Manual Cisco Systems ME 3400

1086 pages 29.91 mb

Download

Go to site of 1086

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086

Prev Next

Summary

Cisco Systems ME 3400 - page 1

Americas Headquarters Cisco Systems, In c. 170 West Tasman Drive San Jose, CA 951 34-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553-NETS (638 7) Fax: 408 527-0883 Cisco ME 340 0 Ethernet A ccess Sw i t c h Softwa r e Configuration Guide Cisco IOS Release 12.2(46)SE August 2008 Text Part Number: OL -9639-06 ...
Cisco Systems ME 3400 - page 2

THE SPECIFICATION S AND INFORMAT ION RE GARDIN G TH E PRODU CTS IN THIS MANU AL A RE SUBJ ECT T O CHAN GE W ITHOUT N OTICE. ALL STATEMENTS , INFORMATION, AND RECOMMENDATI ONS IN THI S MANUAL ARE BE LIEVED TO BE A CCURATE BUT ARE PRESENTED WI THOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USER S MUST TAKE FULL RESPONSI BILITY FOR THEIR APPLICAT IO ...
Cisco Systems ME 3400 - page 3

iii Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 CONTENTS Preface xxxix Audience xxxix Purpose xxxix Conventi ons xxxix Related Publication s xl Obtaining Documentation and Submitting a Serv ice Request xli CHAPTER 1 Overview 1-1 Features 1-1 Performance Feature s 1-2 Management Options 1-3 Manageability Features 1 ...
Cisco Systems ME 3400 - page 4

Contents iv Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Understanding no and default Forms of Co mmands 2-4 Understanding CLI Error Messages 2-4 Using Command History 2-4 Changing the Co mmand History Buffer Size 2-5 Recalling Commands 2-5 Disabling the Command History Feature 2-5 Using Editing Features 2-6 Enablin ...
Cisco Systems ME 3400 - page 5

Contents v Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Modifying the Startu p Con figuration 3-16 Default Boot Configuration 3-17 Automatically Downloading a Configuration File 3-17 Specifying the Filename to Read and Write the System Configuration 3-17 Booting Manually 3-18 Booting a Specific Software Image 3-1 ...
Cisco Systems ME 3400 - page 6

Contents vi Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 CHAPTER 5 Administering the Switch 5-1 Managing the System Time and Date 5-1 Understanding the Sys tem Clock 5-2 Understanding Network Time Proto col 5-2 Configuring NTP 5-4 Default NTP Configuration 5-4 Configuring NTP Authentication 5-4 Configuring NTP Assoc ...
Cisco Systems ME 3400 - page 7

Contents vii Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Disabling MAC Address Learning on a VLAN 5-27 Displaying Address Table Entrie s 5- 28 Managing the ARP Table 5- 29 CHAPTER 6 Configuring SDM Temp lat es 6-1 Understanding the SDM Te mplates 6-1 Configuring the Switch SDM Template 6-2 Default SDM Template 6- ...
Cisco Systems ME 3400 - page 8

Contents viii Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring RADIUS 7-20 Default RADIUS Configuration 7-20 Identifying the RADIUS Server Host 7- 20 Configuring RADIUS Login Authentication 7-23 Defining AAA Server Groups 7-25 Configuring RADIUS Authorization for Us er Privileged Access and Network Serv ice ...
Cisco Systems ME 3400 - page 9

Contents ix Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Using 802.1x Readiness Check 8-7 Using IEEE 802.1x with Port Security 8-7 Using IEEE 802.1x with VLAN Assignme nt 8-8 Configuring IEEE 802.1x Authentication 8-9 Default IEEE 802.1x Config uration 8-10 IEEE 802.1x Configuration Guidelines 8-11 Maximum Number ...
Cisco Systems ME 3400 - page 10

Contents x Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring Ethernet Interfaces 9-12 Default Ethernet Interface Configura tion 9-12 Configuring the Port T ype 9-14 Configuring Interface Speed and Duplex Mode 9-1 5 Speed and Duplex Configuration Guid elines 9-15 Setting the Interface Spee d and Duplex Paramet ...
Cisco Systems ME 3400 - page 11

Contents xi Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Configuring UNI-ENI VLANs 11-12 Configuration Guidelines 11-12 Configuring UNI-ENI VLANs 11-13 Displaying VLANs 11-14 Configuring VLAN Trunks 11-14 Trunking Overview 11-14 IEEE 802.1Q Configuration Considerat ion s 11-15 Default Layer 2 Ethernet Interface VL ...
Cisco Systems ME 3400 - page 12

Contents xii Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring Private VLANs 12-6 Tasks for Configuring Private VLANs 12-6 Default Private-VLAN Configuration 12-6 Private-VLAN Configuration Guidelines 12-6 Secondary and Primary VLAN Co nfiguration 12-7 Private-VLAN Port Configuration 12-8 Limitations with Oth ...
Cisco Systems ME 3400 - page 13

Contents xiii Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Spanning-Tree Interfa ce States 14-4 Blocking State 14-6 Listening State 14-6 Learning State 14-7 Forwarding State 14-7 Disabled State 14-7 How a Switch or Port Becomes the Root Switch or Root Port 14-7 Spanning Tree and Red undant Connectivity 14-8 Spanni ...
Cisco Systems ME 3400 - page 14

Contents xiv Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Hop Count 15-5 Boundary Ports 15-6 IEEE 802.1s Implementation 15-6 Port Role Naming Change 15-7 Interoperation Between Legacy and Standa rd Switche s 15-7 Detecting Unidirectional Link Failure 15-8 Interoperability with IEEE 802.1D STP 15-8 Understanding RSTP ...
Cisco Systems ME 3400 - page 15

Contents xv Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Understanding Roo t Guard 16-4 Understanding Loop Guard 16-5 Configuring Optional Sp ann ing-Tree Features 16-5 Default Optional Spanning-Tree Configuration 16-5 Optional Spanning-Tree Configuratio n Guidelines 16-6 Enabling Port Fast 16-6 Enabling BPDU Guar ...
Cisco Systems ME 3400 - page 16

Contents xvi Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring Flex Links and MAC Address-Table Mo ve Update 18-7 Default Configuration 18-7 Configuration Guidelines 18-8 Configuring Flex Links 18-8 Configuring VLAN Load Balancing on Flex Links 18-10 Configuring the MAC Address-Table Move Upda te Featu re 18 ...
Cisco Systems ME 3400 - page 17

Contents xvii Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Configuring DHCP Server Port-Based Address Allocation 19-19 Default Port-Based Address Allocation Configuration 19-19 Port-Based Address Allocati on Configuration Guidelines 19-20 Enabling DHCP Server Port-B ased Address Allocation 19-20 Displaying DHCP Se ...
Cisco Systems ME 3400 - page 18

Contents xviii Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring TCN-Related Commands 21-10 Controlling the Multicast Floodin g Tim e After a TCN Event 21-10 Recovering from Flo od Mode 21-11 Disabling Multicast Flooding Durin g a TCN Ev ent 21 -11 Configuring the IGMP Snooping Querier 21-12 Disabling IGMP Re ...
Cisco Systems ME 3400 - page 19

Contents xix Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Configuring Port Security 22-9 Understanding Port Security 22-9 Secure MAC Addresses 22-9 Security Violations 22-10 Default Port Security Configuration 22-11 Port Security Configuration Guidelines 22-11 Enabling and Configu ring Port Security 22-12 Enabling ...
Cisco Systems ME 3400 - page 20

Contents xx Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring UDLD 25-3 Default UDLD Configuration 25-4 Configuration Guidelines 25-4 Enabling UDLD Globally 25-5 Enabling UDLD on an Interface 25 -5 Resetting an Interface Disabled by UDLD 25-6 Displaying UDLD Status 25-6 CHAPTER 26 Configuring SPAN and RSPAN 2 ...
Cisco Systems ME 3400 - page 21

Contents xxi Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 CHAPTER 27 Configuring RMON 27-1 Understanding RMON 27 -1 Configuring RMON 27-2 Default RMON Configuration 27-3 Configuring RMON Alarms and Events 27-3 Collecting Group History Statistics on an Interfac e 27-5 Collecting Group Ethernet Statistics on an Inte ...
Cisco Systems ME 3400 - page 22

Contents xxii Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring SNMP 29-6 Default SNMP Configuration 29-7 SNMP Configuration Guidelines 29-7 Disabling the SNMP Agent 29-8 Configuring Community Strings 29-8 Configuring SNMP Groups and Users 29-10 Configuring SNMP Notifications 29-12 Setting the Agent Contact a ...
Cisco Systems ME 3400 - page 23

Contents xxiii Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Creating Named Standard and Extended ACL s 31 -14 Using Time Ranges with ACLs 31-16 Including Comments in ACLs 31 -18 Applying an IPv4 ACL to a Terminal Line 31-18 Applying an IPv4 ACL to an Interface 31-19 Hardware and Software Treatment of IP ACLs 31-20 ...
Cisco Systems ME 3400 - page 24

Contents xxiv Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 CHAPTER 33 Configuring QoS 33-1 Understanding Qo S 33 -1 Modular QoS CLI 33-3 Input and Output Policies 33-4 Input Policy Maps 33-4 Output Policy Maps 33-5 Classification 33-5 Class Maps 33-6 The match Command 33 -7 Classification Based on Layer 2 CoS 33 -7 ...
Cisco Systems ME 3400 - page 25

Contents xxv Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Configuring Input Policy Maps 33-38 Configuring Input Policy Maps with In dividual Policing 33-39 Configuring Input Policy Maps with Aggreg ate Policing 33-43 Configuring Input Poli cy Maps with Marking 33-45 Configuring Per-Port Per-VLAN QoS with Hierarchi ...
Cisco Systems ME 3400 - page 26

Contents xxvi Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring Layer 3 EtherChannels 34-14 Creating Port-Channel Logical Interfaces 34-1 4 Configuring the Physical Interfaces 34-15 Configuring EtherChannel Lo ad Balancing 34-17 Configuring the PAgP Learn Method and Priority 34-18 Configuring LACP Hot-Standby ...
Cisco Systems ME 3400 - page 27

Contents xxvii Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Enabling IPv4 Unicast Routing 35-18 Configuring RIP 35-19 Default RIP Configuration 35-19 Configuring Basic RIP Parameters 35-20 Configuring RIP Authentication 35-21 Configuring Summary Addresses and Split Horizon 35-22 Configuring Split Horizon 35-23 Con ...
Cisco Systems ME 3400 - page 28

Contents xxviii Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring Aggregate Addresses 35-60 Configuring Routing Do main Confederations 35-61 Configuring BGP Route Reflectors 35-61 Configuring Route Dampening 35-62 Monitoring and Maintaining BGP 35-63 Configuring ISO CLNS Routing 35-64 Configuring IS-IS Dynami ...
Cisco Systems ME 3400 - page 29

Contents xxix Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Configuring Policy-Based Routin g 35-96 PBR Configuration Guidelines 35-96 Enabling PBR 35-97 Filterin g Ro ut ing Informati on 35-99 Setting Pas si v e In ter faces 35-99 Controlling Ad vertising and P roc e ssing in Routin g Up da tes 35-100 Filtering So ...
Cisco Systems ME 3400 - page 30

Contents xxx Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 CHAPTER 38 Configuring Enhan ce d Obje ct Trac king 38-1 Understanding E nhanced Object Tra cking 38-1 Configuring Enhanced Object Trackin g Features 38-2 Default Configuration 38-2 Tracking Interface Line-Protoc ol or IP Rou ting State 38-2 Configuring a Tra ...
Cisco Systems ME 3400 - page 31

Contents xxxi Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Setting Up and Configuring Ethe rnet OAM 39-16 Default Ethernet OAM Configuration 39-16 Ethernet OAM Configuration Guidelines 39-1 6 Enabling Ethernet OAM on an Interface 39-16 Enabling Ethernet OAM Remote Loop back 39-17 Configuring Ethernet OAM Link Moni ...
Cisco Systems ME 3400 - page 32

Contents xxxii Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Configuring IP Multicast Routing 40-8 Default Multicast Routing Configuration 40-8 Multicast Routing Configuratio n Guidelines 40-9 PIMv1 and PIMv2 Interope rability 40-9 Auto-RP and BSR Configuration Guidelines 40-10 Configuring Basic Multicast Routing 40- ...
Cisco Systems ME 3400 - page 33

Contents xxxiii Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Changing the IGMP Qu ery Timeout for IGMPv2 40-41 Changing the Max imum Query Response Time for IGMPv2 40-41 Configuring the Switch as a Statically Connected Me mber 40-42 Configuring Optional Mult icast Routing Features 40-43 Configuring sdr Listener Su ...
Cisco Systems ME 3400 - page 34

Contents xxxiv Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 CHAPTER 42 Troubleshooting 42-1 Recovering fro m Corrupted Software By Using the Xmodem Protocol 42-2 Recovering from a Lost or Forgo tten Password 42-3 Procedure with Password Recovery Enabled 42-5 Procedure with Password Recovery Disabled 42-6 Preventing ...
Cisco Systems ME 3400 - page 35

Contents xxxv Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 APPENDIX B Working with the Cisco IOS File System, Configuration Fi les, and Software Images B-1 Working with the Flash File System B-1 Displaying Available File Systems B-2 Setting the De fault File System B-3 Displaying Information about Files on a File ...
Cisco Systems ME 3400 - page 36

Contents xxxvi Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Working with Software Images B-22 Image Location on th e Switch B-23 tar File Format of Images on a Server or Cisco.com B-23 Copying Image Files By Using TFTP B-24 Preparing to Download or Upload an Image File By Using TFTP B-25 Downloading an Image File By ...
Cisco Systems ME 3400 - page 37

Contents xxxvii Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 IEEE 802.1x C-3 Unsupported Global Configuratio n Command C-3 Unsupported Interface Configuration Commands C-3 Unsupported Privileged EXEC Comma nds C-4 Unsupported Global Configuratio n Command C-4 Unsupported Interface Configuration Commands C-4 IGMP S ...
Cisco Systems ME 3400 - page 38

Contents xxxviii Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 QoS C-11 Unsupported Global Configura tion Command C-11 Unsupported Interface Configuration Command C-11 Unsupported policy-map Class Police Co nfiguration Mode Command C-11 RADIUS C-11 Unsupported Global Configura tion Commands C-11 SNMP C-12 Unsupported ...
Cisco Systems ME 3400 - page 39

xxxix Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 Preface Audience This guide is for the n etworking profession al managing the Cisco Metro Et hernet (ME) 3400 Series Ethernet Access switch, here after referred to as the switch . W e assume that you are f amiliar with the concepts and terminolog y of Ethernet and ...
Cisco Systems ME 3400 - page 40

xl Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Preface • Braces and vertical bars within square brackets ([ { | }]) mean a required choice with in an optional element. Interactiv e examples use these con ventions: • T erminal sessions and system displays are in screen font. • Information you enter is in bold ...
Cisco Systems ME 3400 - page 41

xli Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Preface http://www .cisco.co m/en/US/products/hw/modu les/ps5455/products_de vice_support_t ables_list.html – Cisco Gigabit Ethernet T ransceiver Mo dules Compatibility Matri x – Cisco 100-Me gabit Et hernet SFP Modules Compatibility Matri x – Cisco Small F or ...
Cisco Systems ME 3400 - page 42

xlii Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Preface ...
Cisco Systems ME 3400 - page 43

CH A P T E R 1-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 1 Overview This chapte r provid es these topi cs about the Cis co Metro Ethernet (ME) 3400 Ser ies Ethernet Access switch software: • Features, page 1-1 • Default Setti ngs After Initial Switch Conf iguration, page 1-10 • Network Co nfigu ration Exa ...
Cisco Systems ME 3400 - page 44

1-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Features be conf igured to support pr otocol control pack ets for Cisco Disco very Pro tocol (CDP), Spanning-T ree Protocol (STP), Link Layer Disco very Protocol ( LLDP), and EtherChannel Link Aggre gation Contr ol Protocol (LA CP) or Port Aggregat ...
Cisco Systems ME 3400 - page 45

1-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overview Features • IGMP report supp ression for sending only o ne IG MP report per multicast router quer y to the multicast de vices (supported on ly for IGMPv1 or IGMPv2 queries) • IGMP snooping quer ier support to conf igure swit ch to generate perio ...
Cisco Systems ME 3400 - page 46

1-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Features • DHCP server for automatic assi gnment of IP addresses and ot her DHCP options to IP hosts • DHCP-based autoconf iguration and image up date to dow nload a specifi ed configurati on a new image to a larg e nu mber of switches • DHCP ...
Cisco Systems ME 3400 - page 47

1-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overview Features Availability Features • UniDirectional Link Detection (UDLD) and ag gressiv e UDLD for detecting and disabling unidirectional links on fib er-optic i nterfaces caused b y incorrect f iber- optic wiring or port f aults • IEEE 802.1D Span ...
Cisco Systems ME 3400 - page 48

1-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Features VLAN Features • Support for up to 1005 VLANs for assigning users to VLANs a ssociated with appropriate network resources, traf f ic patterns, and bandwi dth • Support for VLAN IDs in t he full 1 to 4094 range allo wed b y the IEEE 802. ...
Cisco Systems ME 3400 - page 49

1-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overview Features Switch Security Note The Kerberos f eature listed in this section is only av ailable on the cryptographic v ersions of the switch software. • Password-protected access (read-only and read-wr ite access) to management interf aces for prote ...
Cisco Systems ME 3400 - page 50

1-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Features – IEEE 802.1x accounting to track network usage – IEEE 802.1x readiness check to determine the readiness of connected end hosts before configuring IEEE 802.1x on the s witch Quality of Service and Class of Service Features • Config u ...
Cisco Systems ME 3400 - page 51

1-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overview Features Layer 3 Features Layer 3 features are only a v ailable when the switch is running the metro IP access image. • HSRP V ersion 1 (HSRPv1) and HSRP V ersion 2 (HSRPv2) for Layer 3 router redundanc y • IP routing protoco ls for load balanci ...
Cisco Systems ME 3400 - page 52

1-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Default Settings After In itial Switch Configuration • Switched Port Analy zer (SP AN) and Remote SP AN (RSP AN) for traff ic monit oring on an y port or VLAN • SP AN and RSP AN support of In trusion Detection Sy st ems (IDS) to monitor , repe ...
Cisco Systems ME 3400 - page 53

1-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overview Default Settings After In itial Switch Configuration Ta b l e 1 -1 Def ault Settings Aft er Initia l Switc h Configuration Feature Default Setting More information in... Switch IP address, subnet mask, and default g atew ay 0.0.0.0 Chapter 3, “ A ...
Cisco Systems ME 3400 - page 54

1-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Default Settings After In itial Switch Configuration T unneling • 802.1Q tunnel ing (req uires metro IP access or metro access image) Disabled Chapter 13, “Configuring IEEE 802.1Q and Layer 2 Protocol T unneling” • Layer 2 protocol t unnel ...
Cisco Systems ME 3400 - page 55

1-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overview Network Configuration Examp le s Network Configuration Examples This section pro vides network con figurati on concepts and includes e xamples of using the switch to create dedicated net w ork se gments and i nterconnect in g t he se g ments thro u ...
Cisco Systems ME 3400 - page 56

1-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Network Config u ration Examples • “Layer 2 VPN Applicat ion” section on page 1-15 • “Multi-VRF CE Application” section on page 1-16 Multidwelling or Ethernet-to-the-Subscriber Network Metro Ethernet provides the access technology for ...
Cisco Systems ME 3400 - page 57

1-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overview Network Configuration Examp le s Figur e 1 -1 Cisco ME S witc hes in a Multidw elling Con figuration Layer 2 VPN Application Enterprise customers n eed not only high b andwidth, b u t also the ability to exte nd their priv ate network across the se ...
Cisco Systems ME 3400 - page 58

1-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Network Config u ration Examples See Chapter 13, “Configuring IEEE 802.1Q an d Layer 2 Protocol T unneling, ” for more information on configuring these features. Figur e 1 -2 Layer 2 VPN Configur ation Multi-VRF CE Application A VPN is a colle ...
Cisco Systems ME 3400 - page 59

1-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overview Where to Go Next • Provider routers or core routers are any routers in the service provider network t hat do not attach to CE de vices. W ith multi-V RF CE, multiple customers can sh are one CE, and only one physical l ink is used between the CE ...
Cisco Systems ME 3400 - page 60

1-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 1 Overvi ew Where to Go Ne xt ...
Cisco Systems ME 3400 - page 61

CH A P T E R 2-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 2 Using the Command-Line Interface This chapter describes th e Cisco IOS command-line in terface (CLI) and ho w to use it t o conf igure you r Cisco ME 3400 Ethernet Access switc h. It contains thes e sections: • Understanding Command Modes, page 2-1 ? ...
Cisco Systems ME 3400 - page 62

2-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using the Comman d-Line Interface Understanding Command Modes For more detailed information on the co mmand mod es, see the command reference guide for this release. Ta b l e 2-1 Command Mode Summary Mode Access Method Prompt Exit Method About This Mode User ...
Cisco Systems ME 3400 - page 63

2-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using th e Co mmand-Line Interface Understanding the Help Syste m Understanding the Help System Y ou can enter a ques tion mark (?) at the system pro mpt to display a li st of commands a v ai lable for each command mo de . Y o u can also ob ta in a list of a ...
Cisco Systems ME 3400 - page 64

2-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using the Comman d-Line Interface Understanding no an d default Forms of Command s Understanding no and default Forms of Commands Almost e very configurati on command also has a no form. In general, use the no form to disable a feature or function or re v er ...
Cisco Systems ME 3400 - page 65

2-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using th e Co mmand-Line Interface Using Comman d History Changing the Command History Buffer Size By default, th e switch records ten command lines in its history b uffer . Y ou can alter this numb er for a current terminal session or for all sessions on a ...
Cisco Systems ME 3400 - page 66

2-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using the Comman d-Line Interface Using Editing Features Using Editing Features This section descri bes the editing features that can help you manipu late the command line. It contai ns these sections: • Enabling and Disabling Edit ing Features, page 2-6 ( ...
Cisco Systems ME 3400 - page 67

2-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using th e Co mmand-Line Interface Using Editing Features Press Esc Y . Recall the next b uf fer entry . The buf fer contains only the last 10 items that you ha v e deleted or cut. If you press Esc Y more than ten times, you cycle to the f irst buf fer entry ...
Cisco Systems ME 3400 - page 68

2-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using the Comman d-Line Interface Searching and Filteri ng Output of show and more Commands Editing Command Lines that Wrap Y ou can use a wraparound featu re for commands that e xtend beyo nd a single line on the screen. When the cursor reaches the right ma ...
Cisco Systems ME 3400 - page 69

2-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using th e Co mmand-Line Interface Accessing the CLI Accessing the CLI Y ou can access the CLI through a co nsole connection, through T elnet , or by using the browser . Accessing the CLI through a Console Connection or through Telnet Before you can access t ...
Cisco Systems ME 3400 - page 70

2-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 2 Using the Comman d-Line Interface Accessing the CLI ...
Cisco Systems ME 3400 - page 71

CH A P T E R 3-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 3 Assigning the Switch IP Address and Default Gateway This chapter describes ho w to create the initial switch configur ation (for example, assigning the switch IP address and defa ult gate way info rmation) for the Cisco Metro Ethernet (ME) 3400 Ethernet ...
Cisco Systems ME 3400 - page 72

3-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information • Initializes the flash f ile sy stem on the system board. • Loads a default op erating system softwa re image into memory and boots the switch. The boot loader provides ac ...
Cisco Systems ME 3400 - page 73

3-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information These sections contain this configu ration informatio n: • Default Swi tch Information, page 3-3 • Understanding DHCP-Based Autoconf iguration, page 3-3 • Manually Assi g ...
Cisco Systems ME 3400 - page 74

3-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Figure 3-1 sho ws the sequence of messages that are ex changed between the DHCP clie nt and the DHCP server . Figur e 3-1 DHCP Client and Server Messag e Exc hange The client, ...
Cisco Systems ME 3400 - page 75

3-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information DHCP Autoconfiguration DHCP autoconf iguration do wnloads a conf iguration file to on e or more switches in your netw ork from a DHCP server . The downloaded conf iguration f i ...
Cisco Systems ME 3400 - page 76

3-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Configuring DHCP-Based Autoconfiguration These sections contain this configu ration informatio n: • DHCP Server Configur ation Guidelines, page 3-6 • Config uring the TFTP ...
Cisco Systems ME 3400 - page 77

3-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information If you did not specify the co nfigu ratio n file name, th e TFTP server , or if the configuration f ile could not be do wnloaded, the switch attempts t o down load a confi gura ...
Cisco Systems ME 3400 - page 78

3-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Note If the switch is acting as the relay de vice, conf igure t h e interface as a routed po rt. F or more information, see the “Routed Ports” section on page 9-5 and the ? ...
Cisco Systems ME 3400 - page 79

3-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information After obtaining its host name from the defaul t confi gur ation f ile or the DHCP reply , the switch reads the conf iguration f ile that has th e same name as its host name ( h ...
Cisco Systems ME 3400 - page 80

3-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information DNS Server Conf iguration The DNS server maps the TFTP serv er name tftpserver to IP address 10.0.0.3. TFTP Server Conf iguration (on UNIX) The TFTP server base direct ory is ...
Cisco Systems ME 3400 - page 81

3-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Configuring DHCP Autoconfiguratio n (Only Configuration File) Beginni ng in pri vileged EXEC mode, follow these steps to conf igure DHCP autoconf iguration of the TFTP and DHC ...
Cisco Systems ME 3400 - page 82

3-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Configuring DHCP Auto-Image Updat e (Configuration File and Image) Beginni ng in pri vileged EXEC mode, foll ow th ese steps to conf igure DHCP autoconf iguration to confi gur ...
Cisco Systems ME 3400 - page 83

3-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Assigning Switch Information Switch(dhcp-config)# exit Switch(config)# tftp-server flash:config-boot.text Switch(config)# tftp-server flash:me 340 x- met ro bas e-mz.122-44.3.SE.tar Switch(config)# tftp-s ...
Cisco Systems ME 3400 - page 84

3-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Checking and Saving the Running Configuration Note Y ou should only configure and enable the Layer 3 inte rface. Do not assign an IP address or DHCP-based autoconf iguration with a sa ved co nfigu ration. ...
Cisco Systems ME 3400 - page 85

3-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Checking and Saving the Running Configuration ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 3400-3 ! enable password ...
Cisco Systems ME 3400 - page 86

3-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Modifying the Star tup Configuration port-type nni ! interface GigabitEthernet0/2 port-type nni ! interface Vlan1 no ip address no ip route-cache no ip mroute-cache shutdown ! interface Vlan10 ip address ...
Cisco Systems ME 3400 - page 87

3-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Modifying the Startup Configuration • Controlling En vironment V ariables, page 3-19 See also Appendix B, “W orking wit h the Cisco IOS File System, Conf iguration Files, and So ftware Images, ” for ...
Cisco Systems ME 3400 - page 88

3-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Modifying the Star tup Configuration T o return to the d efault setting, us e the no boot conf ig-file global confi guration command. Booting Manually By default, th e switch automatically boots; ho wever ...
Cisco Systems ME 3400 - page 89

3-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Modifying the Startup Configuration Beginning in pri vile ged EXEC mode, f ollo w these step s to conf igure the switch to boot a specif ic image during the next boot cycle: T o return to the def ault set ...
Cisco Systems ME 3400 - page 90

3-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Modifying the Star tup Configuration Each line in these f iles contains an en vironment va riable name and an equal sign foll owed by the v alue of the v ariable. A v ariable has no v alue if it is not li ...
Cisco Systems ME 3400 - page 91

3-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Scheduling a Relo ad of the Software Image Scheduling a Reload of the Software Image Y ou can schedule a reload of t he softw are image to oc cu r o n the sw itch at a late r time (for e xampl e, late at ...
Cisco Systems ME 3400 - page 92

3-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 3 Assigning the Sw itch IP Address and Default Gateway Scheduling a Reload of the Software Image This exampl e shows ho w to reload t he software on the switch at a future time: Switch# reload at 02:00 jun 20 Reload scheduled for 02:00:00 UTC Thu Jun 20 1996 ...
Cisco Systems ME 3400 - page 93

CH A P T E R 4-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 4 Configuring Cisco IOS CNS Agents This chapter describe s how to configure the Cisco IOS CNS agents o n the Cisco ME 3400 switch. Note For complet e conf i guratio n informa tio n for the Cisco Con f iguration Engi ne, see this URL o n Cisco.com http://w ...
Cisco Systems ME 3400 - page 94

4-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configurin g Cisco IOS CNS Agents Understanding Cisco Configuration Engine Software Figur e 4-1 Config uration En gine Arc hitect ural Overview These sections contain this conceptual information: • Config uration Service, page 4-2 • Event Service, page 4 ...
Cisco Systems ME 3400 - page 95

4-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configuring Cisco IOS CNS Agents Understanding Cisco Co nfig uration Engine Software Event Service The Cisco Config uration Engine uses the Ev ent Service for receipt and generation o f configurati on e vents. The e v ent agent is on the switch and faci lita ...
Cisco Systems ME 3400 - page 96

4-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configurin g Cisco IOS CNS Agents Understanding Cisco Configuration Engine Software DeviceID Each confi gured switch participati ng on the e v en t b us has a uniqu e De vi ceID, which is analog ous to the switch source address so that the sw itch can be tar ...
Cisco Systems ME 3400 - page 97

4-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configuring Cisco IOS CNS Agents Understanding Cisco IOS Agents Understanding Cisco IOS Agents The CNS ev ent agent feature allo ws the switch to publish and subscrib e to e ven ts on the e vent b us and works with the Cisco IOS ag ent. The Cisco IOS agent f ...
Cisco Systems ME 3400 - page 98

4-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configurin g Cisco IOS CNS Agents Configuring Cisco IO S Agents Incremental (Partial) Configuration After the networ k is running, ne w services can be added b y using the Cisco IOS agent. Incr emental (partial) conf igurations can be sent to the switch. The ...
Cisco Systems ME 3400 - page 99

4-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents Note For more informati on about running the set up program and creating templ ates on the Conf iguration Engine, see the Cisco Configur ation Engine Installa tion and Setup Guide , 1.5 for Linux ...
Cisco Systems ME 3400 - page 100

4-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configurin g Cisco IOS CNS Agents Configuring Cisco IO S Agents Beginni ng in pri vileged EXEC mode, follow these steps to enable the CNS e vent agent on the switch: T o disable the CNS ev ent agent, use the no cns e vent { ip-addr ess | hostname } global co ...
Cisco Systems ME 3400 - page 101

4-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents • The cns config initial global conf iguration command enables the Cisco I OS agent and initiates an initial conf iguration on the swit ch. • The cns confi g partial global co nfiguration comm ...
Cisco Systems ME 3400 - page 102

4-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configurin g Cisco IOS CNS Agents Configuring Cisco IO S Agents Step 7 d iscover { contr oller contr oller-type | dlci [ subinterface subinterfa ce-number ] | interface [ interface-type ] | line line-type } Specify the interface parame ters in the CNS conne ...
Cisco Systems ME 3400 - page 103

4-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents Step 13 cns id interface num { dns-reverse | ipad dress | mac-addr ess } [ event ] [ image ] or cns id { hardwar e-serial | hostname | string string | udi } [ event ] [ image ] (Optional) Set the ...
Cisco Systems ME 3400 - page 104

4-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configurin g Cisco IOS CNS Agents Configuring Cisco IO S Agents T o disable the CNS Cisco IOS agent, use the no cns config initial { ip-addr ess | hostnam e } global confi guration command. This exampl e show s how to co nfigure an initial conf iguration on ...
Cisco Systems ME 3400 - page 105

4-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configuring Cisco IOS CNS Agents Configuring Cisco IOS Agents This exampl e show s how to co nfigure an initial conf iguration on a remote swi tch when the switch IP address is kno wn. The Conf iguratio n Engine IP address is 172.28. 129.22. Switch(config)# ...
Cisco Systems ME 3400 - page 106

4-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configurin g Cisco IOS CNS Agents Configuring Cisco IO S Agents Upgrading Devices with Cisco IOS Image Agent Administrators maintaini ng lar ge networks o f Ci sco IOS de vices need an automated mechanism to load image f iles onto lar ge nu mbers of remote ...
Cisco Systems ME 3400 - page 107

4-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configuring Cisco IOS CNS Agents Displaying CNS Configuration Note This example sh ows ho w to upgrade a sw itch from a server wi th the address of 172.20.249.20: Switch(config)> configure terminal Switch(config)# ip host cns-dsbu.cisco.com 172.20.249.20 ...
Cisco Systems ME 3400 - page 108

4-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 4 Configurin g Cisco IOS CNS Agents Displaying CNS Configuration ...
Cisco Systems ME 3400 - page 109

CH A P T E R 5-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 5 Administering the Switch This chapter describes ho w to perform one-time operations to admi nister the Cisco ME 3400 Ethernet Access switch. This chapter consists of these sections: • Managing the System T ime and Date, page 5-1 • Config uring a Sys ...
Cisco Systems ME 3400 - page 110

5-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the System Time and Date Understanding the System Clock The heart of the time service is th e system clock. This clock runs fro m the moment the system st arts up and keeps track of the date and time. The system clock can t ...
Cisco Systems ME 3400 - page 111

5-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the System Time and Date Cisco’ s implement ation of NTP does not support st ratum 1 service; it is not possible to connect to a radio or atomic clock. W e recommend that the time service for your netw ork be deri ve d fro ...
Cisco Systems ME 3400 - page 112

5-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the System Time and Date Configuring NTP The switch does not ha ve a h ardware-supported cloc k and cannot function as a n NTP master cloc k to which peers synchronize themselv es when an e xternal NTP source is not av aila ...
Cisco Systems ME 3400 - page 113

5-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the System Time and Date T o disable NTP authentication, use the no ntp authenticate global configur at ion command. T o remove an authentication key , us e th e no ntp authentication-key number global conf iguration co mman ...
Cisco Systems ME 3400 - page 114

5-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the System Time and Date Beginni ng in privile ged EXEC mode, follo w these steps to form an NTP association with another de vice: Y ou need to conf igure only o ne end of an associat ion; the other de vice can automaticall ...
Cisco Systems ME 3400 - page 115

5-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the System Time and Date The switch can send or receiv e NTP broadcast packets on an interface-by-interf a ce basis if there is an NTP broadcast server , such as a router , broadcasting time informatio n on the network. The ...
Cisco Systems ME 3400 - page 116

5-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the System Time and Date T o disable an interface from receiv ing NTP broadcast packets, use the no ntp br oadcast client interface confi guration command. T o change the estimated round-trip delay to th e default, use the ...
Cisco Systems ME 3400 - page 117

5-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the System Time and Date The access group keyw ords are scanned in this orde r, fro m least restricti ve to most restricti ve: 1. peer —Allows time req uests and NTP control queries and allo ws the switch t o synchronize i ...
Cisco Systems ME 3400 - page 118

5-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the System Time and Date Disabling NTP Services on a Spe cific Interf ace NTP services are enabled on all interfaces by default. Be g in n i n g i n p r ivi l e g e d E X E C m o d e , f o l l ow t h e s e s t e p s t o d ...
Cisco Systems ME 3400 - page 119

5-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the System Time and Date Displaying the NTP Configuration Y ou can use two privile ged EXEC co mmands to display N TP informa tion: • show ntp associations [ detail ] • show ntp status For detailed in formati on about t ...
Cisco Systems ME 3400 - page 120

5-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the System Time and Date Displaying the Time and Date Configuration T o display the time and date configurati on, use the show clock [ detail ] pri vileged EXEC command. The system clock keeps an authoritative flag that sh ...
Cisco Systems ME 3400 - page 121

5-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the System Time and Date Configuring Summer Time (Daylight Saving Time) Beginni ng in pri vileged EXEC mode, follo w these steps to conf igure summer time (daylight sa ving time) in areas where it starts and ends on a parti ...
Cisco Systems ME 3400 - page 122

5-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Configuring a System N ame and Prompt Beginni ng in pri vileged EXEC mode, follow these steps if summer time in your area does not follo w a recurring pattern (conf igure the e xact date and time of the next summer tim e ev ents): ...
Cisco Systems ME 3400 - page 123

5-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Configuring a System Name and Prompt These sections contain this configu ration informatio n: • Default Syst em Name and Prompt Conf iguration, page 5-15 • Config uring a System Name, page 5-15 • Understanding DNS, page 5- 15 ...
Cisco Systems ME 3400 - page 124

5-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Configuring a System N ame and Prompt These sections contain this configu ration informatio n: • Default DNS Co nfigur ation, page 5-16 • Setting Up DNS, pa ge 5-16 • Displaying the DNS Conf iguration, pa ge 5-17 Default DNS ...
Cisco Systems ME 3400 - page 125

5-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Creating a Banner If you use the switch IP address as its hostname, th e IP address is used and no DNS query occurs. If you confi gure a hostname that contains no periods (.), a period follo wed b y the default domain name is append ...
Cisco Systems ME 3400 - page 126

5-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Creating a Banne r Configuring a Message-of-the-Day Login Banner Y ou can create a single or multiline message banner th at appears on the screen when someone logs in to the switch. Beginni ng in pri vileged EXEC mode, foll ow th e ...
Cisco Systems ME 3400 - page 127

5-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Suppressing the Power-Supply Alar m on an ME 3400G-12CS Switch Configuring a Login Banner Y ou can co nfigure a login banner t o be di spla yed on all connected te rminals. This banner appears after the MO TD banner and befor e the ...
Cisco Systems ME 3400 - page 128

5-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the MAC Addr ess Table Beginni ng in pri vile ged EXEC mode, follo w these step s to suppress alarms on the second po wer supply . This procedure is optional. Enter the power -supply dual global conf iguration command to r ...
Cisco Systems ME 3400 - page 129

5-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the MA C Address Table Building the Address Table W ith multipl e MA C addresses supported on all port s, you can connect an y port on the switch to indi vidual wo rkstations, repeater s, switches, router s, or other networ ...
Cisco Systems ME 3400 - page 130

