router or Catalyst 3500 XL switch The switch treats the port group as a single logical port; therefore, when you create a port group, the switch uses the configuration of the first port for all ports added to the group.
Page 216: Creating Etherchannel Port Groups
Chapter 7 Configuring the Switch Ports Creating EtherChannel Port Groups Creating EtherChannel Port Groups Beginning in privileged EXEC mode, follow these steps to create a two-port group: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface Enter interface configuration mode, and enter the port of the first port to be added to the group.
Page 217: Configuring Protected Ports
Chapter 7 Configuring the Switch Ports Configuring Protected Ports Configuring Protected Ports Some applications require that no traffic be forwarded by the Layer 2 protocol between ports on the same switch. In such an environment, there is no exchange of unicast, broadcast, or multicast traffic between ports on the switch, and traffic between ports on the same switch is forwarded through a Layer 3 device such as a router.
Page 218: Enabling Port Security
Chapter 7 Configuring the Switch Ports Enabling Port Security Enabling Port Security Secured ports restrict a port to a user-defined group of stations. When you assign secure addresses to a secure port, the switch does not forward any packets with source addresses outside the group of addresses you have defined.
Page 219: Defining The Maximum Secure Address Count
Chapter 7 Configuring the Switch Ports Enabling Port Security Defining the Maximum Secure Address Count A secure port can have from 1 to 132 associated secure addresses. Setting one address in the MAC address table for the port ensures that the attached device has the full bandwidth of the port.
Page 220: Enabling Span
Chapter 7 Configuring the Switch Ports Enabling Port Security Enabling SPAN You can use Switch Port Analyzer (SPAN) to monitor traffic on a given port by forwarding incoming and outgoing traffic on the port to another port in the same VLAN.
Page 221: Configuring Voice Ports
IEEE 802.1p class of service (CoS). QoS uses classification and scheduling to transmit network traffic from the switch in a predictable manner. The Cisco 7960 IP Phone itself is also a configurable device, and you can configure it to forward traffic with an 802.1p priority.
Page 222: Preparing A Port For A Cisco 7960 Ip Phone Connection
Configuring a Port to Connect to a Cisco 7960 IP Phone Because a Cisco 7960 IP Phone also supports connection to a PC or other device, a port connecting a Catalyst 3524-PWR XL switch to a Cisco 7960 IP Phone can carry mixed traffic.
Page 223: Overriding The Cos Priority Of Incoming Frames
Configuring Voice Ports Overriding the CoS Priority of Incoming Frames A PC or other data device can connect to a Cisco 7960 IP Phone port. The PC can generate packets with an assigned CoS value. If you want, you can use the Catalyst 3524-PWR XL CLI to override the priority of frames arriving on the phone port from connected devices.
Page 224: Configuring Voice Ports To Carry Voice And Data Traffic On Different Vlans
Configuring Voice Ports to Carry Voice and Data Traffic on Different VLANs The Cisco 7960 IP Phone has an integrated three-port 10/100 switch that can connect to a PC or other device. You can configure a switch port to instruct the phone to forward voice and data traffic on different virtual LANs (VLANs).
Page 225: Configuring Inline Power On The Catalyst 3524-Pwr Ports
IP voice traffic to and from the phone. The Catalyst 3524-PWR XL senses if it is connected to a Cisco 7960 IP Phone. If there is no power on the circuit, the switch supplies the power. If there is power on the circuit, the switch does not supply it.
Page 226: Configuring The Lre Ports
The LRE link settings on the LRE ports define the connection between the switch LRE port and the WALL port on the Cisco 575 LRE CPE. The LRE link provides symmetric and asymmetric bandwidth for voice and data traffic. Symmetrical transmission is when the downstream and upstream bandwidth are the same.
Page 227 The standards for spectral profiles have not yet been ratified. The PUBLIC-ANSI profile corresponds to ANSI Plan 998. The PUBLIC-ETSI profile corresponds to ETSI Plan 997. Both plans are draft standards. Contact Cisco Systems for the latest information about standards ratification or for updates to the public profiles. •...
Page 228: Lre Profiles
Note type of cable you use, how it is bundled, and the interference and noise on the LRE link can affect the actual LRE link performance. Contact Cisco Systems for information about limitations and optimization of LRE link performance. The net data rates in...
Page 229: Lre Ethernet Links
Ethernet port, and they define the connection between the Ethernet port on the Cisco 575 LRE CPE and an Ethernet device such as a PC or a television set-top box. You can set the CPE Ethernet port to operate at 10 or 100 Mbps and at half- or full-duplex mode, depending on the capability of the remote Ethernet device.
Page 230 Chapter 7 Configuring the Switch Ports Configuring the LRE Ports • Enable CDP either globally on the LRE switch or on the specific LRE ports. The switch 10/100 port defaults are not the same as the defaults for the • Ethernet link on the LRE ports.
Page 231: Assigning A Public Profile To All Lre Ports
Chapter 7 Configuring the Switch Ports Configuring the LRE Ports Assigning a Public Profile to All LRE Ports Public profiles are set on a switch-wide (global) basis. The public profile you select should be compatible with the PSTN to which the LRE switch is connected. Public profiles have priority over private profiles.
Page 232: Assigning A Private Profile To An Lre Port
Chapter 7 Configuring the Switch Ports Configuring the LRE Ports Assigning a Private Profile to an LRE Port Private profiles are set on a per-port basis. You can assign the same private profile or different private profiles to the LRE ports on the switch. The default active private profile on all LRE ports is LRE-10.
Page 233: Configuring Vlans
This chapter does not repeat the concepts and CLI procedures provided in the standard Cisco IOS Release 12.0 documentation. For switch features that use standard Cisco IOS Release 12.0 commands, refer to the Cisco IOS Release 12.0 documentation on Cisco.com for additional information and CLI procedures.
Page 234: Overview