5-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the MAC Addr ess Table Default MAC Address Table Configuration Ta b l e 5-3 sho ws the default MA C address table configu ration. Changing the Address Aging Time Dynamic addresses are source MAC addresses that the switch l ...
Cisco Systems ME 3400 - page 131

5-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the MA C Address Table Removing Dynamic Address Entries T o remov e all dynamic entries, use the clear mac addr ess-table dynamic command in privile ged EXEC mode. Y ou can also remove a specif ic MA C address ( clear mac a ...
Cisco Systems ME 3400 - page 132

5-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the MAC Addr ess Table T o disable the switch fro m sending MA C address notif ication traps, use the no snmp-serv er enable traps mac-notif ication glob al configurati on command. T o disa ble the MA C address notificatio ...
Cisco Systems ME 3400 - page 133

5-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the MA C Address Table Adding and Removing Static Address Entries A static address has these characteristics: • It is manually entered in the addr e ss table and must be manually remo ved. • It can be a unicast or multi ...
Cisco Systems ME 3400 - page 134

5-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the MAC Addr ess Table This exampl e show s how to add the static address c2f3.22 0a.12f4 to the MA C address table. When a packet is receiv ed in VLAN 4 with this MAC address as its destination address, the packet is forw ...
Cisco Systems ME 3400 - page 135

5-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the MA C Address Table T o disable unicast MA C address filtering, u se the no mac address-table static mac-addr vlan vlan-id global conf iguratio n command. This exampl e show s how to enable unicast MA C address filter in ...
Cisco Systems ME 3400 - page 136

5-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the MAC Addr ess Table Beginni ng in pri vileged EXEC mode, follo w these steps to di sable MA C address learning on a VLAN: T o reenab le MA C addre ss learning on a VLAN, use the default mac addr ess-table l earning vlan ...
Cisco Systems ME 3400 - page 137

5-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administering the Switch Managing the ARP Table Managing the ARP Table T o communicate with a de vice (over Ethernet, for e x am ple), the softw are first must learn the 48-bi t MA C address or the local data link addr e ss of that de vice. The process of l ...
Cisco Systems ME 3400 - page 138

5-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 5 Administerin g the Switch Managing the ARP Table ...
Cisco Systems ME 3400 - page 139

CH A P T E R 6-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 6 Configuring SDM Templates This chapter descri bes how to configure the Switch Da tabase Mana gement (SDM) templ ates on the Cisco ME 3400 Ethernet Access switch. SDM t emplate configuration is supported only when the swi tch is running the metr o IP acc ...
Cisco Systems ME 3400 - page 140

6-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 6 Config uring SDM Templates Configuring the Switch SDM Template Ta b l e 6-1 shows the approximate number of each resource s upported in e ach of the two template s for a switch running the metro IP access image . The v alues in the template are based on eigh ...
Cisco Systems ME 3400 - page 141

6-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 6 Configuring SDM Temp lates Configuring the Switch SDM Template • Do not use the def ault template if y ou do not ha v e routing enabl ed on your switch. The sdm pr efer default global conf iguration command pre vents other features from using the memory al ...
Cisco Systems ME 3400 - page 142

6-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 6 Config uring SDM Templates Displaying the SDM Templates This exampl e show s how to co nfigure a switch with the layer -2 template. Switch(config)# sdm prefer layer-2 Switch(config)# end Switch# reload Proceed with reload? [confirm] Displaying the SDM Templa ...
Cisco Systems ME 3400 - page 143

CH A P T E R 7-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 7 Configuring Switch-Based Authentication This chapter describe s how to configure switch-ba sed authentication on th e Cisco ME 3400 switch. This chapter consists of these sections: • Pre venting Unauthorized A ccess to Y our Switch, page 7-1 • Prote ...
Cisco Systems ME 3400 - page 144

7-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Protecting Ac ce ss to Pr ivileged EXEC Commands • If you want to use userna me and pas sword pairs, but you want to store them ce ntrally on a s erver instead of locally , you ca n store them in a database on a se ...
Cisco Systems ME 3400 - page 145

7-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Protecting Access to Privi leged EXEC Comman ds Setting or Changing a Static Enable Password The enable password controls acces s to the pri vileged EX EC mode. Beginni ng in pri vileg ed EXEC mode, follo w these step ...
Cisco Systems ME 3400 - page 146

7-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Protecting Ac ce ss to Pr ivileged EXEC Commands Beginni ng in pri vileged EXEC mode, foll ow th ese steps to conf igure encryption for enable and en able secret passwords: If both the enable and enable secret passwo ...
Cisco Systems ME 3400 - page 147

7-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Protecting Access to Privi leged EXEC Comman ds This example sho ws how to conf igure the encrypted password $1$F aD0$Xyti5Rkls3LoyxzS8 for pri vilege le vel 2: Switch(config)# enable secret level 2 5 $1$FaD0$Xyti5Rkl ...
Cisco Systems ME 3400 - page 148

7-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Protecting Ac ce ss to Pr ivileged EXEC Commands Setting a Telnet Password for a Terminal Line When you po wer -up your switch for the f irst time, an aut omatic setup program runs t o assign IP information and to cr ...
Cisco Systems ME 3400 - page 149

7-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Protecting Access to Privi leged EXEC Comman ds Beginning in priv ileged EXEC mode, foll ow these st eps to est ablish a username- based authentication system that requ ests a logi n username and a pass word: T o disa ...
Cisco Systems ME 3400 - page 150

7-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Protecting Ac ce ss to Pr ivileged EXEC Commands Setting the Privilege Level for a Command Beginni ng in priv ileged EXEC mode, follo w these steps to set the pri vilege le vel for a command mode: When you set a comm ...
Cisco Systems ME 3400 - page 151

7-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with TACAC S+ Changing the Default Privilege Level for Lines Beginni ng in pri vileged EXEC mod e, follow these steps to change the defa ult pri vilege le v el for a line: Users can override ...
Cisco Systems ME 3400 - page 152

7-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with TACACS+ Note For complete syntax and usage information for the co mmands used in this section, see the Cisco IOS Security Command Refer ence, Release 12.2 . These sections contain this ...
Cisco Systems ME 3400 - page 153

7-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with TACAC S+ Figur e 7 -1 T ypical T ACA CS+ Networ k Configuration T A CA CS+, administered through the AAA securi ty services, can provide these services: • Authentication—Pro vides c ...
Cisco Systems ME 3400 - page 154

7-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with TACACS+ TACACS+ Operation When a user attempts a simple ASCII login b y authenticating to a switch using T ACA CS+, this process occurs: 1. When the connection is established, the swit ...
Cisco Systems ME 3400 - page 155

7-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with TACAC S+ For informatio n about the command, see this URL: http://www .cisco .com/en/US/products/sw/i osswrel/ps1831/product s_comma nd_reference_ chap ter0918 6a00800ca6d8.html #wp1019 ...
Cisco Systems ME 3400 - page 156

7-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with TACACS+ Beginni ng in pri vileged EXEC mode, follow these steps to identify the I P host or host maintaining T ACA CS+ server and optionally set the encryption key: T o remov e the spe ...
Cisco Systems ME 3400 - page 157

7-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with TACAC S+ authenticate users; if that method fai ls to respond, the software selects the next authenti cation method in the method list. Thi s process continues until th ere is successfu ...
Cisco Systems ME 3400 - page 158

7-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with TACACS+ T o disable AAA, use the no aaa new-model glo bal configurat ion command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } metho d1 ...
Cisco Systems ME 3400 - page 159

7-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o disable authorization, use the no aaa au thorization { network | exec } method1 global co nfiguration command. Starting TACACS+ Accounting The AAA accounting feature tracks t ...
Cisco Systems ME 3400 - page 160

7-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with RADIUS These sections contain this configu ration informatio n: • Understanding RADIUS, page 7-18 • RADIUS Operation, page 7-19 • Config uring RADIUS, page 7-2 0 • Displaying t ...
Cisco Systems ME 3400 - page 161

7-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS Figur e 7 -2 T rans itioning fr om R ADIUS t o T A CACS+ Services RADIUS Operation When a user attempts to log in and auth enticate to a switch that is access controlle d by a RA ...
Cisco Systems ME 3400 - page 162

7-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with RADIUS Configuring RADIUS This section descri bes ho w to conf igure your switch to suppor t RADIUS. At a minimum, y ou must identify the host or hosts that run the RADIUS serv er soft ...
Cisco Systems ME 3400 - page 163

7-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS Y ou identify RADIUS security server s by their hostnam e or IP address, host name and specific UDP port numbers, or their IP address and specif ic UDP port numbers. The combin a ...
Cisco Systems ME 3400 - page 164

7-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with RADIUS T o remov e the specified RADIUS server , use the no radius-server host hostname | ip-addr ess global confi guration command. This example shows ho w to configure one RADIUS ser ...
Cisco Systems ME 3400 - page 165

7-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS Note Y ou also need to conf igure some settings on the RA DIUS server . These settings include the IP address of the switch and the k ey string t o be shared by both t he server ...
Cisco Systems ME 3400 - page 166

7-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with RADIUS Step 3 aaa authentication logi n { default | list-name } method1 [ method2... ] Cr eate a login authentication method l ist. • T o create a default list that is used when a na ...
Cisco Systems ME 3400 - page 167

7-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o disable AAA, use the no aaa new-model glo bal configurat ion command. T o disable AAA authentic ation, use the no aaa authentication login { default | list-name } metho d1 [ ...
Cisco Systems ME 3400 - page 168

7-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with RADIUS Beginni ng in pri vile ged EXEC mo de, follo w these st eps to def ine the AAA serv er group and associate a particular RADIUS server with it: Command Purpose Step 1 configur e ...
Cisco Systems ME 3400 - page 169

7-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS T o remov e the specified RADIUS server , use the no radius-server host hostname | ip-addr ess global confi guration command. T o remove a serv er group from the conf iguration l ...
Cisco Systems ME 3400 - page 170

7-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with RADIUS T o disable authorization, use the no aaa au thorization { network | exec } method1 global co nfiguration command. Starting RADIUS Accounting The AAA accounting feature tracks t ...
Cisco Systems ME 3400 - page 171

7-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS Configuring Settings fo r All RADIUS Servers Beginni ng in pri vileged EXEC mod e, follow these steps to conf igure global communication settings between the switch and all RADIU ...
Cisco Systems ME 3400 - page 172

7-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with RADIUS This example sho ws how to pro vide a user logging in from a switch with immediate access to privileged EXEC commands: cisco-avpair= ”shell:priv-lvl=15“ This example sho ws ...
Cisco Systems ME 3400 - page 173

7-31 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with RADIUS As mentioned earlier , to configure RADI US (whether v endor -propri etary or IETF draft-co mpliant), you must specify the host ru nning the RADIUS serv er daem on and the secret ...
Cisco Systems ME 3400 - page 174

7-32 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with Kerberos Controlling Switch Access with Kerberos This section descri bes how to enable and conf igure the K erberos security sy stem, which authenticates requests for networ k resource ...
Cisco Systems ME 3400 - page 175

7-33 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with Kerbero s This software release su pports Kerberos 5, which allows organizations that are already using Kerberos 5 to use the same Kerberos authenti cation database on the K D C that th ...
Cisco Systems ME 3400 - page 176

7-34 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Controlling Switch Access with Kerberos Kerberos Operation A Kerberos serv er can be a Cisco ME switch that is conf igured as a netwo rk security serv er and that can authenticate remote users b y using the K erbero ...
Cisco Systems ME 3400 - page 177

7-35 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Controlling Switch Access with Kerbero s • If the decryption is successful, the us er is authenticated to the switch. • If the decryption is not successf ul, the us er repeats Step 2 eith er by re-entering the us ...
Cisco Systems ME 3400 - page 178

7-36 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Configuring the Switch for Local Authen ticatio n and Au thorization T o set up a K erberos-authenticated server -client system, follow these steps: • Configure the KDC by using Kerberos commands. • Config ure t ...
Cisco Systems ME 3400 - page 179

7-37 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Configuring the Swit ch for Secure Shell T o disable AAA, use the no aaa new-model glo bal configurat ion command. T o disable authorization, use the no aaa authorization { network | ex ec } method1 global co nfigura ...
Cisco Systems ME 3400 - page 180

7-38 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Configuring the Switch for Secure Shell The switch supports an SSHv1 or an SSHv2 server . The switch supports an SSHv1 client. SSH supports the Data Encryption Standard (DES ) encryption algo rithm, the T riple DES ...
Cisco Systems ME 3400 - page 181

7-39 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Configuring the Swit ch for Secure Shell • When generating the RSA ke y pair , th e message No domain specified might appear . If it does, you must conf igure an IP domain name b y using the ip domain-name g lobal ...
Cisco Systems ME 3400 - page 182

7-40 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Configuring the Switch for Secure Shell Configuring the SSH Server Beginni ng in pri vileged EXEC mode, foll ow th ese steps to conf igure the SSH server: T o return to the d efault SSH contr ol parameters, use the ...
Cisco Systems ME 3400 - page 183

7-41 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Configuri ng Switch-Based Authentication Configurin g the Switch fo r Secure Co py Protocol For more informati on about these commands, see the “ Secure Shell Commands ” section in the “Other Security Features” chapter of the Ci sco IOS Se curity C ...
Cisco Systems ME 3400 - page 184

7-42 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 7 Config uring Switch-Based Authenticatio n Configuring the Switch for Secure Copy Pro t oco l ...
Cisco Systems ME 3400 - page 185

CH A P T E R 8-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 8 Configuring IEEE 802.1x Port-Based Authentication This chapter describes ho w to co nf igure IEEE 802.1x por t-based au thentication on th e Cisco ME 3400 Ethernet Access switch. As LANs e xtend to hotels, airports, and corporate lo bbies and create ins ...
Cisco Systems ME 3400 - page 186

8-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication These sections describe IEEE 802 .1x port-based authentication: • Dev ice Roles, page 8-2 • Authentication Init iation and Message Exchange, page 8-3 ...
Cisco Systems ME 3400 - page 187

8-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication U nderstanding IEEE 802.1x Port-Based Authentication • Switch (edge switch or wireless access poin t)—control s the physical access to the network based on the authentication status of the client. The swi ...
Cisco Systems ME 3400 - page 188

8-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication Figur e 8-2 Messag e Ex ch ange Ports in Authorized and Unauthorized States Depending on the switch port state, th e switch can gran t a client access to ...
Cisco Systems ME 3400 - page 189

8-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication U nderstanding IEEE 802.1x Port-Based Authentication If the client is successfully authen ticated (receives an Accept frame fr om the authentication serv er), the port state changes to autho rized, and all fr ...
Cisco Systems ME 3400 - page 190

8-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication Y ou can view the A V pairs that ar e being sent b y the swit ch by e nabling the debug radius account ing or debug aaa a ccounting pri vile ged EXEC comm ...
Cisco Systems ME 3400 - page 191

8-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication U nderstanding IEEE 802.1x Port-Based Authentication Figur e 8-3 Multiple Host Mode Example Using 802.1x Readiness Check The 802.1x readiness check monito rs IEEE 802.1x activity on al l the switch ports and ...
Cisco Systems ME 3400 - page 192

8-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Understanding IEEE 802.1x Po rt-Based Authentication • When you manually remov e an I EEE 802.1x client address from the port security table by using the no switchport port-s ecurity mac-address ma c-addr ...
Cisco Systems ME 3400 - page 193

8-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802. 1x Authentication T o conf igure VLAN assignm ent you need to perform t hese tasks: • Enable AAA authoriz atio n b y using th e network k e yword to allo w interf ace conf iguration fr ...
Cisco Systems ME 3400 - page 194

8-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Configuring IEEE 802. 1x Authentication Default IEEE 802.1x Configuration Ta b l e 8-2 shows the def ault IEEE 802.1x conf iguration. Ta b l e 8-2 Def ault IEEE 802.1x Configuration Feature Default Setting ...
Cisco Systems ME 3400 - page 195

8-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802. 1x Authentication IEEE 802.1x Configuration Guidelines These are the IEEE 802.1x authenti cation configuration guidelines: • When IEEE 802.1x is enabled, port s are authenticated befo ...
Cisco Systems ME 3400 - page 196

8-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Configuring IEEE 802. 1x Authentication Configuring 802.1x Readiness Check The 802.1x readiness check monito rs IEEE 802.1x activity on al l the switch ports and displays information about the de vices conn ...
Cisco Systems ME 3400 - page 197

8-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802. 1x Authentication Configuring IEEE 802.1x Violation Modes Y ou can configu re an IEEE 802.1x port so that it shut s down , generates a syslog error , or discards packets from a ne w de ...
Cisco Systems ME 3400 - page 198

8-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Configuring IEEE 802. 1x Authentication This is the IEEE 802.1x AAA process: Step 1 A user connects to a port on the switch. Step 2 Authentication i s performed. Step 3 VLAN assignment is enabled, as appr o ...
Cisco Systems ME 3400 - page 199

8-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802. 1x Authentication Configuring the Switch-to-RADIUS-Server Communication RADIUS security servers are identifi e d b y their hostname or IP address, hostname and specific UDP port numbers ...
Cisco Systems ME 3400 - page 200

8-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Configuring IEEE 802. 1x Authentication Y ou also need to confi gure some settings on the RADI US serv er. These settings include the IP address of the switch and the k ey string t o be shared by both t he ...
Cisco Systems ME 3400 - page 201

8-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802. 1x Authentication Changing the Quiet Period When the switch cannot authenticate the client, the switch remains i dle for a set period of ti me and then tries agai n. The dot1x timeout q ...
Cisco Systems ME 3400 - page 202

8-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Configuring IEEE 802. 1x Authentication T o return to the defau lt retransmission time, use the no dot1x timeout tx-period interface configuration command. This exampl e show s how to set 60 as the number o ...
Cisco Systems ME 3400 - page 203

8-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication Configuring IEEE 802. 1x Authentication Note Y ou should change the default v alue of this command only to adjust for unusual circumstances such as unreliable links or speci fic beha vioral problems wit h ce ...
Cisco Systems ME 3400 - page 204

8-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Configuring IEEE 802. 1x Authentication Note Although visible in the comma nd-line interface help, the dot1x host-mode multi-domain interface configuration command is not suppor ted. Conf iguring this comma ...
Cisco Systems ME 3400 - page 205

8-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802.1x Port-Based Authentication D isplaying IEEE 802.1x Statistics and Status Beginni ng in privile ged EXEC mode, follo w these steps to confi g ure IEEE 802.1x accounting after AAA is enabled on your switch. This proced ure is optional. ...
Cisco Systems ME 3400 - page 206

8-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 8 Configuring IEEE 802. 1x Port-Based Authentication Displaying IEEE 802.1x Statist ics and Status ...
Cisco Systems ME 3400 - page 207

CH A P T E R 9-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 9 Configuring Interfaces This chapter def ines the typ es of interfaces on t he Cisco ME 3400 Ethern et A ccess switch and describes how to configure them. The chapter consists of these sec tions: • Understanding Interf ace T ypes, page 9-1 • Using In ...
Cisco Systems ME 3400 - page 208

9-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Understanding Interfac e Type s UNI, NNI, and ENI Port Types The Cisco ME switch support s user-network i nterfaces (UNIs), netw ork node interfaces (NNI s), and enhanced network interfaces (ENIs). UNIs are typically connected to a h ...
Cisco Systems ME 3400 - page 209

9-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Understanding Interface Type s T o isolate VLANs of dif ferent customers in a ser vice-provider net work, the Cisco ME switch uses UNI-ENI VLANs. UNI-ENI VLANs i solate user network in terfaces (UNIs) or en hanced network interfa ces ...
Cisco Systems ME 3400 - page 210

9-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Understanding Interfac e Type s For detailed information about configuring access port and tr unk port characteristics, see Chapte r 11, “Configuring VLANs. ” For more infor mation about tunn el ports, see Chapter 13, “Configur ...
Cisco Systems ME 3400 - page 211

9-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Understanding Interface Type s Note IEEE 802.1Q tunneling is only suppor ted when the switch is running th e metro IP access or metro access image. T unnel ports cannot be trunk port s or access port s and must belo ng to a VLAN u niq ...
Cisco Systems ME 3400 - page 212

9-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Understanding Interfac e Type s Although the swit ch supports a total of 10 05 VLAN s (and SVIs), the interr elat ionship between the number of SVIs and ro uted ports and t he nu mbe r of o ther featu res be ing configured mi ght im ...
Cisco Systems ME 3400 - page 213

9-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Understanding Interface Type s By default, dual -purpose ports are user-netw ork interfaces (UNIs) and SFP- only module ports are network node inte rfaces (NNIs). By default, the switch dynam ically selects the dual-pur pose port medi ...
Cisco Systems ME 3400 - page 214

9-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Using Interface Configuration Mode Using Interface Configuration Mode The switch supports these interface types: • Physical ports—switch ports, r outed ports, UNIs, NNIs, and EN Is • VLANs—switch virtual interf aces • Port- ...
Cisco Systems ME 3400 - page 215

9-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Using Interface Configuration Mode Step 4 Follo w each interface command wi th the interface configuration commands that th e interface requires . The commands that you enter define the protocols and applications th at will run on the ...
Cisco Systems ME 3400 - page 216

9-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Using Interface Configuration Mode – gigabitethernet modul e/{ fir s t p o r t } - { last port }, where the module is al ways 0 – port-channel port-chann el-number - port-c hannel-number , where the port-channel-number is 1 to 4 ...
Cisco Systems ME 3400 - page 217

9-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Using Interface Configuration Mode Use the no define interf ace-range macr o_name global conf iguration comm and to delete a macro. When using the define interface-range global configuration c ommand , note these guide lines: • V a ...
Cisco Systems ME 3400 - page 218

9-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Configuring Ethern et Inter f ace s This exampl e shows ho w to cr eate a multiple-interface macr o named macr o1 and assi gn all of the interfaces in the rang e to a VLAN : Switch# configure terminal Switch(config)# define interfac ...
Cisco Systems ME 3400 - page 219

9-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Configuring Ethernet Interfaces Ta b l e 9-1 Def ault Ether net Configuration for NNIs Feature Default Setting Operating mode Layer 2 or switch ing mode ( switchport comman d). Allo wed VLAN range VLANs 1– 4094. Default VLAN (for a ...
Cisco Systems ME 3400 - page 220

9-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Configuring Ethern et Inter f ace s Configuring the Port Type By default, all t he 10/100 ports on the Cisco ME switch are conf igured as UNI s, and the SFP module ports are configured as NNIs. Y ou can also config ure the port type ...
Cisco Systems ME 3400 - page 221

9-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Configuring Ethernet Interfaces Entering the no port-ty pe or default port-type interf ace conf iguration comma nd returns the port to t he default state: U NI for Fast Et hernet por ts and NNI for Gigabit Ethernet ports. This exampl ...
Cisco Systems ME 3400 - page 222

9-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Configuring Ethern et Inter f ace s • Y ou cannot configure duple x mode on SFP module po rts; the y operate in full-duplex mode e xcept in these situations: – When a Cisco1000B ASE-T SFP module is in the SFP module slot, you ca ...
Cisco Systems ME 3400 - page 223

9-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Configuring Ethernet Interfaces Use the no speed and no duplex interface conf iguration commands to return t he interf ace to the default speed and duple x settings (autone gotiate). T o return all interf ace settings to the def ault ...
Cisco Systems ME 3400 - page 224

9-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Configuring Ethern et Inter f ace s Each dual-purpose port i s consider ed as a single interface with dual front ends (an RJ-45 conn ect or and an SFP module connector). The dual front ends are not redundant inter f aces; the switch ...
Cisco Systems ME 3400 - page 225

9-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Configuring Ethernet Interfaces Changing the interf ace type, remo ves the speed and duple x configur ations. The switch conf igures both media types to autone gotiate sp eed and duple x (the default ). If you conf igure auto-select ...
Cisco Systems ME 3400 - page 226

9-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Configuring Ethern et Inter f ace s Be g in n i n g i n p r ivi l e g e d E X E C m o d e , f o l l ow t he s e s t e p s t o conf igure IEEE 802.3x flo w control on an interface: T o disable IEEE 802.3x flo w control, use the flo w ...
Cisco Systems ME 3400 - page 227

9-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Configuring Ethernet Interfaces Be g in n in g i n p r ivi l eg e d E X E C m o d e , f o l low t h e s e s t e p s t o configure auto-MDIX on an interface: T o disable auto-MDIX, us e the no mdix auto interface conf iguration comman ...
Cisco Systems ME 3400 - page 228

9-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Configuring La yer 3 Interfaces Use the no description interface co nfigu ration command to delete the description. This exampl e show s how to add a description on a port and h ow to v erify the descri ption: Switch# config termina ...
Cisco Systems ME 3400 - page 229

9-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Configuri ng the System MTU • If the switch attempts to boo t up with a conf iguration that has more VLANs and r outed ports than hardware can support, the VLANs are created, but th e routed ports are shut down, and the switch send ...
Cisco Systems ME 3400 - page 230

9-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Configuring the System MTU frames on all Giga bit Ethernet interfaces b y using the system mtu jumbo global configuration command. Y ou can change the MTU size for routed ports by using the system mtu routing global confi guration c ...
Cisco Systems ME 3400 - page 231

9-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Configuri ng the System MTU Note If Layer 2 Gigabit Ethernet interfaces are configured to accept frames greater than the 10/100 int erfaces, jumbo frames re ceiv ed on a Layer 2 Gigabit Ethernet interface and sent on a Layer 2 10/100 ...
Cisco Systems ME 3400 - page 232

9-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Monitoring and Main ta ining the Interfaces Monitoring and Mainta ining the Interfaces These sections contain interface moni toring and maintenance information: • Monitoring Interf ace Status, page 9-26 • Clearing and Resetting ...
Cisco Systems ME 3400 - page 233

9-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Configuring Interfac es Monitoring and Main ta ining the Interfaces Clearing and Resetting Interfaces and Counters Ta b l e 9-5 lists the pri vile ged EXEC mode clear commands that you can use to clear counters and reset interfaces. T o clear the interface ...
Cisco Systems ME 3400 - page 234

9-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 9 Config uring Inter faces Monitoring and Main ta ining the Interfaces Note The clear counters privi leged EXEC command do es not clear counters retrie v ed by using Simple Network Management Protocol ( SNMP), b ut only tho se seen wi th the sho w interface p ...
Cisco Systems ME 3400 - page 235

CH A P T E R 10-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 10 Configuring Command Macros This chapter describe s how to configure and appl y command macros on the Cisco ME 3400 switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see the command reference for this rele ...
Cisco Systems ME 3400 - page 236

10-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 10 Config uring Command Macros Configuring Command Macros • Applying Command Macros, page 10-4 • Displaying Command Macro s, page 10-5 Default Command Macro Configuration There are no command macros enabled. Command Macro Configuration Guidelines Follo w ...
Cisco Systems ME 3400 - page 237

10-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 10 Configuring Command Mac ros Configuring Command Macros Creating Command Macros Beginning in priv ileged EXEC mode, foll ow these steps to create a command macro: The no form of the macr o n ame glo bal configur ation command only deletes the macro definiti ...
Cisco Systems ME 3400 - page 238

10-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 10 Config uring Command Macros Configuring Command Macros Applying Command Macros Beginni ng in pri vileged EXEC mode, foll ow th ese steps to apply a command macro: Command Purpose Step 1 configur e terminal Enter global configurati on mode. Step 2 macro glo ...
Cisco Systems ME 3400 - page 239

10-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 10 Configuring Command Mac ros Displaying Command M acro s Y ou can delete a gl obal macro-app lied conf igurati on on a switch only b y entering the no version of each command that is in the macro. Y ou can delete a macr o-app lied conf i gurat ion on an int ...
Cisco Systems ME 3400 - page 240

10-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 10 Config uring Command Macros Displaying Command Macr os ...
Cisco Systems ME 3400 - page 241

CH A P T E R 11-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 11 Configuring VLANs This chapter descri bes how to configure no rmal-range VLANs (VLAN IDs 1 to 1005 ) and extend ed-range VLANs (VLAN IDs 1006 to 4 094) on the Cisco ME 3400 Ethernet Access switch. It includes information about VLAN memb ership mode s, ...
Cisco Systems ME 3400 - page 242

11-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Understanding VLANs Figure 11-1 sho ws an e xample of VLANs segmented i nto logically defi ned networks. Figur e 1 1 -1 VLANs as Logically Defined Ne tw or ks VLANs are often associated with IP subnet works. F or example, all the end sta ...
Cisco Systems ME 3400 - page 243

11-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Understanding VLANs Supported VLANs VLANs are identif ied with a number from 1 to 409 4. VLAN IDs 1002 through 10 05 are reserved for T oken Ri ng and FDDI VLANs. VLAN IDs greater than 1005 are e xtended-range VLANs and are not stored in ...
Cisco Systems ME 3400 - page 244

11-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Understanding VLANs • Bridge identif ication number for T rBRF VLANs • Ring number for FDDI and T rCRF VLANs • Parent VLAN number for TrCRF VLANs • Spanning T ree Protocol (STP) type for T rCRF VLANs • VLAN number to use when t ...
Cisco Systems ME 3400 - page 245

11-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Understanding VLANs For more detail ed definit ions of access and trunk modes an d their functions, see Ta b l e 11-4 on page 11-15 . When a port belongs to a VLAN, th e switch le arns and manages the addresses as sociated with the port o ...
Cisco Systems ME 3400 - page 246

11-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Understanding VLANs There are two types of UNI-ENI VLANs: • UNI-ENI isolated VLAN—This is the def ault VLAN state for all VLANs created on the switch. Local switching does not occur among UNIs or ENIs o n the switch that belong to th ...
Cisco Systems ME 3400 - page 247

11-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Creating and Modifyi ng VLANs isolated VLAN. In this case, isolation occurs be tween the UNI access port and the VLAN on the UNI trunk port. Other access ports and other VLANs on the trunk port are i solated because they b elong to differ ...
Cisco Systems ME 3400 - page 248

11-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Creating and Modifying VLANs VLAN Configuration Guidelines Follo w these guideli nes when creating and modifying VLANs in y our network: • The switch supports 1005 VLANs. • Normal-range Ethernet VLANs are id entified with a number be ...
Cisco Systems ME 3400 - page 249

11-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Creating and Modifyi ng VLANs Note MSTP is supported only on NNIs on ENIs on wh ich STP has been enabled. • Each routed port on the switch creates an internal VLA N for its use. These internal VLANs us e extend ed-range VLAN numb ers, a ...
Cisco Systems ME 3400 - page 250

11-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Creating and Modifying VLANs Beginni ng in pri vileged EXEC mode, foll ow th ese steps to create or modify an Ethernet VLAN: T o delete a VL AN, use th e no vlan vlan-id global config uration command. Y ou cannot delete VLAN 1 or VLANs ...
Cisco Systems ME 3400 - page 251

11-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Creating and Modifyi ng VLANs Assigning Static-Access Ports to a VLAN Y ou can assign a static-access port to a VLAN. Note If you assign an interf ace to a VLAN that does not e xist, the ne w VLAN is created. (See the “Creating or Modi ...
Cisco Systems ME 3400 - page 252

11-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Creating and Modifying VLANs Beginning in priv ileged EXEC mode, foll ow these step s to release a VLAN ID that is assigned to an internal VLA N and to cr eate an extended-range VLAN with that ID: Configuring UNI-ENI VLANs By default, e ...
Cisco Systems ME 3400 - page 253

11-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Creating and Modifyi ng VLANs – T o change a UNI-ENI community VLAN to a n RSP AN VLAN, you must first remov e the communi ty VLAN type by entering the no uni-vlan VLA N conf iguration command. Then enter the rspan-vlan VLAN conf igura ...
Cisco Systems ME 3400 - page 254

11-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Displa yi n g VLANs Use the no uni-vlan VLAN conf igu ratio n command to retur n to th e def aul t (UNI- ENI i solated VLAN). Entering uni-vlan isolated command has the same ef fe ct as entering the no uni-vlan VLAN configuration comman ...
Cisco Systems ME 3400 - page 255

11-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Configuring VLAN Trunks Y ou can conf igure a trunk on a si ngle Ethernet interf ace or on an EtherChannel b undle. F or more information about Ethe rChann els, see Chapte r 34, “Conf iguring EtherCha nnels and Link-State T racking. ? ...
Cisco Systems ME 3400 - page 256

11-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Configuring VLAN Tru nk s • Disabling spanning tree on the nati ve VLAN of an IEEE 802.1Q tr unk without disabling spanning tree on e v ery VLAN in t he network can potentially cause spanning-tree loops. W e recommend that you leav e ...
Cisco Systems ME 3400 - page 257

11-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Configuring VLAN Trunks • If you try to enable IEEE 802.1x on a trunk port, an error message appears, and IEEE 802.1x is not enabled. If you try to chan ge the mode of an IEEE 802.1x-enabled port to trunk, the port mode is not changed. ...
Cisco Systems ME 3400 - page 258

11-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Configuring VLAN Tru nk s Note VLAN 1 is t he default VLAN on all tru nk ports in al l Cisco swit ches, and it ha s previously been a requirement that VLAN 1 al ways be enabled on e v ery trunk link. The VLAN 1 min imization feature all ...
Cisco Systems ME 3400 - page 259

11-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Configuring VLAN Trunks Configuring the Native VL AN for Untagged Traffic A trunk port conf igured wi th IEEE 802.1Q tagging can recei ve both tagged and untagged traf f ic. By default, th e switch forwards unt agged traf f ic in the nat ...
Cisco Systems ME 3400 - page 260

11-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Configuring VLAN Tru nk s Load Sharing Using ST P Port Priorities When two ports on th e same switch form a loop , the switch uses the STP port prior ity to decide which port is enabled and wh ich port is in a blocking state. Y ou can s ...
Cisco Systems ME 3400 - page 261

11-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Configuring VLAN Trunks Follo w the same steps on Switch B to conf igure th e trunk port for Trunk 1 wi th a spanning-tree port priority of 16 for VLA Ns 8 through 10, and the co nfigure trun k port for T runk 2 wi th a spanning-tree por ...
Cisco Systems ME 3400 - page 262

11-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Configuring VLAN Tru nk s Figur e 1 1 -4 Load-Shar ing T r unks with T r af fic Distr ibuted b y P ath Cost Beginni ng in pri vileged EXEC mode, follo w these st eps to conf igure the netw ork sho wn in Figure 11-4 : 90573 Switch A Swit ...
Cisco Systems ME 3400 - page 263

11-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Configuring VMPS Follo w the same steps on Switch B to configure the trunk port for Trunk 1 with a path cost of 3 0 for VLANs 2 through 4, and configure the t runk port for T runk 2 with a path cost of 30 for VLANs 8 through 10. Configur ...
Cisco Systems ME 3400 - page 264

11-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Configuring VMPS If the port is currentl y unassigned (that is, it do es not yet ha ve a VLAN assignment), the VMPS provides one of these responses: • If the host is allo wed on the port, the VMPS sends the cl ient a vlan-assi gnment ...
Cisco Systems ME 3400 - page 265

11-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Configuring VMPS Default VMPS Client Configuration Ta b l e 11-6 sho ws the default V MPS and dynamic-access port conf iguration on client switches. VMPS Configuration Guidelines These guidelines and restrict ions apply to dynamic-access ...
Cisco Systems ME 3400 - page 266

11-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Configuring VMPS Entering the IP Ad dress of the VMPS Y ou must f irst enter the IP address of the se rver to conf igure the switch as a clie nt. Beginning in priv ileged EXEC mode, foll ow th ese steps to enter the IP address of the VM ...
Cisco Systems ME 3400 - page 267

11-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Configuring VMPS T o return an interf ace to its defau lt configur ation, use the default interface interface-id interface confi guration command. T o reset the access mode to the default VLAN for the switch, use th e no switchport acces ...
Cisco Systems ME 3400 - page 268

11-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Configuring VMPS Monitoring the VMPS Y ou can display information about the VMPS b y using the sho w vmps pri vile ged EXEC command. The switch displa ys this in formatio n about th e VMPS: • VMPS VQP V ersion—the version of VQP use ...
Cisco Systems ME 3400 - page 269

11-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLANs Configuring VMPS • End stations are connected to the clients, Switch B and Swi tch I. • The database conf iguration f ile is stored on the TFTP serv er with the IP address 172.20 .22.7. Figur e 1 1 -5 Dynamic P ort VLAN Membership Co ...
Cisco Systems ME 3400 - page 270

11-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 11 Configuring VLA Ns Configuring VMPS ...
Cisco Systems ME 3400 - page 271

CH A P T E R 12-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 12 Configuring Private VLANs This chapter describe s ho w to configure pri v ate VL ANs on the Cisco ME 3400 Ethernet Access switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see the command reference for th ...
Cisco Systems ME 3400 - page 272

12-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLANs Understanding Private VLANs Types of Private VLANs and Private-VLAN Ports Pri vate VLANs partition a re gular VLAN domain into subdomai ns. A subdomain is represented b y a pair of VLANs: a pri mary VLAN an d a secondary VLAN. A p ...
Cisco Systems ME 3400 - page 273

12-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLAN s Understanding Private VLANs • Isolated—An isolated port is a host port that b elongs to an isolated secondary VLAN. It has complete Layer 2 separation from ot her ports within the same pri vate VLAN, e xcept for the promiscuo ...
Cisco Systems ME 3400 - page 274

12-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLANs Understanding Private VLANs Y ou can extend priv ate VLANs across multiple dev ices by trunki ng the primary , isolated, and community VLANs to other de vices that suppo rt pri vat e VLANs. T o maintain the security of your pri v ...
Cisco Systems ME 3400 - page 275

12-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLAN s Understanding Private VLANs Y ou must manually conf igure pri v ate VLANs on a ll switches in the Layer 2 networ k. If you do not confi gure the primary and secondary VLAN associations in some switch es in the net work, the Layer ...
Cisco Systems ME 3400 - page 276