Figure 8-1 VLANs as Logically Defined Networks Engineering Marketing Accounting Catalyst 3500 VLAN VLAN VLAN series XL Cisco router Floor 3 Catalyst 2900 series XL Fast Ethernet Floor 2 Catalyst 2900 series XL Floor 1 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide...
Page 235 Chapter 8 Configuring VLANs Overview Table 8-1 lists the number of supported VLANs on the switches. Table 8-1 Maximum Number of Supported VLANs Number of Trunking Switch Supported VLANs Supported? Catalyst 2912 XL, Catalyst 2924 XL, and Catalyst 2924C XL switches Catalyst 2900 LRE XL switches Catalyst 2912M and Catalyst 2924M modular switches Catalyst 3500 XL switches...
Page 236: Management Vlans
VLAN change. • Switches running a version of IOS software that is earlier than Cisco IOS 12.0(5)XP cannot change the management VLAN. Switches running Cisco IOS 12.0(5)XP should be upgraded to the current •...
Page 237: Changing The Management Vlan For A New Switch
Chapter 8 Configuring VLANs Management VLANs Changing the Management VLAN for a New Switch If you add a new switch to an existing cluster and the cluster is using a management VLAN other than the default VLAN 1, the command switch automatically senses that the new switch has a different management VLAN and has not been configured.
Page 238: Changing The Management Vlan Through A Telnet Connection
Chapter 8 Configuring VLANs Management VLANs Changing the Management VLAN Through a Telnet Connection Before you start, review the “Management VLANs” section on page 8-4. Beginning in privileged EXEC mode on the command switch, follow these steps to configure the management VLAN interface through a Telnet connection: Command Purpose Step 1...
Page 239: Assigning Vlan Port Membership Modes
Chapter 8 Configuring VLANs Assigning VLAN Port Membership Modes Assigning VLAN Port Membership Modes You configure a port to belong to a VLAN by assigning a membership mode that determines the kind of traffic the port carries and the number of VLANs it can belong to.
Page 240: Vlan Membership Combinations
Chapter 8 Configuring VLANs Assigning VLAN Port Membership Modes When a port belongs to a VLAN, the switch learns and manages the addresses associated with the port on a per-VLAN basis. For more information, see the “Managing the MAC Address Tables” section on page 6-56.
Page 241 Chapter 8 Configuring VLANs Assigning VLAN Port Membership Modes Table 8-3 VLAN Combinations (continued) Port Mode VTP Required? Configuration Procedure Comments Static-access and Recommended “Configuring VTP Server You can configure at least one trunk ports Mode” section on trunk port on the switch and make page 8-21 sure that this trunk port is connected to the trunk port of a...
Page 242: Assigning Static-Access Ports To A Vlan
Chapter 8 Configuring VLANs Assigning Static-Access Ports to a VLAN Assigning Static-Access Ports to a VLAN By default, all ports are static-access ports assigned to the management VLAN, VLAN 1. You can assign a static-access port to a VLAN without having VTP globally propagate VLAN configuration information (VTP is disabled).
Page 243: Overlapping Vlans And Multi-Vlan Ports
Two VLANs Sharing a Port Connected to a Router Ports in static-access mode VLAN 77 VLAN 42 Cisco router Port in multi-VLAN mode Caution To avoid unpredictable STP behavior and a loss of connectivity, do not connect multi-VLAN ports to hubs or switches. Connect multi-VLAN ports to routers or servers.
Page 244: Using Vtp
Chapter 8 Configuring VLANs Using VTP Beginning in privileged EXEC mode, follow these steps to assign ports for multi-VLAN membership: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface Enter interface configuration mode, and enter the port to be added to the VLAN.
Page 245: The Vtp Domain
Chapter 8 Configuring VLANs Using VTP The VTP Domain A VTP domain (also called a VLAN management domain) consists of one switch or several interconnected switches under the same administrative responsibility. A switch can be in only one VTP domain. You make global VLAN configuration changes for the domain by using the CLI, Cluster Management software, or SNMP.
Page 246: Vtp Modes And Mode Transitions
Chapter 8 Configuring VLANs Using VTP VTP Modes and Mode Transitions You can configure a supported switch to be in one of the VTP modes listed in Table 8-4. Table 8-4 VTP Modes VTP Mode Description VTP server In this mode, you can create, modify, and delete VLANs and specify other configuration parameters (such as VTP version) for the entire VTP domain.
Page 247: Vtp Advertisements
Chapter 8 Configuring VLANs Using VTP Two configurations can cause a switch to automatically change its VTP mode: When the network is configured with more than the maximum 250 VLANs • (some models support a maximum of 64 VLANs), the switch automatically changes from VTP server or client mode to VTP transparent mode.
Page 248: Vtp Version 2
Chapter 8 Configuring VLANs Using VTP VTP advertisements distribute the following VLAN information for each configured VLAN: • VLAN ID VLAN name • VLAN type • • VLAN state Additional VLAN configuration information specific to the VLAN type • VTP Version 2 VTP version 2 supports the following features not supported in version 1: Token Ring support—VTP version 2 supports Token Ring LAN switching •...
Page 249: Vtp Pruning
Chapter 8 Configuring VLANs Using VTP VTP Pruning Pruning increases available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to reach the destination devices. Without VTP pruning, a switch floods broadcast, multicast, and unknown unicast traffic across all trunk links within a VTP domain even though receiving switches might discard them.
Page 250: Vtp Configuration Guidelines
Chapter 8 Configuring VLANs Using VTP VTP Configuration Guidelines The following sections describe the guidelines you should follow when configuring the VTP domain name and password and the VTP version number. Domain Names When configuring VTP for the first time, you must always assign a domain name. All switches in the VTP domain must also be configured with the same domain name.
Page 251: Upgrading From Previous Software Releases
Upgrading from Previous Software Releases When you upgrade from a software version that supports VLANs but does not support VTP, such as Cisco IOS Release 11.2(8)SA3, to a version that does support VTP, ports that belong to a VLAN retain their VLAN membership, and VTP enters transparent mode.
Page 252: Default Vtp Configuration
EXEC rcommand command. For more information on how to use this command, refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference. The Cisco IOS end and Ctrl-Z commands are not supported in VLAN database Note mode.
Page 253: Configuring Vtp Server Mode
Chapter 8 Configuring VLANs Using VTP Configuring VTP Server Mode When a switch is in VTP server mode, you can change the VLAN configuration and have it propagated throughout the network. Beginning in privileged EXEC mode, follow these steps to configure the switch for VTP server mode: Command Purpose...
Page 254: Configuring Vtp Client Mode
Chapter 8 Configuring VLANs Using VTP Configuring VTP Client Mode When a switch is in VTP client mode, you cannot change its VLAN configuration. The client switch receives VTP updates from a VTP server in the VTP domain and then modifies its configuration accordingly. Caution Do not configure a VTP domain name if all switches are operating in VTP client mode.
Page 255: Disabling Vtp (Vtp Transparent Mode)
Chapter 8 Configuring VLANs Using VTP Disabling VTP (VTP Transparent Mode) When you configure the switch for VTP transparent mode, you disable VTP on the switch. The switch then does not send VTP updates and does not act on VTP updates received from other switches.
Page 256: Enabling Vtp Version 2
Chapter 8 Configuring VLANs Using VTP Enabling VTP Version 2 VTP version 2 is disabled by default on VTP version 2-capable switches. When you enable VTP version 2 on a switch, every VTP version 2-capable switch in the VTP domain enables version 2. Caution VTP version 1 and VTP version 2 are not interoperable on switches in the same VTP domain.
Page 257: Disabling Vtp Version 2
Chapter 8 Configuring VLANs Using VTP Disabling VTP Version 2 Beginning in privileged EXEC mode, follow these steps to disable VTP version 2: Command Purpose Step 1 vlan database Enter VLAN configuration mode. Step 2 no vtp v2-mode Disable VTP version 2. Step 3 exit Update the VLAN database, propagate it throughout the...
Page 258: Monitoring Vtp
Chapter 8 Configuring VLANs Using VTP Beginning in privileged EXEC mode, follow these steps to enable VTP pruning: Command Purpose Step 1 vlan database Enter VLAN configuration mode. Step 2 vtp pruning Enable pruning in the VTP administrative domain. By default, pruning is disabled. You only need to enable pruning on one switch in VTP server mode.
Page 259: Vlans In The Vtp Database
Chapter 8 Configuring VLANs VLANs in the VTP Database VLANs in the VTP Database You can set the following parameters when you add a new VLAN to or modify an existing VLAN in the VTP database: VLAN ID • • VLAN name VLAN type (Ethernet, Fiber Distributed Data Interface [FDDI], FDDI •...
Page 260: Vlan Configuration Guidelines
Chapter 8 Configuring VLANs VLANs in the VTP Database VLAN Configuration Guidelines Follow these guidelines when creating and modifying VLANs in your network: A maximum of 250 VLANs can be active on supported switches, but some • models only support 64 VLANs. If VTP reports that there are 254 active VLANs, 4 of the active VLANs (1002 to 1005) are reserved for Token Ring and FDDI.
Page 261 Chapter 8 Configuring VLANs VLANs in the VTP Database Table 8-6 Ethernet VLAN Defaults and Ranges Parameter Default Range VLAN ID 1–1005 VLAN name VLANxxxx, where xxxx is the VLAN ID No range 802.10 SAID 100000+VLAN ID 1–4294967294 MTU size 1500 1500–18190 Translational...
Page 262 Chapter 8 Configuring VLANs VLANs in the VTP Database Table 8-8 FDDI-Net VLAN Defaults and Ranges Parameter Default Range VLAN ID 1004 1–1005 VLAN name VLANxxxx, where xxxx is the VLAN ID No range 802.10 SAID 100000+VLAN ID 1–4294967294 MTU size 1500 1500–18190 Bridge number...
Page 263 Chapter 8 Configuring VLANs VLANs in the VTP Database Table 8-10 Token Ring (TrCRF) VLAN Defaults and Ranges Parameter Default Range VLAN ID 1003 1–1005 VLAN name VLANxxxx, where xxxx is the VLAN ID No range 802.10 SAID 100000+VLAN ID 1–4294967294 Ring Number VTPv1 default 0;...
Page 264: Configuring Vlans In The Vtp Database
EXEC show vlan command. The vlan.dat file is stored in nonvolatile memory. The vlan.dat file is upgraded automatically, but you cannot return to an earlier version of Cisco IOS after you upgrade to this release. You can cause inconsistency in the VLAN database if you attempt to manually Caution delete the vlan.dat file.
Page 265: Adding A Vlan
Chapter 8 Configuring VLANs VLANs in the VTP Database Adding a VLAN Each VLAN has a unique, 4-digit ID that can be a number from 1 to 1001. To add a VLAN to the VLAN database, assign a number and name to the VLAN. For the list of default parameters that are assigned when you add a VLAN, see the “Default VLAN Configuration”...
Page 266: Modifying A Vlan
Chapter 8 Configuring VLANs VLANs in the VTP Database Modifying a VLAN Beginning in privileged EXEC mode, follow these steps to modify an Ethernet VLAN: Command Purpose Step 1 vlan database Enter VLAN configuration mode. Step 2 vlan vlan-id mtu mtu-size Identify the VLAN, and change the MTU size.
Page 267: Assigning Static-Access Ports To A Vlan
Chapter 8 Configuring VLANs VLANs in the VTP Database Beginning in privileged EXEC mode, follow these steps to delete a VLAN on the switch: Command Purpose Step 1 vlan database Enter VLAN configuration mode. Step 2 no vlan vlan-id Remove the VLAN by using the VLAN ID. Step 3 exit Update the VLAN database, propagate it throughout the...
Page 268: How Vlan Trunks Work
Trunks carry the traffic of multiple VLANs and can extend VLANs across an entire network. 100BASE-T and Gigabit Ethernet trunks use Cisco Inter-Switch Link (ISL), the default protocol, or industry-standard IEEE 802.1Q to carry traffic for multiple VLANs over a single link.
Page 269: Ieee 802.1Q Configuration Considerations
Chapter 8 Configuring VLANs How VLAN Trunks Work IEEE 802.1Q Configuration Considerations IEEE 802.1Q trunks impose some limitations on the trunking strategy for a network. The following restrictions apply when using 802.1Q trunks: • Make sure the native VLAN for an 802.1Q trunk is the same on both ends of the trunk link.
Page 270: Configuring A Trunk Port
Chapter 8 Configuring VLANs How VLAN Trunks Work Table 8-11 Trunks Interacting with Other Features (continued) Switch Feature Trunk Port Interaction Blocking unicast The port block interface configuration command can be and multicast used to block the forwarding of unknown unicast and packets on a trunk multicast packets to VLANs on a trunk.