12-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLANs Configuring Private VLANs Configuring Private VLANs These sections contain this configu ration informatio n: • T asks for Conf iguring Pri v ate VLANs, p age 12-6 • Default Pri v ate-VLAN Conf iguration, page 12-6 • Pri vat ...
Cisco Systems ME 3400 - page 277

12-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLAN s Configuring Private VLANs Secondary and Primary VLAN Configuration Follo w these guidelines when conf iguring pri v ate V LANs: • Y ou use VLAN conf iguration mode to conf igure priv ate VLANs. For more informat ion about VLAN ...
Cisco Systems ME 3400 - page 278

12-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLANs Configuring Private VLANs • When a frame is forwarded through Layer 2 withi n a priv ate VLAN, the same VLAN map is a pplied at the receiving and sending sides. When a frame is rout ed from inside a priv ate VL AN to an e x tern ...
Cisco Systems ME 3400 - page 279

12-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLAN s Configuring Private VLANs Limitations with Other Features When config uring pri vate VLANs, remember th ese limitations with other features: Note In some cases, the configuration is accepted with no error messages, but the comman ...
Cisco Systems ME 3400 - page 280

12-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLANs Configuring Private VLANs Configuring and Associating VLANs in a Private VLAN Beginning in priv ileged EXEC mode, foll ow these steps to configu re a pri vate VLAN: Note The private-vlan commands do not take ef fect until you e x ...
Cisco Systems ME 3400 - page 281

12-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLAN s Configuring Private VLANs • The secondary_vlan_li st parameter can contain mu ltiple community VLAN IDs b ut only one isolated VLAN ID. • Enter a secondary_vlan_list, or use the add keyword with a second ary_vlan_list to ass ...
Cisco Systems ME 3400 - page 282

12-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLANs Configuring Private VLANs This example sho ws how to conf igure an interface as a pri vate-VLAN host port, associate it with a priv ate-V LAN pair , and verify the conf iguration: Switch# configure terminal Switch(config)# interf ...
Cisco Systems ME 3400 - page 283

12-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLAN s Configuring Private VLANs Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port Y ou can conf igure only NNIs as p romiscuous por ts. Beginning in pri vileged EXEC mode, follo w these steps to configure a Layer 2 in ...
Cisco Systems ME 3400 - page 284

12-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLANs Configuring Private VLANs Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface If the switch is running th e metro IP access image and the pri v ate VLAN will be used for i nter-VLA N routing, you conf igure an SVI fo ...
Cisco Systems ME 3400 - page 285

12-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLAN s Monitoring Private VLANs Monitoring Private VLANs Ta b l e 12-1 sho ws the pri vileged EXEC command s for monitoring pri v ate-VLAN acti vity . This is an example of the output from the show vlan pri vate-vlan comman d: Switch(c ...
Cisco Systems ME 3400 - page 286

12-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 12 Configuring Private VLANs Monitoring Private VLANs ...
Cisco Systems ME 3400 - page 287

CH A P T E R 13-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 13 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling V irtual priv ate networks (VPNs) provi de enterprise-s cale connectivity on a shar ed infrast ructure, often Ethernet-based, with the same secu rity , prioritization, reliability , and manageabil ...
Cisco Systems ME 3400 - page 288

13-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Understanding IEEE 802.1Q Tunneling Customer traf fic tagged in the normal w ay with appropriate VLAN IDs comes from an IEEE 802.1Q trunk port on the cu stomer de vice and into a tunn el port on the s ...
Cisco Systems ME 3400 - page 289

13-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q and Layer 2 Pr otocol Tunneling Understanding IEEE 802. 1 Q Tu nneling Note Remove the Layer 2 protocol conf iguration from a trunk port because incoming encapsulated packets change that trunk port to erro r disabled. The outg oing ...
Cisco Systems ME 3400 - page 290

13-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Configuring IEEE 802.1Q Tunneling Configuring IEEE 802.1Q Tunneling These sections contain this configu ration informatio n: • Default IEEE 802.1Q T unne ling Configuration, page 13-4 • IEEE 802.1 ...
Cisco Systems ME 3400 - page 291

13-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q and Layer 2 Pr otocol Tunneling Configu rin g IEEE 802.1Q Tunneling • Use the vlan dot1q tag native global config uration command to conf igure th e edge switch so that all packets going o ut an IEEE 802.1Q trunk, in cluding the n ...
Cisco Systems ME 3400 - page 292

13-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Configuring IEEE 802.1Q Tunneling IEEE 802.1Q Tunneling and Other Features Although IEEE 802.1Q tunneling works well for La yer 2 packet switching, th ere are incompatibilities between som e Layer 2 f ...
Cisco Systems ME 3400 - page 293

13-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q and Layer 2 Pr otocol Tunneling Understanding Layer 2 Protocol Tunneling Use the no switchport mode dot1q-tunnel interf ace conf iguration command to return the p ort to the default state of access. Use the no vlan dot1q tag native ...
Cisco Systems ME 3400 - page 294

13-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Understanding Layer 2 Protoco l Tu nne ling Note The Cisco ME 3400 switch does not supp ort VTP; CDP and STP are supported by def ault on NNIs and can be enable d on ENIs. Howev er , Layer 2 protocol ...
Cisco Systems ME 3400 - page 295

13-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q and Layer 2 Pr otocol Tunneling Understanding Layer 2 Protocol Tunneling Figur e 13-4 Layer 2 Pr otocol T unneling Figur e 13-5 Layer 2 Networ k T opology without Pr oper Conv erg ence In an SP network, you can use Layer 2 prot ocol ...
Cisco Systems ME 3400 - page 296

13-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Configuring La yer 2 Protocol Tunneling For e xample, in Figure 13-6 , Customer A has two switches in the same VLAN that are connected through the SP ne twork. When th e network tunnel s PD Us, switc ...
Cisco Systems ME 3400 - page 297

13-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q and Layer 2 Pr otocol Tunneling Configuring Layer 2 Protoc ol Tunneling the infrast ructure as do uble-tagged pa ckets wi th the well-k nown M A C addres s as the destin ation MA C address. These double-tagged packets ha ve the met ...
Cisco Systems ME 3400 - page 298

13-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Configuring La yer 2 Protocol Tunneling • The switch supports P AgP , LA CP , and UDLD tunneling for emulated point-to- point networ k topologies. Protocol tunneling i s disabled b y def a ul t b u ...
Cisco Systems ME 3400 - page 299

13-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q and Layer 2 Pr otocol Tunneling Configuring Layer 2 Protoc ol Tunneling Use the no l2protocol-tunnel [ cdp | stp | vtp ] interf ace conf iguration command to d isable protocol tunneling for one of the Layer 2 protocols or for all t ...
Cisco Systems ME 3400 - page 300

13-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Configuring La yer 2 Protocol Tunneling Switch(config-if)# l2protocol-tunnel drop-threshold 1000 Switch(config-if)# exit Switch(config)# l2protocol-tunnel cos 7 Switch(config)# end Switch# show l2pro ...
Cisco Systems ME 3400 - page 301

13-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q and Layer 2 Pr otocol Tunneling Configuring Layer 2 Protoc ol Tunneling Use the no l2protocol-tunnel [ point-to-point [ pagp | lacp | udld ]] interface conf iguration command to disable point-to-po int protocol tunneling for one of ...
Cisco Systems ME 3400 - page 302

13-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Configuring La yer 2 Protocol Tunneling Configuring the Customer Switch After conf iguring the SP edge switch, be gin in pri vileg ed EXEC mode and follo w these steps to configure a customer switch ...
Cisco Systems ME 3400 - page 303

13-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q and Layer 2 Pr otocol Tunneling Configuring Layer 2 Protoc ol Tunneling Switch(config-if)# l2protocol-tunnel point-to-point udld Switch(config-if)# l2protocol-tunnel drop-threshold point-to-point pagp 1000 Switch(config-if)# exit S ...
Cisco Systems ME 3400 - page 304

13-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 13 Configuring IEEE 802.1Q an d Layer 2 Protocol Tunneling Monitoring and Main ta ining Tunneling Status Monitoring and Mainta ining Tunneling Status Ta b l e 13-2 sho ws the pri vileged EXEC commands for m onitoring and maintaini ng IEEE 802.1Q and Layer 2 ...
Cisco Systems ME 3400 - page 305

CH A P T E R 14-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 14 Configuring STP This chapter describes ho w to configure the Span ning T ree Protocol (STP) on port-based VLANs on the Cisco ME 3400 Ethernet Access sw itch. The switch can use the per-VLAN spanning-tree plus (PVS T+) protocol based on the IEEE 802.1D ...
Cisco Systems ME 3400 - page 306

14-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Understanding Spannin g- Tr ee Featu re s • Accelerated Aging to Retain Conn ecti vity , page 14-9 • Spanning-T ree Modes and Protocols, page 14-9 • Supported Spanning-T ree Instances, page 14-10 • Spanning-T ree Interoperability ...
Cisco Systems ME 3400 - page 307

14-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Understanding Spanning -Tree Features Note The switch sends keepaliv e messages (t o ensure the connection is up) only on inte rfaces that do not ha ve small form-factor plugg able (SFP) modules. Spanning-Tree Topology and BPDUs The stable, ...
Cisco Systems ME 3400 - page 308

14-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Understanding Spannin g- Tr ee Featu re s • The shortest distance to the root switch is calc ulated for each switch based on the path cost. • A designated switch for each LAN segment is select ed. The designated switch in curs the low ...
Cisco Systems ME 3400 - page 309

14-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Understanding Spanning -Tree Features Each Layer 2 interf ace on a switch using spanning tree e xists in one o f these states: • Blocking—The interf ace does not participate in fr ame forwarding. • Listening—The f irst transition al ...
Cisco Systems ME 3400 - page 310

14-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Understanding Spannin g- Tr ee Featu re s Note UNIs are shut do wn by d efaul t, and when the y are brought up, the y immediately start forw arding traf fic. ENIs act the same as UNIs unless you ha v e specifically enabled STP on the port ...
Cisco Systems ME 3400 - page 311

14-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Understanding Spanning -Tree Features Learning State A Layer 2 interface in the learning state prepares to participate in frame fo rwar ding. The interface enters the learning state from the listening state. An interface in the learning sta ...
Cisco Systems ME 3400 - page 312

14-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Understanding Spannin g- Tr ee Featu re s Figur e 14-2 Spanning-T ree T opol ogy When the spanning-tree topo logy is calculated based on default parameters, the path between source and destination end st ations in a swi tched network mi g ...
Cisco Systems ME 3400 - page 313

14-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Understanding Spanning -Tree Features Spanning-Tree Address Management IEEE 802.1D specifies 17 multicast addresses, ra nging from 0x00180 C2000000 to 0x0 180C2000010, to be used by diff erent bridge protocols. These addr esses are static a ...
Cisco Systems ME 3400 - page 314

14-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Understanding Spannin g- Tr ee Featu re s The rapid PVST+ uses the same conf iguration as PVST+ (e xcept where n oted), and the switch ne eds only minimal e xtra configur ation. The benef it of rapid PVST+ is that you can mig rate a larg ...
Cisco Systems ME 3400 - page 315

14-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Configurin g Spanning-Tree Features STP and IEEE 802.1Q Trunks The IEEE 802.1Q standard for VLAN trunks imposes some limitations on the spanning-tree strate gy for a network. The stan dard r equires only one spanning-tree i nstance for all ...
Cisco Systems ME 3400 - page 316

14-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Configuring Spanning -T ree Features Spanning-Tree Configuration Guidelines If more VLANs are defined than there are spanning-tree instances, you can enable PVST+ or rapid PVST+ on STP ports s in only 128 VLANs on the switch. The remai n ...
Cisco Systems ME 3400 - page 317

14-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Configurin g Spanning-Tree Features Note If you ha ve alread y used all a v ailable spanning-tree instances on your switch, addi ng another VLAN creates a VLAN th at is not runni ng spanning tree on that switch. If you ha ve the def ault a ...
Cisco Systems ME 3400 - page 318

14-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Configuring Spanning -T ree Features Changing the Spanning-Tree Mode. The switch supports three spanni ng-tree modes: PVST+, rapid PVST+, or MSTP . By default, the switch runs the rapid PVST+ pro tocol on all NNIs and ENIs on which spann ...
Cisco Systems ME 3400 - page 319

14-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Configurin g Spanning-Tree Features T o return to the defa ult setting, use the no spanning-t ree mode global configu ration command. T o ret urn the port to its def ault spanning-tree mode setting, use th e no spanning-tree link-type in t ...
Cisco Systems ME 3400 - page 320

14-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Configuring Spanning -T ree Features Note If your network consi sts of switches that both do and do not supp ort the extended system ID, it is un likely that the switch with the e xtended system ID su pport will become the ro ot switch. ...
Cisco Systems ME 3400 - page 321

14-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Configurin g Spanning-Tree Features Configuring a Secondary Root Switch When you conf igure a switch as the secondary root, the switch priori ty is modified from the defau lt value (32768) to 28 672. The sw itch is th en likely to be come ...
Cisco Systems ME 3400 - page 322

14-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Configuring Spanning -T ree Features Beginni ng in pri vile ged EXEC mod e, follo w these step s to conf igure t he port priority of a spanning-tree port. This proced ure is optional. Note The show spanning-tr ee interface interfac e-id ...
Cisco Systems ME 3400 - page 323

14-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Configurin g Spanning-Tree Features T o return to the def ault spanning-tree setting, u se the no spanning-tree [ vlan vlan-id ] port-priority interface conf iguration co mmand. For informati on on ho w to confi gure load sharing on trunk ...
Cisco Systems ME 3400 - page 324

14-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Configuring Spanning -T ree Features Note The show spanning-tr ee interface interfac e-id pri vilege d EXEC command displays informati on only for ports that are in a link-up operati v e state. Otherwise, you can use the show running-con ...
Cisco Systems ME 3400 - page 325

14-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Configurin g Spanning-Tree Features Configuring Spanning-Tree Timers Ta b l e 14-4 describes the timers that af fect the entire spanning-tree perf ormance. The sections that fol low pro vide the conf iguration steps. Configuring the Hello ...
Cisco Systems ME 3400 - page 326

14-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Configuring Spanning -T ree Features Configuring the Forwardi ng-Delay Time for a VLAN Beginni ng in pri vileged EXEC mode, follow these steps to conf igure the forwardi ng-delay time for a VLAN. This procedure is optional. T o return to ...
Cisco Systems ME 3400 - page 327

14-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configuring STP Displaying the Spanning-Tree Sta tus Displaying the Spanning-Tree Status T o display the spanni ng-tree status, use one or more of the pri vile ged EXEC commands in Ta b l e 14-5 : Y ou can clear sp anning-tre e counters by using the clear ...
Cisco Systems ME 3400 - page 328

14-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 14 Configur in g STP Displaying the Spanning-T re e Status ...
Cisco Systems ME 3400 - page 329

CH A P T E R 15-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 15 Configuring MSTP This chapter descri bes how to configure the Cisco implem entation of the IEEE 802.1s Mult iple STP (MSTP) on the Cisco ME 3400 Ethe rnet Access switch . On the Cisco ME switch, user network interfaces (UNIs) on the switch do not part ...
Cisco Systems ME 3400 - page 330

15-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Understanding MSTP This chapter consists of these sections: • Understanding MSTP , page 15-2 • Understanding RSTP , page 15-8 • Config uring MSTP Features, page 15-14 • Displaying th e MST Configuration and Statu s, page 15-27 U ...
Cisco Systems ME 3400 - page 331

15-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Understanding MSTP IST, CIST, and CST Unlike PVST+ and rapid PVST+ in which all the sp anning-tree instances are independent, the MSTP establishes and maintains t w o types of sp anning trees: • An internal spanning tree (I ST), which is ...
Cisco Systems ME 3400 - page 332

15-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Understanding MSTP For corr ect operation , all switches i n the MST regio n must agree on the same IST master . Therefore, any two switches in the re gion synchroni ze their port role s for an MST instance only if they con verge to a c ...
Cisco Systems ME 3400 - page 333

15-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Understanding MSTP hello time, forward ti me, max-age, and max-hops) are conf igured only on the CST instance b ut af fect all MST instances. P arameters related to the spanning -tree topology (for example, switch prio rity , port VLAN cos ...
Cisco Systems ME 3400 - page 334

15-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Understanding MSTP maximum v alue. When a switch receiv es this BPDU, it decrements the receiv ed remaining hop count b y one and propagates this v a lue as the remaining hop count in the BPDUs it generates. When the count reaches zero, ...
Cisco Systems ME 3400 - page 335

15-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Understanding MSTP Port Role Naming Change The boundary role is no longer i n the final MST st an dard, but th is boundary concept is maintained in Cisco’ s implementation. Ho wev er , an MST instance port at a boundary of the re gion mi ...
Cisco Systems ME 3400 - page 336

15-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Understanding RSTP Detecting Unidirectional Link Failure This feature is not yet present in the IEEE MST standa rd, but it is incl uded in this Cisco IOS rele ase. The software checks the consistency of the port role and state in the re ...
Cisco Systems ME 3400 - page 337

15-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Understanding RSTP These sections describe ho w the RSTP works: • Port Roles and the Acti ve T opology , page 15-9 • Rapid Conv ergence, page 15-10 • Synchronization of Port Ro les, page 15-11 • Bridge Protocol Data Unit F ormat an ...
Cisco Systems ME 3400 - page 338

15-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Understanding RSTP T o be consistent with Ci sco STP implementations, this g uide documents the port state as blockin g instead of discar ding . Designated ports start in the listenin g state. Rapid Convergence The RSTP provides for ra ...
Cisco Systems ME 3400 - page 339

15-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Understanding RSTP Figur e 15-4 Proposal and Agr eement Handshaking for Rapid Conver gence Synchronization of Port Roles When the switch receiv es a proposal message on one of its ports and that port is selected as the new root port, the ...
Cisco Systems ME 3400 - page 340

15-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Understanding RSTP Figur e 15-5 Sequence of Events During Rapid Conv erg ence Bridge Protocol Data Unit Format and Processing The RSTP BPDU format is the same as the IEEE 80 2.1D BPDU fo rmat except that the protoc ol version is set to ...
Cisco Systems ME 3400 - page 341

15-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Understanding RSTP The RSTP does not ha ve a separate topology change not ificat ion (TCN) BPDU. It uses the topology change (TC) flag to show the topol ogy changes. Ho we ver , for interoperability with 802.1D swi tches, the RSTP switch ...
Cisco Systems ME 3400 - page 342

15-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Configuring MSTP Features • Protocol migration—F or backward compatibi lity with IEEE 802.1D switches, RSTP sel ectiv ely sends IEEE 802.1D conf iguration BPDUs and TCN BPDU s on a per-po rt basis. When a port is initialized, the m ...
Cisco Systems ME 3400 - page 343

15-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Configuring MSTP Features For info rmation about the supported number of spanning-tree instances, see the “Suppo rted Spanning-T ree Instances” section on page 14-10 . MSTP Configuration Guidelines These are the configurati on guid el ...
Cisco Systems ME 3400 - page 344

15-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Configuring MSTP Features Specifying the MST Region Configuration and Enabling MSTP For tw o or more switches to be in the same MST reg ion, they must ha v e the same VLAN-to-instance mapping, the same conf iguration re vision nu mber ...
Cisco Systems ME 3400 - page 345

15-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Configuring MSTP Features T o return to the default MST re gion conf iguration, use the no spanning-tr ee mst confi guration global confi guration command. T o return to the default VLAN-to-i nstance map, use the no instance instance-id [ ...
Cisco Systems ME 3400 - page 346

15-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Configuring MSTP Features forward-delay ti me, and maximum-age time for a netw ork of that diameter , which can significantly reduce the con vergence time. Y ou can use the hello k eyword to o verride the automatically calculated hello ...
Cisco Systems ME 3400 - page 347

15-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Configuring MSTP Features Beginni ng in pri vileged EXEC mode, follow these steps to conf igure a switch as the secondary root switch. This procedure is optional. T o return the switch to i ts default setting, use the no spanning-t ree ms ...
Cisco Systems ME 3400 - page 348

15-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Configuring MSTP Features Beginni ng in pri vileged EXEC mode, foll ow th ese steps to conf igure the MSTP port priority of an interface. This pro cedure is optional. Note The show spanning-tr ee mst interface interfac e-id pri vilege ...
Cisco Systems ME 3400 - page 349

15-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Configuring MSTP Features Configuring Path Cost The MSTP path cost default value is derived from th e media speed of an STP port. If a loop occurs, the MSTP uses cost whe n selectin g an interface to put in the forwarding state. Y ou can ...
Cisco Systems ME 3400 - page 350

15-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Configuring MSTP Features Note The show spanning-tr ee mst interface interfac e-id pri vilege d EXEC command displays informati on only for ports that are in a link-up oper ati ve sta te. Otherwise, y ou can use t he show running-conf ...
Cisco Systems ME 3400 - page 351

15-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Configuring MSTP Features Configuring the Hello Time Y ou can configure the interval between th e genera tion of configuratio n messages by the root swit ch by changing the hello t ime. Note Exercise care when usin g this command. For mos ...
Cisco Systems ME 3400 - page 352

15-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Configuring MSTP Features T o return the switch to i ts default setting, use the no spanning-t ree mst f orward-time global confi guration command. Configuring the Maximum-Aging Time Beginni ng in pri vileged EXEC mode, foll ow th ese ...
Cisco Systems ME 3400 - page 353

15-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Configuring MSTP Features Specifying the Link Type to Ensure Rapid Transitions If you connect an STP port to anot her STP port thr ough a point-to-p oint link and the local port b ecomes a designated port, the RSTP negotiat es a rapid tra ...
Cisco Systems ME 3400 - page 354

15-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Configuring MSTP Features Y ou can choose to set a port to send only prestandard BPDUs. The prestand ard flag appears in all the sho w commands, e ven if t he port is in STP compatibility mo de. Beginning in priv ileged EXEC mode, foll ...
Cisco Systems ME 3400 - page 355

15-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Configuring MSTP Displaying the MST Co nfiguration and Status Displaying the MST Configuration and Status T o display the spanni ng-tree status, use one or more of the pri vile ged EXEC commands in Ta b l e 15-5 : For info rmation about other ke ywords f ...
Cisco Systems ME 3400 - page 356

15-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 15 Config uring M S TP Displaying the MST Configuration and Status ...
Cisco Systems ME 3400 - page 357

CH A P T E R 16-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 16 Configuring Optional Spanning-Tree Features This chapter describes h o w to conf ig ure option al spanning -tree featu res on th e Cisco ME 3400 Ethernet Access switch. Y ou can configure all of these features wh en your switch is running per -VLAN sp ...
Cisco Systems ME 3400 - page 358

16-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configur in g Optional Spanning-Tree Features Understanding Op tional Spanning-Tree Features Understanding Port Fast Port Fast immedi ately brings an STP po rt configured as an access or trunk port to the forw arding state from a blocking state, b ypassing ...
Cisco Systems ME 3400 - page 359

16-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configuring Optiona l Spanning-Tree Features Understanding Optional Spa nning -Tree Features Understanding BPDU Guard The BPDU guard feature can be glob ally enable d on the switch or can be e nabled per interface, but the feature operates with some differ ...
Cisco Systems ME 3400 - page 360

16-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configur in g Optional Spanning-Tree Features Understanding Op tional Spanning-Tree Features If the swit ch detects a misconf iguration on the other de vice, EtherChan nel guard places the switch STP ports in the error -disabled state, and displ ays an err ...
Cisco Systems ME 3400 - page 361

16-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configuring Optiona l Spanning-Tree Features Configuring Optional Spanning -Tree Features Understanding Loop Guard Y ou can use loop guar d to pre vent al ternate or root ports from becoming d esignated ports because of a failure that leads to a unidirecti ...
Cisco Systems ME 3400 - page 362

16-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configur in g Optional Spanning-Tree Features Configuring Optio na l Spanning-Tree Features Optional Spanning-Tree Configuration Guidelines Y ou can configure PortFast, BPDU guard, BPDU filter ing, EtherChannel guard , root guard, or loop guard if your swi ...
Cisco Systems ME 3400 - page 363

16-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configuring Optiona l Spanning-Tree Features Configuring Optional Spanning -Tree Features Note Y ou can use the spanning-tree portfast default global conf iguration comma nd to globally enable the Port Fast feature on all nontrunkin g STP ports. T o disabl ...
Cisco Systems ME 3400 - page 364

16-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configur in g Optional Spanning-Tree Features Configuring Optio na l Spanning-Tree Features T o disable BPD U guard, use the no spanning-tr ee portfast bpduguard default global conf iguration command. Y ou can ov erri de the sett ing of the no spanning- tr ...
Cisco Systems ME 3400 - page 365

16-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configuring Optiona l Spanning-Tree Features Configuring Optional Spanning -Tree Features Beginning in priv ileged EXEC mode, foll ow these step s to globally en able the BPDU filtering feature. This procedure is optional. T o disable BPDU f iltering, use ...
Cisco Systems ME 3400 - page 366

16-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configur in g Optional Spanning-Tree Features Configuring Optio na l Spanning-Tree Features T o disable the Eth erChannel guard feature, use t he no spanning-tr ee etherchannel guard misconf ig global conf iguratio n command. Y ou can use the show interfa ...
Cisco Systems ME 3400 - page 367

16-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configuring Optiona l Spanning-Tree Features Displaying the Spanning-Tree Status Note Y ou cannot enable bo th loop guar d and r oot guard at the same time. Y ou can enable this feature if your switch is running PVST+, rapid PVST+, or MSTP . Beginni ng in ...
Cisco Systems ME 3400 - page 368

16-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 16 Configur in g Optional Spanning-Tree Features Displaying the Spanning-T re e Status ...
Cisco Systems ME 3400 - page 369

CH A P T E R 17-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 17 Configuring Resilient Ethernet Protocol This chapter describe s how to use Resilient Ethernet Prot ocol (REP) on the Cisco ME 3400 Et hernet Access switch. REP is a Cisco proprietary proto col that provides an altern ati ve to Spanning T ree Protocol ...
Cisco Systems ME 3400 - page 370

17-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resi lient Et hernet Pr otocol Understanding REP Figur e 17 -1 REP Open Segments The segment sho wn in Figure 17-1 is an open se gment; there is no connecti vity between the tw o edge ports. The REP segment cannot cause a brid ging loop and i ...
Cisco Systems ME 3400 - page 371

17-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resilient Ethern et Protocol Understanding REP Y ou can construct almost an y type of netw ork based on REP se gments. REP also supports VLAN load-balan cing, controll ed by the primary edge port b ut oc curring at an y port in the segmen t. R ...
Cisco Systems ME 3400 - page 372

17-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resi lient Et hernet Pr otocol Understanding REP VLAN Load Balancing One edge port in the REP se gment acts as the primar y edge port; the other as the secondary edge p ort. It is the primary ed ge port that alw ay s participates in VLAN load ...
Cisco Systems ME 3400 - page 373

17-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resilient Ethern et Protocol Understanding REP • Y ou can conf igure a preempt delay time b y entering the r ep pr eempt delay seconds interface config uration command. After a link f ailure and reco very , VLAN load balancing be gins after ...
Cisco Systems ME 3400 - page 374

17-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resi lient Et hernet Pr otocol Configuring REP A se gment port that is reconf igured as a spanning tree port restarts according the spanning tree configuration. By default, this is a de signated b locking port. If PortFast is configured or if ...
Cisco Systems ME 3400 - page 375

17-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resilient Ethern et Protocol Configuring REP • REP ports must be Layer 2 ISL trunk ports. • Be careful when conf iguring REP thro ugh a T elnet connection. Becau se REP blocks all VLANs until another REP interface sends a message to unbloc ...
Cisco Systems ME 3400 - page 376

17-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resi lient Et hernet Pr otocol Configuring REP Follo w these gu idelines when conf iguring the REP administr ativ e VLAN: • If you do not conf igure an administrati ve VLAN, the def ault is VLAN 1. • There can be only one administrat iv e ...
Cisco Systems ME 3400 - page 377

17-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resilient Ethern et Protocol Configuring REP Configuring REP Interfaces For REP operation, you need to enab le it on each se gment interface and identify the segment ID. This step is required and must be done b efore other REP confi guration. ...
Cisco Systems ME 3400 - page 378

17-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resi lient Et hernet Pr otocol Configuring REP Step 6 rep s t c n { interface interface-id | segment id-list | stp } (Optional) Conf igure the edge port to send se gment topology change notices (STCNs). • Enter interf ace interf ace-id to d ...
Cisco Systems ME 3400 - page 379

17-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resilient Ethern et Protocol Configuring REP Enter the no form of each command to retu rn to the defaul t confi gur ation. Enter the sho w re p t opology pri vileged EXEC co mmand to see which port in the se gment is the primary edg e port. T ...
Cisco Systems ME 3400 - page 380

17-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 17 Configuri ng Resi lient Et hernet Pr otocol Monitoring REP Beginni ng in privi leged EXEC mode, follo w these steps on the switch that has the segment primary edge port to manually tri gger VLAN load balancing on a se gment: Configuring SNMP Traps for REP ...
Cisco Systems ME 3400 - page 381

CH A P T E R 18-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 18 Configuring Flex Links and the MAC Address-Table Move Update Feature This chapter describe s how to configure Flex Links , a pair of interfaces o n the Cisco ME 3400 switch that are used to provide a mutual backup. It also d escribes how to co nfigure ...
Cisco Systems ME 3400 - page 382

18-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links a nd the MAC Addre ss-Table Move Update Fea ture Understanding Flex Links and the MAC Address-Table Move Upd ate are typically configured in service pro vider or enterprise netw orks where customers do not w ant to run STP on the swi ...
Cisco Systems ME 3400 - page 383

18-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links and the MAC Address-Table Move Update Feature Understanding Flex Links and the MAC Address-Table Move U pdate port comes back up, it resumes forw ar ding traf f ic in the preferred vlans. This wa y , apart from provi ding the redunda ...
Cisco Systems ME 3400 - page 384

18-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links a nd the MAC Addre ss-Table Move Update Fea ture Understanding Flex Links and the MAC Address-Table Move Upd ate The reports are sent by hosts when a general query is recei ved, an d a general query is sent within 60 seconds in norma ...
Cisco Systems ME 3400 - page 385

18-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links and the MAC Address-Table Move Update Feature Understanding Flex Links and the MAC Address-Table Move U pdate This is output for th e show ip igmp snooping mr outer command for VLANs 1 and 401 : Switch# show ip igmp snooping mrouter ...
Cisco Systems ME 3400 - page 386

18-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links a nd the MAC Addre ss-Table Move Update Fea ture Understanding Flex Links and the MAC Address-Table Move Upd ate Similarly , both the Fle x Link ports are a part of the learned groups. In this e xample, GigabitEthernet 0/10 is a rece ...
Cisco Systems ME 3400 - page 387

18-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links and the MAC Address-Table Move Update Feature Configuring Flex Links and MA C Ad dress-Table Move Update Figur e 18-3 MAC Addr ess-T able Move Updat e Example Configuring Flex Links and MA C Address-Table Move Update These sections c ...
Cisco Systems ME 3400 - page 388

18-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links a nd the MAC Addre ss-Table Move Update Fea ture Configuring Flex Links and MAC Ad dr ess-Table Move Update Flex Link VLAN load-bala n cing is not config ured. The MA C address-table mov e update feat ure is not confi gured on the sw ...
Cisco Systems ME 3400 - page 389

18-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links and the MAC Address-Table Move Update Feature Configuring Flex Links and MA C Ad dress-Table Move Update This exampl e show s how to co nfigure an interfa ce with a backup interface and to v erify the configuration: Switch# configure ...
Cisco Systems ME 3400 - page 390

18-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links a nd the MAC Addre ss-Table Move Update Fea ture Configuring Flex Links and MAC Ad dr ess-Table Move Update This exampl e show s how to co nfigure the pr eemption mode as for ced for a backup interface pair and to verify the conf ig ...
Cisco Systems ME 3400 - page 391

18-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links and the MAC Address-Table Move Update Feature Configuring Flex Links and MA C Ad dress-Table Move Update In the follo wing e xample, VLANs 1 to 50, 60, and 100 to 120 are conf igured on the switch: Switch(config)# interface gigabitE ...
Cisco Systems ME 3400 - page 392

18-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links a nd the MAC Addre ss-Table Move Update Fea ture Configuring Flex Links and MAC Ad dr ess-Table Move Update Switch# show interfaces switchport backup detail Switch Backup Interface Pairs: Active Interface Backup Interface State ---- ...
Cisco Systems ME 3400 - page 393

18-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links and the MAC Address-Table Move Update Feature Configuring Flex Links and MA C Ad dress-Table Move Update T o disable the MA C address-table mov e update feature, use the no mac address-table mov e update transmit interf ace configur ...
Cisco Systems ME 3400 - page 394

18-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 18 Configuring Flex Links a nd the MAC Addre ss-Table Move Update Fea ture Monitoring Flex Links and the MAC Address-Ta ble Move Update T o disable the MA C address-tabl e mov e update feature, use the no mac address-table mov e update rec ei ve conf igurati ...
Cisco Systems ME 3400 - page 395

CH A P T E R 19-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 19 Configuring DHCP Featur es and IP Source Guard This chapter describe s how to configure DHCP snoo ping and option-82 data insertion, and the DHCP server port-b ased address allocation features on the Cisco ME 3400 Et hernet Access switch. It also desc ...
Cisco Systems ME 3400 - page 396

19-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Understanding DHCP Features • Cisco IOS DHCP Server Database, page 19 -6 • DHCP Snooping Binding Database, page 19-6 For information about the DHCP client, see the “ Configuring DHCP ” section of the ? ...
Cisco Systems ME 3400 - page 397

19-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Understanding DHCP Features When a switch recei ves a pack et on an untrusted in terface and the interface belongs to a VLA N in which DHCP snooping is enabled, the switch compares th e source MA C address and ...
Cisco Systems ME 3400 - page 398

19-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Understanding DHCP Features Figur e 19-1 DHCP Relay Ag ent in a Metropol itan Ether net Networ k When you enable the DHCP snooping information option 82 on t he switch, this sequence of eve nt s occurs: • Th ...
Cisco Systems ME 3400 - page 399

19-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Understanding DHCP Features – Remote ID type – Length of the circu it ID type In the port f ield of the circuit ID suboption, the po rt numbers start at 3. For example, on a switch with 24 10/100 ports and ...
Cisco Systems ME 3400 - page 400

19-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Understanding DHCP Features Figur e 19-3 User -Configur ed Subo pti on P ack et F or mats Cisco IOS DHCP Server Database During the DHC P-based auto configuration proc ess, the desig nated DHCP server uses th ...
Cisco Systems ME 3400 - page 401

19-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Configuring DHCP Features When a switch learns of ne w bindings or w hen it loses bindings, the switch i mmediately updates the entries in the database. The switch also updates the entries in the binding f ile ...
Cisco Systems ME 3400 - page 402

19-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Configuring DHCP Features • Enabling DHCP Snooping on Pri vate VLANs, page 19-13 • Enabling the Ci sco IOS DHC P Server Database, page 19 -13 • Enabling the DHCP Snoopi ng Binding Database Agent, p age 1 ...
Cisco Systems ME 3400 - page 403

19-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Configuring DHCP Features • When you globally enable DHCP snooping on the swi tch, these Cisco IOS commands are not av ailabl e until snooping is disab led. If you enter these commands, the switch retu rns a ...
Cisco Systems ME 3400 - page 404

19-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Configuring DHCP Features Configuring the DHCP Server The switch can act as a DHCP s erver . By default, the Cisco IOS DH CP server and relay agent features are enabled on your switch but are not conf igured. ...
Cisco Systems ME 3400 - page 405

19-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Configuring DHCP Features T o remov e the DHCP packet fo rwarding address, use the no ip helper -addr ess addr ess in terface confi guration command. Enabling DHCP Snooping and Option 82 Beginni ng in pri vil ...
Cisco Systems ME 3400 - page 406

19-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Configuring DHCP Features Step 3 ip dhcp snooping vlan vlan-range Enable DHCP snooping on a V LAN or range of VLANs. The range i s 1 to 4094. Y ou can enter a single V LAN ID identi fied by VLAN ID number , a ...
Cisco Systems ME 3400 - page 407

19-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Configuring DHCP Features T o disable DHCP sno oping, use the no ip dhcp snooping glob al conf iguration command. T o disable DHCP snooping on a V LAN or range of VLANs, use th e no ip dhcp snooping vlan vlan ...
Cisco Systems ME 3400 - page 408

19-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Configuring DHCP Features Enabling the DHCP Snooping Binding Database Agent Beginni ng in pri vileged EXEC mode, foll ow th ese steps to enable and conf igure the DHCP snoopin g binding database agent o n the ...
Cisco Systems ME 3400 - page 409

19-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Displaying DHCP Snooping Information Displaying DHCP Snooping Information T o display t he DHCP snooping information, use o ne or more of the pri vileg ed EXEC commands in Ta b l e 19-2 : Understanding IP Sou ...
Cisco Systems ME 3400 - page 410

19-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Configuring IP Source Gua rd Source IP Address Filtering When IP source guard is enabled with this option, IP traf f ic is filter ed based on the source IP address. The switch forwards IP traf fic when the so ...
Cisco Systems ME 3400 - page 411

19-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Configuring IP Source Guard IP Source Guard Configuration Guidelines Note IP source guard is suppor ted only when the metro access or metr o IP access image is running on the switch. These are the configurati ...
Cisco Systems ME 3400 - page 412

19-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Configuring IP Source Gua rd T o disable IP source gu ard with source IP address f iltering, use the no ip verify sour ce interface confi guration command. T o delete a static IP source binding entry , use th ...
Cisco Systems ME 3400 - page 413

19-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Displaying IP Source Guard Information Displaying IP Source Guard Information T o display the IP sou rce guard information, use one or mo re of the pri vileged EXEC command s in Ta b l e 19-3 : Understanding ...
Cisco Systems ME 3400 - page 414