Page 271 Chapter 8 Configuring VLANs How VLAN Trunks Work Beginning in privileged EXEC mode, follow these steps to configure a port as an ISL or 802.1Q trunk port: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface_id Enter the interface configuration mode and the port to be configured for trunking.
Page 272: Disabling A Trunk Port
Chapter 8 Configuring VLANs How VLAN Trunks Work Disabling a Trunk Port You can disable trunking on a port by returning it to its default static-access mode. Beginning in privileged EXEC mode, follow these steps to disable trunking on a port: Command Purpose...
Page 273 Chapter 8 Configuring VLANs How VLAN Trunks Work Beginning in privileged EXEC mode, follow these steps to modify the allowed list of a ISL or 802.1Q trunk: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface_id Enter interface configuration mode and the port to be added to the VLAN.
Page 274: Changing The Pruning-Eligible List
Chapter 8 Configuring VLANs How VLAN Trunks Work Changing the Pruning-Eligible List The pruning-eligible list applies only to trunk ports. Each trunk port has its own eligibility list. VTP Pruning must be enabled for the following procedure to take effect. The “Enabling VTP Pruning”...
Page 275: Configuring The Native Vlan For Untagged Traffic
Chapter 8 Configuring VLANs How VLAN Trunks Work Configuring the Native VLAN for Untagged Traffic A trunk port configured with 802.1Q tagging can receive both tagged and untagged traffic. By default, the switch forwards untagged traffic with the native VLAN configured for the port. The native VLAN is VLAN 1 by default. Note The native VLAN can be assigned any VLAN ID, and it is not dependent on the management VLAN.
Page 276: Configuring 802.1P Class Of Service
Chapter 8 Configuring VLANs Configuring 802.1p Class of Service Configuring 802.1p Class of Service The Catalyst 2900 XL and Catalyst 3500 XL switches provide quality of service (QoS)-based IEEE 802.1p class of service (CoS) values. QoS uses classification and scheduling to transmit network traffic from the switch in a predictable manner.
Page 277: Port Scheduling
Chapter 8 Configuring VLANs Configuring 802.1p Class of Service Port Scheduling Each port on the switch has a single receive queue buffer (the ingress port) for incoming traffic. When an untagged frame arrives, it is assigned the value of the port as its port default priority.
Page 278: Configuring The Cos Port Priorities
Chapter 8 Configuring VLANs Load Sharing Using STP Configuring the CoS Port Priorities Beginning in privileged EXEC mode, follow these steps to set the port priority for untagged (native) Ethernet frames: Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 interface interface Enter the interface to be configured.
Page 279: Load Sharing Using Stp Port Priorities
Chapter 8 Configuring VLANs Load Sharing Using STP Load Sharing Using STP Port Priorities When two ports on the same switch form a loop, the STP port priority setting determines which port is enabled and which port is in standby mode. You can set the priorities on a parallel trunk port so that the port carries all the traffic for a given VLAN.
Page 280: Configuring Stp Port Priorities And Load Sharing
Chapter 8 Configuring VLANs Load Sharing Using STP Configuring STP Port Priorities and Load Sharing Beginning in privileged EXEC mode, follow these steps to configure the network shown in Figure 8-5: Command Purpose Step 1 vlan database On Switch 1, enter VLAN configuration mode. Step 2 vtp domain domain-name Configure a VTP administrative domain.
Page 281 Chapter 8 Configuring VLANs Load Sharing Using STP Command Purpose Step 16 interface fa0/1 Enter interface configuration mode, and define the interface to set the STP port priority. Step 17 spanning-tree vlan 8 9 10 Assign the port priority of 10 for VLANs 8, 9, and 10. port-priority 10 Step 18 Return to global configuration mode.
Page 282: Load Sharing Using Stp Path Cost
Chapter 8 Configuring VLANs Load Sharing Using STP Load Sharing Using STP Path Cost You can configure parallel trunks to share VLAN traffic by setting different path costs on a trunk and associating the path costs with different sets of VLANs. The VLANs keep the traffic separate;...
Page 283 Chapter 8 Configuring VLANs Load Sharing Using STP Beginning in privileged EXEC mode, follow these steps to configure the network shown in Figure 8-6: Command Purpose Step 1 configure terminal Enter global configuration mode on Switch 1. Step 2 interface fa0/1 Enter interface configuration mode, and define Fa0/1 as the interface to be configured as a trunk.
Page 284: How The Vmps Works
Chapter 8 Configuring VLANs How the VMPS Works How the VMPS Works A switch running this software release acts as a client to the VLAN Membership Policy Server (VMPS) and communicates with it through the VLAN Query Protocol (VQP). When the VMPS receives a VQP request from a client switch, it searches its database for a MAC-address-to-VLAN mapping.
Page 285: Dynamic Port Vlan Membership
Chapter 8 Configuring VLANs How the VMPS Works Dynamic Port VLAN Membership A dynamic (nontrunking) port on the switch can belong to only one VLAN. When the link comes up, the switch does not forward traffic to or from this port until the VMPS provides the VLAN assignment.
Page 286: Vmps Database Configuration File
Chapter 8 Configuring VLANs How the VMPS Works VMPS Database Configuration File The VMPS contains a database configuration file that you create. This ASCII text file is stored on a switch-accessible TFTP server that functions as a VMPS server. The file contains VMPS information, such as the domain name, the fall-back VLAN name, and the MAC address-to-VLAN mapping.
Page 287 Chapter 8 Configuring VLANs How the VMPS Works ! address <addr> vlan-name <vlan_name> address 0012.2233.4455 vlan-name hardware address 0000.6509.a080 vlan-name hardware address aabb.ccdd.eeff vlan-name Green address 1223.5678.9abc vlan-name ExecStaff address fedc.ba98.7654 vlan-name --NONE-- address fedc.ba23.1245 vlan-name Purple !Port Groups !vmps-port-group <group-name> ! device <device-id>...
Page 288: Vmps Configuration Guidelines
Chapter 8 Configuring VLANs How the VMPS Works VMPS Configuration Guidelines The following guidelines and restrictions apply to dynamic port VLAN membership: • You must configure the VMPS before you configure ports as dynamic. The communication between a cluster of switches and VMPS is managed by •...