19-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Configuring DHCP Server Port- Ba se d Add re s s Allo cation Port-Based Address Allocation Configuration Guidelines These are the configuration guidelines fo r DHCP port-based address allocation: • Only one ...
Cisco Systems ME 3400 - page 415

19-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feat ures and IP Source Guard Configuring DHCP Server Port -Based Address Allocation After enabling DHCP port- based address allocation on the swit ch, use the ip dhcp pool gl obal confi guration command to preassig n IP addr esses and to ...
Cisco Systems ME 3400 - page 416

19-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 19 Configuring DHCP Feature s and IP Source Guard Displaying DHCP Se rver Port-Based Address Allocation This example sho ws that the preassigned addre ss was correctly reserved in the DHCP pool: switch# show ip dhcp pool dhcppool Pool dhcp pool: Utilization ...
Cisco Systems ME 3400 - page 417

CH A P T E R 20-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 20 Configuring Dynamic ARP Inspection This chapter describes ho w to conf igure dynamic Addr ess Resolution Protocol inspect ion (dynamic ARP inspection) on the Cisco ME 3400 switch . This feat ure helps prevent malicious attacks on the switch by not rel ...
Cisco Systems ME 3400 - page 418

20-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Co nfig uring Dynamic ARP Inspection Understanding Dynamic ARP Inspection Figur e 20-1 ARP Cache P oisoning Hosts A, B, and C are connected to the switch on in terfaces A, B and C, all of wh ich are on the same subnet. Their IP and MAC addresses are show n ...
Cisco Systems ME 3400 - page 419

20-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Configuring Dynamic ARP Insp ection Understanding Dynamic ARP Inspection Y ou can con figure dynamic AR P inspection to drop AR P packets when the IP a ddresses in the packets are in v alid or when the MA C addresses in the bod y of the ARP packets do not ...
Cisco Systems ME 3400 - page 420

20-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Co nfig uring Dynamic ARP Inspection Understanding Dynamic ARP Inspection Dynamic ARP inspection ensures that hosts (on untru sted interfaces) connected to a switch running dynamic ARP inspection do not po ison the ARP caches of other hosts in the netw ork ...
Cisco Systems ME 3400 - page 421

20-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Configuring Dynamic ARP Insp ection Configuring Dynamic ARP Inspection Y ou use the ip arp inspection log-b uffer global conf igurat ion command to conf igure the number of entries in the b uf fer and the number of entries need ed in the specif ied interv ...
Cisco Systems ME 3400 - page 422

20-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Co nfig uring Dynamic ARP Inspection Configuring Dynamic ARP Inspection Dynamic ARP Inspection Configuration Guidelines These are the dynamic ARP insp ection conf iguration guidel ines: Note This feature is supported only when the metro IP access or metro ...
Cisco Systems ME 3400 - page 423

20-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Configuring Dynamic ARP Insp ection Configuring Dynamic ARP Inspection config uration command to make the rate unlimited. A high rate-limi t on one VLAN can cause a denial-of-service attack to other VLANs when the so ftware places the port in the error -di ...
Cisco Systems ME 3400 - page 424

20-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Co nfig uring Dynamic ARP Inspection Configuring Dynamic ARP Inspection T o disable dynamic ARP inspection, use the no ip arp inspecti on vlan vlan-r ange global conf iguration command. T o return the interfaces to an untrusted state, use the no ip arp ins ...
Cisco Systems ME 3400 - page 425

20-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Configuring Dynamic ARP Insp ection Configuring Dynamic ARP Inspection Beginni ng in pri vileged EXEC mode, follow these steps to conf igure an ARP A CL on Switch A. This procedure is required in non-DHCP en vironmen ts. Command Purpose Step 1 conf igure t ...
Cisco Systems ME 3400 - page 426

20-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Co nfig uring Dynamic ARP Inspection Configuring Dynamic ARP Inspection T o remov e the ARP A CL, use the no arp access-list global conf iguration command. T o remov e the ARP A CL attached to a VLAN, use the no ip arp inspection fil ter arp-acl-name vlan ...
Cisco Systems ME 3400 - page 427

20-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Configuring Dynamic ARP Insp ection Configuring Dynamic ARP Inspection Note Unless you config ure a rate limit on an interface, chan ging th e trust state of th e interface also changes its rate limit to the def ault va lue for that trust state. After you ...
Cisco Systems ME 3400 - page 428

20-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Co nfig uring Dynamic ARP Inspection Configuring Dynamic ARP Inspection Performing Validation Checks Dynamic ARP inspection intercepts, logs, and discar ds ARP packets with in valid IP-to-MA C address bindings. Y ou can configure the sw itch to perform ad ...
Cisco Systems ME 3400 - page 429

20-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Configuring Dynamic ARP Insp ection Configuring Dynamic ARP Inspection A log-buf fer entry can represent mo re than one packet. For e xample, if an interface receiv es many packets on the same VLAN with the same ARP paramete rs, the sw itch combines the p ...
Cisco Systems ME 3400 - page 430

20-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Co nfig uring Dynamic ARP Inspection Displayi n g Dynamic AR P Inspection Information T o return to th e default log b uf fer settin gs, use the no ip arp i nspection log-b uffer { entries | logs } global conf iguration command . T o return to t he defaul ...
Cisco Systems ME 3400 - page 431

20-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Configuring Dynamic ARP Insp ection Displaying Dynamic ARP In spection Information T o clear o r display dynami c ARP inspection s tatistics, u se the pri vile ged EXEC comm ands in Ta b l e 20-3 : For t h e show ip arp inspection statistics command, the ...
Cisco Systems ME 3400 - page 432

20-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 20 Co nfig uring Dynamic ARP Inspection Displayi n g Dynamic AR P Inspection Information ...
Cisco Systems ME 3400 - page 433

CH A P T E R 21-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 21 Configuring IGMP Snooping and MVR This chapter describes ho w to conf igure Internet Group Management Protoco l ( IGMP) sn ooping on the Cisco ME 3400 Ethernet Access switc h, including an application of local IGMP snooping, Multicast VLAN Regist rat ...
Cisco Systems ME 3400 - page 434

21-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Understanding IGMP Snooping Note For more informati on on IP multicast and IGMP , see RFC 1112 and RFC 2236. The multicast router sends out periodic g eneral queries to all VLANs. All hosts inter ested in this multicast ...
Cisco Systems ME 3400 - page 435

21-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Understanding IGMP Snooping Note IGMPv3 join and lea ve messages are not supported on switch es running IGMP f iltering or MVR. An IGMPv3 switch can receive messages from and forwar d messages to a de vice running the Sou ...
Cisco Systems ME 3400 - page 436

21-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Understanding IGMP Snooping The switch hardware can d istinguish IGMP information pack ets from other packets fo r the multicast group. The information in th e table tell s the swit chin g engi ne to send frames addresse ...
Cisco Systems ME 3400 - page 437

21-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Understanding IGMP Snooping Leaving a Multicast Group The router sends periodic multicast gener al queries , and the switch forw ards these queries through all ports in the VLAN. Interested host s respond to the qu eries. ...
Cisco Systems ME 3400 - page 438

21-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping The switch uses IGMP report suppression to forw ard only one IGMP report per multicast router query to multicast de vices. When IGMP router suppression is enabled (the default) , the switch send ...
Cisco Systems ME 3400 - page 439

21-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Configuring IGMP Snooping Enabling or Disabling IGMP Snooping By default, IGMP sno oping is globally enabled on the swi tch. When globally enabled or disabled, it is also enabled or disabled in all ex isting VLAN interf a ...
Cisco Systems ME 3400 - page 440

21-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping T o remo ve a multicast ro uter port from the VLAN, use the no ip igmp snooping vl an vlan-id mrou ter interfac e interface-id global configu ration command. This exampl e show s how to en able ...
Cisco Systems ME 3400 - page 441

21-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Configuring IGMP Snooping Switch(config)# ip igmp snooping vlan 105 static 224.2.4.12 interface gigabitethernet0/1 Switch(config)# end Enabling IGMP Immediate Leave When you enable IGMP Immediate Leave, the switch immedia ...
Cisco Systems ME 3400 - page 442

21-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping Beginni ng in pri vileged EXEC mode, follow these steps to enable the IGMP conf igurable-lea v e timer: Use the no ip igmp snooping last-member-query-i nterva l global configurati on c omma nd ...
Cisco Systems ME 3400 - page 443

21-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Configuring IGMP Snooping Beginni ng in pri vileged EXEC mod e, follo w these steps to conf igure the TCN flood query count: T o return to the def ault flooding query count , use the no ip igmp snooping tcn flood query c ...
Cisco Systems ME 3400 - page 444

21-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring IGMP Snooping Beginni ng in pri vileged EXEC mode, foll ow th ese steps to disable multicast flo oding on an interface: T o re-enable multicast floo ding on an interface, use the i p igmp snooping tcn flood ...
Cisco Systems ME 3400 - page 445

21-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Configuring IGMP Snooping T o enable the IGMP snoo ping querier feature in a VLAN, follow these steps: This exampl e show s how to set the IGMP snooping queri er source address to 10.0.0.6 4: Switch# configure terminal S ...
Cisco Systems ME 3400 - page 446

21-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Displaying IGMP Sn ooping Information Disabling IGMP Report Suppression Note IGMP report suppression is suppo rted only when the mul ticast query has IGMPv1 and IG MPv2 reports. This feature is not supported w hen the q ...
Cisco Systems ME 3400 - page 447

21-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Understanding Multicast VLAN Registration For more inf ormation about the ke ywords an d options in these commands, see the comman d reference for this release. Understanding Multicast VLAN Registration Multicast VLAN Re ...
Cisco Systems ME 3400 - page 448

21-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Understanding Multicast VLAN Registration The switch CPU identif ies the MVR IP multicast streams and th eir associated IP multicast gr oup in the switch forwarding t able, intercep ts the IGMP messages , and modif ies ...
Cisco Systems ME 3400 - page 449

21-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Understanding Multicast VLAN Registration Figur e 21 -3 Multicast VLAN Registrati on Example When a subscriber changes channels or t urns off the television, the set-top box sends an IGMP leave message for the multicast ...
Cisco Systems ME 3400 - page 450

21-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring MVR These messages dynamically register for streams of multicast traf f ic in the multicast VLAN on the Layer 3 device. Switch B. The access layer switch, Switch A, modif ies the forwardi ng beha vior to all ...
Cisco Systems ME 3400 - page 451

21-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Configuri ng MVR • MVR multicast data recei ved in the source VLAN and leaving from recei ver ports has i ts time-to-li ve (TTL) decremen ted by 1 in the switch. • Because MVR on the switch uses IP multicast addresse ...
Cisco Systems ME 3400 - page 452

21-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring MVR T o return the switch to its default set tings, use the no mvr [ mode | gr oup ip- addr ess | querytime | vlan ] global conf iguratio n commands. This exampl e show s how to enable MVR, conf igure the gr ...
Cisco Systems ME 3400 - page 453

21-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Configuri ng MVR T o return the interf ace to its default sett ings, use the no mvr [ type | immediate | vlan vlan-id | group ] interface configuration commands. This example sho ws how to conf igure a port as a rece i v ...
Cisco Systems ME 3400 - page 454

21-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring MVR Configuring MVR on Trunk Ports In Cisco IOS Release 12.2(25)SEG and ear lier , only access ports could be configured as MVR recei ver ports. In Cisco IO S Release 12 .2( 35)SE and later , you can also co ...
Cisco Systems ME 3400 - page 455

21-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Displaying MVR Information Displaying MVR Information Y ou can disp lay MVR inform ation for the switch or for a specif ied interf ace. Beginning in pri vileged EXEC mode, use the commands in Ta b l e 21-6 to display MVR ...
Cisco Systems ME 3400 - page 456

21-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring IGMP F iltering a nd Throttling IGMP f iltering controls only g roup-specific query and membership reports, inclu ding join and lea ve reports. It does not control general IGMP queries. IGMP filt ering has n ...
Cisco Systems ME 3400 - page 457

21-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Configuring IGMP Filtering and Throttling Configuring IGMP Profiles T o conf igure an IGMP profile, use the ip igmp pr ofi le global conf iguration command with a prof ile number to create an IGMP pr ofile and to enter I ...
Cisco Systems ME 3400 - page 458

21-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring IGMP F iltering a nd Throttling Applying IGMP Profiles T o control access as def ined in an IGMP prof ile, use the ip igmp f ilter interface configuration command to apply the prof ile to the appro priate in ...
Cisco Systems ME 3400 - page 459

21-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Configuring IGMP Filtering and Throttling Beginni ng in pri vile ged EXEC mod e, follo w these step s to set the maximum number of I GMP groups in the forwarding table: T o remo ve the maximum g roup limitation and retur ...
Cisco Systems ME 3400 - page 460

21-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Configuring IGMP F iltering a nd Throttling T o pre vent the switch from removi ng the forwardin g-table entries, you can con figur e the IGMP throttlin g action bef ore an in terface adds ent ries to the forwarding t a ...
Cisco Systems ME 3400 - page 461

21-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Configuring IGMP Sn ooping and MVR Displaying IGMP Filtering and Throttling Co nfig uration Displaying IGMP Filtering and Throttling Configuration Y ou can display IGMP prof ile characteristics, and you can display the IGMP prof ile and maximum group conf ...
Cisco Systems ME 3400 - page 462

21-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 21 Config ur ing IGMP Snooping and MVR Displaying IGMP Filtering and Throttling Co nfiguration ...
Cisco Systems ME 3400 - page 463

CH A P T E R 22-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 22 Configuring Port-Based Traffic Control This chapter describe s how to configure the port-bas ed traff ic control features on the Cisco ME 3400 Ethernet Access switch. Note For complete syntax and usage in formation for the co mmands used in this chapt ...
Cisco Systems ME 3400 - page 464

22-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Storm Control Storm control uses one of th ese methods to measure traf fic act ivity : • Bandwidth as a percentage of the tot al av ailable bandwidth of t he port that can be used by the broadcast, mult ...
Cisco Systems ME 3400 - page 465

22-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Storm Control Note Because packets do not arr iv e at uniform interv als, the 1-second ti me interv al during which traf fi c activ ity is measured can affect the beha vior of storm cont rol. Y ou use the ...
Cisco Systems ME 3400 - page 466

22-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Storm Control Step 4 storm-control { br oadcast | multicast | unicast } level { level [ l evel-low ] | bps bps [ bps-low ] | pps pps [ pps-low ]} Config ure broadcast, multicast, or unicast st orm control ...
Cisco Systems ME 3400 - page 467

22-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Storm Control T o disable storm co ntrol, use the no storm-control { br oadcast | multic ast | unicast } leve l interface confi guration command. This exampl e sho ws ho w to enable unicast sto rm control ...
Cisco Systems ME 3400 - page 468

22-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Protected Ports This example shows ho w to enable the small-frame arri v al-rate feature, configure the port reco very time, and conf igure the threshold for error disabling a port: Switch# configure term ...
Cisco Systems ME 3400 - page 469

22-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Blocking Protected Port Configuration Guidelines Y ou can conf igure protected ports on a physical i nterf ace that is configured as an NNI (for example, Gigabit Ethernet po rt 1) or an EtherChannel ...
Cisco Systems ME 3400 - page 470

22-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Block ing These sections contain this configu ration informatio n: • Default Por t Blocking Conf iguration, page 22-8 • Blocking Flooded T raf fic on an Interface, page 22-8 Default Port Blocking ...
Cisco Systems ME 3400 - page 471

22-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security Configuring Port Security Y ou can use the port security featur e to restrict input to an interf ace by limit ing and identifying MA C addresses of the stations allowed to access the port. W ...
Cisco Systems ME 3400 - page 472

22-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security Y ou can configure an interface to con vert the dynam ic MA C addresses to stick y secure MA C addresses and to add them to the runn ing configuration b y enabling sticky learning . T o ena ...
Cisco Systems ME 3400 - page 473

22-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security Ta b l e 22-1 sho ws the violation mode an d the actions taken when you conf igure an interf ace for port security . Default Port Security Configuration Ta b l e 22-2 sho ws the defaul t po ...
Cisco Systems ME 3400 - page 474

22-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security Ta b l e 22-3 summarizes port security compat ibility with other port-b ased features. Enabling and Configuring Port Security Beginni ng in pri vileged EXEC mode, fo llow th ese steps to re ...
Cisco Systems ME 3400 - page 475

22-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security Step 6 switchport port-security [ maximum value [ vlan vlan-list | access ] (Optional) Set the maximum nu mber of secure MA C addresses for the interface. The maximum nu mber of secure MA C ...
Cisco Systems ME 3400 - page 476

22-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security T o return the interface to the default condit ion as not a secure port, u se the no swi tchport port-security interface conf igurat ion command. If yo u enter this comm and wh en stick y l ...
Cisco Systems ME 3400 - page 477

22-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security T o disable sticky learning on an interface, use the no switchport port-security mac-addr ess sticky interface configuration command. The interf ace con ver ts the sticky secure MA C addres ...
Cisco Systems ME 3400 - page 478

22-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security Enabling and Configuring Port Security Aging Y ou can use port secur ity aging to set the agi ng time for all secure ad dresses on a port. T wo ty pes of aging are supported per port: • A ...
Cisco Systems ME 3400 - page 479

22-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Configuring Port Security This exampl e shows ho w to set the aging time as 2 hours for the secure addr esses on a port: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# switchport port-security aging ...
Cisco Systems ME 3400 - page 480

22-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 22 Configuri ng Port-Based Traffic Control Displaying Port-Based Traffic Control Settings Displaying Port-Based Traffic Control Settings The show interfaces interface- id switchport pri vile ged EXEC command displays (among ot her characteristics) the interf ...
Cisco Systems ME 3400 - page 481

CH A P T E R 23-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 23 Configuring CDP This chapter describes ho w to conf igure Cisco Discov ery Protocol (CDP) o n the Cisco ME 3400 Ethernet Access switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see the command reference ...
Cisco Systems ME 3400 - page 482

23-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 23 Configur ing CDP Configuring CDP Configuring CDP These sections contain this configu ration informatio n: • Default CD P Configurati on, page 23-2 • Config uring the CDP Characteristics, page 23-2 • Disabling an d Enablin g CDP , pa ge 23-3 • Disab ...
Cisco Systems ME 3400 - page 483

23-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 23 Configuring CDP Configuring CDP Use the no form of the CDP commands to return to the def ault settings. This exampl e shows ho w to conf igure CDP characteri stics. Switch# configure terminal Switch(config)# cdp timer 50 Switch(config)# cdp holdtime 120 Sw ...
Cisco Systems ME 3400 - page 484

23-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 23 Configur ing CDP Configuring CDP Disabling and Enabling CDP on an Interface CDP is enabled b y default on NN Is to send and to recei ve CD P information. Y ou can enable CDP on ENIs, but it is not supported on UNIs. Beginn ing in privile ged EXEC mode, fol ...
Cisco Systems ME 3400 - page 485

23-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 23 Configuring CDP Monitori ng and Maintaining CDP Monitoring and Maintaining CDP T o monitor and maintain CDP on your de vice, perform one or more of these tasks, beginnin g in pri vileged EXEC mod e. Command Description clear cdp counters Reset the traff ic ...
Cisco Systems ME 3400 - page 486

23-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 23 Configur ing CDP Monitoring and Maintaining CDP ...
Cisco Systems ME 3400 - page 487

CH A P T E R 24-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 24 Configuring LLDP and LLDP-MED This chapter describe s how to configure the Link Layer Discovery Protocol (LLDP) and LLDP Media Endpoint Discov ery (LLDP-MED) on the Cisco ME 3400 switch. Note For complete syntax and usage in formation for the co mmand ...
Cisco Systems ME 3400 - page 488

24-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 24 Configuring LLDP and LLDP-M ED Understanding LLDP and LLDP-MED LLDP supports a set of attrib utes that it uses to discov er neighbor de vices. Th e se at t ri b u t es co n ta i n t yp e , length, and value descriptions and are referred to as TL Vs. LLD P ...
Cisco Systems ME 3400 - page 489

24-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 24 Configuring LLDP a nd LLDP-MED Configuring LLDP and LLD P-MED • Location TL V Provides lo cation information from t he switch to the endpoint de vice. The locati on TL V can send this informatio n: – Civic location information Provides the ci vic addre ...
Cisco Systems ME 3400 - page 490

24-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 24 Configuring LLDP and LLDP-M ED Configuring LLDP and LLD P -ME D Configuring LLDP Characteristics Y ou can confi gure the frequency of LLDP updates, the amount of time to ho ld the information before discarding it, and t he initialization delay time. Y o u ...
Cisco Systems ME 3400 - page 491

24-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 24 Configuring LLDP a nd LLDP-MED Configuring LLDP and LLD P-MED Disabling and Enabling LLDP Globally LLDP is disabled globally b y default and i s enabled on NNIs. It is disabled b y default on ENIs, b ut can be enabled per interface. LLDP i s not supported ...
Cisco Systems ME 3400 - page 492

24-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 24 Configuring LLDP and LLDP-M ED Configuring LLDP and LLD P -ME D Beginning in privil eged EXEC mode, follo w these steps to enable LLDP on an interface when it has been disabled: This example sh ows ho w to enab le LLDP on an interface. Switch# configure te ...
Cisco Systems ME 3400 - page 493

24-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 24 Configuring LLDP a nd LLDP-MED Monitoring and M aintaining LLDP and LLDP-MED Beginning in priv ileged EXEC mode, foll ow these steps to disable a TL V on an interface: Beginning in priv ileged EXEC mode, foll ow these steps to enable a TL V on an interface ...
Cisco Systems ME 3400 - page 494

24-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 24 Configuring LLDP and LLDP-M ED Monitoring and Main ta ining LLDP and LLDP-MED show lldp entry entry-name Display information about a specific neig hbor . Y ou can enter an asterisk (*) t o display all neighbor s, or you can enter the name of the neighb or ...
Cisco Systems ME 3400 - page 495

CH A P T E R 25-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 25 Configuring UDLD This chapter descri bes how to configure the UniDirecti onal Link D etection (U DLD) protoc ol on the Cisco ME 3400 Ethernet Access switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see t ...
Cisco Systems ME 3400 - page 496

25-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 25 Configuring UDLD Understanding UDLD In normal mode, UDLD detect s a unidirectional link when f iber strands in a f iber -optic port are misconnected and the Layer 1 mechan isms do no t dete ct th is misc onne ction. If t he po rts are co nnec ted correctly ...
Cisco Systems ME 3400 - page 497

25-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 25 Configuring UDLD Configuri ng UDLD If the detection windo w ends and no v alid reply message i s receiv ed, the link might shut down, depending on the UDLD mode. When UDLD is in normal mo de, the link might be considered undetermined and might not be shut ...
Cisco Systems ME 3400 - page 498

25-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 25 Configuring UDLD Configuring UDLD Default UDLD Configuration Ta b l e 25-1 sho ws the default UDLD con figur ation. Configuration Guidelines These are the UDLD configuration guidelines: • UDLD is not supported on A TM ports. • A UDLD-capable port canno ...
Cisco Systems ME 3400 - page 499

25-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 25 Configuring UDLD Configuri ng UDLD Enabling UDLD Globally Beginni ng in pri vileged EXEC mode, follow these steps to enable UDLD in the aggressi v e or normal mode and to set the conf igurab le message timer on all f iber -optic ports on the switch: T o di ...
Cisco Systems ME 3400 - page 500

25-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 25 Configuring UDLD Displayi ng UDLD Sta tus Resetting an Interface Disabled by UDLD Beginning in priv ileged EXEC mode, foll ow th ese steps to reset all ports disabled b y UDLD: Y ou can also bring up the port by us ing these commands: • The shutdown i nt ...
Cisco Systems ME 3400 - page 501

CH A P T E R 26-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 26 Configuring SPAN and RSPAN This chapter de scribes ho w to conf igure Swit ched Port Anal yzer (SP AN) and Remote SP AN (RSP AN) on the Cisco ME 3400 Ethernet Access swit ch. Note For complete syntax and usage in formation for the co mmands used in th ...
Cisco Systems ME 3400 - page 502

26-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Understanding SPAN and RSPAN These sections contain this conceptual information: • Local SP AN, page 26-2 • Remote SP AN, page 26-2 • SP AN and RSP AN Conce pts and T erm inology , page 26-3 • SP AN and RSP AN Interactio ...
Cisco Systems ME 3400 - page 503

26-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Understanding SPAN and RSPAN Figur e 26-2 Example of RSP AN Configuration SPAN and RSPAN C oncepts and Terminology This section descri bes concepts and terminology associated with SP AN and RSP AN configuration. SPAN Sessions SP ...
Cisco Systems ME 3400 - page 504

26-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Understanding SPAN and RSPAN An RSP A N source session is v ery similar to a loca l SP AN session, except for where the packet stream is directed. In an RSP AN source session, SP AN pack ets are relabe led with the RSP AN VLAN I ...
Cisco Systems ME 3400 - page 505

26-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Understanding SPAN and RSPAN • T ransmit (Tx) SP AN—The goal of transmit (or egre ss) SP AN is to monitor as much as po ssible all the packets sent by the source inte rface after all modif ication and processing is per formed ...
Cisco Systems ME 3400 - page 506

26-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Understanding SPAN and RSPAN • It can be any port type—for example, EtherC hann el, Fast Ethernet, Gigabi t Ethern et, user net work interface (UNI) , network node in terf ace (NNI), enhanced network interface (ENI) and so f ...
Cisco Systems ME 3400 - page 507

26-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Understanding SPAN and RSPAN A destination port has these characteristics: • For a local SP AN session, the destin ation port must reside on the same switch as the source port. F or an RSP AN session, it is located on the switc ...
Cisco Systems ME 3400 - page 508

26-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Understanding SPAN and RSPAN • RSP AN VLANs must be conf igured in VLAN conf iguration mode b y using the remote-span VLAN config uration mode command. – T o change a VLAN from a UNI-ENI isolate d VLAN (the def ault) to an R ...
Cisco Systems ME 3400 - page 509

26-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Configuring SPAN and RSPAN is confi gured as a SP AN destination, it is remo ved from the gro up. After the port is remo ved fr om the SP AN session, it rejoins the EtherChannel group. Ports remov ed from an EtherCh annel group r ...
Cisco Systems ME 3400 - page 510

26-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Configuring SPAN and RSPAN Configuring Local SPAN These sections contain this configu ration informatio n: • SP AN Configurat ion Guidelines, page 26-10 • Creating a Local SP AN Session, page 26- 11 • Creating a Local SP ...
Cisco Systems ME 3400 - page 511

26-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Creating a Local SPAN Session Beginni ng in privile ged EXEC mode, follo w these steps to create a SP AN session and specify the source (monitored) ports or VLAN s and th e destination (mo nitoring) po ...
Cisco Systems ME 3400 - page 512

26-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN se ssion, use the no monitor session session_number global conf iguration command. T o remov e a source or destination port o r VLAN from the SP AN session, use the no monitor sessi ...
Cisco Systems ME 3400 - page 513

26-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Configuring SPAN and RSPAN The monitoring of traff ic recei ved on port 1 is disabled, b ut traff ic sent from this port continues to be monitored. This exampl e show s how to remove any e xisting conf iguration on SP AN session ...
Cisco Systems ME 3400 - page 514

26-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN se ssion, use the no monitor session session_number global conf iguration command. T o remov e a source or destination port o r VLAN from the SP AN session, use the no monitor sessi ...
Cisco Systems ME 3400 - page 515

26-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Specifying VLANs to Filter Beginning in pri vileged EXEC mode, follo w these st eps to limit SP AN source traff ic to specific VLANs: T o monitor all VLANs on the trun k port, use the no monitor sessio ...
Cisco Systems ME 3400 - page 516

26-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Configuring SPAN and RSPAN This exampl e show s how to remove an y ex isting conf iguration on SP AN session 2, conf igure SP AN session 2 to moni tor traffic recei ved on Gigabit Ethe rnet t runk port 2, and s end traffic for ...
Cisco Systems ME 3400 - page 517

26-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Configuring a VLAN as an RSPAN VLAN Create a ne w VLAN to be the RSP AN VLAN for th e RSP AN session. Y ou must create the RSP AN VLAN in all switches that will par ticipate in RSP AN. Y ou must config ...
Cisco Systems ME 3400 - page 518

26-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Configuring SPAN and RSPAN T o delete a SP AN session, use the no monitor session session_number global conf iguration comman d. T o remov e a source port or VLAN from the SP AN session, use the no monitor session session_numbe ...
Cisco Systems ME 3400 - page 519

26-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Configuring SPAN and RSPAN Creating an RSPAN Destination Session Y ou config ure the RSP A N destination session on a dif f erent switch; th at is, not the switch on which the source session was conf igured. Beginni ng in pri vi ...
Cisco Systems ME 3400 - page 520

26-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Configuring SPAN and RSPAN This exampl e shows ho w to co nfigur e VLAN 901 as the source remote VLAN and port 1 as the destinatio n inter face: Switch(config)# monitor session 1 source remote vlan 901 Switch(config)# monitor s ...
Cisco Systems ME 3400 - page 521

26-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Configuring SPAN and RSPAN Configuring SPAN and RSPAN T o delete an RSP AN se ssion, use the no monitor session session_number global conf iguration command. T o remo ve a destinatio n port from the RSP AN session, use the no monitor session session_numbe ...
Cisco Systems ME 3400 - page 522

26-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 26 Config uring SPAN and RSPAN Displaying SPAN and RSPAN Status T o monitor all VLANs on the tr unk port , use th e no monitor session session_number f ilter vlan global confi guration command. This exampl e show s how to remov e any e xisting conf iguration ...
Cisco Systems ME 3400 - page 523

CH A P T E R 27-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 27 Configuring RMON This chapter descri bes how to configure Remote Network M onitoring (RMON) on t he Cisco ME 3400 Ethernet Access switch. RMON is a standard monitoring specif ication that def ines a set of stati stics and functions that can be exch an ...
Cisco Systems ME 3400 - page 524

27-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 27 Configuring RMON Configuring RMON Figur e 27 -1 Remot e Mo ni t or ing Example The switch supports these RMON groups (defined in RFC 1757): • Statistics (RMON group 1)—Col lects Ethern et statistics (i ncluding Fast Ethernet and Gigabit Ethernet statis ...
Cisco Systems ME 3400 - page 525

27-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 27 Configuring RMON Configuri ng RMON Default RMON Configuration RMON is disabled by def ault; no alarms or e vents are configured. Configuring RMON Alarms and Events Y ou can conf igure your switch for RMON by using the command- line interface (CLI) or an SN ...
Cisco Systems ME 3400 - page 526

27-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 27 Configuring RMON Configuring RMON T o disable an alarm, use the no r m on alarm number global conf iguration command on each alarm you confi gured. Y ou cannot disable at once all the alarms that you conf igured. T o disable an ev ent, use the no rmon ev e ...
Cisco Systems ME 3400 - page 527

27-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 27 Configuring RMON Configuri ng RMON Collecting Group History Statistics on an Interface Y ou must first co nfigu re RMON alar ms and e vents to display col lection information. Beginni ng in pri vileged EXEC mode, follo w these steps to collect group histo ...
Cisco Systems ME 3400 - page 528

27-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 27 Configuring RMON Displaying RMON Status T o disable the collect ion of group Ethernet statistics, use th e no rmon collection s tats inde x interface confi guration command. This example sh ows ho w to collect RMON stat istics for the o wner ro o t : Switc ...
Cisco Systems ME 3400 - page 529

CH A P T E R 28-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 28 Configuring System Message Logging This chapter describes ho w to conf igure system mess age loggin g on the Cisco ME 3400 Ethernet Access switch. Note For complete syntax and usage information for the co mmands used in this chapter , see the Cisco IO ...
Cisco Systems ME 3400 - page 530

28-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Config ur ing System Message Logging Configuring System Message Logging Y ou can access logge d system messages by using the switch command-line interface (CLI) or by saving them to a properly configured sysl og server . The switch software saves syslog me ...
Cisco Systems ME 3400 - page 531

28-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Configuring System Messag e Logging Configuring System Message Logging Ta b l e 28-1 describes the elements of syslog messages. This example sho ws a partial switch system message: 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up 00:0 ...
Cisco Systems ME 3400 - page 532

28-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Config ur ing System Message Logging Configuring System Message Logging Disabling Message Logging Message logging is enabled b y default. It must be en abled to send messages to any destin ation other than the console. When enabled, log messages are sent t ...
Cisco Systems ME 3400 - page 533

28-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Configuring System Messag e Logging Configuring System Message Logging Setting the Message Display Destination Device If message logging is en abled, you ca n send messages to specific locati ons in additi on to the co nsole. Beginni ng in pri vileged EXEC ...
Cisco Systems ME 3400 - page 534

28-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Config ur ing System Message Logging Configuring System Message Logging The logging buffered global conf iguration command copies logging messages t o an internal b uf fer . The buf fer is circular, so newer messag es ove rwrite olde r messages after th e ...
Cisco Systems ME 3400 - page 535

28-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Configuring System Messag e Logging Configuring System Message Logging T o disable synchronization of unsolic ited messages and deb ug output, use the no logg ing synchr onous [l evel severity-level | all ] [ limit number-of-b uffers ] line conf iguration ...
Cisco Systems ME 3400 - page 536

28-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Config ur ing System Message Logging Configuring System Message Logging This example shows part of a logging disp lay with the s ervice timestamps log uptime global configuration command enabled: 00:00:46: %LINK-3-UPDOWN: Interface Port-channel1, changed s ...
Cisco Systems ME 3400 - page 537

28-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Configuring System Messag e Logging Configuring System Message Logging Note Specifying a level causes messages at that lev el and numerically lower le vels t o appear at the destination. T o disable logging to the console, use the no logging console global ...
Cisco Systems ME 3400 - page 538

28-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Config ur ing System Message Logging Configuring System Message Logging Limiting Syslog Messages Sent to the History Table and to SNMP If you enabled sysl og message traps to be sent to an SNMP netw ork management station b y using the snmp-server enable ...
Cisco Systems ME 3400 - page 539

28-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Configuring System Messag e Logging Configuring System Message Logging Use the show archiv e log conf ig { all | num ber [ end-number ] | user username [ sess ion number ] number [ end-number ] | statistics } [ pro visioning ] privile ged EXEC com mand to ...
Cisco Systems ME 3400 - page 540

28-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Config ur ing System Message Logging Configuring System Message Logging Configuring UNIX Syslog Servers The next sect ions describe ho w to configure the UNIX serv er syslog daemon and ho w to def ine the UNIX system logging f acility . Logging Messages t ...
Cisco Systems ME 3400 - page 541

28-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Configuring System Messag e Logging Displaying the Logging Co nfig uration T o remov e a syslog server , use the no l ogging host global config uration comman d, and specify the syslog server IP address. T o disable logg ing to syslog servers, enter the n ...
Cisco Systems ME 3400 - page 542

28-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 28 Config ur ing System Message Logging Displaying the Logging Configuration ...
Cisco Systems ME 3400 - page 543

CH A P T E R 29-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 29 Configuring SNMP This chapter describe s how to configure the Simp le Network Management Protocol (SNMP) on t he Cisco ME 3400 Ethernet Access switch. Note For complete syntax and usage in formation for the co mmands used in this chapter , see the swi ...
Cisco Systems ME 3400 - page 544

29-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Understanding SNMP These sections contain this conceptual information: • SNMP V ersions, page 29-2 • SNMP Manager Functions, page 29-3 • SNMP Agent Functions, page 29-4 • SNMP Community Strings, page 29 -4 • Using SNMP to Acces ...
Cisco Systems ME 3400 - page 545

29-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Understanding SNMP SNMPv3 provid es for both security models and security lev els. A security model is an aut hentication strategy set up for a u ser and the g roup wi thin which the use r resides. A secu rity level is the permitte d le ve ...
Cisco Systems ME 3400 - page 546

29-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Understanding SNMP SNMP Agent Functions The SNMP agent responds to SNMP manager request s as follows: • Get a MIB v ariable—The SNM P agent begins this f unction in re sponse to a requ est from the NM S. The agent retriev es the valu ...
Cisco Systems ME 3400 - page 547

29-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Understanding SNMP SNMP Notifications SNMP allows the switch to sen d no tifications t o S N M P managers wh en particular events occur . SNMP notifications can be sen t as traps or inform requ ests. In command syntax, unless there is an o ...
Cisco Systems ME 3400 - page 548

29-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Configuring SNMP MIB Data Collection and Transfer T o confi gure periodic transfer MIB data from a de vice to a specified NMS, you group data from multiple MIBs into list and conf igure a po lling interv al. All MIB objects in the list a ...
Cisco Systems ME 3400 - page 549

29-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Configuring SNM P Default SNMP Configuration Ta b l e 29-4 sho ws the defaul t SNMP confi guration. SNMP Configuration Guidelines If the switch starts and th e switch st artup conf iguration has at least one snmp-server global configuratio ...
Cisco Systems ME 3400 - page 550

29-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Configuring SNMP Disabling the SNMP Agent Beginning in priv ileged EXEC mode, foll ow th ese steps to disable the SNMP agent: The no snmp-ser ver global conf iguration command disables all running v ersions (V ersion 1, Ve r s i o n 2C, ...
Cisco Systems ME 3400 - page 551

29-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Configuring SNM P Beginni ng in pri vileged EXEC mode, follo w these st eps to configure a community string on the switch: Note T o disable access for an SNMP communit y , set the community string for th at community to the null string (do ...
Cisco Systems ME 3400 - page 552

29-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Configuring SNMP This example sho ws how to assign the string comaccess to SNMP , to allow read-only access, and to specify that IP access list 4 can use the community string to gain access to the switch SNMP agent: Switch(config)# snmp ...
Cisco Systems ME 3400 - page 553

29-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Configuring SNM P Step 3 snmp-s erver gr oup gr oupname { v1 | v2 c | v3 { auth | noauth | pri v }} [ rea d re a d v i e w ] [ write write view ] [ noti fy notifyview ] [ access access-list ] Config ure a new SNMP group on the remote de v ...
Cisco Systems ME 3400 - page 554

29-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Configuring SNMP Configuring SNMP Notifications A trap manager is a management station that receives and processes traps. T rap s are system alerts that the switch generates when certain e vents occur . By de fault, no trap manag er is ...
Cisco Systems ME 3400 - page 555

29-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Configuring SNM P bulkstat collection transfer Generat es a trap when an unsuccessful data coll ection or data transfer occurs or when the bulkstats f ile reaches the maximum size. config Gen erates a trap for SNMP conf iguration chang es ...
Cisco Systems ME 3400 - page 556

29-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Configuring SNMP Note Though visible in the command -line help strings, the cpu [ thre shold ], flash insertion, flash remo val, fru-ctrl , and vtp ke ywords are not supported. The sn mp-serve r enable inf orms glob al conf iguration co ...
Cisco Systems ME 3400 - page 557

29-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Configuring SNM P Step 5 snmp-server host host-addr [ info rms | traps ] [ ver sion { 1 | 2c | 3 { auth | noauth | priv }}] community-string [ notif ication-t ype ] Specify the recipient of an SNMP trap operation. • For host-addr , spec ...
Cisco Systems ME 3400 - page 558

29-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Configuring SNMP The snmp-server host command specif ies which hosts receive the notif ications. The s nmp-server enable trap command globally enables the mechanism for the specif ied notif ication (for traps an d informs). T o enable a ...
Cisco Systems ME 3400 - page 559

29-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Configuring SNM P Configuring MIB Data Collection and Transfer This section incl udes basic conf iguration for MIB data collection. F or more information, see the Pe r i o d i c MIB Data Collection and T ran sfer Mechanism feature m odule ...
Cisco Systems ME 3400 - page 560

29-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Configuring SNMP This example configures a b ulk-sta tistics object li st and schema: Switch(config)# snmp mib bulkstat object-list ifMIB Switch(config-bulk-objects)# add 1.3.6.1.2.1.2.1.2.2.2.1.11 Switch(config-bulk-objects)# add ifNam ...
Cisco Systems ME 3400 - page 561

29-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Configuring SNM P Enter the no enable b ulk statisti cs transfer co nf iguration mo de command t o stop the col lection p rocess. Enter the enable command again to restart the operation. Every time you restart the process with the enable ...
Cisco Systems ME 3400 - page 562

29-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Configuring SNMP Configuring the Cisco Process MIB CPU Threshold Table In Cisco IOS Release 12.2(37)SE and later , you ca n use the CLI to conf igure the Cisco Process MIB CPU threshold table. Note For commands for conf iguring the Cisc ...
Cisco Systems ME 3400 - page 563

29-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configuring SNMP Configuring SNM P This examp le shows ho w to p ermit any SNMP manager t o access all objects with read-onl y permission using the community string public . The switch also sends MA C no tification traps to the hosts 192.180.1.111 and 192 ...
Cisco Systems ME 3400 - page 564

29-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 29 Configu rin g SNMP Displaying SNMP Status Displaying SNMP Status T o display SNMP input and output stat istics, including the nu mber of illeg al community strin g entries, errors, and requested v ariables, use the sho w snmp pri vileged EXEC command. Y o ...
Cisco Systems ME 3400 - page 565

CH A P T E R 30-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 30 Configuring Embedded Event Manager This chapter describes how to use the embedded e ven t manager (EEM) to monit or and manage the Cisco ME 3400 Ethernet Access switch and ho w to configure it. The switch must be run ning the metro IP access or metro ...
Cisco Systems ME 3400 - page 566

30-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 30 Configuring Embedded Event Manager Understanding Embedd ed Even t Manage r Figur e 30-1 Embedded Event Manag er Cor e Ev ent Detect ors These sections contain this conceptual information: • Event Detect ors, page 30-2 • Embedded Event Manager Action s, ...
Cisco Systems ME 3400 - page 567

30-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 30 Configuring Embedde d Event Manager Understanding Embedd ed Event Manager • GOLD e vent detector– Publishes an e vent when a GOL D failure event is detected on a specified card and subcard. • Counter e vent detector–P ublishes an e vent when a name ...
Cisco Systems ME 3400 - page 568

30-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 30 Configuring Embedded Event Manager Understanding Embedd ed Even t Manage r Embedded Event Manager Actions EEM provides action s that occur in response to an ev ent. EEM supports t hese actions: • Modifying a na med coun ter . • Publishing an applicatio ...
Cisco Systems ME 3400 - page 569

30-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 30 Configuring Embedde d Event Manager Configuring Embedd ed Event Manager • Cisco built-in variables (av ailable in EEM applets) Def ined by Cisco and can be read-only or read-wri te. The read-only v ariables are set by the system before an apple t star ts ...
Cisco Systems ME 3400 - page 570

30-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 30 Configuring Embedded Event Manager Configuring Embedde d Ev ent Mana ger This example sho ws the output for EEM when one of th e f ields specif ied b y an SNMP object ID crosses a defined t hreshold: Switch(config-applet)# event snmp oid 1.3.6.1.4.1.9.9.48 ...
Cisco Systems ME 3400 - page 571

30-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 30 Configuring Embedde d Event Manager Displaying Embedded Event Manager Information This exampl e shows the sample o utput for the sho w e vent manager en vironment command: Switch# show event manager environment all No. Name Value 1 _cron_entry 0-59/2 0-23/ ...
Cisco Systems ME 3400 - page 572

30-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 30 Configuring Embedded Event Manager Displaying Embedded Event Mana ger Information ...
Cisco Systems ME 3400 - page 573

CH A P T E R 31-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 31 Configuring Network Security with ACLs This chapter describes ho w to configure netw ork secu rity on the Cisco ME 3400 Ethernet Access switch by using access control lists (A CLs), which are also referred to in commands and tables as access lists. No ...
Cisco Systems ME 3400 - page 574

31-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Understanding ACLs which types of traf fic are forw arded or blocked at ro uter interfaces. F or example, you can allo w e-mail traf f ic to be forw arded b ut not T elnet traf f i c. A CLs can be co nf igured to bl ...
Cisco Systems ME 3400 - page 575

31-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Understanding ACLs • When a VLAN map, input router A CL, and input port A CL e xist in an SVI, incoming pack ets recei ved on the ports t o which a port A CL is applied are only f iltered b y the port A CL. Incomin ...
Cisco Systems ME 3400 - page 576

31-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Understanding ACLs Figur e 31 -1 Using ACLs t o Contr ol T raf fic t o a Networ k When you apply a port A CL to a trunk port, the A CL f ilters traf f ic on all VLANs present on the t runk port. W ith port A CLs, yo ...
Cisco Systems ME 3400 - page 577

31-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Understanding ACLs As with port ACLs, the switch exam ines A CLs associated wi th features configured on a gi v en interface. Howe v er , router A CLs are supported in both directio ns. As packets enter the sw itch o ...
Cisco Systems ME 3400 - page 578

31-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs • Deny A CEs that check Layer 4 inform ation ne ver match a fragment unless the fragment contai ns Layer 4 information. Consider access list 102, conf igured with thes e commands, applied to ...
Cisco Systems ME 3400 - page 579

31-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs These are the steps to use IP A CLs on the switch: Step 1 Create an A CL by specifying an access lis t number or name and the access cond itions. Step 2 Apply the A C L to interfaces or terminal ...
Cisco Systems ME 3400 - page 580

31-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs IPv4 Access List Numbers The number you use to denote yo ur IPv4 A CL sho w s the type of access list that you are creating. Ta b l e 31-1 lists the access-list number an d corresponding access ...
Cisco Systems ME 3400 - page 581

31-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs The first pack et that triggers the ACL causes a l ogging message right a way , and subsequent packets are collected o ver 5-minute in terval s befo re they appear or logged. The logging message ...
Cisco Systems ME 3400 - page 582

31-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs This example sho ws ho w to create a standard A CL to den y access to IP host 171.69.198.102, permit access to any others, and display the results. Switch (config)# access-list 2 deny host 171 ...
Cisco Systems ME 3400 - page 583

31-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs Beginni ng in pri vileged EXEC mode, follow these steps to create an extend ed A CL: Command Purpose Step 1 conf igure terminal Enter global conf iguration mode. Step 2a access-list access-list ...
Cisco Systems ME 3400 - page 584

31-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs or access-list access-list-number { deny | permit } protocol any any [ precedence pr ecedence ] [ tos tos ] [ fragments ] [ log ] [ log-input ] [ time-range time-r ange-name ] [ dscp dscp ] In ...
Cisco Systems ME 3400 - page 585

31-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs Use the no access-list access-list-number global configu ration co mmand to delete the ent ire access list. Y ou cannot delete individual A CEs from numbered access lists. This exampl e shows h ...
Cisco Systems ME 3400 - page 586

31-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs After creating a numbered extended A CL, you can apply it to terminal lines (see the “ Applying an IPv4 A CL to a T erminal Line” section on page 31 -18 ), to interfaces (see the “ A ppl ...
Cisco Systems ME 3400 - page 587

31-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs T o remov e a named standard A CL, use the no ip access-list standard name global co nfigurat ion command. Beginni ng in pri vileged EXEC mode, follow these steps to create an extend ed A CL us ...
Cisco Systems ME 3400 - page 588

31-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs This exampl e shows ho w you can delete indi vidual A CEs from the named access list bor der -list : Switch(config)# ip access-list extended border-list Switch(config-ext-nacl)# no permit ip h ...
Cisco Systems ME 3400 - page 589

31-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs Repeat the steps if you w ant multiple items in ef fect at dif ferent times. T o remov e a conf igured time-range limitatio n, use the no time-range time-r ange-name glo bal configurati on comm ...
Cisco Systems ME 3400 - page 590

31-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs Including Comments in ACLs Y ou can use the re ma rk ke yword to incl ude comments (remarks) about entries in an y IP standard or extended A CL. The remarks make the A CL easier for you to und ...
Cisco Systems ME 3400 - page 591

31-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs T o remo ve an A CL from a t erminal line, use t he no access-class access-list-number { in | out } line confi guration command. Applying an IPv4 ACL to an Interface This section describes how ...
Cisco Systems ME 3400 - page 592

31-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs T o remov e the specified access group, use the no ip access-group { ac cess-list-number | name } { in | out } interface configuration command. This example sho ws how to apply access list 2 t ...
Cisco Systems ME 3400 - page 593

31-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs When you enter the show ip access-lists privile ged EXEC command, the match coun t displayed does not account fo r packets th at are ac cess controlled in hardware. Use the show access-lists ha ...
Cisco Systems ME 3400 - page 594

31-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs Figur e 31 -3 Using Router A CLs t o Control T r affic This example uses a standard A CL to fil ter traff ic coming into Serv er B from a port, p ermitting traf fic only from Accounting’ s s ...
Cisco Systems ME 3400 - page 595

31-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs Numbered ACLs In this example, netw ork 36.0.0.0 i s a Class A networ k whose second octet specif ies a su bnet; that is, i ts subnet mask is 255.255.0.0. The thir d and fourth octe ts of a net ...
Cisco Systems ME 3400 - page 596

31-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring IPv4 ACLs The marketing_gr oup A CL allows an y TCP T elnet traff ic to the destination address and wild card 171.69.0.0 0.0.255.25 5 and denies any other TCP traf f ic. It permits ICMP traf f ic, denie ...
Cisco Systems ME 3400 - page 597

31-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring IPv4 ACLs In this exampl e of a named A CL, the Jones subnet is not allo wed access: Switch(config)# ip access-list standard prevention Switch(config-std-nacl)# remark Do not allow Jones subnet through S ...
Cisco Systems ME 3400 - page 598

31-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Creating Named MAC Ex tended ACLs This is a an e xample of a log for an extended A CL: 01:24:23:%SEC-6-IPACCESSLOGDP:list ext1 permitted icmp 10.1.1.15 -> 10.1.1.61 (0/0), 1 packet 01:25:14:%SEC-6-IPACCESSLOGDP: ...
Cisco Systems ME 3400 - page 599

31-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Creating Named MAC Extended ACLs Use the no mac access-list extende d name gl obal conf iguration command to delete the enti re A CL. Y ou can also delete indi vidual A CEs from named MA C extended A CLs. This examp ...
Cisco Systems ME 3400 - page 600

31-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring VLAN Maps • A Layer 2 interface can hav e only one MA C access list. If you apply a MA C access list to a Layer 2 interface that has a MA C A CL configured, the ne w A CL replaces the previously conf ...
Cisco Systems ME 3400 - page 601

31-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring VLAN Maps Note For complete syntax and usage in formation for the co mmands used in this section, see the command reference for this release. T o create a VLAN map and apply it to one or more VLANs, perf ...
Cisco Systems ME 3400 - page 602

31-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring VLAN Maps • When a switch has an IP access list or M A C access li st applied to a Layer 2 interface, an d you apply a VLAN map to a VLAN that the port belongs to, the port AC L takes precedence o ver ...
Cisco Systems ME 3400 - page 603

31-31 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring VLAN Maps Use the no vlan access-map name number global conf iguration command to delete a single sequence entry from within t he map. Use the no action acce ss-map conf iguration command to enforce the ...
Cisco Systems ME 3400 - page 604

31-32 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring VLAN Maps Switch(config-access-map)# action forward Switch(config-access-map)# exit Switch(config)# vlan access-map drop-ip-default 20 Switch(config-access-map)# match ip address igmp-match Switch(confi ...
Cisco Systems ME 3400 - page 605

31-33 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Configuring VLAN Maps Applying a VLAN Map to a VLAN Beginni ng in pri vileged EXEC mo de, follo w these steps to apply a VLAN map to one or more VLANs: T o remov e the VLAN m ap, use the no vlan filter mapname vlan- ...
Cisco Systems ME 3400 - page 606

31-34 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Configuring VLAN Maps Figur e 31 -4 Wir ing Closet Configur ation If you do not w ant HTTP traf f ic switched from Host X to Ho st Y , you can config ure a VLAN map on Switch A to drop all HTTP traff ic from Host X ...
Cisco Systems ME 3400 - page 607

31-35 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Using VLAN Maps with Router ACLs Figur e 31 -5 Den y Access to a Serv er on Another VLAN This example sho ws how to den y access to a serv er on another VLAN by creating the VLAN map SER VER 1 that denies access to ...
Cisco Systems ME 3400 - page 608

31-36 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Using VLAN Maps with Ro ute r AC Ls If the VLAN map has a match clause for the type of packet (IP or MA C) and the packet does not match the type, the default is to drop the packet. If th ere is no match clau se in ...
Cisco Systems ME 3400 - page 609

31-37 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Using VLAN Maps with Router ACLs Examples of Router ACLs and VLAN Maps Applied to VLANs This section gi v es e xamples of appl ying router A CLs and VLAN maps to a VLAN for switched, routed , and multicast pack ets. ...
Cisco Systems ME 3400 - page 610

31-38 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Using VLAN Maps with Ro ute r AC Ls Figur e 31 -7 Applying ACLs on Rout ed P ack e ts ACLs and Multicast Packets Figure 31-8 sho ws how A CL s are applied on packets that ar e replicated for IP multicasti ng. A mu ...
Cisco Systems ME 3400 - page 611

31-39 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configuri ng Network Security with ACLs Displaying IPv4 ACL Configuration Displaying IPv4 ACL Configuration Y ou can display the A CLs that are confi gured on the switch, and y ou can display the A CLs that hav e been applie d to in terfaces and VLA Ns. W ...
Cisco Systems ME 3400 - page 612

31-40 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 31 Configurin g N etwork Security with ACLs Displaying IPv4 AC L Configuration ...
Cisco Systems ME 3400 - page 613

CH A P T E R 32-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 32 Configuring Control-Plane Security This chapter describes the control- plane security feature i n the Cisco ME 3400 Ethernet Access switch . In any network, Layer 2 and Laye r 3 switches exchan ge control packets with ot her switches in the network. T ...
Cisco Systems ME 3400 - page 614

32-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 32 Configurin g Control-Plane Security Understanding Control-Plan e Secur ity Layer 3 control packet s, on a port in routin g mode ( whe ther or not a Layer 3 service policy is attached), control-plane security supports rat e-limiting only In tern et Group Ma ...
Cisco Systems ME 3400 - page 615

32-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 32 Configuring Control-Plane Sec urity Understanding Co ntrol-Pla ne Security The switch automatically allocat es 27 control-plane security policers for CPU p rotection. At syst em bootup, it assigns a poli cer to each port numbered 0 to 26. The p olicer assi ...
Cisco Systems ME 3400 - page 616

32-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 32 Configurin g Control-Plane Security Understanding Control-Plan e Secur ity Because UNIs do not support STP , CDP , LLDP , LACP , and P AgP , these packets are dropped (physical policer of 26). These proto cols are disabled b y def ault on ENIs as wel l, b ...
Cisco Systems ME 3400 - page 617

32-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 32 Configuring Control-Plane Sec urity Configuring Control-Plane Security This example sho w s the default policers assigned to NNIs. Most protocols ha ve no pol icers assigned to NNIs. A v alue of 255 means that no p olicer is assigned to the port for the pr ...
Cisco Systems ME 3400 - page 618

32-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 32 Configurin g Control-Plane Security Monitoring Control-Plane Sec urity T o return to the d efault threshold rate, use th e no policer cpu uni global configurati on command. This examp le sho ws how to set the CPU protecti on threshold to 10000 b/s and to v ...
Cisco Systems ME 3400 - page 619

CH A P T E R 33-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 33 Configuring QoS This chapter describe s how to configure quality of service (QoS) by using the mod ular QoS command-line interface (CLI), or MQC, commands on the Cisco ME 3400 Ethernet Access switch. W ith QoS, you can prov ide preferential treatment ...
Cisco Systems ME 3400 - page 620

33-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Figur e 33-1 Modular QoS CLI Model Basic QoS includes these actions. • Packet classif ication org anizes traff ic on the basis of whether or not the tr af fic matches a specif ic criteria. When a packet is receiv ed, the ...
Cisco Systems ME 3400 - page 621

33-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Modular QoS CLI Modular QoS CLI (MQC) allo ws users to create traf fic policies and attach these policies to interfaces. A traf f ic polic y contai ns a traf fic class and one or mo re QoS features. Y ou use a traff ic cla ...
Cisco Systems ME 3400 - page 622

33-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS class1 interface configuration comman d attaches all the characteristics of the traff i c polic y named class1 to the specif ied interface. All packets lea ving the specif ied interface are e valuated according to the crit ...
Cisco Systems ME 3400 - page 623

33-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Output Policy Maps Output polic y map classif ication criteria include ma tching a CoS, a DSCP , an IP precedence, or a QoS group v alue. Output polic y maps can ha ve an y of these actions: • Queuing ( queue-limit ) • ...
Cisco Systems ME 3400 - page 624

33-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Figur e 33-3 QoS Classification Layers in F rames and P ac k ets These sections contain additional information about classifi cation: • “Class Maps” section on page 33 -6 • “The match Command” section on page 3 ...
Cisco Systems ME 3400 - page 625

33-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Y ou can match more than one criterion for classification. Y ou can also create a class map that requires that all matc hing cri teria in th e class map be in th e packet heade r by using the class map match-all class-map ...
Cisco Systems ME 3400 - page 626

33-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS This exampl e shows ho w to cr eate a class map to match a CoS v alue of 5: Switch(config)# class-map premium Switch(config-cmap)# match cos 5 Switch(config-cmap)# exit Classification Based on IP Precedence Y ou can cla ss ...
Cisco Systems ME 3400 - page 627

33-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS cs6 Match packets with CS6(precedence 6) dscp (110000) cs7 Match packets with CS7(precedence 7) dscp (111000) default Match packets with default dscp (000000) ef Match packets with EF dscp (101110) For more i nformation on ...
Cisco Systems ME 3400 - page 628

33-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Classification Based on QoS ACLs Pack ets can also be classifi ed in input polic y maps based on an A CL lookup. The A CL classif ication is communicated to an output pol icy by assigning a QoS group or number in the inpu ...
Cisco Systems ME 3400 - page 629

33-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Y ou can use QoS groups to conf igure per-port , per- VLAN Qo S output policies on the e gress interface for bridged traf f ic on the VLAN. Assign a QoS group number to a VLAN on the in gress interface b y confi guring a ...
Cisco Systems ME 3400 - page 630

33-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS parent-lev el class map.Y ou can confi gure multiple service classes at th e parent lev el to match di fferent combinations of VLANs, and you can apply independen t QoS policies to each parent service class using any chil ...
Cisco Systems ME 3400 - page 631

33-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Switch(config-pmap-c)# set ip precedence 4 Switch(config-pmap-c)# exit Switch(config)# policy-map parent-customer-1 Switch(config-pmap)# class customer-1-vlan Switch(config-pmap-c)# service-policy ingress-policy-1 Switch( ...
Cisco Systems ME 3400 - page 632

33-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS • CoS to precedence • CoS to CoS • Precedence to CoS • Precedence to DSCP • Precedence to precedence T able maps modify only one parameter (CoS, IP pre cedence, or DSCP , whichev er is conf igured) and are only ...
Cisco Systems ME 3400 - page 633

33-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Individual Policing Indi vidual policing app lies only to input poli cy maps. In polic y-map conf iguration mode, you enter t he class command follo wed by cl ass-map name, and enter polic y-map class conf igurat ion mode ...
Cisco Systems ME 3400 - page 634

33-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS T o conf igure multiple actions in a class, you can enter multiple conform or exceed action entries in policy-map class police conf iguration mode, as in this e xample: Switch(config)# policy-map map1 Switch(config-pmap)# ...
Cisco Systems ME 3400 - page 635

33-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS After you conf igure the aggregate pol icer , you create a policy map and an associated class map, associate the policy map with the aggregate policer , and apply the service polic y to a port. Note Only one policy map ca ...
Cisco Systems ME 3400 - page 636

33-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Switch(config-pmap)# class video-provider-2 Switch(config-pmap-c)# set dscp cs4 Switch(config-pmap-c)# exit Switch(config-pmap)# class class-default Switch(config-pmap-c)# police aggregate agg1 Switch(config-pmap-c)# exit ...
Cisco Systems ME 3400 - page 637

33-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Marking Y ou can use packet marking in in put policy maps to set or modify the attrib utes for traf f ic belonging to a specific class. After network traf fic is org anized in to classes, you use marking to identify certa ...
Cisco Systems ME 3400 - page 638

33-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Marking and Queuing CPU-Generated Traffic Y ou can mark the CPU-generated traf f ic b y ent ering the cpu traff i c qos global conf iguration command. Y ou can use this command to mark t he CPU-generate d control plane pa ...
Cisco Systems ME 3400 - page 639

33-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS – T o conf igure priori ty with unconditional pol icing, conf igure the priority queue by using the priority polic y-map cl ass conf iguration command and th e police polic y-map class config uration command to uncondit ...
Cisco Systems ME 3400 - page 640

33-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Port Shaping T o conf igure port shap ing (a transmit port shaper), creat e a policy map that contains only a default class, and use the shape av erage command to specify the maximum bandwi dth for a port. This exampl e s ...
Cisco Systems ME 3400 - page 641

33-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Class-Based Weighted Fair Queuing Y ou can configure class-based w eighted fair queuing (CBWFQ) to set the relativ e precedence of a que ue by allocating a po rtion of the total bandwidth t hat is av ailable for the port. ...
Cisco Systems ME 3400 - page 642

33-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Switch(config-pmap)# class class-default Switch(config-pmap-c)# bandwidth 10000 Switch(config-pmap-c)# exit Switch(config-pmap)# exit Switch(config)# interface fastethernet 0/1 Switch(config-if)# service-policy output out ...
Cisco Systems ME 3400 - page 643

33-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS • Y ou can use pri ority with the police policy-map command, or uncondit ional priority policin g , to reduce the band wid th used b y th e priority q ueue. Th is is the only form of policing th at is supported in outpu ...
Cisco Systems ME 3400 - page 644

33-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Switch(config)# interface gigabitethernet 0/1 Switch(config-if)# service-policy output policy1 Switch(config-if)# exit Congestion Avoidance and Queuing Congestion av oidance use s algorith ms such as tail drop to control ...
Cisco Systems ME 3400 - page 645

33-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Beginni ng with Cisco IOS Release 12.2(25)SE, the swi tch supports up to three uniqu e queue-limit confi gurations across all outpu t policy maps. W ithin an output policy m ap, only four queues (classes) are allo wed, in ...
Cisco Systems ME 3400 - page 646

33-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Understanding QoS Note For optimal performance, we stro ngly recommend that you conf igure the queue-limit t o 272 or less. Queue bandwidth and queue size ( queue limit) are conf igu red separately and are not interdependent. Y ou should c ...
Cisco Systems ME 3400 - page 647

33-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Configuring QoS Before conf iguring QoS, you must ha v e a thorough understandi ng of these fact ors: • The types of applications used and the traf fic patter ns on your network. • T raf fic ch aracteristics and needs ...
Cisco Systems ME 3400 - page 648

33-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS • If you ha ve EtherChann el ports conf igured on yo ur sw itch, you must conf igure QoS classif ication, policing, mapping, and queuing on the indi vidual ph ysical ports that comprise the EtherCh annel. Y ou must de cid ...
Cisco Systems ME 3400 - page 649

33-31 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS T o delete an access list, use the no access-list access-list-number glob al configuration c ommand . This example sho ws how to allo w access for only those hosts on the three specif ied networks. The wildcard bits ap ply ...
Cisco Systems ME 3400 - page 650

33-32 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Creating IP Extended ACLs Beginning in priv ileged EXEC mode, follo w these steps to create an IP extended A CL for IP traff ic: T o delete an access list, use the no access-list access-list-number global configuration comm ...
Cisco Systems ME 3400 - page 651

33-33 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS This example sho ws ho w to create an A CL that permits IP traf f ic from an y source to an y destination that has the DSCP v alue set to 32: Switch(config)# access-list 100 permit ip any any dscp 32 This exa mple sho ws h ...
Cisco Systems ME 3400 - page 652

33-34 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Using Class Maps to Define a Traffic Class Y ou use the class-map global configu ration command to name an d to isolate a specif ic traff ic flo w (or class) from all other traff ic. A class ma p defines the cr iteria to us ...
Cisco Systems ME 3400 - page 653

33-35 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Use the no form of the appropriate co mmand to delete an ex ist ing class map or remov e a match criterion. This example sho w s ho w to create access li st 103 and configure the class map called class1 . The class1 has on ...
Cisco Systems ME 3400 - page 654

33-36 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS This e xample sho ws ho w to cr eate a class map called class3 , which matches incomin g traffic with IP-precedence values of 5, 6, and 7: Switch(config)# class-map match-any class3 Switch(config-cmap)# match ip precedence ...
Cisco Systems ME 3400 - page 655

33-37 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS T o delete a table map, use the no t able-map table-map -name global conf iguration comman d. This ex ample sho ws ho w to cr eate a DSCP-t o-CoS tabl e map. A compl ete table w ould typi cally in clude additional map stat ...
Cisco Systems ME 3400 - page 656

33-38 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS T o remo ve the polic y map and port associat ion, use the no service-policy { input | ou tput } policy-map-nam e interface configuration command. Configuring Input Policy Maps Policy maps specify which traf fic class to ac ...
Cisco Systems ME 3400 - page 657

33-39 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS These sections describe ho w to conf igure dif ferent types of in put policy maps: • Config uring Input Polic y Maps with Indi vidual Pol icing, page 33-39 • Conf iguring Input Polic y Maps wit h Aggreg ate Policing, p ...
Cisco Systems ME 3400 - page 658

33-40 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Step 5 conform-action cos { cos_value | cos [ table table-map-name ] | dscp [ table table-map-name ] | pr ecedence [ table table-map-name ]} or conform- action [ ip ] dscp { dscp _value | cos [ table table-map-name ] | dscp ...
Cisco Systems ME 3400 - page 659

33-41 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS After you ha ve created an input polic y map, you attach it to an interface in the i nput direction. See the “ Attaching a T raf fic Polic y to an Interface” section on page 33-37 . Use the no form of the appropriate c ...
Cisco Systems ME 3400 - page 660

33-42 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS This example sho ws ho w to create a traf f ic classif icati on with a CoS v alue of 4, create a polic y map, and attach it to an ingress port. The a verage traf f ic rate is limited to 100 00000 bps with a bu rst size of 1 ...
Cisco Systems ME 3400 - page 661

33-43 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Switch(config-pmap-c-police)# exit Switch(config-pmap-c)# exit Switch(config-pmap)# exit Switch(config)# interface fastethernet0/1 Switch(config-if)# service-policy input in-policy Switch(config-if)# exit Configuring Input ...
Cisco Systems ME 3400 - page 662

33-44 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Beginning in priv ileged EXEC mode, foll ow these steps to create an aggregate p olicer: Command Purpose Step 1 configur e terminal Enter global conf iguration mod e. Step 2 policer aggregat e aggr egate-p olicer- name { ra ...
Cisco Systems ME 3400 - page 663

33-45 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS After you hav e created an aggre gate policer , you at tach it to an ingress port. See the “ Attaching a T raf f ic Policy to an Interf ace” section on page 33-37 . T o remo ve the specif ied aggre gate policer from a ...
Cisco Systems ME 3400 - page 664

33-46 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Use the no form of the ap pro priat e command to delete a po li c y map or tabl e map or remo ve an assi gn ed CoS, DSCP , precedence, or QoS-group v alue. This example uses a policy map to rema rk a packet. The first marki ...
Cisco Systems ME 3400 - page 665

33-47 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Configuring Per-Port Per-VLAN QoS wi th Hierarchical Input Policy Maps Per-por t, per- VLAN QoS allo ws classification based o n VLAN IDs for applying QoS for frames recei ved on a gi ven interf ace and VLAN. This is achie ...
Cisco Systems ME 3400 - page 666

33-48 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Creating Child-Policy Class Maps Beginni ng in pri vileged EXEC mode, foll ow th ese steps to create one or more child-po licy class maps: Command Purpose Step 1 configur e terminal Enter global conf iguration mode. Step 2 ...
Cisco Systems ME 3400 - page 667

33-49 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Creating Parent-Policy Class Maps Beginni ng in pri vile g ed EXEC mode, follo w these st ep s to create one o r mo re parent -policy class maps: Creating Child Policy Maps Beginni ng in pri vileged EXEC mode, follow these ...
Cisco Systems ME 3400 - page 668

33-50 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Creating a Parent Policy Map Beginni ng in pri vileged EXEC mode, follo w these steps to create a parent p olic y map and attach it to an interface: Attaching a Parent Policy Map to a n Interfac e Beginni ng in pri vileged ...
Cisco Systems ME 3400 - page 669

33-51 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Switch(config)# class-map match-any customer1-vlan Switch(config-cmap)# match vlan 100-105 Switch(config-cmap)# exit Switch(config)# class-map match-any customer2-vlan Switch(config-cmap)# match vlan 110-120 Switch(config- ...
Cisco Systems ME 3400 - page 670

33-52 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS (class-based priority queuin g). Policing is not supp or ted on output po licy maps, except when configuring priority with poli ce for class-based priority queu ing. Out put policy map classi ficati on criteria are matching ...
Cisco Systems ME 3400 - page 671

33-53 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS • Y ou can attach only o ne output polic y map per port. • The maximum number of polic y maps conf igured on the switch is 256. These sections describe ho w to conf igure dif ferent types of ou tput policy maps: • Co ...
Cisco Systems ME 3400 - page 672

33-54 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS After you ha v e created an output pol icy map, you attach it to an e gress port. See the “ Attaching a T raf f ic Policy to an Interf ace” section on page 33-37 . Use the no form of the appropriat e command to delete a ...
Cisco Systems ME 3400 - page 673

33-55 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Follo w these guidelines when conf iguring class-based shaping: • Config uring a queue for traf f ic shaping sets the ma ximum bandwidth o r peak information rate (PIR) of the queue. In the Cisco ME switch, configuring t ...
Cisco Systems ME 3400 - page 674

33-56 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Switch(config-pmap-c)# shape average 10000000 Switch(config-pmap-c)# exit Switch(config-pmap)# exit Switch(config)# interface fastethernet0/1 Switch(config-if)# service-policy output out-policy Switch(config-if)# exit Confi ...
Cisco Systems ME 3400 - page 675

33-57 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS This ex ample sho ws ho w to conf igure port shaping b y conf iguring a hi erarchical polic y map t hat shapes a port to 90 Mbps, allocated according to the out-pol icy policy map config ured i n the pre vious e xample. Sw ...
Cisco Systems ME 3400 - page 676

33-58 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS After you ha v e created an output pol icy map, you attach it to an e gress port. See the “ Attaching a T raf f ic Policy to an Interf ace” section on page 33-37 . Use the no form of the appropriate command to delete an ...
Cisco Systems ME 3400 - page 677

33-59 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Configuring Prior ity With Police Y ou can use the priority with police feature and conf igure an unconditi onal priority policer to limit the bandwidth used b y the priority queue and allocate bandwidth or shape o ther qu ...
Cisco Systems ME 3400 - page 678

33-60 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS After you ha v e created an output pol icy map, you attach it to an e gress port. See the “ Attaching a T raf f ic Policy to an Interf ace” section on page 33-37 . Step 7 conform-action [ transmit ] (Optional) Ent er th ...
Cisco Systems ME 3400 - page 679

33-61 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS Use the no form of the appropriate command to delete an e xisting polic y map or cl ass map or to cancel the priority queuing or po licing for the priority class or the bandwid th setting for the other classes. This exampl ...
Cisco Systems ME 3400 - page 680

33-62 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuring QoS Beginni ng in pri vileged EX EC mode, follo w these step s to use WTD to adjust the queue size for a traff ic class: Command Purpose Step 1 configur e terminal Enter global conf iguration mode. Step 2 policy-map policy-map- ...
Cisco Systems ME 3400 - page 681

33-63 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuri ng QoS After you ha ve created an output polic y map, you attach it to an egress port. See th e “Configuring Outp ut Polic y Maps” section on page 33-51 . Use the no form of the appropriate c ommand to delete an existin g pol ...
Cisco Systems ME 3400 - page 682

33-64 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Displaying QoS Information Displaying QoS Information T o display QoS infor mation, use one or mor e of the pri vile ged EXEC commands in Ta b l e 33-2 . For explanat ions about a v ailable ke ywords, s ee the command reference for this re ...
Cisco Systems ME 3400 - page 683

33-65 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuration Examples for Policy Maps These sections are included: • QoS Conf iguration for Customer A, pag e 33-65 • QoS Conf iguration for Customer B, p age 33-67 • Modifying Output Policies and Adding o r Deleting Classif ication ...
Cisco Systems ME 3400 - page 684

33-66 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuration Examples for Policy Maps This exampl e shows ho w to configure an input pol icy map that marks the gold class and polices the silv er class to 50 Mb/s and the bronze class to 20 Mb/s . Switch(config)# policy-map input-all Swi ...
Cisco Systems ME 3400 - page 685

33-67 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuration Examples for Policy Maps This e xample attach es the input an d output servic e po licies to the Gigabit Ethernet ports and activ ates them. Switch(config)# interface range gigabitethernet0/1-2 Switch(config-if-range)# servic ...
Cisco Systems ME 3400 - page 686

33-68 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuration Examples for Policy Maps This exampl e attaches the output polic y for F ast Ethernet ports 9 through 12 and acti vates t he ports: Switch# config terminal Switch(config)# interface range fastethernet0/9-12 Switch(config-if-r ...
Cisco Systems ME 3400 - page 687

33-69 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuration Examples for Policy Maps Note these restrictions wh en conf iguring output poli cies: • Y ou can def ine up to three classes in the output po licy map. • The defined classes must be th e same as other o utput policy maps. ...
Cisco Systems ME 3400 - page 688

33-70 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuration Examples for Policy Maps These steps shut do wn all ports carrying the ou tput policy , in this case only the Gigabit Ethernet po rts. Switch(config)# interface range gigabitEthernet0/1-2 Switch(config-if-range)# shutdown Swi ...
Cisco Systems ME 3400 - page 689

33-71 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuration Examples for Policy Maps These steps shut do wn all activ e and applicab le Fast Ethern et and Gigabit Ethernet ports : Switch(config)# interface range gigabitethernet0/1-2, fastethernet0/1-12 Switch(config-if-range)# shutdow ...
Cisco Systems ME 3400 - page 690

33-72 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 33 Configuring QoS Configuration Examples for Policy Maps When a policy map is attached to an interface, all tr af fic t hat does not explicit ly match the config ured class maps within the p olicy map shou ld go through the def ault queue (cl ass class-defa ...
Cisco Systems ME 3400 - page 691

CH A P T E R 34-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 34 Configuring EtherChannels and Link-State Tracking This chapter de scribes ho w to co nf igure EtherChannels on Layer 2 and Layer 3 ports on the C isco ME 3400 Ethernet Access switch. Et herChannel provid es fault-tolerant hi gh-speed links between swi ...
Cisco Systems ME 3400 - page 692

34-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Understanding EtherCh an nels EtherChannel Overview An EtherChannel consists of indi vidual F ast Ethern et or Gig abit Ethernet links b undled into a singl e logical lin k as sho wn in Figure 34-1 . Figu ...
Cisco Systems ME 3400 - page 693

34-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Understanding EtherChann els Y ou can conf igure an EtherChannel in o ne of thes e modes: Port Aggre gation Protocol (P AgP), Link Aggre gation Control Protocol (LA CP), or On mode. P AgP and LA CP are av ...
Cisco Systems ME 3400 - page 694

34-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Understanding EtherCh an nels Figur e 34-2 Relationship of Ph ysical P orts, Logical P ort Channels, and Channel Gr oups After you conf ig ure an EtherChannel , conf i guration changes applied to the port ...
Cisco Systems ME 3400 - page 695