Page 289: Default Vmps Configuration
Chapter 8 Configuring VLANs How the VMPS Works Default VMPS Configuration Table 8-13 shows the default VMPS and dynamic port configuration on client switches. Table 8-13 Default VMPS Client and Dynamic Port Configuration Feature Default Configuration VMPS domain server None VMPS reconfirm interval 60 minutes VMPS server retry count...
Page 290: Configuring Dynamic Ports On Vmps Clients
Chapter 8 Configuring VLANs How the VMPS Works Configuring Dynamic Ports on VMPS Clients If you are configuring a port on a member switch as a dynamic port, first log into the member switch by using the privileged EXEC rcommand command. For more information on how to use this command, refer to the Catalyst 2900 Series XL and Catalyst 3500 Series XL Command Reference.
Page 291: Reconfirming Vlan Memberships
Chapter 8 Configuring VLANs How the VMPS Works Reconfirming VLAN Memberships Beginning in privileged EXEC mode, follow these steps to confirm the dynamic port VLAN membership assignments that the switch has received from the VMPS: Command Purpose Step 1 vmps reconfirm Reconfirm dynamic port VLAN membership.
Page 292: Changing The Retry Count
Chapter 8 Configuring VLANs How the VMPS Works Changing the Retry Count Beginning in privileged EXEC mode, follow these steps to change the number of times that the switch attempts to contact the VMPS before querying the next server: Command Purpose Step 1 configure terminal...
Page 293: Troubleshooting Dynamic Port Vlan Membership
Chapter 8 Configuring VLANs How the VMPS Works Troubleshooting Dynamic Port VLAN Membership The VMPS shuts down a dynamic port under these conditions: The VMPS is in secure mode, and it will not allow the host to connect to the •...
Page 294 Chapter 8 Configuring VLANs How the VMPS Works Figure 8-7 Dynamic Port VLAN Membership Configuration TFTP server Catalyst 5000 series Primary VMPS Router Server 1 172.20.26.150 Switch 1 172.20.22.7 Client Dynamic-access port 172.20.26.151 station 1 Switch 2 Trunk port Secondary VMPS 172.20.26.152 Server 2 Switch 3...
Page 295: Troubleshooting
C H A P T E R Troubleshooting This chapter provides the following information about avoiding and resolving problems related to the switch software. • Avoiding configuration conflicts • Avoiding autonegotiation mismatches • Copying configuration files to troubleshooting configuration problems Troubleshooting the Long-Reach Ethernet port configuration •...
Page 296: Chapter 9 Troubleshooting
Chapter 9 Troubleshooting Avoiding Configuration Conflicts Avoiding Configuration Conflicts Certain combinations of port features conflict with one another. For example, if you define a port as the network port for a VLAN, all unknown unicast and multicast traffic is flooded to the port. You could not enable port security on the network port because a secure port limits the traffic allowed on it.
Page 297: Avoiding Autonegotiation Mismatches
Chapter 9 Troubleshooting Avoiding Autonegotiation Mismatches Avoiding Autonegotiation Mismatches The IEEE 802.3u autonegotiation protocol manages the switch settings for speed (10 Mbps or 100 Mbps) and duplex (half or full). Sometimes this protocol can incorrectly align these settings, reducing performance. A mismatch occurs under these circumstances: •...
Page 298: Troubleshooting Lre Port Configuration
Chapter 9 Troubleshooting Troubleshooting LRE Port Configuration Troubleshooting LRE Port Configuration Table 9-2 lists problems you might encounter when configuring and monitoring the Long-Reach Ethernet (LRE) ports on the Catalyst 2900 LRE XL switches. Table 9-2 LRE Port Problems Problem Suggested Solution LRE port LED is amber The switch and CPE are unable to establish a LRE link using the selected...
Page 299: Troubleshooting Cms Sessions
CMS requires a Java plug-in to function correctly. For instructions on • Visual Switch Manager downloading and installing the plug-in, refer to the release notes. from the Cisco Systems If your PC is connected to the Internet when you attempt to Note Access page.
Page 300 (For switches running Start Internet Explorer. software earlier than From the menu bar, select Tools > Internet Options. Cisco IOS From the Internet Options window, click Advanced. Release 12.0(5)WC(1).) Select the Java logging enabled and JIT compiler for virtual machine enabled check boxes, and click Apply.
Page 301 Chapter 9 Troubleshooting Troubleshooting CMS Sessions Table 9-3 Common CMS Session Problems (continued) Problem Suggested Solution Add the switches you want to manage by entering their URLs in the Add this web site to the zone field. Click Add to add each switch. A URL is the switch IP address preceded by http://.
Page 302: Determining Why A Switch Is Not Added To A Cluster
Chapter 9 Troubleshooting Determining Why a Switch Is Not Added to a Cluster Determining Why a Switch Is Not Added to a Cluster If a switch does not become part of the cluster, you can learn why by selecting Views > Toggle View from the menu bar in Cluster Builder. Cluster View displays the cluster as a double-switch icon and shows connections to devices outside the cluster (Figure...
Page 303: Copying Configuration Files To Troubleshoot Configuration Problems
Chapter 9 Troubleshooting Copying Configuration Files to Troubleshoot Configuration Problems Copying Configuration Files to Troubleshoot Configuration Problems You can use the file system in Flash memory to copy files and to troubleshoot configuration problems. This could be useful if you wanted to save configuration files on an external server in case a switch fails.
Page 304: Troubleshooting Switch Upgrades
Chapter 9 Troubleshooting Troubleshooting Switch Upgrades Step 2 Enter the copy running-config startup-config privileged EXEC command to save your configuration changes to Flash memory so that they are not lost if there is a system reload or power outage. This example shows how to use this command to save your changes: switch# copy running-config startup-config Building configuration...
Page 305 Chapter 9 Troubleshooting Troubleshooting Switch Upgrades Table 9-4 Problems Encountered When Upgrading the Switch (continued) Problem Suggested Solution Getting This error message appears when the boot parameters are not set correctly. In “Permission most of the cases, when setting the boot parameters during or after the upgrade, Denied”...