34-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Understanding EtherChann els PAgP Modes Ta b l e 34-1 sho ws the user -conf igurable EtherChannel P AgP modes for the channel -group interface configuration command on an NNI or EN I. Switch ports e xchan ...
Cisco Systems ME 3400 - page 696

34-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Understanding EtherCh an nels In Layer 2 EtherChan nels, the fir st port in the channel th at comes up pro vides its MA C address to the EtherChannel. If this port is remo v ed from the bu ndle, one of th ...
Cisco Systems ME 3400 - page 697

34-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Understanding EtherChann els LACP Interaction with Other Features The CDP sends and receiv es packets o ver the physi cal ports in the EtherChannel. T runk ports send and recei ve LA CP PDUs on the lo wes ...
Cisco Systems ME 3400 - page 698

34-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Understanding EtherCh an nels forwarding method s of load distrib ution, can be used if it is not clear whet her source-MA C or destination-MA C address for warding is better suited on a particular switch ...
Cisco Systems ME 3400 - page 699

34-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Configuring EtherChannels Figur e 34-3 Load Distribu tion and Forw ard ing Methods Configuring EtherChannels These sections contain this configu ration informatio n: • Default Eth erChannel Conf igurati ...
Cisco Systems ME 3400 - page 700

34-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Configuring EtherCh ann els Default EtherChannel Configuration Ta b l e 34-3 shows the default EtherChannel configuration. EtherChannel Configuration Guidelines If improperly conf igured, some EtherChann ...
Cisco Systems ME 3400 - page 701

34-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Configuring EtherChannels Note Spanning T ree Proto col is only supported on NNIs o r ENIs on which it has been sp ecifically enabled. • Do not conf igure a port to be a member of more than one Ethe rC ...
Cisco Systems ME 3400 - page 702

34-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Configuring EtherCh ann els Beginning in priv ileged EXEC mode, foll ow these steps to assign a Layer 2 Ethernet port to a Layer 2 EtherChann el. This proc edure is required . Command Purpose Step 1 conf ...
Cisco Systems ME 3400 - page 703

34-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Configuring EtherChannels T o remo ve a port from the Et herChannel group, use the no channel -group interf ace configuration command. Step 5 channel-group c hannel-gr oup-number mode { auto [ non-silent ...
Cisco Systems ME 3400 - page 704

34-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Configuring EtherCh ann els This exampl e show s how to conf igure an EtherChannel . It assigns tw o ports as static-access ports in VLAN 10 to channel 5 with the P AgP mode desirable : Switch# configure ...
Cisco Systems ME 3400 - page 705

34-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Configuring EtherChannels T o remov e the port-channel, use the no interface port-channel port-cha nnel-number global confi guration command. This example sh ows ho w to create th e logical port ch annel ...
Cisco Systems ME 3400 - page 706

34-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Configuring EtherCh ann els Step 6 channel-group c hannel-gr oup-number mode { auto [ non-silent ] | desirable [ non-silent ] | on } | { active | passi ve } Assign the port t o a channel g roup, and spec ...
Cisco Systems ME 3400 - page 707

34-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Configuring EtherChannels This ex ample sho ws ho w to configure an EtherCh annel. It assi gns two ports to chan nel 5 with the LA CP mode activ e : Switch# configure terminal Switch(config)# interface r ...
Cisco Systems ME 3400 - page 708

34-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Configuring EtherCh ann els Configuring the PAgP Learn Method and Priority Network de vices are classified as P AgP physical lear ners or aggregate-port learners. A device is a physical learner if it lea ...
Cisco Systems ME 3400 - page 709

34-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Configuring EtherChannels T o return the prio rity to its defa ult setting, use the no pagp port-priority interface conf iguration command. T o return the learni ng method to its def ault setting, use th ...
Cisco Systems ME 3400 - page 710

34-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Configuring EtherCh ann els If you conf igure more than eight link s for an EtherChannel group, the softw are automatically decides which of the hot-standb y ports to mak e acti ve b ased on the LA CP pr ...
Cisco Systems ME 3400 - page 711

34-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Configuring EtherChannels Configuring the LACP Port Priority By default, all port s use the same port priority . If the local system has a lo wer v alue for the system priority and the system ID than the ...
Cisco Systems ME 3400 - page 712

34-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Displaying EtherChann el, PAg P , and LACP Sta t us Displaying EtherChannel, PAgP, and LACP Status T o display Ethe rChannel, P AgP , and LACP statu s information, use the pri vile ged EXEC commands desc ...
Cisco Systems ME 3400 - page 713

34-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Understan ding Link -State Tracking Figur e 34-4 T ypical Link-State T rac king Configuration When you enable link-stat e tracking on the switch , the link state of the do wnstr eam ports is bound to the ...
Cisco Systems ME 3400 - page 714

34-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Configuring Link-S tate Tr ack ing Y ou can recov er a do wnstream interf ace link-do wn condition b y remov ing the failed do wnstream port from the link-state grou p. T o recov er multiple do wnstream ...
Cisco Systems ME 3400 - page 715

34-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring Et he rChannels and Link-State Tracking Displaying Link-State Tra cking Status This exampl e show s how to create a link- state group and configure the interf aces: Switch# configure terminal Switch(config)# link state track 1 Switch(config)# ...
Cisco Systems ME 3400 - page 716

34-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 34 Configuring EtherChan nels an d Link-State Tracking Displaying Link-State Track ing Status ...
Cisco Systems ME 3400 - page 717

CH A P T E R 35-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 35 Configuring IP Unicast Routing This chapter descri bes how to configure IP V ersion 4 (IPv4) un icast routing o n the Cisc o ME 3400 Ethernet Access switch. Note Routing is supported only on switches that are running the met ro IP access image. For mo ...
Cisco Systems ME 3400 - page 718

35-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Understanding IP Routing degrades routing performance. F or more informatio n on the SD M templa tes, see Chapter 6, “Configuring SDM T emp lates” or see the sdm prefer command in the command reference for this release. U ...
Cisco Systems ME 3400 - page 719

35-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Steps for Configuring Routing Dynamic routing protocol s are used b y routers to dynamically calcul ate the best route for fo rwarding traf fi c. There are two types of dynamic routing protocols: • Routers using distance-v ...
Cisco Systems ME 3400 - page 720

35-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring IP Addr essing Config uring routing consist s of sev eral main procedures: • T o support VLAN interfac es, create and co nf igure VLANs on the switch, and assign VLAN membership to Layer 2 interfaces. F or more ...
Cisco Systems ME 3400 - page 721

35-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring IP Addressing Assigning IP Addresses to Network Interfaces An IP address identif ies a location to which IP pack ets can be sent. Some IP addresses are reserved for special uses and cannot be used for host, subne ...
Cisco Systems ME 3400 - page 722

35-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring IP Addr essing Use of Subnet Zero Subnetting with a subnet address of zero is strongly disco uraged because of the prob lems that can arise if a networ k and a subnet ha ve the same addresses. F or e xample, if ne ...
Cisco Systems ME 3400 - page 723

35-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring IP Addressing Figur e 35-2 I P Classless Routing In Figure 35-3 , the router in netw ork 128.20.0.0 is connected to subnets 128.20.1.0, 128.2 0.2.0, and 128.20.3.0. If the host sends a packet to 120.20.4.1, becau ...
Cisco Systems ME 3400 - page 724

35-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring IP Addr essing T o restore the def ault and hav e the switch forw ard packets de stined for a subnet of a netw ork with no network def ault route to the best sup ernet route possible, use the ip classless global c ...
Cisco Systems ME 3400 - page 725

35-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring IP Addressing installs a permanent entry in the AR P cache that th e switch uses to translate IP addresse s into MA C addresses. Optionally , you can a lso specify that the switch r espond to ARP reques ts as if ...
Cisco Systems ME 3400 - page 726

35-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring IP Addr essing Set ARP Encapsulation By default, Ethernet ARP encap sulati on (represented by the arpa keyword) is enabled on an IP interface. Y ou can change the encapsulation metho ds to SN AP if required b y y ...
Cisco Systems ME 3400 - page 727

35-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring IP Addressing Routing Assistance When IP Routing is Disabled These mechanisms allo w the switch to learn about rout es to other netw orks when it does not ha v e IP routing en abled: • Proxy ARP , page 35-11 ? ...
Cisco Systems ME 3400 - page 728

35-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring IP Addr essing listen to Routing I nformation Protocol (RIP ) routing updates and use thi s info rmation to infer locatio ns of routers. The switch does not actuall y sto re th e routing tables sent b y routing d ...
Cisco Systems ME 3400 - page 729

35-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring IP Addressing If you change the ma xadvertinterv al val u e , t h e holdtime and minadvertinterv al v alues also change, so it is imp ortant to first change the maxadvertinter val v alue, before manually chan gi ...
Cisco Systems ME 3400 - page 730

35-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring IP Addr essing Beginni ng in pri vileg ed EXEC mode, follo w these step s to enable forwarding of IP-d i rected broadcasts on an interface: Use the no ip directed-br oadcast interface conf iguration command to di ...
Cisco Systems ME 3400 - page 731

35-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring IP Addressing By default, both UDP an d ND forwarding are ena bled if a help er address has be en defined for an interface. The description for the ip f orward-pr otocol i nterface conf iguration co mmand in the ...
Cisco Systems ME 3400 - page 732

35-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring IP Addr essing T o restore the default IP broadcast address, use the no ip broadcast -address interface configuration command. Flooding IP Broadcasts Y ou can allo w IP broadcasts to be flooded throughout your in ...
Cisco Systems ME 3400 - page 733

35-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring IP Addressing Use the no ip forward- protocol spanning-tr ee global conf iguration command to di sable the flooding of IP broadcasts. In the switch, the majority of pa ckets are forw arded in hardware; mo st pac ...
Cisco Systems ME 3400 - page 734

35-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Enabling IPv4 Unicast Routing Enabling IPv4 Unicast Routing By default, th e switch is in Layer 2 switching mo de and IP routing is disab led. T o use the Layer 3 capabilities of the switch, you must enable IP routing. Begin ...
Cisco Systems ME 3400 - page 735

35-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuri ng RIP Configuring RIP The Routing Information Prot ocol (RIP) is an interior gateway protocol (IGP) created for use in small, homogeneous network s. It is a distance-vector ro uting protocol that uses broadcast U ...
Cisco Systems ME 3400 - page 736

35-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring RIP Configuring Basic RIP Parameters T o conf igure RIP , you enable RIP routing for a network and optionally conf igure o ther parameters. On the Cisco ME 3400 switch, RIP conf iguration command s are ignored un ...
Cisco Systems ME 3400 - page 737

35-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuri ng RIP T o turn of f the RIP r outing process, use the no r outer rip global conf iguration command. T o display the paramet ers and current state of the acti v e routing protocol process, use the sho w ip proto c ...
Cisco Systems ME 3400 - page 738

35-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring RIP T o restore clear text authentication, use the no ip rip authentication mode interface conf iguration command. T o pre vent authentication, use the no ip rip authentication key-chain interface confi guration ...
Cisco Systems ME 3400 - page 739

35-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuri ng RIP T o disable IP summarization, u se the no ip summary-address rip router configuration command. In this exampl e, the major net is 10.0.0.0. The summary address 10.2.0.0 overrides the autosummary address of ...
Cisco Systems ME 3400 - page 740

35-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring OSPF T o enable the split horizon mechanism, use the ip split-horizon interf ace configuration command. Configuring OSPF This section briefly describes ho w to confi gure Open Shortest Path First (OSPF). F or a c ...
Cisco Systems ME 3400 - page 741

35-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring OSPF • Configuri ng OSPF Area Parameters, page 35-31 • Configuri ng Other OSPF Parameters, page 35-32 • Changing LSA Group P acing, page 35-33 • Config uring a Loopback Interface, p age 35-34 • Monitor ...
Cisco Systems ME 3400 - page 742

35-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring OSPF Nonstop Forwarding Awareness The OSPF NSF A wareness feature is supported for IP v4 in the metro IP acce ss image, beginning with Cisco IOS Release 12.2(25)SEG. When the neighb oring router is NSF-capable, t ...
Cisco Systems ME 3400 - page 743

35-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring OSPF T o terminate an OSPF routing process, use the no r outer ospf pr ocess-id global conf iguration command. This example sho ws ho w to conf igure an OSPF routin g process and assign it a process number of 10 ...
Cisco Systems ME 3400 - page 744

35-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring OSPF Use the no form of these commands to remo ve the conf igured parameter v alue or return to the default val ue . Configuring OSPF Network Types OSPF classif ies different media into th e three types of networ ...
Cisco Systems ME 3400 - page 745

35-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring OSPF Configuring OSPF for Nonbroadcast Networks Because many routers might be atta ched to an OSPF network, a design ated router is selected for the network. If br oadcast capability is not conf igured in the ne ...
Cisco Systems ME 3400 - page 746

35-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring OSPF Beginning in pri vil eged EXEC mode, follo w thes e steps to conf igure OSPF network type for an interface: Use the no form of the ip ospf network command to return to the default netwo rk type for the media ...
Cisco Systems ME 3400 - page 747

35-31 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring OSPF Configuring OSPF Area Parameters Y ou can optionally configure se veral OSPF area parameters. Th ese parameters include authentication for password-based protection against un authorized access to an area, ...
Cisco Systems ME 3400 - page 748

35-32 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring OSPF Use the no form of these commands to remo ve the conf igured parameter v alue or to return to t he default val ue . Configuring Other OSPF Parameters Y ou can optionally conf igure other OSPF pa rameters in ...
Cisco Systems ME 3400 - page 749

35-33 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring OSPF Changing LSA Group Pacing The OSPF LSA group pacing feature allo ws the rout er to group OSPF LSAs an d pace the refreshing, check-summing, and aging functions for more ef ficient ro uter use. This feature ...
Cisco Systems ME 3400 - page 750

35-34 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring OSPF Beginning in pri vil eged EXEC mode, follo w these steps to conf igure OSPF LSA pacing: T o return to the d efault v alue, use the no timers lsa-gr oup-pacing router configuration command. Configuring a Loop ...
Cisco Systems ME 3400 - page 751

35-35 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring EIGRP Monitoring OSPF Y ou can display specif ic st atistics such as the cont ents of IP routing t ables, caches , and databases . Ta b l e 35-6 lists some of the privile ged EXEC co mmands for displaying statis ...
Cisco Systems ME 3400 - page 752

35-36 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring EIGRP EIGRP offers these featur es: • Fast con v er gence. • Incremental updates wh en the state of a destination changes, instead of sendin g the en tire contents of the routing table, minimi zing the bandwi ...
Cisco Systems ME 3400 - page 753

35-37 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring EIGRP • Config uring EIGRP Route Au thentication, page 35-40 • Config uring EIGRP Stub Ro uting, page 35-41 • Monitoring and Maintaini ng EIGRP , page 35-43 Default EIGRP Configuration Ta b l e 35-7, Part ...
Cisco Systems ME 3400 - page 754

35-38 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring EIGRP T o create an EIGRP routin g process, you must enable EIGR P and associate networks. EIGRP sends updates to the interfaces in the specif ied networks. If you do no t specify an interface netw ork, it is not ...
Cisco Systems ME 3400 - page 755

35-39 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring EIGRP Use the no forms of these commands to disable the feature o r return the setting to the def ault v alue. Configuring EIGRP Interfaces Other optional EIGRP paramet ers can be conf igured on an int erface ba ...
Cisco Systems ME 3400 - page 756

35-40 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring EIGRP Use the no forms of these commands to disable the feature o r return the setting to the def ault v alue. Configuring EIGRP Route Authentication EIGRP route authenticat ion provides MD5 authent ication of ro ...
Cisco Systems ME 3400 - page 757

35-41 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring EIGRP Use the no forms of these commands to disable the feature o r to return the setting to the default v alue. Configuring EIGRP Stub Routing The EIGRP stub routing feature redu ces resource utiliz ation by mo ...
Cisco Systems ME 3400 - page 758

35-42 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring EIGRP Figur e 35-4 EI GRP Stub Router Configuration For more inf ormation about EIGRP stub routing, see “Con figuring EIGRP Stub Routing” par t of the Cisco IOS IP Conf igurat ion Gu ide , V olume 2 of 3: Rou ...
Cisco Systems ME 3400 - page 759

35-43 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Monitoring and Maintaining EIGRP Y ou can delet e neighbors from the neig hbor table. Y o u can also display various EIGRP routing stat istics. Ta b l e 35-8 lists the pri vile ged EXEC commands for deleting ...
Cisco Systems ME 3400 - page 760

35-44 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP Figur e 35-5 EBGP , IBGP , and Multiple A utonomous Syst ems Before e xchanging infor mation with an externa l AS , BGP ensur es that ne tworks with in the AS ca n be reached by d efining internal BGP peering ...
Cisco Systems ME 3400 - page 761

35-45 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP BGP V ersion 4 supports classless interdomain routing (C IDR) so you can reduce the size of your routing tables by creati ng aggreg ate routes, r esulting in supernets . CIDR eliminates t he concept of netwo ...
Cisco Systems ME 3400 - page 762

35-46 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP BGP confederat ion identif ier/peers • Identif ier: None co nfigu red. • Peers: None identified. BG P Fa s t ext e rn a l fa l love r Enabled. BGP local preference 100. The range is 0 to 4 294967295 with ...
Cisco Systems ME 3400 - page 763

35-47 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Nonstop Forwarding Awareness The BGP NSF A wareness feature is supported for IP v4 in the metro IP access image, b eginning with Cisco IOS Release 12.2(25)SEG. T o enable this feature with BG P rout ing, you ...
Cisco Systems ME 3400 - page 764

35-48 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP Enabling BGP Routing T o enable BGP routing , you establish a BGP routing pr ocess and define th e local network. Because BGP must completely recog nize the relationships with its neig hbors, you must also sp ...
Cisco Systems ME 3400 - page 765

35-49 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Use the no router bgp autonomous-system global conf iguration command to remov e a BGP AS. Use the no network network-number router configuratio n command to remove the network from t he BGP table. Use the n ...
Cisco Systems ME 3400 - page 766

35-50 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP BGP neighbor is 129.213.1.1, remote AS 200, external link BGP version 4, remote router ID 175.220.212.1 BGP state = established, table version = 3, up for 0:10:59 Last read 0:00:29, hold time is 180, keepaliv ...
Cisco Systems ME 3400 - page 767

35-51 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Beginni ng in priv ileged EXEC mode, follo w these st eps to learn if a BGP peer suppo rts the route ref resh capability and to reset the BGP session: Configuring BGP Decision Attributes When a BGP speaker r ...
Cisco Systems ME 3400 - page 768

35-52 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP These factors summarize the order i n which BGP ev aluates the attributes fo r choosing the best path: 1. If the path specifies a ne xt hop that is inaccessible, drop the updat e. The BGP next-hop attrib ute, ...
Cisco Systems ME 3400 - page 769

35-53 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Use the no form of each command to retu rn to th e default state. Configuring BGP Filtering with Route Maps W ithin BGP , route maps can be used to cont rol and to modify rout ing information an d to def ine ...
Cisco Systems ME 3400 - page 770

35-54 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP Beginni ng in pri vileged EXEC mode, follow these steps to use a route map to disable next-hop processing: Use the no route-map map-ta g command to delete the route map. Use the no set ip next-hop ip-addr ess ...
Cisco Systems ME 3400 - page 771

35-55 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Use the no neighbor distribute-list command t o remov e the access list from the neighbor . Use the no neighbor route-map map-tag rou ter configurati on command to remo ve the route map from th e neighbor . ...
Cisco Systems ME 3400 - page 772

35-56 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP Filtering b y a prefix list in v olves matchi ng the pref ixes of rout es with those listed in the pref ix list, as when matching access lists. When there is a match, th e route is used. Whether a prefix is p ...
Cisco Systems ME 3400 - page 773

35-57 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Configuring BGP Community Filtering One way that BG P controls the distrib ution of r outing information based on the v alue of the COMMUNITIES attrib ute. The attribut e is a way to groups destinations into ...
Cisco Systems ME 3400 - page 774

35-58 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP Configuring BGP Neighbors and Peer Groups Often many BGP nei ghbors are config ured with the same update policies (that is, th e same outbound route maps, distrib ute lists, fi lter lists, update source, and ...
Cisco Systems ME 3400 - page 775

35-59 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Step 9 neighbor { ip-addr ess | peer- gr oup-name } update-source interfa ce (Optional) Allo w internal BGP sessions to use any operational interface for TCP connections. Step 10 neighbor { ip-addr ess | pee ...
Cisco Systems ME 3400 - page 776

35-60 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP T o disable an e xisting BGP neighbor o r neighbor peer group, use the neighbor shutdo wn router confi guration command. T o enable a previou sl y e xisti ng neighbo r or neighbor peer group that had been dis ...
Cisco Systems ME 3400 - page 777

35-61 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP Configuring Routing Domain Confederations One way to reduce the IBGP mesh is to d iv ide an autonomous system into multi ple subautonomous systems and to group them into a single confederatio n that appears ...
Cisco Systems ME 3400 - page 778

35-62 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring BGP Usually a cluster of clients ha ve a single rou te reflector, and the cluster is identified b y the route reflector router ID. T o increase redundancy and to a void a single point of failure, a clu ster might ...
Cisco Systems ME 3400 - page 779

35-63 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring BGP T o disable flap d ampening, use the no bgp dampening rout er conf iguration command witho ut key words. T o set dampening factors back to the default v alues, use the no bgp dampening router confi guration ...
Cisco Systems ME 3400 - page 780

35-64 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring ISO CLNS Routing Y ou can also enable the lo gging of messages generate d when a BGP neigh bor resets, comes up, or goes down b y using t he bgp log-neighbor changes router conf iguration command. Configuring ISO ...
Cisco Systems ME 3400 - page 781

35-65 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring ISO CLNS Routing Note For more detailed inf ormation about ISO CLNS, see the Cisco IOS Apollo Domain , Banyan VINES , DECnet, ISO CLNS and XNS Conf igurati on Guide, Release 12.2 . F or complete syntax and usage ...
Cisco Systems ME 3400 - page 782

35-66 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring ISO CLNS Routing Default IS-IS Configuration Ta b l e 35-12 shows the default IS-IS configuration. Nonstop Forwarding Awareness The integrated IS-IS NSF A wareness feature is su pported for IPv4 in the metro IP a ...
Cisco Systems ME 3400 - page 783

35-67 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring ISO CLNS Routing This feature is automatically enab led and requires no conf iguration. F or more information on this feature, see the Inte gr ated IS-IS Nonstop F orward ing (NSF) A wareness F eatur e Guide at ...
Cisco Systems ME 3400 - page 784

35-68 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring ISO CLNS Routing T o disable IS-IS rout ing, use the no router isis ar ea-tag router conf iguration command. This ex ample sho ws ho w to conf igure three routers to run co n ventional IS-IS as an IP routing prot ...
Cisco Systems ME 3400 - page 785

35-69 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring ISO CLNS Routing • Y ou can assign passwords to areas and domains. • Y ou can create aggregate addresses that are repres ented in the routing tabl e b y a summary address (route-summarizatio n). Routes learn ...
Cisco Systems ME 3400 - page 786

35-70 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring ISO CLNS Routing Step 9 set- overlo ad-b it [ on-startup { seconds | wait-for -bgp }] (Optional) Set an o verload bit (a hippity bit) to allo w other routers to ignore the router in their shortest path f irst (SP ...
Cisco Systems ME 3400 - page 787

35-71 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring ISO CLNS Routing T o disable def ault route gene ration, use the no default-inf ormation originate router conf iguration command. Use the no area-password or no domain-passw ord router conf iguration command to ...
Cisco Systems ME 3400 - page 788

35-72 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring ISO CLNS Routing frequently and IS-IS adjacencies are f ailing unnecessarily . Y ou can raise the hello multiplier and lo wer the hello interv al correspondingly to make th e hello protocol more reliable witho ut ...
Cisco Systems ME 3400 - page 789

35-73 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring ISO CLNS Routing T o return to the def ault settings, use the no forms of the commands. Monitoring and Maintaining IS-IS Y ou can remov e all contents of a CLNS cache or remov e information for a particular neig ...
Cisco Systems ME 3400 - page 790

35-74 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Multi-VRF CE Configuring Multi-VRF CE V irtual Priv ate Networks (VPNs) provide a secure way for customers to share bandwidth ov er an ISP backbone network . A VPN is a collection of site s sharing a common rout ...
Cisco Systems ME 3400 - page 791

35-75 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Multi-VRF CE Note The switch does not use Mul tiprotocol Label Switch ing (MPLS) to support VPNs. F or information about MPLS VRF , refer to the Cisco IOS Switchi ng Services Conf iguration G uide, Release 12.2 ...
Cisco Systems ME 3400 - page 792

35-76 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Multi-VRF CE Figure 35-6 sho ws a conf iguration using Cisco ME 3400 swit ches as multiple virtual CEs. This scenario is suited for customers who ha v e lo w bandwid th requ irements for their VPN service, for ex ...
Cisco Systems ME 3400 - page 793

35-77 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Multi-VRF CE T o conf igure VRF , you create a VRF table and specif y the Laye r 3 interface associated with the VRF . Then confi gure the routing protocols in the VPN an d between the CE and the PE. BGP is the ...
Cisco Systems ME 3400 - page 794

35-78 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Multi-VRF CE • Most routing protocols (BGP , OSPF , RIP , EIGRP , and static routing) can be used between the CE and the PE. Howe v er , we recommend using exte rnal BGP (EBGP) for these reasons: – BGP does n ...
Cisco Systems ME 3400 - page 795

35-79 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Multi-VRF CE Use the no ip vrf vrf-name global configuration command to dele te a VRF and to remov e all interfaces from it. Use the no ip vrf f orwarding interf ace configuration command to remo ve an interface ...
Cisco Systems ME 3400 - page 796

35-80 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Multi-VRF CE User Interface for PING Beginning in pri vileged EX EC mode, follo w these steps to con figure VRF-a ware services for p ing. For complete syntax and usage i nformation for the co mmands, refer to th ...
Cisco Systems ME 3400 - page 797

35-81 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Multi-VRF CE User Interface for uRPF uRPF can be conf igured on an interface assigned to a VRF , and source lookup is done in the VRF table. Beginni ng in pri vil eged EXEC mo de, follo w these steps t o conf ig ...
Cisco Systems ME 3400 - page 798

35-82 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Multi-VRF CE User Interface for Traceroute Beginni ng in pri vileged EXEC mo de, follow t hese step s to conf igure VRF-aware services for traceroute. For complete syntax and usage information for t he commands, ...
Cisco Systems ME 3400 - page 799

35-83 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Multi-VRF CE Beginning in pri vile ged EXEC mode, follo w these steps to conf igure OSPF in the VPN: Use the no rout er osp f pr ocess-id vrf vrf-name glob al configuration comma nd to disassociate the VPN forwa ...
Cisco Systems ME 3400 - page 800

35-84 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Multi-VRF CE Multi-VRF CE Configuration Example Figure 35-7 is a simplif ied e xample of the physical conn ections in a network si milar to that in Figure 35-6 . OSPF is the protocol used in VPN1, VPN2, and the g ...
Cisco Systems ME 3400 - page 801

35-85 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Multi-VRF CE Config ure the loopback and phy sical interf aces on Switch A. Gig abit Ethernet port 1 is a trunk connection to the PE. F ast Ethernet por ts 8 and 11 connect to VPNs: Switch(config)# interface loo ...
Cisco Systems ME 3400 - page 802

35-86 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Multi-VRF CE Switch(config-router)# network 118.0.0.0 0.0.0.255 area 0 Switch(config-router)# exit Config ure BGP for CE to PE routing. Switch(config)# router bgp 800 Switch(config-router)# address-family ipv4 vr ...
Cisco Systems ME 3400 - page 803

35-87 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Multi-VRF CE Configuring the PE Switch B On Switch B (the PE router ), these commands conf igure only th e connections to the CE de vice, Switch A. Router# configure terminal Enter configuration commands, one pe ...
Cisco Systems ME 3400 - page 804

35-88 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Protoco l -Ind ependent Features Displaying Multi-VRF CE Status Y ou can use the pri vile ged EXEC commands in Ta b l e 35-15 to display information about multi -VRF CE configuration and status. For more inf orma ...
Cisco Systems ME 3400 - page 805

35-89 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Protocol-Independe nt Feature s The two main componen ts in CEF are the distri b uted FIB and the distri buted adj acency tables. • The FIB is similar to a routing table or info rmation base and maintains a mi ...
Cisco Systems ME 3400 - page 806

35-90 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Protoco l -Ind ependent Features Configuring the Number of Equal-Cost Routing Paths When a router has two or more rout es to the same network w ith the sam e metrics , these ro utes can be thought of as ha ving a ...
Cisco Systems ME 3400 - page 807

35-91 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Protocol-Independe nt Feature s The switch retains static routes unti l you remov e them. Ho wev er , you can override stati c routes with dynamic routing informati on by assigning admi nistrati ve distance v al ...
Cisco Systems ME 3400 - page 808

35-92 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Protoco l -Ind ependent Features Beginni ng in pri vil eged EXEC mod e, follo w these steps to def ine a stati c route to a netw ork as the stat ic default ro ute: Use the no ip default-network network number glo ...
Cisco Systems ME 3400 - page 809

35-93 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Protocol-Independe nt Feature s within the same rout e map. Beginning in Cisco IOS Release 12.2(37)SE, th e switch supports the continue clause for outboun d policies. For mor e information about using the route ...
Cisco Systems ME 3400 - page 810

35-94 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Protoco l -Ind ependent Features Step 11 match route-type { local | inter nal | exter nal [ type-1 | type-2 ]} Match the specified r oute-type : • local —Locally generated BGP routes. • internal —OSPF int ...
Cisco Systems ME 3400 - page 811

35-95 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Protocol-Independe nt Feature s T o delete an entry , use the no route-map map ta g global conf i guration command or the no match or no set route-map conf iguration commands. Y ou can distrib ute routes from on ...
Cisco Systems ME 3400 - page 812

35-96 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Protoco l -Ind ependent Features Configuring Policy-Based Routing Y ou can use po licy-based routing (PBR) to c onfigure a defined policy for traff ic flo ws. By usin g PBR, you can ha ve more co ntrol ov er rout ...
Cisco Systems ME 3400 - page 813

35-97 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Protocol-Independe nt Feature s • Y ou can def ine a maximum of 512 access contr ol entries (A CEs) for PBR on the switch. • When config uring match criteria i n a route map, follo w these guidelines: – Do ...
Cisco Systems ME 3400 - page 814

35-98 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Protoco l -Ind ependent Features Beginning in priv ileged EXEC mode, foll ow these steps to co n f i gu r e PBR: Command Purpose Step 1 configur e terminal Enter global conf iguration mode. Step 2 route-map map-t ...
Cisco Systems ME 3400 - page 815

35-99 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Protocol-Independe nt Feature s Use the no route-map map-ta g global conf iguration command or t he no match or no set route-map confi guration commands to de lete an entry . Use the no ip policy r oute-map map- ...
Cisco Systems ME 3400 - page 816

35-100 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Configuring Protoco l -Ind ependent Features Use a network monitori ng pri vil eged EXEC command such as show ip ospf interface to verify the interfaces that you enabled as passi ve, or use the show ip interface pri vileged ...
Cisco Systems ME 3400 - page 817

35-101 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Configuring Protocol-Independe nt Feature s Filtering Sources of Routing Information Because some routing information might be more accura te than other s, you can use f iltering to priori tize information com ing from d i ...
Cisco Systems ME 3400 - page 818

35-102 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Monitoring and Main ta ining the IP Network Beginni ng in pri vileged EXEC mode, foll ow th ese steps to manage authentication k eys: T o remov e the key chain, use the no k ey chain name-of- c hain global configu ration co ...
Cisco Systems ME 3400 - page 819

35-103 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Config uring IP Unicast Routing Monitoring and Maintaining th e IP Ne twork show ip r oute supernet s-only Display supernets. show ip cache Display the routin g table used to switch IP traf f ic. show r oute-map [ map-name ] Display all route maps config ...
Cisco Systems ME 3400 - page 820

35-104 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 35 Configuring IP Unicast Routing Monitoring and Main ta ining the IP Network ...
Cisco Systems ME 3400 - page 821

CH A P T E R 36-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 36 Configuring HSRP This chapter describes ho w to use Hot Standb y Router Protocol (HSRP) on th e Cisco ME 3400 Ethernet Access switch to pro vide routing redundanc y for rout ing I P traff ic witho ut being dependent on th e av ailabilit y of any singl ...
Cisco Systems ME 3400 - page 822

36-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Understanding HSRP HSRP pro vides high network a vail ability by pro viding redundanc y for IP traff ic from hosts on networks. In a group of router interfaces, the activ e router is the router o f choi ce for routing packets; the standby ...
Cisco Systems ME 3400 - page 823

36-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Understanding HSRP Figur e 36-1 T ypical HSRP Configuration HSRP Versions Cisco IOS Release 12.2(46)SE and lat er support thes e Hot Standb y Router Pr otocol (HSRP) versi ons: • HSRPv1—V ersion 1 of the HSRP , the default ve rsion of ...
Cisco Systems ME 3400 - page 824

36-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Understanding HSRP HSRPv2 has a different pack et format th an HSRPv1. A HSR Pv2 packet uses the type-length-v alue (TL V) format and has a 6-byte iden tifier f ield with th e MA C address of the physical router that sent the packet. If an ...
Cisco Systems ME 3400 - page 825

36-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Configuring HSRP Configuring HSRP These sections contain this configu ration informatio n: • Default HSRP Conf iguration, p age 36-5 • HSRP Configuratio n Guidel ines, page 36-5 • Enabling HSRP , page 36-6 • Config uring HSRP Prior ...
Cisco Systems ME 3400 - page 826

36-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Configuring HSRP • All Layer 3 interfaces must have IP addresses assigned to them. See the “Conf iguring Layer 3 Interfaces” section on page 9-22 . • HSRPv2 and HSRPv1 can be conf igured on t he same switch if HSRPv2 is conf igured ...
Cisco Systems ME 3400 - page 827

36-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Configuring HSRP Use the no standby [ gr oup-number ] ip [ ip-addr ess ] in terface conf iguration command to disable HSRP . This exampl e show s how to activ ate HSRP f or group 1 on an interface. The IP address used by the hot standby gr ...
Cisco Systems ME 3400 - page 828

36-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Configuring HSRP • When setting the priority , preempt, or bo th, you must specify at least one ke ywo rd ( priority , preempt , or both). • The priority of the de vice can change dynami cally if an interf ace is configured wit h the s ...
Cisco Systems ME 3400 - page 829

36-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Configuring HSRP Use the no standby [ gr oup-number ] priority priority [ pr eempt [ delay dela y ]] and no standby [ gr oup-num ber ] [ priority priority ] pr eempt [ delay delay ] interface conf igurati on commands to restore default pri ...
Cisco Systems ME 3400 - page 830

36-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Configuring HSRP Configuring MHSRP T o enable MHSRP and load balancing, yo u conf igure two routers as acti v e routers for th eir groups, wit h virtual router s as standb y routers. This e xample sho ws ho w to enable the MHSRP conf igur ...
Cisco Systems ME 3400 - page 831

36-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Configuring HSRP Beginni ng in pri vileged EXEC mod e, use one or more of these steps to con figur e HSRP authentication and timers on an interface: Use the no standby [ gr oup-number ] authenti cation string interface configuration co mm ...
Cisco Systems ME 3400 - page 832

36-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 36 Configuring HSRP Displaying HSRP Configurati ons Enabling HSRP Support for ICMP Redirect Messages IC M P ( I n t e r n et C o n t r o l M e s s a g e Pr o t o c o l ) redirect messages are automatically enabled on interfaces configured with HSRP . This fe ...
Cisco Systems ME 3400 - page 833

CH A P T E R 37-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 37 Configuring Cisco IOS IP SLAs Operations This chapter describes ho w to use Cisco IOS IP Serv ice Le vel Agreements (SLAs) on the Cisco ME 3400 Ethernet Access switch. Cisco IP SLAs is a part of Cisco IOS softw are that allows Cisco customers to analy ...
Cisco Systems ME 3400 - page 834

37-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Config uring Cisco IO S IP SLAs Ope rations Understanding Cisco IOS IP SLAs Depending on the specif ic Cisco IOS IP SLAs oper ation, v a rious netw ork pe rformance statistics are monitored within the Cisc o de vic e and stored in both command-l ine interf ...
Cisco Systems ME 3400 - page 835

37-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Configuring Cisco IOS IP SLAs Operations Understanding Cisco IOS IP SLAs Using Cisco IOS IP SLAs to Measure Network Performance Y ou can use IP SLAs to mon itor the performance be twee n any are a in the netw ork—core, distrib ution, and edge—wit hout ...
Cisco Systems ME 3400 - page 836

37-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Config uring Cisco IO S IP SLAs Ope rations Understanding Cisco IOS IP SLAs IP SLAs Responder and IP SLAs Control Protocol The IP SLAs responder is a componen t embedded in the dest ination Cisco de vi ce that allo ws t he system to anticipate and respond ...
Cisco Systems ME 3400 - page 837

37-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Configuring Cisco IOS IP SLAs Operations Understanding Cisco IOS IP SLAs Figur e 37 -2 Cisco IOS IP SLAs Responder Time Stamping An additional benef it of the two time stamp s at the ta rget devi ce is the ability to track one- way delay , jitter , and dir ...
Cisco Systems ME 3400 - page 838

37-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Config uring Cisco IO S IP SLAs Ope rations Configuring IP SLAs Operations • One-way mean op inion score (MO S) • One-way latenc y An IP SLAs threshold violation can also trigger another IP SLAs op eration for further anal ysis. For exam ple, the frequ ...
Cisco Systems ME 3400 - page 839

37-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Configuring Cisco IOS IP SLAs Operations Configuring IP SLAs Operations Before configuring any IP SLAs application, you can use the show ip sla application pr i vile g e d EXEC command to veri fy that the operation type is su pported on your softw are imag ...
Cisco Systems ME 3400 - page 840

37-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Config uring Cisco IO S IP SLAs Ope rations Configuring IP SLAs Operations T o disable the IP SLAs responder , enter th e no ip sla responder global conf iguration command. This example sho ws how to conf igure the de vice as a responder for the UDP jitter ...
Cisco Systems ME 3400 - page 841

37-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Configuring Cisco IOS IP SLAs Operations Configuring IP SLAs Operations Beginni ng in pri vile ged EXEC mod e, follo w these steps to conf igure UDP j itter operati on on the source device: Command Purpose Step 1 configur e terminal Enter global conf igura ...
Cisco Systems ME 3400 - page 842

37-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Config uring Cisco IO S IP SLAs Ope rations Configuring IP SLAs Operations T o d is ab l e t he I P S L As operation, enter the no ip sla operation-number global conf iguration command . This exampl e show s how to co nfigure a UDP j itter IP SLAs operati ...
Cisco Systems ME 3400 - page 843

37-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Configuring Cisco IOS IP SLAs Operations Configuring IP SLAs Operations Schedule: Operation frequency (seconds): 30 Next Scheduled Start Time: Pending trigger Group Scheduled : FALSE Randomly Scheduled : FALSE Life (seconds): 3600 Entry Ageout (seconds): ...
Cisco Systems ME 3400 - page 844

37-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Config uring Cisco IO S IP SLAs Ope rations Configuring IP SLAs Operations T o disable the IP SLAs operation, enter the no ip sla operation-number global con f iguration command. This exampl e show s how to conf igure an ICMP echo IP SLAs operat ion: Swit ...
Cisco Systems ME 3400 - page 845

37-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Configuring Cisco IOS IP SLAs Operations Monitoring IP SLAs Operations Next Scheduled Start Time: Pending trigger Group Scheduled : FALSE Randomly Scheduled : FALSE Life (seconds): 3600 Entry Ageout (seconds): never Recurring (Starting Everyday): FALSE St ...
Cisco Systems ME 3400 - page 846

37-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 37 Config uring Cisco IO S IP SLAs Ope rations Monitoring IP SLAs Operations ...
Cisco Systems ME 3400 - page 847

CH A P T E R 38-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 38 Configuring Enhanced Object Tracking This chapter describe s how to configure enhanced object tracking on the Cisco ME 3400 switch. Th is feature provides a more com plete alternat iv e to the Ho t Standby Rou ting Pro tocol (H SRP) t racking mechanis ...
Cisco Systems ME 3400 - page 848

38-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configu rin g Enhanced Object Trackin g Configuring Enh anced Object Trac king Features Configuring Enhanced Object Tracking Features These sections describe conf igur ing enhanced object tracking: • Default Co nfig uration, page 38-2 • T racking Inter ...
Cisco Systems ME 3400 - page 849

38-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configuring Enhan ced Object Tracking Configuring Enhanced Obje ct Tracking Features This example configures the tracki ng of an in terface line-protoco l st ate and verifi es the configuration: Switch(config)# track 33 interface gigabitethernet 1/0/1 line ...
Cisco Systems ME 3400 - page 850

38-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configu rin g Enhanced Object Trackin g Configuring Enh anced Object Trac king Features Configuring a Tracked List with a Boolean Expression Config uring a tracked list with a Boolean e xpression enables calculation by using ei ther “ AND” or “OR” ...
Cisco Systems ME 3400 - page 851

38-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configuring Enhan ced Object Tracking Configuring Enhanced Obje ct Tracking Features Configuring a Tracked List with a Weight Threshold T o track by weight threshold, conf igure a tracked list of objects, specify that weig ht is used as the threshold, and ...
Cisco Systems ME 3400 - page 852

38-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configu rin g Enhanced Object Trackin g Configuring Enh anced Object Trac king Features Configuring a Tracked List with a Percentage Threshold T o track by percentage threshold, conf igure a tracked list of objects, specify th at a percentage will be used ...
Cisco Systems ME 3400 - page 853

38-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configuring Enhan ced Object Tracking Configuring Enhanced Obje ct Tracking Features Configuring HSRP Object Tracking Beginni ng in pri vi leged EXEC mod e, fo llo w these steps to configure a stan dby HSRP gr oup to track an object and ch ange the HSRP p ...
Cisco Systems ME 3400 - page 854

38-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configu rin g Enhanced Object Trackin g Configuring Enh anced Object Trac king Features Configuring Other Tracking Characteristics Y ou can also use the enhanc ed object trac king for tr acking ot her characteristics . • Y ou can track the reachability o ...
Cisco Systems ME 3400 - page 855

38-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configuring Enhan ced Object Tracking Configuring Enhanced Obje ct Tracking Features Object tracking of IP SLAs operati ons allow s client s to track the output fr om IP SLAs objects and use this information to tr igger an action. Every IP SLAs operatio n ...
Cisco Systems ME 3400 - page 856

38-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configu rin g Enhanced Object Trackin g Configuring Enh anced Object Trac king Features This exampl e output sho ws wh ether a route is reachable: Switch(config)# track 3 500 reachability Switch(config)# end Switch# s how track 3 Track 3 Response Time Rep ...
Cisco Systems ME 3400 - page 857

38-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configuring Enhan ced Object Tracking Configuring Enhanced Obje ct Tracking Features Beginni ng in pri vileged EXEC mode, follow these steps to conf igure a primary interf ace for DHCP: Configuring a Cisco IP SLAs Monitoring Agent and Track Object Beginni ...
Cisco Systems ME 3400 - page 858

38-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configu rin g Enhanced Object Trackin g Configuring Enh anced Object Trac king Features Configuring a Routing Policy and Default Route Beginni ng in pri vileged EXEC mode, follo w these steps to conf igure a routing polic y for backup static routing by us ...
Cisco Systems ME 3400 - page 859

38-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configuring Enhan ced Object Tracking Monitoring Enhanced Ob je ct Tracking Monitoring Enhanced Object Tracking Use the privile ged EXEC or User EXEC commands in Ta b l e 38-1 to display enhanced object tracking inform ation. Ta b l e 38-1 Commands for Di ...
Cisco Systems ME 3400 - page 860

38-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 38 Configu rin g Enhanced Object Trackin g Monitoring Enhanced Ob ject Tr ack ing ...
Cisco Systems ME 3400 - page 861

CH A P T E R 39-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 39 Configuring Ethernet OAM, CFM, and E-LMI Ethernet Operations, Administrati on, and Maintenance (O AM) is a protocol for instal ling, monitoring, and troubleshoot ing Ethernet netwo rks to increase manage ment capability within th e conte xt of the ov ...
Cisco Systems ME 3400 - page 862

39-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Understanding Ethernet CFM • Config uring E-LMI, page 39-26 • Displaying E-LMI and O AM Manager Information, page 39-31 • Ethernet CFM and Ethernet O AM Interaction, page 39 -32 Understanding Ethernet CFM Eth ...
Cisco Systems ME 3400 - page 863

39-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Understanding Ethernet CFM Figur e 39-1 C FM Maintenance Domains Figur e 39-2 Allowed Do main Relationship s Maintenance Points A maintenance point is a demarcation point on an inte rface that particip ates in CFM ...
Cisco Systems ME 3400 - page 864

39-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Understanding Ethernet CFM Note A UNI in the conte xt of CFM and O AM manager is not the same as an ME 3400 UNI port type. The CFM UNI can be a UNI, an enhanced networ k interface (ENI), or a network node interf ac ...
Cisco Systems ME 3400 - page 865

39-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Configuring Ethernet CFM IP SLAs Support for CFM Starting with Cisco IOS Rel ease 12.2(40)SE, the switch supports CFM with IP Service Le vel Agreements (SLAs), which pro vides the ability t o ga ther Ethernet layer ...
Cisco Systems ME 3400 - page 866

39-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Configuring Ethern et CFM Ethernet CFM Configuration Guidelines These are the configuration guide lines and rest rictions for CFM: • CFM is not support ed and cannot be conf igured on r outed ports. • Starting ...
Cisco Systems ME 3400 - page 867

39-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Configuring Ethernet CFM Use the no versions of the commands to remo ve the config uration or return to th e default conf igurati ons. Configuring Ethernet CFM Service Beginni ng in pri vileged EXEC mode, follow th ...
Cisco Systems ME 3400 - page 868

39-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Configuring Ethern et CFM Use the no form of each command to remo ve a conf igur ation or to return to the default settings. Configuring Ethernet CFM Crosscheck Beginning in priv ileged EXEC mode, foll ow th ese st ...
Cisco Systems ME 3400 - page 869

39-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Configuring Ethernet CFM Use the no form of each command to remo ve a conf iguration or to return to the default settings. Configuring IP SLAs CFM Operation Y ou can manually conf igure an indi vidual IP SLAs Ether ...
Cisco Systems ME 3400 - page 870

39-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Configuring Ethern et CFM This section includes these procedures: • Manually Conf iguring an IP SLAs CFM Pro be or Jitter Operation, page 39-10 • Config uring an IP SLAs Operation wi th Endpoint Disco very , p ...
Cisco Systems ME 3400 - page 871

39-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Configuring Ethernet CFM T o remov e an IP SLAs operation, enter the no ip sla operation -number global configuration comman d. Step 10 threshold milliseconds (Optio nal) Specify the upper threshold valu e in mill ...
Cisco Systems ME 3400 - page 872

39-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Configuring Ethern et CFM Configuring an IP SLAs Oper ation with Endpoint Discovery Beginning in priv ileged EXEC mode, foll ow th ese steps to use IP SLAs to automatically disco ver the CFM endpoints for a domai ...
Cisco Systems ME 3400 - page 873

39-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Displaying Et hernet CFM Information T o remov e an IP SLAs operation, enter the no ip sla operation-number global configuratio n command. Displaying Ethernet CFM Information Y ou can use the pri vile ged EXEC com ...
Cisco Systems ME 3400 - page 874

39-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Understanding the Ethernet OA M Proto col Y ou can use the pri vile ged EXEC commands in Ta b l e 39-2 to display IP SLAs Ethernet CFM inform ation. Understanding the Ethernet OAM Protocol The Ethernet O AM protoc ...
Cisco Systems ME 3400 - page 875

39-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Understanding the Ethern et OAM Protoco l • The O AM sublayer presents two standard IEEE 802.3 MA C service interfaces facing the superior and inferior MA C sublayers. It provid es a dedi cated interface for the ...
Cisco Systems ME 3400 - page 876

39-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Setting Up and Configuring Ethern et OA M Setting Up and Configuring Ethernet OAM This section includes this information: • Default Eth ernet O AM Conf iguration, page 39- 16 • Ethernet O AM Conf iguration Gui ...
Cisco Systems ME 3400 - page 877

39-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Setting Up and Co nfiguring Et hernet OAM Enter the no ethernet oam interface conf iguration command to di sable Ethernet O AM on the interf ace. Enabling Ethernet OAM Remote Loopback Y ou must enable Ethernet O A ...
Cisco Systems ME 3400 - page 878

39-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Setting Up and Configuring Ethern et OA M Use the no ethernet oam r emote-loopback { supported | timeout } interface config uration command to disable remote loopback sup port or remov e the timeout setti ng. Conf ...
Cisco Systems ME 3400 - page 879

39-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Setting Up and Co nfiguring Et hernet OAM Step 4 ethernet oam link-monitor symbol-period { threshold { hi gh { high symbols | none } | low { low-symbol s }} | window symbols } Note Repeat this step to conf igure b ...
Cisco Systems ME 3400 - page 880

39-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Setting Up and Configuring Ethern et OA M The ethernet oam link-monitor transmit- crc { threshold { high { high-frames | none } | low { low-frames }} | window mil liseconds } command is visible on the swit ch and ...
Cisco Systems ME 3400 - page 881

39-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Setting Up and Co nfiguring Et hernet OAM Configuring Ethernet OAM Remote Failure Indications Y ou can conf igure an error -disable action t o occur on an interface if one of the high thresholds is exceeded, if th ...
Cisco Systems ME 3400 - page 882

39-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Setting Up and Configuring Ethern et OA M Beginni ng in pri vileged EXEC mode, follo w these steps to conf igure an Ethernet O AM template and to associate it with an interface: Command Purpose Step 1 configure te ...
Cisco Systems ME 3400 - page 883

39-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Setting Up and Co nfiguring Et hernet OAM Step 5 ethernet oam link-monitor frame { threshold { high { high-frames | none } | low { low-fr ames }} | window milliseconds } (Optional) Conf igure high and l ow thr esh ...
Cisco Systems ME 3400 - page 884

39-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Displaying Ethern et OAM Protocol Information The switch does not support monitoring e gress frames with CRC errors. The ethernet oam link-monit or transmit-crc { thr eshold { high { high-fr ames | none } | low { ...
Cisco Systems ME 3400 - page 885

39-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Understanding E-LMI O AM manager , which st reamlines interaction between any tw o O AM protocols, handles the interaction between CFM and E-LMI. This interaction i s unidir ectional, ru nning only from OA M manag ...
Cisco Systems ME 3400 - page 886

39-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Configuring E-LMI Configuring E-LMI For E-LMI to w ork with CFM, you conf igure Ethernet vi rtual connections (EVCs), Ethernet servic e instances (EFPs), and E-LMI customer VLAN mapping. Most of the conf iguration ...
Cisco Systems ME 3400 - page 887

39-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Configuring E-LMI Configuring the OAM Manager Beginning in priv ileged EXEC mode, foll ow these steps to configu re O AM manager on a PE switch: Command Purpose Step 1 configure terminal Enter global conf iguratio ...
Cisco Systems ME 3400 - page 888

39-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Configuring E-LMI Step 11 service instance efp-identif ier ether net [ evc- id ] Configure an Ethe rnet service inst ance (EFP) on the interface, and enter ethernet service confi guration mode. • The EFP identif ...
Cisco Systems ME 3400 - page 889

39-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Configuring E-LMI Use the no forms of the comma nds to de lete an EVC, EFP , or UNI ID, or to return to default configurations. Note If you conf igure, change, or remo ve a UNI ser vi ce type, EVC, EFP , or CE-VLA ...
Cisco Systems ME 3400 - page 890

39-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Configuring E-LMI Use the no ethernet lmi global conf igurat ion command to globally disabl e E-LMI. Use the no form of the ethernet lmi interface conf iguration command with k eyw ords to disable E-LMI on the int ...
Cisco Systems ME 3400 - page 891

39-31 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Displaying E-LMI and OAM Manager Information Switch(config-ether-cfm)# exit Switch(config)# ethernet cfm enable Switch(config)# ethernet evc test1 Switch(config-evc)# oam protocol cfm svlan 101 domain Provider Swi ...
Cisco Systems ME 3400 - page 892

39-32 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Ethernet CFM and Eth ernet OAM Interaction Ethernet CFM and Ethernet OAM Interaction Beginni ng with Cisco IO S Release 12.2(40)SE, you ca n also configu re the O AM Manager infrast ructure for interaction between ...
Cisco Systems ME 3400 - page 893

39-33 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Ethernet CFM and Ethernet OAM Inte raction Configuring Ethernet OAM Interaction with CFM For Ethernet O AM to function with CFM, you must conf igure an Et hernet V irtual Circuit (EVC) and the O AM manager , and a ...
Cisco Systems ME 3400 - page 894

39-34 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Ethernet CFM and Eth ernet OAM Interaction Enabling Ethernet OAM Beginni ng in pri vileged EXEC mode, foll ow th ese steps to enable Ethernet OAM on an interface. Ethernet OAM and CFM Configuration Example These a ...
Cisco Systems ME 3400 - page 895

39-35 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethern et OAM, CFM, and E-LMI Ethernet CFM and Ethernet OAM Inte raction Switch(config-if)# ethernet uni id 2004-20 Switch(config-if)# ethernet oam remote-loopback supported Switch(config-if)# ethernet oam Switch(config-if)# service instance 1 ...
Cisco Systems ME 3400 - page 896

39-36 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 39 Configuring Ethe rnet OAM, CFM, and E-LMI Ethernet CFM and Eth ernet OAM Interaction Switch PE2: Switch# show ethernet cfm maintenance points remote MPID Level Mac Address Vlan PortState InGressPort Age(sec) Service ID 100 * 4 0012.00a3.3780 10 TEST Gi1/1 ...
Cisco Systems ME 3400 - page 897

CH A P T E R 40-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 40 Configuring IP Multicast Routing This chapter describes ho w to conf igure IP mul ticast routing on the Cisco ME 3400 Et hernet Access switch. IP multicasting is a more ef f icient way to use netw ork resources, especially for bandwidth-intensi v e se ...
Cisco Systems ME 3400 - page 898

40-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Understanding Cisco’s Impleme ntation of IP Multicast Routing According to IPv4 multi cast standard s, the MA C destination multicast address be g ins with 01 00:5e and is appended by the last 23 bits of the IP address. ...
Cisco Systems ME 3400 - page 899

40-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Understanding Cisco ’s Implementa tion of IP Multicast Routing IGMP Version 1 IGMP V ersion 1 (IGMPv1) primarily uses a query-respon se model that en ab les the m ulticast router and multilayer switch to f ind which mul ...
Cisco Systems ME 3400 - page 900

40-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Understanding Cisco’s Impleme ntation of IP Multicast Routing • Sparse mode and dense mode ar e properties of a gr oup, as opp osed to an interface. W e strongly recommend sparse-dense mode, as opposed to either sparse ...
Cisco Systems ME 3400 - page 901

40-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Understanding Cisco ’s Implementa tion of IP Multicast Routing In a network using PIM stub routing, the only allo wable route for IP traf fic to the user is through a switch that is conf igured with PIM stub routing. P I ...
Cisco Systems ME 3400 - page 902

40-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Understanding Cisco’s Impleme ntation of IP Multicast Routing For complete syntax and usage information for the ip igmp helper -address command, see the Cisc o IOS IP and IP Routing Command Refer ence, Release 12.1 . Aut ...
Cisco Systems ME 3400 - page 903

40-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Understanding Cisco ’s Implementa tion of IP Multicast Routing Multicast Forwarding and Reverse Path Check W i th unicast routi ng, rou ters and multi layer switches forw ar d traf f i c through the netw ork al ong a sin ...
Cisco Systems ME 3400 - page 904

40-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing PIM uses both source trees and RP-rooted shared trees to f orward data gr ams (described in the “PIM DM” section on page 40-4 and t he “PIM SM” section on pa ge 40-4 ). The RPF chec ...
Cisco Systems ME 3400 - page 905

40-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing Multicast Routing Configuration Guidelines T o a void misconfiguri ng multicast routing on your switch, re vie w the information in these sections: • PIMv1 and PIMv2 Interoperabi lity , p ...
Cisco Systems ME 3400 - page 906

40-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing Auto-RP and BSR Configuration Guidelines There are two approaches to using PIMv2. Y ou can us e V ersion 2 exclusi v ely in your netw ork or migrate to V ersion 2 by employing a mi xed PIM ...
Cisco Systems ME 3400 - page 907

40-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing Beginning in priv ileged EXEC mode, foll ow these step s to enable IP mu lticasting, to conf igure a PIM version, and t o configur e a PIM mode. This procedure is required. Command Purpose ...
Cisco Systems ME 3400 - page 908

40-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing T o disable multicastin g, use the no ip multicast-r outing distributed global co nfiguratio n command. T o return to the defau lt PIM version, use th e no ip pim version interf ace conf i ...
Cisco Systems ME 3400 - page 909

40-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing T o disable PIM stub routing on an interface, use the no ip pim passiv e interface configuration command. In this examp le, IP multicast routing is enabl ed, Switch A PIM uplink port 25 i ...
Cisco Systems ME 3400 - page 910

40-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing SSM Components Overview SSM is a datagram deli v ery model that best supports one-to-man y applications, also kno wn as broadcast applications. SSM is a core networki ng technology for the ...
Cisco Systems ME 3400 - page 911

40-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing If SSM is deplo yed in a network already conf igured for PIM-SM, only the last-hop routers sup port SSM. Routers that are not directly connected to receiv er s do not require support for S ...
Cisco Systems ME 3400 - page 912

40-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing for an applicat ion to minimize the chance for re-use of a single addr ess within the SSM ran ge between dif ferent applications. F or e xample, an application service pro viding a set of ...
Cisco Systems ME 3400 - page 913

40-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing Monitoring SSM Use the commands in Ta b l e 40-3 to monitor SSM. Configuring Source Specific Multicast Mapping The Source Specific Multicast (SSM) mapping featur e supports SSM transition ...
Cisco Systems ME 3400 - page 914

40-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing • Enable IGMPv3 with care on the last hop router when yo u rely so lely on S SM mapp ing as a transition so lution for full SSM. When you enable both SSM mapping and IGMPv3 an d the host ...
Cisco Systems ME 3400 - page 915

40-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing Figur e 40-3 DNS-Based SSM-M apping The SSM mapping mechanism that enables the last hop router to joi n multiple sources for a group can provid e source redundancy for a TV broadcast. In t ...
Cisco Systems ME 3400 - page 916

40-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing Configuring Static SSM Mapping Beginning in priv ileged EXEC mode, foll ow th ese steps to conf igure static SSM mapping: Go to this URL to see SSM mapping conf igurati on examples: http:/ ...
Cisco Systems ME 3400 - page 917

40-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing Configuring Static Traffic Forwarding with SSM Mapping Use static traf fic for warding with SSM mapp ing to statically forwar d SSM traff ic for certai n groups. Beginni ng in pri v ile ge ...
Cisco Systems ME 3400 - page 918

40-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing Monitoring SSM Mapping Use the privile ged EXEC commands in Ta b l e 40-4 to monitor SSM mapping. Go to this URL to see SSM mapping monit oring examples: http://www .cisco.com/en/ US/produ ...
Cisco Systems ME 3400 - page 919

40-23 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing Beginning in priv ileged EXEC mode, foll ow these steps to manually config ure the address of the RP . This procedure is optional. T o remov e an RP address, use the no ip pim rp-addr ess ...
Cisco Systems ME 3400 - page 920

40-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing Configuring Auto-RP Auto-RP uses IP multicast t o automate the distrib ution of group-to-RP mappings to all Cisco routers and multilayer switches in a PIM netw ork. It has these benef its: ...
Cisco Systems ME 3400 - page 921

40-25 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing Beginni ng in pri vileged EXEC mode, follo w these steps to deplo y Auto-RP in an existing sparse- mode cloud. This procedure is opti onal. Command Purpose Step 1 show running-config V eri ...
Cisco Systems ME 3400 - page 922

40-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing T o remov e the PIM de vice configured as the candidate RP , use the no ip pim send-rp-announce interface- id global conf iguration command. T o remove the swit ch as the RP-mapping agent, ...
Cisco Systems ME 3400 - page 923

40-27 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing Filtering Incoming RP An nouncement Mess ages Y ou can add conf iguration co mmands to the mapping agents to pre vent a maliciousl y config ured router from masquerading as a candid at e R ...
Cisco Systems ME 3400 - page 924

40-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing This exampl e show s a sample confi guration on an Au to-RP mapping agent that is used to pre vent candidate RP announcemen ts from being accepted from unaut horized candidate RPs: Switch( ...
Cisco Systems ME 3400 - page 925

40-29 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing T o remove the PIM border , use the no ip pim bsr -border interf ace configu ration command. Figur e 40-4 Constraining PIMv2 BSR Messages Defining the IP Multicast Bo unda ry Y ou defi ne ...
Cisco Systems ME 3400 - page 926

40-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing T o remov e the boundary , use the no ip multicast boundary interf ace config uration command. This exampl e show s a portion of an IP multi cast boundary conf iguration that denies Auto-R ...
Cisco Systems ME 3400 - page 927

40-31 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring IP Multicast Routing This example shows ho w to configure a cand idate BSR, which uses th e IP address 172.21.24.18 on a po rt as the advertised BSR address, uses 30 bits as the hash-mask-length, and has a pri ...
Cisco Systems ME 3400 - page 928

40-32 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring IP Multicast Routing T o remov e this device as a candidate RP , use the no ip pim rp-candidate interface-id glo bal confi guration command. This exampl e show s how to configu re the switch to advertise itse ...
Cisco Systems ME 3400 - page 929

40-33 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring Advanc ed PIM Features Monitoring the RP Mapping Information T o monitor the RP mapp ing information, use t hese commands in pri vileg ed EXEC mode: • show ip pim bsr displays i nformation about the elected ...
Cisco Systems ME 3400 - page 930

40-34 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring Adva nce d PIM Features Figur e 40-5 S ha r ed T ree and Sour ce T r ee (Short est-P ath T ree) If the data rate warrants, leaf routers (routers w ithout any do wnstream connectio ns) on the shar ed tree can u ...
Cisco Systems ME 3400 - page 931

40-35 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring Advanc ed PIM Features Delaying the Use of PIM Shortest-Path Tree The change from shared to source tr ee happens when the first data packet arri v es at the last-hop router (Router C in Figure 40-5 ). This cha ...
Cisco Systems ME 3400 - page 932

40-36 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring Optio na l IGMP Feature s T o return to the d efault setting, us e the no ip pim spt-threshol d { kbps | infinity } global conf iguratio n command. Modifying the PIM Router-Query Message Interval PIM routers a ...
Cisco Systems ME 3400 - page 933

40-37 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring Optio nal IGMP Features • Controlling Access to IP Multicast Groups, page 40 -38 (optional) • Changing the IGM P V ersion, pa ge 40-39 ( optiona l) • Modifying the IGMP Host-Query Message Interv al, page ...
Cisco Systems ME 3400 - page 934

40-38 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring Optio na l IGMP Feature s T o cancel member ship in a gr oup, use the no ip igmp jo in-group gr oup-addr ess interface conf iguration command. This exampl e show s how to en able the switch to join multicast g ...
Cisco Systems ME 3400 - page 935

40-39 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring Optio nal IGMP Features T o disable groups o n an interface, use the no ip igmp access-group interf ace conf iguration command. This exampl e sho ws how to conf igure hosts attached to a port as able to join o ...
Cisco Systems ME 3400 - page 936

40-40 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring Optio na l IGMP Feature s T o return to the d efault setting, us e the no ip igmp version interface conf iguration command. Modifying the IGMP Host-Query Message Interval The switch periodically sends IGMP hos ...
Cisco Systems ME 3400 - page 937

40-41 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring Optio nal IGMP Features Changing the IGMP Query Timeout for IGMPv2 If you are using IGMPv2 , you can specify the period of time before the switch tak es ov er as the querier for the interf ace. By default, the ...
Cisco Systems ME 3400 - page 938

40-42 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring Optio na l IGMP Feature s T o return to the d efault setting, us e the no ip igmp query- max-re sponse-time interface conf iguration command. Configuring the Switch as a Statically Connected Member Sometimes t ...
Cisco Systems ME 3400 - page 939

40-43 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring Optional Multicast Rou ting Feature s Configuring Optional Multicast Routing Features These sections describe ho w to conf ig ure optio nal multicast routing feat ures: • Config uring sdr Listener Support, p ...
Cisco Systems ME 3400 - page 940

40-44 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Configuring Optional Multicast Routing Features Limiting How Long an sd r Cache Entry Exists By default, entr ies are ne v er deleted from the sdr cach e. Y ou can limit ho w long the ent ry remains acti v e so that if a ...
Cisco Systems ME 3400 - page 941

40-45 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Configuring Optional Multicast Rou ting Feature s Figur e 40-6 Admi ni str ativ ely -Scoped Boundar ies Y ou can def ine an administrati vel y-scoped boundary on a routed interface f or multicast group addresses. A standa ...
Cisco Systems ME 3400 - page 942

40-46 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Monitoring and Maintain ing IP Multicast Routing T o remov e the boundary , use the no ip multicast boundary interf ace configurat ion command. This exampl e show s how to set up a boundary for all ad ministrati vely-scop ...
Cisco Systems ME 3400 - page 943

40-47 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Config uring IP Multicast Routing Monitoring and Maintainin g IP Multicast Routing Y ou can di splay inform ation to lea rn resourc e utilizati on and so lve network proble ms. Y ou c an also display information about node reachability and disco ver the r ...
Cisco Systems ME 3400 - page 944

40-48 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 40 Configur ing IP Multicast Routing Monitoring and Maintain ing IP Multicast Routing ...
Cisco Systems ME 3400 - page 945

CH A P T E R 41-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 41 Configuring MSDP This chapter describe s how to configure the Multicast Sou rce Discovery Protocol (MSDP) on th e Cisco ME 3400 Ethernet Acces s switch. The MSDP co nnects multiple Protocol -Independent Multicast sparse-mode (PIM-SM) domains. MSDP is ...
Cisco Systems ME 3400 - page 946

41-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Understanding MSDP MSDP Operation Figure 41-1 sho ws MSDP operating between two MSDP peers. PIM uses MSDP as the standard mechanism to regist er a source with the RP of a domain. When MSDP is configured, t his sequence occurs. When a sour ...
Cisco Systems ME 3400 - page 947

41-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Configuring MSDP Configuri ng MSDP Figur e 41 -1 MSDP Running Between RP P eers MSDP Benefits MSDP has these benefits: • It breaks up the shared multicas t distribut ion tree. Y ou can make the shared tree local to your domain. Y our local members join t ...
Cisco Systems ME 3400 - page 948

41-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Configuring MSDP • Controlling Source Informati on that Y our Switch Originates, page 41-8 ( optional) • Controlling Source Informati on that Y our Switch F orwards, page 41-11 ( optional) • Controlling Source Informati on that Y ou ...
Cisco Systems ME 3400 - page 949

41-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Configuring MSDP Configuri ng MSDP Figur e 41 -2 Def ault MSDP Peer Netw or k Beginni ng in pri vileg ed EXEC mode, follo w these steps to speci fy a default MSDP peer . This procedure is requi red. ISP A PIM domain ISP C PIM domain SA Router A Switch B 10 ...
Cisco Systems ME 3400 - page 950

41-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Configuring MSDP T o remov e the default peer , use the no ip msdp default-peer ip-addr ess | name global configuration command. This examp le sho ws a partial confi guration of Ro uter A and Router C in Figure 41-2 . Each of these ISPs h ...
Cisco Systems ME 3400 - page 951

41-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Configuring MSDP Configuri ng MSDP Beginni ng in pri vileged EXEC mode, follo w these steps to enable the caching of source/group pairs. This procedure is optional. Note An alternati ve to this command is the ip msdp sa- request glob al conf igu ration com ...
Cisco Systems ME 3400 - page 952

41-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Configuring MSDP Requesting Source Information from an MSDP Peer Local RPs can send SA requests and get immedi ate responses for all acti v e sources for a gi ven grou p. By default, the sw itch does not send any SA request messages to it ...
Cisco Systems ME 3400 - page 953

41-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Configuring MSDP Configuri ng MSDP Redistributing Sources SA messages originate on RPs to which sou rces hav e registered. By d efault, an y source that regist ers with an RP is advertised. The A flag is set in the RP when a source is regist ered, which me ...
Cisco Systems ME 3400 - page 954

41-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Configuring MSDP T o remov e the fi lter , use the no ip msdp r edistribute glo bal configurati on command. Filtering Source-Active Request Messages By default, only switches that are caching SA in form at ion can respo nd to SA requests ...
Cisco Systems ME 3400 - page 955

41-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Configuring MSDP Configuri ng MSDP Beginni ng in pri vileged EXEC mode, follow these steps to conf igure one of these options. Thi s procedure is optional. T o return to the def ault setting, use the no ip msdp f ilter -sa-request { ip-address | name } gl ...
Cisco Systems ME 3400 - page 956

41-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Configuring MSDP Using a Filter By creating a filter , you can perform one of these actions: • Filter all source/group pair s • Specify an IP extended access list to pass only certain source/gro up pairs • Filter based on match cri ...
Cisco Systems ME 3400 - page 957

41-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Configuring MSDP Configuri ng MSDP T o remov e the fi lter , use the no ip msdp sa-f ilter out { ip-addr ess | name } [ list access-list-number ] [ rou te -m ap map-tag ] g lobal conf iguration comman d. This exampl e shows ho w to al lo w only (S,G) pair ...
Cisco Systems ME 3400 - page 958

41-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Configuring MSDP Y ou can perform one of these act ions: • Filter all incoming SA messages from an MSDP peer • Specify an IP e xtended access list to pass certain so urce/group pairs • Filter based on match criteria in a rout e map ...
Cisco Systems ME 3400 - page 959

41-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Configuring MSDP Configuri ng MSDP T o remov e the fi lter , use the no ip msdp sa-f ilter in { ip-addr ess | name } [ list access-list-number ] [ rou te -m ap map-tag ] g lobal conf iguration comman d. This example sh ows ho w to f ilter all SA messages ...
Cisco Systems ME 3400 - page 960

41-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Configuring MSDP Beginni ng in pr i vile ged EXEC mod e, foll o w these steps to shut do wn a peer . This procedure is optional. T o bring the peer back up, use the no ip msdp shutdown { peer -name | peer addr ess } global confi guration ...
Cisco Systems ME 3400 - page 961

41-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Configuring MSDP Configuri ng MSDP Note that the ip msdp origin ator-id global conf iguration command also identifies an interface to be used as the RP address. If both the ip msdp border sa-address and the ip msdp originator -id global confi guration com ...
Cisco Systems ME 3400 - page 962

41-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 41 Co nfiguring MSDP Monitoring and Maintaining MSDP Monitoring and Maintaining MSDP T o monitor MSDP SA messages, peers, state, or pe er status, use one or more of the pri vile ged EXEC commands in Ta b l e 41-1 : T o clear MSDP connections, statistics, or ...
Cisco Systems ME 3400 - page 963

CH A P T E R 42-1 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 42 Troubleshooting This chapter describes ho w t o identify and resolve softw are problems r elated to the Cisco IOS software on the Cisco ME 3400 switch. Y ou can use the command-line interface (C LI) to identify and solve problems. Additional troublesh ...
Cisco Systems ME 3400 - page 964

42-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Recovering from Corrupted Software By Using the Xmodem Protoco l Recovering from Corrupted Software By Using the Xmodem Protocol Switch software can be corrupted during an upgrad e, by do wnloading the wr ong fi le to the switch, and by de ...
Cisco Systems ME 3400 - page 965

42-3 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Recovering from a Lost or Forgotten Password Step 6 Press the break k ey , and at the same time, reconnec t the power cord to the switch. Y ou can rele ase the break ke y a second or two aft er the LED abov e port 1 goes of f. Se veral lin ...
Cisco Systems ME 3400 - page 966

42-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Recovering from a Lost or Forgotten Password The Cisco ME s witch boot l oader uses break -key detection to stop the automatic boot se quence for the password reco very purpose. Note The break key character is dif ferent for each operating ...
Cisco Systems ME 3400 - page 967

42-5 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Recovering from a Lost or Forgotten Password • If you see a message that begins with this: The password-recovery mechanism has been triggered, but is currently disabled. proceed to the “Proc edure with Password Recov ery Disabled” se ...
Cisco Systems ME 3400 - page 968

42-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Recovering from a Lost or Forgotten Password Step 7 At the switch prompt, ent er pri vileged EX EC mode: Switch> enable Step 8 Rename the conf iguration f ile to it s original name: Switch# rename flash: config.text.old flash: config.te ...
Cisco Systems ME 3400 - page 969

42-7 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Recovering from a Lost or Forgotten Password Would you like to reset the system back to the default configuration (y/n)? Caution Returning the switch to t he default conf iguration result s in the loss of all e xisting conf igurations. W e ...
Cisco Systems ME 3400 - page 970

42-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Preventing Au to ne go tiation Mismatches Step 8 Return to pri vile ged EXEC mode: Switch (config)# exit Switch# Step 9 Write the running conf iguration to the startup con figuration f ile: Switch# copy running-config startup-config The ne ...
Cisco Systems ME 3400 - page 971

42-9 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Monitoring SFP Module Sta tus Note The security error message references the GBIC _SECURITY facility . T he switch supports SFP modules and does not supp ort GBIC modu les. Althou gh the er ror message text refers to GBIC interfaces and mo ...
Cisco Systems ME 3400 - page 972

42-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Using Ping Understanding Ping The Cisco ME switch support s IP ping, which you can use t o test connecti vity to remote hosts. Pi ng sends an echo request packet to an address and waits for a reply . The Cisco ME switch also pr ovides the ...
Cisco Systems ME 3400 - page 973

42-11 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Using Ping This exampl e is one possible conf iguration: switch# configure terminal switch(config)# access list 101 permit ip any any switch(config)# class-map match-any ping-class switch(config-cmap)# match access-group 101 switch(config ...
Cisco Systems ME 3400 - page 974

42-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Using Ping IP Routing and Routed Port Y o u can use thi s confi guration to enab le IP routing, ch ange a switchpo rt to a routed port, and permit pings from the switch to a connected host: switch# configure terminal switch(config)# int f ...
Cisco Systems ME 3400 - page 975

42-13 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Using Layer 2 Traceroute T o end a ping session, simu ltaneously press and release the Ctr l , Shif t , and 6 ke ys, and then press the X key . Using Layer 2 Traceroute These sections contai n this information: • Understanding Layer 2 T ...
Cisco Systems ME 3400 - page 976

42-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Using IP Traceroute • The traceroute mac command out put sho ws the Layer 2 path only when th e specified so urce and destination MA C addresses belong to the same VLAN. If you specify source and destinati on MA C addresses that belong ...
Cisco Systems ME 3400 - page 977

42-15 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Using IP Traceroute Understanding IP Traceroute Y ou can use IP tracerou te to ident ify the path th at packets take through t he network on a h op-by-hop basis. The comma nd output displays all ne twork layer (Layer 3) devices, such as r ...
Cisco Systems ME 3400 - page 978