Page 306 Chapter 9 Troubleshooting Troubleshooting Switch Upgrades Table 9-4 Problems Encountered When Upgrading the Switch (continued) Problem Suggested Solution Failed software This might be due to a corrupt or incorrect image, or the image in Flash might be upgrade; switch is missing.
Page 307: Recovery Procedures
Chapter 9 Troubleshooting Recovery Procedures Recovery Procedures The recovery procedures in this section require that you have physical access to the switch. Recovery procedures include the following topics: Recovering from lost member connectivity • • Recovering from a command-switch failure Recovering from a lost or forgotten password •...
Page 308: Recovering From A Command Switch Failure
Chapter 9 Troubleshooting Recovery Procedures Recovering from a Command Switch Failure This section describes how to recover from a failed command switch. If you are running IOS Release 12.0(5)XU, you can configure a redundant command switch group by using the Hot Standby Router Protocol (HSRP). For more information, see the “Designating and Enabling Standby Command Switches”...
Page 309 Chapter 9 Troubleshooting Recovery Procedures Replacing a Failed Command Switch with a Cluster Member Follow these steps to replace a failed command switch with a command-capable member of the same cluster: Disconnect the command switch from the member switches, and physically Step 1 remove it from the cluster.
Page 310 Chapter 9 Troubleshooting Recovery Procedures Step 9 Use the setup program to configure the switch IP information. This program prompts you for an IP address, subnet mask, default gateway, and password. From privileged EXEC mode, enter setup, and press Return. Switch# setup --- System Configuration Dialog --- At any point you may enter a question mark ’?’...
Page 311 Chapter 9 Troubleshooting Recovery Procedures Step 16 Enter the password of the failed command switch, and press Return. Note The password can be from 1 to 25 alphanumeric characters, can start with a number, is case sensitive, allows spaces, but ignores leading spaces.
Page 312 Chapter 9 Troubleshooting Recovery Procedures ip default-gateway 172.20.153.01 hostname host_name enable secret 5 $1$M3pS$cXtAlkyR3/6Cn8/ line vty 0 15 password telnet_password snmp community private rw snmp community public ro cluster enable cls_name Step 22 Verify that the information is correct. If the information is correct, enter Y at the prompt, and press Return. •...
Page 313 Chapter 9 Troubleshooting Recovery Procedures Replacing a Failed Command Switch with Another Switch Follow these steps when you are replacing a failed command switch with a switch that is command-capable but not part of the cluster: Insert the new switch in place of the failed command switch, and duplicate its Step 1 connections to the cluster members.
Page 314 Chapter 9 Troubleshooting Recovery Procedures Step 10 Enter the IP address of the default gateway, and press Return. IP address of the default gateway: ip_address Enter a host name for the switch, and press Return. Step 11 On a command switch, the host name is limited to 28 characters; on Note a member switch to 31 characters.
Page 315 Chapter 9 Troubleshooting Recovery Procedures Step 16 Assign a name to the cluster, and press Return. Enter cluster name: cls_name The cluster name can be 1 to 31 alphanumeric characters, dashes, or Note underscores. The initial configuration is displayed: Step 17 The following configuration command script was created: ip subnet-zero interface VLAN1...
Page 316: Recovering From A Failed Command Switch Without Hsrp
Chapter 9 Troubleshooting Recovery Procedures Recovering from a Failed Command Switch Without HSRP If a command switch fails and there is no standby command switch configured, member switches continue forwarding among themselves, and they can still be managed through normal standalone means. You can configure member switches through the console-port CLI, and they can be managed through SNMP, HTML, and Telnet after you assign an IP address to them.
Page 317 Chapter 9 Troubleshooting Recovery Procedures load_helper boot Initialize the Flash file system: Step 5 switch: flash_init If you had set the console port speed to anything other than 9600, it has been reset Step 6 to that particular speed. Change the emulation software line speed to match that of the switch console port.
Page 318 Chapter 9 Troubleshooting Recovery Procedures Step 10 Boot the system: switch: boot You are prompted to start the setup program. Enter N at the prompt: Continue with the configuration dialog? [yes/no]: N At the switch prompt, change to privileged EXEC mode: Step 11 switch>...
Page 319: Recovering From Corrupted Software
Chapter 9 Troubleshooting Recovery Procedures Recovering from Corrupted Software Switch software can be corrupted during an upgrade, by downloading the wrong file to the switch, and by deleting the image file. In all these cases, the switch does not pass the power-on self-test (POST), and there is no connectivity. The following procedure uses the XMODEM Protocol to recover from a corrupt or wrong image file.
Page 320 Chapter 9 Troubleshooting Recovery Procedures Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 9-26 78-6511-05...
Page 321: Appendix
A P P E N D I X System Error Messages This appendix describes the IOS system error messages for the switch. The system software sends these error messages to the console (and, optionally, to a logging server on another system) during operation. Not all system error messages indicate problems with your system.
Page 322: How To Read System Error Messages
Appendix A System Error Messages How to Read System Error Messages How to Read System Error Messages System error messages begin with a percent sign (%) and are structured as follows: %FACILITY-SUBFACILITY-SEVERITY-MNEMONIC: Message-text • FACILITY is a code consisting of two or more uppercase letters that indicate the facility to which the message refers.
Page 323: How To Read
Appendix A System Error Messages How to Read System Error Messages • SEVERITY is a single-digit code from 0 to 7 that reflects the severity of the condition. The lower the number, the more serious the situation. Table A-2 lists the message severity levels. MNEMONIC is a code that uniquely identifies the error message.
Page 324: Error Message Traceback Reports
Appendix A System Error Messages Error Message Traceback Reports The following is a sample system error message: %LINK-2-BADVCALL: Interface [chars], undefined entry point Some error messages also indicate the card and slot reporting the error. These error messages begin with a percent sign (%) and are structured as follows: %CARD-SEVERITY-MSG:SLOT %FACILITY-SEVERITY-MNEMONIC: Message-text CARD is a code that describes the type of card reporting the error.
Page 325: Error Message And Recovery Procedures
Appendix A System Error Messages Error Message and Recovery Procedures Error Message and Recovery Procedures This section lists the switch system messages by facility. Within each facility, the messages are listed by severity levels 0 to 7: 0 is the highest severity level, and 7 is the lowest severity level.
Page 326: Environment Messages
Appendix A System Error Messages Error Message and Recovery Procedures CMP-5-REMOVE The Device is removed from the cluster (Cluster Name:[chars]) The message means that the device is removed from the cluster: Explanation [chars] is the cluster name. No action is required. Action Environment Messages This section contains the Environment error messages.
Page 327: Gigastack Messages
Appendix A System Error Messages Error Message and Recovery Procedures GigaStack Messages This section contains the GigaStack error messages. GIGASTACK-6-LOOP_BROKEN This message means that a loop formed by GigaStack modules is Explanation broken because of link loss. Link 2 of the Master Loop Breaker is re-enabled to replace the broken line.
Page 328: Link Message
Appendix A System Error Messages Error Message and Recovery Procedures Link Message This section contains the Link error message. LINK-4-ERROR [chars] is experiencing errors. This messages means that excessive errors have occurred on this Explanation interface: [char] is the interface. Action Check for duplex mismatches between both ends of the link.
Page 329: Module Message
There might be too many impairments on the connection between the switch and the CPE for the ports to sustain the profile rate. If you suspect the switch or CPE is faulty, contact Cisco Systems. Module Message This section contains the Module error message.
Page 330: Rtd Messages
Appendix A System Error Messages Error Message and Recovery Procedures RTD Messages This section contains the Runtime Diagnostic (RTD) error messages. RTD-1-ADDR_FLAP [chars] relearning [dec] addrs per min Normally, MAC addresses are learned once on a port. Explanation Occasionally, when a switched network reconfigures, due to either manual or STP reconfiguration, addresses learned on one port are relearned on a different port.
Page 331: Storm Control Messages
Appendix A System Error Messages Error Message and Recovery Procedures Storm Control Messages This section contains the Storm Control error message. STORM_CONTROL-2-SHUTDOWN This messages means that excessive traffic has been detected on a Explanation port that has been configured to be shut down if a storm event is detected Action Once the source of the packet storm has been fixed, re-enable the port by using port-configuration commands.
Page 332 Appendix A System Error Messages Error Message and Recovery Procedures Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide A-12 78-6511-05...
Page 333: I N D E X
I N D E X member switches 8-35 Numerics MIB files 1000BASE-T module, Catalyst 2900 XL 1-12 MIB objects 4-6, 4-7 MIBs files objects aaa (authentication, authorization, and variables accounting) Telnet access configuring 6-67 accounting in TACACS+ 6-61 managing 6-61 adding aaa accounting command 6-66...
Page 334 Index described 6-56 ADSL removing advertisements, VTP 6-58 8-15 aging, accelerating 6-26 adding secure 6-58 aging time, changing address 6-57 aging time alarms group, in RMON 6-57 discovering 6-45, 6-56 allowed-VLAN list 8-40 tables, managing American National Standards Institute 6-56 secure see ANSI adding...
Page 335 2-1, 2-35, 4-1, 5-1 Cisco.com xxii buttons, CMS window 2-33 Cisco 575-LRE CPE 1-6, 7-22 Cisco Access Analog Trunk Gateway 1-18 Cisco Access Digital Trunk Gateway 1-18 Cisco CallManager software 1-16, 1-18 cabling, redundant Cisco Discovery Protocol Cancel button...
Page 336 Index IOS Release 12.0 documentation xvi, 3-1 menu bar 2-14 managing cluster members with overview 5-21 2-2, 2-3 overview pop-up menus 2-18, 2-19 saving changes 3-10 port pop-up menu 2-18 using toolbar 2-17 client mode, VTP 8-14 toolbar icons 2-17 Cluster Builder cluster member candidate pop-up menu...
Page 337 Index LRE profiles 5-13 management VLAN accessing 5-11 2-35 NAT commands device labels 5-12 2-25 network port 5-12 features passwords link icons 2-25 SNMP community strings 5-10 overview standby command switches privilege level 6-16 planning considerations, switch-specific requirements 2-35 features 5-13 saving configuration changes 2-37...
Page 338 Index default redundant (standby) 5-17 dir flash replacing getting help (?) with another switch 9-19 help with cluster member 9-15 list of available requirements 3-4, 3-6 name 5-18 standby 5-5, 5-17 see also candidates, member switches port block command variables, listing 8-38 preempt community strings...
Page 339 Index configuration changes, saving duplex 7-2, 7-3 dynamic ports on VMPS clients 3-10 8-58 dynamic VLAN membership 2-37 8-57 configuration examples, network 1-10 flooding controls collapsed backbone and switch cluster flow control 1-16 design concepts hello time 6-40 cost-effective wiring closet hops 1-12 6-23...
Page 340 Index UplinkFast 6-26 CSUF 6-31 switches configuring 6-37 member connecting stack ports 5-21 6-35 TACACS+ 6-61 fast convergence causes 6-33 trap managers limitations 6-19 6-35 trunk port 8-38 overview 6-31 trunks Current Multicast Groups table 8-37, 8-39 6-48 VLANs customer premises equipment 8-1, 8-28, 8-32 see CPE 8-18, 8-20...
Page 341 Index DHCP 1-3, 6-4 documentation, CD-ROM Client Request Process Catalyst 2900 XL and Catalyst 3500 XL configuring DHCP server Cisco configuring domain name and DNS documentation, IOS Release 12.0 xvi, 3-1 configuring relay device documentation, related configuring TFTP server domain name...
Page 342 Index dynamic port VLAN membership port security 7-14, 7-15 configuration example SNMP 8-61 6-18 configuring SPAN 8-58 7-16 example 8-61 STP Port Fast 6-42 overview UplinkFast 8-53 6-30 reconfirming 8-59 VTP pruning 8-25 troubleshooting VTP version 2 8-61 8-24 VMPS database configuration file encapsulation 8-54 8-44...