42-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Using TDR This example sh ows ho w to perform a tracer oute to an IP host: Switch# traceroute ip 171.9.15.10 Type escape sequence to abort. Tracing the route to 171.69.115.10 1 172.2.52.1 0 msec 0 msec 4 msec 2 172.2.1.203 12 msec 8 msec ...
Cisco Systems ME 3400 - page 979

42-17 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Using Debug Commands Note Only the Cisco ME 3400-12CS and ME 3400-2CS switches ha v e dual-purpose p orts. TDR can detect these cabling problems: • Open, broken, or cut twisted-pair wires—Th e wire s are not connected to the wires fro ...
Cisco Systems ME 3400 - page 980

42-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Using Debug C omm ands Enabling Debugging on a Specific Feature All debug command s are entered in pri vileged EXEC mod e, and most deb ug commands take no arguments. F or e xample, beginning i n priv ileged EXEC mode, ente r this command ...
Cisco Systems ME 3400 - page 981

42-19 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Using the show platform forward Command Note Be aw are that the deb ugging destinatio n you use affects system o verhead. Logging messages to th e console produc es very high overhe ad, whereas logging messages to a virtual terminal produ ...
Cisco Systems ME 3400 - page 982

42-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Using the show platfo rm forward Command Gi0/2 0005 0001.0001.0001 0002.0002.0002 ------------------------------------------ <output truncated> ------------------------------------------ Packet 10 Lookup Key-Used Index-Hit A-Data Ou ...
Cisco Systems ME 3400 - page 983

42-21 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troub leshooting Using the c rashinfo Fi le This is an e xample of t he output when the packet coming in on Gigabit Et hernet port 1 in V LAN 5 has a destination MA C address set to the router MA C address in VLAN 5 and the destination IP address set to a ...
Cisco Systems ME 3400 - page 984

42-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Chapter 42 Troublesho oting Using the cras hinfo File ...
Cisco Systems ME 3400 - page 985

A-1 Cisco ME 3400 Ethernet Ac cess Switch Software Configuration Guide OL-9639-06 APPENDIX A Supported MIBs This appendix lists t he supported management in for mation base (MIBs) for this release on the Cisco ME 3400 Ethernet Acces s switch. It contains these sections: • MIB List, page A-1 • Using FTP to Access the MIB Files, page A-3 MIB List ...
Cisco Systems ME 3400 - page 986

A-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix A Supported MIBs MIB List Note Layer 3 MIBs are a v ailabl e only when the me tr o IP access image is running on the switch. • CISCO-HSRP-EXT -MIB (partial support) • CISCO-IGMP-FIL TER-MIB • CISCO-IMA GE-MIB • CISCO-IPSLA-ETHERNET -MIB Note A vailabl ...
Cisco Systems ME 3400 - page 987

A-3 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix A Supported MIBs Using FTP to Access the MIB Files • IEEE8023-LA G-MIB • IF-MIB (In and out counters for VLANs are not supported.) • IGMP-MIB • INET -ADDRESS-MIB • IPMR OUTE-MIB • OLD-CISCO-CHASSIS-MIB • OLD-CISCO-FLASH-MIB • OLD-CISCO-INTER ...
Cisco Systems ME 3400 - page 988

A-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix A Supported MIBs Using FTP to Acce ss the MIB Files Step 2 Use FTP to access the server ftp.cisco.com . Step 3 Log in with the username anonymous . Step 4 Enter your e-mail user name when prompted for the password. Step 5 At the ftp> prompt, change directo ...
Cisco Systems ME 3400 - page 989

B-1 Cisco ME 3400 Ethernet Ac cess Switch Software Configuration Guide OL-9639-06 APPENDIX B Working with the Cisco IOS File System, Configuration Files, and Software Images This append ix describes how to mani pulate the Cisco ME 3400 Ethernet Access sw itch flash file system, ho w to cop y conf igurati on f iles, and ho w to archiv e ( upl oad an ...
Cisco Systems ME 3400 - page 990

B-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with the Flash File System Displaying Available File Systems T o display the av ailable file sy stems on your switch, use the show f ile systems pri vileged EXEC comm ...
Cisco Systems ME 3400 - page 991

B-3 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with the Flash File Syste m Setting the Default File System Y ou can speci fy the file system or di rectory that the system uses as th e default file system by using ...
Cisco Systems ME 3400 - page 992

B-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with the Flash File System Creating and Removing Directories Beginning in priv ileged EXEC mode, foll ow th ese steps to create and remov e a directory: T o delete a ...
Cisco Systems ME 3400 - page 993

B-5 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with the Flash File Syste m In addition, the Secur e Copy Protocol (SCP) prov ides a secure and authen ticated method for copying switch configurations o r switch im ...
Cisco Systems ME 3400 - page 994

B-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with the Flash File System Creating, Displaying, and Extracting tar Files Y ou can create a tar file and writ e fil es into it, list the fi les in a tar f ile, and ex ...
Cisco Systems ME 3400 - page 995

B-7 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with the Flash File Syste m • For the RCP , the syntax is rcp : [[ // username @ location ] / dir ectory ] / ta r -filename .tar • For the TFTP , the syntax is t ...
Cisco Systems ME 3400 - page 996

B-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Configuration Files Displaying the Contents of a File T o display the contents of an y readable f ile, including a f ile on a remote f ile sy stem, use the more ...
Cisco Systems ME 3400 - page 997

B-9 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configuration Files • Copying Configuration Fi les By Usin g RCP , pa ge B-15 • Clearing Conf iguration In formation, page B-18 • Replacing and Rolling Ba ...
Cisco Systems ME 3400 - page 998

B-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Configuration Files Creating a Configuration File By Using a Text Editor When creating a conf iguration f ile, you must list commands logically so that the syst ...
Cisco Systems ME 3400 - page 999

B-11 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configuration Files • Ensure that the conf iguration f ile to be do wnloaded is in th e correct directory on the TFTP serv er (usually / tftpboo t on a UNIX ...
Cisco Systems ME 3400 - page 1000

B-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Configuration Files The file is u ploaded to the TFTP server . This exampl e shows ho w to upl oad a config uration fil e from a switch to a TFTP serv er: Switc ...
Cisco Systems ME 3400 - page 1001

B-13 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configuration Files Preparing to Download or Upload a Configuration File By Using FTP Before you be gin do wnloading or uplo ading a conf iguration f ile b y u ...
Cisco Systems ME 3400 - page 1002

B-14 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Configuration Files This example sho ws ho w to copy a conf igurati on file named host1-confg from the netadm in1 directory on the remo te server with an IP add ...
Cisco Systems ME 3400 - page 1003

B-15 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configuration Files This examp le shows ho w to copy the running conf iguration f ile named switc h2-confg to the netadmi n1 directory on the remote host with ...
Cisco Systems ME 3400 - page 1004

B-16 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Configuration Files • The remote username associated with the current TTY (terminal) process. For e xample, if the user is connected to the rout er through T ...
Cisco Systems ME 3400 - page 1005

B-17 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configuration Files Downloading a Configuration File By Using RCP Beginni ng in p riv ile ged EXEC mode, follo w these st eps to d o wnload a conf iguratio n f ...
Cisco Systems ME 3400 - page 1006

B-18 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Configuration Files Uploading a Configuration File By Using RCP Beginning in priv ileged EXEC mode, foll ow th ese st eps to upload a configuration file b y usi ...
Cisco Systems ME 3400 - page 1007

B-19 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configuration Files Clearing the Startup Configuration File T o clear the cont ents of your startup conf igurat ion, use the erase n vram: or the erase startup ...
Cisco Systems ME 3400 - page 1008

B-20 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Configuration Files Y ou use the archiv e config pr ivile ged EXEC command t o sav e conf igurations in the conf iguration archi ve by using a standard locati o ...
Cisco Systems ME 3400 - page 1009

B-21 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Configuration Files • Make sure that the switch also has suff icient free memory to e x ecute the conf iguration replacement or rollback conf iguration comma ...
Cisco Systems ME 3400 - page 1010

B-22 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Software Image s Performing a Configuration Re placement or Rollback Operation Starting in pri vile ged EXEC mode, follo w these step s to replace the running c ...
Cisco Systems ME 3400 - page 1011

B-23 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Note Instead of using the copy pri vile ged EXEC command or the ar chiv e tar pri vile ged EXEC command, we recommend using the ar chiv e downl ...
Cisco Systems ME 3400 - page 1012

B-24 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Software Image s This example sho ws some of the info rmation contained in the info file. Ta b l e B-3 provides additi onal details about this in formation: ver ...
Cisco Systems ME 3400 - page 1013

B-25 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images • Uploading an Image File By Using TFTP , page B-27 Preparing to Download or Upload an Image File By Using TFTP Before you be gin do wnloadin ...
Cisco Systems ME 3400 - page 1014

B-26 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Software Image s The do wnload algorith m verif ies that the image is approp riate for the switch model and that en ough DRAM is present, or it aborts the proce ...
Cisco Systems ME 3400 - page 1015

B-27 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Uploading an Image File By Using TFTP Y ou can up load an ima ge from the switc h to a TFTP server . Y ou can late r download this image to the ...
Cisco Systems ME 3400 - page 1016

B-28 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Software Image s Preparing to Download or Upload an Image File By Using FTP Y ou can copy images f iles to or from an FTP serv er . The FTP protocol requires a ...
Cisco Systems ME 3400 - page 1017

B-29 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Downloading an Image File By Using FTP Y ou can downl oad a ne w image f ile and o v erwrite the cur rent image o r keep th e current imag e. B ...
Cisco Systems ME 3400 - page 1018

B-30 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Software Image s The do wnload algorith m verif ies that the image is approp riate for the switch model and that en ough DRAM is present, or it aborts the proce ...
Cisco Systems ME 3400 - page 1019

B-31 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images Beginni ng in pri vileged EXEC mode, follow these steps to upload an image to an FTP server: The archiv e upload-sw command b uilds an image fi ...
Cisco Systems ME 3400 - page 1020

B-32 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Software Image s Note Instead of using the copy pri vile ged EXEC command or the ar chive tar p riv ileged EXEC co mmand, we recommend using the ar chiv e downl ...
Cisco Systems ME 3400 - page 1021

B-33 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images operations. The new username is stored in NVRAM. If you are acces sing the switch through a T elnet session and y ou have a v alid username , t ...
Cisco Systems ME 3400 - page 1022

B-34 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Software Image s The do wnload algorith m verif ies that the image is approp riate for the switch model and that en ough DRAM is present, or it aborts the proce ...
Cisco Systems ME 3400 - page 1023

B-35 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix B Working with the Cisco IOS F ile System, Configuration Files, and Software Images Working with Software Images The algorithm instal ls the do wnload ed image onto the system board flas h de vice (flash:). The image i s placed into a ne w directory named ...
Cisco Systems ME 3400 - page 1024

B-36 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix B Workin g with the Cisco IOS File System, Configura tion Files, and Software Images Working with Software Image s The archi ve upload-sw privile ged EXEC command b uilds an image file on the serv er by uploading these files in order: info, the Cisco IOS ima ...
Cisco Systems ME 3400 - page 1025

C-1 Cisco ME 3400 Ethernet Ac cess Switch Software Configuration Guide OL-9639-06 APPENDIX C Unsupported Commands in Cisco IOS Release 12.2(46)SE This appendix lists some of th e command-line interface (CLI ) commands that appear when you enter the question mark (?) at the Cisco Metro Eth ernet (ME) 3400 Ethernet Access switch prompt b ut are not s ...
Cisco Systems ME 3400 - page 1026

C-2 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix C Un supported Co mmands in Cisco IO S Release 12.2(46)SE Boot Loader Comm ands Unsupported Interface Configuration Commands arp pr obe ip probe proxy Boot Loader Commands Unsupported User EXEC Command verify Unsupported Global Configuration Command boot buff ...
Cisco Systems ME 3400 - page 1027

C-3 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix C Unsupported Commands in Cisco IOS Release 12.2(46)SE HSRP Unsupported Commands in Applet Configuration Mode no event interface name [ in terface-name ] parameter [ counter-name ] entry-v al [ entry counter value ] entry-op { gt | ge | eq | ne |lt | le } [ ...
Cisco Systems ME 3400 - page 1028

C-4 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix C Un supported Co mmands in Cisco IO S Release 12.2(46)SE IGMP Snooping Commands dot1x host-mode multi-domain dot1x mac-auth-bypass dot1x pae Note The switch does not support the IEEE 802.1x MA C authentication bypass or guest VLAN features. Unsupported Privi ...
Cisco Systems ME 3400 - page 1029

C-5 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix C Unsupported Commands in Cisco IOS Release 12.2(46)SE Interface Commands Interface Commands Unsupported Privileged EXEC Commands show interfaces [ interface-id | vlan vlan-id ] [ crb | fair -queue | ir b | mac-accounting | precedence | irb | random-detect ...
Cisco Systems ME 3400 - page 1030

C-6 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix C Un supported Co mmands in Cisco IO S Release 12.2(46)SE IP Unicast Routing Unsupported Global Configuration Commands All ip dvmrp commands ip multicast-r outing vrf vrf-name ip pim accept-rp { addr ess | auto-rp } [ gr oup-access-list-number ] ip pim messag ...
Cisco Systems ME 3400 - page 1031

C-7 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix C Unsupported Commands in Cisco IOS Release 12.2(46)SE IP Unicast Routing show ip accounting [ checkpoint ] [ output-pack ets | access-violations ] show ip bgp dampened-paths show ip bgp inconsistent-as show ip bgp r egexp r e gular expr ession show ip pr e ...
Cisco Systems ME 3400 - page 1032

C-8 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix C Un supported Co mmands in Cisco IO S Release 12.2(46)SE MAC Address Unsupported BGP Router Configuration Commands address-fa mily vpn v4 default-inf ormation originate neighbor advertise-map neighbor allowas-in neighbor default-originate neighbor descriptio ...
Cisco Systems ME 3400 - page 1033

C-9 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix C Unsupported Commands in Cisco IOS Release 12.2(46)SE Miscellaneous show mac-addr ess-table aging-time show mac-addr ess-table count show mac-addr ess-table dynamic show mac-addr ess-table interface show mac-addr ess-table multicaset show mac-addr ess-tabl ...
Cisco Systems ME 3400 - page 1034

C-10 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix C Un supported Co mmands in Cisco IO S Release 12.2(46)SE MSDP Unsupported Global Configuration Commands exception crashinfo errdisable detect cause dhcp-rate-limit errdisable recov ery cause dhcp-rate-limit errdisable recov ery cause unicast flood l2protoco ...
Cisco Systems ME 3400 - page 1035

C-11 Cisco ME 3400 Ethernet Access Swit ch Software Con figurat ion Guide OL-9639-06 Appendix C Unsupported Commands in Cisco IOS Release 12.2(46)SE NetFlow NetFlow Unsupported Global Configuration Commands ip flow-aggr egation cache ip flow-cache entries ip flow-export QoS Unsupported Global Configuration Command priority-list Unsupported Interfac ...
Cisco Systems ME 3400 - page 1036

C-12 Cisco ME 3400 Ethernet Access Swit ch Software Configuration Guide OL-9639-06 Appendix C Un supported Co mmands in Cisco IO S Release 12.2(46)SE SNMP SNMP Unsupported Global Configuration Commands snmp-server enable inf orms snmp-server if index persist Spanning Tree Unsupported Global Configuration Command spanning-tr ee pathcost method { lon ...
Cisco Systems ME 3400 - page 1037

IN-1 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 INDEX A abbreviating commands 2-3 ABRs 35-24 access-class command 31-18 access control entries See ACEs access-denied response, VMPS 11-24 access groups applying IPv4 ACLs to in terfaces 31-19 Layer 2 31-19 Layer 3 31-20 access lists See ACLs access ports and Layer ...
Cisco Systems ME 3400 - page 1038

Index IN-2 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 ACLs (continued) Layer 4 information in 31-36 logging messages 31-8 MAC extend ed 31-26 matching 31-7, 31-20 monitoring 31-39 named, IPv4 31-14 port 31-2 precedence of 31-2 QoS 33-10 resequencing entries 31-14 router 31-2 router ACLs and VLAN map conf iguration ...
Cisco Systems ME 3400 - page 1039

Index IN-3 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 aging, accelerating 14-9 aging time accelerated for MSTP 15-23 for STP 14-9, 14-22 MAC address table 5-22 maximum for MSTP 15-24 for STP 14-22 alarms, RMON 27-3 allowed-VLAN list 11-17 area border routers See ABRs area routing IS-IS 35-64 ISO IGRP 35-64 ARP co ...
Cisco Systems ME 3400 - page 1040

Index IN-4 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 banners configuring login 5-19 message-of-the-day login 5-18 default configu ration 5-17 when displayed 5-17 Berkeley r-tools replacement 7-41 best-effort packet delivery 33-1 BGP aggregate addresses 35-60 aggregate routes, configuring 35-60 CIDR 35-60 clear com ...
Cisco Systems ME 3400 - page 1041

Index IN-5 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 broadcast storm-control co mmand 22-4 broadcast storms 22-1, 35-13 bulk statistics defined 29-6 file 29-6 object list, configuring 29-17 object list, described 29-6 schema, configuring 29-17 schema, described 29-6 transfer 29-18 bulkstat object-list 29-17 bulk ...
Cisco Systems ME 3400 - page 1042

Index IN-6 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 CIST root See MSTP civic location 24-3 class-based priority queuing , QoS 33-18 class-based shaping configuration guid elines 33-55 configuring 33-54 for QoS 33-21 Class-Based-Weighted-Fair-Queuing See CBWFQ classification based on ACL lookup 33-10 in packet hea ...
Cisco Systems ME 3400 - page 1043

Index IN-7 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 commands abbreviating 2-3 no and default 2-4 commands, setting privilege level s 7-8 community list, BGP 35-57 community ports 12-3 community strings configuring 29-8 overview 29-4 community VLANs 12-2, 12-3 compatibility, f eature 22-12 config.text 3-17 confi ...
Cisco Systems ME 3400 - page 1044

Index IN-8 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 configuration guidelines (continued) VLANs 11-8 WTD 33-61 configuration replacement B-19 configuration roll back B-19 configuration setting s, saving 3-14 configure terminal command 9-8 configuring marking in input policy maps 33-45 configuring port -based authe ...
Cisco Systems ME 3400 - page 1045

Index IN-9 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 default configuration (continued) EtherChannel 34-10 Ethernet OAM 39-16 Flex Links 18-7 HSRP 36-5 IEEE 802.1Q tunneling 13-4 IEEE 802.1x 8-10 IGMP 40-37 IGMP filtering 21-24 IGMP snooping 21-6 IGMP throttling 21-24 initial switch informat ion 3-3 IP addressing ...
Cisco Systems ME 3400 - page 1046

Index IN-10 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 DHCP-based autoconfiguration (continued) relationship to BOOTP 3-3 relay support 1-3, 1-9 support for 1-3 DHCP-based autoconfi guration and image upd ate configuring 3-10 to 3-13 understanding 3-4 to 3-5 DHCP binding databas e See DHCP snooping binding d atabas ...
Cisco Systems ME 3400 - page 1047

Index IN-11 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 directed unicast requests 1-4 directories changing B-3 creating and removing B-4 displaying t he working B-3 discovery, Ethernet OAM 39-15 distance-vector protocols 35-3 distribute-list co mmand 35-100 DNS and DHCP-based au toconfiguration 3-7 default configu ...
Cisco Systems ME 3400 - page 1048

Index IN-12 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 dynamic ARP inspection (continued) default configu ration 20-5 denial-of-service attacks, preventing 20-10 described 20-1 DHCP snooping binding database 20-2 displayin g ARP ACLs 20-14 configuration and operating state 20-14 log buffer 20-15 statistics 20-15 tr ...
Cisco Systems ME 3400 - page 1049

Index IN-13 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 embedded event manager actions 30-4 configuring 30-1, 30-5 displayin g informat ion 30-7 environmental variables 30-4 event detectors 30-2 policies 30-4 registering and defining an applet 30-5 registering and defining a TCL scr ipt 30-6 understanding 30-1 ena ...
Cisco Systems ME 3400 - page 1050

Index IN-14 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 EtherChannel (continued) port-channel interfaces described 34-3 numbering of 34-3 port groups 9-6 support for 1-2 EtherChannel gu ard described 16-3 disabling 16-10 enabling 16-9 Ethernet infrastructure 39-1 Ethernet Link Manageme nt Interface See E-LMI Etherne ...
Cisco Systems ME 3400 - page 1051

Index IN-15 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 file system displaying availabl e file systems B-2 displayin g file in formati on B-3 local file system nam es B-1 network file system names B-4 setting the default B-3 filtering in a VLAN 31-28 non-IP traffic 31-26 show and more command output 2-8 filtering ...
Cisco Systems ME 3400 - page 1052

Index IN-16 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 HSRP authentication string 36-10 command-switch redundan cy 1-5 configuring 36-5 default configu ration 36-5 definition 36-1 guidelin es 36-5 monitoring 36-12 object tracking 38-7 overview 36-1 priority 36-7 routing redundancy 1-9 support for ICMP re direct mes ...
Cisco Systems ME 3400 - page 1053

Index IN-17 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 IGMP (continued) flooded multicast t raffic controlling floo ding time 21-10 disabling on an interface 21-11 global leave 21-11 query solici tatio n 21-11 recovering from flood mo de 21-11 host-query interval, modifying 40-40 joining multicast gr oup 21-3 joi ...
Cisco Systems ME 3400 - page 1054

Index IN-18 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 input poli cy maps classification criteria 33-4 configuration guid elines 33-38 configuring 33-38 displayin g statistics 33-64 interface number 9-8 range macros 9-10 interface command 9-8 interface configuration REP 17-9 interface configuration mode 2-2 interfa ...
Cisco Systems ME 3400 - page 1055

Index IN-19 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 IP multicast routing addresses all-hosts 40-2 all-multicast-routers 40-2 host group address range 40-2 administratively-scop ed boundaries, descri bed 40-44 and IGMP snooping 21-1 Auto-RP adding to an existi ng sparse-mode cloud 40-24 benefits of 40-24 cleari ...
Cisco Systems ME 3400 - page 1056

Index IN-20 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 IP routing connecting interfaces with 9-7 disabling 35-18 enabling 35-18 IP Service Level Ag reements See IP SLAs IP service levels, analyzing 37-1 IP SLAs benefit s 37-2 CFM endpoint discovery 39-12 configuration guid elines 37-6 configuring object track ing 3 ...
Cisco Systems ME 3400 - page 1057

Index IN-21 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 IP unicast routing address resolution 35-8 administrative distances 35-91, 35-101 ARP 35-8 assigning IP addresses to Layer 3 in terfaces 35-5 authentication keys 35-101 broadcast address 35-15 flooding 35-16 packets 35-13 storms 35-13 classless routing 35-6 c ...
Cisco Systems ME 3400 - page 1058

Index IN-22 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 ISO IGRP area routing 35-64 system routing 35-64 isolated port 12-3 isolated VLANs 12-2, 12-3 J join messages, IGMP 21-3 K KDC described 7-32 See also Kerb eros keepalive command 9-14 keepalive messages 14-3 keepalive messages, default 9-14 Kerberos authenticat ...
Cisco Systems ME 3400 - page 1059

Index IN-23 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 line configuration mo de 2-2 Link Aggregat ion Control P rotocol See EtherChannel Link Failure, detecting unidirectional 15-8 link integ rity, ve rifyin g with REP 17-3 Link Layer Discovery Protocol See CDP link monitoring, Ether net OAM 39-15, 39-18 link red ...
Cisco Systems ME 3400 - page 1060

Index IN-24 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 MAC address-table move update configuration guid elines 18-8 configuring 18-12 default configu ration 18-8 description 18 -6 monitoring 18-14 MAC address-to-VLAN mapping 11-23 MAC extended access lists applying to Layer 2 interfaces 31-27 configuring for Q oS 3 ...
Cisco Systems ME 3400 - page 1061

Index IN-25 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 monitoring (continued) control-plane security 32-6 EIGRP 35-43 E-LMI 39-31 Ethernet CFM 39-13, 39-14 Ethernet OAM 39-24 Ethernet OAM protocol 39-24 features 1-9 Flex Links 18-14 HSRP 36-12 IEEE 802.1Q tunneling 13-18 IGMP filters 21-29 snooping 21-14 interfac ...
Cisco Systems ME 3400 - page 1062

Index IN-26 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 MSDP (continued) meshed groups configuring 41-15 defined 41-15 originating address, ch anging 41-17 overview 41-1 peer-RPF flooding 41-2 peers configuring a default 41-4 monitoring 41-18 peering relationship , overview 41-1 requesting source information from 41 ...
Cisco Systems ME 3400 - page 1063

Index IN-27 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 MSTP (continued) IST defined 15-3 master 15-3 operations within a region 15-3 loop guard described 16-5 enabling 16-10 mapping VLANs to MST instance 15-16 MST region CIST 15-3 configuring 15-16 described 15-2 hop-count mechanism 15-5 IST 15-3 supported spann ...
Cisco Systems ME 3400 - page 1064

Index IN-28 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 MVR (continued) setting global parameters 21-19 support for 1-3 MVRoT, guidelines 21-18 MVR over trunk ports See MVRoT N named IPv4 ACLs 31-14 NameSpace Mapper See NSM native VLAN and IEEE 802.1Q tunneling 13-4 configuring 11-19 default 11-19 neighbor discovery ...
Cisco Systems ME 3400 - page 1065

Index IN-29 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 O OAM client 39-14 features 39-15 sublayer 39-15 OAM manager and E-LMI 39-25 configuration guid elines 39-26 configuring 39-27, 39-33 monitoring 39-31 purpose of 39-25 with CFM 39-25 with CFM and Ethernet OAM 39-32 OAM PDUs 39-16 OAM protocol data units 39 -1 ...
Cisco Systems ME 3400 - page 1066

Index IN-30 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 path cost MSTP 15-21 STP 14-19 PBR defined 35-96 enabling 35-97 fast-switched policy-b ased routing 35-98 local policy-ba sed routing 35-99 peers, BGP 35-58 percenta ge threshol ds in t racked li sts 38-6 performance features 1-2 periodic data collecti on and t ...
Cisco Systems ME 3400 - page 1067

Index IN-31 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 policy maps (continued) output configuring 33-51 described 33-4 port ACLs defined 31-2 types of 31-3 Port Aggregat ion Protocol See EtherChannel port-based authenticati on accounting 8-5 authentication server defined 8-2 RADIUS server 8-2 client, defined 8-2 ...
Cisco Systems ME 3400 - page 1068

Index IN-32 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 ports access 9-4 blocking 22-7 dual-purpose 9-6 dynamic access 11-5 IEEE 802.1Q tunnel 11-5 protected 22-6 REP 17-5 routed 9-5 secure 22-9 static-access 11-5, 11-11 switch 9-3 trunks 11-5, 11-14 VLAN assignments 11-11 port security aging 22-16 and private VLANs ...
Cisco Systems ME 3400 - page 1069

Index IN-33 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 private VLANs (continued) isolated port 12-3 isolated VLANs 12-2, 12-3 mapping 12-14 monitoring 12-15 ports community 12-3 configuration guid elines 12-8 configuring ho st ports 12-11 configuring promi scuous ports 12-13 described 11-5 isolated 12-3 promiscuo ...
Cisco Systems ME 3400 - page 1070

Index IN-34 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 QoS (continued) configuration guid elines aggregate policers 33-43 CBWFQ 33-53 class-based shaping 33-55 class maps 33-34 genera l 33-29 individual policers 33-39 input poli cy maps 33-38 marking 33-45 output poli cy maps 33-52 unconditional pri ority policing ...
Cisco Systems ME 3400 - page 1071

Index IN-35 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 QoS (continued) policy maps attaching 33-37 attaching t o an inte rface 33-17 displayin g statistics 33-64 port shaping, describ ed 33-22 preconfiguratio n 33-29 priority policing, d escribed 33-18 priority with poli ce 33-24 queue size 33-26 scheduling 33-20 ...
Cisco Systems ME 3400 - page 1072

Index IN-36 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 RCP configuration files downloading B-17 overview B-15 preparing the server B-16 uploading B-18 image file s deleting old image B-35 downloading B-33 preparing the server B-32 uploading B-35 reachability, tracking IP SLAs IP host 38-9 readiness check port-based ...
Cisco Systems ME 3400 - page 1073

Index IN-37 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 restricting access NTP services 5-8 overview 7-1 passwords and p rivilege lev els 7-2 RADIUS 7-17 TACACS+ 7-9 retry count, VMPS, changing 11-27 reverse address resolution 35-8 Reverse Address Re solution Prot ocol See RARP RFC 1058, RIP 35-19 1112, IP mult ic ...
Cisco Systems ME 3400 - page 1074

Index IN-38 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 routing default 35-2 dynamic 35-3 redistribution of information 35-92 static 35-2 routing domain conf ederation , BGP 35-61 Routing Information Prot ocol See RIP routing protocol admin istrative distances 35-91 RSPAN characteristics 26-7 configuration guid elin ...
Cisco Systems ME 3400 - page 1075

Index IN-39 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 SDM template configuration guid elines 6-2 configuring 6-2 default 6-1 layer 2 6-1 types of 6-1 secondary edge port, REP 17-4 secondar y VLANs 12-2 Secure Copy Protocol secure MAC addresses deletin g 22-15 maximum number of 22-10 types of 22-9 secure ports, c ...
Cisco Systems ME 3400 - page 1076

Index IN-40 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 SNMP (continued) engine ID 29-7 groups 29-7, 29-10 host 29-7 ifIndex values 29-5 in-band management 1-4 informs and trap keyw ord 29-12 described 29-5 differences from traps 29-5 disabling 29-16 enabling 29-16 limiting access by TFTP servers 29-16 limiting syst ...
Cisco Systems ME 3400 - page 1077

Index IN-41 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 spanning tree and native VLANs 11-16 Spanning Tree Protocol See STP SPAN traffic 26-4 speed, configuring on interfaces 9-15 split horizon, RIP 35-22 SRR, support for 1-8 SSH configuring 7-38 cryptographic software image 7-37 described 1-4, 7-37 encryption met ...
Cisco Systems ME 3400 - page 1078

Index IN-42 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 storm control configuring 22-3 described 22-1 disabling 22-5 displayin g 22-18 support for 1-2 thresholds 22-1 STP and RE P 17-5 BPDU filtering described 16-3 disabling 16-9 enabling 16-8 BPDU guard described 16-3 disabling 16-8 enabling 16-7 BPDU message excha ...
Cisco Systems ME 3400 - page 1079

Index IN-43 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 STP (continued) overview 14-2 path costs 11-21, 11-22 Port Fast described 16-2 enabling 16-6 port priorities 11-20 preventing root switch selection 16-4 protocols supported 14-9 redundant connect ivity 14-8 root guard described 16-4 enabling 16-10 root port, ...
Cisco Systems ME 3400 - page 1080

Index IN-44 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 system message logging default configu ration 28-3 defining error message severity levels 28-8 disabling 28-4 displayin g the configu ration 28-13 enabling 28-4 facility keywords, described 28-13 level keywords, descri bed 28-9 limiting messages 28-10 message f ...
Cisco Systems ME 3400 - page 1081

Index IN-45 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 Telnet accessing management interfaces 2-9 number of connections 1-4 setting a password 7-6 templates Ethernet OAM 39-21 SDM 6-2 Terminal Access Controller Access Control Syste m Plus See TACACS+ terminal lines, setting a password 7-6 TFTP configuration files ...
Cisco Systems ME 3400 - page 1082

Index IN-46 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 traps configuring MAC address no tification 5-23 configuring managers 29-12 defined 29-3 enabling 5-23, 29-12 notification types 29-12 overview 29-1, 29-4 troubleshooting connectivity problems 42-9, 42-13, 42-14 detecting unidir ectional links 25-1 displayin g ...
Cisco Systems ME 3400 - page 1083

Index IN-47 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 unicast MAC address filtering 1-4 and adding stat ic addresses 5-26 and broadcast MAC addre sses 5-26 and CPU packets 5-26 and multicast addresses 5-26 and router MAC addresses 5-26 configuration guid elines 5-26 described 5-26 unicast storm 22-1 unicast stor ...
Cisco Systems ME 3400 - page 1084

Index IN-48 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 VLAN load ba lanc ing on fl ex links 18-2 configuration guid elines 18-8 VLAN Management Policy Server See VMPS VLAN map entries, order of 31-29 VLAN maps applying 31-33 common uses for 31-33 configuration guid elines 31-29 configuring 31-28 creating 31-30 defi ...
Cisco Systems ME 3400 - page 1085

Index IN-49 Cisco ME 3400 Ethernet Access Swit ch Software Con figuration Guide OL-9639-06 VPN configuring r outing in 35-82 forwarding 35-77 in service provider networks 35-74 routes 1-16, 35-75 VPN routing an d forwarding table See VRF VQP 1-6, 11-23 VRF defining 35-77 tables 1-16, 35-74 VRF-aware services ARP 35-79 configuring 35-79 ftp 35-82 HS ...
Cisco Systems ME 3400 - page 1086

Index IN-50 Cisco ME 3400 Ethernet Access Switch Software Configuration Guide OL-9639-06 ...

Manufacturer Cisco Systems Category Switch

Documents that we receive from a manufacturer of a Cisco Systems ME 3400 can be divided into several groups. They are, among others:
- Cisco Systems technical drawings
- ME 3400 manuals
- Cisco Systems product data sheets
- information booklets
- or energy labels Cisco Systems ME 3400
All of them are important, but the most important information from the point of view of use of the device are in the user manual Cisco Systems ME 3400.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals Cisco Systems ME 3400, service manual, brief instructions and user manuals Cisco Systems ME 3400. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product Cisco Systems ME 3400.

Similar manuals

A complete manual for the device Cisco Systems ME 3400, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use Cisco Systems ME 3400 by users. Manuals are usually written by a technical writer, but in a language understandable to all users of Cisco Systems ME 3400.

A complete Cisco Systems manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual Cisco Systems ME 3400 - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the Cisco Systems ME 3400, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the Cisco Systems ME 3400, that we can find in the current document
3. Tips how to use the basic functions of the device Cisco Systems ME 3400 - which should help us in our first steps of using Cisco Systems ME 3400
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with Cisco Systems ME 3400
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of Cisco Systems ME 3400 in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning Cisco Systems ME 3400?

Use the form below

If you did not solve your problem by using a manual Cisco Systems ME 3400, ask a question using the form below. If a user had a similar problem with Cisco Systems ME 3400 it is likely that he will want to share the way to solve it.

Manual Cisco Systems ME 3400

Summary

Cisco Systems ME 3400 - page 1

Cisco Systems ME 3400 - page 2

Cisco Systems ME 3400 - page 3

Cisco Systems ME 3400 - page 4

Cisco Systems ME 3400 - page 5

Cisco Systems ME 3400 - page 6

Cisco Systems ME 3400 - page 7

Cisco Systems ME 3400 - page 8

Cisco Systems ME 3400 - page 9

Cisco Systems ME 3400 - page 10

Cisco Systems ME 3400 - page 11

Cisco Systems ME 3400 - page 12

Cisco Systems ME 3400 - page 13

Cisco Systems ME 3400 - page 14

Cisco Systems ME 3400 - page 15

Cisco Systems ME 3400 - page 16

Cisco Systems ME 3400 - page 17

Cisco Systems ME 3400 - page 18

Cisco Systems ME 3400 - page 19

Cisco Systems ME 3400 - page 20

Cisco Systems ME 3400 - page 21

Cisco Systems ME 3400 - page 22

Cisco Systems ME 3400 - page 23

Cisco Systems ME 3400 - page 24

Cisco Systems ME 3400 - page 25

Cisco Systems ME 3400 - page 26

Cisco Systems ME 3400 - page 27

Cisco Systems ME 3400 - page 28

Cisco Systems ME 3400 - page 29

Cisco Systems ME 3400 - page 30

Cisco Systems ME 3400 - page 31

Cisco Systems ME 3400 - page 32

Cisco Systems ME 3400 - page 33

Cisco Systems ME 3400 - page 34

Cisco Systems ME 3400 - page 35

Cisco Systems ME 3400 - page 36

Cisco Systems ME 3400 - page 37

Cisco Systems ME 3400 - page 38

Cisco Systems ME 3400 - page 39

Cisco Systems ME 3400 - page 40

Cisco Systems ME 3400 - page 41

Cisco Systems ME 3400 - page 42

Cisco Systems ME 3400 - page 43

Cisco Systems ME 3400 - page 44

Cisco Systems ME 3400 - page 45

Cisco Systems ME 3400 - page 46

Cisco Systems ME 3400 - page 47

Cisco Systems ME 3400 - page 48

Cisco Systems ME 3400 - page 49

Cisco Systems ME 3400 - page 50

Cisco Systems ME 3400 - page 51

Cisco Systems ME 3400 - page 52

Cisco Systems ME 3400 - page 53

Cisco Systems ME 3400 - page 54

Cisco Systems ME 3400 - page 55

Cisco Systems ME 3400 - page 56

Cisco Systems ME 3400 - page 57

Cisco Systems ME 3400 - page 58

Cisco Systems ME 3400 - page 59

Cisco Systems ME 3400 - page 60

Cisco Systems ME 3400 - page 61

Cisco Systems ME 3400 - page 62

Cisco Systems ME 3400 - page 63

Cisco Systems ME 3400 - page 64

Cisco Systems ME 3400 - page 65

Cisco Systems ME 3400 - page 66

Cisco Systems ME 3400 - page 67

Cisco Systems ME 3400 - page 68

Cisco Systems ME 3400 - page 69

Cisco Systems ME 3400 - page 70

Cisco Systems ME 3400 - page 71

Cisco Systems ME 3400 - page 72

Cisco Systems ME 3400 - page 73

Cisco Systems ME 3400 - page 74

Cisco Systems ME 3400 - page 75

Cisco Systems ME 3400 - page 76

Cisco Systems ME 3400 - page 77

Cisco Systems ME 3400 - page 78