Page 343 1000BASE-T module 1-12 default settings 1000BASE-ZX module 1-12 incompatible GigaStack 1-12 get-next-request operation feedback to Cisco Systems, web get-request operation File Transfer Protocol get-response operation see FTP, accessing MIB files Gigabit Ethernet Flash memory, files in 9-9, 9-10 clusters, illustrated...
Page 344 Index Gigabit Interface Converter see GBICs IEEE 802.1p 7-17 GigaStack system error messages IEEE 802.1Q global configuration mode configuration considerations 8-37 graphs interaction with other features 8-37 bandwidth 2-9, 2-20 native VLAN for untagged traffic 8-43 poll result overview 8-36 IEEE 802.1Q trunks 8-37 ingress port scheduling...
Page 345 Index point of access in redundant clusters LEDs removing duplex mode 2-10 switch clusters front-panel images see also IP information LINE PWR mode 2-10 IP connectivity to the switch LRE mode 2-10 IP information port 2-9, 2-11, 2-12, 2-13 assigning redundant power system configuring displaying...
Page 346 Index location of switches, displaying 5-19 lre profile command 7-28 login authentication, configuring lre profile global command 6-64 7-27 Long-Reach Ethernet lre shutdown command 7-26 see LRE technology LRE technology 1-6, 7-22 LRE-10 private profile 7-24 LRE-15 private profile 7-24 LRE-5 private profile 7-24 LRE link...
Page 347 Index membership mode, VLAN port mismatches, autonegotiation member switches mnemonic code accessing Mode button 8-35 adding model numbers, displaying 5-19 with Cluster Builder modes 5-14 assigning host names to 5-10 command defined VLAN port membership displaying inventory of 5-19 managing see VTP modes 5-21 passwords, inherited...
Page 348 VLANs 8-43 no lre profile global command 7-27 NCPs 6-65 nonhomologated POTS splitter Network Address Translation see Cisco LRE POTS Splitter see NAT (PS-1M-LRE-48) network configuration examples 1-10 Network Control Protocols (NCPs) 6-65 authentication 6-18 network examples...
Page 349 Index standby command switches switch-specific features 5-13 packets polling interval controlling management (CGMP) 6-46 Cluster Builder 2-26 see also traffic switch image 2-15 parallel links 8-46 poll results, graphing passwords 1-23 candidate switch 5-16 pop-up menus changing 6-15 Cluster Builder link 2-30 community strings 6-19...
Page 350 Index port modes configuring flow control on changing settings LEDs 2-10 7-22 port-monitoring conflicts with trunks 8-37 monitoring 8-37 port pop-up menu multi-VLAN 2-18 8-7, 8-10, 8-11, 8-12 Cluster Manager 2-18 network 8-37 priority 2-18 6-43, 8-44, 8-47 ports protected 7-13 secure 7-15, 8-37...
Page 351 Index preempt command 5-18 private 7-23 priority assigning 7-28 modifying switch LRE-10 6-39 7-24 overriding 7-19 LRE-15 7-24 port LRE-5 7-24 described 8-44 public 7-23 modifying assigning a public profile 6-42, 6-43 7-27 standby group member PUBLIC-ANSI 5-17 7-24 private branch exchange PUBLIC-ETSI 7-24 see PBX...
Page 352 Index RPS LED RPS 300 rcommand 5-21 RPS 600 reconfirmation interval, changing 8-59 RTD error messages A-10 recovery procedures 9-13 Runtime Diagnostic redisplaying commands see RTD error messages redundancy cluster 5-17 6-25 path cost 8-50 Save Configuration window 2-17 port priority 8-47 secure address count 7-15...
Page 353 Index server mode, VTP 8-14 configuring for servers, BOOTP single switches 1-3, 6-4 6-18 set-request operation enabling and disabling 6-18 settings management, using default, changing managing clusters with 5-22 duplex 7-2, 7-3 network management platforms Gigabit Ethernet port RMON groups speed trap managers, configuring 6-19...
Page 354 Index spanning-tree rootguard command 6-45 configuring 6-24, 6-26 speed, setting considerations for using STP instances 7-2, 7-3 6-24 speed mode LED disabling 2-10 6-25 Standby Command Configuration window 5-18 forwarding delay timer 6-41 standby command group hello BPDU interval 6-40 configuring 5-5, 5-17 implementation type...
Page 355 Index stp-list parameter 6-24 switch ports, configuring STP port states switch software releases 6-41 SunNet Manager switch-specific features in switch clusters 5-13 switch clusters switch upgrades, troubleshooting 9-10 candidate and cluster member system date and time 6-17 characteristics system error messages command switch characteristics chassis displaying inventory...
Page 356 Index TACACS+ Cluster View 2-27 AAA accounting commands 6-66 2-17 AAA authorization commands topology, CMS 6-65 2-24 configuring 6-61 traceback reports initializing traffic 6-64 server, creating 6-62 blocking flooded starting accounting forwarding, and protected ports 6-66 7-13 tacacs-server host command monitoring 6-62, 6-63 7-16...
Page 357 6-26 IEEE 802.1Q enabling 8-36, 8-37 6-30 interacting with other features 8-37 redundant links 6-28 URLs, Cisco 8-36 load sharing using user EXEC mode STP path costs User Settings window 8-50 2-17 STP port priorities 8-47 native VLAN for untagged traffic...
Page 358 Index VLAN Management Policy Server native, configuring 8-43 see VMPS number supported VLAN membership overlapping 8-11 ATM port overview combinations static-access ports 8-10, 8-34, 8-35 confirming 8-59 STP parameters, changing 6-38 modes supported VLANs port group parameters Token Ring 7-11 8-27 traps trunking...
Page 359 Index reconfirming membership 8-59 described 8-12 retry count, changing 8-60 disabling 8-23 server address, entering on client domain names 8-57 8-18 Voice over IP domains 8-13 configuring 7-17 modes port configuration 7-18 client 8-14 voice ports configurations affecting mode changes 8-15 configuring VVID 7-20...
Page 360 Index VVID 1-5, 7-18 configuring 7-20 warnings xviii window components, CMS 2-31 buttons 2-33 host name list 2-32 lists 2-32 online help 2-33 tabs 2-32 Xmodem protocol 9-25 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide IN-28 78-6511-05...

This manual is also suitable for:

Ws-c2960g-8tc-l

Cisco WS-C2950-24 Configuration Manual

Table of Contents

Chapter 1 Overview

Chapter 2 Getting Started with CM

Chapter 3 Getting Started with the CLI

CHAPTER 4 General Switch Administration

Chapter 5 Clustering Switche

Chapter 6 Configuring the System

Chapter 7 Configuring the Switch Port

Chapter 8 Configuring VLAN

Chapter 9 Troubleshooting

Appendix

Appendix A System Error Message

Quick Links

Chapters

Troubleshooting

Related Manuals for Cisco WS-C2950-24

Summary of Contents for Cisco WS-C2950-24